CFArrayRef SecACLCopyAuthorizations(SecACLRef acl)
{
CFArrayRef result = NULL;
if (NULL == acl)
{
return result;
}
AclAuthorizationSet auths = ACL::required(acl)->authorizations();
uint32 numAuths = (uint32)auths.size();
CSSM_ACL_AUTHORIZATION_TAG* tags = new CSSM_ACL_AUTHORIZATION_TAG[numAuths];
int i;
for (i = 0; i < numAuths; ++i)
{
tags[i] = NULL;
}
OSStatus err = SecACLGetAuthorizations(acl, tags, &numAuths);
if (errSecSuccess != err)
{
return result;
}
CFTypeRef* strings = new CFTypeRef[numAuths];
for (i = 0; i < numAuths; ++i)
{
strings[i] = NULL;
}
for (size_t iCnt = 0; iCnt < numAuths; iCnt++)
{
strings[iCnt] = (CFTypeRef)GetAuthStringFromACLAuthorizationTag(tags[iCnt]);
}
result = CFArrayCreate(kCFAllocatorDefault, (const void **)strings, numAuths, &kCFTypeArrayCallBacks);
delete[] strings;
delete[] tags;
return result;
}
OSStatus SecAccessCopyOwnerAndACL(SecAccessRef accessRef, uid_t* userId, gid_t* groupId, SecAccessOwnerType* ownerType, CFArrayRef* aclList)
{
CSSM_ACL_OWNER_PROTOTYPE_PTR owner = NULL;
CSSM_ACL_ENTRY_INFO_PTR acls = NULL;
uint32 aclCount = 0;
OSStatus result = SecAccessGetOwnerAndACL(accessRef, &owner, &aclCount, &acls);
if (errSecSuccess != result )
{
return result;
}
if (NULL != owner)
{
CSSM_LIST_ELEMENT_PTR listHead = owner->TypedSubject.Head;
if (listHead != NULL && listHead->ElementType == CSSM_LIST_ELEMENT_WORDID)
{
CSSM_LIST_ELEMENT_PTR nextElement = listHead->NextElement;
if (listHead->WordID == CSSM_ACL_SUBJECT_TYPE_PROCESS && listHead->ElementType == CSSM_LIST_ELEMENT_WORDID)
{
// nextElement contains the required data
CSSM_ACL_PROCESS_SUBJECT_SELECTOR* selectorPtr = (CSSM_ACL_PROCESS_SUBJECT_SELECTOR*)nextElement->Element.Word.Data;
if (NULL != selectorPtr)
{
if (NULL != userId)
{
*userId = (uid_t)selectorPtr->uid;
}
if (NULL != groupId)
{
*groupId = (gid_t)selectorPtr->gid;
}
if (NULL != ownerType)
{
*ownerType = (SecAccessOwnerType)selectorPtr->mask;
}
}
}
}
}
if (NULL != aclList)
{
#ifndef NDEBUG
CFShow(CFSTR("SecAccessCopyOwnerAndACL: processing the ACL list"));
#endif
CFMutableArrayRef stringArray = CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
CSSM_ACL_OWNER_PROTOTYPE_PTR protoPtr = NULL;
uint32 numAcls = 0L;
CSSM_ACL_ENTRY_INFO_PTR aclEntry = NULL;
result = SecAccessGetOwnerAndACL(accessRef, &protoPtr, &numAcls, &aclEntry);
if (errSecSuccess == result)
{
#ifndef NDEBUG
CFStringRef tempStr = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("SecAccessCopyOwnerAndACL: numAcls = %d"), numAcls);
CFShow(tempStr);
CFRelease(tempStr);
#endif
for (uint32 iCnt = 0; iCnt < numAcls; iCnt++)
{
CSSM_ACL_ENTRY_PROTOTYPE prototype = aclEntry[iCnt].EntryPublicInfo;
CSSM_AUTHORIZATIONGROUP authGroup = prototype.Authorization;
int numAuthTags = (int)authGroup.NumberOfAuthTags;
for (int jCnt = 0; jCnt < numAuthTags; jCnt++)
{
sint32 aTag = authGroup.AuthTags[jCnt];
CFStringRef aString = GetAuthStringFromACLAuthorizationTag(aTag);
CFArrayAppendValue(stringArray, aString);
}
}
}
if (NULL != stringArray)
{
if (0 < CFArrayGetCount(stringArray))
{
*aclList = CFArrayCreateCopy(kCFAllocatorDefault, stringArray);
}
CFRelease(stringArray);
}
}
return result;
}
