KHMEXP khm_int32 KHMAPI
kcdb_credset_collect_filtered(khm_handle cs_dest,
khm_handle cs_src,
kcdb_cred_filter_func filter,
void * rock,
khm_int32 * delta)
{
kcdb_credset * cs;
kcdb_credset * rcs;
khm_int32 code = KHM_ERROR_SUCCESS;
kcdb_cred ** r_sel = NULL;
kcdb_cred ** c_sel = NULL;
int nr_sel, nc_sel;
int i;
khm_int32 cs_f = 0;
khm_int32 rcs_f = 0;
if((cs_src && !kcdb_credset_is_credset(cs_src)) ||
(cs_dest && !kcdb_credset_is_credset(cs_dest)) ||
(cs_src == cs_dest)) /* works because credsets use shared
handles */
return KHM_ERROR_INVALID_PARAM;
if(cs_src)
cs = (kcdb_credset *) cs_src;
else {
cs = kcdb_root_credset;
cs_f = KCDB_CREDCOLL_FILTER_ROOT;
}
if(cs_dest)
rcs = (kcdb_credset *) cs_dest;
else {
rcs = kcdb_root_credset;
rcs_f = KCDB_CREDCOLL_FILTER_ROOT;
}
if (kcdb_credset_is_sealed(rcs))
return KHM_ERROR_INVALID_OPERATION;
EnterCriticalSection(&(cs->cs));
EnterCriticalSection(&(rcs->cs));
#ifdef DEBUG
assert(!(rcs->flags & KCDB_CREDSET_FLAG_ENUM));
assert(!(cs->flags & KCDB_CREDSET_FLAG_ENUM));
#endif
if(rcs->nclist)
r_sel = PMALLOC(sizeof(kcdb_cred *) * rcs->nclist);
if(cs->nclist)
c_sel = PMALLOC(sizeof(kcdb_cred *) * cs->nclist);
nr_sel = 0;
nc_sel = 0;
rcs->flags |= KCDB_CREDSET_FLAG_ENUM;
for(i=0; i<rcs->nclist; i++) {
if(rcs->clist[i].cred &&
(*filter)((khm_handle)rcs->clist[i].cred,
KCDB_CREDCOLL_FILTER_DEST | rcs_f,
rock))
{
r_sel[nr_sel++] = rcs->clist[i].cred;
}
}
rcs->flags &= ~KCDB_CREDSET_FLAG_ENUM;
cs->flags |= KCDB_CREDSET_FLAG_ENUM;
for(i=0; i<cs->nclist; i++) {
if(cs->clist[i].cred && filter((khm_handle)rcs->clist[i].cred, KCDB_CREDCOLL_FILTER_SRC | cs_f, rock))
{
c_sel[nc_sel++] = cs->clist[i].cred;
}
}
cs->flags &= ~KCDB_CREDSET_FLAG_ENUM;
rcs->version++;
code = kcdb_credset_collect_core(
rcs,
r_sel,
nr_sel,
cs,
c_sel,
nc_sel,
delta);
LeaveCriticalSection(&(rcs->cs));
LeaveCriticalSection(&(cs->cs));
if(r_sel)
PFREE(r_sel);
if(c_sel)
PFREE(c_sel);
if (cs_dest == NULL) {
kcdb_identity_refresh_all();
}
return code;
}
KHMEXP khm_int32 KHMAPI
kcdb_credset_collect_filtered(khm_handle h_cs_dest,
khm_handle h_cs_src,
kcdb_cred_filter_func filter,
void * rock,
khm_int32 * delta)
{
kcdb_credset * cs_src;
kcdb_credset * cs_dest;
khm_int32 code = KHM_ERROR_SUCCESS;
kcdb_cred ** clist_dest = NULL;
kcdb_cred ** clist_src = NULL;
int nclist_dest, nclist_src;
int i;
khm_int32 cs_src_f = 0;
khm_int32 cs_dest_f = 0;
if((h_cs_src && !kcdb_credset_is_credset(h_cs_src)) ||
(h_cs_dest && !kcdb_credset_is_credset(h_cs_dest)) ||
(h_cs_src == h_cs_dest)) /* works because credsets use shared
handles */
return KHM_ERROR_INVALID_PARAM;
if(h_cs_src)
cs_src = (kcdb_credset *) h_cs_src;
else {
cs_src = kcdb_root_credset;
cs_src_f = KCDB_CREDCOLL_FILTER_ROOT;
}
if(h_cs_dest)
cs_dest = (kcdb_credset *) h_cs_dest;
else {
cs_dest = kcdb_root_credset;
cs_dest_f = KCDB_CREDCOLL_FILTER_ROOT;
}
if (kcdb_credset_is_sealed(cs_dest))
return KHM_ERROR_INVALID_OPERATION;
if (cs_src < cs_dest) {
EnterCriticalSection(&(cs_src->cs));
EnterCriticalSection(&(cs_dest->cs));
} else {
EnterCriticalSection(&(cs_dest->cs));
EnterCriticalSection(&(cs_src->cs));
}
#ifdef DEBUG
assert(!(cs_dest->flags & KCDB_CREDSET_FLAG_ENUM));
assert(!(cs_src->flags & KCDB_CREDSET_FLAG_ENUM));
#endif
if (cs_dest->nclist)
clist_dest = PMALLOC(sizeof(kcdb_cred *) * cs_dest->nclist);
if (cs_src->nclist)
clist_src = PMALLOC(sizeof(kcdb_cred *) * cs_src->nclist);
nclist_dest = 0;
nclist_src = 0;
cs_dest->flags |= KCDB_CREDSET_FLAG_ENUM;
for (i=0; i < cs_dest->nclist; i++) {
if (cs_dest->clist[i].cred &&
(*filter)((khm_handle)cs_dest->clist[i].cred,
KCDB_CREDCOLL_FILTER_DEST | cs_dest_f,
rock)) {
clist_dest[nclist_dest++] = cs_dest->clist[i].cred;
}
}
cs_dest->flags &= ~KCDB_CREDSET_FLAG_ENUM;
cs_src->flags |= KCDB_CREDSET_FLAG_ENUM;
for (i=0; i < cs_src->nclist; i++) {
if (cs_src->clist[i].cred &&
(*filter)((khm_handle)cs_src->clist[i].cred,
KCDB_CREDCOLL_FILTER_SRC | cs_src_f,
rock)) {
clist_src[nclist_src++] = cs_src->clist[i].cred;
}
}
cs_src->flags &= ~KCDB_CREDSET_FLAG_ENUM;
cs_dest->version++;
code = kcdb_credset_collect_core(cs_dest, clist_dest, nclist_dest,
cs_src, clist_src, nclist_src,
delta);
LeaveCriticalSection(&(cs_dest->cs));
LeaveCriticalSection(&(cs_src->cs));
if(clist_dest)
PFREE(clist_dest);
if(clist_src)
PFREE(clist_src);
if (h_cs_dest == NULL) {
kcdb_identity_refresh_all();
}
return code;
}
KHMEXP khm_int32 KHMAPI
kcdb_credset_collect(khm_handle cs_dest,
khm_handle cs_src,
khm_handle identity,
khm_int32 type,
khm_int32 * delta)
{
kcdb_credset * cs;
kcdb_credset * rcs;
khm_int32 code = KHM_ERROR_SUCCESS;
kcdb_cred ** r_sel = NULL;
kcdb_cred ** c_sel = NULL;
int nr_sel, nc_sel;
int i;
if((cs_src && !kcdb_credset_is_credset(cs_src)) ||
(cs_dest && !kcdb_credset_is_credset(cs_dest)) ||
(cs_src == cs_dest)) /* works because credsets use shared
handles */
return KHM_ERROR_INVALID_PARAM;
if(identity && !kcdb_is_active_identity(identity))
return KHM_ERROR_INVALID_PARAM;
if(cs_src)
cs = (kcdb_credset *) cs_src;
else
cs = kcdb_root_credset;
if(cs_dest)
rcs = (kcdb_credset *) cs_dest;
else
rcs = kcdb_root_credset;
if (kcdb_credset_is_sealed(rcs))
return KHM_ERROR_INVALID_OPERATION;
EnterCriticalSection(&(cs->cs));
EnterCriticalSection(&(rcs->cs));
/* enumerate through the root and given credential sets and select
the ones we want */
if(rcs->nclist > 0)
r_sel = PMALLOC(sizeof(kcdb_cred *) * rcs->nclist);
if(cs->nclist > 0)
c_sel = PMALLOC(sizeof(kcdb_cred *) * cs->nclist);
nr_sel = 0;
nc_sel = 0;
for(i=0; i<rcs->nclist; i++) {
if(rcs->clist[i].cred &&
(!identity || rcs->clist[i].cred->identity == identity) &&
(type==KCDB_CREDTYPE_ALL || rcs->clist[i].cred->type == type))
{
r_sel[nr_sel++] = rcs->clist[i].cred;
}
}
for(i=0; i<cs->nclist; i++) {
if(cs->clist[i].cred &&
(!identity || cs->clist[i].cred->identity == identity) &&
(type==KCDB_CREDTYPE_ALL || cs->clist[i].cred->type == type))
{
c_sel[nc_sel++] = cs->clist[i].cred;
}
}
rcs->version++;
code = kcdb_credset_collect_core(
rcs,
r_sel,
nr_sel,
cs,
c_sel,
nc_sel,
delta);
LeaveCriticalSection(&(rcs->cs));
LeaveCriticalSection(&(cs->cs));
if(r_sel)
PFREE(r_sel);
if(c_sel)
PFREE(c_sel);
if (cs_dest == NULL) {
kcdb_identity_refresh_all();
}
return code;
}
KHMEXP khm_int32 KHMAPI
kcdb_credset_collect(khm_handle h_cs_dest,
khm_handle h_cs_src,
khm_handle identity,
khm_int32 type_id,
khm_int32 * delta)
{
kcdb_credset * cs_source;
kcdb_credset * cs_dest;
khm_int32 code = KHM_ERROR_SUCCESS;
kcdb_cred ** clist_dest = NULL;
kcdb_cred ** clist_src = NULL;
int nclist_dest, nclist_src;
int i;
if ((h_cs_src && !kcdb_credset_is_credset(h_cs_src)) ||
(h_cs_dest && !kcdb_credset_is_credset(h_cs_dest)) ||
(h_cs_src == h_cs_dest)) /* works because credsets use shared
handles */
return KHM_ERROR_INVALID_PARAM;
if(identity && !kcdb_is_active_identity(identity))
return KHM_ERROR_INVALID_PARAM;
if(h_cs_src)
cs_source = (kcdb_credset *) h_cs_src;
else
cs_source = kcdb_root_credset;
if(h_cs_dest)
cs_dest = (kcdb_credset *) h_cs_dest;
else
cs_dest = kcdb_root_credset;
if (kcdb_credset_is_sealed(cs_dest))
return KHM_ERROR_INVALID_OPERATION;
if (cs_source < cs_dest) {
EnterCriticalSection(&(cs_source->cs));
EnterCriticalSection(&(cs_dest->cs));
} else {
EnterCriticalSection(&(cs_dest->cs));
EnterCriticalSection(&(cs_source->cs));
}
/* enumerate through the root and given credential sets and select
the ones we want */
if(cs_dest->nclist > 0)
clist_dest = PMALLOC(sizeof(kcdb_cred *) * cs_dest->nclist);
if(cs_source->nclist > 0)
clist_src = PMALLOC(sizeof(kcdb_cred *) * cs_source->nclist);
nclist_dest = 0;
nclist_src = 0;
for(i=0; i < cs_dest->nclist; i++) {
if(cs_dest->clist[i].cred &&
(!identity || cs_dest->clist[i].cred->identity == identity) &&
(type_id==KCDB_CREDTYPE_ALL || cs_dest->clist[i].cred->type == type_id)) {
clist_dest[nclist_dest++] = cs_dest->clist[i].cred;
}
}
for(i=0; i < cs_source->nclist; i++) {
if(cs_source->clist[i].cred &&
(!identity || cs_source->clist[i].cred->identity == identity) &&
(type_id==KCDB_CREDTYPE_ALL || cs_source->clist[i].cred->type == type_id)) {
clist_src[nclist_src++] = cs_source->clist[i].cred;
}
}
cs_dest->version++;
code = kcdb_credset_collect_core(cs_dest, clist_dest, nclist_dest,
cs_source, clist_src, nclist_src,
delta);
LeaveCriticalSection(&(cs_dest->cs));
LeaveCriticalSection(&(cs_source->cs));
if(clist_dest)
PFREE(clist_dest);
if(clist_src)
PFREE(clist_src);
if (h_cs_dest == NULL) {
kcdb_identity_refresh_all();
}
return code;
}
