I have been trying to debug my CSSM_MDS_ERROR problem unscuccessfully. But in the meantime, the following code caught my eye:
If I am not wrong, it means no one other then Apple can write a CSP plugin. I am planning to write a CSPDL plugin - looking at the code, it seem that will prevented as well.
Can someone please verify this please?
#if defined(RESTRICTED_CSP_LOADING)
static const char * const allowedCSPs[] = {
"/System/Library/Security/AppleCSP.bundle",
"/System/Library/Security/AppleCSPDL.bundle",
NULL
};
#endif
//
// Load a module (well, try).
//
void CssmManager::loadModule(const Guid &guid,
CSSM_KEY_HIERARCHY,
const ModuleCallback &callback)
{
StLock<Mutex> _(mLock);
ModuleMap::iterator it = moduleMap.find(guid);
Module *module;
if (it == moduleMap.end()) {
MdsComponent info(guid);
#if defined(RESTRICTED_CSP_LOADING)
// An abominable temporary hack for legal reasons. They made me do it!
if (info.supportsService(CSSM_SERVICE_CSP)) {
string loadPath = info.path();
for (const char * const *pp = allowedCSPs; *pp; pp++)
if (loadPath == *pp)
goto allowed;
secdebug("soumik", "load disallowed!!!!!");
CssmError::throwMe(CSSM_ERRCODE_MODULE_MANIFEST_VERIFY_FAILED);
allowed: ;
}
#endif
secdebug("cssm", "loading module %s(%s) from %s",
info.name().c_str(), info.description().c_str(), info.path().c_str());
module = new Module(this, info, loader(info.path()));
moduleMap[guid] = module;
} else {
module = it->second;
secdebug("cssm", "%p reloaded module %s(%s) at %s",
module, module->name().c_str(), module->description().c_str(),
module->path().c_str());
}
// We are not playing the "key hierarchy" game around here.
// if we did, this is where we'd check the manifest.
module->add(callback);
}
________________________________
From: Soumik.Sarkar
Sent: Thu 6/1/2006 2:12 PM
To: email@hidden
Subject: CSSM_MDS_ERROR
I wrote a simple CSSM CF bundle and put it's GUID into ~/Library/Preferences/com.apple.Security.plist
The certificate assistant shows my plugin in it's list of "Keychain" on the "Specify a location for the Certificate" dialog.
But when I select my plugin and click Continue, I get an CSSM_MDS_ERROR.
I am using the exact mdsinfo files that are used by the libsecurity_apple_cspdl-24834 project (after modifying the relevant values)
....
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
