mirror of
https://github.com/nmap/nmap.git
synced 2025-12-06 04:31:29 +00:00
New Zenmap auth_wrapper in Objective-C
This commit is contained in:
vincent
@@ -12,7 +12,7 @@ export ZENMAP_BUILD_DIR
|
||||
BASE=$ZENMAP_DIST_DIR/$APP_NAME.app/Contents
|
||||
SCRIPT_DIR=`dirname "$0"`
|
||||
|
||||
CC=${CC:-gcc}
|
||||
CC=${CC:-clang}
|
||||
CFLAGS=${CFLAGS:--Wall -arch i386}
|
||||
|
||||
echo "Running $0."
|
||||
@@ -62,8 +62,8 @@ mv $BASE/MacOS/$APP_NAME $BASE/MacOS/zenmap.bin
|
||||
rm $BASE/MacOS/$APP_NAME-bin
|
||||
|
||||
echo "Compiling and installing authorization wrapper."
|
||||
echo $CC $CPPFLAGS $CFLAGS $LDFLAGS -framework Security -o "$BASE/MacOS/$APP_NAME" "$SCRIPT_DIR/zenmap_auth.c"
|
||||
$CC $CPPFLAGS $CFLAGS $LDFLAGS -framework Security -o "$BASE/MacOS/$APP_NAME" "$SCRIPT_DIR/zenmap_auth.c"
|
||||
echo $CC $CPPFLAGS $CFLAGS $LDFLAGS -v "$SCRIPT_DIR/zenmap_auth.m" -lobjc -framework Foundation -o "$BASE/MacOS/$APP_NAME"
|
||||
$CC $CPPFLAGS $CFLAGS $LDFLAGS -v "$SCRIPT_DIR/zenmap_auth.m" -lobjc -framework Foundation -o "$BASE/MacOS/$APP_NAME"
|
||||
|
||||
echo "Filling out Info.plist"
|
||||
python - "$SCRIPT_DIR/Info.plist" >"$BASE/Info.plist" <<'EOF'
|
||||
|
||||
@@ -1,73 +0,0 @@
|
||||
/*
|
||||
This program attempts to run the program EXECUTABLE_NAME in the same
|
||||
directory as itself using AuthorizationExecuteWithPrivileges. If the
|
||||
authorization fails or is canceled, EXECUTABLE_NAME is run without
|
||||
privileges using a plain exec.
|
||||
|
||||
This program is the first link in the chain
|
||||
zenmap_auth -> zenmap_wrapper.py -> zenmap.bin
|
||||
*/
|
||||
|
||||
#include <errno.h>
|
||||
#include <libgen.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include <Security/Authorization.h>
|
||||
#include <Security/AuthorizationTags.h>
|
||||
|
||||
#define EXECUTABLE_NAME "zenmap.bin"
|
||||
|
||||
int main(int argc, char *argv[]) {
|
||||
AuthorizationItem items[] = {
|
||||
{ kAuthorizationRightExecute, 0, NULL, 0 }
|
||||
};
|
||||
AuthorizationRights rights = { 1, items };
|
||||
AuthorizationRef ref;
|
||||
AuthorizationFlags flags;
|
||||
OSStatus status;
|
||||
char executable_path[1024];
|
||||
const char *cwd;
|
||||
size_t len_cwd;
|
||||
int return_code;
|
||||
|
||||
cwd = dirname(argv[0]);
|
||||
len_cwd = strlen(cwd);
|
||||
if (sizeof(executable_path) < len_cwd + strlen("/") + strlen(EXECUTABLE_NAME) + 1) {
|
||||
fprintf(stderr, "Not enough room to store executable path: %s\n", strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
strcpy(executable_path, cwd);
|
||||
executable_path[len_cwd] = '/';
|
||||
strcpy(executable_path + len_cwd + 1, EXECUTABLE_NAME);
|
||||
|
||||
flags = kAuthorizationFlagDefaults
|
||||
| kAuthorizationFlagInteractionAllowed
|
||||
| kAuthorizationFlagPreAuthorize
|
||||
| kAuthorizationFlagExtendRights;
|
||||
status = AuthorizationCreate(&rights, kAuthorizationEmptyEnvironment, flags, &ref);
|
||||
if (status != errAuthorizationSuccess) {
|
||||
if (status != errAuthorizationCanceled)
|
||||
fprintf(stderr, "Couldn't create authorization reference (status code %ld).\n", status);
|
||||
errno = 0;
|
||||
execv(executable_path, argv);
|
||||
fprintf(stderr, "Couldn't exec '%s': %s.\n", executable_path, strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
|
||||
status = AuthorizationExecuteWithPrivileges(ref, executable_path,
|
||||
kAuthorizationFlagDefaults, argv + 1, NULL);
|
||||
AuthorizationFree(ref, kAuthorizationFlagDefaults);
|
||||
if (status != errAuthorizationSuccess) {
|
||||
fprintf(stderr, "Couldn't execute '%s' with privileges (status code %ld).\n", executable_path, status);
|
||||
errno = 0;
|
||||
execv(executable_path, argv);
|
||||
fprintf(stderr, "Couldn't exec '%s': %s.\n", executable_path, strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
|
||||
wait(&return_code);
|
||||
exit(return_code);
|
||||
}
|
||||
47
zenmap/install_scripts/macosx/zenmap_auth.m
Normal file
47
zenmap/install_scripts/macosx/zenmap_auth.m
Normal file
@@ -0,0 +1,47 @@
|
||||
//
|
||||
// zenmap_auth.m
|
||||
// Objective-C
|
||||
//
|
||||
// This program attempts to run an applescript script which asks for root
|
||||
// privileges. If the authorization fails or is canceled, Zenmap is run
|
||||
// without privileges using applescript.
|
||||
//
|
||||
// This program is the first link in the chain:
|
||||
// zenmap_auth -> zenmap_wrapper.py -> zenmap.bin
|
||||
//
|
||||
|
||||
#import <Foundation/Foundation.h>
|
||||
#import <libgen.h>
|
||||
#define EXECUTABLE_NAME "zenmap.bin"
|
||||
|
||||
int main(int argc, const char * argv[]) {
|
||||
@autoreleasepool {
|
||||
NSString *executable_path;
|
||||
NSString *cwd;
|
||||
size_t len_cwd;
|
||||
|
||||
cwd = [[NSBundle mainBundle] bundlePath];
|
||||
len_cwd = [cwd length];
|
||||
executable_path = cwd;
|
||||
executable_path = [NSString stringWithFormat:@"%@/Contents/MacOS/%s", executable_path, EXECUTABLE_NAME];
|
||||
NSLog(@"%@",executable_path);
|
||||
|
||||
NSDictionary *error = [NSDictionary new];
|
||||
NSString *script = [NSString stringWithFormat:@"do shell script \"%@ %s\" with administrator privileges", executable_path, (char*)argv];
|
||||
NSAppleScript *appleScript = [[NSAppleScript alloc] initWithSource:script];
|
||||
if ([appleScript executeAndReturnError:&error]) {
|
||||
NSLog(@"success!");
|
||||
} else {
|
||||
NSLog(@"failure!");
|
||||
NSDictionary *error = [NSDictionary new];
|
||||
NSString *script = [NSString stringWithFormat:@"do shell script \"%@ %s\"", executable_path, (char*)argv];
|
||||
NSAppleScript *appleScript = [[NSAppleScript alloc] initWithSource:script];
|
||||
if ([appleScript executeAndReturnError:&error]) {
|
||||
NSLog(@"success!");
|
||||
} else {
|
||||
NSLog(@"total failure!");
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
Reference in New Issue
Block a user