securityd-25991.tar.gz

diff --git a/etc/CodeEquivalenceCandidates b/etc/CodeEquivalenceCandidates
index 45cc39a4485085fa66297000648106c20402c297..7c90c92fc0d7db76c1787a4f918d6e15364ed910 100644 (file)
--- a/etc/CodeEquivalenceCandidates
+++ b/etc/CodeEquivalenceCandidates
@@ -11,6 +11,7 @@
 /Applications/Utilities/Keychain Access.app
 /Applications/Utilities/Keychain Access.app/Contents/Resources/Keychain Agent
 /Applications/iCal.app
 /Applications/Utilities/Keychain Access.app
 /Applications/Utilities/Keychain Access.app/Contents/Resources/Keychain Agent
 /Applications/iCal.app

+/Applications/iCal.app/Contents/Resources/iCal Helper.app

 /Applications/iChat.app
 /Applications/iMovie.app
 /Applications/iPhoto.app
 /Applications/iChat.app
 /Applications/iMovie.app
 /Applications/iPhoto.app


@@ -21,6 +22,7 @@
 /System/Library/CoreServices/MirrorAgent.app
 /System/Library/CoreServices/SecurityAgent.app
 /System/Library/CoreServices/SyncServer.app
 /System/Library/CoreServices/MirrorAgent.app
 /System/Library/CoreServices/SecurityAgent.app
 /System/Library/CoreServices/SyncServer.app

+/System/Library/CoreServices/SyncServer.app/Contents/Resources/safaritool

 /System/Library/CoreServices/SystemUIServer.app
 /System/Library/CoreServices/dotmacsyncclient
 /System/Library/Filesystems/ftp.fs/mount_ftp
 /System/Library/CoreServices/SystemUIServer.app
 /System/Library/CoreServices/dotmacsyncclient
 /System/Library/Filesystems/ftp.fs/mount_ftp

diff --git a/securityd.xcode/project.pbxproj b/securityd.xcode/project.pbxproj
index a84ae96d1c428ba626eb6633849d6eb4a8ef55d6..b041ec51830e40e05fa428de9a0a844c21774b76 100644 (file)
--- a/securityd.xcode/project.pbxproj
+++ b/securityd.xcode/project.pbxproj
@@ -838,7 +838,7 @@
                        );
                        buildSettings = {
                                BUILD_VARIANTS = "normal debug";
                        );
                        buildSettings = {
                                BUILD_VARIANTS = "normal debug";

-                               CURRENT_PROJECT_VERSION = 25481;
+                               CURRENT_PROJECT_VERSION = 25991;

                                FRAMEWORK_SEARCH_PATHS = "/usr/local/SecurityPieces/Frameworks /usr/local/SecurityPieces/Components/securityd $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks";
                                INSTALL_PATH = /usr/sbin;
                                OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines -fcoalesce-templates";
                                FRAMEWORK_SEARCH_PATHS = "/usr/local/SecurityPieces/Frameworks /usr/local/SecurityPieces/Components/securityd $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks";
                                INSTALL_PATH = /usr/sbin;
                                OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines -fcoalesce-templates";

diff --git a/src/AuthorizationEngine.cpp b/src/AuthorizationEngine.cpp
index a7078ae8dfbef26c5833a77aa37231b72f67321a..0a41fd1ddbfee0f7fb40456c61f54c57abb7d7c3 100644 (file)
--- a/src/AuthorizationEngine.cpp
+++ b/src/AuthorizationEngine.cpp
@@ -131,6 +131,8 @@ Engine::authorize(const AuthItemSet &inRights, const AuthItemSet &environment,
 
                if (username.length())
                {
 
                if (username.length())
                {

+                       // Call to checkpw in DS
+                       Server::active().longTermActivity();

                        // Let's create a credential from the passed in username and password.
                        Credential newCredential(username, password, shared);
                        // If it's valid insert it into the credentials list.  Normally this is
                        // Let's create a credential from the passed in username and password.
                        Credential newCredential(username, password, shared);
                        // If it's valid insert it into the credentials list.  Normally this is

diff --git a/src/AuthorizationMechEval.cpp b/src/AuthorizationMechEval.cpp
index 87ccdc2a39642aba56ae965c243448c275196c25..571cff7084d59524f761f638d8aeaf9954d8ef85 100644 (file)
--- a/src/AuthorizationMechEval.cpp
+++ b/src/AuthorizationMechEval.cpp
@@ -209,6 +209,9 @@ AuthorizationResult AgentMechanismEvaluator::authinternal(AuthItemSet &context)
             break;
         string password(static_cast<const char *>((*found)->value().data), (*found)->value().length);
         secdebug("AuthEvalMech", "found password");
             break;
         string password(static_cast<const char *>((*found)->value().data), (*found)->value().length);
         secdebug("AuthEvalMech", "found password");

+
+               // Call to checkpw in DS
+               Server::active().longTermActivity();            

         Credential newCredential(username, password, true); // create a new shared credential
         
         if (newCredential->isValid())
         Credential newCredential(username, password, true); // create a new shared credential
         
         if (newCredential->isValid())

diff --git a/src/AuthorizationRule.cpp b/src/AuthorizationRule.cpp
index fdbbac9fa9f54dcda52fe7b62aa312523c6e3d52..c1a1b218e16f5ae32d8404337067d2062f305caf 100644 (file)
--- a/src/AuthorizationRule.cpp
+++ b/src/AuthorizationRule.cpp
@@ -570,6 +570,8 @@ RuleImpl::makeCredentials(const AuthorizationToken &auth) const
                 secdebug("AuthEvalMech", "found password");
                 string password = (**found).stringValue();
                 secdebug("AuthEvalMech", "falling back on username/password credential if valid");
                 secdebug("AuthEvalMech", "found password");
                 string password = (**found).stringValue();
                 secdebug("AuthEvalMech", "falling back on username/password credential if valid");

+                               // Call to checkpw in DS
+                               Server::active().longTermActivity();

                                Credential newCred(username, password, mShared);
                 newCredentials.insert(newCred);
                                CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken());
                                Credential newCred(username, password, mShared);
                 newCredentials.insert(newCred);
                                CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken());

diff --git a/src/database.cpp b/src/database.cpp
index edc689dd72997c7b5951045163dbc679ecde27b3..e1e652c567ad6dbd48cae239bc26d4b186e0ffca 100644 (file)
--- a/src/database.cpp
+++ b/src/database.cpp
@@ -231,7 +231,7 @@ bool SystemKeychainKey::matches(const DbBlob::Signature &signature)
 bool SystemKeychainKey::update()
 {
        // if we checked recently, just assume it's okay
 bool SystemKeychainKey::update()
 {
        // if we checked recently, just assume it's okay

-       if (mUpdateThreshold > Time::now())
+       if (mValid && mUpdateThreshold > Time::now())

                return mValid;
                
        // check the file
                return mValid;
                
        // check the file

diff --git a/src/structure.h b/src/structure.h
index 025d7f2d66af4eca75057d6cf5f54398db5da164..2be75278203ba0b3a53b6c69da3cd3f3ae2e87c8 100644 (file)
--- a/src/structure.h
+++ b/src/structure.h
@@ -132,8 +132,8 @@ template <class Sub>
 void NodeCore::allReferences(void (Sub::*func)())
 {
        StLock<Mutex> _(*this);
 void NodeCore::allReferences(void (Sub::*func)())
 {
        StLock<Mutex> _(*this);

-       for (ReferenceSet::const_iterator it = mReferences.begin(); it != mReferences.end(); it++)
-               if (RefPointer<Sub> sub = dynamic_cast<Sub *>(it->get()))
+       for (ReferenceSet::const_iterator it = mReferences.begin(); it != mReferences.end();)
+               if (RefPointer<Sub> sub = dynamic_cast<Sub *>((it++)->get()))

                        (sub->*func)();
 }
 
                        (sub->*func)();
 }