2 * keydb_db4.c - Routines to store and fetch keys in a DB4 database.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 #include <sys/types.h>
33 #include "charfuncs.h"
37 #include "decodekey.h"
38 #include "keystructs.h"
41 #include "onak-conf.h"
45 #define DB4_UPGRADE_FILE "db_upgrade.lck"
47 struct onak_db4_dbctx {
48 DB_ENV *dbenv; /* The database environment context */
49 int numdbs; /* Number of data databases in use */
50 DB **dbconns; /* Connections to the key data databases */
51 DB *worddb; /* Connection to the word lookup database */
52 DB *id32db; /* Connection to the 32 bit ID lookup database */
53 DB *id64db; /* Connection to the 64 bit ID lookup database */
54 DB *skshashdb; /* Connection to the SKS hash database */
55 DB *subkeydb; /* Connection to the subkey ID lookup database */
56 DB_TXN *txn; /* Our current transaction ID */
59 DB *keydb_id(struct onak_db4_dbctx *privctx, uint64_t keyid)
65 return(privctx->dbconns[keytrun % privctx->numdbs]);
68 DB *keydb_fp(struct onak_db4_dbctx *privctx, struct openpgp_fingerprint *fp)
72 keytrun = (fp->fp[4] << 24) |
77 return(privctx->dbconns[keytrun % privctx->numdbs]);
81 * db4_errfunc - Direct DB errors to logfile
83 * Basic function to take errors from the DB library and output them to
84 * the logfile rather than stderr.
86 #if (DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR < 3)
87 static void db4_errfunc(const char *errpfx, const char *errmsg)
89 static void db4_errfunc(const DB_ENV *edbenv, const char *errpfx,
94 logthing(LOGTHING_DEBUG, "db4 error: %s:%s", errpfx, errmsg);
96 logthing(LOGTHING_DEBUG, "db4 error: %s", errmsg);
103 * starttrans - Start a transaction.
105 * Start a transaction. Intended to be used if we're about to perform many
106 * operations on the database to help speed it all up, or if we want
107 * something to only succeed if all relevant operations are successful.
109 static bool db4_starttrans(struct onak_dbctx *dbctx)
111 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
114 log_assert(privctx->dbenv != NULL);
115 log_assert(privctx->txn == NULL);
117 ret = privctx->dbenv->txn_begin(privctx->dbenv,
118 NULL, /* No parent transaction */
122 logthing(LOGTHING_CRITICAL,
123 "Error starting transaction: %s",
132 * endtrans - End a transaction.
134 * Ends a transaction.
136 static void db4_endtrans(struct onak_dbctx *dbctx)
138 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
141 log_assert(privctx->dbenv != NULL);
142 log_assert(privctx->txn != NULL);
144 ret = privctx->txn->commit(privctx->txn,
147 logthing(LOGTHING_CRITICAL,
148 "Error ending transaction: %s",
158 * db4_upgradedb - Upgrade a DB4 database
160 * Called if we discover we need to upgrade our DB4 database; ie if
161 * we're running with a newer version of db4 than the database was
164 static int db4_upgradedb(struct onak_dbctx *dbctx)
166 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
175 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
177 lockfile_fd = open(buf, O_RDWR | O_CREAT | O_EXCL, 0600);
178 if (lockfile_fd < 0) {
179 if (errno == EEXIST) {
180 while (stat(buf, &statbuf) == 0) ;
183 logthing(LOGTHING_CRITICAL, "Couldn't open database "
184 "update lock file: %s", strerror(errno));
188 snprintf(buf, sizeof(buf) - 1, "%d", getpid());
189 written = write(lockfile_fd, buf, strlen(buf));
191 if (written != strlen(buf)) {
192 logthing(LOGTHING_CRITICAL, "Couldn't write PID to lockfile: "
193 "%s", strerror(errno));
194 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
200 logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
201 ret = db_env_create(&privctx->dbenv, 0);
203 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
204 privctx->dbenv->remove(privctx->dbenv, dbctx->config->location, 0);
205 privctx->dbenv = NULL;
207 for (i = 0; i < privctx->numdbs; i++) {
208 ret = db_create(&curdb, NULL, 0);
210 snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
211 dbctx->config->location, i);
212 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
213 curdb->upgrade(curdb, buf, 0);
214 curdb->close(curdb, 0);
216 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
222 ret = db_create(&curdb, NULL, 0);
224 snprintf(buf, sizeof(buf) - 1, "%s/worddb", dbctx->config->location);
225 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
226 curdb->upgrade(curdb, buf, 0);
227 curdb->close(curdb, 0);
229 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
234 ret = db_create(&curdb, NULL, 0);
236 snprintf(buf, sizeof(buf) - 1, "%s/id32db", dbctx->config->location);
237 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
238 curdb->upgrade(curdb, buf, 0);
239 curdb->close(curdb, 0);
241 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
246 ret = db_create(&curdb, NULL, 0);
248 snprintf(buf, sizeof(buf) - 1, "%s/id64db", dbctx->config->location);
249 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
250 curdb->upgrade(curdb, buf, 0);
251 curdb->close(curdb, 0);
253 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
258 ret = db_create(&curdb, NULL, 0);
260 snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", dbctx->config->location);
261 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
262 curdb->upgrade(curdb, buf, 0);
263 curdb->close(curdb, 0);
265 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
270 ret = db_create(&curdb, NULL, 0);
272 snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", dbctx->config->location);
273 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
274 curdb->upgrade(curdb, buf, 0);
275 curdb->close(curdb, 0);
277 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
282 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
290 * getfullkeyid - Maps a 32bit key id to a 64bit one.
291 * @keyid: The 32bit keyid.
293 * This function maps a 32bit key id to the full 64bit one. It returns the
294 * full keyid. If the key isn't found a keyid of 0 is returned.
296 static uint64_t db4_getfullkeyid(struct onak_dbctx *dbctx, uint64_t keyid)
298 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
301 uint32_t shortkeyid = 0;
305 if (keyid < 0x100000000LL) {
306 ret = privctx->id32db->cursor(privctx->id32db,
315 shortkeyid = keyid & 0xFFFFFFFF;
317 memset(&key, 0, sizeof(key));
318 memset(&data, 0, sizeof(data));
319 key.data = &shortkeyid;
320 key.size = sizeof(shortkeyid);
321 data.flags = DB_DBT_MALLOC;
323 ret = cursor->c_get(cursor,
329 if (data.size == 8) {
330 keyid = * (uint64_t *) data.data;
333 for (i = 12; i < 20; i++) {
335 keyid |= ((uint8_t *) data.data)[i];
339 if (data.data != NULL) {
345 cursor->c_close(cursor);
353 * fetch_key_fp - Given a fingerprint fetch the key from storage.
355 static int db4_fetch_key_fp(struct onak_dbctx *dbctx,
356 struct openpgp_fingerprint *fingerprint,
357 struct openpgp_publickey **publickey,
360 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
361 struct openpgp_packet_list *packets = NULL;
365 struct buffer_ctx fetchbuf;
366 struct openpgp_fingerprint subfp;
368 memset(&key, 0, sizeof(key));
369 memset(&data, 0, sizeof(data));
374 key.size = fingerprint->length;
375 key.data = fingerprint->fp;
378 db4_starttrans(dbctx);
381 ret = keydb_fp(privctx, fingerprint)->get(keydb_fp(privctx,
388 if (ret == DB_NOTFOUND) {
389 /* If we didn't find the key ID see if it's a subkey ID */
390 memset(&key, 0, sizeof(key));
391 memset(&data, 0, sizeof(data));
392 data.data = subfp.fp;
393 data.ulen = MAX_FINGERPRINT_LEN;
394 data.flags = DB_DBT_USERMEM;
395 key.data = fingerprint->fp;
396 key.size = fingerprint->length;
398 ret = privctx->subkeydb->get(privctx->subkeydb,
405 /* We got a subkey match; retrieve the actual key */
406 memset(&key, 0, sizeof(key));
407 key.size = subfp.length = data.size;
410 memset(&data, 0, sizeof(data));
414 ret = keydb_fp(privctx, &subfp)->get(
415 keydb_fp(privctx, &subfp),
424 fetchbuf.buffer = data.data;
426 fetchbuf.size = data.size;
427 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
429 parse_keys(packets, publickey);
430 free_packet_list(packets);
433 } else if (ret != DB_NOTFOUND) {
434 logthing(LOGTHING_ERROR,
435 "Problem retrieving key: %s",
447 * fetch_key_id - Given a keyid fetch the key from storage.
448 * @keyid: The keyid to fetch.
449 * @publickey: A pointer to a structure to return the key in.
450 * @intrans: If we're already in a transaction.
452 * We use the hex representation of the keyid as the filename to fetch the
453 * key from. The key is stored in the file as a binary OpenPGP stream of
454 * packets, so we can just use read_openpgp_stream() to read the packets
455 * in and then parse_keys() to parse the packets into a publickey
458 static int db4_fetch_key_id(struct onak_dbctx *dbctx, uint64_t keyid,
459 struct openpgp_publickey **publickey,
462 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
463 struct openpgp_packet_list *packets = NULL;
467 struct buffer_ctx fetchbuf;
468 struct openpgp_fingerprint fingerprint;
470 if (keyid < 0x100000000LL) {
471 keyid = db4_getfullkeyid(dbctx, keyid);
474 memset(&key, 0, sizeof(key));
475 memset(&data, 0, sizeof(data));
480 key.size = sizeof(keyid);
484 db4_starttrans(dbctx);
488 * First we try a legacy stored key where we used the 64 bit key ID
491 ret = keydb_id(privctx, keyid)->get(keydb_id(privctx, keyid),
497 if (ret == DB_NOTFOUND) {
498 /* If we didn't find the key ID try the 64 bit map DB */
499 memset(&key, 0, sizeof(key));
500 memset(&data, 0, sizeof(data));
501 data.ulen = MAX_FINGERPRINT_LEN;
502 data.data = fingerprint.fp;
503 data.flags = DB_DBT_USERMEM;
504 key.size = sizeof(keyid);
507 ret = privctx->id64db->get(privctx->id64db,
514 /* We got a match; retrieve the actual key */
515 fingerprint.length = data.size;
517 memset(&key, 0, sizeof(key));
518 memset(&data, 0, sizeof(data));
519 key.size = fingerprint.length;
520 key.data = fingerprint.fp;
522 ret = keydb_fp(privctx, &fingerprint)->get(
523 keydb_fp(privctx, &fingerprint),
532 fetchbuf.buffer = data.data;
534 fetchbuf.size = data.size;
535 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
537 parse_keys(packets, publickey);
538 free_packet_list(packets);
541 } else if (ret != DB_NOTFOUND) {
542 logthing(LOGTHING_ERROR,
543 "Problem retrieving key: %s",
555 int worddb_cmp(const void *d1, const void *d2)
557 return memcmp(d1, d2, 12);
561 * fetch_key_text - Trys to find the keys that contain the supplied text.
562 * @search: The text to search for.
563 * @publickey: A pointer to a structure to return the key in.
565 * This function searches for the supplied text and returns the keys that
568 static int db4_fetch_key_text(struct onak_dbctx *dbctx, const char *search,
569 struct openpgp_publickey **publickey)
571 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
578 char *searchtext = NULL;
579 struct ll *wordlist = NULL;
580 struct ll *curword = NULL;
581 struct keyarray keylist = { NULL, 0, 0 };
582 struct keyarray newkeylist = { NULL, 0, 0 };
584 struct openpgp_fingerprint fingerprint;
587 searchtext = strdup(search);
588 wordlist = makewordlist(wordlist, searchtext);
590 for (curword = wordlist; curword != NULL; curword = curword->next) {
591 db4_starttrans(dbctx);
593 ret = privctx->worddb->cursor(privctx->worddb,
603 memset(&key, 0, sizeof(key));
604 memset(&data, 0, sizeof(data));
605 key.data = curword->object;
606 key.size = strlen(curword->object);
607 data.flags = DB_DBT_MALLOC;
608 ret = cursor->c_get(cursor,
612 while (ret == 0 && strncmp(key.data, curword->object,
614 ((char *) curword->object)[key.size] == 0) {
615 if (data.size == 12) {
616 /* Old style creation + key id */
617 fingerprint.length = 8;
618 for (i = 4; i < 12; i++) {
619 fingerprint.fp[i - 4] =
624 fingerprint.length = data.size;
625 memcpy(fingerprint.fp, data.data, data.size);
629 * Only add the keys containing this word if this is
630 * our first pass (ie we have no existing key list),
631 * or the key contained a previous word.
633 if (firstpass || array_find(&keylist, &fingerprint)) {
634 array_add(&newkeylist, &fingerprint);
640 ret = cursor->c_get(cursor,
645 array_free(&keylist);
646 keylist.keys = newkeylist.keys;
647 keylist.count = newkeylist.count;
648 keylist.size = newkeylist.size;
649 newkeylist.keys = NULL;
650 newkeylist.count = newkeylist.size = 0;
651 if (data.data != NULL) {
655 cursor->c_close(cursor);
660 llfree(wordlist, NULL);
663 if (keylist.count > config.maxkeys) {
664 keylist.count = config.maxkeys;
667 db4_starttrans(dbctx);
668 for (i = 0; i < keylist.count; i++) {
669 if (keylist.keys[i].length == 8) {
671 for (int j = 0; j < 8; j++) {
673 keyid |= keylist.keys[i].fp[j];
675 numkeys += db4_fetch_key_id(dbctx, keyid,
679 numkeys += db4_fetch_key_fp(dbctx, &keylist.keys[i],
684 array_free(&keylist);
693 static int db4_fetch_key_skshash(struct onak_dbctx *dbctx,
694 const struct skshash *hash,
695 struct openpgp_publickey **publickey)
697 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
703 struct openpgp_fingerprint fingerprint;
705 ret = privctx->skshashdb->cursor(privctx->skshashdb,
714 memset(&key, 0, sizeof(key));
715 memset(&data, 0, sizeof(data));
716 key.data = (void *) hash->hash;
717 key.size = sizeof(hash->hash);
718 data.flags = DB_DBT_MALLOC;
720 ret = cursor->c_get(cursor,
726 if (data.size == 8) {
727 /* Legacy key ID record */
728 keyid = *(uint64_t *) data.data;
729 count = db4_fetch_key_id(dbctx, keyid, publickey,
732 fingerprint.length = data.size;
733 memcpy(fingerprint.fp, data.data, data.size);
734 count = db4_fetch_key_fp(dbctx, &fingerprint,
738 if (data.data != NULL) {
744 cursor->c_close(cursor);
751 * delete_key - Given a keyid delete the key from storage.
752 * @keyid: The keyid to delete.
753 * @intrans: If we're already in a transaction.
755 * This function deletes a public key from whatever storage mechanism we
756 * are using. Returns 0 if the key existed.
758 static int db4_delete_key(struct onak_dbctx *dbctx,
759 uint64_t keyid, bool intrans)
761 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
762 struct openpgp_publickey *publickey = NULL;
765 DBC *cursor64 = NULL;
766 uint32_t shortkeyid = 0;
767 uint64_t subkeyid = 0;
768 struct openpgp_fingerprint *subkeyids = NULL;
772 char *primary = NULL;
773 unsigned char worddb_data[12];
774 struct ll *wordlist = NULL;
775 struct ll *curword = NULL;
776 bool deadlock = false;
778 struct openpgp_fingerprint fingerprint;
781 db4_starttrans(dbctx);
784 if (db4_fetch_key_id(dbctx, keyid, &publickey, true) == 0) {
791 get_fingerprint(publickey->publickey, &fingerprint);
794 * Walk through the uids removing the words from the worddb.
796 if (publickey != NULL) {
797 uids = keyuids(publickey, &primary);
800 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
801 wordlist = makewordlist(wordlist, uids[i]);
804 privctx->worddb->cursor(privctx->worddb,
809 for (curword = wordlist; curword != NULL && !deadlock;
810 curword = curword->next) {
811 memset(&key, 0, sizeof(key));
812 memset(&data, 0, sizeof(data));
813 key.data = curword->object;
814 key.size = strlen(key.data);
815 data.data = worddb_data;
816 data.size = sizeof(worddb_data);
819 * Old format word db data was the key creation time
820 * followed by the 64 bit key id.
822 worddb_data[ 0] = publickey->publickey->data[1];
823 worddb_data[ 1] = publickey->publickey->data[2];
824 worddb_data[ 2] = publickey->publickey->data[3];
825 worddb_data[ 3] = publickey->publickey->data[4];
826 worddb_data[ 4] = (keyid >> 56) & 0xFF;
827 worddb_data[ 5] = (keyid >> 48) & 0xFF;
828 worddb_data[ 6] = (keyid >> 40) & 0xFF;
829 worddb_data[ 7] = (keyid >> 32) & 0xFF;
830 worddb_data[ 8] = (keyid >> 24) & 0xFF;
831 worddb_data[ 9] = (keyid >> 16) & 0xFF;
832 worddb_data[10] = (keyid >> 8) & 0xFF;
833 worddb_data[11] = keyid & 0xFF;
835 ret = cursor->c_get(cursor,
841 cursor->c_del(cursor, 0);
844 /* New style just uses the fingerprint as the data */
845 memset(&key, 0, sizeof(key));
846 memset(&data, 0, sizeof(data));
847 key.data = curword->object;
848 key.size = strlen(key.data);
849 data.data = fingerprint.fp;
850 data.size = fingerprint.length;
852 ret = cursor->c_get(cursor,
858 ret = cursor->c_del(cursor, 0);
861 if (ret != 0 && ret != DB_NOTFOUND) {
862 logthing(LOGTHING_ERROR,
863 "Problem deleting word: %s "
864 "(0x%016" PRIX64 ")",
867 if (ret == DB_LOCK_DEADLOCK) {
872 cursor->c_close(cursor);
876 * Free our UID and word lists.
878 llfree(wordlist, NULL);
879 for (i = 0; uids[i] != NULL; i++) {
888 privctx->id32db->cursor(privctx->id32db,
892 privctx->id64db->cursor(privctx->id64db,
897 shortkeyid = keyid & 0xFFFFFFFF;
899 /* Old style mapping to 64 bit key id */
900 memset(&key, 0, sizeof(key));
901 memset(&data, 0, sizeof(data));
902 key.data = &shortkeyid;
903 key.size = sizeof(shortkeyid);
905 data.size = sizeof(keyid);
907 ret = cursor->c_get(cursor,
913 cursor->c_del(cursor, 0);
916 /* New style mapping to fingerprint */
917 memset(&key, 0, sizeof(key));
918 memset(&data, 0, sizeof(data));
919 key.data = &shortkeyid;
920 key.size = sizeof(shortkeyid);
921 data.data = fingerprint.fp;
922 data.size = fingerprint.length;
924 ret = cursor->c_get(cursor,
930 ret = cursor->c_del(cursor, 0);
933 if (ret != 0 && ret != DB_NOTFOUND) {
934 logthing(LOGTHING_ERROR,
935 "Problem deleting short keyid: %s "
936 "(0x%016" PRIX64 ")",
939 if (ret == DB_LOCK_DEADLOCK) {
944 /* 64 bit key mapping to fingerprint */
945 memset(&key, 0, sizeof(key));
946 memset(&data, 0, sizeof(data));
948 key.size = sizeof(keyid);
949 data.data = fingerprint.fp;
950 data.size = fingerprint.length;
952 ret = cursor64->c_get(cursor64,
958 ret = cursor64->c_del(cursor64, 0);
961 if (ret != 0 && ret != DB_NOTFOUND) {
962 logthing(LOGTHING_ERROR,
963 "Problem deleting keyid: %s "
964 "(0x%016" PRIX64 ")",
967 if (ret == DB_LOCK_DEADLOCK) {
972 subkeyids = keysubkeys(publickey);
974 while (subkeyids != NULL && subkeyids[i].length != 0) {
975 subkeyid = fingerprint2keyid(&subkeyids[i]);
976 memset(&key, 0, sizeof(key));
977 key.data = subkeyids[i].fp;
978 key.size = subkeyids[i].length;
979 privctx->subkeydb->del(privctx->subkeydb,
980 privctx->txn, &key, 0);
981 if (ret != 0 && ret != DB_NOTFOUND) {
982 logthing(LOGTHING_ERROR,
983 "Problem deleting subkey id: %s "
984 "(0x%016" PRIX64 ")",
987 if (ret == DB_LOCK_DEADLOCK) {
992 shortkeyid = subkeyid & 0xFFFFFFFF;
994 /* Remove 32 bit keyid -> 64 bit keyid mapping */
995 memset(&key, 0, sizeof(key));
996 memset(&data, 0, sizeof(data));
997 key.data = &shortkeyid;
998 key.size = sizeof(shortkeyid);
1000 data.size = sizeof(keyid);
1002 ret = cursor->c_get(cursor,
1008 cursor->c_del(cursor, 0);
1011 /* Remove 32 bit keyid -> fingerprint mapping */
1012 memset(&key, 0, sizeof(key));
1013 memset(&data, 0, sizeof(data));
1014 key.data = &shortkeyid;
1015 key.size = sizeof(shortkeyid);
1016 data.data = fingerprint.fp;
1017 data.size = fingerprint.length;
1019 ret = cursor->c_get(cursor,
1025 ret = cursor->c_del(cursor, 0);
1028 if (ret != 0 && ret != DB_NOTFOUND) {
1029 logthing(LOGTHING_ERROR,
1030 "Problem deleting short keyid: %s "
1031 "(0x%016" PRIX64 ")",
1034 if (ret == DB_LOCK_DEADLOCK) {
1039 /* Remove 64 bit keyid -> fingerprint mapping */
1040 memset(&key, 0, sizeof(key));
1041 memset(&data, 0, sizeof(data));
1042 key.data = &subkeyid;
1043 key.size = sizeof(subkeyid);
1044 data.data = fingerprint.fp;
1045 data.size = fingerprint.length;
1047 ret = cursor64->c_get(cursor64,
1053 ret = cursor64->c_del(cursor64, 0);
1056 if (ret != 0 && ret != DB_NOTFOUND) {
1057 logthing(LOGTHING_ERROR,
1058 "Problem deleting keyid: %s "
1059 "(0x%016" PRIX64 ")",
1062 if (ret == DB_LOCK_DEADLOCK) {
1068 if (subkeyids != NULL) {
1072 cursor64->c_close(cursor64);
1074 cursor->c_close(cursor);
1079 ret = privctx->skshashdb->cursor(privctx->skshashdb,
1084 get_skshash(publickey, &hash);
1086 /* First delete old style keyid mapping */
1087 memset(&key, 0, sizeof(key));
1088 memset(&data, 0, sizeof(data));
1089 key.data = hash.hash;
1090 key.size = sizeof(hash.hash);
1092 data.size = sizeof(keyid);
1094 ret = cursor->c_get(cursor,
1100 cursor->c_del(cursor, 0);
1103 /* Then delete new style fingerprint mapping */
1104 memset(&key, 0, sizeof(key));
1105 memset(&data, 0, sizeof(data));
1106 key.data = hash.hash;
1107 key.size = sizeof(hash.hash);
1108 data.data = fingerprint.fp;
1109 data.size = fingerprint.length;
1111 ret = cursor->c_get(cursor,
1117 ret = cursor->c_del(cursor, 0);
1120 if (ret != 0 && ret != DB_NOTFOUND) {
1121 logthing(LOGTHING_ERROR,
1122 "Problem deleting skshash: %s "
1123 "(0x%016" PRIX64 ")",
1126 if (ret == DB_LOCK_DEADLOCK) {
1131 cursor->c_close(cursor);
1135 free_publickey(publickey);
1139 key.data = fingerprint.fp;
1140 key.size = fingerprint.length;
1142 keydb_fp(privctx, &fingerprint)->del(keydb_fp(privctx,
1148 /* Delete old style 64 bit keyid */
1150 key.size = sizeof(keyid);
1152 keydb_id(privctx, keyid)->del(keydb_id(privctx, keyid),
1159 db4_endtrans(dbctx);
1162 return deadlock ? (-1) : (ret == DB_NOTFOUND);
1166 * store_key - Takes a key and stores it.
1167 * @publickey: A pointer to the public key to store.
1168 * @intrans: If we're already in a transaction.
1169 * @update: If true the key exists and should be updated.
1171 * Again we just use the hex representation of the keyid as the filename
1172 * to store the key to. We flatten the public key to a list of OpenPGP
1173 * packets and then use write_openpgp_stream() to write the stream out to
1174 * the file. If update is true then we delete the old key first, otherwise
1175 * we trust that it doesn't exist.
1177 static int db4_store_key(struct onak_dbctx *dbctx,
1178 struct openpgp_publickey *publickey, bool intrans,
1181 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1182 struct openpgp_packet_list *packets = NULL;
1183 struct openpgp_packet_list *list_end = NULL;
1184 struct openpgp_publickey *next = NULL;
1187 struct buffer_ctx storebuf;
1191 uint32_t shortkeyid = 0;
1192 struct openpgp_fingerprint *subkeyids = NULL;
1194 char *primary = NULL;
1195 struct ll *wordlist = NULL;
1196 struct ll *curword = NULL;
1197 bool deadlock = false;
1198 struct skshash hash;
1199 struct openpgp_fingerprint fingerprint;
1201 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
1202 logthing(LOGTHING_ERROR, "Couldn't find key ID for key.");
1206 if (get_fingerprint(publickey->publickey, &fingerprint) != ONAK_E_OK) {
1207 logthing(LOGTHING_ERROR, "Couldn't find fingerprint for key.");
1212 db4_starttrans(dbctx);
1216 * Delete the key if we already have it.
1218 * TODO: Can we optimize this perhaps? Possibly when other data is
1219 * involved as well? I suspect this is easiest and doesn't make a lot
1220 * of difference though - the largest chunk of data is the keydata and
1221 * it definitely needs updated.
1224 deadlock = (db4_delete_key(dbctx, keyid, true) == -1);
1228 * Convert the key to a flat set of binary data.
1231 next = publickey->next;
1232 publickey->next = NULL;
1233 flatten_publickey(publickey, &packets, &list_end);
1234 publickey->next = next;
1236 storebuf.offset = 0;
1237 storebuf.size = 8192;
1238 storebuf.buffer = malloc(8192);
1240 write_openpgp_stream(buffer_putchar, &storebuf, packets);
1243 * Now we have the key data store it in the DB; the keyid is
1246 memset(&key, 0, sizeof(key));
1247 memset(&data, 0, sizeof(data));
1248 key.data = fingerprint.fp;
1249 key.size = fingerprint.length;
1250 data.size = storebuf.offset;
1251 data.data = storebuf.buffer;
1253 ret = keydb_fp(privctx, &fingerprint)->put(
1254 keydb_fp(privctx, &fingerprint),
1260 logthing(LOGTHING_ERROR,
1261 "Problem storing key: %s",
1263 if (ret == DB_LOCK_DEADLOCK) {
1268 free(storebuf.buffer);
1269 storebuf.buffer = NULL;
1271 storebuf.offset = 0;
1273 free_packet_list(packets);
1278 * Walk through our uids storing the words into the db with the keyid.
1281 uids = keyuids(publickey, &primary);
1284 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
1285 wordlist = makewordlist(wordlist, uids[i]);
1288 for (curword = wordlist; curword != NULL && !deadlock;
1289 curword = curword->next) {
1290 memset(&key, 0, sizeof(key));
1291 memset(&data, 0, sizeof(data));
1292 key.data = curword->object;
1293 key.size = strlen(key.data);
1294 data.data = fingerprint.fp;
1295 data.size = fingerprint.length;
1297 ret = privctx->worddb->put(privctx->worddb,
1303 logthing(LOGTHING_ERROR,
1304 "Problem storing word: %s",
1306 if (ret == DB_LOCK_DEADLOCK) {
1313 * Free our UID and word lists.
1315 llfree(wordlist, NULL);
1316 for (i = 0; uids[i] != NULL; i++) {
1325 * Write the truncated 32 bit keyid so we can lookup the fingerprint
1329 shortkeyid = keyid & 0xFFFFFFFF;
1331 memset(&key, 0, sizeof(key));
1332 memset(&data, 0, sizeof(data));
1333 key.data = &shortkeyid;
1334 key.size = sizeof(shortkeyid);
1335 data.data = fingerprint.fp;
1336 data.size = fingerprint.length;
1338 ret = privctx->id32db->put(privctx->id32db,
1344 logthing(LOGTHING_ERROR,
1345 "Problem storing short keyid: %s",
1347 if (ret == DB_LOCK_DEADLOCK) {
1354 * Write the 64 bit keyid so we can lookup the fingerprint for
1358 memset(&key, 0, sizeof(key));
1359 memset(&data, 0, sizeof(data));
1361 key.size = sizeof(keyid);
1362 data.data = fingerprint.fp;
1363 data.size = fingerprint.length;
1365 ret = privctx->id64db->put(privctx->id64db,
1371 logthing(LOGTHING_ERROR,
1372 "Problem storing keyid: %s",
1374 if (ret == DB_LOCK_DEADLOCK) {
1381 subkeyids = keysubkeys(publickey);
1383 while (subkeyids != NULL && subkeyids[i].length != 0) {
1384 /* Store the subkey ID -> main key fp mapping */
1385 memset(&key, 0, sizeof(key));
1386 memset(&data, 0, sizeof(data));
1387 key.data = subkeyids[i].fp;
1388 key.size = subkeyids[i].length;
1389 data.data = fingerprint.fp;
1390 data.size = fingerprint.length;
1392 ret = privctx->subkeydb->put(privctx->subkeydb,
1398 logthing(LOGTHING_ERROR,
1399 "Problem storing subkey keyid: %s",
1401 if (ret == DB_LOCK_DEADLOCK) {
1406 /* Store the 64 bit subkey ID -> main key fp mapping */
1407 memset(&key, 0, sizeof(key));
1408 memset(&data, 0, sizeof(data));
1410 keyid = fingerprint2keyid(&subkeyids[i]);
1412 key.size = sizeof(keyid);
1413 data.data = fingerprint.fp;
1414 data.size = fingerprint.length;
1416 ret = privctx->id64db->put(privctx->id64db,
1422 logthing(LOGTHING_ERROR,
1423 "Problem storing keyid: %s",
1425 if (ret == DB_LOCK_DEADLOCK) {
1430 /* Store the short subkey ID -> main key fp mapping */
1431 shortkeyid = keyid & 0xFFFFFFFF;
1433 memset(&key, 0, sizeof(key));
1434 memset(&data, 0, sizeof(data));
1435 key.data = &shortkeyid;
1436 key.size = sizeof(shortkeyid);
1437 data.data = fingerprint.fp;
1438 data.size = fingerprint.length;
1440 ret = privctx->id32db->put(privctx->id32db,
1446 logthing(LOGTHING_ERROR,
1447 "Problem storing short keyid: %s",
1449 if (ret == DB_LOCK_DEADLOCK) {
1455 if (subkeyids != NULL) {
1462 get_skshash(publickey, &hash);
1463 memset(&key, 0, sizeof(key));
1464 memset(&data, 0, sizeof(data));
1465 key.data = hash.hash;
1466 key.size = sizeof(hash.hash);
1467 data.data = fingerprint.fp;
1468 data.size = fingerprint.length;
1470 ret = privctx->skshashdb->put(privctx->skshashdb,
1476 logthing(LOGTHING_ERROR,
1477 "Problem storing SKS hash: %s",
1479 if (ret == DB_LOCK_DEADLOCK) {
1486 db4_endtrans(dbctx);
1489 return deadlock ? -1 : 0 ;
1493 * iterate_keys - call a function once for each key in the db.
1494 * @iterfunc: The function to call.
1495 * @ctx: A context pointer
1497 * Calls iterfunc once for each key in the database. ctx is passed
1498 * unaltered to iterfunc. This function is intended to aid database dumps
1499 * and statistic calculations.
1501 * Returns the number of keys we iterated over.
1503 static int db4_iterate_keys(struct onak_dbctx *dbctx,
1504 void (*iterfunc)(void *ctx, struct openpgp_publickey *key),
1507 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1513 struct buffer_ctx fetchbuf;
1514 struct openpgp_packet_list *packets = NULL;
1515 struct openpgp_publickey *key = NULL;
1517 for (i = 0; i < privctx->numdbs; i++) {
1518 ret = privctx->dbconns[i]->cursor(privctx->dbconns[i],
1527 memset(&dbkey, 0, sizeof(dbkey));
1528 memset(&data, 0, sizeof(data));
1529 ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
1531 fetchbuf.buffer = data.data;
1532 fetchbuf.offset = 0;
1533 fetchbuf.size = data.size;
1534 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
1536 parse_keys(packets, &key);
1540 free_publickey(key);
1542 free_packet_list(packets);
1545 memset(&dbkey, 0, sizeof(dbkey));
1546 memset(&data, 0, sizeof(data));
1547 ret = cursor->c_get(cursor, &dbkey, &data,
1551 if (ret != DB_NOTFOUND) {
1552 logthing(LOGTHING_ERROR,
1553 "Problem reading key: %s",
1557 cursor->c_close(cursor);
1565 * Include the basic keydb routines.
1567 #define NEED_GETKEYSIGS 1
1568 #define NEED_KEYID2UID 1
1569 #define NEED_UPDATEKEYS 1
1573 * cleanupdb - De-initialize the key database.
1575 * This function should be called upon program exit to allow the DB to
1576 * cleanup after itself.
1578 static void db4_cleanupdb(struct onak_dbctx *dbctx)
1580 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1583 if (privctx->dbenv != NULL) {
1584 privctx->dbenv->txn_checkpoint(privctx->dbenv, 0, 0, 0);
1585 if (privctx->subkeydb != NULL) {
1586 privctx->subkeydb->close(privctx->subkeydb, 0);
1587 privctx->subkeydb = NULL;
1589 if (privctx->skshashdb != NULL) {
1590 privctx->skshashdb->close(privctx->skshashdb, 0);
1591 privctx->skshashdb = NULL;
1593 if (privctx->id64db != NULL) {
1594 privctx->id64db->close(privctx->id64db, 0);
1595 privctx->id64db = NULL;
1597 if (privctx->id32db != NULL) {
1598 privctx->id32db->close(privctx->id32db, 0);
1599 privctx->id32db = NULL;
1601 if (privctx->worddb != NULL) {
1602 privctx->worddb->close(privctx->worddb, 0);
1603 privctx->worddb = NULL;
1605 for (i = 0; i < privctx->numdbs; i++) {
1606 if (privctx->dbconns[i] != NULL) {
1607 privctx->dbconns[i]->close(privctx->dbconns[i],
1609 privctx->dbconns[i] = NULL;
1612 free(privctx->dbconns);
1613 privctx->dbconns = NULL;
1614 privctx->dbenv->close(privctx->dbenv, 0);
1615 privctx->dbenv = NULL;
1624 * initdb - Initialize the key database.
1626 * This function should be called before any of the other functions in
1627 * this file are called in order to allow the DB to be initialized ready
1630 struct onak_dbctx *keydb_db4_init(struct onak_db_config *dbcfg, bool readonly)
1637 struct stat statbuf;
1639 struct onak_dbctx *dbctx;
1640 struct onak_db4_dbctx *privctx;
1642 dbctx = malloc(sizeof(*dbctx));
1643 if (dbctx == NULL) {
1646 dbctx->config = dbcfg;
1647 dbctx->priv = privctx = calloc(1, sizeof(*privctx));
1648 if (privctx == NULL) {
1653 /* Default to 16 key data DBs */
1654 privctx->numdbs = 16;
1656 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbcfg->location,
1658 ret = stat(buf, &statbuf);
1659 while ((ret == 0) || (errno != ENOENT)) {
1661 logthing(LOGTHING_CRITICAL, "Couldn't stat upgrade "
1662 "lock file: %s (%d)", strerror(errno), ret);
1665 logthing(LOGTHING_DEBUG, "DB4 upgrade in progress; waiting.");
1667 ret = stat(buf, &statbuf);
1671 snprintf(buf, sizeof(buf) - 1, "%s/num_keydb", dbcfg->location);
1672 numdb = fopen(buf, "r");
1673 if (numdb != NULL) {
1674 if (fgets(buf, sizeof(buf), numdb) != NULL) {
1675 privctx->numdbs = atoi(buf);
1678 } else if (!readonly) {
1679 logthing(LOGTHING_ERROR, "Couldn't open num_keydb: %s",
1681 numdb = fopen(buf, "w");
1682 if (numdb != NULL) {
1683 fprintf(numdb, "%d", privctx->numdbs);
1686 logthing(LOGTHING_ERROR,
1687 "Couldn't write num_keydb: %s",
1692 privctx->dbconns = calloc(privctx->numdbs, sizeof (DB *));
1693 if (privctx->dbconns == NULL) {
1694 logthing(LOGTHING_CRITICAL,
1695 "Couldn't allocate memory for dbconns");
1700 ret = db_env_create(&privctx->dbenv, 0);
1702 logthing(LOGTHING_CRITICAL,
1703 "db_env_create: %s", db_strerror(ret));
1708 * Up the number of locks we're allowed at once. We base this on
1709 * the maximum number of keys we're going to return.
1712 maxlocks = config.maxkeys * 16;
1713 if (maxlocks < 1000) {
1716 privctx->dbenv->set_lk_max_locks(privctx->dbenv, maxlocks);
1717 privctx->dbenv->set_lk_max_objects(privctx->dbenv, maxlocks);
1721 * Enable deadlock detection so that we don't block indefinitely on
1722 * anything. What we really want is simple 2 state locks, but I'm not
1723 * sure how to make the standard DB functions do that yet.
1726 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
1727 ret = privctx->dbenv->set_lk_detect(privctx->dbenv, DB_LOCK_DEFAULT);
1729 logthing(LOGTHING_CRITICAL,
1730 "db_env_create: %s", db_strerror(ret));
1735 ret = privctx->dbenv->open(privctx->dbenv, dbcfg->location,
1736 DB_INIT_LOG | DB_INIT_MPOOL | DB_INIT_LOCK |
1740 #ifdef DB_VERSION_MISMATCH
1741 if (ret == DB_VERSION_MISMATCH) {
1742 privctx->dbenv->close(privctx->dbenv, 0);
1743 privctx->dbenv = NULL;
1744 ret = db4_upgradedb(dbctx);
1746 ret = db_env_create(&privctx->dbenv, 0);
1749 privctx->dbenv->set_errcall(privctx->dbenv,
1751 privctx->dbenv->set_lk_detect(privctx->dbenv,
1753 ret = privctx->dbenv->open(privctx->dbenv,
1755 DB_INIT_LOG | DB_INIT_MPOOL |
1756 DB_INIT_LOCK | DB_INIT_TXN |
1757 DB_CREATE | DB_RECOVER,
1761 privctx->dbenv->txn_checkpoint(
1771 logthing(LOGTHING_CRITICAL,
1772 "Error opening db environment: %s (%s)",
1775 if (privctx->dbenv != NULL) {
1776 privctx->dbenv->close(privctx->dbenv, 0);
1777 privctx->dbenv = NULL;
1783 db4_starttrans(dbctx);
1785 for (i = 0; !ret && i < privctx->numdbs; i++) {
1786 ret = db_create(&privctx->dbconns[i],
1789 logthing(LOGTHING_CRITICAL,
1790 "db_create: %s", db_strerror(ret));
1794 snprintf(buf, 1023, "keydb.%d.db", i);
1799 ret = privctx->dbconns[i]->open(
1800 privctx->dbconns[i],
1808 logthing(LOGTHING_CRITICAL,
1809 "Error opening key database:"
1819 ret = db_create(&privctx->worddb, privctx->dbenv, 0);
1821 logthing(LOGTHING_CRITICAL, "db_create: %s",
1827 ret = privctx->worddb->set_flags(privctx->worddb, DB_DUP);
1831 ret = privctx->worddb->open(privctx->worddb, privctx->txn,
1832 "worddb", "worddb", DB_BTREE,
1836 logthing(LOGTHING_CRITICAL,
1837 "Error opening word database: %s (%s)",
1844 ret = db_create(&privctx->id32db, privctx->dbenv, 0);
1846 logthing(LOGTHING_CRITICAL, "db_create: %s",
1852 ret = privctx->id32db->set_flags(privctx->id32db, DB_DUP);
1856 ret = privctx->id32db->open(privctx->id32db, privctx->txn,
1857 "id32db", "id32db", DB_HASH,
1861 logthing(LOGTHING_CRITICAL,
1862 "Error opening id32 database: %s (%s)",
1869 ret = db_create(&privctx->id64db, privctx->dbenv, 0);
1871 logthing(LOGTHING_CRITICAL, "db_create: %s",
1877 ret = privctx->id64db->set_flags(privctx->id64db, DB_DUP);
1881 ret = privctx->id64db->open(privctx->id64db, privctx->txn,
1882 "id64db", "id64db", DB_HASH,
1886 logthing(LOGTHING_CRITICAL,
1887 "Error opening id64 database: %s (%s)",
1894 ret = db_create(&privctx->skshashdb, privctx->dbenv, 0);
1896 logthing(LOGTHING_CRITICAL, "db_create: %s",
1902 ret = privctx->skshashdb->open(privctx->skshashdb, privctx->txn,
1904 "skshashdb", DB_HASH,
1908 logthing(LOGTHING_CRITICAL,
1909 "Error opening skshash database: %s (%s)",
1916 ret = db_create(&privctx->subkeydb, privctx->dbenv, 0);
1918 logthing(LOGTHING_CRITICAL, "db_create: %s",
1924 ret = privctx->subkeydb->open(privctx->subkeydb, privctx->txn,
1925 "subkeydb", "subkeydb",
1930 logthing(LOGTHING_CRITICAL,
1931 "Error opening subkey database: %s (%s)",
1937 if (privctx->txn != NULL) {
1938 db4_endtrans(dbctx);
1942 db4_cleanupdb(dbctx);
1943 logthing(LOGTHING_CRITICAL,
1944 "Error opening database; exiting");
1948 dbctx->cleanupdb = db4_cleanupdb;
1949 dbctx->starttrans = db4_starttrans;
1950 dbctx->endtrans = db4_endtrans;
1951 dbctx->fetch_key_id = db4_fetch_key_id;
1952 dbctx->fetch_key_fp = db4_fetch_key_fp;
1953 dbctx->fetch_key_text = db4_fetch_key_text;
1954 dbctx->fetch_key_skshash = db4_fetch_key_skshash;
1955 dbctx->store_key = db4_store_key;
1956 dbctx->update_keys = generic_update_keys;
1957 dbctx->delete_key = db4_delete_key;
1958 dbctx->getkeysigs = generic_getkeysigs;
1959 dbctx->cached_getkeysigs = generic_cached_getkeysigs;
1960 dbctx->keyid2uid = generic_keyid2uid;
1961 dbctx->getfullkeyid = db4_getfullkeyid;
1962 dbctx->iterate_keys = db4_iterate_keys;