CFErrorRef SecCreateCFErrorWithXPCObject(xpc_object_t xpc_error)
{
    CFErrorRef result = NULL;

    if (xpc_get_type(xpc_error) == XPC_TYPE_DICTIONARY) {
        CFStringRef domain = NULL;

        const char * domain_string = xpc_dictionary_get_string(xpc_error, kDomainKey);
        if (domain_string != NULL) {
            domain = CFStringCreateWithCString(kCFAllocatorDefault, domain_string, kCFStringEncodingUTF8);
        } else {
            domain = sSecXPCErrorDomain;
            CFRetain(domain);
        }
        CFIndex code = (CFIndex) xpc_dictionary_get_int64(xpc_error, kCodeKey);

        const char *description = xpc_dictionary_get_string(xpc_error, kDescriptionKey);

        SecCFCreateErrorWithFormat(code, domain, NULL, &result, NULL, CFSTR("Remote error : %s"), description);

        CFReleaseSafe(domain);
    } else {
        SecCFCreateErrorWithFormat(kSecXPCErrorUnexpectedType, sSecXPCErrorDomain, NULL, &result, NULL, CFSTR("Remote error not dictionary!: %@"), xpc_error);
    }
    return result;
}
Beispiel #2
0
CAMLprim value
caml_init_vmnet(value v_mode)
{
  CAMLparam1(v_mode);
  CAMLlocal3(v_iface_ref,v_res,v_mac);
  xpc_object_t interface_desc = xpc_dictionary_create(NULL, NULL, 0);
  xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, Int_val(v_mode));
  uuid_t uuid;
  uuid_generate_random(uuid);
  xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
  __block interface_ref iface = NULL;
  __block vmnet_return_t iface_status = 0;
  __block unsigned char *mac = malloc(6);
  if (!mac) caml_raise_out_of_memory ();
  __block unsigned int mtu = 0;
  __block unsigned int max_packet_size = 0;
  dispatch_queue_t if_create_q = dispatch_queue_create("org.openmirage.vmnet.create", DISPATCH_QUEUE_SERIAL);
  dispatch_semaphore_t iface_created = dispatch_semaphore_create(0);
  iface = vmnet_start_interface(interface_desc, if_create_q,
    ^(vmnet_return_t status, xpc_object_t interface_param) { 
      iface_status = status;
      if (status != VMNET_SUCCESS || !interface_param) {
         dispatch_semaphore_signal(iface_created);
         return;
      }
      //printf("mac desc: %s\n", xpc_copy_description(xpc_dictionary_get_value(interface_param, vmnet_mac_address_key)));
      const char *macStr = xpc_dictionary_get_string(interface_param, vmnet_mac_address_key);
      unsigned char lmac[6];
      if (sscanf(macStr, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx", &lmac[0], &lmac[1], &lmac[2], &lmac[3], &lmac[4], &lmac[5]) != 6)
        errx(1, "Unexpected MAC address received from vmnet");
      memcpy(mac, lmac, 6);
      mtu = xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key);
      max_packet_size = xpc_dictionary_get_uint64(interface_param, vmnet_max_packet_size_key);
      dispatch_semaphore_signal(iface_created);
    });
Beispiel #3
0
static void xpcEventHandler(xpc_connection_t connection, xpc_object_t event)
{
	syslog(LOG_NOTICE, "received event in helper");

	xpc_type_t type = xpc_get_type(event);
    
	if (type == XPC_TYPE_ERROR) {
		if (event == XPC_ERROR_CONNECTION_INVALID) {
			// the client process on the other end of the connection has either
			// crashed or cancelled the connection. After receiving this error,
			// the connection is in an invalid state, and you do not need to
			// call xpc_connection_cancel(). Just tear down any associated state
			// here.
		}
		else if (event == XPC_ERROR_TERMINATION_IMMINENT) {
			// handle per-connection termination cleanup.
		}
	}
	else {
		xpc_connection_t remote = xpc_dictionary_get_remote_connection(event);

		const char* command = xpc_dictionary_get_string(event, "request");
		syslog(LOG_NOTICE, "received command in helper: %s", command);
		system(command);
		
		xpc_object_t reply = xpc_dictionary_create_reply(event);
		xpc_dictionary_set_string(reply, "reply", "command has been executed");
		xpc_connection_send_message(remote, reply);
		xpc_release(reply);
	}
}
static xpc_connection_t swca_create_connection(const char *name) {
    if (!name)
        name = kSWCAXPCServiceName;
    xpc_connection_t connection;
    connection = xpc_connection_create_mach_service(name, NULL, 0);
    xpc_connection_set_event_handler(connection, ^(xpc_object_t event) {
        const char *description = xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION);
        secnotice("xpc", "got event: %s", description);
    });
__private_extern__
libSC_info_client_t *
libSC_info_client_create(dispatch_queue_t	q,
			 const char		*service_name,
			 const char		*service_description)
{
	xpc_connection_t	c;
	libSC_info_client_t	*client;
#if	!TARGET_IPHONE_SIMULATOR
	const uint64_t		flags	=	XPC_CONNECTION_MACH_SERVICE_PRIVILEGED;
#else	// !TARGET_IPHONE_SIMULATOR
	const uint64_t		flags	=	0;
#endif	// !TARGET_IPHONE_SIMULATOR

	if (_has_forked) {
		return NULL;
	}

	client = malloc(sizeof(libSC_info_client_t));
	client->active = TRUE;
	client->service_description = strdup(service_description);
	client->service_name = strdup(service_name);

	c = xpc_connection_create_mach_service(service_name, q, flags);

	xpc_connection_set_event_handler(c, ^(xpc_object_t xobj) {
		xpc_type_t	type;

		type = xpc_get_type(xobj);
		if (type == XPC_TYPE_DICTIONARY) {
			asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: unexpected message", client->service_name);
			log_xpc_object("  dict = ", xobj);
		} else if (type == XPC_TYPE_ERROR) {
			if (xobj == XPC_ERROR_CONNECTION_INVALID) {
				asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: server not available", client->service_name);
				client->active = FALSE;
			} else if (xobj == XPC_ERROR_CONNECTION_INTERRUPTED) {
				asl_log(NULL, NULL, ASL_LEVEL_DEBUG, "%s: server failed", client->service_name);
			} else {
				const char	*desc;

				desc = xpc_dictionary_get_string(xobj, XPC_ERROR_KEY_DESCRIPTION);
				asl_log(NULL, NULL, ASL_LEVEL_DEBUG,
					"%s: connection error: %d : %s",
					client->service_name,
					xpc_connection_get_pid(c),
					desc);
			}

		} else {
			asl_log(NULL, NULL, ASL_LEVEL_ERR,
				"%s: unknown event type : %p",
				client->service_name,
				type);
		}
	});
Beispiel #6
0
int main(){
  xpc_connection_t conn = xpc_connection_create_mach_service("com.apple.networkd", NULL, XPC_CONNECTION_MACH_SERVICE_PRIVILEGED);

  xpc_connection_set_event_handler(conn, ^(xpc_object_t event) {
    xpc_type_t t = xpc_get_type(event);
    if (t == XPC_TYPE_ERROR){
      printf("err: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION));
    }
    printf("received an event\n");
  });
Beispiel #7
0
//
// Your standard server-side xpc main
//
int main (int argc, char * const argv[])
{
    const char *name = serviceName;
    if (const char *s = getenv("SYSPOLICYNAME"))
        name = s;

//    extern char *optarg;
    extern int optind;
    int arg;
    while ((arg = getopt(argc, argv, "v")) != -1)
        switch (arg) {
        case 'v':
            break;
        case '?':
            usage();
        }
    if (optind < argc)
        usage();

    dispatch_queue_t queue = dispatch_queue_create("server", 0);
    xpc_connection_t service = xpc_connection_create_mach_service(name, queue, XPC_CONNECTION_MACH_SERVICE_LISTENER /* | XPC_CONNECTION_MACH_SERVICE_PRIVILEGED */);

    xpc_connection_set_event_handler(service, ^(xpc_object_t cmsg) {
        if (xpc_get_type(cmsg) == XPC_TYPE_CONNECTION) {
            xpc_connection_t connection = xpc_connection_t(cmsg);
            syslog(LOG_DEBUG, "Connection from pid %d", xpc_connection_get_pid(connection));
            xpc_connection_set_event_handler(connection, ^(xpc_object_t msg) {
                if (xpc_get_type(msg) == XPC_TYPE_DICTIONARY) {
                    const char *function = xpc_dictionary_get_string(msg, "function");
                    syslog(LOG_DEBUG, "pid %d requested %s", xpc_connection_get_pid(connection), function);
                    xpc_object_t reply = xpc_dictionary_create_reply(msg);
                    try {
                        if (function == NULL) {
                            xpc_dictionary_set_int64(reply, "error", errSecCSInternalError);
                        } else if (!strcmp(function, "assess")) {
                            doAssess(msg, reply);
                        } else if (!strcmp(function, "update")) {
                            doUpdate(msg, reply);
                        } else if (!strcmp(function, "record")) {
                            doRecord(msg, reply, connection);
                        } else {
                            xpc_dictionary_set_int64(reply, "error", errSecCSInternalError);
                        }
                    } catch (...) {
                        xpc_dictionary_set_int64(reply, "error", errSecCSInternalError);
                    }
                    xpc_connection_send_message(connection, reply);
                    xpc_release(reply);
                }
            });
            xpc_connection_resume(connection);
        } else {
Beispiel #8
0
static void __XPC_Fetch_Process_Request(xpc_object_t request, xpc_object_t reply)
{
    // Get the URL and XPC connection from the XPC request
    if (xpc_dictionary_get_value(request, "check_asl_patch") != NULL)
    {
        bool result = checkASLPatch();
        xpc_dictionary_set_bool(reply, "check_asl_patch", result);
    }
    else if (xpc_dictionary_get_value(request, "patch_asl") != NULL)
    {
        const char *reactivationScript = xpc_dictionary_get_string(request, "script_path");
        bool result = applyASLPatch(reactivationScript);
        xpc_dictionary_set_bool(reply, "patch_asl", result);
    }
}
Beispiel #9
0
static int
vmnet_get_mac_address_from_uuid(char *guest_uuid_str) {
/*
 * from vmn_create() in https://github.com/mist64/xhyve/blob/master/src/pci_virtio_vmnet.c
 */
  xpc_object_t interface_desc;
  uuid_t uuid;
  __block interface_ref iface;
  __block vmnet_return_t iface_status;
  dispatch_semaphore_t iface_created;
  dispatch_queue_t if_create_q;
  uint32_t uuid_status;

  interface_desc = xpc_dictionary_create(NULL, NULL, 0);
  xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, VMNET_SHARED_MODE);

  uuid_from_string(guest_uuid_str, &uuid, &uuid_status);
  if (uuid_status != uuid_s_ok) {
    fprintf(stderr, "Invalid UUID\n");
    return -1;
  }

  xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
  iface = NULL;
  iface_status = 0;

  if_create_q = dispatch_queue_create("org.xhyve.vmnet.create", DISPATCH_QUEUE_SERIAL);

  iface_created = dispatch_semaphore_create(0);

  iface = vmnet_start_interface(interface_desc, if_create_q,
    ^(vmnet_return_t status, xpc_object_t interface_param)
  {
    iface_status = status;
    if (status != VMNET_SUCCESS || !interface_param) {
      dispatch_semaphore_signal(iface_created);
      return;
    }

    printf("%s\n", xpc_dictionary_get_string(interface_param, vmnet_mac_address_key));

    dispatch_semaphore_signal(iface_created);
  });
Beispiel #10
0
static OSStatus sendTSARequestWithXPC(const unsigned char *tsaReq, size_t tsaReqLength, const unsigned char *tsaURL, unsigned char **tsaResp, size_t *tsaRespLength)
{
    __block OSStatus result = noErr;
    int timeoutInSeconds = 15;
    extern xpc_object_t xpc_create_with_format(const char * format, ...);

	dispatch_queue_t xpc_queue = dispatch_queue_create("com.apple.security.XPCTimeStampingService", DISPATCH_QUEUE_SERIAL);
    __block dispatch_semaphore_t waitSemaphore = dispatch_semaphore_create(0);
    dispatch_time_t finishTime = dispatch_time(DISPATCH_TIME_NOW, timeoutInSeconds * NSEC_PER_SEC);

    xpc_connection_t con = xpc_connection_create("com.apple.security.XPCTimeStampingService", xpc_queue);

    xpc_connection_set_event_handler(con, ^(xpc_object_t event) {
        xpc_type_t xtype = xpc_get_type(event);
        if (XPC_TYPE_ERROR == xtype)
        {    tsaDebug("default: connection error: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION)); }
        else
         {   tsaDebug("default: unexpected connection event %p\n", event); }
    });
Beispiel #11
0
/*
 * Create an interface for the guest using Apple's vmnet framework.
 *
 * The interface works in VMNET_SHARED_MODE which allows for packets
 * of the guest to reach other guests and the Internet.
 *
 * See also: https://developer.apple.com/library/mac/documentation/vmnet/Reference/vmnet_Reference/index.html
 */
static int
vmn_create(struct pci_vtnet_softc *sc)
{
	xpc_object_t interface_desc;
	uuid_t uuid;
	__block interface_ref iface;
	__block vmnet_return_t iface_status;
	dispatch_semaphore_t iface_created;
	dispatch_queue_t if_create_q;
	dispatch_queue_t if_q;
	struct vmnet_state *vms;
	uint32_t uuid_status;

	interface_desc = xpc_dictionary_create(NULL, NULL, 0);
	xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key,
		VMNET_SHARED_MODE);

	if (guest_uuid_str != NULL) {
		uuid_from_string(guest_uuid_str, &uuid, &uuid_status);
		if (uuid_status != uuid_s_ok) {
			return (-1);
		}
	} else {
		uuid_generate_random(uuid);
	}

	xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid);
	iface = NULL;
	iface_status = 0;

	vms = malloc(sizeof(struct vmnet_state));

	if (!vms) {
		return (-1);
	}

	if_create_q = dispatch_queue_create("org.xhyve.vmnet.create",
		DISPATCH_QUEUE_SERIAL);

	iface_created = dispatch_semaphore_create(0);

	iface = vmnet_start_interface(interface_desc, if_create_q,
		^(vmnet_return_t status, xpc_object_t interface_param)
	{
		iface_status = status;
		if (status != VMNET_SUCCESS || !interface_param) {
			dispatch_semaphore_signal(iface_created);
			return;
		}

		if (sscanf(xpc_dictionary_get_string(interface_param,
			vmnet_mac_address_key),
			"%hhx:%hhx:%hhx:%hhx:%hhx:%hhx",
			&vms->mac[0], &vms->mac[1], &vms->mac[2], &vms->mac[3],
			&vms->mac[4], &vms->mac[5]) != 6)
		{
			assert(0);
		}

		vms->mtu = (unsigned)
			xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key);
		vms->max_packet_size = (unsigned)
			xpc_dictionary_get_uint64(interface_param,
				vmnet_max_packet_size_key);
		dispatch_semaphore_signal(iface_created);
	});
#if CHECK_ENTITLEMENTS
    CFStringRef canModify = (CFStringRef)SecTaskCopyValueForEntitlement(task,
        entitlement, NULL);
    if (!canModify)
        return false;
    CFTypeID canModifyType = CFGetTypeID(canModify);
    bool ok = (CFBooleanGetTypeID() == canModifyType) && CFBooleanGetValue((CFBooleanRef)canModify);
    CFRelease(canModify);
    return ok;
#else
    return true;
#endif /* !CHECK_ENTITLEMENTS */
}

static void with_label_and_password(xpc_object_t message, void (^action)(CFStringRef label, CFDataRef password)) {
    const char *label_utf8 = xpc_dictionary_get_string(message, kSecXPCKeyUserLabel);

    size_t password_length = 0;
    const void *password_data = xpc_dictionary_get_data(message, kSecXPCKeyUserPassword, &password_length);

    CFDataRef user_password = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, password_data, password_length, kCFAllocatorNull);
    CFStringRef user_label = CFStringCreateWithCString(kCFAllocatorDefault, label_utf8, kCFStringEncodingUTF8);

    action(user_label, user_password);

    CFReleaseNull(user_password);
    CFReleaseNull(user_label);
}

static bool SecXPCDictionarySetChainOptional(xpc_object_t message, const char *key, SecCertificatePathRef path, CFErrorRef *error) {
    if (!path)