X-Git-Url: https://the.earth.li/gitweb/?a=blobdiff_plain;f=keydb.c;h=f6b9682f2d4b4ade0db0494fbf4c4b312a80171e;hb=70842462a490e56a607a48b2d27807816c4d8a80;hp=c5b07c628dfd2040d3152311dc85bec31ce729ad;hpb=656bb5c3981ae175698ff8782c7ec39e1f6451d1;p=onak.git

diff --git a/keydb.c b/keydb.c
index c5b07c6..f6b9682 100644
--- a/keydb.c
+++ b/keydb.c
@@ -1,9 +1,19 @@
 /*
  * keydb.c - Routines for DB access that just use store/fetch.
  *
- * Jonathan McDowell <noodles@earth.li>
+ * Copyright 2002-2004 Jonathan McDowell <noodles@earth.li>
  *
- * Copyright 2002 Project Purple
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 
 /**
@@ -14,31 +24,38 @@
  *	slower than custom functions however.
  */
 
+#include <stdbool.h>
 #include <stdio.h>
 
+#include "decodekey.h"
+#include "hash.h"
 #include "keydb.h"
 #include "keyid.h"
-#include "keyindex.h"
 #include "keystructs.h"
+#include "ll.h"
 #include "mem.h"
-#include "parsekey.h"
+#include "merge.h"
+#include "openpgp.h"
+#include "sendsync.h"
+#include "stats.h"
 
 #ifdef NEED_KEYID2UID
 /**
  *	keyid2uid - Takes a keyid and returns the primary UID for it.
  *	@keyid: The keyid to lookup.
  */
-char *keyid2uid(uint64_t keyid)
+char *generic_keyid2uid(struct onak_dbctx *dbctx, uint64_t keyid)
 {
 	struct openpgp_publickey *publickey = NULL;
 	struct openpgp_signedpacket_list *curuid = NULL;
 	char buf[1024];
 
 	buf[0]=0;
-	if (fetch_key(keyid, &publickey, false) && publickey != NULL) {
+	if (dbctx->fetch_key_id(dbctx, keyid, &publickey, false) &&
+			publickey != NULL) {
 		curuid = publickey->uids;
 		while (curuid != NULL && buf[0] == 0) {
-			if (curuid->packet->tag == 13) {
+			if (curuid->packet->tag == OPENPGP_PACKET_UID) {
 				snprintf(buf, 1023, "%.*s",
 						(int) curuid->packet->length,
 						curuid->packet->data);
@@ -60,21 +77,33 @@ char *keyid2uid(uint64_t keyid)
 /**
  *	getkeysigs - Gets a linked list of the signatures on a key.
  *	@keyid: The keyid to get the sigs for.
+ *	@revoked: Is the key revoked?
  *
  *	This function gets the list of signatures on a key. Used for key 
- *	indexing and doing stats bits.
+ *	indexing and doing stats bits. If revoked is non-NULL then if the key
+ *	is revoked it's set to true.
  */
-struct ll *getkeysigs(uint64_t keyid)
+struct ll *generic_getkeysigs(struct onak_dbctx *dbctx,
+		uint64_t keyid, bool *revoked)
 {
 	struct ll *sigs = NULL;
 	struct openpgp_signedpacket_list *uids = NULL;
+	struct openpgp_packet_list *cursig;
 	struct openpgp_publickey *publickey = NULL;
 
-	fetch_key(keyid, &publickey, false);
+	dbctx->fetch_key_id(dbctx, keyid, &publickey, false);
 	
 	if (publickey != NULL) {
 		for (uids = publickey->uids; uids != NULL; uids = uids->next) {
-			sigs = keysigs(sigs, uids->sigs);
+			for (cursig = uids->sigs; cursig != NULL;
+					cursig = cursig->next) {
+				sigs = lladd(sigs,
+						createandaddtohash(sig_keyid(
+							cursig->packet)));
+			}
+		}
+		if (revoked != NULL) {
+			*revoked = publickey->revoked;
 		}
 		free_publickey(publickey);
 	}
@@ -83,24 +112,174 @@ struct ll *getkeysigs(uint64_t keyid)
 }
 #endif
 
-#ifdef NEED_GETFULLKEYID
 /**
- *	getfullkeyid - Maps a 32bit key id to a 64bit one.
- *	@keyid: The 32bit keyid.
+ *	cached_getkeysigs - Gets the signatures on a key.
+ *	@keyid: The key we want the signatures for.
+ *	
+ *	This function gets the signatures on a key. It's the same as the
+ *	getkeysigs function above except we use the hash module to cache the
+ *	data so if we need it again it's already loaded.
+ */
+struct ll *generic_cached_getkeysigs(struct onak_dbctx *dbctx, uint64_t keyid)
+{
+	struct stats_key *key = NULL;
+	struct stats_key *signedkey = NULL;
+	struct ll        *cursig = NULL;
+	struct ll	 *sigs = NULL;
+	bool		  revoked = false;
+
+	if (keyid == 0)  {
+		return NULL;
+	}
+
+	key = findinhash(keyid);
+
+	if (key == NULL || key->gotsigs == false) {
+		sigs = dbctx->getkeysigs(dbctx, keyid, &revoked);
+		if (sigs == NULL) {
+			return NULL;
+		}
+		if (key == NULL) {
+			key = createandaddtohash(keyid);
+		}
+		key->sigs = sigs;
+		key->revoked = revoked;
+		for (cursig = key->sigs; cursig != NULL;
+				cursig = cursig->next) {
+			signedkey = (struct stats_key *) cursig->object;
+			signedkey->signs = lladd(signedkey->signs, key);
+		}
+		key->gotsigs = true;
+	}
+
+	return key->sigs;
+}
+
+#ifdef NEED_UPDATEKEYS
+/**
+ *	update_keys - Takes a list of public keys and updates them in the DB.
+ *	@keys: The keys to update in the DB.
+ *	@blacklist: A keyarray of key fingerprints not to accept.
+ *	@updateonly: Only update existing keys, don't add new ones.
+ *	@sendsync: Should we send a sync mail to our peers.
  *
- *	This function maps a 32bit key id to the full 64bit one. It returns the
- *	full keyid.
+ *	Takes a list of keys and adds them to the database, merging them with
+ *	the key in the database if it's already present there. The key list is
+ *	update to contain the minimum set of updates required to get from what
+ *	we had before to what we have now (ie the set of data that was added to
+ *	the DB). Returns the number of entirely new keys added.
  */
-uint64_t getfullkeyid(uint64_t keyid)
+int generic_update_keys(struct onak_dbctx *dbctx,
+		struct openpgp_publickey **keys,
+		struct keyarray *blacklist,
+		bool updateonly,
+		bool sendsync)
 {
-	struct openpgp_publickey *publickey = NULL;
+	struct openpgp_publickey **curkey, *tmp = NULL;
+	struct openpgp_publickey *oldkey = NULL;
+	struct openpgp_fingerprint fp;
+	int newkeys = 0, ret;
+	bool intrans;
 
-	if (keyid < 0x100000000LL) {
-		fetch_key(keyid, &publickey, false);
-		keyid = get_keyid(publickey);
-		free_publickey(publickey);
+	curkey = keys;
+	while (*curkey != NULL) {
+		get_fingerprint((*curkey)->publickey, &fp);
+		if (blacklist && array_find(blacklist, &fp)) {
+			logthing(LOGTHING_INFO, "Ignoring blacklisted key.");
+			tmp = *curkey;
+			*curkey = (*curkey)->next;
+			tmp->next = NULL;
+			free_publickey(tmp);
+			continue;
+		}
+
+		intrans = dbctx->starttrans(dbctx);
+
+		ret = dbctx->fetch_key_fp(dbctx, &fp, &oldkey, intrans);
+		if (ret == 0 && updateonly) {
+			logthing(LOGTHING_INFO,
+				"Skipping new key as update only set.");
+			curkey = &(*curkey)->next;
+			goto next;
+		}
+
+		/*
+		 * If we already have the key stored in the DB then merge it
+		 * with the new one that's been supplied. Otherwise the key
+		 * we've just got is the one that goes in the DB and also the
+		 * one that we send out.
+		 */
+		if (oldkey != NULL) {
+			merge_keys(oldkey, *curkey);
+			if ((*curkey)->sigs == NULL &&
+					(*curkey)->uids == NULL &&
+					(*curkey)->subkeys == NULL) {
+				tmp = *curkey;
+				*curkey = (*curkey)->next;
+				tmp->next = NULL;
+				free_publickey(tmp);
+			} else {
+				logthing(LOGTHING_INFO,
+					"Merged key; storing updated key.");
+				dbctx->store_key(dbctx, oldkey, intrans,
+					true);
+				curkey = &(*curkey)->next;
+			}
+			free_publickey(oldkey);
+			oldkey = NULL;
+		} else {
+			logthing(LOGTHING_INFO,
+				"Storing completely new key.");
+			dbctx->store_key(dbctx, *curkey, intrans, false);
+			newkeys++;
+			curkey = &(*curkey)->next;
+		}
+next:
+		dbctx->endtrans(dbctx);
 	}
-	
-	return keyid;
+
+	if (sendsync && keys != NULL && *keys != NULL) {
+		sendkeysync(*keys);
+	}
+
+	return newkeys;
+}
+#endif /* NEED_UPDATEKEYS */
+
+#ifdef NEED_GET_FP
+static int generic_fetch_key_fp(struct onak_dbctx *dbctx,
+		struct openpgp_fingerprint *fingerprint,
+		struct openpgp_publickey **publickey, bool intrans)
+{
+	uint64_t keyid;
+	int i;
+
+	if (fingerprint->length > MAX_FINGERPRINT_LEN) {
+		return 0;
+	}
+
+	/*
+	 * We assume if the backend is using this function it's not storing
+	 * anything bigger than the 64 bit key ID and just truncate the
+	 * fingerprint to get that value. v4 keys want the lowest 64 bits, v5
+	 * keys need the top 64 bits.  This doesn't work for v3 keys,
+	 * but there's no way to map from v3 fingerprint to v3 key ID so
+	 * if the backend can't do it we're going to fail anyway.
+	 */
+	keyid = 0;
+	if (fingerprint->length == 20) {
+		/* v4 */
+		for (i = (fingerprint->length - 8); i < fingerprint->length;
+				i++) {
+			keyid = (keyid << 8) + fingerprint->fp[i];
+		}
+	} else {
+		/* v5 */
+		for (i = 0; i < 8; i++) {
+			keyid = (keyid << 8) + fingerprint->fp[i];
+		}
+	}
+
+	return dbctx->fetch_key_id(dbctx, keyid, publickey, intrans);
 }
 #endif