Exemple #1
0
/*! \internal

Collect credentials from cs2 to cs1 which have already been selected into
cl1 and cl2.

- Credentials in cl2 that are not in cl1 will get added to cs1
- Credentials in cl1 that are not in cl2 will get removed from cs1
- Credentials in cl1 and cl2 will be updated in cs1

cl1 and cl2 will be modified.
*/
khm_int32 
kcdb_credset_collect_core(kcdb_credset * cs1,
                          kcdb_cred ** cl1,
                          khm_int32 ncl1,
                          kcdb_credset * cs2,
                          kcdb_cred ** cl2,
                          khm_int32 ncl2,
                          khm_int32 * delta)
{
    int i, j;
    int ldelta = 0;
    khm_int32 rv;

    /* find matching creds and update them */
    for(i=0; i<ncl1; i++) 
        if(cl1[i]) {
            for(j=0; j<ncl2; j++) 
                if(cl2[j] && kcdb_creds_is_equal((khm_handle) cl1[i], (khm_handle) cl2[j])) {
                    /* they are equivalent. make them equal */

                    /* depending on whether any changes were made,
                        update ldelta with the proper bit flag */

                    rv = kcdb_cred_update(cl1[i], cl2[j]);
                    if (rv == KHM_ERROR_SUCCESS) {
                        kcdb_credset_update_cred_ref((khm_handle) cs1, (khm_handle) cl1[i]);
                        ldelta |= KCDB_DELTA_MODIFY;
                    }

                    cl2[j] = NULL;
                    cl1[i] = NULL;
                    break;
                }
        }

    /* all the creds that are left in cl1 need to be removed */
    for(i=0; i<ncl1; i++)
        if(cl1[i]) {
            kcdb_credset_del_cred_ref((khm_handle) cs1, (khm_handle) cl1[i]);
            cl1[i] = NULL;
            ldelta |= KCDB_DELTA_DEL;
        }

    /* all the creds in cl2 need to be added to cs1 */
    for(j=0; j<ncl2; j++)
        if(cl2[j]) {
            /* duplicate the credential and add it if we are adding it to the
               root credential store. */
            if(cs1 == kcdb_root_credset) {
                khm_handle h;

                if(KHM_SUCCEEDED(kcdb_cred_dup((khm_handle) cl2[j], &h))) {
                    kcdb_credset_add_cred((khm_handle) cs1, h, -1);
                    kcdb_cred_release(h);
                }
            } else
                kcdb_credset_add_cred((khm_handle) cs1, cl2[j], -1);
            cl2[j] = NULL;
            ldelta |= KCDB_DELTA_ADD;
        }

    if(delta)
        *delta = ldelta;

    if((cs1 == kcdb_root_credset) && ldelta) {
        /* something changed in the root credential set */
        kmq_post_message(KMSG_CRED,KMSG_CRED_ROOTDELTA,ldelta,NULL);
    }
    return KHM_ERROR_SUCCESS;
}
Exemple #2
0
/*! \internal

  Collect credentials from cs_src to cs_dest which have already been
  selected into cl_dest and cl_src.

  - Credentials in cl_src that are not in cl_dest will get added to
    cs_dest

  - Credentials in cl_dest that are not in cl_src will get removed
    from cs_dest

  - Credentials in cl_dest and cl_src will be updated in cs_dest

  cl_dest and cl_src will be modified.
*/
khm_int32
kcdb_credset_collect_core(kcdb_credset * cs_dest,
                          kcdb_cred ** cl_dest,
                          khm_int32 ncl_dest,
                          kcdb_credset * cs_src,
                          kcdb_cred ** cl_src,
                          khm_int32 ncl_src,
                          khm_int32 * delta)
{
    int i, j;
    int ldelta = 0;
    khm_int32 rv;
    khm_boolean dest_is_root;
    khm_handle last_identity = NULL;

    dest_is_root = (cs_dest == kcdb_root_credset);

    /* find matching credentials and update them */
    for (i=0; i < ncl_dest; i++) {
        if (cl_dest[i]) {
            for (j=0; j < ncl_src; j++) {
                if (cl_src[j] &&
                    kcdb_creds_is_equal((khm_handle) cl_dest[i], (khm_handle) cl_src[j])) {

                    /* depending on whether any changes were made,
                       update ldelta with the proper bit flag */

                    rv = kcdb_cred_update(cl_dest[i], cl_src[j]);
                    if (rv == KHM_ERROR_SUCCESS) {
                        kcdb_credset_update_cred_ref((khm_handle) cs_dest,
                                                     (khm_handle) cl_dest[i]);
                        ldelta |= KCDB_DELTA_MODIFY;

                        if (dest_is_root)
                            check_and_set_refresh_bit_for_identity(cl_dest[i],
                                                                   &last_identity);
                    }

                    cl_src[j] = NULL;
                    cl_dest[i] = NULL;
                    break;
                }
            }
        }
    }

    /* all the creds that are left in cl_dest need to be removed */
    for (i=0; i < ncl_dest; i++) {
        if (cl_dest[i]) {
            if (dest_is_root)
                check_and_set_refresh_bit_for_identity(cl_dest[i],
                                                       &last_identity);

            kcdb_credset_del_cred_ref((khm_handle) cs_dest, (khm_handle) cl_dest[i]);
            ldelta |= KCDB_DELTA_DEL;

            cl_dest[i] = NULL;
        }
    }

    /* all the creds in cl_src need to be added to cs_dest */
    for (j=0; j < ncl_src; j++) {
        if (cl_src[j]) {
            /* duplicate the credential and add it if we are adding it
               to or from the root credential store. */
            if (cs_dest == kcdb_root_credset ||
                cs_src == kcdb_root_credset) {
                khm_handle h;

                if (KHM_SUCCEEDED(kcdb_cred_dup((khm_handle) cl_src[j], &h))) {
                    kcdb_credset_add_cred((khm_handle) cs_dest, h, -1);
                    kcdb_cred_release(h);
                }
            } else {
                kcdb_credset_add_cred((khm_handle) cs_dest, cl_src[j], -1);
            }

            if (dest_is_root)
                check_and_set_refresh_bit_for_identity(cl_src[j],
                                                       &last_identity);
            cl_src[j] = NULL;
            ldelta |= KCDB_DELTA_ADD;
        }
    }

    if (last_identity) {
        kcdb_identity_release(last_identity);
        last_identity = NULL;
    }

    if (delta)
        *delta = ldelta;

    if (dest_is_root && ldelta) {
        /* something changed in the root credential set */
        kmq_post_message(KMSG_CRED,KMSG_CRED_ROOTDELTA,ldelta,NULL);
    }
    return KHM_ERROR_SUCCESS;
}