2 * keydb_db4.c - Routines to store and fetch keys in a DB4 database.
4 * Copyright 2002-2008 Jonathan McDowell <noodles@earth.li>
6 * This program is free software: you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the Free
8 * Software Foundation; version 2 of the License.
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program. If not, see <https://www.gnu.org/licenses/>.
19 #include <sys/types.h>
34 #include "charfuncs.h"
38 #include "decodekey.h"
39 #include "keystructs.h"
44 #include "onak-conf.h"
48 #define DB4_UPGRADE_FILE "db_upgrade.lck"
50 struct onak_db4_dbctx {
51 DB_ENV *dbenv; /* The database environment context */
52 int numdbs; /* Number of data databases in use */
53 DB **dbconns; /* Connections to the key data databases */
54 DB *worddb; /* Connection to the word lookup database */
55 DB *id32db; /* Connection to the 32 bit ID lookup database */
56 DB *id64db; /* Connection to the 64 bit ID lookup database */
57 DB *skshashdb; /* Connection to the SKS hash database */
58 DB *subkeydb; /* Connection to the subkey ID lookup database */
59 DB_TXN *txn; /* Our current transaction ID */
62 DB *keydb_id(struct onak_db4_dbctx *privctx, uint64_t keyid)
68 return(privctx->dbconns[keytrun % privctx->numdbs]);
71 DB *keydb_fp(struct onak_db4_dbctx *privctx, struct openpgp_fingerprint *fp)
75 keytrun = (fp->fp[4] << 24) |
80 return(privctx->dbconns[keytrun % privctx->numdbs]);
84 * db4_errfunc - Direct DB errors to logfile
86 * Basic function to take errors from the DB library and output them to
87 * the logfile rather than stderr.
89 #if (DB_VERSION_MAJOR == 4) && (DB_VERSION_MINOR < 3)
90 static void db4_errfunc(const char *errpfx, const char *errmsg)
92 static void db4_errfunc(const DB_ENV *edbenv, const char *errpfx,
97 logthing(LOGTHING_DEBUG, "db4 error: %s:%s", errpfx, errmsg);
99 logthing(LOGTHING_DEBUG, "db4 error: %s", errmsg);
106 * starttrans - Start a transaction.
108 * Start a transaction. Intended to be used if we're about to perform many
109 * operations on the database to help speed it all up, or if we want
110 * something to only succeed if all relevant operations are successful.
112 static bool db4_starttrans(struct onak_dbctx *dbctx)
114 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
117 log_assert(privctx->dbenv != NULL);
118 log_assert(privctx->txn == NULL);
120 ret = privctx->dbenv->txn_begin(privctx->dbenv,
121 NULL, /* No parent transaction */
125 logthing(LOGTHING_CRITICAL,
126 "Error starting transaction: %s",
135 * endtrans - End a transaction.
137 * Ends a transaction.
139 static void db4_endtrans(struct onak_dbctx *dbctx)
141 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
144 log_assert(privctx->dbenv != NULL);
145 log_assert(privctx->txn != NULL);
147 ret = privctx->txn->commit(privctx->txn,
150 logthing(LOGTHING_CRITICAL,
151 "Error ending transaction: %s",
161 * db4_upgradedb - Upgrade a DB4 database
163 * Called if we discover we need to upgrade our DB4 database; ie if
164 * we're running with a newer version of db4 than the database was
167 static int db4_upgradedb(struct onak_dbctx *dbctx)
169 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
178 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
180 lockfile_fd = open(buf, O_RDWR | O_CREAT | O_EXCL, 0600);
181 if (lockfile_fd < 0) {
182 if (errno == EEXIST) {
183 while (stat(buf, &statbuf) == 0) ;
186 logthing(LOGTHING_CRITICAL, "Couldn't open database "
187 "update lock file: %s", strerror(errno));
191 snprintf(buf, sizeof(buf) - 1, "%d", getpid());
192 written = write(lockfile_fd, buf, strlen(buf));
194 if (written != strlen(buf)) {
195 logthing(LOGTHING_CRITICAL, "Couldn't write PID to lockfile: "
196 "%s", strerror(errno));
197 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
203 logthing(LOGTHING_NOTICE, "Upgrading DB4 database");
204 ret = db_env_create(&privctx->dbenv, 0);
206 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
207 privctx->dbenv->remove(privctx->dbenv, dbctx->config->location, 0);
208 privctx->dbenv = NULL;
210 for (i = 0; i < privctx->numdbs; i++) {
211 ret = db_create(&curdb, NULL, 0);
213 snprintf(buf, sizeof(buf) - 1, "%s/keydb.%d.db",
214 dbctx->config->location, i);
215 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
216 curdb->upgrade(curdb, buf, 0);
217 curdb->close(curdb, 0);
219 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
225 ret = db_create(&curdb, NULL, 0);
227 snprintf(buf, sizeof(buf) - 1, "%s/worddb", dbctx->config->location);
228 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
229 curdb->upgrade(curdb, buf, 0);
230 curdb->close(curdb, 0);
232 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
237 ret = db_create(&curdb, NULL, 0);
239 snprintf(buf, sizeof(buf) - 1, "%s/id32db", dbctx->config->location);
240 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
241 curdb->upgrade(curdb, buf, 0);
242 curdb->close(curdb, 0);
244 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
249 ret = db_create(&curdb, NULL, 0);
251 snprintf(buf, sizeof(buf) - 1, "%s/id64db", dbctx->config->location);
252 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
253 curdb->upgrade(curdb, buf, 0);
254 curdb->close(curdb, 0);
256 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
261 ret = db_create(&curdb, NULL, 0);
263 snprintf(buf, sizeof(buf) - 1, "%s/skshashdb", dbctx->config->location);
264 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
265 curdb->upgrade(curdb, buf, 0);
266 curdb->close(curdb, 0);
268 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
273 ret = db_create(&curdb, NULL, 0);
275 snprintf(buf, sizeof(buf) - 1, "%s/subkeydb", dbctx->config->location);
276 logthing(LOGTHING_DEBUG, "Upgrading %s", buf);
277 curdb->upgrade(curdb, buf, 0);
278 curdb->close(curdb, 0);
280 logthing(LOGTHING_ERROR, "Error upgrading DB %s : %s",
285 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbctx->config->location,
293 * fetch_key_fp - Given a fingerprint fetch the key from storage.
295 static int db4_fetch_key_fp(struct onak_dbctx *dbctx,
296 struct openpgp_fingerprint *fingerprint,
297 struct openpgp_publickey **publickey,
300 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
301 struct openpgp_packet_list *packets = NULL;
305 struct buffer_ctx fetchbuf;
306 struct openpgp_fingerprint subfp;
308 memset(&key, 0, sizeof(key));
309 memset(&data, 0, sizeof(data));
314 key.size = fingerprint->length;
315 key.data = fingerprint->fp;
318 db4_starttrans(dbctx);
321 ret = keydb_fp(privctx, fingerprint)->get(keydb_fp(privctx,
328 if (ret == DB_NOTFOUND) {
329 /* If we didn't find the key ID see if it's a subkey ID */
330 memset(&key, 0, sizeof(key));
331 memset(&data, 0, sizeof(data));
332 data.data = subfp.fp;
333 data.ulen = MAX_FINGERPRINT_LEN;
334 data.flags = DB_DBT_USERMEM;
335 key.data = fingerprint->fp;
336 key.size = fingerprint->length;
338 ret = privctx->subkeydb->get(privctx->subkeydb,
345 /* We got a subkey match; retrieve the actual key */
346 memset(&key, 0, sizeof(key));
347 key.size = subfp.length = data.size;
350 memset(&data, 0, sizeof(data));
354 ret = keydb_fp(privctx, &subfp)->get(
355 keydb_fp(privctx, &subfp),
364 fetchbuf.buffer = data.data;
366 fetchbuf.size = data.size;
367 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
369 parse_keys(packets, publickey);
370 free_packet_list(packets);
373 } else if (ret != DB_NOTFOUND) {
374 logthing(LOGTHING_ERROR,
375 "Problem retrieving key: %s",
387 * fetch_key_id - Given a keyid fetch the key from storage.
388 * @keyid: The keyid to fetch.
389 * @publickey: A pointer to a structure to return the key in.
390 * @intrans: If we're already in a transaction.
392 * We use the hex representation of the keyid as the filename to fetch the
393 * key from. The key is stored in the file as a binary OpenPGP stream of
394 * packets, so we can just use read_openpgp_stream() to read the packets
395 * in and then parse_keys() to parse the packets into a publickey
398 static int db4_fetch_key_id(struct onak_dbctx *dbctx, uint64_t keyid,
399 struct openpgp_publickey **publickey,
402 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
403 struct openpgp_packet_list *packets = NULL;
408 uint32_t shortkeyid = 0;
409 struct openpgp_fingerprint fingerprint;
413 db4_starttrans(dbctx);
416 /* If the key ID fits in 32 bits assume it's a short key id */
417 if (keyid < 0x100000000LL) {
418 ret = privctx->id32db->cursor(privctx->id32db,
423 shortkeyid = keyid & 0xFFFFFFFF;
424 memset(&key, 0, sizeof(key));
425 memset(&data, 0, sizeof(data));
426 key.data = &shortkeyid;
427 key.size = sizeof(shortkeyid);
429 ret = privctx->id64db->cursor(privctx->id64db,
434 memset(&key, 0, sizeof(key));
435 memset(&data, 0, sizeof(data));
437 key.size = sizeof(keyid);
444 memset(&data, 0, sizeof(data));
445 data.ulen = MAX_FINGERPRINT_LEN;
446 data.data = fingerprint.fp;
447 data.flags = DB_DBT_USERMEM;
450 while (cursor->c_get(cursor, &key, &data,
451 first ? DB_SET : DB_NEXT_DUP) == 0) {
452 /* We got a match; retrieve the actual key */
453 fingerprint.length = data.size;
455 if (db4_fetch_key_fp(dbctx, &fingerprint,
459 memset(&data, 0, sizeof(data));
460 data.ulen = MAX_FINGERPRINT_LEN;
461 data.data = fingerprint.fp;
462 data.flags = DB_DBT_USERMEM;
465 cursor->c_close(cursor);
476 int worddb_cmp(const void *d1, const void *d2)
478 return memcmp(d1, d2, 12);
482 * fetch_key_text - Trys to find the keys that contain the supplied text.
483 * @search: The text to search for.
484 * @publickey: A pointer to a structure to return the key in.
486 * This function searches for the supplied text and returns the keys that
489 static int db4_fetch_key_text(struct onak_dbctx *dbctx, const char *search,
490 struct openpgp_publickey **publickey)
492 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
499 char *searchtext = NULL;
500 struct ll *wordlist = NULL;
501 struct ll *curword = NULL;
502 struct keyarray keylist = { NULL, 0, 0 };
503 struct keyarray newkeylist = { NULL, 0, 0 };
505 struct openpgp_fingerprint fingerprint;
508 searchtext = strdup(search);
509 wordlist = makewordlist(wordlist, searchtext);
511 for (curword = wordlist; curword != NULL; curword = curword->next) {
512 db4_starttrans(dbctx);
514 ret = privctx->worddb->cursor(privctx->worddb,
524 memset(&key, 0, sizeof(key));
525 memset(&data, 0, sizeof(data));
526 key.data = curword->object;
527 key.size = strlen(curword->object);
528 data.flags = DB_DBT_MALLOC;
529 ret = cursor->c_get(cursor,
533 while (ret == 0 && strncmp(key.data, curword->object,
535 ((char *) curword->object)[key.size] == 0) {
537 fingerprint.length = data.size;
538 memcpy(fingerprint.fp, data.data, data.size);
541 * Only add the keys containing this word if this is
542 * our first pass (ie we have no existing key list),
543 * or the key contained a previous word.
545 if (firstpass || array_find(&keylist, &fingerprint)) {
546 array_add(&newkeylist, &fingerprint);
552 ret = cursor->c_get(cursor,
557 array_free(&keylist);
558 keylist.keys = newkeylist.keys;
559 keylist.count = newkeylist.count;
560 keylist.size = newkeylist.size;
561 newkeylist.keys = NULL;
562 newkeylist.count = newkeylist.size = 0;
563 if (data.data != NULL) {
567 cursor->c_close(cursor);
572 llfree(wordlist, NULL);
575 if (keylist.count > config.maxkeys) {
576 keylist.count = config.maxkeys;
579 db4_starttrans(dbctx);
580 for (i = 0; i < keylist.count; i++) {
581 numkeys += db4_fetch_key_fp(dbctx, &keylist.keys[i],
585 array_free(&keylist);
594 static int db4_fetch_key_skshash(struct onak_dbctx *dbctx,
595 const struct skshash *hash,
596 struct openpgp_publickey **publickey)
598 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
604 struct openpgp_fingerprint fingerprint;
606 ret = privctx->skshashdb->cursor(privctx->skshashdb,
615 memset(&key, 0, sizeof(key));
616 memset(&data, 0, sizeof(data));
617 key.data = (void *) hash->hash;
618 key.size = sizeof(hash->hash);
619 data.ulen = MAX_FINGERPRINT_LEN;
620 data.data = fingerprint.fp;
621 data.flags = DB_DBT_USERMEM;
623 ret = cursor->c_get(cursor,
629 fingerprint.length = data.size;
630 count = db4_fetch_key_fp(dbctx, &fingerprint,
634 cursor->c_close(cursor);
641 * delete_key - Given a keyid delete the key from storage.
642 * @fp: The fingerprint of the key to delete.
643 * @intrans: If we're already in a transaction.
645 * This function deletes a public key from whatever storage mechanism we
646 * are using. Returns 0 if the key existed.
648 static int db4_delete_key(struct onak_dbctx *dbctx,
649 struct openpgp_fingerprint *fp,
652 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
653 struct openpgp_publickey *publickey = NULL;
656 DBC *cursor64 = NULL;
657 uint32_t shortkeyid = 0;
658 uint64_t subkeyid = 0;
659 struct openpgp_fingerprint *subkeyids = NULL;
663 char *primary = NULL;
664 unsigned char worddb_data[12];
665 struct ll *wordlist = NULL;
666 struct ll *curword = NULL;
667 bool deadlock = false;
672 db4_starttrans(dbctx);
675 if (db4_fetch_key_fp(dbctx, fp, &publickey, true) == 0) {
682 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
687 * Walk through the uids removing the words from the worddb.
689 if (publickey != NULL) {
690 uids = keyuids(publickey, &primary);
693 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
694 wordlist = makewordlist(wordlist, uids[i]);
697 privctx->worddb->cursor(privctx->worddb,
702 for (curword = wordlist; curword != NULL && !deadlock;
703 curword = curword->next) {
704 memset(&key, 0, sizeof(key));
705 memset(&data, 0, sizeof(data));
706 key.data = curword->object;
707 key.size = strlen(key.data);
708 data.data = worddb_data;
709 data.size = sizeof(worddb_data);
712 * New style uses the fingerprint as the data
713 * Old (unsupported) style was the 64 bit keyid
715 memset(&key, 0, sizeof(key));
716 memset(&data, 0, sizeof(data));
717 key.data = curword->object;
718 key.size = strlen(key.data);
720 data.size = fp->length;
722 ret = cursor->c_get(cursor,
728 ret = cursor->c_del(cursor, 0);
731 if (ret != 0 && ret != DB_NOTFOUND) {
732 logthing(LOGTHING_ERROR,
733 "Problem deleting word: %s "
734 "(0x%016" PRIX64 ")",
737 if (ret == DB_LOCK_DEADLOCK) {
742 cursor->c_close(cursor);
746 * Free our UID and word lists.
748 llfree(wordlist, NULL);
749 for (i = 0; uids[i] != NULL; i++) {
758 privctx->id32db->cursor(privctx->id32db,
762 privctx->id64db->cursor(privctx->id64db,
767 /* 32 bit short key mapping to fingerprint */
768 shortkeyid = keyid & 0xFFFFFFFF;
770 memset(&key, 0, sizeof(key));
771 memset(&data, 0, sizeof(data));
772 key.data = &shortkeyid;
773 key.size = sizeof(shortkeyid);
775 data.size = fp->length;
777 ret = cursor->c_get(cursor,
783 ret = cursor->c_del(cursor, 0);
786 if (ret != 0 && ret != DB_NOTFOUND) {
787 logthing(LOGTHING_ERROR,
788 "Problem deleting short keyid: %s "
789 "(0x%016" PRIX64 ")",
792 if (ret == DB_LOCK_DEADLOCK) {
797 /* 64 bit key mapping to fingerprint */
798 memset(&key, 0, sizeof(key));
799 memset(&data, 0, sizeof(data));
801 key.size = sizeof(keyid);
803 data.size = fp->length;
805 ret = cursor64->c_get(cursor64,
811 ret = cursor64->c_del(cursor64, 0);
814 if (ret != 0 && ret != DB_NOTFOUND) {
815 logthing(LOGTHING_ERROR,
816 "Problem deleting keyid: %s "
817 "(0x%016" PRIX64 ")",
820 if (ret == DB_LOCK_DEADLOCK) {
825 subkeyids = keysubkeys(publickey);
827 while (subkeyids != NULL && subkeyids[i].length != 0) {
828 subkeyid = fingerprint2keyid(&subkeyids[i]);
829 memset(&key, 0, sizeof(key));
830 key.data = subkeyids[i].fp;
831 key.size = subkeyids[i].length;
832 privctx->subkeydb->del(privctx->subkeydb,
833 privctx->txn, &key, 0);
834 if (ret != 0 && ret != DB_NOTFOUND) {
835 logthing(LOGTHING_ERROR,
836 "Problem deleting subkey id: %s "
837 "(0x%016" PRIX64 ")",
840 if (ret == DB_LOCK_DEADLOCK) {
845 shortkeyid = subkeyid & 0xFFFFFFFF;
847 /* Remove 32 bit keyid -> fingerprint mapping */
848 memset(&key, 0, sizeof(key));
849 memset(&data, 0, sizeof(data));
850 key.data = &shortkeyid;
851 key.size = sizeof(shortkeyid);
853 data.size = fp->length;
855 ret = cursor->c_get(cursor,
861 ret = cursor->c_del(cursor, 0);
864 if (ret != 0 && ret != DB_NOTFOUND) {
865 logthing(LOGTHING_ERROR,
866 "Problem deleting short keyid: %s "
867 "(0x%016" PRIX64 ")",
870 if (ret == DB_LOCK_DEADLOCK) {
875 /* Remove 64 bit keyid -> fingerprint mapping */
876 memset(&key, 0, sizeof(key));
877 memset(&data, 0, sizeof(data));
878 key.data = &subkeyid;
879 key.size = sizeof(subkeyid);
881 data.size = fp->length;
883 ret = cursor64->c_get(cursor64,
889 ret = cursor64->c_del(cursor64, 0);
892 if (ret != 0 && ret != DB_NOTFOUND) {
893 logthing(LOGTHING_ERROR,
894 "Problem deleting keyid: %s "
895 "(0x%016" PRIX64 ")",
898 if (ret == DB_LOCK_DEADLOCK) {
904 if (subkeyids != NULL) {
908 cursor64->c_close(cursor64);
910 cursor->c_close(cursor);
915 ret = privctx->skshashdb->cursor(privctx->skshashdb,
920 get_skshash(publickey, &hash);
922 /* Remove SKS hash -> fingerprint mapping */
923 memset(&key, 0, sizeof(key));
924 memset(&data, 0, sizeof(data));
925 key.data = hash.hash;
926 key.size = sizeof(hash.hash);
928 data.size = fp->length;
930 ret = cursor->c_get(cursor,
936 ret = cursor->c_del(cursor, 0);
939 if (ret != 0 && ret != DB_NOTFOUND) {
940 logthing(LOGTHING_ERROR,
941 "Problem deleting skshash: %s "
942 "(0x%016" PRIX64 ")",
945 if (ret == DB_LOCK_DEADLOCK) {
950 cursor->c_close(cursor);
954 free_publickey(publickey);
959 key.size = fp->length;
961 keydb_fp(privctx, fp)->del(keydb_fp(privctx, fp),
971 return deadlock ? (-1) : (ret == DB_NOTFOUND);
975 * store_key - Takes a key and stores it.
976 * @publickey: A pointer to the public key to store.
977 * @intrans: If we're already in a transaction.
978 * @update: If true the key exists and should be updated.
980 * Again we just use the hex representation of the keyid as the filename
981 * to store the key to. We flatten the public key to a list of OpenPGP
982 * packets and then use write_openpgp_stream() to write the stream out to
983 * the file. If update is true then we delete the old key first, otherwise
984 * we trust that it doesn't exist.
986 static int db4_store_key(struct onak_dbctx *dbctx,
987 struct openpgp_publickey *publickey, bool intrans,
990 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
991 struct openpgp_packet_list *packets = NULL;
992 struct openpgp_packet_list *list_end = NULL;
993 struct openpgp_publickey *next = NULL;
996 struct buffer_ctx storebuf;
1000 uint32_t shortkeyid = 0;
1001 struct openpgp_fingerprint *subkeyids = NULL;
1003 char *primary = NULL;
1004 struct ll *wordlist = NULL;
1005 struct ll *curword = NULL;
1006 bool deadlock = false;
1007 struct skshash hash;
1008 struct openpgp_fingerprint fingerprint;
1010 if (get_keyid(publickey, &keyid) != ONAK_E_OK) {
1011 logthing(LOGTHING_ERROR, "Couldn't find key ID for key.");
1015 if (get_fingerprint(publickey->publickey, &fingerprint) != ONAK_E_OK) {
1016 logthing(LOGTHING_ERROR, "Couldn't find fingerprint for key.");
1021 db4_starttrans(dbctx);
1025 * Delete the key if we already have it.
1027 * TODO: Can we optimize this perhaps? Possibly when other data is
1028 * involved as well? I suspect this is easiest and doesn't make a lot
1029 * of difference though - the largest chunk of data is the keydata and
1030 * it definitely needs updated.
1033 deadlock = (db4_delete_key(dbctx, &fingerprint, true) == -1);
1037 * Convert the key to a flat set of binary data.
1040 next = publickey->next;
1041 publickey->next = NULL;
1042 flatten_publickey(publickey, &packets, &list_end);
1043 publickey->next = next;
1045 storebuf.offset = 0;
1046 storebuf.size = 8192;
1047 storebuf.buffer = malloc(8192);
1049 write_openpgp_stream(buffer_putchar, &storebuf, packets);
1052 * Now we have the key data store it in the DB; the fingerprint
1055 memset(&key, 0, sizeof(key));
1056 memset(&data, 0, sizeof(data));
1057 key.data = fingerprint.fp;
1058 key.size = fingerprint.length;
1059 data.size = storebuf.offset;
1060 data.data = storebuf.buffer;
1062 ret = keydb_fp(privctx, &fingerprint)->put(
1063 keydb_fp(privctx, &fingerprint),
1069 logthing(LOGTHING_ERROR,
1070 "Problem storing key: %s",
1072 if (ret == DB_LOCK_DEADLOCK) {
1077 free(storebuf.buffer);
1078 storebuf.buffer = NULL;
1080 storebuf.offset = 0;
1082 free_packet_list(packets);
1087 * Walk through our uids storing the words into the db with the
1091 uids = keyuids(publickey, &primary);
1094 for (i = 0; ret == 0 && uids[i] != NULL; i++) {
1095 wordlist = makewordlist(wordlist, uids[i]);
1098 for (curword = wordlist; curword != NULL && !deadlock;
1099 curword = curword->next) {
1100 memset(&key, 0, sizeof(key));
1101 memset(&data, 0, sizeof(data));
1102 key.data = curword->object;
1103 key.size = strlen(key.data);
1104 data.data = fingerprint.fp;
1105 data.size = fingerprint.length;
1107 ret = privctx->worddb->put(privctx->worddb,
1113 logthing(LOGTHING_ERROR,
1114 "Problem storing word: %s",
1116 if (ret == DB_LOCK_DEADLOCK) {
1123 * Free our UID and word lists.
1125 llfree(wordlist, NULL);
1126 for (i = 0; uids[i] != NULL; i++) {
1135 * Write the truncated 32 bit keyid so we can lookup the fingerprint
1139 shortkeyid = keyid & 0xFFFFFFFF;
1141 memset(&key, 0, sizeof(key));
1142 memset(&data, 0, sizeof(data));
1143 key.data = &shortkeyid;
1144 key.size = sizeof(shortkeyid);
1145 data.data = fingerprint.fp;
1146 data.size = fingerprint.length;
1148 ret = privctx->id32db->put(privctx->id32db,
1154 logthing(LOGTHING_ERROR,
1155 "Problem storing short keyid: %s",
1157 if (ret == DB_LOCK_DEADLOCK) {
1164 * Write the 64 bit keyid so we can lookup the fingerprint for
1168 memset(&key, 0, sizeof(key));
1169 memset(&data, 0, sizeof(data));
1171 key.size = sizeof(keyid);
1172 data.data = fingerprint.fp;
1173 data.size = fingerprint.length;
1175 ret = privctx->id64db->put(privctx->id64db,
1181 logthing(LOGTHING_ERROR,
1182 "Problem storing keyid: %s",
1184 if (ret == DB_LOCK_DEADLOCK) {
1191 subkeyids = keysubkeys(publickey);
1193 while (subkeyids != NULL && subkeyids[i].length != 0) {
1194 /* Store the subkey ID -> main key fp mapping */
1195 memset(&key, 0, sizeof(key));
1196 memset(&data, 0, sizeof(data));
1197 key.data = subkeyids[i].fp;
1198 key.size = subkeyids[i].length;
1199 data.data = fingerprint.fp;
1200 data.size = fingerprint.length;
1202 ret = privctx->subkeydb->put(privctx->subkeydb,
1208 logthing(LOGTHING_ERROR,
1209 "Problem storing subkey keyid: %s",
1211 if (ret == DB_LOCK_DEADLOCK) {
1216 /* Store the 64 bit subkey ID -> main key fp mapping */
1217 memset(&key, 0, sizeof(key));
1218 memset(&data, 0, sizeof(data));
1220 keyid = fingerprint2keyid(&subkeyids[i]);
1222 key.size = sizeof(keyid);
1223 data.data = fingerprint.fp;
1224 data.size = fingerprint.length;
1226 ret = privctx->id64db->put(privctx->id64db,
1232 logthing(LOGTHING_ERROR,
1233 "Problem storing keyid: %s",
1235 if (ret == DB_LOCK_DEADLOCK) {
1240 /* Store the short subkey ID -> main key fp mapping */
1241 shortkeyid = keyid & 0xFFFFFFFF;
1243 memset(&key, 0, sizeof(key));
1244 memset(&data, 0, sizeof(data));
1245 key.data = &shortkeyid;
1246 key.size = sizeof(shortkeyid);
1247 data.data = fingerprint.fp;
1248 data.size = fingerprint.length;
1250 ret = privctx->id32db->put(privctx->id32db,
1256 logthing(LOGTHING_ERROR,
1257 "Problem storing short keyid: %s",
1259 if (ret == DB_LOCK_DEADLOCK) {
1265 if (subkeyids != NULL) {
1272 get_skshash(publickey, &hash);
1273 memset(&key, 0, sizeof(key));
1274 memset(&data, 0, sizeof(data));
1275 key.data = hash.hash;
1276 key.size = sizeof(hash.hash);
1277 data.data = fingerprint.fp;
1278 data.size = fingerprint.length;
1280 ret = privctx->skshashdb->put(privctx->skshashdb,
1286 logthing(LOGTHING_ERROR,
1287 "Problem storing SKS hash: %s",
1289 if (ret == DB_LOCK_DEADLOCK) {
1296 db4_endtrans(dbctx);
1299 return deadlock ? -1 : 0 ;
1303 * iterate_keys - call a function once for each key in the db.
1304 * @iterfunc: The function to call.
1305 * @ctx: A context pointer
1307 * Calls iterfunc once for each key in the database. ctx is passed
1308 * unaltered to iterfunc. This function is intended to aid database dumps
1309 * and statistic calculations.
1311 * Returns the number of keys we iterated over.
1313 static int db4_iterate_keys(struct onak_dbctx *dbctx,
1314 void (*iterfunc)(void *ctx, struct openpgp_publickey *key),
1317 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1323 struct buffer_ctx fetchbuf;
1324 struct openpgp_packet_list *packets = NULL;
1325 struct openpgp_publickey *key = NULL;
1327 for (i = 0; i < privctx->numdbs; i++) {
1328 ret = privctx->dbconns[i]->cursor(privctx->dbconns[i],
1337 memset(&dbkey, 0, sizeof(dbkey));
1338 memset(&data, 0, sizeof(data));
1339 ret = cursor->c_get(cursor, &dbkey, &data, DB_NEXT);
1341 fetchbuf.buffer = data.data;
1342 fetchbuf.offset = 0;
1343 fetchbuf.size = data.size;
1344 read_openpgp_stream(buffer_fetchchar, &fetchbuf,
1346 parse_keys(packets, &key);
1350 free_publickey(key);
1352 free_packet_list(packets);
1355 memset(&dbkey, 0, sizeof(dbkey));
1356 memset(&data, 0, sizeof(data));
1357 ret = cursor->c_get(cursor, &dbkey, &data,
1361 if (ret != DB_NOTFOUND) {
1362 logthing(LOGTHING_ERROR,
1363 "Problem reading key: %s",
1367 cursor->c_close(cursor);
1375 * Include the basic keydb routines.
1377 #define NEED_GETKEYSIGS 1
1378 #define NEED_KEYID2UID 1
1379 #define NEED_UPDATEKEYS 1
1383 * cleanupdb - De-initialize the key database.
1385 * This function should be called upon program exit to allow the DB to
1386 * cleanup after itself.
1388 static void db4_cleanupdb(struct onak_dbctx *dbctx)
1390 struct onak_db4_dbctx *privctx = (struct onak_db4_dbctx *) dbctx->priv;
1393 if (privctx->dbenv != NULL) {
1394 privctx->dbenv->txn_checkpoint(privctx->dbenv, 0, 0, 0);
1395 if (privctx->subkeydb != NULL) {
1396 privctx->subkeydb->close(privctx->subkeydb, 0);
1397 privctx->subkeydb = NULL;
1399 if (privctx->skshashdb != NULL) {
1400 privctx->skshashdb->close(privctx->skshashdb, 0);
1401 privctx->skshashdb = NULL;
1403 if (privctx->id64db != NULL) {
1404 privctx->id64db->close(privctx->id64db, 0);
1405 privctx->id64db = NULL;
1407 if (privctx->id32db != NULL) {
1408 privctx->id32db->close(privctx->id32db, 0);
1409 privctx->id32db = NULL;
1411 if (privctx->worddb != NULL) {
1412 privctx->worddb->close(privctx->worddb, 0);
1413 privctx->worddb = NULL;
1415 for (i = 0; i < privctx->numdbs; i++) {
1416 if (privctx->dbconns[i] != NULL) {
1417 privctx->dbconns[i]->close(privctx->dbconns[i],
1419 privctx->dbconns[i] = NULL;
1422 free(privctx->dbconns);
1423 privctx->dbconns = NULL;
1424 privctx->dbenv->close(privctx->dbenv, 0);
1425 privctx->dbenv = NULL;
1434 * initdb - Initialize the key database.
1436 * This function should be called before any of the other functions in
1437 * this file are called in order to allow the DB to be initialized ready
1440 struct onak_dbctx *keydb_db4_init(struct onak_db_config *dbcfg, bool readonly)
1447 struct stat statbuf;
1449 struct onak_dbctx *dbctx;
1450 struct onak_db4_dbctx *privctx;
1452 dbctx = malloc(sizeof(*dbctx));
1453 if (dbctx == NULL) {
1456 dbctx->config = dbcfg;
1457 dbctx->priv = privctx = calloc(1, sizeof(*privctx));
1458 if (privctx == NULL) {
1463 /* Default to 16 key data DBs */
1464 privctx->numdbs = 16;
1466 snprintf(buf, sizeof(buf) - 1, "%s/%s", dbcfg->location,
1468 ret = stat(buf, &statbuf);
1469 while ((ret == 0) || (errno != ENOENT)) {
1471 logthing(LOGTHING_CRITICAL, "Couldn't stat upgrade "
1472 "lock file: %s (%d)", strerror(errno), ret);
1475 logthing(LOGTHING_DEBUG, "DB4 upgrade in progress; waiting.");
1477 ret = stat(buf, &statbuf);
1481 snprintf(buf, sizeof(buf) - 1, "%s/num_keydb", dbcfg->location);
1482 numdb = fopen(buf, "r");
1483 if (numdb != NULL) {
1484 if (fgets(buf, sizeof(buf), numdb) != NULL) {
1485 privctx->numdbs = atoi(buf);
1488 } else if (!readonly) {
1489 logthing(LOGTHING_ERROR, "Couldn't open num_keydb: %s",
1491 numdb = fopen(buf, "w");
1492 if (numdb != NULL) {
1493 fprintf(numdb, "%d", privctx->numdbs);
1496 logthing(LOGTHING_ERROR,
1497 "Couldn't write num_keydb: %s",
1502 privctx->dbconns = calloc(privctx->numdbs, sizeof (DB *));
1503 if (privctx->dbconns == NULL) {
1504 logthing(LOGTHING_CRITICAL,
1505 "Couldn't allocate memory for dbconns");
1510 ret = db_env_create(&privctx->dbenv, 0);
1512 logthing(LOGTHING_CRITICAL,
1513 "db_env_create: %s", db_strerror(ret));
1518 * Up the number of locks we're allowed at once. We base this on
1519 * the maximum number of keys we're going to return.
1522 maxlocks = config.maxkeys * 16;
1523 if (maxlocks < 1000) {
1526 privctx->dbenv->set_lk_max_locks(privctx->dbenv, maxlocks);
1527 privctx->dbenv->set_lk_max_objects(privctx->dbenv, maxlocks);
1531 * Enable deadlock detection so that we don't block indefinitely on
1532 * anything. What we really want is simple 2 state locks, but I'm not
1533 * sure how to make the standard DB functions do that yet.
1536 privctx->dbenv->set_errcall(privctx->dbenv, &db4_errfunc);
1537 ret = privctx->dbenv->set_lk_detect(privctx->dbenv, DB_LOCK_DEFAULT);
1539 logthing(LOGTHING_CRITICAL,
1540 "db_env_create: %s", db_strerror(ret));
1545 ret = privctx->dbenv->open(privctx->dbenv, dbcfg->location,
1546 DB_INIT_LOG | DB_INIT_MPOOL | DB_INIT_LOCK |
1550 #ifdef DB_VERSION_MISMATCH
1551 if (ret == DB_VERSION_MISMATCH) {
1552 privctx->dbenv->close(privctx->dbenv, 0);
1553 privctx->dbenv = NULL;
1554 ret = db4_upgradedb(dbctx);
1556 ret = db_env_create(&privctx->dbenv, 0);
1559 privctx->dbenv->set_errcall(privctx->dbenv,
1561 privctx->dbenv->set_lk_detect(privctx->dbenv,
1563 ret = privctx->dbenv->open(privctx->dbenv,
1565 DB_INIT_LOG | DB_INIT_MPOOL |
1566 DB_INIT_LOCK | DB_INIT_TXN |
1567 DB_CREATE | DB_RECOVER,
1571 privctx->dbenv->txn_checkpoint(
1581 logthing(LOGTHING_CRITICAL,
1582 "Error opening db environment: %s (%s)",
1585 if (privctx->dbenv != NULL) {
1586 privctx->dbenv->close(privctx->dbenv, 0);
1587 privctx->dbenv = NULL;
1593 db4_starttrans(dbctx);
1595 for (i = 0; !ret && i < privctx->numdbs; i++) {
1596 ret = db_create(&privctx->dbconns[i],
1599 logthing(LOGTHING_CRITICAL,
1600 "db_create: %s", db_strerror(ret));
1604 snprintf(buf, 1023, "keydb.%d.db", i);
1609 ret = privctx->dbconns[i]->open(
1610 privctx->dbconns[i],
1618 logthing(LOGTHING_CRITICAL,
1619 "Error opening key database:"
1629 ret = db_create(&privctx->worddb, privctx->dbenv, 0);
1631 logthing(LOGTHING_CRITICAL, "db_create: %s",
1637 ret = privctx->worddb->set_flags(privctx->worddb, DB_DUP);
1641 ret = privctx->worddb->open(privctx->worddb, privctx->txn,
1642 "worddb", "worddb", DB_BTREE,
1646 logthing(LOGTHING_CRITICAL,
1647 "Error opening word database: %s (%s)",
1654 ret = db_create(&privctx->id32db, privctx->dbenv, 0);
1656 logthing(LOGTHING_CRITICAL, "db_create: %s",
1662 ret = privctx->id32db->set_flags(privctx->id32db, DB_DUP);
1666 ret = privctx->id32db->open(privctx->id32db, privctx->txn,
1667 "id32db", "id32db", DB_HASH,
1671 logthing(LOGTHING_CRITICAL,
1672 "Error opening id32 database: %s (%s)",
1679 ret = db_create(&privctx->id64db, privctx->dbenv, 0);
1681 logthing(LOGTHING_CRITICAL, "db_create: %s",
1687 ret = privctx->id64db->set_flags(privctx->id64db, DB_DUP);
1691 ret = privctx->id64db->open(privctx->id64db, privctx->txn,
1692 "id64db", "id64db", DB_HASH,
1696 logthing(LOGTHING_CRITICAL,
1697 "Error opening id64 database: %s (%s)",
1704 ret = db_create(&privctx->skshashdb, privctx->dbenv, 0);
1706 logthing(LOGTHING_CRITICAL, "db_create: %s",
1712 ret = privctx->skshashdb->open(privctx->skshashdb, privctx->txn,
1714 "skshashdb", DB_HASH,
1718 logthing(LOGTHING_CRITICAL,
1719 "Error opening skshash database: %s (%s)",
1726 ret = db_create(&privctx->subkeydb, privctx->dbenv, 0);
1728 logthing(LOGTHING_CRITICAL, "db_create: %s",
1734 ret = privctx->subkeydb->open(privctx->subkeydb, privctx->txn,
1735 "subkeydb", "subkeydb",
1740 logthing(LOGTHING_CRITICAL,
1741 "Error opening subkey database: %s (%s)",
1747 if (privctx->txn != NULL) {
1748 db4_endtrans(dbctx);
1752 db4_cleanupdb(dbctx);
1753 logthing(LOGTHING_CRITICAL,
1754 "Error opening database; exiting");
1758 dbctx->cleanupdb = db4_cleanupdb;
1759 dbctx->starttrans = db4_starttrans;
1760 dbctx->endtrans = db4_endtrans;
1761 dbctx->fetch_key_id = db4_fetch_key_id;
1762 dbctx->fetch_key_fp = db4_fetch_key_fp;
1763 dbctx->fetch_key_text = db4_fetch_key_text;
1764 dbctx->fetch_key_skshash = db4_fetch_key_skshash;
1765 dbctx->store_key = db4_store_key;
1766 dbctx->update_keys = generic_update_keys;
1767 dbctx->delete_key = db4_delete_key;
1768 dbctx->getkeysigs = generic_getkeysigs;
1769 dbctx->cached_getkeysigs = generic_cached_getkeysigs;
1770 dbctx->keyid2uid = generic_keyid2uid;
1771 dbctx->iterate_keys = db4_iterate_keys;