2 * keydb_keyd.c - Routines to talk to keyd backend.
4 * Copyright 2002-2004,2011 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
25 #include <sys/socket.h>
26 #include <sys/types.h>
30 #include "charfuncs.h"
34 #include "keystructs.h"
37 #include "onak-conf.h"
41 * starttrans - Start a transaction.
43 * Start a transaction. Intended to be used if we're about to perform many
44 * operations on the database to help speed it all up, or if we want
45 * something to only succeed if all relevant operations are successful.
47 static bool keyd_starttrans(struct onak_dbctx *dbctx)
53 * endtrans - End a transaction.
57 static void keyd_endtrans(struct onak_dbctx *dbctx)
62 static bool keyd_send_cmd(int fd, enum keyd_ops _cmd)
67 bytes = write(fd, &cmd, sizeof(cmd));
68 if (bytes != sizeof(cmd)) {
72 bytes = read(fd, &cmd, sizeof(cmd));
73 if (bytes != sizeof(cmd)) {
77 if (cmd != KEYD_REPLY_OK) {
85 * fetch_key - Given a keyid fetch the key from storage.
86 * @keyid: The keyid to fetch.
87 * @publickey: A pointer to a structure to return the key in.
88 * @intrans: If we're already in a transaction.
90 * This function returns a public key from whatever storage mechanism we
93 * TODO: What about keyid collisions? Should we use fingerprint instead?
95 static int keyd_fetch_key_id(struct onak_dbctx *dbctx,
97 struct openpgp_publickey **publickey,
100 int keyd_fd = (intptr_t) dbctx->priv;
101 struct buffer_ctx keybuf;
102 struct openpgp_packet_list *packets = NULL;
106 if (keyd_send_cmd(keyd_fd, KEYD_CMD_GET_ID)) {
107 write(keyd_fd, &keyid, sizeof(keyid));
109 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
110 if (keybuf.size > 0) {
111 keybuf.buffer = malloc(keybuf.size);
113 logthing(LOGTHING_TRACE,
114 "Getting %d bytes of key data.",
116 while (bytes >= 0 && count < keybuf.size) {
117 bytes = read(keyd_fd, &keybuf.buffer[count],
118 keybuf.size - count);
119 logthing(LOGTHING_TRACE,
120 "Read %d bytes.", bytes);
123 read_openpgp_stream(buffer_fetchchar, &keybuf,
125 parse_keys(packets, publickey);
126 free_packet_list(packets);
129 keybuf.buffer = NULL;
134 return (count > 0) ? 1 : 0;
137 static int keyd_fetch_key_fp(struct onak_dbctx *dbctx,
138 struct openpgp_fingerprint *fingerprint,
139 struct openpgp_publickey **publickey,
142 int keyd_fd = (intptr_t) dbctx->priv;
143 struct buffer_ctx keybuf;
144 struct openpgp_packet_list *packets = NULL;
149 if (fingerprint->length > MAX_FINGERPRINT_LEN) {
153 if (keyd_send_cmd(keyd_fd, KEYD_CMD_GET_FP)) {
154 size = fingerprint->length;
155 write(keyd_fd, &size, sizeof(size));
156 write(keyd_fd, fingerprint->fp, size);
158 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
159 if (keybuf.size > 0) {
160 keybuf.buffer = malloc(keybuf.size);
162 logthing(LOGTHING_TRACE,
163 "Getting %d bytes of key data.",
165 while (bytes >= 0 && count < keybuf.size) {
166 bytes = read(keyd_fd, &keybuf.buffer[count],
167 keybuf.size - count);
168 logthing(LOGTHING_TRACE,
169 "Read %d bytes.", bytes);
172 read_openpgp_stream(buffer_fetchchar, &keybuf,
174 parse_keys(packets, publickey);
175 free_packet_list(packets);
178 keybuf.buffer = NULL;
183 return (count > 0) ? 1 : 0;
187 * delete_key - Given a keyid delete the key from storage.
188 * @keyid: The keyid to delete.
189 * @intrans: If we're already in a transaction.
191 * This function deletes a public key from whatever storage mechanism we
192 * are using. Returns 0 if the key existed.
194 static int keyd_delete_key(struct onak_dbctx *dbctx,
195 uint64_t keyid, bool intrans)
197 int keyd_fd = (intptr_t) dbctx->priv;
199 if (keyd_send_cmd(keyd_fd, KEYD_CMD_DELETE)) {
200 write(keyd_fd, &keyid, sizeof(keyid));
207 * store_key - Takes a key and stores it.
208 * @publickey: A pointer to the public key to store.
209 * @intrans: If we're already in a transaction.
210 * @update: If true the key exists and should be updated.
212 * This function stores a public key in whatever storage mechanism we are
213 * using. intrans indicates if we're already in a transaction so don't
214 * need to start one. update indicates if the key already exists and is
215 * just being updated.
217 * TODO: Do we store multiple keys of the same id? Or only one and replace
220 static int keyd_store_key(struct onak_dbctx *dbctx,
221 struct openpgp_publickey *publickey, bool intrans,
224 int keyd_fd = (intptr_t) dbctx->priv;
225 struct buffer_ctx keybuf;
226 struct openpgp_packet_list *packets = NULL;
227 struct openpgp_packet_list *list_end = NULL;
228 struct openpgp_publickey *next = NULL;
230 enum keyd_ops cmd = KEYD_CMD_STORE;
232 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
233 logthing(LOGTHING_ERROR, "Couldn't find key ID for key.");
238 cmd = KEYD_CMD_UPDATE;
241 if (keyd_send_cmd(keyd_fd, cmd)) {
244 keybuf.buffer = malloc(keybuf.size);
246 next = publickey->next;
247 publickey->next = NULL;
248 flatten_publickey(publickey,
251 publickey->next = next;
253 write_openpgp_stream(buffer_putchar, &keybuf, packets);
254 logthing(LOGTHING_TRACE, "Sending %d bytes.", keybuf.offset);
255 write(keyd_fd, &keybuf.offset, sizeof(keybuf.offset));
256 write(keyd_fd, keybuf.buffer, keybuf.offset);
258 free_packet_list(packets);
259 packets = list_end = NULL;
261 keybuf.buffer = NULL;
262 keybuf.size = keybuf.offset = 0;
269 * fetch_key_text - Trys to find the keys that contain the supplied text.
270 * @search: The text to search for.
271 * @publickey: A pointer to a structure to return the key in.
273 * This function searches for the supplied text and returns the keys that
276 static int keyd_fetch_key_text(struct onak_dbctx *dbctx,
278 struct openpgp_publickey **publickey)
280 int keyd_fd = (intptr_t) dbctx->priv;
281 struct buffer_ctx keybuf;
282 struct openpgp_packet_list *packets = NULL;
286 if (keyd_send_cmd(keyd_fd, KEYD_CMD_GET_TEXT)) {
287 bytes = strlen(search);
288 write(keyd_fd, &bytes, sizeof(bytes));
289 write(keyd_fd, search, bytes);
291 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
292 if (keybuf.size > 0) {
293 keybuf.buffer = malloc(keybuf.size);
295 logthing(LOGTHING_TRACE,
296 "Getting %d bytes of key data.",
298 while (bytes >= 0 && count < keybuf.size) {
299 bytes = read(keyd_fd, &keybuf.buffer[count],
300 keybuf.size - count);
301 logthing(LOGTHING_TRACE,
302 "Read %d bytes.", bytes);
305 read_openpgp_stream(buffer_fetchchar, &keybuf,
307 parse_keys(packets, publickey);
308 free_packet_list(packets);
311 keybuf.buffer = NULL;
316 return (count > 0) ? 1 : 0;
321 static int keyd_fetch_key_skshash(struct onak_dbctx *dbctx,
322 const struct skshash *hash,
323 struct openpgp_publickey **publickey)
325 int keyd_fd = (intptr_t) dbctx->priv;
326 struct buffer_ctx keybuf;
327 struct openpgp_packet_list *packets = NULL;
331 if (keyd_send_cmd(keyd_fd, KEYD_CMD_GET_SKSHASH)) {
332 write(keyd_fd, hash->hash, sizeof(hash->hash));
334 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
335 if (keybuf.size > 0) {
336 keybuf.buffer = malloc(keybuf.size);
338 logthing(LOGTHING_TRACE,
339 "Getting %d bytes of key data.",
341 while (bytes >= 0 && count < keybuf.size) {
342 bytes = read(keyd_fd, &keybuf.buffer[count],
343 keybuf.size - count);
344 logthing(LOGTHING_TRACE,
345 "Read %d bytes.", bytes);
348 read_openpgp_stream(buffer_fetchchar, &keybuf,
350 parse_keys(packets, publickey);
351 free_packet_list(packets);
354 keybuf.buffer = NULL;
359 return (count > 0) ? 1 : 0;
364 * getfullkeyid - Maps a 32bit key id to a 64bit one.
365 * @keyid: The 32bit keyid.
367 * This function maps a 32bit key id to the full 64bit one. It returns the
368 * full keyid. If the key isn't found a keyid of 0 is returned.
370 static uint64_t keyd_getfullkeyid(struct onak_dbctx *dbctx, uint64_t keyid)
372 int keyd_fd = (intptr_t) dbctx->priv;
373 uint32_t cmd = KEYD_CMD_GETFULLKEYID;
375 if (keyd_send_cmd(keyd_fd, KEYD_CMD_GETFULLKEYID)) {
376 write(keyd_fd, &keyid, sizeof(keyid));
377 read(keyd_fd, &cmd, sizeof(cmd));
378 if (cmd != sizeof(keyid)) {
381 read(keyd_fd, &keyid, sizeof(keyid));
388 * iterate_keys - call a function once for each key in the db.
389 * @iterfunc: The function to call.
390 * @ctx: A context pointer
392 * Calls iterfunc once for each key in the database. ctx is passed
393 * unaltered to iterfunc. This function is intended to aid database dumps
394 * and statistic calculations.
396 * Returns the number of keys we iterated over.
398 static int keyd_iterate_keys(struct onak_dbctx *dbctx,
399 void (*iterfunc)(void *ctx,
400 struct openpgp_publickey *key), void *ctx)
402 int keyd_fd = (intptr_t) dbctx->priv;
403 struct buffer_ctx keybuf;
404 struct openpgp_packet_list *packets = NULL;
405 struct openpgp_publickey *key = NULL;
410 if (keyd_send_cmd(keyd_fd, KEYD_CMD_KEYITER)) {
412 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
413 while (keybuf.size > 0) {
414 keybuf.buffer = malloc(keybuf.size);
416 logthing(LOGTHING_TRACE,
417 "Getting %d bytes of key data.",
419 while (bytes >= 0 && count < keybuf.size) {
420 bytes = read(keyd_fd, &keybuf.buffer[count],
421 keybuf.size - count);
422 logthing(LOGTHING_TRACE,
423 "Read %d bytes.", bytes);
426 read_openpgp_stream(buffer_fetchchar, &keybuf,
428 parse_keys(packets, &key);
430 if (iterfunc != NULL && key != NULL) {
436 free_packet_list(packets);
439 keybuf.buffer = NULL;
440 keybuf.size = keybuf.offset = 0;
444 read(keyd_fd, &keybuf.size, sizeof(keybuf.size));
451 #define NEED_KEYID2UID 1
452 #define NEED_GETKEYSIGS 1
453 #define NEED_UPDATEKEYS 1
457 * cleanupdb - De-initialize the key database.
459 * This function should be called upon program exit to allow the DB to
460 * cleanup after itself.
462 static void keyd_cleanupdb(struct onak_dbctx *dbctx)
464 int keyd_fd = (intptr_t) dbctx->priv;
465 uint32_t cmd = KEYD_CMD_CLOSE;
467 if (write(keyd_fd, &cmd, sizeof(cmd)) != sizeof(cmd)) {
468 logthing(LOGTHING_CRITICAL,
469 "Couldn't send close cmd: %s (%d)",
474 if (read(keyd_fd, &cmd, sizeof(cmd)) != sizeof(cmd)) {
475 logthing(LOGTHING_CRITICAL,
476 "Couldn't read close cmd reply: %s (%d)",
479 } else if (cmd != KEYD_REPLY_OK) {
480 logthing(LOGTHING_CRITICAL,
481 "Got bad reply to KEYD_CMD_CLOSE: %d", cmd);
484 if (shutdown(keyd_fd, SHUT_RDWR) < 0) {
485 logthing(LOGTHING_NOTICE, "Error shutting down socket: %d",
488 if (close(keyd_fd) < 0) {
489 logthing(LOGTHING_NOTICE, "Error closing down socket: %d",
499 * initdb - Initialize the key database.
500 * @readonly: If we'll only be reading the DB, not writing to it.
502 * This function should be called before any of the other functions in
503 * this file are called in order to allow the DB to be initialized ready
506 struct onak_dbctx *keydb_keyd_init(struct onak_db_config *dbcfg, bool readonly)
508 struct sockaddr_un sock;
509 uint32_t cmd = KEYD_CMD_UNKNOWN;
510 uint32_t reply = KEYD_REPLY_UNKNOWN_CMD;
513 struct onak_dbctx *dbctx;
515 dbctx = malloc(sizeof(*dbctx));
519 dbctx->config = dbcfg;
521 keyd_fd = socket(PF_UNIX, SOCK_STREAM, 0);
523 logthing(LOGTHING_CRITICAL,
524 "Couldn't open socket: %s (%d)",
530 sock.sun_family = AF_UNIX;
531 snprintf(sock.sun_path, sizeof(sock.sun_path) - 1, "%s/%s",
534 if (connect(keyd_fd, (struct sockaddr *) &sock, sizeof(sock)) < 0) {
535 logthing(LOGTHING_CRITICAL,
536 "Couldn't connect to socket %s: %s (%d)",
543 cmd = KEYD_CMD_VERSION;
544 if (write(keyd_fd, &cmd, sizeof(cmd)) != sizeof(cmd)) {
545 logthing(LOGTHING_CRITICAL,
546 "Couldn't write version cmd: %s (%d)",
550 count = read(keyd_fd, &reply, sizeof(reply));
551 if (count == sizeof(reply) && reply == KEYD_REPLY_OK) {
552 count = read(keyd_fd, &reply, sizeof(reply));
553 if (count != sizeof(reply) || reply != sizeof(reply)) {
554 logthing(LOGTHING_CRITICAL,
555 "Error! Unexpected keyd version "
557 reply, sizeof(reply));
561 count = read(keyd_fd, &reply, sizeof(reply));
562 if (count != sizeof(reply)) {
563 logthing(LOGTHING_CRITICAL,
564 "Error! Unexpected keyd version "
566 count, sizeof(reply));
569 logthing(LOGTHING_DEBUG,
570 "keyd protocol version %d",
572 if (reply != keyd_version) {
573 logthing(LOGTHING_CRITICAL,
574 "Error! keyd protocol version "
575 "mismatch. (us = %d, it = %d)",
576 keyd_version, reply);
581 dbctx->priv = (void *) (intptr_t) keyd_fd;
582 dbctx->cleanupdb = keyd_cleanupdb;
583 dbctx->starttrans = keyd_starttrans;
584 dbctx->endtrans = keyd_endtrans;
585 dbctx->fetch_key_id = keyd_fetch_key_id;
586 dbctx->fetch_key_fp = keyd_fetch_key_fp;
587 dbctx->fetch_key_text = keyd_fetch_key_text;
588 dbctx->fetch_key_skshash = keyd_fetch_key_skshash;
589 dbctx->store_key = keyd_store_key;
590 dbctx->update_keys = generic_update_keys;
591 dbctx->delete_key = keyd_delete_key;
592 dbctx->getkeysigs = generic_getkeysigs;
593 dbctx->cached_getkeysigs = generic_cached_getkeysigs;
594 dbctx->keyid2uid = generic_keyid2uid;
595 dbctx->getfullkeyid = keyd_getfullkeyid;
596 dbctx->iterate_keys = keyd_iterate_keys;