Skip to content

Commit

Permalink
add --digest flag and big sur support
Browse files Browse the repository at this point in the history
Signed-off-by: Jacob Salmela <[email protected]>
  • Loading branch information
jacobsalmela committed Oct 3, 2021
1 parent 937a703 commit b78365b
Showing 1 changed file with 28 additions and 10 deletions.
38 changes: 28 additions & 10 deletions tccutil.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
util_name = os.path.basename(sys.argv[0])

# Utility Version
util_version = '1.2.10'
util_version = '1.2.11'

# Current OS X version
osx_version = version(mac_ver()[0]) # mac_ver() returns 10.16 for Big Sur instead 11.+
Expand Down Expand Up @@ -58,6 +58,10 @@
'--list', '-l', action='store_true',
help="List all entries in the accessibility database."
)
parser.add_argument(
'--digest', action='store_true',
help="Print the digest hash of the accessibility database."
)
parser.add_argument(
'--insert', '-i', action='append', default=[],
help="Adds the given bundle ID or path to the accessibility database.",
Expand All @@ -83,7 +87,6 @@
help="Show the version of this script",
)


def display_version():
"""Print the version of this utility."""
print("%s %s" % (util_name, util_version))
Expand All @@ -98,7 +101,18 @@ def sudo_required():
display_help(1)


def open_database():
def digest_check(digest_to_check):
"""Validates that a digest for the table is one that can be used with tccutil."""
# Do a sanity check that TCC access table has expected structure
accessTableDigest = ""
for row in digest_to_check.fetchall():
accessTableDigest = hashlib.sha1(row[0]).hexdigest()[0:10]
break

return accessTableDigest


def open_database(digest=False):
"""Open the database for editing values."""
sudo_required()
global conn
Expand All @@ -117,11 +131,12 @@ def open_database():
c = conn.cursor()

# Do a sanity check that TCC access table has expected structure
c.execute("SELECT sql FROM sqlite_master WHERE name='access' and type='table'")
accessTableDigest = ""
for row in c.fetchall():
accessTableDigest = hashlib.sha1(row[0]).hexdigest()[0:10]
break
accessTableDigest = digest_check(c.execute("SELECT sql FROM sqlite_master WHERE name='access' and type='table'"))

if digest:
print(accessTableDigest)
sys.exit(0)

# check if table in DB has expected structure:
if not (accessTableDigest == "8e93d38f7c" or # prior to El Capitan
# El Capitan , Sierra, High Sierra
Expand All @@ -132,8 +147,8 @@ def open_database():
accessTableDigest in ["ecc443615f", "80a4bb6912"]) or
# Big Sur and later
(osx_version >= version('10.16') and
accessTableDigest == "3d1c2a0e97")):
print("TCC Database structure is unknown.")
accessTableDigest in ["3d1c2a0e97", "cef70648de"])):
print("TCC Database structure is unknown (%s)" % accessTableDigest)
sys.exit(1)

verbose_output("Database opened.\n")
Expand Down Expand Up @@ -300,6 +315,9 @@ def main():
global verbose
verbose = True

if args.digest:
open_database(digest=True)

if args.list:
list_clients()
return
Expand Down

0 comments on commit b78365b

Please sign in to comment.