[apple/security.git] / securityd / src / database.cpp

/*
 * Copyright (c) 2000-2008 Apple Inc. All Rights Reserved.
 * 
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */


//
// database - database session management
//
#include "database.h"
#include "agentquery.h"
#include "key.h"
#include "server.h"
#include "session.h"
#include "notifications.h"
#include <securityd_client/dictionary.h>
#include <security_cdsa_utilities/acl_any.h>	// for default owner ACLs
#include <security_cdsa_client/wrapkey.h>
#include <security_utilities/endian.h>

using namespace UnixPlusPlus;


//
// DbCommon basics
//
DbCommon::DbCommon(Session &session)
{
	referent(session);
}

Session &DbCommon::session() const
{
	return referent<Session>();
}


//
// Database basics
//
Database::Database(Process &proc)
{
	referent(proc);
}


Process& Database::process() const
{
	return referent<Process>();
}
	

//
// Send a keychain-related notification event about this database
//
void DbCommon::notify(NotificationEvent event, const DLDbIdentifier &ident)
{
	// form the data (encoded DLDbIdentifier)
    NameValueDictionary nvd;
    NameValueDictionary::MakeNameValueDictionaryFromDLDbIdentifier(ident, nvd);
    CssmData data;
    nvd.Export(data);

	// inject notification into Security event system
    Listener::notify(kNotificationDomainDatabase, event, data);
	
	// clean up
    free (data.data());
}


//
// Default behaviors
//
void DbCommon::sleepProcessing()
{
	// nothing
}

void DbCommon::lockProcessing()
{
	// nothing
}

bool DbCommon::belongsToSystem() const
{
	return false;
}


void Database::releaseKey(Key &key)
{
	kill(key);
}

void Database::releaseSearch(Search &search)
{
	kill(search);
}

void Database::releaseRecord(Record &record)
{
	kill(record);
}

void Database::dbName(const char *name)
{
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}


//
// Functions that aren't implemented at the Database level but can stay that way
//
void Database::findFirst(const CssmQuery &query,
	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
	CssmData *data, RefPointer<Key> &key, RefPointer<Search> &search, RefPointer<Record> &record,
	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
{
	secinfo("database", "%p calling unimplemented findFirst", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::findNext(Search *search,
	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
	CssmData *data, RefPointer<Key> &key, RefPointer<Record> &record,
	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
{
	secinfo("database", "%p calling unimplemented findNext", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::findRecordHandle(Record *record,
	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
	CssmData *data, RefPointer<Key> &key,
	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
{
	secinfo("database", "%p calling unimplemented findRecordHandle", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::insertRecord(CSSM_DB_RECORDTYPE recordtype,
	const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
	const CssmData &data, RecordHandle &record)
{
	secinfo("database", "%p calling unimplemented insertRecord", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::modifyRecord(CSSM_DB_RECORDTYPE recordtype, Record *record,
	const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
	const CssmData *data, CSSM_DB_MODIFY_MODE modifyMode)
{
	secinfo("database", "%p calling unimplemented modifyRecord", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::deleteRecord(Database::Record *record)
{
	secinfo("database", "%p calling unimplemented deleteRecord", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

void Database::authenticate(CSSM_DB_ACCESS_TYPE, const AccessCredentials *)
{
	secinfo("database", "%p calling unimplemented authenticate", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

bool Database::checkCredentials(const AccessCredentials *)
{
    secinfo("database", "%p calling unimplemented checkCredentials", this);
    CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

SecurityServerAcl &Database::acl()
{
	secinfo("database", "%p has no ACL implementation", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}

bool Database::isLocked()
{
	secinfo("database", "%p calling unimplemented isLocked", this);
	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
}


//
// SecurityServerAcl personality implementation.
// This is the trivial (type coding) stuff. The hard stuff is virtually mixed in.
//
Database *Database::relatedDatabase()
{
	return this;
}

AclKind Database::aclKind() const
{
	return dbAcl;
}


//
// Remote validation is not, by default, supported
//
bool Database::validateSecret(const AclSubject *, const AccessCredentials *)
{
	return false;
}

bool Database::hasCommon() const
{
    return hasParent();
}
Commit	Line	Data
d8f41ccd A	1	/*
	2	* Copyright (c) 2000-2008 Apple Inc. All Rights Reserved.
	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
	23
	24
	25	//
	26	// database - database session management
	27	//
	28	#include "database.h"
	29	#include "agentquery.h"
	30	#include "key.h"
	31	#include "server.h"
	32	#include "session.h"
	33	#include "notifications.h"
d8f41ccd A	34	#include <securityd_client/dictionary.h>
	35	#include <security_cdsa_utilities/acl_any.h> // for default owner ACLs
	36	#include <security_cdsa_client/wrapkey.h>
	37	#include <security_utilities/endian.h>
	38
	39	using namespace UnixPlusPlus;
	40
	41
	42	//
	43	// DbCommon basics
	44	//
	45	DbCommon::DbCommon(Session &session)
	46	{
	47	referent(session);
	48	}
	49
	50	Session &DbCommon::session() const
	51	{
	52	return referent<Session>();
	53	}
	54
	55
	56	//
	57	// Database basics
	58	//
	59	Database::Database(Process &proc)
	60	{
	61	referent(proc);
	62	}
	63
	64
	65	Process& Database::process() const
	66	{
	67	return referent<Process>();
	68	}
	69
	70
	71	//
	72	// Send a keychain-related notification event about this database
	73	//
	74	void DbCommon::notify(NotificationEvent event, const DLDbIdentifier &ident)
	75	{
	76	// form the data (encoded DLDbIdentifier)
	77	NameValueDictionary nvd;
	78	NameValueDictionary::MakeNameValueDictionaryFromDLDbIdentifier(ident, nvd);
	79	CssmData data;
	80	nvd.Export(data);
	81
	82	// inject notification into Security event system
	83	Listener::notify(kNotificationDomainDatabase, event, data);
	84
	85	// clean up
	86	free (data.data());
	87	}
	88
	89
	90	//
	91	// Default behaviors
	92	//
	93	void DbCommon::sleepProcessing()
	94	{
	95	// nothing
	96	}
	97
98	void DbCommon::lockProcessing()
99	{
100	// nothing
101	}
102
103	bool DbCommon::belongsToSystem() const
104	{
105	return false;
106	}
107
108
109	void Database::releaseKey(Key &key)
110	{
111	kill(key);
112	}
113
114	void Database::releaseSearch(Search &search)
115	{
116	kill(search);
117	}
118
119	void Database::releaseRecord(Record &record)
120	{
121	kill(record);
122	}
123
124	void Database::dbName(const char *name)
125	{
126	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
127	}
128
129
130	//
131	// Functions that aren't implemented at the Database level but can stay that way
132	//
133	void Database::findFirst(const CssmQuery &query,
134	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
135	CssmData *data, RefPointer<Key> &key, RefPointer<Search> &search, RefPointer<Record> &record,
136	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
137	{
fa7225c8	138	secinfo("database", "%p calling unimplemented findFirst", this);
d8f41ccd A	139	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	140	}
	141
	142	void Database::findNext(Search *search,
	143	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
	144	CssmData *data, RefPointer<Key> &key, RefPointer<Record> &record,
	145	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
	146	{
fa7225c8	147	secinfo("database", "%p calling unimplemented findNext", this);
d8f41ccd A	148	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	149	}
	150
	151	void Database::findRecordHandle(Record *record,
	152	CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
	153	CssmData *data, RefPointer<Key> &key,
	154	CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
	155	{
fa7225c8	156	secinfo("database", "%p calling unimplemented findRecordHandle", this);
d8f41ccd A	157	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	158	}
	159
	160	void Database::insertRecord(CSSM_DB_RECORDTYPE recordtype,
	161	const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
	162	const CssmData &data, RecordHandle &record)
	163	{
fa7225c8	164	secinfo("database", "%p calling unimplemented insertRecord", this);
d8f41ccd A	165	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	166	}
	167
	168	void Database::modifyRecord(CSSM_DB_RECORDTYPE recordtype, Record *record,
	169	const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
	170	const CssmData *data, CSSM_DB_MODIFY_MODE modifyMode)
	171	{
fa7225c8	172	secinfo("database", "%p calling unimplemented modifyRecord", this);
d8f41ccd A	173	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	174	}
	175
	176	void Database::deleteRecord(Database::Record *record)
	177	{
fa7225c8	178	secinfo("database", "%p calling unimplemented deleteRecord", this);
d8f41ccd A	179	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	180	}
	181
	182	void Database::authenticate(CSSM_DB_ACCESS_TYPE, const AccessCredentials *)
	183	{
fa7225c8	184	secinfo("database", "%p calling unimplemented authenticate", this);
d8f41ccd A	185	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	186	}
	187
e3d460c9 A	188	bool Database::checkCredentials(const AccessCredentials *)
e3d460c9 A	189	{
fa7225c8	190	secinfo("database", "%p calling unimplemented checkCredentials", this);
e3d460c9 A	191	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	192	}
	193
d8f41ccd A	194	SecurityServerAcl &Database::acl()
d8f41ccd A	195	{
fa7225c8	196	secinfo("database", "%p has no ACL implementation", this);
d8f41ccd A	197	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	198	}
	199
	200	bool Database::isLocked()
	201	{
fa7225c8	202	secinfo("database", "%p calling unimplemented isLocked", this);
d8f41ccd A	203	CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
	204	}
	205
	206
	207	//
	208	// SecurityServerAcl personality implementation.
	209	// This is the trivial (type coding) stuff. The hard stuff is virtually mixed in.
	210	//
	211	Database *Database::relatedDatabase()
	212	{
	213	return this;
	214	}
	215
	216	AclKind Database::aclKind() const
	217	{
	218	return dbAcl;
	219	}
	220
	221
	222	//
	223	// Remote validation is not, by default, supported
	224	//
	225	bool Database::validateSecret(const AclSubject , const AccessCredentials )
	226	{
	227	return false;
	228	}
	229
79b9da22 A	230	bool Database::hasCommon() const
	231	{
	232	return hasParent();
	233	}