+++ /dev/null
-/*
- * mdsdump.cpp - dump contents of system MDS databases
- */
-
- /**** FIXME this uses a private API not currently exported in any way from
- **** Security project
- ****/
-
-#include <CoreFoundation/CoreFoundation.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <Security/mds.h>
-#include <common.h>
-#include <Security/mds_schema.h>
-#include "MDSSchema.h"
-#include <strings.h>
-
-#define MAX_MDS_ATTRS 32
-
-static CSSM_MEMORY_FUNCS memFuncs = {
- appMalloc,
- appFree,
- appRealloc,
- appCalloc,
- NULL
- };
-
-static void showInfoTypes()
-{
- printf(" o Object records\n");
- printf(" C CSSM records\n");
- printf(" p Plugin Common records\n");
- printf(" c CSP records\n");
- printf(" l CL records\n");
- printf(" t TP records\n");
- printf(" d DL records\n");
- printf(" a All records from Object DB\n");
- printf(" A All records from CDSA directory DB\n");
-}
-
-static void usage(char **argv)
-{
- printf("Usage: %s info_type [options...]\n", argv[0]);
- printf("info_type values:\n");
- showInfoTypes();
- printf(" h help\n");
- printf("Options:\n");
- printf(" i perform MDS_Install()\n");
- printf(" v verbose\n");
- printf(" k keep connected and go again\n");
- exit(1);
-}
-
-#define NORM_KEY_LEN 20
-
-/* print a key name, padding out to NORM_KEY_LEN columns */
-static void printName(
- const char *attrName)
-{
- printf(" %s", attrName);
- int len = strlen(attrName);
- if(len > NORM_KEY_LEN) {
- return;
- }
- int numSpaces = NORM_KEY_LEN - len;
- for(int i=0; i<numSpaces; i++) {
- putchar(' ');
- }
-
-}
-
-#if 0
-/*
- * Attempt to print a numeric value as a string, per a MDSNameValuePair table.
- * Of course this can not deal with OR'd together values; the MDSNameValuePair
- * mechanism does not indicate on a per-field basis which fields are OR-able.
- * If the value is in fact a collection of legal values (per the nameValues
- * array), the value will just be printed in hex.
- */
-static void printValueAsString(
- unsigned val,
- const Security::MDSNameValuePair *nameValues) // optional
-{
- if(nameValues != NULL) {
- while(nameValues->name != NULL) {
- if(nameValues->value == val) {
- printf("%s", nameValues->name);
- return;
- }
- nameValues++;
- }
- }
- /* Oh well */
- printf("0x%x", val);
-}
-#endif
-
-/* print value string, surrounded by single quotes, then a newline */
-static void printValue(
- const CSSM_DATA *attrValue)
-{
- printf("'");
- for(uint32 dex=0; dex<attrValue->Length; dex++) {
- printf("%c", attrValue->Data[dex]);
- }
- printf("'\n");
-}
-
-/* Print one attribute value */
-static void dumpAttr(
- CSSM_DB_ATTRIBUTE_FORMAT attrForm,
- const CSSM_DATA *attrData)
-{
- if((attrData == NULL) || (attrData->Data == NULL)) {
- printf("<NULL DATA>\n");
- return;
- }
- void *data = attrData->Data;
- switch(attrForm) {
- case CSSM_DB_ATTRIBUTE_FORMAT_STRING:
- printValue(attrData);
- break;
- case CSSM_DB_ATTRIBUTE_FORMAT_SINT32: // not really supported in MDS
- case CSSM_DB_ATTRIBUTE_FORMAT_UINT32:
- {
- unsigned val = *(unsigned *)data;
- printf("0x%x\n", val);
- break;
- }
- case CSSM_DB_ATTRIBUTE_FORMAT_BLOB:
- {
- printf("BLOB length %u : ", (unsigned)attrData->Length);
- for(unsigned i=0; i<attrData->Length; i++) {
- unsigned dat = attrData->Data[i];
- printf("%02X ", dat);
- }
- printf("\n");
- break;
- }
- case CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32:
- {
- printf("multi_int[");
- uint32 numInts = attrData->Length / sizeof(uint32);
- uint32 *uip = (uint32 *)data;
- for(unsigned i=0; i<numInts; i++) {
- if(i > 0) {
- printf(", ");
- }
- printf("0x%x", (unsigned)(*uip++));
- }
- printf("]\n");
- break;
- }
- default:
- printf("***UNKNOWN FORMAT (%u), Length %u\n",
- (unsigned)attrForm, (unsigned)attrData->Length);
- break;
- }
-}
-
-/*
- * Vanilla "dump one record" routine. Assumes format of all attribute labels
- * as string. Uses a MDSNameValuePair ptr array in parallel to the attributes
- * themselves to facilitate displaying numeric values as strings (e.g.
- * "CSSM_ALGID_SHA1") where possible.
- */
-static void dumpRecord(
- const CSSM_DB_RECORD_ATTRIBUTE_DATA *recordAttrs)
-{
- unsigned dex;
- for(dex=0; dex<recordAttrs->NumberOfAttributes; dex++) {
- const CSSM_DB_ATTRIBUTE_DATA *attrData = &recordAttrs->AttributeData[dex];
- if(attrData->Info.AttributeNameFormat != CSSM_DB_ATTRIBUTE_NAME_AS_STRING) {
- printf("***BAD ATTR_NAME FORMAT (%u)\n",
- (unsigned)attrData->Info.AttributeNameFormat);
- continue;
- }
- const char *attrName = attrData->Info.Label.AttributeName;
- printName(attrName);
- printf(": ");
- /* note currently in MDS NumberOfValues is always one or zero */
- for(unsigned attrNum=0; attrNum<attrData->NumberOfValues; attrNum++) {
- dumpAttr(attrData->Info.AttributeFormat,
- &attrData->Value[attrNum]);
- }
- if(attrData->NumberOfValues == 0) {
- printf("<<no values present>>\n");
- }
- }
-}
-
-/* free attribute(s) allocated by MDS */
-static void freeAttrs(
- CSSM_DB_RECORD_ATTRIBUTE_DATA_PTR recordAttrs)
-{
- unsigned i;
-
- for(i=0; i<recordAttrs->NumberOfAttributes; i++) {
- CSSM_DB_ATTRIBUTE_DATA_PTR attrData = &recordAttrs->AttributeData[i];
- if(attrData == NULL) {
- /* fault of caller, who allocated the CSSM_DB_ATTRIBUTE_DATA */
- printf("***freeAttrs screwup: NULL attrData\n");
- return;
- }
- unsigned j;
- for(j=0; j<attrData->NumberOfValues; j++) {
- CSSM_DATA_PTR data = &attrData->Value[j];
- if(data == NULL) {
- /* fault of MDS, who said there was a value here */
- printf("***freeAttrs screwup: NULL data\n");
- return;
- }
- appFree(data->Data, NULL);
- data->Data = NULL;
- data->Length = 0;
- }
- appFree(attrData->Value, NULL);
- attrData->Value = NULL;
- }
-}
-
-/*
- * Fetch and display all records of specified CSSM_DB_RECORDTYPE.
- */
-static void fetchAllAttrs(
- MDS_FUNCS *mdsFuncs,
- MDS_DB_HANDLE dlDb,
- CSSM_DB_RECORDTYPE recordType)
-{
- CSSM_QUERY query;
- CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
- CSSM_RETURN crtn;
- CSSM_HANDLE resultHand;
- CSSM_DB_ATTRIBUTE_DATA attrs[MAX_MDS_ATTRS];
- CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
- const RelationInfo *relInfo;
-
- relInfo = MDSRecordTypeToRelation(recordType);
- if(relInfo == NULL) {
- printf("***\10UNKNOWN recordType %d\n", (int)recordType);
- return;
- }
-
- /* build an attr array from schema so we get all known attrs */
- memset(attrs, 0, sizeof(CSSM_DB_ATTRIBUTE_DATA) * MAX_MDS_ATTRS);
- unsigned attrDex;
- for(attrDex=0; attrDex<relInfo->NumberOfAttributes; attrDex++) {
- attrs[attrDex].Info = relInfo->AttributeInfo[attrDex];
- }
- recordAttrs.DataRecordType = recordType;
- recordAttrs.NumberOfAttributes = relInfo->NumberOfAttributes;
- recordAttrs.AttributeData = attrs;
-
- /* just search by recordType, no predicates */
- query.RecordType = recordType;
- query.Conjunctive = CSSM_DB_NONE;
- query.NumSelectionPredicates = 0;
- query.SelectionPredicate = NULL;
- query.QueryLimits.TimeLimit = 0; // FIXME - meaningful?
- query.QueryLimits.SizeLimit = 1; // FIXME - meaningful?
- query.QueryFlags = 0; // CSSM_QUERY_RETURN_DATA...FIXME - used?
-
- crtn = mdsFuncs->DataGetFirst(dlDb,
- &query,
- &resultHand,
- &recordAttrs,
- NULL, // No data
- &record);
- switch(crtn) {
- case CSSM_OK:
- break; // proceed
- case CSSMERR_DL_ENDOFDATA:
- printf("%s: no record found\n", relInfo->relationName);
- return;
- default:
- printError("DataGetFirst", crtn);
- return;
- }
- unsigned recNum = 0;
- printf("%s:\n", relInfo->relationName);
- printf(" record %d; numAttrs %d:\n",
- recNum++, (int)recordAttrs.NumberOfAttributes);
-
- dumpRecord(&recordAttrs);
- mdsFuncs->FreeUniqueRecord(dlDb, record);
- freeAttrs(&recordAttrs);
-
- /* now the rest of them */
- /* hopefully we don't have to re-init the recordAttr array */
- for(;;) {
- crtn = mdsFuncs->DataGetNext(dlDb,
- resultHand,
- &recordAttrs,
- NULL,
- &record);
- switch(crtn) {
- case CSSM_OK:
- printf(" record %d; numAttrs %d:\n",
- recNum++, (int)recordAttrs.NumberOfAttributes);
- dumpRecord(&recordAttrs);
- mdsFuncs->FreeUniqueRecord(dlDb, record);
- freeAttrs(&recordAttrs);
- break; // and go again
- case CSSMERR_DL_ENDOFDATA:
- /* normal termination */
- break;
- default:
- printError("DataGetNext", crtn);
- break;
- }
- if(crtn != CSSM_OK) {
- break;
- }
- }
-}
-
-/*
- * This is different - it's schema-independent. Fetch all records from specified
- * DlDb which contain a ModuleID attribute.
- */
-static void fetchAllRecords(
- MDS_FUNCS *mdsFuncs,
- MDS_DB_HANDLE dlDb)
-{
- CSSM_QUERY query;
- CSSM_DB_UNIQUE_RECORD_PTR record = NULL;
- CSSM_RETURN crtn;
- CSSM_HANDLE resultHand;
- CSSM_DB_RECORD_ATTRIBUTE_DATA recordAttrs;
- CSSM_DB_ATTRIBUTE_DATA theAttr;
- CSSM_DB_ATTRIBUTE_INFO_PTR attrInfo = &theAttr.Info;
- CSSM_DATA attrValue = {0, NULL};
-
- recordAttrs.DataRecordType = CSSM_DL_DB_RECORD_ANY;
- recordAttrs.SemanticInformation = 0;
- recordAttrs.NumberOfAttributes = 1;
- recordAttrs.AttributeData = &theAttr;
-
- attrInfo->AttributeNameFormat = CSSM_DB_ATTRIBUTE_NAME_AS_STRING;
- attrInfo->Label.AttributeName = (char *)"ModuleID";
- attrInfo->AttributeFormat = CSSM_DB_ATTRIBUTE_FORMAT_STRING;
-
- theAttr.NumberOfValues = 1;
- theAttr.Value = &attrValue;
-
- /* just search by recordType, no predicates */
- query.RecordType = CSSM_DL_DB_RECORD_ANY;
- query.Conjunctive = CSSM_DB_NONE;
- query.NumSelectionPredicates = 0;
- query.SelectionPredicate = NULL;
- query.QueryLimits.TimeLimit = 0; // FIXME - meaningful?
- query.QueryLimits.SizeLimit = 1; // FIXME - meaningful?
- query.QueryFlags = 0; // CSSM_QUERY_RETURN_DATA...FIXME - used?
-
- crtn = mdsFuncs->DataGetFirst(dlDb,
- &query,
- &resultHand,
- &recordAttrs,
- NULL, // No data
- &record);
- switch(crtn) {
- case CSSM_OK:
- break; // proceed
- case CSSMERR_DL_ENDOFDATA:
- printf("no record found\n");
- return;
- default:
- printError("DataGetFirst", crtn);
- return;
- }
- unsigned recNum = 0;
- printf("Records containing a ModuleID attribute:\n");
- printf(" record %d:\n", recNum++);
-
- dumpRecord(&recordAttrs);
- mdsFuncs->FreeUniqueRecord(dlDb, record);
- freeAttrs(&recordAttrs);
-
- /* now the rest of them */
- /* hopefully we don't have to re-init the recordAttr array */
- for(;;) {
- crtn = mdsFuncs->DataGetNext(dlDb,
- resultHand,
- &recordAttrs,
- NULL,
- &record);
- switch(crtn) {
- case CSSM_OK:
- printf(" record %d:\n", recNum++);
- dumpRecord(&recordAttrs);
- mdsFuncs->FreeUniqueRecord(dlDb, record);
- freeAttrs(&recordAttrs);
- break; // and go again
- case CSSMERR_DL_ENDOFDATA:
- /* normal termination */
- break;
- default:
- printError("DataGetNext", crtn);
- break;
- }
- if(crtn != CSSM_OK) {
- break;
- }
- }
-}
-
-static void doInstall(
- MDS_HANDLE mdsHand)
-{
- CFAbsoluteTime start, end;
-
- start = CFAbsoluteTimeGetCurrent();
- CSSM_RETURN crtn = MDS_Install(mdsHand);
- end = CFAbsoluteTimeGetCurrent();
- if(crtn) {
- printError("MDS_Install", crtn);
- }
- else {
- printf("MDS_Install took %gs\n", end - start);
- }
-}
-
-int main(int argc, char **argv)
-{
- MDS_FUNCS mdsFuncs;
- MDS_HANDLE mdsHand;
- CSSM_RETURN crtn;
- int arg;
- char op;
- char *dbName;
- CSSM_DB_HANDLE dbHand = 0;
- MDS_DB_HANDLE dlDb;
- bool verbose = 0;
- bool keepConnected = false;
- bool install = false;
-
- if(argc < 2) {
- usage(argv);
- }
- op = argv[1][0];
- if(op == 'h') {
- usage(argv);
- }
- for(arg=2; arg<argc; arg++) {
- switch(argv[arg][0]) {
- case 'v':
- verbose = true;
- break;
- case 'i':
- install = true;
- break;
- case 'k':
- keepConnected = true;
- break;
- default:
- usage(argv);
- }
- }
- if(verbose) {
- printf("..calling MDS_Initialize\n");
- }
- crtn = MDS_Initialize(NULL, // callerGuid
- &memFuncs,
- &mdsFuncs,
- &mdsHand);
- if(crtn) {
- printError("MDS_Initialize", crtn);
- exit(1);
- }
- if(install) {
- doInstall(mdsHand);
- }
- do {
- /* open one or the other DB */
- switch(op) {
- case 'o':
- case 'a':
- dbName = (char *)MDS_OBJECT_DIRECTORY_NAME;
- break;
- default:
- dbName = (char *)MDS_CDSA_DIRECTORY_NAME;
- break;
- }
- crtn = mdsFuncs.DbOpen(mdsHand,
- dbName,
- NULL, // DbLocation
- CSSM_DB_ACCESS_READ,
- NULL, // AccessCred - hopefully optional
- NULL, // OpenParameters
- &dbHand);
- if(crtn) {
- printError("DbOpen", crtn);
- exit(1);
- }
- dlDb.DLHandle = mdsHand;
- dlDb.DBHandle = dbHand;
-
- /* go for it */
- switch(op) {
- case 'o':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_OBJECT_RECORDTYPE);
- break;
- case 'C':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_CSSM_RECORDTYPE);
- break;
- case 'p':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_COMMON_RECORDTYPE);
- break;
- case 'c':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE);
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE);
- if(verbose) {
- fetchAllAttrs(&mdsFuncs, dlDb,
- MDS_CDSADIR_CSP_ENCAPSULATED_PRODUCT_RECORDTYPE);
- fetchAllAttrs(&mdsFuncs, dlDb,
- MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE);
- }
- break;
- case 'l':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_CL_PRIMARY_RECORDTYPE);
- break;
- case 't':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_TP_PRIMARY_RECORDTYPE);
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_TP_OIDS_RECORDTYPE);
- if(verbose) {
- fetchAllAttrs(&mdsFuncs, dlDb,
- MDS_CDSADIR_TP_ENCAPSULATED_PRODUCT_RECORDTYPE);
- }
- break;
- case 'd':
- fetchAllAttrs(&mdsFuncs, dlDb, MDS_CDSADIR_DL_PRIMARY_RECORDTYPE);
- break;
- case 'a':
- case 'A':
- fetchAllRecords(&mdsFuncs, dlDb);
- break;
- default:
- usage(argv);
- }
-
- crtn = mdsFuncs.DbClose(dlDb);
- if(crtn) {
- printError("DbClose", crtn);
- }
- if(keepConnected) {
- printf("\n");
- showInfoTypes();
- fpurge(stdin);
- printf("Enter new info type: ");
- op = getchar();
- }
- } while(keepConnected);
- crtn = MDS_Terminate(mdsHand);
- if(crtn) {
- printError("MDS_Terminate", crtn);
- }
- return 0;
-}
projects / apple / security.git / blobdiff