]> git.saurik.com Git - apple/security.git/blob - Keychain/CCallbackMgr.cp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-179.tar.gz
[apple/security.git] / Keychain / CCallbackMgr.cp
1 /*
2 * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 /*
20 File: CCallbackMgr.cp
21
22 Contains: Code that communicates with processes that install a callback
23 with the Keychain Manager to receive keychain events.
24
25 */
26
27 #include "CCallbackMgr.h"
28
29 #include <algorithm>
30 #include <list>
31
32 #include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>
33 #include "Globals.h"
34 #include <Security/DLDBListCFPref.h>
35 #include <Security/SecCFTypes.h>
36 //#include <Security/Keychain.h>
37
38 using namespace KeychainCore;
39 using namespace CssmClient;
40
41 #pragma mark ÑÑÑÑ CallbackInfo ÑÑÑÑ
42
43 CallbackInfo::CallbackInfo() : mCallback(NULL),mEventMask(0),mContext(NULL)
44 {
45 }
46
47 CallbackInfo::CallbackInfo(SecKeychainCallback inCallbackFunction,
48 SecKeychainEventMask inEventMask, void *inContext)
49 : mCallback(inCallbackFunction), mEventMask(inEventMask), mContext(inContext)
50 {
51 }
52
53 CallbackInfo::~CallbackInfo()
54 {
55 }
56
57 bool CallbackInfo::operator==(const CallbackInfo& other) const
58 {
59 return mCallback==other.mCallback;
60 }
61
62 bool CallbackInfo::operator!=(const CallbackInfo& other) const
63 {
64 return !(*this==other);
65 }
66
67
68 #pragma mark ÑÑÑÑ CCallbackMgr ÑÑÑÑ
69
70 CCallbackMgr *CCallbackMgr::mCCallbackMgr;
71
72 CCallbackMgr::CCallbackMgr() :
73 // register for receiving Keychain events via CF
74 Observer(Listener::databaseNotifications, Listener::allEvents)
75 {
76 }
77
78 CCallbackMgr::~CCallbackMgr()
79 {
80 }
81
82 CCallbackMgr& CCallbackMgr::Instance()
83 {
84 if (!mCCallbackMgr)
85 mCCallbackMgr = new CCallbackMgr();
86
87 return *mCCallbackMgr;
88 }
89
90 void CCallbackMgr::AddCallback( SecKeychainCallback inCallbackFunction,
91 SecKeychainEventMask inEventMask,
92 void* inContext)
93
94 {
95 CallbackInfo info( inCallbackFunction, inEventMask, inContext );
96 CallbackInfo existingInfo;
97
98
99 CallbackInfoListIterator ix = find( CCallbackMgr::Instance().mEventCallbacks.begin(),
100 CCallbackMgr::Instance().mEventCallbacks.end(), info );
101
102 // make sure it is not already there
103 if ( ix!=CCallbackMgr::Instance().mEventCallbacks.end() )
104 {
105 // It's already there. This could mean that the old process died unexpectedly,
106 // so we need to validate the process ID of the existing callback.
107 // On Mac OS X this list is per process so this is always a duplicate
108 MacOSError::throwMe(errSecDuplicateCallback);
109 }
110
111 CCallbackMgr::Instance().mEventCallbacks.push_back(info);
112 }
113
114
115 class Predicate
116 {
117 SecKeychainCallback mCallbackFunction;
118 public:
119 Predicate(SecKeychainCallback inCallbackFunction) : mCallbackFunction(inCallbackFunction) {}
120 bool operator()(const CallbackInfo &cbInfo) { return cbInfo.mCallback == mCallbackFunction; }
121 };
122
123 void CCallbackMgr::RemoveCallback(SecKeychainCallback inCallbackFunction)
124 {
125 size_t oldSize = CCallbackMgr::Instance().mEventCallbacks.size();
126 Predicate predicate(inCallbackFunction);
127 CCallbackMgr::Instance().mEventCallbacks.remove_if(predicate);
128
129 if (oldSize == CCallbackMgr::Instance().mEventCallbacks.size())
130 MacOSError::throwMe(errSecInvalidCallback);
131 }
132
133 void CCallbackMgr::AlertClients(const list<CallbackInfo> &eventCallbacks,
134 SecKeychainEvent inEvent,
135 pid_t inPid,
136 const Keychain &inKeychain,
137 const Item &inItem)
138 {
139 secdebug("kcnotify", "dispatch event %ld pid %d keychain %p item %p",
140 inEvent, inPid, &inKeychain, !!inItem ? &*inItem : NULL);
141
142 // Iterate through callbacks, looking for those registered for inEvent
143 const SecKeychainEventMask theMask = 1U << inEvent;
144
145 for (ConstCallbackInfoListIterator ix = eventCallbacks.begin(); ix != eventCallbacks.end(); ++ix)
146 {
147 if (!(ix->mEventMask & theMask))
148 continue;
149
150 SecKeychainCallbackInfo cbInfo;
151 cbInfo.version = 0; // @@@ kKeychainAPIVersion;
152 cbInfo.item = inItem ? inItem->handle() : 0;
153 cbInfo.keychain = inKeychain ? inKeychain->handle() : 0;
154 cbInfo.pid = inPid;
155
156 ix->mCallback(inEvent, &cbInfo, ix->mContext);
157 if (cbInfo.item) CFRelease(cbInfo.item);
158 if (cbInfo.keychain) CFRelease(cbInfo.keychain);
159 }
160 }
161
162 /***********************************************************************************
163 * Event() - Overriden function of the KCEventObserver object.
164 * Each instance of KeychainCore will receive events from CF
165 * that was initiated by another KeychainCore instance that
166 * triggered the event.
167 *
168 * We <could> care about which KeychainCore posted the event:
169 * Example (KCDeleteItem event):
170 * If it was 'us', we don't do anything; we already processed the event.
171 * If it wasn't 'us', we should remove our cached reference to the item that was deleted.
172 *
173 ***********************************************************************************/
174 void CCallbackMgr::Event(Listener::Domain domain, Listener::Event whichEvent, NameValueDictionary &dictionary)
175 {
176 // Decode from userInfo the event type, 'keychain' CFDict, and 'item' CFDict
177 SecKeychainEvent thisEvent = whichEvent;
178
179 pid_t thisPid;
180 const NameValuePair* pidRef = dictionary.FindByName(PID_KEY);
181 if (pidRef == 0)
182 {
183 thisPid = 0;
184 }
185 else
186 {
187 thisPid = *reinterpret_cast<pid_t*>(pidRef->Value().data());
188 }
189
190 Keychain thisKeychain = 0;
191 Item thisItem;
192 list<CallbackInfo> eventCallbacks;
193
194 {
195 // Lock the global API lock before doing stuff with StorageManager.
196 StLock<Mutex> _(globals().apiLock);
197
198 // make sure we have a database identifier
199 if (dictionary.FindByName (SSUID_KEY) != 0)
200 {
201 DLDbIdentifier dbid = NameValueDictionary::MakeDLDbIdentifierFromNameValueDictionary (dictionary);
202 thisKeychain = globals().storageManager.keychain(dbid);
203 }
204
205 const NameValuePair* item = dictionary.FindByName(ITEM_KEY);
206
207 if (item && thisKeychain)
208 {
209 PrimaryKey pk(item->Value());
210 thisItem = thisKeychain->item(pk);
211 }
212
213 // Deal with events that we care about ourselves first.
214 if (thisEvent == kSecDeleteEvent && thisKeychain.get() && thisItem.get())
215 thisKeychain->didDeleteItem(thisItem.get());
216
217 eventCallbacks = CCallbackMgr::Instance().mEventCallbacks;
218 // We can safely release the global API lock now since thisKeychain and thisItem
219 // are CFRetained and will be until they go out of scope.
220 }
221
222 // Notify our process of this event.
223 CCallbackMgr::AlertClients(eventCallbacks, thisEvent, thisPid, thisKeychain, thisItem);
224 }
mirror of Security