valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 09:58:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Improve usb_devices on OSX

Browse Source
This commit is contained in:
Teddy Reed 2014-12-10 01:17:24 -08:00
parent f4a226f4cf
commit 0b5083bd0e
12 changed files with 467 additions and 448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
osquery/core/CMakeLists.txt
View File

@ -1,5 +1,8 @@
if(APPLE)
set (OS_CORE_SOURCE darwin/test_util.cpp darwin/test_util.h)
set (OS_CORE_SOURCE
darwin/test_util.cpp
darwin/conversions.cpp
)
else()
set (OS_CORE_SOURCE "")
endif()

11
osquery/core/conversions.h
View File

@ -7,6 +7,10 @@
#include <boost/bind.hpp>
#include <boost/shared_ptr.hpp>
#ifdef DARWIN
#include <CoreFoundation/CoreFoundation.h>
#endif
namespace osquery {
template <typename T>
@ -32,4 +36,11 @@ typename boost::shared_ptr<T> std_to_boost_shared_ptr(
typename std::shared_ptr<T> const& p) {
return boost::shared_ptr<T>(p.get(), boost::bind(&do_release_std<T>, p, _1));
}
#ifdef DARWIN
/// Get a std::string from a CStringRef.
std::string stringFromCFString(const CFStringRef cf_string);
std::string stringFromCFNumber(const CFDataRef& cf_number);
#endif
}

38
osquery/core/darwin/conversions.cpp Normal file
View File

@ -0,0 +1,38 @@
// Copyright 2004-present Facebook. All Rights Reserved.
#include <boost/lexical_cast.hpp>
#include "osquery/core/conversions.h"
namespace osquery {
std::string stringFromCFString(const CFStringRef cf_string) {
CFIndex length;
char *buffer;
// Access, then convert the CFString. CFStringGetCStringPtr is less-safe.
length = CFStringGetLength(cf_string);
buffer = (char *)malloc(length + 1);
if (!CFStringGetCString(
cf_string, buffer, length + 1, kCFStringEncodingASCII)) {
free(buffer);
return "";
}
// Cleanup allocations.
std::string result(buffer);
free(buffer);
return result;
}
std::string stringFromCFNumber(const CFDataRef& cf_number) {
unsigned int value;
if (CFGetTypeID(cf_number) != CFNumberGetTypeID() ||
!CFNumberGetValue((CFNumberRef)cf_number, kCFNumberIntType, &value)) {
return "0";
}
// Cast as a string.
return boost::lexical_cast<std::string>(value);
}
}

338
osquery/core/darwin/test_util.cpp
View File

@ -1,213 +1,27 @@
// Copyright 2004-present Facebook. All Rights Reserved.
#include "osquery/core/darwin/test_util.h"
#include <boost/property_tree/json_parser.hpp>
#include <osquery/filesystem.h>
#include "osquery/core/darwin/test_util.h"
namespace pt = boost::property_tree;
namespace osquery {
namespace core {
std::string kDarwinPlistTests = "../../../../tools/tests/";
std::string getPlistContent() {
std::string content = R"(
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.FileSyncAgent.sshd</string>
<key>ProgramArguments</key>
<array>
<string>/System/Library/CoreServices/FileSyncAgent.app/Contents/Resources/FileSyncAgent_sshd-keygen-wrapper</string>
<string>-i</string>
<string>-f</string>
<string>/System/Library/CoreServices/FileSyncAgent.app/Contents/Resources/FileSyncAgent_sshd_config</string>
</array>
<key>SessionCreate</key>
<true/>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>appleugcontrol</string>
<key>Bonjour</key>
<true/>
</dict>
</dict>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>inetdCompatibility</key>
<dict>
<key>Wait</key>
<false/>
</dict>
</dict>
</plist>
)";
std::string content;
readFile(kDarwinPlistTests + "test.plist", content);
return content;
}
std::string getALFContent() {
std::string content = R"(
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>allowsignedenabled</key>
<integer>1</integer>
<key>applications</key>
<array/>
<key>exceptions</key>
<array>
<dict>
<key>path</key>
<string>/usr/libexec/configd</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/sbin/mDNSResponder</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/sbin/racoon</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/bin/nmblookup</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/System/Library/PrivateFrameworks/Admin.framework/Versions/A/Resources/readconfig</string>
<key>state</key>
<integer>3</integer>
</dict>
</array>
<key>explicitauths</key>
<array>
<dict>
<key>id</key>
<string>org.python.python.app</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.ruby</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.a2p</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.javajdk16.cmd</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.php</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.nc</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.ksh</string>
</dict>
</array>
<key>firewall</key>
<dict>
<key>Apple Remote Desktop</key>
<dict>
<key>proc</key>
<string>AppleVNCServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>FTP Access</key>
<dict>
<key>proc</key>
<string>ftpd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>ODSAgent</key>
<dict>
<key>proc</key>
<string>ODSAgent</string>
<key>servicebundleid</key>
<string>com.apple.ODSAgent</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Personal File Sharing</key>
<dict>
<key>proc</key>
<string>AppleFileServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Personal Web Sharing</key>
<dict>
<key>proc</key>
<string>httpd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Printer Sharing</key>
<dict>
<key>proc</key>
<string>cupsd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Remote Apple Events</key>
<dict>
<key>proc</key>
<string>AEServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Remote Login - SSH</key>
<dict>
<key>proc</key>
<string>sshd-keygen-wrapper</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Samba Sharing</key>
<dict>
<key>proc</key>
<string>smbd</string>
<key>state</key>
<integer>0</integer>
</dict>
</dict>
<key>firewallunload</key>
<integer>0</integer>
<key>globalstate</key>
<integer>0</integer>
<key>loggingenabled</key>
<integer>0</integer>
<key>loggingoption</key>
<integer>0</integer>
<key>stealthenabled</key>
<integer>0</integer>
<key>version</key>
<string>1.0a25</string>
</dict>
</plist>
)";
std::string content;
readFile(kDarwinPlistTests + "test_alf.plist", content);
return content;
}
@ -219,138 +33,14 @@ pt::ptree getALFTree() {
}
std::string getInfoPlistContent() {
std::string content = R"(
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>BuildMachineOSBuild</key>
<string>13C23</string>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleDocumentTypes</key>
<array>
<dict>
<key>CFBundleTypeExtensions</key>
<array>
<string>Photo Booth</string>
</array>
<key>CFBundleTypeIconFile</key>
<string>PBLibraryIcon</string>
<key>CFBundleTypeName</key>
<string>Photo Booth Library</string>
<key>CFBundleTypeOSTypes</key>
<array>
<string>PBLb</string>
</array>
<key>CFBundleTypeRole</key>
<string>Viewer</string>
<key>LSTypeIsPackage</key>
<true/>
<key>NSDocumentClass</key>
<string>ArchiveDocument</string>
</dict>
</array>
<key>CFBundleExecutable</key>
<string>Photo Booth</string>
<key>CFBundleHelpBookFolder</key>
<string>PhotoBooth.help</string>
<key>CFBundleHelpBookName</key>
<string>com.apple.PhotoBooth.help</string>
<key>CFBundleIconFile</key>
<string>PhotoBooth.icns</string>
<key>CFBundleIdentifier</key>
<string>com.apple.PhotoBooth</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>6.0</string>
<key>CFBundleSignature</key>
<string>PhBo</string>
<key>CFBundleVersion</key>
<string>517</string>
<key>DTCompiler</key>
<string>com.apple.compilers.llvm.clang.1_0</string>
<key>DTPlatformBuild</key>
<string>5A2053</string>
<key>DTPlatformVersion</key>
<string>GM</string>
<key>DTSDKBuild</key>
<string>13C23</string>
<key>DTSDKName</key>
<string></string>
<key>DTXcode</key>
<string>0501</string>
<key>DTXcodeBuild</key>
<string>5A2053</string>
<key>LSApplicationCategoryType</key>
<string>public.app-category.entertainment</string>
<key>LSMinimumSystemVersion</key>
<string>10.7.0</string>
<key>NSMainNibFile</key>
<string>MainMenu</string>
<key>NSPrincipalClass</key>
<string>PBApplication</string>
<key>NSSupportsAutomaticGraphicsSwitching</key>
<true/>
<key>NSSupportsSuddenTermination</key>
<string>YES</string>
</dict>
</plist>
)";
std::string content;
readFile(kDarwinPlistTests + "test_info.plist", content);
return content;
}
std::string getLaunchdContent() {
std::string content = R"(
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.mDNSResponder</string>
<key>OnDemand</key>
<false/>
<key>InitGroups</key>
<false/>
<key>UserName</key>
<string>_mdnsresponder</string>
<key>GroupName</key>
<string>_mdnsresponder</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/mDNSResponder</string>
</array>
<key>MachServices</key>
<dict>
<key>com.apple.mDNSResponder</key>
<true/>
<key>com.apple.mDNSResponder.dnsproxy</key>
<true/>
</dict>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockFamily</key>
<string>Unix</string>
<key>SockPathName</key>
<string>/var/run/mDNSResponder</string>
<key>SockPathMode</key>
<integer>438</integer>
</dict>
</dict>
<key>EnableTransactions</key>
<true/>
<key>BeginTransactionAtShutdown</key>
<true/>
<key>POSIXSpawnType</key>
<string>Interactive</string>
</dict>
</plist>
)";
std::string content;
readFile(kDarwinPlistTests + "test_launchd.plist", content);
return content;
}

10
osquery/tables/specs/darwin/usb_devices.table
View File

@ -1,6 +1,12 @@
table_name("usb_devices")
schema([
Column("manufacturer", TEXT),
Column("product", TEXT),
Column("usb_address", INTEGER),
Column("usb_port", INTEGER),
Column("vendor", TEXT),
Column("vendor_id", INTEGER),
Column("model", TEXT),
Column("model_id", INTEGER),
Column("serial", INTEGER),
Column("removable", INTEGER),
])
implementation("usb_devices@genUsbDevices")

71
osquery/tables/system/darwin/ca_certs.cpp
View File

@ -12,20 +12,20 @@
#include <CoreFoundation/CoreFoundation.h>
#include <Security/Security.h>
#include <glog/logging.h>
#include <osquery/core.h>
#include <osquery/logger.h>
#include <osquery/tables.h>
#include "osquery/core/conversions.h"
namespace osquery {
namespace tables {
std::string genNumberProperty(const CFDataRef);
std::string genKIDProperty(const CFDataRef);
std::string genCommonNameProperty(const CFDataRef);
std::string genAlgorithmProperty(const CFDataRef);
std::string genKIDProperty(const CFDataRef&);
std::string genCommonNameProperty(const CFDataRef&);
std::string genAlgorithmProperty(const CFDataRef&);
typedef std::string (*PropGenerator)(const CFDataRef);
typedef std::string (*PropGenerator)(const CFDataRef&);
typedef std::pair<CFTypeRef, PropGenerator> Property;
const std::vector<std::string> kSystemKeychainPaths = {
@ -39,13 +39,13 @@ const std::vector<std::string> kUserKeychainPaths = {
const std::map<std::string, Property> kCertificateProperties = {
{"common_name", std::make_pair(kSecOIDCommonName, genCommonNameProperty)},
{"not_valid_before",
std::make_pair(kSecOIDX509V1ValidityNotBefore, genNumberProperty)},
std::make_pair(kSecOIDX509V1ValidityNotBefore, stringFromCFNumber)},
{"not_valid_after",
std::make_pair(kSecOIDX509V1ValidityNotAfter, genNumberProperty)},
std::make_pair(kSecOIDX509V1ValidityNotAfter, stringFromCFNumber)},
{"key_algorithm",
std::make_pair(kSecOIDX509V1SubjectPublicKeyAlgorithm,
genAlgorithmProperty)},
{"key_usage", std::make_pair(kSecOIDKeyUsage, genNumberProperty)},
{"key_usage", std::make_pair(kSecOIDKeyUsage, stringFromCFNumber)},
{"subject_key_id",
std::make_pair(kSecOIDSubjectKeyIdentifier, genKIDProperty)},
{"authority_key_id",
@ -70,38 +70,7 @@ enum {
kSecKeyUsageAll = 0x7FFFFFFF
};
std::string safeSecString(const CFStringRef cf_string) {
CFIndex length;
char *buffer;
// Access, then convert the CFString. CFStringGetCStringPtr is less-safe.
length = CFStringGetLength(cf_string);
buffer = (char *)malloc(length + 1);
if (!CFStringGetCString(
cf_string, buffer, length + 1, kCFStringEncodingASCII)) {
free(buffer);
return "";
}
// Cleanup allocations.
std::string result(buffer);
free(buffer);
return result;
}
std::string genNumberProperty(const CFDataRef number) {
unsigned int value;
if (CFGetTypeID(number) != CFNumberGetTypeID() ||
!CFNumberGetValue((CFNumberRef)number, kCFNumberIntType, &value)) {
return "0";
}
// Cast as a string.
return boost::lexical_cast<std::string>(value);
}
std::string genKIDProperty(const CFDataRef kid) {
std::string genKIDProperty(const CFDataRef& kid) {
CFDataRef kid_data = NULL;
CFDictionaryRef kid_dict = NULL;
const char *kid_value = 0;
@ -139,7 +108,7 @@ std::string genKIDProperty(const CFDataRef kid) {
return ascii_kid.str();
}
std::string genCommonNameProperty(const CFDataRef ca) {
std::string genCommonNameProperty(const CFDataRef& ca) {
CFDataRef ca_data = NULL;
CFStringRef ca_string = NULL;
@ -158,10 +127,10 @@ std::string genCommonNameProperty(const CFDataRef ca) {
}
// Access, then convert the CFString. CFStringGetCStringPtr is less-safe.
return safeSecString(ca_string);
return stringFromCFString(ca_string);
}
std::string genAlgorithmProperty(const CFDataRef alg) {
std::string genAlgorithmProperty(const CFDataRef& alg) {
std::string expected_label = "Algorithm";
CFStringRef label, value;
CFDictionaryRef alg_item;
@ -172,8 +141,8 @@ std::string genAlgorithmProperty(const CFDataRef alg) {
label = (CFStringRef)CFDictionaryGetValue(alg_item, kSecPropertyKeyLabel);
value = (CFStringRef)CFDictionaryGetValue(alg_item, kSecPropertyKeyValue);
if (expected_label.compare(safeSecString(label)) == 0) {
return safeSecString(value);
if (expected_label.compare(stringFromCFString(label)) == 0) {
return stringFromCFString(value);
}
}
@ -181,7 +150,7 @@ std::string genAlgorithmProperty(const CFDataRef alg) {
return "";
}
std::string genSHA1ForCertificate(const SecCertificateRef ca) {
std::string genSHA1ForCertificate(const SecCertificateRef& ca) {
boost::uuids::detail::sha1 sha1;
CFDataRef ca_data;
@ -203,7 +172,7 @@ std::string genSHA1ForCertificate(const SecCertificateRef ca) {
return hash_output.str();
}
CFNumberRef CFNumberCreateCopy(const CFNumberRef number) {
CFNumberRef CFNumberCreateCopy(const CFNumberRef& number) {
// Easy way to get allow releasing numbers existing in arrays/dicts.
// This follows Apple's guidance for "Create" APIs, caller controls memory.
CFNumberRef copy;
@ -291,8 +260,8 @@ bool CertificateIsCA(const SecCertificateRef cert) {
label = (CFStringRef)CFDictionaryGetValue(constraint, kSecPropertyKeyLabel);
value = (CFStringRef)CFDictionaryGetValue(constraint, kSecPropertyKeyValue);
if (expected_label.compare(safeSecString(label)) == 0 &&
expected_value.compare(safeSecString(value)) == 0) {
if (expected_label.compare(stringFromCFString(label)) == 0 &&
expected_value.compare(stringFromCFString(value)) == 0) {
isCA = true;
break;
}

16
osquery/tables/system/darwin/nvram.cpp
View File

@ -1,21 +1,17 @@
// Copyright 2004-present Facebook. All Rights Reserved.
#include <string>
#include <stdlib.h>
#include <IOKit/IOKitLib.h>
#include <CoreFoundation/CoreFoundation.h>
#include <IOKit/IOKitLib.h>
#include <osquery/core.h>
#include <osquery/logger.h>
#include <osquery/tables.h>
#include "osquery/core/conversions.h"
namespace osquery {
namespace tables {
extern std::string safeSecString(const CFStringRef cf_string);
std::string variableFromNumber(const void *value) {
uint32_t number;
char number_buffer[10];
@ -80,12 +76,12 @@ void genVariable(const void *key, const void *value, void *results) {
CFStringRef type_description;
// Variable name is the dictionary key.
nvram_row["name"] = safeSecString((CFStringRef)key);
nvram_row["name"] = stringFromCFString((CFStringRef)key);
// Variable type will be defined by the CF type.
type_id = CFGetTypeID(value);
type_description = CFCopyTypeIDDescription(type_id);
nvram_row["type"] = safeSecString(type_description);
nvram_row["type"] = stringFromCFString(type_description);
CFRelease(type_description);
// Based on the type, get a texual representation of the variable.
@ -97,7 +93,7 @@ void genVariable(const void *key, const void *value, void *results) {
value_string = variableFromNumber(value);
} else if (type_id == CFStringGetTypeID()) {
// CFString!
value_string = safeSecString((CFStringRef)value);
value_string = stringFromCFString((CFStringRef)value);
} else if (type_id == CFDataGetTypeID()) {
// Binary Data
value_string = variableFromData(value);

112
osquery/tables/system/darwin/usb_devices.cpp
View File

@ -1,89 +1,81 @@
// Copyright 2004-present Facebook. All Rights Reserved.
#include <string>
#include <stdio.h>
#include <stdlib.h>
#include <IOKit/IOKitLib.h>
#include <IOKit/usb/IOUSBLib.h>
#include <IOKit/hid/IOHIDKeys.h>
#include <boost/algorithm/string/join.hpp>
#include <boost/filesystem/operations.hpp>
#include <boost/filesystem/path.hpp>
#include <osquery/core.h>
#include <osquery/tables.h>
#include <osquery/filesystem.h>
#include "osquery/core/conversions.h"
namespace osquery {
namespace tables {
std::string getUSBProperty(const CFMutableDictionaryRef& details,
const std::string& key) {
// Get a property from the device.
auto cfkey = CFStringCreateWithCString(kCFAllocatorDefault, key.c_str(),
kCFStringEncodingUTF8);
auto property = CFDictionaryGetValue(details, cfkey);
CFRelease(cfkey);
if (property) {
if (CFGetTypeID(property) == CFNumberGetTypeID()) {
return stringFromCFNumber((CFDataRef)property);
} else { //if (CFGetTypeID(property) == CFStringGetTypeID()) {
return stringFromCFString((CFStringRef)property);
}
}
return "";
}
void genUSBDevice(const io_service_t& device, QueryData& results) {
Row r;
// Get the device details
CFMutableDictionaryRef details;
IORegistryEntryCreateCFProperties(
device, &details, kCFAllocatorDefault, kNilOptions);
r["usb_address"] = getUSBProperty(details, "USB Address");
r["usb_port"] = getUSBProperty(details, "PortNum");
r["model"] = getUSBProperty(details, "USB Product Name");
r["model_id"] = getUSBProperty(details, "idProduct");
r["vendor"] = getUSBProperty(details, "USB Vendor Name");
r["vendor_id"] = getUSBProperty(details, "idVendor");
r["serial"] = getUSBProperty(details, "iSerialNumber");
auto non_removable = getUSBProperty(details, "non-removable");
r["removable"] = (non_removable == "yes") ? "0" : "1";
results.push_back(r);
CFRelease(details);
}
QueryData genUsbDevices(QueryContext& context) {
QueryData results;
io_service_t device;
char vendor[256];
char product[256];
auto matchingDict = IOServiceMatching(kIOUSBDeviceClassName);
if (matchingDict == nullptr) {
auto matching = IOServiceMatching(kIOUSBDeviceClassName);
if (matching == nullptr) {
// No devices matched USB, very odd.
return results;
}
kern_return_t kr;
io_iterator_t iter;
kr = IOServiceGetMatchingServices(kIOMasterPortDefault, matchingDict, &iter);
io_iterator_t it;
auto kr = IOServiceGetMatchingServices(kIOMasterPortDefault, matching, &it);
if (kr != KERN_SUCCESS) {
return results;
}
memset(vendor, 0, 256);
memset(product, 0, 256);
while ((device = IOIteratorNext(iter))) {
Row r;
// Get the vendor of the device;
CFMutableDictionaryRef vendor_dict;
IORegistryEntryCreateCFProperties(
device, &vendor_dict, kCFAllocatorDefault, kNilOptions);
CFTypeRef vendor_obj =
CFDictionaryGetValue(vendor_dict, CFSTR("USB Vendor Name"));
if (vendor_obj) {
CFStringRef cf_vendor =
CFStringCreateCopy(kCFAllocatorDefault, (CFStringRef)vendor_obj);
CFStringGetCString(cf_vendor, vendor, 255, CFStringGetSystemEncoding());
r["manufacturer"] = vendor;
CFRelease(cf_vendor);
}
CFRelease(vendor_dict);
// Get the product name of the device
CFMutableDictionaryRef product_dict;
IORegistryEntryCreateCFProperties(
device, &product_dict, kCFAllocatorDefault, kNilOptions);
CFTypeRef product_obj =
CFDictionaryGetValue(product_dict, CFSTR("USB Product Name"));
if (product_obj) {
CFStringRef cf_product =
CFStringCreateCopy(kCFAllocatorDefault, (CFStringRef)product_obj);
CFStringGetCString(cf_product, product, 255, CFStringGetSystemEncoding());
r["product"] = product;
CFRelease(cf_product);
}
CFRelease(product_dict);
// Lets make sure we don't have an empty product & manufacturer
if (r["product"].size() > 0 || r["manufacturer"].size() > 0) {
results.push_back(r);
}
io_service_t device;
while ((device = IOIteratorNext(it))) {
genUSBDevice(device, results);
IOObjectRelease(device);
}
IOObjectRelease(iter);
IOObjectRelease(it);
return results;
}
}

36
tools/tests/test.plist Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Disabled</key>
<true/>
<key>Label</key>
<string>com.apple.FileSyncAgent.sshd</string>
<key>ProgramArguments</key>
<array>
<string>/System/Library/CoreServices/FileSyncAgent.app/Contents/Resources/FileSyncAgent_sshd-keygen-wrapper</string>
<string>-i</string>
<string>-f</string>
<string>/System/Library/CoreServices/FileSyncAgent.app/Contents/Resources/FileSyncAgent_sshd_config</string>
</array>
<key>SessionCreate</key>
<true/>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockServiceName</key>
<string>appleugcontrol</string>
<key>Bonjour</key>
<true/>
</dict>
</dict>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>inetdCompatibility</key>
<dict>
<key>Wait</key>
<false/>
</dict>
</dict>
</plist>

154
tools/tests/test_alf.plist Normal file
View File

@ -0,0 +1,154 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>allowsignedenabled</key>
<integer>1</integer>
<key>applications</key>
<array/>
<key>exceptions</key>
<array>
<dict>
<key>path</key>
<string>/usr/libexec/configd</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/sbin/mDNSResponder</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/sbin/racoon</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/usr/bin/nmblookup</string>
<key>state</key>
<integer>3</integer>
</dict>
<dict>
<key>path</key>
<string>/System/Library/PrivateFrameworks/Admin.framework/Versions/A/Resources/readconfig</string>
<key>state</key>
<integer>3</integer>
</dict>
</array>
<key>explicitauths</key>
<array>
<dict>
<key>id</key>
<string>org.python.python.app</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.ruby</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.a2p</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.javajdk16.cmd</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.php</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.nc</string>
</dict>
<dict>
<key>id</key>
<string>com.apple.ksh</string>
</dict>
</array>
<key>firewall</key>
<dict>
<key>Apple Remote Desktop</key>
<dict>
<key>proc</key>
<string>AppleVNCServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>FTP Access</key>
<dict>
<key>proc</key>
<string>ftpd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>ODSAgent</key>
<dict>
<key>proc</key>
<string>ODSAgent</string>
<key>servicebundleid</key>
<string>com.apple.ODSAgent</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Personal File Sharing</key>
<dict>
<key>proc</key>
<string>AppleFileServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Personal Web Sharing</key>
<dict>
<key>proc</key>
<string>httpd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Printer Sharing</key>
<dict>
<key>proc</key>
<string>cupsd</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Remote Apple Events</key>
<dict>
<key>proc</key>
<string>AEServer</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Remote Login - SSH</key>
<dict>
<key>proc</key>
<string>sshd-keygen-wrapper</string>
<key>state</key>
<integer>0</integer>
</dict>
<key>Samba Sharing</key>
<dict>
<key>proc</key>
<string>smbd</string>
<key>state</key>
<integer>0</integer>
</dict>
</dict>
<key>firewallunload</key>
<integer>0</integer>
<key>globalstate</key>
<integer>0</integer>
<key>loggingenabled</key>
<integer>0</integer>
<key>loggingoption</key>
<integer>0</integer>
<key>stealthenabled</key>
<integer>0</integer>
<key>version</key>
<string>1.0a25</string>
</dict>
</plist>

79
tools/tests/test_info.plist Normal file
View File

@ -0,0 +1,79 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>BuildMachineOSBuild</key>
<string>13C23</string>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleDocumentTypes</key>
<array>
<dict>
<key>CFBundleTypeExtensions</key>
<array>
<string>Photo Booth</string>
</array>
<key>CFBundleTypeIconFile</key>
<string>PBLibraryIcon</string>
<key>CFBundleTypeName</key>
<string>Photo Booth Library</string>
<key>CFBundleTypeOSTypes</key>
<array>
<string>PBLb</string>
</array>
<key>CFBundleTypeRole</key>
<string>Viewer</string>
<key>LSTypeIsPackage</key>
<true/>
<key>NSDocumentClass</key>
<string>ArchiveDocument</string>
</dict>
</array>
<key>CFBundleExecutable</key>
<string>Photo Booth</string>
<key>CFBundleHelpBookFolder</key>
<string>PhotoBooth.help</string>
<key>CFBundleHelpBookName</key>
<string>com.apple.PhotoBooth.help</string>
<key>CFBundleIconFile</key>
<string>PhotoBooth.icns</string>
<key>CFBundleIdentifier</key>
<string>com.apple.PhotoBooth</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleShortVersionString</key>
<string>6.0</string>
<key>CFBundleSignature</key>
<string>PhBo</string>
<key>CFBundleVersion</key>
<string>517</string>
<key>DTCompiler</key>
<string>com.apple.compilers.llvm.clang.1_0</string>
<key>DTPlatformBuild</key>
<string>5A2053</string>
<key>DTPlatformVersion</key>
<string>GM</string>
<key>DTSDKBuild</key>
<string>13C23</string>
<key>DTSDKName</key>
<string></string>
<key>DTXcode</key>
<string>0501</string>
<key>DTXcodeBuild</key>
<string>5A2053</string>
<key>LSApplicationCategoryType</key>
<string>public.app-category.entertainment</string>
<key>LSMinimumSystemVersion</key>
<string>10.7.0</string>
<key>NSMainNibFile</key>
<string>MainMenu</string>
<key>NSPrincipalClass</key>
<string>PBApplication</string>
<key>NSSupportsAutomaticGraphicsSwitching</key>
<true/>
<key>NSSupportsSuddenTermination</key>
<string>YES</string>
</dict>
</plist>

45
tools/tests/test_launchd.plist Normal file
View File

@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.apple.mDNSResponder</string>
<key>OnDemand</key>
<false/>
<key>InitGroups</key>
<false/>
<key>UserName</key>
<string>_mdnsresponder</string>
<key>GroupName</key>
<string>_mdnsresponder</string>
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/mDNSResponder</string>
</array>
<key>MachServices</key>
<dict>
<key>com.apple.mDNSResponder</key>
<true/>
<key>com.apple.mDNSResponder.dnsproxy</key>
<true/>
</dict>
<key>Sockets</key>
<dict>
<key>Listeners</key>
<dict>
<key>SockFamily</key>
<string>Unix</string>
<key>SockPathName</key>
<string>/var/run/mDNSResponder</string>
<key>SockPathMode</key>
<integer>438</integer>
</dict>
</dict>
<key>EnableTransactions</key>
<true/>
<key>BeginTransactionAtShutdown</key>
<true/>
<key>POSIXSpawnType</key>
<string>Interactive</string>
</dict>
</plist>