SOSTransportMessageIDS.c [plain text]
#include <Security/SecBasePriv.h>
#include <Security/SecureObjectSync/SOSTransport.h>
#include <Security/SecureObjectSync/SOSTransportMessage.h>
#include <Security/SecureObjectSync/SOSKVSKeys.h>
#include <Security/SecureObjectSync/SOSPeerInfoV2.h>
#include <SOSCloudCircleServer.h>
#include <Security/SecureObjectSync/SOSAccountPriv.h>
#include <Security/SecureObjectSync/SOSTransportMessageIDS.h>
#include <utilities/SecCFWrappers.h>
#include <SOSInternal.h>
#include <AssertMacros.h>
#include <SOSCircle/CKBridge/SOSCloudKeychainClient.h>
#include <SOSCircle/CKBridge/SOSCloudKeychainConstants.h>
#define IDS "IDS transport"
struct __OpaqueSOSTransportMessageIDS {
struct __OpaqueSOSTransportMessage m;
};
const CFStringRef kSecIDSErrorDomain = CFSTR("com.apple.security.ids.error");
static bool sendToPeer(SOSTransportMessageRef transport, CFStringRef circleName, CFStringRef deviceID, CFStringRef peerID, idsOperation whichOTRType, CFDataRef message, CFErrorRef *error);
static bool syncWithPeers(SOSTransportMessageRef transport, CFDictionaryRef circleToPeerIDs, CFErrorRef *error);
static bool sendMessages(SOSTransportMessageRef transport, CFDictionaryRef circleToPeersToMessage, CFErrorRef *error);
static void destroy(SOSTransportMessageRef transport);
static bool cleanupAfterPeer(SOSTransportMessageRef transport, CFDictionaryRef circle_to_peer_ids, CFErrorRef *error);
static bool flushChanges(SOSTransportMessageRef transport, CFErrorRef *error);
static CF_RETURNS_RETAINED CFDictionaryRef handleMessages(SOSTransportMessageRef transport, CFMutableDictionaryRef circle_peer_messages_table, CFErrorRef *error);
static inline CFIndex getTransportType(SOSTransportMessageRef transport, CFErrorRef *error){
return kIDS;
}
SOSTransportMessageIDSRef SOSTransportMessageIDSCreate(SOSAccountRef account, CFStringRef circleName, CFErrorRef *error)
{
SOSTransportMessageIDSRef ids = (SOSTransportMessageIDSRef) SOSTransportMessageCreateForSubclass(sizeof(struct __OpaqueSOSTransportMessageIDS) - sizeof(CFRuntimeBase), account, circleName, error);
if (ids) {
ids->m.sendMessages = sendMessages;
ids->m.syncWithPeers = syncWithPeers;
ids->m.flushChanges = flushChanges;
ids->m.cleanupAfterPeerMessages = cleanupAfterPeer;
ids->m.destroy = destroy;
ids->m.handleMessages = handleMessages;
ids->m.getTransportType = getTransportType;
if ((whichTransportType == kSOSTransportIDS || whichTransportType == kSOSTransportFuture || whichTransportType == kSOSTransportPresent) && account->ids_message_transport) {
CFStringRef deviceID = SOSPeerInfoCopyDeviceID(SOSFullPeerInfoGetPeerInfo(account->my_identity));
if(deviceID == NULL || CFStringGetLength(deviceID) == 0){
__block bool success = false;
SOSCloudKeychainGetIDSDeviceID(^(CFDictionaryRef returnedValues, CFErrorRef sync_error){
success = (sync_error == NULL);
if (*error) {
CFRetainAssign(*error, sync_error);
}
});
if(!success){
secerror("Could not ask IDSKeychainSyncingProxy for Device ID: %@", *error);
}
else{
secdebug("IDS Transport", "Attempting to retrieve the IDS Device ID");
}
}
CFReleaseNull(deviceID);
}
if (whichTransportType == kSOSTransportIDS) {
SOSPeerInfoRef myPeer = SOSAccountGetMyPeerInfo(account);
if(myPeer){
__block bool success = false;
CFStringRef deviceIDRefreshed = SOSPeerInfoCopyDeviceID(myPeer);
if(!deviceIDRefreshed || 0 == CFStringGetLength(deviceIDRefreshed)){
SOSCloudKeychainGetIDSDeviceID(^(CFDictionaryRef returnedValues, CFErrorRef sync_error){
success = (sync_error == NULL);
if (error) {
CFRetainAssign(*error, sync_error);
}
});
if(!success){
secerror("Could not ask IDSKeychainSyncingProxy for Device ID");
}
else{
secdebug("IDS Transport", "Attempting to retrieve the IDS Device ID");
}
CFReleaseNull(deviceIDRefreshed);
}
}
}
SOSRegisterTransportMessage((SOSTransportMessageRef)ids);
}
return ids;
}
static void destroy(SOSTransportMessageRef transport){
SOSUnregisterTransportMessage(transport);
}
static CF_RETURNS_RETAINED CFDictionaryRef handleMessages(SOSTransportMessageRef transport, CFMutableDictionaryRef circle_peer_messages_table, CFErrorRef *error) {
return CFDictionaryCreateForCFTypes(kCFAllocatorDefault);
}
HandleIDSMessageReason SOSTransportMessageIDSHandleMessage(SOSAccountRef account, CFDictionaryRef message, CFErrorRef *error) {
secdebug("IDS Transport", "SOSTransportMessageIDSHandleMessage!");
CFStringRef dataKey = CFStringCreateWithCString(kCFAllocatorDefault, kMessageKeyIDSDataMessage, kCFStringEncodingASCII);
CFStringRef deviceIDKey = CFStringCreateWithCString(kCFAllocatorDefault, kMessageKeyDeviceID, kCFStringEncodingASCII);
CFDataRef messageData = (CFDataRef)CFDictionaryGetValue(message, dataKey);
CFStringRef fromID = (CFStringRef)CFDictionaryGetValue(message, deviceIDKey);
SOSPeerInfoRef myPeer = SOSAccountGetMyPeerInfo(account);
if(!myPeer) {
CFReleaseNull(deviceIDKey);
CFReleaseNull(dataKey);
if(!SOSAccountHasFullPeerInfo(account, error))
return kHandleIDSMessageOtherFail;
}
__block CFStringRef peerID = NULL;
SOSCircleForEachPeer(account->trusted_circle, ^(SOSPeerInfoRef peer) {
CFStringRef deviceID = SOSPeerInfoCopyDeviceID(peer);
if(CFStringCompare(deviceID, fromID, 0) == 0)
peerID = SOSPeerInfoGetPeerID(peer);
CFReleaseNull(deviceID);
});
if(!peerID){
secerror("Could not find peer matching the IDS device ID, dropping message");
CFReleaseNull(dataKey);
CFReleaseNull(deviceIDKey);
return kHandleIDSMessageNotReady;
}
if(messageData){
if (SOSTransportMessageHandlePeerMessage(account->ids_message_transport, peerID, messageData, error)) {
CFMutableDictionaryRef peersToSyncWith = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
CFMutableArrayRef peerIDs = CFArrayCreateMutableForCFTypes(kCFAllocatorDefault);
CFArrayAppendValue(peerIDs, peerID);
CFDictionaryAddValue(peersToSyncWith, SOSCircleGetName(account->trusted_circle), peerIDs);
if(!SOSTransportMessageSyncWithPeers(account->ids_message_transport, peersToSyncWith, error))
{
secerror("SOSTransportMessageIDSHandleMessage Could not sync with all peers: %@", *error);
}
else{
secdebug("IDS Transport", "Synced with all peers!");
CFReleaseNull(dataKey);
CFReleaseNull(deviceIDKey);
return kHandleIDSMessageSuccess;
}
}
else{
CFReleaseNull(dataKey);
CFReleaseNull(deviceIDKey);
secerror("IDS Transport Could not handle message: %@", messageData);
return kHandleIDSMessageOtherFail;
}
}
secerror("Data doesn't exist: %@", messageData);
CFReleaseNull(deviceIDKey);
CFReleaseNull(dataKey);
return kHandleIDSMessageOtherFail;
}
static bool sendToPeer(SOSTransportMessageRef transport, CFStringRef circleName, CFStringRef deviceID, CFStringRef peerID, idsOperation whichOTRType, CFDataRef message, CFErrorRef *error)
{
__block bool success = false;
CFStringRef errorMessage = NULL;
CFDictionaryRef userInfo;
CFStringRef operation = NULL;
CFDataRef operationData = NULL;
CFMutableDataRef mutableData = NULL;
SOSAccountRef account = SOSTransportMessageGetAccount(transport);
CFStringRef ourPeerID = SOSPeerInfoGetPeerID(SOSAccountGetMyPeerInfo(account));
require_action_quiet((deviceID != NULL && CFStringGetLength(deviceID) >0), fail, errorMessage = CFSTR("Need an IDS Device ID to sync"));
if(whichOTRType == kIDSSyncMessagesCompact)
operation = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("%d"), kIDSSyncMessagesCompact);
else
operation = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("%d"), kIDSSyncMessagesRaw);
require_action_quiet(operation, fail, errorMessage = CFSTR("Failed to allocate a CFStringRef"));
operationData = CFStringCreateExternalRepresentation(kCFAllocatorDefault, operation, kCFStringEncodingUTF8, 0);
require_action_quiet(operationData, fail, errorMessage = CFSTR("Failed to allocate data"));
mutableData = CFDataCreateMutable(kCFAllocatorDefault, CFDataGetLength(operationData) + CFDataGetLength(message));
require_action_quiet(mutableData, fail, errorMessage = CFSTR("Failed to allocate mutable data"));
CFDataAppend(mutableData, operationData);
CFDataAppend(mutableData, message);
dispatch_semaphore_t wait_for = dispatch_semaphore_create(0);
dispatch_retain(wait_for);
secnotice("ids transport", "Starting");
SOSCloudKeychainSendIDSMessage(mutableData, deviceID, ourPeerID, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), ^(CFDictionaryRef returnedValues, CFErrorRef sync_error) {
success = (sync_error == NULL);
if (error) {
CFRetainAssign(*error, sync_error);
}
dispatch_semaphore_signal(wait_for);
dispatch_release(wait_for);
});
dispatch_semaphore_wait(wait_for, DISPATCH_TIME_FOREVER);
dispatch_release(wait_for);
if(!success){
if(error != NULL)
secerror("Failed to send message to peer! %@", *error);
else
secerror("Failed to send message to peer");
}
else{
secdebug("IDS Transport", "Sent message to peer!");
}
CFReleaseNull(operation);
CFReleaseNull(operationData);
CFReleaseNull(mutableData);
return success;
fail:
userInfo = CFDictionaryCreateForCFTypes(kCFAllocatorDefault, kCFErrorLocalizedDescriptionKey, errorMessage, NULL);
if(error != NULL){
*error =CFErrorCreate(kCFAllocatorDefault, CFSTR("com.apple.security.ids.error"), kSecIDSErrorNoDeviceID, userInfo);
secerror("%@", *error);
}
CFReleaseNull(operation);
CFReleaseNull(operationData);
CFReleaseNull(mutableData);
CFReleaseNull(userInfo);
return success;
}
static bool syncWithPeers(SOSTransportMessageRef transport, CFDictionaryRef circleToPeerIDs, CFErrorRef *error) {
__block bool result = true;
CFDictionaryForEach(circleToPeerIDs, ^(const void *key, const void *value) {
if (isString(key) && isArray(value)) {
CFStringRef circleName = (CFStringRef) key;
CFArrayForEach(value, ^(const void *value) {
if (isString(value)) {
CFStringRef peerID = (CFStringRef) value;
result &= SOSTransportMessageSendMessageIfNeeded(transport, circleName, peerID, error);
}
});
}
});
return result;
}
static bool sendMessages(SOSTransportMessageRef transport, CFDictionaryRef circleToPeersToMessage, CFErrorRef *error) {
__block bool result = true;
SOSCircleRef circle = SOSAccountGetCircle(transport->account, error);
__block SOSAccountRef account = SOSTransportMessageGetAccount(transport);
__block SOSPeerInfoRef myPeerInfo = SOSFullPeerInfoGetPeerInfo(SOSAccountGetMyFullPeerInfo(account));
CFDictionaryForEach(circleToPeersToMessage, ^(const void *key, const void *value) {
if (isString(key) && isDictionary(value)) {
CFStringRef circleName = (CFStringRef) key;
CFDictionaryForEach(value, ^(const void *key, const void *value) {
if (isString(key) && isData(value)) {
CFStringRef peerID = (CFStringRef) key;
CFDataRef message = (CFDataRef) value;
SOSCircleForEachPeer(circle, ^(SOSPeerInfoRef peer) {
CFStringRef deviceID = SOSPeerInfoCopyDeviceID(peer);
if(CFEqualSafe(SOSPeerInfoGetPeerID(peer), peerID) || CFEqualSafe(deviceID, peerID)){
bool rx = false;
if(SOSPeerInfoShouldUseIDSTransport(myPeerInfo, peer))
rx = sendToPeer(transport, circleName, deviceID, peerID, kIDSSyncMessagesCompact, message, error);
else
rx = sendToPeer(transport, circleName, deviceID, peerID, kIDSSyncMessagesRaw, message, error);
result &= rx;
}
CFReleaseNull(deviceID);
});
}
});
}
});
return result;
}
static bool flushChanges(SOSTransportMessageRef transport, CFErrorRef *error)
{
return true;
}
static bool cleanupAfterPeer(SOSTransportMessageRef transport, CFDictionaryRef circle_to_peer_ids, CFErrorRef *error)
{
return true;
}