securityd/src/database.cpp

   1 /*
   2  * Copyright (c) 2000-2008 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // database - database session management
  27 //
  28 #include "database.h"
  29 #include "agentquery.h"
  30 #include "key.h"
  31 #include "server.h"
  32 #include "session.h"
  33 #include "notifications.h"
  34 #include <securityd_client/dictionary.h>
  35 #include <security_cdsa_utilities/acl_any.h>    // for default owner ACLs
  36 #include <security_cdsa_client/wrapkey.h>
  37 #include <security_utilities/endian.h>
  38
  39 using namespace UnixPlusPlus;
  40
  41
  42 //
  43 // DbCommon basics
  44 //
  45 DbCommon::DbCommon(Session &session)
  46 {
  47         referent(session);
  48 }
  49
  50 Session &DbCommon::session() const
  51 {
  52         return referent<Session>();
  53 }
  54
  55
  56 //
  57 // Database basics
  58 //
  59 Database::Database(Process &proc)
  60 {
  61         referent(proc);
  62 }
  63
  64
  65 Process& Database::process() const
  66 {
  67         return referent<Process>();
  68 }
  69
  70
  71 //
  72 // Send a keychain-related notification event about this database
  73 //
  74 void DbCommon::notify(NotificationEvent event, const DLDbIdentifier &ident)
  75 {
  76         // form the data (encoded DLDbIdentifier)
  77     NameValueDictionary nvd;
  78     NameValueDictionary::MakeNameValueDictionaryFromDLDbIdentifier(ident, nvd);
  79     CssmData data;
  80     nvd.Export(data);
  81
  82         // inject notification into Security event system
  83     Listener::notify(kNotificationDomainDatabase, event, data);
  84
  85         // clean up
  86     free (data.data());
  87 }
  88
  89
  90 //
  91 // Default behaviors
  92 //
  93 void DbCommon::sleepProcessing()
  94 {
  95         // nothing
  96 }
  97
  98 void DbCommon::lockProcessing()
  99 {
 100         // nothing
 101 }
 102
 103 bool DbCommon::belongsToSystem() const
 104 {
 105         return false;
 106 }
 107
 108
 109 void Database::releaseKey(Key &key)
 110 {
 111         kill(key);
 112 }
 113
 114 void Database::releaseSearch(Search &search)
 115 {
 116         kill(search);
 117 }
 118
 119 void Database::releaseRecord(Record &record)
 120 {
 121         kill(record);
 122 }
 123
 124 void Database::dbName(const char *name)
 125 {
 126         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 127 }
 128
 129
 130 //
 131 // Functions that aren't implemented at the Database level but can stay that way
 132 //
 133 void Database::findFirst(const CssmQuery &query,
 134         CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
 135         CssmData *data, RefPointer<Key> &key, RefPointer<Search> &search, RefPointer<Record> &record,
 136         CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
 137 {
 138         secinfo("database", "%p calling unimplemented findFirst", this);
 139         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 140 }
 141
 142 void Database::findNext(Search *search,
 143         CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
 144         CssmData *data, RefPointer<Key> &key, RefPointer<Record> &record,
 145         CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
 146 {
 147         secinfo("database", "%p calling unimplemented findNext", this);
 148         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 149 }
 150
 151 void Database::findRecordHandle(Record *record,
 152         CssmDbRecordAttributeData *inAttributes, mach_msg_type_number_t inAttributesLength,
 153         CssmData *data, RefPointer<Key> &key,
 154         CssmDbRecordAttributeData * &outAttributes, mach_msg_type_number_t &outAttributesLength)
 155 {
 156         secinfo("database", "%p calling unimplemented findRecordHandle", this);
 157         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 158 }
 159
 160 void Database::insertRecord(CSSM_DB_RECORDTYPE recordtype,
 161         const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
 162         const CssmData &data, RecordHandle &record)
 163 {
 164         secinfo("database", "%p calling unimplemented insertRecord", this);
 165         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 166 }
 167
 168 void Database::modifyRecord(CSSM_DB_RECORDTYPE recordtype, Record *record,
 169         const CssmDbRecordAttributeData *attributes, mach_msg_type_number_t inAttributesLength,
 170         const CssmData *data, CSSM_DB_MODIFY_MODE modifyMode)
 171 {
 172         secinfo("database", "%p calling unimplemented modifyRecord", this);
 173         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 174 }
 175
 176 void Database::deleteRecord(Database::Record *record)
 177 {
 178         secinfo("database", "%p calling unimplemented deleteRecord", this);
 179         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 180 }
 181
 182 void Database::authenticate(CSSM_DB_ACCESS_TYPE, const AccessCredentials *)
 183 {
 184         secinfo("database", "%p calling unimplemented authenticate", this);
 185         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 186 }
 187
 188 bool Database::checkCredentials(const AccessCredentials *)
 189 {
 190     secinfo("database", "%p calling unimplemented checkCredentials", this);
 191     CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 192 }
 193
 194 SecurityServerAcl &Database::acl()
 195 {
 196         secinfo("database", "%p has no ACL implementation", this);
 197         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 198 }
 199
 200 bool Database::isLocked()
 201 {
 202         secinfo("database", "%p calling unimplemented isLocked", this);
 203         CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
 204 }
 205
 206
 207 //
 208 // SecurityServerAcl personality implementation.
 209 // This is the trivial (type coding) stuff. The hard stuff is virtually mixed in.
 210 //
 211 Database *Database::relatedDatabase()
 212 {
 213         return this;
 214 }
 215
 216 AclKind Database::aclKind() const
 217 {
 218         return dbAcl;
 219 }
 220
 221
 222 //
 223 // Remote validation is not, by default, supported
 224 //
 225 bool Database::validateSecret(const AclSubject *, const AccessCredentials *)
 226 {
 227         return false;
 228 }
 229
 230 bool Database::hasCommon() const
 231 {
 232     return hasParent();
 233 }