2 * Copyright (c) 2012-2014 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
26 #include "debugging.h"
29 #include <sqlite3_private.h>
30 #include <CoreFoundation/CoreFoundation.h>
33 #include <AssertMacros.h>
34 #include "SecCFWrappers.h"
35 #include "SecCFError.h"
36 #include "SecIOFormat.h"
38 #include "Security/SecBase.h"
42 // Architecturally inverted files
43 // These are in SecureObjectSync but utilities depends on them
44 // <rdar://problem/20802079> Fix layer violation (SOSDigestVector, SOSManifest, SecDB.c)
46 #include <Security/SecureObjectSync/SOSDigestVector.h>
47 #include <Security/SecureObjectSync/SOSManifest.h>
49 #define LOGE(ARG,...) secerror(ARG, ## __VA_ARGS__)
50 #define LOGV(ARG,...) secdebug("secdb", ARG, ## __VA_ARGS__)
51 #define LOGD(ARG,...) secdebug("secdb", ARG, ## __VA_ARGS__)
53 #define HAVE_UNLOCK_NOTIFY 0
54 #define USE_BUSY_HANDLER 1
56 struct __OpaqueSecDbStatement
{
59 SecDbConnectionRef dbconn
;
63 struct __OpaqueSecDbConnection
{
66 //CFMutableDictionaryRef statements;
68 SecDbRef db
; // NONRETAINED, since db or block retains us
71 SecDbTransactionSource source
;
74 // Pending deletions and additions for the current transaction
75 // Entires are either:
76 // 1) a CFArrayRef of 1 element representing a deletion,
77 // 2) a CFArrayRef of 2 elements representing the element 0 having been replaced with element 1
78 // 3) a CFTypeRef that is not a CFArrayRef, representing an add of the element in question.
79 CFMutableArrayRef changes
;
82 struct __OpaqueSecDb
{
86 dispatch_queue_t queue
;
87 CFMutableArrayRef connections
;
88 dispatch_semaphore_t write_semaphore
;
89 dispatch_semaphore_t read_semaphore
;
91 bool (^opened
)(SecDbConnectionRef dbconn
, bool didCreate
, bool *callMeAgainForNextConnection
, CFErrorRef
*error
);
92 bool callOpenedHandlerForNextConnection
;
93 dispatch_queue_t notifyQueue
;
94 SecDBNotifyBlock notifyPhase
;
97 // MARK: Error domains and error helper functions
99 CFStringRef kSecDbErrorDomain
= CFSTR("com.apple.utilities.sqlite3");
101 bool SecDbError(int sql_code
, CFErrorRef
*error
, CFStringRef format
, ...) {
102 if (sql_code
== SQLITE_OK
) return true;
105 CFIndex code
= sql_code
;
106 CFErrorRef previousError
= *error
;
109 va_start(args
, format
);
110 SecCFCreateErrorWithFormatAndArguments(code
, kSecDbErrorDomain
, previousError
, error
, NULL
, format
, args
);
111 CFReleaseNull(previousError
);
117 bool SecDbErrorWithDb(int sql_code
, sqlite3
*db
, CFErrorRef
*error
, CFStringRef format
, ...) {
118 if (sql_code
== SQLITE_OK
) return true;
121 va_start(args
, format
);
122 CFStringRef message
= CFStringCreateWithFormatAndArguments(kCFAllocatorDefault
, NULL
, format
, args
);
125 int extended_code
= sqlite3_extended_errcode(db
);
126 if (sql_code
== extended_code
)
127 SecDbError(sql_code
, error
, CFSTR("%@: [%d] %s"), message
, sql_code
, sqlite3_errmsg(db
));
129 SecDbError(sql_code
, error
, CFSTR("%@: [%d->%d] %s"), message
, sql_code
, extended_code
, sqlite3_errmsg(db
));
130 CFReleaseSafe(message
);
135 bool SecDbErrorWithStmt(int sql_code
, sqlite3_stmt
*stmt
, CFErrorRef
*error
, CFStringRef format
, ...) {
136 if (sql_code
== SQLITE_OK
) return true;
139 va_start(args
, format
);
140 CFStringRef message
= CFStringCreateWithFormatAndArguments(kCFAllocatorDefault
, NULL
, format
, args
);
143 sqlite3
*db
= sqlite3_db_handle(stmt
);
144 const char *sql
= sqlite3_sql(stmt
);
145 int extended_code
= sqlite3_extended_errcode(db
);
146 if (sql_code
== extended_code
)
147 SecDbError(sql_code
, error
, CFSTR("%@: [%d] %s sql: %s"), message
, sql_code
, sqlite3_errmsg(db
), sql
);
149 SecDbError(sql_code
, error
, CFSTR("%@: [%d->%d] %s sql: %s"), message
, sql_code
, extended_code
, sqlite3_errmsg(db
), sql
);
150 CFReleaseSafe(message
);
157 // MARK: Static helper functions
159 static bool SecDbOpenHandle(SecDbConnectionRef dbconn
, bool *created
, CFErrorRef
*error
);
160 static bool SecDbHandleCorrupt(SecDbConnectionRef dbconn
, int rc
, CFErrorRef
*error
);
163 #pragma mark SecDbRef
166 SecDbCopyFormatDescription(CFTypeRef value
, CFDictionaryRef formatOptions
)
168 SecDbRef db
= (SecDbRef
)value
;
169 return CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("<SecDb path:%@ connections: %@>"), db
->db_path
, db
->connections
);
174 SecDbDestroy(CFTypeRef value
)
176 SecDbRef db
= (SecDbRef
)value
;
177 CFReleaseSafe(db
->connections
);
178 CFReleaseSafe(db
->db_path
);
179 dispatch_release(db
->queue
);
180 dispatch_release(db
->read_semaphore
);
181 dispatch_release(db
->write_semaphore
);
183 Block_release(db
->opened
);
189 SecDbCreate(CFStringRef dbName
,
190 bool (^opened
)(SecDbConnectionRef dbconn
, bool didCreate
, bool *callMeAgainForNextConnection
, CFErrorRef
*error
))
194 db
= CFTypeAllocate(SecDb
, struct __OpaqueSecDb
, kCFAllocatorDefault
);
195 require(db
!= NULL
, done
);
197 CFStringPerformWithCString(dbName
, ^(const char *dbNameStr
) {
198 db
->queue
= dispatch_queue_create(dbNameStr
, DISPATCH_QUEUE_SERIAL
);
200 db
->read_semaphore
= dispatch_semaphore_create(kSecDbMaxReaders
);
201 db
->write_semaphore
= dispatch_semaphore_create(kSecDbMaxWriters
);
202 db
->connections
= CFArrayCreateMutableForCFTypes(kCFAllocatorDefault
);
203 db
->opened
= opened
? Block_copy(opened
) : NULL
;
204 if (getenv("__OSINSTALL_ENVIRONMENT") != NULL
) {
205 // TODO: Move this code out of this layer
206 LOGV("sqlDb: running from installer");
207 db
->db_path
= CFSTR("file::memory:?cache=shared");
209 db
->db_path
= CFStringCreateCopy(kCFAllocatorDefault
, dbName
);
216 SecDbIdleConnectionCount(SecDbRef db
) {
217 __block CFIndex count
= 0;
218 dispatch_sync(db
->queue
, ^{
219 count
= CFArrayGetCount(db
->connections
);
224 void SecDbSetNotifyPhaseBlock(SecDbRef db
, dispatch_queue_t queue
, SecDBNotifyBlock notifyPhase
) {
226 dispatch_release(db
->notifyQueue
);
228 Block_release(db
->notifyPhase
);
231 db
->notifyQueue
= queue
;
232 dispatch_retain(db
->notifyQueue
);
234 db
->notifyQueue
= NULL
;
237 db
->notifyPhase
= Block_copy(notifyPhase
);
239 db
->notifyPhase
= NULL
;
242 static void SecDbNotifyPhase(SecDbConnectionRef dbconn
, SecDbTransactionPhase phase
) {
243 if (CFArrayGetCount(dbconn
->changes
)) {
244 CFArrayRef changes
= dbconn
->changes
;
245 dbconn
->changes
= CFArrayCreateMutableForCFTypes(kCFAllocatorDefault
);
246 if (dbconn
->db
->notifyPhase
)
247 dbconn
->db
->notifyPhase(dbconn
, phase
, dbconn
->source
, changes
);
248 CFReleaseSafe(changes
);
252 static void SecDbOnNotifyQueue(SecDbConnectionRef dbconn
, void (^perform
)()) {
253 if (dbconn
->db
->notifyQueue
) {
254 dispatch_sync(dbconn
->db
->notifyQueue
, ^{
262 CFStringRef
SecDbGetPath(SecDbRef db
) {
268 #pragma mark SecDbConnectionRef
270 static bool SecDbCheckCorrupted(SecDbConnectionRef dbconn
)
272 __block
bool isCorrupted
= true;
273 __block CFErrorRef error
= NULL
;
274 SecDbPrepare(dbconn
, CFSTR("PRAGMA integrity_check"), &error
, ^(sqlite3_stmt
*stmt
) {
275 SecDbStep(dbconn
, stmt
, &error
, ^(bool *stop
) {
276 const char * result
= (const char*)sqlite3_column_text(stmt
, 0);
277 if (result
&& strncasecmp(result
, "ok", 3) == 0) {
283 LOGV("sqlDb: warning error %@ when running integrity check", error
);
289 static bool SecDbDidCreateFirstConnection(SecDbConnectionRef dbconn
, bool didCreate
, CFErrorRef
*error
)
291 LOGD("sqlDb: starting maintenance");
294 if (!didCreate
&& !dbconn
->isCorrupted
) {
295 dbconn
->isCorrupted
= SecDbCheckCorrupted(dbconn
);
296 if (dbconn
->isCorrupted
)
297 secerror("integrity check=fail");
299 LOGD("sqlDb: integrity check=pass");
302 if (!dbconn
->isCorrupted
&& dbconn
->db
->opened
) {
303 CFErrorRef localError
= NULL
;
305 dbconn
->db
->callOpenedHandlerForNextConnection
= false;
306 ok
= dbconn
->db
->opened(dbconn
, didCreate
, &dbconn
->db
->callOpenedHandlerForNextConnection
, &localError
);
309 secerror("opened block failed: %@", localError
);
311 if (!dbconn
->isCorrupted
&& error
&& *error
== NULL
) {
315 secerror("opened block failed: error is released and lost");
316 CFReleaseNull(localError
);
320 if (dbconn
->isCorrupted
) {
321 ok
= SecDbHandleCorrupt(dbconn
, 0, error
);
324 LOGD("sqlDb: finished maintenance");
328 void SecDbCorrupt(SecDbConnectionRef dbconn
)
330 dbconn
->isCorrupted
= true;
334 static uint8_t knownDbPathIndex(SecDbConnectionRef dbconn
)
337 if(CFEqual(dbconn
->db
->db_path
, CFSTR("/Library/Keychains/keychain-2.db")))
339 if(CFEqual(dbconn
->db
->db_path
, CFSTR("/Library/Keychains/ocspcache.sqlite3")))
341 if(CFEqual(dbconn
->db
->db_path
, CFSTR("/Library/Keychains/TrustStore.sqlite3")))
343 if(CFEqual(dbconn
->db
->db_path
, CFSTR("/Library/Keychains/caissuercache.sqlite3")))
346 /* Unknown DB path */
351 // Return true if there was no error, returns false otherwise and set *error to an appropriate CFErrorRef.
352 static bool SecDbConnectionCheckCode(SecDbConnectionRef dbconn
, int code
, CFErrorRef
*error
, CFStringRef desc
, ...) {
353 if (code
== SQLITE_OK
|| code
== SQLITE_DONE
)
358 va_start(args
, desc
);
359 CFStringRef msg
= CFStringCreateWithFormatAndArguments(kCFAllocatorDefault
, NULL
, desc
, args
);
361 SecDbErrorWithDb(code
, dbconn
->handle
, error
, msg
);
365 /* If it's already corrupted, don't try to recover */
366 if (dbconn
->isCorrupted
) {
367 CFStringRef reason
= CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("SQL DB %@ is corrupted already. Not trying to recover"), dbconn
->db
->db_path
);
368 secerror("%@",reason
);
369 __security_simulatecrash(reason
, __sec_exception_code_TwiceCorruptDb(knownDbPathIndex(dbconn
)));
370 CFReleaseSafe(reason
);
374 dbconn
->isCorrupted
= (SQLITE_CORRUPT
== code
) || (SQLITE_NOTADB
== code
) || (SQLITE_IOERR
== code
) || (SQLITE_CANTOPEN
== code
);
375 if (dbconn
->isCorrupted
) {
376 /* Run integrity check and only make dbconn->isCorrupted true and
377 run the corruption handler if the integrity check conclusively fails. */
378 dbconn
->isCorrupted
= SecDbCheckCorrupted(dbconn
);
379 if (dbconn
->isCorrupted
) {
380 secerror("operation returned code: %d integrity check=fail", code
);
381 SecDbHandleCorrupt(dbconn
, code
, error
);
383 secerror("operation returned code: %d: integrity check=pass", code
);
390 #if HAVE_UNLOCK_NOTIFY
392 static void SecDbUnlockNotify(void **apArg
, int nArg
) {
394 for(i
=0; i
<nArg
; i
++) {
395 dispatch_semaphore_t dsema
= (dispatch_semaphore_t
)apArg
[i
];
396 dispatch_semaphore_signal(dsema
);
400 static bool SecDbWaitForUnlockNotify(SecDbConnectionRef dbconn
, sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
402 dispatch_semaphore_t dsema
= dispatch_semaphore_create(0);
403 rc
= sqlite3_unlock_notify(dbconn
->handle
, SecDbUnlockNotify
, dsema
);
404 assert(rc
== SQLITE_LOCKED
|| rc
== SQLITE_OK
);
405 if (rc
== SQLITE_OK
) {
406 dispatch_semaphore_wait(dsema
, DISPATCH_TIME_FOREVER
);
408 dispatch_release(dsema
);
409 return (rc
== SQLITE_OK
412 ? SecDbErrorWithStmt(rc
, stmt
, error
, CFSTR("sqlite3_unlock_notify"))
413 : SecDbErrorWithDb(rc
, dbconn
->handle
, error
, CFSTR("sqlite3_unlock_notify"))));
420 // Return 0 to stop retrying.
421 static int SecDbHandleBusy(void *ctx
, int retryCount
) {
422 SecDbConnectionRef dbconn __unused
= ctx
;
423 struct timespec sleeptime
= { .tv_sec
= 0, .tv_nsec
= 10000 };
424 while (retryCount
--) {
425 // Double sleeptime until we hit one second then add one
426 // second more every time we sleep.
427 if (sleeptime
.tv_sec
) {
430 sleeptime
.tv_nsec
*= 2;
431 if (sleeptime
.tv_nsec
> NSEC_PER_SEC
) {
432 sleeptime
.tv_nsec
= 0;
437 struct timespec unslept
= {};
438 nanosleep(&sleeptime
, &unslept
);
443 static bool SecDbBusyHandler(SecDbConnectionRef dbconn
, CFErrorRef
*error
) {
444 return SecDbErrorWithDb(sqlite3_busy_handler(dbconn
->handle
, SecDbHandleBusy
, dbconn
), dbconn
->handle
, error
, CFSTR("busy_handler"));
447 #endif // USE_BUSY_HANDLER
449 // Return true causes the operation to be tried again.
450 static bool SecDbWaitIfNeeded(SecDbConnectionRef dbconn
, int s3e
, sqlite3_stmt
*stmt
, CFStringRef desc
, struct timespec
*sleeptime
, CFErrorRef
*error
) {
451 #if HAVE_UNLOCK_NOTIFY
452 if (s3e
== SQLITE_LOCKED
) { // Optionally check for extended code being SQLITE_LOCKED_SHAREDCACHE
453 return SecDbWaitForUnlockNotify(dbconn
, stmt
, error
))
457 #if !USE_BUSY_HANDLER
458 if (s3e
== SQLITE_LOCKED
|| s3e
== SQLITE_BUSY
) {
459 LOGV("sqlDb: %s", sqlite3_errmsg(dbconn
->handle
));
460 while (s3e
== SQLITE_LOCKED
|| s3e
== SQLITE_BUSY
) {
461 struct timespec unslept
= {};
462 nanosleep(sleeptime
, &unslept
);
465 s3e
= sqlite3_reset(stmt
);
467 // Double sleeptime until we hit one second the add one
468 // second more every time we sleep.
469 if (sleeptime
->tv_sec
) {
472 sleeptime
->tv_nsec
*= 2;
473 if (sleeptime
->tv_nsec
> NSEC_PER_SEC
) {
474 sleeptime
->tv_nsec
= 0;
480 return SecDbErrorWithStmt(s3e
, stmt
, error
, CFSTR("reset"));
482 #endif // !USE_BUSY_HANDLER
484 return SecDbConnectionCheckCode(dbconn
, s3e
, error
, desc
);
489 enum SecDbStepResult
{
494 typedef enum SecDbStepResult SecDbStepResult
;
496 static SecDbStepResult
_SecDbStep(SecDbConnectionRef dbconn
, sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
497 assert(stmt
!= NULL
);
499 struct timespec sleeptime
= { .tv_sec
= 0, .tv_nsec
= 10000 };
501 s3e
= sqlite3_step(stmt
);
502 if (s3e
== SQLITE_ROW
)
503 return kSecDbRowStep
;
504 else if (s3e
== SQLITE_DONE
)
505 return kSecDbDoneStep
;
506 else if (!SecDbWaitIfNeeded(dbconn
, s3e
, stmt
, CFSTR("step"), &sleeptime
, error
))
507 return kSecDbErrorStep
;
512 SecDbExec(SecDbConnectionRef dbconn
, CFStringRef sql
, CFErrorRef
*error
)
517 CFStringRef tail
= NULL
;
519 sqlite3_stmt
*stmt
= SecDbCopyStmt(dbconn
, sql
, &tail
, error
);
523 while ((sr
= _SecDbStep(dbconn
, stmt
, error
)) == kSecDbRowStep
);
524 if (sr
== kSecDbErrorStep
)
526 ok
&= SecDbReleaseCachedStmt(dbconn
, sql
, stmt
, error
);
529 // TODO We already have an error here we really just want the left over sql in it's userData
530 ok
= SecDbError(SQLITE_ERROR
, error
, CFSTR("Error with unexecuted sql remaining %@"), sql
);
538 static bool SecDbBeginTransaction(SecDbConnectionRef dbconn
, SecDbTransactionType type
, CFErrorRef
*error
)
543 case kSecDbImmediateTransactionType
:
544 query
= CFSTR("BEGIN IMMEDATE");
546 case kSecDbExclusiveRemoteTransactionType
:
547 dbconn
->source
= kSecDbSOSTransaction
;
548 case kSecDbExclusiveTransactionType
:
549 query
= CFSTR("BEGIN EXCLUSIVE");
551 case kSecDbNormalTransactionType
:
552 query
= CFSTR("BEGIN");
555 ok
= SecDbError(SQLITE_ERROR
, error
, CFSTR("invalid transaction type %" PRIu32
), type
);
560 if (query
!= NULL
&& sqlite3_get_autocommit(dbconn
->handle
) != 0) {
561 ok
= SecDbExec(dbconn
, query
, error
);
564 dbconn
->inTransaction
= true;
569 static bool SecDbEndTransaction(SecDbConnectionRef dbconn
, bool commit
, CFErrorRef
*error
)
571 __block
bool ok
= true;
572 SecDbOnNotifyQueue(dbconn
, ^{
573 bool commited
= false;
575 SecDbNotifyPhase(dbconn
, kSecDbTransactionWillCommit
);
576 commited
= ok
= SecDbExec(dbconn
, CFSTR("END"), error
);
578 ok
= SecDbExec(dbconn
, CFSTR("ROLLBACK"), error
);
581 dbconn
->inTransaction
= false;
582 SecDbNotifyPhase(dbconn
, commited
? kSecDbTransactionDidCommit
: kSecDbTransactionDidRollback
);
583 dbconn
->source
= kSecDbAPITransaction
;
588 bool SecDbTransaction(SecDbConnectionRef dbconn
, SecDbTransactionType type
,
589 CFErrorRef
*error
, void (^transaction
)(bool *commit
))
594 if (dbconn
->inTransaction
) {
595 transaction(&commit
);
597 LOGV("sqlDb: nested transaction asked to not be committed");
600 ok
= SecDbBeginTransaction(dbconn
, type
, error
);
602 transaction(&commit
);
603 ok
= SecDbEndTransaction(dbconn
, commit
, error
);
611 sqlite3
*SecDbHandle(SecDbConnectionRef dbconn
) {
612 return dbconn
->handle
;
615 bool SecDbStep(SecDbConnectionRef dbconn
, sqlite3_stmt
*stmt
, CFErrorRef
*error
, void (^row
)(bool *stop
)) {
617 switch (_SecDbStep(dbconn
, stmt
, error
)) {
618 case kSecDbErrorStep
:
628 SecDbError(SQLITE_ERROR
, error
, CFSTR("SecDbStep SQLITE_ROW returned without a row handler"));
636 bool SecDbCheckpoint(SecDbConnectionRef dbconn
, CFErrorRef
*error
)
638 return SecDbConnectionCheckCode(dbconn
, sqlite3_wal_checkpoint(dbconn
->handle
, NULL
), error
, CFSTR("wal_checkpoint"));
641 static bool SecDbFileControl(SecDbConnectionRef dbconn
, int op
, void *arg
, CFErrorRef
*error
) {
642 return SecDbConnectionCheckCode(dbconn
, sqlite3_file_control(dbconn
->handle
, NULL
, op
, arg
), error
, CFSTR("file_control"));
645 static sqlite3
*_SecDbOpenV2(const char *path
, int flags
, CFErrorRef
*error
) {
646 #if HAVE_UNLOCK_NOTIFY
647 flags
|= SQLITE_OPEN_SHAREDCACHE
;
649 sqlite3
*handle
= NULL
;
650 int s3e
= sqlite3_open_v2(path
, &handle
, flags
, NULL
);
653 SecDbErrorWithDb(s3e
, handle
, error
, CFSTR("open_v2 \"%s\" 0x%X"), path
, flags
);
654 sqlite3_close(handle
);
657 SecDbError(s3e
, error
, CFSTR("open_v2 \"%s\" 0x%X"), path
, flags
);
663 static bool SecDbOpenV2(SecDbConnectionRef dbconn
, const char *path
, int flags
, CFErrorRef
*error
) {
664 return (dbconn
->handle
= _SecDbOpenV2(path
, flags
, error
)) != NULL
;
667 static bool SecDbTruncate(SecDbConnectionRef dbconn
, CFErrorRef
*error
)
669 int flags
= SQLITE_TRUNCATE_JOURNALMODE_WAL
| SQLITE_TRUNCATE_AUTOVACUUM_FULL
;
670 __block
bool ok
= SecDbFileControl(dbconn
, SQLITE_TRUNCATE_DATABASE
, &flags
, error
);
672 sqlite3_close(dbconn
->handle
);
673 dbconn
->handle
= NULL
;
674 CFStringPerformWithCString(dbconn
->db
->db_path
, ^(const char *path
) {
676 CFReleaseNull(*error
);
677 if (SecCheckErrno(unlink(path
), error
, CFSTR("unlink %s"), path
)) {
678 ok
= SecDbOpenHandle(dbconn
, NULL
, error
);
682 secerror("Failed to delete db handle: %@", error
? *error
: NULL
);
690 static bool SecDbHandleCorrupt(SecDbConnectionRef dbconn
, int rc
, CFErrorRef
*error
)
692 CFStringRef reason
= CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("SQL DB %@ is corrupted, trying to recover (rc=%d)"), dbconn
->db
->db_path
, rc
);
693 __security_simulatecrash(reason
, __sec_exception_code_CorruptDb(knownDbPathIndex(dbconn
), rc
));
694 CFReleaseSafe(reason
);
696 // Backup current db.
697 __block
bool didRename
= false;
698 CFStringPerformWithCString(dbconn
->db
->db_path
, ^(const char *db_path
) {
699 sqlite3
*corrupt_db
= NULL
;
700 char buf
[PATH_MAX
+1];
701 snprintf(buf
, sizeof(buf
), "%s-corrupt", db_path
);
702 if (dbconn
->handle
&& (corrupt_db
= _SecDbOpenV2(buf
, SQLITE_OPEN_READWRITE
, error
))) {
704 didRename
= SecDbErrorWithDb(sqlite3_file_control(corrupt_db
, NULL
, SQLITE_FCNTL_PERSIST_WAL
, &on
), corrupt_db
, error
, CFSTR("persist wal"));
705 didRename
&= SecDbErrorWithDb(sqlite3_file_control(corrupt_db
, NULL
, SQLITE_REPLACE_DATABASE
, (void *)dbconn
->handle
), corrupt_db
, error
, CFSTR("replace database"));
706 sqlite3_close(corrupt_db
);
710 secerror("Tried to rename corrupt database at path %@, but we failed: %@, trying explicit rename", dbconn
->db
->db_path
, error
? *error
: NULL
);
712 CFReleaseNull(*error
);
714 didRename
= SecCheckErrno(rename(db_path
, buf
), error
, CFSTR("rename %s %s"), db_path
, buf
) &&
715 (!dbconn
->handle
|| SecDbError(sqlite3_close(dbconn
->handle
), error
, CFSTR("close"))) &&
716 SecDbOpenHandle(dbconn
, NULL
, error
);
719 secerror("Database at path %@ is corrupt. Copied it to %s for further investigation.", dbconn
->db
->db_path
, buf
);
721 seccritical("Tried to copy corrupt database at path %@, but we failed: %@", dbconn
->db
->db_path
, error
? *error
: NULL
);
725 bool ok
= (didRename
&&
726 (dbconn
->handle
|| SecDbOpenHandle(dbconn
, NULL
, error
)) &&
727 SecDbTruncate(dbconn
, error
));
729 // Mark the db as not corrupted, even if something failed.
730 // Always note we are no longer in the corruption handler
731 dbconn
->isCorrupted
= false;
733 // Invoke our callers opened callback, since we just created a new database
734 if (ok
&& dbconn
->db
->opened
) {
735 dbconn
->db
->callOpenedHandlerForNextConnection
= false;
736 ok
= dbconn
->db
->opened(dbconn
, true, &dbconn
->db
->callOpenedHandlerForNextConnection
, error
);
742 static bool SecDbProfileEnabled(void)
745 static dispatch_once_t onceToken
;
746 static bool profile_enabled
= false;
749 //sudo defaults write /Library/Preferences/com.apple.security.auth profile -bool true
750 dispatch_once(&onceToken
, ^{
751 CFTypeRef profile
= (CFNumberRef
)CFPreferencesCopyValue(CFSTR("profile"), CFSTR(SECURITY_AUTH_NAME
), kCFPreferencesAnyUser
, kCFPreferencesCurrentHost
);
753 if (profile
&& CFGetTypeID(profile
) == CFBooleanGetTypeID()) {
754 profile_enabled
= CFBooleanGetValue((CFBooleanRef
)profile
);
757 LOGV("sqlDb: sql profile: %s", profile_enabled
? "enabled" : "disabled");
759 CFReleaseSafe(profile
);
763 return profile_enabled
;
774 static void SecDbProfile(void *context __unused
, const char *sql
, sqlite3_uint64 ns
) {
775 LOGV("==\nsqlDb: %s\nTime: %llu ms\n", sql
, ns
>> 20);
778 static void SecDbProfile(void *context
, const char *sql
, sqlite3_uint64 ns
) {
779 sqlite3
*s3h
= context
;
780 int code
= sqlite3_extended_errcode(s3h
);
781 if (code
== SQLITE_OK
|| code
== SQLITE_DONE
) {
782 secdebug("profile", "==\nsqlDb: %s\nTime: %llu ms\n", sql
, ns
>> 20);
784 secdebug("profile", "==error[%d]: %s==\nsqlDb: %s\nTime: %llu ms \n", code
, sqlite3_errmsg(s3h
), sql
, ns
>> 20);
789 static bool SecDbTraceEnabled(void)
798 static void SecDbTrace(void *ctx
, const char *trace
) {
799 SecDbConnectionRef dbconn __unused
= ctx
;
800 static dispatch_queue_t queue
;
801 static dispatch_once_t once
;
802 dispatch_once(&once
, ^{
803 queue
= dispatch_queue_create("trace_queue", DISPATCH_QUEUE_SERIAL
);
805 dispatch_sync(queue
, ^{
806 __security_debug(CFSTR("trace"), "", "", 0, CFSTR("%s"), trace
);
810 static bool SecDbOpenHandle(SecDbConnectionRef dbconn
, bool *created
, CFErrorRef
*error
)
812 __block
bool ok
= true;
813 CFStringPerformWithCString(dbconn
->db
->db_path
, ^(const char *db_path
) {
814 ok
= created
&& SecDbOpenV2(dbconn
, db_path
, SQLITE_OPEN_READWRITE
, NULL
);
818 char *tmp
= dirname((char *)db_path
);
820 int errnum
= mkpath_np(tmp
, 0700);
821 if (errnum
!= 0 && errnum
!= EEXIST
) {
822 SecCFCreateErrorWithFormat(errnum
, kSecErrnoDomain
, NULL
, error
, NULL
,
823 CFSTR("mkpath_np %s: [%d] %s"), tmp
, errnum
, strerror(errnum
));
828 ok
= ok
&& SecDbOpenV2(dbconn
, db_path
, SQLITE_OPEN_READWRITE
| SQLITE_OPEN_CREATE
, error
);
830 chmod(db_path
, S_IRUSR
| S_IWUSR
);
836 if (ok
&& SecDbProfileEnabled()) {
837 sqlite3_profile(dbconn
->handle
, SecDbProfile
, dbconn
->handle
);
839 if (ok
&& SecDbTraceEnabled()) {
840 sqlite3_trace(dbconn
->handle
, SecDbTrace
, dbconn
);
843 ok
= ok
&& SecDbBusyHandler(dbconn
, error
);
851 static SecDbConnectionRef
852 SecDbConnectionCreate(SecDbRef db
, bool readOnly
, CFErrorRef
*error
)
854 SecDbConnectionRef dbconn
= NULL
;
856 dbconn
= CFTypeAllocate(SecDbConnection
, struct __OpaqueSecDbConnection
, kCFAllocatorDefault
);
857 require(dbconn
!= NULL
, done
);
860 dbconn
->readOnly
= readOnly
;
861 dbconn
->changes
= CFArrayCreateMutableForCFTypes(kCFAllocatorDefault
);
867 static bool SecDbConnectionIsReadOnly(SecDbConnectionRef dbconn
) {
868 return dbconn
->readOnly
;
871 static void SecDbConectionSetReadOnly(SecDbConnectionRef dbconn
, bool readOnly
) {
872 dbconn
->readOnly
= readOnly
;
875 /* Read only connections go to the end of the queue, writeable connections
876 go to the start of the queue. */
877 SecDbConnectionRef
SecDbConnectionAquire(SecDbRef db
, bool readOnly
, CFErrorRef
*error
) {
879 secdebug("dbconn", "acquire %s connection", readOnly
? "ro" : "rw");
880 dispatch_semaphore_wait(readOnly
? db
->read_semaphore
: db
->write_semaphore
, DISPATCH_TIME_FOREVER
);
881 __block SecDbConnectionRef dbconn
= NULL
;
882 __block
bool ok
= true;
883 __block
bool ranOpenedHandler
= false;
884 dispatch_sync(db
->queue
, ^{
885 if (!db
->didFirstOpen
) {
886 bool didCreate
= false;
887 ok
= dbconn
= SecDbConnectionCreate(db
, false, error
);
888 CFErrorRef localError
= NULL
;
889 if (ok
&& !SecDbOpenHandle(dbconn
, &didCreate
, &localError
)) {
890 secerror("Unable to create database: %@", localError
);
891 if (localError
&& CFEqual(CFErrorGetDomain(localError
), kSecDbErrorDomain
)) {
892 int code
= (int)CFErrorGetCode(localError
);
893 dbconn
->isCorrupted
= (SQLITE_CORRUPT
== code
) || (SQLITE_NOTADB
== code
) || (SQLITE_IOERR
== code
) || (SQLITE_CANTOPEN
== code
);
895 // If the open failure isn't due to corruption, propagte the error.
896 ok
= dbconn
->isCorrupted
;
897 if (!ok
&& error
&& *error
== NULL
) {
902 CFReleaseNull(localError
);
905 db
->didFirstOpen
= ok
= SecDbDidCreateFirstConnection(dbconn
, didCreate
, error
);
906 ranOpenedHandler
= true;
909 CFReleaseNull(dbconn
);
911 /* Try to get one from the cache */
912 CFIndex count
= CFArrayGetCount(db
->connections
);
913 while (count
&& !dbconn
) {
914 CFIndex ix
= readOnly
? count
- 1 : 0;
915 dbconn
= (SecDbConnectionRef
)CFArrayGetValueAtIndex(db
->connections
, ix
);
919 secerror("got NULL dbconn at index: %" PRIdCFIndex
" skipping", ix
);
920 CFArrayRemoveValueAtIndex(db
->connections
, ix
);
926 /* Make sure the connection we found has the right access */
927 if (SecDbConnectionIsReadOnly(dbconn
) != readOnly
) {
928 SecDbConectionSetReadOnly(dbconn
, readOnly
);
931 /* Nothing found in cache, create a new connection */
932 bool created
= false;
933 dbconn
= SecDbConnectionCreate(db
, readOnly
, error
);
934 if (dbconn
&& !SecDbOpenHandle(dbconn
, &created
, error
)) {
935 CFReleaseNull(dbconn
);
939 if (dbconn
&& !ranOpenedHandler
&& dbconn
->db
->opened
) {
940 dispatch_sync(db
->queue
, ^{
941 if (dbconn
->db
->callOpenedHandlerForNextConnection
) {
942 dbconn
->db
->callOpenedHandlerForNextConnection
= false;
943 if (!dbconn
->db
->opened(dbconn
, false, &dbconn
->db
->callOpenedHandlerForNextConnection
, error
)) {
944 if (!dbconn
->isCorrupted
|| !SecDbHandleCorrupt(dbconn
, 0, error
)) {
945 CFReleaseNull(dbconn
);
953 // If aquire fails we need to signal the semaphore again.
954 dispatch_semaphore_signal(readOnly
? db
->read_semaphore
: db
->write_semaphore
);
961 void SecDbConnectionRelease(SecDbConnectionRef dbconn
) {
963 secerror("called with NULL dbconn");
966 SecDbRef db
= dbconn
->db
;
967 secdebug("dbconn", "release %@", dbconn
);
968 dispatch_sync(db
->queue
, ^{
969 CFIndex count
= CFArrayGetCount(db
->connections
);
970 // Add back possible writable dbconn to the pool.
971 bool readOnly
= SecDbConnectionIsReadOnly(dbconn
);
972 CFArrayInsertValueAtIndex(db
->connections
, readOnly
? count
: 0, dbconn
);
973 // Remove the last (probably read-only) dbconn from the pool.
974 if (count
>= kSecDbMaxIdleHandles
) {
975 CFArrayRemoveValueAtIndex(db
->connections
, count
);
977 // Signal after we have put the connection back in the pool of connections
978 dispatch_semaphore_signal(readOnly
? db
->read_semaphore
: db
->write_semaphore
);
984 bool SecDbPerformRead(SecDbRef db
, CFErrorRef
*error
, void (^perform
)(SecDbConnectionRef dbconn
)) {
985 SecDbConnectionRef dbconn
= SecDbConnectionAquire(db
, true, error
);
986 bool success
= false;
990 SecDbConnectionRelease(dbconn
);
995 bool SecDbPerformWrite(SecDbRef db
, CFErrorRef
*error
, void (^perform
)(SecDbConnectionRef dbconn
)) {
996 SecDbConnectionRef dbconn
= SecDbConnectionAquire(db
, false, error
);
997 bool success
= false;
1001 SecDbConnectionRelease(dbconn
);
1007 SecDbConnectionCopyFormatDescription(CFTypeRef value
, CFDictionaryRef formatOptions
)
1009 SecDbConnectionRef dbconn
= (SecDbConnectionRef
)value
;
1010 return CFStringCreateWithFormat(kCFAllocatorDefault
, NULL
, CFSTR("<SecDbConnection %s %s>"),
1011 dbconn
->readOnly
? "ro" : "rw", dbconn
->handle
? "open" : "closed");
1015 SecDbConnectionDestroy(CFTypeRef value
)
1017 SecDbConnectionRef dbconn
= (SecDbConnectionRef
)value
;
1018 if (dbconn
->handle
) {
1019 sqlite3_close(dbconn
->handle
);
1022 CFReleaseNull(dbconn
->changes
);
1027 // MARK: Bind helpers
1030 bool SecDbBindNull(sqlite3_stmt
*stmt
, int param
, CFErrorRef
*error
) {
1031 bool ok
= SecDbErrorWithStmt(sqlite3_bind_null(stmt
, param
),
1032 stmt
, error
, CFSTR("bind_null[%d]"), param
);
1033 secdebug("bind", "bind_null[%d]: %@", param
, error
? *error
: NULL
);
1038 bool SecDbBindBlob(sqlite3_stmt
*stmt
, int param
, const void *zData
, size_t n
, void(*xDel
)(void*), CFErrorRef
*error
) {
1040 return SecDbErrorWithStmt(SQLITE_TOOBIG
, stmt
, error
,
1041 CFSTR("bind_blob[%d]: blob bigger than INT_MAX"), param
);
1043 bool ok
= SecDbErrorWithStmt(sqlite3_bind_blob(stmt
, param
, zData
, (int)n
, xDel
),
1044 stmt
, error
, CFSTR("bind_blob[%d]"), param
);
1045 secdebug("bind", "bind_blob[%d]: %.*s: %@", param
, (int)n
, zData
, error
? *error
: NULL
);
1049 bool SecDbBindText(sqlite3_stmt
*stmt
, int param
, const char *zData
, size_t n
, void(*xDel
)(void*), CFErrorRef
*error
) {
1051 return SecDbErrorWithStmt(SQLITE_TOOBIG
, stmt
, error
,
1052 CFSTR("bind_text[%d]: text bigger than INT_MAX"), param
);
1054 bool ok
= SecDbErrorWithStmt(sqlite3_bind_text(stmt
, param
, zData
, (int)n
, xDel
), stmt
, error
,
1055 CFSTR("bind_text[%d]"), param
);
1056 secdebug("bind", "bind_text[%d]: \"%s\": %@", param
, zData
, error
? *error
: NULL
);
1060 bool SecDbBindDouble(sqlite3_stmt
*stmt
, int param
, double value
, CFErrorRef
*error
) {
1061 bool ok
= SecDbErrorWithStmt(sqlite3_bind_double(stmt
, param
, value
), stmt
, error
,
1062 CFSTR("bind_double[%d]"), param
);
1063 secdebug("bind", "bind_double[%d]: %f: %@", param
, value
, error
? *error
: NULL
);
1067 bool SecDbBindInt(sqlite3_stmt
*stmt
, int param
, int value
, CFErrorRef
*error
) {
1068 bool ok
= SecDbErrorWithStmt(sqlite3_bind_int(stmt
, param
, value
), stmt
, error
,
1069 CFSTR("bind_int[%d]"), param
);
1070 secdebug("bind", "bind_int[%d]: %d: %@", param
, value
, error
? *error
: NULL
);
1074 bool SecDbBindInt64(sqlite3_stmt
*stmt
, int param
, sqlite3_int64 value
, CFErrorRef
*error
) {
1075 bool ok
= SecDbErrorWithStmt(sqlite3_bind_int64(stmt
, param
, value
), stmt
, error
,
1076 CFSTR("bind_int64[%d]"), param
);
1077 secdebug("bind", "bind_int64[%d]: %lld: %@", param
, value
, error
? *error
: NULL
);
1082 /* AUDIT[securityd](done):
1083 value (ok) is a caller provided, non NULL CFTypeRef.
1085 bool SecDbBindObject(sqlite3_stmt
*stmt
, int param
, CFTypeRef value
, CFErrorRef
*error
) {
1087 __block
bool result
= false;
1089 /* TODO: Can we use SQLITE_STATIC below everwhere we currently use
1090 SQLITE_TRANSIENT since we finalize the statement before the value
1091 goes out of scope? */
1092 if (!value
|| (valueId
= CFGetTypeID(value
)) == CFNullGetTypeID()) {
1093 /* Skip bindings for NULL values. sqlite3 will interpret unbound
1094 params as NULL which is exactly what we want. */
1098 result
= SecDbBindNull(stmt
, param
, error
);
1100 } else if (valueId
== CFStringGetTypeID()) {
1101 CFStringPerformWithCStringAndLength(value
, ^(const char *cstr
, size_t clen
) {
1102 result
= SecDbBindText(stmt
, param
, cstr
, clen
, SQLITE_TRANSIENT
, error
);
1104 } else if (valueId
== CFDataGetTypeID()) {
1105 CFIndex len
= CFDataGetLength(value
);
1107 result
= SecDbBindBlob(stmt
, param
, CFDataGetBytePtr(value
),
1108 len
, SQLITE_TRANSIENT
, error
);
1110 result
= SecDbBindText(stmt
, param
, "", 0, SQLITE_TRANSIENT
, error
);
1112 } else if (valueId
== CFDateGetTypeID()) {
1113 CFAbsoluteTime abs_time
= CFDateGetAbsoluteTime(value
);
1114 result
= SecDbBindDouble(stmt
, param
, abs_time
, error
);
1115 } else if (valueId
== CFBooleanGetTypeID()) {
1116 int bval
= CFBooleanGetValue(value
);
1117 result
= SecDbBindInt(stmt
, param
, bval
, error
);
1118 } else if (valueId
== CFNumberGetTypeID()) {
1120 if (CFNumberIsFloatType(value
)) {
1122 convertOk
= CFNumberGetValue(value
, kCFNumberDoubleType
, &nval
);
1123 result
= SecDbBindDouble(stmt
, param
, nval
, error
);
1126 convertOk
= CFNumberGetValue(value
, kCFNumberSInt32Type
, &nval
);
1128 result
= SecDbBindInt(stmt
, param
, nval
, error
);
1130 sqlite_int64 nval64
;
1131 convertOk
= CFNumberGetValue(value
, kCFNumberSInt64Type
, &nval64
);
1133 result
= SecDbBindInt64(stmt
, param
, nval64
, error
);
1137 result
= SecDbError(SQLITE_INTERNAL
, error
, CFSTR("bind CFNumberGetValue failed for %@"), value
);
1141 CFStringRef valueDesc
= CFCopyTypeIDDescription(valueId
);
1142 SecDbError(SQLITE_MISMATCH
, error
, CFSTR("bind unsupported type %@"), valueDesc
);
1143 CFReleaseSafe(valueDesc
);
1151 // MARK: SecDbStatementRef
1153 bool SecDbReset(sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
1154 return SecDbErrorWithStmt(sqlite3_reset(stmt
), stmt
, error
, CFSTR("reset"));
1157 bool SecDbClearBindings(sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
1158 return SecDbErrorWithStmt(sqlite3_clear_bindings(stmt
), stmt
, error
, CFSTR("clear bindings"));
1161 bool SecDbFinalize(sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
1162 sqlite3
*handle
= sqlite3_db_handle(stmt
);
1163 int s3e
= sqlite3_finalize(stmt
);
1164 return s3e
== SQLITE_OK
? true : SecDbErrorWithDb(s3e
, handle
, error
, CFSTR("finalize: %p"), stmt
);
1167 sqlite3_stmt
*SecDbPrepareV2(SecDbConnectionRef dbconn
, const char *sql
, size_t sqlLen
, const char **sqlTail
, CFErrorRef
*error
) {
1168 sqlite3
*db
= SecDbHandle(dbconn
);
1169 if (sqlLen
> INT_MAX
) {
1170 SecDbErrorWithDb(SQLITE_TOOBIG
, db
, error
, CFSTR("prepare_v2: sql bigger than INT_MAX"));
1173 struct timespec sleeptime
= { .tv_sec
= 0, .tv_nsec
= 10000 };
1175 sqlite3_stmt
*stmt
= NULL
;
1176 int s3e
= sqlite3_prepare_v2(db
, sql
, (int)sqlLen
, &stmt
, sqlTail
);
1177 if (s3e
== SQLITE_OK
)
1179 else if (!SecDbWaitIfNeeded(dbconn
, s3e
, NULL
, CFSTR("preparev2"), &sleeptime
, error
))
1184 static sqlite3_stmt
*SecDbCopyStatementWithTailRange(SecDbConnectionRef dbconn
, CFStringRef sql
, CFRange
*sqlTail
, CFErrorRef
*error
) {
1185 __block sqlite3_stmt
*stmt
= NULL
;
1186 if (sql
) CFStringPerformWithCStringAndLength(sql
, ^(const char *sqlStr
, size_t sqlLen
) {
1187 const char *tail
= NULL
;
1188 stmt
= SecDbPrepareV2(dbconn
, sqlStr
, sqlLen
, &tail
, error
);
1189 if (sqlTail
&& sqlStr
< tail
&& tail
< sqlStr
+ sqlLen
) {
1190 sqlTail
->location
= tail
- sqlStr
;
1191 sqlTail
->length
= sqlLen
- sqlTail
->location
;
1198 sqlite3_stmt
*SecDbCopyStmt(SecDbConnectionRef dbconn
, CFStringRef sql
, CFStringRef
*tail
, CFErrorRef
*error
) {
1199 // TODO: Add caching and cache lookup of statements
1200 CFRange sqlTail
= {};
1201 sqlite3_stmt
*stmt
= SecDbCopyStatementWithTailRange(dbconn
, sql
, &sqlTail
, error
);
1202 if (sqlTail
.length
> 0) {
1203 CFStringRef excess
= CFStringCreateWithSubstring(CFGetAllocator(sql
), sql
, sqlTail
);
1207 SecDbError(SQLITE_INTERNAL
, error
,
1208 CFSTR("prepare_v2: %@ unused sql: %@"),
1210 CFReleaseSafe(excess
);
1211 SecDbFinalize(stmt
, error
);
1219 TODO: Could do a hack here with a custom kCFAllocatorNULL allocator for a second CFRuntimeBase inside a SecDbStatement,
1220 TODO: Better yet make a full blow SecDbStatement instance whenever SecDbCopyStmt is called. Then, when the statement is released, in the Dispose method, we Reset and ClearBindings the sqlite3_stmt * and hand it back to the SecDb with the original CFStringRef for the sql (or hash thereof) as an argument. */
1221 bool SecDbReleaseCachedStmt(SecDbConnectionRef dbconn
, CFStringRef sql
, sqlite3_stmt
*stmt
, CFErrorRef
*error
) {
1223 return SecDbFinalize(stmt
, error
);
1228 bool SecDbPrepare(SecDbConnectionRef dbconn
, CFStringRef sql
, CFErrorRef
*error
, void(^exec
)(sqlite3_stmt
*stmt
)) {
1229 assert(sql
!= NULL
);
1230 sqlite3_stmt
*stmt
= SecDbCopyStmt(dbconn
, sql
, NULL
, error
);
1235 return SecDbReleaseCachedStmt(dbconn
, sql
, stmt
, error
);
1238 bool SecDbWithSQL(SecDbConnectionRef dbconn
, CFStringRef sql
, CFErrorRef
*error
, bool(^perform
)(sqlite3_stmt
*stmt
)) {
1242 CFStringRef tail
= NULL
;
1244 sqlite3_stmt
*stmt
= SecDbCopyStmt(dbconn
, sql
, &tail
, error
);
1250 // TODO: Use a different error scope here.
1251 ok
= SecError(-50 /* errSecParam */, error
, CFSTR("SecDbWithSQL perform block missing"));
1253 ok
&= SecDbReleaseCachedStmt(dbconn
, sql
, stmt
, error
);
1256 // TODO We already have an error here we really just want the left over sql in it's userData
1257 ok
= SecDbError(SQLITE_ERROR
, error
, CFSTR("Error with unexecuted sql remaining %@"), sql
);
1266 /* SecDbForEach returns true if all SQLITE_ROW returns of sqlite3_step() return true from the row block.
1267 If the row block returns false and doesn't set an error (to indicate it has reached a limit),
1268 this entire function returns false. In that case no error will be set. */
1269 bool SecDbForEach(sqlite3_stmt
*stmt
, CFErrorRef
*error
, bool(^row
)(int row_index
)) {
1270 bool result
= false;
1271 for (int row_ix
= 0;;++row_ix
) {
1272 int s3e
= sqlite3_step(stmt
);
1273 if (s3e
== SQLITE_ROW
) {
1279 // If we have no row block then getting SQLITE_ROW is an error
1280 SecDbError(s3e
, error
,
1281 CFSTR("step[%d]: %s returned SQLITE_ROW with NULL row block"),
1282 row_ix
, sqlite3_sql(stmt
));
1285 if (s3e
== SQLITE_DONE
) {
1288 SecDbErrorWithStmt(s3e
, stmt
, error
, CFSTR("step[%d]"), row_ix
);
1296 bool SecDbForEach(sqlite3_stmt
*stmt
, CFErrorRef
*error
, bool(^row
)(int row_index
)) {
1299 switch (_SecDbStep(dbconn
, stmt
, error
)) {
1300 case kSecDbErrorStep
:
1307 SecDbError(SQLITE_ERROR
, error
, CFSTR("SecDbStep SQLITE_ROW returned without a row handler"));
1310 case kSecDbDoneStep
:
1317 void SecDbRecordChange(SecDbConnectionRef dbconn
, CFTypeRef deleted
, CFTypeRef inserted
) {
1318 if (!dbconn
->db
->notifyPhase
) return;
1319 CFTypeRef entry
= SecDbEventCreateWithComponents(deleted
, inserted
);
1321 CFArrayAppendValue(dbconn
->changes
, entry
);
1324 if (!dbconn
->inTransaction
) {
1325 secerror("db %@ changed outside txn", dbconn
);
1326 // Only notify of DidCommit, since WillCommit code assumes
1328 SecDbOnNotifyQueue(dbconn
, ^{
1329 SecDbNotifyPhase(dbconn
, kSecDbTransactionDidCommit
);
1336 CFGiblisFor(SecDbConnection
)
1339 // SecDbEvent Creation and consumption
1342 static SecDbEventRef
SecDbEventCreateInsert(CFTypeRef inserted
) {
1343 return CFRetainSafe(inserted
);
1346 static SecDbEventRef
SecDbEventCreateDelete(CFTypeRef deleted
) {
1347 return CFArrayCreate(kCFAllocatorDefault
, &deleted
, 1, &kCFTypeArrayCallBacks
);
1350 static SecDbEventRef
SecDbEventCreateUpdate(CFTypeRef deleted
, CFTypeRef inserted
) {
1351 const void *values
[2] = { deleted
, inserted
};
1352 return CFArrayCreate(kCFAllocatorDefault
, values
, 2, &kCFTypeArrayCallBacks
);
1355 SecDbEventRef
SecDbEventCreateWithComponents(CFTypeRef deleted
, CFTypeRef inserted
) {
1356 if (deleted
&& inserted
)
1357 return SecDbEventCreateUpdate(deleted
, inserted
);
1359 return SecDbEventCreateDelete(deleted
);
1361 return SecDbEventCreateInsert(inserted
);
1366 bool SecDbEventGetComponents(SecDbEventRef event
, CFTypeRef
*deleted
, CFTypeRef
*inserted
, CFErrorRef
*error
) {
1367 if (isArray(event
)) {
1368 CFArrayRef array
= event
;
1369 switch (CFArrayGetCount(array
)) {
1371 *deleted
= CFArrayGetValueAtIndex(array
, 0);
1372 *inserted
= CFArrayGetValueAtIndex(array
, 1);
1375 *deleted
= CFArrayGetValueAtIndex(array
, 0);
1379 SecError(errSecParam
, error
, NULL
, CFSTR("invalid entry in changes array: %@"), array
);