#ifndef _H_SSTRANSIT
#define _H_SSTRANSIT
#include <securityd_client/ssclient.h>
#include <security_cdsa_utilities/cssmwalkers.h>
#include <security_cdsa_utilities/AuthorizationWalkers.h>
#include <securityd_client/ucsp.h>
#include <securityd_client/ucspNotify.h>
namespace Security {
namespace SecurityServer {
#define UCSP_ARGS mGlobal().serverPort, mGlobal().thread().replyPort, &securitydCreds, &rcode
#define IPCSTART \
CSSM_RETURN rcode = CSSM_ERRCODE_INTERNAL_ERROR; security_token_t securitydCreds = {};
#define IPCEVAL(statement) check(statement)
#define IPCEVALRESET(statement) { \
kern_return_t r = statement; \
if(r == MACH_SEND_INVALID_DEST) { \
ClientSession::reset(); \
} \
check(r); \
}
#define IPC_CHECK_VALIDITY \
if (securitydCreds.val[0] != 0 IFDEBUG( && !getenv("SECURITYSERVER_NONROOT"))) \
CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE)
#define IPC_CHECK_RETCODE if (rcode != CSSM_OK) CssmError::throwMe(rcode);
#define IPCBASIC(statement) { \
IPCSTART \
IPCEVAL(statement); \
IPC_CHECK_VALIDITY; \
IPC_CHECK_RETCODE; \
}
#define IPCN(statement) { \
IPCSTART \
IPCEVALRESET(statement); \
IPC_CHECK_VALIDITY; \
IPC_CHECK_RETCODE; \
}
#define IPC(statement) { activate(); IPCN(statement); }
#define IPCKEY(statement, key, tag) { \
IPCSTART \
activate(); \
IPCEVALRESET(statement); \
IPC_CHECK_VALIDITY; \
switch (rcode) { \
case CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT: \
notifyAclChange(key, tag); \
case CSSM_OK: \
break; \
default: \
CssmError::throwMe(rcode); \
} \
}
#define DATA(arg) arg.data(), (mach_msg_type_number_t)(arg.length())
#define OPTIONALDATA(arg) (arg ? arg->data() : NULL), (mach_msg_type_number_t)(arg ? arg->length() : 0)
#define DATA_OUT(arg) arg.data(), arg.length()
#define COPY(copy) copy, copy.length(), copy
#define COPY_OUT(copy) ©, ©##Length, ©##Base
#define COPY_OUT_DECL(type,name) type *name, *name##Base; mach_msg_type_number_t name##Length
class DataOutput {
public:
DataOutput(CssmData &arg, Allocator &alloc)
: allocator(alloc), mTarget(&arg) { mData = NULL; mLength = 0; }
DataOutput(CssmData *arg, Allocator &alloc)
: allocator(alloc), mTarget(arg) { mData = NULL; mLength = 0; }
~DataOutput();
void **data() { return &mData; }
mach_msg_type_number_t *length() { return &mLength; }
Allocator &allocator;
private:
CssmData *mTarget;
void *mData;
mach_msg_type_number_t mLength;
};
class DatabaseAccessCredentials : public Copier<AccessCredentials> {
public:
DatabaseAccessCredentials(const AccessCredentials *creds, Allocator &alloc);
private:
void mapKeySample(CssmData &cspHandleData, CssmKey &key);
};
class DataRetrieval : public Copier<CssmDbRecordAttributeData> {
public:
DataRetrieval(CssmDbRecordAttributeData *&attrs, Allocator &alloc);
~DataRetrieval();
operator CssmDbRecordAttributeData **() { return &mAddr; }
operator mach_msg_type_number_t *() { return &mLength; }
CssmDbRecordAttributeData **base() { return &mBase; }
private:
Allocator &mAllocator;
CssmDbRecordAttributeData *&mAttributes;
CssmDbRecordAttributeData *mAddr, *mBase;
mach_msg_type_number_t mLength;
};
} }
#endif //_H_SSTRANSIT