Conf: Undo adding Username/Groupname to santasync launchd, it doesn't work properly

Project: Stop using xctool, use xcpretty to make xcodebuild output nice instead.
Conf: Run scheduled santactl/sync runs as nobody
2026-01-19 19:19:38 -05:00 · 2015-04-13 16:41:47 -04:00 · 2015-04-10 16:37:24 -04:00 · 2015-04-10 16:06:56 -04:00 · 2015-04-10 12:39:22 -04:00 · 2015-04-10 10:07:53 -04:00
30 changed files with 192 additions and 177 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,9 +2,7 @@
 language: objective-c

 before_install:
- - gem install cocoapods
- - brew update
- - brew upgrade xctool
+ - gem install cocoapods xcpretty

 script:
- - xctool -workspace Santa.xcworkspace -scheme All build test CODE_SIGN_IDENTITY=''
+ - xcodebuild -workspace Santa.xcworkspace -scheme All build test CODE_SIGN_IDENTITY='' | xcpretty -sc && exit ${PIPESTATUS[0]}
--- a/67
+++ b/67
@@ -1,46 +1,24 @@
 require 'timeout'

-WORKSPACE       = 'Santa.xcworkspace'
-DEFAULT_SCHEME  = 'All'
-OUTPUT_PATH     = 'Build'
-DIST_PATH       = 'Dist'
-BINARIES        = ['Santa.app', 'santa-driver.kext', 'santad', 'santactl']
-XCTOOL_DEFAULTS = "-workspace #{WORKSPACE}"
-XCODE_DEFAULTS  = "-workspace #{WORKSPACE} -derivedDataPath #{OUTPUT_PATH} -parallelizeTargets"
+WORKSPACE           = 'Santa.xcworkspace'
+DEFAULT_SCHEME      = 'All'
+OUTPUT_PATH         = 'Build'
+DIST_PATH           = 'Dist'
+BINARIES            = ['Santa.app', 'santa-driver.kext', 'santad', 'santactl']
+XCPRETTY_DEFAULTS   = '-sc'
+XCODEBUILD_DEFAULTS = "-workspace #{WORKSPACE} -derivedDataPath #{OUTPUT_PATH} -parallelizeTargets"

 task :default do
  system("rake -sT")
 end

-def xctool_available
-  return system 'xctool --version >/dev/null 2>&1'
-end
-
-def run_and_output_on_fail(cmd)
-  output=`#{cmd} 2>&1`
-  if not $?.success?
-    raise output
-  end
-end
-
-def run_and_output_with_color(cmd)
-  output=`#{cmd} 2>&1`
-
-  has_output = false
-  output.scan(/((Test Suite|Test Case|Executed).*)$/) do |match|
-    has_output = true
-    out = match[0]
-    if out.include?("passed")
-      puts "\e[32m#{out}\e[0m"
-    elsif out.include?("failed")
-      puts "\e[31m#{out}\e[0m"
-    else
-      puts out
-    end
-  end
-
-  if not has_output
-    raise output
+def xcodebuild(opts)
+  if system "xcodebuild #{XCODEBUILD_DEFAULTS} #{opts} | " \
+      "xcpretty #{XCPRETTY_DEFAULTS} && " \
+      "exit ${PIPESTATUS[0]}"
+    puts "\e[32mPass\e[0m"
+  else
+    raise "\e[31mFail\e[0m"
  end
 end

@@ -49,6 +27,9 @@ task :init do
    puts "Pods missing, running 'pod install'"
    system "pod install" or raise "CocoaPods is not installed. Install with 'sudo gem install cocoapods'"
  end
+  unless system 'xcpretty -v >/dev/null 2>&1'
+    puts "xcpretty is not installed. Install with 'sudo gem install xcpretty'"
+  end
 end

 task :remove_existing do
@@ -61,7 +42,7 @@ end
 desc "Clean"
 task :clean => :init do
  puts "Cleaning"
-  system "xcodebuild #{XCODE_DEFAULTS} -scheme All clean"
+  xcodebuild("-scheme All clean")
  FileUtils.rm_rf(OUTPUT_PATH)
  FileUtils.rm_rf(DIST_PATH)
 end
@@ -81,11 +62,7 @@ namespace :build do
  task :build, [:configuration] => :init do |t, args|
    config = args[:configuration]
    puts "Building with configuration: #{config}"
-    if xctool_available
-      system "xctool #{XCTOOL_DEFAULTS} -scheme All -configuration #{config} build"
-    else
-      system "xcodebuild #{XCODE_DEFAULTS} -scheme All -configuration #{config} build"
-    end
+    xcodebuild("-scheme All -configuration #{config} build")
  end
 end

@@ -145,11 +122,7 @@ namespace :tests do
  desc "Tests: Logic"
  task :logic => [:init] do
    puts "Running logic tests"
-    if xctool_available
-      system "xctool #{XCTOOL_DEFAULTS} -scheme LogicTests test"
-    else
-      system "xcodebuild #{XCODE_DEFAULTS} -scheme LogicTests test"
-    end
+    xcodebuild("-scheme LogicTests test")
  end

  desc "Tests: Kernel"
--- a/Santa.xcodeproj/project.pbxproj
+++ b/Santa.xcodeproj/project.pbxproj
@@ -69,7 +69,7 @@
 		0D3AFBF018FB4C6C0087BCEE /* SNTDriverManager.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D7D01861774F93A005DBAB4 /* SNTDriverManager.m */; };
 		0D3AFBF618FB4C7E0087BCEE /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D385DB7180DE4A900418BC6 /* Cocoa.framework */; };
 		0D3AFBF818FB4C870087BCEE /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 0D3AFBF718FB4C870087BCEE /* IOKit.framework */; };
-		0D416401191974F1006A356A /* SNTCommandSyncStatus.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D416400191974F1006A356A /* SNTCommandSyncStatus.m */; };
+		0D416401191974F1006A356A /* SNTCommandSyncState.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D416400191974F1006A356A /* SNTCommandSyncState.m */; };
 		0D41640519197AD7006A356A /* SNTCommandSyncEventUpload.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D41640419197AD7006A356A /* SNTCommandSyncEventUpload.m */; };
 		0D41DAD41A7C28C800A890FE /* SNTEventTableTest.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D41DAD31A7C28C800A890FE /* SNTEventTableTest.m */; };
 		0D42D2B519D1D98A00955F08 /* SNTSystemInfo.m in Sources */ = {isa = PBXBuildFile; fileRef = 0D42D2B419D1D98A00955F08 /* SNTSystemInfo.m */; };
@@ -253,8 +253,8 @@
 		0D385DEF180DE51600418BC6 /* SNTNotificationManager.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTNotificationManager.m; sourceTree = "<group>"; };
 		0D3AFBE618FB32CB0087BCEE /* SNTXPCConnectionTest.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTXPCConnectionTest.m; sourceTree = "<group>"; };
 		0D3AFBF718FB4C870087BCEE /* IOKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = IOKit.framework; path = System/Library/Frameworks/IOKit.framework; sourceTree = SDKROOT; };
-		0D4163FF191974F1006A356A /* SNTCommandSyncStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandSyncStatus.h; sourceTree = "<group>"; };
-		0D416400191974F1006A356A /* SNTCommandSyncStatus.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandSyncStatus.m; sourceTree = "<group>"; };
+		0D4163FF191974F1006A356A /* SNTCommandSyncState.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandSyncState.h; sourceTree = "<group>"; };
+		0D416400191974F1006A356A /* SNTCommandSyncState.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandSyncState.m; sourceTree = "<group>"; };
 		0D41640319197AD7006A356A /* SNTCommandSyncEventUpload.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SNTCommandSyncEventUpload.h; sourceTree = "<group>"; };
 		0D41640419197AD7006A356A /* SNTCommandSyncEventUpload.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTCommandSyncEventUpload.m; sourceTree = "<group>"; };
 		0D41DAD31A7C28C800A890FE /* SNTEventTableTest.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = SNTEventTableTest.m; sourceTree = "<group>"; };
@@ -487,8 +487,8 @@
 				0DCD605B19117A90006B445C /* SNTCommandSyncPreflight.m */,
 				0D0A1EC1191998C900B8450F /* SNTCommandSyncRuleDownload.h */,
 				0D0A1EC2191998C900B8450F /* SNTCommandSyncRuleDownload.m */,
-				0D4163FF191974F1006A356A /* SNTCommandSyncStatus.h */,
-				0D416400191974F1006A356A /* SNTCommandSyncStatus.m */,
+				0D4163FF191974F1006A356A /* SNTCommandSyncState.h */,
+				0D416400191974F1006A356A /* SNTCommandSyncState.m */,
 				0D7FFD491A017D4B00F34435 /* SNTDERDecoder.h */,
 				0D7FFD4A1A017D4B00F34435 /* SNTDERDecoder.m */,
 			);
@@ -1145,7 +1145,7 @@
 				0D10BE871A0AABD600C0C944 /* SNTDropRootPrivs.m in Sources */,
 				0DE4C8A618FF3B1700466D04 /* SNTCommandFlushCache.m in Sources */,
 				4092327A1A51B66400A04527 /* SNTCommandRule.m in Sources */,
-				0D416401191974F1006A356A /* SNTCommandSyncStatus.m in Sources */,
+				0D416401191974F1006A356A /* SNTCommandSyncState.m in Sources */,
 				0DC5D871192160180078A5C0 /* SNTCommandSyncLogUpload.m in Sources */,
 				0D35BDA218FD71CE00921A21 /* main.m in Sources */,
 				0DCD6043190ACCB8006B445C /* SNTFileInfo.m in Sources */,
--- a/Source/SantaGUI/SNTMessageWindow.m
+++ b/Source/SantaGUI/SNTMessageWindow.m
@@ -26,6 +26,7 @@

 - (IBAction)fadeIn:(id)sender {
  [self setAlphaValue:0.f];
+  [self center];
  [self makeKeyAndOrderFront:sender];
  [NSAnimationContext beginGrouping];
  [[NSAnimationContext currentContext] setDuration:0.15f];
--- a/Source/SantaGUI/SNTMessageWindowController.m
+++ b/Source/SantaGUI/SNTMessageWindowController.m
@@ -37,7 +37,6 @@
  [super loadWindow];
  [self.window setLevel:NSPopUpMenuWindowLevel];
  [self.window setMovableByWindowBackground:YES];
-  [self.window center];

  if (![[SNTConfigurator configurator] eventDetailURL]) {
    [self.openEventButton removeFromSuperview];
@@ -127,7 +126,7 @@
  NSString *htmlFooter = @"</body></html>";

  NSString *message;
-  if (self.customMessage && ![self.customMessage isEqual:@""]) {
+  if ([self.customMessage length] > 0) {
    message = self.customMessage;
  } else {
    message = @"The following application has been blocked from executing<br />"
--- a/Source/common/SNTConfigurator.m
+++ b/Source/common/SNTConfigurator.m
@@ -172,7 +172,7 @@ static NSString * const kMachineIDPlistKeyKey = @"MachineIDKey";
    machineId = self.configData[kMachineIDKey];
  }

-  if (!machineId || [machineId isEqual:@""]) {
+  if ([machineId length] == 0) {
    machineId = [SNTSystemInfo hardwareUUID];
  }

--- a/Source/common/SNTXPCControlInterface.h
+++ b/Source/common/SNTXPCControlInterface.h
@@ -32,11 +32,11 @@
 ///  Database ops
 ///
 - (void)databaseRuleCounts:(void (^)(uint64_t binary, uint64_t certificate))reply;
- (void)databaseRuleAddRule:(SNTRule *)rule withReply:(void (^)())reply;
- (void)databaseRuleAddRules:(NSArray *)rules withReply:(void (^)())reply;
+- (void)databaseRuleAddRule:(SNTRule *)rule cleanSlate:(BOOL)cleanSlate reply:(void (^)())reply;
+- (void)databaseRuleAddRules:(NSArray *)rules cleanSlate:(BOOL)cleanSlate reply:(void (^)())reply;

 - (void)databaseEventCount:(void (^)(uint64_t count))reply;
- (void)databaseEventForSHA256:(NSString *)sha256 withReply:(void (^)(SNTStoredEvent *))reply;
+- (void)databaseEventForSHA256:(NSString *)sha256 reply:(void (^)(SNTStoredEvent *))reply;
 - (void)databaseEventsPending:(void (^)(NSArray *events))reply;
 - (void)databaseRemoveEventsWithIDs:(NSArray *)ids;

@@ -44,7 +44,7 @@
 ///  Misc ops
 ///
 - (void)clientMode:(void (^)(santa_clientmode_t))reply;
- (void)setClientMode:(santa_clientmode_t)mode withReply:(void (^)())reply;
+- (void)setClientMode:(santa_clientmode_t)mode reply:(void (^)())reply;

@end

--- a/Source/common/SNTXPCControlInterface.m
+++ b/Source/common/SNTXPCControlInterface.m
@@ -32,7 +32,7 @@
            ofReply:YES];

  [r setClasses:[NSSet setWithObjects:[NSArray class], [SNTRule class], nil]
-        forSelector:@selector(databaseRuleAddRules:withReply:)
+        forSelector:@selector(databaseRuleAddRules:cleanSlate:reply:)
      argumentIndex:0
            ofReply:NO];

--- a/Source/santa-driver/SantaDriverClient.cc
+++ b/Source/santa-driver/SantaDriverClient.cc
@@ -43,12 +43,13 @@ bool SantaDriverClient::start(IOService *provider) {

  fSDM = fProvider->GetDecisionManager();

+  if (!fSDM) return false;
+
  return true;
 }

 void SantaDriverClient::stop(IOService *provider) {
  super::stop(provider);
-
  fProvider = NULL;
 }

@@ -61,11 +62,15 @@ bool SantaDriverClient::terminate(IOOptionBits options) {
  fSDM->DisconnectClient();
  LOGI("Client disconnected.");

-  fSharedMemory->release();
-  fSharedMemory = NULL;
+  if (fSharedMemory) {
+    fSharedMemory->release();
+    fSharedMemory = NULL;
+  }

-  fDataQueue->release();
-  fDataQueue = NULL;
+  if (fDataQueue) {
+    fDataQueue->release();
+    fDataQueue = NULL;
+  }

  if (fProvider && fProvider->isOpen(this)) fProvider->close(this);

--- a/Source/santactl/rule/SNTCommandRule.m
+++ b/Source/santactl/rule/SNTCommandRule.m
@@ -151,7 +151,7 @@ REGISTER_COMMAND_NAME(@"rule");
  newRule.type = RULETYPE_BINARY;
  newRule.customMsg = customMsg;
  
-  [[daemonConn remoteObjectProxy] databaseRuleAddRule:newRule withReply:^{
+  [[daemonConn remoteObjectProxy] databaseRuleAddRule:newRule cleanSlate:NO reply:^{
      if (state == RULESTATE_REMOVE) {
        printf("Removed rule for SHA-256: %s.\n", [newRule.shasum UTF8String]);
      } else {
--- a/Source/santactl/sync/SNTCommandSync.m
+++ b/Source/santactl/sync/SNTCommandSync.m
@@ -20,7 +20,7 @@
 #import "SNTCommandSyncPostflight.h"
 #import "SNTCommandSyncPreflight.h"
 #import "SNTCommandSyncRuleDownload.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"
 #import "SNTConfigurator.h"
 #import "SNTDropRootPrivs.h"
 #import "SNTLogging.h"
@@ -30,7 +30,7 @@
@interface SNTCommandSync : NSObject<SNTCommand>
@property NSURLSession *session;
@property SNTXPCConnection *daemonConn;
-@property SNTCommandSyncStatus *progress;
+@property SNTCommandSyncState *syncState;
@end

@implementation SNTCommandSync
@@ -112,26 +112,26 @@ REGISTER_COMMAND_NAME(@"sync");
  s.daemonConn = daemonConn;

  // Gather some data needed during some sync stages
-  s.progress = [[SNTCommandSyncStatus alloc] init];
+  s.syncState = [[SNTCommandSyncState alloc] init];

-  s.progress.syncBaseURL = config.syncBaseURL;
-  if (!s.progress.syncBaseURL) {
+  s.syncState.syncBaseURL = config.syncBaseURL;
+  if (!s.syncState.syncBaseURL) {
    LOGE(@"Missing SyncBaseURL. Can't sync without it.");
    exit(1);
-  } else if (![s.progress.syncBaseURL.scheme isEqual:@"https"]) {
+  } else if (![s.syncState.syncBaseURL.scheme isEqual:@"https"]) {
    LOGW(@"SyncBaseURL is not over HTTPS!");
  }
-  authURLSession.serverHostname = s.progress.syncBaseURL.host;
+  authURLSession.serverHostname = s.syncState.syncBaseURL.host;

-  s.progress.machineID = config.machineID;
-  if (!s.progress.machineID || [s.progress.machineID isEqual:@""]) {
+  s.syncState.machineID = config.machineID;
+  if ([s.syncState.machineID length] == 0) {
    LOGE(@"Missing Machine ID. Can't sync without it.");
    exit(1);
  }

-  s.progress.machineOwner = config.machineOwner;
-  if (!s.progress.machineOwner) {
-    s.progress.machineOwner = @"";
+  s.syncState.machineOwner = config.machineOwner;
+  if ([s.syncState.machineOwner length] == 0) {
+    s.syncState.machineOwner = @"";
    LOGW(@"Missing Machine Owner.");  
  }

@@ -144,12 +144,12 @@ REGISTER_COMMAND_NAME(@"sync");

 - (void)preflight {
  [SNTCommandSyncPreflight performSyncInSession:self.session
-                                       progress:self.progress
+                                      syncState:self.syncState
                                     daemonConn:self.daemonConn
                              completionHandler:^(BOOL success) {
      if (success) {
        LOGI(@"Preflight complete");
-        if (self.progress.uploadLogURL) {
+        if (self.syncState.uploadLogURL) {
          [self logUpload];
        } else {
          [self eventUpload];
@@ -163,7 +163,7 @@ REGISTER_COMMAND_NAME(@"sync");

 - (void)logUpload {
  [SNTCommandSyncLogUpload performSyncInSession:self.session
-                                       progress:self.progress
+                                      syncState:self.syncState
                                     daemonConn:self.daemonConn
                              completionHandler:^(BOOL success) {
      if (success) {
@@ -178,7 +178,7 @@ REGISTER_COMMAND_NAME(@"sync");

 - (void)eventUpload {
  [SNTCommandSyncEventUpload performSyncInSession:self.session
-                                         progress:self.progress
+                                        syncState:self.syncState
                                       daemonConn:self.daemonConn
                                completionHandler:^(BOOL success) {
      if (success) {
@@ -194,7 +194,7 @@ REGISTER_COMMAND_NAME(@"sync");
 - (void)eventUploadSingleEvent:(NSString *)sha256 {
  [SNTCommandSyncEventUpload uploadSingleEventWithSHA256:sha256
                                                 session:self.session
-                                                progress:self.progress
+                                               syncState:self.syncState
                                              daemonConn:self.daemonConn
                                       completionHandler:^(BOOL success) {
      if (success) {
@@ -209,7 +209,7 @@ REGISTER_COMMAND_NAME(@"sync");

 - (void)ruleDownload {
  [SNTCommandSyncRuleDownload performSyncInSession:self.session
-                                          progress:self.progress
+                                         syncState:self.syncState
                                        daemonConn:self.daemonConn
                                 completionHandler:^(BOOL success) {
      if (success) {
@@ -224,7 +224,7 @@ REGISTER_COMMAND_NAME(@"sync");

 - (void)postflight {
  [SNTCommandSyncPostflight performSyncInSession:self.session
-                                        progress:self.progress
+                                       syncState:self.syncState
                                      daemonConn:self.daemonConn
                               completionHandler:^(BOOL success) {
      if (success) {
--- a/Source/santactl/sync/SNTCommandSyncConstants.h
+++ b/Source/santactl/sync/SNTCommandSyncConstants.h
@@ -23,11 +23,13 @@ extern NSString * const kSantaVer;
 extern NSString * const kOSVer;
 extern NSString * const kOSBuild;
 extern NSString * const kPrimaryUser;
+extern NSString * const kRequestCleanSync;
 extern NSString * const kBatchSize;
 extern NSString * const kUploadLogsURL;
 extern NSString * const kClientMode;
 extern NSString * const kClientModeMonitor;
 extern NSString * const kClientModeLockdown;
+extern NSString * const kCleanSync;

 extern NSString * const kEvents;
 extern NSString * const kFileSHA256;
@@ -36,6 +38,15 @@ extern NSString * const kFileName;
 extern NSString * const kExecutingUser;
 extern NSString * const kExecutionTime;
 extern NSString * const kDecision;
+extern NSString * const kDecisionAllowUnknown;
+extern NSString * const kDecisionAllowBinary;
+extern NSString * const kDecisionAllowCertificate;
+extern NSString * const kDecisionAllowScope;
+extern NSString * const kDecisionBlockUnknown;
+extern NSString * const kDecisionBlockBinary;
+extern NSString * const kDecisionBlockCertificate;
+extern NSString * const kDecisionBlockScope;
+extern NSString * const kDecisionUnknown;
 extern NSString * const kLoggedInUsers;
 extern NSString * const kCurrentSessions;
 extern NSString * const kFileBundleID;
--- a/Source/santactl/sync/SNTCommandSyncConstants.m
+++ b/Source/santactl/sync/SNTCommandSyncConstants.m
@@ -19,17 +19,19 @@ NSString * const kURLEventUpload = @"eventupload/";
 NSString * const kURLRuleDownload = @"ruledownload/";
 NSString * const kURLPostflight = @"postflight/";

-NSString * const kSerialNumber = @"serial_no";
+NSString * const kSerialNumber = @"serial_num";
 NSString * const kHostname = @"hostname";
 NSString * const kSantaVer = @"santa_version";
 NSString * const kOSVer = @"os_version";
 NSString * const kOSBuild = @"os_build";
 NSString * const kPrimaryUser = @"primary_user";
+NSString * const kRequestCleanSync = @"request_clean_sync";
 NSString * const kBatchSize = @"batch_size";
 NSString * const kUploadLogsURL = @"upload_logs_url";
 NSString * const kClientMode = @"client_mode";
 NSString * const kClientModeMonitor = @"MONITOR";
 NSString * const kClientModeLockdown = @"LOCKDOWN";
+NSString * const kCleanSync = @"clean_sync";

 NSString * const kEvents = @"events";
 NSString * const kFileSHA256 = @"file_sha256";
@@ -38,6 +40,15 @@ NSString * const kFileName = @"file_name";
 NSString * const kExecutingUser = @"executing_user";
 NSString * const kExecutionTime = @"execution_time";
 NSString * const kDecision = @"decision";
+NSString * const kDecisionAllowUnknown = @"ALLOW_UNKNOWN";
+NSString * const kDecisionAllowBinary = @"ALLOW_BINARY";
+NSString * const kDecisionAllowCertificate = @"ALLOW_CERTIFICATE";
+NSString * const kDecisionAllowScope = @"ALLOW_SCOPE";
+NSString * const kDecisionBlockUnknown = @"BLOCK_UNKNOWN";
+NSString * const kDecisionBlockBinary = @"BLOCK_BINARY";
+NSString * const kDecisionBlockCertificate = @"BLOCK_CERTIFICATE";
+NSString * const kDecisionBlockScope = @"BLOCK_SCOPE";
+NSString * const kDecisionUnknown = @"UNKNOWN";
 NSString * const kLoggedInUsers = @"logged_in_users";
 NSString * const kCurrentSessions = @"current_sessions";
 NSString * const kFileBundleID = @"file_bundle_id";
--- a/Source/santactl/sync/SNTCommandSyncEventUpload.h
+++ b/Source/santactl/sync/SNTCommandSyncEventUpload.h
@@ -12,19 +12,19 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-@class SNTCommandSyncStatus;
+@class SNTCommandSyncState;
@class SNTXPCConnection;

@interface SNTCommandSyncEventUpload : NSObject

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler;

 + (void)uploadSingleEventWithSHA256:(NSString *)SHA256
                            session:(NSURLSession *)session
-                           progress:(SNTCommandSyncStatus *)progress
+                          syncState:(SNTCommandSyncState *)syncState
                         daemonConn:(SNTXPCConnection *)daemonConn
                  completionHandler:(void (^)(BOOL success))handler;

--- a/Source/santactl/sync/SNTCommandSyncEventUpload.m
+++ b/Source/santactl/sync/SNTCommandSyncEventUpload.m
@@ -18,7 +18,7 @@

 #import "SNTCertificate.h"
 #import "SNTCommandSyncConstants.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"
 #import "SNTStoredEvent.h"
 #import "SNTXPCConnection.h"
 #import "SNTXPCControlInterface.h"
@@ -26,11 +26,11 @@
@implementation SNTCommandSyncEventUpload

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = [NSURL URLWithString:[kURLEventUpload stringByAppendingString:progress.machineID]
-                      relativeToURL:progress.syncBaseURL];
+  NSURL *url = [NSURL URLWithString:[kURLEventUpload stringByAppendingString:syncState.machineID]
+                      relativeToURL:syncState.syncBaseURL];

  [[daemonConn remoteObjectProxy] databaseEventsPending:^(NSArray *events) {
      if ([events count] == 0) {
@@ -39,7 +39,7 @@
        [self uploadEventsFromArray:events
                              toURL:url
                          inSession:session
-                          batchSize:progress.eventBatchSize
+                          batchSize:syncState.eventBatchSize
                         daemonConn:daemonConn
                  completionHandler:handler];
      }
@@ -48,12 +48,12 @@

 + (void)uploadSingleEventWithSHA256:(NSString *)SHA256
                            session:(NSURLSession *)session
-                           progress:(SNTCommandSyncStatus *)progress
+                          syncState:(SNTCommandSyncState *)syncState
                         daemonConn:(SNTXPCConnection *)daemonConn
                  completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = [NSURL URLWithString:[kURLEventUpload stringByAppendingString:progress.machineID]
-                      relativeToURL:progress.syncBaseURL];
-  [[daemonConn remoteObjectProxy] databaseEventForSHA256:SHA256 withReply:^(SNTStoredEvent *event) {
+  NSURL *url = [NSURL URLWithString:[kURLEventUpload stringByAppendingString:syncState.machineID]
+                      relativeToURL:syncState.syncBaseURL];
+  [[daemonConn remoteObjectProxy] databaseEventForSHA256:SHA256 reply:^(SNTStoredEvent *event) {
      if (!event) {
        handler(YES);
        return;
@@ -138,10 +138,25 @@
  ADDKEY(newEvent, kFileName, [event.filePath lastPathComponent]);
  ADDKEY(newEvent, kExecutingUser, event.executingUser);
  ADDKEY(newEvent, kExecutionTime, @([event.occurrenceDate timeIntervalSince1970]));
-  ADDKEY(newEvent, kDecision, @(event.decision));
  ADDKEY(newEvent, kLoggedInUsers, event.loggedInUsers);
  ADDKEY(newEvent, kCurrentSessions, event.currentSessions);

+  switch (event.decision) {
+    case EVENTSTATE_ALLOW_UNKNOWN: ADDKEY(newEvent, kDecision, kDecisionAllowUnknown); break;
+    case EVENTSTATE_ALLOW_BINARY: ADDKEY(newEvent, kDecision, kDecisionAllowBinary); break;
+    case EVENTSTATE_ALLOW_CERTIFICATE:
+      ADDKEY(newEvent, kDecision, kDecisionAllowCertificate);
+      break;
+    case EVENTSTATE_ALLOW_SCOPE: ADDKEY(newEvent, kDecision, kDecisionAllowScope); break;
+    case EVENTSTATE_BLOCK_UNKNOWN: ADDKEY(newEvent, kDecision, kDecisionBlockUnknown); break;
+    case EVENTSTATE_BLOCK_BINARY: ADDKEY(newEvent, kDecision, kDecisionBlockBinary); break;
+    case EVENTSTATE_BLOCK_CERTIFICATE:
+      ADDKEY(newEvent, kDecision, kDecisionBlockCertificate);
+      break;
+    case EVENTSTATE_BLOCK_SCOPE: ADDKEY(newEvent, kDecision, kDecisionBlockScope); break;
+    default: ADDKEY(newEvent, kDecision, kDecisionUnknown);
+  }
+
  ADDKEY(newEvent, kFileBundleID, event.fileBundleID);
  ADDKEY(newEvent, kFileBundleName, event.fileBundleName);
  ADDKEY(newEvent, kFileBundleVersion, event.fileBundleVersion);
--- a/Source/santactl/sync/SNTCommandSyncLogUpload.h
+++ b/Source/santactl/sync/SNTCommandSyncLogUpload.h
@@ -12,13 +12,13 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-@class SNTCommandSyncStatus;
+@class SNTCommandSyncState;
@class SNTXPCConnection;

@interface SNTCommandSyncLogUpload : NSObject

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler;

--- a/Source/santactl/sync/SNTCommandSyncLogUpload.m
+++ b/Source/santactl/sync/SNTCommandSyncLogUpload.m
@@ -20,15 +20,15 @@
 #include "SNTLogging.h"

 #import "SNTCommandSyncConstants.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"

@implementation SNTCommandSyncLogUpload

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = progress.uploadLogURL;
+  NSURL *url = syncState.uploadLogURL;
  NSMutableURLRequest *req = [[NSMutableURLRequest alloc] initWithURL:url];
  [req setHTTPMethod:@"POST"];
  NSString *boundary = @"----santa-sync-upload-boundary";
--- a/Source/santactl/sync/SNTCommandSyncPostflight.h
+++ b/Source/santactl/sync/SNTCommandSyncPostflight.h
@@ -12,13 +12,13 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-@class SNTCommandSyncStatus;
+@class SNTCommandSyncState;
@class SNTXPCConnection;

@interface SNTCommandSyncPostflight : NSObject

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler;

--- a/Source/santactl/sync/SNTCommandSyncPostflight.m
+++ b/Source/santactl/sync/SNTCommandSyncPostflight.m
@@ -17,16 +17,16 @@
 #include "SNTLogging.h"

 #import "SNTCommandSyncConstants.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"

@implementation SNTCommandSyncPostflight

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = [NSURL URLWithString:[kURLPostflight stringByAppendingString:progress.machineID]
-                      relativeToURL:progress.syncBaseURL];
+  NSURL *url = [NSURL URLWithString:[kURLPostflight stringByAppendingString:syncState.machineID]
+                      relativeToURL:syncState.syncBaseURL];
  NSMutableURLRequest *req = [[NSMutableURLRequest alloc] initWithURL:url];
  [req setHTTPMethod:@"POST"];

--- a/Source/santactl/sync/SNTCommandSyncPreflight.h
+++ b/Source/santactl/sync/SNTCommandSyncPreflight.h
@@ -12,13 +12,13 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-@class SNTCommandSyncStatus;
+@class SNTCommandSyncState;
@class SNTXPCConnection;

@interface SNTCommandSyncPreflight : NSObject

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler;

--- a/Source/santactl/sync/SNTCommandSyncPreflight.m
+++ b/Source/santactl/sync/SNTCommandSyncPreflight.m
@@ -18,7 +18,7 @@
 #include "SNTLogging.h"

 #import "SNTCommandSyncConstants.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"
 #import "SNTSystemInfo.h"
 #import "SNTXPCConnection.h"
 #import "SNTXPCControlInterface.h"
@@ -26,11 +26,11 @@
@implementation SNTCommandSyncPreflight

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = [NSURL URLWithString:[kURLPreflight stringByAppendingString:progress.machineID]
-                      relativeToURL:progress.syncBaseURL];
+  NSURL *url = [NSURL URLWithString:[kURLPreflight stringByAppendingString:syncState.machineID]
+                      relativeToURL:syncState.syncBaseURL];

  NSMutableDictionary *requestDict = [NSMutableDictionary dictionary];
  requestDict[kSerialNumber] = [SNTSystemInfo serialNumber];
@@ -38,7 +38,11 @@
  requestDict[kSantaVer] = [[NSBundle mainBundle] objectForInfoDictionaryKey:@"CFBundleVersion"];
  requestDict[kOSVer] = [SNTSystemInfo osVersion];
  requestDict[kOSBuild] = [SNTSystemInfo osBuild];
-  requestDict[kPrimaryUser] = progress.machineOwner;
+  requestDict[kPrimaryUser] = syncState.machineOwner;
+
+  if ([[[NSProcessInfo processInfo] arguments] containsObject:@"--clean"]) {
+    requestDict[kRequestCleanSync] = @YES;
+  }

  NSData *requestBody = [NSJSONSerialization dataWithJSONObject:requestDict
                                                        options:0
@@ -60,13 +64,18 @@
      } else {
        NSDictionary *r = [NSJSONSerialization JSONObjectWithData:data options:0 error:nil];

-        progress.eventBatchSize = [r[kBatchSize] intValue];
-        progress.uploadLogURL = [NSURL URLWithString:r[kUploadLogsURL]];
+        syncState.eventBatchSize = [r[kBatchSize] intValue];
+        syncState.uploadLogURL = [NSURL URLWithString:r[kUploadLogsURL]];

-        if (r[kClientMode] && [r[kClientMode] isEqual:kClientModeMonitor]) {
-            [[daemonConn remoteObjectProxy] setClientMode:CLIENTMODE_MONITOR withReply:^{}];
-        } else if (r[kClientMode] && [r[kClientMode] isEqual:kClientModeLockdown]) {
-            [[daemonConn remoteObjectProxy] setClientMode:CLIENTMODE_LOCKDOWN withReply:^{}];
+        if ([r[kClientMode] isEqual:kClientModeMonitor]) {
+            [[daemonConn remoteObjectProxy] setClientMode:CLIENTMODE_MONITOR reply:^{}];
+        } else if ([r[kClientMode] isEqual:kClientModeLockdown]) {
+            [[daemonConn remoteObjectProxy] setClientMode:CLIENTMODE_LOCKDOWN reply:^{}];
+        }
+
+        if ([r[kCleanSync] boolValue]) {
+          syncState.cleanSync = YES;
+          LOGD(@"Clean sync requested by server");
        }

        handler(YES);
--- a/Source/santactl/sync/SNTCommandSyncRuleDownload.h
+++ b/Source/santactl/sync/SNTCommandSyncRuleDownload.h
@@ -12,13 +12,13 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-@class SNTCommandSyncStatus;
+@class SNTCommandSyncState;
@class SNTXPCConnection;

@interface SNTCommandSyncRuleDownload : NSObject

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler;

--- a/Source/santactl/sync/SNTCommandSyncRuleDownload.m
+++ b/Source/santactl/sync/SNTCommandSyncRuleDownload.m
@@ -15,7 +15,7 @@
 #import "SNTCommandSyncRuleDownload.h"

 #import "SNTCommandSyncConstants.h"
-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"
 #import "SNTRule.h"
 #import "SNTXPCConnection.h"
 #import "SNTXPCControlInterface.h"
@@ -25,15 +25,15 @@
@implementation SNTCommandSyncRuleDownload

 + (void)performSyncInSession:(NSURLSession *)session
-                    progress:(SNTCommandSyncStatus *)progress
+                   syncState:(SNTCommandSyncState *)syncState
                  daemonConn:(SNTXPCConnection *)daemonConn
           completionHandler:(void (^)(BOOL success))handler {
-  NSURL *url = [NSURL URLWithString:[kURLRuleDownload stringByAppendingString:progress.machineID]
-                      relativeToURL:progress.syncBaseURL];
+  NSURL *url = [NSURL URLWithString:[kURLRuleDownload stringByAppendingString:syncState.machineID]
+                      relativeToURL:syncState.syncBaseURL];
  [self ruleDownloadWithCursor:nil
                           url:url
                       session:session
-                      progress:progress
+                     syncState:syncState
                    daemonConn:daemonConn
             completionHandler:handler];
 }
@@ -41,14 +41,14 @@
 + (void)ruleDownloadWithCursor:(NSString *)cursor
                           url:(NSURL *)url
                       session:(NSURLSession *)session
-                      progress:(SNTCommandSyncStatus *)progress
+                     syncState:(SNTCommandSyncState *)syncState
                    daemonConn:(SNTXPCConnection *)daemonConn
             completionHandler:(void (^)(BOOL success))handler {

  NSDictionary *requestDict = (cursor ? @{ kCursor: cursor } : @{});

-  if (!progress.downloadedRules) {
-    progress.downloadedRules = [NSMutableArray array];
+  if (!syncState.downloadedRules) {
+    syncState.downloadedRules = [NSMutableArray array];
  }

  NSMutableURLRequest *req = [[NSMutableURLRequest alloc] initWithURL:url];
@@ -102,20 +102,22 @@
            newRule.customMsg = customMsg;
          }

-          [progress.downloadedRules addObject:newRule];
+          [syncState.downloadedRules addObject:newRule];
        }

        if (resp[kCursor]) {
          [self ruleDownloadWithCursor:resp[kCursor]
                                   url:url
                               session:session
-                              progress:progress
+                             syncState:syncState
                            daemonConn:daemonConn
                     completionHandler:handler];
        } else {
-          [[daemonConn remoteObjectProxy] databaseRuleAddRules:progress.downloadedRules withReply:^{
-              if (progress.downloadedRules.count) {
-                LOGI(@"Added %d rule(s)", progress.downloadedRules.count);
+          [[daemonConn remoteObjectProxy] databaseRuleAddRules:syncState.downloadedRules
+                                                    cleanSlate:syncState.cleanSync
+                                                         reply:^{
+              if (syncState.downloadedRules.count) {
+                LOGI(@"Added %d rule(s)", syncState.downloadedRules.count);
              }
              handler(YES);
          }];
--- a/Source/santactl/sync/SNTCommandSyncStatus.h
+++ b/Source/santactl/sync/SNTCommandSyncStatus.h
@@ -14,7 +14,7 @@

 /// An instance of this class is passed to each stage of the sync process for storing data
 /// that might be needed in later stages.
-@interface SNTCommandSyncStatus : NSObject
+@interface SNTCommandSyncState : NSObject

 /// The base API URL
@property NSURL *syncBaseURL;
@@ -23,6 +23,10 @@
@property NSString *machineID;
@property NSString *machineOwner;

+/// Clean sync flag, sent from server. If True, all existing rules
+/// should be deleted before inserting any new rules.
+@property BOOL cleanSync;
+
 /// Batch size for uploading events, sent from server
@property int32_t eventBatchSize;

--- a/Source/santactl/sync/SNTCommandSyncStatus.m
+++ b/Source/santactl/sync/SNTCommandSyncStatus.m
@@ -12,7 +12,7 @@
 ///    See the License for the specific language governing permissions and
 ///    limitations under the License.

-#import "SNTCommandSyncStatus.h"
+#import "SNTCommandSyncState.h"

-@implementation SNTCommandSyncStatus
+@implementation SNTCommandSyncState
@end
--- a/Source/santad/SNTDaemonControlController.m
+++ b/Source/santad/SNTDaemonControlController.m
@@ -50,16 +50,16 @@
  reply([rdb binaryRuleCount], [rdb certificateRuleCount]);
 }

- (void)databaseRuleAddRule:(SNTRule *)rule withReply:(void (^)())reply {
-  [self databaseRuleAddRules:@[ rule ] withReply:reply];
+- (void)databaseRuleAddRule:(SNTRule *)rule cleanSlate:(BOOL)cleanSlate reply:(void (^)())reply {
+  [self databaseRuleAddRules:@[ rule ] cleanSlate:cleanSlate reply:reply];
 }

- (void)databaseRuleAddRules:(NSArray *)rules withReply:(void (^)())reply {
-  [[SNTDatabaseController ruleTable] addRules:rules];
+- (void)databaseRuleAddRules:(NSArray *)rules cleanSlate:(BOOL)cleanSlate reply:(void (^)())reply {
+  [[SNTDatabaseController ruleTable] addRules:rules cleanSlate:cleanSlate];

  // If any rules were added that were not whitelist, flush cache.
  NSPredicate *p = [NSPredicate predicateWithFormat:@"SELF.state != %d", RULESTATE_WHITELIST];
-  if ([rules filteredArrayUsingPredicate:p].count) {
+  if ([rules filteredArrayUsingPredicate:p].count || cleanSlate) {
    LOGI(@"Received non-whitelist rule, flushing cache");
    [self.driverManager flushCache];
  }
@@ -71,7 +71,7 @@
  reply([[SNTDatabaseController eventTable] pendingEventsCount]);
 }

- (void)databaseEventForSHA256:(NSString *)sha256 withReply:(void (^)(SNTStoredEvent *))reply {
+- (void)databaseEventForSHA256:(NSString *)sha256 reply:(void (^)(SNTStoredEvent *))reply {
  reply([[SNTDatabaseController eventTable] pendingEventForSHA256:sha256]);
 }

@@ -89,7 +89,7 @@
  reply([[SNTConfigurator configurator] clientMode]);
 }

- (void)setClientMode:(santa_clientmode_t)mode withReply:(void (^)())reply {
+- (void)setClientMode:(santa_clientmode_t)mode reply:(void (^)())reply {
  [[SNTConfigurator configurator] setClientMode:mode];
  reply();
 }
--- a/Source/santad/SNTExecutionController.m
+++ b/Source/santad/SNTExecutionController.m
@@ -308,12 +308,12 @@
      sessionName = [NSString stringWithFormat:@"%s@%s", nxt->ut_user, nxt->ut_line];
    }

-    if (userName && ![userName isEqual:@""]) {
-      loggedInUsers[userName] = @"";
+    if ([userName length] > 0) {
+      loggedInUsers[userName] = [NSNull null];
    }

-    if (sessionName && ![sessionName isEqual:@":"]) {
-      loggedInHosts[sessionName] = @"";
+    if ([sessionName length] > 1) {
+      loggedInHosts[sessionName] = [NSNull null];
    }
  }

--- a/Source/santad/SNTRuleTable.h
+++ b/Source/santad/SNTRuleTable.h
@@ -54,8 +54,9 @@
 ///  transaction will abort if any rule fails to add.
 ///
 ///  @param rules Array of SNTRule's to add.
+///  @param cleanslate If true, remove all rules before adding the new rules.
 ///  @return YES if all rules were added successfully.
 ///
- (BOOL)addRules:(NSArray *)rules;
+- (BOOL)addRules:(NSArray *)rules cleanSlate:(BOOL)cleanSlate;

@end
--- a/Source/santad/SNTRuleTable.m
+++ b/Source/santad/SNTRuleTable.m
@@ -119,10 +119,14 @@

 #pragma mark Adding

- (BOOL)addRules:(NSArray *)rules {
+- (BOOL)addRules:(NSArray *)rules cleanSlate:(BOOL)cleanSlate {
  __block BOOL failed = NO;

  [self inTransaction:^(FMDatabase *db, BOOL *rollback) {
+      if (cleanSlate) {
+        [db executeUpdate:@"DELETE FROM rules"];
+      }
+
      for (SNTRule *rule in rules) {
        if (![rule isKindOfClass:[SNTRule class]] ||
            !rule.shasum || rule.shasum.length == 0 ||
--- a/Tests/LogicTests/SNTFileWatcherTest.m
+++ b/Tests/LogicTests/SNTFileWatcherTest.m
@@ -23,24 +23,6 @@

@implementation SNTFileWatcherTest

-static int unusedFd1 = -1;
-static int unusedFd2 = -1;
-
-+ (void)setUp {
-  // xctest redirects the stdout/stderr FDs when starting tests. This is not a problem, except
-  // xctool intercepts stdout/stderr FDs (1 & 2) to put them in nice sections of the output.
-  // This causes problems with tests that write to files and is 'fixed' by opening two FDs just
-  // to be safe. Unfortunately this means that anything printed (e.g. with printf or NSLog) will
-  // not actually be printed in xctool output for this test suite, ho hum.
-  unusedFd1 = open("/dev/null", O_WRONLY);
-  unusedFd2 = open("/dev/null", O_WRONLY);
-}
-
-+ (void)tearDown {
-  close(unusedFd1);
-  close(unusedFd2);
-}
-
 - (void)setUp {
  [super setUp];
Author	SHA1	Message	Date
Russell Hancox	437764e6fc	Conf: Undo adding Username/Groupname to santasync launchd, it doesn't work properly	2015-04-13 16:41:47 -04:00
Russell Hancox	460dd6aa8b	Project: Stop using xctool, use xcpretty to make xcodebuild output nice instead.	2015-04-10 16:37:24 -04:00
Russell Hancox	0a511468e3	Conf: Run scheduled santactl/sync runs as nobody	2015-04-10 16:06:56 -04:00
Russell Hancox	96517573e7	santactl/sync: rename SyncStatus->SyncState, add cleanSync option that can be requested by client or server.	2015-04-10 12:39:22 -04:00
Russell Hancox	c996921c22	GUI: Move window centering to the fadeIn method so it's only called when the window is displayed	2015-04-10 10:07:53 -04:00
Russell Hancox	8365e00a50	Sync: Decision should be uploaded as a string, not an int. Rename serial_no to serial_num	2015-04-09 10:02:21 -04:00
Russell Hancox	a629e6cff1	Clean-up: NSString length is quicker than isEqual	2015-04-09 10:01:44 -04:00
Russell Hancox	cbb786c6d1	Kext: Check fSharedMemory and fDataQueue before trying to release them in terminate()	2015-04-09 10:01:04 -04:00