X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp diff --git a/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp b/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp index 3c6b24e4..e4cbb899 100644 --- a/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp +++ b/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp @@ -79,8 +79,14 @@ SSCSPDLSession::makeReferenceKey(SSCSPSession &session, KeyHandle inKeyHandle, CssmKey &outKey, SSDatabase &inSSDatabase, uint32 inKeyAttr, const CssmData *inKeyLabel) { - new SSKey(session, inKeyHandle, outKey, inSSDatabase, inKeyAttr, +// The analyzer doesn't know what to do with the naked creation of an item +#ifndef __clang_analyzer__ + SSKey* sskey = new SSKey(session, inKeyHandle, outKey, inSSDatabase, inKeyAttr, inKeyLabel); + (void) sskey; // Compiler thinks this variable isn't used, but we want the side effects of creation. Tell the compiler it's okay. + + secinfo("SecAccessReference", "made a new reference sskey with handle %d [%ld]", sskey->keyHandle(), sskey->keyReference()); +#endif } SSKey & @@ -93,6 +99,8 @@ SSCSPDLSession::lookupKey(const CssmKey &inKey) /* fetch key (this is just mapping the value in inKey.KeyData to an SSKey) */ SSKey &theKey = find(inKey); + + secinfo("SecAccessReference", "looked up a sskey with handle %d [%ld]", theKey.keyHandle(), theKey.keyReference()); #ifdef someday /* @@ -117,6 +125,8 @@ void SSCSPDLSession::didChangeKeyAcl(SecurityServer::ClientSession &clientSession, KeyHandle keyHandle, CSSM_ACL_AUTHORIZATION_TAG tag) { + StLock __(mKeyDeletionMutex); // The key can't be deleted while we're poking at it, on pain of crashing + SSKey *theKey = NULL; { @@ -143,7 +153,7 @@ SSCSPDLSession::didChangeKeyAcl(SecurityServer::ClientSession &clientSession, else { // @@@ Should we really throw here or just continue without updating the ACL? In reality this should never happen, so let's at least log it and throw. - secdebug("keyacl", "SSCSPDLSession::didChangeKeyAcl() keyHandle: %lu not found in map", (unsigned long)keyHandle); + secinfo("keyacl", "SSCSPDLSession::didChangeKeyAcl() keyHandle: %lu not found in map", (unsigned long)keyHandle); CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_REFERENCE); } } @@ -173,7 +183,7 @@ void ClientSessionKey::getAcl(AutoAclEntryInfoList &aclInfos, const char *selectionTag) const { - secdebug("keyacl", "ClientSessionKey::getAcl() keyHandle: %u", mKeyHandle); + secinfo("keyacl", "ClientSessionKey::getAcl() keyHandle: %u", mKeyHandle); aclInfos.allocator(mClientSession.returnAllocator); mClientSession.getKeyAcl(mKeyHandle, selectionTag, *static_cast(aclInfos), @@ -184,14 +194,14 @@ void ClientSessionKey::changeAcl(const CSSM_ACL_EDIT &aclEdit, const CSSM_ACCESS_CREDENTIALS *cred) { - secdebug("keyacl", "ClientSessionKey::changeAcl() keyHandle: %u", mKeyHandle); + secinfo("keyacl", "ClientSessionKey::changeAcl() keyHandle: %u", mKeyHandle); mClientSession.changeKeyAcl(mKeyHandle, AccessCredentials::overlay(*cred), AclEdit::overlay(aclEdit)); } void ClientSessionKey::getOwner(AutoAclOwnerPrototype &owner) const { - secdebug("keyacl", "ClientSessionKey::getOwner() keyHandle: %u", mKeyHandle); + secinfo("keyacl", "ClientSessionKey::getOwner() keyHandle: %u", mKeyHandle); owner.allocator(mClientSession.returnAllocator); mClientSession.getKeyOwner(mKeyHandle, *reinterpret_cast(static_cast(owner))); @@ -201,7 +211,7 @@ void ClientSessionKey::changeOwner(const CSSM_ACL_OWNER_PROTOTYPE &newOwner, const CSSM_ACCESS_CREDENTIALS *cred) { - secdebug("keyacl", "ClientSessionKey::changeOwner() keyHandle: %u", mKeyHandle); + secinfo("keyacl", "ClientSessionKey::changeOwner() keyHandle: %u", mKeyHandle); mClientSession.changeKeyOwner(mKeyHandle, AccessCredentials::overlay(*cred), AclOwnerPrototype::overlay(newOwner)); }