Keychain wierdness
Keychain wierdness
- Subject: Keychain wierdness
- From: Lorenzo Thurman <email@hidden>
- Date: Fri, 14 Jan 2005 00:54:19 -0600
I have some sample code from the book, "Mac OS X and
Core Unix Programming" that retrieves password and attribute data from
the Generic items in the Keychain. It works OK when I run in my account and fins all of
the generic items, but when I run it from another account on the same computer, I get lots of errors
like this:
Error = -25308
3 access control lists
0: ACL Safari Forms AutoFill - Does not require passphrase
1 trusted applications
/Applications/Safari.app
1: ACL Safari Forms AutoFill - Does not require passphrase
No application list
2: ACL Safari Forms AutoFill - Does not require passphrase
0 trusted applications
Whereas, I see this under my account:
attribute 0 is more than 1K
attribute 1 is more than 1K
attribute 2 is more than 1K
attribute 3 is more than 1K
3 access control lists
0: ACL Safari Forms AutoFill - Does not require passphrase
No application list
1: ACL Safari Forms AutoFill - Does not require passphrase
8 trusted applications
/Applications/Safari.app
/Applications/Safari.app
/Applications/Safari.app
/Applications/Internet/Safari.app
/Applications/Internet/Safari.app
/Volumes/Gandalf/Applications/Internet/Safari.app
/Applications/Internet/Safari.app
/Users/lorenzo/Documents/Development/Cocoa/DumpKeychain/build/DumpKeychain.app
2: ACL Safari Forms AutoFill - Does not require passphrase
0 trusted applications
What is the -25308 (
Interaction with the Security Server is not allowed.) error all about? This is the only info at Apple;s site I can find:
http://developer.apple.com/documentation/Security/Reference/keychainservices/keychainServRef/ResultCodes.html. Googling the error message returns a lone link pointing to the same page.
Also, I found that if I change the item class constant, to kSecAppleSharePasswordItemClass while leaving the attributes parameter to nil, I can find all of the AppleShare passwords in my account, but again, I get errors like the above on the secondary account and no AppleShare items are found, this includes one AppleShare item that is in common between both accounts.
So if anyone can give me any pointers, I'd appreciate it.
The source for the program is here:
http://borkware.com/corebook/resource-view?chapter_number=17
But here is the main function, where the item should retrieved:
int main (int argc, char *argv[])
{
SecKeychainSearchRef search;
SecKeychainItemRef item;
SecKeychainAttributeList list;
SecKeychainAttribute attribute;
OSErr result;
int i = 0;
// create an attribute list with just one attribute specified
// (You will want to change these to match a user name that you
// have on your key chain)
attribute.tag = kSecAccountItemAttr;
attribute.length = strlen("not used");
attribute.data = "not used";
list.count = 1;
list.attr = &attribute;
result = SecKeychainSearchCreateFromAttributes
(NULL, kSecGenericPasswordItemClass,
nil, &search);
if (result != noErr) {
printf ("status %d from "
"SecKeychainSearchCreateFromAttributes\n",
result);
}
while (SecKeychainSearchCopyNext (search, &item) == noErr) {
dumpItem (item);
// Get the SecAccess
SecAccessRef access;
SecKeychainItemCopyAccess(item, &access);
showAccess(access);
CFRelease(access);
CFRelease (item);
i++;
}
printf ("%d items found\n", i);
CFRelease (search);
return (EXIT_SUCCESS);
}
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden