Overview
Comment: | OFApplication: Rename a few sandbox methods |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
b3f7ccb7079c8e8494b3327574cae2a1 |
User & Date: | js on 2019-09-29 15:47:00 |
Other Links: | manifest | tags |
Context
2019-09-29
| ||
15:58 | Remove OFAutoreleasePool check-in: 09be825f88 user: js tags: trunk | |
15:47 | OFApplication: Rename a few sandbox methods check-in: b3f7ccb707 user: js tags: trunk | |
15:28 | Update version to 1.1-dev now that 1.0 is branched check-in: 965f88ff1e user: js tags: trunk | |
Changes
Modified src/OFApplication.h from [b018d35a5c] to [f18dce4f34].
︙ | ︙ | |||
40 41 42 43 44 45 46 47 48 49 50 51 52 53 | # define OF_HAVE_SANDBOX #endif /*! * @protocol OFApplicationDelegate OFApplication.h ObjFW/OFApplication.h * * @brief A protocol for delegates of OFApplication. */ @protocol OFApplicationDelegate <OFObject> /*! * @brief A method which is called when the application was initialized and is * running now. */ - (void)applicationDidFinishLaunching; | > > | 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 | # define OF_HAVE_SANDBOX #endif /*! * @protocol OFApplicationDelegate OFApplication.h ObjFW/OFApplication.h * * @brief A protocol for delegates of OFApplication. * * @note Signals are not available on AmigaOS! */ @protocol OFApplicationDelegate <OFObject> /*! * @brief A method which is called when the application was initialized and is * running now. */ - (void)applicationDidFinishLaunching; |
︙ | ︙ | |||
134 135 136 137 138 139 140 | void (*_Nullable _SIGINTHandler)(id, SEL); #ifndef OF_WINDOWS void (*_Nullable _SIGHUPHandler)(id, SEL); void (*_Nullable _SIGUSR1Handler)(id, SEL); void (*_Nullable _SIGUSR2Handler)(id, SEL); #endif #ifdef OF_HAVE_SANDBOX | | > | 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 | void (*_Nullable _SIGINTHandler)(id, SEL); #ifndef OF_WINDOWS void (*_Nullable _SIGHUPHandler)(id, SEL); void (*_Nullable _SIGUSR1Handler)(id, SEL); void (*_Nullable _SIGUSR2Handler)(id, SEL); #endif #ifdef OF_HAVE_SANDBOX OFSandbox *_Nullable _activeSandbox; OFSandbox *_Nullable _activeSandboxForChildProcesses; #endif } #ifdef OF_HAVE_CLASS_PROPERTIES @property (class, readonly, nullable, nonatomic) OFApplication *sharedApplication; @property (class, readonly, nullable, nonatomic) OFString *programName; |
︙ | ︙ | |||
177 178 179 180 181 182 183 | #ifdef OF_HAVE_SANDBOX /*! * @brief The sandbox currently active for this application. */ @property OF_NULLABLE_PROPERTY (readonly, nonatomic) OFSandbox *activeSandbox; /*! | | < | | 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 | #ifdef OF_HAVE_SANDBOX /*! * @brief The sandbox currently active for this application. */ @property OF_NULLABLE_PROPERTY (readonly, nonatomic) OFSandbox *activeSandbox; /*! * @brief The sandbox currently active for child processes of this application. */ @property OF_NULLABLE_PROPERTY (readonly, nonatomic) OFSandbox *activeSandboxForChildProcesses; #endif /*! * @brief Returns the only OFApplication instance in the application. * * @return The only OFApplication instance in the application */ |
︙ | ︙ | |||
231 232 233 234 235 236 237 | #ifdef OF_HAVE_SANDBOX /*! * @brief Activates the specified sandbox for the application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * @warning If you allow `exec()`, but do not call | | | | | | 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 | #ifdef OF_HAVE_SANDBOX /*! * @brief Activates the specified sandbox for the application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * @warning If you allow `exec()`, but do not call * @ref activateSandboxForChildProcesses, an `exec()`'d process does * not have its permissions restricted! * * @note Once a sandbox has been activated, you cannot activate a different * sandbox. You can however change the active sandbox and reactivate it. * * @param sandbox The sandbox to activate */ + (void)activateSandbox: (OFSandbox *)sandbox; /*! * @brief Activates the specified sandbox for child processes of the * application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * `unveiledPaths` on the sandbox must *not* be empty, otherwise an * @ref OFInvalidArgumentException is raised. * * @note Once a sandbox has been activated, you cannot activate a different * sandbox. You can however change the active sandbox and reactivate it. * * @param sandbox The sandbox to activate */ + (void)activateSandboxForChildProcesses: (OFSandbox *)sandbox; #endif - (instancetype)init OF_UNAVAILABLE; /*! * @brief Gets argc and argv. * |
︙ | ︙ | |||
288 289 290 291 292 293 294 | #ifdef OF_HAVE_SANDBOX /*! * @brief Activates the specified sandbox for the application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * @warning If you allow `exec()`, but do not call | | | | | | 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 | #ifdef OF_HAVE_SANDBOX /*! * @brief Activates the specified sandbox for the application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * @warning If you allow `exec()`, but do not call * @ref activateSandboxForExecdProcesses, an `exec()`'d process does * not have its permissions restricted! * * @note Once a sandbox has been activated, you cannot activate a different * sandbox. You can however change the active sandbox and reactivate it. * * @param sandbox The sandbox to activate */ - (void)activateSandbox: (OFSandbox *)sandbox; /*! * @brief Activates the specified sandbox for child processes of the * application. * * This is only available if `OF_HAVE_SANDBOX` is defined. * * `unveiledPaths` on the sandbox must *not* be empty, otherwise an * @ref OFInvalidArgumentException is raised. * * @note Once a sandbox has been activated, you cannot activate a different * sandbox. You can however change the active sandbox and reactivate it. * * @param sandbox The sandbox to activate */ - (void)activateSandboxForChildProcesses: (OFSandbox *)sandbox; #endif @end #ifdef __cplusplus extern "C" { #endif extern int of_application_main(int *_Nonnull, char *_Nullable *_Nonnull[_Nonnull], id <OFApplicationDelegate>); #ifdef __cplusplus } #endif OF_ASSUME_NONNULL_END |
Modified src/OFApplication.m from [0eab530ffc] to [c0cd7cc60a].
︙ | ︙ | |||
152 153 154 155 156 157 158 | } @implementation OFApplication @synthesize programName = _programName, arguments = _arguments; @synthesize environment = _environment; #ifdef OF_HAVE_SANDBOX @synthesize activeSandbox = _activeSandbox; | | | 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 | } @implementation OFApplication @synthesize programName = _programName, arguments = _arguments; @synthesize environment = _environment; #ifdef OF_HAVE_SANDBOX @synthesize activeSandbox = _activeSandbox; @synthesize activeSandboxForChildProcesses = _activeSandboxForChildProcesses; #endif + (OFApplication *)sharedApplication { return app; } |
︙ | ︙ | |||
201 202 203 204 205 206 207 | #ifdef OF_HAVE_SANDBOX + (void)activateSandbox: (OFSandbox *)sandbox { [app activateSandbox: sandbox]; } | | | | 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 | #ifdef OF_HAVE_SANDBOX + (void)activateSandbox: (OFSandbox *)sandbox { [app activateSandbox: sandbox]; } + (void)activateSandboxForChildProcesses: (OFSandbox *)sandbox { [app activateSandboxForChildProcesses: sandbox]; } #endif - (instancetype)init { OF_INVALID_INIT_METHOD } |
︙ | ︙ | |||
626 627 628 629 630 631 632 | objc_autoreleasePoolPop(pool); if (_activeSandbox == nil) _activeSandbox = [sandbox retain]; # endif } | | > | | | | 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 | objc_autoreleasePoolPop(pool); if (_activeSandbox == nil) _activeSandbox = [sandbox retain]; # endif } - (void)activateSandboxForChildProcesses: (OFSandbox *)sandbox { # ifdef OF_HAVE_PLEDGE void *pool = objc_autoreleasePoolPush(); const char *promises; if (_activeSandboxForChildProcesses != nil && sandbox != _activeSandboxForChildProcesses) @throw [OFInvalidArgumentException exception]; if (sandbox.unveiledPaths.count != 0) @throw [OFInvalidArgumentException exception]; promises = [sandbox.pledgeString cStringWithEncoding: [OFLocale encoding]]; if (pledge(NULL, promises) != 0) @throw [OFSandboxActivationFailedException exceptionWithSandbox: sandbox errNo: errno]; objc_autoreleasePoolPop(pool); if (_activeSandboxForChildProcesses == nil) _activeSandboxForChildProcesses = [sandbox retain]; # endif } #endif @end |