From 60849d0aca881b35944eceaadd65ac97ab8fafc7 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Wed, 19 Jun 2024 16:56:32 -0400 Subject: [PATCH] Forward XPC peer information to the control session --- Daemon/Daemon.swift | 20 ++++++++++++++++++++ PAM/pam_interauth.c | 2 +- README.md | 1 + Tool/main.swift | 6 +++++- 4 files changed, 27 insertions(+), 2 deletions(-) diff --git a/Daemon/Daemon.swift b/Daemon/Daemon.swift index 7e3ef41..6bc9ee4 100644 --- a/Daemon/Daemon.swift +++ b/Daemon/Daemon.swift @@ -5,9 +5,17 @@ // Created by Robert Sesek on 6/19/24. // +import Darwin import Foundation import OSLog +@_silgen_name("proc_pidpath") +func proc_pidpath( + _ pid: pid_t, + _ string: UnsafeMutablePointer?, + _ size: UInt32 +) -> Int + extension OS_xpc_object { func description() -> String { let d = xpc_copy_description(self) @@ -116,10 +124,22 @@ class Daemon { return } + let peerPid = xpc_connection_get_pid(authConn) + let peerUid = xpc_connection_get_euid(authConn) + var peerPath = "" + let path = UnsafeMutablePointer.allocate(capacity: Int(MAXPATHLEN)) + if proc_pidpath(peerPid, path, UInt32(MAXPATHLEN)) > 0 { + peerPath = String(cString: path) + } + path.deallocate() + log.log("Received authentication request, forwarding to control: \(obj.description, privacy: .public)") let req = xpc_dictionary_create_empty() xpc_dictionary_set_value(req, "request", obj) + xpc_dictionary_set_int64(req, "pid", Int64(peerPid)) + xpc_dictionary_set_int64(req, "uid", Int64(peerUid)) + xpc_dictionary_set_string(req, "path", peerPath.cString(using: .utf8) ?? []) xpc_connection_send_message_with_reply(connection!, req, nil) { response in self.log.log("Received control channel response: \(response.description, privacy: .public)") xpc_dictionary_set_string(reply, "reply", "authenticate") diff --git a/PAM/pam_interauth.c b/PAM/pam_interauth.c index fada8de..43ba01b 100644 --- a/PAM/pam_interauth.c +++ b/PAM/pam_interauth.c @@ -5,8 +5,8 @@ // Created by Robert Sesek on 6/19/24. // -#include #include +#include #include #define PAM_SM_AUTH diff --git a/README.md b/README.md index 6d3bb04..6ec4fd5 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ Edit these files and insert the following as the first line: - /etc/pam.d/login - /etc/pam.d/authorization - /etc/pam.d/screensaver +- /etc/pam.d/screensaver_new ``` auth sufficient /Library/InterAuth.bundle/Contents/Libraries/pam_interauth.so.2 diff --git a/Tool/main.swift b/Tool/main.swift index 2b13b23..4c5140e 100644 --- a/Tool/main.swift +++ b/Tool/main.swift @@ -39,9 +39,14 @@ xpc_connection_set_event_handler(conn) { (msg: xpc_object_t) in } print("\n*** Authentication Request ***") + print(" PAM:") print(" User = \(getXPCString(req, "user"))") print(" Service = \(getXPCString(req, "service"))") print(" Applicant = \(getXPCString(req, "applicant"))") + print(" Application:") + print(" PID = \(xpc_dictionary_get_int64(msg, "pid"))") + print(" UID = \(xpc_dictionary_get_int64(msg, "uid"))") + print(" Path = \(getXPCString(msg, "path"))") var authorize = false while true { @@ -70,4 +75,3 @@ xpc_dictionary_set_string(ping, "action", "ping") xpc_connection_send_message(conn, ping) dispatchMain() - -- 2.43.5