2 * keydb_db4.c - Routines to store and fetch keys in a DB4 database.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program. If not, see <https://www.gnu.org/licenses/>.
19 #include <sys/types.h>
34 #include "charfuncs.h"
38 #include "decodekey.h"
39 #include "keystructs.h"
44 #include "onak-conf.h"
48 #define DB4_UPGRADE_FILE "db_upgrade.lck"
50 struct onak_db4_dbctx {
51 DB_ENV *dbenv; /* The database environment context */
52 int numdbs; /* Number of data databases in use */
53 DB **dbconns; /* Connections to the key data databases */
54 DB *worddb; /* Connection to the word lookup database */
55 DB *id32db; /* Connection to the 32 bit ID lookup database */
56 DB *id64db; /* Connection to the 64 bit ID lookup database */
57 DB *skshashdb; /* Connection to the SKS hash database */
58 DB *subkeydb; /* Connection to the subkey ID lookup database */
59 DB_TXN *txn; /* Our current transaction ID */
62 DB *keydb_id(struct onak_db4_dbctx *privctx, uint64_t keyid)
68 return(privctx->dbconns[keytrun % privctx->numdbs]);
71 DB *keydb_fp(struct onak_db4_dbctx *privctx, struct openpgp_fingerprint *fp)
75 keytrun = (fp->fp[4] << 24) |
80 return(privctx->dbconns[keytrun % privctx->numdbs]);
84 * db4_errfunc - Direct DB errors to logfile
86 * Basic function to take errors from the DB library and output them to
87 * the logfile rather than stderr.
89 #if (DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR < 3)
90 static void db4_errfunc(const char *errpfx, const char *errmsg)
92 static void db4_errfunc(const DB_ENV *edbenv, const char *errpfx,
97 logthing(LOGTHING_DEBUG, "db4 error: %s:%s", errpfx, errmsg);
99 logthing(LOGTHING_DEBUG, "db4 error: %s", errmsg);
106 * starttrans - Start a transaction.
108 * Start a transaction. Intended to be used if we're about to perform many
109 * operations on the database to help speed it all up, or if we want
110 * something to only succeed if all relevant operations are successful.
112 static bool db4_starttrans(struct onak_dbctx *dbctx)
114 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
117 log_assert(privctx->dbenv != NULL);
118 log_assert(privctx->txn == NULL);
120 ret = privctx->dbenv->txn_begin(privctx->dbenv,
121 NULL, /* No parent transaction */
125 logthing(LOGTHING_CRITICAL,
126 "Error starting transaction: %s",
135 * endtrans - End a transaction.
137 * Ends a transaction.
139 static void db4_endtrans(struct onak_dbctx *dbctx)
141 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
144 log_assert(privctx->dbenv != NULL);
145 log_assert(privctx->txn != NULL);
147 ret = privctx->txn->commit(privctx->txn,
150 logthing(LOGTHING_CRITICAL,
151 "Error ending transaction: %s",
161 * db4_upgradedb - Upgrade a DB4 database
163 * Called if we discover we need to upgrade our DB4 database; ie if
164 * we're running with a newer version of db4 than the database was
167 static int db4_upgradedb(struct onak_dbctx *dbctx)
169 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
178 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
180 lockfile_fd = open(buf, O_RDWR | O_CREAT | O_EXCL, 0600);
181 if (lockfile_fd < 0) {
182 if (errno == EEXIST) {
183 while (stat(buf, &statbuf) == 0) ;
186 logthing(LOGTHING_CRITICAL, "Couldn't open database "
187 "update lock file: %s", strerror(errno));
191 snprintf(buf, sizeof(buf) - 1, "%d", getpid());
192 written = write(lockfile_fd, buf, strlen(buf));
194 if (written != strlen(buf)) {
195 logthing(LOGTHING_CRITICAL, "Couldn't write PID to lockfile: "
196 "%s", strerror(errno));
197 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
203 logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
204 ret = db_env_create(&privctx->dbenv, 0);
206 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
207 privctx->dbenv->remove(privctx->dbenv, dbctx->config->location, 0);
208 privctx->dbenv = NULL;
210 for (i = 0; i < privctx->numdbs; i++) {
211 ret = db_create(&curdb, NULL, 0);
213 snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
214 dbctx->config->location, i);
215 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
216 curdb->upgrade(curdb, buf, 0);
217 curdb->close(curdb, 0);
219 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
225 ret = db_create(&curdb, NULL, 0);
227 snprintf(buf, sizeof(buf) - 1, "%s/worddb", dbctx->config->location);
228 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
229 curdb->upgrade(curdb, buf, 0);
230 curdb->close(curdb, 0);
232 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
237 ret = db_create(&curdb, NULL, 0);
239 snprintf(buf, sizeof(buf) - 1, "%s/id32db", dbctx->config->location);
240 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
241 curdb->upgrade(curdb, buf, 0);
242 curdb->close(curdb, 0);
244 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
249 ret = db_create(&curdb, NULL, 0);
251 snprintf(buf, sizeof(buf) - 1, "%s/id64db", dbctx->config->location);
252 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
253 curdb->upgrade(curdb, buf, 0);
254 curdb->close(curdb, 0);
256 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
261 ret = db_create(&curdb, NULL, 0);
263 snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", dbctx->config->location);
264 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
265 curdb->upgrade(curdb, buf, 0);
266 curdb->close(curdb, 0);
268 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
273 ret = db_create(&curdb, NULL, 0);
275 snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", dbctx->config->location);
276 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
277 curdb->upgrade(curdb, buf, 0);
278 curdb->close(curdb, 0);
280 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
285 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
293 * getfullkeyid - Maps a 32bit key id to a 64bit one.
294 * @keyid: The 32bit keyid.
296 * This function maps a 32bit key id to the full 64bit one. It returns the
297 * full keyid. If the key isn't found a keyid of 0 is returned.
299 static uint64_t db4_getfullkeyid(struct onak_dbctx *dbctx, uint64_t keyid)
301 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
304 uint32_t shortkeyid = 0;
308 if (keyid < 0x100000000LL) {
309 ret = privctx->id32db->cursor(privctx->id32db,
318 shortkeyid = keyid & 0xFFFFFFFF;
320 memset(&key, 0, sizeof(key));
321 memset(&data, 0, sizeof(data));
322 key.data = &shortkeyid;
323 key.size = sizeof(shortkeyid);
324 data.flags = DB_DBT_MALLOC;
326 ret = cursor->c_get(cursor,
332 if (data.size == 8) {
333 keyid = * (uint64_t *) data.data;
336 for (i = 12; i < 20; i++) {
338 keyid |= ((uint8_t *) data.data)[i];
342 if (data.data != NULL) {
348 cursor->c_close(cursor);
356 * fetch_key_fp - Given a fingerprint fetch the key from storage.
358 static int db4_fetch_key_fp(struct onak_dbctx *dbctx,
359 struct openpgp_fingerprint *fingerprint,
360 struct openpgp_publickey **publickey,
363 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
364 struct openpgp_packet_list *packets = NULL;
368 struct buffer_ctx fetchbuf;
369 struct openpgp_fingerprint subfp;
371 memset(&key, 0, sizeof(key));
372 memset(&data, 0, sizeof(data));
377 key.size = fingerprint->length;
378 key.data = fingerprint->fp;
381 db4_starttrans(dbctx);
384 ret = keydb_fp(privctx, fingerprint)->get(keydb_fp(privctx,
391 if (ret == DB_NOTFOUND) {
392 /* If we didn't find the key ID see if it's a subkey ID */
393 memset(&key, 0, sizeof(key));
394 memset(&data, 0, sizeof(data));
395 data.data = subfp.fp;
396 data.ulen = MAX_FINGERPRINT_LEN;
397 data.flags = DB_DBT_USERMEM;
398 key.data = fingerprint->fp;
399 key.size = fingerprint->length;
401 ret = privctx->subkeydb->get(privctx->subkeydb,
408 /* We got a subkey match; retrieve the actual key */
409 memset(&key, 0, sizeof(key));
410 key.size = subfp.length = data.size;
413 memset(&data, 0, sizeof(data));
417 ret = keydb_fp(privctx, &subfp)->get(
418 keydb_fp(privctx, &subfp),
427 fetchbuf.buffer = data.data;
429 fetchbuf.size = data.size;
430 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
432 parse_keys(packets, publickey);
433 free_packet_list(packets);
436 } else if (ret != DB_NOTFOUND) {
437 logthing(LOGTHING_ERROR,
438 "Problem retrieving key: %s",
450 * fetch_key_id - Given a keyid fetch the key from storage.
451 * @keyid: The keyid to fetch.
452 * @publickey: A pointer to a structure to return the key in.
453 * @intrans: If we're already in a transaction.
455 * We use the hex representation of the keyid as the filename to fetch the
456 * key from. The key is stored in the file as a binary OpenPGP stream of
457 * packets, so we can just use read_openpgp_stream() to read the packets
458 * in and then parse_keys() to parse the packets into a publickey
461 static int db4_fetch_key_id(struct onak_dbctx *dbctx, uint64_t keyid,
462 struct openpgp_publickey **publickey,
465 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
466 struct openpgp_packet_list *packets = NULL;
470 struct buffer_ctx fetchbuf;
471 struct openpgp_fingerprint fingerprint;
473 if (keyid < 0x100000000LL) {
474 keyid = db4_getfullkeyid(dbctx, keyid);
477 memset(&key, 0, sizeof(key));
478 memset(&data, 0, sizeof(data));
483 key.size = sizeof(keyid);
487 db4_starttrans(dbctx);
491 * First we try a legacy stored key where we used the 64 bit key ID
494 ret = keydb_id(privctx, keyid)->get(keydb_id(privctx, keyid),
500 if (ret == DB_NOTFOUND) {
501 /* If we didn't find the key ID try the 64 bit map DB */
502 memset(&key, 0, sizeof(key));
503 memset(&data, 0, sizeof(data));
504 data.ulen = MAX_FINGERPRINT_LEN;
505 data.data = fingerprint.fp;
506 data.flags = DB_DBT_USERMEM;
507 key.size = sizeof(keyid);
510 ret = privctx->id64db->get(privctx->id64db,
517 /* We got a match; retrieve the actual key */
518 fingerprint.length = data.size;
520 memset(&key, 0, sizeof(key));
521 memset(&data, 0, sizeof(data));
522 key.size = fingerprint.length;
523 key.data = fingerprint.fp;
525 ret = keydb_fp(privctx, &fingerprint)->get(
526 keydb_fp(privctx, &fingerprint),
535 fetchbuf.buffer = data.data;
537 fetchbuf.size = data.size;
538 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
540 parse_keys(packets, publickey);
541 free_packet_list(packets);
544 } else if (ret != DB_NOTFOUND) {
545 logthing(LOGTHING_ERROR,
546 "Problem retrieving key: %s",
558 int worddb_cmp(const void *d1, const void *d2)
560 return memcmp(d1, d2, 12);
564 * fetch_key_text - Trys to find the keys that contain the supplied text.
565 * @search: The text to search for.
566 * @publickey: A pointer to a structure to return the key in.
568 * This function searches for the supplied text and returns the keys that
571 static int db4_fetch_key_text(struct onak_dbctx *dbctx, const char *search,
572 struct openpgp_publickey **publickey)
574 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
581 char *searchtext = NULL;
582 struct ll *wordlist = NULL;
583 struct ll *curword = NULL;
584 struct keyarray keylist = { NULL, 0, 0 };
585 struct keyarray newkeylist = { NULL, 0, 0 };
587 struct openpgp_fingerprint fingerprint;
590 searchtext = strdup(search);
591 wordlist = makewordlist(wordlist, searchtext);
593 for (curword = wordlist; curword != NULL; curword = curword->next) {
594 db4_starttrans(dbctx);
596 ret = privctx->worddb->cursor(privctx->worddb,
606 memset(&key, 0, sizeof(key));
607 memset(&data, 0, sizeof(data));
608 key.data = curword->object;
609 key.size = strlen(curword->object);
610 data.flags = DB_DBT_MALLOC;
611 ret = cursor->c_get(cursor,
615 while (ret == 0 && strncmp(key.data, curword->object,
617 ((char *) curword->object)[key.size] == 0) {
618 if (data.size == 12) {
619 /* Old style creation + key id */
620 fingerprint.length = 8;
621 for (i = 4; i < 12; i++) {
622 fingerprint.fp[i - 4] =
627 fingerprint.length = data.size;
628 memcpy(fingerprint.fp, data.data, data.size);
632 * Only add the keys containing this word if this is
633 * our first pass (ie we have no existing key list),
634 * or the key contained a previous word.
636 if (firstpass || array_find(&keylist, &fingerprint)) {
637 array_add(&newkeylist, &fingerprint);
643 ret = cursor->c_get(cursor,
648 array_free(&keylist);
649 keylist.keys = newkeylist.keys;
650 keylist.count = newkeylist.count;
651 keylist.size = newkeylist.size;
652 newkeylist.keys = NULL;
653 newkeylist.count = newkeylist.size = 0;
654 if (data.data != NULL) {
658 cursor->c_close(cursor);
663 llfree(wordlist, NULL);
666 if (keylist.count > config.maxkeys) {
667 keylist.count = config.maxkeys;
670 db4_starttrans(dbctx);
671 for (i = 0; i < keylist.count; i++) {
672 if (keylist.keys[i].length == 8) {
674 for (int j = 0; j < 8; j++) {
676 keyid |= keylist.keys[i].fp[j];
678 numkeys += db4_fetch_key_id(dbctx, keyid,
682 numkeys += db4_fetch_key_fp(dbctx, &keylist.keys[i],
687 array_free(&keylist);
696 static int db4_fetch_key_skshash(struct onak_dbctx *dbctx,
697 const struct skshash *hash,
698 struct openpgp_publickey **publickey)
700 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
706 struct openpgp_fingerprint fingerprint;
708 ret = privctx->skshashdb->cursor(privctx->skshashdb,
717 memset(&key, 0, sizeof(key));
718 memset(&data, 0, sizeof(data));
719 key.data = (void *) hash->hash;
720 key.size = sizeof(hash->hash);
721 data.flags = DB_DBT_MALLOC;
723 ret = cursor->c_get(cursor,
729 if (data.size == 8) {
730 /* Legacy key ID record */
731 keyid = *(uint64_t *) data.data;
732 count = db4_fetch_key_id(dbctx, keyid, publickey,
735 fingerprint.length = data.size;
736 memcpy(fingerprint.fp, data.data, data.size);
737 count = db4_fetch_key_fp(dbctx, &fingerprint,
741 if (data.data != NULL) {
747 cursor->c_close(cursor);
754 * delete_key - Given a keyid delete the key from storage.
755 * @keyid: The keyid to delete.
756 * @intrans: If we're already in a transaction.
758 * This function deletes a public key from whatever storage mechanism we
759 * are using. Returns 0 if the key existed.
761 static int db4_delete_key(struct onak_dbctx *dbctx,
762 uint64_t keyid, bool intrans)
764 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
765 struct openpgp_publickey *publickey = NULL;
768 DBC *cursor64 = NULL;
769 uint32_t shortkeyid = 0;
770 uint64_t subkeyid = 0;
771 struct openpgp_fingerprint *subkeyids = NULL;
775 char *primary = NULL;
776 unsigned char worddb_data[12];
777 struct ll *wordlist = NULL;
778 struct ll *curword = NULL;
779 bool deadlock = false;
781 struct openpgp_fingerprint fingerprint;
784 db4_starttrans(dbctx);
787 if (db4_fetch_key_id(dbctx, keyid, &publickey, true) == 0) {
794 get_fingerprint(publickey->publickey, &fingerprint);
797 * Walk through the uids removing the words from the worddb.
799 if (publickey != NULL) {
800 uids = keyuids(publickey, &primary);
803 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
804 wordlist = makewordlist(wordlist, uids[i]);
807 privctx->worddb->cursor(privctx->worddb,
812 for (curword = wordlist; curword != NULL && !deadlock;
813 curword = curword->next) {
814 memset(&key, 0, sizeof(key));
815 memset(&data, 0, sizeof(data));
816 key.data = curword->object;
817 key.size = strlen(key.data);
818 data.data = worddb_data;
819 data.size = sizeof(worddb_data);
822 * Old format word db data was the key creation time
823 * followed by the 64 bit key id.
825 worddb_data[ 0] = publickey->publickey->data[1];
826 worddb_data[ 1] = publickey->publickey->data[2];
827 worddb_data[ 2] = publickey->publickey->data[3];
828 worddb_data[ 3] = publickey->publickey->data[4];
829 worddb_data[ 4] = (keyid >> 56) & 0xFF;
830 worddb_data[ 5] = (keyid >> 48) & 0xFF;
831 worddb_data[ 6] = (keyid >> 40) & 0xFF;
832 worddb_data[ 7] = (keyid >> 32) & 0xFF;
833 worddb_data[ 8] = (keyid >> 24) & 0xFF;
834 worddb_data[ 9] = (keyid >> 16) & 0xFF;
835 worddb_data[10] = (keyid >> 8) & 0xFF;
836 worddb_data[11] = keyid & 0xFF;
838 ret = cursor->c_get(cursor,
844 cursor->c_del(cursor, 0);
847 /* New style just uses the fingerprint as the data */
848 memset(&key, 0, sizeof(key));
849 memset(&data, 0, sizeof(data));
850 key.data = curword->object;
851 key.size = strlen(key.data);
852 data.data = fingerprint.fp;
853 data.size = fingerprint.length;
855 ret = cursor->c_get(cursor,
861 ret = cursor->c_del(cursor, 0);
864 if (ret != 0 && ret != DB_NOTFOUND) {
865 logthing(LOGTHING_ERROR,
866 "Problem deleting word: %s "
867 "(0x%016" PRIX64 ")",
870 if (ret == DB_LOCK_DEADLOCK) {
875 cursor->c_close(cursor);
879 * Free our UID and word lists.
881 llfree(wordlist, NULL);
882 for (i = 0; uids[i] != NULL; i++) {
891 privctx->id32db->cursor(privctx->id32db,
895 privctx->id64db->cursor(privctx->id64db,
900 shortkeyid = keyid & 0xFFFFFFFF;
902 /* Old style mapping to 64 bit key id */
903 memset(&key, 0, sizeof(key));
904 memset(&data, 0, sizeof(data));
905 key.data = &shortkeyid;
906 key.size = sizeof(shortkeyid);
908 data.size = sizeof(keyid);
910 ret = cursor->c_get(cursor,
916 cursor->c_del(cursor, 0);
919 /* New style mapping to fingerprint */
920 memset(&key, 0, sizeof(key));
921 memset(&data, 0, sizeof(data));
922 key.data = &shortkeyid;
923 key.size = sizeof(shortkeyid);
924 data.data = fingerprint.fp;
925 data.size = fingerprint.length;
927 ret = cursor->c_get(cursor,
933 ret = cursor->c_del(cursor, 0);
936 if (ret != 0 && ret != DB_NOTFOUND) {
937 logthing(LOGTHING_ERROR,
938 "Problem deleting short keyid: %s "
939 "(0x%016" PRIX64 ")",
942 if (ret == DB_LOCK_DEADLOCK) {
947 /* 64 bit key mapping to fingerprint */
948 memset(&key, 0, sizeof(key));
949 memset(&data, 0, sizeof(data));
951 key.size = sizeof(keyid);
952 data.data = fingerprint.fp;
953 data.size = fingerprint.length;
955 ret = cursor64->c_get(cursor64,
961 ret = cursor64->c_del(cursor64, 0);
964 if (ret != 0 && ret != DB_NOTFOUND) {
965 logthing(LOGTHING_ERROR,
966 "Problem deleting keyid: %s "
967 "(0x%016" PRIX64 ")",
970 if (ret == DB_LOCK_DEADLOCK) {
975 subkeyids = keysubkeys(publickey);
977 while (subkeyids != NULL && subkeyids[i].length != 0) {
978 subkeyid = fingerprint2keyid(&subkeyids[i]);
979 memset(&key, 0, sizeof(key));
980 key.data = subkeyids[i].fp;
981 key.size = subkeyids[i].length;
982 privctx->subkeydb->del(privctx->subkeydb,
983 privctx->txn, &key, 0);
984 if (ret != 0 && ret != DB_NOTFOUND) {
985 logthing(LOGTHING_ERROR,
986 "Problem deleting subkey id: %s "
987 "(0x%016" PRIX64 ")",
990 if (ret == DB_LOCK_DEADLOCK) {
995 shortkeyid = subkeyid & 0xFFFFFFFF;
997 /* Remove 32 bit keyid -> 64 bit keyid mapping */
998 memset(&key, 0, sizeof(key));
999 memset(&data, 0, sizeof(data));
1000 key.data = &shortkeyid;
1001 key.size = sizeof(shortkeyid);
1003 data.size = sizeof(keyid);
1005 ret = cursor->c_get(cursor,
1011 cursor->c_del(cursor, 0);
1014 /* Remove 32 bit keyid -> fingerprint mapping */
1015 memset(&key, 0, sizeof(key));
1016 memset(&data, 0, sizeof(data));
1017 key.data = &shortkeyid;
1018 key.size = sizeof(shortkeyid);
1019 data.data = fingerprint.fp;
1020 data.size = fingerprint.length;
1022 ret = cursor->c_get(cursor,
1028 ret = cursor->c_del(cursor, 0);
1031 if (ret != 0 && ret != DB_NOTFOUND) {
1032 logthing(LOGTHING_ERROR,
1033 "Problem deleting short keyid: %s "
1034 "(0x%016" PRIX64 ")",
1037 if (ret == DB_LOCK_DEADLOCK) {
1042 /* Remove 64 bit keyid -> fingerprint mapping */
1043 memset(&key, 0, sizeof(key));
1044 memset(&data, 0, sizeof(data));
1045 key.data = &subkeyid;
1046 key.size = sizeof(subkeyid);
1047 data.data = fingerprint.fp;
1048 data.size = fingerprint.length;
1050 ret = cursor64->c_get(cursor64,
1056 ret = cursor64->c_del(cursor64, 0);
1059 if (ret != 0 && ret != DB_NOTFOUND) {
1060 logthing(LOGTHING_ERROR,
1061 "Problem deleting keyid: %s "
1062 "(0x%016" PRIX64 ")",
1065 if (ret == DB_LOCK_DEADLOCK) {
1071 if (subkeyids != NULL) {
1075 cursor64->c_close(cursor64);
1077 cursor->c_close(cursor);
1082 ret = privctx->skshashdb->cursor(privctx->skshashdb,
1087 get_skshash(publickey, &hash);
1089 /* First delete old style keyid mapping */
1090 memset(&key, 0, sizeof(key));
1091 memset(&data, 0, sizeof(data));
1092 key.data = hash.hash;
1093 key.size = sizeof(hash.hash);
1095 data.size = sizeof(keyid);
1097 ret = cursor->c_get(cursor,
1103 cursor->c_del(cursor, 0);
1106 /* Then delete new style fingerprint mapping */
1107 memset(&key, 0, sizeof(key));
1108 memset(&data, 0, sizeof(data));
1109 key.data = hash.hash;
1110 key.size = sizeof(hash.hash);
1111 data.data = fingerprint.fp;
1112 data.size = fingerprint.length;
1114 ret = cursor->c_get(cursor,
1120 ret = cursor->c_del(cursor, 0);
1123 if (ret != 0 && ret != DB_NOTFOUND) {
1124 logthing(LOGTHING_ERROR,
1125 "Problem deleting skshash: %s "
1126 "(0x%016" PRIX64 ")",
1129 if (ret == DB_LOCK_DEADLOCK) {
1134 cursor->c_close(cursor);
1138 free_publickey(publickey);
1142 key.data = fingerprint.fp;
1143 key.size = fingerprint.length;
1145 keydb_fp(privctx, &fingerprint)->del(keydb_fp(privctx,
1151 /* Delete old style 64 bit keyid */
1153 key.size = sizeof(keyid);
1155 keydb_id(privctx, keyid)->del(keydb_id(privctx, keyid),
1162 db4_endtrans(dbctx);
1165 return deadlock ? (-1) : (ret == DB_NOTFOUND);
1169 * store_key - Takes a key and stores it.
1170 * @publickey: A pointer to the public key to store.
1171 * @intrans: If we're already in a transaction.
1172 * @update: If true the key exists and should be updated.
1174 * Again we just use the hex representation of the keyid as the filename
1175 * to store the key to. We flatten the public key to a list of OpenPGP
1176 * packets and then use write_openpgp_stream() to write the stream out to
1177 * the file. If update is true then we delete the old key first, otherwise
1178 * we trust that it doesn't exist.
1180 static int db4_store_key(struct onak_dbctx *dbctx,
1181 struct openpgp_publickey *publickey, bool intrans,
1184 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1185 struct openpgp_packet_list *packets = NULL;
1186 struct openpgp_packet_list *list_end = NULL;
1187 struct openpgp_publickey *next = NULL;
1190 struct buffer_ctx storebuf;
1194 uint32_t shortkeyid = 0;
1195 struct openpgp_fingerprint *subkeyids = NULL;
1197 char *primary = NULL;
1198 struct ll *wordlist = NULL;
1199 struct ll *curword = NULL;
1200 bool deadlock = false;
1201 struct skshash hash;
1202 struct openpgp_fingerprint fingerprint;
1204 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
1205 logthing(LOGTHING_ERROR, "Couldn't find key ID for key.");
1209 if (get_fingerprint(publickey->publickey, &fingerprint) != ONAK_E_OK) {
1210 logthing(LOGTHING_ERROR, "Couldn't find fingerprint for key.");
1215 db4_starttrans(dbctx);
1219 * Delete the key if we already have it.
1221 * TODO: Can we optimize this perhaps? Possibly when other data is
1222 * involved as well? I suspect this is easiest and doesn't make a lot
1223 * of difference though - the largest chunk of data is the keydata and
1224 * it definitely needs updated.
1227 deadlock = (db4_delete_key(dbctx, keyid, true) == -1);
1231 * Convert the key to a flat set of binary data.
1234 next = publickey->next;
1235 publickey->next = NULL;
1236 flatten_publickey(publickey, &packets, &list_end);
1237 publickey->next = next;
1239 storebuf.offset = 0;
1240 storebuf.size = 8192;
1241 storebuf.buffer = malloc(8192);
1243 write_openpgp_stream(buffer_putchar, &storebuf, packets);
1246 * Now we have the key data store it in the DB; the keyid is
1249 memset(&key, 0, sizeof(key));
1250 memset(&data, 0, sizeof(data));
1251 key.data = fingerprint.fp;
1252 key.size = fingerprint.length;
1253 data.size = storebuf.offset;
1254 data.data = storebuf.buffer;
1256 ret = keydb_fp(privctx, &fingerprint)->put(
1257 keydb_fp(privctx, &fingerprint),
1263 logthing(LOGTHING_ERROR,
1264 "Problem storing key: %s",
1266 if (ret == DB_LOCK_DEADLOCK) {
1271 free(storebuf.buffer);
1272 storebuf.buffer = NULL;
1274 storebuf.offset = 0;
1276 free_packet_list(packets);
1281 * Walk through our uids storing the words into the db with the keyid.
1284 uids = keyuids(publickey, &primary);
1287 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
1288 wordlist = makewordlist(wordlist, uids[i]);
1291 for (curword = wordlist; curword != NULL && !deadlock;
1292 curword = curword->next) {
1293 memset(&key, 0, sizeof(key));
1294 memset(&data, 0, sizeof(data));
1295 key.data = curword->object;
1296 key.size = strlen(key.data);
1297 data.data = fingerprint.fp;
1298 data.size = fingerprint.length;
1300 ret = privctx->worddb->put(privctx->worddb,
1306 logthing(LOGTHING_ERROR,
1307 "Problem storing word: %s",
1309 if (ret == DB_LOCK_DEADLOCK) {
1316 * Free our UID and word lists.
1318 llfree(wordlist, NULL);
1319 for (i = 0; uids[i] != NULL; i++) {
1328 * Write the truncated 32 bit keyid so we can lookup the fingerprint
1332 shortkeyid = keyid & 0xFFFFFFFF;
1334 memset(&key, 0, sizeof(key));
1335 memset(&data, 0, sizeof(data));
1336 key.data = &shortkeyid;
1337 key.size = sizeof(shortkeyid);
1338 data.data = fingerprint.fp;
1339 data.size = fingerprint.length;
1341 ret = privctx->id32db->put(privctx->id32db,
1347 logthing(LOGTHING_ERROR,
1348 "Problem storing short keyid: %s",
1350 if (ret == DB_LOCK_DEADLOCK) {
1357 * Write the 64 bit keyid so we can lookup the fingerprint for
1361 memset(&key, 0, sizeof(key));
1362 memset(&data, 0, sizeof(data));
1364 key.size = sizeof(keyid);
1365 data.data = fingerprint.fp;
1366 data.size = fingerprint.length;
1368 ret = privctx->id64db->put(privctx->id64db,
1374 logthing(LOGTHING_ERROR,
1375 "Problem storing keyid: %s",
1377 if (ret == DB_LOCK_DEADLOCK) {
1384 subkeyids = keysubkeys(publickey);
1386 while (subkeyids != NULL && subkeyids[i].length != 0) {
1387 /* Store the subkey ID -> main key fp mapping */
1388 memset(&key, 0, sizeof(key));
1389 memset(&data, 0, sizeof(data));
1390 key.data = subkeyids[i].fp;
1391 key.size = subkeyids[i].length;
1392 data.data = fingerprint.fp;
1393 data.size = fingerprint.length;
1395 ret = privctx->subkeydb->put(privctx->subkeydb,
1401 logthing(LOGTHING_ERROR,
1402 "Problem storing subkey keyid: %s",
1404 if (ret == DB_LOCK_DEADLOCK) {
1409 /* Store the 64 bit subkey ID -> main key fp mapping */
1410 memset(&key, 0, sizeof(key));
1411 memset(&data, 0, sizeof(data));
1413 keyid = fingerprint2keyid(&subkeyids[i]);
1415 key.size = sizeof(keyid);
1416 data.data = fingerprint.fp;
1417 data.size = fingerprint.length;
1419 ret = privctx->id64db->put(privctx->id64db,
1425 logthing(LOGTHING_ERROR,
1426 "Problem storing keyid: %s",
1428 if (ret == DB_LOCK_DEADLOCK) {
1433 /* Store the short subkey ID -> main key fp mapping */
1434 shortkeyid = keyid & 0xFFFFFFFF;
1436 memset(&key, 0, sizeof(key));
1437 memset(&data, 0, sizeof(data));
1438 key.data = &shortkeyid;
1439 key.size = sizeof(shortkeyid);
1440 data.data = fingerprint.fp;
1441 data.size = fingerprint.length;
1443 ret = privctx->id32db->put(privctx->id32db,
1449 logthing(LOGTHING_ERROR,
1450 "Problem storing short keyid: %s",
1452 if (ret == DB_LOCK_DEADLOCK) {
1458 if (subkeyids != NULL) {
1465 get_skshash(publickey, &hash);
1466 memset(&key, 0, sizeof(key));
1467 memset(&data, 0, sizeof(data));
1468 key.data = hash.hash;
1469 key.size = sizeof(hash.hash);
1470 data.data = fingerprint.fp;
1471 data.size = fingerprint.length;
1473 ret = privctx->skshashdb->put(privctx->skshashdb,
1479 logthing(LOGTHING_ERROR,
1480 "Problem storing SKS hash: %s",
1482 if (ret == DB_LOCK_DEADLOCK) {
1489 db4_endtrans(dbctx);
1492 return deadlock ? -1 : 0 ;
1496 * iterate_keys - call a function once for each key in the db.
1497 * @iterfunc: The function to call.
1498 * @ctx: A context pointer
1500 * Calls iterfunc once for each key in the database. ctx is passed
1501 * unaltered to iterfunc. This function is intended to aid database dumps
1502 * and statistic calculations.
1504 * Returns the number of keys we iterated over.
1506 static int db4_iterate_keys(struct onak_dbctx *dbctx,
1507 void (*iterfunc)(void *ctx, struct openpgp_publickey *key),
1510 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1516 struct buffer_ctx fetchbuf;
1517 struct openpgp_packet_list *packets = NULL;
1518 struct openpgp_publickey *key = NULL;
1520 for (i = 0; i < privctx->numdbs; i++) {
1521 ret = privctx->dbconns[i]->cursor(privctx->dbconns[i],
1530 memset(&dbkey, 0, sizeof(dbkey));
1531 memset(&data, 0, sizeof(data));
1532 ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
1534 fetchbuf.buffer = data.data;
1535 fetchbuf.offset = 0;
1536 fetchbuf.size = data.size;
1537 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
1539 parse_keys(packets, &key);
1543 free_publickey(key);
1545 free_packet_list(packets);
1548 memset(&dbkey, 0, sizeof(dbkey));
1549 memset(&data, 0, sizeof(data));
1550 ret = cursor->c_get(cursor, &dbkey, &data,
1554 if (ret != DB_NOTFOUND) {
1555 logthing(LOGTHING_ERROR,
1556 "Problem reading key: %s",
1560 cursor->c_close(cursor);
1568 * Include the basic keydb routines.
1570 #define NEED_GETKEYSIGS 1
1571 #define NEED_KEYID2UID 1
1572 #define NEED_UPDATEKEYS 1
1576 * cleanupdb - De-initialize the key database.
1578 * This function should be called upon program exit to allow the DB to
1579 * cleanup after itself.
1581 static void db4_cleanupdb(struct onak_dbctx *dbctx)
1583 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1586 if (privctx->dbenv != NULL) {
1587 privctx->dbenv->txn_checkpoint(privctx->dbenv, 0, 0, 0);
1588 if (privctx->subkeydb != NULL) {
1589 privctx->subkeydb->close(privctx->subkeydb, 0);
1590 privctx->subkeydb = NULL;
1592 if (privctx->skshashdb != NULL) {
1593 privctx->skshashdb->close(privctx->skshashdb, 0);
1594 privctx->skshashdb = NULL;
1596 if (privctx->id64db != NULL) {
1597 privctx->id64db->close(privctx->id64db, 0);
1598 privctx->id64db = NULL;
1600 if (privctx->id32db != NULL) {
1601 privctx->id32db->close(privctx->id32db, 0);
1602 privctx->id32db = NULL;
1604 if (privctx->worddb != NULL) {
1605 privctx->worddb->close(privctx->worddb, 0);
1606 privctx->worddb = NULL;
1608 for (i = 0; i < privctx->numdbs; i++) {
1609 if (privctx->dbconns[i] != NULL) {
1610 privctx->dbconns[i]->close(privctx->dbconns[i],
1612 privctx->dbconns[i] = NULL;
1615 free(privctx->dbconns);
1616 privctx->dbconns = NULL;
1617 privctx->dbenv->close(privctx->dbenv, 0);
1618 privctx->dbenv = NULL;
1627 * initdb - Initialize the key database.
1629 * This function should be called before any of the other functions in
1630 * this file are called in order to allow the DB to be initialized ready
1633 struct onak_dbctx *keydb_db4_init(struct onak_db_config *dbcfg, bool readonly)
1640 struct stat statbuf;
1642 struct onak_dbctx *dbctx;
1643 struct onak_db4_dbctx *privctx;
1645 dbctx = malloc(sizeof(*dbctx));
1646 if (dbctx == NULL) {
1649 dbctx->config = dbcfg;
1650 dbctx->priv = privctx = calloc(1, sizeof(*privctx));
1651 if (privctx == NULL) {
1656 /* Default to 16 key data DBs */
1657 privctx->numdbs = 16;
1659 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbcfg->location,
1661 ret = stat(buf, &statbuf);
1662 while ((ret == 0) || (errno != ENOENT)) {
1664 logthing(LOGTHING_CRITICAL, "Couldn't stat upgrade "
1665 "lock file: %s (%d)", strerror(errno), ret);
1668 logthing(LOGTHING_DEBUG, "DB4 upgrade in progress; waiting.");
1670 ret = stat(buf, &statbuf);
1674 snprintf(buf, sizeof(buf) - 1, "%s/num_keydb", dbcfg->location);
1675 numdb = fopen(buf, "r");
1676 if (numdb != NULL) {
1677 if (fgets(buf, sizeof(buf), numdb) != NULL) {
1678 privctx->numdbs = atoi(buf);
1681 } else if (!readonly) {
1682 logthing(LOGTHING_ERROR, "Couldn't open num_keydb: %s",
1684 numdb = fopen(buf, "w");
1685 if (numdb != NULL) {
1686 fprintf(numdb, "%d", privctx->numdbs);
1689 logthing(LOGTHING_ERROR,
1690 "Couldn't write num_keydb: %s",
1695 privctx->dbconns = calloc(privctx->numdbs, sizeof (DB *));
1696 if (privctx->dbconns == NULL) {
1697 logthing(LOGTHING_CRITICAL,
1698 "Couldn't allocate memory for dbconns");
1703 ret = db_env_create(&privctx->dbenv, 0);
1705 logthing(LOGTHING_CRITICAL,
1706 "db_env_create: %s", db_strerror(ret));
1711 * Up the number of locks we're allowed at once. We base this on
1712 * the maximum number of keys we're going to return.
1715 maxlocks = config.maxkeys * 16;
1716 if (maxlocks < 1000) {
1719 privctx->dbenv->set_lk_max_locks(privctx->dbenv, maxlocks);
1720 privctx->dbenv->set_lk_max_objects(privctx->dbenv, maxlocks);
1724 * Enable deadlock detection so that we don't block indefinitely on
1725 * anything. What we really want is simple 2 state locks, but I'm not
1726 * sure how to make the standard DB functions do that yet.
1729 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
1730 ret = privctx->dbenv->set_lk_detect(privctx->dbenv, DB_LOCK_DEFAULT);
1732 logthing(LOGTHING_CRITICAL,
1733 "db_env_create: %s", db_strerror(ret));
1738 ret = privctx->dbenv->open(privctx->dbenv, dbcfg->location,
1739 DB_INIT_LOG | DB_INIT_MPOOL | DB_INIT_LOCK |
1743 #ifdef DB_VERSION_MISMATCH
1744 if (ret == DB_VERSION_MISMATCH) {
1745 privctx->dbenv->close(privctx->dbenv, 0);
1746 privctx->dbenv = NULL;
1747 ret = db4_upgradedb(dbctx);
1749 ret = db_env_create(&privctx->dbenv, 0);
1752 privctx->dbenv->set_errcall(privctx->dbenv,
1754 privctx->dbenv->set_lk_detect(privctx->dbenv,
1756 ret = privctx->dbenv->open(privctx->dbenv,
1758 DB_INIT_LOG | DB_INIT_MPOOL |
1759 DB_INIT_LOCK | DB_INIT_TXN |
1760 DB_CREATE | DB_RECOVER,
1764 privctx->dbenv->txn_checkpoint(
1774 logthing(LOGTHING_CRITICAL,
1775 "Error opening db environment: %s (%s)",
1778 if (privctx->dbenv != NULL) {
1779 privctx->dbenv->close(privctx->dbenv, 0);
1780 privctx->dbenv = NULL;
1786 db4_starttrans(dbctx);
1788 for (i = 0; !ret && i < privctx->numdbs; i++) {
1789 ret = db_create(&privctx->dbconns[i],
1792 logthing(LOGTHING_CRITICAL,
1793 "db_create: %s", db_strerror(ret));
1797 snprintf(buf, 1023, "keydb.%d.db", i);
1802 ret = privctx->dbconns[i]->open(
1803 privctx->dbconns[i],
1811 logthing(LOGTHING_CRITICAL,
1812 "Error opening key database:"
1822 ret = db_create(&privctx->worddb, privctx->dbenv, 0);
1824 logthing(LOGTHING_CRITICAL, "db_create: %s",
1830 ret = privctx->worddb->set_flags(privctx->worddb, DB_DUP);
1834 ret = privctx->worddb->open(privctx->worddb, privctx->txn,
1835 "worddb", "worddb", DB_BTREE,
1839 logthing(LOGTHING_CRITICAL,
1840 "Error opening word database: %s (%s)",
1847 ret = db_create(&privctx->id32db, privctx->dbenv, 0);
1849 logthing(LOGTHING_CRITICAL, "db_create: %s",
1855 ret = privctx->id32db->set_flags(privctx->id32db, DB_DUP);
1859 ret = privctx->id32db->open(privctx->id32db, privctx->txn,
1860 "id32db", "id32db", DB_HASH,
1864 logthing(LOGTHING_CRITICAL,
1865 "Error opening id32 database: %s (%s)",
1872 ret = db_create(&privctx->id64db, privctx->dbenv, 0);
1874 logthing(LOGTHING_CRITICAL, "db_create: %s",
1880 ret = privctx->id64db->set_flags(privctx->id64db, DB_DUP);
1884 ret = privctx->id64db->open(privctx->id64db, privctx->txn,
1885 "id64db", "id64db", DB_HASH,
1889 logthing(LOGTHING_CRITICAL,
1890 "Error opening id64 database: %s (%s)",
1897 ret = db_create(&privctx->skshashdb, privctx->dbenv, 0);
1899 logthing(LOGTHING_CRITICAL, "db_create: %s",
1905 ret = privctx->skshashdb->open(privctx->skshashdb, privctx->txn,
1907 "skshashdb", DB_HASH,
1911 logthing(LOGTHING_CRITICAL,
1912 "Error opening skshash database: %s (%s)",
1919 ret = db_create(&privctx->subkeydb, privctx->dbenv, 0);
1921 logthing(LOGTHING_CRITICAL, "db_create: %s",
1927 ret = privctx->subkeydb->open(privctx->subkeydb, privctx->txn,
1928 "subkeydb", "subkeydb",
1933 logthing(LOGTHING_CRITICAL,
1934 "Error opening subkey database: %s (%s)",
1940 if (privctx->txn != NULL) {
1941 db4_endtrans(dbctx);
1945 db4_cleanupdb(dbctx);
1946 logthing(LOGTHING_CRITICAL,
1947 "Error opening database; exiting");
1951 dbctx->cleanupdb = db4_cleanupdb;
1952 dbctx->starttrans = db4_starttrans;
1953 dbctx->endtrans = db4_endtrans;
1954 dbctx->fetch_key_id = db4_fetch_key_id;
1955 dbctx->fetch_key_fp = db4_fetch_key_fp;
1956 dbctx->fetch_key_text = db4_fetch_key_text;
1957 dbctx->fetch_key_skshash = db4_fetch_key_skshash;
1958 dbctx->store_key = db4_store_key;
1959 dbctx->update_keys = generic_update_keys;
1960 dbctx->delete_key = db4_delete_key;
1961 dbctx->getkeysigs = generic_getkeysigs;
1962 dbctx->cached_getkeysigs = generic_cached_getkeysigs;
1963 dbctx->keyid2uid = generic_keyid2uid;
1964 dbctx->getfullkeyid = db4_getfullkeyid;
1965 dbctx->iterate_keys = db4_iterate_keys;