From 6f458ca86da2b5a0249ba2fcca5d1e5f8f18858d Mon Sep 17 00:00:00 2001 From: Apple Date: Wed, 8 Feb 2006 18:09:31 +0000 Subject: [PATCH] securityd-26692.tar.gz --- securityd.xcode/project.pbxproj | 14 +++++----- src/acls.cpp | 3 --- src/acls.h | 1 - src/agentquery.cpp | 18 ++++++------- src/codesigdb.cpp | 47 +++++++++++---------------------- src/dbcrypto.cpp | 12 ++++----- src/dbcrypto.h | 2 +- src/flippers.h | 3 ++- src/kcdatabase.cpp | 4 +-- src/kckey.cpp | 4 +-- src/main.cpp | 3 ++- src/notifications.cpp | 3 ++- src/pcscmonitor.cpp | 16 +++++------ src/server.h | 8 +++--- src/session.cpp | 6 ++--- src/session.h | 2 +- src/structure.h | 16 +++++------ src/token.cpp | 4 +-- src/tokend.cpp | 7 ----- src/tokend.h | 1 - src/tokendatabase.cpp | 4 +-- src/tokendatabase.h | 2 +- 22 files changed, 76 insertions(+), 104 deletions(-) diff --git a/securityd.xcode/project.pbxproj b/securityd.xcode/project.pbxproj index 769f610..4154d1d 100644 --- a/securityd.xcode/project.pbxproj +++ b/securityd.xcode/project.pbxproj @@ -838,21 +838,21 @@ ); buildSettings = { BUILD_VARIANTS = "normal debug"; - CURRENT_PROJECT_VERSION = 26674; + CURRENT_PROJECT_VERSION = 26692; FRAMEWORK_SEARCH_PATHS = "/usr/local/SecurityPieces/Frameworks /usr/local/SecurityPieces/Components/securityd $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks"; INSTALL_PATH = /usr/sbin; - OPT_CPPXFLAGS = "$(OPT_CXFLAGS)"; + OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines -fcoalesce-templates"; OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)"; - OPT_INLINEXFLAGS = "-finline-functions"; + OPT_INLINEXFLAGS = " -finline-functions --param max-inline-insns-single=150 --param max-inline-insns-auto=150 --param max-inline-insns=300 --param min-inline-insns=90"; OPT_LDXFLAGS = "-dead_strip"; OPT_LDXNOPIC = ",_nopic"; OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)"; OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)"; OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg"; - OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O1 -fno-inline"; + OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline"; OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)"; OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg"; - OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; + OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline"; OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)"; OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg"; OTHER_LDFLAGS = "-lbsm"; @@ -1380,8 +1380,8 @@ OPT_LDFLAGS = ""; OPT_LDXFLAGS = ""; OPT_LDXNOPIC = ""; - OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -O1 -fno-inline"; - OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; + OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -O0 -fno-inline"; + OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline"; }; isa = PBXBuildStyle; name = "normal with debug"; diff --git a/src/acls.cpp b/src/acls.cpp index aa2524a..f820d00 100644 --- a/src/acls.cpp +++ b/src/acls.cpp @@ -187,9 +187,6 @@ ObjectAcl *SecurityServerEnvironment::preAuthSource() // // The default AclSource denies having an ACL at all // -AclSource::~AclSource() -{ /* virtual */ } - SecurityServerAcl &AclSource::acl() { CssmError::throwMe(CSSM_ERRCODE_OBJECT_ACL_NOT_SUPPORTED); diff --git a/src/acls.h b/src/acls.h index daa5ed0..3a8453e 100644 --- a/src/acls.h +++ b/src/acls.h @@ -118,7 +118,6 @@ public: class AclSource { protected: AclSource() { } - virtual ~AclSource(); public: virtual SecurityServerAcl &acl(); // defaults to "no ACL; throw exception" diff --git a/src/agentquery.cpp b/src/agentquery.cpp index 9878249..1876642 100644 --- a/src/agentquery.cpp +++ b/src/agentquery.cpp @@ -242,7 +242,7 @@ Reason QueryKeychainUse::queryUser (const char *database, const char *descriptio if (mPassphraseCheck) { - create("builtin", "confirm-access-password", noSecuritySession); + create("builtin", "confirm-access-password", NULL); CssmAutoData data(Allocator::standard(Allocator::sensitive)); @@ -280,7 +280,7 @@ Reason QueryKeychainUse::queryUser (const char *database, const char *descriptio } else { - create("builtin", "confirm-access", noSecuritySession); + create("builtin", "confirm-access", NULL); setInput(hints, context); invoke(); } @@ -322,7 +322,7 @@ bool QueryCodeCheck::operator () (const char *aclPath) hints.insert(AuthItemRef(AGENT_HINT_APPLICATION_PATH, AuthValueOverlay(strlen(aclPath), const_cast(aclPath)))); - create("builtin", "code-identity", noSecuritySession); + create("builtin", "code-identity", NULL); setInput(hints, context); status = invoke(); @@ -366,7 +366,7 @@ Reason QueryOld::query() hints.insert(mClientHints.begin(), mClientHints.end()); - create("builtin", "unlock-keychain", noSecuritySession); + create("builtin", "unlock-keychain", NULL); do { @@ -478,10 +478,10 @@ Reason QueryNewPassphrase::query() switch (initialReason) { case SecurityAgent::newDatabase: - create("builtin", "new-passphrase", noSecuritySession); + create("builtin", "new-passphrase", NULL); break; case SecurityAgent::changePassphrase: - create("builtin", "change-passphrase", noSecuritySession); + create("builtin", "change-passphrase", NULL); break; default: assert(false); @@ -597,11 +597,11 @@ Reason QueryGenericPassphrase::query(const char *prompt, bool verify, // CSSM_ATTRIBUTE_ALERT_TITLE (optional alert panel title) if (false == verify) { // import - create("builtin", "generic-unlock", noSecuritySession); + create("builtin", "generic-unlock", NULL); } else { // verify passphrase (export) // new-passphrase-generic works with the pre-4 June 2004 agent; // generic-new-passphrase is required for the new agent - create("builtin", "generic-new-passphrase", noSecuritySession); + create("builtin", "generic-new-passphrase", NULL); } AuthItem *passwordItem; @@ -652,7 +652,7 @@ Reason QueryDBBlobSecret::query(DatabaseCryptoCore &dbCore, const DbBlob *secret hints.insert(mClientHints.begin(), mClientHints.end()); - create("builtin", "generic-unlock-kcblob", noSecuritySession); + create("builtin", "generic-unlock-kcblob", NULL); AuthItem *secretItem; diff --git a/src/codesigdb.cpp b/src/codesigdb.cpp index 4ff3d64..d8094fa 100644 --- a/src/codesigdb.cpp +++ b/src/codesigdb.cpp @@ -116,8 +116,7 @@ CodeSignatures::~CodeSignatures() void CodeSignatures::open(const char *path) { mDb.open(path, O_RDWR | O_CREAT, 0644); - if (mDb) - mDb.flush(); + mDb.flush(); IFDUMPING("equiv", debugDump("reopen")); } @@ -145,8 +144,6 @@ string CodeSignatures::Identity::canonicalName(const string &path) // bool CodeSignatures::find(Identity &id, uid_t user) { - if (!mDb) - return false; if (id.mState != Identity::untried) return id.mState == Identity::valid; try { @@ -174,8 +171,6 @@ bool CodeSignatures::find(Identity &id, uid_t user) void CodeSignatures::makeLink(Identity &id, const string &ident, bool forUser, uid_t user) { - if (!mDb) - UnixError::throwMe(ENOENT); DbKey key('H', id.getHash(mSigner), forUser, user); if (!mDb.put(key, StringData(ident))) UnixError::throwMe(); @@ -219,8 +214,6 @@ void CodeSignatures::addLink(const CssmData &oldHash, const CssmData &newHash, void CodeSignatures::removeLink(const CssmData &hash, const char *name, bool forSystem) { - if (!mDb) - UnixError::throwMe(ENOENT); AclIdentity code(hash, name); uid_t user = Server::process().uid(); if (forSystem && user) // only root user can remove forSystem links @@ -259,12 +252,6 @@ bool CodeSignatures::verify(Process &process, return false; } - // don't bother the user if the db is MIA - if (!mDb) { - secdebug("codesign", "database not open; cannot verify"); - return false; - } - // ah well. Establish mediator objects for database signature links AclIdentity aclIdentity(trustedSignature, comment ? comment->interpretedAs() : NULL); @@ -315,7 +302,7 @@ bool CodeSignatures::verify(Process &process, return false; } } - + // ask the user QueryCodeCheck query; query.inferHints(process); @@ -370,24 +357,20 @@ void CodeSignatures::debugDump(const char *how) const if (!how) how = "dump"; CssmData key, value; - if (!mDb) { - dump("CODE EQUIVALENTS DATABASE IS NOT OPEN (%s)", how); + if (!mDb.first(key, value)) { + dump("CODE EQUIVALENTS DATABASE IS EMPTY (%s)\n", how); } else { - if (!mDb.first(key, value)) { - dump("CODE EQUIVALENTS DATABASE IS EMPTY (%s)\n", how); - } else { - dump("CODE EQUIVALENTS DATABASE DUMP (%s)\n", how); - do { - const char *header = key.interpretedAs(); - size_t headerLength = strlen(header) + 1; - dump("%s:", header); - dumpData(key.at(headerLength), key.length() - headerLength); - dump(" => "); - dumpData(value); - dump("\n"); - } while (mDb.next(key, value)); - dump("END DUMP\n"); - } + dump("CODE EQUIVALENTS DATABASE DUMP (%s)\n", how); + do { + const char *header = key.interpretedAs(); + size_t headerLength = strlen(header) + 1; + dump("%s:", header); + dumpData(key.at(headerLength), key.length() - headerLength); + dump(" => "); + dumpData(value); + dump("\n"); + } while (mDb.next(key, value)); + dump("END DUMP\n"); } } diff --git a/src/dbcrypto.cpp b/src/dbcrypto.cpp index 5054f85..b850653 100644 --- a/src/dbcrypto.cpp +++ b/src/dbcrypto.cpp @@ -238,7 +238,7 @@ DbBlob *DatabaseCryptoCore::encodeCore(const DbBlob &blobTemplate, // Throws exceptions if decoding fails. // Memory returned in privateAclBlob is allocated and becomes owned by caller. // -void DatabaseCryptoCore::decodeCore(const DbBlob *blob, void **privateAclBlob) +void DatabaseCryptoCore::decodeCore(DbBlob *blob, void **privateAclBlob) { assert(mHaveMaster); // must have master key installed @@ -247,8 +247,8 @@ void DatabaseCryptoCore::decodeCore(const DbBlob *blob, void **privateAclBlob) decryptor.mode(CSSM_ALGMODE_CBCPadIV8); decryptor.padding(CSSM_PADDING_PKCS1); decryptor.key(mMasterKey); - CssmData ivd = CssmData::wrap(blob->iv); decryptor.initVector(ivd); - CssmData cryptoBlob = CssmData::wrap(blob->cryptoBlob(), blob->cryptoBlobLength()); + CssmData ivd(blob->iv, sizeof(blob->iv)); decryptor.initVector(ivd); + CssmData cryptoBlob(blob->cryptoBlob(), blob->cryptoBlobLength()); CssmData decryptedBlob, remData; decryptor.decrypt(cryptoBlob, decryptedBlob, remData); DbBlob::PrivateBlob *privateBlob = decryptedBlob.interpretedAs(); @@ -263,8 +263,8 @@ void DatabaseCryptoCore::decodeCore(const DbBlob *blob, void **privateAclBlob) // verify signature on the whole blob CssmData signChunk[] = { - CssmData::wrap(blob->data(), fieldOffsetOf(&DbBlob::blobSignature)), - CssmData::wrap(blob->publicAclBlob(), blob->publicAclBlobLength() + blob->cryptoBlobLength()) + CssmData(blob->data(), fieldOffsetOf(&DbBlob::blobSignature)), + CssmData(blob->publicAclBlob(), blob->publicAclBlobLength() + blob->cryptoBlobLength()) }; CSSM_ALGORITHMS verifyAlgorithm = CSSM_ALGID_SHA1HMAC; #if defined(COMPAT_OSX_10_0) @@ -273,7 +273,7 @@ void DatabaseCryptoCore::decodeCore(const DbBlob *blob, void **privateAclBlob) #endif VerifyMac verifier(Server::csp(), verifyAlgorithm); verifier.key(mSigningKey); - verifier.verify(signChunk, 2, CssmData::wrap(blob->blobSignature)); + verifier.verify(signChunk, 2, CssmData(blob->blobSignature, sizeof(blob->blobSignature))); // all checks out; start extracting fields if (privateAclBlob) { diff --git a/src/dbcrypto.h b/src/dbcrypto.h index 16d42e3..3067b70 100644 --- a/src/dbcrypto.h +++ b/src/dbcrypto.h @@ -55,7 +55,7 @@ public: void setup(const DbBlob *blob, const CssmData &passphrase); void setup(const DbBlob *blob, CssmClient::Key master); - void decodeCore(const DbBlob *blob, void **privateAclBlob = NULL); + void decodeCore(DbBlob *blob, void **privateAclBlob = NULL); DbBlob *encodeCore(const DbBlob &blobTemplate, const CssmData &publicAcl, const CssmData &privateAcl) const; void importSecrets(const DatabaseCryptoCore &src); diff --git a/src/flippers.h b/src/flippers.h index a3cc1ab..6e437c0 100644 --- a/src/flippers.h +++ b/src/flippers.h @@ -56,7 +56,8 @@ inline void flip(T &obj) // It's a bad idea to try to flip a const, so flag that // template -inline void flip(const T &); +inline void flip(const T &) +{ tryingToFlipAConstWontWork(); } // diff --git a/src/kcdatabase.cpp b/src/kcdatabase.cpp index 32160b5..8f723c5 100644 --- a/src/kcdatabase.cpp +++ b/src/kcdatabase.cpp @@ -878,10 +878,10 @@ void KeychainDatabase::validateBlob(const DbBlob *blob) blob->validate(CSSMERR_APPLEDL_INVALID_DATABASE_BLOB); switch (blob->version()) { #if defined(COMPAT_OSX_10_0) - case DbBlob::version_MacOS_10_0: + case blob->version_MacOS_10_0: break; #endif - case DbBlob::version_MacOS_10_1: + case blob->version_MacOS_10_1: break; default: CssmError::throwMe(CSSMERR_APPLEDL_INCOMPATIBLE_DATABASE_BLOB); diff --git a/src/kckey.cpp b/src/kckey.cpp index 3a5e8bd..780f8cc 100644 --- a/src/kckey.cpp +++ b/src/kckey.cpp @@ -43,10 +43,10 @@ KeychainKey::KeychainKey(Database &db, const KeyBlob *blob) blob->validate(CSSMERR_APPLEDL_INVALID_KEY_BLOB); switch (blob->version()) { #if defined(COMPAT_OSX_10_0) - case KeyBlob::version_MacOS_10_0: + case blob->version_MacOS_10_0: break; #endif - case KeyBlob::version_MacOS_10_1: + case blob->version_MacOS_10_1: break; default: CssmError::throwMe(CSSMERR_APPLEDL_INCOMPATIBLE_KEY_BLOB); diff --git a/src/main.cpp b/src/main.cpp index 5b47f5e..2208882 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -64,6 +64,7 @@ #include #include "acl_keychain.h" + // // Local functions of the main program driver // @@ -260,7 +261,7 @@ int main(int argc, char *argv[]) // install MDS and initialize the local CSSM server.loadCssm(); - + // okay, we're ready to roll Syslog::notice("Entering service"); secdebug("SS", "%s initialized", bootstrapName); diff --git a/src/notifications.cpp b/src/notifications.cpp index ebee947..0ac6a36 100644 --- a/src/notifications.cpp +++ b/src/notifications.cpp @@ -29,6 +29,7 @@ #include "server.h" #include + Listener::ListenerMap Listener::listeners; Mutex Listener::setLock; @@ -115,7 +116,7 @@ void ProcessListener::notifyMe(NotificationDomain domain, { secdebug("notify", "%p sending domain %ld event 0x%lx to port %d process %d", this, domain, event, mPort.port(), process.pid()); - + // send mach message (via MIG simpleroutine) if (IFDEBUG(kern_return_t rc =) ucsp_notify_sender_notify(mPort, domain, event, data.data(), data.length(), diff --git a/src/pcscmonitor.cpp b/src/pcscmonitor.cpp index 833b1ba..6921eca 100644 --- a/src/pcscmonitor.cpp +++ b/src/pcscmonitor.cpp @@ -365,7 +365,7 @@ PCSCMonitor::DeviceSupport PCSCMonitor::deviceSupport(const IOKit::Device &dev) try { secdebug("scsel", "%s", dev.path().c_str()); - // composite USB device with interface class + // composite USB device with interface class if (CFRef cfInterface = dev.property("bInterfaceClass")) switch (IFDEBUG(uint32 clas =) cfNumber(cfInterface)) { case kUSBChipSmartCardInterfaceClass: // CCID smartcard reader - go @@ -379,19 +379,19 @@ PCSCMonitor::DeviceSupport PCSCMonitor::deviceSupport(const IOKit::Device &dev) return impossible; } - // noncomposite USB device + // noncomposite USB device if (CFRef cfDevice = dev.property("bDeviceClass")) if (cfNumber(cfDevice) == kUSBVendorSpecificClass) { secdebug("scsel", " Vendor-specific device - possible match"); return possible; } - // PCCard (aka PCMCIA aka ...) interface (don't know how to recognize a reader here) - if (CFRef ioName = dev.property("IOName")) - if (cfString(ioName).find("pccard", 0, 1) == 0) { - secdebug("scsel", " PCCard - possible match"); - return possible; - } + // PCCard (aka PCMCIA aka ...) interface (don't know how to recognize a reader here) + if (CFRef ioName = dev.property("IOName")) + if (cfString(ioName).find("pccard", 0, 1) == 0) { + secdebug("scsel", " PCCard - possible match"); + return possible; + } return impossible; } catch (...) { secdebug("scsel", " exception while examining device - ignoring it"); diff --git a/src/server.h b/src/server.h index 011a649..80c0992 100644 --- a/src/server.h +++ b/src/server.h @@ -114,11 +114,11 @@ public: static AclSource &aclBearer(AclKind kind, CSSM_HANDLE handle); // Generic version of handle lookup - template - static RefPointer find(CSSM_HANDLE handle, CSSM_RETURN notFoundError) + template + static RefPointer find(CSSM_HANDLE handle, CSSM_RETURN notFoundError) { - RefPointer object = - HandleObject::findRef(handle, notFoundError); + RefPointer object = + HandleObject::findRef(handle, notFoundError); if (object->process() != Server::process()) CssmError::throwMe(notFoundError); return object; diff --git a/src/session.cpp b/src/session.cpp index 7cabc91..6bd0abf 100644 --- a/src/session.cpp +++ b/src/session.cpp @@ -485,7 +485,6 @@ OSStatus Session::authorizationdbRemove(const AuthorizationBlob &authBlob, Autho void Session::mergeCredentials(CredentialSet &creds) { secdebug("SSsession", "%p merge creds @%p", this, &creds); - CredentialSet updatedCredentials = creds; for (CredentialSet::const_iterator it = creds.begin(); it != creds.end(); it++) if (((*it)->isShared() && (*it)->isValid())) { CredentialSet::iterator old = mSessionCreds.find(*it); @@ -494,11 +493,10 @@ void Session::mergeCredentials(CredentialSet &creds) } else { // replace "new" with "old" in input set to retain synchronization (*old)->merge(**it); - updatedCredentials.erase(*it); - updatedCredentials.insert(*old); + creds.erase(it); + creds.insert(*old); } } - creds.swap(updatedCredentials); } diff --git a/src/session.h b/src/session.h index 7799cc4..b252964 100644 --- a/src/session.h +++ b/src/session.h @@ -139,7 +139,7 @@ protected: void kill(); -protected: +private: static PortMap mSessions; }; diff --git a/src/structure.h b/src/structure.h index 66f0d92..2be7527 100644 --- a/src/structure.h +++ b/src/structure.h @@ -222,24 +222,24 @@ template class PortMap : public Mutex, public std::map > { typedef std::map > _Map; public: - bool contains(mach_port_t port) const { return this->find(port) != this->end(); } + bool contains(mach_port_t port) const { return find(port) != end(); } Node *getOpt(mach_port_t port) const { - typename _Map::const_iterator it = this->find(port); - return (it == this->end()) ? NULL : it->second; + typename _Map::const_iterator it = find(port); + return (it == end()) ? NULL : it->second; } Node *get(mach_port_t port) const { - typename _Map::const_iterator it = this->find(port); - assert(it != this->end()); + typename _Map::const_iterator it = find(port); + assert(it != end()); return it->second; } Node *get(mach_port_t port, OSStatus error) const { - typename _Map::const_iterator it = this->find(port); - if (it == this->end()) + typename _Map::const_iterator it = find(port); + if (it == end()) MacOSError::throwMe(error); return it->second; } @@ -250,7 +250,7 @@ public: template void PortMap::dump() { - for (typename _Map::const_iterator it = this->begin(); it != this->end(); it++) + for (typename _Map::const_iterator it = begin(); it != end(); it++) it->second->dump(); } diff --git a/src/token.cpp b/src/token.cpp index 1447bcf..faf7172 100644 --- a/src/token.cpp +++ b/src/token.cpp @@ -149,8 +149,8 @@ void Token::resetAcls() mResetLevel++; secdebug("token", "%p reset (level=%d, propagating to %ld common(s)", this, mResetLevel, mCommons.size()); - for (CommonSet::const_iterator it = mCommons.begin(); it != mCommons.end(); ) - RefPointer(*it++)->resetAcls(); + for (CommonSet::const_iterator it = mCommons.begin(); it != mCommons.end(); it++) + RefPointer(*it)->resetAcls(); } void Token::addCommon(TokenDbCommon &dbc) diff --git a/src/tokend.cpp b/src/tokend.cpp index 350752f..1707618 100644 --- a/src/tokend.cpp +++ b/src/tokend.cpp @@ -177,13 +177,6 @@ bool TokenDaemon::probe() } -// -// FaultRelay -// -FaultRelay::~FaultRelay() -{ /* virtual */ } - - // // Debug dump support // diff --git a/src/tokend.h b/src/tokend.h index e4b808a..6e407ab 100644 --- a/src/tokend.h +++ b/src/tokend.h @@ -41,7 +41,6 @@ // class FaultRelay { public: - virtual ~FaultRelay(); virtual void relayFault(bool async) = 0; }; diff --git a/src/tokendatabase.cpp b/src/tokendatabase.cpp index f53f401..fcbee16 100644 --- a/src/tokendatabase.cpp +++ b/src/tokendatabase.cpp @@ -48,9 +48,9 @@ Token &TokenDbCommon::token() const return parent(); } -const std::string &TokenDbCommon::dbName() const +string TokenDbCommon::dbName() const { - return token().printName(); + return token().printName().c_str(); } diff --git a/src/tokendatabase.h b/src/tokendatabase.h index 60361c3..fa177a9 100644 --- a/src/tokendatabase.h +++ b/src/tokendatabase.h @@ -59,7 +59,7 @@ public: Token &token() const; uint32 subservice() const { return token().subservice(); } - const std::string &dbName() const; + std::string dbName() const; Adornable &store(); void resetAcls(); -- 2.45.2