#include <Security/SecKeychainItemPriv.h>
#include <CoreFoundation/CoreFoundation.h>
-#include "DLDbListCFPref.h"
+#include "DLDBListCFPref.h"
#include <fcntl.h>
#include <glob.h>
#include <sys/param.h>
capacity *= 2;
if (capacity <= i) capacity = i + 1;
tagBuf=reinterpret_cast<UInt32 *>(realloc(tagBuf, (capacity*sizeof(UInt32))));
- formatBuf=reinterpret_cast<UInt32 *>(realloc(tagBuf, (capacity*sizeof(UInt32))));
+ formatBuf=reinterpret_cast<UInt32 *>(realloc(formatBuf, (capacity*sizeof(UInt32))));
}
tagBuf[i]=rit->first;
formatBuf[i++]=rit->second;
return &mMutex;
}
-ReadWriteLock*
-KeychainImpl::getKeychainReadWriteLock()
-{
- return &mRWLock;
-}
-
void KeychainImpl::aboutToDestruct()
{
// remove me from the global cache, we are done
UInt32 newPasswordLength, const void *newPassword)
{
StLock<Mutex>_(mMutex);
-
+
+ secnotice("KCspi", "Attempting to change passphrase for %s", mDb->name());
+
bool isSmartcard = (mDb->dl()->guid() == gGuidAppleSdCSPDL);
TrackingAllocator allocator(Allocator::standard());
AutoCredentials cred = AutoCredentials(allocator);
+
if (oldPassword)
{
const CssmData &oldPass = *new(allocator) CssmData(const_cast<void *>(oldPassword), oldPasswordLength);
void
KeychainImpl::addCopy(Item &inItem)
{
- StReadWriteLock _(mRWLock, StReadWriteLock::Write);
+ StLock<Mutex>_(mMutex);
Keychain keychain(this);
PrimaryKey primaryKey = inItem->addWithCopyInfo(keychain, true);
void
KeychainImpl::add(Item &inItem)
{
- // Make sure we hold a write lock on ourselves when we do this
- StReadWriteLock _(mRWLock, StReadWriteLock::Write);
+ StLock<Mutex>_(mMutex);
Keychain keychain(this);
PrimaryKey primaryKey = inItem->add(keychain);
void
KeychainImpl::deleteItem(Item &inoutItem)
{
- StReadWriteLock _(mRWLock, StReadWriteLock::Write);
+ StLock<Mutex>_(mMutex);
{
// item must be persistent
{
StLock<Mutex>_(mMutex);
- if (!mDb->dl()->subserviceMask() & CSSM_SERVICE_CSP)
+ if (!(mDb->dl()->subserviceMask() & CSSM_SERVICE_CSP))
MacOSError::throwMe(errSecInvalidKeychain);
// Try to cast first to a CSPDL to handle case where we don't have an SSDb
}
// notify that a keychain has changed in too many ways to count
- KCEventNotifier::PostKeychainEvent(kSecKeychainLeftBatchModeEvent);
+ KCEventNotifier::PostKeychainEvent((SecKeychainEvent) kSecKeychainLeftBatchModeEvent);
mEventBuffer->clear();
}
else
{
- KCEventNotifier::PostKeychainEvent(kSecKeychainEnteredBatchModeEvent);
+ KCEventNotifier::PostKeychainEvent((SecKeychainEvent) kSecKeychainEnteredBatchModeEvent);
}
}
void
bool KeychainImpl::performKeychainUpgradeIfNeeded() {
- // Grab this keychain's mutex. This might not be sufficient, since the
- // keychain might have outstanding cursors. We'll grab the RWLock later if needed.
+ // Grab this keychain's mutex.
StLock<Mutex>_(mMutex);
if(!globals().integrityProtection()) {
//
// If the keychain is unlocked, try to upgrade it.
// In either case, reload the database from disk.
- // We need this keychain's read/write lock.
-
- // Try to grab the keychain write lock.
- StReadWriteLock lock(mRWLock, StReadWriteLock::TryWrite);
- // If we didn't manage to grab the lock, there's readers out there
- // currently reading this keychain. Abort the upgrade.
- if(!lock.isLocked()) {
- secnotice("integrity", "couldn't get read-write lock, aborting upgrade");
- return false;
- }
+ // Try to grab the keychain mutex (although we should already have it)
+ StLock<Mutex>_(mMutex);
// Take the file lock on the existing database. We don't need to commit this txion, because we're not planning to
// change the original keychain.
secnotice("integrity", "keychain guid does not support integrity");
return false;
}
- return false;
}
projects / apple / security.git / blobdiff