security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity
gnupg/kbx/frontend.c

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

567 lines
14 KiB
C
Raw Permalink Normal View History

kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* frontend.c - Database fronend code for keyboxd
* Copyright (C) 2019 g10 Code GmbH
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
* SPDX-License-Identifier: GPL-3.0+
*/
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
#include <string.h>
#include "keyboxd.h"
#include <assuan.h>
#include "../common/i18n.h"
#include "../common/userids.h"
#include "backend.h"
#include "frontend.h"
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
/* An object to keep infos about the database. */
struct
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
enum database_types db_type;
backend_handle_t backend_handle;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
} the_database;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* Take a lock for reading the databases. */
static void
take_read_lock (ctrl_t ctrl)
{
/* FIXME */
(void)ctrl;
}
/* Take a lock for reading and writing the databases. */
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
static void
take_read_write_lock (ctrl_t ctrl)
{
/* FIXME */
(void)ctrl;
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* Release a lock. It is valid to call this even if no lock has been
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
* taken in which case this is a nop. */
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
static void
release_lock (ctrl_t ctrl)
{
/* FIXME */
(void)ctrl;
}
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
/* Set the database to use. Depending on the FILENAME suffix we
* decide which one to use. This function must be called at daemon
* startup because it employs no locking. If FILENAME has no
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
* directory separator, the file is expected or created below
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
* "$GNUPGHOME/public-keys.d/". In READONLY mode the file must exists;
* otherwise it is created. */
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
gpg_error_t
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
kbxd_set_database (ctrl_t ctrl, const char *filename_arg, int readonly)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
gpg_error_t err;
char *filename;
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
enum database_types db_type = 0;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
backend_handle_t handle = NULL;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
unsigned int n;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* Do tilde expansion etc. */
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (strchr (filename_arg, DIRSEP_C)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
#ifdef HAVE_W32_SYSTEM
|| strchr (filename_arg, '/') /* Windows also accepts a slash. */
#endif
)
filename = make_filename (filename_arg, NULL);
else
filename = make_filename (gnupg_homedir (), GNUPG_PUBLIC_KEYS_DIR,
filename_arg, NULL);
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
/* If this is the first call to the function and the request is not
* for the cache backend, add the cache backend so that it will
* always be the first to be queried. */
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (the_database.db_type)
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
log_error ("error: only one database allowed\n");
err = gpg_error (GPG_ERR_CONFLICT);
goto leave;
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
}
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
/* Init the cache. */
err = be_cache_initialize ();
if (err)
goto leave;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
n = strlen (filename);
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
if (db_type)
; /* We already know it. */
else if (n > 4 && !strcmp (filename + n - 4, ".kbx"))
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
db_type = DB_TYPE_KBX;
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
else if (n > 3 && !strcmp (filename + n - 3, ".db"))
db_type = DB_TYPE_SQLITE;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
else
{
log_error (_("can't use file '%s': %s\n"), filename, _("unknown suffix"));
err = gpg_error (GPG_ERR_NOT_SUPPORTED);
goto leave;
}
err = gpg_error (GPG_ERR_BUG);
switch (db_type)
{
case DB_TYPE_NONE: /* NOTREACHED */
break;
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
case DB_TYPE_CACHE:
err = be_cache_add_resource (ctrl, &handle);
break;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
case DB_TYPE_KBX:
err = be_kbx_add_resource (ctrl, &handle, filename, readonly);
break;
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
case DB_TYPE_SQLITE:
err = be_sqlite_add_resource (ctrl, &handle, filename, readonly);
break;
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
if (err)
goto leave;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
the_database.db_type = db_type;
the_database.backend_handle = handle;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
handle = NULL;
leave:
if (err)
kbx: Fix error code return in keyboxd. * kbx/frontend.c (kbxd_add_resource): Print a diagnostic on error. * kbx/backend-kbx.c (be_kbx_add_resource): Acttually returh the error code. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 14:28:36 +02:00
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
log_error ("error setting database '%s': %s\n",
kbx: Fix error code return in keyboxd. * kbx/frontend.c (kbxd_add_resource): Print a diagnostic on error. * kbx/backend-kbx.c (be_kbx_add_resource): Acttually returh the error code. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-09-27 14:28:36 +02:00
filename, gpg_strerror (err));
be_generic_release_backend (ctrl, handle);
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
xfree (filename);
return err;
}
/* Release all per session objects. */
void
kbxd_release_session_info (ctrl_t ctrl)
{
if (!ctrl)
return;
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
be_release_request (ctrl->db_req);
ctrl->db_req = NULL;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
}
keyboxd: New command TRANSACTION. * kbx/backend-sqlite.c (be_sqlite_rollback): New. (be_sqlite_commit): New. (be_sqlite_search): Take care of global transactions. (be_sqlite_store): Ditto. (be_sqlite_delete): Ditto. * kbx/frontend.c (kbxd_rollback, kbxd_commit): New. * kbx/keyboxd.h (opt): Add vars for transactions. * kbx/kbxserver.c (struct server_local_s): Add fields next_session and client_pid. (session_list): New var. (cmd_transaction): New. (register_commands): Register command. (kbxd_start_command_handler): Store pids and track sessions. Do a final rollback. -- This command is currently an experiment to allow a client to run everything in one session. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-24 16:38:21 +02:00
gpg_error_t
kbxd_rollback (void)
{
return be_sqlite_rollback ();
}
gpg_error_t
kbxd_commit (void)
{
return be_sqlite_commit ();
}
kbx: Improve debugging of the search descriptions in keyboxd. * kbx/frontend.c (dump_search_desc): New. (kbxd_search): Actually log the search descriptions. Signed-off-by: Werner Koch <wk@gnupg.org>
2021-07-08 13:56:11 +02:00
static void
dump_search_desc (struct keydb_search_desc *desc)
{
switch (desc->mode)
{
case KEYDB_SEARCH_MODE_EXACT:
log_printf ("EXACT: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_SUBSTR:
log_printf ("SUBSTR: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_MAIL:
log_printf ("MAIL: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_MAILSUB:
log_printf ("MAILSUB: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_MAILEND:
log_printf ("MAILEND: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_WORDS:
log_printf ("WORDS: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_SHORT_KID:
log_printf ("SHORT_KID: 0x%08lX\n", (ulong)desc->u.kid[1]);
break;
case KEYDB_SEARCH_MODE_LONG_KID:
log_printf ("LONG_KID: 0x%08lX%08lX\n",
(ulong)desc->u.kid[0], (ulong)desc->u.kid[1]);
break;
case KEYDB_SEARCH_MODE_FPR:
log_printf ("FPR%02d: ", desc->fprlen);
log_printhex (desc->u.fpr, desc->fprlen, "");
break;
case KEYDB_SEARCH_MODE_ISSUER:
log_printf ("ISSUER: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_ISSUER_SN:
log_printf ("ISSUER_SN: '#%.*s/%s'\n",
(int)desc->snlen, desc->sn, desc->u.name);
break;
case KEYDB_SEARCH_MODE_SN:
log_printf ("SN: '%.*s'\n", (int)desc->snlen, desc->sn);
break;
case KEYDB_SEARCH_MODE_SUBJECT:
log_printf ("SUBJECT: '%s'\n", desc->u.name);
break;
case KEYDB_SEARCH_MODE_KEYGRIP:
log_printf ("KEYGRIP: ");
log_printhex (desc[0].u.grip, KEYGRIP_LEN, "");
break;
case KEYDB_SEARCH_MODE_UBID:
log_printf ("UBID: ");
log_printhex (desc[0].u.ubid, UBID_LEN, "");
break;
case KEYDB_SEARCH_MODE_FIRST:
log_printf ("FIRST\n");
break;
case KEYDB_SEARCH_MODE_NEXT:
log_printf ("NEXT\n");
break;
default:
log_printf ("Bad search mode (%d)\n", desc->mode);
}
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* Search for the keys described by (DESC,NDESC) and return them to
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
* the caller. If RESET is set, the search state is first reset.
* Only a reset guarantees that changed search description in DESC are
* considered. */
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
gpg_error_t
kbxd_search (ctrl_t ctrl, KEYDB_SEARCH_DESC *desc, unsigned int ndesc,
int reset)
{
gpg_error_t err;
int i;
db_request_t request;
if (DBG_CLOCK)
log_clock ("%s: enter", __func__);
if (DBG_LOOKUP)
{
log_debug ("%s: %u search descriptions:\n", __func__, ndesc);
for (i = 0; i < ndesc; i ++)
{
kbx: Improve debugging of the search descriptions in keyboxd. * kbx/frontend.c (dump_search_desc): New. (kbxd_search): Actually log the search descriptions. Signed-off-by: Werner Koch <wk@gnupg.org>
2021-07-08 13:56:11 +02:00
log_debug ("%s %d: ", __func__, i);
dump_search_desc (&desc[i]);
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
}
}
take_read_lock (ctrl);
/* Allocate a handle object if none exists for this context. */
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
if (!ctrl->db_req)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
ctrl->db_req = xtrycalloc (1, sizeof *ctrl->db_req);
if (!ctrl->db_req)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
err = gpg_error_from_syserror ();
goto leave;
}
}
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
request = ctrl->db_req;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (!the_database.db_type)
{
log_error ("%s: error: no database configured\n", __func__);
err = gpg_error (GPG_ERR_NOT_INITIALIZED);
goto leave;
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
/* If requested do a reset. Using the reset flag is faster than
Spelling cleanup. No functional changes, just fixing minor spelling issues. --- Most of these were identified from the command line by running: codespell \ --ignore-words-list fpr,stati,keyserver,keyservers,asign,cas,iff,ifset \ --skip '*.po,ChangeLog*,help.*.txt,*.jpg,*.eps,*.pdf,*.png,*.gpg,*.asc' \ doc g13 g10 kbx agent artwork scd tests tools am common dirmngr sm \ NEWS README README.maint TODO Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2020-02-18 15:34:42 +01:00
* letting the caller do a separate call for an initial reset. */
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
if (!desc || reset)
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
switch (the_database.db_type)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
case DB_TYPE_CACHE:
err = 0; /* Nothing to do. */
break;
case DB_TYPE_KBX:
err = be_kbx_search (ctrl, the_database.backend_handle,
request, NULL, 0);
break;
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
case DB_TYPE_SQLITE:
err = be_sqlite_search (ctrl, the_database.backend_handle,
request, NULL, 0);
break;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
default:
err = gpg_error (GPG_ERR_INTERNAL);
break;
}
if (err)
{
log_error ("error during the %ssearch reset: %s\n",
reset? "initial ":"", gpg_strerror (err));
goto leave;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
}
request->any_search = 0;
request->any_found = 0;
request->next_dbidx = 0;
if (!desc) /* Reset only mode */
{
err = 0;
goto leave;
}
}
/* Divert to the backend for the actual search. */
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
switch (the_database.db_type)
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
{
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
case DB_TYPE_CACHE:
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
err = be_cache_search (ctrl, the_database.backend_handle, request,
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
desc, ndesc);
/* Expected error codes from the cache lookup are:
* 0 - found and returned via the cache
* GPG_ERR_NOT_FOUND - marked in the cache as not available
* GPG_ERR_EOF - cache miss. */
break;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
case DB_TYPE_KBX:
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
err = be_kbx_search (ctrl, the_database.backend_handle, request,
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
desc, ndesc);
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
break;
case DB_TYPE_SQLITE:
err = be_sqlite_search (ctrl, the_database.backend_handle, request,
desc, ndesc);
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
break;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
default:
log_error ("%s: unsupported database type %d\n",
__func__, the_database.db_type);
err = gpg_error (GPG_ERR_INTERNAL);
break;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
}
if (DBG_LOOKUP)
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
log_debug ("%s: searched %s => %s\n", __func__,
strdbtype (the_database.db_type), gpg_strerror (err));
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
request->any_search = 1;
if (!err)
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
{
request->any_found = 1;
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
else if (gpg_err_code (err) == GPG_ERR_EOF)
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (the_database.db_type == DB_TYPE_CACHE && request->last_cached_valid)
kbx: First take on a cache for the keyboxd. * kbx/backend.h (enum database_types): Add DB_TYPE_CACHE. (struct db_request_part_s): Add seqno fields. (struct db_request_s): Add infos for the cache backend. * kbx/backend-support.c (struct backend_handle_s): Add 'backend_id'. (strdbtype): Support DB_TYPE_CACHE. (be_generic_release_backend): Ditto. (be_find_request_part): New. (be_return_pubkey): New arg UBID and chnage status name. * kbx/backend-cache.c: New. * kbx/backend-kbx.c (be_kbx_init_request_part): New. (be_kbx_search): Factor some code out to a support function. (be_kbx_seek): New. * kbx/frontend.c (kbxd_add_resource): Support DB_TYPE_CACHE. (kbxd_search): Support the NEXR operation with the cache. * kbx/keybox-search-desc.h (KEYDB_SEARCH_MODE_UBID): New. (struct keydb_search_desc): Add field u.ubid. * kbx/keybox-search.c (has_ubid): New. (keybox_search): Support the UBID search. -- This adds a caching backend to the keyboxd. This tries to accommodate for duplicate use of fingerprints and thus be correct in case a fingerprint is used in several keys. It also turned out that we need to have a unique identifier (UBID) to identify a keyblock or X.509 certificate. In particular with an OpenPGP keyblob we can't easily use the primary fingerprint as an identifier because that fingerprint may also be used as subkey in another key. Thus using a hash of the entire keyblock is a better identifier to be used to address a keyblock for restarting a search or for identifying the keyblock to be updated. Note that this new UBID is not a permanent identifier because it changes with all keyblock update; it should be viewed as a handle to the keyblock or X509 cert.
2019-09-27 09:24:58 +02:00
{
if (request->last_cached_final)
goto leave;
}
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
request->next_dbidx++;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
/* FIXME: We need to see which pubkey type we need to insert. */
be_cache_not_found (ctrl, PUBKEY_TYPE_UNKNOWN, desc, ndesc);
err = gpg_error (GPG_ERR_NOT_FOUND);
goto leave;
kbx: Add framework for the SEARCH command * kbx/backend-kbx.c: New. * kbx/backend-support.c: New. * kbx/backend.h: New. * kbx/frontend.c: New. * kbx/frontend.h: New. * kbx/kbxserver.c: Implement SEARCH and NEXT command. * kbx/keybox-search-desc.h (enum pubkey_types): New. * kbx/keybox-search.c (keybox_get_data): New. * kbx/keyboxd.c (main): Add a standard resource. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-08-06 16:07:33 +02:00
}
leave:
release_lock (ctrl);
if (DBG_CLOCK)
log_clock ("%s: leave (%s)", __func__, err? "not found" : "found");
return err;
}
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
kbx: Redefine the UBID which is now the primary fingerprint. * common/util.h (UBID_LEN): New. Use it at all places. * kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item. * kbx/keybox-dump.c (print_ubib): Remove. (_keybox_dump_blob): Do not print the now removed ubid flag. * kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants for the size of the ubid and grip. * kbx/keybox-search.c (blob_cmp_ubid): New. (has_ubid): Make it a simple wrapper around blob_cmp_ubid. (keybox_get_data): Add arg 'r_ubid'. * kbx/frontend.h (enum kbxd_store_modes): New. * kbx/kbxserver.c (cmd_store): Add new option --insert. * kbx/backend-cache.c (be_cache_initialize): New. (be_cache_add_resource): Call it here. * kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'. (be_kbx_search): Get the UBID from keybox_get_data. * kbx/backend-support.c (be_fingerprint_from_blob): Replace by ... (be_ubid_from_blob): new. Change all callers. * kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but use the new cache init function. (kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the ubid. Take care of the mode. -- It turned out that using the hash of the entire blob was not helpful. Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint of the blob. In case this is a v5 OpenPGP key a left truncated version of the SHA-256 hash is used; in all other cases the full SHA-1 hash. Using a SHA-256 hash does not make sense because v4 keys are and will for some time be the majority of keys and thus padding them with zeroes won't make any difference. Even if fingerprint collisions can eventually be created we will assume that the keys are bogus and that it does not make sense to store its twin also in our key storage. We can also easily extend the update code to detect a collision and reject the update. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 09:39:35 +01:00
/* Store; that is insert or update the key (BLOB,BLOBLEN). MODE
* controls whether only updates or only inserts are allowed. */
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
gpg_error_t
kbx: Redefine the UBID which is now the primary fingerprint. * common/util.h (UBID_LEN): New. Use it at all places. * kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item. * kbx/keybox-dump.c (print_ubib): Remove. (_keybox_dump_blob): Do not print the now removed ubid flag. * kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants for the size of the ubid and grip. * kbx/keybox-search.c (blob_cmp_ubid): New. (has_ubid): Make it a simple wrapper around blob_cmp_ubid. (keybox_get_data): Add arg 'r_ubid'. * kbx/frontend.h (enum kbxd_store_modes): New. * kbx/kbxserver.c (cmd_store): Add new option --insert. * kbx/backend-cache.c (be_cache_initialize): New. (be_cache_add_resource): Call it here. * kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'. (be_kbx_search): Get the UBID from keybox_get_data. * kbx/backend-support.c (be_fingerprint_from_blob): Replace by ... (be_ubid_from_blob): new. Change all callers. * kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but use the new cache init function. (kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the ubid. Take care of the mode. -- It turned out that using the hash of the entire blob was not helpful. Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint of the blob. In case this is a v5 OpenPGP key a left truncated version of the SHA-256 hash is used; in all other cases the full SHA-1 hash. Using a SHA-256 hash does not make sense because v4 keys are and will for some time be the majority of keys and thus padding them with zeroes won't make any difference. Even if fingerprint collisions can eventually be created we will assume that the keys are bogus and that it does not make sense to store its twin also in our key storage. We can also easily extend the update code to detect a collision and reject the update. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 09:39:35 +01:00
kbxd_store (ctrl_t ctrl, const void *blob, size_t bloblen,
enum kbxd_store_modes mode)
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
{
gpg_error_t err;
db_request_t request;
kbx: Redefine the UBID which is now the primary fingerprint. * common/util.h (UBID_LEN): New. Use it at all places. * kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item. * kbx/keybox-dump.c (print_ubib): Remove. (_keybox_dump_blob): Do not print the now removed ubid flag. * kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants for the size of the ubid and grip. * kbx/keybox-search.c (blob_cmp_ubid): New. (has_ubid): Make it a simple wrapper around blob_cmp_ubid. (keybox_get_data): Add arg 'r_ubid'. * kbx/frontend.h (enum kbxd_store_modes): New. * kbx/kbxserver.c (cmd_store): Add new option --insert. * kbx/backend-cache.c (be_cache_initialize): New. (be_cache_add_resource): Call it here. * kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'. (be_kbx_search): Get the UBID from keybox_get_data. * kbx/backend-support.c (be_fingerprint_from_blob): Replace by ... (be_ubid_from_blob): new. Change all callers. * kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but use the new cache init function. (kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the ubid. Take care of the mode. -- It turned out that using the hash of the entire blob was not helpful. Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint of the blob. In case this is a v5 OpenPGP key a left truncated version of the SHA-256 hash is used; in all other cases the full SHA-1 hash. Using a SHA-256 hash does not make sense because v4 keys are and will for some time be the majority of keys and thus padding them with zeroes won't make any difference. Even if fingerprint collisions can eventually be created we will assume that the keys are bogus and that it does not make sense to store its twin also in our key storage. We can also easily extend the update code to detect a collision and reject the update. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 09:39:35 +01:00
char ubid[UBID_LEN];
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
enum pubkey_types pktype;
int insert = 0;
if (DBG_CLOCK)
log_clock ("%s: enter", __func__);
take_read_write_lock (ctrl);
/* Allocate a handle object if none exists for this context. */
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
if (!ctrl->db_req)
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
{
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
ctrl->db_req = xtrycalloc (1, sizeof *ctrl->db_req);
if (!ctrl->db_req)
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
{
err = gpg_error_from_syserror ();
goto leave;
}
}
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
request = ctrl->db_req;
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (!the_database.db_type)
{
log_error ("%s: error: no database configured\n", __func__);
err = gpg_error (GPG_ERR_NOT_INITIALIZED);
goto leave;
}
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
/* Check whether to insert or update. */
kbx: Redefine the UBID which is now the primary fingerprint. * common/util.h (UBID_LEN): New. Use it at all places. * kbx/keybox-blob.c (create_blob_finish): Do not write the UBID item. * kbx/keybox-dump.c (print_ubib): Remove. (_keybox_dump_blob): Do not print the now removed ubid flag. * kbx/keybox-search-desc.h (struct keydb_search_desc): Use constants for the size of the ubid and grip. * kbx/keybox-search.c (blob_cmp_ubid): New. (has_ubid): Make it a simple wrapper around blob_cmp_ubid. (keybox_get_data): Add arg 'r_ubid'. * kbx/frontend.h (enum kbxd_store_modes): New. * kbx/kbxserver.c (cmd_store): Add new option --insert. * kbx/backend-cache.c (be_cache_initialize): New. (be_cache_add_resource): Call it here. * kbx/backend-kbx.c (be_kbx_seek): Remove args 'fpr' and 'fprlen'. (be_kbx_search): Get the UBID from keybox_get_data. * kbx/backend-support.c (be_fingerprint_from_blob): Replace by ... (be_ubid_from_blob): new. Change all callers. * kbx/frontend.c (kbxd_add_resource): Temporary disable the cache but use the new cache init function. (kbxd_store): Replace arg 'only_update' by 'mode'. Seek using the ubid. Take care of the mode. -- It turned out that using the hash of the entire blob was not helpful. Thus we redefine the Unique-Blob-ID (UBID) as the primary fingerprint of the blob. In case this is a v5 OpenPGP key a left truncated version of the SHA-256 hash is used; in all other cases the full SHA-1 hash. Using a SHA-256 hash does not make sense because v4 keys are and will for some time be the majority of keys and thus padding them with zeroes won't make any difference. Even if fingerprint collisions can eventually be created we will assume that the keys are bogus and that it does not make sense to store its twin also in our key storage. We can also easily extend the update code to detect a collision and reject the update. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 09:39:35 +01:00
err = be_ubid_from_blob (blob, bloblen, &pktype, ubid);
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
if (err)
goto leave;
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (the_database.db_type == DB_TYPE_KBX)
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
err = be_kbx_seek (ctrl, the_database.backend_handle, request, ubid);
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
if (!err)
; /* Found - need to update. */
else if (gpg_err_code (err) == GPG_ERR_EOF)
insert = 1; /* Not found - need to insert. */
else
{
log_debug ("%s: searching fingerprint failed: %s\n",
__func__, gpg_strerror (err));
goto leave;
}
if (insert)
{
if (mode == KBXD_STORE_UPDATE)
err = gpg_error (GPG_ERR_CONFLICT);
else
err = be_kbx_insert (ctrl, the_database.backend_handle, request,
pktype, blob, bloblen);
}
else /* Update. */
{
if (mode == KBXD_STORE_INSERT)
err = gpg_error (GPG_ERR_CONFLICT);
else
err = be_kbx_update (ctrl, the_database.backend_handle, request,
pktype, blob, bloblen);
}
}
else if (the_database.db_type == DB_TYPE_SQLITE)
{
err = be_sqlite_store (ctrl, the_database.backend_handle, request,
mode, pktype, ubid, blob, bloblen);
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
}
else
{
log_error ("%s: unsupported database type %d\n",
__func__, the_database.db_type);
err = gpg_error (GPG_ERR_INTERNAL);
kbx: Add first version of STORE command to keyboxd. * kbx/Makefile.am (keyboxd_CFLAGS): -DKEYBOX_WITH_X509. (keyboxd_LDADD): Add libksba. * kbx/kbxserver.c (cmd_store): New. * kbx/frontend.c (kbxd_store): New. * kbx/backend-support.c (is_x509_blob): New. (be_fingerprint_from_blob): New. * kbx/backend-kbx.c (be_kbx_seek): Add args FPR and FPRLEN. (be_kbx_insert): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-10-01 20:09:42 +02:00
}
leave:
release_lock (ctrl);
if (DBG_CLOCK)
log_clock ("%s: leave", __func__);
return err;
}
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
/* Delete; remove the blob identified by UBID. */
gpg_error_t
kbxd_delete (ctrl_t ctrl, const unsigned char *ubid)
{
gpg_error_t err;
db_request_t request;
if (DBG_CLOCK)
log_clock ("%s: enter", __func__);
take_read_write_lock (ctrl);
/* Allocate a handle object if none exists for this context. */
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
if (!ctrl->db_req)
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
{
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
ctrl->db_req = xtrycalloc (1, sizeof *ctrl->db_req);
if (!ctrl->db_req)
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
{
err = gpg_error_from_syserror ();
goto leave;
}
}
keyboxd: Add options --openpgp and --x509 to SEARCH. * kbx/keyboxd.h (struct server_control_s): Replace the two request objects by just one. Add filter flags. * kbx/kbxserver.c (cmd_search): Add options --openpgp and --x509. (cmd_killkeyboxd): Do not return GPG_ERR_EOF. * kbx/frontend.c (kbxd_release_session_info): Adjust for the new request object. (kbxd_search, kbxd_store, kbxd_delete): Ditto. * kbx/backend-sqlite.c (struct be_sqlite_local_s): Add filter flags. (run_sql_prepare): Add optional arg 'extra'. Change callers. (run_sql_bind_ntext): New. (run_sql_bind_text): Just call run_sql_bind_ntext. (run_select_statement): Add ctrl arg. Implement the filter flags. * g10/call-keyboxd.c (keydb_search): Use the --openpgp option. -- As soon as we implement X.509 we need to have a way to return only openpgp or x.509 certificates. Gpg/gpgsm will then use the respective flag. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-10 12:05:21 +02:00
request = ctrl->db_req;
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (!the_database.db_type)
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
{
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
log_error ("%s: error: no database configured\n", __func__);
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
err = gpg_error (GPG_ERR_NOT_INITIALIZED);
goto leave;
}
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
if (the_database.db_type == DB_TYPE_KBX)
{
err = be_kbx_seek (ctrl, the_database.backend_handle, request, ubid);
kbx: Initial support for an SQLite backend * kbx/backend-sqlite.c: New. * kbx/Makefile.am (keyboxd_SOURCES): Add it. (keyboxd_CFLAGS, keyboxd_LDADD): Add SQLite flags. * kbx/backend.h (enum database_types): Add DB_TYPE_SQLITE. (be_sqlite_local_t): New typedef. (struct db_request_part_s): Add field besqlite. * kbx/backend-support.c (strdbtype): Add string for DB_TYPE_SQLITE. (be_generic_release_backend): Support SQLite. (be_release_request): Ditto. (be_find_request_part): Ditto. (is_x509_blob): Rename to ... (be_is_x509_blob): this and make global. * kbx/frontend.c (kbxd_set_database): Detect ".db" suffix and use that for SQLite. (kbxd_search): Support SQLite (kbxd_store): Ditto. (kbxd_delete): Ditto. * kbx/frontend.h (kbxd_store_modes): Move to ... * kbx/keyboxd.h (enum kbxd_store_modes): here. * kbx/keyboxd.c (main): USe pubring.db for now. This is a temporary hack. * kbx/backend-kbx.c (be_kbx_delete): Remove unused var cert. -- Take care: This is not finished and in particular filling the database takes quite long. Signed-off-by: Werner Koch <wk@gnupg.org>
2020-01-02 14:21:12 +01:00
if (!err)
; /* Found - we can delete. */
else if (gpg_err_code (err) == GPG_ERR_EOF)
{
err = gpg_error (GPG_ERR_NOT_FOUND);
goto leave;
}
else
{
log_debug ("%s: searching primary fingerprint failed: %s\n",
__func__, gpg_strerror (err));
goto leave;
}
err = be_kbx_delete (ctrl, the_database.backend_handle, request);
}
else if (the_database.db_type == DB_TYPE_SQLITE)
{
err = be_sqlite_delete (ctrl, the_database.backend_handle, request, ubid);
kbx: Change keyboxd to work only with one database. * kbx/frontend.c (the_database): New var. (db_desc_t): Remove. (kbxd_add_resource): Renamed to ... (kbxd_set_database): this. Simplify. (kbxd_search): Change to use only one database. (kbxd_store): Ditto. (kbxd_delete): Ditto. -- The original implementation was way to complicated and would have only brought back the problems deciding which database to use for each key. The new scheme used one configured database and only that. That database needs to be set right at the start. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-10 09:35:33 +01:00
}
else
{
log_error ("%s: unsupported database type %d\n",
__func__, the_database.db_type);
err = gpg_error (GPG_ERR_INTERNAL);
}
kbx: Add new command DELETE. * kbx/kbxserver.c (cmd_delete): New. * kbx/frontend.c (kbxd_delete): New. * kbx/backend-kbx.c (be_kbx_delete): New. Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-28 11:19:33 +01:00
leave:
release_lock (ctrl);
if (DBG_CLOCK)
log_clock ("%s: leave", __func__);
return err;
}