github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-21 05:43:59 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Pass authtoken in from user, and add a wrapper for web UI on Mac.

Browse source
This commit is contained in:
Adam Ierymenko 2015-05-06 20:41:51 -07:00
commit 5b54612d91
68 changed files with 7537 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

110
ext/mac-ui-macgap1-wrapper/MacGap/AppDelegate.m Normal file
View file

@ -0,0 +1,110 @@
//
// AppDelegate.m
// MacGap
//
// Created by Alex MacCaw on 08/01/2012.
// Copyright (c) 2012 Twitter. All rights reserved.
//
#import "AppDelegate.h"
@implementation AppDelegate
@synthesize windowController;
- (void) applicationWillFinishLaunching:(NSNotification *)aNotification
{
}
-(BOOL)applicationShouldHandleReopen:(NSApplication*)application
hasVisibleWindows:(BOOL)visibleWindows{
if(!visibleWindows){
[self.windowController.window makeKeyAndOrderFront: nil];
}
return YES;
}
- (BOOL)applicationShouldTerminateAfterLastWindowClosed:(NSApplication *)theApplication {
return YES;
}
- (void) applicationDidFinishLaunching:(NSNotification *)aNotification {
// Create authorization reference
OSStatus status;
AuthorizationRef authorizationRef;
// AuthorizationCreate and pass NULL as the initial
// AuthorizationRights set so that the AuthorizationRef gets created
// successfully, and then later call AuthorizationCopyRights to
// determine or extend the allowable rights.
// http://developer.apple.com/qa/qa2001/qa1172.html
status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &authorizationRef);
if (status != errAuthorizationSuccess)
{
NSLog(@"Error Creating Initial Authorization: %d", status);
return;
}
// kAuthorizationRightExecute == "system.privilege.admin"
AuthorizationItem right = {kAuthorizationRightExecute, 0, NULL, 0};
AuthorizationRights rights = {1, &right};
AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights;
// Call AuthorizationCopyRights to determine or extend the allowable rights.
status = AuthorizationCopyRights(authorizationRef, &rights, NULL, flags, NULL);
if (status != errAuthorizationSuccess)
{
NSLog(@"Copy Rights Unsuccessful: %d", status);
return;
}
// use rm tool with -rf
char *tool = "/bin/cat";
char *args[] = {"/Library/Application Support/ZeroTier/One/authtoken.secret", NULL};
FILE *pipe = NULL;
status = AuthorizationExecuteWithPrivileges(authorizationRef, tool, kAuthorizationFlagDefaults, args, &pipe);
if (status != errAuthorizationSuccess)
{
NSLog(@"Error: %d", status);
}
char url[16384];
memset(url,0,sizeof(url));
if (pipe) {
char buf[16384];
FILE *pf = fopen("/Library/Application Support/ZeroTier/One/zerotier-one.port","r");
long n = fread(buf,1,sizeof(buf)-1,pf);
long port = 9993; // default
if (n > 0) {
buf[n] = (char)0;
port = strtol(buf,(char **)0,10);
}
fclose(pf);
n = (long)fread(buf,1,sizeof(buf)-1,pipe);
if (n > 0) {
buf[n] = (char)0;
snprintf(url,sizeof(url),"http://127.0.0.1:%ld/index.html?authToken=%s",port,buf);
}
fclose(pipe);
}
// The only way to guarantee that a credential acquired when you
// request a right is not shared with other authorization instances is
// to destroy the credential. To do so, call the AuthorizationFree
// function with the flag kAuthorizationFlagDestroyRights.
// http://developer.apple.com/documentation/Security/Conceptual/authorization_concepts/02authconcepts/chapter_2_section_7.html
status = AuthorizationFree(authorizationRef, kAuthorizationFlagDestroyRights);
NSString *urlStr = [[NSString alloc] initWithCString:url];
self.windowController = [[WindowController alloc] initWithURL: urlStr];
[self.windowController showWindow: [NSApplication sharedApplication].delegate];
self.windowController.contentView.webView.alphaValue = 1.0;
self.windowController.contentView.alphaValue = 1.0;
[self.windowController showWindow:self];
}
@end