#ifndef _H_CSPROXY
#define _H_CSPROXY
#include <security_utilities/cfutilities.h>
#include <security_cdsa_utilities/handleobject.h>
#include <security_utilities/mach++.h>
#include <security_utilities/machserver.h>
#include <security_cdsa_utilities/cssmdata.h>
#include <Security/SecCodeHost.h>
#include <string>
#include <map>
using MachPlusPlus::Port;
using MachPlusPlus::MachServer;
class CodeSigningHost : private MachServer::Handler {
public:
CodeSigningHost();
~CodeSigningHost();
void reset();
enum HostingState {
noHosting, dynamicHosting, proxyHosting };
enum GuestCheck {
strict, loose };
struct Guest : public RefCount, public HandleObject {
public:
~Guest();
std::vector<SecGuestRef> guestPath; uint32_t status; std::string path; CFRef<CFDictionaryRef> attributes; CFRef<CFDataRef> cdhash; bool dedicated;
operator bool() const { return attributes; } SecGuestRef guestRef() const { return handle(); }
void setAttributes(const CssmData &attrData);
CFDataRef attrData() const;
void setHash(const CssmData &given, bool generate);
bool isGuestOf(Guest *host, GuestCheck check) const;
bool matches(CFIndex count, CFTypeRef keys[], CFTypeRef values[]) const;
IFDUMP(void dump() const);
private:
mutable CFRef<CFDataRef> mAttrData; };
void registerCodeSigning(mach_port_t hostingPort, SecCSFlags flags);
Port hostingPort() const { return mHostingPort; }
SecGuestRef createGuest(SecGuestRef guest,
uint32_t status, const char *path,
const CssmData &cdhash, const CssmData &attributes, SecCSFlags flags);
void setGuestStatus(SecGuestRef guest, uint32_t status, const CssmData &attributes);
void removeGuest(SecGuestRef host, SecGuestRef guest);
public:
IFDUMP(void dump() const);
public:
Guest *findHost(SecGuestRef hostRef); Guest *findGuest(Guest *host, const CssmData &attrData); Guest *findGuest(SecGuestRef guestRef, bool hostOk = false); Guest *findGuest(Guest *host);
class Lock;
friend class Lock;
private:
boolean_t handle(mach_msg_header_t *in, mach_msg_header_t *out);
void eraseGuest(Guest *guest);
private:
mutable Mutex mLock;
HostingState mHostingState; Port mHostingPort;
typedef std::map<SecGuestRef, RefPointer<Guest> > GuestMap;
GuestMap mGuests;
};
#endif //_H_CSPROXY