diff options
| author | lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-21 20:55:05 +0000 |
|---|---|---|
| committer | lambroslambrou@chromium.org <lambroslambrou@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-03-21 20:55:05 +0000 |
| commit | ef12d1e6acb871dbd01f330d0b10ada24d209371 (patch) | |
| tree | 1b8976cebc4c141acb3e314406d662a7931a731b /chrome/browser/mac | |
| parent | a160baecdd408a80a6861635a398011622f04718 (diff) | |
| download | chromium_src-ef12d1e6acb871dbd01f330d0b10ada24d209371.zip chromium_src-ef12d1e6acb871dbd01f330d0b10ada24d209371.tar.gz chromium_src-ef12d1e6acb871dbd01f330d0b10ada24d209371.tar.bz2 | |
Move authorization_util files into base/mac.
No logical code changes in this CL. This moves some Mac utilities from
chrome/browser/mac to base/mac, so they can be used by the Remoting Host
plugin code in remoting/host/plugin
BUG=None
TEST=Compiles, unit_tests run
Review URL: https://chromiumcodereview.appspot.com/9764013
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@128053 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/mac')
| -rw-r--r-- | chrome/browser/mac/authorization_util.h | 67 | ||||
| -rw-r--r-- | chrome/browser/mac/authorization_util.mm | 185 | ||||
| -rw-r--r-- | chrome/browser/mac/install_from_dmg.mm | 12 | ||||
| -rw-r--r-- | chrome/browser/mac/keystone_glue.h | 6 | ||||
| -rw-r--r-- | chrome/browser/mac/keystone_glue.mm | 12 | ||||
| -rwxr-xr-x | chrome/browser/mac/keystone_promote_postflight.sh | 4 | ||||
| -rwxr-xr-x | chrome/browser/mac/keystone_promote_preflight.sh | 4 | ||||
| -rw-r--r-- | chrome/browser/mac/scoped_authorizationref.h | 80 |
8 files changed, 19 insertions, 351 deletions
diff --git a/chrome/browser/mac/authorization_util.h b/chrome/browser/mac/authorization_util.h deleted file mode 100644 index c25f0cb..0000000 --- a/chrome/browser/mac/authorization_util.h +++ /dev/null @@ -1,67 +0,0 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_BROWSER_MAC_AUTHORIZATION_UTIL_H_ -#define CHROME_BROWSER_MAC_AUTHORIZATION_UTIL_H_ -#pragma once - -// AuthorizationExecuteWithPrivileges fork()s and exec()s the tool, but it -// does not wait() for it. It also doesn't provide the caller with access to -// the forked pid. If used irresponsibly, zombie processes will accumulate. -// -// Apple's really gotten us between a rock and a hard place, here. -// -// Fortunately, AuthorizationExecuteWithPrivileges does give access to the -// tool's stdout (and stdin) via a FILE* pipe. The tool can output its pid -// to this pipe, and the main program can read it, and then have something -// that it can wait() for. -// -// The contract is that any tool executed by the wrappers declared in this -// file must print its pid to stdout on a line by itself before doing anything -// else. -// -// http://developer.apple.com/library/mac/#samplecode/BetterAuthorizationSample/Listings/BetterAuthorizationSampleLib_c.html -// (Look for "What's This About Zombies?") - -#include <CoreFoundation/CoreFoundation.h> -#include <Security/Authorization.h> -#include <stdio.h> -#include <sys/types.h> - -namespace authorization_util { - -// Obtains an AuthorizationRef that can be used to run commands as root. If -// necessary, prompts the user for authentication. If the user is prompted, -// |prompt| will be used as the prompt string and an icon appropriate for the -// application will be displayed in a prompt dialog. Note that the system -// appends its own text to the prompt string. Returns NULL on failure. -AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt); - -// Calls straight through to AuthorizationExecuteWithPrivileges. If that -// call succeeds, |pid| will be set to the pid of the executed tool. If the -// pid can't be determined, |pid| will be set to -1. |pid| must not be NULL. -// |pipe| may be NULL, but the tool will always be executed with a pipe in -// order to read the pid from its stdout. -OSStatus ExecuteWithPrivilegesAndGetPID(AuthorizationRef authorization, - const char* tool_path, - AuthorizationFlags options, - const char** arguments, - FILE** pipe, - pid_t* pid); - -// Calls ExecuteWithPrivilegesAndGetPID, and if that call succeeds, calls -// waitpid() to wait for the process to exit. If waitpid() succeeds, the -// exit status is placed in |exit_status|, otherwise, -1 is stored. -// |exit_status| may be NULL and this function will still wait for the process -// to exit. -OSStatus ExecuteWithPrivilegesAndWait(AuthorizationRef authorization, - const char* tool_path, - AuthorizationFlags options, - const char** arguments, - FILE** pipe, - int* exit_status); - -} // namespace authorization_util - -#endif // CHROME_BROWSER_MAC_AUTHORIZATION_UTIL_H_ diff --git a/chrome/browser/mac/authorization_util.mm b/chrome/browser/mac/authorization_util.mm deleted file mode 100644 index 734ee7f..0000000 --- a/chrome/browser/mac/authorization_util.mm +++ /dev/null @@ -1,185 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/browser/mac/authorization_util.h" - -#import <Foundation/Foundation.h> -#include <sys/wait.h> - -#include <string> - -#include "base/basictypes.h" -#include "base/eintr_wrapper.h" -#include "base/logging.h" -#include "base/mac/bundle_locations.h" -#include "base/mac/mac_logging.h" -#import "base/mac/mac_util.h" -#include "base/string_number_conversions.h" -#include "base/string_util.h" -#include "chrome/browser/mac/scoped_authorizationref.h" - -namespace authorization_util { - -AuthorizationRef AuthorizationCreateToRunAsRoot(CFStringRef prompt) { - // Create an empty AuthorizationRef. - ScopedAuthorizationRef authorization; - OSStatus status = AuthorizationCreate(NULL, - kAuthorizationEmptyEnvironment, - kAuthorizationFlagDefaults, - &authorization); - if (status != errAuthorizationSuccess) { - OSSTATUS_LOG(ERROR, status) << "AuthorizationCreate"; - return NULL; - } - - // Specify the "system.privilege.admin" right, which allows - // AuthorizationExecuteWithPrivileges to run commands as root. - AuthorizationItem right_items[] = { - {kAuthorizationRightExecute, 0, NULL, 0} - }; - AuthorizationRights rights = {arraysize(right_items), right_items}; - - // product_logo_32.png is used instead of app.icns because Authorization - // Services can't deal with .icns files. - NSString* icon_path = - [base::mac::FrameworkBundle() pathForResource:@"product_logo_32" - ofType:@"png"]; - const char* icon_path_c = [icon_path fileSystemRepresentation]; - size_t icon_path_length = icon_path_c ? strlen(icon_path_c) : 0; - - // The OS will append " Type an administrator's name and password to allow - // <CFBundleDisplayName> to make changes." - NSString* prompt_ns = base::mac::CFToNSCast(prompt); - const char* prompt_c = [prompt_ns UTF8String]; - size_t prompt_length = prompt_c ? strlen(prompt_c) : 0; - - AuthorizationItem environment_items[] = { - {kAuthorizationEnvironmentIcon, icon_path_length, (void*)icon_path_c, 0}, - {kAuthorizationEnvironmentPrompt, prompt_length, (void*)prompt_c, 0} - }; - - AuthorizationEnvironment environment = {arraysize(environment_items), - environment_items}; - - AuthorizationFlags flags = kAuthorizationFlagDefaults | - kAuthorizationFlagInteractionAllowed | - kAuthorizationFlagExtendRights | - kAuthorizationFlagPreAuthorize; - - status = AuthorizationCopyRights(authorization, - &rights, - &environment, - flags, - NULL); - if (status != errAuthorizationSuccess) { - if (status != errAuthorizationCanceled) { - OSSTATUS_LOG(ERROR, status) << "AuthorizationCopyRights"; - } - return NULL; - } - - return authorization.release(); -} - -OSStatus ExecuteWithPrivilegesAndGetPID(AuthorizationRef authorization, - const char* tool_path, - AuthorizationFlags options, - const char** arguments, - FILE** pipe, - pid_t* pid) { - // pipe may be NULL, but this function needs one. In that case, use a local - // pipe. - FILE* local_pipe; - FILE** pipe_pointer; - if (pipe) { - pipe_pointer = pipe; - } else { - pipe_pointer = &local_pipe; - } - - // AuthorizationExecuteWithPrivileges wants |char* const*| for |arguments|, - // but it doesn't actually modify the arguments, and that type is kind of - // silly and callers probably aren't dealing with that. Put the cast here - // to make things a little easier on callers. - OSStatus status = AuthorizationExecuteWithPrivileges(authorization, - tool_path, - options, - (char* const*)arguments, - pipe_pointer); - if (status != errAuthorizationSuccess) { - return status; - } - - int line_pid = -1; - size_t line_length = 0; - char* line_c = fgetln(*pipe_pointer, &line_length); - if (line_c) { - if (line_length > 0 && line_c[line_length - 1] == '\n') { - // line_c + line_length is the start of the next line if there is one. - // Back up one character. - --line_length; - } - std::string line(line_c, line_length); - if (!base::StringToInt(line, &line_pid)) { - // StringToInt may have set line_pid to something, but if the conversion - // was imperfect, use -1. - LOG(ERROR) << "ExecuteWithPrivilegesAndGetPid: funny line: " << line; - line_pid = -1; - } - } else { - LOG(ERROR) << "ExecuteWithPrivilegesAndGetPid: no line"; - } - - if (!pipe) { - fclose(*pipe_pointer); - } - - if (pid) { - *pid = line_pid; - } - - return status; -} - -OSStatus ExecuteWithPrivilegesAndWait(AuthorizationRef authorization, - const char* tool_path, - AuthorizationFlags options, - const char** arguments, - FILE** pipe, - int* exit_status) { - pid_t pid; - OSStatus status = ExecuteWithPrivilegesAndGetPID(authorization, - tool_path, - options, - arguments, - pipe, - &pid); - if (status != errAuthorizationSuccess) { - return status; - } - - // exit_status may be NULL, but this function needs it. In that case, use a - // local version. - int local_exit_status; - int* exit_status_pointer; - if (exit_status) { - exit_status_pointer = exit_status; - } else { - exit_status_pointer = &local_exit_status; - } - - if (pid != -1) { - pid_t wait_result = HANDLE_EINTR(waitpid(pid, exit_status_pointer, 0)); - if (wait_result != pid) { - PLOG(ERROR) << "waitpid"; - *exit_status_pointer = -1; - } - } else { - *exit_status_pointer = -1; - } - - return status; -} - -} // namespace authorization_util diff --git a/chrome/browser/mac/install_from_dmg.mm b/chrome/browser/mac/install_from_dmg.mm index 1d11ecd..dc6bca4 100644 --- a/chrome/browser/mac/install_from_dmg.mm +++ b/chrome/browser/mac/install_from_dmg.mm @@ -21,16 +21,16 @@ #include "base/command_line.h" #include "base/file_path.h" #include "base/logging.h" +#include "base/mac/authorization_util.h" #include "base/mac/bundle_locations.h" #include "base/mac/mac_logging.h" #import "base/mac/mac_util.h" +#include "base/mac/scoped_authorizationref.h" #include "base/mac/scoped_cftyperef.h" #include "base/mac/scoped_nsautorelease_pool.h" #include "base/string_util.h" #include "base/sys_string_conversions.h" -#include "chrome/browser/mac/authorization_util.h" #include "chrome/browser/mac/dock.h" -#include "chrome/browser/mac/scoped_authorizationref.h" #include "chrome/browser/mac/scoped_ioobject.h" #import "chrome/browser/mac/keystone_glue.h" #include "chrome/browser/mac/relauncher.h" @@ -279,7 +279,7 @@ AuthorizationRef MaybeShowAuthorizationDialog(NSString* application_directory) { NSString* prompt = l10n_util::GetNSStringFWithFixup( IDS_INSTALL_FROM_DMG_AUTHENTICATION_PROMPT, l10n_util::GetStringUTF16(IDS_PRODUCT_NAME)); - return authorization_util::AuthorizationCreateToRunAsRoot( + return base::mac::AuthorizationCreateToRunAsRoot( base::mac::NSToCFCast(prompt)); } @@ -292,7 +292,7 @@ bool InstallFromDiskImage(AuthorizationRef authorization_arg, NSString* installer_path, NSString* source_path, NSString* target_path) { - ScopedAuthorizationRef authorization(authorization_arg); + base::mac::ScopedAuthorizationRef authorization(authorization_arg); authorization_arg = NULL; int exit_status; if (authorization) { @@ -301,7 +301,7 @@ bool InstallFromDiskImage(AuthorizationRef authorization_arg, const char* target_path_c = [target_path fileSystemRepresentation]; const char* arguments[] = {source_path_c, target_path_c, NULL}; - OSStatus status = authorization_util::ExecuteWithPrivilegesAndWait( + OSStatus status = base::mac::ExecuteWithPrivilegesAndWait( authorization, installer_path_c, kAuthorizationFlagDefaults, @@ -448,7 +448,7 @@ bool MaybeInstallFromDiskImage() { return false; } - ScopedAuthorizationRef authorization( + base::mac::ScopedAuthorizationRef authorization( MaybeShowAuthorizationDialog(application_directory)); // authorization will be NULL if it's deemed unnecessary or if // authentication fails. In either case, try to install without privilege diff --git a/chrome/browser/mac/keystone_glue.h b/chrome/browser/mac/keystone_glue.h index c57219b..755b408d 100644 --- a/chrome/browser/mac/keystone_glue.h +++ b/chrome/browser/mac/keystone_glue.h @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -12,8 +12,8 @@ #import <Foundation/Foundation.h> +#include "base/mac/scoped_authorizationref.h" #import "base/memory/scoped_nsobject.h" -#include "chrome/browser/mac/scoped_authorizationref.h" // Possible outcomes of various operations. A version may accompany some of // these, but beware: a version is never required. For statuses that can be @@ -94,7 +94,7 @@ enum BrandFileType { // The authorization object, when it needs to persist because it's being // carried across threads. - ScopedAuthorizationRef authorization_; + base::mac::ScopedAuthorizationRef authorization_; // YES if a synchronous promotion operation is in progress (promotion during // installation). diff --git a/chrome/browser/mac/keystone_glue.mm b/chrome/browser/mac/keystone_glue.mm index 35eaca9..8b00373 100644 --- a/chrome/browser/mac/keystone_glue.mm +++ b/chrome/browser/mac/keystone_glue.mm @@ -13,6 +13,7 @@ #include "base/file_util.h" #include "base/location.h" #include "base/logging.h" +#include "base/mac/authorization_util.h" #include "base/mac/bundle_locations.h" #include "base/mac/mac_logging.h" #include "base/mac/mac_util.h" @@ -21,7 +22,6 @@ #include "base/memory/ref_counted.h" #include "base/sys_string_conversions.h" #include "base/threading/worker_pool.h" -#include "chrome/browser/mac/authorization_util.h" #import "chrome/browser/mac/keystone_registration.h" #include "chrome/common/chrome_constants.h" #include "chrome/common/chrome_version_info.h" @@ -778,8 +778,8 @@ NSString* const kVersionKey = @"KSVersion"; NSString* prompt = l10n_util::GetNSStringFWithFixup( IDS_PROMOTE_AUTHENTICATION_PROMPT, l10n_util::GetStringUTF16(IDS_PRODUCT_NAME)); - ScopedAuthorizationRef authorization( - authorization_util::AuthorizationCreateToRunAsRoot( + base::mac::ScopedAuthorizationRef authorization( + base::mac::AuthorizationCreateToRunAsRoot( base::mac::NSToCFCast(prompt))); if (!authorization.get()) { return; @@ -790,7 +790,7 @@ NSString* const kVersionKey = @"KSVersion"; - (void)promoteTicketWithAuthorization:(AuthorizationRef)authorization_arg synchronous:(BOOL)synchronous { - ScopedAuthorizationRef authorization(authorization_arg); + base::mac::ScopedAuthorizationRef authorization(authorization_arg); authorization_arg = NULL; if ([self asyncOperationPending]) { @@ -846,7 +846,7 @@ NSString* const kVersionKey = @"KSVersion"; const char* arguments[] = {userBrandFile, systemBrandFile, NULL}; int exit_status; - OSStatus status = authorization_util::ExecuteWithPrivilegesAndWait( + OSStatus status = base::mac::ExecuteWithPrivilegesAndWait( authorization, preflightPathC, kAuthorizationFlagDefaults, @@ -934,7 +934,7 @@ NSString* const kVersionKey = @"KSVersion"; const char* arguments[] = {appPathC, NULL}; int exit_status; - OSStatus status = authorization_util::ExecuteWithPrivilegesAndWait( + OSStatus status = base::mac::ExecuteWithPrivilegesAndWait( authorization_, toolPathC, kAuthorizationFlagDefaults, diff --git a/chrome/browser/mac/keystone_promote_postflight.sh b/chrome/browser/mac/keystone_promote_postflight.sh index 6344cd3..9624004 100755 --- a/chrome/browser/mac/keystone_promote_postflight.sh +++ b/chrome/browser/mac/keystone_promote_postflight.sh @@ -1,6 +1,6 @@ #!/bin/bash -p -# Copyright (c) 2011 The Chromium Authors. All rights reserved. +# Copyright (c) 2012 The Chromium Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. @@ -25,7 +25,7 @@ set -e export PATH="/usr/bin:/usr/sbin:/bin:/sbin" # Output the pid to stdout before doing anything else. See -# chrome/browser/mac/authorization_util.h. +# base/mac/authorization_util.h. echo "${$}" if [ ${#} -ne 1 ] ; then diff --git a/chrome/browser/mac/keystone_promote_preflight.sh b/chrome/browser/mac/keystone_promote_preflight.sh index e054ff0..6582e08 100755 --- a/chrome/browser/mac/keystone_promote_preflight.sh +++ b/chrome/browser/mac/keystone_promote_preflight.sh @@ -1,6 +1,6 @@ #!/bin/bash -p -# Copyright (c) 2011 The Chromium Authors. All rights reserved. +# Copyright (c) 2012 The Chromium Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. @@ -26,7 +26,7 @@ set -e export PATH="/usr/bin:/usr/sbin:/bin:/sbin" # Output the pid to stdout before doing anything else. See -# chrome/browser/mac/authorization_util.h. +# base/mac/authorization_util.h. echo "${$}" if [ ${#} -ne 0 ] && [ ${#} -ne 2 ] ; then diff --git a/chrome/browser/mac/scoped_authorizationref.h b/chrome/browser/mac/scoped_authorizationref.h deleted file mode 100644 index fbe0b9d..0000000 --- a/chrome/browser/mac/scoped_authorizationref.h +++ /dev/null @@ -1,80 +0,0 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_BROWSER_MAC_SCOPED_AUTHORIZATIONREF_H_ -#define CHROME_BROWSER_MAC_SCOPED_AUTHORIZATIONREF_H_ -#pragma once - -#include <Security/Authorization.h> - -#include "base/basictypes.h" -#include "base/compiler_specific.h" - -// ScopedAuthorizationRef maintains ownership of an AuthorizationRef. It is -// patterned after the scoped_ptr interface. - -class ScopedAuthorizationRef { - public: - explicit ScopedAuthorizationRef(AuthorizationRef authorization = NULL) - : authorization_(authorization) { - } - - ~ScopedAuthorizationRef() { - if (authorization_) { - AuthorizationFree(authorization_, kAuthorizationFlagDestroyRights); - } - } - - void reset(AuthorizationRef authorization = NULL) { - if (authorization_ != authorization) { - if (authorization_) { - AuthorizationFree(authorization_, kAuthorizationFlagDestroyRights); - } - authorization_ = authorization; - } - } - - bool operator==(AuthorizationRef that) const { - return authorization_ == that; - } - - bool operator!=(AuthorizationRef that) const { - return authorization_ != that; - } - - operator AuthorizationRef() const { - return authorization_; - } - - AuthorizationRef* operator&() { - return &authorization_; - } - - AuthorizationRef get() const { - return authorization_; - } - - void swap(ScopedAuthorizationRef& that) { - AuthorizationRef temp = that.authorization_; - that.authorization_ = authorization_; - authorization_ = temp; - } - - // ScopedAuthorizationRef::release() is like scoped_ptr<>::release. It is - // NOT a wrapper for AuthorizationFree(). To force a - // ScopedAuthorizationRef object to call AuthorizationFree(), use - // ScopedAuthorizationRef::reset(). - AuthorizationRef release() WARN_UNUSED_RESULT { - AuthorizationRef temp = authorization_; - authorization_ = NULL; - return temp; - } - - private: - AuthorizationRef authorization_; - - DISALLOW_COPY_AND_ASSIGN(ScopedAuthorizationRef); -}; - -#endif // CHROME_BROWSER_MAC_SCOPED_AUTHORIZATIONREF_H_ |