2 * keydb_db4.c - Routines to store and fetch keys in a DB4 database.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program. If not, see <https://www.gnu.org/licenses/>.
19 #include <sys/types.h>
34 #include "charfuncs.h"
38 #include "decodekey.h"
39 #include "keystructs.h"
44 #include "onak-conf.h"
48 #define DB4_UPGRADE_FILE "db_upgrade.lck"
50 struct onak_db4_dbctx {
51 DB_ENV *dbenv; /* The database environment context */
52 int numdbs; /* Number of data databases in use */
53 DB **dbconns; /* Connections to the key data databases */
54 DB *worddb; /* Connection to the word lookup database */
55 DB *id32db; /* Connection to the 32 bit ID lookup database */
56 DB *id64db; /* Connection to the 64 bit ID lookup database */
57 DB *skshashdb; /* Connection to the SKS hash database */
58 DB *subkeydb; /* Connection to the subkey ID lookup database */
59 DB_TXN *txn; /* Our current transaction ID */
62 DB *keydb_id(struct onak_db4_dbctx *privctx, uint64_t keyid)
68 return(privctx->dbconns[keytrun % privctx->numdbs]);
71 DB *keydb_fp(struct onak_db4_dbctx *privctx, struct openpgp_fingerprint *fp)
75 keytrun = (fp->fp[4] << 24) |
80 return(privctx->dbconns[keytrun % privctx->numdbs]);
84 * db4_errfunc - Direct DB errors to logfile
86 * Basic function to take errors from the DB library and output them to
87 * the logfile rather than stderr.
89 #if (DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR < 3)
90 static void db4_errfunc(const char *errpfx, const char *errmsg)
92 static void db4_errfunc(const DB_ENV *edbenv, const char *errpfx,
97 logthing(LOGTHING_DEBUG, "db4 error: %s:%s", errpfx, errmsg);
99 logthing(LOGTHING_DEBUG, "db4 error: %s", errmsg);
106 * starttrans - Start a transaction.
108 * Start a transaction. Intended to be used if we're about to perform many
109 * operations on the database to help speed it all up, or if we want
110 * something to only succeed if all relevant operations are successful.
112 static bool db4_starttrans(struct onak_dbctx *dbctx)
114 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
117 log_assert(privctx->dbenv != NULL);
118 log_assert(privctx->txn == NULL);
120 ret = privctx->dbenv->txn_begin(privctx->dbenv,
121 NULL, /* No parent transaction */
125 logthing(LOGTHING_CRITICAL,
126 "Error starting transaction: %s",
135 * endtrans - End a transaction.
137 * Ends a transaction.
139 static void db4_endtrans(struct onak_dbctx *dbctx)
141 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
144 log_assert(privctx->dbenv != NULL);
145 log_assert(privctx->txn != NULL);
147 ret = privctx->txn->commit(privctx->txn,
150 logthing(LOGTHING_CRITICAL,
151 "Error ending transaction: %s",
161 * db4_upgradedb - Upgrade a DB4 database
163 * Called if we discover we need to upgrade our DB4 database; ie if
164 * we're running with a newer version of db4 than the database was
167 static int db4_upgradedb(struct onak_dbctx *dbctx)
169 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
178 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
180 lockfile_fd = open(buf, O_RDWR | O_CREAT | O_EXCL, 0600);
181 if (lockfile_fd < 0) {
182 if (errno == EEXIST) {
183 while (stat(buf, &statbuf) == 0) ;
186 logthing(LOGTHING_CRITICAL, "Couldn't open database "
187 "update lock file: %s", strerror(errno));
191 snprintf(buf, sizeof(buf) - 1, "%d", getpid());
192 written = write(lockfile_fd, buf, strlen(buf));
194 if (written != strlen(buf)) {
195 logthing(LOGTHING_CRITICAL, "Couldn't write PID to lockfile: "
196 "%s", strerror(errno));
197 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
203 logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
204 ret = db_env_create(&privctx->dbenv, 0);
206 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
207 privctx->dbenv->remove(privctx->dbenv, dbctx->config->location, 0);
208 privctx->dbenv = NULL;
210 for (i = 0; i < privctx->numdbs; i++) {
211 ret = db_create(&curdb, NULL, 0);
213 snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
214 dbctx->config->location, i);
215 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
216 curdb->upgrade(curdb, buf, 0);
217 curdb->close(curdb, 0);
219 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
225 ret = db_create(&curdb, NULL, 0);
227 snprintf(buf, sizeof(buf) - 1, "%s/worddb", dbctx->config->location);
228 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
229 curdb->upgrade(curdb, buf, 0);
230 curdb->close(curdb, 0);
232 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
237 ret = db_create(&curdb, NULL, 0);
239 snprintf(buf, sizeof(buf) - 1, "%s/id32db", dbctx->config->location);
240 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
241 curdb->upgrade(curdb, buf, 0);
242 curdb->close(curdb, 0);
244 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
249 ret = db_create(&curdb, NULL, 0);
251 snprintf(buf, sizeof(buf) - 1, "%s/id64db", dbctx->config->location);
252 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
253 curdb->upgrade(curdb, buf, 0);
254 curdb->close(curdb, 0);
256 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
261 ret = db_create(&curdb, NULL, 0);
263 snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", dbctx->config->location);
264 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
265 curdb->upgrade(curdb, buf, 0);
266 curdb->close(curdb, 0);
268 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
273 ret = db_create(&curdb, NULL, 0);
275 snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", dbctx->config->location);
276 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
277 curdb->upgrade(curdb, buf, 0);
278 curdb->close(curdb, 0);
280 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
285 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
293 * getfullkeyid - Maps a 32bit key id to a 64bit one.
294 * @keyid: The 32bit keyid.
296 * This function maps a 32bit key id to the full 64bit one. It returns the
297 * first full keyid that has this short keyid. If the key isn't found a
298 * keyid of 0 is returned.
300 * FIXME: This should either return the fingerprint or ideally go away
303 static uint64_t db4_getfullkeyid(struct onak_dbctx *dbctx, uint64_t keyid)
305 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
308 uint32_t shortkeyid = 0;
312 if (keyid < 0x100000000LL) {
313 ret = privctx->id32db->cursor(privctx->id32db,
322 shortkeyid = keyid & 0xFFFFFFFF;
324 memset(&key, 0, sizeof(key));
325 memset(&data, 0, sizeof(data));
326 key.data = &shortkeyid;
327 key.size = sizeof(shortkeyid);
328 data.flags = DB_DBT_MALLOC;
330 ret = cursor->c_get(cursor,
337 /* Only works for v4, not v3 or v5 */
338 for (i = 12; i < 20; i++) {
340 keyid |= ((uint8_t *) data.data)[i];
343 if (data.data != NULL) {
349 cursor->c_close(cursor);
357 * fetch_key_fp - Given a fingerprint fetch the key from storage.
359 static int db4_fetch_key_fp(struct onak_dbctx *dbctx,
360 struct openpgp_fingerprint *fingerprint,
361 struct openpgp_publickey **publickey,
364 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
365 struct openpgp_packet_list *packets = NULL;
369 struct buffer_ctx fetchbuf;
370 struct openpgp_fingerprint subfp;
372 memset(&key, 0, sizeof(key));
373 memset(&data, 0, sizeof(data));
378 key.size = fingerprint->length;
379 key.data = fingerprint->fp;
382 db4_starttrans(dbctx);
385 ret = keydb_fp(privctx, fingerprint)->get(keydb_fp(privctx,
392 if (ret == DB_NOTFOUND) {
393 /* If we didn't find the key ID see if it's a subkey ID */
394 memset(&key, 0, sizeof(key));
395 memset(&data, 0, sizeof(data));
396 data.data = subfp.fp;
397 data.ulen = MAX_FINGERPRINT_LEN;
398 data.flags = DB_DBT_USERMEM;
399 key.data = fingerprint->fp;
400 key.size = fingerprint->length;
402 ret = privctx->subkeydb->get(privctx->subkeydb,
409 /* We got a subkey match; retrieve the actual key */
410 memset(&key, 0, sizeof(key));
411 key.size = subfp.length = data.size;
414 memset(&data, 0, sizeof(data));
418 ret = keydb_fp(privctx, &subfp)->get(
419 keydb_fp(privctx, &subfp),
428 fetchbuf.buffer = data.data;
430 fetchbuf.size = data.size;
431 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
433 parse_keys(packets, publickey);
434 free_packet_list(packets);
437 } else if (ret != DB_NOTFOUND) {
438 logthing(LOGTHING_ERROR,
439 "Problem retrieving key: %s",
451 * fetch_key_id - Given a keyid fetch the key from storage.
452 * @keyid: The keyid to fetch.
453 * @publickey: A pointer to a structure to return the key in.
454 * @intrans: If we're already in a transaction.
456 * We use the hex representation of the keyid as the filename to fetch the
457 * key from. The key is stored in the file as a binary OpenPGP stream of
458 * packets, so we can just use read_openpgp_stream() to read the packets
459 * in and then parse_keys() to parse the packets into a publickey
462 static int db4_fetch_key_id(struct onak_dbctx *dbctx, uint64_t keyid,
463 struct openpgp_publickey **publickey,
466 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
467 struct openpgp_packet_list *packets = NULL;
472 uint32_t shortkeyid = 0;
473 struct openpgp_fingerprint fingerprint;
477 db4_starttrans(dbctx);
480 /* If the key ID fits in 32 bits assume it's a short key id */
481 if (keyid < 0x100000000LL) {
482 ret = privctx->id32db->cursor(privctx->id32db,
487 shortkeyid = keyid & 0xFFFFFFFF;
488 memset(&key, 0, sizeof(key));
489 memset(&data, 0, sizeof(data));
490 key.data = &shortkeyid;
491 key.size = sizeof(shortkeyid);
493 ret = privctx->id64db->cursor(privctx->id64db,
498 memset(&key, 0, sizeof(key));
499 memset(&data, 0, sizeof(data));
501 key.size = sizeof(keyid);
508 memset(&data, 0, sizeof(data));
509 data.ulen = MAX_FINGERPRINT_LEN;
510 data.data = fingerprint.fp;
511 data.flags = DB_DBT_USERMEM;
514 while (cursor->c_get(cursor, &key, &data,
515 first ? DB_SET : DB_NEXT_DUP) == 0) {
516 /* We got a match; retrieve the actual key */
517 fingerprint.length = data.size;
519 if (db4_fetch_key_fp(dbctx, &fingerprint,
523 memset(&data, 0, sizeof(data));
524 data.ulen = MAX_FINGERPRINT_LEN;
525 data.data = fingerprint.fp;
526 data.flags = DB_DBT_USERMEM;
529 cursor->c_close(cursor);
540 int worddb_cmp(const void *d1, const void *d2)
542 return memcmp(d1, d2, 12);
546 * fetch_key_text - Trys to find the keys that contain the supplied text.
547 * @search: The text to search for.
548 * @publickey: A pointer to a structure to return the key in.
550 * This function searches for the supplied text and returns the keys that
553 static int db4_fetch_key_text(struct onak_dbctx *dbctx, const char *search,
554 struct openpgp_publickey **publickey)
556 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
563 char *searchtext = NULL;
564 struct ll *wordlist = NULL;
565 struct ll *curword = NULL;
566 struct keyarray keylist = { NULL, 0, 0 };
567 struct keyarray newkeylist = { NULL, 0, 0 };
569 struct openpgp_fingerprint fingerprint;
572 searchtext = strdup(search);
573 wordlist = makewordlist(wordlist, searchtext);
575 for (curword = wordlist; curword != NULL; curword = curword->next) {
576 db4_starttrans(dbctx);
578 ret = privctx->worddb->cursor(privctx->worddb,
588 memset(&key, 0, sizeof(key));
589 memset(&data, 0, sizeof(data));
590 key.data = curword->object;
591 key.size = strlen(curword->object);
592 data.flags = DB_DBT_MALLOC;
593 ret = cursor->c_get(cursor,
597 while (ret == 0 && strncmp(key.data, curword->object,
599 ((char *) curword->object)[key.size] == 0) {
601 fingerprint.length = data.size;
602 memcpy(fingerprint.fp, data.data, data.size);
605 * Only add the keys containing this word if this is
606 * our first pass (ie we have no existing key list),
607 * or the key contained a previous word.
609 if (firstpass || array_find(&keylist, &fingerprint)) {
610 array_add(&newkeylist, &fingerprint);
616 ret = cursor->c_get(cursor,
621 array_free(&keylist);
622 keylist.keys = newkeylist.keys;
623 keylist.count = newkeylist.count;
624 keylist.size = newkeylist.size;
625 newkeylist.keys = NULL;
626 newkeylist.count = newkeylist.size = 0;
627 if (data.data != NULL) {
631 cursor->c_close(cursor);
636 llfree(wordlist, NULL);
639 if (keylist.count > config.maxkeys) {
640 keylist.count = config.maxkeys;
643 db4_starttrans(dbctx);
644 for (i = 0; i < keylist.count; i++) {
645 numkeys += db4_fetch_key_fp(dbctx, &keylist.keys[i],
649 array_free(&keylist);
658 static int db4_fetch_key_skshash(struct onak_dbctx *dbctx,
659 const struct skshash *hash,
660 struct openpgp_publickey **publickey)
662 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
668 struct openpgp_fingerprint fingerprint;
670 ret = privctx->skshashdb->cursor(privctx->skshashdb,
679 memset(&key, 0, sizeof(key));
680 memset(&data, 0, sizeof(data));
681 key.data = (void *) hash->hash;
682 key.size = sizeof(hash->hash);
683 data.ulen = MAX_FINGERPRINT_LEN;
684 data.data = fingerprint.fp;
685 data.flags = DB_DBT_USERMEM;
687 ret = cursor->c_get(cursor,
693 fingerprint.length = data.size;
694 count = db4_fetch_key_fp(dbctx, &fingerprint,
698 cursor->c_close(cursor);
705 * delete_key - Given a keyid delete the key from storage.
706 * @keyid: The keyid to delete.
707 * @intrans: If we're already in a transaction.
709 * This function deletes a public key from whatever storage mechanism we
710 * are using. Returns 0 if the key existed.
712 static int db4_delete_key(struct onak_dbctx *dbctx,
713 uint64_t keyid, bool intrans)
715 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
716 struct openpgp_publickey *publickey = NULL;
719 DBC *cursor64 = NULL;
720 uint32_t shortkeyid = 0;
721 uint64_t subkeyid = 0;
722 struct openpgp_fingerprint *subkeyids = NULL;
726 char *primary = NULL;
727 unsigned char worddb_data[12];
728 struct ll *wordlist = NULL;
729 struct ll *curword = NULL;
730 bool deadlock = false;
732 struct openpgp_fingerprint fingerprint;
735 db4_starttrans(dbctx);
738 if (db4_fetch_key_id(dbctx, keyid, &publickey, true) == 0) {
745 get_fingerprint(publickey->publickey, &fingerprint);
748 * Walk through the uids removing the words from the worddb.
750 if (publickey != NULL) {
751 uids = keyuids(publickey, &primary);
754 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
755 wordlist = makewordlist(wordlist, uids[i]);
758 privctx->worddb->cursor(privctx->worddb,
763 for (curword = wordlist; curword != NULL && !deadlock;
764 curword = curword->next) {
765 memset(&key, 0, sizeof(key));
766 memset(&data, 0, sizeof(data));
767 key.data = curword->object;
768 key.size = strlen(key.data);
769 data.data = worddb_data;
770 data.size = sizeof(worddb_data);
773 * New style uses the fingerprint as the data
774 * Old (unsupported) style was the 64 bit keyid
776 memset(&key, 0, sizeof(key));
777 memset(&data, 0, sizeof(data));
778 key.data = curword->object;
779 key.size = strlen(key.data);
780 data.data = fingerprint.fp;
781 data.size = fingerprint.length;
783 ret = cursor->c_get(cursor,
789 ret = cursor->c_del(cursor, 0);
792 if (ret != 0 && ret != DB_NOTFOUND) {
793 logthing(LOGTHING_ERROR,
794 "Problem deleting word: %s "
795 "(0x%016" PRIX64 ")",
798 if (ret == DB_LOCK_DEADLOCK) {
803 cursor->c_close(cursor);
807 * Free our UID and word lists.
809 llfree(wordlist, NULL);
810 for (i = 0; uids[i] != NULL; i++) {
819 privctx->id32db->cursor(privctx->id32db,
823 privctx->id64db->cursor(privctx->id64db,
828 /* 32 bit short key mapping to fingerprint */
829 shortkeyid = keyid & 0xFFFFFFFF;
831 memset(&key, 0, sizeof(key));
832 memset(&data, 0, sizeof(data));
833 key.data = &shortkeyid;
834 key.size = sizeof(shortkeyid);
835 data.data = fingerprint.fp;
836 data.size = fingerprint.length;
838 ret = cursor->c_get(cursor,
844 ret = cursor->c_del(cursor, 0);
847 if (ret != 0 && ret != DB_NOTFOUND) {
848 logthing(LOGTHING_ERROR,
849 "Problem deleting short keyid: %s "
850 "(0x%016" PRIX64 ")",
853 if (ret == DB_LOCK_DEADLOCK) {
858 /* 64 bit key mapping to fingerprint */
859 memset(&key, 0, sizeof(key));
860 memset(&data, 0, sizeof(data));
862 key.size = sizeof(keyid);
863 data.data = fingerprint.fp;
864 data.size = fingerprint.length;
866 ret = cursor64->c_get(cursor64,
872 ret = cursor64->c_del(cursor64, 0);
875 if (ret != 0 && ret != DB_NOTFOUND) {
876 logthing(LOGTHING_ERROR,
877 "Problem deleting keyid: %s "
878 "(0x%016" PRIX64 ")",
881 if (ret == DB_LOCK_DEADLOCK) {
886 subkeyids = keysubkeys(publickey);
888 while (subkeyids != NULL && subkeyids[i].length != 0) {
889 subkeyid = fingerprint2keyid(&subkeyids[i]);
890 memset(&key, 0, sizeof(key));
891 key.data = subkeyids[i].fp;
892 key.size = subkeyids[i].length;
893 privctx->subkeydb->del(privctx->subkeydb,
894 privctx->txn, &key, 0);
895 if (ret != 0 && ret != DB_NOTFOUND) {
896 logthing(LOGTHING_ERROR,
897 "Problem deleting subkey id: %s "
898 "(0x%016" PRIX64 ")",
901 if (ret == DB_LOCK_DEADLOCK) {
906 shortkeyid = subkeyid & 0xFFFFFFFF;
908 /* Remove 32 bit keyid -> fingerprint mapping */
909 memset(&key, 0, sizeof(key));
910 memset(&data, 0, sizeof(data));
911 key.data = &shortkeyid;
912 key.size = sizeof(shortkeyid);
913 data.data = fingerprint.fp;
914 data.size = fingerprint.length;
916 ret = cursor->c_get(cursor,
922 ret = cursor->c_del(cursor, 0);
925 if (ret != 0 && ret != DB_NOTFOUND) {
926 logthing(LOGTHING_ERROR,
927 "Problem deleting short keyid: %s "
928 "(0x%016" PRIX64 ")",
931 if (ret == DB_LOCK_DEADLOCK) {
936 /* Remove 64 bit keyid -> fingerprint mapping */
937 memset(&key, 0, sizeof(key));
938 memset(&data, 0, sizeof(data));
939 key.data = &subkeyid;
940 key.size = sizeof(subkeyid);
941 data.data = fingerprint.fp;
942 data.size = fingerprint.length;
944 ret = cursor64->c_get(cursor64,
950 ret = cursor64->c_del(cursor64, 0);
953 if (ret != 0 && ret != DB_NOTFOUND) {
954 logthing(LOGTHING_ERROR,
955 "Problem deleting keyid: %s "
956 "(0x%016" PRIX64 ")",
959 if (ret == DB_LOCK_DEADLOCK) {
965 if (subkeyids != NULL) {
969 cursor64->c_close(cursor64);
971 cursor->c_close(cursor);
976 ret = privctx->skshashdb->cursor(privctx->skshashdb,
981 get_skshash(publickey, &hash);
983 /* Remove SKS hash -> fingerprint mapping */
984 memset(&key, 0, sizeof(key));
985 memset(&data, 0, sizeof(data));
986 key.data = hash.hash;
987 key.size = sizeof(hash.hash);
988 data.data = fingerprint.fp;
989 data.size = fingerprint.length;
991 ret = cursor->c_get(cursor,
997 ret = cursor->c_del(cursor, 0);
1000 if (ret != 0 && ret != DB_NOTFOUND) {
1001 logthing(LOGTHING_ERROR,
1002 "Problem deleting skshash: %s "
1003 "(0x%016" PRIX64 ")",
1006 if (ret == DB_LOCK_DEADLOCK) {
1011 cursor->c_close(cursor);
1015 free_publickey(publickey);
1019 key.data = fingerprint.fp;
1020 key.size = fingerprint.length;
1022 keydb_fp(privctx, &fingerprint)->del(keydb_fp(privctx,
1028 /* Delete old style 64 bit keyid */
1030 key.size = sizeof(keyid);
1032 keydb_id(privctx, keyid)->del(keydb_id(privctx, keyid),
1039 db4_endtrans(dbctx);
1042 return deadlock ? (-1) : (ret == DB_NOTFOUND);
1046 * store_key - Takes a key and stores it.
1047 * @publickey: A pointer to the public key to store.
1048 * @intrans: If we're already in a transaction.
1049 * @update: If true the key exists and should be updated.
1051 * Again we just use the hex representation of the keyid as the filename
1052 * to store the key to. We flatten the public key to a list of OpenPGP
1053 * packets and then use write_openpgp_stream() to write the stream out to
1054 * the file. If update is true then we delete the old key first, otherwise
1055 * we trust that it doesn't exist.
1057 static int db4_store_key(struct onak_dbctx *dbctx,
1058 struct openpgp_publickey *publickey, bool intrans,
1061 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1062 struct openpgp_packet_list *packets = NULL;
1063 struct openpgp_packet_list *list_end = NULL;
1064 struct openpgp_publickey *next = NULL;
1067 struct buffer_ctx storebuf;
1071 uint32_t shortkeyid = 0;
1072 struct openpgp_fingerprint *subkeyids = NULL;
1074 char *primary = NULL;
1075 struct ll *wordlist = NULL;
1076 struct ll *curword = NULL;
1077 bool deadlock = false;
1078 struct skshash hash;
1079 struct openpgp_fingerprint fingerprint;
1081 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
1082 logthing(LOGTHING_ERROR, "Couldn't find key ID for key.");
1086 if (get_fingerprint(publickey->publickey, &fingerprint) != ONAK_E_OK) {
1087 logthing(LOGTHING_ERROR, "Couldn't find fingerprint for key.");
1092 db4_starttrans(dbctx);
1096 * Delete the key if we already have it.
1098 * TODO: Can we optimize this perhaps? Possibly when other data is
1099 * involved as well? I suspect this is easiest and doesn't make a lot
1100 * of difference though - the largest chunk of data is the keydata and
1101 * it definitely needs updated.
1104 deadlock = (db4_delete_key(dbctx, keyid, true) == -1);
1108 * Convert the key to a flat set of binary data.
1111 next = publickey->next;
1112 publickey->next = NULL;
1113 flatten_publickey(publickey, &packets, &list_end);
1114 publickey->next = next;
1116 storebuf.offset = 0;
1117 storebuf.size = 8192;
1118 storebuf.buffer = malloc(8192);
1120 write_openpgp_stream(buffer_putchar, &storebuf, packets);
1123 * Now we have the key data store it in the DB; the fingerprint
1126 memset(&key, 0, sizeof(key));
1127 memset(&data, 0, sizeof(data));
1128 key.data = fingerprint.fp;
1129 key.size = fingerprint.length;
1130 data.size = storebuf.offset;
1131 data.data = storebuf.buffer;
1133 ret = keydb_fp(privctx, &fingerprint)->put(
1134 keydb_fp(privctx, &fingerprint),
1140 logthing(LOGTHING_ERROR,
1141 "Problem storing key: %s",
1143 if (ret == DB_LOCK_DEADLOCK) {
1148 free(storebuf.buffer);
1149 storebuf.buffer = NULL;
1151 storebuf.offset = 0;
1153 free_packet_list(packets);
1158 * Walk through our uids storing the words into the db with the
1162 uids = keyuids(publickey, &primary);
1165 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
1166 wordlist = makewordlist(wordlist, uids[i]);
1169 for (curword = wordlist; curword != NULL && !deadlock;
1170 curword = curword->next) {
1171 memset(&key, 0, sizeof(key));
1172 memset(&data, 0, sizeof(data));
1173 key.data = curword->object;
1174 key.size = strlen(key.data);
1175 data.data = fingerprint.fp;
1176 data.size = fingerprint.length;
1178 ret = privctx->worddb->put(privctx->worddb,
1184 logthing(LOGTHING_ERROR,
1185 "Problem storing word: %s",
1187 if (ret == DB_LOCK_DEADLOCK) {
1194 * Free our UID and word lists.
1196 llfree(wordlist, NULL);
1197 for (i = 0; uids[i] != NULL; i++) {
1206 * Write the truncated 32 bit keyid so we can lookup the fingerprint
1210 shortkeyid = keyid & 0xFFFFFFFF;
1212 memset(&key, 0, sizeof(key));
1213 memset(&data, 0, sizeof(data));
1214 key.data = &shortkeyid;
1215 key.size = sizeof(shortkeyid);
1216 data.data = fingerprint.fp;
1217 data.size = fingerprint.length;
1219 ret = privctx->id32db->put(privctx->id32db,
1225 logthing(LOGTHING_ERROR,
1226 "Problem storing short keyid: %s",
1228 if (ret == DB_LOCK_DEADLOCK) {
1235 * Write the 64 bit keyid so we can lookup the fingerprint for
1239 memset(&key, 0, sizeof(key));
1240 memset(&data, 0, sizeof(data));
1242 key.size = sizeof(keyid);
1243 data.data = fingerprint.fp;
1244 data.size = fingerprint.length;
1246 ret = privctx->id64db->put(privctx->id64db,
1252 logthing(LOGTHING_ERROR,
1253 "Problem storing keyid: %s",
1255 if (ret == DB_LOCK_DEADLOCK) {
1262 subkeyids = keysubkeys(publickey);
1264 while (subkeyids != NULL && subkeyids[i].length != 0) {
1265 /* Store the subkey ID -> main key fp mapping */
1266 memset(&key, 0, sizeof(key));
1267 memset(&data, 0, sizeof(data));
1268 key.data = subkeyids[i].fp;
1269 key.size = subkeyids[i].length;
1270 data.data = fingerprint.fp;
1271 data.size = fingerprint.length;
1273 ret = privctx->subkeydb->put(privctx->subkeydb,
1279 logthing(LOGTHING_ERROR,
1280 "Problem storing subkey keyid: %s",
1282 if (ret == DB_LOCK_DEADLOCK) {
1287 /* Store the 64 bit subkey ID -> main key fp mapping */
1288 memset(&key, 0, sizeof(key));
1289 memset(&data, 0, sizeof(data));
1291 keyid = fingerprint2keyid(&subkeyids[i]);
1293 key.size = sizeof(keyid);
1294 data.data = fingerprint.fp;
1295 data.size = fingerprint.length;
1297 ret = privctx->id64db->put(privctx->id64db,
1303 logthing(LOGTHING_ERROR,
1304 "Problem storing keyid: %s",
1306 if (ret == DB_LOCK_DEADLOCK) {
1311 /* Store the short subkey ID -> main key fp mapping */
1312 shortkeyid = keyid & 0xFFFFFFFF;
1314 memset(&key, 0, sizeof(key));
1315 memset(&data, 0, sizeof(data));
1316 key.data = &shortkeyid;
1317 key.size = sizeof(shortkeyid);
1318 data.data = fingerprint.fp;
1319 data.size = fingerprint.length;
1321 ret = privctx->id32db->put(privctx->id32db,
1327 logthing(LOGTHING_ERROR,
1328 "Problem storing short keyid: %s",
1330 if (ret == DB_LOCK_DEADLOCK) {
1336 if (subkeyids != NULL) {
1343 get_skshash(publickey, &hash);
1344 memset(&key, 0, sizeof(key));
1345 memset(&data, 0, sizeof(data));
1346 key.data = hash.hash;
1347 key.size = sizeof(hash.hash);
1348 data.data = fingerprint.fp;
1349 data.size = fingerprint.length;
1351 ret = privctx->skshashdb->put(privctx->skshashdb,
1357 logthing(LOGTHING_ERROR,
1358 "Problem storing SKS hash: %s",
1360 if (ret == DB_LOCK_DEADLOCK) {
1367 db4_endtrans(dbctx);
1370 return deadlock ? -1 : 0 ;
1374 * iterate_keys - call a function once for each key in the db.
1375 * @iterfunc: The function to call.
1376 * @ctx: A context pointer
1378 * Calls iterfunc once for each key in the database. ctx is passed
1379 * unaltered to iterfunc. This function is intended to aid database dumps
1380 * and statistic calculations.
1382 * Returns the number of keys we iterated over.
1384 static int db4_iterate_keys(struct onak_dbctx *dbctx,
1385 void (*iterfunc)(void *ctx, struct openpgp_publickey *key),
1388 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1394 struct buffer_ctx fetchbuf;
1395 struct openpgp_packet_list *packets = NULL;
1396 struct openpgp_publickey *key = NULL;
1398 for (i = 0; i < privctx->numdbs; i++) {
1399 ret = privctx->dbconns[i]->cursor(privctx->dbconns[i],
1408 memset(&dbkey, 0, sizeof(dbkey));
1409 memset(&data, 0, sizeof(data));
1410 ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
1412 fetchbuf.buffer = data.data;
1413 fetchbuf.offset = 0;
1414 fetchbuf.size = data.size;
1415 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
1417 parse_keys(packets, &key);
1421 free_publickey(key);
1423 free_packet_list(packets);
1426 memset(&dbkey, 0, sizeof(dbkey));
1427 memset(&data, 0, sizeof(data));
1428 ret = cursor->c_get(cursor, &dbkey, &data,
1432 if (ret != DB_NOTFOUND) {
1433 logthing(LOGTHING_ERROR,
1434 "Problem reading key: %s",
1438 cursor->c_close(cursor);
1446 * Include the basic keydb routines.
1448 #define NEED_GETKEYSIGS 1
1449 #define NEED_KEYID2UID 1
1450 #define NEED_UPDATEKEYS 1
1454 * cleanupdb - De-initialize the key database.
1456 * This function should be called upon program exit to allow the DB to
1457 * cleanup after itself.
1459 static void db4_cleanupdb(struct onak_dbctx *dbctx)
1461 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1464 if (privctx->dbenv != NULL) {
1465 privctx->dbenv->txn_checkpoint(privctx->dbenv, 0, 0, 0);
1466 if (privctx->subkeydb != NULL) {
1467 privctx->subkeydb->close(privctx->subkeydb, 0);
1468 privctx->subkeydb = NULL;
1470 if (privctx->skshashdb != NULL) {
1471 privctx->skshashdb->close(privctx->skshashdb, 0);
1472 privctx->skshashdb = NULL;
1474 if (privctx->id64db != NULL) {
1475 privctx->id64db->close(privctx->id64db, 0);
1476 privctx->id64db = NULL;
1478 if (privctx->id32db != NULL) {
1479 privctx->id32db->close(privctx->id32db, 0);
1480 privctx->id32db = NULL;
1482 if (privctx->worddb != NULL) {
1483 privctx->worddb->close(privctx->worddb, 0);
1484 privctx->worddb = NULL;
1486 for (i = 0; i < privctx->numdbs; i++) {
1487 if (privctx->dbconns[i] != NULL) {
1488 privctx->dbconns[i]->close(privctx->dbconns[i],
1490 privctx->dbconns[i] = NULL;
1493 free(privctx->dbconns);
1494 privctx->dbconns = NULL;
1495 privctx->dbenv->close(privctx->dbenv, 0);
1496 privctx->dbenv = NULL;
1505 * initdb - Initialize the key database.
1507 * This function should be called before any of the other functions in
1508 * this file are called in order to allow the DB to be initialized ready
1511 struct onak_dbctx *keydb_db4_init(struct onak_db_config *dbcfg, bool readonly)
1518 struct stat statbuf;
1520 struct onak_dbctx *dbctx;
1521 struct onak_db4_dbctx *privctx;
1523 dbctx = malloc(sizeof(*dbctx));
1524 if (dbctx == NULL) {
1527 dbctx->config = dbcfg;
1528 dbctx->priv = privctx = calloc(1, sizeof(*privctx));
1529 if (privctx == NULL) {
1534 /* Default to 16 key data DBs */
1535 privctx->numdbs = 16;
1537 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbcfg->location,
1539 ret = stat(buf, &statbuf);
1540 while ((ret == 0) || (errno != ENOENT)) {
1542 logthing(LOGTHING_CRITICAL, "Couldn't stat upgrade "
1543 "lock file: %s (%d)", strerror(errno), ret);
1546 logthing(LOGTHING_DEBUG, "DB4 upgrade in progress; waiting.");
1548 ret = stat(buf, &statbuf);
1552 snprintf(buf, sizeof(buf) - 1, "%s/num_keydb", dbcfg->location);
1553 numdb = fopen(buf, "r");
1554 if (numdb != NULL) {
1555 if (fgets(buf, sizeof(buf), numdb) != NULL) {
1556 privctx->numdbs = atoi(buf);
1559 } else if (!readonly) {
1560 logthing(LOGTHING_ERROR, "Couldn't open num_keydb: %s",
1562 numdb = fopen(buf, "w");
1563 if (numdb != NULL) {
1564 fprintf(numdb, "%d", privctx->numdbs);
1567 logthing(LOGTHING_ERROR,
1568 "Couldn't write num_keydb: %s",
1573 privctx->dbconns = calloc(privctx->numdbs, sizeof (DB *));
1574 if (privctx->dbconns == NULL) {
1575 logthing(LOGTHING_CRITICAL,
1576 "Couldn't allocate memory for dbconns");
1581 ret = db_env_create(&privctx->dbenv, 0);
1583 logthing(LOGTHING_CRITICAL,
1584 "db_env_create: %s", db_strerror(ret));
1589 * Up the number of locks we're allowed at once. We base this on
1590 * the maximum number of keys we're going to return.
1593 maxlocks = config.maxkeys * 16;
1594 if (maxlocks < 1000) {
1597 privctx->dbenv->set_lk_max_locks(privctx->dbenv, maxlocks);
1598 privctx->dbenv->set_lk_max_objects(privctx->dbenv, maxlocks);
1602 * Enable deadlock detection so that we don't block indefinitely on
1603 * anything. What we really want is simple 2 state locks, but I'm not
1604 * sure how to make the standard DB functions do that yet.
1607 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
1608 ret = privctx->dbenv->set_lk_detect(privctx->dbenv, DB_LOCK_DEFAULT);
1610 logthing(LOGTHING_CRITICAL,
1611 "db_env_create: %s", db_strerror(ret));
1616 ret = privctx->dbenv->open(privctx->dbenv, dbcfg->location,
1617 DB_INIT_LOG | DB_INIT_MPOOL | DB_INIT_LOCK |
1621 #ifdef DB_VERSION_MISMATCH
1622 if (ret == DB_VERSION_MISMATCH) {
1623 privctx->dbenv->close(privctx->dbenv, 0);
1624 privctx->dbenv = NULL;
1625 ret = db4_upgradedb(dbctx);
1627 ret = db_env_create(&privctx->dbenv, 0);
1630 privctx->dbenv->set_errcall(privctx->dbenv,
1632 privctx->dbenv->set_lk_detect(privctx->dbenv,
1634 ret = privctx->dbenv->open(privctx->dbenv,
1636 DB_INIT_LOG | DB_INIT_MPOOL |
1637 DB_INIT_LOCK | DB_INIT_TXN |
1638 DB_CREATE | DB_RECOVER,
1642 privctx->dbenv->txn_checkpoint(
1652 logthing(LOGTHING_CRITICAL,
1653 "Error opening db environment: %s (%s)",
1656 if (privctx->dbenv != NULL) {
1657 privctx->dbenv->close(privctx->dbenv, 0);
1658 privctx->dbenv = NULL;
1664 db4_starttrans(dbctx);
1666 for (i = 0; !ret && i < privctx->numdbs; i++) {
1667 ret = db_create(&privctx->dbconns[i],
1670 logthing(LOGTHING_CRITICAL,
1671 "db_create: %s", db_strerror(ret));
1675 snprintf(buf, 1023, "keydb.%d.db", i);
1680 ret = privctx->dbconns[i]->open(
1681 privctx->dbconns[i],
1689 logthing(LOGTHING_CRITICAL,
1690 "Error opening key database:"
1700 ret = db_create(&privctx->worddb, privctx->dbenv, 0);
1702 logthing(LOGTHING_CRITICAL, "db_create: %s",
1708 ret = privctx->worddb->set_flags(privctx->worddb, DB_DUP);
1712 ret = privctx->worddb->open(privctx->worddb, privctx->txn,
1713 "worddb", "worddb", DB_BTREE,
1717 logthing(LOGTHING_CRITICAL,
1718 "Error opening word database: %s (%s)",
1725 ret = db_create(&privctx->id32db, privctx->dbenv, 0);
1727 logthing(LOGTHING_CRITICAL, "db_create: %s",
1733 ret = privctx->id32db->set_flags(privctx->id32db, DB_DUP);
1737 ret = privctx->id32db->open(privctx->id32db, privctx->txn,
1738 "id32db", "id32db", DB_HASH,
1742 logthing(LOGTHING_CRITICAL,
1743 "Error opening id32 database: %s (%s)",
1750 ret = db_create(&privctx->id64db, privctx->dbenv, 0);
1752 logthing(LOGTHING_CRITICAL, "db_create: %s",
1758 ret = privctx->id64db->set_flags(privctx->id64db, DB_DUP);
1762 ret = privctx->id64db->open(privctx->id64db, privctx->txn,
1763 "id64db", "id64db", DB_HASH,
1767 logthing(LOGTHING_CRITICAL,
1768 "Error opening id64 database: %s (%s)",
1775 ret = db_create(&privctx->skshashdb, privctx->dbenv, 0);
1777 logthing(LOGTHING_CRITICAL, "db_create: %s",
1783 ret = privctx->skshashdb->open(privctx->skshashdb, privctx->txn,
1785 "skshashdb", DB_HASH,
1789 logthing(LOGTHING_CRITICAL,
1790 "Error opening skshash database: %s (%s)",
1797 ret = db_create(&privctx->subkeydb, privctx->dbenv, 0);
1799 logthing(LOGTHING_CRITICAL, "db_create: %s",
1805 ret = privctx->subkeydb->open(privctx->subkeydb, privctx->txn,
1806 "subkeydb", "subkeydb",
1811 logthing(LOGTHING_CRITICAL,
1812 "Error opening subkey database: %s (%s)",
1818 if (privctx->txn != NULL) {
1819 db4_endtrans(dbctx);
1823 db4_cleanupdb(dbctx);
1824 logthing(LOGTHING_CRITICAL,
1825 "Error opening database; exiting");
1829 dbctx->cleanupdb = db4_cleanupdb;
1830 dbctx->starttrans = db4_starttrans;
1831 dbctx->endtrans = db4_endtrans;
1832 dbctx->fetch_key_id = db4_fetch_key_id;
1833 dbctx->fetch_key_fp = db4_fetch_key_fp;
1834 dbctx->fetch_key_text = db4_fetch_key_text;
1835 dbctx->fetch_key_skshash = db4_fetch_key_skshash;
1836 dbctx->store_key = db4_store_key;
1837 dbctx->update_keys = generic_update_keys;
1838 dbctx->delete_key = db4_delete_key;
1839 dbctx->getkeysigs = generic_getkeysigs;
1840 dbctx->cached_getkeysigs = generic_cached_getkeysigs;
1841 dbctx->keyid2uid = generic_keyid2uid;
1842 dbctx->getfullkeyid = db4_getfullkeyid;
1843 dbctx->iterate_keys = db4_iterate_keys;