libsecurity_codesigning-55005.tar.gz

[apple/libsecurity_codesigning.git] / lib / requirement.cpp

diff --git a/lib/requirement.cpp b/lib/requirement.cpp
index f4b294ab74336f647329765f29fcc1e8594909aa..b1e136e198406ae4a45bf2a9c8d04f8a082f7018 100644 (file)
--- a/lib/requirement.cpp
+++ b/lib/requirement.cpp
@@ -26,6 +26,7 @@
 //
 #include "requirement.h"
 #include "reqinterp.h"
+#include "codesigning_dtrace.h"
 #include <security_utilities/errors.h>
 #include <security_utilities/unix++.h>
 #include <security_utilities/logging.h>
@@ -65,13 +66,18 @@ const char *const Requirement::typeNames[] = {
 //
 void Requirement::validate(const Requirement::Context &ctx, OSStatus failure /* = errSecCSReqFailed */) const
 {
+       CODESIGN_EVAL_REQINT_START((void*)this, this->length());
        switch (kind()) {
        case exprForm:
-               if (!Requirement::Interpreter(this, &ctx).evaluate())
+               if (Requirement::Interpreter(this, &ctx).evaluate()) {
+                       CODESIGN_EVAL_REQINT_END(0);
+                       return;
+               } else {
+                       CODESIGN_EVAL_REQINT_END(failure);
                        MacOSError::throwMe(failure);
-               return;
+               }
        default:
-               secdebug("reqval", "unrecognized requirement kind %d", kind());
+               CODESIGN_EVAL_REQINT_END(errSecCSReqUnsupported);
                MacOSError::throwMe(errSecCSReqUnsupported);
        }
 }
@@ -141,6 +147,20 @@ const SHA1::Digest &Requirement::testAppleAnchorHash()
 #endif //TEST_APPLE_ANCHOR
 
 
+//
+// InternalRequirements
+//
+void InternalRequirements::operator () (const Requirements *given, const Requirements *defaulted)
+{
+       if (defaulted) {
+               this->add(defaulted);
+               ::free((void *)defaulted);              // was malloc(3)ed by DiskRep
+       }
+       if (given)
+               this->add(given);
+       mReqs = make();
+}
+
 
 //
 // Debug dump support