Added security_ocspd-55118

security_ocspd-55118/LaunchDaemons/com.apple.ocspd.plist

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>Label</key>
+	<string>com.apple.ocspd</string>
+	<key>InitGroups</key>
+	<false/>
+	<key>MachServices</key>
+	<dict>
+		<key>com.apple.ocspd</key>
+		<true/>
+	</dict>
+	<key>OnDemand</key>
+	<true/>
+	<key>ProgramArguments</key>
+	<array>
+		<string>/usr/sbin/ocspd</string>
+	</array>
+	<key>EnableTransactions</key>
+	<true/>
+	<key>POSIXSpawnType</key>
+	<string>Interactive</string>
+</dict>
+</plist>

security_ocspd-55118/config/debug.xcconfig

@@ -0,0 +1,3 @@
+GCC_OPTIMIZATION_LEVEL = 0
+GCC_PREPROCESSOR_DEFINITIONS = DEBUG=1 $(inherited)
+COPY_PHASE_STRIP = NO

security_ocspd-55118/config/project.xcconfig

@@ -0,0 +1,25 @@
+ARCHS = $(ARCHS_STANDARD_32_64_BIT)
+CODE_SIGN_IDENTITY = -;
+GCC_VERSION = com.apple.compilers.llvm.clang.1_0
+DEBUG_INFORMATION_FORMAT = dwarf-with-dsym
+SDKROOT = 
+CURRENT_PROJECT_VERSION = $(RC_ProjectSourceVersion)
+VERSIONING_SYSTEM = apple-generic;
+DEAD_CODE_STRIPPING = YES;
+
+FRAMEWORK_SEARCH_PATHS = $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks
+
+PRODUCT_NAME = $(TARGET_NAME)
+
+ALWAYS_SEARCH_USER_PATHS = NO
+
+GCC_C_LANGUAGE_STANDARD = gnu99
+
+WARNING_CFLAGS = -Wmost -Wno-four-char-constants -Wno-unknown-pragmas $(inherited)
+
+GCC_WARN_ABOUT_DEPRECATED_FUNCTIONS = NO
+
+GCC_WARN_64_TO_32_BIT_CONVERSION = YES
+GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES
+GCC_WARN_ABOUT_RETURN_TYPE = YES
+GCC_WARN_UNUSED_VARIABLE = YES

security_ocspd-55118/config/release.xcconfig

@@ -0,0 +1,3 @@
+GCC_PREPROCESSOR_DEFINITIONS = NDEBUG=1 $(inherited)
+COPY_PHASE_STRIP = YES
+

security_ocspd-55118/man/ocspd.1

@@ -0,0 +1,37 @@
+.\"Modified from man(1) of FreeBSD, the NetBSD mdoc.template, and mdoc.samples.
+.\"See Also:
+.\"man mdoc.samples for a complete listing of options
+.\"man mdoc for the short list of editing options
+.Dd Thurs Mar 31 2005             \" DATE 
+.Dt ocspd 1      \" Program name and manual section number 
+.Os Darwin
+.Sh NAME                 \" Section Header - required - don't modify 
+.Nm ocspd
+.\" The following lines are read in generating the apropos(man -k) database. Use only key
+.\" words here as the database is built based on the words here and in the .ND line. 
+.\" Use .Nm macro to designate other names for the documented program.
+.Nd OCSP and CRL Daemon
+.Sh SYNOPSIS             \" Section Header - required - don't modify
+.Nm
+.Sh DESCRIPTION          \" Section Header - required - don't modify
+.Nm
+performs caching and network fetching of Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responses. It is used by Security.framework during certificate verification. Security.framework communicates with
+.Nm
+via a private RPC interface. When Security.framework determines that a CRL is needed, or that it needs to perform an OCSP transaction, it performs an RPC to 
+.Nm
+which then examines its cache to see if the appropriate CRL or OCSP response exists and is still valid. If so, that entity is returned to Security.framework. If no entry is found in cache, 
+.Nm
+obtains it from the network, saving the result in cache before returning it to Security.framework. 
+.Pp
+This command is not intended to be invoked directly.
+.Sh FILES
+.ta \w'/private/var/db/crls/ocspcache.db\ \ 'u
+.br
+/private/var/db/crls/crlcache.db	CRL cache
+.br
+/private/var/db/crls/ocspcache.db	OCSP response cache
+.Sh HISTORY
+.Nm
+was first introduced in Mac OS X version 10.4 (Tiger).
+.Sh AUTHORS
+.An "Doug Mitchell"

security_ocspd-55118/server/attachCommon.cpp

@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * attachCommon.cpp - attach/detach to/from arbitrary module
+ */
+
+#include "attachCommon.h"
+#include <Security/Security.h>
+
+/* SPI; the framework actually contains a static lib we link against */
+#include <security_cdsa_utils/cuCdsaUtils.h>
+
+static CSSM_VERSION vers = {2, 0};
+static const CSSM_GUID dummyGuid = { 0xFADE, 0, 0, { 1,2,3,4,5,6,7,0 }};
+
+static CSSM_API_MEMORY_FUNCS memFuncs = {
+	cuAppMalloc,
+	cuAppFree,
+	cuAppRealloc,
+ 	cuAppCalloc,
+ 	NULL
+};
+
+/* load & attach; returns 0 on error */
+CSSM_HANDLE attachCommon(
+	const CSSM_GUID *guid,
+	uint32 subserviceFlags)		// CSSM_SERVICE_TP, etc.
+{
+	CSSM_HANDLE hand;
+	CSSM_RETURN crtn;
+
+	if(cuCssmStartup() == CSSM_FALSE) {
+		return 0;
+	}
+	crtn = CSSM_ModuleLoad(guid,
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,			// eventHandler
+		NULL);			// AppNotifyCallbackCtx
+	if(crtn) {
+		cssmPerror("CSSM_ModuleLoad()", crtn);
+		return 0;
+	}
+	crtn = CSSM_ModuleAttach (guid,
+		&vers,
+		&memFuncs,				// memFuncs
+		0,						// SubserviceID
+		subserviceFlags,		// SubserviceFlags
+		0,						// AttachFlags
+		CSSM_KEY_HIERARCHY_NONE,
+		NULL,					// FunctionTable
+		0,						// NumFuncTable
+		NULL,					// reserved
+		&hand);
+	if(crtn) {
+		cssmPerror("CSSM_ModuleAttach()", crtn);
+		return 0;
+	}
+	else {
+		return hand;
+	}
+}
+
+/* detach & unload */
+void detachCommon(
+	const CSSM_GUID *guid,
+	CSSM_HANDLE hand)
+{
+	CSSM_RETURN crtn = CSSM_ModuleDetach(hand);
+	if(crtn) {
+		return;
+	}
+	CSSM_ModuleUnload(guid, NULL, NULL);
+}
+
+

security_ocspd-55118/server/attachCommon.h

@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ * 
+ * @APPLE_LICENSE_HEADER_START@
+ * 
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ * 
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ * 
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * attachCommon.h - attach/detach to/from arbitrary module
+ */
+
+#ifndef	_ATTACH_COMMON_H_
+#define _ATTACH_COMMON_H_
+
+#include <Security/cssmtype.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* load & attach; returns 0 on error */
+CSSM_HANDLE attachCommon(
+	const CSSM_GUID *guid,
+	uint32 subserviceFlags);		// CSSM_SERVICE_TP, etc.
+
+/* detach & unload */
+void detachCommon(
+	const CSSM_GUID *guid,
+	CSSM_HANDLE hand);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif	/* _ATTACH_COMMON_H_ */
+