Complete building of all components

Now they just need to be linked

CMakeLists.txt

@@ -19,6 +19,7 @@ add_definitions(
 )
 
 include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/securityd/securityd_service/KeyStore
 	${CMAKE_CURRENT_SOURCE_DIR}/OSX/trustd
 	${CMAKE_CURRENT_SOURCE_DIR}/OSX/authd
 	${CMAKE_CURRENT_SOURCE_DIR}/OSX/security_dotmac_tp/lib

OSX/CMakeLists.txt

@@ -18,3 +18,14 @@ add_subdirectory(libsecurity_cryptkit)
 add_subdirectory(libsecurity_cssm)
 add_subdirectory(libsecurity_filedb)
 add_subdirectory(libsecurity_keychain)
+add_subdirectory(libsecurity_manifest)
+add_subdirectory(libsecurity_mds)
+add_subdirectory(libsecurity_ocspd)
+add_subdirectory(libsecurity_pkcs12)
+add_subdirectory(libsecurity_sd_cspdl)
+add_subdirectory(libsecurity_smime)
+add_subdirectory(libsecurity_ssl)
+add_subdirectory(libsecurity_transform)
+add_subdirectory(libsecurity_utilities)
+add_subdirectory(libsecurityd)
+add_subdirectory(utilities)

OSX/libsecurity_keychain/CMakeLists.txt

@@ -85,3 +85,13 @@ add_library(libsecurity_keychain OBJECT
 	lib/tsaDERUtilities.c
 )
 make_fat(libsecurity_keychain)
+
+add_library(libsecurity_keychain_DER OBJECT
+	libDER/libDER/DER_Decode.c
+	libDER/libDER/DER_Encode.c
+	libDER/libDER/DER_Keys.c
+	libDER/libDER/DER_Digest.c
+	libDER/libDER/oids.c
+	libDER/libDER/DER_CertCrl.c
+)
+make_fat(libsecurity_keychain_DER)

OSX/libsecurity_manifest/CMakeLists.txt

@@ -0,0 +1,15 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_manifest OBJECT
+	lib/ManifestSigner.cpp
+	lib/Manifest.cpp
+	lib/SecManifest.cpp
+	lib/SecureDownloadInternal.c
+	lib/SecureDownload.cpp
+	lib/ManifestInternal.cpp
+	lib/Download.cpp
+	lib/AppleManifest.cpp
+)
+make_fat(libsecurity_manifest)

OSX/libsecurity_mds/CMakeLists.txt

@@ -0,0 +1,16 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_mds OBJECT
+	lib/MDSDictionary.cpp
+	lib/MDSDatabase.cpp
+	lib/MDSAttrParser.cpp
+	lib/MDSSchema.cpp
+	lib/MDSModule.cpp
+	lib/MDSAttrUtils.cpp
+	lib/MDSAttrStrings.cpp
+	lib/MDSSession.cpp
+	lib/mdsapi.cpp
+)
+make_fat(libsecurity_mds)

OSX/libsecurity_ocspd/CMakeLists.txt

@@ -0,0 +1,15 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/common
+)
+
+add_library(libsecurity_ocspd OBJECT
+	mig/ocspd_client.cpp
+	common/ocspdDbSchema.cpp
+	mig/ocspd.defs
+	common/ocspResponse.cpp
+	mig/ocspd_server.cpp
+	client/ocspdClient.cpp
+	common/ocspExtensions.cpp
+	common/ocspdUtils.cpp
+)
+make_fat(libsecurity_ocspd)

OSX/libsecurity_ocspd/common/ocspd.h

@@ -0,0 +1,631 @@
+#ifndef	_ocspd_user_
+#define	_ocspd_user_
+
+/* Module ocspd */
+
+#include <string.h>
+#include <mach/ndr.h>
+#include <mach/boolean.h>
+#include <mach/kern_return.h>
+#include <mach/notify.h>
+#include <mach/mach_types.h>
+#include <mach/message.h>
+#include <mach/mig_errors.h>
+#include <mach/port.h>
+	
+/* BEGIN VOUCHER CODE */
+
+#ifndef KERNEL
+#if defined(__has_include)
+#if __has_include(<mach/mig_voucher_support.h>)
+#ifndef USING_VOUCHERS
+#define USING_VOUCHERS
+#endif
+#ifndef __VOUCHER_FORWARD_TYPE_DECLS__
+#define __VOUCHER_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern boolean_t voucher_mach_msg_set(mach_msg_header_t *msg) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif // __VOUCHER_FORWARD_TYPE_DECLS__
+#endif // __has_include(<mach/mach_voucher_types.h>)
+#endif // __has_include
+#endif // !KERNEL
+	
+/* END VOUCHER CODE */
+
+	
+/* BEGIN MIG_STRNCPY_ZEROFILL CODE */
+
+#if defined(__has_include)
+#if __has_include(<mach/mig_strncpy_zerofill_support.h>)
+#ifndef USING_MIG_STRNCPY_ZEROFILL
+#define USING_MIG_STRNCPY_ZEROFILL
+#endif
+#ifndef __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#define __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern int mig_strncpy_zerofill(char *dest, const char *src, int len) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif /* __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__ */
+#endif /* __has_include(<mach/mig_strncpy_zerofill_support.h>) */
+#endif /* __has_include */
+	
+/* END MIG_STRNCPY_ZEROFILL CODE */
+
+
+#ifdef AUTOTEST
+#ifndef FUNCTION_PTR_T
+#define FUNCTION_PTR_T
+typedef void (*function_ptr_t)(mach_port_t, char *, mach_msg_type_number_t);
+typedef struct {
+        char            *name;
+        function_ptr_t  function;
+} function_table_entry;
+typedef function_table_entry   *function_table_t;
+#endif /* FUNCTION_PTR_T */
+#endif /* AUTOTEST */
+
+#ifndef	ocspd_MSG_COUNT
+#define	ocspd_MSG_COUNT	10
+#endif	/* ocspd_MSG_COUNT */
+
+#include <mach/std_types.h>
+#include <mach/mig.h>
+#include <mach/mig.h>
+#include <mach/mach_types.h>
+#include <security_ocspd/ocspdTypes.h>
+#include <stdint.h>
+
+#ifdef __BeforeMigUserHeader
+__BeforeMigUserHeader
+#endif /* __BeforeMigUserHeader */
+
+#include <sys/cdefs.h>
+__BEGIN_DECLS
+
+
+/* Routine ocspdFetch */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_ocspdFetch
+(
+	mach_port_t serverport,
+	Data ocsp_req,
+	mach_msg_type_number_t ocsp_reqCnt,
+	Data *ocsp_rep,
+	mach_msg_type_number_t *ocsp_repCnt
+);
+
+/* Routine ocspdCacheFlush */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_ocspdCacheFlush
+(
+	mach_port_t serverport,
+	Data certID,
+	mach_msg_type_number_t certIDCnt
+);
+
+/* Routine ocspdCacheFlushStale */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_ocspdCacheFlushStale
+(
+	mach_port_t serverport
+);
+
+/* Routine certFetch */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_certFetch
+(
+	mach_port_t serverport,
+	Data cert_url,
+	mach_msg_type_number_t cert_urlCnt,
+	Data *cert_data,
+	mach_msg_type_number_t *cert_dataCnt
+);
+
+/* Routine crlFetch */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_crlFetch
+(
+	mach_port_t serverport,
+	Data crl_url,
+	mach_msg_type_number_t crl_urlCnt,
+	Data crl_issuer,
+	mach_msg_type_number_t crl_issuerCnt,
+	boolean_t cache_read,
+	boolean_t cache_write,
+	Data verify_time,
+	mach_msg_type_number_t verify_timeCnt,
+	Data *crl_data,
+	mach_msg_type_number_t *crl_dataCnt
+);
+
+/* Routine crlRefresh */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_crlRefresh
+(
+	mach_port_t serverport,
+	uint32_t stale_days,
+	uint32_t expire_overlap_seconds,
+	boolean_t purge_all,
+	boolean_t full_crypto_verify
+);
+
+/* Routine crlFlush */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_crlFlush
+(
+	mach_port_t serverport,
+	Data cert_url,
+	mach_msg_type_number_t cert_urlCnt
+);
+
+/* Routine trustSettingsRead */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_trustSettingsRead
+(
+	mach_port_t serverport,
+	uint32_t domain,
+	Data *trustSettings,
+	mach_msg_type_number_t *trustSettingsCnt,
+	OSStatus *rcode
+);
+
+/* Routine trustSettingsWrite */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_trustSettingsWrite
+(
+	mach_port_t serverport,
+	mach_port_t clientport,
+	uint32_t domain,
+	Data authBlob,
+	mach_msg_type_number_t authBlobCnt,
+	Data trustSettings,
+	mach_msg_type_number_t trustSettingsCnt,
+	OSStatus *rcode
+);
+
+/* Routine crlStatus */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ocsp_client_crlStatus
+(
+	mach_port_t serverport,
+	Data serial_number,
+	mach_msg_type_number_t serial_numberCnt,
+	Data cert_issuers,
+	mach_msg_type_number_t cert_issuersCnt,
+	Data crl_issuer,
+	mach_msg_type_number_t crl_issuerCnt,
+	Data crl_url,
+	mach_msg_type_number_t crl_urlCnt
+);
+
+__END_DECLS
+
+/********************** Caution **************************/
+/* The following data types should be used to calculate  */
+/* maximum message sizes only. The actual message may be */
+/* smaller, and the position of the arguments within the */
+/* message layout may vary from what is presented here.  */
+/* For example, if any of the arguments are variable-    */
+/* sized, and less than the maximum is sent, the data    */
+/* will be packed tight in the actual message to reduce  */
+/* the presence of holes.                                */
+/********************** Caution **************************/
+
+/* typedefs for all requests */
+
+#ifndef __Request__ocspd_subsystem__defined
+#define __Request__ocspd_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t ocsp_req;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t ocsp_reqCnt;
+	} __Request__ocspdFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t certID;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t certIDCnt;
+	} __Request__ocspdCacheFlush_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+	} __Request__ocspdCacheFlushStale_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t cert_url;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t cert_urlCnt;
+	} __Request__certFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t crl_url;
+		mach_msg_ool_descriptor_t crl_issuer;
+		mach_msg_ool_descriptor_t verify_time;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t crl_urlCnt;
+		mach_msg_type_number_t crl_issuerCnt;
+		boolean_t cache_read;
+		boolean_t cache_write;
+		mach_msg_type_number_t verify_timeCnt;
+	} __Request__crlFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		uint32_t stale_days;
+		uint32_t expire_overlap_seconds;
+		boolean_t purge_all;
+		boolean_t full_crypto_verify;
+	} __Request__crlRefresh_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t cert_url;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t cert_urlCnt;
+	} __Request__crlFlush_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		uint32_t domain;
+	} __Request__trustSettingsRead_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_port_descriptor_t clientport;
+		mach_msg_ool_descriptor_t authBlob;
+		mach_msg_ool_descriptor_t trustSettings;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		uint32_t domain;
+		mach_msg_type_number_t authBlobCnt;
+		mach_msg_type_number_t trustSettingsCnt;
+	} __Request__trustSettingsWrite_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t serial_number;
+		mach_msg_ool_descriptor_t cert_issuers;
+		mach_msg_ool_descriptor_t crl_issuer;
+		mach_msg_ool_descriptor_t crl_url;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t serial_numberCnt;
+		mach_msg_type_number_t cert_issuersCnt;
+		mach_msg_type_number_t crl_issuerCnt;
+		mach_msg_type_number_t crl_urlCnt;
+	} __Request__crlStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Request__ocspd_subsystem__defined */
+
+/* union of all requests */
+
+#ifndef __RequestUnion__ocsp_client_ocspd_subsystem__defined
+#define __RequestUnion__ocsp_client_ocspd_subsystem__defined
+union __RequestUnion__ocsp_client_ocspd_subsystem {
+	__Request__ocspdFetch_t Request_ocsp_client_ocspdFetch;
+	__Request__ocspdCacheFlush_t Request_ocsp_client_ocspdCacheFlush;
+	__Request__ocspdCacheFlushStale_t Request_ocsp_client_ocspdCacheFlushStale;
+	__Request__certFetch_t Request_ocsp_client_certFetch;
+	__Request__crlFetch_t Request_ocsp_client_crlFetch;
+	__Request__crlRefresh_t Request_ocsp_client_crlRefresh;
+	__Request__crlFlush_t Request_ocsp_client_crlFlush;
+	__Request__trustSettingsRead_t Request_ocsp_client_trustSettingsRead;
+	__Request__trustSettingsWrite_t Request_ocsp_client_trustSettingsWrite;
+	__Request__crlStatus_t Request_ocsp_client_crlStatus;
+};
+#endif /* !__RequestUnion__ocsp_client_ocspd_subsystem__defined */
+/* typedefs for all replies */
+
+#ifndef __Reply__ocspd_subsystem__defined
+#define __Reply__ocspd_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t ocsp_rep;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t ocsp_repCnt;
+	} __Reply__ocspdFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__ocspdCacheFlush_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__ocspdCacheFlushStale_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t cert_data;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t cert_dataCnt;
+	} __Reply__certFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t crl_data;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t crl_dataCnt;
+	} __Reply__crlFetch_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__crlRefresh_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__crlFlush_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t trustSettings;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		mach_msg_type_number_t trustSettingsCnt;
+		OSStatus rcode;
+	} __Reply__trustSettingsRead_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		OSStatus rcode;
+	} __Reply__trustSettingsWrite_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__crlStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Reply__ocspd_subsystem__defined */
+
+/* union of all replies */
+
+#ifndef __ReplyUnion__ocsp_client_ocspd_subsystem__defined
+#define __ReplyUnion__ocsp_client_ocspd_subsystem__defined
+union __ReplyUnion__ocsp_client_ocspd_subsystem {
+	__Reply__ocspdFetch_t Reply_ocsp_client_ocspdFetch;
+	__Reply__ocspdCacheFlush_t Reply_ocsp_client_ocspdCacheFlush;
+	__Reply__ocspdCacheFlushStale_t Reply_ocsp_client_ocspdCacheFlushStale;
+	__Reply__certFetch_t Reply_ocsp_client_certFetch;
+	__Reply__crlFetch_t Reply_ocsp_client_crlFetch;
+	__Reply__crlRefresh_t Reply_ocsp_client_crlRefresh;
+	__Reply__crlFlush_t Reply_ocsp_client_crlFlush;
+	__Reply__trustSettingsRead_t Reply_ocsp_client_trustSettingsRead;
+	__Reply__trustSettingsWrite_t Reply_ocsp_client_trustSettingsWrite;
+	__Reply__crlStatus_t Reply_ocsp_client_crlStatus;
+};
+#endif /* !__RequestUnion__ocsp_client_ocspd_subsystem__defined */
+
+#ifndef subsystem_to_name_map_ocspd
+#define subsystem_to_name_map_ocspd \
+    { "ocspdFetch", 33003 },\
+    { "ocspdCacheFlush", 33004 },\
+    { "ocspdCacheFlushStale", 33005 },\
+    { "certFetch", 33006 },\
+    { "crlFetch", 33007 },\
+    { "crlRefresh", 33008 },\
+    { "crlFlush", 33009 },\
+    { "trustSettingsRead", 33010 },\
+    { "trustSettingsWrite", 33011 },\
+    { "crlStatus", 33012 }
+#endif
+
+#ifdef __AfterMigUserHeader
+__AfterMigUserHeader
+#endif /* __AfterMigUserHeader */
+
+#endif	 /* _ocspd_user_ */

OSX/libsecurity_pkcs12/CMakeLists.txt

@@ -0,0 +1,14 @@
+add_library(libsecurity_pkcs12 OBJECT
+	lib/pkcs12Crypto.cpp
+	lib/pkcs12Utils.cpp
+	lib/pkcs12Decode.cpp
+	lib/pkcs12BagAttrs.cpp
+	lib/pkcs12Coder.cpp
+	lib/pkcs12Encode.cpp
+	lib/SecPkcs12.cpp
+	lib/pkcs12SafeBag.cpp
+	lib/pkcs12Keychain.cpp
+	lib/pkcs7Templates.cpp
+	lib/pkcs12Templates.cpp
+)
+make_fat(libsecurity_pkcs12)

OSX/libsecurity_sd_cspdl/CMakeLists.txt

@@ -0,0 +1,16 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_sd_cspdl OBJECT
+	lib/SDCSPSession.cpp
+	lib/SDCSPDLDatabase.cpp
+	lib/SDDLSession.cpp
+	lib/SDContext.cpp
+	lib/SDCSPDLSession.cpp
+	lib/SDFactory.cpp
+	lib/SDKey.cpp
+	lib/SDCSPDLPlugin.cpp
+	lib/SDCSPDLBuiltin.cpp
+)
+make_fat(libsecurity_sd_cspdl)

OSX/libsecurity_smime/CMakeLists.txt

@@ -0,0 +1,36 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_smime OBJECT
+	lib/cert.c
+	lib/cmsarray.c
+	lib/cmsasn1.c
+	lib/cmsattr.c
+	lib/cmscinfo.c
+	lib/cmscipher.c
+	lib/SecCMS.c
+	lib/cmsdecode.c
+	lib/cmsdigdata.c
+	lib/cmsdigest.c
+	lib/cmsencdata.c
+	lib/cmsencode.c
+	lib/cmsenvdata.c
+	lib/cmsmessage.c
+	lib/cmspubkey.c
+	lib/cmsrecinfo.c
+	lib/cmsreclist.c
+	lib/cmssigdata.c
+	lib/cmssiginfo.c
+	lib/cmsutil.c
+	lib/cryptohi.c
+	lib/plhash.c
+	lib/secalgid.c
+	lib/secitem.c
+	lib/secoid.c
+	lib/smimeutil.c
+	lib/siginfoUtils.cpp
+	lib/tsaTemplates.c
+	lib/tsaSupport.c
+)
+make_fat(libsecurity_smime)

OSX/libsecurity_smime/lib/cert.c

@@ -674,7 +674,7 @@ SECStatus CERT_ImportCerts(SecKeychainRef keychain, SECCertUsage usage, unsigned
 	    rv = SecCertificateAddToKeychain(cert, keychain);
 	    if (rv)
 	    {
-		if (rv == errKCDuplicateItem)
+		if (rv == -25299)
 		    rv = noErr;
 		else
 		{

OSX/libsecurity_ssl/CMakeLists.txt

@@ -0,0 +1,16 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_ssl OBJECT
+	lib/sslRecord.c
+	lib/sslContext.c
+	lib/tlsCallbacks.c
+	lib/SSLRecordInternal.c
+	lib/sslKeychain.c
+	lib/sslMemory.c
+	lib/sslTransport.c
+	lib/sslCipherSpecs.c
+	lib/sslCrypto.c
+)
+make_fat(libsecurity_ssl)

OSX/libsecurity_transform/CMakeLists.txt

@@ -0,0 +1,36 @@
+add_definitions(
+	-DCOM_APPLE_SECURITY_SANE_INCLUDES
+)
+
+add_library(libsecurity_transform OBJECT
+	lib/c++utils.cpp
+	lib/Source.cpp
+	lib/EncryptTransform.cpp
+	lib/SecSignVerifyTransform.c
+	lib/GroupTransform.cpp
+	lib/SecCustomTransform.cpp
+	lib/SecExternalSourceTransform.cpp
+	lib/StreamSource.cpp
+	lib/SecGroupTransform.cpp
+	lib/misc.c
+	lib/SecEncryptTransform.cpp
+	lib/Digest.cpp
+	lib/SecMaskGenerationFunctionTransform.c
+	lib/LinkedList.cpp
+	lib/CoreFoundationBasics.cpp
+	lib/SingleShotSource.cpp
+	lib/CEncryptDecrypt.c
+	lib/SecNullTransform.cpp
+	lib/NullTransform.cpp
+	lib/EncodeDecodeTransforms.c
+	lib/SecTransform.cpp
+	lib/Transform.cpp
+	lib/TransformFactory.cpp
+	lib/EncryptTransformUtilities.cpp
+	lib/SecTransformReadTransform.cpp
+	lib/Monitor.cpp
+	lib/SecDigestTransform.cpp
+	lib/SecCollectTransform.cpp
+	lib/Utilities.cpp
+)
+make_fat(libsecurity_transform)

OSX/libsecurity_translocate/CMakeLists.txt

@@ -0,0 +1,12 @@
+add_library(libsecurity_translocate OBJECT
+	lib/SecTranslocate.cpp
+	lib/SecTranslocateShared.cpp
+	lib/SecTranslocateLSNotification.cpp
+	lib/SecTranslocateUtilities.cpp
+	lib/SecTranslocateDANotification.cpp
+	lib/SecTranslocateServer.cpp
+	lib/SecTranslocateInterface.cpp
+	lib/SecTranslocateClient.cpp
+	lib/SecTranslocateXPCServer.cpp
+)
+make_fat(libsecurity_translocate)

OSX/libsecurity_utilities/CMakeLists.txt

@@ -0,0 +1,68 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurity_utilities OBJECT
+	lib/cfmach++.cpp
+	lib/hashing.cpp
+	lib/devrandom.cpp
+	lib/headermap.cpp
+	lib/pcsc++.cpp
+	lib/ccaudit.cpp
+	lib/cfmunge.cpp
+	lib/url.cpp
+	lib/seccfobject.cpp
+	lib/superblob.cpp
+	lib/dyldcache.cpp
+	lib/buffers.cpp
+	lib/simpleprefs.cpp
+	lib/logging.cpp
+	lib/threading.cpp
+	lib/tqueue.cpp
+	lib/timeflow.cpp
+	lib/trackingallocator.cpp
+	lib/utilities.cpp
+	lib/machserver.cpp
+	lib/cfutilities.cpp
+	lib/mach_notify.c
+	lib/crc.c
+	lib/hosts.cpp
+	lib/sqlite++.cpp
+	lib/dispatch.cpp
+	lib/selector.cpp
+	lib/inetreply.cpp
+	lib/fdsel.cpp
+	lib/fdmover.cpp
+	lib/socks++4.cpp
+	lib/FileLockTransaction.cpp
+	lib/socks++5.cpp
+	lib/blob.cpp
+	lib/typedvalue.cpp
+	lib/ip++.cpp
+	lib/errors.cpp
+	lib/endian.cpp
+	lib/transactions.cpp
+	lib/unix++.cpp
+	lib/coderepository.cpp
+	lib/iodevices.cpp
+	lib/alloc.cpp
+	lib/vproc++.cpp
+	lib/muscle++.cpp
+	lib/adornments.cpp
+	lib/debugging_internal.cpp
+	lib/streams.cpp
+	lib/cfclass.cpp
+	lib/mach++.cpp
+	lib/unixchild.cpp
+	lib/CSPDLTransaction.cpp
+	lib/macho++.cpp
+	lib/bufferfifo.cpp
+	lib/socks++.cpp
+	lib/osxcode.cpp
+	lib/globalizer.cpp
+	lib/powerwatch.cpp
+	lib/daemon.cpp
+	lib/machrunloopserver.cpp
+	lib/kq++.cpp
+)
+make_fat(libsecurity_utilities)

OSX/libsecurityd/CMakeLists.txt

@@ -0,0 +1,27 @@
+include_directories(
+	${CMAKE_CURRENT_SOURCE_DIR}/mig
+	${CMAKE_CURRENT_SOURCE_DIR}/lib
+)
+
+add_library(libsecurityd_client OBJECT
+	lib/dictionary.cpp
+	lib/sec_xdr.c
+	lib/sec_xdr_array.c
+	lib/sec_xdr_reference.c
+	lib/sec_xdrmem.c
+	lib/sec_xdr_sizeof.c
+	lib/xdr_auth.c
+	lib/xdr_cssm.c
+	lib/xdr_dldb.cpp
+	lib/SharedMemoryClient.cpp
+	lib/eventlistener.cpp
+	lib/ssblob.cpp
+	lib/ssclient.cpp
+	lib/sstransit.cpp
+	lib/transition.cpp
+	mig/ucspClient.cpp
+	mig/ucspNotifySender.cpp
+	mig/cshostingClient.cpp
+	mig/cshostingServer.cpp
+)
+make_fat(libsecurityd_client)

OSX/libsecurityd/mig/cshosting.h

@@ -0,0 +1,300 @@
+#ifndef	_cshosting_user_
+#define	_cshosting_user_
+
+/* Module cshosting */
+
+#include <string.h>
+#include <mach/ndr.h>
+#include <mach/boolean.h>
+#include <mach/kern_return.h>
+#include <mach/notify.h>
+#include <mach/mach_types.h>
+#include <mach/message.h>
+#include <mach/mig_errors.h>
+#include <mach/port.h>
+	
+/* BEGIN VOUCHER CODE */
+
+#ifndef KERNEL
+#if defined(__has_include)
+#if __has_include(<mach/mig_voucher_support.h>)
+#ifndef USING_VOUCHERS
+#define USING_VOUCHERS
+#endif
+#ifndef __VOUCHER_FORWARD_TYPE_DECLS__
+#define __VOUCHER_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern boolean_t voucher_mach_msg_set(mach_msg_header_t *msg) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif // __VOUCHER_FORWARD_TYPE_DECLS__
+#endif // __has_include(<mach/mach_voucher_types.h>)
+#endif // __has_include
+#endif // !KERNEL
+	
+/* END VOUCHER CODE */
+
+	
+/* BEGIN MIG_STRNCPY_ZEROFILL CODE */
+
+#if defined(__has_include)
+#if __has_include(<mach/mig_strncpy_zerofill_support.h>)
+#ifndef USING_MIG_STRNCPY_ZEROFILL
+#define USING_MIG_STRNCPY_ZEROFILL
+#endif
+#ifndef __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#define __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern int mig_strncpy_zerofill(char *dest, const char *src, int len) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif /* __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__ */
+#endif /* __has_include(<mach/mig_strncpy_zerofill_support.h>) */
+#endif /* __has_include */
+	
+/* END MIG_STRNCPY_ZEROFILL CODE */
+
+
+#ifdef AUTOTEST
+#ifndef FUNCTION_PTR_T
+#define FUNCTION_PTR_T
+typedef void (*function_ptr_t)(mach_port_t, char *, mach_msg_type_number_t);
+typedef struct {
+        char            *name;
+        function_ptr_t  function;
+} function_table_entry;
+typedef function_table_entry   *function_table_t;
+#endif /* FUNCTION_PTR_T */
+#endif /* AUTOTEST */
+
+#ifndef	cshosting_MSG_COUNT
+#define	cshosting_MSG_COUNT	4
+#endif	/* cshosting_MSG_COUNT */
+
+#include <mach/std_types.h>
+#include <mach/mig.h>
+#include <mach/mig.h>
+#include <mach/mach_types.h>
+#include <securityd_client/ss_types.h>
+#include <securityd_client/ucsp_types.h>
+
+#ifdef __BeforeMigUserHeader
+__BeforeMigUserHeader
+#endif /* __BeforeMigUserHeader */
+
+#include <sys/cdefs.h>
+__BEGIN_DECLS
+
+
+/* Routine findGuest */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_client_findGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef host,
+	XMLBlob attributes,
+	mach_msg_type_number_t attributesCnt,
+	GuestChain *guest,
+	mach_msg_type_number_t *guestCnt,
+	mach_port_t *subhost
+);
+
+/* Routine guestStatus */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_client_guestStatus
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	uint32 *status
+);
+
+/* Routine identifyGuest */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_client_identifyGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	FilePathOut path,
+	HashDataOut cdhash,
+	uint32 *hashLength,
+	XMLBlobOut *attributes,
+	mach_msg_type_number_t *attributesCnt
+);
+
+__END_DECLS
+
+/********************** Caution **************************/
+/* The following data types should be used to calculate  */
+/* maximum message sizes only. The actual message may be */
+/* smaller, and the position of the arguments within the */
+/* message layout may vary from what is presented here.  */
+/* For example, if any of the arguments are variable-    */
+/* sized, and less than the maximum is sent, the data    */
+/* will be packed tight in the actual message to reduce  */
+/* the presence of holes.                                */
+/********************** Caution **************************/
+
+/* typedefs for all requests */
+
+#ifndef __Request__cshosting_subsystem__defined
+#define __Request__cshosting_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		SecGuestRef host;
+		mach_msg_type_number_t attributesCnt;
+	} __Request__findGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} __Request__guestStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} __Request__identifyGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Request__cshosting_subsystem__defined */
+
+/* union of all requests */
+
+#ifndef __RequestUnion__cshosting_client_cshosting_subsystem__defined
+#define __RequestUnion__cshosting_client_cshosting_subsystem__defined
+union __RequestUnion__cshosting_client_cshosting_subsystem {
+	__Request__findGuest_t Request_cshosting_client_findGuest;
+	__Request__guestStatus_t Request_cshosting_client_guestStatus;
+	__Request__identifyGuest_t Request_cshosting_client_identifyGuest;
+};
+#endif /* !__RequestUnion__cshosting_client_cshosting_subsystem__defined */
+/* typedefs for all replies */
+
+#ifndef __Reply__cshosting_subsystem__defined
+#define __Reply__cshosting_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t guest;
+		mach_msg_port_descriptor_t subhost;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t guestCnt;
+	} __Reply__findGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		OSStatus rcode;
+		uint32 status;
+	} __Reply__guestStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t pathOffset; /* MiG doesn't use it */
+		mach_msg_type_number_t pathCnt;
+		char path[1024];
+		HashDataOut cdhash;
+		uint32 hashLength;
+		mach_msg_type_number_t attributesCnt;
+	} __Reply__identifyGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Reply__cshosting_subsystem__defined */
+
+/* union of all replies */
+
+#ifndef __ReplyUnion__cshosting_client_cshosting_subsystem__defined
+#define __ReplyUnion__cshosting_client_cshosting_subsystem__defined
+union __ReplyUnion__cshosting_client_cshosting_subsystem {
+	__Reply__findGuest_t Reply_cshosting_client_findGuest;
+	__Reply__guestStatus_t Reply_cshosting_client_guestStatus;
+	__Reply__identifyGuest_t Reply_cshosting_client_identifyGuest;
+};
+#endif /* !__RequestUnion__cshosting_client_cshosting_subsystem__defined */
+
+#ifndef subsystem_to_name_map_cshosting
+#define subsystem_to_name_map_cshosting \
+    { "findGuest", 20000 },\
+    { "guestStatus", 20001 },\
+    { "identifyGuest", 20003 }
+#endif
+
+#ifdef __AfterMigUserHeader
+__AfterMigUserHeader
+#endif /* __AfterMigUserHeader */
+
+#endif	 /* _cshosting_user_ */

OSX/libsecurityd/mig/cshostingClient.cpp

@@ -0,0 +1,691 @@
+/*
+ * IDENTIFICATION:
+ * stub generated Mon Jul  3 19:46:46 2017
+ * with a MiG generated by bootstrap_cmds-96.20.2
+ * OPTIONS: 
+ */
+#define	__MIG_check__Reply__cshosting_subsystem__ 1
+
+#include "cshosting.h"
+
+
+#ifndef	mig_internal
+#define	mig_internal	static __inline__
+#endif	/* mig_internal */
+
+#ifndef	mig_external
+#define mig_external
+#endif	/* mig_external */
+
+#if	!defined(__MigTypeCheck) && defined(TypeCheck)
+#define	__MigTypeCheck		TypeCheck	/* Legacy setting */
+#endif	/* !defined(__MigTypeCheck) */
+
+#if	!defined(__MigKernelSpecificCode) && defined(_MIG_KERNEL_SPECIFIC_CODE_)
+#define	__MigKernelSpecificCode	_MIG_KERNEL_SPECIFIC_CODE_	/* Legacy setting */
+#endif	/* !defined(__MigKernelSpecificCode) */
+
+#ifndef	LimitCheck
+#define	LimitCheck 0
+#endif	/* LimitCheck */
+
+#ifndef	min
+#define	min(a,b)  ( ((a) < (b))? (a): (b) )
+#endif	/* min */
+
+#if !defined(_WALIGN_)
+#define _WALIGN_(x) (((x) + 3) & ~3)
+#endif /* !defined(_WALIGN_) */
+
+#if !defined(_WALIGNSZ_)
+#define _WALIGNSZ_(x) _WALIGN_(sizeof(x))
+#endif /* !defined(_WALIGNSZ_) */
+
+#ifndef	UseStaticTemplates
+#define	UseStaticTemplates	0
+#endif	/* UseStaticTemplates */
+
+#ifndef	__MachMsgErrorWithTimeout
+#define	__MachMsgErrorWithTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	case MACH_SEND_TIMED_OUT: \
+	case MACH_RCV_TIMED_OUT: \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithTimeout */
+
+#ifndef	__MachMsgErrorWithoutTimeout
+#define	__MachMsgErrorWithoutTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithoutTimeout */
+
+#ifndef	__DeclareSendRpc
+#define	__DeclareSendRpc(_NUM_, _NAME_)
+#endif	/* __DeclareSendRpc */
+
+#ifndef	__BeforeSendRpc
+#define	__BeforeSendRpc(_NUM_, _NAME_)
+#endif	/* __BeforeSendRpc */
+
+#ifndef	__AfterSendRpc
+#define	__AfterSendRpc(_NUM_, _NAME_)
+#endif	/* __AfterSendRpc */
+
+#ifndef	__DeclareSendSimple
+#define	__DeclareSendSimple(_NUM_, _NAME_)
+#endif	/* __DeclareSendSimple */
+
+#ifndef	__BeforeSendSimple
+#define	__BeforeSendSimple(_NUM_, _NAME_)
+#endif	/* __BeforeSendSimple */
+
+#ifndef	__AfterSendSimple
+#define	__AfterSendSimple(_NUM_, _NAME_)
+#endif	/* __AfterSendSimple */
+
+#define msgh_request_port	msgh_remote_port
+#define msgh_reply_port		msgh_local_port
+
+
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Reply__cshosting_subsystem__
+#if !defined(__MIG_check__Reply__findGuest_t__defined)
+#define __MIG_check__Reply__findGuest_t__defined
+
+mig_internal kern_return_t __MIG_check__Reply__findGuest_t(__Reply__findGuest_t *Out0P)
+{
+
+	typedef __Reply__findGuest_t __Reply __attribute__((unused));
+	boolean_t msgh_simple;
+#if	__MigTypeCheck
+	unsigned int msgh_size;
+#endif	/* __MigTypeCheck */
+	if (Out0P->Head.msgh_id != 20100) {
+	    if (Out0P->Head.msgh_id == MACH_NOTIFY_SEND_ONCE)
+		{ return MIG_SERVER_DIED; }
+	    else
+		{ return MIG_REPLY_MISMATCH; }
+	}
+
+	msgh_simple = !(Out0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX);
+#if	__MigTypeCheck
+	msgh_size = Out0P->Head.msgh_size;
+
+	if ((msgh_simple || Out0P->msgh_body.msgh_descriptor_count != 2 ||
+	    msgh_size != (mach_msg_size_t)sizeof(__Reply)) &&
+	    (!msgh_simple || msgh_size != (mach_msg_size_t)sizeof(mig_reply_error_t) ||
+	    ((mig_reply_error_t *)Out0P)->RetCode == KERN_SUCCESS))
+		{ return MIG_TYPE_ERROR ; }
+#endif	/* __MigTypeCheck */
+
+	if (msgh_simple) {
+		return ((mig_reply_error_t *)Out0P)->RetCode;
+	}
+
+#if	__MigTypeCheck
+	if (Out0P->guest.type != MACH_MSG_OOL_DESCRIPTOR) {
+		return MIG_TYPE_ERROR;
+	}
+#endif	/* __MigTypeCheck */
+
+#if	__MigTypeCheck
+	if (Out0P->subhost.type != MACH_MSG_PORT_DESCRIPTOR ||
+	    Out0P->subhost.disposition != 17) {
+		return MIG_TYPE_ERROR;
+	}
+#endif	/* __MigTypeCheck */
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Reply__findGuest_t__defined) */
+#endif /* __MIG_check__Reply__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine findGuest */
+mig_external kern_return_t cshosting_client_findGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef host,
+	XMLBlob attributes,
+	mach_msg_type_number_t attributesCnt,
+	GuestChain *guest,
+	mach_msg_type_number_t *guestCnt,
+	mach_port_t *subhost
+)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		SecGuestRef host;
+		mach_msg_type_number_t attributesCnt;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t guest;
+		mach_msg_port_descriptor_t subhost;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t guestCnt;
+		mach_msg_trailer_t trailer;
+	} Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t guest;
+		mach_msg_port_descriptor_t subhost;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t guestCnt;
+	} __Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__findGuest_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__findGuest_t__defined */
+
+	__DeclareSendRpc(20000, "findGuest")
+
+#if	UseStaticTemplates
+	const static mach_msg_ool_descriptor_t attributesTemplate = {
+		/* addr = */		(void *)0,
+		/* size = */		0,
+		/* deal = */		FALSE,
+		/* copy = */		MACH_MSG_VIRTUAL_COPY,
+		/* pad2 = */		0,
+		/* type = */		MACH_MSG_OOL_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+	InP->msgh_body.msgh_descriptor_count = 1;
+#if	UseStaticTemplates
+	InP->attributes = attributesTemplate;
+	InP->attributes.address = (void *)(attributes);
+	InP->attributes.size = attributesCnt;
+#else	/* UseStaticTemplates */
+	InP->attributes.address = (void *)(attributes);
+	InP->attributes.size = attributesCnt;
+	InP->attributes.deallocate =  FALSE;
+	InP->attributes.copy = MACH_MSG_VIRTUAL_COPY;
+	InP->attributes.type = MACH_MSG_OOL_DESCRIPTOR;
+#endif	/* UseStaticTemplates */
+
+	InP->NDR = NDR_record;
+
+	InP->host = host;
+
+	InP->attributesCnt = attributesCnt;
+
+	InP->Head.msgh_bits = MACH_MSGH_BITS_COMPLEX|
+		MACH_MSGH_BITS(19, 21);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = sport;
+	InP->Head.msgh_reply_port = rport;
+	InP->Head.msgh_id = 20000;
+	InP->Head.msgh_reserved = 0;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(20000, "findGuest")
+	msg_result = mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(20000, "findGuest")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__findGuest_t__defined)
+	check_result = __MIG_check__Reply__findGuest_t((__Reply__findGuest_t *)Out0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__findGuest_t__defined) */
+
+	*rcode = Out0P->rcode;
+
+	*guest = (GuestChain)(Out0P->guest.address);
+	*guestCnt = Out0P->guestCnt;
+
+	*subhost = Out0P->subhost.name;
+	return KERN_SUCCESS;
+}
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Reply__cshosting_subsystem__
+#if !defined(__MIG_check__Reply__guestStatus_t__defined)
+#define __MIG_check__Reply__guestStatus_t__defined
+
+mig_internal kern_return_t __MIG_check__Reply__guestStatus_t(__Reply__guestStatus_t *Out0P)
+{
+
+	typedef __Reply__guestStatus_t __Reply __attribute__((unused));
+#if	__MigTypeCheck
+	unsigned int msgh_size;
+#endif	/* __MigTypeCheck */
+	if (Out0P->Head.msgh_id != 20101) {
+	    if (Out0P->Head.msgh_id == MACH_NOTIFY_SEND_ONCE)
+		{ return MIG_SERVER_DIED; }
+	    else
+		{ return MIG_REPLY_MISMATCH; }
+	}
+
+#if	__MigTypeCheck
+	msgh_size = Out0P->Head.msgh_size;
+
+	if ((Out0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX) ||
+	    ((msgh_size != (mach_msg_size_t)sizeof(__Reply)) &&
+	     (msgh_size != (mach_msg_size_t)sizeof(mig_reply_error_t) ||
+	      Out0P->RetCode == KERN_SUCCESS)))
+		{ return MIG_TYPE_ERROR ; }
+#endif	/* __MigTypeCheck */
+
+	if (Out0P->RetCode != KERN_SUCCESS) {
+		return ((mig_reply_error_t *)Out0P)->RetCode;
+	}
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Reply__guestStatus_t__defined) */
+#endif /* __MIG_check__Reply__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine guestStatus */
+mig_external kern_return_t cshosting_client_guestStatus
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	uint32 *status
+)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		OSStatus rcode;
+		uint32 status;
+		mach_msg_trailer_t trailer;
+	} Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		OSStatus rcode;
+		uint32 status;
+	} __Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__guestStatus_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__guestStatus_t__defined */
+
+	__DeclareSendRpc(20001, "guestStatus")
+
+	InP->NDR = NDR_record;
+
+	InP->guest = guest;
+
+	InP->Head.msgh_bits =
+		MACH_MSGH_BITS(19, 21);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = sport;
+	InP->Head.msgh_reply_port = rport;
+	InP->Head.msgh_id = 20001;
+	InP->Head.msgh_reserved = 0;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(20001, "guestStatus")
+	msg_result = mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(20001, "guestStatus")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__guestStatus_t__defined)
+	check_result = __MIG_check__Reply__guestStatus_t((__Reply__guestStatus_t *)Out0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__guestStatus_t__defined) */
+
+	*rcode = Out0P->rcode;
+
+	*status = Out0P->status;
+
+	return KERN_SUCCESS;
+}
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Reply__cshosting_subsystem__
+#if !defined(__MIG_check__Reply__identifyGuest_t__defined)
+#define __MIG_check__Reply__identifyGuest_t__defined
+
+mig_internal kern_return_t __MIG_check__Reply__identifyGuest_t(__Reply__identifyGuest_t *Out0P, __Reply__identifyGuest_t **Out1PP)
+{
+
+	typedef __Reply__identifyGuest_t __Reply __attribute__((unused));
+	__Reply *Out1P;
+	boolean_t msgh_simple;
+#if	__MigTypeCheck
+	unsigned int msgh_size;
+#endif	/* __MigTypeCheck */
+	unsigned int msgh_size_delta;
+
+	if (Out0P->Head.msgh_id != 20103) {
+	    if (Out0P->Head.msgh_id == MACH_NOTIFY_SEND_ONCE)
+		{ return MIG_SERVER_DIED; }
+	    else
+		{ return MIG_REPLY_MISMATCH; }
+	}
+
+	msgh_simple = !(Out0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX);
+#if	__MigTypeCheck
+	msgh_size = Out0P->Head.msgh_size;
+
+	if ((msgh_simple || Out0P->msgh_body.msgh_descriptor_count != 1 ||
+	    msgh_size < (mach_msg_size_t)(sizeof(__Reply) - 1024) || msgh_size > (mach_msg_size_t)sizeof(__Reply)) &&
+	    (!msgh_simple || msgh_size != (mach_msg_size_t)sizeof(mig_reply_error_t) ||
+	    ((mig_reply_error_t *)Out0P)->RetCode == KERN_SUCCESS))
+		{ return MIG_TYPE_ERROR ; }
+#endif	/* __MigTypeCheck */
+
+	if (msgh_simple) {
+		return ((mig_reply_error_t *)Out0P)->RetCode;
+	}
+
+#if	__MigTypeCheck
+	if (Out0P->attributes.type != MACH_MSG_OOL_DESCRIPTOR) {
+		return MIG_TYPE_ERROR;
+	}
+#endif	/* __MigTypeCheck */
+
+	msgh_size_delta = _WALIGN_(Out0P->pathCnt);
+#if	__MigTypeCheck
+	if ( Out0P->pathCnt > 1024 )
+		return MIG_TYPE_ERROR;
+	if (((msgh_size - (mach_msg_size_t)(sizeof(__Reply) - 1024))< Out0P->pathCnt) ||
+	    (msgh_size != (mach_msg_size_t)(sizeof(__Reply) - 1024) + _WALIGN_(Out0P->pathCnt)))
+		{ return MIG_TYPE_ERROR ; }
+#endif	/* __MigTypeCheck */
+
+	*Out1PP = Out1P = (__Reply *) ((pointer_t) Out0P + msgh_size_delta - 1024);
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Reply__identifyGuest_t__defined) */
+#endif /* __MIG_check__Reply__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine identifyGuest */
+mig_external kern_return_t cshosting_client_identifyGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	FilePathOut path,
+	HashDataOut cdhash,
+	uint32 *hashLength,
+	XMLBlobOut *attributes,
+	mach_msg_type_number_t *attributesCnt
+)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t pathOffset; /* MiG doesn't use it */
+		mach_msg_type_number_t pathCnt;
+		char path[1024];
+		HashDataOut cdhash;
+		uint32 hashLength;
+		mach_msg_type_number_t attributesCnt;
+		mach_msg_trailer_t trailer;
+	} Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t pathOffset; /* MiG doesn't use it */
+		mach_msg_type_number_t pathCnt;
+		char path[1024];
+		HashDataOut cdhash;
+		uint32 hashLength;
+		mach_msg_type_number_t attributesCnt;
+	} __Reply __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+		Reply Out;
+	} Mess;
+
+	Request *InP = &Mess.In;
+	Reply *Out0P = &Mess.Out;
+	Reply *Out1P = NULL;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__identifyGuest_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__identifyGuest_t__defined */
+
+	__DeclareSendRpc(20003, "identifyGuest")
+
+	InP->NDR = NDR_record;
+
+	InP->guest = guest;
+
+	InP->Head.msgh_bits =
+		MACH_MSGH_BITS(19, 21);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = sport;
+	InP->Head.msgh_reply_port = rport;
+	InP->Head.msgh_id = 20003;
+	InP->Head.msgh_reserved = 0;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendRpc(20003, "identifyGuest")
+	msg_result = mach_msg(&InP->Head, MACH_SEND_MSG|MACH_RCV_MSG|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), (mach_msg_size_t)sizeof(Reply), InP->Head.msgh_reply_port, MACH_MSG_TIMEOUT_NONE, MACH_PORT_NULL);
+	__AfterSendRpc(20003, "identifyGuest")
+	if (msg_result != MACH_MSG_SUCCESS) {
+		{ return msg_result; }
+	}
+
+
+#if	defined(__MIG_check__Reply__identifyGuest_t__defined)
+	check_result = __MIG_check__Reply__identifyGuest_t((__Reply__identifyGuest_t *)Out0P, (__Reply__identifyGuest_t **)&Out1P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ return check_result; }
+#endif	/* defined(__MIG_check__Reply__identifyGuest_t__defined) */
+
+	*rcode = Out0P->rcode;
+
+	(void) mig_strncpy(path, Out0P->path, 1024);
+
+	{   typedef struct { char data[64]; } *sp;
+	    * (sp) cdhash = * (sp) Out1P->cdhash;
+	}
+
+	*hashLength = Out1P->hashLength;
+
+	*attributes = (XMLBlobOut)(Out0P->attributes.address);
+	*attributesCnt = Out1P->attributesCnt;
+
+	return KERN_SUCCESS;
+}

OSX/libsecurityd/mig/cshostingServer.cpp

@@ -0,0 +1,782 @@
+/*
+ * IDENTIFICATION:
+ * stub generated Mon Jul  3 19:46:46 2017
+ * with a MiG generated by bootstrap_cmds-96.20.2
+ * OPTIONS: 
+ */
+
+/* Module cshosting */
+
+#define	__MIG_check__Request__cshosting_subsystem__ 1
+
+#include <string.h>
+#include <mach/ndr.h>
+#include <mach/boolean.h>
+#include <mach/kern_return.h>
+#include <mach/notify.h>
+#include <mach/mach_types.h>
+#include <mach/message.h>
+#include <mach/mig_errors.h>
+#include <mach/port.h>
+	
+/* BEGIN VOUCHER CODE */
+
+#ifndef KERNEL
+#if defined(__has_include)
+#if __has_include(<mach/mig_voucher_support.h>)
+#ifndef USING_VOUCHERS
+#define USING_VOUCHERS
+#endif
+#ifndef __VOUCHER_FORWARD_TYPE_DECLS__
+#define __VOUCHER_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern boolean_t voucher_mach_msg_set(mach_msg_header_t *msg) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif // __VOUCHER_FORWARD_TYPE_DECLS__
+#endif // __has_include(<mach/mach_voucher_types.h>)
+#endif // __has_include
+#endif // !KERNEL
+	
+/* END VOUCHER CODE */
+
+	
+/* BEGIN MIG_STRNCPY_ZEROFILL CODE */
+
+#if defined(__has_include)
+#if __has_include(<mach/mig_strncpy_zerofill_support.h>)
+#ifndef USING_MIG_STRNCPY_ZEROFILL
+#define USING_MIG_STRNCPY_ZEROFILL
+#endif
+#ifndef __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#define __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern int mig_strncpy_zerofill(char *dest, const char *src, int len) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif /* __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__ */
+#endif /* __has_include(<mach/mig_strncpy_zerofill_support.h>) */
+#endif /* __has_include */
+	
+/* END MIG_STRNCPY_ZEROFILL CODE */
+
+
+#include <mach/std_types.h>
+#include <mach/mig.h>
+#include <mach/mig.h>
+#include <mach/mach_types.h>
+#include <securityd_client/ss_types.h>
+#include <securityd_client/ucsp_types.h>
+
+#ifndef	mig_internal
+#define	mig_internal	static __inline__
+#endif	/* mig_internal */
+
+#ifndef	mig_external
+#define mig_external
+#endif	/* mig_external */
+
+#if	!defined(__MigTypeCheck) && defined(TypeCheck)
+#define	__MigTypeCheck		TypeCheck	/* Legacy setting */
+#endif	/* !defined(__MigTypeCheck) */
+
+#if	!defined(__MigKernelSpecificCode) && defined(_MIG_KERNEL_SPECIFIC_CODE_)
+#define	__MigKernelSpecificCode	_MIG_KERNEL_SPECIFIC_CODE_	/* Legacy setting */
+#endif	/* !defined(__MigKernelSpecificCode) */
+
+#ifndef	LimitCheck
+#define	LimitCheck 0
+#endif	/* LimitCheck */
+
+#ifndef	min
+#define	min(a,b)  ( ((a) < (b))? (a): (b) )
+#endif	/* min */
+
+#if !defined(_WALIGN_)
+#define _WALIGN_(x) (((x) + 3) & ~3)
+#endif /* !defined(_WALIGN_) */
+
+#if !defined(_WALIGNSZ_)
+#define _WALIGNSZ_(x) _WALIGN_(sizeof(x))
+#endif /* !defined(_WALIGNSZ_) */
+
+#ifndef	UseStaticTemplates
+#define	UseStaticTemplates	0
+#endif	/* UseStaticTemplates */
+
+#ifndef	__DeclareRcvRpc
+#define	__DeclareRcvRpc(_NUM_, _NAME_)
+#endif	/* __DeclareRcvRpc */
+
+#ifndef	__BeforeRcvRpc
+#define	__BeforeRcvRpc(_NUM_, _NAME_)
+#endif	/* __BeforeRcvRpc */
+
+#ifndef	__AfterRcvRpc
+#define	__AfterRcvRpc(_NUM_, _NAME_)
+#endif	/* __AfterRcvRpc */
+
+#ifndef	__DeclareRcvSimple
+#define	__DeclareRcvSimple(_NUM_, _NAME_)
+#endif	/* __DeclareRcvSimple */
+
+#ifndef	__BeforeRcvSimple
+#define	__BeforeRcvSimple(_NUM_, _NAME_)
+#endif	/* __BeforeRcvSimple */
+
+#ifndef	__AfterRcvSimple
+#define	__AfterRcvSimple(_NUM_, _NAME_)
+#endif	/* __AfterRcvSimple */
+
+#define novalue void
+
+#define msgh_request_port	msgh_local_port
+#define MACH_MSGH_BITS_REQUEST(bits)	MACH_MSGH_BITS_LOCAL(bits)
+#define msgh_reply_port		msgh_remote_port
+#define MACH_MSGH_BITS_REPLY(bits)	MACH_MSGH_BITS_REMOTE(bits)
+
+#define MIG_RETURN_ERROR(X, code)	{\
+				((mig_reply_error_t *)X)->RetCode = code;\
+				((mig_reply_error_t *)X)->NDR = NDR_record;\
+				return;\
+				}
+
+/* typedefs for all requests */
+
+#ifndef __Request__cshosting_subsystem__defined
+#define __Request__cshosting_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		SecGuestRef host;
+		mach_msg_type_number_t attributesCnt;
+	} __Request__findGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} __Request__guestStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+	} __Request__identifyGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Request__cshosting_subsystem__defined */
+
+/* typedefs for all replies */
+
+#ifndef __Reply__cshosting_subsystem__defined
+#define __Reply__cshosting_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t guest;
+		mach_msg_port_descriptor_t subhost;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t guestCnt;
+	} __Reply__findGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+		OSStatus rcode;
+		uint32 status;
+	} __Reply__guestStatus_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		OSStatus rcode;
+		mach_msg_type_number_t pathOffset; /* MiG doesn't use it */
+		mach_msg_type_number_t pathCnt;
+		char path[1024];
+		HashDataOut cdhash;
+		uint32 hashLength;
+		mach_msg_type_number_t attributesCnt;
+	} __Reply__identifyGuest_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Reply__cshosting_subsystem__defined */
+
+
+/* union of all replies */
+
+#ifndef __ReplyUnion__cshosting_server_cshosting_subsystem__defined
+#define __ReplyUnion__cshosting_server_cshosting_subsystem__defined
+union __ReplyUnion__cshosting_server_cshosting_subsystem {
+	__Reply__findGuest_t Reply_findGuest;
+	__Reply__guestStatus_t Reply_guestStatus;
+	__Reply__identifyGuest_t Reply_identifyGuest;
+};
+#endif /* __RequestUnion__cshosting_server_cshosting_subsystem__defined */
+/* Forward Declarations */
+
+
+mig_internal novalue _XfindGuest
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP);
+
+mig_internal novalue _XguestStatus
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP);
+
+mig_internal novalue _XidentifyGuest
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP);
+
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Request__cshosting_subsystem__
+#if !defined(__MIG_check__Request__findGuest_t__defined)
+#define __MIG_check__Request__findGuest_t__defined
+
+mig_internal kern_return_t __MIG_check__Request__findGuest_t(__attribute__((__unused__)) __Request__findGuest_t *In0P)
+{
+
+	typedef __Request__findGuest_t __Request;
+#if	__MigTypeCheck
+	if (!(In0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX) ||
+	    (In0P->msgh_body.msgh_descriptor_count != 1) ||
+	    (In0P->Head.msgh_size != (mach_msg_size_t)sizeof(__Request)))
+		return MIG_BAD_ARGUMENTS;
+#endif	/* __MigTypeCheck */
+
+#if	__MigTypeCheck
+	if (In0P->attributes.type != MACH_MSG_OOL_DESCRIPTOR)
+		return MIG_TYPE_ERROR;
+#endif	/* __MigTypeCheck */
+
+#if __MigTypeCheck
+	if (In0P->attributes.size != In0P->attributesCnt)
+		return MIG_TYPE_ERROR;
+#endif	/* __MigTypeCheck */
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Request__findGuest_t__defined) */
+#endif /* __MIG_check__Request__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine findGuest */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_server_findGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef host,
+	XMLBlob attributes,
+	mach_msg_type_number_t attributesCnt,
+	GuestChain *guest,
+	mach_msg_type_number_t *guestCnt,
+	mach_port_t *subhost
+);
+
+/* Routine findGuest */
+mig_internal novalue _XfindGuest
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t attributes;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		SecGuestRef host;
+		mach_msg_type_number_t attributesCnt;
+		mach_msg_trailer_t trailer;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	typedef __Request__findGuest_t __Request;
+	typedef __Reply__findGuest_t Reply __attribute__((unused));
+
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	Request *In0P = (Request *) InHeadP;
+	Reply *OutP = (Reply *) OutHeadP;
+#ifdef	__MIG_check__Request__findGuest_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Request__findGuest_t__defined */
+
+#if	UseStaticTemplates
+	const static mach_msg_ool_descriptor_t guestTemplate = {
+		/* addr = */		(void *)0,
+		/* size = */		0,
+		/* deal = */		FALSE,
+		/* copy = */		MACH_MSG_VIRTUAL_COPY,
+		/* pad2 = */		0,
+		/* type = */		MACH_MSG_OOL_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+#if	UseStaticTemplates
+	const static mach_msg_port_descriptor_t subhostTemplate = {
+		/* name = */		MACH_PORT_NULL,
+		/* pad1 = */		0,
+		/* pad2 = */		0,
+		/* disp = */		20,
+		/* type = */		MACH_MSG_PORT_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+	kern_return_t RetCode;
+	__DeclareRcvRpc(20000, "findGuest")
+	__BeforeRcvRpc(20000, "findGuest")
+
+#if	defined(__MIG_check__Request__findGuest_t__defined)
+	check_result = __MIG_check__Request__findGuest_t((__Request *)In0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ MIG_RETURN_ERROR(OutP, check_result); }
+#endif	/* defined(__MIG_check__Request__findGuest_t__defined) */
+
+#if	UseStaticTemplates
+	OutP->guest = guestTemplate;
+#else	/* UseStaticTemplates */
+	OutP->guest.deallocate =  FALSE;
+	OutP->guest.copy = MACH_MSG_VIRTUAL_COPY;
+	OutP->guest.pad1 = 0;
+	OutP->guest.type = MACH_MSG_OOL_DESCRIPTOR;
+#if defined(KERNEL) && !defined(__LP64__)
+	OutP->guest.pad_end = 0;
+#endif
+#endif	/* UseStaticTemplates */
+
+
+#if	UseStaticTemplates
+	OutP->subhost = subhostTemplate;
+#else	/* UseStaticTemplates */
+	OutP->subhost.disposition = 20;
+#if !(defined(KERNEL) && defined(__LP64__))
+	OutP->subhost.pad1 = 0;
+#endif
+	OutP->subhost.pad2 = 0;
+	OutP->subhost.type = MACH_MSG_PORT_DESCRIPTOR;
+#if defined(KERNEL)
+	OutP->subhost.pad_end = 0;
+#endif
+#endif	/* UseStaticTemplates */
+
+
+	OutP->guestCnt = 0;
+
+	RetCode = cshosting_server_findGuest(In0P->Head.msgh_request_port, In0P->Head.msgh_reply_port, &OutP->rcode, In0P->host, (XMLBlob)(In0P->attributes.address), In0P->attributes.size, (GuestChain *)&(OutP->guest.address), &OutP->guestCnt, &OutP->subhost.name);
+	mig_deallocate((vm_offset_t) In0P->attributes.address, In0P->attributes.size);
+	In0P->attributes.address = (void *) 0;
+	In0P->attributes.size = (mach_msg_size_t) 0;
+	if (RetCode != KERN_SUCCESS) {
+		MIG_RETURN_ERROR(OutP, RetCode);
+	}
+	OutP->guest.size = OutP->guestCnt * 4;
+
+
+	OutP->NDR = NDR_record;
+
+
+	OutP->Head.msgh_bits |= MACH_MSGH_BITS_COMPLEX;
+	OutP->Head.msgh_size = (mach_msg_size_t)(sizeof(Reply));
+	OutP->msgh_body.msgh_descriptor_count = 2;
+	__AfterRcvRpc(20000, "findGuest")
+}
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Request__cshosting_subsystem__
+#if !defined(__MIG_check__Request__guestStatus_t__defined)
+#define __MIG_check__Request__guestStatus_t__defined
+
+mig_internal kern_return_t __MIG_check__Request__guestStatus_t(__attribute__((__unused__)) __Request__guestStatus_t *In0P)
+{
+
+	typedef __Request__guestStatus_t __Request;
+#if	__MigTypeCheck
+	if ((In0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX) ||
+	    (In0P->Head.msgh_size != (mach_msg_size_t)sizeof(__Request)))
+		return MIG_BAD_ARGUMENTS;
+#endif	/* __MigTypeCheck */
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Request__guestStatus_t__defined) */
+#endif /* __MIG_check__Request__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine guestStatus */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_server_guestStatus
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	uint32 *status
+);
+
+/* Routine guestStatus */
+mig_internal novalue _XguestStatus
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+		mach_msg_trailer_t trailer;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	typedef __Request__guestStatus_t __Request;
+	typedef __Reply__guestStatus_t Reply __attribute__((unused));
+
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	Request *In0P = (Request *) InHeadP;
+	Reply *OutP = (Reply *) OutHeadP;
+#ifdef	__MIG_check__Request__guestStatus_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Request__guestStatus_t__defined */
+
+	__DeclareRcvRpc(20001, "guestStatus")
+	__BeforeRcvRpc(20001, "guestStatus")
+
+#if	defined(__MIG_check__Request__guestStatus_t__defined)
+	check_result = __MIG_check__Request__guestStatus_t((__Request *)In0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ MIG_RETURN_ERROR(OutP, check_result); }
+#endif	/* defined(__MIG_check__Request__guestStatus_t__defined) */
+
+	OutP->RetCode = cshosting_server_guestStatus(In0P->Head.msgh_request_port, In0P->Head.msgh_reply_port, &OutP->rcode, In0P->guest, &OutP->status);
+	if (OutP->RetCode != KERN_SUCCESS) {
+		MIG_RETURN_ERROR(OutP, OutP->RetCode);
+	}
+
+	OutP->NDR = NDR_record;
+
+
+	OutP->Head.msgh_size = (mach_msg_size_t)(sizeof(Reply));
+	__AfterRcvRpc(20001, "guestStatus")
+}
+
+#if ( __MigTypeCheck )
+#if __MIG_check__Request__cshosting_subsystem__
+#if !defined(__MIG_check__Request__identifyGuest_t__defined)
+#define __MIG_check__Request__identifyGuest_t__defined
+
+mig_internal kern_return_t __MIG_check__Request__identifyGuest_t(__attribute__((__unused__)) __Request__identifyGuest_t *In0P)
+{
+
+	typedef __Request__identifyGuest_t __Request;
+#if	__MigTypeCheck
+	if ((In0P->Head.msgh_bits & MACH_MSGH_BITS_COMPLEX) ||
+	    (In0P->Head.msgh_size != (mach_msg_size_t)sizeof(__Request)))
+		return MIG_BAD_ARGUMENTS;
+#endif	/* __MigTypeCheck */
+
+	return MACH_MSG_SUCCESS;
+}
+#endif /* !defined(__MIG_check__Request__identifyGuest_t__defined) */
+#endif /* __MIG_check__Request__cshosting_subsystem__ */
+#endif /* ( __MigTypeCheck ) */
+
+
+/* Routine identifyGuest */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t cshosting_server_identifyGuest
+(
+	mach_port_t sport,
+	mach_port_t rport,
+	OSStatus *rcode,
+	SecGuestRef guest,
+	FilePathOut path,
+	HashDataOut cdhash,
+	uint32 *hashLength,
+	XMLBlobOut *attributes,
+	mach_msg_type_number_t *attributesCnt
+);
+
+/* Routine identifyGuest */
+mig_internal novalue _XidentifyGuest
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		SecGuestRef guest;
+		mach_msg_trailer_t trailer;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	typedef __Request__identifyGuest_t __Request;
+	typedef __Reply__identifyGuest_t Reply __attribute__((unused));
+
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	Request *In0P = (Request *) InHeadP;
+	Reply *OutP = (Reply *) OutHeadP;
+	unsigned int msgh_size_delta;
+
+#ifdef	__MIG_check__Request__identifyGuest_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Request__identifyGuest_t__defined */
+
+#if	UseStaticTemplates
+	const static mach_msg_ool_descriptor_t attributesTemplate = {
+		/* addr = */		(void *)0,
+		/* size = */		0,
+		/* deal = */		FALSE,
+		/* copy = */		MACH_MSG_VIRTUAL_COPY,
+		/* pad2 = */		0,
+		/* type = */		MACH_MSG_OOL_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+	kern_return_t RetCode;
+	HashDataOut cdhash;
+	uint32 hashLength;
+	mach_msg_type_number_t attributesCnt;
+
+	__DeclareRcvRpc(20003, "identifyGuest")
+	__BeforeRcvRpc(20003, "identifyGuest")
+
+#if	defined(__MIG_check__Request__identifyGuest_t__defined)
+	check_result = __MIG_check__Request__identifyGuest_t((__Request *)In0P);
+	if (check_result != MACH_MSG_SUCCESS)
+		{ MIG_RETURN_ERROR(OutP, check_result); }
+#endif	/* defined(__MIG_check__Request__identifyGuest_t__defined) */
+
+#if	UseStaticTemplates
+	OutP->attributes = attributesTemplate;
+#else	/* UseStaticTemplates */
+	OutP->attributes.deallocate =  FALSE;
+	OutP->attributes.copy = MACH_MSG_VIRTUAL_COPY;
+	OutP->attributes.pad1 = 0;
+	OutP->attributes.type = MACH_MSG_OOL_DESCRIPTOR;
+#if defined(KERNEL) && !defined(__LP64__)
+	OutP->attributes.pad_end = 0;
+#endif
+#endif	/* UseStaticTemplates */
+
+
+	attributesCnt = 0;
+
+	RetCode = cshosting_server_identifyGuest(In0P->Head.msgh_request_port, In0P->Head.msgh_reply_port, &OutP->rcode, In0P->guest, OutP->path, cdhash, &hashLength, (XMLBlobOut *)&(OutP->attributes.address), &attributesCnt);
+	if (RetCode != KERN_SUCCESS) {
+		MIG_RETURN_ERROR(OutP, RetCode);
+	}
+	OutP->attributes.size = attributesCnt;
+
+
+	OutP->NDR = NDR_record;
+
+#ifdef __LP64__
+	{
+		size_t strLength = strlen(OutP->path) + 1;
+		if (strLength > 0xffffffff)
+			MIG_RETURN_ERROR(OutP, MIG_BAD_ARGUMENTS);
+		OutP->pathCnt = (mach_msg_type_number_t) strLength;
+	}
+#else
+	OutP->pathCnt = (mach_msg_type_number_t) strlen(OutP->path) + 1;
+#endif /* __LP64__ */
+	msgh_size_delta = _WALIGN_((OutP->pathCnt + 3) & ~3);
+	OutP->Head.msgh_size = (mach_msg_size_t)(sizeof(Reply) - 1024) + msgh_size_delta;
+	OutP = (Reply *) ((pointer_t) OutP + msgh_size_delta - 1024);
+	{   typedef struct { char data[64]; } *sp;
+	    * (sp) OutP->cdhash = * (sp) cdhash;
+	}
+	OutP->hashLength = hashLength;
+	OutP->attributesCnt = attributesCnt;
+
+	OutP = (Reply *) OutHeadP;
+	OutP->Head.msgh_bits |= MACH_MSGH_BITS_COMPLEX;
+	OutP->msgh_body.msgh_descriptor_count = 1;
+	__AfterRcvRpc(20003, "identifyGuest")
+}
+
+
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+boolean_t cshosting_server(
+		mach_msg_header_t *InHeadP,
+		mach_msg_header_t *OutHeadP);
+
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+mig_routine_t cshosting_server_routine(
+		mach_msg_header_t *InHeadP);
+
+
+/* Description of this subsystem, for use in direct RPC */
+const struct cshosting_server_cshosting_subsystem {
+	mig_server_routine_t 	server;	/* Server routine */
+	mach_msg_id_t	start;	/* Min routine number */
+	mach_msg_id_t	end;	/* Max routine number + 1 */
+	unsigned int	maxsize;	/* Max msg size */
+	vm_address_t	reserved;	/* Reserved */
+	struct routine_descriptor	/*Array of routine descriptors */
+		routine[4];
+} cshosting_server_cshosting_subsystem = {
+	cshosting_server_routine,
+	20000,
+	20004,
+	(mach_msg_size_t)sizeof(union __ReplyUnion__cshosting_server_cshosting_subsystem),
+	(vm_address_t)0,
+	{
+          { (mig_impl_routine_t) 0,
+          (mig_stub_routine_t) _XfindGuest, 9, 0, (routine_arg_descriptor_t)0, (mach_msg_size_t)sizeof(__Reply__findGuest_t)},
+          { (mig_impl_routine_t) 0,
+          (mig_stub_routine_t) _XguestStatus, 5, 0, (routine_arg_descriptor_t)0, (mach_msg_size_t)sizeof(__Reply__guestStatus_t)},
+		{0, 0, 0, 0, 0, 0},
+          { (mig_impl_routine_t) 0,
+          (mig_stub_routine_t) _XidentifyGuest, 9, 0, (routine_arg_descriptor_t)0, (mach_msg_size_t)sizeof(__Reply__identifyGuest_t)},
+	}
+};
+
+mig_external boolean_t cshosting_server
+	(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP)
+{
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	register mig_routine_t routine;
+
+	OutHeadP->msgh_bits = MACH_MSGH_BITS(MACH_MSGH_BITS_REPLY(InHeadP->msgh_bits), 0);
+	OutHeadP->msgh_remote_port = InHeadP->msgh_reply_port;
+	/* Minimal size: routine() will update it if different */
+	OutHeadP->msgh_size = (mach_msg_size_t)sizeof(mig_reply_error_t);
+	OutHeadP->msgh_local_port = MACH_PORT_NULL;
+	OutHeadP->msgh_id = InHeadP->msgh_id + 100;
+	OutHeadP->msgh_reserved = 0;
+
+	if ((InHeadP->msgh_id > 20003) || (InHeadP->msgh_id < 20000) ||
+	    ((routine = cshosting_server_cshosting_subsystem.routine[InHeadP->msgh_id - 20000].stub_routine) == 0)) {
+		((mig_reply_error_t *)OutHeadP)->NDR = NDR_record;
+		((mig_reply_error_t *)OutHeadP)->RetCode = MIG_BAD_ID;
+		return FALSE;
+	}
+	(*routine) (InHeadP, OutHeadP);
+	return TRUE;
+}
+
+mig_external mig_routine_t cshosting_server_routine
+	(mach_msg_header_t *InHeadP)
+{
+	register int msgh_id;
+
+	msgh_id = InHeadP->msgh_id - 20000;
+
+	if ((msgh_id > 3) || (msgh_id < 0))
+		return 0;
+
+	return cshosting_server_cshosting_subsystem.routine[msgh_id].stub_routine;
+}

OSX/libsecurityd/mig/ucspNotify.h

@@ -0,0 +1,192 @@
+#ifndef	_ucsp_notify_user_
+#define	_ucsp_notify_user_
+
+/* Module ucsp_notify */
+
+#include <string.h>
+#include <mach/ndr.h>
+#include <mach/boolean.h>
+#include <mach/kern_return.h>
+#include <mach/notify.h>
+#include <mach/mach_types.h>
+#include <mach/message.h>
+#include <mach/mig_errors.h>
+#include <mach/port.h>
+	
+/* BEGIN VOUCHER CODE */
+
+#ifndef KERNEL
+#if defined(__has_include)
+#if __has_include(<mach/mig_voucher_support.h>)
+#ifndef USING_VOUCHERS
+#define USING_VOUCHERS
+#endif
+#ifndef __VOUCHER_FORWARD_TYPE_DECLS__
+#define __VOUCHER_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern boolean_t voucher_mach_msg_set(mach_msg_header_t *msg) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif // __VOUCHER_FORWARD_TYPE_DECLS__
+#endif // __has_include(<mach/mach_voucher_types.h>)
+#endif // __has_include
+#endif // !KERNEL
+	
+/* END VOUCHER CODE */
+
+	
+/* BEGIN MIG_STRNCPY_ZEROFILL CODE */
+
+#if defined(__has_include)
+#if __has_include(<mach/mig_strncpy_zerofill_support.h>)
+#ifndef USING_MIG_STRNCPY_ZEROFILL
+#define USING_MIG_STRNCPY_ZEROFILL
+#endif
+#ifndef __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#define __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__
+#ifdef __cplusplus
+extern "C" {
+#endif
+	extern int mig_strncpy_zerofill(char *dest, const char *src, int len) __attribute__((weak_import));
+#ifdef __cplusplus
+}
+#endif
+#endif /* __MIG_STRNCPY_ZEROFILL_FORWARD_TYPE_DECLS__ */
+#endif /* __has_include(<mach/mig_strncpy_zerofill_support.h>) */
+#endif /* __has_include */
+	
+/* END MIG_STRNCPY_ZEROFILL CODE */
+
+
+#ifdef AUTOTEST
+#ifndef FUNCTION_PTR_T
+#define FUNCTION_PTR_T
+typedef void (*function_ptr_t)(mach_port_t, char *, mach_msg_type_number_t);
+typedef struct {
+        char            *name;
+        function_ptr_t  function;
+} function_table_entry;
+typedef function_table_entry   *function_table_t;
+#endif /* FUNCTION_PTR_T */
+#endif /* AUTOTEST */
+
+#ifndef	ucsp_notify_MSG_COUNT
+#define	ucsp_notify_MSG_COUNT	1
+#endif	/* ucsp_notify_MSG_COUNT */
+
+#include <mach/std_types.h>
+#include <mach/mig.h>
+#include <mach/mig.h>
+#include <mach/mach_types.h>
+#include <securityd_client/ucsp_types.h>
+
+#ifdef __BeforeMigUserHeader
+__BeforeMigUserHeader
+#endif /* __BeforeMigUserHeader */
+
+#include <sys/cdefs.h>
+__BEGIN_DECLS
+
+
+/* SimpleRoutine notify */
+#ifdef	mig_external
+mig_external
+#else
+extern
+#endif	/* mig_external */
+kern_return_t ucsp_notify_sender_notify
+(
+	mach_port_t receiver,
+	uint32 domain,
+	uint32 event,
+	Data data,
+	mach_msg_type_number_t dataCnt,
+	uint32 sender
+);
+
+__END_DECLS
+
+/********************** Caution **************************/
+/* The following data types should be used to calculate  */
+/* maximum message sizes only. The actual message may be */
+/* smaller, and the position of the arguments within the */
+/* message layout may vary from what is presented here.  */
+/* For example, if any of the arguments are variable-    */
+/* sized, and less than the maximum is sent, the data    */
+/* will be packed tight in the actual message to reduce  */
+/* the presence of holes.                                */
+/********************** Caution **************************/
+
+/* typedefs for all requests */
+
+#ifndef __Request__ucsp_notify_subsystem__defined
+#define __Request__ucsp_notify_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t data;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		uint32 domain;
+		uint32 event;
+		mach_msg_type_number_t dataCnt;
+		uint32 sender;
+	} __Request__notify_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Request__ucsp_notify_subsystem__defined */
+
+/* union of all requests */
+
+#ifndef __RequestUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined
+#define __RequestUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined
+union __RequestUnion__ucsp_notify_sender_ucsp_notify_subsystem {
+	__Request__notify_t Request_ucsp_notify_sender_notify;
+};
+#endif /* !__RequestUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined */
+/* typedefs for all replies */
+
+#ifndef __Reply__ucsp_notify_subsystem__defined
+#define __Reply__ucsp_notify_subsystem__defined
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		NDR_record_t NDR;
+		kern_return_t RetCode;
+	} __Reply__notify_t __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+#endif /* !__Reply__ucsp_notify_subsystem__defined */
+
+/* union of all replies */
+
+#ifndef __ReplyUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined
+#define __ReplyUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined
+union __ReplyUnion__ucsp_notify_sender_ucsp_notify_subsystem {
+	__Reply__notify_t Reply_ucsp_notify_sender_notify;
+};
+#endif /* !__RequestUnion__ucsp_notify_sender_ucsp_notify_subsystem__defined */
+
+#ifndef subsystem_to_name_map_ucsp_notify
+#define subsystem_to_name_map_ucsp_notify \
+    { "notify", 10000 }
+#endif
+
+#ifdef __AfterMigUserHeader
+__AfterMigUserHeader
+#endif /* __AfterMigUserHeader */
+
+#endif	 /* _ucsp_notify_user_ */

OSX/libsecurityd/mig/ucspNotifySender.cpp

@@ -0,0 +1,221 @@
+/*
+ * IDENTIFICATION:
+ * stub generated Mon Jul  3 19:46:45 2017
+ * with a MiG generated by bootstrap_cmds-96.20.2
+ * OPTIONS: 
+ */
+#define	__MIG_check__Reply__ucsp_notify_subsystem__ 1
+
+#include "ucspNotify.h"
+
+
+#ifndef	mig_internal
+#define	mig_internal	static __inline__
+#endif	/* mig_internal */
+
+#ifndef	mig_external
+#define mig_external
+#endif	/* mig_external */
+
+#if	!defined(__MigTypeCheck) && defined(TypeCheck)
+#define	__MigTypeCheck		TypeCheck	/* Legacy setting */
+#endif	/* !defined(__MigTypeCheck) */
+
+#if	!defined(__MigKernelSpecificCode) && defined(_MIG_KERNEL_SPECIFIC_CODE_)
+#define	__MigKernelSpecificCode	_MIG_KERNEL_SPECIFIC_CODE_	/* Legacy setting */
+#endif	/* !defined(__MigKernelSpecificCode) */
+
+#ifndef	LimitCheck
+#define	LimitCheck 0
+#endif	/* LimitCheck */
+
+#ifndef	min
+#define	min(a,b)  ( ((a) < (b))? (a): (b) )
+#endif	/* min */
+
+#if !defined(_WALIGN_)
+#define _WALIGN_(x) (((x) + 3) & ~3)
+#endif /* !defined(_WALIGN_) */
+
+#if !defined(_WALIGNSZ_)
+#define _WALIGNSZ_(x) _WALIGN_(sizeof(x))
+#endif /* !defined(_WALIGNSZ_) */
+
+#ifndef	UseStaticTemplates
+#define	UseStaticTemplates	0
+#endif	/* UseStaticTemplates */
+
+#ifndef	__MachMsgErrorWithTimeout
+#define	__MachMsgErrorWithTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	case MACH_SEND_TIMED_OUT: \
+	case MACH_RCV_TIMED_OUT: \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithTimeout */
+
+#ifndef	__MachMsgErrorWithoutTimeout
+#define	__MachMsgErrorWithoutTimeout(_R_) { \
+	switch (_R_) { \
+	case MACH_SEND_INVALID_DATA: \
+	case MACH_SEND_INVALID_DEST: \
+	case MACH_SEND_INVALID_HEADER: \
+		mig_put_reply_port(InP->Head.msgh_reply_port); \
+		break; \
+	default: \
+		mig_dealloc_reply_port(InP->Head.msgh_reply_port); \
+	} \
+}
+#endif	/* __MachMsgErrorWithoutTimeout */
+
+#ifndef	__DeclareSendRpc
+#define	__DeclareSendRpc(_NUM_, _NAME_)
+#endif	/* __DeclareSendRpc */
+
+#ifndef	__BeforeSendRpc
+#define	__BeforeSendRpc(_NUM_, _NAME_)
+#endif	/* __BeforeSendRpc */
+
+#ifndef	__AfterSendRpc
+#define	__AfterSendRpc(_NUM_, _NAME_)
+#endif	/* __AfterSendRpc */
+
+#ifndef	__DeclareSendSimple
+#define	__DeclareSendSimple(_NUM_, _NAME_)
+#endif	/* __DeclareSendSimple */
+
+#ifndef	__BeforeSendSimple
+#define	__BeforeSendSimple(_NUM_, _NAME_)
+#endif	/* __BeforeSendSimple */
+
+#ifndef	__AfterSendSimple
+#define	__AfterSendSimple(_NUM_, _NAME_)
+#endif	/* __AfterSendSimple */
+
+#define msgh_request_port	msgh_remote_port
+#define msgh_reply_port		msgh_local_port
+
+
+
+/* SimpleRoutine notify */
+mig_external kern_return_t ucsp_notify_sender_notify
+(
+	mach_port_t receiver,
+	uint32 domain,
+	uint32 event,
+	Data data,
+	mach_msg_type_number_t dataCnt,
+	uint32 sender
+)
+{
+
+#ifdef  __MigPackStructs
+#pragma pack(4)
+#endif
+	typedef struct {
+		mach_msg_header_t Head;
+		/* start of the kernel processed data */
+		mach_msg_body_t msgh_body;
+		mach_msg_ool_descriptor_t data;
+		/* end of the kernel processed data */
+		NDR_record_t NDR;
+		uint32 domain;
+		uint32 event;
+		mach_msg_type_number_t dataCnt;
+		uint32 sender;
+	} Request __attribute__((unused));
+#ifdef  __MigPackStructs
+#pragma pack()
+#endif
+	/*
+	 * typedef struct {
+	 * 	mach_msg_header_t Head;
+	 * 	NDR_record_t NDR;
+	 * 	kern_return_t RetCode;
+	 * } mig_reply_error_t;
+	 */
+
+	union {
+		Request In;
+	} Mess;
+
+	Request *InP = &Mess.In;
+
+	mach_msg_return_t msg_result;
+
+#ifdef	__MIG_check__Reply__notify_t__defined
+	kern_return_t check_result;
+#endif	/* __MIG_check__Reply__notify_t__defined */
+
+	__DeclareSendSimple(10000, "notify")
+
+#if	UseStaticTemplates
+	const static mach_msg_ool_descriptor_t dataTemplate = {
+		/* addr = */		(void *)0,
+		/* size = */		0,
+		/* deal = */		FALSE,
+		/* copy = */		MACH_MSG_VIRTUAL_COPY,
+		/* pad2 = */		0,
+		/* type = */		MACH_MSG_OOL_DESCRIPTOR,
+	};
+#endif	/* UseStaticTemplates */
+
+	InP->msgh_body.msgh_descriptor_count = 1;
+#if	UseStaticTemplates
+	InP->data = dataTemplate;
+	InP->data.address = (void *)(data);
+	InP->data.size = dataCnt;
+#else	/* UseStaticTemplates */
+	InP->data.address = (void *)(data);
+	InP->data.size = dataCnt;
+	InP->data.deallocate =  FALSE;
+	InP->data.copy = MACH_MSG_VIRTUAL_COPY;
+	InP->data.type = MACH_MSG_OOL_DESCRIPTOR;
+#endif	/* UseStaticTemplates */
+
+	InP->NDR = NDR_record;
+
+	InP->domain = domain;
+
+	InP->event = event;
+
+	InP->dataCnt = dataCnt;
+
+	InP->sender = sender;
+
+	InP->Head.msgh_bits = MACH_MSGH_BITS_COMPLEX|
+		MACH_MSGH_BITS(19, 0);
+	/* msgh_size passed as argument */
+	InP->Head.msgh_request_port = receiver;
+	InP->Head.msgh_reply_port = MACH_PORT_NULL;
+	InP->Head.msgh_id = 10000;
+	InP->Head.msgh_reserved = 0;
+	
+/* BEGIN VOUCHER CODE */
+
+#ifdef USING_VOUCHERS
+	if (voucher_mach_msg_set != NULL) {
+		voucher_mach_msg_set(&InP->Head);
+	}
+#endif // USING_VOUCHERS
+	
+/* END VOUCHER CODE */
+
+	__BeforeSendSimple(10000, "notify")
+	msg_result = mach_msg(&InP->Head, MACH_SEND_MSG|MACH_SEND_TIMEOUT|MACH_MSG_OPTION_NONE, (mach_msg_size_t)sizeof(Request), 0, MACH_PORT_NULL, 0, MACH_PORT_NULL);
+	__AfterSendSimple(10000, "notify")
+
+	if (msg_result == MACH_SEND_TIMED_OUT) {
+		if((vm_offset_t) InP->data.address != (vm_offset_t) data)
+			mig_deallocate((vm_offset_t) InP->data.address, (vm_size_t) InP->data.size);
+	}
+
+	return msg_result;
+}

OSX/utilities/CMakeLists.txt

@@ -0,0 +1,41 @@
+add_compile_options(
+	-fobjc-arc
+)
+
+add_library(libutilities OBJECT
+	src/debugging.c
+	src/der_dictionary.c
+	src/iCloudKeychainTrace.c
+	src/SecCFWrappers.c
+	src/SecADWrapper.c
+	src/der_date.c
+	src/fileIo.c
+	src/SecFileLocations.c
+	src/SecDb.c
+	src/SecCoreCrypto.c
+	src/SecAppleAnchor.c
+	src/iOSforOSX-SecAttr.c
+	src/SecTrace.c
+	src/der_plist_internal.c
+	src/SecSCTUtils.c
+	src/der_number.c
+	src/iOSforOSX-SecRandom.c
+	src/SecCFError.c
+	src/der_plist.c
+	src/SecCertificateTrace.c
+	src/SecAKSWrappers.c
+	src/der_array.c
+	src/SecCFCCWrappers.c
+	src/NSURL+SOSPlistStore.m
+	src/der_string.c
+	src/der_boolean.c
+	src/der_data.c
+	src/der_null.c
+	src/der_set.c
+	src/simulate_crash.c
+	src/SecBuffer.c
+	src/SecXPCError.c
+	SecurityTool/not_on_this_platorm.c
+	SecurityTool/readline.c
+)
+make_fat(libutilities)

include/Security/SecRandomP.h

@@ -0,0 +1 @@
+../../OSX/libsecurity_keychain/lib/SecRandomP.h

include/Security/sslTypes.h

@@ -0,0 +1 @@
+../../OSX/libsecurity_ssl/lib/sslTypes.h

include/Security/tsaTemplates.h

@@ -0,0 +1 @@
+../../OSX/libsecurity_smime/lib/tsaTemplates.h

internal-include/msgtracer_client.h

@@ -0,0 +1,8 @@
+#ifndef __MSGTRACER_CLIENT_H__
+#define __MSGTRACER_CLIENT_H__
+
+#include <asl.h>
+
+extern void _msgtracer_log_with_keys(char *key1, int value1, char *key2, char *value2, char *key3, char *value3, void *end);
+
+#endif