Cradicle Explorer
darling-security
/ securityd / src / tokencache.h
tokencache.h
  1  /*
  2   * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
  3   * 
  4   * @APPLE_LICENSE_HEADER_START@
  5   * 
  6   * This file contains Original Code and/or Modifications of Original Code
  7   * as defined in and that are subject to the Apple Public Source License
  8   * Version 2.0 (the 'License'). You may not use this file except in
  9   * compliance with the License. Please obtain a copy of the License at
 10   * http://www.opensource.apple.com/apsl/ and read it before using this
 11   * file.
 12   * 
 13   * The Original Code and all software distributed under the License are
 14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 18   * Please see the License for the specific language governing rights and
 19   * limitations under the License.
 20   * 
 21   * @APPLE_LICENSE_HEADER_END@
 22   */
 23  
 24  
 25  //
 26  // tokencache - persistent (on-disk) hardware token directory
 27  //
 28  #ifndef _H_TOKENCACHE
 29  #define _H_TOKENCACHE
 30  
 31  #include <security_utilities/refcount.h>
 32  #include <Security/cssm.h>
 33  
 34  
 35  //
 36  // A little helper
 37  //
 38  class Rooted {
 39  public:
 40  	Rooted() { }
 41  	Rooted(const char *root) : mRoot(root) { }
 42  	Rooted(const string &root) : mRoot(root) { }
 43  	
 44  	string root() const { return mRoot; }
 45  	string path(const char *sub) const;
 46  	string path(const string &sub) const { return path(sub.c_str()); }
 47  
 48  protected:
 49  	void root(const string &s);
 50  
 51  private:
 52  	string mRoot;				// root of this tree
 53  };
 54  
 55  
 56  //
 57  // An on-disk cache area.
 58  // You'll only want a single one, though nothing keeps you from
 59  // making multiples if you like.
 60  //
 61  class TokenCache : public Rooted {
 62  public:
 63  	TokenCache(const char *root);
 64  	~TokenCache();
 65  	
 66  	uid_t tokendUid() const { return mTokendUid; }
 67  	gid_t tokendGid() const { return mTokendGid; }
 68  	
 69  public:
 70  	class Token : public RefCount, public Rooted {
 71  	public:
 72  		friend class TokenCache;
 73  		Token(TokenCache &cache, const std::string &uid);
 74  		Token(TokenCache &cache);
 75  		~Token();
 76  		
 77  		enum Type { existing, created, temporary };
 78  		Type type() const { return mType; }
 79  
 80  		TokenCache &cache;
 81  		uint32 subservice() const { return mSubservice; }
 82  		string workPath() const;
 83  		string cachePath() const;
 84  		
 85  		string printName() const;
 86  		void printName(const string &name);
 87  		
 88  		uid_t tokendUid() const { return cache.tokendUid(); }
 89  		gid_t tokendGid() const { return cache.tokendGid(); }
 90  	
 91  	protected:		
 92  		void init(Type type);
 93  
 94  	private:
 95  		uint32 mSubservice;		// subservice id assigned
 96  		Type mType;				// type of Token cache entry
 97  	};
 98  
 99  public:
100  	uint32 allocateSubservice();
101  
102  private:
103  	enum Owner { securityd, tokend };
104  	void makedir(const char *path, int flags, mode_t mode, Owner owner);
105  	void makedir(const string &path, int flags, mode_t mode, Owner owner)
106  	{ return makedir(path.c_str(), flags, mode, owner); }
107  	
108  private:
109  	uint32 mLastSubservice; // last subservice id issued
110  
111  	uid_t mTokendUid;		// uid of daemons accessing this token cache
112  	gid_t mTokendGid;		// gid of daemons accessing this token cache
113  };
114  
115  
116  #endif //_H_TOKENCACHE