--- /dev/null
+/*
+ * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
+ *
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please obtain
+ * a copy of the License at http://www.apple.com/publicsource and read it before
+ * using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
+ * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
+ * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+ * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
+ * specific language governing rights and limitations under the License.
+ */
+
+
+//
+// cssmclient - common client interface to CSSM and MDS.
+//
+// Locking Strategy (preliminary):
+// XXX This is obsolete update this --mb
+// A CssmObject is a CountingMutex. Its count represents the number of children that have registered
+// themselves (using addChild/removeChild). The lock controls the internal management fields of the
+// various subclasses to protect them against corruption. It does NOT control attribute and argument
+// fields and operations, not does it control object-constant fields.
+// This means that if you use an object from multiple threads, you (the caller) must lock the object
+// during set/get calls of attributes. Note that the CSSM operations themselves are safely multithreaded
+// and thus don't need to be interlocked explicitly.
+//
+#include <security_cdsa_client/cssmclient.h>
+
+
+using namespace CssmClient;
+
+//
+// Exception model
+//
+const char *
+Error::what () const throw()
+{
+ return "CSSM client library error";
+}
+
+
+//
+// General utilities
+//
+void
+ObjectImpl::check(CSSM_RETURN status)
+{
+ if (status != CSSM_OK)
+ {
+ CssmError::throwMe(status);
+ }
+}
+
+
+//
+// Common features of Objects
+//
+ObjectImpl::ObjectImpl() : mParent(), mChildCount(0)
+{
+ mActive = false; // not activated
+ mAllocator = NULL; // allocator to be determined
+}
+
+ObjectImpl::ObjectImpl(const Object &mommy) : mParent(mommy.mImpl), mChildCount(0)
+{
+ mActive = false; // not activated
+ mAllocator = NULL; // allocator to be determined
+ if (mParent)
+ mParent->addChild();
+}
+
+ObjectImpl::~ObjectImpl()
+try
+{
+ assert(!mActive); // subclass must have deactivated us
+ assert(isIdle());
+
+ // release parent from her obligations (if we still have one)
+ if (mParent)
+ mParent->removeChild();
+}
+catch(...)
+{
+ return;
+}
+
+void
+ObjectImpl::addChild()
+{
+ mChildCount++; // atomic
+}
+
+void
+ObjectImpl::removeChild()
+{
+ mChildCount--; // atomic
+}
+
+
+//
+// Manage allocators in the Object tree
+//
+Allocator &
+ObjectImpl::allocator() const
+{
+ if (mAllocator == NULL)
+ {
+ // fix allocator now
+ if (mParent)
+ mAllocator = &mParent->allocator();
+ else
+ mAllocator = &Allocator::standard();
+ }
+
+ return *mAllocator;
+}
+
+void
+ObjectImpl::allocator(Allocator &alloc)
+{
+ assert(mAllocator == NULL); // cannot redefine allocator once set
+ mAllocator = &alloc;
+}
+
+// Comparison operators use pointer comparison by default. Subclasses may override.
+bool
+ObjectImpl::operator <(const ObjectImpl &other) const
+{
+ return this < &other;
+}
+
+bool
+ObjectImpl::operator ==(const ObjectImpl &other) const
+{
+ return this == &other;
+}
+
+
+//
+// CSSMSession objects.
+// parent ::= NULL (none)
+// active ::= CSSM initialized
+//
+ModuleNexus<CssmImpl::StandardCssm> CssmImpl::mStandard;
+
+CssmImpl::CssmImpl() : ObjectImpl()
+{
+ setup();
+ mStandard().setCssm(this);
+}
+
+CssmImpl::CssmImpl(bool) : ObjectImpl()
+{
+ setup();
+ // implicitly constructed - caller responsible for standard session management
+}
+
+CssmImpl::~CssmImpl()
+{
+ try
+ {
+ deactivate();
+ }
+ catch(...) {}
+
+ // this may be the standard session...
+ mStandard().unsetCssm(this);
+}
+
+
+void
+CssmImpl::setup()
+{
+ // set default configuration
+ mVersion.Major = 2;
+ mVersion.Minor = 0;
+ mScope = CSSM_PRIVILEGE_SCOPE_PROCESS;
+}
+
+
+Cssm
+CssmImpl::standard()
+{
+ return Cssm(mStandard().get());
+}
+
+
+void
+CssmImpl::activate()
+{
+ if (!mActive)
+ {
+ // currently, no choices on PVC mode and key hierarchy
+ CSSM_PVC_MODE pvc = CSSM_PVC_NONE;
+ switch (CSSM_RETURN rc = CSSM_Init(&mVersion,
+ mScope, &mCallerGuid,
+ CSSM_KEY_HIERARCHY_NONE, &pvc, NULL)) {
+ case CSSMERR_CSSM_PVC_ALREADY_CONFIGURED:
+ case CSSM_OK:
+ break;
+ default:
+ check(rc);
+ }
+ mActive = true;
+ }
+}
+
+void
+CssmImpl::deactivate()
+{
+ if (mActive)
+ {
+ mActive = false;
+
+ // clear module map (all gone now)
+ moduleMap.erase(moduleMap.begin(), moduleMap.end());
+
+ // now terminate CSSM
+ check(CSSM_Terminate());
+ }
+}
+
+void
+CssmImpl::atExitHandler()
+{
+ try {
+ mStandard.reset();
+ } catch (...) {
+ }
+}
+
+void
+CssmImpl::catchExit()
+{
+ // @@@ Even though this is the "right thing" to do. This only causes
+ // exceptions during exit and doesn't really help cleanup correctly.
+#if 0
+ if (::atexit(atExitHandler))
+ UnixError::throwMe();
+#endif
+}
+
+
+//
+// Manage the automatic Cssm object.
+// This is a program global.
+//
+void CssmImpl::StandardCssm::setCssm(CssmImpl *cssm)
+{
+ StLock<Mutex> _(*this);
+ if (mCssm == NULL)
+ mCssm = cssm;
+}
+
+void CssmImpl::StandardCssm::unsetCssm(CssmImpl *cssm)
+{
+ StLock<Mutex> _(*this);
+ if (mCssm == cssm)
+ mCssm = NULL;
+}
+
+CssmImpl *CssmImpl::StandardCssm::get()
+{
+ StLock<Mutex> _(*this);
+ if (mCssm == NULL) { // make the default instance
+ mCssm = new CssmImpl(true);
+ }
+ return mCssm;
+}
+
+CssmImpl::StandardCssm::~StandardCssm()
+{
+ if (mCssm) {
+ mCssm->deactivate();
+ delete mCssm;
+ }
+}
+
+
+//
+// Auto-module management
+//
+Module
+CssmImpl::autoModule(const Guid &guid)
+{
+ StLock<Mutex> _(mapLock);
+ ModuleMap::iterator it = moduleMap.find(guid);
+ if (it == moduleMap.end())
+ {
+ // no automodule for this guid yet, create one
+ Module module(guid, Cssm(this));
+ moduleMap.insert(ModuleMap::value_type(guid, module));
+ return module;
+ }
+ else
+ {
+ // existing automodule - use it
+ return it->second;
+ }
+}
+
+
+//
+// Module objects.
+// parent ::= the session object (usually Cssm::standard)
+// active ::= module is loaded.
+//
+ModuleImpl::ModuleImpl(const Guid &guid) : ObjectImpl(Cssm::standard()),
+ mAppNotifyCallback(NULL),
+ mAppNotifyCallbackCtx(NULL)
+{
+ setGuid(guid);
+}
+
+ModuleImpl::ModuleImpl(const Guid &guid, const Cssm &session) : ObjectImpl(session),
+ mAppNotifyCallback(NULL),
+ mAppNotifyCallbackCtx(NULL)
+{
+ setGuid(guid);
+}
+
+ModuleImpl::~ModuleImpl()
+{
+ unload();
+}
+
+
+//
+// RawModuleEvent objects encapsulate CSSM module callbacks
+//
+RawModuleEvents::~RawModuleEvents()
+{ }
+
+CSSM_RETURN RawModuleEvents::sendNotify(const CSSM_GUID *, void *context,
+ uint32 subService, CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
+{
+ try {
+ reinterpret_cast<RawModuleEvents *>(context)->notify(subService, type, event);
+ return CSSM_OK;
+ } catch (const CommonError &error) {
+ return CssmError::cssmError(error, CSSM_CSSM_BASE_ERROR);
+ } catch (...) {
+ return CSSMERR_CSSM_INTERNAL_ERROR; // whatever...
+ }
+}
+
+
+//
+// ModuleEvents enhance RawModuleEvents by splitting the callback up by type
+//
+void ModuleEvents::notify(uint32 subService,
+ CSSM_SERVICE_TYPE type, CSSM_MODULE_EVENT event)
+{
+ switch (event) {
+ case CSSM_NOTIFY_INSERT:
+ insertion(subService, type);
+ break;
+ case CSSM_NOTIFY_REMOVE:
+ removal(subService, type);
+ break;
+ case CSSM_NOTIFY_FAULT:
+ fault(subService, type);
+ break;
+ }
+}
+
+// default callbacks do nothing
+void ModuleEvents::insertion(uint32 subService, CSSM_SERVICE_TYPE type) { }
+void ModuleEvents::removal(uint32 subService, CSSM_SERVICE_TYPE type) { }
+void ModuleEvents::fault(uint32 subService, CSSM_SERVICE_TYPE type) { }
+
+
+void
+ModuleImpl::appNotifyCallback(CSSM_API_ModuleEventHandler appNotifyCallback, void *appNotifyCallbackCtx)
+{
+ secdebug("callback","In ModuleImpl::appNotifyCallback, appNotifyCallback=%p, appNotifyCallbackCtx=%p",
+ appNotifyCallback, appNotifyCallbackCtx);
+ if (mActive)
+ Error::throwMe(Error::objectBusy);
+
+ mAppNotifyCallback = appNotifyCallback;
+ mAppNotifyCallbackCtx = appNotifyCallbackCtx;
+}
+
+void
+ModuleImpl::appNotifyCallback(RawModuleEvents *handler)
+{
+ appNotifyCallback(RawModuleEvents::sendNotify, handler);
+}
+
+void
+ModuleImpl::activate()
+{
+ if (!mActive)
+ {
+ session()->init();
+ // @@@ install handler here (use central dispatch with override)
+ secdebug("callback","In ModuleImpl::activate, mAppNotifyCallback=%p, mAppNotifyCallbackCtx=%p",
+ mAppNotifyCallback, mAppNotifyCallbackCtx);
+ check(CSSM_ModuleLoad(&guid(), CSSM_KEY_HIERARCHY_NONE, mAppNotifyCallback, mAppNotifyCallbackCtx));
+ mActive = true;
+ session()->catchExit();
+ }
+}
+
+void
+ModuleImpl::deactivate()
+{
+ if (!isIdle())
+ Error::throwMe(Error::objectBusy);
+ if (mActive)
+ {
+ mActive = false;
+ check(CSSM_ModuleUnload(&guid(), mAppNotifyCallback, mAppNotifyCallbackCtx));
+ }
+}
+
+Cssm
+ModuleImpl::session() const
+{
+ return parent<Cssm>();
+}
+
+
+//
+// CssmAttachment objects.
+// parent ::= the loaded module object.
+// active ::= attached.
+//
+AttachmentImpl::AttachmentImpl(const Guid &guid, CSSM_SERVICE_TYPE subserviceType)
+: ObjectImpl(CssmImpl::standard()->autoModule(guid))
+{
+ make(subserviceType);
+}
+
+AttachmentImpl::AttachmentImpl(const Module &module, CSSM_SERVICE_TYPE subserviceType)
+: ObjectImpl(module)
+{
+ make(subserviceType);
+}
+
+AttachmentImpl::~AttachmentImpl()
+{
+ detach();
+}
+
+void
+AttachmentImpl::make(CSSM_SERVICE_TYPE subserviceType)
+{
+ // default configuration
+ mVersion.Major = 2;
+ mVersion.Minor = 0;
+ mSubserviceType = subserviceType;
+ mSubserviceId = 0;
+ mAttachFlags = 0;
+}
+
+void
+AttachmentImpl::activate()
+{
+ if (!mActive)
+ {
+ module()->load();
+ mMemoryFunctions = CssmAllocatorMemoryFunctions(allocator());
+ check(CSSM_ModuleAttach(&guid(), &mVersion,
+ &mMemoryFunctions,
+ mSubserviceId,
+ mSubserviceType,
+ mAttachFlags,
+ CSSM_KEY_HIERARCHY_NONE,
+ NULL, 0, // no function pointer table return
+ NULL, // reserved
+ &mHandle));
+ mActive = true;
+ }
+}
+
+void
+AttachmentImpl::deactivate()
+{
+ if (mActive)
+ {
+ mActive = false;
+ check(CSSM_ModuleDetach(mHandle));
+ }
+}
+
+CSSM_SERVICE_MASK
+AttachmentImpl::subserviceMask() const
+{
+ return mSubserviceType;
+}
+
+void
+AttachmentImpl::subserviceId(uint32 id)
+{
+ mSubserviceId = id;
+}
+
+CssmSubserviceUid
+AttachmentImpl::subserviceUid() const
+{
+ return CssmSubserviceUid(guid(), &mVersion, mSubserviceId, subserviceMask());
+}
+
+Module
+AttachmentImpl::module() const
+{
+ return parent<Module>();
+}
projects / apple / security.git / blobdiff