void GemaltoToken::_aclClear(AutoAclEntryInfoList& acl) { if (acl == true) { DataWalkers::ChunkFreeWalker w(acl.allocator()); for (uint32 ix = 0; ix < acl.size(); ix++) walk(w, acl.at(ix)); acl.size(0); } }
void SDDLSession::PassThrough(CSSM_DB_HANDLE inDbHandle, uint32 inPassThroughId, const void *inInputParams, void **outOutputParams) { switch (inPassThroughId) { case CSSM_APPLECSPDL_DB_LOCK: mClientSession.lock(ClientSession::toIPCHandle(inDbHandle)); break; case CSSM_APPLECSPDL_DB_UNLOCK: { TrackingAllocator track(Allocator::standard()); AutoCredentials creds(track); creds.tag("PIN1"); if (inInputParams) creds += TypedList(track, CSSM_SAMPLE_TYPE_PASSWORD, new (track) ListElement(track, *reinterpret_cast<const CssmData *>(inInputParams))); else creds += TypedList(track, CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD, new (track) ListElement(track, CssmData())); Authenticate(inDbHandle, CSSM_DB_ACCESS_READ, creds); break; } case CSSM_APPLECSPDL_DB_IS_LOCKED: { if (!outOutputParams) CssmError::throwMe(CSSM_ERRCODE_INVALID_OUTPUT_POINTER); bool isLocked = mClientSession.isLocked(ClientSession::toIPCHandle(inDbHandle)); CSSM_APPLECSPDL_DB_IS_LOCKED_PARAMETERS_PTR params = DatabaseSession::alloc<CSSM_APPLECSPDL_DB_IS_LOCKED_PARAMETERS>(); params->isLocked = isLocked; *reinterpret_cast<CSSM_APPLECSPDL_DB_IS_LOCKED_PARAMETERS_PTR *> (outOutputParams) = params; break; } case CSSM_APPLECSPDL_DB_CHANGE_PASSWORD: { if (!inInputParams) CssmError::throwMe(CSSM_ERRCODE_INVALID_INPUT_POINTER); const CSSM_APPLECSPDL_DB_CHANGE_PASSWORD_PARAMETERS *params = reinterpret_cast <const CSSM_APPLECSPDL_DB_CHANGE_PASSWORD_PARAMETERS *> (inInputParams); AutoAclEntryInfoList acls /* (mClientSession.allocator()) */; CSSM_STRING tag = { 'P', 'I', 'N', '1' }; GetDbAcl(inDbHandle, &tag, *static_cast<uint32 *>(acls), *static_cast<CSSM_ACL_ENTRY_INFO **>(acls)); if (acls.size() == 0) CssmError::throwMe(CSSM_ERRCODE_ACL_ENTRY_TAG_NOT_FOUND); const AclEntryInfo &slot = acls.at(0); if (acls.size() > 1) secinfo("acl", "Using entry handle %ld from %d total candidates", slot.handle(), acls.size()); AclEdit edit(slot.handle(), slot.proto()); ChangeDbAcl(inDbHandle, AccessCredentials::required(params->accessCredentials), edit); break; } case CSSM_APPLECSPDL_DB_RELATION_EXISTS: { // We always return true so that the individual tokend can decide if (!outOutputParams) CssmError::throwMe(CSSM_ERRCODE_INVALID_OUTPUT_POINTER); *reinterpret_cast<CSSM_BOOL *>(outOutputParams) = true; break; } default: CssmError::throwMe(CSSM_ERRCODE_INVALID_PASSTHROUGH_ID); } }