AuthorizationData.cpp [plain text]
#include <security_cdsa_utilities/AuthorizationData.h>
#include <security_cdsa_utilities/AuthorizationWalkers.h>
#include <security_cdsa_utilities/walkers.h>
#include <Security/checkpw.h>
#include <grp.h>
#include <pwd.h>
extern "C"
{
int checkpw_internal( const struct passwd *pw, const char* password );
}
namespace Authorization {
AuthValueRef::AuthValueRef(const AuthValue &value) :
RefPointer<AuthValue>(new AuthValue(value)) {}
AuthValueRef::AuthValueRef(const AuthorizationValue &value) :
RefPointer<AuthValue>(new AuthValue(value)) {}
AuthValue::AuthValue(const AuthorizationValue &value) :
mOwnsValue(false)
{
mValue.length = value.length;
mValue.data = value.data;
}
AuthValueRef::AuthValueRef(UInt32 length, void *data) :
RefPointer<AuthValue>(new AuthValue(length, data)) {}
AuthValue::AuthValue(UInt32 length, void *data) :
mOwnsValue(true)
{
mValue.length = length;
mValue.data = new uint8_t[length];
if (length)
memcpy(mValue.data, data, length);
}
AuthValue::~AuthValue()
{
if (mOwnsValue)
{
memset(mValue.data, 0, mValue.length);
delete[] reinterpret_cast<uint8_t*>(mValue.data);
}
}
AuthValue &
AuthValue::operator = (const AuthValue &other)
{
if (mOwnsValue)
{
memset(mValue.data, 0 , mValue.length);
delete[] reinterpret_cast<uint8_t*>(mValue.data);
}
mValue = other.mValue;
mOwnsValue = other.mOwnsValue;
other.mOwnsValue = false;
return *this;
}
void
AuthValue::fillInAuthorizationValue(AuthorizationValue &value)
{
value.length = mValue.length;
value.data = mValue.data;
}
AuthValueVector &
AuthValueVector::operator = (const AuthorizationValueVector& valueVector)
{
clear();
for (unsigned int i=0; i < valueVector.count; i++)
push_back(AuthValueRef(valueVector.values[i]));
return *this;
}
void
AuthValueVector::copy(AuthorizationValueVector **data, size_t *length) const
{
AuthorizationValueVector valueVector;
valueVector.count = (UInt32)size();
valueVector.values = new AuthorizationValue[valueVector.count];
int i = 0;
for (const_iterator it = begin(); it != end(); ++it, ++i)
{
(*it)->fillInAuthorizationValue(valueVector.values[i]);
}
DataWalkers::Copier<AuthorizationValueVector> flatValueVector(&valueVector);
*length = flatValueVector.length();
*data = flatValueVector.keep();
delete[] valueVector.values;
}
AuthItem::AuthItem(const AuthorizationItem &item) :
mFlags(item.flags),
mOwnsName(true),
mOwnsValue(true)
{
if (!item.name)
MacOSError::throwMe(errAuthorizationInternal);
size_t nameLen = strlen(item.name) + 1;
mName = new char[nameLen];
memcpy(const_cast<char *>(mName), item.name, nameLen);
mValue.length = item.valueLength;
mValue.data = new uint8_t[item.valueLength];
if (mValue.length)
memcpy(mValue.data, item.value, item.valueLength);
}
AuthItem::AuthItem(AuthorizationString name) :
mName(name),
mFlags(0),
mOwnsName(false),
mOwnsValue(false)
{
mValue.length = 0;
mValue.data = NULL;
}
AuthItem::AuthItem(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags) :
mFlags(flags),
mOwnsName(true),
mOwnsValue(true)
{
if (!name)
MacOSError::throwMe(errAuthorizationInternal);
size_t nameLen = strlen(name) + 1;
mName = new char[nameLen];
memcpy(const_cast<char *>(mName), name, nameLen);
mValue.length = value.length;
mValue.data = new uint8_t[value.length];
if (mValue.length)
memcpy(mValue.data, value.data, value.length);
}
AuthItem::~AuthItem()
{
if (mOwnsName)
delete[] mName;
if (mOwnsValue)
{
memset(mValue.data, 0, mValue.length);
delete[] reinterpret_cast<uint8_t*>(mValue.data);
}
}
bool
AuthItem::operator < (const AuthItem &other) const
{
return strcmp(mName, other.mName) < 0;
}
AuthItem &
AuthItem::operator = (const AuthItem &other)
{
if (mOwnsName)
delete[] mName;
if (mOwnsValue)
{
memset(mValue.data, 0, mValue.length);
delete[] reinterpret_cast<uint8_t*>(mValue.data);
}
mName = other.mName;
mValue = other.mValue;
mFlags = other.mFlags;
mOwnsName = other.mOwnsName;
other.mOwnsName = false;
mOwnsValue = other.mOwnsValue;
other.mOwnsValue = false;
return *this;
}
void
AuthItem::fillInAuthorizationItem(AuthorizationItem &item)
{
item.name = mName;
item.valueLength = mValue.length;
item.value = mValue.data;
item.flags = mFlags;
}
bool
AuthItem::getBool(bool &value)
{
if (mValue.length == sizeof(bool))
{
bool *tmpValue = (bool *)mValue.data;
if (tmpValue)
{
value = *tmpValue;
return true;
}
}
return false;
}
bool
AuthItem::getString(string &value)
{
value = string(static_cast<char*>(mValue.data), mValue.length);
return true;
}
bool
AuthItem::getCssmData(CssmAutoData &value)
{
value = CssmData(static_cast<uint8_t*>(mValue.data), mValue.length);
return true;
}
AuthItemRef::AuthItemRef(const AuthorizationItem &item) : RefPointer<AuthItem>(new AuthItem(item)) {}
AuthItemRef::AuthItemRef(AuthorizationString name) : RefPointer<AuthItem>(new AuthItem(name)) {}
AuthItemRef::AuthItemRef(AuthorizationString name, AuthorizationValue value, AuthorizationFlags flags) : RefPointer<AuthItem>(new AuthItem(name, value, flags)) {}
AuthItemSet::AuthItemSet()
: firstItemName(NULL)
{
}
AuthItemSet::~AuthItemSet()
{
if (NULL != firstItemName)
free(firstItemName);
}
AuthItemSet &
AuthItemSet::operator = (const AuthorizationItemSet& itemSet)
{
clear();
for (unsigned int i=0; i < itemSet.count; i++)
insert(AuthItemRef(itemSet.items[i]));
return *this;
}
AuthItemSet&
AuthItemSet::operator=(const AuthItemSet& itemSet)
{
std::set<AuthItemRef>::operator=(itemSet);
if (this != &itemSet) {
duplicate(itemSet);
}
return *this;
}
AuthItemSet::AuthItemSet(const AuthorizationItemSet *itemSet)
: firstItemName(NULL)
{
if (NULL != itemSet && NULL != itemSet->items)
{
if (0 < itemSet->count && NULL != itemSet->items[0].name)
firstItemName = strdup(itemSet->items[0].name);
for (unsigned int i=0; i < itemSet->count; i++)
insert(AuthItemRef(itemSet->items[i]));
}
}
AuthItemSet::AuthItemSet(const AuthItemSet& itemSet)
: std::set<AuthItemRef>(itemSet)
{
duplicate(itemSet);
}
void
AuthItemSet::duplicate(const AuthItemSet& itemSet)
{
if (itemSet.firstItemName != NULL)
firstItemName = strdup(itemSet.firstItemName);
else
firstItemName = NULL;
}
void
AuthItemSet::copy(AuthorizationItemSet *&data, size_t &length, Allocator &alloc) const
{
AuthorizationItemSet itemSet;
itemSet.count = (UInt32)size();
itemSet.items = new AuthorizationItem[itemSet.count];
int i = 0;
for (const_iterator it = begin(); it != end(); ++it, ++i)
{
(*it)->fillInAuthorizationItem(itemSet.items[i]);
}
DataWalkers::Copier<AuthorizationItemSet> flatItemSet(&itemSet, alloc);
length = flatItemSet.length();
data = flatItemSet.keep();
delete[] itemSet.items;
}
AuthorizationItemSet *
AuthItemSet::copy() const
{
AuthorizationItemSet *aCopy;
size_t aLength;
copy(aCopy, aLength);
return aCopy;
}
AuthItem *
AuthItemSet::find(const char *name)
{
AuthItemSet::const_iterator found = find_if(this->begin(), this->end(), FindAuthItemByRightName(name) );
if (found != this->end())
return *found;
return NULL;
}
}