// // The main driver. // This scans a database for referral records and forms corresponding // credentials to trigger unlocks. // Returns true if any valid unlock credentials were found; false otherwise. // Only throws if the database is messed up. // bool DefaultCredentials::operator () (Db database) { if (!mMade) { try { // before we do anything else, see if we have a relation in the database of the appropriate type KeychainSchema keychainSchema = mKeychainImpl->keychainSchema(); if (keychainSchema->hasRecordType(UnlockReferralRecord::recordType)) { clear(); Table<UnlockReferralRecord> referrals(database); for (Table<UnlockReferralRecord>::iterator it = referrals.begin(); it != referrals.end(); it++) { switch ((*it)->type()) { case CSSM_APPLE_UNLOCK_TYPE_KEY_DIRECT: case CSSM_APPLE_UNLOCK_TYPE_WRAPPED_PRIVATE: keyReferral(**it); break; default: secdebug("kcreferral", "referral type %lu (to %s) not supported", (unsigned long)(*it)->type(), (*it)->dbName().c_str()); break; } } } secdebug("kcreferral", "%lu samples generated", (unsigned long)size()); } catch (...) { secdebug("kcreferral", "exception setting default credentials for %s; using standard value", database->name()); } mMade = true; } return size() > 0; // got credentials? }