CFErrorRef SecCreateCFErrorWithXPCObject(xpc_object_t xpc_error) { CFErrorRef result = NULL; if (xpc_get_type(xpc_error) == XPC_TYPE_DICTIONARY) { CFStringRef domain = NULL; const char * domain_string = xpc_dictionary_get_string(xpc_error, kDomainKey); if (domain_string != NULL) { domain = CFStringCreateWithCString(kCFAllocatorDefault, domain_string, kCFStringEncodingUTF8); } else { domain = sSecXPCErrorDomain; CFRetain(domain); } CFIndex code = (CFIndex) xpc_dictionary_get_int64(xpc_error, kCodeKey); const char *description = xpc_dictionary_get_string(xpc_error, kDescriptionKey); SecCFCreateErrorWithFormat(code, domain, NULL, &result, NULL, CFSTR("Remote error : %s"), description); CFReleaseSafe(domain); } else { SecCFCreateErrorWithFormat(kSecXPCErrorUnexpectedType, sSecXPCErrorDomain, NULL, &result, NULL, CFSTR("Remote error not dictionary!: %@"), xpc_error); } return result; }
CAMLprim value caml_init_vmnet(value v_mode) { CAMLparam1(v_mode); CAMLlocal3(v_iface_ref,v_res,v_mac); xpc_object_t interface_desc = xpc_dictionary_create(NULL, NULL, 0); xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, Int_val(v_mode)); uuid_t uuid; uuid_generate_random(uuid); xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid); __block interface_ref iface = NULL; __block vmnet_return_t iface_status = 0; __block unsigned char *mac = malloc(6); if (!mac) caml_raise_out_of_memory (); __block unsigned int mtu = 0; __block unsigned int max_packet_size = 0; dispatch_queue_t if_create_q = dispatch_queue_create("org.openmirage.vmnet.create", DISPATCH_QUEUE_SERIAL); dispatch_semaphore_t iface_created = dispatch_semaphore_create(0); iface = vmnet_start_interface(interface_desc, if_create_q, ^(vmnet_return_t status, xpc_object_t interface_param) { iface_status = status; if (status != VMNET_SUCCESS || !interface_param) { dispatch_semaphore_signal(iface_created); return; } //printf("mac desc: %s\n", xpc_copy_description(xpc_dictionary_get_value(interface_param, vmnet_mac_address_key))); const char *macStr = xpc_dictionary_get_string(interface_param, vmnet_mac_address_key); unsigned char lmac[6]; if (sscanf(macStr, "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx", &lmac[0], &lmac[1], &lmac[2], &lmac[3], &lmac[4], &lmac[5]) != 6) errx(1, "Unexpected MAC address received from vmnet"); memcpy(mac, lmac, 6); mtu = xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key); max_packet_size = xpc_dictionary_get_uint64(interface_param, vmnet_max_packet_size_key); dispatch_semaphore_signal(iface_created); });
static void xpcEventHandler(xpc_connection_t connection, xpc_object_t event) { syslog(LOG_NOTICE, "received event in helper"); xpc_type_t type = xpc_get_type(event); if (type == XPC_TYPE_ERROR) { if (event == XPC_ERROR_CONNECTION_INVALID) { // the client process on the other end of the connection has either // crashed or cancelled the connection. After receiving this error, // the connection is in an invalid state, and you do not need to // call xpc_connection_cancel(). Just tear down any associated state // here. } else if (event == XPC_ERROR_TERMINATION_IMMINENT) { // handle per-connection termination cleanup. } } else { xpc_connection_t remote = xpc_dictionary_get_remote_connection(event); const char* command = xpc_dictionary_get_string(event, "request"); syslog(LOG_NOTICE, "received command in helper: %s", command); system(command); xpc_object_t reply = xpc_dictionary_create_reply(event); xpc_dictionary_set_string(reply, "reply", "command has been executed"); xpc_connection_send_message(remote, reply); xpc_release(reply); } }
static xpc_connection_t swca_create_connection(const char *name) { if (!name) name = kSWCAXPCServiceName; xpc_connection_t connection; connection = xpc_connection_create_mach_service(name, NULL, 0); xpc_connection_set_event_handler(connection, ^(xpc_object_t event) { const char *description = xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION); secnotice("xpc", "got event: %s", description); });
__private_extern__ libSC_info_client_t * libSC_info_client_create(dispatch_queue_t q, const char *service_name, const char *service_description) { xpc_connection_t c; libSC_info_client_t *client; #if !TARGET_IPHONE_SIMULATOR const uint64_t flags = XPC_CONNECTION_MACH_SERVICE_PRIVILEGED; #else // !TARGET_IPHONE_SIMULATOR const uint64_t flags = 0; #endif // !TARGET_IPHONE_SIMULATOR if (_has_forked) { return NULL; } client = malloc(sizeof(libSC_info_client_t)); client->active = TRUE; client->service_description = strdup(service_description); client->service_name = strdup(service_name); c = xpc_connection_create_mach_service(service_name, q, flags); xpc_connection_set_event_handler(c, ^(xpc_object_t xobj) { xpc_type_t type; type = xpc_get_type(xobj); if (type == XPC_TYPE_DICTIONARY) { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: unexpected message", client->service_name); log_xpc_object(" dict = ", xobj); } else if (type == XPC_TYPE_ERROR) { if (xobj == XPC_ERROR_CONNECTION_INVALID) { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: server not available", client->service_name); client->active = FALSE; } else if (xobj == XPC_ERROR_CONNECTION_INTERRUPTED) { asl_log(NULL, NULL, ASL_LEVEL_DEBUG, "%s: server failed", client->service_name); } else { const char *desc; desc = xpc_dictionary_get_string(xobj, XPC_ERROR_KEY_DESCRIPTION); asl_log(NULL, NULL, ASL_LEVEL_DEBUG, "%s: connection error: %d : %s", client->service_name, xpc_connection_get_pid(c), desc); } } else { asl_log(NULL, NULL, ASL_LEVEL_ERR, "%s: unknown event type : %p", client->service_name, type); } });
int main(){ xpc_connection_t conn = xpc_connection_create_mach_service("com.apple.networkd", NULL, XPC_CONNECTION_MACH_SERVICE_PRIVILEGED); xpc_connection_set_event_handler(conn, ^(xpc_object_t event) { xpc_type_t t = xpc_get_type(event); if (t == XPC_TYPE_ERROR){ printf("err: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION)); } printf("received an event\n"); });
// // Your standard server-side xpc main // int main (int argc, char * const argv[]) { const char *name = serviceName; if (const char *s = getenv("SYSPOLICYNAME")) name = s; // extern char *optarg; extern int optind; int arg; while ((arg = getopt(argc, argv, "v")) != -1) switch (arg) { case 'v': break; case '?': usage(); } if (optind < argc) usage(); dispatch_queue_t queue = dispatch_queue_create("server", 0); xpc_connection_t service = xpc_connection_create_mach_service(name, queue, XPC_CONNECTION_MACH_SERVICE_LISTENER /* | XPC_CONNECTION_MACH_SERVICE_PRIVILEGED */); xpc_connection_set_event_handler(service, ^(xpc_object_t cmsg) { if (xpc_get_type(cmsg) == XPC_TYPE_CONNECTION) { xpc_connection_t connection = xpc_connection_t(cmsg); syslog(LOG_DEBUG, "Connection from pid %d", xpc_connection_get_pid(connection)); xpc_connection_set_event_handler(connection, ^(xpc_object_t msg) { if (xpc_get_type(msg) == XPC_TYPE_DICTIONARY) { const char *function = xpc_dictionary_get_string(msg, "function"); syslog(LOG_DEBUG, "pid %d requested %s", xpc_connection_get_pid(connection), function); xpc_object_t reply = xpc_dictionary_create_reply(msg); try { if (function == NULL) { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } else if (!strcmp(function, "assess")) { doAssess(msg, reply); } else if (!strcmp(function, "update")) { doUpdate(msg, reply); } else if (!strcmp(function, "record")) { doRecord(msg, reply, connection); } else { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } } catch (...) { xpc_dictionary_set_int64(reply, "error", errSecCSInternalError); } xpc_connection_send_message(connection, reply); xpc_release(reply); } }); xpc_connection_resume(connection); } else {
static void __XPC_Fetch_Process_Request(xpc_object_t request, xpc_object_t reply) { // Get the URL and XPC connection from the XPC request if (xpc_dictionary_get_value(request, "check_asl_patch") != NULL) { bool result = checkASLPatch(); xpc_dictionary_set_bool(reply, "check_asl_patch", result); } else if (xpc_dictionary_get_value(request, "patch_asl") != NULL) { const char *reactivationScript = xpc_dictionary_get_string(request, "script_path"); bool result = applyASLPatch(reactivationScript); xpc_dictionary_set_bool(reply, "patch_asl", result); } }
static int vmnet_get_mac_address_from_uuid(char *guest_uuid_str) { /* * from vmn_create() in https://github.com/mist64/xhyve/blob/master/src/pci_virtio_vmnet.c */ xpc_object_t interface_desc; uuid_t uuid; __block interface_ref iface; __block vmnet_return_t iface_status; dispatch_semaphore_t iface_created; dispatch_queue_t if_create_q; uint32_t uuid_status; interface_desc = xpc_dictionary_create(NULL, NULL, 0); xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, VMNET_SHARED_MODE); uuid_from_string(guest_uuid_str, &uuid, &uuid_status); if (uuid_status != uuid_s_ok) { fprintf(stderr, "Invalid UUID\n"); return -1; } xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid); iface = NULL; iface_status = 0; if_create_q = dispatch_queue_create("org.xhyve.vmnet.create", DISPATCH_QUEUE_SERIAL); iface_created = dispatch_semaphore_create(0); iface = vmnet_start_interface(interface_desc, if_create_q, ^(vmnet_return_t status, xpc_object_t interface_param) { iface_status = status; if (status != VMNET_SUCCESS || !interface_param) { dispatch_semaphore_signal(iface_created); return; } printf("%s\n", xpc_dictionary_get_string(interface_param, vmnet_mac_address_key)); dispatch_semaphore_signal(iface_created); });
static OSStatus sendTSARequestWithXPC(const unsigned char *tsaReq, size_t tsaReqLength, const unsigned char *tsaURL, unsigned char **tsaResp, size_t *tsaRespLength) { __block OSStatus result = noErr; int timeoutInSeconds = 15; extern xpc_object_t xpc_create_with_format(const char * format, ...); dispatch_queue_t xpc_queue = dispatch_queue_create("com.apple.security.XPCTimeStampingService", DISPATCH_QUEUE_SERIAL); __block dispatch_semaphore_t waitSemaphore = dispatch_semaphore_create(0); dispatch_time_t finishTime = dispatch_time(DISPATCH_TIME_NOW, timeoutInSeconds * NSEC_PER_SEC); xpc_connection_t con = xpc_connection_create("com.apple.security.XPCTimeStampingService", xpc_queue); xpc_connection_set_event_handler(con, ^(xpc_object_t event) { xpc_type_t xtype = xpc_get_type(event); if (XPC_TYPE_ERROR == xtype) { tsaDebug("default: connection error: %s\n", xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION)); } else { tsaDebug("default: unexpected connection event %p\n", event); } });
/* * Create an interface for the guest using Apple's vmnet framework. * * The interface works in VMNET_SHARED_MODE which allows for packets * of the guest to reach other guests and the Internet. * * See also: https://developer.apple.com/library/mac/documentation/vmnet/Reference/vmnet_Reference/index.html */ static int vmn_create(struct pci_vtnet_softc *sc) { xpc_object_t interface_desc; uuid_t uuid; __block interface_ref iface; __block vmnet_return_t iface_status; dispatch_semaphore_t iface_created; dispatch_queue_t if_create_q; dispatch_queue_t if_q; struct vmnet_state *vms; uint32_t uuid_status; interface_desc = xpc_dictionary_create(NULL, NULL, 0); xpc_dictionary_set_uint64(interface_desc, vmnet_operation_mode_key, VMNET_SHARED_MODE); if (guest_uuid_str != NULL) { uuid_from_string(guest_uuid_str, &uuid, &uuid_status); if (uuid_status != uuid_s_ok) { return (-1); } } else { uuid_generate_random(uuid); } xpc_dictionary_set_uuid(interface_desc, vmnet_interface_id_key, uuid); iface = NULL; iface_status = 0; vms = malloc(sizeof(struct vmnet_state)); if (!vms) { return (-1); } if_create_q = dispatch_queue_create("org.xhyve.vmnet.create", DISPATCH_QUEUE_SERIAL); iface_created = dispatch_semaphore_create(0); iface = vmnet_start_interface(interface_desc, if_create_q, ^(vmnet_return_t status, xpc_object_t interface_param) { iface_status = status; if (status != VMNET_SUCCESS || !interface_param) { dispatch_semaphore_signal(iface_created); return; } if (sscanf(xpc_dictionary_get_string(interface_param, vmnet_mac_address_key), "%hhx:%hhx:%hhx:%hhx:%hhx:%hhx", &vms->mac[0], &vms->mac[1], &vms->mac[2], &vms->mac[3], &vms->mac[4], &vms->mac[5]) != 6) { assert(0); } vms->mtu = (unsigned) xpc_dictionary_get_uint64(interface_param, vmnet_mtu_key); vms->max_packet_size = (unsigned) xpc_dictionary_get_uint64(interface_param, vmnet_max_packet_size_key); dispatch_semaphore_signal(iface_created); });
#if CHECK_ENTITLEMENTS CFStringRef canModify = (CFStringRef)SecTaskCopyValueForEntitlement(task, entitlement, NULL); if (!canModify) return false; CFTypeID canModifyType = CFGetTypeID(canModify); bool ok = (CFBooleanGetTypeID() == canModifyType) && CFBooleanGetValue((CFBooleanRef)canModify); CFRelease(canModify); return ok; #else return true; #endif /* !CHECK_ENTITLEMENTS */ } static void with_label_and_password(xpc_object_t message, void (^action)(CFStringRef label, CFDataRef password)) { const char *label_utf8 = xpc_dictionary_get_string(message, kSecXPCKeyUserLabel); size_t password_length = 0; const void *password_data = xpc_dictionary_get_data(message, kSecXPCKeyUserPassword, &password_length); CFDataRef user_password = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, password_data, password_length, kCFAllocatorNull); CFStringRef user_label = CFStringCreateWithCString(kCFAllocatorDefault, label_utf8, kCFStringEncodingUTF8); action(user_label, user_password); CFReleaseNull(user_password); CFReleaseNull(user_label); } static bool SecXPCDictionarySetChainOptional(xpc_object_t message, const char *key, SecCertificatePathRef path, CFErrorRef *error) { if (!path)