[apple/security.git] / OSX / libsecurity_cdsa_client / lib / cssmclient.cpp

/*
 * Copyright (c) 2000-2001,2011-2014 Apple Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


//
// cssmclient - common client interface to CSSM and MDS.
//
// Locking Strategy (preliminary):
// XXX This is obsolete update this --mb
// A CssmObject is a CountingMutex. Its count represents the number of children that have registered
// themselves (using addChild/removeChild). The lock controls the internal management fields of the
// various subclasses to protect them against corruption. It does NOT control attribute and argument
// fields and operations, not does it control object-constant fields.
// This means that if you use an object from multiple threads, you (the caller) must lock the object
// during set/get calls of attributes. Note that the CSSM operations themselves are safely multithreaded
// and thus don't need to be interlocked explicitly.
//
#include <security_cdsa_client/cssmclient.h>
#include <utilities/debugging.h>

using namespace CssmClient;

//
// Exception model
//
const char *
Error::what () const throw()
{
	return "CSSM client library error";
}


//
// General utilities
//
void
ObjectImpl::check(CSSM_RETURN status)
{
	if (status != CSSM_OK)
	{
		CssmError::throwMe(status);
	}
}


//
// Common features of Objects
//
ObjectImpl::ObjectImpl() : mParent(), mChildCount(0)
{
	mActive = false;		// not activated
	mAllocator = NULL;		// allocator to be determined
}

ObjectImpl::ObjectImpl(const Object &mommy) : mParent(mommy.mImpl), mChildCount(0)
{
	mActive = false;		// not activated
	mAllocator = NULL;		// allocator to be determined
	if (mParent)
		mParent->addChild();
}

ObjectImpl::~ObjectImpl()
try
{
    if (!isIdle())
    {
        int i = mChildCount;
        secerror("Object %p still has %d children at delete.\n", this, i);
    }
		
	// release parent from her obligations (if we still have one)
	if (mParent)
		mParent->removeChild();
}
catch(...)
{
    return;	// Prevent re-throw of exception [function-try-block]
}

void
ObjectImpl::addChild()
{
	mChildCount++;		// atomic
}

void
ObjectImpl::removeChild()
{
	mChildCount--;		// atomic
}


//
// Manage allocators in the Object tree
//
Allocator &
ObjectImpl::allocator() const
{
    StLock<Mutex> _(mAllocatorMutex);
	if (mAllocator == NULL)
	{
		// fix allocator now
		if (mParent)
			mAllocator = &mParent->allocator();
		else
			mAllocator = &Allocator::standard();
	}

	return *mAllocator;
}

void
ObjectImpl::allocator(Allocator &alloc)
{
    StLock<Mutex> _(mAllocatorMutex);
	assert(mAllocator == NULL);	// cannot redefine allocator once set
	mAllocator = &alloc;
}

// Comparison operators use pointer comparison by default.  Subclasses may override.
bool
ObjectImpl::operator <(const ObjectImpl &other) const
{
	return this < &other;
}

bool
ObjectImpl::operator ==(const ObjectImpl &other) const
{
	return this == &other;
}


//
// CSSMSession objects.
// parent ::= NULL (none)
// active ::= CSSM initialized
//
ModuleNexus<CssmImpl::StandardCssm> CssmImpl::mStandard;

CssmImpl::CssmImpl() : ObjectImpl()
{
	setup();
	mStandard().setCssm(this);
}

CssmImpl::CssmImpl(bool) : ObjectImpl()
{
	setup();
	// implicitly constructed - caller responsible for standard session management
}

CssmImpl::~CssmImpl()
{
    try
    {
		deactivate();
    }
	catch(...) {}

	// this may be the standard session...
    mStandard().unsetCssm(this);
}


void
CssmImpl::setup()
{
	// set default configuration
	mVersion.Major = 2;
	mVersion.Minor = 0;
	mScope = CSSM_PRIVILEGE_SCOPE_PROCESS;
}


Cssm
CssmImpl::standard()
{
    return Cssm(mStandard().get());
}


void
CssmImpl::activate()
{
    StLock<Mutex> _(mActivateMutex);
	if (!mActive)
	{
		// currently, no choices on PVC mode and key hierarchy
		CSSM_PVC_MODE pvc = CSSM_PVC_NONE;
		switch (CSSM_RETURN rc = CSSM_Init(&mVersion,
				mScope, &mCallerGuid,
				CSSM_KEY_HIERARCHY_NONE, &pvc, NULL)) {
		case CSSMERR_CSSM_PVC_ALREADY_CONFIGURED:
		case CSSM_OK:
			break;
		default:
			check(rc);
		}
		mActive = true;
	}
}

void
CssmImpl::deactivate()
{
    StLock<Mutex> _(mActivateMutex);
	if (mActive)
	{
		mActive = false;

		// clear module map (all gone now)
		moduleMap.erase(moduleMap.begin(), moduleMap.end());
	
		// now terminate CSSM
		check(CSSM_Terminate());
	}
}

void
CssmImpl::atExitHandler()
{
    try {
        mStandard.reset();
    } catch (...) {
    }
}

void
CssmImpl::catchExit()
{
	// @@@ Even though this is the "right thing" to do.  This only causes
	// exceptions during exit and doesn't really help cleanup correctly.
#if 0
	if (::atexit(atExitHandler))
		UnixError::throwMe();
#endif
}


//
// Manage the automatic Cssm object.
// This is a program global.
//
void CssmImpl::StandardCssm::setCssm(CssmImpl *cssm)
{
    StLock<Mutex> _(*this);
    if (mCssm == NULL)
        mCssm = cssm;
}

void CssmImpl::StandardCssm::unsetCssm(CssmImpl *cssm)
{
    StLock<Mutex> _(*this);
    if (mCssm == cssm)
        mCssm = NULL;
}

Cssm CssmImpl::StandardCssm::get()
{
    StLock<Mutex> _(*this);
    if (mCssm == NULL) {	// make the default instance
        mCssm = new CssmImpl(true);
    }
    return Cssm(mCssm);
}

CssmImpl::StandardCssm::~StandardCssm()
{
    if (mCssm) {
        mCssm->deactivate();
        delete mCssm;
    }
}


//
// Auto-module management
//
Module
CssmImpl::autoModule(const Guid &guid)
{
	StLock<Mutex> _(mapLock);
	ModuleMap::iterator it = moduleMap.find(guid);
	if (it == moduleMap.end())
	{
		// no automodule for this guid yet, create one
		Module module(guid, Cssm(this));
		moduleMap.insert(ModuleMap::value_type(guid, module));
		return module;
	}
	else
	{
		// existing automodule - use it
		return it->second;
	}
}


//
// Module objects.
// parent ::= the session object (usually Cssm::standard)
// active ::= module is loaded.
//
ModuleImpl::ModuleImpl(const Guid &guid) : ObjectImpl(Cssm::standard()),
	mAppNotifyCallback(NULL),
	mAppNotifyCallbackCtx(NULL)
{
	setGuid(guid);
}

ModuleImpl::ModuleImpl(const Guid &guid, const Cssm &session) : ObjectImpl(session),
	mAppNotifyCallback(NULL),
	mAppNotifyCallbackCtx(NULL)
{
	setGuid(guid);
}

ModuleImpl::~ModuleImpl()
{
	unload();
}


//
// RawModuleEvent objects encapsulate CSSM module callbacks
//
RawModuleEvents::~RawModuleEvents()
{ }

CSSM_RETURN RawModuleEvents::sendNotify(const CSSM_GUID *, void *context,
	uint32 subService, CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
{
	try {
		reinterpret_cast<RawModuleEvents *>(context)->notify(subService, type, event);
		return CSSM_OK;
	} catch (const CommonError &error) {
		return CssmError::cssmError(error, CSSM_CSSM_BASE_ERROR);
	} catch (...) {
		return CSSMERR_CSSM_INTERNAL_ERROR;	// whatever...
	}
}


//
// ModuleEvents enhance RawModuleEvents by splitting the callback up by type
//
void ModuleEvents::notify(uint32 subService,
	CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
{
	switch (event) {
	case CSSM_NOTIFY_INSERT:
		insertion(subService, type);
		break;
	case CSSM_NOTIFY_REMOVE:
		removal(subService, type);
		break;
	case CSSM_NOTIFY_FAULT:
		fault(subService, type);
		break;
	}
}

// default callbacks do nothing
void ModuleEvents::insertion(uint32 subService, CSSM_SERVICE_TYPE type) { }
void ModuleEvents::removal(uint32 subService, CSSM_SERVICE_TYPE type) { }
void ModuleEvents::fault(uint32 subService, CSSM_SERVICE_TYPE type) { }


void
ModuleImpl::appNotifyCallback(CSSM_API_ModuleEventHandler appNotifyCallback, void *appNotifyCallbackCtx)
{
	secinfo("callback","In ModuleImpl::appNotifyCallback, appNotifyCallback=%p, appNotifyCallbackCtx=%p",
		appNotifyCallback, appNotifyCallbackCtx);
	if (mActive)
		Error::throwMe(Error::objectBusy);

	mAppNotifyCallback = appNotifyCallback;
	mAppNotifyCallbackCtx = appNotifyCallbackCtx;
}

void
ModuleImpl::appNotifyCallback(RawModuleEvents *handler)
{
	appNotifyCallback(RawModuleEvents::sendNotify, handler);
}

void
ModuleImpl::activate()
{
    {
        StLock<Mutex> _(mActivateMutex);
        if (!mActive)
        {
            session()->init();
            // @@@ install handler here (use central dispatch with override)
            secinfo("callback","In ModuleImpl::activate, mAppNotifyCallback=%p, mAppNotifyCallbackCtx=%p",
                mAppNotifyCallback, mAppNotifyCallbackCtx);
            check(CSSM_ModuleLoad(&guid(), CSSM_KEY_HIERARCHY_NONE, mAppNotifyCallback, mAppNotifyCallbackCtx));
            mActive = true;
        }
    }
    
    session()->catchExit();
}

void
ModuleImpl::deactivate()
{
	if (!isIdle())
		Error::throwMe(Error::objectBusy);

    StLock<Mutex> _(mActivateMutex);
	if (mActive)
	{
		mActive = false;
		check(CSSM_ModuleUnload(&guid(), mAppNotifyCallback, mAppNotifyCallbackCtx));
	}
}

Cssm
ModuleImpl::session() const
{
	return parent<Cssm>();
}


//
// CssmAttachment objects.
// parent ::= the loaded module object.
// active ::= attached.
//
AttachmentImpl::AttachmentImpl(const Guid &guid, CSSM_SERVICE_TYPE subserviceType)
: ObjectImpl(CssmImpl::standard()->autoModule(guid))
{
	make(subserviceType);
}

AttachmentImpl::AttachmentImpl(const Module &module, CSSM_SERVICE_TYPE subserviceType)
: ObjectImpl(module)
{
	make(subserviceType);
}

AttachmentImpl::~AttachmentImpl()
try
{
	detach();
}
catch (...) {
    return;
}

void
AttachmentImpl::make(CSSM_SERVICE_TYPE subserviceType)
{
	// default configuration
	mVersion.Major = 2;
	mVersion.Minor = 0;
	mSubserviceType = subserviceType;
	mSubserviceId = 0;
	mAttachFlags = 0;
}

void
AttachmentImpl::activate()
{
    StLock<Mutex> _(mActivateMutex);
	if (!mActive)
	{
		module()->load();
		mMemoryFunctions = CssmAllocatorMemoryFunctions(allocator());
		check(CSSM_ModuleAttach(&guid(), &mVersion,
			  &mMemoryFunctions,
			  mSubserviceId,
			  mSubserviceType,
			  mAttachFlags,
			  CSSM_KEY_HIERARCHY_NONE,
			  NULL, 0,	// no function pointer table return
			  NULL,		// reserved
			  &mHandle));
		mActive = true;
	}
}

void
AttachmentImpl::deactivate()
{
    StLock<Mutex> _(mActivateMutex);
	if (mActive)
	{
		mActive = false;
		check(CSSM_ModuleDetach(mHandle));
	}
}

CSSM_SERVICE_MASK
AttachmentImpl::subserviceMask() const
{
	return mSubserviceType;
}

void
AttachmentImpl::subserviceId(uint32 id)
{
	mSubserviceId = id;
}

CssmSubserviceUid
AttachmentImpl::subserviceUid() const
{
	return CssmSubserviceUid(guid(), &mVersion, mSubserviceId, subserviceMask());
}

Module
AttachmentImpl::module() const
{
	return parent<Module>();
}
Commit	Line	Data
b1ab9ed8	1	/*
d8f41ccd	2	* Copyright (c) 2000-2001,2011-2014 Apple Inc. All Rights Reserved.
b1ab9ed8 A	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	//
	20	// cssmclient - common client interface to CSSM and MDS.
	21	//
	22	// Locking Strategy (preliminary):
	23	// XXX This is obsolete update this --mb
	24	// A CssmObject is a CountingMutex. Its count represents the number of children that have registered
	25	// themselves (using addChild/removeChild). The lock controls the internal management fields of the
	26	// various subclasses to protect them against corruption. It does NOT control attribute and argument
	27	// fields and operations, not does it control object-constant fields.
	28	// This means that if you use an object from multiple threads, you (the caller) must lock the object
	29	// during set/get calls of attributes. Note that the CSSM operations themselves are safely multithreaded
	30	// and thus don't need to be interlocked explicitly.
	31	//
	32	#include <security_cdsa_client/cssmclient.h>
fa7225c8	33	#include <utilities/debugging.h>
b1ab9ed8 A	34
	35	using namespace CssmClient;
	36
	37	//
	38	// Exception model
	39	//
	40	const char *
	41	Error::what () const throw()
	42	{
	43	return "CSSM client library error";
	44	}
	45
	46
	47	//
	48	// General utilities
	49	//
	50	void
	51	ObjectImpl::check(CSSM_RETURN status)
	52	{
	53	if (status != CSSM_OK)
	54	{
	55	CssmError::throwMe(status);
	56	}
	57	}
	58
	59
	60	//
	61	// Common features of Objects
	62	//
	63	ObjectImpl::ObjectImpl() : mParent(), mChildCount(0)
	64	{
	65	mActive = false; // not activated
	66	mAllocator = NULL; // allocator to be determined
	67	}
	68
	69	ObjectImpl::ObjectImpl(const Object &mommy) : mParent(mommy.mImpl), mChildCount(0)
	70	{
	71	mActive = false; // not activated
	72	mAllocator = NULL; // allocator to be determined
	73	if (mParent)
	74	mParent->addChild();
	75	}
	76
	77	ObjectImpl::~ObjectImpl()
	78	try
	79	{
427c49bc A	80	if (!isIdle())
	81	{
	82	int i = mChildCount;
fa7225c8	83	secerror("Object %p still has %d children at delete.\n", this, i);
427c49bc	84	}
b1ab9ed8 A	85
	86	// release parent from her obligations (if we still have one)
	87	if (mParent)
	88	mParent->removeChild();
	89	}
	90	catch(...)
	91	{
6b200bc3	92	return; // Prevent re-throw of exception [function-try-block]
b1ab9ed8 A	93	}
	94
	95	void
	96	ObjectImpl::addChild()
	97	{
	98	mChildCount++; // atomic
	99	}
	100
	101	void
	102	ObjectImpl::removeChild()
	103	{
	104	mChildCount--; // atomic
	105	}
	106
	107
	108	//
	109	// Manage allocators in the Object tree
	110	//
	111	Allocator &
	112	ObjectImpl::allocator() const
	113	{
6b200bc3	114	StLock<Mutex> _(mAllocatorMutex);
b1ab9ed8 A	115	if (mAllocator == NULL)
	116	{
	117	// fix allocator now
	118	if (mParent)
	119	mAllocator = &mParent->allocator();
	120	else
	121	mAllocator = &Allocator::standard();
	122	}
	123
	124	return *mAllocator;
	125	}
	126
	127	void
	128	ObjectImpl::allocator(Allocator &alloc)
	129	{
6b200bc3	130	StLock<Mutex> _(mAllocatorMutex);
b1ab9ed8 A	131	assert(mAllocator == NULL); // cannot redefine allocator once set
	132	mAllocator = &alloc;
	133	}
	134
	135	// Comparison operators use pointer comparison by default. Subclasses may override.
	136	bool
	137	ObjectImpl::operator <(const ObjectImpl &other) const
	138	{
	139	return this < &other;
	140	}
	141
	142	bool
	143	ObjectImpl::operator ==(const ObjectImpl &other) const
	144	{
	145	return this == &other;
	146	}
	147
	148
	149	//
	150	// CSSMSession objects.
	151	// parent ::= NULL (none)
	152	// active ::= CSSM initialized
	153	//
	154	ModuleNexus<CssmImpl::StandardCssm> CssmImpl::mStandard;
	155
	156	CssmImpl::CssmImpl() : ObjectImpl()
	157	{
	158	setup();
	159	mStandard().setCssm(this);
	160	}
	161
	162	CssmImpl::CssmImpl(bool) : ObjectImpl()
	163	{
	164	setup();
	165	// implicitly constructed - caller responsible for standard session management
	166	}
	167
	168	CssmImpl::~CssmImpl()
	169	{
	170	try
	171	{
	172	deactivate();
	173	}
	174	catch(...) {}
	175
	176	// this may be the standard session...
	177	mStandard().unsetCssm(this);
	178	}
	179
	180
	181	void
	182	CssmImpl::setup()
	183	{
	184	// set default configuration
	185	mVersion.Major = 2;
	186	mVersion.Minor = 0;
	187	mScope = CSSM_PRIVILEGE_SCOPE_PROCESS;
	188	}
	189
	190
	191	Cssm
	192	CssmImpl::standard()
	193	{
	194	return Cssm(mStandard().get());
195	}
196
197
198	void
199	CssmImpl::activate()
200	{
313fa17b	201	StLock<Mutex> _(mActivateMutex);
b1ab9ed8 A	202	if (!mActive)
	203	{
	204	// currently, no choices on PVC mode and key hierarchy
	205	CSSM_PVC_MODE pvc = CSSM_PVC_NONE;
	206	switch (CSSM_RETURN rc = CSSM_Init(&mVersion,
	207	mScope, &mCallerGuid,
	208	CSSM_KEY_HIERARCHY_NONE, &pvc, NULL)) {
	209	case CSSMERR_CSSM_PVC_ALREADY_CONFIGURED:
	210	case CSSM_OK:
	211	break;
	212	default:
	213	check(rc);
	214	}
	215	mActive = true;
	216	}
	217	}
	218
	219	void
	220	CssmImpl::deactivate()
	221	{
313fa17b	222	StLock<Mutex> _(mActivateMutex);
b1ab9ed8 A	223	if (mActive)
	224	{
	225	mActive = false;
	226
	227	// clear module map (all gone now)
	228	moduleMap.erase(moduleMap.begin(), moduleMap.end());
	229
	230	// now terminate CSSM
	231	check(CSSM_Terminate());
	232	}
	233	}
	234
	235	void
	236	CssmImpl::atExitHandler()
	237	{
	238	try {
	239	mStandard.reset();
	240	} catch (...) {
	241	}
	242	}
	243
	244	void
	245	CssmImpl::catchExit()
	246	{
	247	// @@@ Even though this is the "right thing" to do. This only causes
	248	// exceptions during exit and doesn't really help cleanup correctly.
	249	#if 0
	250	if (::atexit(atExitHandler))
	251	UnixError::throwMe();
	252	#endif
	253	}
	254
	255
	256	//
	257	// Manage the automatic Cssm object.
	258	// This is a program global.
	259	//
	260	void CssmImpl::StandardCssm::setCssm(CssmImpl *cssm)
	261	{
	262	StLock<Mutex> _(*this);
	263	if (mCssm == NULL)
	264	mCssm = cssm;
	265	}
	266
	267	void CssmImpl::StandardCssm::unsetCssm(CssmImpl *cssm)
	268	{
	269	StLock<Mutex> _(*this);
	270	if (mCssm == cssm)
	271	mCssm = NULL;
	272	}
	273
fa7225c8	274	Cssm CssmImpl::StandardCssm::get()
b1ab9ed8 A	275	{
	276	StLock<Mutex> _(*this);
	277	if (mCssm == NULL) { // make the default instance
	278	mCssm = new CssmImpl(true);
	279	}
fa7225c8	280	return Cssm(mCssm);
b1ab9ed8 A	281	}
	282
	283	CssmImpl::StandardCssm::~StandardCssm()
	284	{
	285	if (mCssm) {
	286	mCssm->deactivate();
	287	delete mCssm;
	288	}
	289	}
	290
	291
	292	//
	293	// Auto-module management
	294	//
	295	Module
	296	CssmImpl::autoModule(const Guid &guid)
	297	{
	298	StLock<Mutex> _(mapLock);
	299	ModuleMap::iterator it = moduleMap.find(guid);
	300	if (it == moduleMap.end())
	301	{
	302	// no automodule for this guid yet, create one
	303	Module module(guid, Cssm(this));
	304	moduleMap.insert(ModuleMap::value_type(guid, module));
	305	return module;
	306	}
	307	else
	308	{
	309	// existing automodule - use it
	310	return it->second;
	311	}
	312	}
	313
	314
	315	//
	316	// Module objects.
	317	// parent ::= the session object (usually Cssm::standard)
	318	// active ::= module is loaded.
	319	//
	320	ModuleImpl::ModuleImpl(const Guid &guid) : ObjectImpl(Cssm::standard()),
	321	mAppNotifyCallback(NULL),
	322	mAppNotifyCallbackCtx(NULL)
	323	{
	324	setGuid(guid);
	325	}
	326
	327	ModuleImpl::ModuleImpl(const Guid &guid, const Cssm &session) : ObjectImpl(session),
	328	mAppNotifyCallback(NULL),
	329	mAppNotifyCallbackCtx(NULL)
	330	{
	331	setGuid(guid);
	332	}
	333
	334	ModuleImpl::~ModuleImpl()
	335	{
	336	unload();
	337	}
	338
	339
	340	//
	341	// RawModuleEvent objects encapsulate CSSM module callbacks
	342	//
	343	RawModuleEvents::~RawModuleEvents()
	344	{ }
345
346	CSSM_RETURN RawModuleEvents::sendNotify(const CSSM_GUID , void context,
347	uint32 subService, CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
348	{
349	try {
350	reinterpret_cast<RawModuleEvents *>(context)->notify(subService, type, event);
351	return CSSM_OK;
352	} catch (const CommonError &error) {
353	return CssmError::cssmError(error, CSSM_CSSM_BASE_ERROR);
354	} catch (...) {
355	return CSSMERR_CSSM_INTERNAL_ERROR; // whatever...
356	}
357	}
358
359
360	//
361	// ModuleEvents enhance RawModuleEvents by splitting the callback up by type
362	//
363	void ModuleEvents::notify(uint32 subService,
364	CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
365	{
366	switch (event) {
367	case CSSM_NOTIFY_INSERT:
368	insertion(subService, type);
369	break;
370	case CSSM_NOTIFY_REMOVE:
371	removal(subService, type);
372	break;
373	case CSSM_NOTIFY_FAULT:
374	fault(subService, type);
375	break;
376	}
377	}
378
379	// default callbacks do nothing
380	void ModuleEvents::insertion(uint32 subService, CSSM_SERVICE_TYPE type) { }
381	void ModuleEvents::removal(uint32 subService, CSSM_SERVICE_TYPE type) { }
382	void ModuleEvents::fault(uint32 subService, CSSM_SERVICE_TYPE type) { }
383
384
385	void
386	ModuleImpl::appNotifyCallback(CSSM_API_ModuleEventHandler appNotifyCallback, void *appNotifyCallbackCtx)
387	{
fa7225c8	388	secinfo("callback","In ModuleImpl::appNotifyCallback, appNotifyCallback=%p, appNotifyCallbackCtx=%p",
b1ab9ed8 A	389	appNotifyCallback, appNotifyCallbackCtx);
	390	if (mActive)
	391	Error::throwMe(Error::objectBusy);
	392
	393	mAppNotifyCallback = appNotifyCallback;
	394	mAppNotifyCallbackCtx = appNotifyCallbackCtx;
	395	}
	396
	397	void
	398	ModuleImpl::appNotifyCallback(RawModuleEvents *handler)
	399	{
	400	appNotifyCallback(RawModuleEvents::sendNotify, handler);
	401	}
	402
	403	void
	404	ModuleImpl::activate()
	405	{
c2a06e24 A	406	{
	407	StLock<Mutex> _(mActivateMutex);
	408	if (!mActive)
	409	{
	410	session()->init();
	411	// @@@ install handler here (use central dispatch with override)
fa7225c8	412	secinfo("callback","In ModuleImpl::activate, mAppNotifyCallback=%p, mAppNotifyCallbackCtx=%p",
c2a06e24 A	413	mAppNotifyCallback, mAppNotifyCallbackCtx);
	414	check(CSSM_ModuleLoad(&guid(), CSSM_KEY_HIERARCHY_NONE, mAppNotifyCallback, mAppNotifyCallbackCtx));
	415	mActive = true;
	416	}
	417	}
427c49bc A	418
427c49bc A	419	session()->catchExit();
b1ab9ed8 A	420	}
	421
	422	void
	423	ModuleImpl::deactivate()
	424	{
	425	if (!isIdle())
	426	Error::throwMe(Error::objectBusy);
c2a06e24 A	427
c2a06e24 A	428	StLock<Mutex> _(mActivateMutex);
b1ab9ed8 A	429	if (mActive)
	430	{
	431	mActive = false;
	432	check(CSSM_ModuleUnload(&guid(), mAppNotifyCallback, mAppNotifyCallbackCtx));
	433	}
	434	}
	435
	436	Cssm
	437	ModuleImpl::session() const
	438	{
	439	return parent<Cssm>();
	440	}
	441
	442
	443	//
	444	// CssmAttachment objects.
	445	// parent ::= the loaded module object.
	446	// active ::= attached.
	447	//
	448	AttachmentImpl::AttachmentImpl(const Guid &guid, CSSM_SERVICE_TYPE subserviceType)
	449	: ObjectImpl(CssmImpl::standard()->autoModule(guid))
	450	{
	451	make(subserviceType);
	452	}
	453
	454	AttachmentImpl::AttachmentImpl(const Module &module, CSSM_SERVICE_TYPE subserviceType)
	455	: ObjectImpl(module)
	456	{
	457	make(subserviceType);
	458	}
	459
	460	AttachmentImpl::~AttachmentImpl()
866f8763	461	try
b1ab9ed8 A	462	{
	463	detach();
	464	}
866f8763 A	465	catch (...) {
	466	return;
	467	}
b1ab9ed8 A	468
	469	void
	470	AttachmentImpl::make(CSSM_SERVICE_TYPE subserviceType)
	471	{
	472	// default configuration
	473	mVersion.Major = 2;
	474	mVersion.Minor = 0;
	475	mSubserviceType = subserviceType;
	476	mSubserviceId = 0;
	477	mAttachFlags = 0;
	478	}
	479
	480	void
	481	AttachmentImpl::activate()
	482	{
313fa17b	483	StLock<Mutex> _(mActivateMutex);
b1ab9ed8 A	484	if (!mActive)
	485	{
	486	module()->load();
	487	mMemoryFunctions = CssmAllocatorMemoryFunctions(allocator());
	488	check(CSSM_ModuleAttach(&guid(), &mVersion,
	489	&mMemoryFunctions,
	490	mSubserviceId,
	491	mSubserviceType,
	492	mAttachFlags,
	493	CSSM_KEY_HIERARCHY_NONE,
	494	NULL, 0, // no function pointer table return
	495	NULL, // reserved
	496	&mHandle));
	497	mActive = true;
	498	}
	499	}
	500
	501	void
	502	AttachmentImpl::deactivate()
	503	{
313fa17b	504	StLock<Mutex> _(mActivateMutex);
b1ab9ed8 A	505	if (mActive)
	506	{
	507	mActive = false;
	508	check(CSSM_ModuleDetach(mHandle));
	509	}
	510	}
	511
	512	CSSM_SERVICE_MASK
	513	AttachmentImpl::subserviceMask() const
	514	{
	515	return mSubserviceType;
	516	}
	517
	518	void
	519	AttachmentImpl::subserviceId(uint32 id)
	520	{
	521	mSubserviceId = id;
	522	}
	523
	524	CssmSubserviceUid
	525	AttachmentImpl::subserviceUid() const
	526	{
	527	return CssmSubserviceUid(guid(), &mVersion, mSubserviceId, subserviceMask());
	528	}
	529
	530	Module
	531	AttachmentImpl::module() const
	532	{
	533	return parent<Module>();
	534	}