CssmKey &outKey, SSDatabase &inSSDatabase,
uint32 inKeyAttr, const CssmData *inKeyLabel)
{
+// The analyzer doesn't know what to do with the naked creation of an item
+#ifndef __clang_analyzer__
SSKey* sskey = new SSKey(session, inKeyHandle, outKey, inSSDatabase, inKeyAttr,
inKeyLabel);
+ (void) sskey; // Compiler thinks this variable isn't used, but we want the side effects of creation. Tell the compiler it's okay.
- secdebug("SecAccessReference", "made a new reference sskey with handle %d [%d]", sskey->keyHandle(), sskey->keyReference());
+ secinfo("SecAccessReference", "made a new reference sskey with handle %d [%ld]", sskey->keyHandle(), sskey->keyReference());
+#endif
}
SSKey &
/* fetch key (this is just mapping the value in inKey.KeyData to an SSKey) */
SSKey &theKey = find<SSKey>(inKey);
- secdebug("SecAccessReference", "looked up a sskey with handle %d [%d]", theKey.keyHandle(), theKey.keyReference());
+ secinfo("SecAccessReference", "looked up a sskey with handle %d [%ld]", theKey.keyHandle(), theKey.keyReference());
#ifdef someday
/*
SSCSPDLSession::didChangeKeyAcl(SecurityServer::ClientSession &clientSession,
KeyHandle keyHandle, CSSM_ACL_AUTHORIZATION_TAG tag)
{
+ StLock<Mutex> __(mKeyDeletionMutex); // The key can't be deleted while we're poking at it, on pain of crashing
+
SSKey *theKey = NULL;
{
else
{
// @@@ Should we really throw here or just continue without updating the ACL? In reality this should never happen, so let's at least log it and throw.
- secdebug("keyacl", "SSCSPDLSession::didChangeKeyAcl() keyHandle: %lu not found in map", (unsigned long)keyHandle);
+ secinfo("keyacl", "SSCSPDLSession::didChangeKeyAcl() keyHandle: %lu not found in map", (unsigned long)keyHandle);
CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_REFERENCE);
}
}
ClientSessionKey::getAcl(AutoAclEntryInfoList &aclInfos,
const char *selectionTag) const
{
- secdebug("keyacl", "ClientSessionKey::getAcl() keyHandle: %u", mKeyHandle);
+ secinfo("keyacl", "ClientSessionKey::getAcl() keyHandle: %u", mKeyHandle);
aclInfos.allocator(mClientSession.returnAllocator);
mClientSession.getKeyAcl(mKeyHandle, selectionTag,
*static_cast<uint32 *>(aclInfos),
ClientSessionKey::changeAcl(const CSSM_ACL_EDIT &aclEdit,
const CSSM_ACCESS_CREDENTIALS *cred)
{
- secdebug("keyacl", "ClientSessionKey::changeAcl() keyHandle: %u", mKeyHandle);
+ secinfo("keyacl", "ClientSessionKey::changeAcl() keyHandle: %u", mKeyHandle);
mClientSession.changeKeyAcl(mKeyHandle, AccessCredentials::overlay(*cred), AclEdit::overlay(aclEdit));
}
void
ClientSessionKey::getOwner(AutoAclOwnerPrototype &owner) const
{
- secdebug("keyacl", "ClientSessionKey::getOwner() keyHandle: %u", mKeyHandle);
+ secinfo("keyacl", "ClientSessionKey::getOwner() keyHandle: %u", mKeyHandle);
owner.allocator(mClientSession.returnAllocator);
mClientSession.getKeyOwner(mKeyHandle,
*reinterpret_cast<AclOwnerPrototype *>(static_cast<CSSM_ACL_OWNER_PROTOTYPE *>(owner)));
ClientSessionKey::changeOwner(const CSSM_ACL_OWNER_PROTOTYPE &newOwner,
const CSSM_ACCESS_CREDENTIALS *cred)
{
- secdebug("keyacl", "ClientSessionKey::changeOwner() keyHandle: %u", mKeyHandle);
+ secinfo("keyacl", "ClientSessionKey::changeOwner() keyHandle: %u", mKeyHandle);
mClientSession.changeKeyOwner(mKeyHandle, AccessCredentials::overlay(*cred), AclOwnerPrototype::overlay(newOwner));
}
projects / apple / security.git / blobdiff