#include <Security/Authorization.h>
#include <Security/AuthSession.h>
#include "AuthorizationWalkers.h"
#include <Security/mach++.h>
#include <Security/globalizer.h>
#include <Security/cssmalloc.h>
#include <Security/ssclient.h>
using namespace SecurityServer;
using namespace MachPlusPlus;
class AuthClient : public SecurityServer::ClientSession {
public:
AuthClient()
: SecurityServer::ClientSession(CssmAllocator::standard(), CssmAllocator::standard())
{ }
};
static ModuleNexus<AuthClient> server;
OSStatus AuthorizationCreate(const AuthorizationRights *rights,
const AuthorizationEnvironment *environment,
AuthorizationFlags flags,
AuthorizationRef *authorization)
{
BEGIN_API
AuthorizationBlob result;
server().authCreate(rights, environment, flags, result);
if (authorization)
{
*authorization =
(AuthorizationRef) new(server().returnAllocator) AuthorizationBlob(result);
}
else
{
server().authRelease(result, flags);
}
END_API(CSSM)
}
OSStatus AuthorizationFree(AuthorizationRef authorization, AuthorizationFlags flags)
{
BEGIN_API
AuthorizationBlob *auth = (AuthorizationBlob *)authorization;
server().authRelease(Required(auth), flags);
server().returnAllocator.free(auth);
END_API(CSSM)
}
OSStatus AuthorizationCopyRights(AuthorizationRef authorization,
const AuthorizationRights *rights,
const AuthorizationEnvironment *environment,
AuthorizationFlags flags,
AuthorizationRights **authorizedRights)
{
BEGIN_API
AuthorizationBlob *auth = (AuthorizationBlob *)authorization;
server().authCopyRights(Required(auth), rights, environment, flags, authorizedRights);
END_API(CSSM)
}
OSStatus AuthorizationCopyInfo(AuthorizationRef authorization,
AuthorizationString tag,
AuthorizationItemSet **info)
{
BEGIN_API
AuthorizationBlob *auth = (AuthorizationBlob *)authorization;
server().authCopyInfo(Required(auth), tag, Required(info));
END_API(CSSM)
}
OSStatus AuthorizationMakeExternalForm(AuthorizationRef authorization,
AuthorizationExternalForm *extForm)
{
BEGIN_API
AuthorizationBlob *auth = (AuthorizationBlob *)authorization;
server().authExternalize(Required(auth), *extForm);
END_API(CSSM)
}
OSStatus AuthorizationCreateFromExternalForm(const AuthorizationExternalForm *extForm,
AuthorizationRef *authorization)
{
BEGIN_API
AuthorizationBlob result;
server().authInternalize(*extForm, result);
Required(authorization) =
(AuthorizationRef) new(server().returnAllocator) AuthorizationBlob(result);
END_API(CSSM)
}
OSStatus AuthorizationFreeItemSet(AuthorizationItemSet *set)
{
BEGIN_API
server().returnAllocator.free(set);
return errAuthorizationSuccess;
END_API(CSSM)
}
OSStatus SessionGetInfo(SecuritySessionId session,
SecuritySessionId *sessionId,
SessionAttributeBits *attributes)
{
BEGIN_API
SecuritySessionId sid = session;
server().getSessionInfo(sid, *attributes);
if (sessionId)
*sessionId = sid;
END_API(CSSM)
}
OSStatus SessionCreate(SessionCreationFlags flags,
SessionAttributeBits attributes)
{
BEGIN_API
Bootstrap bootstrap;
if (!(flags & sessionKeepCurrentBootstrap)) {
TaskPort self;
bootstrap = bootstrap.subset(TaskPort());
self.bootstrap(bootstrap);
}
server().setupSession(flags, attributes);
END_API(CSSM)
}