Security-59306.61.1.tar.gz

[apple/security.git] / OSX / libsecurity_filedb / lib / AppleDatabase.cpp

diff --git a/OSX/libsecurity_filedb/lib/AppleDatabase.cpp b/OSX/libsecurity_filedb/lib/AppleDatabase.cpp
index aa307033e3c546b14cdbb68ea92ae142389bcd46..60b47123f3d34337ec2f08cee985ce5b48a30d76 100644 (file)
--- a/OSX/libsecurity_filedb/lib/AppleDatabase.cpp
+++ b/OSX/libsecurity_filedb/lib/AppleDatabase.cpp
@@ -1687,7 +1687,7 @@ DbModifier::commit()
         return;
     try
     {
-        secdebugfunc("integrity", "committing to %s", mAtomicFile.path().c_str());
+        secinfo("integrity", "committing to %s", mAtomicFile.path().c_str());
 
                WriteSection aHeaderSection(Allocator::standard(), size_t(HeaderSize));
                // Set aHeaderSection to the correct size.
@@ -2294,40 +2294,6 @@ AppleDatabase::dataDelete(DbContext &inDbContext,
 {
     try
     {
-               // syslog if it's the .Mac password
-               CSSM_DB_RECORD_ATTRIBUTE_DATA attrData;
-               // we have to do this in two phases -- the first to get the record type, and the second to actually read the attributes.  Otherwise, we might get
-               // an exception.
-               memset(&attrData, 0, sizeof(attrData));
-               dataGetFromUniqueRecordId(inDbContext, inUniqueRecord, &attrData, NULL);
-
-               if (attrData.DataRecordType == CSSM_DL_DB_RECORD_GENERIC_PASSWORD)
-               {
-                       CSSM_DB_ATTRIBUTE_DATA attributes;
-
-                       // setup some attributes and see if we are indeed the .Mac password
-                       attributes.Info.AttributeNameFormat = CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER;
-                       attributes.Info.Label.AttributeID = 'svce';
-                       attributes.Info.AttributeFormat = 0;
-                       attributes.NumberOfValues = 1;
-                       attributes.Value = NULL;
-
-                       attrData.NumberOfAttributes = 1;
-                       attrData.AttributeData = &attributes;
-
-                       dataGetFromUniqueRecordId(inDbContext, inUniqueRecord, &attrData, NULL);
-
-                       // now check the results
-                       std::string dataString((const char*) attrData.AttributeData[0].Value[0].Data, attrData.AttributeData[0].Value[0].Length);
-                       if (dataString == "iTools")
-                       {
-                               syslog(LOG_WARNING, "Warning: Removed .Me password");
-                       }
-
-                       free(attrData.AttributeData[0].Value[0].Data);
-                       free(attrData.AttributeData[0].Value);
-               }
-
                StLock<Mutex> _(mWriteLock);
                Table::Id aTableId;
                const RecordId aRecordId(parseUniqueRecord(inUniqueRecord, aTableId));
@@ -2550,6 +2516,14 @@ AppleDatabase::passThrough(DbContext &dbContext,
         dbMakeBackup();
         break;
 
+    case CSSM_APPLEFILEDL_MAKE_COPY:
+        dbMakeCopy((const char *) inputParams);
+        break;
+
+    case CSSM_APPLEFILEDL_DELETE_FILE:
+        dbDeleteFile();
+        break;
+
        case CSSM_APPLECSPDL_DB_RELATION_EXISTS:
        {
                CSSM_BOOL returnValue;
@@ -2570,7 +2544,6 @@ AppleDatabase::passThrough(DbContext &dbContext,
 
        default:
                CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
-               break;
        }
 }
 
@@ -2581,11 +2554,20 @@ AppleDatabase::dbMakeBackup() {
     string filename_temp(filename_temp_cstr);
     filename_temp += "_backup";
 
-    const char * dstFilename = filename_temp.c_str();
     free(filename_temp_cstr);
 
-    if(copyfile(mAtomicFile.path().c_str(), dstFilename, NULL, COPYFILE_ALL) < 0) {
+    dbMakeCopy(filename_temp.c_str());
+}
+
+void
+AppleDatabase::dbMakeCopy(const char* path) {
+    if(copyfile(mAtomicFile.path().c_str(), path, NULL, COPYFILE_UNLINK | COPYFILE_ALL) < 0) {
         UnixError::throwMe(errno);
     }
 }
 
+void AppleDatabase::dbDeleteFile() {
+    if(unlink(mAtomicFile.path().c_str()) < 0) {
+        UnixError::throwMe(errno);
+    }
+}