opendnssec-2.1.5/0000755000202300020240000000000013560311327010647 500000000000000opendnssec-2.1.5/MIGRATION0000644000202300020240000000214213560311035012036 00000000000000A migration is needed to migration from 1.4 to 2.1. First migrate to at least the 1.4.10 release if you have not already done so. Then you can perform the migration to 2.1, a migration of 2.0 is not necessary, there are no differences in this respect between 2.0 and 2.1. Review the documentation on the OpenDNSSEC site. This can be updated in between releases to provide more help. Especially if you have tooling around OpenDNSSEC you should be aware that some command line utilities have changed. A fair amount of backward compatibility has been respected, but changes are present. The signer does not require any migration. Backward compatibility is respected from earlier 1.4 release. The signer should not require a full resign of your zone when upgrading, however if you decide to downgrade a full resign is needed. The enforcer does require a full migration, as the internal database has been completely revised. See the documentation in the source tree enforcer/utils/1.4-2.0_db_convert/README.md for a description. Migration scripts are not installed and should be retrieved from the source separately. opendnssec-2.1.5/conf/0000755000202300020240000000000013560311327011574 500000000000000opendnssec-2.1.5/conf/addns.rng0000644000202300020240000001022213560311326013311 00000000000000 65535 opendnssec-2.1.5/conf/conf.rnc0000644000202300020240000001325513560311165013153 00000000000000# Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element Configuration { # List of all known Key Repositories (aka HSM:s) element RepositoryList { element Repository { # Symbolic name of repository attribute name { xsd:string } & # PKCS#11 Module (aka shared library) element Module { xsd:string } & # PKCS#11 Token Label & element TokenLabel { xsd:string } & # PKCS#11 Login Credentials element PIN { xsd:string }? & # Maxmimum number of key pairs in the repository # DEFAULT: infinite element Capacity { xsd:positiveInteger }? & # Require backup of keys before use (optional) element RequireBackup { empty }? & # Do not maintain public keys in the repository (optional) element SkipPublicKey { empty }? & # Generate extractable keys (CKA_EXTRACTABLE = TRUE) (optional) element AllowExtraction { empty }? }* } & # Common configuration options element Common { # Configuration parameters for logging element Logging { element Verbosity { xsd:nonNegativeInteger }? & element Syslog { # syslog facility element Facility { syslogFacility } }? }? & # Location to find the KASP file element PolicyFile { xsd:string } & # Location to store the zonelist XML file element ZoneListFile { xsd:string } } & # Configuration parameters for the KASP Enforcer element Enforcer { # User & group to drop privs to privs? # Where to store internal Enforcer state & element Datastore { (mysql | sqlite) } # Use manual key generation? & element ManualKeyGeneration { empty }? # Period to automatically pre-generate keys for, when ManualKeyGeneration is not used # DEFAULT: P1Y & element AutomaticKeyGenerationPeriod { xsd:duration }? # How long before a KSK Rollover should we start warning (optional) & element RolloverNotification { xsd:duration }? # Command to use for submitting new DS records to a parent - # the command should accept DNSKEY RRsets via STDIN & element DelegationSignerSubmitCommand { xsd:string }? # Command to use for retracting an existing DS record from the parent - # the command should accept DNSKEY RRsets via STDIN & element DelegationSignerRetractCommand { xsd:string }? # File used to detect enforcerd is already running. & element PidFile { xsd:string }? # Socket to use for communicating between enforcer and enforcerd & element SocketFile { xsd:string }? # Location to store intermediate enforcer information # DEFAULT: $(localstatedir)/opendnssec/tmp & element WorkingDirectory { xsd:string }? # Number of Worker Threads # DEFAULT: 4 & element WorkerThreads { xsd:nonNegativeInteger }? } & # Configuration parameters for the Signer element Signer { # User & group to drop privs to privs? & # Location to store intermediate zone information # DEFAULT: $(localstatedir)/opendnssec/tmp element WorkingDirectory { xsd:string }? & # Number of Worker Threads # DEFAULT: 4 element WorkerThreads { xsd:positiveInteger }? & # Number of Signer Threads # DEFAULT: 4 element SignerThreads { xsd:positiveInteger }? & # Listener # DEFAULT PORT: 15354 element Listener { interface* }? & # System command to call after a zone has been (re)signed # # '%zone' in the string will be replaced by the zone name # '%zonefile' in the string will be replaced by the zone file element NotifyCommand { xsd:string }? }? } syslogFacility = ( "kern" | "user" | "mail" | "daemon" | "auth" | "lpr" | "news" | "uucp" | "cron" | "local0" | "local1" | "local2" | "local3" | "local4" | "local5" | "local6" | "local7" ) privs = element Privileges { # DEFAULT: do not drop privs element User { xsd:string }? & # DEFAULT: do not drop privs element Group { xsd:string }? & # chroot directory to use element Directory {xsd:string }? } mysql = element MySQL { element Host { # DEFAULT: 3306 attribute Port { xsd:positiveInteger { maxInclusive = "65535" } }?, # DEFAULT: 127.0.0.1 xsd:string }? & # database to use for KASP tables element Database { xsd:string } & # username and password used to connect to database element Username { xsd:string } & element Password { xsd:string } } sqlite = element SQLite { xsd:string } interface = element Interface { address? & port? } address = element Address { xsd:string } # e.g., 192.0.2.1 or 2001:DB8::1 port = element Port { xsd:positiveInteger { maxInclusive = "65535" } } opendnssec-2.1.5/conf/zonelist.rnc0000644000202300020240000000413013560310771014067 00000000000000# Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element ZoneList { element Zone { # Name of zone attribute name { xsd:string }, # What policy applies to this zone? # (matches symbolic name of policy in in kasp.xml) element Policy { xsd:string }, # What file containts the signer configuration for this zone? element SignerConfiguration { xsd:string }, element Adapters { # Where do the signer fetch the unsigned zone? element Input { adapter }, # Where do the signer deliver the signed zone? element Output { adapter } } }* } # adapters adapter = adfile | adother # file adapter adfile = element File { xsd:string } # other adapters adother = element Adapter { # Adapter type attribute type { xsd:string }, # Configuration file xsd:string } opendnssec-2.1.5/conf/enforcerstate.xml.in0000644000202300020240000000230413560311035015502 00000000000000 F4F29F9C-7E0A-4D0E-860D-95E3B0550B54 KSK 2008-01-18T08:00:00+01:00 9132541A-4255-4F40-893D-CD76CDF83F58 ZSK 2008-01-18T08:00:00+01:00 656d6d6b7469736169646f677461 2008-01-18T08:00:00+01:00 5 2048 SoftHSM-42 DFE7265B783F418685380AA784C2F31D default 2008-01-18T08:00:00+01:00 5 1024 SoftHSM-42 8D76C0C49FEB4A97B8E920C7552401CE default 2008-01-18T08:00:00+01:00 opendnssec-2.1.5/conf/kasp.rng0000644000202300020240000003070113560311326013162 00000000000000 KskDoubleRRset KskDoubleDS KskDoubleSignature ZskDoubleSignature ZskPrePublication ZskDoubleRRsig CskDoubleRRset CskSingleSignature CskDoubleDS CskDoubleSignature CskPrePublication counter datecounter unixtime keep 255 65535 255 255 opendnssec-2.1.5/conf/kasp.xml.in0000644000202300020240000000637713560310771013620 00000000000000 A default policy that will amaze you and your friends PT2H P3D P14D P14D PT12H PT3600S P1D P100D 1 5 PT3600S PT3600S PT3600S P14D 8 P1Y SoftHSM 8 P90D SoftHSM PT43200S PT3600S PT3600S unixtime PT9999S PT3600S PT172800S PT10800S Quick turnaround policy for lab work PT10M PT30M PT1H PT1H PT1M PT3600S PT300S PT300S PT360S PT360S P14D 8 P1Y SoftHSM 8 PT4H SoftHSM PT300S PT300S PT300S unixtime PT9999S PT3600S PT172800S PT10800S opendnssec-2.1.5/conf/signconf.xml.in0000644000202300020240000000201313560310771014447 00000000000000 PT2H P3D P7D P14D PT12H PT300S 1 10 656d6d6b7469736169646f677461 PT3600S 257 5 DFE7265B783F418685380AA784C2F31D 256 5 8D76C0C49FEB4A97B8E920C7552401CE PT3600S PT3600S unixtime opendnssec-2.1.5/conf/addns.rnc0000644000202300020240000000433513560310771013320 00000000000000# Copyright (c) 2011 NLnet Labs # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element Adapter { dns } dns = element DNS { # TSIG secrets tsig*, # inbound zone transfer settings element Inbound { element RequestTransfer { remote+ }?, element AllowNotify { peer+ }? }?, # outbound zone transfer settings element Outbound { element ProvideTransfer { peer+ }?, element Notify { remote+ }? }? } # TSIG secret tsig = element TSIG { element Name { xsd:string }, # http://www.iana.org/assignments/tsig-algorithm-names element Algorithm { xsd:string }, # base64 encoded secret element Secret { xsd:base64Binary } } remote = element Remote { address, port?, key? } peer = element Peer { prefix?, key? } address = element Address { xsd:string } # e.g., 192.0.2.1 or 2001:DB8::1 prefix = element Prefix { xsd:string } # e.g., 192.0.2.0/24 or 2001:DB8::/32 port = element Port { xsd:positiveInteger { maxInclusive = "65535" } } key = element Key { xsd:string } opendnssec-2.1.5/conf/enforcerstate.rnc0000644000202300020240000001163313560311035015064 00000000000000# Copyright (c) 2012 OpenDNSSEC AB (svb). All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element EnforcerState { element Zones { zone+ }, element KeyPairs { keypair+ } } # create table zones( # id integer primary key autoincrement, -- id # name varchar(300) not null , -- name of the parameter # policy_id mediumint not null, # signconf varchar(4096), -- where is the signconf # input varchar(4096), -- where is the input # output varchar(4096), -- where is the output # in_type varchar(512), -- input adapter type # out_type varchar(512), -- output adapter type # # foreign key (policy_id) references policies (id) # ); zone = element Zone { # Name of zone attribute name { xsd:string }, element Keys { key+ }, element NSEC3 { element Salt { xsd:string }, # when was the Salt generated element Generated { xsd:dateTime }? }? } # create table dnsseckeys ( # id integer primary key autoincrement, -- unique id of the key # keypair_id smallint, # zone_id mediumint, # keytype smallint not null, -- zsk or ksk (use code in dnskey record) # state tinyint, -- state of the key (defines valid fields) # publish varchar(64) null default null, -- time when key published into the zone # ready varchar(64) null default null, -- time when the key is ready for use # active varchar(64) null default null, -- time when the key was made active # retire varchar(64) null default null, -- time when the key retires # dead varchar(64) null default null, -- time when key is slated for removal # # # foreign key (zone_id) references zones (id), # foreign key (keypair_id) references keypairs (id) # ); key = element Key { attribute id { xsd:string }, # reference to KeyPair@id element KeyPairId { xsd:string }, element Type { "KSK" | "ZSK" | "CSK" }, element Standby { empty }?, element Publish { xsd:dateTime | empty }?, element Ready { xsd:dateTime | empty }?, element Active { xsd:dateTime | empty }?, element Retire { xsd:dateTime | empty }?, element Dead { xsd:dateTime | empty }? } # create table keypairs( # id integer primary key autoincrement, # HSMkey_id varchar(255) not null, # algorithm tinyint not null, -- algorithm code # size smallint, # securitymodule_id tinyint, -- where the key is stored # generate varchar(64) null default null, -- time key inserted into database # policy_id mediumint, # compromisedflag tinyint, # publickey varchar(1024), -- public key data # pre_backup varchar(64) null default null, -- time when backup was started # backup varchar(64) null default null, -- time when backup was finished # fixedDate tinyint default 0, -- Set to 1 to stop dates from being set according to the policy timings # # foreign key (securitymodule_id) references securitymodules (id), # foreign key (policy_id) references policies (id) # ); keypair = element KeyPair { attribute id { xsd:string }, element Algorithm { xsd:nonNegativeInteger }, element Size { xsd:nonNegativeInteger }, # where to locate the key; HSM and CKA_ID element Repository { xsd:string }, element Locator { xsd:string }, # under what policy was the key pair generated (if applicable) element Policy { xsd:string }?, # when was the key originally generated element Generated { xsd:dateTime }?, # when was the key last backed up element LastBackup { xsd:dateTime }?, # is the key compromised? element Compromised { empty }? } opendnssec-2.1.5/conf/signconf.rng0000644000202300020240000001732613560311326014042 00000000000000 65535 255 counter datecounter unixtime keep 65535 opendnssec-2.1.5/conf/zonelist.rng0000644000202300020240000000604613560311326014100 00000000000000 opendnssec-2.1.5/conf/enforcerstate.rng0000644000202300020240000001675213560311327015103 00000000000000 KSK ZSK CSK opendnssec-2.1.5/conf/Makefile.am0000644000202300020240000000554513560311035013555 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in RNC = addns.rnc conf.rnc kasp.rnc zonelist.rnc signconf.rnc enforcerstate.rnc RNG = addns.rng conf.rng kasp.rng zonelist.rng signconf.rng enforcerstate.rng XML = addns.xml conf.xml kasp.xml zonelist.xml signconf.xml enforcerstate.xml XSL= kasp2html.xsl TRANG= $(srcdir)/trang/trang.jar TRANG_URL "https://code.google.com/p/jing-trang/" sysconfdir = @sysconfdir@/opendnssec datadir = @datadir@/opendnssec noinst_DATA = ${XML} ${XSL} dist_data_DATA = ${RNG} ${RNC} ${XSL} CLEANFILES =+ ${XML} DISTCLEANFILES =+ ${RNG} SUFFIXES = .rng .rnc .xml $(TRANG): @echo You need to manually fetch trang.jar from ${TRANG_URL} @echo and copy trang.jar to ${TRANG} before rebuilding @echo the RelaxNG schemas. .rnc.rng: @test -x "${JAVA}" || \ (echo "java is required for converting RelaxNG Compact to RelaxNG"; false) ${JAVA} -jar ${TRANG} $< $@ regress: $(RNG) @test -x "${XMLLINT}" || \ (echo "xmllint is required for regression tests"; false) @for i in ${XML}; do \ ${XMLLINT} --noout --relaxng \ `basename $$i .xml`.rng $$i || exit 1; \ done @test -x "${XSLTPROC}" || \ (echo "xsltproc is required for regression tests"; false) @${XSLTPROC} -o kasp.html $(srcdir)/kasp2html.xsl kasp.xml && \ (echo "kasp.xml built") install-data-hook: test -d ${DESTDIR}${sysconfdir} || ${INSTALL_DATA} -m 0775 -d @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ ${DESTDIR}${sysconfdir} test -f ${DESTDIR}${sysconfdir}/conf.xml || ( ${INSTALL_DATA} -m 0640 conf.xml @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ ${DESTDIR}${sysconfdir} ; if which >/dev/null xmlif ; then xmlif < ${DESTDIR}${sysconfdir}/conf.xml > ${DESTDIR}${sysconfdir}/conf.xml~ privdrop=@INSTALLATIONCOND@ ; else ${GREP} -v '^ ${DESTDIR}${sysconfdir}/conf.xml~ ; fi ; cat < ${DESTDIR}${sysconfdir}/conf.xml~ > ${DESTDIR}${sysconfdir}/conf.xml ; rm ${DESTDIR}${sysconfdir}/conf.xml~ ) ${INSTALL_DATA} -m 640 conf.xml ${DESTDIR}${sysconfdir}/conf.xml.sample ; ${GREP} -v '^ ${DESTDIR}${sysconfdir}/conf.xml.sample~ ; cat < ${DESTDIR}${sysconfdir}/conf.xml.sample~ > ${DESTDIR}${sysconfdir}/conf.xml.sample ; rm ${DESTDIR}${sysconfdir}/conf.xml.sample~ test -f ${DESTDIR}${sysconfdir}/addns.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ addns.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} addns.xml ${DESTDIR}${sysconfdir}/addns.xml.sample test -f ${DESTDIR}${sysconfdir}/zonelist.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ zonelist.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} zonelist.xml ${DESTDIR}${sysconfdir}/zonelist.xml.sample test -f ${DESTDIR}${sysconfdir}/kasp.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ kasp.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} kasp.xml ${DESTDIR}${sysconfdir}/kasp.xml.sample opendnssec-2.1.5/conf/addns.xml.in0000644000202300020240000000264313560310771013743 00000000000000 secret.example.com hmac-sha256 sw0nMPCswVbes1tmQTm1pcMmpNRK+oGMYN+qKNR/BwQ=
1.2.3.4
dead:beef::1
5353 secret.example.com 1.2.3.4 1.2.3.5 secret.example.com
1.2.3.5
 opendnssec-2.1.5/conf/zonelist.xml.in0000644000202300020240000000347413560310771014524 00000000000000 opendnssec-2.1.5/conf/kasp.rnc0000644000202300020240000001474413560310771013172 00000000000000# Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element KASP { element Policy { # (short) symbolic name for Policy attribute name { xsd:string }, # Do not touch contents of zonefile. element Passthrough { empty }?, # description of policy (free text) element Description { xsd:string }, # hold parameters related to signatures # These will go in the signature category in the DB # Most of these will be passed to the signer without # processing. element Signatures { # how often should the zone be (re)signed? element Resign { xsd:duration }, # the signatures are reused for a period of time # how long time before the expiration of the signature # should it be refreshed? element Refresh { xsd:duration }, # for how long should a signature be valid? element Validity { element Default { xsd:duration }, element Denial { xsd:duration }, element Keyset { xsd:duration }? }, # how much should we jitter the signature expiration time? # (e.g. increase the expiration time by X) element Jitter { xsd:duration }, # how much should we predate the signature inception time? element InceptionOffset { xsd:duration }, # Maximum TTL that may be used in a zone. maxzonettl? }, # use NSEC or NSEC3? element Denial { (nsec | nsec3) }, element Keys { # TTL for DNSKEYs ttl, # key retirement safety factor element RetireSafety { xsd:duration }, # key publication safety factor element PublishSafety { xsd:duration }, # do the zones share the same keys? element ShareKeys { empty }?, # enforcer may purge keys after this amount of time element Purge { xsd:duration }?, # Key Signing Keys (KSK) parameters element KSK { # generic key definition, see below anykey, # Controlling minimize flags Enforcer element KskRollType { "KskDoubleRRset" | "KskDoubleDS" | "KskDoubleSignature" }?, # use RFC 5011 for key rollover? # Not implemented yet element RFC5011 { empty }? }*, # Zone Signing Keys (ZSK) parameters element ZSK { # generic key definition, see below anykey, # Controlling minimize flags Enforcer element ZskRollType { "ZskDoubleSignature" | "ZskPrePublication" | "ZskDoubleRRsig" }? }*, # Combined Signing Keys (CSK) parameters element CSK { # generic key definition, see below anykey, # Controlling minimize flags Enforcer element CskRollType { "CskDoubleRRset" | "CskSingleSignature" | "CskDoubleDS" | "CskDoubleSignature" | "CskPrePublication" }?, # use RFC 5011 for key rollover? # Not implemented yet element RFC5011 { empty }? }* }, element Zone { # Expected propagation delay in child publication propagationdelay, # Expected zone SOA parameters element SOA { anysoa, serial } }, # Excepted paren parameters for key rollover usage. # These might be guess or obtained by querying the parent zone # NOTE: This assumes that all zones with the same policy have # the same parent or at least parents with the same parameters! element Parent { # Expected propagation delay in parent publication propagationdelay, # Expected TTL of DS in parent element DS { ttl }, # Expected parent SOA parameters element SOA { anysoa }, # Expected time between submit and first publish registrationdelay? } }* } serial = element Serial { # use increasing counter (sync with unsigned zone if possible) "counter" | # use increasing counter in YYYYMMDDxx format "datecounter" | # use unix timestamp as an 32-bit unsigned integer "unixtime" | # keep the serial from unsigned zone (do not resign unless incremented) "keep" } nsec = element NSEC { empty } nsec3 = element NSEC3 { # what value for NSEC3PARAM TTL to use? Default 0. ttl?, # use global NSEC3 opt-out? element OptOut { empty }?, # how often should we resalt? (e.g. create new NSEC3 chains) element Resalt { xsd:duration }, # NSEC3 hash parameters element Hash { element Algorithm { xsd:nonNegativeInteger { maxInclusive = "255" } }, element Iterations { xsd:nonNegativeInteger { maxInclusive = "65535" } }, # Salt length in octets element Salt { attribute length { xsd:nonNegativeInteger { maxInclusive = "255" } }, # The actual salt is generated by the Enforcer # Note: the enforcer may decide to store the # current salt in the DB and so it could be exported # here. xsd:string? } } } # Generic SOA definition anysoa = ttl, element Minimum { xsd:duration } # Generic key definition anykey = element Algorithm { attribute length { xsd:positiveInteger }, xsd:nonNegativeInteger { maxInclusive = "255" } }, element Lifetime { xsd:duration }, element Repository { xsd:string }, # Number of Standby keys # Makes the rollover faster, since the key is # already pre-published and ready. element Standby { xsd:nonNegativeInteger }?, # Use manual key rollover? element ManualRollover { empty }? ttl = element TTL { xsd:duration } maxzonettl = element MaxZoneTTL { xsd:duration } propagationdelay = element PropagationDelay { xsd:duration } registrationdelay = element RegistrationDelay { xsd:duration } partial = element Partial { empty } opendnssec-2.1.5/conf/conf.xml.in0000644000202300020240000000564513560310771013604 00000000000000 @pkcs11_softhsm_module@ OpenDNSSEC 1234 3 local0 @OPENDNSSEC_CONFIG_DIR@/kasp.xml @OPENDNSSEC_CONFIG_DIR@/zonelist.xml @INSTALLATIONUSER@ @INSTALLATIONGROUP@ @OPENDNSSEC_STATE_DIR@/kasp.db P1Y @OPENDNSSEC_STATE_DIR@/enforcer @INSTALLATIONUSER@ @INSTALLATIONGROUP@ @OPENDNSSEC_STATE_DIR@/signer 4 opendnssec-2.1.5/conf/Makefile.in0000644000202300020240000005475713560311314013577 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = conf ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(dist_data_DATA) \ $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = addns.xml conf.xml enforcerstate.xml kasp.xml \ signconf.xml zonelist.xml CONFIG_CLEAN_VPATH_FILES = AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = SOURCES = DIST_SOURCES = am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } am__installdirs = "$(DESTDIR)$(datadir)" DATA = $(dist_data_DATA) $(noinst_DATA) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/addns.xml.in \ $(srcdir)/conf.xml.in $(srcdir)/enforcerstate.xml.in \ $(srcdir)/kasp.xml.in $(srcdir)/signconf.xml.in \ $(srcdir)/zonelist.xml.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@/opendnssec datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@/opendnssec target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in RNC = addns.rnc conf.rnc kasp.rnc zonelist.rnc signconf.rnc enforcerstate.rnc RNG = addns.rng conf.rng kasp.rng zonelist.rng signconf.rng enforcerstate.rng XML = addns.xml conf.xml kasp.xml zonelist.xml signconf.xml enforcerstate.xml XSL = kasp2html.xsl TRANG = $(srcdir)/trang/trang.jar noinst_DATA = ${XML} ${XSL} dist_data_DATA = ${RNG} ${RNC} ${XSL} CLEANFILES = + ${XML} DISTCLEANFILES = + ${RNG} SUFFIXES = .rng .rnc .xml all: all-am .SUFFIXES: .SUFFIXES: .rng .rnc .xml $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign conf/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign conf/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): addns.xml: $(top_builddir)/config.status $(srcdir)/addns.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf.xml: $(top_builddir)/config.status $(srcdir)/conf.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ enforcerstate.xml: $(top_builddir)/config.status $(srcdir)/enforcerstate.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ kasp.xml: $(top_builddir)/config.status $(srcdir)/kasp.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ signconf.xml: $(top_builddir)/config.status $(srcdir)/signconf.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ zonelist.xml: $(top_builddir)/config.status $(srcdir)/zonelist.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs install-dist_dataDATA: $(dist_data_DATA) @$(NORMAL_INSTALL) @list='$(dist_data_DATA)'; test -n "$(datadir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(datadir)'"; \ $(MKDIR_P) "$(DESTDIR)$(datadir)" || exit 1; \ fi; \ for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; \ done | $(am__base_list) | \ while read files; do \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(datadir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(datadir)" || exit $$?; \ done uninstall-dist_dataDATA: @$(NORMAL_UNINSTALL) @list='$(dist_data_DATA)'; test -n "$(datadir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(datadir)'; $(am__uninstall_files_from_dir) tags TAGS: ctags CTAGS: cscope cscopelist: distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am check: check-am all-am: Makefile $(DATA) installdirs: for dir in "$(DESTDIR)$(datadir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -test -z "$(DISTCLEANFILES)" || rm -f $(DISTCLEANFILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f Makefile distclean-am: clean-am distclean-generic dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dist_dataDATA @$(NORMAL_INSTALL) $(MAKE) $(AM_MAKEFLAGS) install-data-hook install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-generic mostlyclean-libtool pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: uninstall-dist_dataDATA .MAKE: install-am install-data-am install-strip .PHONY: all all-am check check-am clean clean-generic clean-libtool \ cscopelist-am ctags-am distclean distclean-generic \ distclean-libtool distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am \ install-data-hook install-dist_dataDATA install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags-am uninstall uninstall-am uninstall-dist_dataDATA .PRECIOUS: Makefile TRANG_URL "https://code.google.com/p/jing-trang/" $(TRANG): @echo You need to manually fetch trang.jar from ${TRANG_URL} @echo and copy trang.jar to ${TRANG} before rebuilding @echo the RelaxNG schemas. .rnc.rng: @test -x "${JAVA}" || \ (echo "java is required for converting RelaxNG Compact to RelaxNG"; false) ${JAVA} -jar ${TRANG} $< $@ regress: $(RNG) @test -x "${XMLLINT}" || \ (echo "xmllint is required for regression tests"; false) @for i in ${XML}; do \ ${XMLLINT} --noout --relaxng \ `basename $$i .xml`.rng $$i || exit 1; \ done @test -x "${XSLTPROC}" || \ (echo "xsltproc is required for regression tests"; false) @${XSLTPROC} -o kasp.html $(srcdir)/kasp2html.xsl kasp.xml && \ (echo "kasp.xml built") install-data-hook: test -d ${DESTDIR}${sysconfdir} || ${INSTALL_DATA} -m 0775 -d @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ ${DESTDIR}${sysconfdir} test -f ${DESTDIR}${sysconfdir}/conf.xml || ( ${INSTALL_DATA} -m 0640 conf.xml @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ ${DESTDIR}${sysconfdir} ; if which >/dev/null xmlif ; then xmlif < ${DESTDIR}${sysconfdir}/conf.xml > ${DESTDIR}${sysconfdir}/conf.xml~ privdrop=@INSTALLATIONCOND@ ; else ${GREP} -v '^ ${DESTDIR}${sysconfdir}/conf.xml~ ; fi ; cat < ${DESTDIR}${sysconfdir}/conf.xml~ > ${DESTDIR}${sysconfdir}/conf.xml ; rm ${DESTDIR}${sysconfdir}/conf.xml~ ) ${INSTALL_DATA} -m 640 conf.xml ${DESTDIR}${sysconfdir}/conf.xml.sample ; ${GREP} -v '^ ${DESTDIR}${sysconfdir}/conf.xml.sample~ ; cat < ${DESTDIR}${sysconfdir}/conf.xml.sample~ > ${DESTDIR}${sysconfdir}/conf.xml.sample ; rm ${DESTDIR}${sysconfdir}/conf.xml.sample~ test -f ${DESTDIR}${sysconfdir}/addns.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ addns.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} addns.xml ${DESTDIR}${sysconfdir}/addns.xml.sample test -f ${DESTDIR}${sysconfdir}/zonelist.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ zonelist.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} zonelist.xml ${DESTDIR}${sysconfdir}/zonelist.xml.sample test -f ${DESTDIR}${sysconfdir}/kasp.xml || \ ${INSTALL_DATA} @INSTALLATIONUSERARG@ @INSTALLATIONGROUPARG@ kasp.xml ${DESTDIR}${sysconfdir} ${INSTALL_DATA} kasp.xml ${DESTDIR}${sysconfdir}/kasp.xml.sample # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/conf/kasp2html.xsl0000644000202300020240000004202013560310771014151 00000000000000 KASP

KASP: Key and Signature Policy

Policy:

Signatures

Resign
Refresh
Validity Default
Validity NSEC/NSEC3
Jitter
Inception Offset

Denial of Existence
Method NSEC
Method NSEC3
Opt-Out
Resalt
Hash Algorithm
Hash Iterations
Hash Salt Length

Key Parameters

TTL
Retire Safety
Publish Safety
Share Keys?
Purge dead keys after
KSK
ZSK
Use RFC5011?

Zone Parameters

Propagation Delay
SOA TTL
SOA Minimum
SOA Serial Format

Parent Parameters

Propagation Delay
DS TTL
SOA TTL
SOA Minimum
Reserved ( ) RSA/MD5 (deprecated) Diffie-Hellman DSA/SHA-1 Reserved for ECC RSA/SHA-1 DSA/SHA-1 for NSEC3 RSA/SHA-1 for NSEC3 RSA/SHA-256 RSA/SHA-512 Reserved for indirect keys Private algorithms - domain name Private algorithms - OID Reserved ( ) Unassigned ( ) SHA-1 Counter UNIX Timestamp (as 32-bit Unsigned Integer) YYYYMMDDnn (Date + 2-Digit-Counter) Keep Serial from the Unsigned Zone Yes No Algorithm , bits Lifetime Repository Number of Standby Keys Manual Rollover? day days month months year years second seconds minute minutes hour hours opendnssec-2.1.5/conf/conf.rng0000644000202300020240000003077213560311326013161 00000000000000 kern user mail daemon auth lpr news uucp cron local0 local1 local2 local3 local4 local5 local6 local7 65535 65535 opendnssec-2.1.5/conf/signconf.rnc0000644000202300020240000000735113560311035014030 00000000000000# Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). # Copyright (c) 2015-2016 NLnet Labs. # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # datatypes xsd = "http://www.w3.org/2001/XMLSchema-datatypes" start = element SignerConfiguration { zone } zone = element Zone { # zone name attribute name { xsd:string } # Do not touch contents of zonefile. & element Passthrough { empty }? # this section is taken directly from the corresponding KASP policy & element Signatures { element Resign { xsd:duration } & element Refresh { xsd:duration } & element Validity { element Default { xsd:duration } & element Denial { xsd:duration } & element Keyset { xsd:duration }? } & element Jitter { xsd:duration } & element InceptionOffset { xsd:duration } & maxzonettl? # Maximum TTL that may be used in a zone. } # use NSEC or NSEC3? & element Denial { (nsec | nsec3) } & element Keys { # TTL for all DNSKEYs ttl & element Key { # DNSKEY flags element Flags { xsd:nonNegativeInteger { maxInclusive = "65535" } } # DNSKEY algorithm & algorithm # The key locator is matched against the # PKCS#11 CKA_ID and is specified as a string # of hex characters. & element Locator { xsd:hexBinary }? & element ResourceRecord { xsd:base64Binary }? # sign all the DNSKEY RRsets with this key? & element KSK { empty }? # sign all non-DNSKEY RRsets with this key? & element ZSK { empty }? # include this key in the zonefile? & element Publish { empty }? # deactivate this key (i.e. do not recycle any signatures) & element Deactivate { empty }? }* & element SignatureResourceRecord { xsd:base64Binary }* } # What parameters to use for the SOA record & soa } algorithm = element Algorithm { xsd:nonNegativeInteger { maxInclusive = "255" } } ttl = element TTL { xsd:duration } soa = element SOA { ttl & element Minimum { xsd:duration } & serial } # see kasp.rnc for description serial = element Serial { "counter" | "datecounter" | "unixtime" | "keep" } # This section is taken directly from the corresponding KASP policy nsec = element NSEC { empty } # This section is taken directly from the corresponding KASP policy # (except that the NSEC3 Salt is not optional) nsec3 = element NSEC3 { ttl? & element OptOut { empty }? & element Hash { algorithm & element Iterations { xsd:nonNegativeInteger { maxInclusive = "65535" } } & element Salt { xsd:string } } } maxzonettl = element MaxZoneTTL { xsd:duration } opendnssec-2.1.5/compile0000755000202300020240000001632713560311314012152 00000000000000#! /bin/sh # Wrapper for compilers which do not understand '-c -o'. scriptversion=2018-03-07.03; # UTC # Copyright (C) 1999-2018 Free Software Foundation, Inc. # Written by Tom Tromey . # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. # This file is maintained in Automake, please report # bugs to or send patches to # . nl=' ' # We need space, tab and new line, in precisely that order. Quoting is # there to prevent tools from complaining about whitespace usage. IFS=" "" $nl" file_conv= # func_file_conv build_file lazy # Convert a $build file to $host form and store it in $file # Currently only supports Windows hosts. If the determined conversion # type is listed in (the comma separated) LAZY, no conversion will # take place. func_file_conv () { file=$1 case $file in / | /[!/]*) # absolute file, and not a UNC file if test -z "$file_conv"; then # lazily determine how to convert abs files case `uname -s` in MINGW*) file_conv=mingw ;; CYGWIN*) file_conv=cygwin ;; *) file_conv=wine ;; esac fi case $file_conv/,$2, in *,$file_conv,*) ;; mingw/*) file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` ;; cygwin/*) file=`cygpath -m "$file" || echo "$file"` ;; wine/*) file=`winepath -w "$file" || echo "$file"` ;; esac ;; esac } # func_cl_dashL linkdir # Make cl look for libraries in LINKDIR func_cl_dashL () { func_file_conv "$1" if test -z "$lib_path"; then lib_path=$file else lib_path="$lib_path;$file" fi linker_opts="$linker_opts -LIBPATH:$file" } # func_cl_dashl library # Do a library search-path lookup for cl func_cl_dashl () { lib=$1 found=no save_IFS=$IFS IFS=';' for dir in $lib_path $LIB do IFS=$save_IFS if $shared && test -f "$dir/$lib.dll.lib"; then found=yes lib=$dir/$lib.dll.lib break fi if test -f "$dir/$lib.lib"; then found=yes lib=$dir/$lib.lib break fi if test -f "$dir/lib$lib.a"; then found=yes lib=$dir/lib$lib.a break fi done IFS=$save_IFS if test "$found" != yes; then lib=$lib.lib fi } # func_cl_wrapper cl arg... # Adjust compile command to suit cl func_cl_wrapper () { # Assume a capable shell lib_path= shared=: linker_opts= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. eat=1 case $2 in *.o | *.[oO][bB][jJ]) func_file_conv "$2" set x "$@" -Fo"$file" shift ;; *) func_file_conv "$2" set x "$@" -Fe"$file" shift ;; esac ;; -I) eat=1 func_file_conv "$2" mingw set x "$@" -I"$file" shift ;; -I*) func_file_conv "${1#-I}" mingw set x "$@" -I"$file" shift ;; -l) eat=1 func_cl_dashl "$2" set x "$@" "$lib" shift ;; -l*) func_cl_dashl "${1#-l}" set x "$@" "$lib" shift ;; -L) eat=1 func_cl_dashL "$2" ;; -L*) func_cl_dashL "${1#-L}" ;; -static) shared=false ;; -Wl,*) arg=${1#-Wl,} save_ifs="$IFS"; IFS=',' for flag in $arg; do IFS="$save_ifs" linker_opts="$linker_opts $flag" done IFS="$save_ifs" ;; -Xlinker) eat=1 linker_opts="$linker_opts $2" ;; -*) set x "$@" "$1" shift ;; *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) func_file_conv "$1" set x "$@" -Tp"$file" shift ;; *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) func_file_conv "$1" mingw set x "$@" "$file" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -n "$linker_opts"; then linker_opts="-link$linker_opts" fi exec "$@" $linker_opts exit 1 } eat= case $1 in '') echo "$0: No command. Try '$0 --help' for more information." 1>&2 exit 1; ;; -h | --h*) cat <<\EOF Usage: compile [--help] [--version] PROGRAM [ARGS] Wrapper for compilers which do not understand '-c -o'. Remove '-o dest.o' from ARGS, run PROGRAM with the remaining arguments, and rename the output as expected. If you are trying to build a whole package this is not the right script to run: please start by reading the file 'INSTALL'. Report bugs to . EOF exit $? ;; -v | --v*) echo "compile $scriptversion" exit $? ;; cl | *[/\\]cl | cl.exe | *[/\\]cl.exe | \ icl | *[/\\]icl | icl.exe | *[/\\]icl.exe ) func_cl_wrapper "$@" # Doesn't return... ;; esac ofile= cfile= for arg do if test -n "$eat"; then eat= else case $1 in -o) # configure might choose to run compile as 'compile cc -o foo foo.c'. # So we strip '-o arg' only if arg is an object. eat=1 case $2 in *.o | *.obj) ofile=$2 ;; *) set x "$@" -o "$2" shift ;; esac ;; *.c) cfile=$1 set x "$@" "$1" shift ;; *) set x "$@" "$1" shift ;; esac fi shift done if test -z "$ofile" || test -z "$cfile"; then # If no '-o' option was seen then we might have been invoked from a # pattern rule where we don't need one. That is ok -- this is a # normal compilation that the losing compiler can handle. If no # '.c' file was seen then we are probably linking. That is also # ok. exec "$@" fi # Name of file we expect compiler to create. cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` # Create the lock directory. # Note: use '[/\\:.-]' here to ensure that we don't use the same name # that we are using for the .o file. Also, base the name on the expected # object file name, since that is what matters with a parallel build. lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d while true; do if mkdir "$lockdir" >/dev/null 2>&1; then break fi sleep 1 done # FIXME: race condition here if user kills between mkdir and trap. trap "rmdir '$lockdir'; exit 1" 1 2 15 # Run the compile. "$@" ret=$? if test -f "$cofile"; then test "$cofile" = "$ofile" || mv "$cofile" "$ofile" elif test -f "${cofile}bj"; then test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" fi rmdir "$lockdir" exit $ret # Local Variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" # time-stamp-time-zone: "UTC0" # time-stamp-end: "; # UTC" # End: opendnssec-2.1.5/libhsm/0000755000202300020240000000000013560311326012124 500000000000000opendnssec-2.1.5/libhsm/src/0000755000202300020240000000000013560311326012713 500000000000000opendnssec-2.1.5/libhsm/src/bin/0000755000202300020240000000000013560311326013463 500000000000000opendnssec-2.1.5/libhsm/src/bin/hsmspeed.c0000644000202300020240000002015613560311035015360 00000000000000/* * Copyright (c) 2009 Nominet UK. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include #include "libhsm.h" #include extern hsm_repository_t* parse_conf_repositories(const char* cfgfile); #define HSMSPEED_THREADS_MAX 2048 /* Algorithm identifier and name */ ldns_algorithm algorithm = LDNS_RSASHA1; const char *algoname = "RSA/SHA1"; extern char *optarg; char *progname = NULL; typedef struct { unsigned int id; hsm_ctx_t *ctx; libhsm_key_t *key; unsigned int iterations; } sign_arg_t; static void usage () { fprintf(stderr, "usage: %s " "[-c config] -r repository [-i iterations] [-s keysize] [-t threads]\n", progname); } static void * sign (void *arg) { hsm_ctx_t *ctx = NULL; libhsm_key_t *key = NULL; size_t i; unsigned int iterations = 0; ldns_rr_list *rrset; ldns_rr *rr, *sig, *dnskey_rr; ldns_status status; hsm_sign_params_t *sign_params; sign_arg_t *sign_arg = arg; ctx = sign_arg->ctx; key = sign_arg->key; iterations = sign_arg->iterations; fprintf(stderr, "Signer thread #%d started...\n", sign_arg->id); /* Prepare dummy RRset for signing */ rrset = ldns_rr_list_new(); status = ldns_rr_new_frm_str(&rr, "regress.opendnssec.se. IN A 123.123.123.123", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); status = ldns_rr_new_frm_str(&rr, "regress.opendnssec.se. IN A 124.124.124.124", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); sign_params = hsm_sign_params_new(); sign_params->algorithm = algorithm; sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "opendnssec.se."); dnskey_rr = hsm_get_dnskey(ctx, key, sign_params); sign_params->keytag = ldns_calc_keytag(dnskey_rr); /* Do some signing */ for (i=0; ierror_message, ctx->error_action ); break; } ldns_rr_free(sig); } /* Clean up */ ldns_rr_list_deep_free(rrset); hsm_sign_params_free(sign_params); ldns_rr_free(dnskey_rr); hsm_destroy_context(ctx); fprintf(stderr, "Signer thread #%d done.\n", sign_arg->id); pthread_exit(NULL); return NULL; } int main (int argc, char *argv[]) { int result; hsm_ctx_t *ctx = NULL; libhsm_key_t *key = NULL; unsigned int keysize = 1024; unsigned int iterations = 1; unsigned int threads = 1; static struct timeval start,end; char *config = NULL; const char *repository = NULL; sign_arg_t sign_arg_array[HSMSPEED_THREADS_MAX]; pthread_t thread_array[HSMSPEED_THREADS_MAX]; pthread_attr_t thread_attr; void *thread_status; int ch; unsigned int n; double elapsed, speed; progname = argv[0]; while ((ch = getopt(argc, argv, "c:i:r:s:t:")) != -1) { switch (ch) { case 'c': config = strdup(optarg); break; case 'i': iterations = atoi(optarg); break; case 'r': repository = strdup(optarg); break; case 's': keysize = atoi(optarg); break; case 't': threads = atoi(optarg); break; default: usage(); exit(1); } } if (!repository) { usage(); exit(1); } if (threads > HSMSPEED_THREADS_MAX) { fprintf(stderr, "Number of threads specified over max, force using %d threads!\n", HSMSPEED_THREADS_MAX); threads = HSMSPEED_THREADS_MAX; } #if 0 if (!config) { usage(); exit(1); } #endif /* Open HSM library */ fprintf(stderr, "Opening HSM Library...\n"); result = hsm_open2(parse_conf_repositories(config?config:HSM_DEFAULT_CONFIG), hsm_prompt_pin); if (result != HSM_OK) { char* error = hsm_get_error(NULL); if (error != NULL) { fprintf(stderr,"%s\n", error); free(error); } exit(-1); } /* Create HSM context */ ctx = hsm_create_context(); if (! ctx) { fprintf(stderr, "hsm_create_context() returned error\n"); exit(-1); } /* Generate a temporary key */ fprintf(stderr, "Generating temporary key...\n"); key = hsm_generate_rsa_key(ctx, repository, keysize); if (key) { char *id = hsm_get_key_id(ctx, key); fprintf(stderr, "Temporary key created: %s\n", id); free(id); } else { fprintf(stderr, "Could not generate a key pair in repository \"%s\"\n", repository); exit(-1); } /* Prepare threads */ pthread_attr_init(&thread_attr); pthread_attr_setdetachstate(&thread_attr, PTHREAD_CREATE_JOINABLE); for (n=0; n 1 ? "threads" : "thread")); gettimeofday(&start, NULL); /* Create threads for signing */ for (n=0; n 1 ? "threads" : "thread"), iterations, speed, keysize); /* Delete temporary key */ fprintf(stderr, "Deleting temporary key...\n"); result = hsm_remove_key(ctx, key); if (result) { fprintf(stderr, "hsm_remove_key() returned %d\n", result); exit(-1); } /* Clean up */ hsm_destroy_context(ctx); (void) hsm_close(); if (config) free(config); return 0; } opendnssec-2.1.5/libhsm/src/bin/confparser.c0000644000202300020240000001232413560311035015710 00000000000000/* * Copyright (c) 2009 NLNet Labs. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /** * Parsing configuration files. * */ #include "config.h" #include "compat.h" #include "log.h" #include "status.h" #include #include #include #include #include #include "libhsm.h" static const char* parser_str = "parser"; /** * Parse the repositories. * */ hsm_repository_t* parse_conf_repositories(const char* cfgfile) { xmlDocPtr doc = NULL; xmlXPathContextPtr xpathCtx = NULL; xmlXPathObjectPtr xpathObj = NULL; xmlNode* curNode = NULL; xmlChar* xexpr = NULL; int i; char* name; char* module; char* tokenlabel; char* pin; uint8_t use_pubkey; uint8_t allowextract; int require_backup; hsm_repository_t* rlist = NULL; hsm_repository_t* repo = NULL; /* Load XML document */ doc = xmlParseFile(cfgfile); if (doc == NULL) { ods_log_error("[%s] could not parse : " "xmlParseFile() failed", parser_str); return NULL; } /* Create xpath evaluation context */ xpathCtx = xmlXPathNewContext(doc); if(xpathCtx == NULL) { xmlFreeDoc(doc); ods_log_error("[%s] could not parse : " "xmlXPathNewContext() failed", parser_str); return NULL; } /* Evaluate xpath expression */ xexpr = (xmlChar*) "//Configuration/RepositoryList/Repository"; xpathObj = xmlXPathEvalExpression(xexpr, xpathCtx); if(xpathObj == NULL) { xmlXPathFreeContext(xpathCtx); xmlFreeDoc(doc); ods_log_error("[%s] could not parse : " "xmlXPathEvalExpression failed", parser_str); return NULL; } /* Parse repositories */ if (xpathObj->nodesetval && xpathObj->nodesetval->nodeNr > 0) { for (i = 0; i < xpathObj->nodesetval->nodeNr; i++) { repo = NULL; name = NULL; module = NULL; tokenlabel = NULL; pin = NULL; use_pubkey = 1; allowextract = 0; require_backup = 0; curNode = xpathObj->nodesetval->nodeTab[i]->xmlChildrenNode; name = (char *) xmlGetProp(xpathObj->nodesetval->nodeTab[i], (const xmlChar *)"name"); while (curNode) { if (xmlStrEqual(curNode->name, (const xmlChar *)"RequireBackup")) require_backup = 1; if (xmlStrEqual(curNode->name, (const xmlChar *)"Module")) module = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"TokenLabel")) tokenlabel = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"PIN")) pin = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"SkipPublicKey")) use_pubkey = 0; if (xmlStrEqual(curNode->name, (const xmlChar *)"AllowExtraction")) allowextract = 1; curNode = curNode->next; } if (name && module && tokenlabel) { repo = hsm_repository_new(name, module, tokenlabel, pin, use_pubkey, allowextract, require_backup); } if (!repo) { ods_log_error("[%s] unable to add %s repository: " "hsm_repository_new() failed", parser_str, name?name:"-"); } else { repo->next = rlist; rlist = repo; ods_log_debug("[%s] added %s repository to repositorylist", parser_str, name); } free((void*)name); free((void*)module); free((void*)tokenlabel); } } xmlXPathFreeObject(xpathObj); xmlXPathFreeContext(xpathCtx); if (doc) { xmlFreeDoc(doc); } return rlist; } opendnssec-2.1.5/libhsm/src/bin/ods-hsmspeed.1.in0000644000202300020240000000357413560310771016501 00000000000000.TH "ods-hsmspeed" "1" "February 2010" "OpenDNSSEC" "OpenDNSSEC ods-hsmspeed" .SH "NAME" .LP .B ods\-hsmspeed \- OpenDNSSEC HSM speed tester .SH "SYNOPSIS" .LP .B ods\-hsmspeed .RB [ \-c .IR config ] .B \-r .I repository .RB [ \-i .IR iterations ] .RB [ \-s .IR keysize ] .RB [ \-t .IR threads ] .SH "DESCRIPTION" .LP The ods\-hsmspeed utility is part of OpenDNSSEC and can be used to test the performance of the configured HSMs. The components of OpenDNSSEC do not talk directly to the HSMs, but uses an internal library called libhsm. It then talks to the HSMs using PKCS#11. The libhsm simplifies the process of creating keys and signatures for the other components of OpenDNSSEC. ods\-hsmspeed will measure the speed by using the libhsm. The result that you get is somewhat lower than what the manufactures promises, because the libhsm creates some overhead to the pure PKCS#11 environment. .SH "OPTIONS" .LP .TP \fB\-c\fR \fIconfig\fR Path to an OpenDNSSEC configuration file. (defaults to @OPENDNSSEC_CONFIG_FILE@) .TP \fB\-i\fR \fIiterations\fR Specify the number of \fIiterations\fR for signing an RRset. A higher number of iterations will increase the performance. (defaults to 1 iteration) .TP \fB\-r\fR \fIrepository\fR The speed test will be performed on this \fIrepository\fR. .TP \fB\-s\fR \fIkeysize\fR A temporary RSA key with the given \fIkeysize\fR will be used for signing. (defaults to 1024 bit) .TP \fB\-t\fR \fIthreads\fR The number of \fIthreads\fR to use. Most HSMs will be utilized better with multiple threads. (defaults to 1 thread) .SH "SEE ALSO" .LP ods\-control(8), ods\-enforcerd(8), ods\-enforcer(8), ods\-hsmutil(1), ods\-kaspcheck(1), ods\-signer(8), ods\-signerd(8), ods\-timing(5), ods\-kasp(5), ods\-hsmspeed(1), opendnssec(7), .B http://www.opendnssec.org/ .SH "AUTHORS" .LP .B ods\-hsmspeed was written by Jakob Schlyter and Nominet as part of the OpenDNSSEC project. opendnssec-2.1.5/libhsm/src/bin/hsmtest.c0000644000202300020240000002570013560310771015245 00000000000000/* * Copyright (c) 2009 Nominet UK. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include "libhsm.h" #include #include "hsmtest.h" static int hsm_test_sign (hsm_ctx_t *ctx, libhsm_key_t *key, ldns_algorithm alg) { int result; ldns_rr_list *rrset; ldns_rr *rr, *sig, *dnskey_rr; ldns_status status; hsm_sign_params_t *sign_params; rrset = ldns_rr_list_new(); status = ldns_rr_new_frm_str(&rr, "example.com. IN A 192.168.0.1", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); status = ldns_rr_new_frm_str(&rr, "example.com. IN A 192.168.0.2", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); sign_params = hsm_sign_params_new(); sign_params->algorithm = alg; sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "example.com."); dnskey_rr = hsm_get_dnskey(ctx, key, sign_params); sign_params->keytag = ldns_calc_keytag(dnskey_rr); sig = hsm_sign_rrset(ctx, rrset, key, sign_params); if (sig) { result = 0; ldns_rr_free(sig); } else { result = 1; } ldns_rr_list_deep_free(rrset); hsm_sign_params_free(sign_params); ldns_rr_free(dnskey_rr); return result; } static int hsm_test_random(hsm_ctx_t *ctx) { int result; unsigned char rnd_buf[1024]; uint32_t r32; uint64_t r64; printf("Generating %lu bytes of random data... ", (unsigned long) sizeof(rnd_buf)); result = hsm_random_buffer(ctx, rnd_buf, sizeof(rnd_buf)); if (result) { printf("Failed, error: %d\n", result); hsm_print_error(ctx); return 1; } else { printf("OK\n"); } printf("Generating 32-bit random data... "); r32 = hsm_random32(ctx); printf("%u\n", r32); printf("Generating 64-bit random data... "); r64 = hsm_random64(ctx); printf("%llu\n", (long long unsigned int)r64); return 0; } int hsm_test (const char *repository, hsm_ctx_t* ctx) { int result; const unsigned int rsa_keysizes[] = { 512, 768, 1024, 1536, 2048, 4096 }; const unsigned int dsa_keysizes[] = { 512, 768, 1024 }; unsigned int keysize; /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA const ldns_algorithm ec_curves[] = { LDNS_ECDSAP256SHA256, LDNS_ECDSAP384SHA384 }; ldns_algorithm curve; #endif libhsm_key_t *key = NULL; char *id; int errors = 0; unsigned int i = 0; /* Check for repository before starting any tests */ if (hsm_token_attached(ctx, repository) == 0) { hsm_print_error(ctx); return 1; } /* * Test key generation, signing and deletion for a number of key size */ for (i=0; i<(sizeof(rsa_keysizes)/sizeof(unsigned int)); i++) { keysize = rsa_keysizes[i]; printf("Generating %d-bit RSA key... ", keysize); key = hsm_generate_rsa_key(ctx, repository, keysize); if (!key) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); continue; } else { printf("OK\n"); } printf("Extracting key identifier... "); id = hsm_get_key_id(ctx, key); if (!id) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); } else { printf("OK, %s\n", id); } free(id); printf("Signing (RSA/SHA1) with key... "); result = hsm_test_sign(ctx, key, LDNS_RSASHA1); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } printf("Signing (RSA/SHA256) with key... "); result = hsm_test_sign(ctx, key, LDNS_RSASHA256); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } if ( keysize >= 1024) { printf("Signing (RSA/SHA512) with key... "); result = hsm_test_sign(ctx, key, LDNS_RSASHA512); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } } printf("Deleting key... "); result = hsm_remove_key(ctx, key); if (result) { errors++; printf("Failed: error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } libhsm_key_free(key); printf("\n"); } /* * Test key generation, signing and deletion for a number of key size */ for (i=0; i<(sizeof(dsa_keysizes)/sizeof(unsigned int)); i++) { keysize = dsa_keysizes[i]; printf("Generating %d-bit DSA key... ", keysize); key = hsm_generate_dsa_key(ctx, repository, keysize); if (!key) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); continue; } else { printf("OK\n"); } printf("Extracting key identifier... "); id = hsm_get_key_id(ctx, key); if (!id) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); } else { printf("OK, %s\n", id); } free(id); printf("Signing (DSA/SHA1) with key... "); result = hsm_test_sign(ctx, key, LDNS_DSA); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } printf("Deleting key... "); result = hsm_remove_key(ctx, key); if (result) { errors++; printf("Failed: error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } libhsm_key_free(key); printf("\n"); } /* * Test key generation, signing and deletion for a number of key size */ for (i=0; i<1; i++) { printf("Generating 512-bit GOST key... "); key = hsm_generate_gost_key(ctx, repository); if (!key) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); continue; } else { printf("OK\n"); } printf("Extracting key identifier... "); id = hsm_get_key_id(ctx, key); if (!id) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); } else { printf("OK, %s\n", id); } free(id); printf("Signing (GOST) with key... "); result = hsm_test_sign(ctx, key, LDNS_ECC_GOST); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } printf("Deleting key... "); result = hsm_remove_key(ctx, key); if (result) { errors++; printf("Failed: error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } libhsm_key_free(key); printf("\n"); } /* * Test key generation, signing and deletion for a number of key size */ /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA for (i=0; i<(sizeof(ec_curves)/sizeof(ldns_algorithm)); i++) { curve = ec_curves[i]; if (curve == LDNS_ECDSAP256SHA256) { printf("Generating ECDSA Curve P-256 key... "); key = hsm_generate_ecdsa_key(ctx, repository, "P-256"); } else if (curve == LDNS_ECDSAP384SHA384) { printf("Generating ECDSA Curve P-384 key... "); key = hsm_generate_ecdsa_key(ctx, repository, "P-384"); } else { printf("Failed: Unknown ECDSA curve\n"); continue; } if (!key) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); continue; } else { printf("OK\n"); } printf("Extracting key identifier... "); id = hsm_get_key_id(ctx, key); if (!id) { errors++; printf("Failed\n"); hsm_print_error(ctx); printf("\n"); } else { printf("OK, %s\n", id); } free(id); if (curve == LDNS_ECDSAP256SHA256) { printf("Signing (ECDSA/SHA256) with key... "); } else if (curve == LDNS_ECDSAP384SHA384) { printf("Signing (ECDSA/SHA384) with key... "); } else { printf("Signing with key... "); } result = hsm_test_sign(ctx, key, curve); if (result) { errors++; printf("Failed, error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } printf("Deleting key... "); result = hsm_remove_key(ctx, key); if (result) { errors++; printf("Failed: error: %d\n", result); hsm_print_error(ctx); } else { printf("OK\n"); } libhsm_key_free(key); printf("\n"); } #endif if (hsm_test_random(ctx)) { errors++; } return errors; } opendnssec-2.1.5/libhsm/src/bin/ods-hsmutil.1.in0000644000202300020240000000526013560310771016350 00000000000000.TH "ods-hsmutil" "1" "February 2010" "OpenDNSSEC" "OpenDNSSEC ods-hsmutil" .SH "NAME" .LP .B ods\-hsmutil \- OpenDNSSEC HSM utility .SH "SYNOPSIS" .LP .B ods\-hsmutil .RB [ \-c .IR config ] .RB [ \-v ] .B command .RB [ options ] .SH "DESCRIPTION" .LP The ods\-hsmutil utility is mainly used for debugging or testing. It is designed to interact directly with your HSM and can be used to manually list, create or delete keys. It can also be used to perform a set of basics HSM tests. Be careful before creating or deleting keys using ods\-hsmutil, as the changes are not synchronized with the KASP Enforcer. The repositories are configured by the user in the OpenDNSSEC configuration file. The configuration contains the name of the repository, the token label, the user PIN, and the path to its shared library. .SH "COMMANDS" .LP .TP \fBlogin\fR If there is no PIN in conf.xml, then this command will ask for it and login. The PINs are stored in a shared memory and are accessible to the other daemons. .TP \fBlogout\fR Will erase the semaphore and the shared memory containing any credentials. Authenticated processes will still be able to interact with the HSM. .TP \fBlist\fR [\fIrepository\fR] List the keys that are available in all or one \fIrepository\fR .TP \fBgenerate\fR \fIrepository\fR \fBrsa|dsa|gost|ecdsa\fR [\fIkeysize\fR] Generate a new key with the given \fIkeysize\fR in the \fIrepository\fR. Note that GOST has a fixed key size and that ECDSA has two supported curves, P-256 and P-384. In the case of ECDSA, use 256 or 384 as the \fIkeysize\fR. .TP \fBremove\fR \fIid\fR Delete the key with the given \fIid\fR .TP \fBpurge\fR \fIrepository\fR Delete all keys in one \fIrepository\fR .TP \fBdnskey\fR \fIid\fR \fIname\fR \fItype\fR \fIalgo\fR Create a DNSKEY RR for the given owner \fIname\fR based on the key with this \fIid\fR. The \fItype\fR will indicate if it is a KSK (257) or ZSK (256). Please use the numerical value. The \fIalgo\fR, a value from the IANA repository, must match the algorithm of the key. .TP \fBtest\fR \fIrepository\fR Perform a number of tests on a \fIrepository\fR .TP \fBinfo\fR Show detailed information about all repositories .SH "OPTIONS" .LP .TP \fB\-c\fR \fIconfig\fR Path to an OpenDNSSEC configuration file (defaults to @OPENDNSSEC_CONFIG_FILE@) .TP \fB\-h\fR Show the help screen .TP \fB\-v\fR Output more information by increasing the verbosity level .SH "SEE ALSO" .LP ods\-control(8), ods\-enforcerd(8), ods\-hsmspeed(1), ods\-kaspcheck(1), ods\-signer(8), ods\-signerd(8), ods\-enforcer(8), ods\-timing(5), ods\-kasp(5), opendnssec(7), .B http://www.opendnssec.org/ .SH "AUTHORS" .LP .B ods\-hsmutil was written by Jakob Schlyter as part of the OpenDNSSEC project. opendnssec-2.1.5/libhsm/src/bin/hsmtest.h0000644000202300020240000000263513560310771015254 00000000000000/* * Copyright (c) 2009 Nominet UK. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef HSMTEST_H #define HSMTEST_H 1 int hsm_test (const char *repository, hsm_ctx_t* ctx); #endif /* HSMTEST_H */ opendnssec-2.1.5/libhsm/src/bin/Makefile.am0000644000202300020240000000112713560311035015435 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in LIBCOMPAT = ${top_builddir}/common/libcompat.a AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/../lib \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 bin_PROGRAMS = ods-hsmutil ods-hsmspeed man1_MANS = ods-hsmutil.1 ods-hsmspeed.1 ods_hsmutil_SOURCES = hsmutil.c hsmtest.c hsmtest.h confparser.c ods_hsmutil_LDADD = ../lib/libhsm.a @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) ods_hsmspeed_SOURCES = hsmspeed.c confparser.c ods_hsmspeed_LDADD = ../lib/libhsm.a -lpthread @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) opendnssec-2.1.5/libhsm/src/bin/Makefile.in0000644000202300020240000007130713560311314015455 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ bin_PROGRAMS = ods-hsmutil$(EXEEXT) ods-hsmspeed$(EXEEXT) subdir = libhsm/src/bin ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = ods-hsmspeed.1 ods-hsmutil.1 CONFIG_CLEAN_VPATH_FILES = am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" PROGRAMS = $(bin_PROGRAMS) am_ods_hsmspeed_OBJECTS = hsmspeed.$(OBJEXT) confparser.$(OBJEXT) ods_hsmspeed_OBJECTS = $(am_ods_hsmspeed_OBJECTS) ods_hsmspeed_DEPENDENCIES = ../lib/libhsm.a $(LIBCOMPAT) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = am_ods_hsmutil_OBJECTS = hsmutil.$(OBJEXT) hsmtest.$(OBJEXT) \ confparser.$(OBJEXT) ods_hsmutil_OBJECTS = $(am_ods_hsmutil_OBJECTS) ods_hsmutil_DEPENDENCIES = ../lib/libhsm.a $(LIBCOMPAT) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/common depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/confparser.Po \ ./$(DEPDIR)/hsmspeed.Po ./$(DEPDIR)/hsmtest.Po \ ./$(DEPDIR)/hsmutil.Po am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(ods_hsmspeed_SOURCES) $(ods_hsmutil_SOURCES) DIST_SOURCES = $(ods_hsmspeed_SOURCES) $(ods_hsmutil_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; am__install_max = 40 am__nobase_strip_setup = \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` am__nobase_strip = \ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" am__nobase_list = $(am__nobase_strip_setup); \ for p in $$list; do echo "$$p $$p"; done | \ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ if (++n[$$2] == $(am__install_max)) \ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ END { for (dir in files) print dir, files[dir] }' am__base_list = \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' am__uninstall_files_from_dir = { \ test -z "$$files" \ || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ $(am__cd) "$$dir" && rm -f $$files; }; \ } man1dir = $(mandir)/man1 NROFF = nroff MANS = $(man1_MANS) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/ods-hsmspeed.1.in \ $(srcdir)/ods-hsmutil.1.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in LIBCOMPAT = ${top_builddir}/common/libcompat.a AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/../lib \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 man1_MANS = ods-hsmutil.1 ods-hsmspeed.1 ods_hsmutil_SOURCES = hsmutil.c hsmtest.c hsmtest.h confparser.c ods_hsmutil_LDADD = ../lib/libhsm.a @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) ods_hsmspeed_SOURCES = hsmspeed.c confparser.c ods_hsmspeed_LDADD = ../lib/libhsm.a -lpthread @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) all: all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libhsm/src/bin/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign libhsm/src/bin/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): ods-hsmspeed.1: $(top_builddir)/config.status $(srcdir)/ods-hsmspeed.1.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ ods-hsmutil.1: $(top_builddir)/config.status $(srcdir)/ods-hsmutil.1.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ fi; \ for p in $$list; do echo "$$p $$p"; done | \ sed 's/$(EXEEXT)$$//' | \ while read p p1; do if test -f $$p \ || test -f $$p1 \ ; then echo "$$p"; echo "$$p"; else :; fi; \ done | \ sed -e 'p;s,.*/,,;n;h' \ -e 's|.*|.|' \ -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ sed 'N;N;N;s,\n, ,g' | \ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ if ($$2 == $$4) files[d] = files[d] " " $$1; \ else { print "f", $$3 "/" $$4, $$1; } } \ END { for (d in files) print "f", d, files[d] }' | \ while read type dir files; do \ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ test -z "$$files" || { \ echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ } \ ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ files=`for p in $$list; do echo "$$p"; done | \ sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ -e 's/$$/$(EXEEXT)/' \ `; \ test -n "$$list" || exit 0; \ echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ echo " rm -f" $$list; \ rm -f $$list || exit $$?; \ test -n "$(EXEEXT)" || exit 0; \ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list ods-hsmspeed$(EXEEXT): $(ods_hsmspeed_OBJECTS) $(ods_hsmspeed_DEPENDENCIES) $(EXTRA_ods_hsmspeed_DEPENDENCIES) @rm -f ods-hsmspeed$(EXEEXT) $(AM_V_CCLD)$(LINK) $(ods_hsmspeed_OBJECTS) $(ods_hsmspeed_LDADD) $(LIBS) ods-hsmutil$(EXEEXT): $(ods_hsmutil_OBJECTS) $(ods_hsmutil_DEPENDENCIES) $(EXTRA_ods_hsmutil_DEPENDENCIES) @rm -f ods-hsmutil$(EXEEXT) $(AM_V_CCLD)$(LINK) $(ods_hsmutil_OBJECTS) $(ods_hsmutil_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/confparser.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hsmspeed.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hsmtest.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hsmutil.Po@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @echo '# dummy' >$@-t && $(am__mv) $@-t $@ am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs install-man1: $(man1_MANS) @$(NORMAL_INSTALL) @list1='$(man1_MANS)'; \ list2=''; \ test -n "$(man1dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ echo " $(MKDIR_P) '$(DESTDIR)$(man1dir)'"; \ $(MKDIR_P) "$(DESTDIR)$(man1dir)" || exit 1; \ { for i in $$list1; do echo "$$i"; done; \ if test -n "$$list2"; then \ for i in $$list2; do echo "$$i"; done \ | sed -n '/\.1[a-z]*$$/p'; \ fi; \ } | while read p; do \ if test -f $$p; then d=; else d="$(srcdir)/"; fi; \ echo "$$d$$p"; echo "$$p"; \ done | \ sed -e 'n;s,.*/,,;p;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,' | \ sed 'N;N;s,\n, ,g' | { \ list=; while read file base inst; do \ if test "$$base" = "$$inst"; then list="$$list $$file"; else \ echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man1dir)/$$inst'"; \ $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man1dir)/$$inst" || exit $$?; \ fi; \ done; \ for i in $$list; do echo "$$i"; done | $(am__base_list) | \ while read files; do \ test -z "$$files" || { \ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(man1dir)'"; \ $(INSTALL_DATA) $$files "$(DESTDIR)$(man1dir)" || exit $$?; }; \ done; } uninstall-man1: @$(NORMAL_UNINSTALL) @list='$(man1_MANS)'; test -n "$(man1dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^1][0-9a-z]*$$,1,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man1dir)'; $(am__uninstall_files_from_dir) ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am check: check-am all-am: Makefile $(PROGRAMS) $(MANS) installdirs: for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-binPROGRAMS clean-generic clean-libtool mostlyclean-am distclean: distclean-am -rm -f ./$(DEPDIR)/confparser.Po -rm -f ./$(DEPDIR)/hsmspeed.Po -rm -f ./$(DEPDIR)/hsmtest.Po -rm -f ./$(DEPDIR)/hsmutil.Po -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-man install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-binPROGRAMS install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-man1 install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/confparser.Po -rm -f ./$(DEPDIR)/hsmspeed.Po -rm -f ./$(DEPDIR)/hsmtest.Po -rm -f ./$(DEPDIR)/hsmutil.Po -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: uninstall-binPROGRAMS uninstall-man uninstall-man: uninstall-man1 .MAKE: install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ clean-binPROGRAMS clean-generic clean-libtool cscopelist-am \ ctags ctags-am distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-binPROGRAMS \ install-data install-data-am install-dvi install-dvi-am \ install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-man1 \ install-pdf install-pdf-am install-ps install-ps-am \ install-strip installcheck installcheck-am installdirs \ maintainer-clean maintainer-clean-generic mostlyclean \ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ pdf pdf-am ps ps-am tags tags-am uninstall uninstall-am \ uninstall-binPROGRAMS uninstall-man uninstall-man1 .PRECIOUS: Makefile # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/libhsm/src/bin/hsmutil.c0000644000202300020240000004276213560311035015244 00000000000000/* * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2009 NLNet Labs. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include #include "libhsm.h" #include "hsmtest.h" #include extern hsm_repository_t* parse_conf_repositories(const char* cfgfile); extern char *optarg; char *progname = NULL; unsigned int verbose = 0; hsm_ctx_t *ctx = NULL; static void version () { fprintf(stderr, "%s (%s) version %s\n", progname, PACKAGE_NAME, PACKAGE_VERSION); } static void usage () { fprintf(stderr, "usage: %s [-c config] [-vVfh] [command [options]]\n", progname); fprintf(stderr," -h Print this usage information.\n"); fprintf(stderr," -v Increase verbosity.\n"); fprintf(stderr," -V Print version and exit.\n"); fprintf(stderr," -f Force, Assume yes on all questions.\n"); fprintf(stderr," -c Use alternative conf.xml.\n"); fprintf(stderr,"commands\n"); fprintf(stderr," login\n"); fprintf(stderr," logout\n"); fprintf(stderr," list [repository]\n"); fprintf(stderr," generate rsa|dsa|gost|ecdsa [keysize]\n"); fprintf(stderr," remove \n"); fprintf(stderr," purge \n"); fprintf(stderr," dnskey \n"); fprintf(stderr," test \n"); fprintf(stderr," info\n"); #if 0 fprintf(stderr," debug\n"); #endif } static int cmd_login () { printf("The tokens are now logged in.\n"); return 0; } static int cmd_logout () { if (hsm_logout_pin() != HSM_OK) { printf("Failed to erase the credentials.\n"); hsm_print_error(NULL); return 1; } printf("The credentials has been erased.\n"); return 0; } #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wformat-nonliteral" static int cmd_list (int argc, char *argv[]) { size_t i; char *repository = NULL; size_t key_count = 0; size_t key_count_valid = 0; libhsm_key_t **keys; const char *key_info_format = "%-20s %-32s %-10s\n"; ctx = hsm_create_context(); if (argc) { repository = argv[0]; argc--; argv++; /* Check for repository before starting using it */ if (hsm_token_attached(ctx, repository) == 0) { hsm_print_error(ctx); return 1; } fprintf(stdout, "\nListing keys in repository: %s\n", repository); keys = hsm_list_keys_repository(ctx, &key_count, repository); } else { fprintf(stdout, "\nListing keys in all repositories.\n"); keys = hsm_list_keys(ctx, &key_count); } fprintf(stdout, "%u %s found.\n\n", (unsigned int) key_count, (key_count > 1 || key_count == 0 ? "keys" : "key")); if (!keys) { return -1; } /* print fancy header */ fprintf(stdout, key_info_format, "Repository", "ID", "Type"); fprintf(stdout, key_info_format, "----------", "--", "----"); for (i = 0; i < key_count; i++) { libhsm_key_info_t *key_info; libhsm_key_t *key = NULL; char key_type[HSM_MAX_ALGONAME + 8]; char const * key_id = NULL; key = keys[i]; if (key == NULL) { /* Skip NULL key for now */ continue; } key_count_valid++; key_info = hsm_get_key_info(ctx, key); if (key_info) { snprintf(key_type, sizeof(key_type), "%s/%lu", key_info->algorithm_name, key_info->keysize); key_id = key_info->id; } else { snprintf(key_type, sizeof(key_type), "UNKNOWN"); key_id = "UNKNOWN"; } printf(key_info_format, key->modulename, key_id, key_type); libhsm_key_info_free(key_info); } libhsm_key_list_free(keys, key_count); if (key_count != key_count_valid) { size_t invalid_keys; invalid_keys = key_count - key_count_valid; printf("\n"); fprintf(stderr, "Warning: %u %s not usable by OpenDNSSEC was found.\n", (unsigned int) invalid_keys, invalid_keys > 1 ? "keys" : "key"); } return 0; } #pragma GCC diagnostic pop static int cmd_generate (int argc, char *argv[]) { const char *repository = NULL; const char *algorithm = NULL; unsigned int keysize = 1024; libhsm_key_t *key = NULL; if (argc < 2 || argc > 3) { usage(); return -1; } repository = argv[0]; /* Check for repository before starting using it */ if (hsm_token_attached(ctx, repository) == 0) { hsm_print_error(ctx); return 1; } algorithm = argv[1]; if (argc == 3) { keysize = atoi(argv[2]); } if (!strcasecmp(algorithm, "rsa")) { printf("Generating %d bit RSA key in repository: %s\n", keysize, repository); key = hsm_generate_rsa_key(ctx, repository, keysize); } else if (!strcasecmp(algorithm, "dsa")) { printf("Generating %d bit DSA key in repository: %s\n", keysize, repository); key = hsm_generate_dsa_key(ctx, repository, keysize); } else if (!strcasecmp(algorithm, "gost")) { printf("Generating 512 bit GOST key in repository: %s\n", repository); key = hsm_generate_gost_key(ctx, repository); } else if (!strcasecmp(algorithm, "ecdsa")) { if (keysize == 256) { printf("Generating a P-256 ECDSA key in repository: %s\n", repository); key = hsm_generate_ecdsa_key(ctx, repository, "P-256"); } else if (keysize == 384) { printf("Generating a P-384 ECDSA key in repository: %s\n", repository); key = hsm_generate_ecdsa_key(ctx, repository, "P-384"); } else { printf("Invalid ECDSA key size: %d\n", keysize); printf("Expecting 256 or 384.\n"); return -1; } } else { printf("Unknown algorithm: %s\n", algorithm); return -1; } if (key) { libhsm_key_info_t *key_info; key_info = hsm_get_key_info(ctx, key); printf("Key generation successful: %s\n", key_info ? key_info->id : "NULL"); libhsm_key_info_free(key_info); if (verbose) hsm_print_key(ctx, key); libhsm_key_free(key); } else { printf("Key generation failed.\n"); return -1; } return 0; } static int cmd_remove (int argc, char *argv[]) { char *id; int result; libhsm_key_t *key = NULL; if (argc != 1) { usage(); return -1; } id = argv[0]; key = hsm_find_key_by_id(ctx, id); if (!key) { printf("Key not found: %s\n", id); return -1; } result = hsm_remove_key(ctx, key); if (!result) { printf("Key remove successful.\n"); } else { printf("Key remove failed.\n"); } libhsm_key_free(key); return result; } static int cmd_purge (int argc, char *argv[], int force) { int result; int final_result = 0; char *fresult; size_t i; char *repository = NULL; char confirm[16]; size_t key_count = 0; libhsm_key_t **keys; if (argc != 1) { usage(); return -1; } repository = argv[0]; argc--; argv++; /* Check for repository before starting using it */ if (hsm_token_attached(ctx, repository) == 0) { hsm_print_error(ctx); return 1; } printf("Purging all keys from repository: %s\n", repository); keys = hsm_list_keys_repository(ctx, &key_count, repository); printf("%u %s found.\n\n", (unsigned int) key_count, (key_count > 1 || key_count == 0 ? "keys" : "key")); if (!keys) { return -1; } if (key_count == 0) { libhsm_key_list_free(keys, key_count); return -1; } if (!force) { printf("Are you sure you want to remove ALL keys from repository %s ? (YES/NO) ", repository); fresult = fgets(confirm, sizeof(confirm) - 1, stdin); if (fresult == NULL || strncasecmp(confirm, "yes", 3) != 0) { printf("\npurge cancelled.\n"); libhsm_key_list_free(keys, key_count); return -1; } } printf("\nStarting purge...\n"); for (i = 0; i < key_count; i++) { libhsm_key_info_t *key_info; libhsm_key_t *key = keys[i]; key_info = hsm_get_key_info(ctx, key); result = hsm_remove_key(ctx, key); if (!result) { printf("Key remove successful: %s\n", key_info ? key_info->id : "NULL"); } else { printf("Key remove failed: %s\n", key_info ? key_info->id : "NULL"); final_result++; } libhsm_key_info_free(key_info); } libhsm_key_list_free(keys, key_count); printf("Purge done.\n"); return final_result; } static int cmd_dnskey (int argc, char *argv[]) { char *id; char *name; int type; int algo; libhsm_key_t *key = NULL; ldns_rr *dnskey_rr; hsm_sign_params_t *sign_params; if (argc != 4) { usage(); return -1; } id = strdup(argv[0]); name = strdup(argv[1]); type = atoi(argv[2]); algo = atoi(argv[3]); key = hsm_find_key_by_id(ctx, id); if (!key) { printf("Key not found: %s\n", id); free(name); free(id); return -1; } if (type != LDNS_KEY_ZONE_KEY && type != LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY) { printf("Invalid key type: %i\n", type); printf("Please use: %i or %i\n", LDNS_KEY_ZONE_KEY, LDNS_KEY_ZONE_KEY + LDNS_KEY_SEP_KEY); free(name); free(id); free(key); return -1; } libhsm_key_info_t *key_info = hsm_get_key_info(ctx, key); switch (algo) { case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: if (strcmp(key_info->algorithm_name, "RSA") != 0) { printf("Not an RSA key, the key is of algorithm %s.\n", key_info->algorithm_name); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } break; case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: if (strcmp(key_info->algorithm_name, "DSA") != 0) { printf("Not a DSA key, the key is of algorithm %s.\n", key_info->algorithm_name); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } break; case LDNS_SIGN_ECC_GOST: if (strcmp(key_info->algorithm_name, "GOST") != 0) { printf("Not a GOST key, the key is of algorithm %s.\n", key_info->algorithm_name); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } break; /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: if (strcmp(key_info->algorithm_name, "ECDSA") != 0) { printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } if (key_info->keysize != 256) { printf("The key is a ECDSA/%lu, expecting ECDSA/256 for this algorithm.\n", key_info->keysize); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } break; case LDNS_SIGN_ECDSAP384SHA384: if (strcmp(key_info->algorithm_name, "ECDSA") != 0) { printf("Not an ECDSA key, the key is of algorithm %s.\n", key_info->algorithm_name); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } if (key_info->keysize != 384) { printf("The key is a ECDSA/%lu, expecting ECDSA/384 for this algorithm.\n", key_info->keysize); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } break; #endif default: printf("Invalid algorithm: %i\n", algo); libhsm_key_info_free(key_info); free(key); free(name); free(id); return -1; } libhsm_key_info_free(key_info); sign_params = hsm_sign_params_new(); sign_params->algorithm = algo; sign_params->flags = type; sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, name); dnskey_rr = hsm_get_dnskey(ctx, key, sign_params); sign_params->keytag = ldns_calc_keytag(dnskey_rr); ldns_rr_print(stdout, dnskey_rr); hsm_sign_params_free(sign_params); ldns_rr_free(dnskey_rr); libhsm_key_free(key); free(name); free(id); return 0; } static int cmd_test (int argc, char *argv[], hsm_ctx_t* ctx) { char *repository = NULL; if (argc) { repository = strdup(argv[0]); argc--; argv++; printf("Testing repository: %s\n\n", repository); int rv = hsm_test(repository, ctx); if (repository) free(repository); return rv; } else { usage(); } return 0; } static int cmd_info (hsm_ctx_t* ctx) { hsm_print_tokeninfo(ctx); return 0; } static int cmd_debug (hsm_ctx_t* ctx) { hsm_print_ctx(ctx); return 0; } int main (int argc, char *argv[]) { int result; char *config = NULL; int ch; int force = 0; progname = argv[0]; while ((ch = getopt(argc, argv, "c:vVhf")) != -1) { switch (ch) { case 'c': config = strdup(optarg); break; case 'f': force = 1; break; case 'v': verbose++; break; case 'V': version(); exit(0); break; case 'h': usage(); exit(0); break; default: usage(); exit(1); } } argc -= optind; argv += optind; if (!argc) { usage(); exit(1); } if (!strcasecmp(argv[0], "logout")) { if (config) free(config); exit(cmd_logout()); } result = hsm_open2(parse_conf_repositories(config?config:HSM_DEFAULT_CONFIG), hsm_prompt_pin); if (result != HSM_OK) { char* error = hsm_get_error(NULL); if (error != NULL) { fprintf(stderr,"%s\n", error); free(error); } exit(-1); } ctx = hsm_create_context(); openlog("hsmutil", LOG_PID, LOG_USER); if (!strcasecmp(argv[0], "login")) { argc --; argv ++; result = cmd_login(); } else if (!strcasecmp(argv[0], "list")) { argc --; argv ++; result = cmd_list(argc, argv); } else if (!strcasecmp(argv[0], "generate")) { argc --; argv ++; result = cmd_generate(argc, argv); } else if (!strcasecmp(argv[0], "remove")) { argc --; argv ++; result = cmd_remove(argc, argv); } else if (!strcasecmp(argv[0], "purge")) { argc --; argv ++; result = cmd_purge(argc, argv, force); } else if (!strcasecmp(argv[0], "dnskey")) { argc --; argv ++; result = cmd_dnskey(argc, argv); } else if (!strcasecmp(argv[0], "test")) { argc --; argv ++; result = cmd_test(argc, argv, ctx); } else if (!strcasecmp(argv[0], "info")) { argc --; argv ++; result = cmd_info(ctx); } else if (!strcasecmp(argv[0], "debug")) { argc --; argv ++; result = cmd_debug(ctx); } else { usage(); result = -1; } hsm_destroy_context(ctx); hsm_close(); if (config) free(config); closelog(); exit(result); } opendnssec-2.1.5/libhsm/src/lib/0000755000202300020240000000000013560311326013461 500000000000000opendnssec-2.1.5/libhsm/src/lib/cryptoki_compat/0000755000202300020240000000000013560311326016670 500000000000000opendnssec-2.1.5/libhsm/src/lib/cryptoki_compat/pkcs11.h0000644000202300020240000012402713560310771020074 00000000000000/* pkcs11.h Copyright 2006, 2007 g10 Code GmbH Copyright 2006 Andreas Jellinghaus This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without modifications, as long as this notice is preserved. This file is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY, to the extent permitted by law; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */ /* Please submit changes back to the Scute project at http://www.scute.org/ (or send them to marcus@g10code.com), so that they can be picked up by other projects from there as well. */ /* This file is a modified implementation of the PKCS #11 standard by RSA Security Inc. It is mostly a drop-in replacement, with the following change: This header file does not require any macro definitions by the user (like CK_DEFINE_FUNCTION etc). In fact, it defines those macros for you (if useful, some are missing, let me know if you need more). There is an additional API available that does comply better to the GNU coding standard. It can be switched on by defining CRYPTOKI_GNU before including this header file. For this, the following changes are made to the specification: All structure types are changed to a "struct ck_foo" where CK_FOO is the type name in PKCS #11. All non-structure types are changed to ck_foo_t where CK_FOO is the lowercase version of the type name in PKCS #11. The basic types (CK_ULONG et al.) are removed without substitute. All members of structures are modified in the following way: Type indication prefixes are removed, and underscore characters are inserted before words. Then the result is lowercased. Note that function names are still in the original case, as they need for ABI compatibility. CK_FALSE, CK_TRUE and NULL_PTR are removed without substitute. Use . If CRYPTOKI_COMPAT is defined before including this header file, then none of the API changes above take place, and the API is the one defined by the PKCS #11 standard. */ #ifndef PKCS11_H #define PKCS11_H 1 #if defined(__cplusplus) extern "C" { #endif /* The version of cryptoki we implement. The revision is changed with each modification of this file. If you do not use the "official" version of this file, please consider deleting the revision macro (you may use a macro with a different name to keep track of your versions). */ #define CRYPTOKI_VERSION_MAJOR 2 #define CRYPTOKI_VERSION_MINOR 20 #define CRYPTOKI_VERSION_REVISION 6 /* Compatibility interface is default, unless CRYPTOKI_GNU is given. */ #ifndef CRYPTOKI_GNU #ifndef CRYPTOKI_COMPAT #define CRYPTOKI_COMPAT 1 #endif #endif /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) /* There is a matching pop below. */ #pragma pack(push, cryptoki, 1) #ifdef CRYPTOKI_EXPORTS #define CK_SPEC __declspec(dllexport) #else #define CK_SPEC __declspec(dllimport) #endif #else #define CK_SPEC #endif #ifdef CRYPTOKI_COMPAT /* If we are in compatibility mode, switch all exposed names to the PKCS #11 variant. There are corresponding #undefs below. */ #define ck_flags_t CK_FLAGS #define ck_version _CK_VERSION #define ck_info _CK_INFO #define cryptoki_version cryptokiVersion #define manufacturer_id manufacturerID #define library_description libraryDescription #define library_version libraryVersion #define ck_notification_t CK_NOTIFICATION #define ck_slot_id_t CK_SLOT_ID #define ck_slot_info _CK_SLOT_INFO #define slot_description slotDescription #define hardware_version hardwareVersion #define firmware_version firmwareVersion #define ck_token_info _CK_TOKEN_INFO #define serial_number serialNumber #define max_session_count ulMaxSessionCount #define session_count ulSessionCount #define max_rw_session_count ulMaxRwSessionCount #define rw_session_count ulRwSessionCount #define max_pin_len ulMaxPinLen #define min_pin_len ulMinPinLen #define total_public_memory ulTotalPublicMemory #define free_public_memory ulFreePublicMemory #define total_private_memory ulTotalPrivateMemory #define free_private_memory ulFreePrivateMemory #define utc_time utcTime #define ck_session_handle_t CK_SESSION_HANDLE #define ck_user_type_t CK_USER_TYPE #define ck_state_t CK_STATE #define ck_session_info _CK_SESSION_INFO #define slot_id slotID #define device_error ulDeviceError #define ck_object_handle_t CK_OBJECT_HANDLE #define ck_object_class_t CK_OBJECT_CLASS #define ck_hw_feature_type_t CK_HW_FEATURE_TYPE #define ck_key_type_t CK_KEY_TYPE #define ck_certificate_type_t CK_CERTIFICATE_TYPE #define ck_attribute_type_t CK_ATTRIBUTE_TYPE #define ck_attribute _CK_ATTRIBUTE #define value pValue #define value_len ulValueLen #define ck_date _CK_DATE #define ck_mechanism_type_t CK_MECHANISM_TYPE #define ck_mechanism _CK_MECHANISM #define parameter pParameter #define parameter_len ulParameterLen #define ck_mechanism_info _CK_MECHANISM_INFO #define min_key_size ulMinKeySize #define max_key_size ulMaxKeySize #define ck_rv_t CK_RV #define ck_notify_t CK_NOTIFY #define ck_function_list _CK_FUNCTION_LIST #define ck_createmutex_t CK_CREATEMUTEX #define ck_destroymutex_t CK_DESTROYMUTEX #define ck_lockmutex_t CK_LOCKMUTEX #define ck_unlockmutex_t CK_UNLOCKMUTEX #define ck_c_initialize_args _CK_C_INITIALIZE_ARGS #define create_mutex CreateMutex #define destroy_mutex DestroyMutex #define lock_mutex LockMutex #define unlock_mutex UnlockMutex #define reserved pReserved #endif /* CRYPTOKI_COMPAT */ typedef unsigned long ck_flags_t; struct ck_version { unsigned char major; unsigned char minor; }; struct ck_info { struct ck_version cryptoki_version; unsigned char manufacturer_id[32]; ck_flags_t flags; unsigned char library_description[32]; struct ck_version library_version; }; typedef unsigned long ck_notification_t; #define CKN_SURRENDER (0) typedef unsigned long ck_slot_id_t; struct ck_slot_info { unsigned char slot_description[64]; unsigned char manufacturer_id[32]; ck_flags_t flags; struct ck_version hardware_version; struct ck_version firmware_version; }; #define CKF_TOKEN_PRESENT (1 << 0) #define CKF_REMOVABLE_DEVICE (1 << 1) #define CKF_HW_SLOT (1 << 2) #define CKF_ARRAY_ATTRIBUTE (1 << 30) struct ck_token_info { unsigned char label[32]; unsigned char manufacturer_id[32]; unsigned char model[16]; unsigned char serial_number[16]; ck_flags_t flags; unsigned long max_session_count; unsigned long session_count; unsigned long max_rw_session_count; unsigned long rw_session_count; unsigned long max_pin_len; unsigned long min_pin_len; unsigned long total_public_memory; unsigned long free_public_memory; unsigned long total_private_memory; unsigned long free_private_memory; struct ck_version hardware_version; struct ck_version firmware_version; unsigned char utc_time[16]; }; #define CKF_RNG (1 << 0) #define CKF_WRITE_PROTECTED (1 << 1) #define CKF_LOGIN_REQUIRED (1 << 2) #define CKF_USER_PIN_INITIALIZED (1 << 3) #define CKF_RESTORE_KEY_NOT_NEEDED (1 << 5) #define CKF_CLOCK_ON_TOKEN (1 << 6) #define CKF_PROTECTED_AUTHENTICATION_PATH (1 << 8) #define CKF_DUAL_CRYPTO_OPERATIONS (1 << 9) #define CKF_TOKEN_INITIALIZED (1 << 10) #define CKF_SECONDARY_AUTHENTICATION (1 << 11) #define CKF_USER_PIN_COUNT_LOW (1 << 16) #define CKF_USER_PIN_FINAL_TRY (1 << 17) #define CKF_USER_PIN_LOCKED (1 << 18) #define CKF_USER_PIN_TO_BE_CHANGED (1 << 19) #define CKF_SO_PIN_COUNT_LOW (1 << 20) #define CKF_SO_PIN_FINAL_TRY (1 << 21) #define CKF_SO_PIN_LOCKED (1 << 22) #define CKF_SO_PIN_TO_BE_CHANGED (1 << 23) #define CK_UNAVAILABLE_INFORMATION ((unsigned long) -1) #define CK_EFFECTIVELY_INFINITE (0) typedef unsigned long ck_session_handle_t; #define CK_INVALID_HANDLE (0) typedef unsigned long ck_user_type_t; #define CKU_SO (0) #define CKU_USER (1) #define CKU_CONTEXT_SPECIFIC (2) typedef unsigned long ck_state_t; #define CKS_RO_PUBLIC_SESSION (0) #define CKS_RO_USER_FUNCTIONS (1) #define CKS_RW_PUBLIC_SESSION (2) #define CKS_RW_USER_FUNCTIONS (3) #define CKS_RW_SO_FUNCTIONS (4) struct ck_session_info { ck_slot_id_t slot_id; ck_state_t state; ck_flags_t flags; unsigned long device_error; }; #define CKF_RW_SESSION (1 << 1) #define CKF_SERIAL_SESSION (1 << 2) typedef unsigned long ck_object_handle_t; typedef unsigned long ck_object_class_t; #define CKO_DATA (0) #define CKO_CERTIFICATE (1) #define CKO_PUBLIC_KEY (2) #define CKO_PRIVATE_KEY (3) #define CKO_SECRET_KEY (4) #define CKO_HW_FEATURE (5) #define CKO_DOMAIN_PARAMETERS (6) #define CKO_MECHANISM (7) #define CKO_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_hw_feature_type_t; #define CKH_MONOTONIC_COUNTER (1) #define CKH_CLOCK (2) #define CKH_USER_INTERFACE (3) #define CKH_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_key_type_t; #define CKK_RSA (0) #define CKK_DSA (1) #define CKK_DH (2) #define CKK_ECDSA (3) #define CKK_EC (3) #define CKK_X9_42_DH (4) #define CKK_KEA (5) #define CKK_GENERIC_SECRET (0x10) #define CKK_RC2 (0x11) #define CKK_RC4 (0x12) #define CKK_DES (0x13) #define CKK_DES2 (0x14) #define CKK_DES3 (0x15) #define CKK_CAST (0x16) #define CKK_CAST3 (0x17) #define CKK_CAST128 (0x18) #define CKK_RC5 (0x19) #define CKK_IDEA (0x1a) #define CKK_SKIPJACK (0x1b) #define CKK_BATON (0x1c) #define CKK_JUNIPER (0x1d) #define CKK_CDMF (0x1e) #define CKK_AES (0x1f) #define CKK_BLOWFISH (0x20) #define CKK_TWOFISH (0x21) #define CKK_GOSTR3410 (0x30) /* From PKCS#11 v2.30 - draft 7 */ #define CKK_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_certificate_type_t; #define CKC_X_509 (0) #define CKC_X_509_ATTR_CERT (1) #define CKC_WTLS (2) #define CKC_VENDOR_DEFINED ((unsigned long) (1 << 31)) typedef unsigned long ck_attribute_type_t; #define CKA_CLASS (0) #define CKA_TOKEN (1) #define CKA_PRIVATE (2) #define CKA_LABEL (3) #define CKA_APPLICATION (0x10) #define CKA_VALUE (0x11) #define CKA_OBJECT_ID (0x12) #define CKA_CERTIFICATE_TYPE (0x80) #define CKA_ISSUER (0x81) #define CKA_SERIAL_NUMBER (0x82) #define CKA_AC_ISSUER (0x83) #define CKA_OWNER (0x84) #define CKA_ATTR_TYPES (0x85) #define CKA_TRUSTED (0x86) #define CKA_CERTIFICATE_CATEGORY (0x87) #define CKA_JAVA_MIDP_SECURITY_DOMAIN (0x88) #define CKA_URL (0x89) #define CKA_HASH_OF_SUBJECT_PUBLIC_KEY (0x8a) #define CKA_HASH_OF_ISSUER_PUBLIC_KEY (0x8b) #define CKA_CHECK_VALUE (0x90) #define CKA_KEY_TYPE (0x100) #define CKA_SUBJECT (0x101) #define CKA_ID (0x102) #define CKA_SENSITIVE (0x103) #define CKA_ENCRYPT (0x104) #define CKA_DECRYPT (0x105) #define CKA_WRAP (0x106) #define CKA_UNWRAP (0x107) #define CKA_SIGN (0x108) #define CKA_SIGN_RECOVER (0x109) #define CKA_VERIFY (0x10a) #define CKA_VERIFY_RECOVER (0x10b) #define CKA_DERIVE (0x10c) #define CKA_START_DATE (0x110) #define CKA_END_DATE (0x111) #define CKA_MODULUS (0x120) #define CKA_MODULUS_BITS (0x121) #define CKA_PUBLIC_EXPONENT (0x122) #define CKA_PRIVATE_EXPONENT (0x123) #define CKA_PRIME_1 (0x124) #define CKA_PRIME_2 (0x125) #define CKA_EXPONENT_1 (0x126) #define CKA_EXPONENT_2 (0x127) #define CKA_COEFFICIENT (0x128) #define CKA_PRIME (0x130) #define CKA_SUBPRIME (0x131) #define CKA_BASE (0x132) #define CKA_PRIME_BITS (0x133) #define CKA_SUB_PRIME_BITS (0x134) #define CKA_VALUE_BITS (0x160) #define CKA_VALUE_LEN (0x161) #define CKA_EXTRACTABLE (0x162) #define CKA_LOCAL (0x163) #define CKA_NEVER_EXTRACTABLE (0x164) #define CKA_ALWAYS_SENSITIVE (0x165) #define CKA_KEY_GEN_MECHANISM (0x166) #define CKA_MODIFIABLE (0x170) #define CKA_ECDSA_PARAMS (0x180) #define CKA_EC_PARAMS (0x180) #define CKA_EC_POINT (0x181) #define CKA_SECONDARY_AUTH (0x200) #define CKA_AUTH_PIN_FLAGS (0x201) #define CKA_ALWAYS_AUTHENTICATE (0x202) #define CKA_WRAP_WITH_TRUSTED (0x210) #define CKA_GOSTR3410PARAMS (0x250) /* From PKCS#11 v2.30 - draft 7 */ #define CKA_GOSTR3411PARAMS (0x251) /* From PKCS#11 v2.30 - draft 7 */ #define CKA_HW_FEATURE_TYPE (0x300) #define CKA_RESET_ON_INIT (0x301) #define CKA_HAS_RESET (0x302) #define CKA_PIXEL_X (0x400) #define CKA_PIXEL_Y (0x401) #define CKA_RESOLUTION (0x402) #define CKA_CHAR_ROWS (0x403) #define CKA_CHAR_COLUMNS (0x404) #define CKA_COLOR (0x405) #define CKA_BITS_PER_PIXEL (0x406) #define CKA_CHAR_SETS (0x480) #define CKA_ENCODING_METHODS (0x481) #define CKA_MIME_TYPES (0x482) #define CKA_MECHANISM_TYPE (0x500) #define CKA_REQUIRED_CMS_ATTRIBUTES (0x501) #define CKA_DEFAULT_CMS_ATTRIBUTES (0x502) #define CKA_SUPPORTED_CMS_ATTRIBUTES (0x503) #define CKA_WRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x211) #define CKA_UNWRAP_TEMPLATE (CKF_ARRAY_ATTRIBUTE | 0x212) #define CKA_ALLOWED_MECHANISMS (CKF_ARRAY_ATTRIBUTE | 0x600) #define CKA_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_attribute { ck_attribute_type_t type; void *value; unsigned long value_len; }; struct ck_date { unsigned char year[4]; unsigned char month[2]; unsigned char day[2]; }; typedef unsigned long ck_mechanism_type_t; #define CKM_RSA_PKCS_KEY_PAIR_GEN (0) #define CKM_RSA_PKCS (1) #define CKM_RSA_9796 (2) #define CKM_RSA_X_509 (3) #define CKM_MD2_RSA_PKCS (4) #define CKM_MD5_RSA_PKCS (5) #define CKM_SHA1_RSA_PKCS (6) #define CKM_RIPEMD128_RSA_PKCS (7) #define CKM_RIPEMD160_RSA_PKCS (8) #define CKM_RSA_PKCS_OAEP (9) #define CKM_RSA_X9_31_KEY_PAIR_GEN (0xa) #define CKM_RSA_X9_31 (0xb) #define CKM_SHA1_RSA_X9_31 (0xc) #define CKM_RSA_PKCS_PSS (0xd) #define CKM_SHA1_RSA_PKCS_PSS (0xe) #define CKM_DSA_KEY_PAIR_GEN (0x10) #define CKM_DSA (0x11) #define CKM_DSA_SHA1 (0x12) #define CKM_DH_PKCS_KEY_PAIR_GEN (0x20) #define CKM_DH_PKCS_DERIVE (0x21) #define CKM_X9_42_DH_KEY_PAIR_GEN (0x30) #define CKM_X9_42_DH_DERIVE (0x31) #define CKM_X9_42_DH_HYBRID_DERIVE (0x32) #define CKM_X9_42_MQV_DERIVE (0x33) #define CKM_SHA256_RSA_PKCS (0x40) #define CKM_SHA384_RSA_PKCS (0x41) #define CKM_SHA512_RSA_PKCS (0x42) #define CKM_SHA256_RSA_PKCS_PSS (0x43) #define CKM_SHA384_RSA_PKCS_PSS (0x44) #define CKM_SHA512_RSA_PKCS_PSS (0x45) #define CKM_RC2_KEY_GEN (0x100) #define CKM_RC2_ECB (0x101) #define CKM_RC2_CBC (0x102) #define CKM_RC2_MAC (0x103) #define CKM_RC2_MAC_GENERAL (0x104) #define CKM_RC2_CBC_PAD (0x105) #define CKM_RC4_KEY_GEN (0x110) #define CKM_RC4 (0x111) #define CKM_DES_KEY_GEN (0x120) #define CKM_DES_ECB (0x121) #define CKM_DES_CBC (0x122) #define CKM_DES_MAC (0x123) #define CKM_DES_MAC_GENERAL (0x124) #define CKM_DES_CBC_PAD (0x125) #define CKM_DES2_KEY_GEN (0x130) #define CKM_DES3_KEY_GEN (0x131) #define CKM_DES3_ECB (0x132) #define CKM_DES3_CBC (0x133) #define CKM_DES3_MAC (0x134) #define CKM_DES3_MAC_GENERAL (0x135) #define CKM_DES3_CBC_PAD (0x136) #define CKM_CDMF_KEY_GEN (0x140) #define CKM_CDMF_ECB (0x141) #define CKM_CDMF_CBC (0x142) #define CKM_CDMF_MAC (0x143) #define CKM_CDMF_MAC_GENERAL (0x144) #define CKM_CDMF_CBC_PAD (0x145) #define CKM_MD2 (0x200) #define CKM_MD2_HMAC (0x201) #define CKM_MD2_HMAC_GENERAL (0x202) #define CKM_MD5 (0x210) #define CKM_MD5_HMAC (0x211) #define CKM_MD5_HMAC_GENERAL (0x212) #define CKM_SHA_1 (0x220) #define CKM_SHA_1_HMAC (0x221) #define CKM_SHA_1_HMAC_GENERAL (0x222) #define CKM_RIPEMD128 (0x230) #define CKM_RIPEMD128_HMAC (0x231) #define CKM_RIPEMD128_HMAC_GENERAL (0x232) #define CKM_RIPEMD160 (0x240) #define CKM_RIPEMD160_HMAC (0x241) #define CKM_RIPEMD160_HMAC_GENERAL (0x242) #define CKM_SHA256 (0x250) #define CKM_SHA256_HMAC (0x251) #define CKM_SHA256_HMAC_GENERAL (0x252) #define CKM_SHA384 (0x260) #define CKM_SHA384_HMAC (0x261) #define CKM_SHA384_HMAC_GENERAL (0x262) #define CKM_SHA512 (0x270) #define CKM_SHA512_HMAC (0x271) #define CKM_SHA512_HMAC_GENERAL (0x272) #define CKM_CAST_KEY_GEN (0x300) #define CKM_CAST_ECB (0x301) #define CKM_CAST_CBC (0x302) #define CKM_CAST_MAC (0x303) #define CKM_CAST_MAC_GENERAL (0x304) #define CKM_CAST_CBC_PAD (0x305) #define CKM_CAST3_KEY_GEN (0x310) #define CKM_CAST3_ECB (0x311) #define CKM_CAST3_CBC (0x312) #define CKM_CAST3_MAC (0x313) #define CKM_CAST3_MAC_GENERAL (0x314) #define CKM_CAST3_CBC_PAD (0x315) #define CKM_CAST5_KEY_GEN (0x320) #define CKM_CAST128_KEY_GEN (0x320) #define CKM_CAST5_ECB (0x321) #define CKM_CAST128_ECB (0x321) #define CKM_CAST5_CBC (0x322) #define CKM_CAST128_CBC (0x322) #define CKM_CAST5_MAC (0x323) #define CKM_CAST128_MAC (0x323) #define CKM_CAST5_MAC_GENERAL (0x324) #define CKM_CAST128_MAC_GENERAL (0x324) #define CKM_CAST5_CBC_PAD (0x325) #define CKM_CAST128_CBC_PAD (0x325) #define CKM_RC5_KEY_GEN (0x330) #define CKM_RC5_ECB (0x331) #define CKM_RC5_CBC (0x332) #define CKM_RC5_MAC (0x333) #define CKM_RC5_MAC_GENERAL (0x334) #define CKM_RC5_CBC_PAD (0x335) #define CKM_IDEA_KEY_GEN (0x340) #define CKM_IDEA_ECB (0x341) #define CKM_IDEA_CBC (0x342) #define CKM_IDEA_MAC (0x343) #define CKM_IDEA_MAC_GENERAL (0x344) #define CKM_IDEA_CBC_PAD (0x345) #define CKM_GENERIC_SECRET_KEY_GEN (0x350) #define CKM_CONCATENATE_BASE_AND_KEY (0x360) #define CKM_CONCATENATE_BASE_AND_DATA (0x362) #define CKM_CONCATENATE_DATA_AND_BASE (0x363) #define CKM_XOR_BASE_AND_DATA (0x364) #define CKM_EXTRACT_KEY_FROM_KEY (0x365) #define CKM_SSL3_PRE_MASTER_KEY_GEN (0x370) #define CKM_SSL3_MASTER_KEY_DERIVE (0x371) #define CKM_SSL3_KEY_AND_MAC_DERIVE (0x372) #define CKM_SSL3_MASTER_KEY_DERIVE_DH (0x373) #define CKM_TLS_PRE_MASTER_KEY_GEN (0x374) #define CKM_TLS_MASTER_KEY_DERIVE (0x375) #define CKM_TLS_KEY_AND_MAC_DERIVE (0x376) #define CKM_TLS_MASTER_KEY_DERIVE_DH (0x377) #define CKM_SSL3_MD5_MAC (0x380) #define CKM_SSL3_SHA1_MAC (0x381) #define CKM_MD5_KEY_DERIVATION (0x390) #define CKM_MD2_KEY_DERIVATION (0x391) #define CKM_SHA1_KEY_DERIVATION (0x392) #define CKM_PBE_MD2_DES_CBC (0x3a0) #define CKM_PBE_MD5_DES_CBC (0x3a1) #define CKM_PBE_MD5_CAST_CBC (0x3a2) #define CKM_PBE_MD5_CAST3_CBC (0x3a3) #define CKM_PBE_MD5_CAST5_CBC (0x3a4) #define CKM_PBE_MD5_CAST128_CBC (0x3a4) #define CKM_PBE_SHA1_CAST5_CBC (0x3a5) #define CKM_PBE_SHA1_CAST128_CBC (0x3a5) #define CKM_PBE_SHA1_RC4_128 (0x3a6) #define CKM_PBE_SHA1_RC4_40 (0x3a7) #define CKM_PBE_SHA1_DES3_EDE_CBC (0x3a8) #define CKM_PBE_SHA1_DES2_EDE_CBC (0x3a9) #define CKM_PBE_SHA1_RC2_128_CBC (0x3aa) #define CKM_PBE_SHA1_RC2_40_CBC (0x3ab) #define CKM_PKCS5_PBKD2 (0x3b0) #define CKM_PBA_SHA1_WITH_SHA1_HMAC (0x3c0) #define CKM_KEY_WRAP_LYNKS (0x400) #define CKM_KEY_WRAP_SET_OAEP (0x401) #define CKM_SKIPJACK_KEY_GEN (0x1000) #define CKM_SKIPJACK_ECB64 (0x1001) #define CKM_SKIPJACK_CBC64 (0x1002) #define CKM_SKIPJACK_OFB64 (0x1003) #define CKM_SKIPJACK_CFB64 (0x1004) #define CKM_SKIPJACK_CFB32 (0x1005) #define CKM_SKIPJACK_CFB16 (0x1006) #define CKM_SKIPJACK_CFB8 (0x1007) #define CKM_SKIPJACK_WRAP (0x1008) #define CKM_SKIPJACK_PRIVATE_WRAP (0x1009) #define CKM_SKIPJACK_RELAYX (0x100a) #define CKM_KEA_KEY_PAIR_GEN (0x1010) #define CKM_KEA_KEY_DERIVE (0x1011) #define CKM_FORTEZZA_TIMESTAMP (0x1020) #define CKM_BATON_KEY_GEN (0x1030) #define CKM_BATON_ECB128 (0x1031) #define CKM_BATON_ECB96 (0x1032) #define CKM_BATON_CBC128 (0x1033) #define CKM_BATON_COUNTER (0x1034) #define CKM_BATON_SHUFFLE (0x1035) #define CKM_BATON_WRAP (0x1036) #define CKM_ECDSA_KEY_PAIR_GEN (0x1040) #define CKM_EC_KEY_PAIR_GEN (0x1040) #define CKM_ECDSA (0x1041) #define CKM_ECDSA_SHA1 (0x1042) #define CKM_ECDH1_DERIVE (0x1050) #define CKM_ECDH1_COFACTOR_DERIVE (0x1051) #define CKM_ECMQV_DERIVE (0x1052) #define CKM_JUNIPER_KEY_GEN (0x1060) #define CKM_JUNIPER_ECB128 (0x1061) #define CKM_JUNIPER_CBC128 (0x1062) #define CKM_JUNIPER_COUNTER (0x1063) #define CKM_JUNIPER_SHUFFLE (0x1064) #define CKM_JUNIPER_WRAP (0x1065) #define CKM_FASTHASH (0x1070) #define CKM_AES_KEY_GEN (0x1080) #define CKM_AES_ECB (0x1081) #define CKM_AES_CBC (0x1082) #define CKM_AES_MAC (0x1083) #define CKM_AES_MAC_GENERAL (0x1084) #define CKM_AES_CBC_PAD (0x1085) #define CKM_GOSTR3410_KEY_PAIR_GEN (0x1200) /* From PKCS#11 v2.30 - draft 7 */ #define CKM_GOSTR3410 (0x1201) /* From PKCS#11 v2.30 - draft 7 */ #define CKM_GOSTR3410_WITH_GOSTR3411 (0x1202) /* From PKCS#11 v2.30 - draft 7 */ #define CKM_GOSTR3411 (0x1210) /* From PKCS#11 v2.30 - draft 7 */ #define CKM_DSA_PARAMETER_GEN (0x2000) #define CKM_DH_PKCS_PARAMETER_GEN (0x2001) #define CKM_X9_42_DH_PARAMETER_GEN (0x2002) #define CKM_VENDOR_DEFINED ((unsigned long) (1 << 31)) struct ck_mechanism { ck_mechanism_type_t mechanism; void *parameter; unsigned long parameter_len; }; struct ck_mechanism_info { unsigned long min_key_size; unsigned long max_key_size; ck_flags_t flags; }; #define CKF_HW (1 << 0) #define CKF_ENCRYPT (1 << 8) #define CKF_DECRYPT (1 << 9) #define CKF_DIGEST (1 << 10) #define CKF_SIGN (1 << 11) #define CKF_SIGN_RECOVER (1 << 12) #define CKF_VERIFY (1 << 13) #define CKF_VERIFY_RECOVER (1 << 14) #define CKF_GENERATE (1 << 15) #define CKF_GENERATE_KEY_PAIR (1 << 16) #define CKF_WRAP (1 << 17) #define CKF_UNWRAP (1 << 18) #define CKF_DERIVE (1 << 19) #define CKF_EXTENSION ((unsigned long) (1 << 31)) /* Flags for C_WaitForSlotEvent. */ #define CKF_DONT_BLOCK (1) typedef unsigned long ck_rv_t; typedef ck_rv_t (*ck_notify_t) (ck_session_handle_t session, ck_notification_t event, void *application); /* Forward reference. */ struct ck_function_list; #define _CK_DECLARE_FUNCTION(name, args) \ typedef ck_rv_t (*CK_ ## name) args; \ ck_rv_t CK_SPEC name args _CK_DECLARE_FUNCTION (C_Initialize, (void *init_args)); _CK_DECLARE_FUNCTION (C_Finalize, (void *reserved)); _CK_DECLARE_FUNCTION (C_GetInfo, (struct ck_info *info)); _CK_DECLARE_FUNCTION (C_GetFunctionList, (struct ck_function_list **function_list)); _CK_DECLARE_FUNCTION (C_GetSlotList, (unsigned char token_present, ck_slot_id_t *slot_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetSlotInfo, (ck_slot_id_t slot_id, struct ck_slot_info *info)); _CK_DECLARE_FUNCTION (C_GetTokenInfo, (ck_slot_id_t slot_id, struct ck_token_info *info)); _CK_DECLARE_FUNCTION (C_WaitForSlotEvent, (ck_flags_t flags, ck_slot_id_t *slot, void *reserved)); _CK_DECLARE_FUNCTION (C_GetMechanismList, (ck_slot_id_t slot_id, ck_mechanism_type_t *mechanism_list, unsigned long *count)); _CK_DECLARE_FUNCTION (C_GetMechanismInfo, (ck_slot_id_t slot_id, ck_mechanism_type_t type, struct ck_mechanism_info *info)); _CK_DECLARE_FUNCTION (C_InitToken, (ck_slot_id_t slot_id, unsigned char *pin, unsigned long pin_len, unsigned char *label)); _CK_DECLARE_FUNCTION (C_InitPIN, (ck_session_handle_t session, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_SetPIN, (ck_session_handle_t session, unsigned char *old_pin, unsigned long old_len, unsigned char *new_pin, unsigned long new_len)); _CK_DECLARE_FUNCTION (C_OpenSession, (ck_slot_id_t slot_id, ck_flags_t flags, void *application, ck_notify_t notify, ck_session_handle_t *session)); _CK_DECLARE_FUNCTION (C_CloseSession, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CloseAllSessions, (ck_slot_id_t slot_id)); _CK_DECLARE_FUNCTION (C_GetSessionInfo, (ck_session_handle_t session, struct ck_session_info *info)); _CK_DECLARE_FUNCTION (C_GetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long *operation_state_len)); _CK_DECLARE_FUNCTION (C_SetOperationState, (ck_session_handle_t session, unsigned char *operation_state, unsigned long operation_state_len, ck_object_handle_t encryption_key, ck_object_handle_t authentiation_key)); _CK_DECLARE_FUNCTION (C_Login, (ck_session_handle_t session, ck_user_type_t user_type, unsigned char *pin, unsigned long pin_len)); _CK_DECLARE_FUNCTION (C_Logout, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CreateObject, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *object)); _CK_DECLARE_FUNCTION (C_CopyObject, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *new_object)); _CK_DECLARE_FUNCTION (C_DestroyObject, (ck_session_handle_t session, ck_object_handle_t object)); _CK_DECLARE_FUNCTION (C_GetObjectSize, (ck_session_handle_t session, ck_object_handle_t object, unsigned long *size)); _CK_DECLARE_FUNCTION (C_GetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_SetAttributeValue, (ck_session_handle_t session, ck_object_handle_t object, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjectsInit, (ck_session_handle_t session, struct ck_attribute *templ, unsigned long count)); _CK_DECLARE_FUNCTION (C_FindObjects, (ck_session_handle_t session, ck_object_handle_t *object, unsigned long max_object_count, unsigned long *object_count)); _CK_DECLARE_FUNCTION (C_FindObjectsFinal, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_EncryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Encrypt, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *encrypted_data, unsigned long *encrypted_data_len)); _CK_DECLARE_FUNCTION (C_EncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_EncryptFinal, (ck_session_handle_t session, unsigned char *last_encrypted_part, unsigned long *last_encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Decrypt, (ck_session_handle_t session, unsigned char *encrypted_data, unsigned long encrypted_data_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DecryptUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_DecryptFinal, (ck_session_handle_t session, unsigned char *last_part, unsigned long *last_part_len)); _CK_DECLARE_FUNCTION (C_DigestInit, (ck_session_handle_t session, struct ck_mechanism *mechanism)); _CK_DECLARE_FUNCTION (C_Digest, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_DigestUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_DigestKey, (ck_session_handle_t session, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_DigestFinal, (ck_session_handle_t session, unsigned char *digest, unsigned long *digest_len)); _CK_DECLARE_FUNCTION (C_SignInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Sign, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_SignFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_SignRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_SignRecover, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long *signature_len)); _CK_DECLARE_FUNCTION (C_VerifyInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_Verify, (ck_session_handle_t session, unsigned char *data, unsigned long data_len, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len)); _CK_DECLARE_FUNCTION (C_VerifyFinal, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len)); _CK_DECLARE_FUNCTION (C_VerifyRecoverInit, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t key)); _CK_DECLARE_FUNCTION (C_VerifyRecover, (ck_session_handle_t session, unsigned char *signature, unsigned long signature_len, unsigned char *data, unsigned long *data_len)); _CK_DECLARE_FUNCTION (C_DigestEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptDigestUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_SignEncryptUpdate, (ck_session_handle_t session, unsigned char *part, unsigned long part_len, unsigned char *encrypted_part, unsigned long *encrypted_part_len)); _CK_DECLARE_FUNCTION (C_DecryptVerifyUpdate, (ck_session_handle_t session, unsigned char *encrypted_part, unsigned long encrypted_part_len, unsigned char *part, unsigned long *part_len)); _CK_DECLARE_FUNCTION (C_GenerateKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *templ, unsigned long count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_GenerateKeyPair, (ck_session_handle_t session, struct ck_mechanism *mechanism, struct ck_attribute *public_key_template, unsigned long public_key_attribute_count, struct ck_attribute *private_key_template, unsigned long private_key_attribute_count, ck_object_handle_t *public_key, ck_object_handle_t *private_key)); _CK_DECLARE_FUNCTION (C_WrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t wrapping_key, ck_object_handle_t key, unsigned char *wrapped_key, unsigned long *wrapped_key_len)); _CK_DECLARE_FUNCTION (C_UnwrapKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t unwrapping_key, unsigned char *wrapped_key, unsigned long wrapped_key_len, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_DeriveKey, (ck_session_handle_t session, struct ck_mechanism *mechanism, ck_object_handle_t base_key, struct ck_attribute *templ, unsigned long attribute_count, ck_object_handle_t *key)); _CK_DECLARE_FUNCTION (C_SeedRandom, (ck_session_handle_t session, unsigned char *seed, unsigned long seed_len)); _CK_DECLARE_FUNCTION (C_GenerateRandom, (ck_session_handle_t session, unsigned char *random_data, unsigned long random_len)); _CK_DECLARE_FUNCTION (C_GetFunctionStatus, (ck_session_handle_t session)); _CK_DECLARE_FUNCTION (C_CancelFunction, (ck_session_handle_t session)); struct ck_function_list { struct ck_version version; CK_C_Initialize C_Initialize; CK_C_Finalize C_Finalize; CK_C_GetInfo C_GetInfo; CK_C_GetFunctionList C_GetFunctionList; CK_C_GetSlotList C_GetSlotList; CK_C_GetSlotInfo C_GetSlotInfo; CK_C_GetTokenInfo C_GetTokenInfo; CK_C_GetMechanismList C_GetMechanismList; CK_C_GetMechanismInfo C_GetMechanismInfo; CK_C_InitToken C_InitToken; CK_C_InitPIN C_InitPIN; CK_C_SetPIN C_SetPIN; CK_C_OpenSession C_OpenSession; CK_C_CloseSession C_CloseSession; CK_C_CloseAllSessions C_CloseAllSessions; CK_C_GetSessionInfo C_GetSessionInfo; CK_C_GetOperationState C_GetOperationState; CK_C_SetOperationState C_SetOperationState; CK_C_Login C_Login; CK_C_Logout C_Logout; CK_C_CreateObject C_CreateObject; CK_C_CopyObject C_CopyObject; CK_C_DestroyObject C_DestroyObject; CK_C_GetObjectSize C_GetObjectSize; CK_C_GetAttributeValue C_GetAttributeValue; CK_C_SetAttributeValue C_SetAttributeValue; CK_C_FindObjectsInit C_FindObjectsInit; CK_C_FindObjects C_FindObjects; CK_C_FindObjectsFinal C_FindObjectsFinal; CK_C_EncryptInit C_EncryptInit; CK_C_Encrypt C_Encrypt; CK_C_EncryptUpdate C_EncryptUpdate; CK_C_EncryptFinal C_EncryptFinal; CK_C_DecryptInit C_DecryptInit; CK_C_Decrypt C_Decrypt; CK_C_DecryptUpdate C_DecryptUpdate; CK_C_DecryptFinal C_DecryptFinal; CK_C_DigestInit C_DigestInit; CK_C_Digest C_Digest; CK_C_DigestUpdate C_DigestUpdate; CK_C_DigestKey C_DigestKey; CK_C_DigestFinal C_DigestFinal; CK_C_SignInit C_SignInit; CK_C_Sign C_Sign; CK_C_SignUpdate C_SignUpdate; CK_C_SignFinal C_SignFinal; CK_C_SignRecoverInit C_SignRecoverInit; CK_C_SignRecover C_SignRecover; CK_C_VerifyInit C_VerifyInit; CK_C_Verify C_Verify; CK_C_VerifyUpdate C_VerifyUpdate; CK_C_VerifyFinal C_VerifyFinal; CK_C_VerifyRecoverInit C_VerifyRecoverInit; CK_C_VerifyRecover C_VerifyRecover; CK_C_DigestEncryptUpdate C_DigestEncryptUpdate; CK_C_DecryptDigestUpdate C_DecryptDigestUpdate; CK_C_SignEncryptUpdate C_SignEncryptUpdate; CK_C_DecryptVerifyUpdate C_DecryptVerifyUpdate; CK_C_GenerateKey C_GenerateKey; CK_C_GenerateKeyPair C_GenerateKeyPair; CK_C_WrapKey C_WrapKey; CK_C_UnwrapKey C_UnwrapKey; CK_C_DeriveKey C_DeriveKey; CK_C_SeedRandom C_SeedRandom; CK_C_GenerateRandom C_GenerateRandom; CK_C_GetFunctionStatus C_GetFunctionStatus; CK_C_CancelFunction C_CancelFunction; CK_C_WaitForSlotEvent C_WaitForSlotEvent; }; typedef ck_rv_t (*ck_createmutex_t) (void **mutex); typedef ck_rv_t (*ck_destroymutex_t) (void *mutex); typedef ck_rv_t (*ck_lockmutex_t) (void *mutex); typedef ck_rv_t (*ck_unlockmutex_t) (void *mutex); struct ck_c_initialize_args { ck_createmutex_t create_mutex; ck_destroymutex_t destroy_mutex; ck_lockmutex_t lock_mutex; ck_unlockmutex_t unlock_mutex; ck_flags_t flags; void *reserved; }; #define CKF_LIBRARY_CANT_CREATE_OS_THREADS (1 << 0) #define CKF_OS_LOCKING_OK (1 << 1) #define CKR_OK (0) #define CKR_CANCEL (1) #define CKR_HOST_MEMORY (2) #define CKR_SLOT_ID_INVALID (3) #define CKR_GENERAL_ERROR (5) #define CKR_FUNCTION_FAILED (6) #define CKR_ARGUMENTS_BAD (7) #define CKR_NO_EVENT (8) #define CKR_NEED_TO_CREATE_THREADS (9) #define CKR_CANT_LOCK (0xa) #define CKR_ATTRIBUTE_READ_ONLY (0x10) #define CKR_ATTRIBUTE_SENSITIVE (0x11) #define CKR_ATTRIBUTE_TYPE_INVALID (0x12) #define CKR_ATTRIBUTE_VALUE_INVALID (0x13) #define CKR_DATA_INVALID (0x20) #define CKR_DATA_LEN_RANGE (0x21) #define CKR_DEVICE_ERROR (0x30) #define CKR_DEVICE_MEMORY (0x31) #define CKR_DEVICE_REMOVED (0x32) #define CKR_ENCRYPTED_DATA_INVALID (0x40) #define CKR_ENCRYPTED_DATA_LEN_RANGE (0x41) #define CKR_FUNCTION_CANCELED (0x50) #define CKR_FUNCTION_NOT_PARALLEL (0x51) #define CKR_FUNCTION_NOT_SUPPORTED (0x54) #define CKR_KEY_HANDLE_INVALID (0x60) #define CKR_KEY_SIZE_RANGE (0x62) #define CKR_KEY_TYPE_INCONSISTENT (0x63) #define CKR_KEY_NOT_NEEDED (0x64) #define CKR_KEY_CHANGED (0x65) #define CKR_KEY_NEEDED (0x66) #define CKR_KEY_INDIGESTIBLE (0x67) #define CKR_KEY_FUNCTION_NOT_PERMITTED (0x68) #define CKR_KEY_NOT_WRAPPABLE (0x69) #define CKR_KEY_UNEXTRACTABLE (0x6a) #define CKR_MECHANISM_INVALID (0x70) #define CKR_MECHANISM_PARAM_INVALID (0x71) #define CKR_OBJECT_HANDLE_INVALID (0x82) #define CKR_OPERATION_ACTIVE (0x90) #define CKR_OPERATION_NOT_INITIALIZED (0x91) #define CKR_PIN_INCORRECT (0xa0) #define CKR_PIN_INVALID (0xa1) #define CKR_PIN_LEN_RANGE (0xa2) #define CKR_PIN_EXPIRED (0xa3) #define CKR_PIN_LOCKED (0xa4) #define CKR_SESSION_CLOSED (0xb0) #define CKR_SESSION_COUNT (0xb1) #define CKR_SESSION_HANDLE_INVALID (0xb3) #define CKR_SESSION_PARALLEL_NOT_SUPPORTED (0xb4) #define CKR_SESSION_READ_ONLY (0xb5) #define CKR_SESSION_EXISTS (0xb6) #define CKR_SESSION_READ_ONLY_EXISTS (0xb7) #define CKR_SESSION_READ_WRITE_SO_EXISTS (0xb8) #define CKR_SIGNATURE_INVALID (0xc0) #define CKR_SIGNATURE_LEN_RANGE (0xc1) #define CKR_TEMPLATE_INCOMPLETE (0xd0) #define CKR_TEMPLATE_INCONSISTENT (0xd1) #define CKR_TOKEN_NOT_PRESENT (0xe0) #define CKR_TOKEN_NOT_RECOGNIZED (0xe1) #define CKR_TOKEN_WRITE_PROTECTED (0xe2) #define CKR_UNWRAPPING_KEY_HANDLE_INVALID (0xf0) #define CKR_UNWRAPPING_KEY_SIZE_RANGE (0xf1) #define CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT (0xf2) #define CKR_USER_ALREADY_LOGGED_IN (0x100) #define CKR_USER_NOT_LOGGED_IN (0x101) #define CKR_USER_PIN_NOT_INITIALIZED (0x102) #define CKR_USER_TYPE_INVALID (0x103) #define CKR_USER_ANOTHER_ALREADY_LOGGED_IN (0x104) #define CKR_USER_TOO_MANY_TYPES (0x105) #define CKR_WRAPPED_KEY_INVALID (0x110) #define CKR_WRAPPED_KEY_LEN_RANGE (0x112) #define CKR_WRAPPING_KEY_HANDLE_INVALID (0x113) #define CKR_WRAPPING_KEY_SIZE_RANGE (0x114) #define CKR_WRAPPING_KEY_TYPE_INCONSISTENT (0x115) #define CKR_RANDOM_SEED_NOT_SUPPORTED (0x120) #define CKR_RANDOM_NO_RNG (0x121) #define CKR_DOMAIN_PARAMS_INVALID (0x130) #define CKR_BUFFER_TOO_SMALL (0x150) #define CKR_SAVED_STATE_INVALID (0x160) #define CKR_INFORMATION_SENSITIVE (0x170) #define CKR_STATE_UNSAVEABLE (0x180) #define CKR_CRYPTOKI_NOT_INITIALIZED (0x190) #define CKR_CRYPTOKI_ALREADY_INITIALIZED (0x191) #define CKR_MUTEX_BAD (0x1a0) #define CKR_MUTEX_NOT_LOCKED (0x1a1) #define CKR_FUNCTION_REJECTED (0x200) #define CKR_VENDOR_DEFINED ((unsigned long) (1 << 31)) /* Compatibility layer. */ #ifdef CRYPTOKI_COMPAT #undef CK_DEFINE_FUNCTION #define CK_DEFINE_FUNCTION(retval, name) retval CK_SPEC name #if defined(__cplusplus) } #endif /* For NULL. */ #include #if defined(__cplusplus) extern "C" { #endif typedef unsigned char CK_BYTE; typedef unsigned char CK_CHAR; typedef unsigned char CK_UTF8CHAR; typedef unsigned char CK_BBOOL; typedef unsigned long int CK_ULONG; typedef long int CK_LONG; typedef CK_BYTE *CK_BYTE_PTR; typedef CK_CHAR *CK_CHAR_PTR; typedef CK_UTF8CHAR *CK_UTF8CHAR_PTR; typedef CK_ULONG *CK_ULONG_PTR; typedef void *CK_VOID_PTR; typedef void **CK_VOID_PTR_PTR; #define CK_FALSE 0 #define CK_TRUE 1 #ifndef CK_DISABLE_TRUE_FALSE #ifndef FALSE #define FALSE 0 #endif #ifndef TRUE #define TRUE 1 #endif #endif typedef struct ck_version CK_VERSION; typedef struct ck_version *CK_VERSION_PTR; typedef struct ck_info CK_INFO; typedef struct ck_info *CK_INFO_PTR; typedef ck_slot_id_t *CK_SLOT_ID_PTR; typedef struct ck_slot_info CK_SLOT_INFO; typedef struct ck_slot_info *CK_SLOT_INFO_PTR; typedef struct ck_token_info CK_TOKEN_INFO; typedef struct ck_token_info *CK_TOKEN_INFO_PTR; typedef ck_session_handle_t *CK_SESSION_HANDLE_PTR; typedef struct ck_session_info CK_SESSION_INFO; typedef struct ck_session_info *CK_SESSION_INFO_PTR; typedef ck_object_handle_t *CK_OBJECT_HANDLE_PTR; typedef ck_object_class_t *CK_OBJECT_CLASS_PTR; typedef struct ck_attribute CK_ATTRIBUTE; typedef struct ck_attribute *CK_ATTRIBUTE_PTR; typedef struct ck_date CK_DATE; typedef struct ck_date *CK_DATE_PTR; typedef ck_mechanism_type_t *CK_MECHANISM_TYPE_PTR; typedef struct ck_mechanism CK_MECHANISM; typedef struct ck_mechanism *CK_MECHANISM_PTR; typedef struct ck_mechanism_info CK_MECHANISM_INFO; typedef struct ck_mechanism_info *CK_MECHANISM_INFO_PTR; typedef struct ck_function_list CK_FUNCTION_LIST; typedef struct ck_function_list *CK_FUNCTION_LIST_PTR; typedef struct ck_function_list **CK_FUNCTION_LIST_PTR_PTR; typedef struct ck_c_initialize_args CK_C_INITIALIZE_ARGS; typedef struct ck_c_initialize_args *CK_C_INITIALIZE_ARGS_PTR; #define NULL_PTR NULL /* Delete the helper macros defined at the top of the file. */ #undef ck_flags_t #undef ck_version #undef ck_info #undef cryptoki_version #undef manufacturer_id #undef library_description #undef library_version #undef ck_notification_t #undef ck_slot_id_t #undef ck_slot_info #undef slot_description #undef hardware_version #undef firmware_version #undef ck_token_info #undef serial_number #undef max_session_count #undef session_count #undef max_rw_session_count #undef rw_session_count #undef max_pin_len #undef min_pin_len #undef total_public_memory #undef free_public_memory #undef total_private_memory #undef free_private_memory #undef utc_time #undef ck_session_handle_t #undef ck_user_type_t #undef ck_state_t #undef ck_session_info #undef slot_id #undef device_error #undef ck_object_handle_t #undef ck_object_class_t #undef ck_hw_feature_type_t #undef ck_key_type_t #undef ck_certificate_type_t #undef ck_attribute_type_t #undef ck_attribute #undef value #undef value_len #undef ck_date #undef ck_mechanism_type_t #undef ck_mechanism #undef parameter #undef parameter_len #undef ck_mechanism_info #undef min_key_size #undef max_key_size #undef ck_rv_t #undef ck_notify_t #undef ck_function_list #undef ck_createmutex_t #undef ck_destroymutex_t #undef ck_lockmutex_t #undef ck_unlockmutex_t #undef ck_c_initialize_args #undef create_mutex #undef destroy_mutex #undef lock_mutex #undef unlock_mutex #undef reserved #endif /* CRYPTOKI_COMPAT */ /* System dependencies. */ #if defined(_WIN32) || defined(CRYPTOKI_FORCE_WIN32) #pragma pack(pop, cryptoki) #endif #if defined(__cplusplus) } #endif #endif /* PKCS11_H */ opendnssec-2.1.5/libhsm/src/lib/pin.c0000644000202300020240000003204713560310771014344 00000000000000/* * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include "libhsm.h" /*! Global (initial) context */ extern hsm_ctx_t *_hsm_ctx; /* Function from libhsm.c */ void hsm_ctx_set_error(hsm_ctx_t *ctx, int error, const char *action, const char *message, ...); /* Constants */ #define SHM_KEY (key_t)0x0d50d5ec #define SEM_KEY (key_t)0x0d50d5ec #define SHM_PERM S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP #define SEM_PERM S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP #ifndef HAVE_UNION_SEMUN /* From man page for semctl */ union semun { int val; /* Value for SETVAL */ struct semid_ds *buf; /* Buffer for IPC_STAT, IPC_SET */ unsigned short *array; /* Array for GETALL, SETALL */ }; #endif /* Remember PIN that we can save */ static char pin[HSM_MAX_PIN_LENGTH+1]; static char * prompt_pass(char *prompt) { int c, i = 0; static char pass[HSM_MAX_PIN_LENGTH+1]; struct termios oldt, newt; if (prompt == NULL) return NULL; printf("%s", prompt); /* Turn echoing off */ if (isatty(fileno(stdin))) { if (tcgetattr(fileno(stdin), &oldt) != 0) return NULL; newt = oldt; newt.c_lflag &= ~ECHO; if (tcsetattr(fileno(stdin), TCSAFLUSH, &newt) != 0) return NULL; } /* Get the password */ do { c = fgetc(stdin); pass[i] = c; i++; } while (c != EOF && c != '\n' && c != '\r' && i < HSM_MAX_PIN_LENGTH+1); pass[i-1] = '\0'; /* Restore echoing */ if (isatty(fileno(stdin))) { tcsetattr(fileno(stdin), TCSAFLUSH, &oldt); } printf("\n"); return pass; } static int hsm_sem_open() { int semid; struct semid_ds buf; union semun arg; /* Create/get the semaphore */ semid = semget(SEM_KEY, 1, IPC_CREAT|IPC_EXCL|SEM_PERM); if (semid == -1) { semid = semget(SEM_KEY, 1, IPC_CREAT|SEM_PERM); if (semid == -1) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_open()", "Could not access the semaphore: %s", strerror(errno)); return -1; } } else { /* Set value to 1 if we created it */ arg.val = 1; if (semctl(semid, 0, SETVAL, arg) == -1) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_open()", "Could not set value on the semaphore: %s", strerror(errno)); return -1; } } /* Get information about the semaphore */ arg.buf = &buf; if (semctl(semid, 0, IPC_STAT, arg) != 0) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_open()", "Could not stat the semaphore: %s", strerror(errno)); return -1; } /* Check permission to avoid an attack */ if ((buf.sem_perm.mode & (SEM_PERM)) != (SEM_PERM) || buf.sem_perm.gid != getegid()) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_open()", "Bad permissions on the semaphore, please read Getting Help/Troubleshooting on OpenDNSSEC Wiki about this."); return -1; } return semid; } static int hsm_sem_wait(int semid) { struct sembuf sb = { 0, -1, 0 }; if (semop(semid, &sb, 1) == -1) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_wait()", "Could not lock the semaphore: %s", strerror(errno)); return -1; } return 0; } static int hsm_sem_post(int semid) { struct sembuf sb = { 0, 1, 0 }; if (semop(semid, &sb, 1) == -1) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_sem_post()", "Could not unlock the semaphore: %s", strerror(errno)); return -1; } return 0; } static int hsm_shm_open() { int shmid; size_t shmsize; struct shmid_ds buf; /* Create/get the shared memory */ shmsize = sizeof(char)*HSM_MAX_SESSIONS*(HSM_MAX_PIN_LENGTH+1); shmid = shmget(SHM_KEY, shmsize, IPC_CREAT|IPC_EXCL|SHM_PERM); if (shmid == -1) { shmid = shmget(SHM_KEY, shmsize, IPC_CREAT|SHM_PERM); if (shmid == -1) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_shm_open()", "Could not access the shared memory: %s", strerror(errno)); return -1; } } else { /* Zeroize if we created the memory area */ /* The data should be set to zero according to man page */ } /* Get information about the shared memory */ if (shmctl(shmid, IPC_STAT, &buf) != 0) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_shm_open()", "Could not stat the semaphore: %s", strerror(errno)); return -1; } /* Check the size of the memory segment */ if ((size_t)buf.shm_segsz != shmsize) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_shm_open()", "Bad memory size, please read Getting Help/Troubleshooting on OpenDNSSEC Wiki about this."); return -1; } /* Check permission to avoid an attack */ if ((buf.shm_perm.mode & (SHM_PERM)) != (SHM_PERM) || buf.shm_perm.gid != getegid()) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_shm_open()", "Bad permissions on the shared memory, please read Getting Help/Troubleshooting on OpenDNSSEC Wiki about this."); return -1; } return shmid; } char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode) { /* Shared memory */ int shmid; int semid; char *pins = NULL; int index = id * (HSM_MAX_PIN_LENGTH + 1); /* PIN from getpass */ char prompt[64]; char *prompt_pin = NULL; unsigned int size = 0; /* Check input data */ if (id >= HSM_MAX_SESSIONS) return NULL; if (repository == NULL) return NULL; if (mode != HSM_PIN_FIRST && mode != HSM_PIN_RETRY && mode != HSM_PIN_SAVE) return NULL; /* Create/get the semaphore */ semid = hsm_sem_open(); if (semid == -1) return NULL; /* Lock the semaphore */ if (hsm_sem_wait(semid) != 0) return NULL; /* Create/get the shared memory */ shmid = hsm_shm_open(); if (shmid == -1) { hsm_sem_post(semid); return NULL; } /* Attach to the shared memory */ pins = (char *)shmat(shmid, NULL, 0); if (pins == (char *)-1) { pins = NULL; hsm_sem_post(semid); return NULL; } /* Get the PIN */ if (mode != HSM_PIN_SAVE) { /* Do we have a PIN in the shared memory? */ if (mode == HSM_PIN_FIRST && pins[index] != '\0') { size = strlen(&pins[index]); if (size > HSM_MAX_PIN_LENGTH) size = HSM_MAX_PIN_LENGTH; memcpy(pin, &pins[index], size); pin[size] = '\0'; } else { /* Zeroize bad PIN in shared memory */ if (mode == HSM_PIN_RETRY && pins[index] != '\0') { memset(&pins[index], '\0', HSM_MAX_PIN_LENGTH+1); } /* Unlock the semaphore if someone would do Ctrl+C */ hsm_sem_post(semid); /* Get PIN */ snprintf(prompt, 64, "Enter PIN for token %s: ", repository); prompt_pin = prompt_pass(prompt); if (prompt_pin == NULL) { shmdt(pins); pins = NULL; return NULL; } /* Lock the semaphore */ hsm_sem_wait(semid); /* Remember PIN */ size = strlen(prompt_pin); if (size > HSM_MAX_PIN_LENGTH) size = HSM_MAX_PIN_LENGTH; memset(pin, '\0', HSM_MAX_PIN_LENGTH+1); memcpy(pin, prompt_pin, size); /* Zeroize the prompt_pass PIN */ memset(prompt_pin, '\0', strlen(prompt_pin)); } } else { /* Save the PIN */ memcpy(&pins[index], pin, HSM_MAX_PIN_LENGTH+1); /* Zeroize the PIN */ memset(pin, '\0', HSM_MAX_PIN_LENGTH+1); } /* Detach from the shared memory */ shmdt(pins); pins = NULL; /* Unlock the semaphore */ hsm_sem_post(semid); return pin; } char * hsm_check_pin(unsigned int id, const char *repository, unsigned int mode) { /* Shared memory */ int shmid; int semid; char *pins = NULL; int index = id * (HSM_MAX_PIN_LENGTH + 1); unsigned int size = 0; /* Check input data */ if (id >= HSM_MAX_SESSIONS) return NULL; if (repository == NULL) return NULL; if (mode != HSM_PIN_FIRST && mode != HSM_PIN_RETRY && mode != HSM_PIN_SAVE) return NULL; if (mode == HSM_PIN_SAVE) { /* Nothing to save */ /* Zeroize the PIN */ memset(pin, '\0', HSM_MAX_PIN_LENGTH+1); return pin; } /* Create/get the semaphore */ semid = hsm_sem_open(); if (semid == -1) return NULL; /* Lock the semaphore */ if (hsm_sem_wait(semid) != 0) return NULL; /* Create/get the shared memory */ shmid = hsm_shm_open(); if (shmid == -1) { hsm_sem_post(semid); return NULL; } /* Attach to the shared memory */ pins = (char *)shmat(shmid, NULL, 0); if (pins == (char *)-1) { pins = NULL; hsm_sem_post(semid); return NULL; } /* Zeroize PIN buffer */ memset(pin, '\0', HSM_MAX_PIN_LENGTH+1); /* Check if there is no PIN */ if (pins[index] == '\0') { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_check_pin()", "No PIN in shared memory. " "Please login with \"ods-hsmutil login\""); shmdt(pins); pins = NULL; hsm_sem_post(semid); return NULL; } /* Zeroize bad PIN in shared memory */ if (mode == HSM_PIN_RETRY) { memset(&pins[index], '\0', HSM_MAX_PIN_LENGTH+1); hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_check_pin()", "Removed bad PIN in shared memory. " "Please login again with \"ods-hsmutil login\""); shmdt(pins); pins = NULL; hsm_sem_post(semid); return NULL; } /* Get the PIN */ size = strlen(&pins[index]); if (size > HSM_MAX_PIN_LENGTH) size = HSM_MAX_PIN_LENGTH; memcpy(pin, &pins[index], size); pin[size] = '\0'; /* Detach from the shared memory */ shmdt(pins); pins = NULL; /* Unlock the semaphore */ hsm_sem_post(semid); return pin; } int hsm_logout_pin() { int semid; int shmid; union semun arg; struct shmid_ds buf; /* Get the semaphore */ semid = semget(SEM_KEY, 1, 0); if (semid == -1) { if (errno != ENOENT) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_logout_pin()", "Could not access the semaphore: %s", strerror(errno)); return HSM_ERROR; } } else { arg.val = 0; /* Remove the semaphore */ if (semctl(semid, 0, IPC_RMID, arg) != 0) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_logout_pin()", "Could not delete the semaphore: %s", strerror(errno)); return HSM_ERROR; } } /* Get the shared memory */ shmid = shmget(SHM_KEY, 0, 0); if (shmid == -1) { if (errno != ENOENT) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_logout_pin()", "Could not access the shared memory: %s", strerror(errno)); return HSM_ERROR; } } else { /* Remove the shared memory */ if (shmctl(shmid, IPC_RMID, &buf) != 0) { hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_logout_pin()", "Could not stat the semaphore: %s", strerror(errno)); return HSM_ERROR; } } return HSM_OK; } opendnssec-2.1.5/libhsm/src/lib/libhsm.h0000644000202300020240000004124713560311165015041 00000000000000/* * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2009 NLNet Labs. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef HSM_H #define HSM_H 1 #include #include #include #define HSM_MAX_SESSIONS 100 /* * Note that currently the MySQL kasp schema limits the number of HSMs to * 127; so to increase it beyond that requires some database changes similar * to when keypairs(id) was increased, see svn r4465. * * Note that this constant also determines the size of the shared PIN memory. * Increasing this size requires any existing memory to be removed and should * be part of a migration script. */ #define HSM_MAX_SESSIONS 100 #define HSM_MAX_ALGONAME 16 #define HSM_ERROR_MSGSIZE 512 /* TODO: depends on type and key, or just leave it at current * maximum? */ #define HSM_MAX_SIGNATURE_LENGTH 512 /* Note that this constant also determines the size of the shared PIN memory. * Increasing this size requires any existing memory to be removed and should * be part of a migration script. */ #define HSM_MAX_PIN_LENGTH 255 /*! Return codes for some of the functions */ /*! These should be different than the list of CKR_ values defined * by pkcs11 (for easier debugging purposes of calling applications) */ #define HSM_OK 0 #define HSM_ERROR 0x10000001 #define HSM_PIN_INCORRECT 0x10000002 #define HSM_CONFIG_FILE_ERROR 0x10000003 #define HSM_REPOSITORY_NOT_FOUND 0x10000004 #define HSM_NO_REPOSITORIES 0x10000005 #define HSM_MODULE_NOT_FOUND 0x10000006 /*! The mode for the PIN callback functions */ #define HSM_PIN_FIRST 0 /* Used when getting the PIN for the first time. */ #define HSM_PIN_RETRY 1 /* Used when we failed to login the first time. */ #define HSM_PIN_SAVE 2 /* The latest PIN can be saved for future use. Called after a successful login. */ /*! HSM configuration */ typedef struct { unsigned int use_pubkey; /*!< Maintain public keys in HSM */ unsigned int allow_extract; /*!< Generate CKA_EXTRACTABLE private keys */ } hsm_config_t; /*! Data type to describe an HSM */ typedef struct { unsigned int id; /*!< HSM numerical identifier */ char *name; /*!< name of repository */ char *token_label; /*!< label of the token */ char *path; /*!< path to PKCS#11 library */ void *handle; /*!< handle from dlopen()*/ void *sym; /*!< Function list from dlsym */ hsm_config_t *config; /*!< optional per HSM configuration */ } hsm_module_t; /*! HSM Session */ typedef struct { hsm_module_t *module; unsigned long session; } hsm_session_t; /*! HSM Key Pair */ typedef struct { char *modulename; /*!< name of the module, as in hsm_session_t.module.name */ unsigned long private_key; /*!< private key within module */ unsigned long public_key; /*!< public key within module */ } libhsm_key_t; /*! HSM Key Pair Information */ typedef struct { char *id; /*!< key id */ unsigned long algorithm; /*!< key algorithm (cast from CKK_*)*/ char *algorithm_name; /*!< key algorithm name */ unsigned long keysize; /*!< key size */ } libhsm_key_info_t; /*! HSM Repositories */ typedef struct hsm_repository_struct hsm_repository_t; struct hsm_repository_struct { hsm_repository_t* next; /*!< next repository > */ char *name; /*!< name */ char *module; /*!< PKCS#11 module */ char *tokenlabel; /*!< PKCS#11 token label */ char *pin; /*!< PKCS#11 login credentials */ uint8_t require_backup; /*!< require a backup of keys before using new keys */ uint8_t use_pubkey; /*!< use public keys in repository? */ unsigned int allow_extract; /*!< Generate CKA_EXTRACTABLE private keys */ }; /*! HSM context to keep track of sessions */ typedef struct { hsm_session_t *session[HSM_MAX_SESSIONS]; /*!< HSM sessions */ size_t session_count; /*!< number of configured HSMs */ /*!< non-zero if the last operation failed (only the first error will be set) */ int error; /*!< static string describing the action we were trying to do when the first error happened */ const char *error_action; /*!< static string describing the first error */ char error_message[HSM_ERROR_MSGSIZE]; ldns_rbtree_t* keycache; pthread_mutex_t *keycache_lock; } hsm_ctx_t; /*! Set HSM Context Error If the ctx is given, and it's error value is still 0, the value will be set to 'error', and the error_message and error_action will be set to the given strings. \param ctx HSM context \param error error code \param action action for which the error occured \param message error message format string */ void hsm_ctx_set_error(hsm_ctx_t *ctx, int error, const char *action, const char *message, ...) #ifdef HAVE___ATTRIBUTE__ __attribute__ ((format (printf, 4, 5))) #endif ; /*! Open HSM library \param rlist Repository list. \param pin_callback This function will be called for tokens that have no PIN configured. The default hsm_prompt_pin() can be used. If this value is NULL, these tokens will be skipped. \return 0 if successful, !0 if failed Attaches all HSMs in the repository list, querying for PINs (using the given callback function) if not known. Also creates initial sessions (not part of any context; every API function that takes a context can be passed NULL, in which case the global context will be used) and log into each HSM. */ int hsm_open2(hsm_repository_t* rlist, char *(pin_callback)(unsigned int, const char *, unsigned int)); /*! Create new repository as specified in conf.xml. \param name Repository name. \param module PKCS#11 module. \param tokenlabel PKCS#11 token label. \param pin PKCS#11 login credentials. \param use_pubkey Whether to store the public key in the HSM. \return The created repository. */ hsm_repository_t * hsm_repository_new(char* name, char* module, char* tokenlabel, char* pin, uint8_t use_pubkey, uint8_t allowextract, uint8_t require_backup); /*! Free configured repositories. \param r Repository list. */ void hsm_repository_free(hsm_repository_t* r); /*! Function that queries for a PIN, can be used as callback for hsm_open(). Stores the PIN in the shared memory. \param id Used for identifying the repository. Will have a value between zero and HSM_MAX_SESSIONS. \param repository The repository name will be included in the prompt \param mode The type of mode the function should run in. \return The string the user enters */ char * hsm_prompt_pin(unsigned int id, const char *repository, unsigned int mode); /*! Function that will check if there is a PIN in the shared memory and returns it. \param id Used for identifying the repository. Will have a value between zero and HSM_MAX_SESSIONS. \param repository The repository name will be included in the prompt \param mode The type of mode the function should run in. \return The string the user enters */ char * hsm_check_pin(unsigned int id, const char *repository, unsigned int mode); /*! Logout Function that will logout the user by deleting the shared memory and semaphore. Any authenticated process will still be able to interact with the HSM. */ int hsm_logout_pin(void); /*! Close HSM library Log out and detach from all configured HSMs This cleans up all data for libhsm, and should be the last function called. */ void hsm_close(void); /*! Create new HSM context Creates a new session for each attached HSM. The returned hsm_ctx_t * can be freed with hsm_destroy_context() */ hsm_ctx_t * hsm_create_context(void); /*! Check HSM context Check if the associated sessions are still alive. If they are not alive, then try re-open libhsm. \param context HSM context \return 0 if successful, !0 if failed */ int hsm_check_context(); /*! Destroy HSM context \param context HSM context Also destroys any associated sessions. */ void hsm_destroy_context(hsm_ctx_t *context); void libhsm_key_free(libhsm_key_t *key); /*! List all known keys in all attached HSMs After the function has run, the value at count contains the number of keys found. The resulting key list can be freed with libhsm_key_list_free() Alternatively, each individual key structure in the list could be freed with libhsm_key_free() \param context HSM context \param count location to store the number of keys found */ libhsm_key_t ** hsm_list_keys(hsm_ctx_t *context, size_t *count); /*! List all known keys in a HSM After the function has run, the value at count contains the number of keys found. The resulting key list can be freed with libhsm_key_list_free() Alternatively, each individual key structure in the list could be freed with libhsm_key_free() \param context HSM context \param count location to store the number of keys found \param repository repository to list the keys in */ libhsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *context, size_t *count, const char *repository); /*! Find a key pair by CKA_ID (as hex string) The returned key structure can be freed with libhsm_key_free() \param context HSM context \param id CKA_ID of key to find (null-terminated string of hex characters) \return key identifier or NULL if not found (or invalid input) */ libhsm_key_t * hsm_find_key_by_id(hsm_ctx_t *context, const char *id); /*! Generate new key pair in HSM Keys generated by libhsm will have a 16-byte identifier set as CKA_ID and the hexadecimal representation of it set as CKA_LABEL. Other stuff, like exponent, may be needed here as well. The returned key structure can be freed with libhsm_key_free() \param context HSM context \param repository repository in where to create the key \param keysize Size of RSA key \return return key identifier or NULL if key generation failed */ libhsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *context, const char *repository, unsigned long keysize); /*! Generate new key pair in HSM Keys generated by libhsm will have a 16-byte identifier set as CKA_ID and the hexadecimal representation of it set as CKA_LABEL. The returned key structure can be freed with libhsm_key_free() \param context HSM context \param repository repository in where to create the key \param keysize Size of DSA key \return return key identifier or NULL if key generation failed */ libhsm_key_t * hsm_generate_dsa_key(hsm_ctx_t *context, const char *repository, unsigned long keysize); /*! Generate new key pair in HSM Keys generated by libhsm will have a 16-byte identifier set as CKA_ID and the hexadecimal representation of it set as CKA_LABEL. The returned key structure can be freed with libhsm_key_free() \param context HSM context \param repository repository in where to create the key \return return key identifier or NULL if key generation failed */ libhsm_key_t * hsm_generate_gost_key(hsm_ctx_t *context, const char *repository); /*! Generate new key pair in HSM Keys generated by libhsm will have a 16-byte identifier set as CKA_ID and the hexadecimal representation of it set as CKA_LABEL. The returned key structure can be freed with libhsm_key_free() \param context HSM context \param repository repository in where to create the key \param curve which curve to use \return return key identifier or NULL if key generation failed */ libhsm_key_t * hsm_generate_ecdsa_key(hsm_ctx_t *context, const char *repository, const char *curve); /*! Remove a key pair from HSM When a key is removed, the module pointer is set to NULL, and the public and private key handles are set to 0. The structure still needs to be freed. \param context HSM context \param key Key pair to be removed \return 0 if successful, !0 if failed */ int hsm_remove_key(hsm_ctx_t *context, libhsm_key_t *key); /*! Free the memory of an array of key structures, as returned by hsm_list_keys() \param key_list The array of keys to free \param count The number of keys in the array */ void libhsm_key_list_free(libhsm_key_t **key_list, size_t count); /*! Get id as null-terminated hex string using key identifier The returned id is allocated data, and must be free()d by the caller \param context HSM context \param key Key pair to get the ID from \return id of key pair */ char * hsm_get_key_id(hsm_ctx_t *context, const libhsm_key_t *key); /*! Get extended key information The returned id is allocated data, and must be freed by the caller With libhsm_key_info_free() \param context HSM context \param key Key pair to get information about \return key information */ libhsm_key_info_t * hsm_get_key_info(hsm_ctx_t *context, const libhsm_key_t *key); /*! Frees the libhsm_key_info_t structure \param key_info The structure to free */ void libhsm_key_info_free(libhsm_key_info_t *key_info); /*! Fill a buffer with random data from any attached HSM \param context HSM context \param buffer Buffer to fill with random data \param length Size of random buffer \return 0 if successful, !0 if failed */ int hsm_random_buffer(hsm_ctx_t *ctx, unsigned char *buffer, unsigned long length); /*! Return unsigned 32-bit random number from any attached HSM \param context HSM context \return 32-bit random number, or 0 if no HSM with a random generator is attached */ uint32_t hsm_random32(hsm_ctx_t *ctx); /*! Return unsigned 64-bit random number from any attached HSM \param context HSM context \return 64-bit random number, or 0 if no HSM with a random generator is attached */ uint64_t hsm_random64(hsm_ctx_t *ctx); /* * Additional functions for debugging, and non-general use-cases. */ /*! Attached a named HSM using a PKCS#11 shared library and optional credentials (may be NULL, but then undefined) This function changes the global state, and is not threadsafe \param repository the name of the repository \param token_label the name of the token to attach \param path the path of the shared PKCS#11 library \param pin the PIN to log into the token \param config optional configuration \return 0 on success, -1 on error */ int hsm_attach(const char *repository, const char *token_name, const char *path, const char *pin, const hsm_config_t *config); /*! Check whether a named token has been initialized in this context \param ctx HSM context \param token_name The name of the token \return 1 if the token is attached, 0 if not found */ int hsm_token_attached(hsm_ctx_t *ctx, const char *repository); /*! Return the current error message The returned message is allocated data, and must be free()d by the caller \param ctx HSM context \return error message string */ char * hsm_get_error(hsm_ctx_t *gctx); /* a few debug functions for applications */ void hsm_print_session(hsm_session_t *session); void hsm_print_ctx(hsm_ctx_t *ctx); void hsm_print_key(hsm_ctx_t *ctx, libhsm_key_t *key); void hsm_print_error(hsm_ctx_t *ctx); void hsm_print_tokeninfo(hsm_ctx_t *ctx); /* implementation of a key cache per context, needs changing see * OPENDNSSEC-799. */ extern void keycache_create(hsm_ctx_t* ctx); extern void keycache_destroy(hsm_ctx_t* ctx); extern const libhsm_key_t* keycache_lookup(hsm_ctx_t* ctx, const char* locator); #endif /* HSM_H */ opendnssec-2.1.5/libhsm/src/lib/libhsmdns.h0000644000202300020240000000653013560310771015544 00000000000000/* * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2009 NLNet Labs. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef HSMDNS_H #define HSMDNS_H 1 #include /*! Extra information for signing rrsets (algorithm, expiration, etc) */ typedef struct { /** The DNS signing algorithm identifier */ ldns_algorithm algorithm; /** Key flags */ uint16_t flags; /** The inception date of signatures made with this key. */ uint32_t inception; /** The expiration date of signatures made with this key. */ uint32_t expiration; /** The keytag of the key (is this necessary?) */ uint16_t keytag; /** The owner name of the key */ ldns_rdf *owner; } hsm_sign_params_t; /*! * Returns an allocated hsm_sign_params_t with some defaults */ hsm_sign_params_t * hsm_sign_params_new(void); /*! Free the signer parameters structure If params->owner has been set, ldns_rdf_deep_free() will be called on it. \param params The signer parameters to free */ void hsm_sign_params_free(hsm_sign_params_t *params); /*! Sign RRset using key The returned ldns_rr structure can be freed with ldns_rr_free() \param context HSM context \param rrset RRset to sign \param key Key pair used to sign \return ldns_rr* Signed RRset */ ldns_rr* hsm_sign_rrset(hsm_ctx_t *ctx, const ldns_rr_list* rrset, const libhsm_key_t *key, const hsm_sign_params_t *sign_params); /*! Get DNSKEY RR The returned ldns_rr structure can be freed with ldns_rr_free() \param context HSM context \param key Key to get DNSKEY RR from \param sign_params the signing parameters (flags, algorithm, etc) \return ldns_rr* */ ldns_rr* hsm_get_dnskey(hsm_ctx_t *ctx, const libhsm_key_t *key, const hsm_sign_params_t *sign_params); /** * Calculate keytag * @param loc: Locator of keydata on HSM * @param alg: Algorithm of key * @param ksk: 0 for zsk, positive int for ksk|csk * @param[out] keytag: the calculated keytag * return: non-zero in case of failure */ int hsm_keytag(const char* loc, int alg, int ksk, uint16_t* keytag); #endif /* HSMDNS_H */ opendnssec-2.1.5/libhsm/src/lib/Makefile.am0000644000202300020240000000050013560310771015433 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/cryptoki_compat \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 noinst_LIBRARIES = libhsm.a libhsm_a_SOURCES = libhsm.c libhsm.h libhsmdns.h pin.c \ cryptoki_compat/pkcs11.h opendnssec-2.1.5/libhsm/src/lib/Makefile.in0000644000202300020240000005467213560311314015461 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = libhsm/src/lib ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = LIBRARIES = $(noinst_LIBRARIES) ARFLAGS = cru AM_V_AR = $(am__v_AR_@AM_V@) am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) am__v_AR_0 = @echo " AR " $@; am__v_AR_1 = libhsm_a_AR = $(AR) $(ARFLAGS) libhsm_a_LIBADD = am_libhsm_a_OBJECTS = libhsm.$(OBJEXT) pin.$(OBJEXT) libhsm_a_OBJECTS = $(am_libhsm_a_OBJECTS) AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/common depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/libhsm.Po ./$(DEPDIR)/pin.Po am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(libhsm_a_SOURCES) DIST_SOURCES = $(libhsm_a_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/cryptoki_compat \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 noinst_LIBRARIES = libhsm.a libhsm_a_SOURCES = libhsm.c libhsm.h libhsmdns.h pin.c \ cryptoki_compat/pkcs11.h all: all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libhsm/src/lib/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign libhsm/src/lib/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): clean-noinstLIBRARIES: -test -z "$(noinst_LIBRARIES)" || rm -f $(noinst_LIBRARIES) libhsm.a: $(libhsm_a_OBJECTS) $(libhsm_a_DEPENDENCIES) $(EXTRA_libhsm_a_DEPENDENCIES) $(AM_V_at)-rm -f libhsm.a $(AM_V_AR)$(libhsm_a_AR) libhsm.a $(libhsm_a_OBJECTS) $(libhsm_a_LIBADD) $(AM_V_at)$(RANLIB) libhsm.a mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libhsm.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pin.Po@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @echo '# dummy' >$@-t && $(am__mv) $@-t $@ am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am check: check-am all-am: Makefile $(LIBRARIES) installdirs: install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-generic clean-libtool clean-noinstLIBRARIES \ mostlyclean-am distclean: distclean-am -rm -f ./$(DEPDIR)/libhsm.Po -rm -f ./$(DEPDIR)/pin.Po -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/libhsm.Po -rm -f ./$(DEPDIR)/pin.Po -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: .MAKE: install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ clean-generic clean-libtool clean-noinstLIBRARIES \ cscopelist-am ctags ctags-am distclean distclean-compile \ distclean-generic distclean-libtool distclean-tags distdir dvi \ dvi-am html html-am info info-am install install-am \ install-data install-data-am install-dvi install-dvi-am \ install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-pdf \ install-pdf-am install-ps install-ps-am install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags tags-am uninstall uninstall-am .PRECIOUS: Makefile # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/libhsm/src/lib/libhsm.c0000644000202300020240000032044113560311035015024 00000000000000/* * Copyright (c) 2009 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2009 NLNet Labs. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include #include #include #include #include #include #include #include #include "libhsm.h" #include "libhsmdns.h" #include "compat.h" #include "duration.h" #include #include /*! Fixed length from PKCS#11 specification */ #define HSM_TOKEN_LABEL_LENGTH 32 /*! Global (initial) context, with mutex to serialize access to it */ hsm_ctx_t *_hsm_ctx; pthread_mutex_t _hsm_ctx_mutex = PTHREAD_MUTEX_INITIALIZER; /*! General PKCS11 helper functions */ static char const * ldns_pkcs11_rv_str(CK_RV rv) { switch (rv) { case CKR_OK: return "CKR_OK"; case CKR_CANCEL: return "CKR_CANCEL"; case CKR_HOST_MEMORY: return "CKR_HOST_MEMORY"; case CKR_GENERAL_ERROR: return "CKR_GENERAL_ERROR"; case CKR_FUNCTION_FAILED: return "CKR_FUNCTION_FAILED"; case CKR_SLOT_ID_INVALID: return "CKR_SLOT_ID_INVALID"; case CKR_ATTRIBUTE_READ_ONLY: return "CKR_ATTRIBUTE_READ_ONLY"; case CKR_ATTRIBUTE_SENSITIVE: return "CKR_ATTRIBUTE_SENSITIVE"; case CKR_ATTRIBUTE_TYPE_INVALID: return "CKR_ATTRIBUTE_TYPE_INVALID"; case CKR_ATTRIBUTE_VALUE_INVALID: return "CKR_ATTRIBUTE_VALUE_INVALID"; case CKR_DATA_INVALID: return "CKR_DATA_INVALID"; case CKR_DATA_LEN_RANGE: return "CKR_DATA_LEN_RANGE"; case CKR_DEVICE_ERROR: return "CKR_DEVICE_ERROR"; case CKR_DEVICE_MEMORY: return "CKR_DEVICE_MEMORY"; case CKR_DEVICE_REMOVED: return "CKR_DEVICE_REMOVED"; case CKR_ENCRYPTED_DATA_INVALID: return "CKR_ENCRYPTED_DATA_INVALID"; case CKR_ENCRYPTED_DATA_LEN_RANGE: return "CKR_ENCRYPTED_DATA_LEN_RANGE"; case CKR_FUNCTION_CANCELED: return "CKR_FUNCTION_CANCELED"; case CKR_FUNCTION_NOT_PARALLEL: return "CKR_FUNCTION_NOT_PARALLEL"; case CKR_FUNCTION_NOT_SUPPORTED: return "CKR_FUNCTION_NOT_SUPPORTED"; case CKR_KEY_HANDLE_INVALID: return "CKR_KEY_HANDLE_INVALID"; case CKR_KEY_SIZE_RANGE: return "CKR_KEY_SIZE_RANGE"; case CKR_KEY_TYPE_INCONSISTENT: return "CKR_KEY_TYPE_INCONSISTENT"; case CKR_MECHANISM_INVALID: return "CKR_MECHANISM_INVALID"; case CKR_MECHANISM_PARAM_INVALID: return "CKR_MECHANISM_PARAM_INVALID"; case CKR_OBJECT_HANDLE_INVALID: return "CKR_OBJECT_HANDLE_INVALID"; case CKR_OPERATION_ACTIVE: return "CKR_OPERATION_ACTIVE"; case CKR_OPERATION_NOT_INITIALIZED: return "CKR_OPERATION_NOT_INITIALIZED"; case CKR_PIN_INCORRECT: return "CKR_PIN_INCORRECT"; case CKR_PIN_INVALID: return "CKR_PIN_INVALID"; case CKR_PIN_LEN_RANGE: return "CKR_PIN_LEN_RANGE"; case CKR_SESSION_CLOSED: return "CKR_SESSION_CLOSED"; case CKR_SESSION_COUNT: return "CKR_SESSION_COUNT"; case CKR_SESSION_HANDLE_INVALID: return "CKR_SESSION_HANDLE_INVALID"; case CKR_SESSION_PARALLEL_NOT_SUPPORTED: return "CKR_SESSION_PARALLEL_NOT_SUPPORTED"; case CKR_SESSION_READ_ONLY: return "CKR_SESSION_READ_ONLY"; case CKR_SESSION_EXISTS: return "CKR_SESSION_EXISTS"; case CKR_SIGNATURE_INVALID: return "CKR_SIGNATURE_INVALID"; case CKR_SIGNATURE_LEN_RANGE: return "CKR_SIGNATURE_LEN_RANGE"; case CKR_TEMPLATE_INCOMPLETE: return "CKR_TEMPLATE_INCOMPLETE"; case CKR_TEMPLATE_INCONSISTENT: return "CKR_TEMPLATE_INCONSISTENT"; case CKR_TOKEN_NOT_PRESENT: return "CKR_TOKEN_NOT_PRESENT"; case CKR_TOKEN_NOT_RECOGNIZED: return "CKR_TOKEN_NOT_RECOGNIZED"; case CKR_TOKEN_WRITE_PROTECTED: return "CKR_TOKEN_WRITE_PROTECTED"; case CKR_UNWRAPPING_KEY_HANDLE_INVALID: return "CKR_UNWRAPPING_KEY_HANDLE_INVALID"; case CKR_UNWRAPPING_KEY_SIZE_RANGE: return "CKR_UNWRAPPING_KEY_SIZE_RANGE"; case CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT: return "CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT"; case CKR_USER_ALREADY_LOGGED_IN: return "CKR_USER_ALREADY_LOGGED_IN"; case CKR_USER_NOT_LOGGED_IN: return "CKR_USER_NOT_LOGGED_IN"; case CKR_USER_PIN_NOT_INITIALIZED: return "CKR_USER_PIN_NOT_INITIALIZED"; case CKR_USER_TYPE_INVALID: return "CKR_USER_TYPE_INVALID"; case CKR_WRAPPED_KEY_INVALID: return "CKR_WRAPPED_KEY_INVALID"; case CKR_WRAPPED_KEY_LEN_RANGE: return "CKR_WRAPPED_KEY_LEN_RANGE"; case CKR_WRAPPING_KEY_HANDLE_INVALID: return "CKR_WRAPPING_KEY_HANDLE_INVALID"; case CKR_WRAPPING_KEY_SIZE_RANGE: return "CKR_WRAPPING_KEY_SIZE_RANGE"; case CKR_WRAPPING_KEY_TYPE_INCONSISTENT: return "CKR_WRAPPING_KEY_TYPE_INCONSISTENT"; case CKR_RANDOM_SEED_NOT_SUPPORTED: return "CKR_RANDOM_SEED_NOT_SUPPORTED"; /*CKR_VENDOR_DEFINED is not a constant but a macro which expands in to an */ /*expression. Which we are not allowed to use in a switch.*/ /*case CKR_VENDOR_DEFINED:*/ case 0x80000000: return "CKR_VENDOR_DEFINED"; case CKR_BUFFER_TOO_SMALL: return "CKR_BUFFER_TOO_SMALL"; case CKR_SAVED_STATE_INVALID: return "CKR_SAVED_STATE_INVALID"; case CKR_INFORMATION_SENSITIVE: return "CKR_INFORMATION_SENSITIVE"; case CKR_STATE_UNSAVEABLE: return "CKR_STATE_UNSAVEABLE"; case CKR_CRYPTOKI_NOT_INITIALIZED: return "CKR_CRYPTOKI_NOT_INITIALIZED"; case CKR_CRYPTOKI_ALREADY_INITIALIZED: return "CKR_CRYPTOKI_ALREADY_INITIALIZED"; case CKR_MUTEX_BAD: return "CKR_MUTEX_BAD"; case CKR_MUTEX_NOT_LOCKED: return "CKR_MUTEX_NOT_LOCKED"; default: return "Unknown error"; } } void hsm_ctx_set_error(hsm_ctx_t *ctx, int error, const char *action, const char *message, ...) { va_list args; if (ctx && ctx->error == 0) { ctx->error = error; ctx->error_action = action; va_start(args, message); vsnprintf(ctx->error_message, sizeof(ctx->error_message), message, args); va_end(args); } } /*! Check HSM Context for Error If the rv is not CKR_OK, and there is not previous error registered in the context, to set the context error based on PKCS#11 return value. \param ctx HSM context \param rv PKCS#11 return value \param action action for which the error occured \param message error message format string \return 0 if rv == CKR_OK, otherwise 1 */ static int hsm_pkcs11_check_error(hsm_ctx_t *ctx, CK_RV rv, const char *action) { if (rv != CKR_OK) { if (ctx && ctx->error == 0) { ctx->error = (int) rv; ctx->error_action = action; strlcpy(ctx->error_message, ldns_pkcs11_rv_str(rv), sizeof(ctx->error_message)); } return 1; } return 0; } /*! Unload PKCS#11 provider */ static void hsm_pkcs11_unload_functions(void *handle) { if (handle) { #if defined(HAVE_LOADLIBRARY) /* no idea */ #elif defined(HAVE_DLOPEN) (void) dlclose(handle); #endif } } /*! Load PKCS#11 provider */ static CK_RV hsm_pkcs11_load_functions(hsm_module_t *module) { CK_C_GetFunctionList pGetFunctionList = NULL; if (module && module->path) { /* library provided by application or user */ #if defined(HAVE_LOADLIBRARY) /* Load PKCS #11 library */ HINSTANCE hDLL = LoadLibrary(_T(module->path)); if (hDLL == NULL) { /* Failed to load the PKCS #11 library */ return CKR_FUNCTION_FAILED; } /* Retrieve the entry point for C_GetFunctionList */ pGetFunctionList = (CK_C_GetFunctionList) GetProcAddress(hDLL, _T("C_GetFunctionList")); #elif defined(HAVE_DLOPEN) /* Load PKCS #11 library */ void* pDynLib = dlopen(module->path, RTLD_NOW | RTLD_LOCAL); if (pDynLib == NULL) { /* Failed to load the PKCS #11 library */ return CKR_FUNCTION_FAILED; } /* Retrieve the entry point for C_GetFunctionList */ pGetFunctionList = (CK_C_GetFunctionList) dlsym(pDynLib, "C_GetFunctionList"); /* Store the handle so we can dlclose it later */ module->handle = pDynLib; #else return CKR_FUNCTION_FAILED; #endif } else { /* No library provided, use the statically compiled softHSM */ #ifdef HAVE_PKCS11_MODULE return C_GetFunctionList(pkcs11_functions); #else return CKR_FUNCTION_FAILED; #endif } if (pGetFunctionList == NULL) { /* Failed to load the PKCS #11 library */ return CKR_FUNCTION_FAILED; } /* Retrieve the function list */ (pGetFunctionList)((CK_FUNCTION_LIST_PTR_PTR)(&module->sym)); return CKR_OK; } static void hsm_remove_leading_zeroes(CK_BYTE_PTR data, CK_ULONG *len) { CK_BYTE_PTR p = data; CK_ULONG l; if (data == NULL || len == NULL) return; l = *len; while ((unsigned short int)(*p) == 0 && l > 1) { p++; l--; } if (p != data) { memmove(data, p, l); *len = l; } } static int hsm_pkcs11_check_token_name(hsm_ctx_t *ctx, CK_FUNCTION_LIST_PTR pkcs11_functions, CK_SLOT_ID slotId, const char *token_name) { /* token label is always 32 bytes */ char token_name_bytes[HSM_TOKEN_LABEL_LENGTH]; int result = 0; CK_RV rv; CK_TOKEN_INFO token_info; rv = pkcs11_functions->C_GetTokenInfo(slotId, &token_info); if (hsm_pkcs11_check_error(ctx, rv, "C_GetTokenInfo")) { return 0; } memset(token_name_bytes, ' ', HSM_TOKEN_LABEL_LENGTH); if (strlen(token_name) < HSM_TOKEN_LABEL_LENGTH) { memcpy(token_name_bytes, token_name, strlen(token_name)); } else { memcpy(token_name_bytes, token_name, HSM_TOKEN_LABEL_LENGTH); } result = memcmp(token_info.label, token_name_bytes, HSM_TOKEN_LABEL_LENGTH) == 0; return result; } hsm_repository_t * hsm_repository_new(char* name, char* module, char* tokenlabel, char* pin, uint8_t use_pubkey, uint8_t allowextract, uint8_t require_backup) { hsm_repository_t* r; if (!name || !module || !tokenlabel) return NULL; r = malloc(sizeof(hsm_repository_t)); if (!r) return NULL; r->next = NULL; r->pin = NULL; r->name = strdup(name); r->module = strdup(module); r->tokenlabel = strdup(tokenlabel); if (!r->name || !r->module || !r->tokenlabel) { hsm_repository_free(r); return NULL; } if (pin) { r->pin = strdup(pin); if (!r->pin) { hsm_repository_free(r); return NULL; } } r->use_pubkey = use_pubkey; r->allow_extract = allowextract; r->require_backup = require_backup; return r; } void hsm_repository_free(hsm_repository_t *r) { if (r) { if (r->next) hsm_repository_free(r->next); if (r->name) free(r->name); if (r->module) free(r->module); if (r->tokenlabel) free(r->tokenlabel); if (r->pin) free(r->pin); } free(r); } static int hsm_get_slot_id(hsm_ctx_t *ctx, CK_FUNCTION_LIST_PTR pkcs11_functions, const char *token_name, CK_SLOT_ID *slotId) { CK_RV rv; CK_ULONG slotCount; CK_SLOT_ID cur_slot; CK_SLOT_ID *slotIds; int found = 0; if (token_name == NULL || slotId == NULL) return HSM_ERROR; rv = pkcs11_functions->C_GetSlotList(CK_TRUE, NULL_PTR, &slotCount); if (hsm_pkcs11_check_error(ctx, rv, "get slot list")) { return HSM_ERROR; } if (slotCount < 1) { hsm_ctx_set_error(ctx, HSM_ERROR, "hsm_get_slot_id()", "No slots found in HSM"); return HSM_ERROR; } else if (slotCount > (SIZE_MAX / sizeof(CK_SLOT_ID))) { hsm_ctx_set_error(ctx, HSM_ERROR, "hsm_get_slot_id()", "Too many slots found in HSM"); return HSM_ERROR; } slotIds = malloc(sizeof(CK_SLOT_ID) * slotCount); if(slotIds == NULL) { hsm_ctx_set_error(ctx, HSM_ERROR, "hsm_get_slot_id()", "Could not allocate slot ID table"); return HSM_ERROR; } rv = pkcs11_functions->C_GetSlotList(CK_TRUE, slotIds, &slotCount); if (hsm_pkcs11_check_error(ctx, rv, "get slot list")) { return HSM_ERROR; } for (cur_slot = 0; cur_slot < slotCount; cur_slot++) { if (hsm_pkcs11_check_token_name(ctx, pkcs11_functions, slotIds[cur_slot], token_name)) { *slotId = slotIds[cur_slot]; found = 1; break; } } free(slotIds); if (!found) { hsm_ctx_set_error(ctx, -1, "hsm_get_slot_id()", "could not find token with the name %s", token_name); return HSM_ERROR; } return HSM_OK; } /* internal functions */ static hsm_module_t * hsm_module_new(const char *repository, const char *token_label, const char *path, const hsm_config_t *config) { hsm_module_t *module; if (!repository || !path) return NULL; module = malloc(sizeof(hsm_module_t)); if (!module) return NULL; if (config) { module->config = malloc(sizeof(hsm_config_t)); if (!module->config) { free(module); return NULL; } memcpy(module->config, config, sizeof(hsm_config_t)); } else { module->config = NULL; } module->id = 0; /*TODO i think we can remove this*/ module->name = strdup(repository); module->token_label = strdup(token_label); module->path = strdup(path); module->handle = NULL; module->sym = NULL; return module; } static void hsm_module_free(hsm_module_t *module) { if (module) { if (module->name) free(module->name); if (module->token_label) free(module->token_label); if (module->path) free(module->path); if (module->config) free(module->config); free(module); } } static hsm_session_t * hsm_session_new(hsm_module_t *module, CK_SESSION_HANDLE session_handle) { hsm_session_t *session; session = malloc(sizeof(hsm_session_t)); session->module = module; session->session = session_handle; return session; } static void hsm_session_free(hsm_session_t *session) { if (session) { free(session); } } /*! Set default HSM configuration */ static void hsm_config_default(hsm_config_t *config) { config->use_pubkey = 1; config->allow_extract = 0; } /* creates a session_t structure, and automatically adds and initializes * a module_t struct for it */ static int hsm_session_init(hsm_ctx_t *ctx, hsm_session_t **session, const char *repository, const char *token_label, const char *module_path, const char *pin, const hsm_config_t *config) { CK_RV rv; CK_RV rv_login; hsm_module_t *module; CK_SLOT_ID slot_id; CK_SESSION_HANDLE session_handle; int first = 1, result; CK_C_INITIALIZE_ARGS InitArgs = {NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL }; if (pin == NULL) return HSM_ERROR; module = hsm_module_new(repository, token_label, module_path, config); if (!module) return HSM_ERROR; rv = hsm_pkcs11_load_functions(module); if (rv != CKR_OK) { hsm_ctx_set_error(ctx, HSM_MODULE_NOT_FOUND, "hsm_session_init()", "PKCS#11 module load failed: %s", module_path); hsm_module_free(module); return HSM_MODULE_NOT_FOUND; } rv = ((CK_FUNCTION_LIST_PTR) module->sym)->C_Initialize((CK_VOID_PTR) &InitArgs); /* ALREADY_INITIALIZED is ok, apparently we are using a second * device with the same library */ if (rv != CKR_CRYPTOKI_ALREADY_INITIALIZED) { if (hsm_pkcs11_check_error(ctx, rv, "Initialization")) { hsm_module_free(module); return HSM_ERROR; } } else { first = 0; } result = hsm_get_slot_id(ctx, module->sym, token_label, &slot_id); if (result != HSM_OK) { hsm_module_free(module); return HSM_ERROR; } rv = ((CK_FUNCTION_LIST_PTR) module->sym)->C_OpenSession(slot_id, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session_handle); if (hsm_pkcs11_check_error(ctx, rv, "Open first session")) { hsm_module_free(module); return HSM_ERROR; } rv_login = ((CK_FUNCTION_LIST_PTR) module->sym)->C_Login(session_handle, CKU_USER, (unsigned char *) pin, strlen((char *)pin)); if (rv_login == CKR_OK) { *session = hsm_session_new(module, session_handle); return HSM_OK; } else { /* uninitialize the session again */ if (session_handle) { rv = ((CK_FUNCTION_LIST_PTR) module->sym)-> C_CloseSession(session_handle); if (hsm_pkcs11_check_error(ctx, rv, "finalize after failed login")) { hsm_module_free(module); return HSM_ERROR; } } /* if this was not the first, don't close the library for * the rest of us */ if (first) { rv = ((CK_FUNCTION_LIST_PTR) module->sym)->C_Finalize(NULL); if (hsm_pkcs11_check_error(ctx, rv, "finalize after failed login")) { hsm_module_free(module); return HSM_ERROR; } } hsm_module_free(module); *session = NULL; switch(rv_login) { case CKR_PIN_INCORRECT: hsm_ctx_set_error(ctx, HSM_PIN_INCORRECT, "hsm_session_init()", "Incorrect PIN for repository %s", repository); return HSM_PIN_INCORRECT; default: return HSM_ERROR; } } } /* open a second session from the given one */ static hsm_session_t * hsm_session_clone(hsm_ctx_t *ctx, hsm_session_t *session) { CK_RV rv; CK_SLOT_ID slot_id; CK_SESSION_HANDLE session_handle; hsm_session_t *new_session; int result; result = hsm_get_slot_id(ctx, session->module->sym, session->module->token_label, &slot_id); if (result != HSM_OK) return NULL; rv = ((CK_FUNCTION_LIST_PTR) session->module->sym)->C_OpenSession(slot_id, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session_handle); if (hsm_pkcs11_check_error(ctx, rv, "Clone session")) { return NULL; } new_session = hsm_session_new(session->module, session_handle); return new_session; } static hsm_ctx_t * hsm_ctx_new() { hsm_ctx_t *ctx; ctx = malloc(sizeof(hsm_ctx_t)); if (ctx) { memset(ctx->session, 0, HSM_MAX_SESSIONS); ctx->session_count = 0; ctx->error = 0; } return ctx; } /* ctx_free frees the structure */ static void hsm_ctx_free(hsm_ctx_t *ctx) { unsigned int i; if (ctx) { for (i = 0; i < ctx->session_count; i++) { hsm_session_free(ctx->session[i]); } free(ctx); } } /* close the session, and free the allocated data * * if unload is non-zero, C_Logout() is called, * the dlopen()d module is closed and unloaded * (only call this on the last session for each * module, ie. the one in the global ctx) */ static void hsm_session_close(hsm_ctx_t *ctx, hsm_session_t *session, int unload) { /* If we loaded this library more than once, we may have * already finalized it before, so we can safely ignore * NOT_INITIALIZED */ CK_RV rv; if (unload) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_Logout(session->session); if (rv != CKR_CRYPTOKI_NOT_INITIALIZED) { (void) hsm_pkcs11_check_error(ctx, rv, "Logout"); } } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_CloseSession(session->session); if (rv != CKR_CRYPTOKI_NOT_INITIALIZED) { (void) hsm_pkcs11_check_error(ctx, rv, "Close session"); } if (unload) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_Finalize(NULL); if (rv != CKR_CRYPTOKI_NOT_INITIALIZED) { (void) hsm_pkcs11_check_error(ctx, rv, "Finalize"); hsm_pkcs11_unload_functions(session->module->handle); } hsm_module_free(session->module); session->module = NULL; } hsm_session_free(session); } /* ctx_close closes all session, and free * the structures. * * if unload is non-zero, the associated dynamic libraries are unloaded * (hence only use that on the last, global, ctx) */ static void hsm_ctx_close(hsm_ctx_t *ctx, int unload) { size_t i; if (!ctx) return; for (i = 0; i < ctx->session_count; i++) { hsm_session_close(ctx, ctx->session[i], unload); ctx->session[i] = NULL; } hsm_ctx_free(ctx); } /* adds a session to the context. * returns 0 on success * 1 if the maximum number of sessions (HSM_MAX_SESSIONS) was * reached * -1 if one of the arguments is NULL */ static int hsm_ctx_add_session(hsm_ctx_t *ctx, hsm_session_t *session) { if (!ctx || !session) return -1; if (ctx->session_count >= HSM_MAX_SESSIONS) return 1; ctx->session[ctx->session_count] = session; ctx->session_count++; return 0; } static hsm_ctx_t * hsm_ctx_clone(hsm_ctx_t *ctx) { unsigned int i; hsm_ctx_t *new_ctx; hsm_session_t *new_session; new_ctx = NULL; if (ctx) { new_ctx = hsm_ctx_new(); for (i = 0; i < ctx->session_count; i++) { new_session = hsm_session_clone(ctx, ctx->session[i]); if (!new_session) { /* one of the sessions failed to clone. Clear the * new ctx and return NULL */ hsm_ctx_close(new_ctx, 0); return NULL; } hsm_ctx_add_session(new_ctx, new_session); } new_ctx->keycache = ctx->keycache; new_ctx->keycache_lock = ctx->keycache_lock; } return new_ctx; } static libhsm_key_t * libhsm_key_new() { libhsm_key_t *key; key = malloc(sizeof(libhsm_key_t)); key->modulename = NULL; key->private_key = 0; key->public_key = 0; return key; } /* find the session belonging to a key, by iterating over the modules * in the context */ static hsm_session_t * hsm_find_key_session(hsm_ctx_t *ctx, const libhsm_key_t *key) { unsigned int i; if (!key || !key->modulename) return NULL; for (i = 0; i < ctx->session_count; i++) { if (ctx->session[i] && !strcmp(ctx->session[i]->module->name, key->modulename)) { return ctx->session[i]; } } return NULL; } /* Returns the key type (algorithm) of the given key */ static CK_KEY_TYPE hsm_get_key_algorithm(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; CK_KEY_TYPE key_type; CK_ATTRIBUTE template[] = { {CKA_KEY_TYPE, &key_type, sizeof(CK_KEY_TYPE)} }; rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->private_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "Get attr value algorithm type")) { /* this is actually not a good return value; * CKK_RSA is also 0. But we can't return a negative * value. Should we #define a specific 'key type' that * indicates an error? (TODO) */ return 0; } if ((CK_LONG)template[0].ulValueLen < 1) { /* this is actually not a good return value; * CKK_RSA is also 0. But we can't return a negative * value. Should we #define a specific 'key type' that * indicates an error? (TODO) */ return 0; } return key_type; } /* returns a CK_ULONG with the key size of the given RSA key. The * key is not checked for type. For RSA, the number of bits in the * modulus is the key size (CKA_MODULUS_BITS) */ static CK_ULONG hsm_get_key_size_rsa(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; CK_ULONG modulus_bits; /* Template for public keys */ CK_ATTRIBUTE template[] = { {CKA_MODULUS_BITS, &modulus_bits, sizeof(CK_KEY_TYPE)} }; /* Template for private keys */ CK_BYTE_PTR modulus = NULL; int mask; CK_ATTRIBUTE template2[] = { {CKA_MODULUS, NULL, 0} }; if (key->public_key) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "Get attr value algorithm type")) { return 0; } if ((CK_ULONG)template[0].ulValueLen < 1) { return 0; } } else { // Get buffer size rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->private_key, template2, 1); if (hsm_pkcs11_check_error(ctx, rv, "Could not get the size of the modulus of the private key")) { return 0; } // Allocate memory modulus = (CK_BYTE_PTR)malloc(template2[0].ulValueLen); template2[0].pValue = modulus; if (modulus == NULL) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_size_rsa()", "Error allocating memory for modulus"); return 0; } // Get attribute rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->private_key, template2, 1); if (hsm_pkcs11_check_error(ctx, rv, "Could not get the modulus of the private key")) { free(modulus); return 0; } // Calculate size modulus_bits = template2[0].ulValueLen * 8; mask = 0x80; for (int i = 0; modulus_bits && (modulus[i] & mask) == 0; modulus_bits--) { mask >>= 1; if (mask == 0) { i++; mask = 0x80; } } free(modulus); } return modulus_bits; } /* returns a CK_ULONG with the key size of the given DSA key. The * key is not checked for type. For DSA, the number of bits in the * prime is the key size (CKA_PRIME) */ static CK_ULONG hsm_get_key_size_dsa(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; /* Template */ CK_ATTRIBUTE template2[] = { {CKA_PRIME, NULL, 0} }; // Get buffer size rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->private_key, template2, 1); if (hsm_pkcs11_check_error(ctx, rv, "Could not get the size of the prime of the private key")) { return 0; } return template2[0].ulValueLen * 8; } /* Returns the DER decoded value of Q for ECDSA key * Byte string with uncompressed form of a curve point, "x | y" */ static unsigned char * hsm_get_key_ecdsa_value(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key, CK_ULONG *data_len) { CK_RV rv; CK_BYTE_PTR value = NULL; CK_BYTE_PTR data = NULL; CK_ULONG value_len = 0; CK_ULONG header_len = 0; CK_ATTRIBUTE template[] = { {CKA_EC_POINT, NULL, 0}, }; if (!session || !session->module || !key || !data_len) { return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "C_GetAttributeValue")) { return NULL; } value_len = template[0].ulValueLen; value = template[0].pValue = malloc(value_len); if (!value) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "Error allocating memory for value"); return NULL; } memset(value, 0, value_len); rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "get attribute value")) { free(value); return NULL; } if(value_len != template[0].ulValueLen) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "HSM returned two different length for a same CKA_EC_POINT. " \ "Abnormal behaviour detected."); free(value); return NULL; } /* Check that we have the first two octets */ if (value_len < 2) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "The DER value is too short"); free(value); return NULL; } /* Check the identifier octet, PKCS#11 requires octet string */ if (value[0] != 0x04) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "Invalid identifier octet in the DER value"); free(value); return NULL; } header_len++; /* Check the length octets, but we do not validate the length */ if (value[1] <= 0x7F) { header_len++; } else if (value[1] == 0x80) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "Indefinite length is not supported in DER values"); free(value); return NULL; } else { header_len++; header_len += value[1] & 0x80; } /* Check that we have more data than the header */ if (value_len - header_len < 2) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "The value is too short"); free(value); return NULL; } /* Check that we have uncompressed data */ /* TODO: Not supporting compressed data */ if (value[header_len] != 0x04) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "The value is not uncompressed"); free(value); return NULL; } header_len++; *data_len = value_len - header_len; data = malloc(*data_len); if (data == NULL) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_ecdsa_value()", "Error allocating memory for data"); free(value); return NULL; } memcpy(data, value + header_len, *data_len); free(value); return data; } /* returns a CK_ULONG with the key size of the given ECDSA key. The * key is not checked for type. For ECDSA, the number of bits in the * value X is the key size */ static CK_ULONG hsm_get_key_size_ecdsa(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key) { CK_ULONG value_len; unsigned char* value = hsm_get_key_ecdsa_value(ctx, session, key, &value_len); CK_ULONG bits = 0; if (value == NULL) return 0; if( ((CK_ULONG) - 1) / (8/2) < value_len) { free(value); return 0; } /* value = x | y */ bits = value_len * 8 / 2; free(value); return bits; } /* Wrapper for specific key size functions */ static CK_ULONG hsm_get_key_size(hsm_ctx_t *ctx, const hsm_session_t *session, const libhsm_key_t *key, const unsigned long algorithm) { switch (algorithm) { case CKK_RSA: return hsm_get_key_size_rsa(ctx, session, key); break; case CKK_DSA: return hsm_get_key_size_dsa(ctx, session, key); break; case CKK_GOSTR3410: /* GOST public keys always have a size of 512 bits */ return 512; case CKK_EC: return hsm_get_key_size_ecdsa(ctx, session, key); default: return 0; } } static CK_OBJECT_HANDLE hsm_find_object_handle_for_id(hsm_ctx_t *ctx, const hsm_session_t *session, CK_OBJECT_CLASS key_class, CK_BYTE *id, CK_ULONG id_len) { CK_ULONG objectCount; CK_OBJECT_HANDLE object; CK_RV rv; CK_ATTRIBUTE template[] = { { CKA_CLASS, &key_class, sizeof(key_class) }, { CKA_ID, id, id_len }, }; rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsInit(session->session, template, 2); if (hsm_pkcs11_check_error(ctx, rv, "Find objects init")) { return 0; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjects(session->session, &object, 1, &objectCount); if (hsm_pkcs11_check_error(ctx, rv, "Find object")) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsFinal(session->session); hsm_pkcs11_check_error(ctx, rv, "Find objects cleanup"); return 0; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsFinal(session->session); if (hsm_pkcs11_check_error(ctx, rv, "Find object final")) { return 0; } if (objectCount > 0) { return object; } else { return 0; } } /* * Parses the null-terminated string hex as hex values, * Returns allocated data that needs to be freed (or NULL on error) * len will contain the number of bytes allocated, or 0 on error */ static unsigned char * hsm_hex_parse(const char *hex, size_t *len) { unsigned char *bytes; /* length of the hex input */ size_t hex_len; size_t i; if (!len) return NULL; *len = 0; if (!hex) return NULL; hex_len = strlen(hex); if (hex_len % 2 != 0) { return NULL; } *len = hex_len / 2; bytes = malloc(*len); for (i = 0; i < *len; i++) { bytes[i] = ldns_hexdigit_to_int(hex[2*i]) * 16 + ldns_hexdigit_to_int(hex[2*i+1]); } return bytes; } /* put a hexadecimal representation of the data from src into dst * len is the number of bytes to read from src * dst must have allocated enough space (len*2 + 1) */ static void hsm_hex_unparse(char *dst, const unsigned char *src, size_t len) { size_t dst_len = len*2 + 1; size_t i; for (i = 0; i < len; i++) { snprintf(dst + (2*i), dst_len, "%02x", src[i]); } dst[len*2] = '\0'; } /* returns an allocated byte array with the CKA_ID for the given object * len will contain the result size * returns NULL and size zero if not found in this session */ static CK_BYTE * hsm_get_id_for_object(hsm_ctx_t *ctx, const hsm_session_t *session, CK_OBJECT_HANDLE object, size_t *len) { CK_RV rv; CK_BYTE *id = NULL; CK_ATTRIBUTE template[] = { {CKA_ID, id, 0} }; /* find out the size of the id first */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, object, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "Get attr value")) { *len = 0; return NULL; } if ((CK_LONG)template[0].ulValueLen < 1) { /* No CKA_ID found, return NULL */ *len = 0; return NULL; } template[0].pValue = malloc(template[0].ulValueLen); rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, object, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "Get attr value 2")) { *len = 0; free(template[0].pValue); return NULL; } *len = template[0].ulValueLen; return template[0].pValue; } /* returns an libhsm_key_t object for the given *private key* object handle * the module, private key, and public key handle are set * The session needs to be free to perform a search for the public key */ static libhsm_key_t * libhsm_key_new_privkey_object_handle(hsm_ctx_t *ctx, const hsm_session_t *session, CK_OBJECT_HANDLE object) { libhsm_key_t *key; CK_BYTE *id; size_t len; id = hsm_get_id_for_object(ctx, session, object, &len); if (!id) return NULL; key = libhsm_key_new(); key->modulename = strdup(session->module->name); key->private_key = object; key->public_key = hsm_find_object_handle_for_id( ctx, session, CKO_PUBLIC_KEY, id, len); free(id); return key; } /* helper function to find both key counts or the keys themselves * if the argument store is 0, results are not returned; the * function will only set the count and return NULL * Otherwise, a newly allocated key array will be returned * (on error, the count will also be zero and NULL returned) */ static libhsm_key_t ** hsm_list_keys_session_internal(hsm_ctx_t *ctx, const hsm_session_t *session, size_t *count, int store) { libhsm_key_t **keys = NULL; libhsm_key_t *key; CK_RV rv; CK_OBJECT_CLASS key_class = CKO_PRIVATE_KEY; CK_ATTRIBUTE template[] = { { CKA_CLASS, &key_class, sizeof(key_class) }, }; CK_ULONG total_count = 0; CK_ULONG objectCount = 1; /* find 100 keys at a time (and loop until there are none left) */ CK_ULONG max_object_count = 100; CK_ULONG i, j; CK_OBJECT_HANDLE object[max_object_count]; CK_OBJECT_HANDLE *key_handles = NULL, *new_key_handles = NULL; rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsInit(session->session, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "Find objects init")) { goto err; } j = 0; while (objectCount > 0) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjects(session->session, object, max_object_count, &objectCount); if (hsm_pkcs11_check_error(ctx, rv, "Find first object")) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsFinal(session->session); hsm_pkcs11_check_error(ctx, rv, "Find objects cleanup"); goto err; } total_count += objectCount; if (objectCount > 0 && store) { if (SIZE_MAX / sizeof(CK_OBJECT_HANDLE) < total_count) { hsm_ctx_set_error(ctx, -1, "hsm_list_keys_session_internal", "Too much object handle returned by HSM to allocate key_handles"); goto err; } new_key_handles = realloc(key_handles, total_count * sizeof(CK_OBJECT_HANDLE)); if (new_key_handles != NULL) { key_handles = new_key_handles; } else { hsm_ctx_set_error(ctx, -1, "hsm_list_keys_session_internal", "Error allocating memory for object handle (OOM)"); goto err; } for (i = 0; i < objectCount; i++) { key_handles[j] = object[i]; j++; } } } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_FindObjectsFinal(session->session); if (hsm_pkcs11_check_error(ctx, rv, "Find objects final")) { goto err; } if (store) { if(SIZE_MAX / sizeof(libhsm_key_t *) < total_count) { hsm_ctx_set_error(ctx, -1, "hsm_list_keys_session_internal", "Too much object handle returned by HSM to allocate keys"); goto err; } keys = malloc(total_count * sizeof(libhsm_key_t *)); if(keys == NULL) { hsm_ctx_set_error(ctx, -1, "hsm_list_keys_session_internal", "Error allocating memory for keys table (OOM)"); goto err; } for (i = 0; i < total_count; i++) { key = libhsm_key_new_privkey_object_handle(ctx, session, key_handles[i]); if(!key) { libhsm_key_list_free(keys, i); goto err; } keys[i] = key; } } free(key_handles); *count = total_count; return keys; err: free(key_handles); *count = 0; return NULL; } /* returns an array of all keys available to the given session * * \param session the session to find the keys in * \param count this value will contain the number of keys found * * \return the list of keys */ static libhsm_key_t ** hsm_list_keys_session(hsm_ctx_t *ctx, const hsm_session_t *session, size_t *count) { return hsm_list_keys_session_internal(ctx, session, count, 1); } /* returns a newly allocated key structure containing the key data * for the given CKA_ID available in the session. Returns NULL if not * found */ static libhsm_key_t * hsm_find_key_by_id_session(hsm_ctx_t *ctx, const hsm_session_t *session, const unsigned char *id, size_t len) { libhsm_key_t *key; CK_OBJECT_HANDLE private_key_handle; private_key_handle = hsm_find_object_handle_for_id( ctx, session, CKO_PRIVATE_KEY, (CK_BYTE *) id, (CK_ULONG) len); if (private_key_handle != 0) { key = libhsm_key_new_privkey_object_handle(ctx, session, private_key_handle); return key; } else { return NULL; } } /* Find a key pair by CKA_ID (as byte array) The returned key structure can be freed with free() \param context HSM context \param id CKA_ID of key to find (array of bytes) \param len number of bytes in the id \return key identifier or NULL if not found */ static libhsm_key_t * hsm_find_key_by_id_bin(hsm_ctx_t *ctx, const unsigned char *id, size_t len) { libhsm_key_t *key; unsigned int i; if (!id) return NULL; for (i = 0; i < ctx->session_count; i++) { key = hsm_find_key_by_id_session(ctx, ctx->session[i], id, len); if (key) return key; } return NULL; } /** * returns the first session found if repository is null, otherwise * finds the session belonging to the repository with the given name * returns NULL if not found */ static hsm_session_t * hsm_find_repository_session(hsm_ctx_t *ctx, const char *repository) { unsigned int i; if (!repository) { for (i = 0; i < ctx->session_count; i++) { if (ctx->session[i]) { return ctx->session[i]; } } } else { for (i = 0; i < ctx->session_count; i++) { if (ctx->session[i] && strcmp(repository, ctx->session[i]->module->name) == 0) { return ctx->session[i]; } } } hsm_ctx_set_error(ctx, HSM_REPOSITORY_NOT_FOUND, "hsm_find_repository_session()", "Can't find repository: %s", repository); return NULL; } static ldns_rdf * hsm_get_key_rdata_rsa(hsm_ctx_t *ctx, hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; CK_BYTE_PTR public_exponent = NULL; CK_ULONG public_exponent_len = 0; CK_BYTE_PTR modulus = NULL; CK_ULONG modulus_len = 0; unsigned long hKey = 0; unsigned char *data = NULL; size_t data_size = 0; CK_ATTRIBUTE template[] = { {CKA_PUBLIC_EXPONENT, NULL, 0}, {CKA_MODULUS, NULL, 0}, }; ldns_rdf *rdf; if (!session || !session->module) { return NULL; } if (key->public_key) { hKey = key->public_key; } else { hKey = key->private_key; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, hKey, template, 2); if (hsm_pkcs11_check_error(ctx, rv, "C_GetAttributeValue")) { return NULL; } public_exponent_len = template[0].ulValueLen; modulus_len = template[1].ulValueLen; public_exponent = template[0].pValue = malloc(public_exponent_len); if (!public_exponent) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_rsa()", "Error allocating memory for public exponent"); return NULL; } modulus = template[1].pValue = malloc(modulus_len); if (!modulus) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_rsa()", "Error allocating memory for modulus"); free(public_exponent); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, hKey, template, 2); if (hsm_pkcs11_check_error(ctx, rv, "get attribute value")) { free(template[0].pValue); free(template[1].pValue); return NULL; } // Remove leading zeroes hsm_remove_leading_zeroes(public_exponent, &public_exponent_len); hsm_remove_leading_zeroes(modulus, &modulus_len); data_size = public_exponent_len + modulus_len + 1; if (public_exponent_len <= 255) { data = malloc(data_size); if (!data) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_rsa()", "Error allocating memory for pub key rr data"); free(public_exponent); free(modulus); return NULL; } data[0] = public_exponent_len; memcpy(&data[1], public_exponent, public_exponent_len); memcpy(&data[1 + public_exponent_len], modulus, modulus_len); } else if (public_exponent_len <= 65535) { data_size += 2; data = malloc(data_size); if (!data) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_rsa()", "Error allocating memory for pub key rr data"); free(public_exponent); free(modulus); return NULL; } data[0] = 0; ldns_write_uint16(&data[1], (uint16_t) public_exponent_len); memcpy(&data[3], public_exponent, public_exponent_len); memcpy(&data[3 + public_exponent_len], modulus, modulus_len); } else { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_rsa()", "Public exponent too big"); free(public_exponent); free(modulus); return NULL; } rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, data_size, data); free(public_exponent); free(modulus); return rdf; } static ldns_rdf * hsm_get_key_rdata_dsa(hsm_ctx_t *ctx, hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; CK_BYTE_PTR prime = NULL; CK_ULONG prime_len = 0; CK_BYTE_PTR subprime = NULL; CK_ULONG subprime_len = 0; CK_BYTE_PTR base = NULL; CK_ULONG base_len = 0; CK_BYTE_PTR value = NULL; CK_ULONG value_len = 0; unsigned char *data = NULL; size_t data_size = 0; CK_ATTRIBUTE template[] = { {CKA_PRIME, NULL, 0}, {CKA_SUBPRIME, NULL, 0}, {CKA_BASE, NULL, 0}, {CKA_VALUE, NULL, 0}, }; ldns_rdf *rdf; if (!session || !session->module) { return NULL; } /* DSA needs the public key compared with RSA */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 4); if (hsm_pkcs11_check_error(ctx, rv, "C_GetAttributeValue")) { return NULL; } prime_len = template[0].ulValueLen; subprime_len = template[1].ulValueLen; base_len = template[2].ulValueLen; value_len = template[3].ulValueLen; prime = template[0].pValue = malloc(prime_len); if (!prime) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_dsa()", "Error allocating memory for prime"); return NULL; } subprime = template[1].pValue = malloc(subprime_len); if (!subprime) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_dsa()", "Error allocating memory for subprime"); free(prime); return NULL; } base = template[2].pValue = malloc(base_len); if (!base) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_dsa()", "Error allocating memory for base"); free(prime); free(subprime); return NULL; } value = template[3].pValue = malloc(value_len); if (!value) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_dsa()", "Error allocating memory for value"); free(prime); free(subprime); free(base); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 4); if (hsm_pkcs11_check_error(ctx, rv, "get attribute value")) { free(prime); free(subprime); free(base); free(value); return NULL; } data_size = prime_len + subprime_len + base_len + value_len + 1; data = malloc(data_size); if (!data) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_dsa()", "Error allocating memory for pub key rr data"); free(prime); free(subprime); free(base); free(value); return NULL; } data[0] = (prime_len - 64) / 8; memcpy(&data[1], subprime, subprime_len); memcpy(&data[1 + subprime_len], prime, prime_len); memcpy(&data[1 + subprime_len + prime_len], base, base_len); memcpy(&data[1 + subprime_len + prime_len + base_len], value, value_len); rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, data_size, data); free(prime); free(subprime); free(base); free(value); return rdf; } static ldns_rdf * hsm_get_key_rdata_gost(hsm_ctx_t *ctx, hsm_session_t *session, const libhsm_key_t *key) { CK_RV rv; CK_BYTE_PTR value = NULL; CK_ULONG value_len = 0; CK_ATTRIBUTE template[] = { {CKA_VALUE, NULL, 0}, }; ldns_rdf *rdf; if (!session || !session->module) { return NULL; } /* GOST needs the public key compared with RSA */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "C_GetAttributeValue")) { return NULL; } value_len = template[0].ulValueLen; value = template[0].pValue = malloc(value_len); if (!value) { hsm_ctx_set_error(ctx, -1, "hsm_get_key_rdata_gost()", "Error allocating memory for value"); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue( session->session, key->public_key, template, 1); if (hsm_pkcs11_check_error(ctx, rv, "get attribute value")) { free(value); return NULL; } rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, value_len, value); return rdf; } static ldns_rdf * hsm_get_key_rdata_ecdsa(hsm_ctx_t *ctx, hsm_session_t *session, const libhsm_key_t *key) { CK_ULONG value_len; unsigned char* value = hsm_get_key_ecdsa_value(ctx, session, key, &value_len); if (value == NULL) return NULL; ldns_rdf *rdf = ldns_rdf_new(LDNS_RDF_TYPE_B64, value_len, value); return rdf; } static ldns_rdf * hsm_get_key_rdata(hsm_ctx_t *ctx, hsm_session_t *session, const libhsm_key_t *key) { switch (hsm_get_key_algorithm(ctx, session, key)) { case CKK_RSA: return hsm_get_key_rdata_rsa(ctx, session, key); break; case CKK_DSA: return hsm_get_key_rdata_dsa(ctx, session, key); break; case CKK_GOSTR3410: return hsm_get_key_rdata_gost(ctx, session, key); break; case CKK_EC: return hsm_get_key_rdata_ecdsa(ctx, session, key); default: return 0; } } /* this function allocates memory for the mechanism ID and enough room * to leave the upcoming digest data. It fills in the mechanism id * use with care. The returned data must be free'd by the caller. * Only used by RSA PKCS. */ static CK_BYTE * hsm_create_prefix(CK_ULONG digest_len, ldns_algorithm algorithm, CK_ULONG *data_size) { CK_BYTE *data; const CK_BYTE RSA_MD5_ID[] = { 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10 }; const CK_BYTE RSA_SHA1_ID[] = { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 }; const CK_BYTE RSA_SHA256_ID[] = { 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20 }; const CK_BYTE RSA_SHA512_ID[] = { 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 }; switch((ldns_signing_algorithm)algorithm) { case LDNS_SIGN_RSAMD5: *data_size = sizeof(RSA_MD5_ID) + digest_len; data = malloc(*data_size); memcpy(data, RSA_MD5_ID, sizeof(RSA_MD5_ID)); break; case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: *data_size = sizeof(RSA_SHA1_ID) + digest_len; data = malloc(*data_size); memcpy(data, RSA_SHA1_ID, sizeof(RSA_SHA1_ID)); break; case LDNS_SIGN_RSASHA256: *data_size = sizeof(RSA_SHA256_ID) + digest_len; data = malloc(*data_size); memcpy(data, RSA_SHA256_ID, sizeof(RSA_SHA256_ID)); break; case LDNS_SIGN_RSASHA512: *data_size = sizeof(RSA_SHA512_ID) + digest_len; data = malloc(*data_size); memcpy(data, RSA_SHA512_ID, sizeof(RSA_SHA512_ID)); break; case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: case LDNS_SIGN_ECC_GOST: /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: #endif *data_size = digest_len; data = malloc(*data_size); break; default: return NULL; } return data; } static CK_BYTE * hsm_digest_through_hsm(hsm_ctx_t *ctx, hsm_session_t *session, CK_MECHANISM_TYPE mechanism_type, CK_ULONG digest_len, ldns_buffer *sign_buf) { CK_MECHANISM digest_mechanism; CK_BYTE *digest; CK_RV rv; digest_mechanism.pParameter = NULL; digest_mechanism.ulParameterLen = 0; digest_mechanism.mechanism = mechanism_type; digest = malloc(digest_len); rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_DigestInit(session->session, &digest_mechanism); if (hsm_pkcs11_check_error(ctx, rv, "HSM digest init")) { free(digest); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_Digest(session->session, ldns_buffer_begin(sign_buf), ldns_buffer_position(sign_buf), digest, &digest_len); if (hsm_pkcs11_check_error(ctx, rv, "HSM digest")) { free(digest); return NULL; } return digest; } static ldns_rdf * hsm_sign_buffer(hsm_ctx_t *ctx, ldns_buffer *sign_buf, const libhsm_key_t *key, ldns_algorithm algorithm) { CK_RV rv; CK_ULONG signatureLen = HSM_MAX_SIGNATURE_LENGTH; CK_BYTE signature[HSM_MAX_SIGNATURE_LENGTH]; CK_MECHANISM sign_mechanism; ldns_rdf *sig_rdf; CK_BYTE *digest = NULL; CK_ULONG digest_len; CK_BYTE *data = NULL; CK_ULONG data_len = 0; hsm_session_t *session; session = hsm_find_key_session(ctx, key); if (!session) return NULL; /* some HSMs don't really handle CKM_SHA1_RSA_PKCS well, so * we'll do the hashing manually */ /* When adding algorithms, remember there is another switch below */ switch ((ldns_signing_algorithm)algorithm) { case LDNS_SIGN_RSAMD5: digest_len = 16; digest = hsm_digest_through_hsm(ctx, session, CKM_MD5, digest_len, sign_buf); break; case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: digest_len = LDNS_SHA1_DIGEST_LENGTH; digest = malloc(digest_len); digest = ldns_sha1(ldns_buffer_begin(sign_buf), ldns_buffer_position(sign_buf), digest); break; case LDNS_SIGN_RSASHA256: /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: #endif digest_len = LDNS_SHA256_DIGEST_LENGTH; digest = malloc(digest_len); digest = ldns_sha256(ldns_buffer_begin(sign_buf), ldns_buffer_position(sign_buf), digest); break; /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA case LDNS_SIGN_ECDSAP384SHA384: digest_len = LDNS_SHA384_DIGEST_LENGTH; digest = malloc(digest_len); digest = ldns_sha384(ldns_buffer_begin(sign_buf), ldns_buffer_position(sign_buf), digest); break; #endif case LDNS_SIGN_RSASHA512: digest_len = LDNS_SHA512_DIGEST_LENGTH; digest = malloc(digest_len); digest = ldns_sha512(ldns_buffer_begin(sign_buf), ldns_buffer_position(sign_buf), digest); break; case LDNS_SIGN_ECC_GOST: digest_len = 32; digest = hsm_digest_through_hsm(ctx, session, CKM_GOSTR3411, digest_len, sign_buf); break; default: /* log error? or should we not even get here for * unsupported algorithms? */ return NULL; } if (!digest) { return NULL; } /* CKM_RSA_PKCS does the padding, but cannot know the identifier * prefix, so we need to add that ourselves. * The other algorithms will just get the digest buffer returned. */ data = hsm_create_prefix(digest_len, algorithm, &data_len); memcpy(data + data_len - digest_len, digest, digest_len); sign_mechanism.pParameter = NULL; sign_mechanism.ulParameterLen = 0; switch((ldns_signing_algorithm)algorithm) { case LDNS_SIGN_RSAMD5: case LDNS_SIGN_RSASHA1: case LDNS_SIGN_RSASHA1_NSEC3: case LDNS_SIGN_RSASHA256: case LDNS_SIGN_RSASHA512: sign_mechanism.mechanism = CKM_RSA_PKCS; break; case LDNS_SIGN_DSA: case LDNS_SIGN_DSA_NSEC3: sign_mechanism.mechanism = CKM_DSA; break; case LDNS_SIGN_ECC_GOST: sign_mechanism.mechanism = CKM_GOSTR3410; break; /* TODO: We can remove the directive if we require LDNS >= 1.6.13 */ #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA case LDNS_SIGN_ECDSAP256SHA256: case LDNS_SIGN_ECDSAP384SHA384: sign_mechanism.mechanism = CKM_ECDSA; break; #endif default: /* log error? or should we not even get here for * unsupported algorithms? */ free(data); free(digest); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_SignInit( session->session, &sign_mechanism, key->private_key); if (hsm_pkcs11_check_error(ctx, rv, "sign init")) { free(data); free(digest); return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_Sign(session->session, data, data_len, signature, &signatureLen); if (hsm_pkcs11_check_error(ctx, rv, "sign final")) { free(data); free(digest); return NULL; } sig_rdf = ldns_rdf_new_frm_data(LDNS_RDF_TYPE_B64, signatureLen, signature); free(data); free(digest); return sig_rdf; } static int hsm_dname_is_wildcard(const ldns_rdf* dname) { return ( ldns_dname_label_count(dname) > 0 && ldns_rdf_data(dname)[0] == 1 && ldns_rdf_data(dname)[1] == '*'); } static ldns_rr * hsm_create_empty_rrsig(const ldns_rr_list *rrset, const hsm_sign_params_t *sign_params) { ldns_rr *rrsig; uint32_t orig_ttl; uint32_t orig_class; time_t now; uint8_t label_count; label_count = ldns_dname_label_count( ldns_rr_owner(ldns_rr_list_rr(rrset, 0))); /* RFC 4035 section 2.2: dnssec label length and wildcards */ if (hsm_dname_is_wildcard(ldns_rr_owner(ldns_rr_list_rr(rrset, 0)))) { label_count--; } rrsig = ldns_rr_new_frm_type(LDNS_RR_TYPE_RRSIG); /* set the type on the new signature */ orig_ttl = ldns_rr_ttl(ldns_rr_list_rr(rrset, 0)); orig_class = ldns_rr_get_class(ldns_rr_list_rr(rrset, 0)); ldns_rr_set_class(rrsig, orig_class); ldns_rr_set_ttl(rrsig, orig_ttl); ldns_rr_set_owner(rrsig, ldns_rdf_clone( ldns_rr_owner( ldns_rr_list_rr(rrset, 0)))); /* fill in what we know of the signature */ /* set the orig_ttl */ (void)ldns_rr_rrsig_set_origttl( rrsig, ldns_native2rdf_int32(LDNS_RDF_TYPE_INT32, orig_ttl)); /* the signers name */ (void)ldns_rr_rrsig_set_signame( rrsig, ldns_rdf_clone(sign_params->owner)); /* label count - get it from the first rr in the rr_list */ (void)ldns_rr_rrsig_set_labels( rrsig, ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, label_count)); /* inception, expiration */ now = time_now(); if (sign_params->inception != 0) { (void)ldns_rr_rrsig_set_inception( rrsig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, sign_params->inception)); } else { (void)ldns_rr_rrsig_set_inception( rrsig, ldns_native2rdf_int32(LDNS_RDF_TYPE_TIME, now)); } if (sign_params->expiration != 0) { (void)ldns_rr_rrsig_set_expiration( rrsig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, sign_params->expiration)); } else { (void)ldns_rr_rrsig_set_expiration( rrsig, ldns_native2rdf_int32( LDNS_RDF_TYPE_TIME, now + LDNS_DEFAULT_EXP_TIME)); } (void)ldns_rr_rrsig_set_keytag( rrsig, ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, sign_params->keytag)); (void)ldns_rr_rrsig_set_algorithm( rrsig, ldns_native2rdf_int8( LDNS_RDF_TYPE_ALG, sign_params->algorithm)); (void)ldns_rr_rrsig_set_typecovered( rrsig, ldns_native2rdf_int16( LDNS_RDF_TYPE_TYPE, ldns_rr_get_type(ldns_rr_list_rr(rrset, 0)))); return rrsig; } /* * API functions */ int hsm_open2(hsm_repository_t* rlist, char *(pin_callback)(unsigned int, const char *, unsigned int)) { hsm_config_t module_config; hsm_repository_t* repo = NULL; char* module_pin = NULL; int result = HSM_OK; int tries; int repositories = 0; pthread_mutex_lock(&_hsm_ctx_mutex); /* create an internal context with an attached session for each * configured HSM. */ if ((_hsm_ctx = hsm_ctx_new())) { keycache_create(_hsm_ctx); } repo = rlist; while (repo) { hsm_config_default(&module_config); module_config.use_pubkey = repo->use_pubkey; module_config.allow_extract = repo->allow_extract; if (repo->name && repo->module && repo->tokenlabel) { if (repo->pin) { result = hsm_attach(repo->name, repo->tokenlabel, repo->module, repo->pin, &module_config); } else { if (pin_callback) { result = HSM_PIN_INCORRECT; tries = 0; while (result == HSM_PIN_INCORRECT && tries < 3) { module_pin = pin_callback(_hsm_ctx->session_count, repo->name, tries?HSM_PIN_RETRY:HSM_PIN_FIRST); if (module_pin == NULL) break; result = hsm_attach(repo->name, repo->tokenlabel, repo->module, module_pin, &module_config); if (result == HSM_OK) { pin_callback(_hsm_ctx->session_count - 1, repo->name, HSM_PIN_SAVE); } memset(module_pin, 0, strlen(module_pin)); tries++; } } else { /* no pin, no callback */ hsm_ctx_set_error(_hsm_ctx, HSM_ERROR, "hsm_open2()", "No pin or callback function"); result = HSM_ERROR; } } if (result != HSM_OK) { break; } repositories++; } repo = repo->next; } if (result == HSM_OK && repositories == 0) { hsm_ctx_set_error(_hsm_ctx, HSM_NO_REPOSITORIES, "hsm_open2()", "No repositories found"); result = HSM_NO_REPOSITORIES; } pthread_mutex_unlock(&_hsm_ctx_mutex); return result; } void hsm_close() { pthread_mutex_lock(&_hsm_ctx_mutex); keycache_destroy(_hsm_ctx); hsm_ctx_close(_hsm_ctx, 1); _hsm_ctx = NULL; pthread_mutex_unlock(&_hsm_ctx_mutex); } hsm_ctx_t * hsm_create_context() { hsm_ctx_t* newctx; pthread_mutex_lock(&_hsm_ctx_mutex); newctx = hsm_ctx_clone(_hsm_ctx); pthread_mutex_unlock(&_hsm_ctx_mutex); return newctx; } int hsm_check_context() { unsigned int i; hsm_session_t *session; CK_SESSION_INFO info; CK_RV rv; CK_SESSION_HANDLE session_handle; hsm_ctx_t *ctx; pthread_mutex_lock(&_hsm_ctx_mutex); ctx = _hsm_ctx; for (i = 0; i < ctx->session_count; i++) { session = ctx->session[i]; if (session == NULL) continue; /* Get session info */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetSessionInfo( session->session, &info); if (hsm_pkcs11_check_error(ctx, rv, "get session info")) { pthread_mutex_unlock(&_hsm_ctx_mutex); return HSM_ERROR; } /* Check session info */ if (info.state != CKS_RW_USER_FUNCTIONS) { hsm_ctx_set_error(ctx, HSM_ERROR, "hsm_check_context()", "Session not logged in"); pthread_mutex_unlock(&_hsm_ctx_mutex); return HSM_ERROR; } /* Try open and close a session with the token */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_OpenSession(info.slotID, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session_handle); if (hsm_pkcs11_check_error(ctx, rv, "test open session")) { pthread_mutex_unlock(&_hsm_ctx_mutex); return HSM_ERROR; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_CloseSession(session_handle); if (hsm_pkcs11_check_error(ctx, rv, "test close session")) { pthread_mutex_unlock(&_hsm_ctx_mutex); return HSM_ERROR; } } pthread_mutex_unlock(&_hsm_ctx_mutex); return HSM_OK; } void hsm_destroy_context(hsm_ctx_t *ctx) { hsm_ctx_close(ctx, 0); } /** * Returns an allocated hsm_sign_params_t with some defaults */ hsm_sign_params_t * hsm_sign_params_new() { hsm_sign_params_t *params; params = malloc(sizeof(hsm_sign_params_t)); if (!params) { return NULL; } params->algorithm = LDNS_RSASHA256; params->flags = LDNS_KEY_ZONE_KEY; params->inception = 0; params->expiration = 0; params->keytag = 0; params->owner = NULL; return params; } void hsm_sign_params_free(hsm_sign_params_t *params) { if (params) { if (params->owner) ldns_rdf_deep_free(params->owner); free(params); } } void libhsm_key_free(libhsm_key_t *key) { free(key->modulename); free(key); } libhsm_key_t ** hsm_list_keys(hsm_ctx_t *ctx, size_t *count) { libhsm_key_t **keys = NULL; size_t key_count = 0; size_t cur_key_count; libhsm_key_t **session_keys; unsigned int i, j; for (i = 0; i < ctx->session_count; i++) { session_keys = hsm_list_keys_session(ctx, ctx->session[i], &cur_key_count); keys = realloc(keys, (key_count + cur_key_count) * sizeof(libhsm_key_t *)); for (j = 0; j < cur_key_count; j++) { keys[key_count + j] = session_keys[j]; } key_count += cur_key_count; free(session_keys); } if (count) { *count = key_count; } return keys; } libhsm_key_t ** hsm_list_keys_repository(hsm_ctx_t *ctx, size_t *count, const char *repository) { hsm_session_t *session; if (!repository) return NULL; session = hsm_find_repository_session(ctx, repository); if (!session) { *count = 0; return NULL; } return hsm_list_keys_session(ctx, session, count); } libhsm_key_t * hsm_find_key_by_id(hsm_ctx_t *ctx, const char *id) { unsigned char *id_bytes; size_t len; libhsm_key_t *key; id_bytes = hsm_hex_parse(id, &len); if (!id_bytes) return NULL; key = hsm_find_key_by_id_bin(ctx, id_bytes, len); free(id_bytes); return key; } static void generate_unique_id(hsm_ctx_t *ctx, unsigned char *buf, size_t bufsize) { libhsm_key_t *key; /* check whether this key doesn't happen to exist already */ hsm_random_buffer(ctx, buf, bufsize); while ((key = hsm_find_key_by_id_bin(ctx, buf, bufsize))) { libhsm_key_free(key); hsm_random_buffer(ctx, buf, bufsize); } } libhsm_key_t * hsm_generate_rsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize) { libhsm_key_t *new_key; hsm_session_t *session; /* ids we create are 16 bytes of data */ unsigned char id[16]; /* that's 33 bytes in string (16*2 + 1 for \0) */ char id_str[33]; CK_RV rv; CK_OBJECT_HANDLE publicKey, privateKey; CK_KEY_TYPE keyType = CKK_RSA; CK_MECHANISM mechanism = { CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0 }; CK_BYTE publicExponent[] = { 1, 0, 1 }; CK_BBOOL ctrue = CK_TRUE; CK_BBOOL cfalse = CK_FALSE; CK_BBOOL ctoken = CK_TRUE; CK_BBOOL cextractable = CK_FALSE; session = hsm_find_repository_session(ctx, repository); if (!session) return NULL; cextractable = session->module->config->allow_extract ? CK_TRUE : CK_FALSE; generate_unique_id(ctx, id, 16); /* the CKA_LABEL will contain a hexadecimal string representation * of the id */ hsm_hex_unparse(id_str, id, 16); if (! session->module->config->use_pubkey) { ctoken = CK_FALSE; } CK_ATTRIBUTE publicKeyTemplate[] = { { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen(id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_VERIFY, &ctrue, sizeof(ctrue) }, { CKA_ENCRYPT, &cfalse, sizeof(cfalse) }, { CKA_WRAP, &cfalse, sizeof(cfalse) }, { CKA_TOKEN, &ctoken, sizeof(ctoken) }, { CKA_MODULUS_BITS, &keysize, sizeof(keysize) }, { CKA_PUBLIC_EXPONENT, &publicExponent, sizeof(publicExponent)} }; CK_ATTRIBUTE privateKeyTemplate[] = { { CKA_LABEL,(CK_UTF8CHAR *) id_str, strlen (id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_SIGN, &ctrue, sizeof (ctrue) }, { CKA_DECRYPT, &cfalse, sizeof (cfalse) }, { CKA_UNWRAP, &cfalse, sizeof (cfalse) }, { CKA_SENSITIVE, &ctrue, sizeof (ctrue) }, { CKA_TOKEN, &ctrue, sizeof (ctrue) }, { CKA_PRIVATE, &ctrue, sizeof (ctrue) }, { CKA_EXTRACTABLE, &cextractable, sizeof (cextractable) } }; rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateKeyPair(session->session, &mechanism, publicKeyTemplate, 9, privateKeyTemplate, 10, &publicKey, &privateKey); if (hsm_pkcs11_check_error(ctx, rv, "generate key pair")) { return NULL; } new_key = libhsm_key_new(); new_key->modulename = strdup(session->module->name); if (session->module->config->use_pubkey) { new_key->public_key = publicKey; } else { /* Destroy the object directly in order to optimize storage in HSM */ /* Ignore return value, it is just a session object and will be destroyed later */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_DestroyObject(session->session, publicKey); new_key->public_key = 0; } new_key->private_key = privateKey; return new_key; } libhsm_key_t * hsm_generate_dsa_key(hsm_ctx_t *ctx, const char *repository, unsigned long keysize) { CK_RV rv; libhsm_key_t *new_key; hsm_session_t *session; CK_OBJECT_HANDLE domainPar, publicKey, privateKey; CK_BBOOL ctrue = CK_TRUE; CK_BBOOL cfalse = CK_FALSE; CK_BBOOL cextractable = CK_FALSE; /* ids we create are 16 bytes of data */ unsigned char id[16]; /* that's 33 bytes in string (16*2 + 1 for \0) */ char id_str[33]; session = hsm_find_repository_session(ctx, repository); if (!session) return NULL; cextractable = session->module->config->allow_extract ? CK_TRUE : CK_FALSE; generate_unique_id(ctx, id, 16); /* the CKA_LABEL will contain a hexadecimal string representation * of the id */ hsm_hex_unparse(id_str, id, 16); CK_KEY_TYPE keyType = CKK_DSA; CK_MECHANISM mechanism1 = { CKM_DSA_PARAMETER_GEN, NULL_PTR, 0 }; CK_MECHANISM mechanism2 = { CKM_DSA_KEY_PAIR_GEN, NULL_PTR, 0 }; /* The maximum size for DSA in DNSSEC */ CK_BYTE dsa_p[128]; CK_BYTE dsa_q[20]; CK_BYTE dsa_g[128]; CK_ATTRIBUTE domainTemplate[] = { { CKA_PRIME_BITS, &keysize, sizeof(keysize) } }; CK_ATTRIBUTE publicKeyTemplate[] = { { CKA_PRIME, dsa_p, sizeof(dsa_p) }, { CKA_SUBPRIME, dsa_q, sizeof(dsa_q) }, { CKA_BASE, dsa_g, sizeof(dsa_g) }, { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen(id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_VERIFY, &ctrue, sizeof(ctrue) }, { CKA_ENCRYPT, &cfalse, sizeof(cfalse) }, { CKA_WRAP, &cfalse, sizeof(cfalse) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) } }; CK_ATTRIBUTE privateKeyTemplate[] = { { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen (id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_SIGN, &ctrue, sizeof(ctrue) }, { CKA_DECRYPT, &cfalse, sizeof(cfalse) }, { CKA_UNWRAP, &cfalse, sizeof(cfalse) }, { CKA_SENSITIVE, &ctrue, sizeof(ctrue) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) }, { CKA_PRIVATE, &ctrue, sizeof(ctrue) }, { CKA_EXTRACTABLE, &cextractable, sizeof (cextractable) } }; cextractable = session->module->config->allow_extract ? CK_TRUE : CK_FALSE; /* Generate the domain parameters */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateKey(session->session, &mechanism1, domainTemplate, 1, &domainPar); if (hsm_pkcs11_check_error(ctx, rv, "generate domain parameters")) { return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GetAttributeValue(session->session, domainPar, publicKeyTemplate, 3); if (hsm_pkcs11_check_error(ctx, rv, "get domain parameters")) { return NULL; } rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_DestroyObject(session->session, domainPar); if (hsm_pkcs11_check_error(ctx, rv, "destroy domain parameters")) { return NULL; } /* Generate key pair */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateKeyPair(session->session, &mechanism2, publicKeyTemplate, 10, privateKeyTemplate, 10, &publicKey, &privateKey); if (hsm_pkcs11_check_error(ctx, rv, "generate key pair")) { return NULL; } new_key = libhsm_key_new(); new_key->modulename = strdup(session->module->name); new_key->public_key = publicKey; new_key->private_key = privateKey; return new_key; } libhsm_key_t * hsm_generate_gost_key(hsm_ctx_t *ctx, const char *repository) { CK_RV rv; libhsm_key_t *new_key; hsm_session_t *session; CK_OBJECT_HANDLE publicKey, privateKey; CK_BBOOL ctrue = CK_TRUE; CK_BBOOL cfalse = CK_FALSE; CK_BBOOL cextractable = CK_FALSE; /* ids we create are 16 bytes of data */ unsigned char id[16]; /* that's 33 bytes in string (16*2 + 1 for \0) */ char id_str[33]; session = hsm_find_repository_session(ctx, repository); if (!session) return NULL; cextractable = session->module->config->allow_extract ? CK_TRUE : CK_FALSE; generate_unique_id(ctx, id, 16); /* the CKA_LABEL will contain a hexadecimal string representation * of the id */ hsm_hex_unparse(id_str, id, 16); CK_KEY_TYPE keyType = CKK_GOSTR3410; CK_MECHANISM mechanism = { CKM_GOSTR3410_KEY_PAIR_GEN, NULL_PTR, 0 }; CK_BYTE oid1[] = { 0x06, 0x07, 0x2A, 0x85, 0x03, 0x02, 0x02, 0x23, 0x01 }; CK_BYTE oid2[] = { 0x06, 0x07, 0x2A, 0x85, 0x03, 0x02, 0x02, 0x1E, 0x01 }; CK_ATTRIBUTE publicKeyTemplate[] = { { CKA_GOSTR3410PARAMS, oid1, sizeof(oid1) }, { CKA_GOSTR3411PARAMS, oid2, sizeof(oid2) }, { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen(id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_VERIFY, &ctrue, sizeof(ctrue) }, { CKA_ENCRYPT, &cfalse, sizeof(cfalse) }, { CKA_WRAP, &cfalse, sizeof(cfalse) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) } }; CK_ATTRIBUTE privateKeyTemplate[] = { { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen (id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_SIGN, &ctrue, sizeof(ctrue) }, { CKA_DECRYPT, &cfalse, sizeof(cfalse) }, { CKA_UNWRAP, &cfalse, sizeof(cfalse) }, { CKA_SENSITIVE, &ctrue, sizeof(ctrue) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) }, { CKA_PRIVATE, &ctrue, sizeof(ctrue) }, { CKA_EXTRACTABLE, &cextractable, sizeof (cextractable) } }; /* Generate key pair */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateKeyPair(session->session, &mechanism, publicKeyTemplate, 9, privateKeyTemplate, 10, &publicKey, &privateKey); if (hsm_pkcs11_check_error(ctx, rv, "generate key pair")) { return NULL; } new_key = libhsm_key_new(); new_key->modulename = strdup(session->module->name); new_key->public_key = publicKey; new_key->private_key = privateKey; return new_key; } libhsm_key_t * hsm_generate_ecdsa_key(hsm_ctx_t *ctx, const char *repository, const char *curve) { CK_RV rv; libhsm_key_t *new_key; hsm_session_t *session; CK_OBJECT_HANDLE publicKey, privateKey; CK_BBOOL ctrue = CK_TRUE; CK_BBOOL cfalse = CK_FALSE; CK_BBOOL cextractable = CK_FALSE; /* ids we create are 16 bytes of data */ unsigned char id[16]; /* that's 33 bytes in string (16*2 + 1 for \0) */ char id_str[33]; session = hsm_find_repository_session(ctx, repository); if (!session) return NULL; cextractable = session->module->config->allow_extract ? CK_TRUE : CK_FALSE; generate_unique_id(ctx, id, 16); /* the CKA_LABEL will contain a hexadecimal string representation * of the id */ hsm_hex_unparse(id_str, id, 16); CK_KEY_TYPE keyType = CKK_EC; CK_MECHANISM mechanism = { CKM_EC_KEY_PAIR_GEN, NULL_PTR, 0 }; CK_BYTE oidP256[] = { 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07 }; CK_BYTE oidP384[] = { 0x06, 0x05, 0x2B, 0x81, 0x04, 0x00, 0x22 }; CK_ATTRIBUTE publicKeyTemplate[] = { { CKA_EC_PARAMS, NULL, 0 }, { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen(id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_VERIFY, &ctrue, sizeof(ctrue) }, { CKA_ENCRYPT, &cfalse, sizeof(cfalse) }, { CKA_WRAP, &cfalse, sizeof(cfalse) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) } }; CK_ATTRIBUTE privateKeyTemplate[] = { { CKA_LABEL,(CK_UTF8CHAR*) id_str, strlen (id_str) }, { CKA_ID, id, 16 }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_SIGN, &ctrue, sizeof(ctrue) }, { CKA_DECRYPT, &cfalse, sizeof(cfalse) }, { CKA_UNWRAP, &cfalse, sizeof(cfalse) }, { CKA_SENSITIVE, &ctrue, sizeof(ctrue) }, { CKA_TOKEN, &ctrue, sizeof(ctrue) }, { CKA_PRIVATE, &ctrue, sizeof(ctrue) }, { CKA_EXTRACTABLE, &cextractable, sizeof (cextractable) } }; /* Select the curve */ if (strcmp(curve, "P-256") == 0) { publicKeyTemplate[0].pValue = oidP256; publicKeyTemplate[0].ulValueLen = sizeof(oidP256); } else if (strcmp(curve, "P-384") == 0) { publicKeyTemplate[0].pValue = oidP384; publicKeyTemplate[0].ulValueLen = sizeof(oidP384); } else { return NULL; } /* Generate key pair */ rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateKeyPair(session->session, &mechanism, publicKeyTemplate, 8, privateKeyTemplate, 10, &publicKey, &privateKey); if (hsm_pkcs11_check_error(ctx, rv, "generate key pair")) { return NULL; } new_key = libhsm_key_new(); new_key->modulename = strdup(session->module->name); new_key->public_key = publicKey; new_key->private_key = privateKey; return new_key; } int hsm_remove_key(hsm_ctx_t *ctx, libhsm_key_t *key) { CK_RV rv; hsm_session_t *session; if (!key) return -1; session = hsm_find_key_session(ctx, key); if (!session) return -2; rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_DestroyObject(session->session, key->private_key); if (hsm_pkcs11_check_error(ctx, rv, "Destroy private key")) { return -3; } key->private_key = 0; if (key->public_key) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_DestroyObject(session->session, key->public_key); if (hsm_pkcs11_check_error(ctx, rv, "Destroy public key")) { return -4; } } key->public_key = 0; return 0; } void libhsm_key_list_free(libhsm_key_t **key_list, size_t count) { size_t i; for (i = 0; i < count; i++) { libhsm_key_free(key_list[i]); } free(key_list); } char * hsm_get_key_id(hsm_ctx_t *ctx, const libhsm_key_t *key) { unsigned char *id; char *id_str; size_t len; hsm_session_t *session; if (!key) return NULL; session = hsm_find_key_session(ctx, key); if (!session) return NULL; id = hsm_get_id_for_object(ctx, session, key->private_key, &len); if (!id) return NULL; /* this is plain binary data, we need to convert it to hex */ id_str = malloc(len * 2 + 1); if (!id_str) { free(id); return NULL; } hsm_hex_unparse(id_str, id, len); free(id); return id_str; } libhsm_key_info_t * hsm_get_key_info(hsm_ctx_t *ctx, const libhsm_key_t *key) { libhsm_key_info_t *key_info; hsm_session_t *session; session = hsm_find_key_session(ctx, key); if (!session) return NULL; key_info = malloc(sizeof(libhsm_key_info_t)); key_info->id = hsm_get_key_id(ctx, key); if (key_info->id == NULL) { key_info->id = strdup(""); } key_info->algorithm = (unsigned long) hsm_get_key_algorithm(ctx, session, key); key_info->keysize = (unsigned long) hsm_get_key_size(ctx, session, key, key_info->algorithm); switch(key_info->algorithm) { case CKK_RSA: key_info->algorithm_name = strdup("RSA"); break; case CKK_DSA: key_info->algorithm_name = strdup("DSA"); break; case CKK_GOSTR3410: key_info->algorithm_name = strdup("GOST"); break; case CKK_EC: key_info->algorithm_name = strdup("ECDSA"); break; default: key_info->algorithm_name = malloc(HSM_MAX_ALGONAME); snprintf(key_info->algorithm_name, HSM_MAX_ALGONAME, "%lu", key_info->algorithm); break; } return key_info; } void libhsm_key_info_free(libhsm_key_info_t *key_info) { if (key_info) { if (key_info->id) { free(key_info->id); } if (key_info->algorithm_name) { free(key_info->algorithm_name); } free(key_info); } } ldns_rr* hsm_sign_rrset(hsm_ctx_t *ctx, const ldns_rr_list* rrset, const libhsm_key_t *key, const hsm_sign_params_t *sign_params) { ldns_rr *signature; ldns_buffer *sign_buf; ldns_rdf *b64_rdf; size_t i; if (!key) return NULL; if (!sign_params) return NULL; signature = hsm_create_empty_rrsig((ldns_rr_list *)rrset, sign_params); /* right now, we have: a key, a semi-sig and an rrset. For * which we can create the sig and base64 encode that and * add that to the signature */ sign_buf = ldns_buffer_new(LDNS_MAX_PACKETLEN); if (ldns_rrsig2buffer_wire(sign_buf, signature) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); /* ERROR */ ldns_rr_free(signature); return NULL; } /* make it canonical */ for(i = 0; i < ldns_rr_list_rr_count(rrset); i++) { ldns_rr2canonical(ldns_rr_list_rr(rrset, i)); } /* add the rrset in sign_buf */ if (ldns_rr_list2buffer_wire(sign_buf, rrset) != LDNS_STATUS_OK) { ldns_buffer_free(sign_buf); ldns_rr_free(signature); return NULL; } b64_rdf = hsm_sign_buffer(ctx, sign_buf, key, sign_params->algorithm); ldns_buffer_free(sign_buf); if (!b64_rdf) { /* signing went wrong */ ldns_rr_free(signature); return NULL; } ldns_rr_rrsig_set_sig(signature, b64_rdf); return signature; } int hsm_keytag(const char* loc, int alg, int ksk, uint16_t* keytag) { uint16_t tag; hsm_ctx_t *hsm_ctx; hsm_sign_params_t *sign_params; libhsm_key_t *hsmkey; ldns_rr *dnskey_rr; if (!loc) { return 1; } if (!(hsm_ctx = hsm_create_context())) { return 1; } if (!(sign_params = hsm_sign_params_new())) { hsm_destroy_context(hsm_ctx); return 1; } /* The owner name is not relevant for the keytag calculation. * However, a ldns_rdf_clone down the path will trip over it. */ sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "dummy"); sign_params->algorithm = (ldns_algorithm) alg; sign_params->flags = LDNS_KEY_ZONE_KEY; if (ksk) sign_params->flags |= LDNS_KEY_SEP_KEY; hsmkey = hsm_find_key_by_id(hsm_ctx, loc); if (!hsmkey) { hsm_sign_params_free(sign_params); hsm_destroy_context(hsm_ctx); return 1; } dnskey_rr = hsm_get_dnskey(hsm_ctx, hsmkey, sign_params); if (!dnskey_rr) { libhsm_key_free(hsmkey); hsm_sign_params_free(sign_params); hsm_destroy_context(hsm_ctx); return 1; } tag = ldns_calc_keytag(dnskey_rr); ldns_rr_free(dnskey_rr); libhsm_key_free(hsmkey); hsm_sign_params_free(sign_params); hsm_destroy_context(hsm_ctx); if (keytag) *keytag = tag; return 0; } ldns_rr * hsm_get_dnskey(hsm_ctx_t *ctx, const libhsm_key_t *key, const hsm_sign_params_t *sign_params) { /* CK_RV rv; */ ldns_rr *dnskey; hsm_session_t *session; ldns_rdf *rdata; if (!key) { hsm_ctx_set_error(ctx, -1, "hsm_get_dnskey()", "Got NULL key"); return NULL; } if (!sign_params) { hsm_ctx_set_error(ctx, -1, "hsm_get_dnskey()", "Got NULL sign_params"); return NULL; } session = hsm_find_key_session(ctx, key); if (!session) return NULL; dnskey = ldns_rr_new(); ldns_rr_set_type(dnskey, LDNS_RR_TYPE_DNSKEY); ldns_rr_set_owner(dnskey, ldns_rdf_clone(sign_params->owner)); ldns_rr_push_rdf(dnskey, ldns_native2rdf_int16(LDNS_RDF_TYPE_INT16, sign_params->flags)); ldns_rr_push_rdf(dnskey, ldns_native2rdf_int8(LDNS_RDF_TYPE_INT8, LDNS_DNSSEC_KEYPROTO)); ldns_rr_push_rdf(dnskey, ldns_native2rdf_int8(LDNS_RDF_TYPE_ALG, sign_params->algorithm)); rdata = hsm_get_key_rdata(ctx, session, key); if (rdata == NULL) { ldns_rr_free(dnskey); return NULL; } ldns_rr_push_rdf(dnskey, rdata); return dnskey; } int hsm_random_buffer(hsm_ctx_t *ctx, unsigned char *buffer, unsigned long length) { CK_RV rv; unsigned int i; hsm_session_t *session; if (!buffer) return -1; /* just try every attached token. If one errors (be it NO_RNG, or * any other error, simply try the next */ for (i = 0; i < ctx->session_count; i++) { session = ctx->session[i]; if (session) { rv = ((CK_FUNCTION_LIST_PTR)session->module->sym)->C_GenerateRandom( session->session, buffer, length); if (rv == CKR_OK) { return 0; } } } return 1; } uint32_t hsm_random32(hsm_ctx_t *ctx) { uint32_t rnd; int result; unsigned char rnd_buf[4]; result = hsm_random_buffer(ctx, rnd_buf, 4); if (result == 0) { memcpy(&rnd, rnd_buf, 4); return rnd; } else { return 0; } } uint64_t hsm_random64(hsm_ctx_t *ctx) { uint64_t rnd; int result; unsigned char rnd_buf[8]; result = hsm_random_buffer(ctx, rnd_buf, 8); if (result == 0) { memcpy(&rnd, rnd_buf, 8); return rnd; } else { return 0; } } /* * Additional functions */ int hsm_attach(const char *repository, const char *token_label, const char *path, const char *pin, const hsm_config_t *config) { hsm_session_t *session; int result; result = hsm_session_init(_hsm_ctx, &session, repository, token_label, path, pin, config); if (result == HSM_OK) { result = hsm_ctx_add_session(_hsm_ctx, session); } return result; } int hsm_token_attached(hsm_ctx_t *ctx, const char *repository) { unsigned int i; for (i = 0; i < ctx->session_count; i++) { if (ctx->session[i] && strcmp(ctx->session[i]->module->name, repository) == 0) { return 1; } } hsm_ctx_set_error(ctx, HSM_REPOSITORY_NOT_FOUND, "hsm_token_attached()", "Can't find repository: %s", repository); return 0; } char * hsm_get_error(hsm_ctx_t *gctx) { hsm_ctx_t *ctx; char *message; if (!gctx) { ctx = _hsm_ctx; } else { ctx = gctx; } if (ctx->error) { ctx->error = 0; message = malloc(HSM_ERROR_MSGSIZE); if (message == NULL) { return strdup("libhsm memory allocation failed"); } snprintf(message, HSM_ERROR_MSGSIZE, "%s: %s", ctx->error_action ? ctx->error_action : "unknown()", ctx->error_message[0] ? ctx->error_message : "unknown error"); return message; }; return NULL; } void hsm_print_session(hsm_session_t *session) { printf("\t\tmodule at %p (sym %p)\n", (void *) session->module, (void *) session->module->sym); printf("\t\tmodule path: %s\n", session->module->path); printf("\t\trepository name: %s\n", session->module->name); printf("\t\ttoken label: %s\n", session->module->token_label); printf("\t\tsess handle: %u\n", (unsigned int) session->session); } void hsm_print_ctx(hsm_ctx_t *ctx) { unsigned int i; printf("CTX Sessions: %lu\n", (long unsigned int) ctx->session_count); for (i = 0; i < ctx->session_count; i++) { printf("\tSession at %p\n", (void *) ctx->session[i]); hsm_print_session(ctx->session[i]); } } void hsm_print_key(hsm_ctx_t *ctx, libhsm_key_t *key) { libhsm_key_info_t *key_info; if (key) { key_info = hsm_get_key_info(ctx, key); if (key_info) { printf("key:\n"); printf("\tprivkey handle: %u\n", (unsigned int) key->private_key); if (key->public_key) { printf("\tpubkey handle: %u\n", (unsigned int) key->public_key); } else { printf("\tpubkey handle: %s\n", "NULL"); } printf("\trepository: %s\n", key->modulename); printf("\talgorithm: %s\n", key_info->algorithm_name); printf("\tsize: %lu\n", key_info->keysize); printf("\tid: %s\n", key_info->id); libhsm_key_info_free(key_info); } else { printf("key: hsm_get_key_info() returned NULL\n"); } } else { printf("key: \n"); } } void hsm_print_error(hsm_ctx_t *gctx) { char *message; message = hsm_get_error(gctx); if (message) { fprintf(stderr, "%s\n", message); free(message); } else { fprintf(stderr, "Unknown error\n"); } } void hsm_print_tokeninfo(hsm_ctx_t *ctx) { CK_RV rv; CK_SLOT_ID slot_id; CK_TOKEN_INFO token_info; unsigned int i; hsm_session_t *session; int result; for (i = 0; i < ctx->session_count; i++) { session = ctx->session[i]; result = hsm_get_slot_id(ctx, session->module->sym, session->module->token_label, &slot_id); if (result != HSM_OK) return; rv = ((CK_FUNCTION_LIST_PTR) session->module->sym)->C_GetTokenInfo(slot_id, &token_info); if (hsm_pkcs11_check_error(ctx, rv, "C_GetTokenInfo")) { return; } printf("Repository: %s\n",session->module->name); printf("\tModule: %s\n", session->module->path); printf("\tSlot: %lu\n", slot_id); printf("\tToken Label: %.*s\n", (int) sizeof(token_info.label), token_info.label); printf("\tManufacturer: %.*s\n", (int) sizeof(token_info.manufacturerID), token_info.manufacturerID); printf("\tModel: %.*s\n", (int) sizeof(token_info.model), token_info.model); printf("\tSerial: %.*s\n", (int) sizeof(token_info.serialNumber), token_info.serialNumber); if (i + 1 != ctx->session_count) printf("\n"); } } static int keycache_cmpfunc(const void* a, const void* b) { const char* x = (const char*)a; const char* y = (const char*)b; return strcmp(x, y); } static void keycache_delfunc(ldns_rbnode_t* node, void* cargo) { (void)cargo; free((void*)node->key); free(((libhsm_key_t*)node->data)->modulename); free((void*)node->data); free((void*)node); } void keycache_create(hsm_ctx_t* ctx) { ctx->keycache = ldns_rbtree_create(keycache_cmpfunc); _hsm_ctx->keycache_lock = malloc(sizeof (pthread_mutex_t)); pthread_mutex_init(_hsm_ctx->keycache_lock, NULL); } void keycache_destroy(hsm_ctx_t* ctx) { ldns_traverse_postorder(ctx->keycache, keycache_delfunc, NULL); ldns_rbtree_free(ctx->keycache); pthread_mutex_destroy(ctx->keycache_lock); free(ctx->keycache_lock); ctx->keycache_lock = NULL; } const libhsm_key_t* keycache_lookup(hsm_ctx_t* ctx, const char* locator) { ldns_rbnode_t* node; pthread_mutex_lock(ctx->keycache_lock); node = ldns_rbtree_search(ctx->keycache, locator); pthread_mutex_unlock(ctx->keycache_lock); if (node == LDNS_RBTREE_NULL || node == NULL) { libhsm_key_t* key; if ((key = hsm_find_key_by_id(ctx, locator)) == NULL) { node = NULL; } else { node = malloc(sizeof(ldns_rbnode_t)); node->key = strdup(locator); node->data = key; pthread_mutex_lock(ctx->keycache_lock); node = ldns_rbtree_insert(ctx->keycache, node); pthread_mutex_unlock(ctx->keycache_lock); } } if (node == LDNS_RBTREE_NULL || node == NULL) return NULL; else return node->data; } opendnssec-2.1.5/libhsm/src/Makefile.am0000644000202300020240000000010013560310771014661 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in SUBDIRS = lib bin opendnssec-2.1.5/libhsm/src/Makefile.in0000644000202300020240000005512313560311314014703 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = libhsm/src ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ ctags-recursive dvi-recursive html-recursive info-recursive \ install-data-recursive install-dvi-recursive \ install-exec-recursive install-html-recursive \ install-info-recursive install-pdf-recursive \ install-ps-recursive install-recursive installcheck-recursive \ installdirs-recursive pdf-recursive ps-recursive \ tags-recursive uninstall-recursive am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive am__recursive_targets = \ $(RECURSIVE_TARGETS) \ $(RECURSIVE_CLEAN_TARGETS) \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ distdir distdir-am am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DIST_SUBDIRS = $(SUBDIRS) am__DIST_COMMON = $(srcdir)/Makefile.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ dir0=`pwd`; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \ sed_rest='s,^[^/]*/*,,'; \ sed_last='s,^.*/\([^/]*\)$$,\1,'; \ sed_butlast='s,/*[^/]*$$,,'; \ while test -n "$$dir1"; do \ first=`echo "$$dir1" | sed -e "$$sed_first"`; \ if test "$$first" != "."; then \ if test "$$first" = ".."; then \ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ else \ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ if test "$$first2" = "$$first"; then \ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ else \ dir2="../$$dir2"; \ fi; \ dir0="$$dir0"/"$$first"; \ fi; \ fi; \ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ done; \ reldir="$$dir2" ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in SUBDIRS = lib bin all: all-recursive .SUFFIXES: $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libhsm/src/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign libhsm/src/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs # This directory's subdirectories are mostly independent; you can cd # into them and run 'make' without going through this Makefile. # To change the values of 'make' variables: instead of editing Makefiles, # (1) if the variable is set in 'config.status', edit 'config.status' # (which will cause the Makefiles to be regenerated when you run 'make'); # (2) otherwise, pass the desired values on the 'make' command line. $(am__recursive_targets): @fail=; \ if $(am__make_keepgoing); then \ failcom='fail=yes'; \ else \ failcom='exit 1'; \ fi; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ *) list='$(SUBDIRS)' ;; \ esac; \ for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ local_target="$$target-am"; \ else \ local_target="$$target"; \ fi; \ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-recursive TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ empty_fix=.; \ else \ include_option=--include; \ empty_fix=; \ fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-recursive CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-recursive cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ $(am__make_dryrun) \ || test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ $(am__relativize); \ new_distdir=$$reldir; \ dir1=$$subdir; dir2="$(top_distdir)"; \ $(am__relativize); \ new_top_distdir=$$reldir; \ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$$new_top_distdir" \ distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ done check-am: all-am check: check-recursive all-am: Makefile installdirs: installdirs-recursive installdirs-am: install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive uninstall: uninstall-recursive install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-recursive install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-recursive clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-recursive -rm -f Makefile distclean-am: clean-am distclean-generic distclean-tags dvi: dvi-recursive dvi-am: html: html-recursive html-am: info: info-recursive info-am: install-data-am: install-dvi: install-dvi-recursive install-dvi-am: install-exec-am: install-html: install-html-recursive install-html-am: install-info: install-info-recursive install-info-am: install-man: install-pdf: install-pdf-recursive install-pdf-am: install-ps: install-ps-recursive install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-recursive -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-generic mostlyclean-libtool pdf: pdf-recursive pdf-am: ps: ps-recursive ps-am: uninstall-am: .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ check-am clean clean-generic clean-libtool cscopelist-am ctags \ ctags-am distclean distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \ install-strip installcheck installcheck-am installdirs \ installdirs-am maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ ps ps-am tags tags-am uninstall uninstall-am .PRECIOUS: Makefile # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/libhsm/Makefile.am0000644000202300020240000000045413560310771014106 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in SUBDIRS = src checks doxygen: rm -fr $(top_builddir)/libhsm/doxygen-doc env $(DX_ENV) \ PROJECT_NAME="OpenDNSSEC-libhsm" \ SRCDIR=$(top_srcdir)/libhsm \ OUTPUTDIR=$(top_builddir)/libhsm/doxygen-doc \ $(DX_DOXYGEN) $(top_builddir)/$(DX_CONFIG) opendnssec-2.1.5/libhsm/Makefile.in0000644000202300020240000005546313560311314014123 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = libhsm ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = SOURCES = DIST_SOURCES = RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ ctags-recursive dvi-recursive html-recursive info-recursive \ install-data-recursive install-dvi-recursive \ install-exec-recursive install-html-recursive \ install-info-recursive install-pdf-recursive \ install-ps-recursive install-recursive installcheck-recursive \ installdirs-recursive pdf-recursive ps-recursive \ tags-recursive uninstall-recursive am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive \ distclean-recursive maintainer-clean-recursive am__recursive_targets = \ $(RECURSIVE_TARGETS) \ $(RECURSIVE_CLEAN_TARGETS) \ $(am__extra_recursive_targets) AM_RECURSIVE_TARGETS = $(am__recursive_targets:-recursive=) TAGS CTAGS \ distdir distdir-am am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags DIST_SUBDIRS = $(SUBDIRS) am__DIST_COMMON = $(srcdir)/Makefile.in DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) am__relativize = \ dir0=`pwd`; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \ sed_rest='s,^[^/]*/*,,'; \ sed_last='s,^.*/\([^/]*\)$$,\1,'; \ sed_butlast='s,/*[^/]*$$,,'; \ while test -n "$$dir1"; do \ first=`echo "$$dir1" | sed -e "$$sed_first"`; \ if test "$$first" != "."; then \ if test "$$first" = ".."; then \ dir2=`echo "$$dir0" | sed -e "$$sed_last"`/"$$dir2"; \ dir0=`echo "$$dir0" | sed -e "$$sed_butlast"`; \ else \ first2=`echo "$$dir2" | sed -e "$$sed_first"`; \ if test "$$first2" = "$$first"; then \ dir2=`echo "$$dir2" | sed -e "$$sed_rest"`; \ else \ dir2="../$$dir2"; \ fi; \ dir0="$$dir0"/"$$first"; \ fi; \ fi; \ dir1=`echo "$$dir1" | sed -e "$$sed_rest"`; \ done; \ reldir="$$dir2" ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in SUBDIRS = src checks all: all-recursive .SUFFIXES: $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libhsm/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign libhsm/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs # This directory's subdirectories are mostly independent; you can cd # into them and run 'make' without going through this Makefile. # To change the values of 'make' variables: instead of editing Makefiles, # (1) if the variable is set in 'config.status', edit 'config.status' # (which will cause the Makefiles to be regenerated when you run 'make'); # (2) otherwise, pass the desired values on the 'make' command line. $(am__recursive_targets): @fail=; \ if $(am__make_keepgoing); then \ failcom='fail=yes'; \ else \ failcom='exit 1'; \ fi; \ dot_seen=no; \ target=`echo $@ | sed s/-recursive//`; \ case "$@" in \ distclean-* | maintainer-clean-*) list='$(DIST_SUBDIRS)' ;; \ *) list='$(SUBDIRS)' ;; \ esac; \ for subdir in $$list; do \ echo "Making $$target in $$subdir"; \ if test "$$subdir" = "."; then \ dot_seen=yes; \ local_target="$$target-am"; \ else \ local_target="$$target"; \ fi; \ ($(am__cd) $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ || eval $$failcom; \ done; \ if test "$$dot_seen" = "no"; then \ $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ fi; test -z "$$fail" ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-recursive TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ if ($(ETAGS) --etags-include --version) >/dev/null 2>&1; then \ include_option=--etags-include; \ empty_fix=.; \ else \ include_option=--include; \ empty_fix=; \ fi; \ list='$(SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ test ! -f $$subdir/TAGS || \ set "$$@" "$$include_option=$$here/$$subdir/TAGS"; \ fi; \ done; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-recursive CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-recursive cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done @list='$(DIST_SUBDIRS)'; for subdir in $$list; do \ if test "$$subdir" = .; then :; else \ $(am__make_dryrun) \ || test -d "$(distdir)/$$subdir" \ || $(MKDIR_P) "$(distdir)/$$subdir" \ || exit 1; \ dir1=$$subdir; dir2="$(distdir)/$$subdir"; \ $(am__relativize); \ new_distdir=$$reldir; \ dir1=$$subdir; dir2="$(top_distdir)"; \ $(am__relativize); \ new_top_distdir=$$reldir; \ echo " (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir="$$new_top_distdir" distdir="$$new_distdir" \\"; \ echo " am__remove_distdir=: am__skip_length_check=: am__skip_mode_fix=: distdir)"; \ ($(am__cd) $$subdir && \ $(MAKE) $(AM_MAKEFLAGS) \ top_distdir="$$new_top_distdir" \ distdir="$$new_distdir" \ am__remove_distdir=: \ am__skip_length_check=: \ am__skip_mode_fix=: \ distdir) \ || exit 1; \ fi; \ done check-am: all-am check: check-recursive all-am: Makefile installdirs: installdirs-recursive installdirs-am: install: install-recursive install-exec: install-exec-recursive install-data: install-data-recursive uninstall: uninstall-recursive install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-recursive install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-recursive clean-am: clean-generic clean-libtool mostlyclean-am distclean: distclean-recursive -rm -f Makefile distclean-am: clean-am distclean-generic distclean-tags dvi: dvi-recursive dvi-am: html: html-recursive html-am: info: info-recursive info-am: install-data-am: install-dvi: install-dvi-recursive install-dvi-am: install-exec-am: install-html: install-html-recursive install-html-am: install-info: install-info-recursive install-info-am: install-man: install-pdf: install-pdf-recursive install-pdf-am: install-ps: install-ps-recursive install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-recursive -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-recursive mostlyclean-am: mostlyclean-generic mostlyclean-libtool pdf: pdf-recursive pdf-am: ps: ps-recursive ps-am: uninstall-am: .MAKE: $(am__recursive_targets) install-am install-strip .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am check \ check-am clean clean-generic clean-libtool cscopelist-am ctags \ ctags-am distclean distclean-generic distclean-libtool \ distclean-tags distdir dvi dvi-am html html-am info info-am \ install install-am install-data install-data-am install-dvi \ install-dvi-am install-exec install-exec-am install-html \ install-html-am install-info install-info-am install-man \ install-pdf install-pdf-am install-ps install-ps-am \ install-strip installcheck installcheck-am installdirs \ installdirs-am maintainer-clean maintainer-clean-generic \ mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \ ps ps-am tags tags-am uninstall uninstall-am .PRECIOUS: Makefile doxygen: rm -fr $(top_builddir)/libhsm/doxygen-doc env $(DX_ENV) \ PROJECT_NAME="OpenDNSSEC-libhsm" \ SRCDIR=$(top_srcdir)/libhsm \ OUTPUTDIR=$(top_builddir)/libhsm/doxygen-doc \ $(DX_DOXYGEN) $(top_builddir)/$(DX_CONFIG) # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/libhsm/checks/0000755000202300020240000000000013560311326013364 500000000000000opendnssec-2.1.5/libhsm/checks/conf-aepkeyper.xml.in0000644000202300020240000000040613560310771017346 00000000000000 @pkcs11_aepkeyper_module@ OpenDNSSEC 123456 opendnssec-2.1.5/libhsm/checks/confparser.c0000644000202300020240000001232413560311035015611 00000000000000/* * Copyright (c) 2009 NLNet Labs. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /** * Parsing configuration files. * */ #include "config.h" #include "compat.h" #include "log.h" #include "status.h" #include #include #include #include #include #include "libhsm.h" static const char* parser_str = "parser"; /** * Parse the repositories. * */ hsm_repository_t* parse_conf_repositories(const char* cfgfile) { xmlDocPtr doc = NULL; xmlXPathContextPtr xpathCtx = NULL; xmlXPathObjectPtr xpathObj = NULL; xmlNode* curNode = NULL; xmlChar* xexpr = NULL; int i; char* name; char* module; char* tokenlabel; char* pin; uint8_t use_pubkey; uint8_t allowextract; int require_backup; hsm_repository_t* rlist = NULL; hsm_repository_t* repo = NULL; /* Load XML document */ doc = xmlParseFile(cfgfile); if (doc == NULL) { ods_log_error("[%s] could not parse : " "xmlParseFile() failed", parser_str); return NULL; } /* Create xpath evaluation context */ xpathCtx = xmlXPathNewContext(doc); if(xpathCtx == NULL) { xmlFreeDoc(doc); ods_log_error("[%s] could not parse : " "xmlXPathNewContext() failed", parser_str); return NULL; } /* Evaluate xpath expression */ xexpr = (xmlChar*) "//Configuration/RepositoryList/Repository"; xpathObj = xmlXPathEvalExpression(xexpr, xpathCtx); if(xpathObj == NULL) { xmlXPathFreeContext(xpathCtx); xmlFreeDoc(doc); ods_log_error("[%s] could not parse : " "xmlXPathEvalExpression failed", parser_str); return NULL; } /* Parse repositories */ if (xpathObj->nodesetval && xpathObj->nodesetval->nodeNr > 0) { for (i = 0; i < xpathObj->nodesetval->nodeNr; i++) { repo = NULL; name = NULL; module = NULL; tokenlabel = NULL; pin = NULL; use_pubkey = 1; allowextract = 0; require_backup = 0; curNode = xpathObj->nodesetval->nodeTab[i]->xmlChildrenNode; name = (char *) xmlGetProp(xpathObj->nodesetval->nodeTab[i], (const xmlChar *)"name"); while (curNode) { if (xmlStrEqual(curNode->name, (const xmlChar *)"RequireBackup")) require_backup = 1; if (xmlStrEqual(curNode->name, (const xmlChar *)"Module")) module = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"TokenLabel")) tokenlabel = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"PIN")) pin = (char *) xmlNodeGetContent(curNode); if (xmlStrEqual(curNode->name, (const xmlChar *)"SkipPublicKey")) use_pubkey = 0; if (xmlStrEqual(curNode->name, (const xmlChar *)"AllowExtraction")) allowextract = 1; curNode = curNode->next; } if (name && module && tokenlabel) { repo = hsm_repository_new(name, module, tokenlabel, pin, use_pubkey, allowextract, require_backup); } if (!repo) { ods_log_error("[%s] unable to add %s repository: " "hsm_repository_new() failed", parser_str, name?name:"-"); } else { repo->next = rlist; rlist = repo; ods_log_debug("[%s] added %s repository to repositorylist", parser_str, name); } free((void*)name); free((void*)module); free((void*)tokenlabel); } } xmlXPathFreeObject(xpathObj); xmlXPathFreeContext(xpathCtx); if (doc) { xmlFreeDoc(doc); } return rlist; } opendnssec-2.1.5/libhsm/checks/conf-etoken.xml.in0000644000202300020240000000044113560310771016645 00000000000000 @pkcs11_etoken_module@ OpenDNSSEC test.1234 10 opendnssec-2.1.5/libhsm/checks/conf-aepkeyper.xml0000644000202300020240000000042113560311325016732 00000000000000 /opt/Keyper/PKCS11Provider/pkcs11.so OpenDNSSEC 123456 opendnssec-2.1.5/libhsm/checks/conf-opensc.xml0000644000202300020240000000041313560311325016235 00000000000000 /usr/lib/pkcs11/opensc-pkcs11.so OpenDNSSEC 1234 opendnssec-2.1.5/libhsm/checks/conf-softhsm.xml.in0000644000202300020240000000040113560310771017037 00000000000000 @pkcs11_softhsm_module@ softHSM 123456 opendnssec-2.1.5/libhsm/checks/conf-softhsm.xml0000644000202300020240000000041013560311325016426 00000000000000 /usr/lib/softhsm/libsofthsm.so softHSM 123456 opendnssec-2.1.5/libhsm/checks/conf-ncipher.xml.in0000644000202300020240000000041013560310771017004 00000000000000 @pkcs11_ncipher_module@ OpenDNSSEC 1234567890 opendnssec-2.1.5/libhsm/checks/softhsm2.conf0000644000202300020240000000007113560310771015721 00000000000000directories.tokendir = tokens objectstore.backend = file opendnssec-2.1.5/libhsm/checks/hsmcheck.c0000644000202300020240000001520013560311035015230 00000000000000/* * Copyright (c) 2009 Nominet UK. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" #include #include #include #include #include "libhsm.h" #include extern char *optarg; char *progname = NULL; extern hsm_repository_t* parse_conf_repositories(const char* cfgfile); static void usage () { fprintf(stderr, "usage: %s [-c config] [-gsdr]\n", progname); } int main (int argc, char *argv[]) { int result; hsm_ctx_t *ctx; libhsm_key_t **keys; libhsm_key_t *key = NULL; char *id; size_t key_count = 0; size_t i; ldns_rr_list *rrset; ldns_rr *rr, *sig, *dnskey_rr; ldns_status status; hsm_sign_params_t *sign_params; int do_generate = 0; int do_sign = 0; int do_delete = 0; int do_random = 0; int res; uint32_t r32; uint64_t r64; char *config = NULL; const char *repository = "default"; int ch; progname = argv[0]; while ((ch = getopt(argc, argv, "hgsdrc:")) != -1) { switch (ch) { case 'c': config = strdup(optarg); break; case 'g': do_generate = 1; break; case 'h': usage(); exit(0); break; case 's': do_sign = 1; break; case 'd': do_delete = 1; break; case 'r': do_random = 1; break; default: usage(); exit(1); } } if (!config) { usage(); exit(1); } /* * Open HSM library */ fprintf(stdout, "Starting HSM lib test\n"); result = hsm_open2(parse_conf_repositories(config), hsm_prompt_pin); if (result != HSM_OK) { char* error = hsm_get_error(NULL); if (error != NULL) { fprintf(stderr,"%s\n", error); free(error); } } fprintf(stdout, "hsm_open result: %d\n", result); /* * Create HSM context */ ctx = hsm_create_context(); hsm_print_ctx(ctx); /* * Generate a new key OR find any key with an ID */ if (do_generate) { key = hsm_generate_rsa_key(ctx, repository, 1024); if (key) { printf("\nCreated key!\n"); hsm_print_key(ctx,key); printf("\n"); } else { printf("Error creating key, bad token name?\n"); hsm_print_error(ctx); exit(1); } } else if (do_sign || do_delete) { keys = hsm_list_keys(ctx, &key_count); printf("Found %u keys\n", (unsigned int) key_count); /* let's just use the very first key we find and throw away the rest */ for (i = 0; i < key_count && !key; i++) { printf("\nFound key!\n"); hsm_print_key(ctx,keys[i]); id = hsm_get_key_id(ctx, keys[i]); if (id) { printf("Using key ID: %s\n", id); free(key); key = hsm_find_key_by_id(ctx, id); printf("ptr: 0x%p\n", (void *) key); free(id); } else { printf("Got no key ID (broken key?), skipped...\n"); } libhsm_key_free(keys[i]); } free(keys); if (!key) { printf("Failed to find useful key\n"); exit(1); } } /* * Do some signing */ if (do_sign) { printf("\nSigning with:\n"); hsm_print_key(ctx,key); printf("\n"); rrset = ldns_rr_list_new(); status = ldns_rr_new_frm_str(&rr, "regress.opendnssec.se. IN A 123.123.123.123", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); status = ldns_rr_new_frm_str(&rr, "regress.opendnssec.se. IN A 124.124.124.124", 0, NULL, NULL); if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr); sign_params = hsm_sign_params_new(); sign_params->algorithm = LDNS_RSASHA1; sign_params->owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME, "opendnssec.se."); dnskey_rr = hsm_get_dnskey(ctx, key, sign_params); sign_params->keytag = ldns_calc_keytag(dnskey_rr); sig = hsm_sign_rrset(ctx, rrset, key, sign_params); if (sig) { ldns_rr_list_print(stdout, rrset); ldns_rr_print(stdout, sig); ldns_rr_print(stdout, dnskey_rr); ldns_rr_free(sig); } else { hsm_print_error(ctx); exit(-1); } /* cleanup */ ldns_rr_list_deep_free(rrset); hsm_sign_params_free(sign_params); ldns_rr_free(dnskey_rr); } /* * Delete key */ if (do_delete) { printf("\nDelete key:\n"); hsm_print_key(ctx, key); /* res = hsm_remove_key(ctx, key); */ res = hsm_remove_key(ctx, key); printf("Deleted key. Result: %d\n", res); printf("\n"); } free(key); /* * Test random{32,64} functions */ if (do_random) { r32 = hsm_random32(ctx); printf("random 32: %u\n", r32); r64 = hsm_random64(ctx); printf("random 64: %llu\n", (long long unsigned int)r64); } /* * Destroy HSM context */ hsm_destroy_context(ctx); /* * Close HSM library */ hsm_close(); fprintf(stdout, "all done! hsm_close result: %d\n", 0); if (config) free(config); return 0; } opendnssec-2.1.5/libhsm/checks/conf-multi.xml.in0000644000202300020240000000062213560310771016513 00000000000000 @pkcs11_softhsm_module@ softHSM 123456 @pkcs11_softhsm_module@ xyzzy 123456 opendnssec-2.1.5/libhsm/checks/Makefile.am0000644000202300020240000000266513560311035015346 00000000000000.PHONY: tokens MAINTAINERCLEANFILES = $(srcdir)/Makefile.in CLEANFILES = token.db othertoken.db LIBCOMPAT = ${top_builddir}/common/libcompat.a AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/../src/lib \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 EXTRA_DIST = *.xml $(srcdir)/softhsm2.conf noinst_PROGRAMS = hsmcheck hsmcheck_SOURCES = hsmcheck.c confparser.c hsmcheck_LDADD = ../src/lib/libhsm.a @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) hsmcheck_LDFLAGS = -no-install SOFTHSM_ENV = SOFTHSM2_CONF=$(srcdir)/softhsm2.conf tokens: rm -rf tokens mkdir tokens env $(SOFTHSM_ENV) \ softhsm2-util --slot 0 --init-token --label softHSM \ --so-pin 12345678 --pin 123456 env $(SOFTHSM_ENV) \ softhsm2-util --slot 1 --init-token --label xyzzy \ --so-pin 12345678 --pin 123456 check: regress-softhsm regress: @echo use target 'regress-{aepkeyper,sca6000,softhsm,etoken,opensc,ncipher,multi}' regress-aepkeyper: hsmcheck ./hsmcheck -c conf-aepkeyper.xml -gsdr regress-sca6000: hsmcheck ./hsmcheck -c conf-sca6000.xml -gsdr regress-softhsm: hsmcheck tokens env $(SOFTHSM_ENV) \ ./hsmcheck -c conf-softhsm.xml -gsdr regress-etoken: hsmcheck ./hsmcheck -c conf-etoken.xml -gsdr regress-opensc: hsmcheck ./hsmcheck -c conf-opensc.xml -gsdr regress-ncipher: hsmcheck ./hsmcheck -c conf-ncipher.xml -gsdr regress-multi: hsmcheck tokens env $(SOFTHSM_ENV) \ ./hsmcheck -c conf-multi.xml -gsdr opendnssec-2.1.5/libhsm/checks/conf-sca6000.xml0000644000202300020240000000040513560311325016023 00000000000000 /usr/lib/libpkcs11.so OpenDNSSEC test:1234 opendnssec-2.1.5/libhsm/checks/conf-multi.xml0000644000202300020240000000064013560311325016102 00000000000000 /usr/lib/softhsm/libsofthsm.so softHSM 123456 /usr/lib/softhsm/libsofthsm.so xyzzy 123456 opendnssec-2.1.5/libhsm/checks/conf-ncipher.xml0000644000202300020240000000043113560311325016376 00000000000000 /opt/nfast/toolkits/pkcs11/libcknfast.so OpenDNSSEC 1234567890 opendnssec-2.1.5/libhsm/checks/Makefile.in0000644000202300020240000006220613560311314015354 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ noinst_PROGRAMS = hsmcheck$(EXEEXT) subdir = libhsm/checks ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = conf-softhsm.xml conf-sca6000.xml conf-etoken.xml \ conf-multi.xml conf-opensc.xml conf-ncipher.xml \ conf-aepkeyper.xml CONFIG_CLEAN_VPATH_FILES = PROGRAMS = $(noinst_PROGRAMS) am_hsmcheck_OBJECTS = hsmcheck.$(OBJEXT) confparser.$(OBJEXT) hsmcheck_OBJECTS = $(am_hsmcheck_OBJECTS) hsmcheck_DEPENDENCIES = ../src/lib/libhsm.a $(LIBCOMPAT) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = hsmcheck_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(hsmcheck_LDFLAGS) $(LDFLAGS) -o $@ AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/common depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/confparser.Po \ ./$(DEPDIR)/hsmcheck.Po am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(hsmcheck_SOURCES) DIST_SOURCES = $(hsmcheck_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__DIST_COMMON = $(srcdir)/Makefile.in \ $(srcdir)/conf-aepkeyper.xml.in $(srcdir)/conf-etoken.xml.in \ $(srcdir)/conf-multi.xml.in $(srcdir)/conf-ncipher.xml.in \ $(srcdir)/conf-opensc.xml.in $(srcdir)/conf-sca6000.xml.in \ $(srcdir)/conf-softhsm.xml.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in CLEANFILES = token.db othertoken.db LIBCOMPAT = ${top_builddir}/common/libcompat.a AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ -I$(srcdir)/../src/lib \ @LDNS_INCLUDES@ @XML2_INCLUDES@ AM_CFLAGS = -std=c99 EXTRA_DIST = *.xml $(srcdir)/softhsm2.conf hsmcheck_SOURCES = hsmcheck.c confparser.c hsmcheck_LDADD = ../src/lib/libhsm.a @LDNS_LIBS@ @XML2_LIBS@ $(LIBCOMPAT) hsmcheck_LDFLAGS = -no-install SOFTHSM_ENV = SOFTHSM2_CONF=$(srcdir)/softhsm2.conf all: all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign libhsm/checks/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign libhsm/checks/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): conf-softhsm.xml: $(top_builddir)/config.status $(srcdir)/conf-softhsm.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-sca6000.xml: $(top_builddir)/config.status $(srcdir)/conf-sca6000.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-etoken.xml: $(top_builddir)/config.status $(srcdir)/conf-etoken.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-multi.xml: $(top_builddir)/config.status $(srcdir)/conf-multi.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-opensc.xml: $(top_builddir)/config.status $(srcdir)/conf-opensc.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-ncipher.xml: $(top_builddir)/config.status $(srcdir)/conf-ncipher.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ conf-aepkeyper.xml: $(top_builddir)/config.status $(srcdir)/conf-aepkeyper.xml.in cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ clean-noinstPROGRAMS: @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ echo " rm -f" $$list; \ rm -f $$list || exit $$?; \ test -n "$(EXEEXT)" || exit 0; \ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list hsmcheck$(EXEEXT): $(hsmcheck_OBJECTS) $(hsmcheck_DEPENDENCIES) $(EXTRA_hsmcheck_DEPENDENCIES) @rm -f hsmcheck$(EXEEXT) $(AM_V_CCLD)$(hsmcheck_LINK) $(hsmcheck_OBJECTS) $(hsmcheck_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/confparser.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hsmcheck.Po@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @echo '# dummy' >$@-t && $(am__mv) $@-t $@ am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am check: check-am all-am: Makefile $(PROGRAMS) installdirs: install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \ mostlyclean-am distclean: distclean-am -rm -f ./$(DEPDIR)/confparser.Po -rm -f ./$(DEPDIR)/hsmcheck.Po -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/confparser.Po -rm -f ./$(DEPDIR)/hsmcheck.Po -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: .MAKE: install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ clean-generic clean-libtool clean-noinstPROGRAMS cscopelist-am \ ctags ctags-am distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ install-data-am install-dvi install-dvi-am install-exec \ install-exec-am install-html install-html-am install-info \ install-info-am install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags tags-am uninstall uninstall-am .PRECIOUS: Makefile .PHONY: tokens tokens: rm -rf tokens mkdir tokens env $(SOFTHSM_ENV) \ softhsm2-util --slot 0 --init-token --label softHSM \ --so-pin 12345678 --pin 123456 env $(SOFTHSM_ENV) \ softhsm2-util --slot 1 --init-token --label xyzzy \ --so-pin 12345678 --pin 123456 check: regress-softhsm regress: @echo use target 'regress-{aepkeyper,sca6000,softhsm,etoken,opensc,ncipher,multi}' regress-aepkeyper: hsmcheck ./hsmcheck -c conf-aepkeyper.xml -gsdr regress-sca6000: hsmcheck ./hsmcheck -c conf-sca6000.xml -gsdr regress-softhsm: hsmcheck tokens env $(SOFTHSM_ENV) \ ./hsmcheck -c conf-softhsm.xml -gsdr regress-etoken: hsmcheck ./hsmcheck -c conf-etoken.xml -gsdr regress-opensc: hsmcheck ./hsmcheck -c conf-opensc.xml -gsdr regress-ncipher: hsmcheck ./hsmcheck -c conf-ncipher.xml -gsdr regress-multi: hsmcheck tokens env $(SOFTHSM_ENV) \ ./hsmcheck -c conf-multi.xml -gsdr # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/libhsm/checks/conf-opensc.xml.in0000644000202300020240000000040113560310771016643 00000000000000 @pkcs11_opensc_module@ OpenDNSSEC 1234 opendnssec-2.1.5/libhsm/checks/conf-sca6000.xml.in0000644000202300020240000000040713560310771016436 00000000000000 @pkcs11_sca6000_module@ OpenDNSSEC test:1234 opendnssec-2.1.5/libhsm/checks/conf-etoken.xml0000644000202300020240000000045013560311325016234 00000000000000 /usr/local/lib/libeTPkcs11.so OpenDNSSEC test.1234 10 opendnssec-2.1.5/README.md0000644000202300020240000000222513560311035012043 00000000000000# OpenDNSSEC ## Introduction OpenDNSSEC was created as an open-source turn-key solution for DNSSEC. It secures zone data just before it is published in an authoritative name server. ## More Information More informnation can be found at the project website available at http://www.opendnssec.org/ and on the development WIKI at http://wiki.opendnssec.org/. Information about announcements, bug reporting and mailing lists can be found at http://www.opendnssec.org/support/. ## Dependencies OpenDNSSEC depends on a number of external packages: - libxml2 (including xmllint) - LDNS - SQLite3 To run OpenDNSSEC, one must have at least one crypto module providing a PKCS#11 library, e.g. SoftHSM (http://www.opendnssec.org/softHSM) When building from the source code repository, the following dependencies are also needed: - A Java runtime environment (JRE/JDK) ## Building from the source code respository If the code is downloaded directly from the source code respository (git), you have to prepare the configuration scripts before continuing with build: 1. Install automake, autoconf and libtool. 2. Run the command autogen.sh to build configure scripts etc. opendnssec-2.1.5/ltmain.sh0000644000202300020240000117077313560311310012417 00000000000000#! /bin/sh ## DO NOT EDIT - This file generated from ./build-aux/ltmain.in ## by inline-source v2014-01-03.01 # libtool (GNU libtool) 2.4.6 # Provide generalized library-building support services. # Written by Gordon Matzigkeit , 1996 # Copyright (C) 1996-2015 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # GNU Libtool is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # As a special exception to the GNU General Public License, # if you distribute this file as part of a program or library that # is built using GNU Libtool, you may include this file under the # same distribution terms that you use for the rest of that program. # # GNU Libtool is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . PROGRAM=libtool PACKAGE=libtool VERSION=2.4.6 package_revision=2.4.6 ## ------ ## ## Usage. ## ## ------ ## # Run './libtool --help' for help with using this script from the # command line. ## ------------------------------- ## ## User overridable command paths. ## ## ------------------------------- ## # After configure completes, it has a better idea of some of the # shell tools we need than the defaults used by the functions shared # with bootstrap, so set those here where they can still be over- # ridden by the user, but otherwise take precedence. : ${AUTOCONF="autoconf"} : ${AUTOMAKE="automake"} ## -------------------------- ## ## Source external libraries. ## ## -------------------------- ## # Much of our low-level functionality needs to be sourced from external # libraries, which are installed to $pkgauxdir. # Set a version string for this script. scriptversion=2015-01-20.17; # UTC # General shell script boiler plate, and helper functions. # Written by Gary V. Vaughan, 2004 # Copyright (C) 2004-2015 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # As a special exception to the GNU General Public License, if you distribute # this file as part of a program or library that is built using GNU Libtool, # you may include this file under the same distribution terms that you use # for the rest of that program. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNES FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Please report bugs or propose patches to gary@gnu.org. ## ------ ## ## Usage. ## ## ------ ## # Evaluate this file near the top of your script to gain access to # the functions and variables defined here: # # . `echo "$0" | ${SED-sed} 's|[^/]*$||'`/build-aux/funclib.sh # # If you need to override any of the default environment variable # settings, do that before evaluating this file. ## -------------------- ## ## Shell normalisation. ## ## -------------------- ## # Some shells need a little help to be as Bourne compatible as possible. # Before doing anything else, make sure all that help has been provided! DUALCASE=1; export DUALCASE # for MKS sh if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else case `(set -o) 2>/dev/null` in *posix*) set -o posix ;; esac fi # NLS nuisances: We save the old values in case they are required later. _G_user_locale= _G_safe_locale= for _G_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES do eval "if test set = \"\${$_G_var+set}\"; then save_$_G_var=\$$_G_var $_G_var=C export $_G_var _G_user_locale=\"$_G_var=\\\$save_\$_G_var; \$_G_user_locale\" _G_safe_locale=\"$_G_var=C; \$_G_safe_locale\" fi" done # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH # Make sure IFS has a sensible default sp=' ' nl=' ' IFS="$sp $nl" # There are apparently some retarded systems that use ';' as a PATH separator! if test "${PATH_SEPARATOR+set}" != set; then PATH_SEPARATOR=: (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || PATH_SEPARATOR=';' } fi ## ------------------------- ## ## Locate command utilities. ## ## ------------------------- ## # func_executable_p FILE # ---------------------- # Check that FILE is an executable regular file. func_executable_p () { test -f "$1" && test -x "$1" } # func_path_progs PROGS_LIST CHECK_FUNC [PATH] # -------------------------------------------- # Search for either a program that responds to --version with output # containing "GNU", or else returned by CHECK_FUNC otherwise, by # trying all the directories in PATH with each of the elements of # PROGS_LIST. # # CHECK_FUNC should accept the path to a candidate program, and # set $func_check_prog_result if it truncates its output less than # $_G_path_prog_max characters. func_path_progs () { _G_progs_list=$1 _G_check_func=$2 _G_PATH=${3-"$PATH"} _G_path_prog_max=0 _G_path_prog_found=false _G_save_IFS=$IFS; IFS=${PATH_SEPARATOR-:} for _G_dir in $_G_PATH; do IFS=$_G_save_IFS test -z "$_G_dir" && _G_dir=. for _G_prog_name in $_G_progs_list; do for _exeext in '' .EXE; do _G_path_prog=$_G_dir/$_G_prog_name$_exeext func_executable_p "$_G_path_prog" || continue case `"$_G_path_prog" --version 2>&1` in *GNU*) func_path_progs_result=$_G_path_prog _G_path_prog_found=: ;; *) $_G_check_func $_G_path_prog func_path_progs_result=$func_check_prog_result ;; esac $_G_path_prog_found && break 3 done done done IFS=$_G_save_IFS test -z "$func_path_progs_result" && { echo "no acceptable sed could be found in \$PATH" >&2 exit 1 } } # We want to be able to use the functions in this file before configure # has figured out where the best binaries are kept, which means we have # to search for them ourselves - except when the results are already set # where we skip the searches. # Unless the user overrides by setting SED, search the path for either GNU # sed, or the sed that truncates its output the least. test -z "$SED" && { _G_sed_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ for _G_i in 1 2 3 4 5 6 7; do _G_sed_script=$_G_sed_script$nl$_G_sed_script done echo "$_G_sed_script" 2>/dev/null | sed 99q >conftest.sed _G_sed_script= func_check_prog_sed () { _G_path_prog=$1 _G_count=0 printf 0123456789 >conftest.in while : do cat conftest.in conftest.in >conftest.tmp mv conftest.tmp conftest.in cp conftest.in conftest.nl echo '' >> conftest.nl "$_G_path_prog" -f conftest.sed conftest.out 2>/dev/null || break diff conftest.out conftest.nl >/dev/null 2>&1 || break _G_count=`expr $_G_count + 1` if test "$_G_count" -gt "$_G_path_prog_max"; then # Best one so far, save it but keep looking for a better one func_check_prog_result=$_G_path_prog _G_path_prog_max=$_G_count fi # 10*(2^10) chars as input seems more than enough test 10 -lt "$_G_count" && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out } func_path_progs "sed gsed" func_check_prog_sed $PATH:/usr/xpg4/bin rm -f conftest.sed SED=$func_path_progs_result } # Unless the user overrides by setting GREP, search the path for either GNU # grep, or the grep that truncates its output the least. test -z "$GREP" && { func_check_prog_grep () { _G_path_prog=$1 _G_count=0 _G_path_prog_max=0 printf 0123456789 >conftest.in while : do cat conftest.in conftest.in >conftest.tmp mv conftest.tmp conftest.in cp conftest.in conftest.nl echo 'GREP' >> conftest.nl "$_G_path_prog" -e 'GREP$' -e '-(cannot match)-' conftest.out 2>/dev/null || break diff conftest.out conftest.nl >/dev/null 2>&1 || break _G_count=`expr $_G_count + 1` if test "$_G_count" -gt "$_G_path_prog_max"; then # Best one so far, save it but keep looking for a better one func_check_prog_result=$_G_path_prog _G_path_prog_max=$_G_count fi # 10*(2^10) chars as input seems more than enough test 10 -lt "$_G_count" && break done rm -f conftest.in conftest.tmp conftest.nl conftest.out } func_path_progs "grep ggrep" func_check_prog_grep $PATH:/usr/xpg4/bin GREP=$func_path_progs_result } ## ------------------------------- ## ## User overridable command paths. ## ## ------------------------------- ## # All uppercase variable names are used for environment variables. These # variables can be overridden by the user before calling a script that # uses them if a suitable command of that name is not already available # in the command search PATH. : ${CP="cp -f"} : ${ECHO="printf %s\n"} : ${EGREP="$GREP -E"} : ${FGREP="$GREP -F"} : ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} ## -------------------- ## ## Useful sed snippets. ## ## -------------------- ## sed_dirname='s|/[^/]*$||' sed_basename='s|^.*/||' # Sed substitution that helps us do robust quoting. It backslashifies # metacharacters that are still active within double-quoted strings. sed_quote_subst='s|\([`"$\\]\)|\\\1|g' # Same as above, but do not quote variable references. sed_double_quote_subst='s/\(["`\\]\)/\\\1/g' # Sed substitution that turns a string into a regex matching for the # string literally. sed_make_literal_regex='s|[].[^$\\*\/]|\\&|g' # Sed substitution that converts a w32 file name or path # that contains forward slashes, into one that contains # (escaped) backslashes. A very naive implementation. sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' # Re-'\' parameter expansions in output of sed_double_quote_subst that # were '\'-ed in input to the same. If an odd number of '\' preceded a # '$' in input to sed_double_quote_subst, that '$' was protected from # expansion. Since each input '\' is now two '\'s, look for any number # of runs of four '\'s followed by two '\'s and then a '$'. '\' that '$'. _G_bs='\\' _G_bs2='\\\\' _G_bs4='\\\\\\\\' _G_dollar='\$' sed_double_backslash="\ s/$_G_bs4/&\\ /g s/^$_G_bs2$_G_dollar/$_G_bs&/ s/\\([^$_G_bs]\\)$_G_bs2$_G_dollar/\\1$_G_bs2$_G_bs$_G_dollar/g s/\n//g" ## ----------------- ## ## Global variables. ## ## ----------------- ## # Except for the global variables explicitly listed below, the following # functions in the '^func_' namespace, and the '^require_' namespace # variables initialised in the 'Resource management' section, sourcing # this file will not pollute your global namespace with anything # else. There's no portable way to scope variables in Bourne shell # though, so actually running these functions will sometimes place # results into a variable named after the function, and often use # temporary variables in the '^_G_' namespace. If you are careful to # avoid using those namespaces casually in your sourcing script, things # should continue to work as you expect. And, of course, you can freely # overwrite any of the functions or variables defined here before # calling anything to customize them. EXIT_SUCCESS=0 EXIT_FAILURE=1 EXIT_MISMATCH=63 # $? = 63 is used to indicate version mismatch to missing. EXIT_SKIP=77 # $? = 77 is used to indicate a skipped test to automake. # Allow overriding, eg assuming that you follow the convention of # putting '$debug_cmd' at the start of all your functions, you can get # bash to show function call trace with: # # debug_cmd='eval echo "${FUNCNAME[0]} $*" >&2' bash your-script-name debug_cmd=${debug_cmd-":"} exit_cmd=: # By convention, finish your script with: # # exit $exit_status # # so that you can set exit_status to non-zero if you want to indicate # something went wrong during execution without actually bailing out at # the point of failure. exit_status=$EXIT_SUCCESS # Work around backward compatibility issue on IRIX 6.5. On IRIX 6.4+, sh # is ksh but when the shell is invoked as "sh" and the current value of # the _XPG environment variable is not equal to 1 (one), the special # positional parameter $0, within a function call, is the name of the # function. progpath=$0 # The name of this program. progname=`$ECHO "$progpath" |$SED "$sed_basename"` # Make sure we have an absolute progpath for reexecution: case $progpath in [\\/]*|[A-Za-z]:\\*) ;; *[\\/]*) progdir=`$ECHO "$progpath" |$SED "$sed_dirname"` progdir=`cd "$progdir" && pwd` progpath=$progdir/$progname ;; *) _G_IFS=$IFS IFS=${PATH_SEPARATOR-:} for progdir in $PATH; do IFS=$_G_IFS test -x "$progdir/$progname" && break done IFS=$_G_IFS test -n "$progdir" || progdir=`pwd` progpath=$progdir/$progname ;; esac ## ----------------- ## ## Standard options. ## ## ----------------- ## # The following options affect the operation of the functions defined # below, and should be set appropriately depending on run-time para- # meters passed on the command line. opt_dry_run=false opt_quiet=false opt_verbose=false # Categories 'all' and 'none' are always available. Append any others # you will pass as the first argument to func_warning from your own # code. warning_categories= # By default, display warnings according to 'opt_warning_types'. Set # 'warning_func' to ':' to elide all warnings, or func_fatal_error to # treat the next displayed warning as a fatal error. warning_func=func_warn_and_continue # Set to 'all' to display all warnings, 'none' to suppress all # warnings, or a space delimited list of some subset of # 'warning_categories' to display only the listed warnings. opt_warning_types=all ## -------------------- ## ## Resource management. ## ## -------------------- ## # This section contains definitions for functions that each ensure a # particular resource (a file, or a non-empty configuration variable for # example) is available, and if appropriate to extract default values # from pertinent package files. Call them using their associated # 'require_*' variable to ensure that they are executed, at most, once. # # It's entirely deliberate that calling these functions can set # variables that don't obey the namespace limitations obeyed by the rest # of this file, in order that that they be as useful as possible to # callers. # require_term_colors # ------------------- # Allow display of bold text on terminals that support it. require_term_colors=func_require_term_colors func_require_term_colors () { $debug_cmd test -t 1 && { # COLORTERM and USE_ANSI_COLORS environment variables take # precedence, because most terminfo databases neglect to describe # whether color sequences are supported. test -n "${COLORTERM+set}" && : ${USE_ANSI_COLORS="1"} if test 1 = "$USE_ANSI_COLORS"; then # Standard ANSI escape sequences tc_reset='' tc_bold=''; tc_standout='' tc_red=''; tc_green='' tc_blue=''; tc_cyan='' else # Otherwise trust the terminfo database after all. test -n "`tput sgr0 2>/dev/null`" && { tc_reset=`tput sgr0` test -n "`tput bold 2>/dev/null`" && tc_bold=`tput bold` tc_standout=$tc_bold test -n "`tput smso 2>/dev/null`" && tc_standout=`tput smso` test -n "`tput setaf 1 2>/dev/null`" && tc_red=`tput setaf 1` test -n "`tput setaf 2 2>/dev/null`" && tc_green=`tput setaf 2` test -n "`tput setaf 4 2>/dev/null`" && tc_blue=`tput setaf 4` test -n "`tput setaf 5 2>/dev/null`" && tc_cyan=`tput setaf 5` } fi } require_term_colors=: } ## ----------------- ## ## Function library. ## ## ----------------- ## # This section contains a variety of useful functions to call in your # scripts. Take note of the portable wrappers for features provided by # some modern shells, which will fall back to slower equivalents on # less featureful shells. # func_append VAR VALUE # --------------------- # Append VALUE onto the existing contents of VAR. # We should try to minimise forks, especially on Windows where they are # unreasonably slow, so skip the feature probes when bash or zsh are # being used: if test set = "${BASH_VERSION+set}${ZSH_VERSION+set}"; then : ${_G_HAVE_ARITH_OP="yes"} : ${_G_HAVE_XSI_OPS="yes"} # The += operator was introduced in bash 3.1 case $BASH_VERSION in [12].* | 3.0 | 3.0*) ;; *) : ${_G_HAVE_PLUSEQ_OP="yes"} ;; esac fi # _G_HAVE_PLUSEQ_OP # Can be empty, in which case the shell is probed, "yes" if += is # useable or anything else if it does not work. test -z "$_G_HAVE_PLUSEQ_OP" \ && (eval 'x=a; x+=" b"; test "a b" = "$x"') 2>/dev/null \ && _G_HAVE_PLUSEQ_OP=yes if test yes = "$_G_HAVE_PLUSEQ_OP" then # This is an XSI compatible shell, allowing a faster implementation... eval 'func_append () { $debug_cmd eval "$1+=\$2" }' else # ...otherwise fall back to using expr, which is often a shell builtin. func_append () { $debug_cmd eval "$1=\$$1\$2" } fi # func_append_quoted VAR VALUE # ---------------------------- # Quote VALUE and append to the end of shell variable VAR, separated # by a space. if test yes = "$_G_HAVE_PLUSEQ_OP"; then eval 'func_append_quoted () { $debug_cmd func_quote_for_eval "$2" eval "$1+=\\ \$func_quote_for_eval_result" }' else func_append_quoted () { $debug_cmd func_quote_for_eval "$2" eval "$1=\$$1\\ \$func_quote_for_eval_result" } fi # func_append_uniq VAR VALUE # -------------------------- # Append unique VALUE onto the existing contents of VAR, assuming # entries are delimited by the first character of VALUE. For example: # # func_append_uniq options " --another-option option-argument" # # will only append to $options if " --another-option option-argument " # is not already present somewhere in $options already (note spaces at # each end implied by leading space in second argument). func_append_uniq () { $debug_cmd eval _G_current_value='`$ECHO $'$1'`' _G_delim=`expr "$2" : '\(.\)'` case $_G_delim$_G_current_value$_G_delim in *"$2$_G_delim"*) ;; *) func_append "$@" ;; esac } # func_arith TERM... # ------------------ # Set func_arith_result to the result of evaluating TERMs. test -z "$_G_HAVE_ARITH_OP" \ && (eval 'test 2 = $(( 1 + 1 ))') 2>/dev/null \ && _G_HAVE_ARITH_OP=yes if test yes = "$_G_HAVE_ARITH_OP"; then eval 'func_arith () { $debug_cmd func_arith_result=$(( $* )) }' else func_arith () { $debug_cmd func_arith_result=`expr "$@"` } fi # func_basename FILE # ------------------ # Set func_basename_result to FILE with everything up to and including # the last / stripped. if test yes = "$_G_HAVE_XSI_OPS"; then # If this shell supports suffix pattern removal, then use it to avoid # forking. Hide the definitions single quotes in case the shell chokes # on unsupported syntax... _b='func_basename_result=${1##*/}' _d='case $1 in */*) func_dirname_result=${1%/*}$2 ;; * ) func_dirname_result=$3 ;; esac' else # ...otherwise fall back to using sed. _b='func_basename_result=`$ECHO "$1" |$SED "$sed_basename"`' _d='func_dirname_result=`$ECHO "$1" |$SED "$sed_dirname"` if test "X$func_dirname_result" = "X$1"; then func_dirname_result=$3 else func_append func_dirname_result "$2" fi' fi eval 'func_basename () { $debug_cmd '"$_b"' }' # func_dirname FILE APPEND NONDIR_REPLACEMENT # ------------------------------------------- # Compute the dirname of FILE. If nonempty, add APPEND to the result, # otherwise set result to NONDIR_REPLACEMENT. eval 'func_dirname () { $debug_cmd '"$_d"' }' # func_dirname_and_basename FILE APPEND NONDIR_REPLACEMENT # -------------------------------------------------------- # Perform func_basename and func_dirname in a single function # call: # dirname: Compute the dirname of FILE. If nonempty, # add APPEND to the result, otherwise set result # to NONDIR_REPLACEMENT. # value returned in "$func_dirname_result" # basename: Compute filename of FILE. # value retuned in "$func_basename_result" # For efficiency, we do not delegate to the functions above but instead # duplicate the functionality here. eval 'func_dirname_and_basename () { $debug_cmd '"$_b"' '"$_d"' }' # func_echo ARG... # ---------------- # Echo program name prefixed message. func_echo () { $debug_cmd _G_message=$* func_echo_IFS=$IFS IFS=$nl for _G_line in $_G_message; do IFS=$func_echo_IFS $ECHO "$progname: $_G_line" done IFS=$func_echo_IFS } # func_echo_all ARG... # -------------------- # Invoke $ECHO with all args, space-separated. func_echo_all () { $ECHO "$*" } # func_echo_infix_1 INFIX ARG... # ------------------------------ # Echo program name, followed by INFIX on the first line, with any # additional lines not showing INFIX. func_echo_infix_1 () { $debug_cmd $require_term_colors _G_infix=$1; shift _G_indent=$_G_infix _G_prefix="$progname: $_G_infix: " _G_message=$* # Strip color escape sequences before counting printable length for _G_tc in "$tc_reset" "$tc_bold" "$tc_standout" "$tc_red" "$tc_green" "$tc_blue" "$tc_cyan" do test -n "$_G_tc" && { _G_esc_tc=`$ECHO "$_G_tc" | $SED "$sed_make_literal_regex"` _G_indent=`$ECHO "$_G_indent" | $SED "s|$_G_esc_tc||g"` } done _G_indent="$progname: "`echo "$_G_indent" | $SED 's|.| |g'`" " ## exclude from sc_prohibit_nested_quotes func_echo_infix_1_IFS=$IFS IFS=$nl for _G_line in $_G_message; do IFS=$func_echo_infix_1_IFS $ECHO "$_G_prefix$tc_bold$_G_line$tc_reset" >&2 _G_prefix=$_G_indent done IFS=$func_echo_infix_1_IFS } # func_error ARG... # ----------------- # Echo program name prefixed message to standard error. func_error () { $debug_cmd $require_term_colors func_echo_infix_1 " $tc_standout${tc_red}error$tc_reset" "$*" >&2 } # func_fatal_error ARG... # ----------------------- # Echo program name prefixed message to standard error, and exit. func_fatal_error () { $debug_cmd func_error "$*" exit $EXIT_FAILURE } # func_grep EXPRESSION FILENAME # ----------------------------- # Check whether EXPRESSION matches any line of FILENAME, without output. func_grep () { $debug_cmd $GREP "$1" "$2" >/dev/null 2>&1 } # func_len STRING # --------------- # Set func_len_result to the length of STRING. STRING may not # start with a hyphen. test -z "$_G_HAVE_XSI_OPS" \ && (eval 'x=a/b/c; test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ && _G_HAVE_XSI_OPS=yes if test yes = "$_G_HAVE_XSI_OPS"; then eval 'func_len () { $debug_cmd func_len_result=${#1} }' else func_len () { $debug_cmd func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len` } fi # func_mkdir_p DIRECTORY-PATH # --------------------------- # Make sure the entire path to DIRECTORY-PATH is available. func_mkdir_p () { $debug_cmd _G_directory_path=$1 _G_dir_list= if test -n "$_G_directory_path" && test : != "$opt_dry_run"; then # Protect directory names starting with '-' case $_G_directory_path in -*) _G_directory_path=./$_G_directory_path ;; esac # While some portion of DIR does not yet exist... while test ! -d "$_G_directory_path"; do # ...make a list in topmost first order. Use a colon delimited # list incase some portion of path contains whitespace. _G_dir_list=$_G_directory_path:$_G_dir_list # If the last portion added has no slash in it, the list is done case $_G_directory_path in */*) ;; *) break ;; esac # ...otherwise throw away the child directory and loop _G_directory_path=`$ECHO "$_G_directory_path" | $SED -e "$sed_dirname"` done _G_dir_list=`$ECHO "$_G_dir_list" | $SED 's|:*$||'` func_mkdir_p_IFS=$IFS; IFS=: for _G_dir in $_G_dir_list; do IFS=$func_mkdir_p_IFS # mkdir can fail with a 'File exist' error if two processes # try to create one of the directories concurrently. Don't # stop in that case! $MKDIR "$_G_dir" 2>/dev/null || : done IFS=$func_mkdir_p_IFS # Bail out if we (or some other process) failed to create a directory. test -d "$_G_directory_path" || \ func_fatal_error "Failed to create '$1'" fi } # func_mktempdir [BASENAME] # ------------------------- # Make a temporary directory that won't clash with other running # libtool processes, and avoids race conditions if possible. If # given, BASENAME is the basename for that directory. func_mktempdir () { $debug_cmd _G_template=${TMPDIR-/tmp}/${1-$progname} if test : = "$opt_dry_run"; then # Return a directory name, but don't create it in dry-run mode _G_tmpdir=$_G_template-$$ else # If mktemp works, use that first and foremost _G_tmpdir=`mktemp -d "$_G_template-XXXXXXXX" 2>/dev/null` if test ! -d "$_G_tmpdir"; then # Failing that, at least try and use $RANDOM to avoid a race _G_tmpdir=$_G_template-${RANDOM-0}$$ func_mktempdir_umask=`umask` umask 0077 $MKDIR "$_G_tmpdir" umask $func_mktempdir_umask fi # If we're not in dry-run mode, bomb out on failure test -d "$_G_tmpdir" || \ func_fatal_error "cannot create temporary directory '$_G_tmpdir'" fi $ECHO "$_G_tmpdir" } # func_normal_abspath PATH # ------------------------ # Remove doubled-up and trailing slashes, "." path components, # and cancel out any ".." path components in PATH after making # it an absolute path. func_normal_abspath () { $debug_cmd # These SED scripts presuppose an absolute path with a trailing slash. _G_pathcar='s|^/\([^/]*\).*$|\1|' _G_pathcdr='s|^/[^/]*||' _G_removedotparts=':dotsl s|/\./|/|g t dotsl s|/\.$|/|' _G_collapseslashes='s|/\{1,\}|/|g' _G_finalslash='s|/*$|/|' # Start from root dir and reassemble the path. func_normal_abspath_result= func_normal_abspath_tpath=$1 func_normal_abspath_altnamespace= case $func_normal_abspath_tpath in "") # Empty path, that just means $cwd. func_stripname '' '/' "`pwd`" func_normal_abspath_result=$func_stripname_result return ;; # The next three entries are used to spot a run of precisely # two leading slashes without using negated character classes; # we take advantage of case's first-match behaviour. ///*) # Unusual form of absolute path, do nothing. ;; //*) # Not necessarily an ordinary path; POSIX reserves leading '//' # and for example Cygwin uses it to access remote file shares # over CIFS/SMB, so we conserve a leading double slash if found. func_normal_abspath_altnamespace=/ ;; /*) # Absolute path, do nothing. ;; *) # Relative path, prepend $cwd. func_normal_abspath_tpath=`pwd`/$func_normal_abspath_tpath ;; esac # Cancel out all the simple stuff to save iterations. We also want # the path to end with a slash for ease of parsing, so make sure # there is one (and only one) here. func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ -e "$_G_removedotparts" -e "$_G_collapseslashes" -e "$_G_finalslash"` while :; do # Processed it all yet? if test / = "$func_normal_abspath_tpath"; then # If we ascended to the root using ".." the result may be empty now. if test -z "$func_normal_abspath_result"; then func_normal_abspath_result=/ fi break fi func_normal_abspath_tcomponent=`$ECHO "$func_normal_abspath_tpath" | $SED \ -e "$_G_pathcar"` func_normal_abspath_tpath=`$ECHO "$func_normal_abspath_tpath" | $SED \ -e "$_G_pathcdr"` # Figure out what to do with it case $func_normal_abspath_tcomponent in "") # Trailing empty path component, ignore it. ;; ..) # Parent dir; strip last assembled component from result. func_dirname "$func_normal_abspath_result" func_normal_abspath_result=$func_dirname_result ;; *) # Actual path component, append it. func_append func_normal_abspath_result "/$func_normal_abspath_tcomponent" ;; esac done # Restore leading double-slash if one was found on entry. func_normal_abspath_result=$func_normal_abspath_altnamespace$func_normal_abspath_result } # func_notquiet ARG... # -------------------- # Echo program name prefixed message only when not in quiet mode. func_notquiet () { $debug_cmd $opt_quiet || func_echo ${1+"$@"} # A bug in bash halts the script if the last line of a function # fails when set -e is in force, so we need another command to # work around that: : } # func_relative_path SRCDIR DSTDIR # -------------------------------- # Set func_relative_path_result to the relative path from SRCDIR to DSTDIR. func_relative_path () { $debug_cmd func_relative_path_result= func_normal_abspath "$1" func_relative_path_tlibdir=$func_normal_abspath_result func_normal_abspath "$2" func_relative_path_tbindir=$func_normal_abspath_result # Ascend the tree starting from libdir while :; do # check if we have found a prefix of bindir case $func_relative_path_tbindir in $func_relative_path_tlibdir) # found an exact match func_relative_path_tcancelled= break ;; $func_relative_path_tlibdir*) # found a matching prefix func_stripname "$func_relative_path_tlibdir" '' "$func_relative_path_tbindir" func_relative_path_tcancelled=$func_stripname_result if test -z "$func_relative_path_result"; then func_relative_path_result=. fi break ;; *) func_dirname $func_relative_path_tlibdir func_relative_path_tlibdir=$func_dirname_result if test -z "$func_relative_path_tlibdir"; then # Have to descend all the way to the root! func_relative_path_result=../$func_relative_path_result func_relative_path_tcancelled=$func_relative_path_tbindir break fi func_relative_path_result=../$func_relative_path_result ;; esac done # Now calculate path; take care to avoid doubling-up slashes. func_stripname '' '/' "$func_relative_path_result" func_relative_path_result=$func_stripname_result func_stripname '/' '/' "$func_relative_path_tcancelled" if test -n "$func_stripname_result"; then func_append func_relative_path_result "/$func_stripname_result" fi # Normalisation. If bindir is libdir, return '.' else relative path. if test -n "$func_relative_path_result"; then func_stripname './' '' "$func_relative_path_result" func_relative_path_result=$func_stripname_result fi test -n "$func_relative_path_result" || func_relative_path_result=. : } # func_quote_for_eval ARG... # -------------------------- # Aesthetically quote ARGs to be evaled later. # This function returns two values: # i) func_quote_for_eval_result # double-quoted, suitable for a subsequent eval # ii) func_quote_for_eval_unquoted_result # has all characters that are still active within double # quotes backslashified. func_quote_for_eval () { $debug_cmd func_quote_for_eval_unquoted_result= func_quote_for_eval_result= while test 0 -lt $#; do case $1 in *[\\\`\"\$]*) _G_unquoted_arg=`printf '%s\n' "$1" |$SED "$sed_quote_subst"` ;; *) _G_unquoted_arg=$1 ;; esac if test -n "$func_quote_for_eval_unquoted_result"; then func_append func_quote_for_eval_unquoted_result " $_G_unquoted_arg" else func_append func_quote_for_eval_unquoted_result "$_G_unquoted_arg" fi case $_G_unquoted_arg in # Double-quote args containing shell metacharacters to delay # word splitting, command substitution and variable expansion # for a subsequent eval. # Many Bourne shells cannot handle close brackets correctly # in scan sets, so we specify it separately. *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") _G_quoted_arg=\"$_G_unquoted_arg\" ;; *) _G_quoted_arg=$_G_unquoted_arg ;; esac if test -n "$func_quote_for_eval_result"; then func_append func_quote_for_eval_result " $_G_quoted_arg" else func_append func_quote_for_eval_result "$_G_quoted_arg" fi shift done } # func_quote_for_expand ARG # ------------------------- # Aesthetically quote ARG to be evaled later; same as above, # but do not quote variable references. func_quote_for_expand () { $debug_cmd case $1 in *[\\\`\"]*) _G_arg=`$ECHO "$1" | $SED \ -e "$sed_double_quote_subst" -e "$sed_double_backslash"` ;; *) _G_arg=$1 ;; esac case $_G_arg in # Double-quote args containing shell metacharacters to delay # word splitting and command substitution for a subsequent eval. # Many Bourne shells cannot handle close brackets correctly # in scan sets, so we specify it separately. *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") _G_arg=\"$_G_arg\" ;; esac func_quote_for_expand_result=$_G_arg } # func_stripname PREFIX SUFFIX NAME # --------------------------------- # strip PREFIX and SUFFIX from NAME, and store in func_stripname_result. # PREFIX and SUFFIX must not contain globbing or regex special # characters, hashes, percent signs, but SUFFIX may contain a leading # dot (in which case that matches only a dot). if test yes = "$_G_HAVE_XSI_OPS"; then eval 'func_stripname () { $debug_cmd # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are # positional parameters, so assign one to ordinary variable first. func_stripname_result=$3 func_stripname_result=${func_stripname_result#"$1"} func_stripname_result=${func_stripname_result%"$2"} }' else func_stripname () { $debug_cmd case $2 in .*) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%\\\\$2\$%%"`;; *) func_stripname_result=`$ECHO "$3" | $SED -e "s%^$1%%" -e "s%$2\$%%"`;; esac } fi # func_show_eval CMD [FAIL_EXP] # ----------------------------- # Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is # not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP # is given, then evaluate it. func_show_eval () { $debug_cmd _G_cmd=$1 _G_fail_exp=${2-':'} func_quote_for_expand "$_G_cmd" eval "func_notquiet $func_quote_for_expand_result" $opt_dry_run || { eval "$_G_cmd" _G_status=$? if test 0 -ne "$_G_status"; then eval "(exit $_G_status); $_G_fail_exp" fi } } # func_show_eval_locale CMD [FAIL_EXP] # ------------------------------------ # Unless opt_quiet is true, then output CMD. Then, if opt_dryrun is # not true, evaluate CMD. If the evaluation of CMD fails, and FAIL_EXP # is given, then evaluate it. Use the saved locale for evaluation. func_show_eval_locale () { $debug_cmd _G_cmd=$1 _G_fail_exp=${2-':'} $opt_quiet || { func_quote_for_expand "$_G_cmd" eval "func_echo $func_quote_for_expand_result" } $opt_dry_run || { eval "$_G_user_locale $_G_cmd" _G_status=$? eval "$_G_safe_locale" if test 0 -ne "$_G_status"; then eval "(exit $_G_status); $_G_fail_exp" fi } } # func_tr_sh # ---------- # Turn $1 into a string suitable for a shell variable name. # Result is stored in $func_tr_sh_result. All characters # not in the set a-zA-Z0-9_ are replaced with '_'. Further, # if $1 begins with a digit, a '_' is prepended as well. func_tr_sh () { $debug_cmd case $1 in [0-9]* | *[!a-zA-Z0-9_]*) func_tr_sh_result=`$ECHO "$1" | $SED -e 's/^\([0-9]\)/_\1/' -e 's/[^a-zA-Z0-9_]/_/g'` ;; * ) func_tr_sh_result=$1 ;; esac } # func_verbose ARG... # ------------------- # Echo program name prefixed message in verbose mode only. func_verbose () { $debug_cmd $opt_verbose && func_echo "$*" : } # func_warn_and_continue ARG... # ----------------------------- # Echo program name prefixed warning message to standard error. func_warn_and_continue () { $debug_cmd $require_term_colors func_echo_infix_1 "${tc_red}warning$tc_reset" "$*" >&2 } # func_warning CATEGORY ARG... # ---------------------------- # Echo program name prefixed warning message to standard error. Warning # messages can be filtered according to CATEGORY, where this function # elides messages where CATEGORY is not listed in the global variable # 'opt_warning_types'. func_warning () { $debug_cmd # CATEGORY must be in the warning_categories list! case " $warning_categories " in *" $1 "*) ;; *) func_internal_error "invalid warning category '$1'" ;; esac _G_category=$1 shift case " $opt_warning_types " in *" $_G_category "*) $warning_func ${1+"$@"} ;; esac } # func_sort_ver VER1 VER2 # ----------------------- # 'sort -V' is not generally available. # Note this deviates from the version comparison in automake # in that it treats 1.5 < 1.5.0, and treats 1.4.4a < 1.4-p3a # but this should suffice as we won't be specifying old # version formats or redundant trailing .0 in bootstrap.conf. # If we did want full compatibility then we should probably # use m4_version_compare from autoconf. func_sort_ver () { $debug_cmd printf '%s\n%s\n' "$1" "$2" \ | sort -t. -k 1,1n -k 2,2n -k 3,3n -k 4,4n -k 5,5n -k 6,6n -k 7,7n -k 8,8n -k 9,9n } # func_lt_ver PREV CURR # --------------------- # Return true if PREV and CURR are in the correct order according to # func_sort_ver, otherwise false. Use it like this: # # func_lt_ver "$prev_ver" "$proposed_ver" || func_fatal_error "..." func_lt_ver () { $debug_cmd test "x$1" = x`func_sort_ver "$1" "$2" | $SED 1q` } # Local variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" # time-stamp-time-zone: "UTC" # End: #! /bin/sh # Set a version string for this script. scriptversion=2014-01-07.03; # UTC # A portable, pluggable option parser for Bourne shell. # Written by Gary V. Vaughan, 2010 # Copyright (C) 2010-2015 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # You should have received a copy of the GNU General Public License # along with this program. If not, see . # Please report bugs or propose patches to gary@gnu.org. ## ------ ## ## Usage. ## ## ------ ## # This file is a library for parsing options in your shell scripts along # with assorted other useful supporting features that you can make use # of too. # # For the simplest scripts you might need only: # # #!/bin/sh # . relative/path/to/funclib.sh # . relative/path/to/options-parser # scriptversion=1.0 # func_options ${1+"$@"} # eval set dummy "$func_options_result"; shift # ...rest of your script... # # In order for the '--version' option to work, you will need to have a # suitably formatted comment like the one at the top of this file # starting with '# Written by ' and ending with '# warranty; '. # # For '-h' and '--help' to work, you will also need a one line # description of your script's purpose in a comment directly above the # '# Written by ' line, like the one at the top of this file. # # The default options also support '--debug', which will turn on shell # execution tracing (see the comment above debug_cmd below for another # use), and '--verbose' and the func_verbose function to allow your script # to display verbose messages only when your user has specified # '--verbose'. # # After sourcing this file, you can plug processing for additional # options by amending the variables from the 'Configuration' section # below, and following the instructions in the 'Option parsing' # section further down. ## -------------- ## ## Configuration. ## ## -------------- ## # You should override these variables in your script after sourcing this # file so that they reflect the customisations you have added to the # option parser. # The usage line for option parsing errors and the start of '-h' and # '--help' output messages. You can embed shell variables for delayed # expansion at the time the message is displayed, but you will need to # quote other shell meta-characters carefully to prevent them being # expanded when the contents are evaled. usage='$progpath [OPTION]...' # Short help message in response to '-h' and '--help'. Add to this or # override it after sourcing this library to reflect the full set of # options your script accepts. usage_message="\ --debug enable verbose shell tracing -W, --warnings=CATEGORY report the warnings falling in CATEGORY [all] -v, --verbose verbosely report processing --version print version information and exit -h, --help print short or long help message and exit " # Additional text appended to 'usage_message' in response to '--help'. long_help_message=" Warning categories include: 'all' show all warnings 'none' turn off all the warnings 'error' warnings are treated as fatal errors" # Help message printed before fatal option parsing errors. fatal_help="Try '\$progname --help' for more information." ## ------------------------- ## ## Hook function management. ## ## ------------------------- ## # This section contains functions for adding, removing, and running hooks # to the main code. A hook is just a named list of of function, that can # be run in order later on. # func_hookable FUNC_NAME # ----------------------- # Declare that FUNC_NAME will run hooks added with # 'func_add_hook FUNC_NAME ...'. func_hookable () { $debug_cmd func_append hookable_fns " $1" } # func_add_hook FUNC_NAME HOOK_FUNC # --------------------------------- # Request that FUNC_NAME call HOOK_FUNC before it returns. FUNC_NAME must # first have been declared "hookable" by a call to 'func_hookable'. func_add_hook () { $debug_cmd case " $hookable_fns " in *" $1 "*) ;; *) func_fatal_error "'$1' does not accept hook functions." ;; esac eval func_append ${1}_hooks '" $2"' } # func_remove_hook FUNC_NAME HOOK_FUNC # ------------------------------------ # Remove HOOK_FUNC from the list of functions called by FUNC_NAME. func_remove_hook () { $debug_cmd eval ${1}_hooks='`$ECHO "\$'$1'_hooks" |$SED "s| '$2'||"`' } # func_run_hooks FUNC_NAME [ARG]... # --------------------------------- # Run all hook functions registered to FUNC_NAME. # It is assumed that the list of hook functions contains nothing more # than a whitespace-delimited list of legal shell function names, and # no effort is wasted trying to catch shell meta-characters or preserve # whitespace. func_run_hooks () { $debug_cmd case " $hookable_fns " in *" $1 "*) ;; *) func_fatal_error "'$1' does not support hook funcions.n" ;; esac eval _G_hook_fns=\$$1_hooks; shift for _G_hook in $_G_hook_fns; do eval $_G_hook '"$@"' # store returned options list back into positional # parameters for next 'cmd' execution. eval _G_hook_result=\$${_G_hook}_result eval set dummy "$_G_hook_result"; shift done func_quote_for_eval ${1+"$@"} func_run_hooks_result=$func_quote_for_eval_result } ## --------------- ## ## Option parsing. ## ## --------------- ## # In order to add your own option parsing hooks, you must accept the # full positional parameter list in your hook function, remove any # options that you action, and then pass back the remaining unprocessed # options in '_result', escaped suitably for # 'eval'. Like this: # # my_options_prep () # { # $debug_cmd # # # Extend the existing usage message. # usage_message=$usage_message' # -s, --silent don'\''t print informational messages # ' # # func_quote_for_eval ${1+"$@"} # my_options_prep_result=$func_quote_for_eval_result # } # func_add_hook func_options_prep my_options_prep # # # my_silent_option () # { # $debug_cmd # # # Note that for efficiency, we parse as many options as we can # # recognise in a loop before passing the remainder back to the # # caller on the first unrecognised argument we encounter. # while test $# -gt 0; do # opt=$1; shift # case $opt in # --silent|-s) opt_silent=: ;; # # Separate non-argument short options: # -s*) func_split_short_opt "$_G_opt" # set dummy "$func_split_short_opt_name" \ # "-$func_split_short_opt_arg" ${1+"$@"} # shift # ;; # *) set dummy "$_G_opt" "$*"; shift; break ;; # esac # done # # func_quote_for_eval ${1+"$@"} # my_silent_option_result=$func_quote_for_eval_result # } # func_add_hook func_parse_options my_silent_option # # # my_option_validation () # { # $debug_cmd # # $opt_silent && $opt_verbose && func_fatal_help "\ # '--silent' and '--verbose' options are mutually exclusive." # # func_quote_for_eval ${1+"$@"} # my_option_validation_result=$func_quote_for_eval_result # } # func_add_hook func_validate_options my_option_validation # # You'll alse need to manually amend $usage_message to reflect the extra # options you parse. It's preferable to append if you can, so that # multiple option parsing hooks can be added safely. # func_options [ARG]... # --------------------- # All the functions called inside func_options are hookable. See the # individual implementations for details. func_hookable func_options func_options () { $debug_cmd func_options_prep ${1+"$@"} eval func_parse_options \ ${func_options_prep_result+"$func_options_prep_result"} eval func_validate_options \ ${func_parse_options_result+"$func_parse_options_result"} eval func_run_hooks func_options \ ${func_validate_options_result+"$func_validate_options_result"} # save modified positional parameters for caller func_options_result=$func_run_hooks_result } # func_options_prep [ARG]... # -------------------------- # All initialisations required before starting the option parse loop. # Note that when calling hook functions, we pass through the list of # positional parameters. If a hook function modifies that list, and # needs to propogate that back to rest of this script, then the complete # modified list must be put in 'func_run_hooks_result' before # returning. func_hookable func_options_prep func_options_prep () { $debug_cmd # Option defaults: opt_verbose=false opt_warning_types= func_run_hooks func_options_prep ${1+"$@"} # save modified positional parameters for caller func_options_prep_result=$func_run_hooks_result } # func_parse_options [ARG]... # --------------------------- # The main option parsing loop. func_hookable func_parse_options func_parse_options () { $debug_cmd func_parse_options_result= # this just eases exit handling while test $# -gt 0; do # Defer to hook functions for initial option parsing, so they # get priority in the event of reusing an option name. func_run_hooks func_parse_options ${1+"$@"} # Adjust func_parse_options positional parameters to match eval set dummy "$func_run_hooks_result"; shift # Break out of the loop if we already parsed every option. test $# -gt 0 || break _G_opt=$1 shift case $_G_opt in --debug|-x) debug_cmd='set -x' func_echo "enabling shell trace mode" $debug_cmd ;; --no-warnings|--no-warning|--no-warn) set dummy --warnings none ${1+"$@"} shift ;; --warnings|--warning|-W) test $# = 0 && func_missing_arg $_G_opt && break case " $warning_categories $1" in *" $1 "*) # trailing space prevents matching last $1 above func_append_uniq opt_warning_types " $1" ;; *all) opt_warning_types=$warning_categories ;; *none) opt_warning_types=none warning_func=: ;; *error) opt_warning_types=$warning_categories warning_func=func_fatal_error ;; *) func_fatal_error \ "unsupported warning category: '$1'" ;; esac shift ;; --verbose|-v) opt_verbose=: ;; --version) func_version ;; -\?|-h) func_usage ;; --help) func_help ;; # Separate optargs to long options (plugins may need this): --*=*) func_split_equals "$_G_opt" set dummy "$func_split_equals_lhs" \ "$func_split_equals_rhs" ${1+"$@"} shift ;; # Separate optargs to short options: -W*) func_split_short_opt "$_G_opt" set dummy "$func_split_short_opt_name" \ "$func_split_short_opt_arg" ${1+"$@"} shift ;; # Separate non-argument short options: -\?*|-h*|-v*|-x*) func_split_short_opt "$_G_opt" set dummy "$func_split_short_opt_name" \ "-$func_split_short_opt_arg" ${1+"$@"} shift ;; --) break ;; -*) func_fatal_help "unrecognised option: '$_G_opt'" ;; *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; esac done # save modified positional parameters for caller func_quote_for_eval ${1+"$@"} func_parse_options_result=$func_quote_for_eval_result } # func_validate_options [ARG]... # ------------------------------ # Perform any sanity checks on option settings and/or unconsumed # arguments. func_hookable func_validate_options func_validate_options () { $debug_cmd # Display all warnings if -W was not given. test -n "$opt_warning_types" || opt_warning_types=" $warning_categories" func_run_hooks func_validate_options ${1+"$@"} # Bail if the options were screwed! $exit_cmd $EXIT_FAILURE # save modified positional parameters for caller func_validate_options_result=$func_run_hooks_result } ## ----------------- ## ## Helper functions. ## ## ----------------- ## # This section contains the helper functions used by the rest of the # hookable option parser framework in ascii-betical order. # func_fatal_help ARG... # ---------------------- # Echo program name prefixed message to standard error, followed by # a help hint, and exit. func_fatal_help () { $debug_cmd eval \$ECHO \""Usage: $usage"\" eval \$ECHO \""$fatal_help"\" func_error ${1+"$@"} exit $EXIT_FAILURE } # func_help # --------- # Echo long help message to standard output and exit. func_help () { $debug_cmd func_usage_message $ECHO "$long_help_message" exit 0 } # func_missing_arg ARGNAME # ------------------------ # Echo program name prefixed message to standard error and set global # exit_cmd. func_missing_arg () { $debug_cmd func_error "Missing argument for '$1'." exit_cmd=exit } # func_split_equals STRING # ------------------------ # Set func_split_equals_lhs and func_split_equals_rhs shell variables after # splitting STRING at the '=' sign. test -z "$_G_HAVE_XSI_OPS" \ && (eval 'x=a/b/c; test 5aa/bb/cc = "${#x}${x%%/*}${x%/*}${x#*/}${x##*/}"') 2>/dev/null \ && _G_HAVE_XSI_OPS=yes if test yes = "$_G_HAVE_XSI_OPS" then # This is an XSI compatible shell, allowing a faster implementation... eval 'func_split_equals () { $debug_cmd func_split_equals_lhs=${1%%=*} func_split_equals_rhs=${1#*=} test "x$func_split_equals_lhs" = "x$1" \ && func_split_equals_rhs= }' else # ...otherwise fall back to using expr, which is often a shell builtin. func_split_equals () { $debug_cmd func_split_equals_lhs=`expr "x$1" : 'x\([^=]*\)'` func_split_equals_rhs= test "x$func_split_equals_lhs" = "x$1" \ || func_split_equals_rhs=`expr "x$1" : 'x[^=]*=\(.*\)$'` } fi #func_split_equals # func_split_short_opt SHORTOPT # ----------------------------- # Set func_split_short_opt_name and func_split_short_opt_arg shell # variables after splitting SHORTOPT after the 2nd character. if test yes = "$_G_HAVE_XSI_OPS" then # This is an XSI compatible shell, allowing a faster implementation... eval 'func_split_short_opt () { $debug_cmd func_split_short_opt_arg=${1#??} func_split_short_opt_name=${1%"$func_split_short_opt_arg"} }' else # ...otherwise fall back to using expr, which is often a shell builtin. func_split_short_opt () { $debug_cmd func_split_short_opt_name=`expr "x$1" : 'x-\(.\)'` func_split_short_opt_arg=`expr "x$1" : 'x-.\(.*\)$'` } fi #func_split_short_opt # func_usage # ---------- # Echo short help message to standard output and exit. func_usage () { $debug_cmd func_usage_message $ECHO "Run '$progname --help |${PAGER-more}' for full usage" exit 0 } # func_usage_message # ------------------ # Echo short help message to standard output. func_usage_message () { $debug_cmd eval \$ECHO \""Usage: $usage"\" echo $SED -n 's|^# || /^Written by/{ x;p;x } h /^Written by/q' < "$progpath" echo eval \$ECHO \""$usage_message"\" } # func_version # ------------ # Echo version message to standard output and exit. func_version () { $debug_cmd printf '%s\n' "$progname $scriptversion" $SED -n ' /(C)/!b go :more /\./!{ N s|\n# | | b more } :go /^# Written by /,/# warranty; / { s|^# || s|^# *$|| s|\((C)\)[ 0-9,-]*[ ,-]\([1-9][0-9]* \)|\1 \2| p } /^# Written by / { s|^# || p } /^warranty; /q' < "$progpath" exit $? } # Local variables: # mode: shell-script # sh-indentation: 2 # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-pattern: "10/scriptversion=%:y-%02m-%02d.%02H; # UTC" # time-stamp-time-zone: "UTC" # End: # Set a version string. scriptversion='(GNU libtool) 2.4.6' # func_echo ARG... # ---------------- # Libtool also displays the current mode in messages, so override # funclib.sh func_echo with this custom definition. func_echo () { $debug_cmd _G_message=$* func_echo_IFS=$IFS IFS=$nl for _G_line in $_G_message; do IFS=$func_echo_IFS $ECHO "$progname${opt_mode+: $opt_mode}: $_G_line" done IFS=$func_echo_IFS } # func_warning ARG... # ------------------- # Libtool warnings are not categorized, so override funclib.sh # func_warning with this simpler definition. func_warning () { $debug_cmd $warning_func ${1+"$@"} } ## ---------------- ## ## Options parsing. ## ## ---------------- ## # Hook in the functions to make sure our own options are parsed during # the option parsing loop. usage='$progpath [OPTION]... [MODE-ARG]...' # Short help message in response to '-h'. usage_message="Options: --config show all configuration variables --debug enable verbose shell tracing -n, --dry-run display commands without modifying any files --features display basic configuration information and exit --mode=MODE use operation mode MODE --no-warnings equivalent to '-Wnone' --preserve-dup-deps don't remove duplicate dependency libraries --quiet, --silent don't print informational messages --tag=TAG use configuration variables from tag TAG -v, --verbose print more informational messages than default --version print version information -W, --warnings=CATEGORY report the warnings falling in CATEGORY [all] -h, --help, --help-all print short, long, or detailed help message " # Additional text appended to 'usage_message' in response to '--help'. func_help () { $debug_cmd func_usage_message $ECHO "$long_help_message MODE must be one of the following: clean remove files from the build directory compile compile a source file into a libtool object execute automatically set library path, then run a program finish complete the installation of libtool libraries install install libraries or executables link create a library or an executable uninstall remove libraries from an installed directory MODE-ARGS vary depending on the MODE. When passed as first option, '--mode=MODE' may be abbreviated as 'MODE' or a unique abbreviation of that. Try '$progname --help --mode=MODE' for a more detailed description of MODE. When reporting a bug, please describe a test case to reproduce it and include the following information: host-triplet: $host shell: $SHELL compiler: $LTCC compiler flags: $LTCFLAGS linker: $LD (gnu? $with_gnu_ld) version: $progname (GNU libtool) 2.4.6 automake: `($AUTOMAKE --version) 2>/dev/null |$SED 1q` autoconf: `($AUTOCONF --version) 2>/dev/null |$SED 1q` Report bugs to . GNU libtool home page: . General help using GNU software: ." exit 0 } # func_lo2o OBJECT-NAME # --------------------- # Transform OBJECT-NAME from a '.lo' suffix to the platform specific # object suffix. lo2o=s/\\.lo\$/.$objext/ o2lo=s/\\.$objext\$/.lo/ if test yes = "$_G_HAVE_XSI_OPS"; then eval 'func_lo2o () { case $1 in *.lo) func_lo2o_result=${1%.lo}.$objext ;; * ) func_lo2o_result=$1 ;; esac }' # func_xform LIBOBJ-OR-SOURCE # --------------------------- # Transform LIBOBJ-OR-SOURCE from a '.o' or '.c' (or otherwise) # suffix to a '.lo' libtool-object suffix. eval 'func_xform () { func_xform_result=${1%.*}.lo }' else # ...otherwise fall back to using sed. func_lo2o () { func_lo2o_result=`$ECHO "$1" | $SED "$lo2o"` } func_xform () { func_xform_result=`$ECHO "$1" | $SED 's|\.[^.]*$|.lo|'` } fi # func_fatal_configuration ARG... # ------------------------------- # Echo program name prefixed message to standard error, followed by # a configuration failure hint, and exit. func_fatal_configuration () { func__fatal_error ${1+"$@"} \ "See the $PACKAGE documentation for more information." \ "Fatal configuration error." } # func_config # ----------- # Display the configuration for all the tags in this script. func_config () { re_begincf='^# ### BEGIN LIBTOOL' re_endcf='^# ### END LIBTOOL' # Default configuration. $SED "1,/$re_begincf CONFIG/d;/$re_endcf CONFIG/,\$d" < "$progpath" # Now print the configurations for the tags. for tagname in $taglist; do $SED -n "/$re_begincf TAG CONFIG: $tagname\$/,/$re_endcf TAG CONFIG: $tagname\$/p" < "$progpath" done exit $? } # func_features # ------------- # Display the features supported by this script. func_features () { echo "host: $host" if test yes = "$build_libtool_libs"; then echo "enable shared libraries" else echo "disable shared libraries" fi if test yes = "$build_old_libs"; then echo "enable static libraries" else echo "disable static libraries" fi exit $? } # func_enable_tag TAGNAME # ----------------------- # Verify that TAGNAME is valid, and either flag an error and exit, or # enable the TAGNAME tag. We also add TAGNAME to the global $taglist # variable here. func_enable_tag () { # Global variable: tagname=$1 re_begincf="^# ### BEGIN LIBTOOL TAG CONFIG: $tagname\$" re_endcf="^# ### END LIBTOOL TAG CONFIG: $tagname\$" sed_extractcf=/$re_begincf/,/$re_endcf/p # Validate tagname. case $tagname in *[!-_A-Za-z0-9,/]*) func_fatal_error "invalid tag name: $tagname" ;; esac # Don't test for the "default" C tag, as we know it's # there but not specially marked. case $tagname in CC) ;; *) if $GREP "$re_begincf" "$progpath" >/dev/null 2>&1; then taglist="$taglist $tagname" # Evaluate the configuration. Be careful to quote the path # and the sed script, to avoid splitting on whitespace, but # also don't use non-portable quotes within backquotes within # quotes we have to do it in 2 steps: extractedcf=`$SED -n -e "$sed_extractcf" < "$progpath"` eval "$extractedcf" else func_error "ignoring unknown tag $tagname" fi ;; esac } # func_check_version_match # ------------------------ # Ensure that we are using m4 macros, and libtool script from the same # release of libtool. func_check_version_match () { if test "$package_revision" != "$macro_revision"; then if test "$VERSION" != "$macro_version"; then if test -z "$macro_version"; then cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from an older release. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF else cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, but the $progname: definition of this LT_INIT comes from $PACKAGE $macro_version. $progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION $progname: and run autoconf again. _LT_EOF fi else cat >&2 <<_LT_EOF $progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, $progname: but the definition of this LT_INIT comes from revision $macro_revision. $progname: You should recreate aclocal.m4 with macros from revision $package_revision $progname: of $PACKAGE $VERSION and run autoconf again. _LT_EOF fi exit $EXIT_MISMATCH fi } # libtool_options_prep [ARG]... # ----------------------------- # Preparation for options parsed by libtool. libtool_options_prep () { $debug_mode # Option defaults: opt_config=false opt_dlopen= opt_dry_run=false opt_help=false opt_mode= opt_preserve_dup_deps=false opt_quiet=false nonopt= preserve_args= # Shorthand for --mode=foo, only valid as the first argument case $1 in clean|clea|cle|cl) shift; set dummy --mode clean ${1+"$@"}; shift ;; compile|compil|compi|comp|com|co|c) shift; set dummy --mode compile ${1+"$@"}; shift ;; execute|execut|execu|exec|exe|ex|e) shift; set dummy --mode execute ${1+"$@"}; shift ;; finish|finis|fini|fin|fi|f) shift; set dummy --mode finish ${1+"$@"}; shift ;; install|instal|insta|inst|ins|in|i) shift; set dummy --mode install ${1+"$@"}; shift ;; link|lin|li|l) shift; set dummy --mode link ${1+"$@"}; shift ;; uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) shift; set dummy --mode uninstall ${1+"$@"}; shift ;; esac # Pass back the list of options. func_quote_for_eval ${1+"$@"} libtool_options_prep_result=$func_quote_for_eval_result } func_add_hook func_options_prep libtool_options_prep # libtool_parse_options [ARG]... # --------------------------------- # Provide handling for libtool specific options. libtool_parse_options () { $debug_cmd # Perform our own loop to consume as many options as possible in # each iteration. while test $# -gt 0; do _G_opt=$1 shift case $_G_opt in --dry-run|--dryrun|-n) opt_dry_run=: ;; --config) func_config ;; --dlopen|-dlopen) opt_dlopen="${opt_dlopen+$opt_dlopen }$1" shift ;; --preserve-dup-deps) opt_preserve_dup_deps=: ;; --features) func_features ;; --finish) set dummy --mode finish ${1+"$@"}; shift ;; --help) opt_help=: ;; --help-all) opt_help=': help-all' ;; --mode) test $# = 0 && func_missing_arg $_G_opt && break opt_mode=$1 case $1 in # Valid mode arguments: clean|compile|execute|finish|install|link|relink|uninstall) ;; # Catch anything else as an error *) func_error "invalid argument for $_G_opt" exit_cmd=exit break ;; esac shift ;; --no-silent|--no-quiet) opt_quiet=false func_append preserve_args " $_G_opt" ;; --no-warnings|--no-warning|--no-warn) opt_warning=false func_append preserve_args " $_G_opt" ;; --no-verbose) opt_verbose=false func_append preserve_args " $_G_opt" ;; --silent|--quiet) opt_quiet=: opt_verbose=false func_append preserve_args " $_G_opt" ;; --tag) test $# = 0 && func_missing_arg $_G_opt && break opt_tag=$1 func_append preserve_args " $_G_opt $1" func_enable_tag "$1" shift ;; --verbose|-v) opt_quiet=false opt_verbose=: func_append preserve_args " $_G_opt" ;; # An option not handled by this hook function: *) set dummy "$_G_opt" ${1+"$@"}; shift; break ;; esac done # save modified positional parameters for caller func_quote_for_eval ${1+"$@"} libtool_parse_options_result=$func_quote_for_eval_result } func_add_hook func_parse_options libtool_parse_options # libtool_validate_options [ARG]... # --------------------------------- # Perform any sanity checks on option settings and/or unconsumed # arguments. libtool_validate_options () { # save first non-option argument if test 0 -lt $#; then nonopt=$1 shift fi # preserve --debug test : = "$debug_cmd" || func_append preserve_args " --debug" case $host in # Solaris2 added to fix http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16452 # see also: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=59788 *cygwin* | *mingw* | *pw32* | *cegcc* | *solaris2* | *os2*) # don't eliminate duplications in $postdeps and $predeps opt_duplicate_compiler_generated_deps=: ;; *) opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps ;; esac $opt_help || { # Sanity checks first: func_check_version_match test yes != "$build_libtool_libs" \ && test yes != "$build_old_libs" \ && func_fatal_configuration "not configured to build any kind of library" # Darwin sucks eval std_shrext=\"$shrext_cmds\" # Only execute mode is allowed to have -dlopen flags. if test -n "$opt_dlopen" && test execute != "$opt_mode"; then func_error "unrecognized option '-dlopen'" $ECHO "$help" 1>&2 exit $EXIT_FAILURE fi # Change the help message to a mode-specific one. generic_help=$help help="Try '$progname --help --mode=$opt_mode' for more information." } # Pass back the unparsed argument list func_quote_for_eval ${1+"$@"} libtool_validate_options_result=$func_quote_for_eval_result } func_add_hook func_validate_options libtool_validate_options # Process options as early as possible so that --help and --version # can return quickly. func_options ${1+"$@"} eval set dummy "$func_options_result"; shift ## ----------- ## ## Main. ## ## ----------- ## magic='%%%MAGIC variable%%%' magic_exe='%%%MAGIC EXE variable%%%' # Global variables. extracted_archives= extracted_serial=0 # If this variable is set in any of the actions, the command in it # will be execed at the end. This prevents here-documents from being # left over by shells. exec_cmd= # A function that is used when there is no print builtin or printf. func_fallback_echo () { eval 'cat <<_LTECHO_EOF $1 _LTECHO_EOF' } # func_generated_by_libtool # True iff stdin has been generated by Libtool. This function is only # a basic sanity check; it will hardly flush out determined imposters. func_generated_by_libtool_p () { $GREP "^# Generated by .*$PACKAGE" > /dev/null 2>&1 } # func_lalib_p file # True iff FILE is a libtool '.la' library or '.lo' object file. # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_lalib_p () { test -f "$1" && $SED -e 4q "$1" 2>/dev/null | func_generated_by_libtool_p } # func_lalib_unsafe_p file # True iff FILE is a libtool '.la' library or '.lo' object file. # This function implements the same check as func_lalib_p without # resorting to external programs. To this end, it redirects stdin and # closes it afterwards, without saving the original file descriptor. # As a safety measure, use it only where a negative result would be # fatal anyway. Works if 'file' does not exist. func_lalib_unsafe_p () { lalib_p=no if test -f "$1" && test -r "$1" && exec 5<&0 <"$1"; then for lalib_p_l in 1 2 3 4 do read lalib_p_line case $lalib_p_line in \#\ Generated\ by\ *$PACKAGE* ) lalib_p=yes; break;; esac done exec 0<&5 5<&- fi test yes = "$lalib_p" } # func_ltwrapper_script_p file # True iff FILE is a libtool wrapper script # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_ltwrapper_script_p () { test -f "$1" && $lt_truncate_bin < "$1" 2>/dev/null | func_generated_by_libtool_p } # func_ltwrapper_executable_p file # True iff FILE is a libtool wrapper executable # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_ltwrapper_executable_p () { func_ltwrapper_exec_suffix= case $1 in *.exe) ;; *) func_ltwrapper_exec_suffix=.exe ;; esac $GREP "$magic_exe" "$1$func_ltwrapper_exec_suffix" >/dev/null 2>&1 } # func_ltwrapper_scriptname file # Assumes file is an ltwrapper_executable # uses $file to determine the appropriate filename for a # temporary ltwrapper_script. func_ltwrapper_scriptname () { func_dirname_and_basename "$1" "" "." func_stripname '' '.exe' "$func_basename_result" func_ltwrapper_scriptname_result=$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper } # func_ltwrapper_p file # True iff FILE is a libtool wrapper script or wrapper executable # This function is only a basic sanity check; it will hardly flush out # determined imposters. func_ltwrapper_p () { func_ltwrapper_script_p "$1" || func_ltwrapper_executable_p "$1" } # func_execute_cmds commands fail_cmd # Execute tilde-delimited COMMANDS. # If FAIL_CMD is given, eval that upon failure. # FAIL_CMD may read-access the current command in variable CMD! func_execute_cmds () { $debug_cmd save_ifs=$IFS; IFS='~' for cmd in $1; do IFS=$sp$nl eval cmd=\"$cmd\" IFS=$save_ifs func_show_eval "$cmd" "${2-:}" done IFS=$save_ifs } # func_source file # Source FILE, adding directory component if necessary. # Note that it is not necessary on cygwin/mingw to append a dot to # FILE even if both FILE and FILE.exe exist: automatic-append-.exe # behavior happens only for exec(3), not for open(2)! Also, sourcing # 'FILE.' does not work on cygwin managed mounts. func_source () { $debug_cmd case $1 in */* | *\\*) . "$1" ;; *) . "./$1" ;; esac } # func_resolve_sysroot PATH # Replace a leading = in PATH with a sysroot. Store the result into # func_resolve_sysroot_result func_resolve_sysroot () { func_resolve_sysroot_result=$1 case $func_resolve_sysroot_result in =*) func_stripname '=' '' "$func_resolve_sysroot_result" func_resolve_sysroot_result=$lt_sysroot$func_stripname_result ;; esac } # func_replace_sysroot PATH # If PATH begins with the sysroot, replace it with = and # store the result into func_replace_sysroot_result. func_replace_sysroot () { case $lt_sysroot:$1 in ?*:"$lt_sysroot"*) func_stripname "$lt_sysroot" '' "$1" func_replace_sysroot_result='='$func_stripname_result ;; *) # Including no sysroot. func_replace_sysroot_result=$1 ;; esac } # func_infer_tag arg # Infer tagged configuration to use if any are available and # if one wasn't chosen via the "--tag" command line option. # Only attempt this if the compiler in the base compile # command doesn't match the default compiler. # arg is usually of the form 'gcc ...' func_infer_tag () { $debug_cmd if test -n "$available_tags" && test -z "$tagname"; then CC_quoted= for arg in $CC; do func_append_quoted CC_quoted "$arg" done CC_expanded=`func_echo_all $CC` CC_quoted_expanded=`func_echo_all $CC_quoted` case $@ in # Blanks in the command may have been stripped by the calling shell, # but not from the CC environment variable when configure was run. " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) ;; # Blanks at the start of $base_compile will cause this to fail # if we don't check for them as well. *) for z in $available_tags; do if $GREP "^# ### BEGIN LIBTOOL TAG CONFIG: $z$" < "$progpath" > /dev/null; then # Evaluate the configuration. eval "`$SED -n -e '/^# ### BEGIN LIBTOOL TAG CONFIG: '$z'$/,/^# ### END LIBTOOL TAG CONFIG: '$z'$/p' < $progpath`" CC_quoted= for arg in $CC; do # Double-quote args containing other shell metacharacters. func_append_quoted CC_quoted "$arg" done CC_expanded=`func_echo_all $CC` CC_quoted_expanded=`func_echo_all $CC_quoted` case "$@ " in " $CC "* | "$CC "* | " $CC_expanded "* | "$CC_expanded "* | \ " $CC_quoted"* | "$CC_quoted "* | " $CC_quoted_expanded "* | "$CC_quoted_expanded "*) # The compiler in the base compile command matches # the one in the tagged configuration. # Assume this is the tagged configuration we want. tagname=$z break ;; esac fi done # If $tagname still isn't set, then no tagged configuration # was found and let the user know that the "--tag" command # line option must be used. if test -z "$tagname"; then func_echo "unable to infer tagged configuration" func_fatal_error "specify a tag with '--tag'" # else # func_verbose "using $tagname tagged configuration" fi ;; esac fi } # func_write_libtool_object output_name pic_name nonpic_name # Create a libtool object file (analogous to a ".la" file), # but don't create it if we're doing a dry run. func_write_libtool_object () { write_libobj=$1 if test yes = "$build_libtool_libs"; then write_lobj=\'$2\' else write_lobj=none fi if test yes = "$build_old_libs"; then write_oldobj=\'$3\' else write_oldobj=none fi $opt_dry_run || { cat >${write_libobj}T </dev/null` if test "$?" -eq 0 && test -n "$func_convert_core_file_wine_to_w32_tmp"; then func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | $SED -e "$sed_naive_backslashify"` else func_convert_core_file_wine_to_w32_result= fi fi } # end: func_convert_core_file_wine_to_w32 # func_convert_core_path_wine_to_w32 ARG # Helper function used by path conversion functions when $build is *nix, and # $host is mingw, cygwin, or some other w32 environment. Relies on a correctly # configured wine environment available, with the winepath program in $build's # $PATH. Assumes ARG has no leading or trailing path separator characters. # # ARG is path to be converted from $build format to win32. # Result is available in $func_convert_core_path_wine_to_w32_result. # Unconvertible file (directory) names in ARG are skipped; if no directory names # are convertible, then the result may be empty. func_convert_core_path_wine_to_w32 () { $debug_cmd # unfortunately, winepath doesn't convert paths, only file names func_convert_core_path_wine_to_w32_result= if test -n "$1"; then oldIFS=$IFS IFS=: for func_convert_core_path_wine_to_w32_f in $1; do IFS=$oldIFS func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" if test -n "$func_convert_core_file_wine_to_w32_result"; then if test -z "$func_convert_core_path_wine_to_w32_result"; then func_convert_core_path_wine_to_w32_result=$func_convert_core_file_wine_to_w32_result else func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" fi fi done IFS=$oldIFS fi } # end: func_convert_core_path_wine_to_w32 # func_cygpath ARGS... # Wrapper around calling the cygpath program via LT_CYGPATH. This is used when # when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2) # $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or # (2), returns the Cygwin file name or path in func_cygpath_result (input # file name or path is assumed to be in w32 format, as previously converted # from $build's *nix or MSYS format). In case (3), returns the w32 file name # or path in func_cygpath_result (input file name or path is assumed to be in # Cygwin format). Returns an empty string on error. # # ARGS are passed to cygpath, with the last one being the file name or path to # be converted. # # Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH # environment variable; do not put it in $PATH. func_cygpath () { $debug_cmd if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` if test "$?" -ne 0; then # on failure, ensure result is empty func_cygpath_result= fi else func_cygpath_result= func_error "LT_CYGPATH is empty or specifies non-existent file: '$LT_CYGPATH'" fi } #end: func_cygpath # func_convert_core_msys_to_w32 ARG # Convert file name or path ARG from MSYS format to w32 format. Return # result in func_convert_core_msys_to_w32_result. func_convert_core_msys_to_w32 () { $debug_cmd # awkward: cmd appends spaces to result func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | $SED -e 's/[ ]*$//' -e "$sed_naive_backslashify"` } #end: func_convert_core_msys_to_w32 # func_convert_file_check ARG1 ARG2 # Verify that ARG1 (a file name in $build format) was converted to $host # format in ARG2. Otherwise, emit an error message, but continue (resetting # func_to_host_file_result to ARG1). func_convert_file_check () { $debug_cmd if test -z "$2" && test -n "$1"; then func_error "Could not determine host file name corresponding to" func_error " '$1'" func_error "Continuing, but uninstalled executables may not work." # Fallback: func_to_host_file_result=$1 fi } # end func_convert_file_check # func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH # Verify that FROM_PATH (a path in $build format) was converted to $host # format in TO_PATH. Otherwise, emit an error message, but continue, resetting # func_to_host_file_result to a simplistic fallback value (see below). func_convert_path_check () { $debug_cmd if test -z "$4" && test -n "$3"; then func_error "Could not determine the host path corresponding to" func_error " '$3'" func_error "Continuing, but uninstalled executables may not work." # Fallback. This is a deliberately simplistic "conversion" and # should not be "improved". See libtool.info. if test "x$1" != "x$2"; then lt_replace_pathsep_chars="s|$1|$2|g" func_to_host_path_result=`echo "$3" | $SED -e "$lt_replace_pathsep_chars"` else func_to_host_path_result=$3 fi fi } # end func_convert_path_check # func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG # Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT # and appending REPL if ORIG matches BACKPAT. func_convert_path_front_back_pathsep () { $debug_cmd case $4 in $1 ) func_to_host_path_result=$3$func_to_host_path_result ;; esac case $4 in $2 ) func_append func_to_host_path_result "$3" ;; esac } # end func_convert_path_front_back_pathsep ################################################## # $build to $host FILE NAME CONVERSION FUNCTIONS # ################################################## # invoked via '$to_host_file_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # Result will be available in $func_to_host_file_result. # func_to_host_file ARG # Converts the file name ARG from $build format to $host format. Return result # in func_to_host_file_result. func_to_host_file () { $debug_cmd $to_host_file_cmd "$1" } # end func_to_host_file # func_to_tool_file ARG LAZY # converts the file name ARG from $build format to toolchain format. Return # result in func_to_tool_file_result. If the conversion in use is listed # in (the comma separated) LAZY, no conversion takes place. func_to_tool_file () { $debug_cmd case ,$2, in *,"$to_tool_file_cmd",*) func_to_tool_file_result=$1 ;; *) $to_tool_file_cmd "$1" func_to_tool_file_result=$func_to_host_file_result ;; esac } # end func_to_tool_file # func_convert_file_noop ARG # Copy ARG to func_to_host_file_result. func_convert_file_noop () { func_to_host_file_result=$1 } # end func_convert_file_noop # func_convert_file_msys_to_w32 ARG # Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic # conversion to w32 is not available inside the cwrapper. Returns result in # func_to_host_file_result. func_convert_file_msys_to_w32 () { $debug_cmd func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" func_to_host_file_result=$func_convert_core_msys_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } # end func_convert_file_msys_to_w32 # func_convert_file_cygwin_to_w32 ARG # Convert file name ARG from Cygwin to w32 format. Returns result in # func_to_host_file_result. func_convert_file_cygwin_to_w32 () { $debug_cmd func_to_host_file_result=$1 if test -n "$1"; then # because $build is cygwin, we call "the" cygpath in $PATH; no need to use # LT_CYGPATH in this case. func_to_host_file_result=`cygpath -m "$1"` fi func_convert_file_check "$1" "$func_to_host_file_result" } # end func_convert_file_cygwin_to_w32 # func_convert_file_nix_to_w32 ARG # Convert file name ARG from *nix to w32 format. Requires a wine environment # and a working winepath. Returns result in func_to_host_file_result. func_convert_file_nix_to_w32 () { $debug_cmd func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_file_wine_to_w32 "$1" func_to_host_file_result=$func_convert_core_file_wine_to_w32_result fi func_convert_file_check "$1" "$func_to_host_file_result" } # end func_convert_file_nix_to_w32 # func_convert_file_msys_to_cygwin ARG # Convert file name ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. # Returns result in func_to_host_file_result. func_convert_file_msys_to_cygwin () { $debug_cmd func_to_host_file_result=$1 if test -n "$1"; then func_convert_core_msys_to_w32 "$1" func_cygpath -u "$func_convert_core_msys_to_w32_result" func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } # end func_convert_file_msys_to_cygwin # func_convert_file_nix_to_cygwin ARG # Convert file name ARG from *nix to Cygwin format. Requires Cygwin installed # in a wine environment, working winepath, and LT_CYGPATH set. Returns result # in func_to_host_file_result. func_convert_file_nix_to_cygwin () { $debug_cmd func_to_host_file_result=$1 if test -n "$1"; then # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. func_convert_core_file_wine_to_w32 "$1" func_cygpath -u "$func_convert_core_file_wine_to_w32_result" func_to_host_file_result=$func_cygpath_result fi func_convert_file_check "$1" "$func_to_host_file_result" } # end func_convert_file_nix_to_cygwin ############################################# # $build to $host PATH CONVERSION FUNCTIONS # ############################################# # invoked via '$to_host_path_cmd ARG' # # In each case, ARG is the path to be converted from $build to $host format. # The result will be available in $func_to_host_path_result. # # Path separators are also converted from $build format to $host format. If # ARG begins or ends with a path separator character, it is preserved (but # converted to $host format) on output. # # All path conversion functions are named using the following convention: # file name conversion function : func_convert_file_X_to_Y () # path conversion function : func_convert_path_X_to_Y () # where, for any given $build/$host combination the 'X_to_Y' value is the # same. If conversion functions are added for new $build/$host combinations, # the two new functions must follow this pattern, or func_init_to_host_path_cmd # will break. # func_init_to_host_path_cmd # Ensures that function "pointer" variable $to_host_path_cmd is set to the # appropriate value, based on the value of $to_host_file_cmd. to_host_path_cmd= func_init_to_host_path_cmd () { $debug_cmd if test -z "$to_host_path_cmd"; then func_stripname 'func_convert_file_' '' "$to_host_file_cmd" to_host_path_cmd=func_convert_path_$func_stripname_result fi } # func_to_host_path ARG # Converts the path ARG from $build format to $host format. Return result # in func_to_host_path_result. func_to_host_path () { $debug_cmd func_init_to_host_path_cmd $to_host_path_cmd "$1" } # end func_to_host_path # func_convert_path_noop ARG # Copy ARG to func_to_host_path_result. func_convert_path_noop () { func_to_host_path_result=$1 } # end func_convert_path_noop # func_convert_path_msys_to_w32 ARG # Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic # conversion to w32 is not available inside the cwrapper. Returns result in # func_to_host_path_result. func_convert_path_msys_to_w32 () { $debug_cmd func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from ARG. MSYS # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; # and winepath ignores them completely. func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" func_to_host_path_result=$func_convert_core_msys_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" fi } # end func_convert_path_msys_to_w32 # func_convert_path_cygwin_to_w32 ARG # Convert path ARG from Cygwin to w32 format. Returns result in # func_to_host_file_result. func_convert_path_cygwin_to_w32 () { $debug_cmd func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"` func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" fi } # end func_convert_path_cygwin_to_w32 # func_convert_path_nix_to_w32 ARG # Convert path ARG from *nix to w32 format. Requires a wine environment and # a working winepath. Returns result in func_to_host_file_result. func_convert_path_nix_to_w32 () { $debug_cmd func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" func_to_host_path_result=$func_convert_core_path_wine_to_w32_result func_convert_path_check : ";" \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" fi } # end func_convert_path_nix_to_w32 # func_convert_path_msys_to_cygwin ARG # Convert path ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. # Returns result in func_to_host_file_result. func_convert_path_msys_to_cygwin () { $debug_cmd func_to_host_path_result=$1 if test -n "$1"; then # See func_convert_path_msys_to_w32: func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_msys_to_w32_result" func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" fi } # end func_convert_path_msys_to_cygwin # func_convert_path_nix_to_cygwin ARG # Convert path ARG from *nix to Cygwin format. Requires Cygwin installed in a # a wine environment, working winepath, and LT_CYGPATH set. Returns result in # func_to_host_file_result. func_convert_path_nix_to_cygwin () { $debug_cmd func_to_host_path_result=$1 if test -n "$1"; then # Remove leading and trailing path separator characters from # ARG. msys behavior is inconsistent here, cygpath turns them # into '.;' and ';.', and winepath ignores them completely. func_stripname : : "$1" func_to_host_path_tmp1=$func_stripname_result func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" func_cygpath -u -p "$func_convert_core_path_wine_to_w32_result" func_to_host_path_result=$func_cygpath_result func_convert_path_check : : \ "$func_to_host_path_tmp1" "$func_to_host_path_result" func_convert_path_front_back_pathsep ":*" "*:" : "$1" fi } # end func_convert_path_nix_to_cygwin # func_dll_def_p FILE # True iff FILE is a Windows DLL '.def' file. # Keep in sync with _LT_DLL_DEF_P in libtool.m4 func_dll_def_p () { $debug_cmd func_dll_def_p_tmp=`$SED -n \ -e 's/^[ ]*//' \ -e '/^\(;.*\)*$/d' \ -e 's/^\(EXPORTS\|LIBRARY\)\([ ].*\)*$/DEF/p' \ -e q \ "$1"` test DEF = "$func_dll_def_p_tmp" } # func_mode_compile arg... func_mode_compile () { $debug_cmd # Get the compilation command and the source file. base_compile= srcfile=$nonopt # always keep a non-empty value in "srcfile" suppress_opt=yes suppress_output= arg_mode=normal libobj= later= pie_flag= for arg do case $arg_mode in arg ) # do not "continue". Instead, add this to base_compile lastarg=$arg arg_mode=normal ;; target ) libobj=$arg arg_mode=normal continue ;; normal ) # Accept any command-line options. case $arg in -o) test -n "$libobj" && \ func_fatal_error "you cannot specify '-o' more than once" arg_mode=target continue ;; -pie | -fpie | -fPIE) func_append pie_flag " $arg" continue ;; -shared | -static | -prefer-pic | -prefer-non-pic) func_append later " $arg" continue ;; -no-suppress) suppress_opt=no continue ;; -Xcompiler) arg_mode=arg # the next one goes into the "base_compile" arg list continue # The current "srcfile" will either be retained or ;; # replaced later. I would guess that would be a bug. -Wc,*) func_stripname '-Wc,' '' "$arg" args=$func_stripname_result lastarg= save_ifs=$IFS; IFS=, for arg in $args; do IFS=$save_ifs func_append_quoted lastarg "$arg" done IFS=$save_ifs func_stripname ' ' '' "$lastarg" lastarg=$func_stripname_result # Add the arguments to base_compile. func_append base_compile " $lastarg" continue ;; *) # Accept the current argument as the source file. # The previous "srcfile" becomes the current argument. # lastarg=$srcfile srcfile=$arg ;; esac # case $arg ;; esac # case $arg_mode # Aesthetically quote the previous argument. func_append_quoted base_compile "$lastarg" done # for arg case $arg_mode in arg) func_fatal_error "you must specify an argument for -Xcompile" ;; target) func_fatal_error "you must specify a target with '-o'" ;; *) # Get the name of the library object. test -z "$libobj" && { func_basename "$srcfile" libobj=$func_basename_result } ;; esac # Recognize several different file suffixes. # If the user specifies -o file.o, it is replaced with file.lo case $libobj in *.[cCFSifmso] | \ *.ada | *.adb | *.ads | *.asm | \ *.c++ | *.cc | *.ii | *.class | *.cpp | *.cxx | \ *.[fF][09]? | *.for | *.java | *.go | *.obj | *.sx | *.cu | *.cup) func_xform "$libobj" libobj=$func_xform_result ;; esac case $libobj in *.lo) func_lo2o "$libobj"; obj=$func_lo2o_result ;; *) func_fatal_error "cannot determine name of library object from '$libobj'" ;; esac func_infer_tag $base_compile for arg in $later; do case $arg in -shared) test yes = "$build_libtool_libs" \ || func_fatal_configuration "cannot build a shared library" build_old_libs=no continue ;; -static) build_libtool_libs=no build_old_libs=yes continue ;; -prefer-pic) pic_mode=yes continue ;; -prefer-non-pic) pic_mode=no continue ;; esac done func_quote_for_eval "$libobj" test "X$libobj" != "X$func_quote_for_eval_result" \ && $ECHO "X$libobj" | $GREP '[]~#^*{};<>?"'"'"' &()|`$[]' \ && func_warning "libobj name '$libobj' may not contain shell special characters." func_dirname_and_basename "$obj" "/" "" objname=$func_basename_result xdir=$func_dirname_result lobj=$xdir$objdir/$objname test -z "$base_compile" && \ func_fatal_help "you must specify a compilation command" # Delete any leftover library objects. if test yes = "$build_old_libs"; then removelist="$obj $lobj $libobj ${libobj}T" else removelist="$lobj $libobj ${libobj}T" fi # On Cygwin there's no "real" PIC flag so we must build both object types case $host_os in cygwin* | mingw* | pw32* | os2* | cegcc*) pic_mode=default ;; esac if test no = "$pic_mode" && test pass_all != "$deplibs_check_method"; then # non-PIC code in shared libraries is not supported pic_mode=default fi # Calculate the filename of the output object if compiler does # not support -o with -c if test no = "$compiler_c_o"; then output_obj=`$ECHO "$srcfile" | $SED 's%^.*/%%; s%\.[^.]*$%%'`.$objext lockfile=$output_obj.lock else output_obj= need_locks=no lockfile= fi # Lock this critical section if it is needed # We use this script file to make the link, it avoids creating a new file if test yes = "$need_locks"; then until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" sleep 2 done elif test warn = "$need_locks"; then if test -f "$lockfile"; then $ECHO "\ *** ERROR, $lockfile exists and contains: `cat $lockfile 2>/dev/null` This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." $opt_dry_run || $RM $removelist exit $EXIT_FAILURE fi func_append removelist " $output_obj" $ECHO "$srcfile" > "$lockfile" fi $opt_dry_run || $RM $removelist func_append removelist " $lockfile" trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15 func_to_tool_file "$srcfile" func_convert_file_msys_to_w32 srcfile=$func_to_tool_file_result func_quote_for_eval "$srcfile" qsrcfile=$func_quote_for_eval_result # Only build a PIC object if we are building libtool libraries. if test yes = "$build_libtool_libs"; then # Without this assignment, base_compile gets emptied. fbsd_hideous_sh_bug=$base_compile if test no != "$pic_mode"; then command="$base_compile $qsrcfile $pic_flag" else # Don't build PIC code command="$base_compile $qsrcfile" fi func_mkdir_p "$xdir$objdir" if test -z "$output_obj"; then # Place PIC objects in $objdir func_append command " -o $lobj" fi func_show_eval_locale "$command" \ 'test -n "$output_obj" && $RM $removelist; exit $EXIT_FAILURE' if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: `cat $lockfile 2>/dev/null` but it should contain: $srcfile This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." $opt_dry_run || $RM $removelist exit $EXIT_FAILURE fi # Just move the object if needed, then go on to compile the next one if test -n "$output_obj" && test "X$output_obj" != "X$lobj"; then func_show_eval '$MV "$output_obj" "$lobj"' \ 'error=$?; $opt_dry_run || $RM $removelist; exit $error' fi # Allow error messages only from the first compilation. if test yes = "$suppress_opt"; then suppress_output=' >/dev/null 2>&1' fi fi # Only build a position-dependent object if we build old libraries. if test yes = "$build_old_libs"; then if test yes != "$pic_mode"; then # Don't build PIC code command="$base_compile $qsrcfile$pie_flag" else command="$base_compile $qsrcfile $pic_flag" fi if test yes = "$compiler_c_o"; then func_append command " -o $obj" fi # Suppress compiler output if we already did a PIC compilation. func_append command "$suppress_output" func_show_eval_locale "$command" \ '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' if test warn = "$need_locks" && test "X`cat $lockfile 2>/dev/null`" != "X$srcfile"; then $ECHO "\ *** ERROR, $lockfile contains: `cat $lockfile 2>/dev/null` but it should contain: $srcfile This indicates that another process is trying to use the same temporary object file, and libtool could not work around it because your compiler does not support '-c' and '-o' together. If you repeat this compilation, it may succeed, by chance, but you had better avoid parallel builds (make -j) in this platform, or get a better compiler." $opt_dry_run || $RM $removelist exit $EXIT_FAILURE fi # Just move the object if needed if test -n "$output_obj" && test "X$output_obj" != "X$obj"; then func_show_eval '$MV "$output_obj" "$obj"' \ 'error=$?; $opt_dry_run || $RM $removelist; exit $error' fi fi $opt_dry_run || { func_write_libtool_object "$libobj" "$objdir/$objname" "$objname" # Unlock the critical section if it was locked if test no != "$need_locks"; then removelist=$lockfile $RM "$lockfile" fi } exit $EXIT_SUCCESS } $opt_help || { test compile = "$opt_mode" && func_mode_compile ${1+"$@"} } func_mode_help () { # We need to display help for each of the modes. case $opt_mode in "") # Generic help is extracted from the usage comments # at the start of this file. func_help ;; clean) $ECHO \ "Usage: $progname [OPTION]... --mode=clean RM [RM-OPTION]... FILE... Remove files from the build directory. RM is the name of the program to use to delete files associated with each FILE (typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, object or program, all the files associated with it are deleted. Otherwise, only FILE itself is deleted using RM." ;; compile) $ECHO \ "Usage: $progname [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE Compile a source file into a libtool library object. This mode accepts the following additional options: -o OUTPUT-FILE set the output file name to OUTPUT-FILE -no-suppress do not suppress compiler output for multiple passes -prefer-pic try to build PIC objects only -prefer-non-pic try to build non-PIC objects only -shared do not build a '.o' file suitable for static linking -static only build a '.o' file suitable for static linking -Wc,FLAG pass FLAG directly to the compiler COMPILE-COMMAND is a command to be used in creating a 'standard' object file from the given SOURCEFILE. The output file name is determined by removing the directory component from SOURCEFILE, then substituting the C source code suffix '.c' with the library object suffix, '.lo'." ;; execute) $ECHO \ "Usage: $progname [OPTION]... --mode=execute COMMAND [ARGS]... Automatically set library path, then run a program. This mode accepts the following additional options: -dlopen FILE add the directory containing FILE to the library path This mode sets the library path environment variable according to '-dlopen' flags. If any of the ARGS are libtool executable wrappers, then they are translated into their corresponding uninstalled binary, and any of their required library directories are added to the library path. Then, COMMAND is executed, with ARGS as arguments." ;; finish) $ECHO \ "Usage: $progname [OPTION]... --mode=finish [LIBDIR]... Complete the installation of libtool libraries. Each LIBDIR is a directory that contains libtool libraries. The commands that this mode executes may require superuser privileges. Use the '--dry-run' option if you just want to see what would be executed." ;; install) $ECHO \ "Usage: $progname [OPTION]... --mode=install INSTALL-COMMAND... Install executables or libraries. INSTALL-COMMAND is the installation command. The first component should be either the 'install' or 'cp' program. The following components of INSTALL-COMMAND are treated specially: -inst-prefix-dir PREFIX-DIR Use PREFIX-DIR as a staging area for installation The rest of the components are interpreted as arguments to that command (only BSD-compatible install options are recognized)." ;; link) $ECHO \ "Usage: $progname [OPTION]... --mode=link LINK-COMMAND... Link object files or libraries together to form another library, or to create an executable program. LINK-COMMAND is a command using the C compiler that you would use to create a program from several object files. The following components of LINK-COMMAND are treated specially: -all-static do not do any dynamic linking at all -avoid-version do not add a version suffix if possible -bindir BINDIR specify path to binaries directory (for systems where libraries must be found in the PATH setting at runtime) -dlopen FILE '-dlpreopen' FILE if it cannot be dlopened at runtime -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) -export-symbols SYMFILE try to export only the symbols listed in SYMFILE -export-symbols-regex REGEX try to export only the symbols matching REGEX -LLIBDIR search LIBDIR for required installed libraries -lNAME OUTPUT-FILE requires the installed library libNAME -module build a library that can dlopened -no-fast-install disable the fast-install mode -no-install link a not-installable executable -no-undefined declare that a library does not refer to external symbols -o OUTPUT-FILE create OUTPUT-FILE from the specified objects -objectlist FILE use a list of object files found in FILE to specify objects -os2dllname NAME force a short DLL name on OS/2 (no effect on other OSes) -precious-files-regex REGEX don't remove output files matching REGEX -release RELEASE specify package release information -rpath LIBDIR the created library will eventually be installed in LIBDIR -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries -shared only do dynamic linking of libtool libraries -shrext SUFFIX override the standard shared library file extension -static do not do any dynamic linking of uninstalled libtool libraries -static-libtool-libs do not do any dynamic linking of libtool libraries -version-info CURRENT[:REVISION[:AGE]] specify library version info [each variable defaults to 0] -weak LIBNAME declare that the target provides the LIBNAME interface -Wc,FLAG -Xcompiler FLAG pass linker-specific FLAG directly to the compiler -Wl,FLAG -Xlinker FLAG pass linker-specific FLAG directly to the linker -XCClinker FLAG pass link-specific FLAG to the compiler driver (CC) All other options (arguments beginning with '-') are ignored. Every other argument is treated as a filename. Files ending in '.la' are treated as uninstalled libtool libraries, other files are standard or library object files. If the OUTPUT-FILE ends in '.la', then a libtool library is created, only library objects ('.lo' files) may be specified, and '-rpath' is required, except when creating a convenience library. If OUTPUT-FILE ends in '.a' or '.lib', then a standard library is created using 'ar' and 'ranlib', or on Windows using 'lib'. If OUTPUT-FILE ends in '.lo' or '.$objext', then a reloadable object file is created, otherwise an executable program is created." ;; uninstall) $ECHO \ "Usage: $progname [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... Remove libraries from an installation directory. RM is the name of the program to use to delete files associated with each FILE (typically '/bin/rm'). RM-OPTIONS are options (such as '-f') to be passed to RM. If FILE is a libtool library, all the files associated with it are deleted. Otherwise, only FILE itself is deleted using RM." ;; *) func_fatal_help "invalid operation mode '$opt_mode'" ;; esac echo $ECHO "Try '$progname --help' for more information about other modes." } # Now that we've collected a possible --mode arg, show help if necessary if $opt_help; then if test : = "$opt_help"; then func_mode_help else { func_help noexit for opt_mode in compile link execute install finish uninstall clean; do func_mode_help done } | $SED -n '1p; 2,$s/^Usage:/ or: /p' { func_help noexit for opt_mode in compile link execute install finish uninstall clean; do echo func_mode_help done } | $SED '1d /^When reporting/,/^Report/{ H d } $x /information about other modes/d /more detailed .*MODE/d s/^Usage:.*--mode=\([^ ]*\) .*/Description of \1 mode:/' fi exit $? fi # func_mode_execute arg... func_mode_execute () { $debug_cmd # The first argument is the command name. cmd=$nonopt test -z "$cmd" && \ func_fatal_help "you must specify a COMMAND" # Handle -dlopen flags immediately. for file in $opt_dlopen; do test -f "$file" \ || func_fatal_help "'$file' is not a file" dir= case $file in *.la) func_resolve_sysroot "$file" file=$func_resolve_sysroot_result # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ || func_fatal_help "'$lib' is not a valid libtool archive" # Read the libtool library. dlname= library_names= func_source "$file" # Skip this library if it cannot be dlopened. if test -z "$dlname"; then # Warn if it was a shared library. test -n "$library_names" && \ func_warning "'$file' was not linked with '-export-dynamic'" continue fi func_dirname "$file" "" "." dir=$func_dirname_result if test -f "$dir/$objdir/$dlname"; then func_append dir "/$objdir" else if test ! -f "$dir/$dlname"; then func_fatal_error "cannot find '$dlname' in '$dir' or '$dir/$objdir'" fi fi ;; *.lo) # Just add the directory containing the .lo file. func_dirname "$file" "" "." dir=$func_dirname_result ;; *) func_warning "'-dlopen' is ignored for non-libtool libraries and objects" continue ;; esac # Get the absolute pathname. absdir=`cd "$dir" && pwd` test -n "$absdir" && dir=$absdir # Now add the directory to shlibpath_var. if eval "test -z \"\$$shlibpath_var\""; then eval "$shlibpath_var=\"\$dir\"" else eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\"" fi done # This variable tells wrapper scripts just to set shlibpath_var # rather than running their programs. libtool_execute_magic=$magic # Check if any of the arguments is a wrapper script. args= for file do case $file in -* | *.la | *.lo ) ;; *) # Do a test to see if this is really a libtool program. if func_ltwrapper_script_p "$file"; then func_source "$file" # Transform arg to wrapped name. file=$progdir/$program elif func_ltwrapper_executable_p "$file"; then func_ltwrapper_scriptname "$file" func_source "$func_ltwrapper_scriptname_result" # Transform arg to wrapped name. file=$progdir/$program fi ;; esac # Quote arguments (to preserve shell metacharacters). func_append_quoted args "$file" done if $opt_dry_run; then # Display what would be done. if test -n "$shlibpath_var"; then eval "\$ECHO \"\$shlibpath_var=\$$shlibpath_var\"" echo "export $shlibpath_var" fi $ECHO "$cmd$args" exit $EXIT_SUCCESS else if test -n "$shlibpath_var"; then # Export the shlibpath_var. eval "export $shlibpath_var" fi # Restore saved environment variables for lt_var in LANG LANGUAGE LC_ALL LC_CTYPE LC_COLLATE LC_MESSAGES do eval "if test \"\${save_$lt_var+set}\" = set; then $lt_var=\$save_$lt_var; export $lt_var else $lt_unset $lt_var fi" done # Now prepare to actually exec the command. exec_cmd=\$cmd$args fi } test execute = "$opt_mode" && func_mode_execute ${1+"$@"} # func_mode_finish arg... func_mode_finish () { $debug_cmd libs= libdirs= admincmds= for opt in "$nonopt" ${1+"$@"} do if test -d "$opt"; then func_append libdirs " $opt" elif test -f "$opt"; then if func_lalib_unsafe_p "$opt"; then func_append libs " $opt" else func_warning "'$opt' is not a valid libtool archive" fi else func_fatal_error "invalid argument '$opt'" fi done if test -n "$libs"; then if test -n "$lt_sysroot"; then sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"` sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;" else sysroot_cmd= fi # Remove sysroot references if $opt_dry_run; then for lib in $libs; do echo "removing references to $lt_sysroot and '=' prefixes from $lib" done else tmpdir=`func_mktempdir` for lib in $libs; do $SED -e "$sysroot_cmd s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ > $tmpdir/tmp-la mv -f $tmpdir/tmp-la $lib done ${RM}r "$tmpdir" fi fi if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then for libdir in $libdirs; do if test -n "$finish_cmds"; then # Do each command in the finish commands. func_execute_cmds "$finish_cmds" 'admincmds="$admincmds '"$cmd"'"' fi if test -n "$finish_eval"; then # Do the single finish_eval. eval cmds=\"$finish_eval\" $opt_dry_run || eval "$cmds" || func_append admincmds " $cmds" fi done fi # Exit here if they wanted silent mode. $opt_quiet && exit $EXIT_SUCCESS if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then echo "----------------------------------------------------------------------" echo "Libraries have been installed in:" for libdir in $libdirs; do $ECHO " $libdir" done echo echo "If you ever happen to want to link against installed libraries" echo "in a given directory, LIBDIR, you must either use libtool, and" echo "specify the full pathname of the library, or use the '-LLIBDIR'" echo "flag during linking and do at least one of the following:" if test -n "$shlibpath_var"; then echo " - add LIBDIR to the '$shlibpath_var' environment variable" echo " during execution" fi if test -n "$runpath_var"; then echo " - add LIBDIR to the '$runpath_var' environment variable" echo " during linking" fi if test -n "$hardcode_libdir_flag_spec"; then libdir=LIBDIR eval flag=\"$hardcode_libdir_flag_spec\" $ECHO " - use the '$flag' linker flag" fi if test -n "$admincmds"; then $ECHO " - have your system administrator run these commands:$admincmds" fi if test -f /etc/ld.so.conf; then echo " - have your system administrator add LIBDIR to '/etc/ld.so.conf'" fi echo echo "See any operating system documentation about shared libraries for" case $host in solaris2.[6789]|solaris2.1[0-9]) echo "more information, such as the ld(1), crle(1) and ld.so(8) manual" echo "pages." ;; *) echo "more information, such as the ld(1) and ld.so(8) manual pages." ;; esac echo "----------------------------------------------------------------------" fi exit $EXIT_SUCCESS } test finish = "$opt_mode" && func_mode_finish ${1+"$@"} # func_mode_install arg... func_mode_install () { $debug_cmd # There may be an optional sh(1) argument at the beginning of # install_prog (especially on Windows NT). if test "$SHELL" = "$nonopt" || test /bin/sh = "$nonopt" || # Allow the use of GNU shtool's install command. case $nonopt in *shtool*) :;; *) false;; esac then # Aesthetically quote it. func_quote_for_eval "$nonopt" install_prog="$func_quote_for_eval_result " arg=$1 shift else install_prog= arg=$nonopt fi # The real first argument should be the name of the installation program. # Aesthetically quote it. func_quote_for_eval "$arg" func_append install_prog "$func_quote_for_eval_result" install_shared_prog=$install_prog case " $install_prog " in *[\\\ /]cp\ *) install_cp=: ;; *) install_cp=false ;; esac # We need to accept at least all the BSD install flags. dest= files= opts= prev= install_type= isdir=false stripme= no_mode=: for arg do arg2= if test -n "$dest"; then func_append files " $dest" dest=$arg continue fi case $arg in -d) isdir=: ;; -f) if $install_cp; then :; else prev=$arg fi ;; -g | -m | -o) prev=$arg ;; -s) stripme=" -s" continue ;; -*) ;; *) # If the previous option needed an argument, then skip it. if test -n "$prev"; then if test X-m = "X$prev" && test -n "$install_override_mode"; then arg2=$install_override_mode no_mode=false fi prev= else dest=$arg continue fi ;; esac # Aesthetically quote the argument. func_quote_for_eval "$arg" func_append install_prog " $func_quote_for_eval_result" if test -n "$arg2"; then func_quote_for_eval "$arg2" fi func_append install_shared_prog " $func_quote_for_eval_result" done test -z "$install_prog" && \ func_fatal_help "you must specify an install program" test -n "$prev" && \ func_fatal_help "the '$prev' option requires an argument" if test -n "$install_override_mode" && $no_mode; then if $install_cp; then :; else func_quote_for_eval "$install_override_mode" func_append install_shared_prog " -m $func_quote_for_eval_result" fi fi if test -z "$files"; then if test -z "$dest"; then func_fatal_help "no file or destination specified" else func_fatal_help "you must specify a destination" fi fi # Strip any trailing slash from the destination. func_stripname '' '/' "$dest" dest=$func_stripname_result # Check to see that the destination is a directory. test -d "$dest" && isdir=: if $isdir; then destdir=$dest destname= else func_dirname_and_basename "$dest" "" "." destdir=$func_dirname_result destname=$func_basename_result # Not a directory, so check to see that there is only one file specified. set dummy $files; shift test "$#" -gt 1 && \ func_fatal_help "'$dest' is not a directory" fi case $destdir in [\\/]* | [A-Za-z]:[\\/]*) ;; *) for file in $files; do case $file in *.lo) ;; *) func_fatal_help "'$destdir' must be an absolute directory name" ;; esac done ;; esac # This variable tells wrapper scripts just to set variables rather # than running their programs. libtool_install_magic=$magic staticlibs= future_libdirs= current_libdirs= for file in $files; do # Do each installation. case $file in *.$libext) # Do the static libraries later. func_append staticlibs " $file" ;; *.la) func_resolve_sysroot "$file" file=$func_resolve_sysroot_result # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ || func_fatal_help "'$file' is not a valid libtool archive" library_names= old_library= relink_command= func_source "$file" # Add the libdir to current_libdirs if it is the destination. if test "X$destdir" = "X$libdir"; then case "$current_libdirs " in *" $libdir "*) ;; *) func_append current_libdirs " $libdir" ;; esac else # Note the libdir as a future libdir. case "$future_libdirs " in *" $libdir "*) ;; *) func_append future_libdirs " $libdir" ;; esac fi func_dirname "$file" "/" "" dir=$func_dirname_result func_append dir "$objdir" if test -n "$relink_command"; then # Determine the prefix the user has applied to our future dir. inst_prefix_dir=`$ECHO "$destdir" | $SED -e "s%$libdir\$%%"` # Don't allow the user to place us outside of our expected # location b/c this prevents finding dependent libraries that # are installed to the same prefix. # At present, this check doesn't affect windows .dll's that # are installed into $libdir/../bin (currently, that works fine) # but it's something to keep an eye on. test "$inst_prefix_dir" = "$destdir" && \ func_fatal_error "error: cannot install '$file' to a directory not ending in $libdir" if test -n "$inst_prefix_dir"; then # Stick the inst_prefix_dir data into the link command. relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%-inst-prefix-dir $inst_prefix_dir%"` else relink_command=`$ECHO "$relink_command" | $SED "s%@inst_prefix_dir@%%"` fi func_warning "relinking '$file'" func_show_eval "$relink_command" \ 'func_fatal_error "error: relink '\''$file'\'' with the above command before installing it"' fi # See the names of the shared library. set dummy $library_names; shift if test -n "$1"; then realname=$1 shift srcname=$realname test -n "$relink_command" && srcname=${realname}T # Install the shared library and build the symlinks. func_show_eval "$install_shared_prog $dir/$srcname $destdir/$realname" \ 'exit $?' tstripme=$stripme case $host_os in cygwin* | mingw* | pw32* | cegcc*) case $realname in *.dll.a) tstripme= ;; esac ;; os2*) case $realname in *_dll.a) tstripme= ;; esac ;; esac if test -n "$tstripme" && test -n "$striplib"; then func_show_eval "$striplib $destdir/$realname" 'exit $?' fi if test "$#" -gt 0; then # Delete the old symlinks, and create new ones. # Try 'ln -sf' first, because the 'ln' binary might depend on # the symlink we replace! Solaris /bin/ln does not understand -f, # so we also need to try rm && ln -s. for linkname do test "$linkname" != "$realname" \ && func_show_eval "(cd $destdir && { $LN_S -f $realname $linkname || { $RM $linkname && $LN_S $realname $linkname; }; })" done fi # Do each command in the postinstall commands. lib=$destdir/$realname func_execute_cmds "$postinstall_cmds" 'exit $?' fi # Install the pseudo-library for information purposes. func_basename "$file" name=$func_basename_result instname=$dir/${name}i func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' # Maybe install the static library, too. test -n "$old_library" && func_append staticlibs " $dir/$old_library" ;; *.lo) # Install (i.e. copy) a libtool object. # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then destfile=$destdir/$destname else func_basename "$file" destfile=$func_basename_result destfile=$destdir/$destfile fi # Deduce the name of the destination old-style object file. case $destfile in *.lo) func_lo2o "$destfile" staticdest=$func_lo2o_result ;; *.$objext) staticdest=$destfile destfile= ;; *) func_fatal_help "cannot copy a libtool object to '$destfile'" ;; esac # Install the libtool object if requested. test -n "$destfile" && \ func_show_eval "$install_prog $file $destfile" 'exit $?' # Install the old object if enabled. if test yes = "$build_old_libs"; then # Deduce the name of the old-style object file. func_lo2o "$file" staticobj=$func_lo2o_result func_show_eval "$install_prog \$staticobj \$staticdest" 'exit $?' fi exit $EXIT_SUCCESS ;; *) # Figure out destination file name, if it wasn't already specified. if test -n "$destname"; then destfile=$destdir/$destname else func_basename "$file" destfile=$func_basename_result destfile=$destdir/$destfile fi # If the file is missing, and there is a .exe on the end, strip it # because it is most likely a libtool script we actually want to # install stripped_ext= case $file in *.exe) if test ! -f "$file"; then func_stripname '' '.exe' "$file" file=$func_stripname_result stripped_ext=.exe fi ;; esac # Do a test to see if this is really a libtool program. case $host in *cygwin* | *mingw*) if func_ltwrapper_executable_p "$file"; then func_ltwrapper_scriptname "$file" wrapper=$func_ltwrapper_scriptname_result else func_stripname '' '.exe' "$file" wrapper=$func_stripname_result fi ;; *) wrapper=$file ;; esac if func_ltwrapper_script_p "$wrapper"; then notinst_deplibs= relink_command= func_source "$wrapper" # Check the variables that should have been set. test -z "$generated_by_libtool_version" && \ func_fatal_error "invalid libtool wrapper script '$wrapper'" finalize=: for lib in $notinst_deplibs; do # Check to see that each library is installed. libdir= if test -f "$lib"; then func_source "$lib" fi libfile=$libdir/`$ECHO "$lib" | $SED 's%^.*/%%g'` if test -n "$libdir" && test ! -f "$libfile"; then func_warning "'$lib' has not been installed in '$libdir'" finalize=false fi done relink_command= func_source "$wrapper" outputname= if test no = "$fast_install" && test -n "$relink_command"; then $opt_dry_run || { if $finalize; then tmpdir=`func_mktempdir` func_basename "$file$stripped_ext" file=$func_basename_result outputname=$tmpdir/$file # Replace the output file specification. relink_command=`$ECHO "$relink_command" | $SED 's%@OUTPUT@%'"$outputname"'%g'` $opt_quiet || { func_quote_for_expand "$relink_command" eval "func_echo $func_quote_for_expand_result" } if eval "$relink_command"; then : else func_error "error: relink '$file' with the above command before installing it" $opt_dry_run || ${RM}r "$tmpdir" continue fi file=$outputname else func_warning "cannot relink '$file'" fi } else # Install the binary that we compiled earlier. file=`$ECHO "$file$stripped_ext" | $SED "s%\([^/]*\)$%$objdir/\1%"` fi fi # remove .exe since cygwin /usr/bin/install will append another # one anyway case $install_prog,$host in */usr/bin/install*,*cygwin*) case $file:$destfile in *.exe:*.exe) # this is ok ;; *.exe:*) destfile=$destfile.exe ;; *:*.exe) func_stripname '' '.exe' "$destfile" destfile=$func_stripname_result ;; esac ;; esac func_show_eval "$install_prog\$stripme \$file \$destfile" 'exit $?' $opt_dry_run || if test -n "$outputname"; then ${RM}r "$tmpdir" fi ;; esac done for file in $staticlibs; do func_basename "$file" name=$func_basename_result # Set up the ranlib parameters. oldlib=$destdir/$name func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 tool_oldlib=$func_to_tool_file_result func_show_eval "$install_prog \$file \$oldlib" 'exit $?' if test -n "$stripme" && test -n "$old_striplib"; then func_show_eval "$old_striplib $tool_oldlib" 'exit $?' fi # Do each command in the postinstall commands. func_execute_cmds "$old_postinstall_cmds" 'exit $?' done test -n "$future_libdirs" && \ func_warning "remember to run '$progname --finish$future_libdirs'" if test -n "$current_libdirs"; then # Maybe just do a dry run. $opt_dry_run && current_libdirs=" -n$current_libdirs" exec_cmd='$SHELL "$progpath" $preserve_args --finish$current_libdirs' else exit $EXIT_SUCCESS fi } test install = "$opt_mode" && func_mode_install ${1+"$@"} # func_generate_dlsyms outputname originator pic_p # Extract symbols from dlprefiles and create ${outputname}S.o with # a dlpreopen symbol table. func_generate_dlsyms () { $debug_cmd my_outputname=$1 my_originator=$2 my_pic_p=${3-false} my_prefix=`$ECHO "$my_originator" | $SED 's%[^a-zA-Z0-9]%_%g'` my_dlsyms= if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then if test -n "$NM" && test -n "$global_symbol_pipe"; then my_dlsyms=${my_outputname}S.c else func_error "not configured to extract global symbols from dlpreopened files" fi fi if test -n "$my_dlsyms"; then case $my_dlsyms in "") ;; *.c) # Discover the nlist of each of the dlfiles. nlist=$output_objdir/$my_outputname.nm func_show_eval "$RM $nlist ${nlist}S ${nlist}T" # Parse the name list into a source file. func_verbose "creating $output_objdir/$my_dlsyms" $opt_dry_run || $ECHO > "$output_objdir/$my_dlsyms" "\ /* $my_dlsyms - symbol resolution table for '$my_outputname' dlsym emulation. */ /* Generated by $PROGRAM (GNU $PACKAGE) $VERSION */ #ifdef __cplusplus extern \"C\" { #endif #if defined __GNUC__ && (((__GNUC__ == 4) && (__GNUC_MINOR__ >= 4)) || (__GNUC__ > 4)) #pragma GCC diagnostic ignored \"-Wstrict-prototypes\" #endif /* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ #if defined _WIN32 || defined __CYGWIN__ || defined _WIN32_WCE /* DATA imports from DLLs on WIN32 can't be const, because runtime relocations are performed -- see ld's documentation on pseudo-relocs. */ # define LT_DLSYM_CONST #elif defined __osf__ /* This system does not cope well with relocations in const data. */ # define LT_DLSYM_CONST #else # define LT_DLSYM_CONST const #endif #define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) /* External symbol declarations for the compiler. */\ " if test yes = "$dlself"; then func_verbose "generating symbol list for '$output'" $opt_dry_run || echo ': @PROGRAM@ ' > "$nlist" # Add our own program objects to the symbol list. progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` for progfile in $progfiles; do func_to_tool_file "$progfile" func_convert_file_msys_to_w32 func_verbose "extracting global C symbols from '$func_to_tool_file_result'" $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" done if test -n "$exclude_expsyms"; then $opt_dry_run || { eval '$EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T' eval '$MV "$nlist"T "$nlist"' } fi if test -n "$export_symbols_regex"; then $opt_dry_run || { eval '$EGREP -e "$export_symbols_regex" "$nlist" > "$nlist"T' eval '$MV "$nlist"T "$nlist"' } fi # Prepare the list of exported symbols if test -z "$export_symbols"; then export_symbols=$output_objdir/$outputname.exp $opt_dry_run || { $RM $export_symbols eval "$SED -n -e '/^: @PROGRAM@ $/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' case $host in *cygwin* | *mingw* | *cegcc* ) eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' eval 'cat "$export_symbols" >> "$output_objdir/$outputname.def"' ;; esac } else $opt_dry_run || { eval "$SED -e 's/\([].[*^$]\)/\\\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$outputname.exp"' eval '$GREP -f "$output_objdir/$outputname.exp" < "$nlist" > "$nlist"T' eval '$MV "$nlist"T "$nlist"' case $host in *cygwin* | *mingw* | *cegcc* ) eval "echo EXPORTS "'> "$output_objdir/$outputname.def"' eval 'cat "$nlist" >> "$output_objdir/$outputname.def"' ;; esac } fi fi for dlprefile in $dlprefiles; do func_verbose "extracting global C symbols from '$dlprefile'" func_basename "$dlprefile" name=$func_basename_result case $host in *cygwin* | *mingw* | *cegcc* ) # if an import library, we need to obtain dlname if func_win32_import_lib_p "$dlprefile"; then func_tr_sh "$dlprefile" eval "curr_lafile=\$libfile_$func_tr_sh_result" dlprefile_dlbasename= if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then # Use subshell, to avoid clobbering current variable values dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` if test -n "$dlprefile_dlname"; then func_basename "$dlprefile_dlname" dlprefile_dlbasename=$func_basename_result else # no lafile. user explicitly requested -dlpreopen . $sharedlib_from_linklib_cmd "$dlprefile" dlprefile_dlbasename=$sharedlib_from_linklib_result fi fi $opt_dry_run || { if test -n "$dlprefile_dlbasename"; then eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' else func_warning "Could not compute DLL name from $name" eval '$ECHO ": $name " >> "$nlist"' fi func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe | $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'" } else # not an import lib $opt_dry_run || { eval '$ECHO ": $name " >> "$nlist"' func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" } fi ;; *) $opt_dry_run || { eval '$ECHO ": $name " >> "$nlist"' func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" } ;; esac done $opt_dry_run || { # Make sure we have at least an empty file. test -f "$nlist" || : > "$nlist" if test -n "$exclude_expsyms"; then $EGREP -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T $MV "$nlist"T "$nlist" fi # Try sorting and uniquifying the output. if $GREP -v "^: " < "$nlist" | if sort -k 3 /dev/null 2>&1; then sort -k 3 else sort +2 fi | uniq > "$nlist"S; then : else $GREP -v "^: " < "$nlist" > "$nlist"S fi if test -f "$nlist"S; then eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$my_dlsyms"' else echo '/* NONE */' >> "$output_objdir/$my_dlsyms" fi func_show_eval '$RM "${nlist}I"' if test -n "$global_symbol_to_import"; then eval "$global_symbol_to_import"' < "$nlist"S > "$nlist"I' fi echo >> "$output_objdir/$my_dlsyms" "\ /* The mapping between symbol names and symbols. */ typedef struct { const char *name; void *address; } lt_dlsymlist; extern LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[];\ " if test -s "$nlist"I; then echo >> "$output_objdir/$my_dlsyms" "\ static void lt_syminit(void) { LT_DLSYM_CONST lt_dlsymlist *symbol = lt_${my_prefix}_LTX_preloaded_symbols; for (; symbol->name; ++symbol) {" $SED 's/.*/ if (STREQ (symbol->name, \"&\")) symbol->address = (void *) \&&;/' < "$nlist"I >> "$output_objdir/$my_dlsyms" echo >> "$output_objdir/$my_dlsyms" "\ } }" fi echo >> "$output_objdir/$my_dlsyms" "\ LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[] = { {\"$my_originator\", (void *) 0}," if test -s "$nlist"I; then echo >> "$output_objdir/$my_dlsyms" "\ {\"@INIT@\", (void *) <_syminit}," fi case $need_lib_prefix in no) eval "$global_symbol_to_c_name_address" < "$nlist" >> "$output_objdir/$my_dlsyms" ;; *) eval "$global_symbol_to_c_name_address_lib_prefix" < "$nlist" >> "$output_objdir/$my_dlsyms" ;; esac echo >> "$output_objdir/$my_dlsyms" "\ {0, (void *) 0} }; /* This works around a problem in FreeBSD linker */ #ifdef FREEBSD_WORKAROUND static const void *lt_preloaded_setup() { return lt_${my_prefix}_LTX_preloaded_symbols; } #endif #ifdef __cplusplus } #endif\ " } # !$opt_dry_run pic_flag_for_symtable= case "$compile_command " in *" -static "*) ;; *) case $host in # compiling the symbol table file with pic_flag works around # a FreeBSD bug that causes programs to crash when -lm is # linked before any other PIC object. But we must not use # pic_flag when linking with -static. The problem exists in # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; *) $my_pic_p && pic_flag_for_symtable=" $pic_flag" ;; esac ;; esac symtab_cflags= for arg in $LTCFLAGS; do case $arg in -pie | -fpie | -fPIE) ;; *) func_append symtab_cflags " $arg" ;; esac done # Now compile the dynamic symbol file. func_show_eval '(cd $output_objdir && $LTCC$symtab_cflags -c$no_builtin_flag$pic_flag_for_symtable "$my_dlsyms")' 'exit $?' # Clean up the generated files. func_show_eval '$RM "$output_objdir/$my_dlsyms" "$nlist" "${nlist}S" "${nlist}T" "${nlist}I"' # Transform the symbol file into the correct name. symfileobj=$output_objdir/${my_outputname}S.$objext case $host in *cygwin* | *mingw* | *cegcc* ) if test -f "$output_objdir/$my_outputname.def"; then compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$output_objdir/$my_outputname.def $symfileobj%"` else compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` fi ;; *) compile_command=`$ECHO "$compile_command" | $SED "s%@SYMFILE@%$symfileobj%"` finalize_command=`$ECHO "$finalize_command" | $SED "s%@SYMFILE@%$symfileobj%"` ;; esac ;; *) func_fatal_error "unknown suffix for '$my_dlsyms'" ;; esac else # We keep going just in case the user didn't refer to # lt_preloaded_symbols. The linker will fail if global_symbol_pipe # really was required. # Nullify the symbol file. compile_command=`$ECHO "$compile_command" | $SED "s% @SYMFILE@%%"` finalize_command=`$ECHO "$finalize_command" | $SED "s% @SYMFILE@%%"` fi } # func_cygming_gnu_implib_p ARG # This predicate returns with zero status (TRUE) if # ARG is a GNU/binutils-style import library. Returns # with nonzero status (FALSE) otherwise. func_cygming_gnu_implib_p () { $debug_cmd func_to_tool_file "$1" func_convert_file_msys_to_w32 func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` test -n "$func_cygming_gnu_implib_tmp" } # func_cygming_ms_implib_p ARG # This predicate returns with zero status (TRUE) if # ARG is an MS-style import library. Returns # with nonzero status (FALSE) otherwise. func_cygming_ms_implib_p () { $debug_cmd func_to_tool_file "$1" func_convert_file_msys_to_w32 func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` test -n "$func_cygming_ms_implib_tmp" } # func_win32_libid arg # return the library type of file 'arg' # # Need a lot of goo to handle *both* DLLs and import libs # Has to be a shell function in order to 'eat' the argument # that is supplied when $file_magic_command is called. # Despite the name, also deal with 64 bit binaries. func_win32_libid () { $debug_cmd win32_libid_type=unknown win32_fileres=`file -L $1 2>/dev/null` case $win32_fileres in *ar\ archive\ import\ library*) # definitely import win32_libid_type="x86 archive import" ;; *ar\ archive*) # could be an import, or static # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then case $nm_interface in "MS dumpbin") if func_cygming_ms_implib_p "$1" || func_cygming_gnu_implib_p "$1" then win32_nmres=import else win32_nmres= fi ;; *) func_to_tool_file "$1" func_convert_file_msys_to_w32 win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | $SED -n -e ' 1,100{ / I /{ s|.*|import| p q } }'` ;; esac case $win32_nmres in import*) win32_libid_type="x86 archive import";; *) win32_libid_type="x86 archive static";; esac fi ;; *DLL*) win32_libid_type="x86 DLL" ;; *executable*) # but shell scripts are "executable" too... case $win32_fileres in *MS\ Windows\ PE\ Intel*) win32_libid_type="x86 DLL" ;; esac ;; esac $ECHO "$win32_libid_type" } # func_cygming_dll_for_implib ARG # # Platform-specific function to extract the # name of the DLL associated with the specified # import library ARG. # Invoked by eval'ing the libtool variable # $sharedlib_from_linklib_cmd # Result is available in the variable # $sharedlib_from_linklib_result func_cygming_dll_for_implib () { $debug_cmd sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` } # func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs # # The is the core of a fallback implementation of a # platform-specific function to extract the name of the # DLL associated with the specified import library LIBNAME. # # SECTION_NAME is either .idata$6 or .idata$7, depending # on the platform and compiler that created the implib. # # Echos the name of the DLL associated with the # specified import library. func_cygming_dll_for_implib_fallback_core () { $debug_cmd match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` $OBJDUMP -s --section "$1" "$2" 2>/dev/null | $SED '/^Contents of section '"$match_literal"':/{ # Place marker at beginning of archive member dllname section s/.*/====MARK====/ p d } # These lines can sometimes be longer than 43 characters, but # are always uninteresting /:[ ]*file format pe[i]\{,1\}-/d /^In archive [^:]*:/d # Ensure marker is printed /^====MARK====/p # Remove all lines with less than 43 characters /^.\{43\}/!d # From remaining lines, remove first 43 characters s/^.\{43\}//' | $SED -n ' # Join marker and all lines until next marker into a single line /^====MARK====/ b para H $ b para b :para x s/\n//g # Remove the marker s/^====MARK====// # Remove trailing dots and whitespace s/[\. \t]*$// # Print /./p' | # we now have a list, one entry per line, of the stringified # contents of the appropriate section of all members of the # archive that possess that section. Heuristic: eliminate # all those that have a first or second character that is # a '.' (that is, objdump's representation of an unprintable # character.) This should work for all archives with less than # 0x302f exports -- but will fail for DLLs whose name actually # begins with a literal '.' or a single character followed by # a '.'. # # Of those that remain, print the first one. $SED -e '/^\./d;/^.\./d;q' } # func_cygming_dll_for_implib_fallback ARG # Platform-specific function to extract the # name of the DLL associated with the specified # import library ARG. # # This fallback implementation is for use when $DLLTOOL # does not support the --identify-strict option. # Invoked by eval'ing the libtool variable # $sharedlib_from_linklib_cmd # Result is available in the variable # $sharedlib_from_linklib_result func_cygming_dll_for_implib_fallback () { $debug_cmd if func_cygming_gnu_implib_p "$1"; then # binutils import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` elif func_cygming_ms_implib_p "$1"; then # ms-generated import library sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` else # unknown sharedlib_from_linklib_result= fi } # func_extract_an_archive dir oldlib func_extract_an_archive () { $debug_cmd f_ex_an_ar_dir=$1; shift f_ex_an_ar_oldlib=$1 if test yes = "$lock_old_archive_extraction"; then lockfile=$f_ex_an_ar_oldlib.lock until $opt_dry_run || ln "$progpath" "$lockfile" 2>/dev/null; do func_echo "Waiting for $lockfile to be removed" sleep 2 done fi func_show_eval "(cd \$f_ex_an_ar_dir && $AR x \"\$f_ex_an_ar_oldlib\")" \ 'stat=$?; rm -f "$lockfile"; exit $stat' if test yes = "$lock_old_archive_extraction"; then $opt_dry_run || rm -f "$lockfile" fi if ($AR t "$f_ex_an_ar_oldlib" | sort | sort -uc >/dev/null 2>&1); then : else func_fatal_error "object name conflicts in archive: $f_ex_an_ar_dir/$f_ex_an_ar_oldlib" fi } # func_extract_archives gentop oldlib ... func_extract_archives () { $debug_cmd my_gentop=$1; shift my_oldlibs=${1+"$@"} my_oldobjs= my_xlib= my_xabs= my_xdir= for my_xlib in $my_oldlibs; do # Extract the objects. case $my_xlib in [\\/]* | [A-Za-z]:[\\/]*) my_xabs=$my_xlib ;; *) my_xabs=`pwd`"/$my_xlib" ;; esac func_basename "$my_xlib" my_xlib=$func_basename_result my_xlib_u=$my_xlib while :; do case " $extracted_archives " in *" $my_xlib_u "*) func_arith $extracted_serial + 1 extracted_serial=$func_arith_result my_xlib_u=lt$extracted_serial-$my_xlib ;; *) break ;; esac done extracted_archives="$extracted_archives $my_xlib_u" my_xdir=$my_gentop/$my_xlib_u func_mkdir_p "$my_xdir" case $host in *-darwin*) func_verbose "Extracting $my_xabs" # Do not bother doing anything if just a dry run $opt_dry_run || { darwin_orig_dir=`pwd` cd $my_xdir || exit $? darwin_archive=$my_xabs darwin_curdir=`pwd` func_basename "$darwin_archive" darwin_base_archive=$func_basename_result darwin_arches=`$LIPO -info "$darwin_archive" 2>/dev/null | $GREP Architectures 2>/dev/null || true` if test -n "$darwin_arches"; then darwin_arches=`$ECHO "$darwin_arches" | $SED -e 's/.*are://'` darwin_arch= func_verbose "$darwin_base_archive has multiple architectures $darwin_arches" for darwin_arch in $darwin_arches; do func_mkdir_p "unfat-$$/$darwin_base_archive-$darwin_arch" $LIPO -thin $darwin_arch -output "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" "$darwin_archive" cd "unfat-$$/$darwin_base_archive-$darwin_arch" func_extract_an_archive "`pwd`" "$darwin_base_archive" cd "$darwin_curdir" $RM "unfat-$$/$darwin_base_archive-$darwin_arch/$darwin_base_archive" done # $darwin_arches ## Okay now we've a bunch of thin objects, gotta fatten them up :) darwin_filelist=`find unfat-$$ -type f -name \*.o -print -o -name \*.lo -print | $SED -e "$sed_basename" | sort -u` darwin_file= darwin_files= for darwin_file in $darwin_filelist; do darwin_files=`find unfat-$$ -name $darwin_file -print | sort | $NL2SP` $LIPO -create -output "$darwin_file" $darwin_files done # $darwin_filelist $RM -rf unfat-$$ cd "$darwin_orig_dir" else cd $darwin_orig_dir func_extract_an_archive "$my_xdir" "$my_xabs" fi # $darwin_arches } # !$opt_dry_run ;; *) func_extract_an_archive "$my_xdir" "$my_xabs" ;; esac my_oldobjs="$my_oldobjs "`find $my_xdir -name \*.$objext -print -o -name \*.lo -print | sort | $NL2SP` done func_extract_archives_result=$my_oldobjs } # func_emit_wrapper [arg=no] # # Emit a libtool wrapper script on stdout. # Don't directly open a file because we may want to # incorporate the script contents within a cygwin/mingw # wrapper executable. Must ONLY be called from within # func_mode_link because it depends on a number of variables # set therein. # # ARG is the value that the WRAPPER_SCRIPT_BELONGS_IN_OBJDIR # variable will take. If 'yes', then the emitted script # will assume that the directory where it is stored is # the $objdir directory. This is a cygwin/mingw-specific # behavior. func_emit_wrapper () { func_emit_wrapper_arg1=${1-no} $ECHO "\ #! $SHELL # $output - temporary wrapper script for $objdir/$outputname # Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # The $output program cannot be directly executed until all the libtool # libraries that it depends on are installed. # # This wrapper script should never be moved out of the build directory. # If it is, it will not operate correctly. # Sed substitution that helps us do robust quoting. It backslashifies # metacharacters that are still active within double-quoted strings. sed_quote_subst='$sed_quote_subst' # Be Bourne compatible if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then emulate sh NULLCMD=: # Zsh 3.x and 4.x performs word splitting on \${1+\"\$@\"}, which # is contrary to our usage. Disable this feature. alias -g '\${1+\"\$@\"}'='\"\$@\"' setopt NO_GLOB_SUBST else case \`(set -o) 2>/dev/null\` in *posix*) set -o posix;; esac fi BIN_SH=xpg4; export BIN_SH # for Tru64 DUALCASE=1; export DUALCASE # for MKS sh # The HP-UX ksh and POSIX shell print the target directory to stdout # if CDPATH is set. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH relink_command=\"$relink_command\" # This environment variable determines our operation mode. if test \"\$libtool_install_magic\" = \"$magic\"; then # install mode needs the following variables: generated_by_libtool_version='$macro_version' notinst_deplibs='$notinst_deplibs' else # When we are sourced in execute mode, \$file and \$ECHO are already set. if test \"\$libtool_execute_magic\" != \"$magic\"; then file=\"\$0\"" qECHO=`$ECHO "$ECHO" | $SED "$sed_quote_subst"` $ECHO "\ # A function that is used when there is no print builtin or printf. func_fallback_echo () { eval 'cat <<_LTECHO_EOF \$1 _LTECHO_EOF' } ECHO=\"$qECHO\" fi # Very basic option parsing. These options are (a) specific to # the libtool wrapper, (b) are identical between the wrapper # /script/ and the wrapper /executable/ that is used only on # windows platforms, and (c) all begin with the string "--lt-" # (application programs are unlikely to have options that match # this pattern). # # There are only two supported options: --lt-debug and # --lt-dump-script. There is, deliberately, no --lt-help. # # The first argument to this parsing function should be the # script's $0 value, followed by "$@". lt_option_debug= func_parse_lt_options () { lt_script_arg0=\$0 shift for lt_opt do case \"\$lt_opt\" in --lt-debug) lt_option_debug=1 ;; --lt-dump-script) lt_dump_D=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%/[^/]*$%%'\` test \"X\$lt_dump_D\" = \"X\$lt_script_arg0\" && lt_dump_D=. lt_dump_F=\`\$ECHO \"X\$lt_script_arg0\" | $SED -e 's/^X//' -e 's%^.*/%%'\` cat \"\$lt_dump_D/\$lt_dump_F\" exit 0 ;; --lt-*) \$ECHO \"Unrecognized --lt- option: '\$lt_opt'\" 1>&2 exit 1 ;; esac done # Print the debug banner immediately: if test -n \"\$lt_option_debug\"; then echo \"$outputname:$output:\$LINENO: libtool wrapper (GNU $PACKAGE) $VERSION\" 1>&2 fi } # Used when --lt-debug. Prints its arguments to stdout # (redirection is the responsibility of the caller) func_lt_dump_args () { lt_dump_args_N=1; for lt_arg do \$ECHO \"$outputname:$output:\$LINENO: newargv[\$lt_dump_args_N]: \$lt_arg\" lt_dump_args_N=\`expr \$lt_dump_args_N + 1\` done } # Core function for launching the target application func_exec_program_core () { " case $host in # Backslashes separate directories on plain windows *-*-mingw | *-*-os2* | *-cegcc*) $ECHO "\ if test -n \"\$lt_option_debug\"; then \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir\\\\\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir\\\\\$program\" \${1+\"\$@\"} " ;; *) $ECHO "\ if test -n \"\$lt_option_debug\"; then \$ECHO \"$outputname:$output:\$LINENO: newargv[0]: \$progdir/\$program\" 1>&2 func_lt_dump_args \${1+\"\$@\"} 1>&2 fi exec \"\$progdir/\$program\" \${1+\"\$@\"} " ;; esac $ECHO "\ \$ECHO \"\$0: cannot exec \$program \$*\" 1>&2 exit 1 } # A function to encapsulate launching the target application # Strips options in the --lt-* namespace from \$@ and # launches target application with the remaining arguments. func_exec_program () { case \" \$* \" in *\\ --lt-*) for lt_wr_arg do case \$lt_wr_arg in --lt-*) ;; *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; esac shift done ;; esac func_exec_program_core \${1+\"\$@\"} } # Parse options func_parse_lt_options \"\$0\" \${1+\"\$@\"} # Find the directory that this script lives in. thisdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*$%%'\` test \"x\$thisdir\" = \"x\$file\" && thisdir=. # Follow symbolic links until we get to the real thisdir. file=\`ls -ld \"\$file\" | $SED -n 's/.*-> //p'\` while test -n \"\$file\"; do destdir=\`\$ECHO \"\$file\" | $SED 's%/[^/]*\$%%'\` # If there was a directory component, then change thisdir. if test \"x\$destdir\" != \"x\$file\"; then case \"\$destdir\" in [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;; *) thisdir=\"\$thisdir/\$destdir\" ;; esac fi file=\`\$ECHO \"\$file\" | $SED 's%^.*/%%'\` file=\`ls -ld \"\$thisdir/\$file\" | $SED -n 's/.*-> //p'\` done # Usually 'no', except on cygwin/mingw when embedded into # the cwrapper. WRAPPER_SCRIPT_BELONGS_IN_OBJDIR=$func_emit_wrapper_arg1 if test \"\$WRAPPER_SCRIPT_BELONGS_IN_OBJDIR\" = \"yes\"; then # special case for '.' if test \"\$thisdir\" = \".\"; then thisdir=\`pwd\` fi # remove .libs from thisdir case \"\$thisdir\" in *[\\\\/]$objdir ) thisdir=\`\$ECHO \"\$thisdir\" | $SED 's%[\\\\/][^\\\\/]*$%%'\` ;; $objdir ) thisdir=. ;; esac fi # Try to get the absolute directory name. absdir=\`cd \"\$thisdir\" && pwd\` test -n \"\$absdir\" && thisdir=\"\$absdir\" " if test yes = "$fast_install"; then $ECHO "\ program=lt-'$outputname'$exeext progdir=\"\$thisdir/$objdir\" if test ! -f \"\$progdir/\$program\" || { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | $SED 1q\`; \\ test \"X\$file\" != \"X\$progdir/\$program\"; }; then file=\"\$\$-\$program\" if test ! -d \"\$progdir\"; then $MKDIR \"\$progdir\" else $RM \"\$progdir/\$file\" fi" $ECHO "\ # relink executable if necessary if test -n \"\$relink_command\"; then if relink_command_output=\`eval \$relink_command 2>&1\`; then : else \$ECHO \"\$relink_command_output\" >&2 $RM \"\$progdir/\$file\" exit 1 fi fi $MV \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null || { $RM \"\$progdir/\$program\"; $MV \"\$progdir/\$file\" \"\$progdir/\$program\"; } $RM \"\$progdir/\$file\" fi" else $ECHO "\ program='$outputname' progdir=\"\$thisdir/$objdir\" " fi $ECHO "\ if test -f \"\$progdir/\$program\"; then" # fixup the dll searchpath if we need to. # # Fix the DLL searchpath if we need to. Do this before prepending # to shlibpath, because on Windows, both are PATH and uninstalled # libraries must come first. if test -n "$dllsearchpath"; then $ECHO "\ # Add the dll search path components to the executable PATH PATH=$dllsearchpath:\$PATH " fi # Export our shlibpath_var if we have one. if test yes = "$shlibpath_overrides_runpath" && test -n "$shlibpath_var" && test -n "$temp_rpath"; then $ECHO "\ # Add our own library path to $shlibpath_var $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" # Some systems cannot cope with colon-terminated $shlibpath_var # The second colon is a workaround for a bug in BeOS R4 sed $shlibpath_var=\`\$ECHO \"\$$shlibpath_var\" | $SED 's/::*\$//'\` export $shlibpath_var " fi $ECHO "\ if test \"\$libtool_execute_magic\" != \"$magic\"; then # Run the actual program with our arguments. func_exec_program \${1+\"\$@\"} fi else # The program doesn't exist. \$ECHO \"\$0: error: '\$progdir/\$program' does not exist\" 1>&2 \$ECHO \"This script is just a wrapper for \$program.\" 1>&2 \$ECHO \"See the $PACKAGE documentation for more information.\" 1>&2 exit 1 fi fi\ " } # func_emit_cwrapperexe_src # emit the source code for a wrapper executable on stdout # Must ONLY be called from within func_mode_link because # it depends on a number of variable set therein. func_emit_cwrapperexe_src () { cat < #include #ifdef _MSC_VER # include # include # include #else # include # include # ifdef __CYGWIN__ # include # endif #endif #include #include #include #include #include #include #include #include #define STREQ(s1, s2) (strcmp ((s1), (s2)) == 0) /* declarations of non-ANSI functions */ #if defined __MINGW32__ # ifdef __STRICT_ANSI__ int _putenv (const char *); # endif #elif defined __CYGWIN__ # ifdef __STRICT_ANSI__ char *realpath (const char *, char *); int putenv (char *); int setenv (const char *, const char *, int); # endif /* #elif defined other_platform || defined ... */ #endif /* portability defines, excluding path handling macros */ #if defined _MSC_VER # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv # define S_IXUSR _S_IEXEC #elif defined __MINGW32__ # define setmode _setmode # define stat _stat # define chmod _chmod # define getcwd _getcwd # define putenv _putenv #elif defined __CYGWIN__ # define HAVE_SETENV # define FOPEN_WB "wb" /* #elif defined other platforms ... */ #endif #if defined PATH_MAX # define LT_PATHMAX PATH_MAX #elif defined MAXPATHLEN # define LT_PATHMAX MAXPATHLEN #else # define LT_PATHMAX 1024 #endif #ifndef S_IXOTH # define S_IXOTH 0 #endif #ifndef S_IXGRP # define S_IXGRP 0 #endif /* path handling portability macros */ #ifndef DIR_SEPARATOR # define DIR_SEPARATOR '/' # define PATH_SEPARATOR ':' #endif #if defined _WIN32 || defined __MSDOS__ || defined __DJGPP__ || \ defined __OS2__ # define HAVE_DOS_BASED_FILE_SYSTEM # define FOPEN_WB "wb" # ifndef DIR_SEPARATOR_2 # define DIR_SEPARATOR_2 '\\' # endif # ifndef PATH_SEPARATOR_2 # define PATH_SEPARATOR_2 ';' # endif #endif #ifndef DIR_SEPARATOR_2 # define IS_DIR_SEPARATOR(ch) ((ch) == DIR_SEPARATOR) #else /* DIR_SEPARATOR_2 */ # define IS_DIR_SEPARATOR(ch) \ (((ch) == DIR_SEPARATOR) || ((ch) == DIR_SEPARATOR_2)) #endif /* DIR_SEPARATOR_2 */ #ifndef PATH_SEPARATOR_2 # define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR) #else /* PATH_SEPARATOR_2 */ # define IS_PATH_SEPARATOR(ch) ((ch) == PATH_SEPARATOR_2) #endif /* PATH_SEPARATOR_2 */ #ifndef FOPEN_WB # define FOPEN_WB "w" #endif #ifndef _O_BINARY # define _O_BINARY 0 #endif #define XMALLOC(type, num) ((type *) xmalloc ((num) * sizeof(type))) #define XFREE(stale) do { \ if (stale) { free (stale); stale = 0; } \ } while (0) #if defined LT_DEBUGWRAPPER static int lt_debug = 1; #else static int lt_debug = 0; #endif const char *program_name = "libtool-wrapper"; /* in case xstrdup fails */ void *xmalloc (size_t num); char *xstrdup (const char *string); const char *base_name (const char *name); char *find_executable (const char *wrapper); char *chase_symlinks (const char *pathspec); int make_executable (const char *path); int check_executable (const char *path); char *strendzap (char *str, const char *pat); void lt_debugprintf (const char *file, int line, const char *fmt, ...); void lt_fatal (const char *file, int line, const char *message, ...); static const char *nonnull (const char *s); static const char *nonempty (const char *s); void lt_setenv (const char *name, const char *value); char *lt_extend_str (const char *orig_value, const char *add, int to_end); void lt_update_exe_path (const char *name, const char *value); void lt_update_lib_path (const char *name, const char *value); char **prepare_spawn (char **argv); void lt_dump_script (FILE *f); EOF cat <= 0) && (st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))) return 1; else return 0; } int make_executable (const char *path) { int rval = 0; struct stat st; lt_debugprintf (__FILE__, __LINE__, "(make_executable): %s\n", nonempty (path)); if ((!path) || (!*path)) return 0; if (stat (path, &st) >= 0) { rval = chmod (path, st.st_mode | S_IXOTH | S_IXGRP | S_IXUSR); } return rval; } /* Searches for the full path of the wrapper. Returns newly allocated full path name if found, NULL otherwise Does not chase symlinks, even on platforms that support them. */ char * find_executable (const char *wrapper) { int has_slash = 0; const char *p; const char *p_next; /* static buffer for getcwd */ char tmp[LT_PATHMAX + 1]; size_t tmp_len; char *concat_name; lt_debugprintf (__FILE__, __LINE__, "(find_executable): %s\n", nonempty (wrapper)); if ((wrapper == NULL) || (*wrapper == '\0')) return NULL; /* Absolute path? */ #if defined HAVE_DOS_BASED_FILE_SYSTEM if (isalpha ((unsigned char) wrapper[0]) && wrapper[1] == ':') { concat_name = xstrdup (wrapper); if (check_executable (concat_name)) return concat_name; XFREE (concat_name); } else { #endif if (IS_DIR_SEPARATOR (wrapper[0])) { concat_name = xstrdup (wrapper); if (check_executable (concat_name)) return concat_name; XFREE (concat_name); } #if defined HAVE_DOS_BASED_FILE_SYSTEM } #endif for (p = wrapper; *p; p++) if (*p == '/') { has_slash = 1; break; } if (!has_slash) { /* no slashes; search PATH */ const char *path = getenv ("PATH"); if (path != NULL) { for (p = path; *p; p = p_next) { const char *q; size_t p_len; for (q = p; *q; q++) if (IS_PATH_SEPARATOR (*q)) break; p_len = (size_t) (q - p); p_next = (*q == '\0' ? q : q + 1); if (p_len == 0) { /* empty path: current directory */ if (getcwd (tmp, LT_PATHMAX) == NULL) lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", nonnull (strerror (errno))); tmp_len = strlen (tmp); concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); memcpy (concat_name, tmp, tmp_len); concat_name[tmp_len] = '/'; strcpy (concat_name + tmp_len + 1, wrapper); } else { concat_name = XMALLOC (char, p_len + 1 + strlen (wrapper) + 1); memcpy (concat_name, p, p_len); concat_name[p_len] = '/'; strcpy (concat_name + p_len + 1, wrapper); } if (check_executable (concat_name)) return concat_name; XFREE (concat_name); } } /* not found in PATH; assume curdir */ } /* Relative path | not found in path: prepend cwd */ if (getcwd (tmp, LT_PATHMAX) == NULL) lt_fatal (__FILE__, __LINE__, "getcwd failed: %s", nonnull (strerror (errno))); tmp_len = strlen (tmp); concat_name = XMALLOC (char, tmp_len + 1 + strlen (wrapper) + 1); memcpy (concat_name, tmp, tmp_len); concat_name[tmp_len] = '/'; strcpy (concat_name + tmp_len + 1, wrapper); if (check_executable (concat_name)) return concat_name; XFREE (concat_name); return NULL; } char * chase_symlinks (const char *pathspec) { #ifndef S_ISLNK return xstrdup (pathspec); #else char buf[LT_PATHMAX]; struct stat s; char *tmp_pathspec = xstrdup (pathspec); char *p; int has_symlinks = 0; while (strlen (tmp_pathspec) && !has_symlinks) { lt_debugprintf (__FILE__, __LINE__, "checking path component for symlinks: %s\n", tmp_pathspec); if (lstat (tmp_pathspec, &s) == 0) { if (S_ISLNK (s.st_mode) != 0) { has_symlinks = 1; break; } /* search backwards for last DIR_SEPARATOR */ p = tmp_pathspec + strlen (tmp_pathspec) - 1; while ((p > tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) p--; if ((p == tmp_pathspec) && (!IS_DIR_SEPARATOR (*p))) { /* no more DIR_SEPARATORS left */ break; } *p = '\0'; } else { lt_fatal (__FILE__, __LINE__, "error accessing file \"%s\": %s", tmp_pathspec, nonnull (strerror (errno))); } } XFREE (tmp_pathspec); if (!has_symlinks) { return xstrdup (pathspec); } tmp_pathspec = realpath (pathspec, buf); if (tmp_pathspec == 0) { lt_fatal (__FILE__, __LINE__, "could not follow symlinks for %s", pathspec); } return xstrdup (tmp_pathspec); #endif } char * strendzap (char *str, const char *pat) { size_t len, patlen; assert (str != NULL); assert (pat != NULL); len = strlen (str); patlen = strlen (pat); if (patlen <= len) { str += len - patlen; if (STREQ (str, pat)) *str = '\0'; } return str; } void lt_debugprintf (const char *file, int line, const char *fmt, ...) { va_list args; if (lt_debug) { (void) fprintf (stderr, "%s:%s:%d: ", program_name, file, line); va_start (args, fmt); (void) vfprintf (stderr, fmt, args); va_end (args); } } static void lt_error_core (int exit_status, const char *file, int line, const char *mode, const char *message, va_list ap) { fprintf (stderr, "%s:%s:%d: %s: ", program_name, file, line, mode); vfprintf (stderr, message, ap); fprintf (stderr, ".\n"); if (exit_status >= 0) exit (exit_status); } void lt_fatal (const char *file, int line, const char *message, ...) { va_list ap; va_start (ap, message); lt_error_core (EXIT_FAILURE, file, line, "FATAL", message, ap); va_end (ap); } static const char * nonnull (const char *s) { return s ? s : "(null)"; } static const char * nonempty (const char *s) { return (s && !*s) ? "(empty)" : nonnull (s); } void lt_setenv (const char *name, const char *value) { lt_debugprintf (__FILE__, __LINE__, "(lt_setenv) setting '%s' to '%s'\n", nonnull (name), nonnull (value)); { #ifdef HAVE_SETENV /* always make a copy, for consistency with !HAVE_SETENV */ char *str = xstrdup (value); setenv (name, str, 1); #else size_t len = strlen (name) + 1 + strlen (value) + 1; char *str = XMALLOC (char, len); sprintf (str, "%s=%s", name, value); if (putenv (str) != EXIT_SUCCESS) { XFREE (str); } #endif } } char * lt_extend_str (const char *orig_value, const char *add, int to_end) { char *new_value; if (orig_value && *orig_value) { size_t orig_value_len = strlen (orig_value); size_t add_len = strlen (add); new_value = XMALLOC (char, add_len + orig_value_len + 1); if (to_end) { strcpy (new_value, orig_value); strcpy (new_value + orig_value_len, add); } else { strcpy (new_value, add); strcpy (new_value + add_len, orig_value); } } else { new_value = xstrdup (add); } return new_value; } void lt_update_exe_path (const char *name, const char *value) { lt_debugprintf (__FILE__, __LINE__, "(lt_update_exe_path) modifying '%s' by prepending '%s'\n", nonnull (name), nonnull (value)); if (name && *name && value && *value) { char *new_value = lt_extend_str (getenv (name), value, 0); /* some systems can't cope with a ':'-terminated path #' */ size_t len = strlen (new_value); while ((len > 0) && IS_PATH_SEPARATOR (new_value[len-1])) { new_value[--len] = '\0'; } lt_setenv (name, new_value); XFREE (new_value); } } void lt_update_lib_path (const char *name, const char *value) { lt_debugprintf (__FILE__, __LINE__, "(lt_update_lib_path) modifying '%s' by prepending '%s'\n", nonnull (name), nonnull (value)); if (name && *name && value && *value) { char *new_value = lt_extend_str (getenv (name), value, 0); lt_setenv (name, new_value); XFREE (new_value); } } EOF case $host_os in mingw*) cat <<"EOF" /* Prepares an argument vector before calling spawn(). Note that spawn() does not by itself call the command interpreter (getenv ("COMSPEC") != NULL ? getenv ("COMSPEC") : ({ OSVERSIONINFO v; v.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); GetVersionEx(&v); v.dwPlatformId == VER_PLATFORM_WIN32_NT; }) ? "cmd.exe" : "command.com"). Instead it simply concatenates the arguments, separated by ' ', and calls CreateProcess(). We must quote the arguments since Win32 CreateProcess() interprets characters like ' ', '\t', '\\', '"' (but not '<' and '>') in a special way: - Space and tab are interpreted as delimiters. They are not treated as delimiters if they are surrounded by double quotes: "...". - Unescaped double quotes are removed from the input. Their only effect is that within double quotes, space and tab are treated like normal characters. - Backslashes not followed by double quotes are not special. - But 2*n+1 backslashes followed by a double quote become n backslashes followed by a double quote (n >= 0): \" -> " \\\" -> \" \\\\\" -> \\" */ #define SHELL_SPECIAL_CHARS "\"\\ \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" #define SHELL_SPACE_CHARS " \001\002\003\004\005\006\007\010\011\012\013\014\015\016\017\020\021\022\023\024\025\026\027\030\031\032\033\034\035\036\037" char ** prepare_spawn (char **argv) { size_t argc; char **new_argv; size_t i; /* Count number of arguments. */ for (argc = 0; argv[argc] != NULL; argc++) ; /* Allocate new argument vector. */ new_argv = XMALLOC (char *, argc + 1); /* Put quoted arguments into the new argument vector. */ for (i = 0; i < argc; i++) { const char *string = argv[i]; if (string[0] == '\0') new_argv[i] = xstrdup ("\"\""); else if (strpbrk (string, SHELL_SPECIAL_CHARS) != NULL) { int quote_around = (strpbrk (string, SHELL_SPACE_CHARS) != NULL); size_t length; unsigned int backslashes; const char *s; char *quoted_string; char *p; length = 0; backslashes = 0; if (quote_around) length++; for (s = string; *s != '\0'; s++) { char c = *s; if (c == '"') length += backslashes + 1; length++; if (c == '\\') backslashes++; else backslashes = 0; } if (quote_around) length += backslashes + 1; quoted_string = XMALLOC (char, length + 1); p = quoted_string; backslashes = 0; if (quote_around) *p++ = '"'; for (s = string; *s != '\0'; s++) { char c = *s; if (c == '"') { unsigned int j; for (j = backslashes + 1; j > 0; j--) *p++ = '\\'; } *p++ = c; if (c == '\\') backslashes++; else backslashes = 0; } if (quote_around) { unsigned int j; for (j = backslashes; j > 0; j--) *p++ = '\\'; *p++ = '"'; } *p = '\0'; new_argv[i] = quoted_string; } else new_argv[i] = (char *) string; } new_argv[argc] = NULL; return new_argv; } EOF ;; esac cat <<"EOF" void lt_dump_script (FILE* f) { EOF func_emit_wrapper yes | $SED -n -e ' s/^\(.\{79\}\)\(..*\)/\1\ \2/ h s/\([\\"]\)/\\\1/g s/$/\\n/ s/\([^\n]*\).*/ fputs ("\1", f);/p g D' cat <<"EOF" } EOF } # end: func_emit_cwrapperexe_src # func_win32_import_lib_p ARG # True if ARG is an import lib, as indicated by $file_magic_cmd func_win32_import_lib_p () { $debug_cmd case `eval $file_magic_cmd \"\$1\" 2>/dev/null | $SED -e 10q` in *import*) : ;; *) false ;; esac } # func_suncc_cstd_abi # !!ONLY CALL THIS FOR SUN CC AFTER $compile_command IS FULLY EXPANDED!! # Several compiler flags select an ABI that is incompatible with the # Cstd library. Avoid specifying it if any are in CXXFLAGS. func_suncc_cstd_abi () { $debug_cmd case " $compile_command " in *" -compat=g "*|*\ -std=c++[0-9][0-9]\ *|*" -library=stdcxx4 "*|*" -library=stlport4 "*) suncc_use_cstd_abi=no ;; *) suncc_use_cstd_abi=yes ;; esac } # func_mode_link arg... func_mode_link () { $debug_cmd case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) # It is impossible to link a dll without this setting, and # we shouldn't force the makefile maintainer to figure out # what system we are compiling for in order to pass an extra # flag for every libtool invocation. # allow_undefined=no # FIXME: Unfortunately, there are problems with the above when trying # to make a dll that has undefined symbols, in which case not # even a static library is built. For now, we need to specify # -no-undefined on the libtool link line when we can be certain # that all symbols are satisfied, otherwise we get a static library. allow_undefined=yes ;; *) allow_undefined=yes ;; esac libtool_args=$nonopt base_compile="$nonopt $@" compile_command=$nonopt finalize_command=$nonopt compile_rpath= finalize_rpath= compile_shlibpath= finalize_shlibpath= convenience= old_convenience= deplibs= old_deplibs= compiler_flags= linker_flags= dllsearchpath= lib_search_path=`pwd` inst_prefix_dir= new_inherited_linker_flags= avoid_version=no bindir= dlfiles= dlprefiles= dlself=no export_dynamic=no export_symbols= export_symbols_regex= generated= libobjs= ltlibs= module=no no_install=no objs= os2dllname= non_pic_objects= precious_files_regex= prefer_static_libs=no preload=false prev= prevarg= release= rpath= xrpath= perm_rpath= temp_rpath= thread_safe=no vinfo= vinfo_number=no weak_libs= single_module=$wl-single_module func_infer_tag $base_compile # We need to know -static, to get the right output filenames. for arg do case $arg in -shared) test yes != "$build_libtool_libs" \ && func_fatal_configuration "cannot build a shared library" build_old_libs=no break ;; -all-static | -static | -static-libtool-libs) case $arg in -all-static) if test yes = "$build_libtool_libs" && test -z "$link_static_flag"; then func_warning "complete static linking is impossible in this configuration" fi if test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi prefer_static_libs=yes ;; -static) if test -z "$pic_flag" && test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi prefer_static_libs=built ;; -static-libtool-libs) if test -z "$pic_flag" && test -n "$link_static_flag"; then dlopen_self=$dlopen_self_static fi prefer_static_libs=yes ;; esac build_libtool_libs=no build_old_libs=yes break ;; esac done # See if our shared archives depend on static archives. test -n "$old_archive_from_new_cmds" && build_old_libs=yes # Go through the arguments, transforming them on the way. while test "$#" -gt 0; do arg=$1 shift func_quote_for_eval "$arg" qarg=$func_quote_for_eval_unquoted_result func_append libtool_args " $func_quote_for_eval_result" # If the previous option needs an argument, assign it. if test -n "$prev"; then case $prev in output) func_append compile_command " @OUTPUT@" func_append finalize_command " @OUTPUT@" ;; esac case $prev in bindir) bindir=$arg prev= continue ;; dlfiles|dlprefiles) $preload || { # Add the symbol object into the linking commands. func_append compile_command " @SYMFILE@" func_append finalize_command " @SYMFILE@" preload=: } case $arg in *.la | *.lo) ;; # We handle these cases below. force) if test no = "$dlself"; then dlself=needless export_dynamic=yes fi prev= continue ;; self) if test dlprefiles = "$prev"; then dlself=yes elif test dlfiles = "$prev" && test yes != "$dlopen_self"; then dlself=yes else dlself=needless export_dynamic=yes fi prev= continue ;; *) if test dlfiles = "$prev"; then func_append dlfiles " $arg" else func_append dlprefiles " $arg" fi prev= continue ;; esac ;; expsyms) export_symbols=$arg test -f "$arg" \ || func_fatal_error "symbol file '$arg' does not exist" prev= continue ;; expsyms_regex) export_symbols_regex=$arg prev= continue ;; framework) case $host in *-*-darwin*) case "$deplibs " in *" $qarg.ltframework "*) ;; *) func_append deplibs " $qarg.ltframework" # this is fixed later ;; esac ;; esac prev= continue ;; inst_prefix) inst_prefix_dir=$arg prev= continue ;; mllvm) # Clang does not use LLVM to link, so we can simply discard any # '-mllvm $arg' options when doing the link step. prev= continue ;; objectlist) if test -f "$arg"; then save_arg=$arg moreargs= for fil in `cat "$save_arg"` do # func_append moreargs " $fil" arg=$fil # A libtool-controlled object. # Check to see that this really is a libtool object. if func_lalib_unsafe_p "$arg"; then pic_object= non_pic_object= # Read the .lo file func_source "$arg" if test -z "$pic_object" || test -z "$non_pic_object" || test none = "$pic_object" && test none = "$non_pic_object"; then func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" xdir=$func_dirname_result if test none != "$pic_object"; then # Prepend the subdirectory the object is found in. pic_object=$xdir$pic_object if test dlfiles = "$prev"; then if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue else # If libtool objects are unsupported, then we need to preload. prev=dlprefiles fi fi # CHECK ME: I think I busted this. -Ossama if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= fi # A PIC object. func_append libobjs " $pic_object" arg=$pic_object fi # Non-PIC object. if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" if test -z "$pic_object" || test none = "$pic_object"; then arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else # Only an error if not doing a dry-run. if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result non_pic_object=$xdir$func_lo2o_result func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else func_fatal_error "'$arg' is not a valid libtool object" fi fi done else func_fatal_error "link input file '$arg' does not exist" fi arg=$save_arg prev= continue ;; os2dllname) os2dllname=$arg prev= continue ;; precious_regex) precious_files_regex=$arg prev= continue ;; release) release=-$arg prev= continue ;; rpath | xrpath) # We need an absolute path. case $arg in [\\/]* | [A-Za-z]:[\\/]*) ;; *) func_fatal_error "only absolute run-paths are allowed" ;; esac if test rpath = "$prev"; then case "$rpath " in *" $arg "*) ;; *) func_append rpath " $arg" ;; esac else case "$xrpath " in *" $arg "*) ;; *) func_append xrpath " $arg" ;; esac fi prev= continue ;; shrext) shrext_cmds=$arg prev= continue ;; weak) func_append weak_libs " $arg" prev= continue ;; xcclinker) func_append linker_flags " $qarg" func_append compiler_flags " $qarg" prev= func_append compile_command " $qarg" func_append finalize_command " $qarg" continue ;; xcompiler) func_append compiler_flags " $qarg" prev= func_append compile_command " $qarg" func_append finalize_command " $qarg" continue ;; xlinker) func_append linker_flags " $qarg" func_append compiler_flags " $wl$qarg" prev= func_append compile_command " $wl$qarg" func_append finalize_command " $wl$qarg" continue ;; *) eval "$prev=\"\$arg\"" prev= continue ;; esac fi # test -n "$prev" prevarg=$arg case $arg in -all-static) if test -n "$link_static_flag"; then # See comment for -static flag below, for more details. func_append compile_command " $link_static_flag" func_append finalize_command " $link_static_flag" fi continue ;; -allow-undefined) # FIXME: remove this flag sometime in the future. func_fatal_error "'-allow-undefined' must not be used because it is the default" ;; -avoid-version) avoid_version=yes continue ;; -bindir) prev=bindir continue ;; -dlopen) prev=dlfiles continue ;; -dlpreopen) prev=dlprefiles continue ;; -export-dynamic) export_dynamic=yes continue ;; -export-symbols | -export-symbols-regex) if test -n "$export_symbols" || test -n "$export_symbols_regex"; then func_fatal_error "more than one -exported-symbols argument is not allowed" fi if test X-export-symbols = "X$arg"; then prev=expsyms else prev=expsyms_regex fi continue ;; -framework) prev=framework continue ;; -inst-prefix-dir) prev=inst_prefix continue ;; # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:* # so, if we see these flags be careful not to treat them like -L -L[A-Z][A-Z]*:*) case $with_gcc/$host in no/*-*-irix* | /*-*-irix*) func_append compile_command " $arg" func_append finalize_command " $arg" ;; esac continue ;; -L*) func_stripname "-L" '' "$arg" if test -z "$func_stripname_result"; then if test "$#" -gt 0; then func_fatal_error "require no space between '-L' and '$1'" else func_fatal_error "need path for '-L' option" fi fi func_resolve_sysroot "$func_stripname_result" dir=$func_resolve_sysroot_result # We need an absolute path. case $dir in [\\/]* | [A-Za-z]:[\\/]*) ;; *) absdir=`cd "$dir" && pwd` test -z "$absdir" && \ func_fatal_error "cannot determine absolute directory name of '$dir'" dir=$absdir ;; esac case "$deplibs " in *" -L$dir "* | *" $arg "*) # Will only happen for absolute or sysroot arguments ;; *) # Preserve sysroot, but never include relative directories case $dir in [\\/]* | [A-Za-z]:[\\/]* | =*) func_append deplibs " $arg" ;; *) func_append deplibs " -L$dir" ;; esac func_append lib_search_path " $dir" ;; esac case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) testbindir=`$ECHO "$dir" | $SED 's*/lib$*/bin*'` case :$dllsearchpath: in *":$dir:"*) ;; ::) dllsearchpath=$dir;; *) func_append dllsearchpath ":$dir";; esac case :$dllsearchpath: in *":$testbindir:"*) ;; ::) dllsearchpath=$testbindir;; *) func_append dllsearchpath ":$testbindir";; esac ;; esac continue ;; -l*) if test X-lc = "X$arg" || test X-lm = "X$arg"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-beos* | *-cegcc* | *-*-haiku*) # These systems don't actually have a C or math library (as such) continue ;; *-*-os2*) # These systems don't actually have a C library (as such) test X-lc = "X$arg" && continue ;; *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc due to us having libc/libc_r. test X-lc = "X$arg" && continue ;; *-*-rhapsody* | *-*-darwin1.[012]) # Rhapsody C and math libraries are in the System framework func_append deplibs " System.ltframework" continue ;; *-*-sco3.2v5* | *-*-sco5v6*) # Causes problems with __ctype test X-lc = "X$arg" && continue ;; *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) # Compiler inserts libc in the correct place for threads to work test X-lc = "X$arg" && continue ;; esac elif test X-lc_r = "X$arg"; then case $host in *-*-openbsd* | *-*-freebsd* | *-*-dragonfly* | *-*-bitrig*) # Do not include libc_r directly, use -pthread flag. continue ;; esac fi func_append deplibs " $arg" continue ;; -mllvm) prev=mllvm continue ;; -module) module=yes continue ;; # Tru64 UNIX uses -model [arg] to determine the layout of C++ # classes, name mangling, and exception handling. # Darwin uses the -arch flag to determine output architecture. -model|-arch|-isysroot|--sysroot) func_append compiler_flags " $arg" func_append compile_command " $arg" func_append finalize_command " $arg" prev=xcompiler continue ;; -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) func_append compiler_flags " $arg" func_append compile_command " $arg" func_append finalize_command " $arg" case "$new_inherited_linker_flags " in *" $arg "*) ;; * ) func_append new_inherited_linker_flags " $arg" ;; esac continue ;; -multi_module) single_module=$wl-multi_module continue ;; -no-fast-install) fast_install=no continue ;; -no-install) case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-darwin* | *-cegcc*) # The PATH hackery in wrapper scripts is required on Windows # and Darwin in order for the loader to find any dlls it needs. func_warning "'-no-install' is ignored for $host" func_warning "assuming '-no-fast-install' instead" fast_install=no ;; *) no_install=yes ;; esac continue ;; -no-undefined) allow_undefined=no continue ;; -objectlist) prev=objectlist continue ;; -os2dllname) prev=os2dllname continue ;; -o) prev=output ;; -precious-files-regex) prev=precious_regex continue ;; -release) prev=release continue ;; -rpath) prev=rpath continue ;; -R) prev=xrpath continue ;; -R*) func_stripname '-R' '' "$arg" dir=$func_stripname_result # We need an absolute path. case $dir in [\\/]* | [A-Za-z]:[\\/]*) ;; =*) func_stripname '=' '' "$dir" dir=$lt_sysroot$func_stripname_result ;; *) func_fatal_error "only absolute run-paths are allowed" ;; esac case "$xrpath " in *" $dir "*) ;; *) func_append xrpath " $dir" ;; esac continue ;; -shared) # The effects of -shared are defined in a previous loop. continue ;; -shrext) prev=shrext continue ;; -static | -static-libtool-libs) # The effects of -static are defined in a previous loop. # We used to do the same as -all-static on platforms that # didn't have a PIC flag, but the assumption that the effects # would be equivalent was wrong. It would break on at least # Digital Unix and AIX. continue ;; -thread-safe) thread_safe=yes continue ;; -version-info) prev=vinfo continue ;; -version-number) prev=vinfo vinfo_number=yes continue ;; -weak) prev=weak continue ;; -Wc,*) func_stripname '-Wc,' '' "$arg" args=$func_stripname_result arg= save_ifs=$IFS; IFS=, for flag in $args; do IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $func_quote_for_eval_result" func_append compiler_flags " $func_quote_for_eval_result" done IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; -Wl,*) func_stripname '-Wl,' '' "$arg" args=$func_stripname_result arg= save_ifs=$IFS; IFS=, for flag in $args; do IFS=$save_ifs func_quote_for_eval "$flag" func_append arg " $wl$func_quote_for_eval_result" func_append compiler_flags " $wl$func_quote_for_eval_result" func_append linker_flags " $func_quote_for_eval_result" done IFS=$save_ifs func_stripname ' ' '' "$arg" arg=$func_stripname_result ;; -Xcompiler) prev=xcompiler continue ;; -Xlinker) prev=xlinker continue ;; -XCClinker) prev=xcclinker continue ;; # -msg_* for osf cc -msg_*) func_quote_for_eval "$arg" arg=$func_quote_for_eval_result ;; # Flags to be passed through unchanged, with rationale: # -64, -mips[0-9] enable 64-bit mode for the SGI compiler # -r[0-9][0-9]* specify processor for the SGI compiler # -xarch=*, -xtarget=* enable 64-bit mode for the Sun compiler # +DA*, +DD* enable 64-bit mode for the HP compiler # -q* compiler args for the IBM compiler # -m*, -t[45]*, -txscale* architecture-specific flags for GCC # -F/path path to uninstalled frameworks, gcc on darwin # -p, -pg, --coverage, -fprofile-* profiling flags for GCC # -fstack-protector* stack protector flags for GCC # @file GCC response files # -tp=* Portland pgcc target processor selection # --sysroot=* for sysroot support # -O*, -g*, -flto*, -fwhopr*, -fuse-linker-plugin GCC link-time optimization # -stdlib=* select c++ std lib with clang -64|-mips[0-9]|-r[0-9][0-9]*|-xarch=*|-xtarget=*|+DA*|+DD*|-q*|-m*| \ -t[45]*|-txscale*|-p|-pg|--coverage|-fprofile-*|-F*|@*|-tp=*|--sysroot=*| \ -O*|-g*|-flto*|-fwhopr*|-fuse-linker-plugin|-fstack-protector*|-stdlib=*) func_quote_for_eval "$arg" arg=$func_quote_for_eval_result func_append compile_command " $arg" func_append finalize_command " $arg" func_append compiler_flags " $arg" continue ;; -Z*) if test os2 = "`expr $host : '.*\(os2\)'`"; then # OS/2 uses -Zxxx to specify OS/2-specific options compiler_flags="$compiler_flags $arg" func_append compile_command " $arg" func_append finalize_command " $arg" case $arg in -Zlinker | -Zstack) prev=xcompiler ;; esac continue else # Otherwise treat like 'Some other compiler flag' below func_quote_for_eval "$arg" arg=$func_quote_for_eval_result fi ;; # Some other compiler flag. -* | +*) func_quote_for_eval "$arg" arg=$func_quote_for_eval_result ;; *.$objext) # A standard object. func_append objs " $arg" ;; *.lo) # A libtool-controlled object. # Check to see that this really is a libtool object. if func_lalib_unsafe_p "$arg"; then pic_object= non_pic_object= # Read the .lo file func_source "$arg" if test -z "$pic_object" || test -z "$non_pic_object" || test none = "$pic_object" && test none = "$non_pic_object"; then func_fatal_error "cannot find name of object for '$arg'" fi # Extract subdirectory from the argument. func_dirname "$arg" "/" "" xdir=$func_dirname_result test none = "$pic_object" || { # Prepend the subdirectory the object is found in. pic_object=$xdir$pic_object if test dlfiles = "$prev"; then if test yes = "$build_libtool_libs" && test yes = "$dlopen_support"; then func_append dlfiles " $pic_object" prev= continue else # If libtool objects are unsupported, then we need to preload. prev=dlprefiles fi fi # CHECK ME: I think I busted this. -Ossama if test dlprefiles = "$prev"; then # Preload the old-style object. func_append dlprefiles " $pic_object" prev= fi # A PIC object. func_append libobjs " $pic_object" arg=$pic_object } # Non-PIC object. if test none != "$non_pic_object"; then # Prepend the subdirectory the object is found in. non_pic_object=$xdir$non_pic_object # A standard non-PIC object func_append non_pic_objects " $non_pic_object" if test -z "$pic_object" || test none = "$pic_object"; then arg=$non_pic_object fi else # If the PIC object exists, use it instead. # $xdir was prepended to $pic_object above. non_pic_object=$pic_object func_append non_pic_objects " $non_pic_object" fi else # Only an error if not doing a dry-run. if $opt_dry_run; then # Extract subdirectory from the argument. func_dirname "$arg" "/" "" xdir=$func_dirname_result func_lo2o "$arg" pic_object=$xdir$objdir/$func_lo2o_result non_pic_object=$xdir$func_lo2o_result func_append libobjs " $pic_object" func_append non_pic_objects " $non_pic_object" else func_fatal_error "'$arg' is not a valid libtool object" fi fi ;; *.$libext) # An archive. func_append deplibs " $arg" func_append old_deplibs " $arg" continue ;; *.la) # A libtool-controlled library. func_resolve_sysroot "$arg" if test dlfiles = "$prev"; then # This library was specified with -dlopen. func_append dlfiles " $func_resolve_sysroot_result" prev= elif test dlprefiles = "$prev"; then # The library was specified with -dlpreopen. func_append dlprefiles " $func_resolve_sysroot_result" prev= else func_append deplibs " $func_resolve_sysroot_result" fi continue ;; # Some other compiler argument. *) # Unknown arguments in both finalize_command and compile_command need # to be aesthetically quoted because they are evaled later. func_quote_for_eval "$arg" arg=$func_quote_for_eval_result ;; esac # arg # Now actually substitute the argument into the commands. if test -n "$arg"; then func_append compile_command " $arg" func_append finalize_command " $arg" fi done # argument parsing loop test -n "$prev" && \ func_fatal_help "the '$prevarg' option requires an argument" if test yes = "$export_dynamic" && test -n "$export_dynamic_flag_spec"; then eval arg=\"$export_dynamic_flag_spec\" func_append compile_command " $arg" func_append finalize_command " $arg" fi oldlibs= # calculate the name of the file, without its directory func_basename "$output" outputname=$func_basename_result libobjs_save=$libobjs if test -n "$shlibpath_var"; then # get the directories listed in $shlibpath_var eval shlib_search_path=\`\$ECHO \"\$$shlibpath_var\" \| \$SED \'s/:/ /g\'\` else shlib_search_path= fi eval sys_lib_search_path=\"$sys_lib_search_path_spec\" eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" # Definition is injected by LT_CONFIG during libtool generation. func_munge_path_list sys_lib_dlsearch_path "$LT_SYS_LIBRARY_PATH" func_dirname "$output" "/" "" output_objdir=$func_dirname_result$objdir func_to_tool_file "$output_objdir/" tool_output_objdir=$func_to_tool_file_result # Create the object directory. func_mkdir_p "$output_objdir" # Determine the type of output case $output in "") func_fatal_help "you must specify an output file" ;; *.$libext) linkmode=oldlib ;; *.lo | *.$objext) linkmode=obj ;; *.la) linkmode=lib ;; *) linkmode=prog ;; # Anything else should be a program. esac specialdeplibs= libs= # Find all interdependent deplibs by searching for libraries # that are linked more than once (e.g. -la -lb -la) for deplib in $deplibs; do if $opt_preserve_dup_deps; then case "$libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac fi func_append libs " $deplib" done if test lib = "$linkmode"; then libs="$predeps $libs $compiler_lib_search_path $postdeps" # Compute libraries that are listed more than once in $predeps # $postdeps and mark them as special (i.e., whose duplicates are # not to be eliminated). pre_post_deps= if $opt_duplicate_compiler_generated_deps; then for pre_post_dep in $predeps $postdeps; do case "$pre_post_deps " in *" $pre_post_dep "*) func_append specialdeplibs " $pre_post_deps" ;; esac func_append pre_post_deps " $pre_post_dep" done fi pre_post_deps= fi deplibs= newdependency_libs= newlib_search_path= need_relink=no # whether we're linking any uninstalled libtool libraries notinst_deplibs= # not-installed libtool libraries notinst_path= # paths that contain not-installed libtool libraries case $linkmode in lib) passes="conv dlpreopen link" for file in $dlfiles $dlprefiles; do case $file in *.la) ;; *) func_fatal_help "libraries can '-dlopen' only libtool libraries: $file" ;; esac done ;; prog) compile_deplibs= finalize_deplibs= alldeplibs=false newdlfiles= newdlprefiles= passes="conv scan dlopen dlpreopen link" ;; *) passes="conv" ;; esac for pass in $passes; do # The preopen pass in lib mode reverses $deplibs; put it back here # so that -L comes before libs that need it for instance... if test lib,link = "$linkmode,$pass"; then ## FIXME: Find the place where the list is rebuilt in the wrong ## order, and fix it there properly tmp_deplibs= for deplib in $deplibs; do tmp_deplibs="$deplib $tmp_deplibs" done deplibs=$tmp_deplibs fi if test lib,link = "$linkmode,$pass" || test prog,scan = "$linkmode,$pass"; then libs=$deplibs deplibs= fi if test prog = "$linkmode"; then case $pass in dlopen) libs=$dlfiles ;; dlpreopen) libs=$dlprefiles ;; link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; esac fi if test lib,dlpreopen = "$linkmode,$pass"; then # Collect and forward deplibs of preopened libtool libs for lib in $dlprefiles; do # Ignore non-libtool-libs dependency_libs= func_resolve_sysroot "$lib" case $lib in *.la) func_source "$func_resolve_sysroot_result" ;; esac # Collect preopened libtool deplibs, except any this library # has declared as weak libs for deplib in $dependency_libs; do func_basename "$deplib" deplib_base=$func_basename_result case " $weak_libs " in *" $deplib_base "*) ;; *) func_append deplibs " $deplib" ;; esac done done libs=$dlprefiles fi if test dlopen = "$pass"; then # Collect dlpreopened libraries save_deplibs=$deplibs deplibs= fi for deplib in $libs; do lib= found=false case $deplib in -mt|-mthreads|-kthread|-Kthread|-pthread|-pthreads|--thread-safe \ |-threads|-fopenmp|-openmp|-mp|-xopenmp|-omp|-qsmp=*) if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else func_append compiler_flags " $deplib" if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; esac fi fi continue ;; -l*) if test lib != "$linkmode" && test prog != "$linkmode"; then func_warning "'-l' is ignored for archives/objects" continue fi func_stripname '-l' '' "$deplib" name=$func_stripname_result if test lib = "$linkmode"; then searchdirs="$newlib_search_path $lib_search_path $compiler_lib_search_dirs $sys_lib_search_path $shlib_search_path" else searchdirs="$newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path" fi for searchdir in $searchdirs; do for search_ext in .la $std_shrext .so .a; do # Search the libtool library lib=$searchdir/lib$name$search_ext if test -f "$lib"; then if test .la = "$search_ext"; then found=: else found=false fi break 2 fi done done if $found; then # deplib is a libtool library # If $allow_libtool_libs_with_static_runtimes && $deplib is a stdlib, # We need to do some special things here, and not later. if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $deplib "*) if func_lalib_p "$lib"; then library_names= old_library= func_source "$lib" for l in $old_library $library_names; do ll=$l done if test "X$ll" = "X$old_library"; then # only static version available found=false func_dirname "$lib" "" "." ladir=$func_dirname_result lib=$ladir/$old_library if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" fi continue fi fi ;; *) ;; esac fi else # deplib doesn't seem to be a libtool library if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" test lib = "$linkmode" && newdependency_libs="$deplib $newdependency_libs" fi continue fi ;; # -l *.ltframework) if test prog,link = "$linkmode,$pass"; then compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else deplibs="$deplib $deplibs" if test lib = "$linkmode"; then case "$new_inherited_linker_flags " in *" $deplib "*) ;; * ) func_append new_inherited_linker_flags " $deplib" ;; esac fi fi continue ;; -L*) case $linkmode in lib) deplibs="$deplib $deplibs" test conv = "$pass" && continue newdependency_libs="$deplib $newdependency_libs" func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result" func_append newlib_search_path " $func_resolve_sysroot_result" ;; prog) if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi if test scan = "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" fi func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result" func_append newlib_search_path " $func_resolve_sysroot_result" ;; *) func_warning "'-L' is ignored for archives/objects" ;; esac # linkmode continue ;; # -L -R*) if test link = "$pass"; then func_stripname '-R' '' "$deplib" func_resolve_sysroot "$func_stripname_result" dir=$func_resolve_sysroot_result # Make sure the xrpath contains only unique directories. case "$xrpath " in *" $dir "*) ;; *) func_append xrpath " $dir" ;; esac fi deplibs="$deplib $deplibs" continue ;; *.la) func_resolve_sysroot "$deplib" lib=$func_resolve_sysroot_result ;; *.$libext) if test conv = "$pass"; then deplibs="$deplib $deplibs" continue fi case $linkmode in lib) # Linking convenience modules into shared libraries is allowed, # but linking other static libraries is non-portable. case " $dlpreconveniencelibs " in *" $deplib "*) ;; *) valid_a_lib=false case $deplibs_check_method in match_pattern*) set dummy $deplibs_check_method; shift match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` if eval "\$ECHO \"$deplib\"" 2>/dev/null | $SED 10q \ | $EGREP "$match_pattern_regex" > /dev/null; then valid_a_lib=: fi ;; pass_all) valid_a_lib=: ;; esac if $valid_a_lib; then echo $ECHO "*** Warning: Linking the shared library $output against the" $ECHO "*** static library $deplib is not portable!" deplibs="$deplib $deplibs" else echo $ECHO "*** Warning: Trying to link with static lib archive $deplib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because the file extensions .$libext of this argument makes me believe" echo "*** that it is just a static archive that I should not use here." fi ;; esac continue ;; prog) if test link != "$pass"; then deplibs="$deplib $deplibs" else compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" fi continue ;; esac # linkmode ;; # *.$libext *.lo | *.$objext) if test conv = "$pass"; then deplibs="$deplib $deplibs" elif test prog = "$linkmode"; then if test dlpreopen = "$pass" || test yes != "$dlopen_support" || test no = "$build_libtool_libs"; then # If there is no dlopen support or we're linking statically, # we need to preload. func_append newdlprefiles " $deplib" compile_deplibs="$deplib $compile_deplibs" finalize_deplibs="$deplib $finalize_deplibs" else func_append newdlfiles " $deplib" fi fi continue ;; %DEPLIBS%) alldeplibs=: continue ;; esac # case $deplib $found || test -f "$lib" \ || func_fatal_error "cannot find the library '$lib' or unhandled argument '$deplib'" # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$lib" \ || func_fatal_error "'$lib' is not a valid libtool archive" func_dirname "$lib" "" "." ladir=$func_dirname_result dlname= dlopen= dlpreopen= libdir= library_names= old_library= inherited_linker_flags= # If the library was installed with an old release of libtool, # it will not redefine variables installed, or shouldnotlink installed=yes shouldnotlink=no avoidtemprpath= # Read the .la file func_source "$lib" # Convert "-framework foo" to "foo.ltframework" if test -n "$inherited_linker_flags"; then tmp_inherited_linker_flags=`$ECHO "$inherited_linker_flags" | $SED 's/-framework \([^ $]*\)/\1.ltframework/g'` for tmp_inherited_linker_flag in $tmp_inherited_linker_flags; do case " $new_inherited_linker_flags " in *" $tmp_inherited_linker_flag "*) ;; *) func_append new_inherited_linker_flags " $tmp_inherited_linker_flag";; esac done fi dependency_libs=`$ECHO " $dependency_libs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` if test lib,link = "$linkmode,$pass" || test prog,scan = "$linkmode,$pass" || { test prog != "$linkmode" && test lib != "$linkmode"; }; then test -n "$dlopen" && func_append dlfiles " $dlopen" test -n "$dlpreopen" && func_append dlprefiles " $dlpreopen" fi if test conv = "$pass"; then # Only check for convenience libraries deplibs="$lib $deplibs" if test -z "$libdir"; then if test -z "$old_library"; then func_fatal_error "cannot find name of link library for '$lib'" fi # It is a libtool convenience library, so add in its objects. func_append convenience " $ladir/$objdir/$old_library" func_append old_convenience " $ladir/$objdir/$old_library" elif test prog != "$linkmode" && test lib != "$linkmode"; then func_fatal_error "'$lib' is not a convenience library" fi tmp_libs= for deplib in $dependency_libs; do deplibs="$deplib $deplibs" if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac fi func_append tmp_libs " $deplib" done continue fi # $pass = conv # Get the name of the library we link against. linklib= if test -n "$old_library" && { test yes = "$prefer_static_libs" || test built,no = "$prefer_static_libs,$installed"; }; then linklib=$old_library else for l in $old_library $library_names; do linklib=$l done fi if test -z "$linklib"; then func_fatal_error "cannot find name of link library for '$lib'" fi # This library was specified with -dlopen. if test dlopen = "$pass"; then test -z "$libdir" \ && func_fatal_error "cannot -dlopen a convenience library: '$lib'" if test -z "$dlname" || test yes != "$dlopen_support" || test no = "$build_libtool_libs" then # If there is no dlname, no dlopen support or we're linking # statically, we need to preload. We also need to preload any # dependent libraries so libltdl's deplib preloader doesn't # bomb out in the load deplibs phase. func_append dlprefiles " $lib $dependency_libs" else func_append newdlfiles " $lib" fi continue fi # $pass = dlopen # We need an absolute path. case $ladir in [\\/]* | [A-Za-z]:[\\/]*) abs_ladir=$ladir ;; *) abs_ladir=`cd "$ladir" && pwd` if test -z "$abs_ladir"; then func_warning "cannot determine absolute directory name of '$ladir'" func_warning "passing it literally to the linker, although it might fail" abs_ladir=$ladir fi ;; esac func_basename "$lib" laname=$func_basename_result # Find the relevant object directory and library name. if test yes = "$installed"; then if test ! -f "$lt_sysroot$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then #func_warning "library '$lib' was moved." dir=$ladir absdir=$abs_ladir libdir=$abs_ladir else dir=$lt_sysroot$libdir absdir=$lt_sysroot$libdir fi test yes = "$hardcode_automatic" && avoidtemprpath=yes else if test ! -f "$ladir/$objdir/$linklib" && test -f "$abs_ladir/$linklib"; then dir=$ladir absdir=$abs_ladir # Remove this search path later func_append notinst_path " $abs_ladir" else dir=$ladir/$objdir absdir=$abs_ladir/$objdir # Remove this search path later func_append notinst_path " $abs_ladir" fi fi # $installed = yes func_stripname 'lib' '.la' "$laname" name=$func_stripname_result # This library was specified with -dlpreopen. if test dlpreopen = "$pass"; then if test -z "$libdir" && test prog = "$linkmode"; then func_fatal_error "only libraries may -dlpreopen a convenience library: '$lib'" fi case $host in # special handling for platforms with PE-DLLs. *cygwin* | *mingw* | *cegcc* ) # Linker will automatically link against shared library if both # static and shared are present. Therefore, ensure we extract # symbols from the import library if a shared library is present # (otherwise, the dlopen module name will be incorrect). We do # this by putting the import library name into $newdlprefiles. # We recover the dlopen module name by 'saving' the la file # name in a special purpose variable, and (later) extracting the # dlname from the la file. if test -n "$dlname"; then func_tr_sh "$dir/$linklib" eval "libfile_$func_tr_sh_result=\$abs_ladir/\$laname" func_append newdlprefiles " $dir/$linklib" else func_append newdlprefiles " $dir/$old_library" # Keep a list of preopened convenience libraries to check # that they are being used correctly in the link pass. test -z "$libdir" && \ func_append dlpreconveniencelibs " $dir/$old_library" fi ;; * ) # Prefer using a static library (so that no silly _DYNAMIC symbols # are required to link). if test -n "$old_library"; then func_append newdlprefiles " $dir/$old_library" # Keep a list of preopened convenience libraries to check # that they are being used correctly in the link pass. test -z "$libdir" && \ func_append dlpreconveniencelibs " $dir/$old_library" # Otherwise, use the dlname, so that lt_dlopen finds it. elif test -n "$dlname"; then func_append newdlprefiles " $dir/$dlname" else func_append newdlprefiles " $dir/$linklib" fi ;; esac fi # $pass = dlpreopen if test -z "$libdir"; then # Link the convenience library if test lib = "$linkmode"; then deplibs="$dir/$old_library $deplibs" elif test prog,link = "$linkmode,$pass"; then compile_deplibs="$dir/$old_library $compile_deplibs" finalize_deplibs="$dir/$old_library $finalize_deplibs" else deplibs="$lib $deplibs" # used for prog,scan pass fi continue fi if test prog = "$linkmode" && test link != "$pass"; then func_append newlib_search_path " $ladir" deplibs="$lib $deplibs" linkalldeplibs=false if test no != "$link_all_deplibs" || test -z "$library_names" || test no = "$build_libtool_libs"; then linkalldeplibs=: fi tmp_libs= for deplib in $dependency_libs; do case $deplib in -L*) func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result" func_append newlib_search_path " $func_resolve_sysroot_result" ;; esac # Need to link against all dependency_libs? if $linkalldeplibs; then deplibs="$deplib $deplibs" else # Need to hardcode shared library paths # or/and link against static libraries newdependency_libs="$deplib $newdependency_libs" fi if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $deplib "*) func_append specialdeplibs " $deplib" ;; esac fi func_append tmp_libs " $deplib" done # for deplib continue fi # $linkmode = prog... if test prog,link = "$linkmode,$pass"; then if test -n "$library_names" && { { test no = "$prefer_static_libs" || test built,yes = "$prefer_static_libs,$installed"; } || test -z "$old_library"; }; then # We need to hardcode the library path if test -n "$shlibpath_var" && test -z "$avoidtemprpath"; then # Make sure the rpath contains only unique directories. case $temp_rpath: in *"$absdir:"*) ;; *) func_append temp_rpath "$absdir:" ;; esac fi # Hardcode the library path. # Skip directories that are in the system default run-time # search path. case " $sys_lib_dlsearch_path " in *" $absdir "*) ;; *) case "$compile_rpath " in *" $absdir "*) ;; *) func_append compile_rpath " $absdir" ;; esac ;; esac case " $sys_lib_dlsearch_path " in *" $libdir "*) ;; *) case "$finalize_rpath " in *" $libdir "*) ;; *) func_append finalize_rpath " $libdir" ;; esac ;; esac fi # $linkmode,$pass = prog,link... if $alldeplibs && { test pass_all = "$deplibs_check_method" || { test yes = "$build_libtool_libs" && test -n "$library_names"; }; }; then # We only need to search for static libraries continue fi fi link_static=no # Whether the deplib will be linked statically use_static_libs=$prefer_static_libs if test built = "$use_static_libs" && test yes = "$installed"; then use_static_libs=no fi if test -n "$library_names" && { test no = "$use_static_libs" || test -z "$old_library"; }; then case $host in *cygwin* | *mingw* | *cegcc* | *os2*) # No point in relinking DLLs because paths are not encoded func_append notinst_deplibs " $lib" need_relink=no ;; *) if test no = "$installed"; then func_append notinst_deplibs " $lib" need_relink=yes fi ;; esac # This is a shared library # Warn about portability, can't link against -module's on some # systems (darwin). Don't bleat about dlopened modules though! dlopenmodule= for dlpremoduletest in $dlprefiles; do if test "X$dlpremoduletest" = "X$lib"; then dlopenmodule=$dlpremoduletest break fi done if test -z "$dlopenmodule" && test yes = "$shouldnotlink" && test link = "$pass"; then echo if test prog = "$linkmode"; then $ECHO "*** Warning: Linking the executable $output against the loadable module" else $ECHO "*** Warning: Linking the shared library $output against the loadable module" fi $ECHO "*** $linklib is not portable!" fi if test lib = "$linkmode" && test yes = "$hardcode_into_libs"; then # Hardcode the library path. # Skip directories that are in the system default run-time # search path. case " $sys_lib_dlsearch_path " in *" $absdir "*) ;; *) case "$compile_rpath " in *" $absdir "*) ;; *) func_append compile_rpath " $absdir" ;; esac ;; esac case " $sys_lib_dlsearch_path " in *" $libdir "*) ;; *) case "$finalize_rpath " in *" $libdir "*) ;; *) func_append finalize_rpath " $libdir" ;; esac ;; esac fi if test -n "$old_archive_from_expsyms_cmds"; then # figure out the soname set dummy $library_names shift realname=$1 shift libname=`eval "\\$ECHO \"$libname_spec\""` # use dlname if we got it. it's perfectly good, no? if test -n "$dlname"; then soname=$dlname elif test -n "$soname_spec"; then # bleh windows case $host in *cygwin* | mingw* | *cegcc* | *os2*) func_arith $current - $age major=$func_arith_result versuffix=-$major ;; esac eval soname=\"$soname_spec\" else soname=$realname fi # Make a new name for the extract_expsyms_cmds to use soroot=$soname func_basename "$soroot" soname=$func_basename_result func_stripname 'lib' '.dll' "$soname" newlib=libimp-$func_stripname_result.a # If the library has no export list, then create one now if test -f "$output_objdir/$soname-def"; then : else func_verbose "extracting exported symbol list from '$soname'" func_execute_cmds "$extract_expsyms_cmds" 'exit $?' fi # Create $newlib if test -f "$output_objdir/$newlib"; then :; else func_verbose "generating import library for '$soname'" func_execute_cmds "$old_archive_from_expsyms_cmds" 'exit $?' fi # make sure the library variables are pointing to the new library dir=$output_objdir linklib=$newlib fi # test -n "$old_archive_from_expsyms_cmds" if test prog = "$linkmode" || test relink != "$opt_mode"; then add_shlibpath= add_dir= add= lib_linked=yes case $hardcode_action in immediate | unsupported) if test no = "$hardcode_direct"; then add=$dir/$linklib case $host in *-*-sco3.2v5.0.[024]*) add_dir=-L$dir ;; *-*-sysv4*uw2*) add_dir=-L$dir ;; *-*-sysv5OpenUNIX* | *-*-sysv5UnixWare7.[01].[10]* | \ *-*-unixware7*) add_dir=-L$dir ;; *-*-darwin* ) # if the lib is a (non-dlopened) module then we cannot # link against it, someone is ignoring the earlier warnings if /usr/bin/file -L $add 2> /dev/null | $GREP ": [^:]* bundle" >/dev/null; then if test "X$dlopenmodule" != "X$lib"; then $ECHO "*** Warning: lib $linklib is a module, not a shared library" if test -z "$old_library"; then echo echo "*** And there doesn't seem to be a static archive available" echo "*** The link will probably fail, sorry" else add=$dir/$old_library fi elif test -n "$old_library"; then add=$dir/$old_library fi fi esac elif test no = "$hardcode_minus_L"; then case $host in *-*-sunos*) add_shlibpath=$dir ;; esac add_dir=-L$dir add=-l$name elif test no = "$hardcode_shlibpath_var"; then add_shlibpath=$dir add=-l$name else lib_linked=no fi ;; relink) if test yes = "$hardcode_direct" && test no = "$hardcode_direct_absolute"; then add=$dir/$linklib elif test yes = "$hardcode_minus_L"; then add_dir=-L$absdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in [\\/]*) func_append add_dir " -L$inst_prefix_dir$libdir" ;; esac fi add=-l$name elif test yes = "$hardcode_shlibpath_var"; then add_shlibpath=$dir add=-l$name else lib_linked=no fi ;; *) lib_linked=no ;; esac if test yes != "$lib_linked"; then func_fatal_configuration "unsupported hardcode properties" fi if test -n "$add_shlibpath"; then case :$compile_shlibpath: in *":$add_shlibpath:"*) ;; *) func_append compile_shlibpath "$add_shlibpath:" ;; esac fi if test prog = "$linkmode"; then test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" test -n "$add" && compile_deplibs="$add $compile_deplibs" else test -n "$add_dir" && deplibs="$add_dir $deplibs" test -n "$add" && deplibs="$add $deplibs" if test yes != "$hardcode_direct" && test yes != "$hardcode_minus_L" && test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; esac fi fi fi if test prog = "$linkmode" || test relink = "$opt_mode"; then add_shlibpath= add_dir= add= # Finalize command for both is simple: just hardcode it. if test yes = "$hardcode_direct" && test no = "$hardcode_direct_absolute"; then add=$libdir/$linklib elif test yes = "$hardcode_minus_L"; then add_dir=-L$libdir add=-l$name elif test yes = "$hardcode_shlibpath_var"; then case :$finalize_shlibpath: in *":$libdir:"*) ;; *) func_append finalize_shlibpath "$libdir:" ;; esac add=-l$name elif test yes = "$hardcode_automatic"; then if test -n "$inst_prefix_dir" && test -f "$inst_prefix_dir$libdir/$linklib"; then add=$inst_prefix_dir$libdir/$linklib else add=$libdir/$linklib fi else # We cannot seem to hardcode it, guess we'll fake it. add_dir=-L$libdir # Try looking first in the location we're being installed to. if test -n "$inst_prefix_dir"; then case $libdir in [\\/]*) func_append add_dir " -L$inst_prefix_dir$libdir" ;; esac fi add=-l$name fi if test prog = "$linkmode"; then test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" test -n "$add" && finalize_deplibs="$add $finalize_deplibs" else test -n "$add_dir" && deplibs="$add_dir $deplibs" test -n "$add" && deplibs="$add $deplibs" fi fi elif test prog = "$linkmode"; then # Here we assume that one of hardcode_direct or hardcode_minus_L # is not unsupported. This is valid on all known static and # shared platforms. if test unsupported != "$hardcode_direct"; then test -n "$old_library" && linklib=$old_library compile_deplibs="$dir/$linklib $compile_deplibs" finalize_deplibs="$dir/$linklib $finalize_deplibs" else compile_deplibs="-l$name -L$dir $compile_deplibs" finalize_deplibs="-l$name -L$dir $finalize_deplibs" fi elif test yes = "$build_libtool_libs"; then # Not a shared library if test pass_all != "$deplibs_check_method"; then # We're trying link a shared library against a static one # but the system doesn't support it. # Just print a warning and add the library to dependency_libs so # that the program can be linked against the static library. echo $ECHO "*** Warning: This system cannot link to static lib archive $lib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have." if test yes = "$module"; then echo "*** But as you try to build a module library, libtool will still create " echo "*** a static module, that should work as long as the dlopening application" echo "*** is linked with the -dlopen flag to resolve symbols at runtime." if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." echo "*** 'nm' from GNU binutils and a full rebuild may help." fi if test no = "$build_old_libs"; then build_libtool_libs=module build_old_libs=yes else build_libtool_libs=no fi fi else deplibs="$dir/$old_library $deplibs" link_static=yes fi fi # link shared/static library? if test lib = "$linkmode"; then if test -n "$dependency_libs" && { test yes != "$hardcode_into_libs" || test yes = "$build_old_libs" || test yes = "$link_static"; }; then # Extract -R from dependency_libs temp_deplibs= for libdir in $dependency_libs; do case $libdir in -R*) func_stripname '-R' '' "$libdir" temp_xrpath=$func_stripname_result case " $xrpath " in *" $temp_xrpath "*) ;; *) func_append xrpath " $temp_xrpath";; esac;; *) func_append temp_deplibs " $libdir";; esac done dependency_libs=$temp_deplibs fi func_append newlib_search_path " $absdir" # Link against this library test no = "$link_static" && newdependency_libs="$abs_ladir/$laname $newdependency_libs" # ... and its dependency_libs tmp_libs= for deplib in $dependency_libs; do newdependency_libs="$deplib $newdependency_libs" case $deplib in -L*) func_stripname '-L' '' "$deplib" func_resolve_sysroot "$func_stripname_result";; *) func_resolve_sysroot "$deplib" ;; esac if $opt_preserve_dup_deps; then case "$tmp_libs " in *" $func_resolve_sysroot_result "*) func_append specialdeplibs " $func_resolve_sysroot_result" ;; esac fi func_append tmp_libs " $func_resolve_sysroot_result" done if test no != "$link_all_deplibs"; then # Add the search paths of all dependency libraries for deplib in $dependency_libs; do path= case $deplib in -L*) path=$deplib ;; *.la) func_resolve_sysroot "$deplib" deplib=$func_resolve_sysroot_result func_dirname "$deplib" "" "." dir=$func_dirname_result # We need an absolute path. case $dir in [\\/]* | [A-Za-z]:[\\/]*) absdir=$dir ;; *) absdir=`cd "$dir" && pwd` if test -z "$absdir"; then func_warning "cannot determine absolute directory name of '$dir'" absdir=$dir fi ;; esac if $GREP "^installed=no" $deplib > /dev/null; then case $host in *-*-darwin*) depdepl= eval deplibrary_names=`$SED -n -e 's/^library_names=\(.*\)$/\1/p' $deplib` if test -n "$deplibrary_names"; then for tmp in $deplibrary_names; do depdepl=$tmp done if test -f "$absdir/$objdir/$depdepl"; then depdepl=$absdir/$objdir/$depdepl darwin_install_name=`$OTOOL -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` if test -z "$darwin_install_name"; then darwin_install_name=`$OTOOL64 -L $depdepl | awk '{if (NR == 2) {print $1;exit}}'` fi func_append compiler_flags " $wl-dylib_file $wl$darwin_install_name:$depdepl" func_append linker_flags " -dylib_file $darwin_install_name:$depdepl" path= fi fi ;; *) path=-L$absdir/$objdir ;; esac else eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` test -z "$libdir" && \ func_fatal_error "'$deplib' is not a valid libtool archive" test "$absdir" != "$libdir" && \ #func_warning "'$deplib' seems to be moved" path=-L$absdir fi ;; esac case " $deplibs " in *" $path "*) ;; *) deplibs="$path $deplibs" ;; esac done fi # link_all_deplibs != no fi # linkmode = lib done # for deplib in $libs if test link = "$pass"; then if test prog = "$linkmode"; then compile_deplibs="$new_inherited_linker_flags $compile_deplibs" finalize_deplibs="$new_inherited_linker_flags $finalize_deplibs" else compiler_flags="$compiler_flags "`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` fi fi dependency_libs=$newdependency_libs if test dlpreopen = "$pass"; then # Link the dlpreopened libraries before other libraries for deplib in $save_deplibs; do deplibs="$deplib $deplibs" done fi if test dlopen != "$pass"; then test conv = "$pass" || { # Make sure lib_search_path contains only unique directories. lib_search_path= for dir in $newlib_search_path; do case "$lib_search_path " in *" $dir "*) ;; *) func_append lib_search_path " $dir" ;; esac done newlib_search_path= } if test prog,link = "$linkmode,$pass"; then vars="compile_deplibs finalize_deplibs" else vars=deplibs fi for var in $vars dependency_libs; do # Add libraries to $var in reverse order eval tmp_libs=\"\$$var\" new_libs= for deplib in $tmp_libs; do # FIXME: Pedantically, this is the right thing to do, so # that some nasty dependency loop isn't accidentally # broken: #new_libs="$deplib $new_libs" # Pragmatically, this seems to cause very few problems in # practice: case $deplib in -L*) new_libs="$deplib $new_libs" ;; -R*) ;; *) # And here is the reason: when a library appears more # than once as an explicit dependence of a library, or # is implicitly linked in more than once by the # compiler, it is considered special, and multiple # occurrences thereof are not removed. Compare this # with having the same library being listed as a # dependency of multiple other libraries: in this case, # we know (pedantically, we assume) the library does not # need to be listed more than once, so we keep only the # last copy. This is not always right, but it is rare # enough that we require users that really mean to play # such unportable linking tricks to link the library # using -Wl,-lname, so that libtool does not consider it # for duplicate removal. case " $specialdeplibs " in *" $deplib "*) new_libs="$deplib $new_libs" ;; *) case " $new_libs " in *" $deplib "*) ;; *) new_libs="$deplib $new_libs" ;; esac ;; esac ;; esac done tmp_libs= for deplib in $new_libs; do case $deplib in -L*) case " $tmp_libs " in *" $deplib "*) ;; *) func_append tmp_libs " $deplib" ;; esac ;; *) func_append tmp_libs " $deplib" ;; esac done eval $var=\"$tmp_libs\" done # for var fi # Add Sun CC postdeps if required: test CXX = "$tagname" && { case $host_os in linux*) case `$CC -V 2>&1 | sed 5q` in *Sun\ C*) # Sun C++ 5.9 func_suncc_cstd_abi if test no != "$suncc_use_cstd_abi"; then func_append postdeps ' -library=Cstd -library=Crun' fi ;; esac ;; solaris*) func_cc_basename "$CC" case $func_cc_basename_result in CC* | sunCC*) func_suncc_cstd_abi if test no != "$suncc_use_cstd_abi"; then func_append postdeps ' -library=Cstd -library=Crun' fi ;; esac ;; esac } # Last step: remove runtime libs from dependency_libs # (they stay in deplibs) tmp_libs= for i in $dependency_libs; do case " $predeps $postdeps $compiler_lib_search_path " in *" $i "*) i= ;; esac if test -n "$i"; then func_append tmp_libs " $i" fi done dependency_libs=$tmp_libs done # for pass if test prog = "$linkmode"; then dlfiles=$newdlfiles fi if test prog = "$linkmode" || test lib = "$linkmode"; then dlprefiles=$newdlprefiles fi case $linkmode in oldlib) if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then func_warning "'-dlopen' is ignored for archives" fi case " $deplibs" in *\ -l* | *\ -L*) func_warning "'-l' and '-L' are ignored for archives" ;; esac test -n "$rpath" && \ func_warning "'-rpath' is ignored for archives" test -n "$xrpath" && \ func_warning "'-R' is ignored for archives" test -n "$vinfo" && \ func_warning "'-version-info/-version-number' is ignored for archives" test -n "$release" && \ func_warning "'-release' is ignored for archives" test -n "$export_symbols$export_symbols_regex" && \ func_warning "'-export-symbols' is ignored for archives" # Now set the variables for building old libraries. build_libtool_libs=no oldlibs=$output func_append objs "$old_deplibs" ;; lib) # Make sure we only generate libraries of the form 'libNAME.la'. case $outputname in lib*) func_stripname 'lib' '.la' "$outputname" name=$func_stripname_result eval shared_ext=\"$shrext_cmds\" eval libname=\"$libname_spec\" ;; *) test no = "$module" \ && func_fatal_help "libtool library '$output' must begin with 'lib'" if test no != "$need_lib_prefix"; then # Add the "lib" prefix for modules if required func_stripname '' '.la' "$outputname" name=$func_stripname_result eval shared_ext=\"$shrext_cmds\" eval libname=\"$libname_spec\" else func_stripname '' '.la' "$outputname" libname=$func_stripname_result fi ;; esac if test -n "$objs"; then if test pass_all != "$deplibs_check_method"; then func_fatal_error "cannot build libtool library '$output' from non-libtool objects on this host:$objs" else echo $ECHO "*** Warning: Linking the shared library $output against the non-libtool" $ECHO "*** objects $objs is not portable!" func_append libobjs " $objs" fi fi test no = "$dlself" \ || func_warning "'-dlopen self' is ignored for libtool libraries" set dummy $rpath shift test 1 -lt "$#" \ && func_warning "ignoring multiple '-rpath's for a libtool library" install_libdir=$1 oldlibs= if test -z "$rpath"; then if test yes = "$build_libtool_libs"; then # Building a libtool convenience library. # Some compilers have problems with a '.al' extension so # convenience libraries should have the same extension an # archive normally would. oldlibs="$output_objdir/$libname.$libext $oldlibs" build_libtool_libs=convenience build_old_libs=yes fi test -n "$vinfo" && \ func_warning "'-version-info/-version-number' is ignored for convenience libraries" test -n "$release" && \ func_warning "'-release' is ignored for convenience libraries" else # Parse the version information argument. save_ifs=$IFS; IFS=: set dummy $vinfo 0 0 0 shift IFS=$save_ifs test -n "$7" && \ func_fatal_help "too many parameters to '-version-info'" # convert absolute version numbers to libtool ages # this retains compatibility with .la files and attempts # to make the code below a bit more comprehensible case $vinfo_number in yes) number_major=$1 number_minor=$2 number_revision=$3 # # There are really only two kinds -- those that # use the current revision as the major version # and those that subtract age and use age as # a minor version. But, then there is irix # that has an extra 1 added just for fun # case $version_type in # correct linux to gnu/linux during the next big refactor darwin|freebsd-elf|linux|osf|windows|none) func_arith $number_major + $number_minor current=$func_arith_result age=$number_minor revision=$number_revision ;; freebsd-aout|qnx|sunos) current=$number_major revision=$number_minor age=0 ;; irix|nonstopux) func_arith $number_major + $number_minor current=$func_arith_result age=$number_minor revision=$number_minor lt_irix_increment=no ;; esac ;; no) current=$1 revision=$2 age=$3 ;; esac # Check that each of the things are valid numbers. case $current in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) func_error "CURRENT '$current' must be a nonnegative integer" func_fatal_error "'$vinfo' is not valid version information" ;; esac case $revision in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) func_error "REVISION '$revision' must be a nonnegative integer" func_fatal_error "'$vinfo' is not valid version information" ;; esac case $age in 0|[1-9]|[1-9][0-9]|[1-9][0-9][0-9]|[1-9][0-9][0-9][0-9]|[1-9][0-9][0-9][0-9][0-9]) ;; *) func_error "AGE '$age' must be a nonnegative integer" func_fatal_error "'$vinfo' is not valid version information" ;; esac if test "$age" -gt "$current"; then func_error "AGE '$age' is greater than the current interface number '$current'" func_fatal_error "'$vinfo' is not valid version information" fi # Calculate the version variables. major= versuffix= verstring= case $version_type in none) ;; darwin) # Like Linux, but with the current version available in # verstring for coding it into the library header func_arith $current - $age major=.$func_arith_result versuffix=$major.$age.$revision # Darwin ld doesn't like 0 for these options... func_arith $current + 1 minor_current=$func_arith_result xlcverstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" # On Darwin other compilers case $CC in nagfor*) verstring="$wl-compatibility_version $wl$minor_current $wl-current_version $wl$minor_current.$revision" ;; *) verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" ;; esac ;; freebsd-aout) major=.$current versuffix=.$current.$revision ;; freebsd-elf) func_arith $current - $age major=.$func_arith_result versuffix=$major.$age.$revision ;; irix | nonstopux) if test no = "$lt_irix_increment"; then func_arith $current - $age else func_arith $current - $age + 1 fi major=$func_arith_result case $version_type in nonstopux) verstring_prefix=nonstopux ;; *) verstring_prefix=sgi ;; esac verstring=$verstring_prefix$major.$revision # Add in all the interfaces that we are compatible with. loop=$revision while test 0 -ne "$loop"; do func_arith $revision - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result verstring=$verstring_prefix$major.$iface:$verstring done # Before this point, $major must not contain '.'. major=.$major versuffix=$major.$revision ;; linux) # correct to gnu/linux during the next big refactor func_arith $current - $age major=.$func_arith_result versuffix=$major.$age.$revision ;; osf) func_arith $current - $age major=.$func_arith_result versuffix=.$current.$age.$revision verstring=$current.$age.$revision # Add in all the interfaces that we are compatible with. loop=$age while test 0 -ne "$loop"; do func_arith $current - $loop iface=$func_arith_result func_arith $loop - 1 loop=$func_arith_result verstring=$verstring:$iface.0 done # Make executables depend on our current version. func_append verstring ":$current.0" ;; qnx) major=.$current versuffix=.$current ;; sco) major=.$current versuffix=.$current ;; sunos) major=.$current versuffix=.$current.$revision ;; windows) # Use '-' rather than '.', since we only want one # extension on DOS 8.3 file systems. func_arith $current - $age major=$func_arith_result versuffix=-$major ;; *) func_fatal_configuration "unknown library version type '$version_type'" ;; esac # Clear the version info if we defaulted, and they specified a release. if test -z "$vinfo" && test -n "$release"; then major= case $version_type in darwin) # we can't check for "0.0" in archive_cmds due to quoting # problems, so we reset it completely verstring= ;; *) verstring=0.0 ;; esac if test no = "$need_version"; then versuffix= else versuffix=.0.0 fi fi # Remove version info from name if versioning should be avoided if test yes,no = "$avoid_version,$need_version"; then major= versuffix= verstring= fi # Check to see if the archive will have undefined symbols. if test yes = "$allow_undefined"; then if test unsupported = "$allow_undefined_flag"; then if test yes = "$build_old_libs"; then func_warning "undefined symbols not allowed in $host shared libraries; building static only" build_libtool_libs=no else func_fatal_error "can't build $host shared library unless -no-undefined is specified" fi fi else # Don't allow undefined symbols. allow_undefined_flag=$no_undefined_flag fi fi func_generate_dlsyms "$libname" "$libname" : func_append libobjs " $symfileobj" test " " = "$libobjs" && libobjs= if test relink != "$opt_mode"; then # Remove our outputs, but don't remove object files since they # may have been created when compiling PIC objects. removelist= tempremovelist=`$ECHO "$output_objdir/*"` for p in $tempremovelist; do case $p in *.$objext | *.gcno) ;; $output_objdir/$outputname | $output_objdir/$libname.* | $output_objdir/$libname$release.*) if test -n "$precious_files_regex"; then if $ECHO "$p" | $EGREP -e "$precious_files_regex" >/dev/null 2>&1 then continue fi fi func_append removelist " $p" ;; *) ;; esac done test -n "$removelist" && \ func_show_eval "${RM}r \$removelist" fi # Now set the variables for building old libraries. if test yes = "$build_old_libs" && test convenience != "$build_libtool_libs"; then func_append oldlibs " $output_objdir/$libname.$libext" # Transform .lo files to .o files. oldobjs="$objs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; $lo2o" | $NL2SP` fi # Eliminate all temporary directories. #for path in $notinst_path; do # lib_search_path=`$ECHO "$lib_search_path " | $SED "s% $path % %g"` # deplibs=`$ECHO "$deplibs " | $SED "s% -L$path % %g"` # dependency_libs=`$ECHO "$dependency_libs " | $SED "s% -L$path % %g"` #done if test -n "$xrpath"; then # If the user specified any rpath flags, then add them. temp_xrpath= for libdir in $xrpath; do func_replace_sysroot "$libdir" func_append temp_xrpath " -R$func_replace_sysroot_result" case "$finalize_rpath " in *" $libdir "*) ;; *) func_append finalize_rpath " $libdir" ;; esac done if test yes != "$hardcode_into_libs" || test yes = "$build_old_libs"; then dependency_libs="$temp_xrpath $dependency_libs" fi fi # Make sure dlfiles contains only unique files that won't be dlpreopened old_dlfiles=$dlfiles dlfiles= for lib in $old_dlfiles; do case " $dlprefiles $dlfiles " in *" $lib "*) ;; *) func_append dlfiles " $lib" ;; esac done # Make sure dlprefiles contains only unique files old_dlprefiles=$dlprefiles dlprefiles= for lib in $old_dlprefiles; do case "$dlprefiles " in *" $lib "*) ;; *) func_append dlprefiles " $lib" ;; esac done if test yes = "$build_libtool_libs"; then if test -n "$rpath"; then case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos* | *-cegcc* | *-*-haiku*) # these systems don't actually have a c library (as such)! ;; *-*-rhapsody* | *-*-darwin1.[012]) # Rhapsody C library is in the System framework func_append deplibs " System.ltframework" ;; *-*-netbsd*) # Don't link with libc until the a.out ld.so is fixed. ;; *-*-openbsd* | *-*-freebsd* | *-*-dragonfly*) # Do not include libc due to us having libc/libc_r. ;; *-*-sco3.2v5* | *-*-sco5v6*) # Causes problems with __ctype ;; *-*-sysv4.2uw2* | *-*-sysv5* | *-*-unixware* | *-*-OpenUNIX*) # Compiler inserts libc in the correct place for threads to work ;; *) # Add libc to deplibs on all other systems if necessary. if test yes = "$build_libtool_need_lc"; then func_append deplibs " -lc" fi ;; esac fi # Transform deplibs into only deplibs that can be linked in shared. name_save=$name libname_save=$libname release_save=$release versuffix_save=$versuffix major_save=$major # I'm not sure if I'm treating the release correctly. I think # release should show up in the -l (ie -lgmp5) so we don't want to # add it in twice. Is that correct? release= versuffix= major= newdeplibs= droppeddeps=no case $deplibs_check_method in pass_all) # Don't check for shared/static. Everything works. # This might be a little naive. We might want to check # whether the library exists or not. But this is on # osf3 & osf4 and I'm not really sure... Just # implementing what was already the behavior. newdeplibs=$deplibs ;; test_compile) # This code stresses the "libraries are programs" paradigm to its # limits. Maybe even breaks it. We compile a program, linking it # against the deplibs as a proxy for the library. Then we can check # whether they linked in statically or dynamically with ldd. $opt_dry_run || $RM conftest.c cat > conftest.c </dev/null` $nocaseglob else potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` fi for potent_lib in $potential_libs; do # Follow soft links. if ls -lLd "$potent_lib" 2>/dev/null | $GREP " -> " >/dev/null; then continue fi # The statement above tries to avoid entering an # endless loop below, in case of cyclic links. # We might still enter an endless loop, since a link # loop can be closed while we follow links, # but so what? potlib=$potent_lib while test -h "$potlib" 2>/dev/null; do potliblink=`ls -ld $potlib | $SED 's/.* -> //'` case $potliblink in [\\/]* | [A-Za-z]:[\\/]*) potlib=$potliblink;; *) potlib=`$ECHO "$potlib" | $SED 's|[^/]*$||'`"$potliblink";; esac done if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | $SED -e 10q | $EGREP "$file_magic_regex" > /dev/null; then func_append newdeplibs " $a_deplib" a_deplib= break 2 fi done done fi if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for file magic test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" $ECHO "*** using a file magic. Last file checked: $potlib" fi fi ;; *) # Add a -L argument. func_append newdeplibs " $a_deplib" ;; esac done # Gone through all deplibs. ;; match_pattern*) set dummy $deplibs_check_method; shift match_pattern_regex=`expr "$deplibs_check_method" : "$1 \(.*\)"` for a_deplib in $deplibs; do case $a_deplib in -l*) func_stripname -l '' "$a_deplib" name=$func_stripname_result if test yes = "$allow_libtool_libs_with_static_runtimes"; then case " $predeps $postdeps " in *" $a_deplib "*) func_append newdeplibs " $a_deplib" a_deplib= ;; esac fi if test -n "$a_deplib"; then libname=`eval "\\$ECHO \"$libname_spec\""` for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do potential_libs=`ls $i/$libname[.-]* 2>/dev/null` for potent_lib in $potential_libs; do potlib=$potent_lib # see symlink-check above in file_magic test if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ $EGREP "$match_pattern_regex" > /dev/null; then func_append newdeplibs " $a_deplib" a_deplib= break 2 fi done done fi if test -n "$a_deplib"; then droppeddeps=yes echo $ECHO "*** Warning: linker path does not have real file for library $a_deplib." echo "*** I have the capability to make that library automatically link in when" echo "*** you link to this library. But I can only do this if you have a" echo "*** shared version of the library, which you do not appear to have" echo "*** because I did check the linker path looking for a file starting" if test -z "$potlib"; then $ECHO "*** with $libname but no candidates were found. (...for regex pattern test)" else $ECHO "*** with $libname and none of the candidates passed a file format test" $ECHO "*** using a regex pattern. Last file checked: $potlib" fi fi ;; *) # Add a -L argument. func_append newdeplibs " $a_deplib" ;; esac done # Gone through all deplibs. ;; none | unknown | *) newdeplibs= tmp_deplibs=`$ECHO " $deplibs" | $SED 's/ -lc$//; s/ -[LR][^ ]*//g'` if test yes = "$allow_libtool_libs_with_static_runtimes"; then for i in $predeps $postdeps; do # can't use Xsed below, because $i might contain '/' tmp_deplibs=`$ECHO " $tmp_deplibs" | $SED "s|$i||"` done fi case $tmp_deplibs in *[!\ \ ]*) echo if test none = "$deplibs_check_method"; then echo "*** Warning: inter-library dependencies are not supported in this platform." else echo "*** Warning: inter-library dependencies are not known to be supported." fi echo "*** All declared inter-library dependencies are being dropped." droppeddeps=yes ;; esac ;; esac versuffix=$versuffix_save major=$major_save release=$release_save libname=$libname_save name=$name_save case $host in *-*-rhapsody* | *-*-darwin1.[012]) # On Rhapsody replace the C library with the System framework newdeplibs=`$ECHO " $newdeplibs" | $SED 's/ -lc / System.ltframework /'` ;; esac if test yes = "$droppeddeps"; then if test yes = "$module"; then echo echo "*** Warning: libtool could not satisfy all declared inter-library" $ECHO "*** dependencies of module $libname. Therefore, libtool will create" echo "*** a static module, that should work as long as the dlopening" echo "*** application is linked with the -dlopen flag." if test -z "$global_symbol_pipe"; then echo echo "*** However, this would only work if libtool was able to extract symbol" echo "*** lists from a program, using 'nm' or equivalent, but libtool could" echo "*** not find such a program. So, this module is probably useless." echo "*** 'nm' from GNU binutils and a full rebuild may help." fi if test no = "$build_old_libs"; then oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else build_libtool_libs=no fi else echo "*** The inter-library dependencies that have been dropped here will be" echo "*** automatically added whenever a program is linked with this library" echo "*** or is declared to -dlopen it." if test no = "$allow_undefined"; then echo echo "*** Since this library must not contain undefined symbols," echo "*** because either the platform does not support them or" echo "*** it was explicitly requested with -no-undefined," echo "*** libtool will only create a static version of it." if test no = "$build_old_libs"; then oldlibs=$output_objdir/$libname.$libext build_libtool_libs=module build_old_libs=yes else build_libtool_libs=no fi fi fi fi # Done checking deplibs! deplibs=$newdeplibs fi # Time to change all our "foo.ltframework" stuff back to "-framework foo" case $host in *-*-darwin*) newdeplibs=`$ECHO " $newdeplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` new_inherited_linker_flags=`$ECHO " $new_inherited_linker_flags" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` deplibs=`$ECHO " $deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` ;; esac # move library search paths that coincide with paths to not yet # installed libraries to the beginning of the library search list new_libs= for path in $notinst_path; do case " $new_libs " in *" -L$path/$objdir "*) ;; *) case " $deplibs " in *" -L$path/$objdir "*) func_append new_libs " -L$path/$objdir" ;; esac ;; esac done for deplib in $deplibs; do case $deplib in -L*) case " $new_libs " in *" $deplib "*) ;; *) func_append new_libs " $deplib" ;; esac ;; *) func_append new_libs " $deplib" ;; esac done deplibs=$new_libs # All the library-specific variables (install_libdir is set above). library_names= old_library= dlname= # Test again, we may have decided not to build it any more if test yes = "$build_libtool_libs"; then # Remove $wl instances when linking with ld. # FIXME: should test the right _cmds variable. case $archive_cmds in *\$LD\ *) wl= ;; esac if test yes = "$hardcode_into_libs"; then # Hardcode the library paths hardcode_libdirs= dep_rpath= rpath=$finalize_rpath test relink = "$opt_mode" || rpath=$compile_rpath$rpath for libdir in $rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then func_replace_sysroot "$libdir" libdir=$func_replace_sysroot_result if test -z "$hardcode_libdirs"; then hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" func_append dep_rpath " $flag" fi elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; *) func_append perm_rpath " $libdir" ;; esac fi done # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir=$hardcode_libdirs eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" fi if test -n "$runpath_var" && test -n "$perm_rpath"; then # We should set the runpath_var. rpath= for dir in $perm_rpath; do func_append rpath "$dir:" done eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" fi test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" fi shlibpath=$finalize_shlibpath test relink = "$opt_mode" || shlibpath=$compile_shlibpath$shlibpath if test -n "$shlibpath"; then eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" fi # Get the real and link names of the library. eval shared_ext=\"$shrext_cmds\" eval library_names=\"$library_names_spec\" set dummy $library_names shift realname=$1 shift if test -n "$soname_spec"; then eval soname=\"$soname_spec\" else soname=$realname fi if test -z "$dlname"; then dlname=$soname fi lib=$output_objdir/$realname linknames= for link do func_append linknames " $link" done # Use standard objects if they are pic test -z "$pic_flag" && libobjs=`$ECHO "$libobjs" | $SP2NL | $SED "$lo2o" | $NL2SP` test "X$libobjs" = "X " && libobjs= delfiles= if test -n "$export_symbols" && test -n "$include_expsyms"; then $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" export_symbols=$output_objdir/$libname.uexp func_append delfiles " $export_symbols" fi orig_export_symbols= case $host_os in cygwin* | mingw* | cegcc*) if test -n "$export_symbols" && test -z "$export_symbols_regex"; then # exporting using user supplied symfile func_dll_def_p "$export_symbols" || { # and it's NOT already a .def file. Must figure out # which of the given symbols are data symbols and tag # them as such. So, trigger use of export_symbols_cmds. # export_symbols gets reassigned inside the "prepare # the list of exported symbols" if statement, so the # include_expsyms logic still works. orig_export_symbols=$export_symbols export_symbols= always_export_symbols=yes } fi ;; esac # Prepare the list of exported symbols if test -z "$export_symbols"; then if test yes = "$always_export_symbols" || test -n "$export_symbols_regex"; then func_verbose "generating symbol list for '$libname.la'" export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols cmds=$export_symbols_cmds save_ifs=$IFS; IFS='~' for cmd1 in $cmds; do IFS=$save_ifs # Take the normal branch if the nm_file_list_spec branch # doesn't work or if tool conversion is not needed. case $nm_file_list_spec~$to_tool_file_cmd in *~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*) try_normal_branch=yes eval cmd=\"$cmd1\" func_len " $cmd" len=$func_len_result ;; *) try_normal_branch=no ;; esac if test yes = "$try_normal_branch" \ && { test "$len" -lt "$max_cmd_len" \ || test "$max_cmd_len" -le -1; } then func_show_eval "$cmd" 'exit $?' skipped_export=false elif test -n "$nm_file_list_spec"; then func_basename "$output" output_la=$func_basename_result save_libobjs=$libobjs save_output=$output output=$output_objdir/$output_la.nm func_to_tool_file "$output" libobjs=$nm_file_list_spec$func_to_tool_file_result func_append delfiles " $output" func_verbose "creating $NM input file list: $output" for obj in $save_libobjs; do func_to_tool_file "$obj" $ECHO "$func_to_tool_file_result" done > "$output" eval cmd=\"$cmd1\" func_show_eval "$cmd" 'exit $?' output=$save_output libobjs=$save_libobjs skipped_export=false else # The command line is too long to execute in one step. func_verbose "using reloadable object file for export list..." skipped_export=: # Break out early, otherwise skipped_export may be # set to false by a later but shorter cmd. break fi done IFS=$save_ifs if test -n "$export_symbols_regex" && test : != "$skipped_export"; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' func_show_eval '$MV "${export_symbols}T" "$export_symbols"' fi fi fi if test -n "$export_symbols" && test -n "$include_expsyms"; then tmp_export_symbols=$export_symbols test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi if test : != "$skipped_export" && test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter func_append delfiles " $export_symbols $output_objdir/$libname.filter" export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi tmp_deplibs= for test_deplib in $deplibs; do case " $convenience " in *" $test_deplib "*) ;; *) func_append tmp_deplibs " $test_deplib" ;; esac done deplibs=$tmp_deplibs if test -n "$convenience"; then if test -n "$whole_archive_flag_spec" && test yes = "$compiler_needs_object" && test -z "$libobjs"; then # extract the archives, so we have objects to list. # TODO: could optimize this to just extract one archive. whole_archive_flag_spec= fi if test -n "$whole_archive_flag_spec"; then save_libobjs=$libobjs eval libobjs=\"\$libobjs $whole_archive_flag_spec\" test "X$libobjs" = "X " && libobjs= else gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $convenience func_append libobjs " $func_extract_archives_result" test "X$libobjs" = "X " && libobjs= fi fi if test yes = "$thread_safe" && test -n "$thread_safe_flag_spec"; then eval flag=\"$thread_safe_flag_spec\" func_append linker_flags " $flag" fi # Make a backup of the uninstalled library when relinking if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? fi # Do each of the archive commands. if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then eval test_cmds=\"$module_expsym_cmds\" cmds=$module_expsym_cmds else eval test_cmds=\"$module_cmds\" cmds=$module_cmds fi else if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then eval test_cmds=\"$archive_expsym_cmds\" cmds=$archive_expsym_cmds else eval test_cmds=\"$archive_cmds\" cmds=$archive_cmds fi fi if test : != "$skipped_export" && func_len " $test_cmds" && len=$func_len_result && test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then : else # The command line is too long to link in one step, link piecewise # or, if using GNU ld and skipped_export is not :, use a linker # script. # Save the value of $output and $libobjs because we want to # use them later. If we have whole_archive_flag_spec, we # want to use save_libobjs as it was before # whole_archive_flag_spec was expanded, because we can't # assume the linker understands whole_archive_flag_spec. # This may have to be revisited, in case too many # convenience libraries get linked in and end up exceeding # the spec. if test -z "$convenience" || test -z "$whole_archive_flag_spec"; then save_libobjs=$libobjs fi save_output=$output func_basename "$output" output_la=$func_basename_result # Clear the reloadable object creation command queue and # initialize k to one. test_cmds= concat_cmds= objlist= last_robj= k=1 if test -n "$save_libobjs" && test : != "$skipped_export" && test yes = "$with_gnu_ld"; then output=$output_objdir/$output_la.lnkscript func_verbose "creating GNU ld script: $output" echo 'INPUT (' > $output for obj in $save_libobjs do func_to_tool_file "$obj" $ECHO "$func_to_tool_file_result" >> $output done echo ')' >> $output func_append delfiles " $output" func_to_tool_file "$output" output=$func_to_tool_file_result elif test -n "$save_libobjs" && test : != "$skipped_export" && test -n "$file_list_spec"; then output=$output_objdir/$output_la.lnk func_verbose "creating linker input file list: $output" : > $output set x $save_libobjs shift firstobj= if test yes = "$compiler_needs_object"; then firstobj="$1 " shift fi for obj do func_to_tool_file "$obj" $ECHO "$func_to_tool_file_result" >> $output done func_append delfiles " $output" func_to_tool_file "$output" output=$firstobj\"$file_list_spec$func_to_tool_file_result\" else if test -n "$save_libobjs"; then func_verbose "creating reloadable object files..." output=$output_objdir/$output_la-$k.$objext eval test_cmds=\"$reload_cmds\" func_len " $test_cmds" len0=$func_len_result len=$len0 # Loop over the list of objects to be linked. for obj in $save_libobjs do func_len " $obj" func_arith $len + $func_len_result len=$func_arith_result if test -z "$objlist" || test "$len" -lt "$max_cmd_len"; then func_append objlist " $obj" else # The command $test_cmds is almost too long, add a # command to the queue. if test 1 -eq "$k"; then # The first file doesn't have a previous command to add. reload_objs=$objlist eval concat_cmds=\"$reload_cmds\" else # All subsequent reloadable object files will link in # the last one created. reload_objs="$objlist $last_robj" eval concat_cmds=\"\$concat_cmds~$reload_cmds~\$RM $last_robj\" fi last_robj=$output_objdir/$output_la-$k.$objext func_arith $k + 1 k=$func_arith_result output=$output_objdir/$output_la-$k.$objext objlist=" $obj" func_len " $last_robj" func_arith $len0 + $func_len_result len=$func_arith_result fi done # Handle the remaining objects by creating one last # reloadable object file. All subsequent reloadable object # files will link in the last one created. test -z "$concat_cmds" || concat_cmds=$concat_cmds~ reload_objs="$objlist $last_robj" eval concat_cmds=\"\$concat_cmds$reload_cmds\" if test -n "$last_robj"; then eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi func_append delfiles " $output" else output= fi ${skipped_export-false} && { func_verbose "generating symbol list for '$libname.la'" export_symbols=$output_objdir/$libname.exp $opt_dry_run || $RM $export_symbols libobjs=$output # Append the command to create the export file. test -z "$concat_cmds" || concat_cmds=$concat_cmds~ eval concat_cmds=\"\$concat_cmds$export_symbols_cmds\" if test -n "$last_robj"; then eval concat_cmds=\"\$concat_cmds~\$RM $last_robj\" fi } test -n "$save_libobjs" && func_verbose "creating a temporary reloadable object file: $output" # Loop through the commands generated above and execute them. save_ifs=$IFS; IFS='~' for cmd in $concat_cmds; do IFS=$save_ifs $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } $opt_dry_run || eval "$cmd" || { lt_exit=$? # Restore the uninstalled library and exit if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) fi exit $lt_exit } done IFS=$save_ifs if test -n "$export_symbols_regex" && ${skipped_export-false}; then func_show_eval '$EGREP -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' func_show_eval '$MV "${export_symbols}T" "$export_symbols"' fi fi ${skipped_export-false} && { if test -n "$export_symbols" && test -n "$include_expsyms"; then tmp_export_symbols=$export_symbols test -n "$orig_export_symbols" && tmp_export_symbols=$orig_export_symbols $opt_dry_run || eval '$ECHO "$include_expsyms" | $SP2NL >> "$tmp_export_symbols"' fi if test -n "$orig_export_symbols"; then # The given exports_symbols file has to be filtered, so filter it. func_verbose "filter symbol list for '$libname.la' to tag DATA exports" # FIXME: $output_objdir/$libname.filter potentially contains lots of # 's' commands, which not all seds can handle. GNU sed should be fine # though. Also, the filter scales superlinearly with the number of # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter func_append delfiles " $export_symbols $output_objdir/$libname.filter" export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi } libobjs=$output # Restore the value of output. output=$save_output if test -n "$convenience" && test -n "$whole_archive_flag_spec"; then eval libobjs=\"\$libobjs $whole_archive_flag_spec\" test "X$libobjs" = "X " && libobjs= fi # Expand the library linking commands again to reset the # value of $libobjs for piecewise linking. # Do each of the archive commands. if test yes = "$module" && test -n "$module_cmds"; then if test -n "$export_symbols" && test -n "$module_expsym_cmds"; then cmds=$module_expsym_cmds else cmds=$module_cmds fi else if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then cmds=$archive_expsym_cmds else cmds=$archive_cmds fi fi fi if test -n "$delfiles"; then # Append the command to remove temporary files to $cmds. eval cmds=\"\$cmds~\$RM $delfiles\" fi # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles func_append libobjs " $func_extract_archives_result" test "X$libobjs" = "X " && libobjs= fi save_ifs=$IFS; IFS='~' for cmd in $cmds; do IFS=$sp$nl eval cmd=\"$cmd\" IFS=$save_ifs $opt_quiet || { func_quote_for_expand "$cmd" eval "func_echo $func_quote_for_expand_result" } $opt_dry_run || eval "$cmd" || { lt_exit=$? # Restore the uninstalled library and exit if test relink = "$opt_mode"; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) fi exit $lt_exit } done IFS=$save_ifs # Restore the uninstalled library and exit if test relink = "$opt_mode"; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? if test -n "$convenience"; then if test -z "$whole_archive_flag_spec"; then func_show_eval '${RM}r "$gentop"' fi fi exit $EXIT_SUCCESS fi # Create links to the real library. for linkname in $linknames; do if test "$realname" != "$linkname"; then func_show_eval '(cd "$output_objdir" && $RM "$linkname" && $LN_S "$realname" "$linkname")' 'exit $?' fi done # If -module or -export-dynamic was specified, set the dlname. if test yes = "$module" || test yes = "$export_dynamic"; then # On all known operating systems, these are identical. dlname=$soname fi fi ;; obj) if test -n "$dlfiles$dlprefiles" || test no != "$dlself"; then func_warning "'-dlopen' is ignored for objects" fi case " $deplibs" in *\ -l* | *\ -L*) func_warning "'-l' and '-L' are ignored for objects" ;; esac test -n "$rpath" && \ func_warning "'-rpath' is ignored for objects" test -n "$xrpath" && \ func_warning "'-R' is ignored for objects" test -n "$vinfo" && \ func_warning "'-version-info' is ignored for objects" test -n "$release" && \ func_warning "'-release' is ignored for objects" case $output in *.lo) test -n "$objs$old_deplibs" && \ func_fatal_error "cannot build library object '$output' from non-libtool objects" libobj=$output func_lo2o "$libobj" obj=$func_lo2o_result ;; *) libobj= obj=$output ;; esac # Delete the old objects. $opt_dry_run || $RM $obj $libobj # Objects from convenience libraries. This assumes # single-version convenience libraries. Whenever we create # different ones for PIC/non-PIC, this we'll have to duplicate # the extraction. reload_conv_objs= gentop= # if reload_cmds runs $LD directly, get rid of -Wl from # whole_archive_flag_spec and hope we can get by with turning comma # into space. case $reload_cmds in *\$LD[\ \$]*) wl= ;; esac if test -n "$convenience"; then if test -n "$whole_archive_flag_spec"; then eval tmp_whole_archive_flags=\"$whole_archive_flag_spec\" test -n "$wl" || tmp_whole_archive_flags=`$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` reload_conv_objs=$reload_objs\ $tmp_whole_archive_flags else gentop=$output_objdir/${obj}x func_append generated " $gentop" func_extract_archives $gentop $convenience reload_conv_objs="$reload_objs $func_extract_archives_result" fi fi # If we're not building shared, we need to use non_pic_objs test yes = "$build_libtool_libs" || libobjs=$non_pic_objects # Create the old-style object. reload_objs=$objs$old_deplibs' '`$ECHO "$libobjs" | $SP2NL | $SED "/\.$libext$/d; /\.lib$/d; $lo2o" | $NL2SP`' '$reload_conv_objs output=$obj func_execute_cmds "$reload_cmds" 'exit $?' # Exit if we aren't doing a library object file. if test -z "$libobj"; then if test -n "$gentop"; then func_show_eval '${RM}r "$gentop"' fi exit $EXIT_SUCCESS fi test yes = "$build_libtool_libs" || { if test -n "$gentop"; then func_show_eval '${RM}r "$gentop"' fi # Create an invalid libtool object if no PIC, so that we don't # accidentally link it into a program. # $show "echo timestamp > $libobj" # $opt_dry_run || eval "echo timestamp > $libobj" || exit $? exit $EXIT_SUCCESS } if test -n "$pic_flag" || test default != "$pic_mode"; then # Only do commands if we really have different PIC objects. reload_objs="$libobjs $reload_conv_objs" output=$libobj func_execute_cmds "$reload_cmds" 'exit $?' fi if test -n "$gentop"; then func_show_eval '${RM}r "$gentop"' fi exit $EXIT_SUCCESS ;; prog) case $host in *cygwin*) func_stripname '' '.exe' "$output" output=$func_stripname_result.exe;; esac test -n "$vinfo" && \ func_warning "'-version-info' is ignored for programs" test -n "$release" && \ func_warning "'-release' is ignored for programs" $preload \ && test unknown,unknown,unknown = "$dlopen_support,$dlopen_self,$dlopen_self_static" \ && func_warning "'LT_INIT([dlopen])' not used. Assuming no dlopen support." case $host in *-*-rhapsody* | *-*-darwin1.[012]) # On Rhapsody replace the C library is the System framework compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's/ -lc / System.ltframework /'` finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's/ -lc / System.ltframework /'` ;; esac case $host in *-*-darwin*) # Don't allow lazy linking, it breaks C++ global constructors # But is supposedly fixed on 10.4 or later (yay!). if test CXX = "$tagname"; then case ${MACOSX_DEPLOYMENT_TARGET-10.0} in 10.[0123]) func_append compile_command " $wl-bind_at_load" func_append finalize_command " $wl-bind_at_load" ;; esac fi # Time to change all our "foo.ltframework" stuff back to "-framework foo" compile_deplibs=`$ECHO " $compile_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` finalize_deplibs=`$ECHO " $finalize_deplibs" | $SED 's% \([^ $]*\).ltframework% -framework \1%g'` ;; esac # move library search paths that coincide with paths to not yet # installed libraries to the beginning of the library search list new_libs= for path in $notinst_path; do case " $new_libs " in *" -L$path/$objdir "*) ;; *) case " $compile_deplibs " in *" -L$path/$objdir "*) func_append new_libs " -L$path/$objdir" ;; esac ;; esac done for deplib in $compile_deplibs; do case $deplib in -L*) case " $new_libs " in *" $deplib "*) ;; *) func_append new_libs " $deplib" ;; esac ;; *) func_append new_libs " $deplib" ;; esac done compile_deplibs=$new_libs func_append compile_command " $compile_deplibs" func_append finalize_command " $finalize_deplibs" if test -n "$rpath$xrpath"; then # If the user specified any rpath flags, then add them. for libdir in $rpath $xrpath; do # This is the magic to use -rpath. case "$finalize_rpath " in *" $libdir "*) ;; *) func_append finalize_rpath " $libdir" ;; esac done fi # Now hardcode the library paths rpath= hardcode_libdirs= for libdir in $compile_rpath $finalize_rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" func_append rpath " $flag" fi elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; *) func_append perm_rpath " $libdir" ;; esac fi case $host in *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-cegcc*) testbindir=`$ECHO "$libdir" | $SED -e 's*/lib$*/bin*'` case :$dllsearchpath: in *":$libdir:"*) ;; ::) dllsearchpath=$libdir;; *) func_append dllsearchpath ":$libdir";; esac case :$dllsearchpath: in *":$testbindir:"*) ;; ::) dllsearchpath=$testbindir;; *) func_append dllsearchpath ":$testbindir";; esac ;; esac done # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi compile_rpath=$rpath rpath= hardcode_libdirs= for libdir in $finalize_rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then if test -z "$hardcode_libdirs"; then hardcode_libdirs=$libdir else # Just accumulate the unique libdirs. case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" func_append rpath " $flag" fi elif test -n "$runpath_var"; then case "$finalize_perm_rpath " in *" $libdir "*) ;; *) func_append finalize_perm_rpath " $libdir" ;; esac fi done # Substitute the hardcoded libdirs into the rpath. if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir=$hardcode_libdirs eval rpath=\" $hardcode_libdir_flag_spec\" fi finalize_rpath=$rpath if test -n "$libobjs" && test yes = "$build_old_libs"; then # Transform all the library objects into standard objects. compile_command=`$ECHO "$compile_command" | $SP2NL | $SED "$lo2o" | $NL2SP` finalize_command=`$ECHO "$finalize_command" | $SP2NL | $SED "$lo2o" | $NL2SP` fi func_generate_dlsyms "$outputname" "@PROGRAM@" false # template prelinking step if test -n "$prelink_cmds"; then func_execute_cmds "$prelink_cmds" 'exit $?' fi wrappers_required=: case $host in *cegcc* | *mingw32ce*) # Disable wrappers for cegcc and mingw32ce hosts, we are cross compiling anyway. wrappers_required=false ;; *cygwin* | *mingw* ) test yes = "$build_libtool_libs" || wrappers_required=false ;; *) if test no = "$need_relink" || test yes != "$build_libtool_libs"; then wrappers_required=false fi ;; esac $wrappers_required || { # Replace the output file specification. compile_command=`$ECHO "$compile_command" | $SED 's%@OUTPUT@%'"$output"'%g'` link_command=$compile_command$compile_rpath # We have no uninstalled library dependencies, so finalize right now. exit_status=0 func_show_eval "$link_command" 'exit_status=$?' if test -n "$postlink_cmds"; then func_to_tool_file "$output" postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` func_execute_cmds "$postlink_cmds" 'exit $?' fi # Delete the generated files. if test -f "$output_objdir/${outputname}S.$objext"; then func_show_eval '$RM "$output_objdir/${outputname}S.$objext"' fi exit $exit_status } if test -n "$compile_shlibpath$finalize_shlibpath"; then compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" fi if test -n "$finalize_shlibpath"; then finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command" fi compile_var= finalize_var= if test -n "$runpath_var"; then if test -n "$perm_rpath"; then # We should set the runpath_var. rpath= for dir in $perm_rpath; do func_append rpath "$dir:" done compile_var="$runpath_var=\"$rpath\$$runpath_var\" " fi if test -n "$finalize_perm_rpath"; then # We should set the runpath_var. rpath= for dir in $finalize_perm_rpath; do func_append rpath "$dir:" done finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " fi fi if test yes = "$no_install"; then # We don't need to create a wrapper script. link_command=$compile_var$compile_command$compile_rpath # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output"'%g'` # Delete the old output file. $opt_dry_run || $RM $output # Link the executable and exit func_show_eval "$link_command" 'exit $?' if test -n "$postlink_cmds"; then func_to_tool_file "$output" postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` func_execute_cmds "$postlink_cmds" 'exit $?' fi exit $EXIT_SUCCESS fi case $hardcode_action,$fast_install in relink,*) # Fast installation is not supported link_command=$compile_var$compile_command$compile_rpath relink_command=$finalize_var$finalize_command$finalize_rpath func_warning "this platform does not like uninstalled shared libraries" func_warning "'$output' will be relinked during installation" ;; *,yes) link_command=$finalize_var$compile_command$finalize_rpath relink_command=`$ECHO "$compile_var$compile_command$compile_rpath" | $SED 's%@OUTPUT@%\$progdir/\$file%g'` ;; *,no) link_command=$compile_var$compile_command$compile_rpath relink_command=$finalize_var$finalize_command$finalize_rpath ;; *,needless) link_command=$finalize_var$compile_command$finalize_rpath relink_command= ;; esac # Replace the output file specification. link_command=`$ECHO "$link_command" | $SED 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` # Delete the old output files. $opt_dry_run || $RM $output $output_objdir/$outputname $output_objdir/lt-$outputname func_show_eval "$link_command" 'exit $?' if test -n "$postlink_cmds"; then func_to_tool_file "$output_objdir/$outputname" postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` func_execute_cmds "$postlink_cmds" 'exit $?' fi # Now create the wrapper script. func_verbose "creating $output" # Quote the relink command for shipping. if test -n "$relink_command"; then # Preserve any variables that may affect compiler behavior for var in $variables_saved_for_relink; do if eval test -z \"\${$var+set}\"; then relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" elif eval var_value=\$$var; test -z "$var_value"; then relink_command="$var=; export $var; $relink_command" else func_quote_for_eval "$var_value" relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" fi done relink_command="(cd `pwd`; $relink_command)" relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` fi # Only actually do things if not in dry run mode. $opt_dry_run || { # win32 will think the script is a binary if it has # a .exe suffix, so we strip it off here. case $output in *.exe) func_stripname '' '.exe' "$output" output=$func_stripname_result ;; esac # test for cygwin because mv fails w/o .exe extensions case $host in *cygwin*) exeext=.exe func_stripname '' '.exe' "$outputname" outputname=$func_stripname_result ;; *) exeext= ;; esac case $host in *cygwin* | *mingw* ) func_dirname_and_basename "$output" "" "." output_name=$func_basename_result output_path=$func_dirname_result cwrappersource=$output_path/$objdir/lt-$output_name.c cwrapper=$output_path/$output_name.exe $RM $cwrappersource $cwrapper trap "$RM $cwrappersource $cwrapper; exit $EXIT_FAILURE" 1 2 15 func_emit_cwrapperexe_src > $cwrappersource # The wrapper executable is built using the $host compiler, # because it contains $host paths and files. If cross- # compiling, it, like the target executable, must be # executed on the $host or under an emulation environment. $opt_dry_run || { $LTCC $LTCFLAGS -o $cwrapper $cwrappersource $STRIP $cwrapper } # Now, create the wrapper script for func_source use: func_ltwrapper_scriptname $cwrapper $RM $func_ltwrapper_scriptname_result trap "$RM $func_ltwrapper_scriptname_result; exit $EXIT_FAILURE" 1 2 15 $opt_dry_run || { # note: this script will not be executed, so do not chmod. if test "x$build" = "x$host"; then $cwrapper --lt-dump-script > $func_ltwrapper_scriptname_result else func_emit_wrapper no > $func_ltwrapper_scriptname_result fi } ;; * ) $RM $output trap "$RM $output; exit $EXIT_FAILURE" 1 2 15 func_emit_wrapper no > $output chmod +x $output ;; esac } exit $EXIT_SUCCESS ;; esac # See if we need to build an old-fashioned archive. for oldlib in $oldlibs; do case $build_libtool_libs in convenience) oldobjs="$libobjs_save $symfileobj" addlibs=$convenience build_libtool_libs=no ;; module) oldobjs=$libobjs_save addlibs=$old_convenience build_libtool_libs=no ;; *) oldobjs="$old_deplibs $non_pic_objects" $preload && test -f "$symfileobj" \ && func_append oldobjs " $symfileobj" addlibs=$old_convenience ;; esac if test -n "$addlibs"; then gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $addlibs func_append oldobjs " $func_extract_archives_result" fi # Do each command in the archive commands. if test -n "$old_archive_from_new_cmds" && test yes = "$build_libtool_libs"; then cmds=$old_archive_from_new_cmds else # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_extract_archives $gentop $dlprefiles func_append oldobjs " $func_extract_archives_result" fi # POSIX demands no paths to be encoded in archives. We have # to avoid creating archives with duplicate basenames if we # might have to extract them afterwards, e.g., when creating a # static archive out of a convenience library, or when linking # the entirety of a libtool archive into another (currently # not supported by libtool). if (for obj in $oldobjs do func_basename "$obj" $ECHO "$func_basename_result" done | sort | sort -uc >/dev/null 2>&1); then : else echo "copying selected object files to avoid basename conflicts..." gentop=$output_objdir/${outputname}x func_append generated " $gentop" func_mkdir_p "$gentop" save_oldobjs=$oldobjs oldobjs= counter=1 for obj in $save_oldobjs do func_basename "$obj" objbase=$func_basename_result case " $oldobjs " in " ") oldobjs=$obj ;; *[\ /]"$objbase "*) while :; do # Make sure we don't pick an alternate name that also # overlaps. newobj=lt$counter-$objbase func_arith $counter + 1 counter=$func_arith_result case " $oldobjs " in *[\ /]"$newobj "*) ;; *) if test ! -f "$gentop/$newobj"; then break; fi ;; esac done func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj" func_append oldobjs " $gentop/$newobj" ;; *) func_append oldobjs " $obj" ;; esac done fi func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 tool_oldlib=$func_to_tool_file_result eval cmds=\"$old_archive_cmds\" func_len " $cmds" len=$func_len_result if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then cmds=$old_archive_cmds elif test -n "$archiver_list_spec"; then func_verbose "using command file archive linking..." for obj in $oldobjs do func_to_tool_file "$obj" $ECHO "$func_to_tool_file_result" done > $output_objdir/$libname.libcmd func_to_tool_file "$output_objdir/$libname.libcmd" oldobjs=" $archiver_list_spec$func_to_tool_file_result" cmds=$old_archive_cmds else # the command line is too long to link in one step, link in parts func_verbose "using piecewise archive linking..." save_RANLIB=$RANLIB RANLIB=: objlist= concat_cmds= save_oldobjs=$oldobjs oldobjs= # Is there a better way of finding the last object in the list? for obj in $save_oldobjs do last_oldobj=$obj done eval test_cmds=\"$old_archive_cmds\" func_len " $test_cmds" len0=$func_len_result len=$len0 for obj in $save_oldobjs do func_len " $obj" func_arith $len + $func_len_result len=$func_arith_result func_append objlist " $obj" if test "$len" -lt "$max_cmd_len"; then : else # the above command should be used before it gets too long oldobjs=$objlist if test "$obj" = "$last_oldobj"; then RANLIB=$save_RANLIB fi test -z "$concat_cmds" || concat_cmds=$concat_cmds~ eval concat_cmds=\"\$concat_cmds$old_archive_cmds\" objlist= len=$len0 fi done RANLIB=$save_RANLIB oldobjs=$objlist if test -z "$oldobjs"; then eval cmds=\"\$concat_cmds\" else eval cmds=\"\$concat_cmds~\$old_archive_cmds\" fi fi fi func_execute_cmds "$cmds" 'exit $?' done test -n "$generated" && \ func_show_eval "${RM}r$generated" # Now create the libtool archive. case $output in *.la) old_library= test yes = "$build_old_libs" && old_library=$libname.$libext func_verbose "creating $output" # Preserve any variables that may affect compiler behavior for var in $variables_saved_for_relink; do if eval test -z \"\${$var+set}\"; then relink_command="{ test -z \"\${$var+set}\" || $lt_unset $var || { $var=; export $var; }; }; $relink_command" elif eval var_value=\$$var; test -z "$var_value"; then relink_command="$var=; export $var; $relink_command" else func_quote_for_eval "$var_value" relink_command="$var=$func_quote_for_eval_result; export $var; $relink_command" fi done # Quote the link command for shipping. relink_command="(cd `pwd`; $SHELL \"$progpath\" $preserve_args --mode=relink $libtool_args @inst_prefix_dir@)" relink_command=`$ECHO "$relink_command" | $SED "$sed_quote_subst"` if test yes = "$hardcode_automatic"; then relink_command= fi # Only create the output if not a dry run. $opt_dry_run || { for installed in no yes; do if test yes = "$installed"; then if test -z "$install_libdir"; then break fi output=$output_objdir/${outputname}i # Replace all uninstalled libtool libraries with the installed ones newdependency_libs= for deplib in $dependency_libs; do case $deplib in *.la) func_basename "$deplib" name=$func_basename_result func_resolve_sysroot "$deplib" eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` test -z "$libdir" && \ func_fatal_error "'$deplib' is not a valid libtool archive" func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" ;; -L*) func_stripname -L '' "$deplib" func_replace_sysroot "$func_stripname_result" func_append newdependency_libs " -L$func_replace_sysroot_result" ;; -R*) func_stripname -R '' "$deplib" func_replace_sysroot "$func_stripname_result" func_append newdependency_libs " -R$func_replace_sysroot_result" ;; *) func_append newdependency_libs " $deplib" ;; esac done dependency_libs=$newdependency_libs newdlfiles= for lib in $dlfiles; do case $lib in *.la) func_basename "$lib" name=$func_basename_result eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" ;; *) func_append newdlfiles " $lib" ;; esac done dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in *.la) # Only pass preopened files to the pseudo-archive (for # eventual linking with the app. that links it) if we # didn't already link the preopened objects directly into # the library: func_basename "$lib" name=$func_basename_result eval libdir=`$SED -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ func_fatal_error "'$lib' is not a valid libtool archive" func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" ;; esac done dlprefiles=$newdlprefiles else newdlfiles= for lib in $dlfiles; do case $lib in [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlfiles " $abs" done dlfiles=$newdlfiles newdlprefiles= for lib in $dlprefiles; do case $lib in [\\/]* | [A-Za-z]:[\\/]*) abs=$lib ;; *) abs=`pwd`"/$lib" ;; esac func_append newdlprefiles " $abs" done dlprefiles=$newdlprefiles fi $RM $output # place dlname in correct position for cygwin # In fact, it would be nice if we could use this code for all target # systems that can't hard-code library paths into their executables # and that have no shared library path variable independent of PATH, # but it turns out we can't easily determine that from inspecting # libtool variables, so we have to hard-code the OSs to which it # applies here; at the moment, that means platforms that use the PE # object format with DLL files. See the long comment at the top of # tests/bindir.at for full details. tdlname=$dlname case $host,$output,$installed,$module,$dlname in *cygwin*,*lai,yes,no,*.dll | *mingw*,*lai,yes,no,*.dll | *cegcc*,*lai,yes,no,*.dll) # If a -bindir argument was supplied, place the dll there. if test -n "$bindir"; then func_relative_path "$install_libdir" "$bindir" tdlname=$func_relative_path_result/$dlname else # Otherwise fall back on heuristic. tdlname=../bin/$dlname fi ;; esac $ECHO > $output "\ # $outputname - a libtool library file # Generated by $PROGRAM (GNU $PACKAGE) $VERSION # # Please DO NOT delete this file! # It is necessary for linking the library. # The name that we can dlopen(3). dlname='$tdlname' # Names of this library. library_names='$library_names' # The name of the static archive. old_library='$old_library' # Linker flags that cannot go in dependency_libs. inherited_linker_flags='$new_inherited_linker_flags' # Libraries that this one depends upon. dependency_libs='$dependency_libs' # Names of additional weak libraries provided by this library weak_library_names='$weak_libs' # Version information for $libname. current=$current age=$age revision=$revision # Is this an already installed library? installed=$installed # Should we warn about portability when linking against -modules? shouldnotlink=$module # Files to dlopen/dlpreopen dlopen='$dlfiles' dlpreopen='$dlprefiles' # Directory that this library needs to be installed in: libdir='$install_libdir'" if test no,yes = "$installed,$need_relink"; then $ECHO >> $output "\ relink_command=\"$relink_command\"" fi done } # Do a symbolic link so that the libtool archive can be found in # LD_LIBRARY_PATH before the program is installed. func_show_eval '( cd "$output_objdir" && $RM "$outputname" && $LN_S "../$outputname" "$outputname" )' 'exit $?' ;; esac exit $EXIT_SUCCESS } if test link = "$opt_mode" || test relink = "$opt_mode"; then func_mode_link ${1+"$@"} fi # func_mode_uninstall arg... func_mode_uninstall () { $debug_cmd RM=$nonopt files= rmforce=false exit_status=0 # This variable tells wrapper scripts just to set variables rather # than running their programs. libtool_install_magic=$magic for arg do case $arg in -f) func_append RM " $arg"; rmforce=: ;; -*) func_append RM " $arg" ;; *) func_append files " $arg" ;; esac done test -z "$RM" && \ func_fatal_help "you must specify an RM program" rmdirs= for file in $files; do func_dirname "$file" "" "." dir=$func_dirname_result if test . = "$dir"; then odir=$objdir else odir=$dir/$objdir fi func_basename "$file" name=$func_basename_result test uninstall = "$opt_mode" && odir=$dir # Remember odir for removal later, being careful to avoid duplicates if test clean = "$opt_mode"; then case " $rmdirs " in *" $odir "*) ;; *) func_append rmdirs " $odir" ;; esac fi # Don't error if the file doesn't exist and rm -f was used. if { test -L "$file"; } >/dev/null 2>&1 || { test -h "$file"; } >/dev/null 2>&1 || test -f "$file"; then : elif test -d "$file"; then exit_status=1 continue elif $rmforce; then continue fi rmfiles=$file case $name in *.la) # Possibly a libtool archive, so verify it. if func_lalib_p "$file"; then func_source $dir/$name # Delete the libtool libraries and symlinks. for n in $library_names; do func_append rmfiles " $odir/$n" done test -n "$old_library" && func_append rmfiles " $odir/$old_library" case $opt_mode in clean) case " $library_names " in *" $dlname "*) ;; *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;; esac test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i" ;; uninstall) if test -n "$library_names"; then # Do each command in the postuninstall commands. func_execute_cmds "$postuninstall_cmds" '$rmforce || exit_status=1' fi if test -n "$old_library"; then # Do each command in the old_postuninstall commands. func_execute_cmds "$old_postuninstall_cmds" '$rmforce || exit_status=1' fi # FIXME: should reinstall the best remaining shared library. ;; esac fi ;; *.lo) # Possibly a libtool object, so verify it. if func_lalib_p "$file"; then # Read the .lo file func_source $dir/$name # Add PIC object to the list of files to remove. if test -n "$pic_object" && test none != "$pic_object"; then func_append rmfiles " $dir/$pic_object" fi # Add non-PIC object to the list of files to remove. if test -n "$non_pic_object" && test none != "$non_pic_object"; then func_append rmfiles " $dir/$non_pic_object" fi fi ;; *) if test clean = "$opt_mode"; then noexename=$name case $file in *.exe) func_stripname '' '.exe' "$file" file=$func_stripname_result func_stripname '' '.exe' "$name" noexename=$func_stripname_result # $file with .exe has already been added to rmfiles, # add $file without .exe func_append rmfiles " $file" ;; esac # Do a test to see if this is a libtool program. if func_ltwrapper_p "$file"; then if func_ltwrapper_executable_p "$file"; then func_ltwrapper_scriptname "$file" relink_command= func_source $func_ltwrapper_scriptname_result func_append rmfiles " $func_ltwrapper_scriptname_result" else relink_command= func_source $dir/$noexename fi # note $name still contains .exe if it was in $file originally # as does the version of $file that was added into $rmfiles func_append rmfiles " $odir/$name $odir/${name}S.$objext" if test yes = "$fast_install" && test -n "$relink_command"; then func_append rmfiles " $odir/lt-$name" fi if test "X$noexename" != "X$name"; then func_append rmfiles " $odir/lt-$noexename.c" fi fi fi ;; esac func_show_eval "$RM $rmfiles" 'exit_status=1' done # Try to remove the $objdir's in the directories where we deleted files for dir in $rmdirs; do if test -d "$dir"; then func_show_eval "rmdir $dir >/dev/null 2>&1" fi done exit $exit_status } if test uninstall = "$opt_mode" || test clean = "$opt_mode"; then func_mode_uninstall ${1+"$@"} fi test -z "$opt_mode" && { help=$generic_help func_fatal_help "you must specify a MODE" } test -z "$exec_cmd" && \ func_fatal_help "invalid operation mode '$opt_mode'" if test -n "$exec_cmd"; then eval exec "$exec_cmd" exit $EXIT_FAILURE fi exit $exit_status # The TAGs below are defined such that we never get into a situation # where we disable both kinds of libraries. Given conflicting # choices, we go for a static library, that is the most portable, # since we can't tell whether shared libraries were disabled because # the user asked for that or because the platform doesn't support # them. This is particularly important on AIX, because we don't # support having both static and shared libraries enabled at the same # time on that platform, so we default to a shared-only configuration. # If a disable-shared tag is given, we'll fallback to a static-only # configuration. But we'll never go from static-only to shared-only. # ### BEGIN LIBTOOL TAG CONFIG: disable-shared build_libtool_libs=no build_old_libs=yes # ### END LIBTOOL TAG CONFIG: disable-shared # ### BEGIN LIBTOOL TAG CONFIG: disable-static build_old_libs=`case $build_libtool_libs in yes) echo no;; *) echo yes;; esac` # ### END LIBTOOL TAG CONFIG: disable-static # Local Variables: # mode:shell-script # sh-indentation:2 # End: opendnssec-2.1.5/config.sub0000755000202300020240000010645513560311314012561 00000000000000#! /bin/sh # Configuration validation subroutine script. # Copyright 1992-2018 Free Software Foundation, Inc. timestamp='2018-03-08' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that # program. This Exception is an additional permission under section 7 # of the GNU General Public License, version 3 ("GPLv3"). # Please send patches to . # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. # You can get the latest version of this script from: # https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. # Each package is responsible for reporting which valid configurations # it does not support. The user should be able to distinguish # a failure to support a valid configuration from a meaningless # configuration. # The goal of this file is to map all the various variations of a given # machine specification into a single specification in the form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM # or in some cases, the newer four-part form: # CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM # It is wrong to echo any other type of specification. me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] CPU-MFR-OPSYS or ALIAS Canonicalize a configuration name. Options: -h, --help print this help, then exit -t, --time-stamp print date of last modification, then exit -v, --version print version number, then exit Report bugs and patches to ." version="\ GNU config.sub ($timestamp) Copyright 1992-2018 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" Try \`$me --help' for more information." # Parse command line while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) echo "$timestamp" ; exit ;; --version | -v ) echo "$version" ; exit ;; --help | --h* | -h ) echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. break ;; -* ) echo "$me: invalid option $1$help" exit 1 ;; *local*) # First pass through any local machine types. echo "$1" exit ;; * ) break ;; esac done case $# in 0) echo "$me: missing argument$help" >&2 exit 1;; 1) ;; *) echo "$me: too many arguments$help" >&2 exit 1;; esac # Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \ kopensolaris*-gnu* | cloudabi*-eabi* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; android-linux) os=-linux-android basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown ;; *) basic_machine=`echo "$1" | sed 's/-[^-]*$//'` if [ "$basic_machine" != "$1" ] then os=`echo "$1" | sed 's/.*-/-/'` else os=; fi ;; esac ### Let's recognize common machines as not being operating systems so ### that things like config.sub decstation-3100 work. We also ### recognize some manufacturers as not being operating systems, so we ### can provide default operating systems below. case $os in -sun*os*) # Prevent following clause from handling this invalid input. ;; -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; -bluegene*) os=-cnk ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 ;; -scout) ;; -wrs) os=-vxworks basic_machine=$1 ;; -chorusos*) os=-chorusos basic_machine=$1 ;; -chorusrdb) os=-chorusrdb basic_machine=$1 ;; -hiux*) os=-hiuxwe2 ;; -sco6) os=-sco5v6 basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco5) os=-sco3.2v5 basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco4) os=-sco3.2v4 basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco3.2.[4-9]*) os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco3.2v[4-9]*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco5v6*) # Don't forget version if it is 3.2v4 or newer. basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -sco*) os=-sco3.2v2 basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -udk*) basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -isc) os=-isc2.2 basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -clix*) basic_machine=clipper-intergraph ;; -isc*) basic_machine=`echo "$1" | sed -e 's/86-.*/86-pc/'` ;; -lynx*178) os=-lynxos178 ;; -lynx*5) os=-lynxos5 ;; -lynx*) os=-lynxos ;; -ptx*) basic_machine=`echo "$1" | sed -e 's/86-.*/86-sequent/'` ;; -psos*) os=-psos ;; -mint | -mint[0-9]*) basic_machine=m68k-atari os=-mint ;; esac # Decode aliases for certain CPU-COMPANY combinations. case $basic_machine in # Recognize the basic CPU types without company name. # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ | aarch64 | aarch64_be \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ | arc | arceb \ | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ | avr | avr32 \ | ba \ | be32 | be64 \ | bfin \ | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ | e2k | epiphany \ | fido | fr30 | frv | ft32 \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | hexagon \ | i370 | i860 | i960 | ia16 | ia64 \ | ip2k | iq2000 \ | k1om \ | le32 | le64 \ | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ | mips64octeon | mips64octeonel \ | mips64orion | mips64orionel \ | mips64r5900 | mips64r5900el \ | mips64vr | mips64vrel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ | mipsisa32r6 | mipsisa32r6el \ | mipsisa64 | mipsisa64el \ | mipsisa64r2 | mipsisa64r2el \ | mipsisa64r6 | mipsisa64r6el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ | moxie \ | mt \ | msp430 \ | nds32 | nds32le | nds32be \ | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ | open8 | or1k | or1knd | or32 \ | pdp10 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle \ | pru \ | pyramid \ | riscv32 | riscv64 \ | rl78 | rx \ | score \ | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ | spu \ | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ | ubicom32 \ | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ | visium \ | wasm32 \ | x86 | xc16x | xstormy16 | xtensa \ | z8k | z80) basic_machine=$basic_machine-unknown ;; c54x) basic_machine=tic54x-unknown ;; c55x) basic_machine=tic55x-unknown ;; c6x) basic_machine=tic6x-unknown ;; leon|leon[3-9]) basic_machine=sparc-$basic_machine ;; m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) basic_machine=$basic_machine-unknown os=-none ;; m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65) ;; ms1) basic_machine=mt-unknown ;; strongarm | thumb | xscale) basic_machine=arm-unknown ;; xgate) basic_machine=$basic_machine-unknown os=-none ;; xscaleeb) basic_machine=armeb-unknown ;; xscaleel) basic_machine=armel-unknown ;; # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. i*86 | x86_64) basic_machine=$basic_machine-pc ;; # Object if more than one company name word. *-*-*) echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2 exit 1 ;; # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ | ba-* \ | be32-* | be64-* \ | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* \ | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | e2k-* | elxsi-* \ | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ | hexagon-* \ | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ | ip2k-* | iq2000-* \ | k1om-* \ | le32-* | le64-* \ | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ | mips64octeon-* | mips64octeonel-* \ | mips64orion-* | mips64orionel-* \ | mips64r5900-* | mips64r5900el-* \ | mips64vr-* | mips64vrel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ | mipsisa32r6-* | mipsisa32r6el-* \ | mipsisa64-* | mipsisa64el-* \ | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64r6-* | mipsisa64r6el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ | nds32-* | nds32le-* | nds32be-* \ | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | open8-* \ | or1k*-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | pru-* \ | pyramid-* \ | riscv32-* | riscv64-* \ | rl78-* | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \ | tahoe-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tile*-* \ | tron-* \ | ubicom32-* \ | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ | vax-* \ | visium-* \ | wasm32-* \ | we32k-* \ | x86-* | x86_64-* | xc16x-* | xps100-* \ | xstormy16-* | xtensa*-* \ | ymp-* \ | z8k-* | z80-*) ;; # Recognize the basic CPU types without company name, with glob match. xtensa*) basic_machine=$basic_machine-unknown ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) basic_machine=i386-pc os=-bsd ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) basic_machine=m68000-att ;; 3b*) basic_machine=we32k-att ;; a29khif) basic_machine=a29k-amd os=-udi ;; abacus) basic_machine=abacus-unknown ;; adobe68k) basic_machine=m68010-adobe os=-scout ;; alliant | fx80) basic_machine=fx80-alliant ;; altos | altos3068) basic_machine=m68k-altos ;; am29k) basic_machine=a29k-none os=-bsd ;; amd64) basic_machine=x86_64-pc ;; amd64-*) basic_machine=x86_64-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; amdahl) basic_machine=580-amdahl os=-sysv ;; amiga | amiga-*) basic_machine=m68k-unknown ;; amigaos | amigados) basic_machine=m68k-unknown os=-amigaos ;; amigaunix | amix) basic_machine=m68k-unknown os=-sysv4 ;; apollo68) basic_machine=m68k-apollo os=-sysv ;; apollo68bsd) basic_machine=m68k-apollo os=-bsd ;; aros) basic_machine=i386-pc os=-aros ;; asmjs) basic_machine=asmjs-unknown ;; aux) basic_machine=m68k-apple os=-aux ;; balance) basic_machine=ns32k-sequent os=-dynix ;; blackfin) basic_machine=bfin-unknown os=-linux ;; blackfin-*) basic_machine=bfin-`echo "$basic_machine" | sed 's/^[^-]*-//'` os=-linux ;; bluegene*) basic_machine=powerpc-ibm os=-cnk ;; c54x-*) basic_machine=tic54x-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; c55x-*) basic_machine=tic55x-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; c6x-*) basic_machine=tic6x-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; c90) basic_machine=c90-cray os=-unicos ;; cegcc) basic_machine=arm-unknown os=-cegcc ;; convex-c1) basic_machine=c1-convex os=-bsd ;; convex-c2) basic_machine=c2-convex os=-bsd ;; convex-c32) basic_machine=c32-convex os=-bsd ;; convex-c34) basic_machine=c34-convex os=-bsd ;; convex-c38) basic_machine=c38-convex os=-bsd ;; cray | j90) basic_machine=j90-cray os=-unicos ;; craynv) basic_machine=craynv-cray os=-unicosmp ;; cr16 | cr16-*) basic_machine=cr16-unknown os=-elf ;; crds | unos) basic_machine=m68k-crds ;; crisv32 | crisv32-* | etraxfs*) basic_machine=crisv32-axis ;; cris | cris-* | etrax*) basic_machine=cris-axis ;; crx) basic_machine=crx-unknown os=-elf ;; da30 | da30-*) basic_machine=m68k-da30 ;; decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) basic_machine=mips-dec ;; decsystem10* | dec10*) basic_machine=pdp10-dec os=-tops10 ;; decsystem20* | dec20*) basic_machine=pdp10-dec os=-tops20 ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) basic_machine=m68k-motorola ;; delta88) basic_machine=m88k-motorola os=-sysv3 ;; dicos) basic_machine=i686-pc os=-dicos ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx ;; dpx2*) basic_machine=m68k-bull os=-sysv3 ;; e500v[12]) basic_machine=powerpc-unknown os=$os"spe" ;; e500v[12]-*) basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` os=$os"spe" ;; ebmon29k) basic_machine=a29k-amd os=-ebmon ;; elxsi) basic_machine=elxsi-elxsi os=-bsd ;; encore | umax | mmax) basic_machine=ns32k-encore ;; es1800 | OSE68k | ose68k | ose | OSE) basic_machine=m68k-ericsson os=-ose ;; fx2800) basic_machine=i860-alliant ;; genix) basic_machine=ns32k-ns ;; gmicro) basic_machine=tron-gmicro os=-sysv ;; go32) basic_machine=i386-pc os=-go32 ;; h3050r* | hiux*) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; h8300hms) basic_machine=h8300-hitachi os=-hms ;; h8300xray) basic_machine=h8300-hitachi os=-xray ;; h8500hms) basic_machine=h8500-hitachi os=-hms ;; harris) basic_machine=m88k-harris os=-sysv3 ;; hp300-*) basic_machine=m68k-hp ;; hp300bsd) basic_machine=m68k-hp os=-bsd ;; hp300hpux) basic_machine=m68k-hp os=-hpux ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) basic_machine=m68000-hp ;; hp9k3[2-9][0-9]) basic_machine=m68k-hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) basic_machine=hppa1.0-hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) basic_machine=hppa1.1-hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp basic_machine=hppa1.1-hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) basic_machine=hppa1.1-hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) basic_machine=hppa1.0-hp ;; hppaosf) basic_machine=hppa1.1-hp os=-osf ;; hppro) basic_machine=hppa1.1-hp os=-proelf ;; i370-ibm* | ibm*) basic_machine=i370-ibm ;; i*86v32) basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` os=-sysv32 ;; i*86v4*) basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` os=-sysv4 ;; i*86v) basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` os=-sysv ;; i*86sol2) basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` os=-solaris2 ;; i386mach) basic_machine=i386-mach os=-mach ;; vsta) basic_machine=i386-unknown os=-vsta ;; iris | iris4d) basic_machine=mips-sgi case $os in -irix*) ;; *) os=-irix4 ;; esac ;; isi68 | isi) basic_machine=m68k-isi os=-sysv ;; leon-*|leon[3-9]-*) basic_machine=sparc-`echo "$basic_machine" | sed 's/-.*//'` ;; m68knommu) basic_machine=m68k-unknown os=-linux ;; m68knommu-*) basic_machine=m68k-`echo "$basic_machine" | sed 's/^[^-]*-//'` os=-linux ;; magnum | m3230) basic_machine=mips-mips os=-sysv ;; merlin) basic_machine=ns32k-utek os=-sysv ;; microblaze*) basic_machine=microblaze-xilinx ;; mingw64) basic_machine=x86_64-pc os=-mingw64 ;; mingw32) basic_machine=i686-pc os=-mingw32 ;; mingw32ce) basic_machine=arm-unknown os=-mingw32ce ;; miniframe) basic_machine=m68000-convergent ;; *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) basic_machine=m68k-atari os=-mint ;; mips3*-*) basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'` ;; mips3*) basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`-unknown ;; monitor) basic_machine=m68k-rom68k os=-coff ;; morphos) basic_machine=powerpc-unknown os=-morphos ;; moxiebox) basic_machine=moxie-unknown os=-moxiebox ;; msdos) basic_machine=i386-pc os=-msdos ;; ms1-*) basic_machine=`echo "$basic_machine" | sed -e 's/ms1-/mt-/'` ;; msys) basic_machine=i686-pc os=-msys ;; mvs) basic_machine=i370-ibm os=-mvs ;; nacl) basic_machine=le32-unknown os=-nacl ;; ncr3000) basic_machine=i486-ncr os=-sysv4 ;; netbsd386) basic_machine=i386-unknown os=-netbsd ;; netwinder) basic_machine=armv4l-rebel os=-linux ;; news | news700 | news800 | news900) basic_machine=m68k-sony os=-newsos ;; news1000) basic_machine=m68030-sony os=-newsos ;; news-3600 | risc-news) basic_machine=mips-sony os=-newsos ;; necv70) basic_machine=v70-nec os=-sysv ;; next | m*-next) basic_machine=m68k-next case $os in -nextstep* ) ;; -ns2*) os=-nextstep2 ;; *) os=-nextstep3 ;; esac ;; nh3000) basic_machine=m68k-harris os=-cxux ;; nh[45]000) basic_machine=m88k-harris os=-cxux ;; nindy960) basic_machine=i960-intel os=-nindy ;; mon960) basic_machine=i960-intel os=-mon960 ;; nonstopux) basic_machine=mips-compaq os=-nonstopux ;; np1) basic_machine=np1-gould ;; neo-tandem) basic_machine=neo-tandem ;; nse-tandem) basic_machine=nse-tandem ;; nsr-tandem) basic_machine=nsr-tandem ;; nsv-tandem) basic_machine=nsv-tandem ;; nsx-tandem) basic_machine=nsx-tandem ;; op50n-* | op60c-*) basic_machine=hppa1.1-oki os=-proelf ;; openrisc | openrisc-*) basic_machine=or32-unknown ;; os400) basic_machine=powerpc-ibm os=-os400 ;; OSE68000 | ose68000) basic_machine=m68000-ericsson os=-ose ;; os68k) basic_machine=m68k-none os=-os68k ;; pa-hitachi) basic_machine=hppa1.1-hitachi os=-hiuxwe2 ;; paragon) basic_machine=i860-intel os=-osf ;; parisc) basic_machine=hppa-unknown os=-linux ;; parisc-*) basic_machine=hppa-`echo "$basic_machine" | sed 's/^[^-]*-//'` os=-linux ;; pbd) basic_machine=sparc-tti ;; pbb) basic_machine=m68k-tti ;; pc532 | pc532-*) basic_machine=ns32k-pc532 ;; pc98) basic_machine=i386-pc ;; pc98-*) basic_machine=i386-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; pentium | p5 | k5 | k6 | nexgen | viac3) basic_machine=i586-pc ;; pentiumpro | p6 | 6x86 | athlon | athlon_*) basic_machine=i686-pc ;; pentiumii | pentium2 | pentiumiii | pentium3) basic_machine=i686-pc ;; pentium4) basic_machine=i786-pc ;; pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) basic_machine=i586-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; pentiumpro-* | p6-* | 6x86-* | athlon-*) basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; pentium4-*) basic_machine=i786-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; pn) basic_machine=pn-gould ;; power) basic_machine=power-ibm ;; ppc | ppcbe) basic_machine=powerpc-unknown ;; ppc-* | ppcbe-*) basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle) basic_machine=powerpcle-unknown ;; ppcle-* | powerpclittle-*) basic_machine=powerpcle-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; ppc64) basic_machine=powerpc64-unknown ;; ppc64-*) basic_machine=powerpc64-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; ppc64le | powerpc64little) basic_machine=powerpc64le-unknown ;; ppc64le-* | powerpc64little-*) basic_machine=powerpc64le-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; ps2) basic_machine=i386-ibm ;; pw32) basic_machine=i586-unknown os=-pw32 ;; rdos | rdos64) basic_machine=x86_64-pc os=-rdos ;; rdos32) basic_machine=i386-pc os=-rdos ;; rom68k) basic_machine=m68k-rom68k os=-coff ;; rm[46]00) basic_machine=mips-siemens ;; rtpc | rtpc-*) basic_machine=romp-ibm ;; s390 | s390-*) basic_machine=s390-ibm ;; s390x | s390x-*) basic_machine=s390x-ibm ;; sa29200) basic_machine=a29k-amd os=-udi ;; sb1) basic_machine=mipsisa64sb1-unknown ;; sb1el) basic_machine=mipsisa64sb1el-unknown ;; sde) basic_machine=mipsisa32-sde os=-elf ;; sei) basic_machine=mips-sei os=-seiux ;; sequent) basic_machine=i386-sequent ;; sh5el) basic_machine=sh5le-unknown ;; simso-wrs) basic_machine=sparclite-wrs os=-vxworks ;; sps7) basic_machine=m68k-bull os=-sysv2 ;; spur) basic_machine=spur-unknown ;; st2000) basic_machine=m68k-tandem ;; stratus) basic_machine=i860-stratus os=-sysv4 ;; strongarm-* | thumb-*) basic_machine=arm-`echo "$basic_machine" | sed 's/^[^-]*-//'` ;; sun2) basic_machine=m68000-sun ;; sun2os3) basic_machine=m68000-sun os=-sunos3 ;; sun2os4) basic_machine=m68000-sun os=-sunos4 ;; sun3os3) basic_machine=m68k-sun os=-sunos3 ;; sun3os4) basic_machine=m68k-sun os=-sunos4 ;; sun4os3) basic_machine=sparc-sun os=-sunos3 ;; sun4os4) basic_machine=sparc-sun os=-sunos4 ;; sun4sol2) basic_machine=sparc-sun os=-solaris2 ;; sun3 | sun3-*) basic_machine=m68k-sun ;; sun4) basic_machine=sparc-sun ;; sun386 | sun386i | roadrunner) basic_machine=i386-sun ;; sv1) basic_machine=sv1-cray os=-unicos ;; symmetry) basic_machine=i386-sequent os=-dynix ;; t3e) basic_machine=alphaev5-cray os=-unicos ;; t90) basic_machine=t90-cray os=-unicos ;; tile*) basic_machine=$basic_machine-unknown os=-linux-gnu ;; tx39) basic_machine=mipstx39-unknown ;; tx39el) basic_machine=mipstx39el-unknown ;; toad1) basic_machine=pdp10-xkl os=-tops20 ;; tower | tower-32) basic_machine=m68k-ncr ;; tpf) basic_machine=s390x-ibm os=-tpf ;; udi29k) basic_machine=a29k-amd os=-udi ;; ultra3) basic_machine=a29k-nyu os=-sym1 ;; v810 | necv810) basic_machine=v810-nec os=-none ;; vaxv) basic_machine=vax-dec os=-sysv ;; vms) basic_machine=vax-dec os=-vms ;; vpp*|vx|vx-*) basic_machine=f301-fujitsu ;; vxworks960) basic_machine=i960-wrs os=-vxworks ;; vxworks68) basic_machine=m68k-wrs os=-vxworks ;; vxworks29k) basic_machine=a29k-wrs os=-vxworks ;; w65*) basic_machine=w65-wdc os=-none ;; w89k-*) basic_machine=hppa1.1-winbond os=-proelf ;; x64) basic_machine=x86_64-pc ;; xbox) basic_machine=i686-pc os=-mingw32 ;; xps | xps100) basic_machine=xps100-honeywell ;; xscale-* | xscalee[bl]-*) basic_machine=`echo "$basic_machine" | sed 's/^xscale/arm/'` ;; ymp) basic_machine=ymp-cray os=-unicos ;; none) basic_machine=none-none os=-none ;; # Here we handle the default manufacturer of certain CPU types. It is in # some cases the only manufacturer, in others, it is the most popular. w89k) basic_machine=hppa1.1-winbond ;; op50n) basic_machine=hppa1.1-oki ;; op60c) basic_machine=hppa1.1-oki ;; romp) basic_machine=romp-ibm ;; mmix) basic_machine=mmix-knuth ;; rs6000) basic_machine=rs6000-ibm ;; vax) basic_machine=vax-dec ;; pdp11) basic_machine=pdp11-dec ;; we32k) basic_machine=we32k-att ;; sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; cydra) basic_machine=cydra-cydrome ;; orion) basic_machine=orion-highlevel ;; orion105) basic_machine=clipper-highlevel ;; mac | mpw | mac-mpw) basic_machine=m68k-apple ;; pmac | pmac-mpw) basic_machine=powerpc-apple ;; *-unknown) # Make sure to match an already-canonicalized machine name. ;; *) echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2 exit 1 ;; esac # Here we canonicalize certain aliases for manufacturers. case $basic_machine in *-digital*) basic_machine=`echo "$basic_machine" | sed 's/digital.*/dec/'` ;; *-commodore*) basic_machine=`echo "$basic_machine" | sed 's/commodore.*/cbm/'` ;; *) ;; esac # Decode manufacturer-specific aliases for certain operating systems. if [ x"$os" != x"" ] then case $os in # First match some system type aliases that might get confused # with valid system types. # -solaris* is a basic system type, with this one exception. -auroraux) os=-auroraux ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; -solaris) os=-solaris2 ;; -unixware*) os=-sysv4.2uw ;; -gnu/linux*) os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` ;; # es1800 is here to avoid being matched by es* (a different OS) -es1800*) os=-ose ;; # Now accept the basic system types. # The portable systems comes first. # Each alternative MUST end in a * to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ | -aos* | -aros* | -cloudabi* | -sortix* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -knetbsd* | -mirbsd* | -netbsd* \ | -bitrig* | -openbsd* | -solidbsd* | -libertybsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* | -hcos* \ | -chorusos* | -chorusrdb* | -cegcc* | -glidix* \ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ | -midipix* | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ | -linux-newlib* | -linux-musl* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* | -moxiebox* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es* \ | -onefs* | -tirtos* | -phoenix* | -fuchsia* | -redox* | -bme* \ | -midnightbsd*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) case $basic_machine in x86-* | i*86-*) ;; *) os=-nto$os ;; esac ;; -nto-qnx*) ;; -nto*) os=`echo $os | sed -e 's|nto|nto-qnx|'` ;; -sim | -xray | -os68k* | -v88r* \ | -windows* | -osx | -abug | -netware* | -os9* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) os=`echo "$os" | sed -e 's|mac|macos|'` ;; -linux-dietlibc) os=-linux-dietlibc ;; -linux*) os=`echo $os | sed -e 's|linux|linux-gnu|'` ;; -sunos5*) os=`echo "$os" | sed -e 's|sunos5|solaris2|'` ;; -sunos6*) os=`echo "$os" | sed -e 's|sunos6|solaris3|'` ;; -opened*) os=-openedition ;; -os400*) os=-os400 ;; -wince*) os=-wince ;; -utek*) os=-bsd ;; -dynix*) os=-bsd ;; -acis*) os=-aos ;; -atheos*) os=-atheos ;; -syllable*) os=-syllable ;; -386bsd) os=-bsd ;; -ctix* | -uts*) os=-sysv ;; -nova*) os=-rtmk-nova ;; -ns2) os=-nextstep2 ;; -nsk*) os=-nsk ;; # Preserve the version number of sinix5. -sinix5.*) os=`echo $os | sed -e 's|sinix|sysv|'` ;; -sinix*) os=-sysv4 ;; -tpf*) os=-tpf ;; -triton*) os=-sysv3 ;; -oss*) os=-sysv3 ;; -svr4*) os=-sysv4 ;; -svr3) os=-sysv3 ;; -sysvr4) os=-sysv4 ;; # This must come after -sysvr4. -sysv*) ;; -ose*) os=-ose ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) os=-mint ;; -zvmoe) os=-zvmoe ;; -dicos*) os=-dicos ;; -pikeos*) # Until real need of OS specific support for # particular features comes up, bare metal # configurations are quite functional. case $basic_machine in arm*) os=-eabi ;; *) os=-elf ;; esac ;; -nacl*) ;; -ios) ;; -none) ;; *) # Get rid of the `-' at the beginning of $os. os=`echo $os | sed 's/[^-]*-//'` echo Invalid configuration \`"$1"\': system \`"$os"\' not recognized 1>&2 exit 1 ;; esac else # Here we handle the default operating systems that come with various machines. # The value should be what the vendor currently ships out the door with their # machine or put another way, the most popular os provided with the machine. # Note that if you're going to try to match "-MANUFACTURER" here (say, # "-sun"), then you have to tell the case statement up towards the top # that MANUFACTURER isn't an operating system. Otherwise, code above # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. case $basic_machine in score-*) os=-elf ;; spu-*) os=-elf ;; *-acorn) os=-riscix1.2 ;; arm*-rebel) os=-linux ;; arm*-semi) os=-aout ;; c4x-* | tic4x-*) os=-coff ;; c8051-*) os=-elf ;; hexagon-*) os=-elf ;; tic54x-*) os=-coff ;; tic55x-*) os=-coff ;; tic6x-*) os=-coff ;; # This must come before the *-dec entry. pdp10-*) os=-tops20 ;; pdp11-*) os=-none ;; *-dec | vax-*) os=-ultrix4.2 ;; m68*-apollo) os=-domain ;; i386-sun) os=-sunos4.0.2 ;; m68000-sun) os=-sunos3 ;; m68*-cisco) os=-aout ;; mep-*) os=-elf ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; or32-*) os=-coff ;; *-tti) # must be before sparc entry or we get the wrong os. os=-sysv3 ;; sparc-* | *-sun) os=-sunos4.1.1 ;; pru-*) os=-elf ;; *-be) os=-beos ;; *-ibm) os=-aix ;; *-knuth) os=-mmixware ;; *-wec) os=-proelf ;; *-winbond) os=-proelf ;; *-oki) os=-proelf ;; *-hp) os=-hpux ;; *-hitachi) os=-hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) os=-sysv ;; *-cbm) os=-amigaos ;; *-dg) os=-dgux ;; *-dolphin) os=-sysv3 ;; m68k-ccur) os=-rtu ;; m88k-omron*) os=-luna ;; *-next) os=-nextstep ;; *-sequent) os=-ptx ;; *-crds) os=-unos ;; *-ns) os=-genix ;; i370-*) os=-mvs ;; *-gould) os=-sysv ;; *-highlevel) os=-bsd ;; *-encore) os=-bsd ;; *-sgi) os=-irix ;; *-siemens) os=-sysv4 ;; *-masscomp) os=-rtu ;; f30[01]-fujitsu | f700-fujitsu) os=-uxpv ;; *-rom68k) os=-coff ;; *-*bug) os=-coff ;; *-apple) os=-macos ;; *-atari*) os=-mint ;; *) os=-none ;; esac fi # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. vendor=unknown case $basic_machine in *-unknown) case $os in -riscix*) vendor=acorn ;; -sunos*) vendor=sun ;; -cnk*|-aix*) vendor=ibm ;; -beos*) vendor=be ;; -hpux*) vendor=hp ;; -mpeix*) vendor=hp ;; -hiux*) vendor=hitachi ;; -unos*) vendor=crds ;; -dgux*) vendor=dg ;; -luna*) vendor=omron ;; -genix*) vendor=ns ;; -mvs* | -opened*) vendor=ibm ;; -os400*) vendor=ibm ;; -ptx*) vendor=sequent ;; -tpf*) vendor=ibm ;; -vxsim* | -vxworks* | -windiss*) vendor=wrs ;; -aux*) vendor=apple ;; -hms*) vendor=hitachi ;; -mpw* | -macos*) vendor=apple ;; -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) vendor=atari ;; -vos*) vendor=stratus ;; esac basic_machine=`echo "$basic_machine" | sed "s/unknown/$vendor/"` ;; esac echo "$basic_machine$os" exit # Local variables: # eval: (add-hook 'before-save-hook 'time-stamp) # time-stamp-start: "timestamp='" # time-stamp-format: "%:y-%02m-%02d" # time-stamp-end: "'" # End: opendnssec-2.1.5/LICENSE0000644000202300020240000000304413560310771011577 00000000000000Copyright (c) 2015-2016 NLnet Labs. All rights reserved. Copyright (c) 2012 OpenDNSSEC AB (svb). All rights reserved. Copyright (c) 2011 SURFnet bv. All rights reserved. Copyright (c) 2008 .SE (The Internet Infrastructure Foundation). All rights reserved. Copyright (c) 2008 NLnet Labs. All rights reserved. Copyright (c) 2008 Nominet UK. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. opendnssec-2.1.5/enforcer/0000755000202300020240000000000013560311327012452 500000000000000opendnssec-2.1.5/enforcer/utils/0000755000202300020240000000000013560311035013606 500000000000000opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/0000755000202300020240000000000013560311165016616 500000000000000opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/convert_sqlite0000755000202300020240000000236513560311035021527 00000000000000#!/bin/bash set -e # This scipt converts a ODS 1.4.9 Sqlite database to ODS 2.0. SCHEMA=../../src/db/schema.sqlite DB_IN="" DB_OUT="" while getopts "i:o:" arg; do case $arg in i) DB_IN=$OPTARG ;; o) DB_OUT=$OPTARG ;; *) echo "usage: "$0" -i -o " exit 1 ;; esac done if [ -z $DB_IN ]; then echo "ERROR: No input database specified" exit 1 fi if [ -z $DB_OUT ]; then echo "ERROR: No output database specified" exit 1 fi DB_VERSION=`sqlite3 $DB_IN "SELECT version FROM dbadmin;"` if [ ! $DB_VERSION -eq 4 ]; then echo "ERROR: Old database (version $DB_VERSION). Please upgrade to version 4 before migration" exit 1 fi # Look for zones without an active key. Z=`sqlite3 $DB_IN < find_problematic_zones.sql` if [[ $Z = *[![:space:]]* ]]; then echo "Found zones without an active KSK but with a ready KSK waiting for ds-seen. This can cause problem after the conversion if the DS was actually already uploaded. You are adviced to submit these DS records and issue a ds-seen command before continueing. If you know better, disable this check to continue." echo "Zones: $Z" exit 2 fi rm -f $DB_OUT sqlite3 $DB_OUT < $SCHEMA echo "attach '$DB_IN' as REMOTE;" | cat - sqlite_convert.sql | sqlite3 $DB_OUT opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/README.md0000644000202300020240000000567613560311165020033 00000000000000Convert OpenDNSSEC 1.4 database to OpenDNSSEC 2.0 database ========================================================== The ODS2.0 database is set up very differently from the ODS1.4 database. We provide a couple of scripts to make the transition. Please review this document entirely before starting the conversation. Requirements ------------ These scripts will work coming from ODS version 1.4.8.2 or 1.4.9. Earlier versions are not supported. Please upgrade to one of these 2 versions before migration. General preparation ------------------- * First stop OpenDNSSEC entirely. * You are strongly advised to backup /etc/opendnssec and /var/opendnssec before continuing. * Also prevent any nameserver from receiving updates from OpenDNSSEC until you are sure the migration was successful. * It is discouraged to perform the migration during a rollover. The migration script tries to deal with it as gracefully as possible though many corner cases exist. Generally it will not break the zone but unexpected behaviour may occur. If you do, and see unexpected state, the best way to deal with it is to start a rollover for the offending keytype. Conversion Sqlite ----------------- There are 2 relevant files for the conversion: * convert_sqlite - A bash conversion script * sqlite_convert.sql - Contains SQL statements, called by convert_sqlite call the script like so: `./convert_sqlite -i INPUT -o OUTPUT`. Where INPUT is the kasp.db file commonly found in _/var/opendnssec/kasp.db_. And OUTPUT is a non-existing file where the new database should go. On success, replace old database file with the new database file or adjust _conf.xml_ accordingly. Conversion MySQL ---------------- There are 2 relevant files for the conversion: * convert_mysql - A bash conversion script * mysql_convert.sql - Contains SQL statements, called by convert_mysql call the script like so: `./convert_mysql -i INPUT -o OUTPUT -h HOST -u USER -p PASSWORD`. Where INPUT is the name of the existing database on HOST. And OUTPUT is a non-existing database on the same host where the new database should go. On success, replace old database with the new database file or adjust _conf.xml_ accordingly. Post Conversion --------------- ODS 2.0 stores the keytags in the database, 1.4 unfortunately does not. Therefore an additional tool is provided which calculates the keytags and stores them in the database. Make sure that at this point _conf.xml_ points to the new database. Then run `ods-migrate`. Now your new database is ready for use. At this point the signer will refuse to run because the file `/var/opendnssec/enforcer/zones.xml` does not exist yet. In ODS 1.4 `/etc/opendnssec/zonelist.xml` is always on par with the database contents (this is no longer true for 2.0) so it is safe to copy this file over to the missing file. If all went well you should be able to start OpenDNSSEC and review its output. If applicable start any nameservers you stopped in the process. opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/mysql_convert.sql0000644000202300020240000005423213560311035022166 00000000000000/* This file was derrived from sqlite version. Some weird constructs are to * work around sqlite's limitations. */ INSERT INTO databaseVersion VALUES (NULL, 1, 1); -- ~ ************ -- ~ ** policy table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ INSERT INTO policy SELECT id, 1, name, description, 0, 0, 0, 0, 0, 0, 0, 86400, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 FROM REMOTE.policies; UPDATE policy SET signaturesResign = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'resign'); UPDATE policy SET signaturesRefresh = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'refresh') ; UPDATE policy SET signaturesJitter = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'jitter'); UPDATE policy SET signaturesInceptionOffset = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'clockskew'); UPDATE policy SET signaturesValidityDefault = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'valdefault'); UPDATE policy SET signaturesValidityDenial = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'valdenial'); -- MaxZoneTTL default 86400 -- We need the following mapping 1.4 -> 2.0 for denialType -- 0 -> 1 -- 3 -> 0 UPDATE policy, REMOTE.parameters_policies, REMOTE.parameters SET policy.denialType = (~REMOTE.parameters_policies.value)&1 WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'version'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialOptout = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'optout'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialTtl = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'ttl'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialResalt = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'resalt'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialAlgorithm = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'algorithm'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialIterations = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'iterations'; UPDATE policy, REMOTE.parameters, REMOTE.parameters_policies SET policy.denialSaltLength = REMOTE.parameters_policies.value WHERE REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id AND REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'saltlength'; UPDATE policy, REMOTE.policies SET denialSalt = REMOTE.policies.salt WHERE REMOTE.policies.id = policy.id AND REMOTE.policies.salt IS NOT NULL; UPDATE policy, REMOTE.policies SET denialSaltLastChange = UNIX_TIMESTAMP(REMOTE.policies.salt_stamp) WHERE REMOTE.policies.id = policy.id AND REMOTE.policies.salt_stamp IS NOT NULL; UPDATE policy SET keysTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET keysRetireSafety = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'retiresafety'); UPDATE policy SET keysPublishSafety = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'publishsafety'); UPDATE policy SET keysShared = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'zones_share_keys'); UPDATE policy SET keysPurgeAfter = COALESCE(( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'purge'), 0); UPDATE policy SET zonePropagationDelay = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'propagationdelay'); UPDATE policy SET zoneSoaTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET zoneSoaMinimum = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'min'); -- Temporary mapping table between 1.4 and 2.0 SOA serial strategy CREATE TABLE mapping ( soa14 INTEGER, soa20 INTEGER ); INSERT INTO mapping SELECT 1, 2; INSERT INTO mapping SELECT 2, 0; INSERT INTO mapping SELECT 3, 1; INSERT INTO mapping SELECT 4, 3; UPDATE policy SET zoneSoaSerial = ( SELECT mapping.soa20 FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN mapping ON REMOTE.parameters_policies.value = mapping.soa14 WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'serial'); DROP TABLE mapping; -- parentRegistrationDelay = 0 on 1.4 UPDATE policy SET parentPropagationDelay = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'propagationdelay'); UPDATE policy SET parentDsTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'ttlds'); UPDATE policy SET parentSoaTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET parentSoaMinimum = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'min'); -- passthrough = 0 -- ~ ************ -- ~ ** policyKey table -- ~ ** -- ~ ** For each policy in 1.4 add two keys: KSK and ZSK -- ~ ** -- ~ ** -- ~ ************ -- Insert each KSK INSERT INTO policyKey SELECT null, 1, id, 1, 0, 0, 0, 0, 0, 0, 0, 4 FROM REMOTE.policies; -- Insert each ZSK INSERT INTO policyKey SELECT null, 1, id, 2, 0, 0, 0, 0, 0, 0, 0, 1 FROM REMOTE.policies; UPDATE policyKey SET algorithm = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'algorithm') WHERE policyKey.role = 1; UPDATE policyKey SET algorithm = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'algorithm') WHERE policyKey.role = 2; UPDATE policyKey SET bits = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'bits') WHERE policyKey.role = 1; UPDATE policyKey SET bits = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'bits') WHERE policyKey.role = 2; UPDATE policyKey SET lifetime = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'lifetime') WHERE policyKey.role = 1; UPDATE policyKey SET lifetime = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'lifetime') WHERE policyKey.role = 2; UPDATE policyKey SET repository = ( SELECT REMOTE.securitymodules.name FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN REMOTE.securitymodules ON REMOTE.parameters_policies.value = REMOTE.securitymodules.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'repository') WHERE policyKey.role = 1; UPDATE policyKey SET repository = ( SELECT REMOTE.securitymodules.name FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN REMOTE.securitymodules ON REMOTE.parameters_policies.value = REMOTE.securitymodules.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'repository') WHERE policyKey.role = 2; UPDATE policyKey SET standby = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'standby') WHERE policyKey.role = 1; UPDATE policyKey SET standby = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'standby') WHERE policyKey.role = 2; UPDATE policyKey SET manualRollover = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'manual_rollover') WHERE policyKey.role = 1; UPDATE policyKey SET manualRollover = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'manual_rollover') WHERE policyKey.role = 2; -- rfc5011 = 0. 2.0 has no support -- minimize already set -- ~ ************ -- ~ ** hsmKey table -- ~ ** -- ~ ** get from keypairs and dnsseckeys -- ~ ** -- ~ ** -- ~ ************ INSERT INTO hsmKey SELECT DISTINCT REMOTE.keypairs.id, 1, REMOTE.keypairs.policy_id, REMOTE.keypairs.HSMkey_id, 2, REMOTE.keypairs.size, REMOTE.keypairs.algorithm, (~(REMOTE.dnsseckeys.keytype)&1)+1, CASE WHEN REMOTE.keypairs.generate IS NOT NULL THEN UNIX_TIMESTAMP(REMOTE.keypairs.generate) ELSE UNIX_TIMESTAMP() END, 0, 1, -- only RSA supported REMOTE.securitymodules.name, 0 -- assume no backup FROM REMOTE.keypairs JOIN REMOTE.dnsseckeys ON REMOTE.keypairs.id = REMOTE.dnsseckeys.keypair_id JOIN REMOTE.securitymodules ON REMOTE.securitymodules.id = REMOTE.keypairs.securitymodule_id; -- For some policies put the keys in a shared state UPDATE hsmKey, policy SET hsmKey.state = 3 WHERE policy.id = hsmKey.policyId AND policy.keysShared != 0; -- ~ ************ -- ~ ** zone table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ INSERT INTO zone SELECT zones.id, 1, zones.policy_id, zones.name, 1, zones.signconf, 0, 0,0,0, 0,0,0, zones.in_type, zones.input, zones.out_type, zones.output, 0,0,0 FROM REMOTE.zones; -- ~ ************ -- ~ ** ketData table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ -- Temporary mapping table between 1.4 states and 2.0 ds_at_parent states -- We are ignoring the fact this may set a DS state for a ZSK; We don't care CREATE TABLE mapping ( state INTEGER, ds_state INTEGER ); INSERT INTO mapping SELECT 1, 0; INSERT INTO mapping SELECT 2, 0; INSERT INTO mapping SELECT 3, 1; INSERT INTO mapping SELECT 4, 3; INSERT INTO mapping SELECT 5, 5; INSERT INTO mapping SELECT 6, 5; INSERT INTO mapping SELECT 7, 5; INSERT INTO mapping SELECT 8, 5; INSERT INTO mapping SELECT 9, 5; INSERT INTO mapping SELECT 10, 5; INSERT INTO keyData SELECT NULL, 1, REMOTE.dnsseckeys.zone_id, REMOTE.dnsseckeys.keypair_id, REMOTE.keypairs.algorithm, CASE WHEN REMOTE.dnsseckeys.publish IS NOT NULL THEN UNIX_TIMESTAMP(REMOTE.dnsseckeys.publish) ELSE UNIX_TIMESTAMP() END, (~REMOTE.dnsseckeys.keytype&1)+1, REMOTE.dnsseckeys.state <= 4, -- introducing 0, -- should revoke, not used 0, -- standby REMOTE.dnsseckeys.state = 4 AND REMOTE.dnsseckeys.keytype = 256, -- activeZSK: REMOTE.dnsseckeys.state >= 2 AND REMOTE.dnsseckeys.state <= 5, -- publish REMOTE.dnsseckeys.state = 4 AND REMOTE.dnsseckeys.keytype = 257, -- activeKSK: mapping.ds_state, -- dsatparent 1<<16, -- keytag (crap, will 2.0 regenerate this?) (REMOTE.dnsseckeys.keytype&1)*3+1 -- minimize FROM REMOTE.dnsseckeys JOIN REMOTE.keypairs ON REMOTE.dnsseckeys.keypair_id = REMOTE.keypairs.id JOIN mapping ON REMOTE.dnsseckeys.state = mapping.state WHERE EXISTS(select REMOTE.zones.id FROM REMOTE.zones WHERE REMOTE.zones.id = REMOTE.dnsseckeys.zone_id); UPDATE keyData SET dsatparent = 0 WHERE role = 2; DROP TABLE mapping; -- If an active time is set for a ready KSK dsAtParent is submitted -- instead of submit UPDATE keyData, REMOTE.dnsseckeys SET keyData.dsatparent = 2 WHERE keyData.dsAtParent = 1 AND REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid AND REMOTE.dnsseckeys.active IS NOT NULL; -- ~ ************ -- ~ ** Keystate table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ CREATE TABLE mapping ( state INTEGER, ds INTEGER, dk INTEGER, ks INTEGER, rs INTEGER ); INSERT INTO mapping SELECT 1, 0, 0, 0, 0; INSERT INTO mapping SELECT 2, 0, 1, 1, 1; INSERT INTO mapping SELECT 3, 0, 2, 2, 1; INSERT INTO mapping SELECT 4, 2, 2, 2, 1; INSERT INTO mapping SELECT 5, 3, 2, 2, 3; INSERT INTO mapping SELECT 6, 0, 3, 3, 0; INSERT INTO mapping SELECT 7, 3, 0, 0, 0; INSERT INTO mapping SELECT 8, 3, 0, 0, 0; INSERT INTO mapping SELECT 9, 3, 0, 0, 0; INSERT INTO mapping SELECT 10, 3, 0, 0, 0; -- DS RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 0, mapping.ds, UNIX_TIMESTAMP(), (keyData.minimize>>2)&1, policy.parentDsTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; UPDATE keyState, keyData, REMOTE.dnsseckeys SET keyState.state = 1 WHERE keyState.state = 0 AND keyState.type = 0 AND keyData.id = keyState.keydataId AND REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid AND REMOTE.dnsseckeys.active IS NOT NULL; -- DNSKEY RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 2, mapping.dk, UNIX_TIMESTAMP(), (keyData.minimize>>1)&1, policy.keysTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; -- RRSIG DNSKEY RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 3, mapping.ks, UNIX_TIMESTAMP(), (keyData.minimize>>1)&1, policy.keysTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; -- RRSIG RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 1, mapping.rs, UNIX_TIMESTAMP(), (keyData.minimize>>0)&1, policy.signaturesMaxZoneTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; CREATE TABLE tmp ( id INTEGER ); INSERT INTO tmp SELECT rs.id FROM keyState AS rs JOIN keyData ON keyData.id = rs.keydataId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN zone ON keyData.zoneId = zone.id JOIN policy ON policy.id = zone.policyId WHERE (UNIX_TIMESTAMP(REMOTE.dnsseckeys.active) + policy.signaturesValidityDefault) < UNIX_TIMESTAMP(); -- Set to OMN if Tactive + Dttl < Tnow UPDATE keyState SET keyState.state = 2 WHERE keyState.state = 1 AND keyState.type = 1 AND EXISTS(SELECT id FROM tmp where id = keyState.id); DROP TABLE tmp; CREATE TABLE tmp ( id INTEGER ); INSERT tmp SELECT rs.id FROM keyState AS rs JOIN keyState AS dk ON dk.keyDataId = rs.keyDataId WHERE rs.type = 1 AND dk.type = 2 AND rs.state = 1 AND dk.state = 2 AND NOT EXISTS( SELECT* FROM keyState AS rs2 JOIN keyState AS dk2 ON dk2.keyDataId = rs2.keyDataId WHERE rs2.type = 1 AND dk2.type = 2 AND rs2.state = 3 AND dk2.state = 2 ); -- Force the RRSIG state in omnipresent if rumoured and there is no old ZSK -- unretentive UPDATE keyState SET state = 2 WHERE EXISTS(SELECT id FROM tmp WHERE id = keyState.id); DROP TABLE tmp; DROP TABLE mapping; -- We need to create records in the keydependency table in case we are in a -- rollover. Only done for ZSK. For every introducing ZSK with RRSIG rumoured -- that has an outroducing ZSK with RRSIG unretentive, we add a record. INSERT INTO keyDependency SELECT NULL, 0, keyData.zoneID, SUB.IDout, keyData.id, 1 FROM keyData JOIN keyState AS KS1 ON KS1.keyDataId = keyData.id JOIN keyState AS KS2 ON KS2.keyDataId = keyData.id JOIN ( SELECT keyData.id AS IDout, keyData.zoneID FROM keyData JOIN keyState AS KS1 ON KS1.keyDataId = keyData.id JOIN keyState AS KS2 ON KS2.keyDataId = keyData.id WHERE KS1.type = 2 AND KS1.state = 2 AND KS2.type = 1 AND KS2.state = 3 AND keyData.introducing = 0 AND keyData.role = 2 ) AS SUB ON SUB.zoneId = keyData.zoneId WHERE KS1.type = 2 AND KS1.state = 2 AND KS2.type = 1 AND KS2.state = 1; UPDATE keyState SET state = 4 WHERE (keyState.type = 0 OR keyState.type = 3) AND keyDataId IN ( SELECT keyData.id FROM keyData WHERE keyData.role = 2); UPDATE keyState SET state = 4 WHERE keyState.type = 1 AND keyDataId IN ( SELECT keyData.id FROM keyData WHERE keyData.role = 1); opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/find_problematic_zones.sql0000644000202300020240000000042313560311035023771 00000000000000SELECT zones.name FROM dnsseckeys JOIN zones on zones.id = dnsseckeys.zone_id WHERE dnsseckeys.keytype = 257 AND dnsseckeys.active IS NULL AND dnsseckeys.zone_id NOT IN (SELECT dnsseckeys.zone_id FROM dnsseckeys WHERE dnsseckeys.keytype = 257 AND dnsseckeys.state = 4) ; opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/convert_mysql0000755000202300020240000000351113560311165021371 00000000000000#!/bin/bash set -e # This scipt converts a ODS 1.4.9 MySQL database to ODS 2.0. It assumes both # old and new databases live on the same host and are accessable by the same # user. SCHEMA=../../src/db/schema.mysql DB_IN="" DB_OUT="" DB_HOST="localhost" DB_USR="test" DB_PWD="test" while getopts "i:o:h:u:p:" arg; do case $arg in i) DB_IN=$OPTARG ;; o) DB_OUT=$OPTARG ;; h) DB_HOST=$OPTARG ;; u) DB_USR=$OPTARG ;; p) DB_PWD=$OPTARG ;; *) echo "usage: "$0" -i DATABASE_1.4 -o DATABASE_2.0 [-h HOST] [-u USER] [-p PASSWORD]" exit 1 ;; esac done if [ -z $DB_IN ]; then echo "ERROR: No input database specified" exit 1 fi if [ -z $DB_OUT ]; then echo "ERROR: No output database specified" exit 1 fi DB_VERSION=`echo "SELECT version FROM dbadmin;" | mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_IN | tail -n 1` if [ ! $DB_VERSION -eq 4 ]; then echo "ERROR: Old database (version $DB_VERSION). Please upgrade to version 4 before migration" exit 1 fi # Look for zones without an active key. Z=`mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_IN < find_problematic_zones.sql` if [[ $Z = *[![:space:]]* ]]; then echo "Found zones without an active KSK but with a ready KSK waiting for ds-seen. This can cause problem after the conversion if the DS was actually already uploaded. You are adviced to submit these DS records and issue a ds-seen command before continueing. If you know better, disable this check to continue." echo "Zones: $Z" exit 2 fi echo "Creating database $DB_OUT (as user $DB_USR)" echo "CREATE DATABASE IF NOT EXISTS $DB_OUT;" | mysql -u $DB_USR -p$DB_PWD -h $DB_HOST echo "Creating tables in $DB_OUT (as user $DB_USR)" mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_OUT < $SCHEMA echo "Converting database" sed "s/REMOTE/$DB_IN/g" mysql_convert.sql > TMP mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_OUT < TMP rm TMP opendnssec-2.1.5/enforcer/utils/1.4-2.0_db_convert/sqlite_convert.sql0000644000202300020240000006060513560311035022323 00000000000000INSERT INTO databaseVersion VALUES (NULL, 1, 1); -- ~ ************ -- ~ ** policy table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ INSERT INTO policy SELECT id, 1, name, description, 0, 0, 0, 0, 0, 0, 0, 86400, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 FROM REMOTE.policies; UPDATE policy SET signaturesResign = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'resign'); UPDATE policy SET signaturesRefresh = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'refresh') ; UPDATE policy SET signaturesJitter = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'jitter'); UPDATE policy SET signaturesInceptionOffset = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'clockskew'); UPDATE policy SET signaturesValidityDefault = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'valdefault'); UPDATE policy SET signaturesValidityDenial = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 1 AND REMOTE.parameters.name = 'valdenial'); --MaxZoneTTL default 86400 -- We need the following mapping 1.4 -> 2.0 for denialType -- 0 -> 1 -- 3 -> 0 UPDATE policy SET denialType = ( SELECT (~value)&1 FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'version'); -- I'm pretty sure this is not the correct way to do it. It is aweful but -- I can't figure it out how it would work for sqlite. UPDATE policy SET denialOptout = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'optout') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'optout'); UPDATE policy SET denialTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'ttl') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET denialResalt = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'resalt') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'resalt'); UPDATE policy SET denialAlgorithm = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'algorithm') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'algorithm'); UPDATE policy SET denialIterations = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'iterations') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'iterations'); UPDATE policy SET denialSaltLength = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'saltlength') WHERE null != ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 2 AND REMOTE.parameters.name = 'saltlength'); -- clumsy salt update. salt is optional in 1.4 but required in 2.0 -- sqlite is limited in what it can do in an update. I hope there is a -- better way for this? UPDATE policy SET denialSalt = ( SELECT salt FROM REMOTE.policies WHERE REMOTE.policies.id = policy.id) WHERE ( SELECT salt FROM REMOTE.policies WHERE REMOTE.policies.id = policy.id) != null; UPDATE policy SET denialSaltLastChange = ( SELECT salt_stamp FROM REMOTE.policies WHERE REMOTE.policies.id = policy.id) WHERE ( SELECT salt_stamp FROM REMOTE.policies WHERE REMOTE.policies.id = policy.id) != null; UPDATE policy SET keysTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET keysRetireSafety = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'retiresafety'); UPDATE policy SET keysPublishSafety = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'publishsafety'); UPDATE policy SET keysShared = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'zones_share_keys'); UPDATE policy SET keysPurgeAfter = COALESCE(( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 5 AND REMOTE.parameters.name = 'purge'), 0); UPDATE policy SET zonePropagationDelay = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'propagationdelay'); UPDATE policy SET zoneSoaTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET zoneSoaMinimum = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'min'); -- Temporary mapping table between 1.4 and 2.0 SOA serial strategy CREATE TABLE mapping ( soa14 INTEGER, soa20 INTEGER ); INSERT INTO mapping SELECT 1, 2; INSERT INTO mapping SELECT 2, 0; INSERT INTO mapping SELECT 3, 1; INSERT INTO mapping SELECT 4, 3; UPDATE policy SET zoneSoaSerial = ( SELECT mapping.soa20 FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN mapping ON REMOTE.parameters_policies.value = mapping.soa14 WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 7 AND REMOTE.parameters.name = 'serial'); DROP TABLE mapping; -- parentRegistrationDelay = 0 on 1.4 UPDATE policy SET parentPropagationDelay = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'propagationdelay'); UPDATE policy SET parentDsTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'ttlds'); UPDATE policy SET parentSoaTtl = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'ttl'); UPDATE policy SET parentSoaMinimum = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policy.id AND REMOTE.parameters.category_id = 8 AND REMOTE.parameters.name = 'min'); -- passthrough = 0 -- ~ ************ -- ~ ** policyKey table -- ~ ** -- ~ ** For each policy in 1.4 add two keys: KSK and ZSK -- ~ ** -- ~ ** -- ~ ************ -- Insert each KSK INSERT INTO policyKey SELECT null, 1, id, 1, 0, 0, 0, 0, 0, 0, 0, 4 FROM REMOTE.policies; -- Insert each ZSK INSERT INTO policyKey SELECT null, 1, id, 2, 0, 0, 0, 0, 0, 0, 0, 1 FROM REMOTE.policies; UPDATE policyKey SET algorithm = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'algorithm') WHERE policyKey.role = 1; UPDATE policyKey SET algorithm = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'algorithm') WHERE policyKey.role = 2; UPDATE policyKey SET bits = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'bits') WHERE policyKey.role = 1; UPDATE policyKey SET bits = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'bits') WHERE policyKey.role = 2; UPDATE policyKey SET lifetime = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'lifetime') WHERE policyKey.role = 1; UPDATE policyKey SET lifetime = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'lifetime') WHERE policyKey.role = 2; UPDATE policyKey SET repository = ( SELECT REMOTE.securitymodules.name FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN REMOTE.securitymodules ON REMOTE.parameters_policies.value = REMOTE.securitymodules.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'repository') WHERE policyKey.role = 1; UPDATE policyKey SET repository = ( SELECT REMOTE.securitymodules.name FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id INNER JOIN REMOTE.securitymodules ON REMOTE.parameters_policies.value = REMOTE.securitymodules.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'repository') WHERE policyKey.role = 2; UPDATE policyKey SET standby = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'standby') WHERE policyKey.role = 1; UPDATE policyKey SET standby = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'standby') WHERE policyKey.role = 2; UPDATE policyKey SET manualRollover = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 3 AND REMOTE.parameters.name = 'manual_rollover') WHERE policyKey.role = 1; UPDATE policyKey SET manualRollover = ( SELECT value FROM REMOTE.parameters_policies INNER JOIN REMOTE.parameters ON REMOTE.parameters_policies.parameter_id = REMOTE.parameters.id WHERE REMOTE.parameters_policies.policy_id = policyKey.policyId AND REMOTE.parameters.category_id = 4 AND REMOTE.parameters.name = 'manual_rollover') WHERE policyKey.role = 2; -- rfc5011 = 0. 2.0 has no support -- minimize already set -- ~ ************ -- ~ ** hsmKey table -- ~ ** -- ~ ** get from keypairs and dnsseckeys -- ~ ** -- ~ ** -- ~ ************ INSERT INTO hsmKey SELECT DISTINCT REMOTE.keypairs.id, 1, REMOTE.keypairs.policy_id, REMOTE.keypairs.HSMkey_id, 2, REMOTE.keypairs.size, REMOTE.keypairs.algorithm, (~(REMOTE.dnsseckeys.keytype)&1)+1, CASE WHEN REMOTE.keypairs.generate IS NOT NULL THEN strftime('%s', REMOTE.keypairs.generate) ELSE strftime("%s", "now") END, 0, 1, --only RSA supported REMOTE.securitymodules.name, 0 --assume no backup FROM REMOTE.keypairs JOIN REMOTE.dnsseckeys ON REMOTE.keypairs.id = REMOTE.dnsseckeys.keypair_id JOIN REMOTE.securitymodules ON REMOTE.securitymodules.id = REMOTE.keypairs.securitymodule_id; -- For some policies put the keys in a shared state UPDATE hsmKey SET state = 3 WHERE EXISTS (SELECT * FROM hsmKey AS h JOIN policy ON policy.id = h.policyId WHERE policy.keysShared AND hsmKey.id = h.id); -- ~ ************ -- ~ ** zone table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ INSERT INTO zone SELECT zones.id, 1, zones.policy_id, zones.name, 1, zones.signconf, 0, 0,0,0, 0,0,0, zones.in_type, zones.input, zones.out_type, zones.output, 0,0,0 FROM REMOTE.zones; -- ~ ************ -- ~ ** keyData table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ -- Temporary mapping table between 1.4 states and 2.0 ds_at_parent states -- We are ignoring the fact this may set a DS state for a ZSK; We don't care CREATE TABLE mapping ( state INTEGER, ds_state INTEGER ); INSERT INTO mapping SELECT 1, 0; INSERT INTO mapping SELECT 2, 0; INSERT INTO mapping SELECT 3, 1; INSERT INTO mapping SELECT 4, 3; INSERT INTO mapping SELECT 5, 5; INSERT INTO mapping SELECT 6, 5; INSERT INTO mapping SELECT 7, 5; INSERT INTO mapping SELECT 8, 5; INSERT INTO mapping SELECT 9, 5; INSERT INTO mapping SELECT 10, 5; INSERT INTO keyData SELECT NULL, 1, REMOTE.dnsseckeys.zone_id, REMOTE.dnsseckeys.keypair_id, REMOTE.keypairs.algorithm, CASE WHEN REMOTE.dnsseckeys.publish IS NOT NULL THEN strftime('%s', REMOTE.dnsseckeys.publish) ELSE strftime("%s", "now") END, (~REMOTE.dnsseckeys.keytype&1)+1, REMOTE.dnsseckeys.state <= 4, -- introducing 0, -- should revoke, not used 0, -- standby REMOTE.dnsseckeys.state = 4 AND REMOTE.dnsseckeys.keytype = 256, --activeZSK: REMOTE.dnsseckeys.state >= 2 AND REMOTE.dnsseckeys.state <= 5, --publish REMOTE.dnsseckeys.state = 4 AND REMOTE.dnsseckeys.keytype = 257, --activeKSK: mapping.ds_state, --dsatparent 1<<16, --keytag (crap, will 2.0 regenerate this?) (REMOTE.dnsseckeys.keytype&1)*3+1 --minimize FROM REMOTE.dnsseckeys JOIN REMOTE.keypairs ON REMOTE.dnsseckeys.keypair_id = REMOTE.keypairs.id JOIN mapping ON REMOTE.dnsseckeys.state = mapping.state WHERE EXISTS(select REMOTE.zones.id FROM REMOTE.zones WHERE REMOTE.zones.id = REMOTE.dnsseckeys.zone_id); -- Everything that is just a ZSK must not have dsatparent set. UPDATE keyData SET dsatparent = 0 WHERE role = 2; DROP TABLE mapping; -- If a active time is set for a ready KSK dsAtParent is submitted -- instead of submit UPDATE keyData SET dsatparent = 2 WHERE keyData.dsAtParent = 1 AND keyData.id IN ( SELECT keyData.id FROM keyData JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid WHERE REMOTE.dnsseckeys.active IS NOT NULL); -- ~ ************ -- ~ ** Keystate table -- ~ ** -- ~ ** -- ~ ** -- ~ ** -- ~ ************ CREATE TABLE mapping ( state INTEGER, ds INTEGER, dk INTEGER, ks INTEGER, rs INTEGER ); INSERT INTO mapping SELECT 1, 0, 0, 0, 0; INSERT INTO mapping SELECT 2, 0, 1, 1, 1; INSERT INTO mapping SELECT 3, 0, 2, 2, 1; INSERT INTO mapping SELECT 4, 2, 2, 2, 1; INSERT INTO mapping SELECT 5, 3, 2, 2, 3; INSERT INTO mapping SELECT 6, 0, 3, 3, 0; INSERT INTO mapping SELECT 7, 3, 0, 0, 0; INSERT INTO mapping SELECT 8, 3, 0, 0, 0; INSERT INTO mapping SELECT 9, 3, 0, 0, 0; INSERT INTO mapping SELECT 10, 3, 0, 0, 0; -- DS RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 0, mapping.ds, strftime("%s", "now"), (keyData.minimize>>2)&1, policy.parentDsTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; UPDATE keyState SET state = 1 WHERE keyState.state = 0 AND keyState.type = 0 AND keyState.id IN ( SELECT keyState.id FROM keyState JOIN keyData ON keyData.id = keyState.keydataId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid WHERE REMOTE.dnsseckeys.active IS NOT NULL); -- DNSKEY RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 2, mapping.dk, strftime("%s", "now"), (keyData.minimize>>1)&1, policy.keysTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; -- RRSIG DNSKEY RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 3, mapping.ks, strftime("%s", "now"), (keyData.minimize>>1)&1, policy.keysTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; -- RRSIG RECORDS INSERT INTO keyState SELECT NULL, 1, keyData.id, 1, mapping.rs, strftime("%s", "now"), (keyData.minimize>>0)&1, policy.signaturesMaxZoneTtl FROM keyData JOIN zone ON zone.id = keyData.zoneId JOIN policy ON policy.id = zone.policyId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN mapping ON mapping.state = REMOTE.dnsseckeys.state; --Set to OMN if Tactive + Dttl < Tnow UPDATE keyState SET state = 2 WHERE keyState.state = 1 AND keyState.type = 1 AND keyState.id IN ( SELECT keyState.id FROM keyState JOIN keyData ON keyData.id = keyState.keydataId JOIN REMOTE.dnsseckeys ON REMOTE.dnsseckeys.keypair_id = keyData.hsmkeyid JOIN zone ON keyData.zoneId = zone.id JOIN policy ON policy.id = zone.policyId WHERE CAST(strftime("%s", REMOTE.dnsseckeys.active) + policy.signaturesValidityDefault as INTEGER) < strftime("%s", "now")); --Force the RRSIG state in omnipresent if rumoured and there is no old ZSK -- unretentive UPDATE keyState SET state = 2 WHERE keyState.id IN ( SELECT rs.id FROM keyState AS rs JOIN keystate AS dk ON dk.keyDataId == rs.keyDataId WHERE rs.type == 1 AND dk.type == 2 AND rs.state == 1 AND dk.state == 2 AND NOT EXISTS( SELECT* FROM keystate AS rs2 JOIN keystate AS dk2 ON dk2.keyDataId == rs2.keyDataId WHERE rs2.type == 1 AND dk2.type == 2 AND rs2.state == 3 AND dk2.state == 2 )); DROP TABLE mapping; -- We need to create records in the keydependency table in case we are in a -- rollover. Only done for ZSK. For every introducing ZSK with RRSIG rumoured -- that has an outroducing ZSK with RRSIG unretentive, we add a record. INSERT INTO keyDependency SELECT NULL, 0, keyData.zoneID, SUB.IDout, keyData.id, 1 FROM keyData JOIN keyState AS KS1 ON KS1.keyDataId == keyData.id JOIN keyState AS KS2 ON KS2.keyDataId == keyData.id JOIN ( SELECT keyData.id AS IDout, keyData.zoneID FROM keyData JOIN keyState AS KS1 ON KS1.keyDataId == keyData.id JOIN keyState AS KS2 ON KS2.keyDataId == keyData.id WHERE KS1.type == 2 AND ks1.state = 2 AND KS2.type == 1 AND KS2.state == 3 AND keyData.introducing == 0 AND keyData.role == 2 ) AS SUB ON SUB.zoneId == keyData.zoneId WHERE KS1.type == 2 AND ks1.state = 2 AND KS2.type == 1 AND KS2.state == 1 AND keyData.introducing == 1 AND keyData.role == 2; -- ZSK UPDATE keyState SET state = 4 WHERE (keyState.type = 0 OR keyState.type = 3) AND keyDataId IN ( SELECT keyData.id FROM keyData WHERE keyData.role = 2); --KSK UPDATE keyState SET state = 4 WHERE keyState.type = 1 AND keyDataId IN ( SELECT keyData.id FROM keyData WHERE keyData.role = 1); opendnssec-2.1.5/enforcer/utils/convert_mysql_to_sqlite0000755000202300020240000000214413560310771020453 00000000000000#!/usr/bin/env bash set -e # This scipt converts a MySQL to a SQLite database. It assumes both # old and new databases live on the same host and are accessable by the same # user. SCHEMA=../src/db/schema.sqlite DB_IN="" DB_OUT="" DB_HOST="localhost" DB_USR="test" DB_PWD="test" while getopts "i:o:h:u:p:" arg; do case $arg in i) DB_IN=$OPTARG ;; o) DB_OUT=$OPTARG ;; h) DB_HOST=$OPTARG ;; u) DB_USR=$OPTARG ;; p) DB_PWD=$OPTARG ;; *) echo "usage: "$0" -i DATABASE_MYSQL -o DATABASE_SQLITE [-h HOST] [-u USER] [-p PASSWORD]" exit 1 ;; esac done if [ -z $DB_IN ]; then echo "ERROR: No input database specified (-i DB_NAME)" exit 1 fi if [ -z $DB_OUT ]; then echo "ERROR: No output database specified (-o DB_FILE)" exit 1 fi rm -f $DB_OUT sqlite3 $DB_OUT < $SCHEMA echo "Converting database" mysqldump --user="$DB_USR" --password="$DB_PWD" --host="$DB_HOST" "$DB_IN" \ --skip-opt --no-create-db --no-create-info --skip-extended-insert \ --skip-disable-keys --skip-set-charset --skip-lock-tables \ | sed -r -e 's/^INSERT INTO `([^"]+)`/INSERT INTO "\1"/' -e '/^SET/d' \ | sqlite3 $DB_OUT exit 0 opendnssec-2.1.5/enforcer/utils/convert_sqlite_to_mysql0000755000202300020240000000232513560310771020454 00000000000000#!/usr/bin/env bash set -e # This scipt converts a SQLite3 to a MySQL database. It assumes both # old and new databases live on the same host and are accessable by the same # user. SCHEMA=../src/db/schema.mysql DB_IN="" DB_OUT="" DB_HOST="localhost" DB_USR="test" DB_PWD="test" while getopts "i:o:h:u:p:" arg; do case $arg in i) DB_IN=$OPTARG ;; o) DB_OUT=$OPTARG ;; h) DB_HOST=$OPTARG ;; u) DB_USR=$OPTARG ;; p) DB_PWD=$OPTARG ;; *) echo "usage: "$0" -i DATABASE_SQLITE -o DATABASE_MYSQL [-h HOST] [-u USER] [-p PASSWORD]" exit 1 ;; esac done if [ -z $DB_IN ]; then echo "ERROR: No input database specified (-i DB_FILE)" exit 1 fi if [ -z $DB_OUT ]; then echo "ERROR: No output database specified (-o DB_NAME)" exit 1 fi echo "Creating database $DB_OUT (as user $DB_USR)" echo "DROP DATABASE IF EXISTS $DB_OUT;CREATE DATABASE $DB_OUT;" | mysql -u $DB_USR -p$DB_PWD -h $DB_HOST echo "Creating tables in $DB_OUT (as user $DB_USR)" mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_OUT < $SCHEMA echo "Converting database" sqlite3 $DB_IN .dump | awk '/INSERT INTO/,/;/' | grep -v sqlite_sequence | sed -r 's/^INSERT INTO "([^"]+)"/INSERT INTO `\1`/' > tmp mysql -u $DB_USR -p$DB_PWD -h $DB_HOST $DB_OUT < tmp rm tmp opendnssec-2.1.5/enforcer/src/0000755000202300020240000000000013560311327013241 500000000000000opendnssec-2.1.5/enforcer/src/db/0000755000202300020240000000000013560311327013626 500000000000000opendnssec-2.1.5/enforcer/src/db/policy.c0000644000202300020240000033201713560311035015213 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "policy.h" #include "db_error.h" #include const db_enum_t policy_enum_set_denial_type[] = { { "NSEC", (policy_denial_type_t)POLICY_DENIAL_TYPE_NSEC }, { "NSEC3", (policy_denial_type_t)POLICY_DENIAL_TYPE_NSEC3 }, { NULL, 0 } }; const db_enum_t policy_enum_set_zone_soa_serial[] = { { "counter", (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_COUNTER }, { "datecounter", (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_DATECOUNTER }, { "unixtime", (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_UNIXTIME }, { "keep", (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_KEEP }, { NULL, 0 } }; /** * Create a new policy object. * \param[in] connection a db_connection_t pointer. * \return a policy_t pointer or NULL on error. */ static db_object_t* __policy_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "policy") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "description") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesResign") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesRefresh") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesJitter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesInceptionOffset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDefault") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDenial") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityKeyset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesMaxZoneTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_denial_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialOptout") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialResalt") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialAlgorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialIterations") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLength") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSalt") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysRetireSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPublishSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysShared") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPurgeAfter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zonePropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaSerial") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_zone_soa_serial) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentRegistrationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentPropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentDsTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "passthrough") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* POLICY */ policy_t* policy_new(const db_connection_t* connection) { policy_t* policy = (policy_t*)calloc(1, sizeof(policy_t)); if (policy) { if (!(policy->dbo = __policy_new_object(connection))) { free(policy); return NULL; } db_value_reset(&(policy->id)); db_value_reset(&(policy->rev)); policy->signatures_max_zone_ttl = 86400; policy->denial_type = POLICY_DENIAL_TYPE_INVALID; policy->denial_salt = strdup(""); policy->zone_soa_serial = POLICY_ZONE_SOA_SERIAL_INVALID; } return policy; } policy_t* policy_new_copy(const policy_t* policy) { policy_t* new_policy; if (!policy) { return NULL; } if (!policy->dbo) { return NULL; } if (!(new_policy = policy_new(db_object_connection(policy->dbo))) || policy_copy(new_policy, policy)) { policy_free(new_policy); return NULL; } return new_policy; } void policy_free(policy_t* policy) { if (policy) { if (policy->dbo) { db_object_free(policy->dbo); } db_value_reset(&(policy->id)); db_value_reset(&(policy->rev)); if (policy->name) { free(policy->name); } if (policy->description) { free(policy->description); } if (policy->denial_salt) { free(policy->denial_salt); } if (policy->policy_key_list) { policy_key_list_free(policy->policy_key_list); } if (policy->zone_list) { zone_list_db_free(policy->zone_list); } if (policy->hsm_key_list) { hsm_key_list_free(policy->hsm_key_list); } free(policy); } } int policy_copy(policy_t* policy, const policy_t* policy_copy) { char* name_text = NULL; char* description_text = NULL; char* denial_salt_text = NULL; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy_copy) { return DB_ERROR_UNKNOWN; } if (policy_copy->name) { if (!(name_text = strdup(policy_copy->name))) { return DB_ERROR_UNKNOWN; } } if (policy_copy->description) { if (!(description_text = strdup(policy_copy->description))) { if (name_text) { free(name_text); } return DB_ERROR_UNKNOWN; } } if (policy_copy->denial_salt) { if (!(denial_salt_text = strdup(policy_copy->denial_salt))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } return DB_ERROR_UNKNOWN; } } if (db_value_copy(&(policy->id), &(policy_copy->id))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } if (denial_salt_text) { free(denial_salt_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(policy->rev), &(policy_copy->rev))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } if (denial_salt_text) { free(denial_salt_text); } return DB_ERROR_UNKNOWN; } if (policy->policy_key_list) { policy_key_list_free(policy->policy_key_list); policy->policy_key_list = NULL; } if (policy_copy->policy_key_list && !(policy->policy_key_list = policy_key_list_new_copy(policy_copy->policy_key_list))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } if (denial_salt_text) { free(denial_salt_text); } return DB_ERROR_UNKNOWN; } if (policy->zone_list) { zone_list_db_free(policy->zone_list); policy->zone_list = NULL; } if (policy_copy->zone_list && !(policy->zone_list = zone_list_db_new_copy(policy_copy->zone_list))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } if (denial_salt_text) { free(denial_salt_text); } return DB_ERROR_UNKNOWN; } if (policy->hsm_key_list) { hsm_key_list_free(policy->hsm_key_list); policy->hsm_key_list = NULL; } if (policy_copy->hsm_key_list && !(policy->hsm_key_list = hsm_key_list_new_copy(policy_copy->hsm_key_list))) { if (name_text) { free(name_text); } if (description_text) { free(description_text); } if (denial_salt_text) { free(denial_salt_text); } return DB_ERROR_UNKNOWN; } if (policy->name) { free(policy->name); } policy->name = name_text; if (policy->description) { free(policy->description); } policy->description = description_text; policy->signatures_resign = policy_copy->signatures_resign; policy->signatures_refresh = policy_copy->signatures_refresh; policy->signatures_jitter = policy_copy->signatures_jitter; policy->signatures_inception_offset = policy_copy->signatures_inception_offset; policy->signatures_validity_default = policy_copy->signatures_validity_default; policy->signatures_validity_denial = policy_copy->signatures_validity_denial; policy->signatures_validity_keyset = policy_copy->signatures_validity_keyset; policy->signatures_max_zone_ttl = policy_copy->signatures_max_zone_ttl; policy->denial_type = policy_copy->denial_type; policy->denial_optout = policy_copy->denial_optout; policy->denial_ttl = policy_copy->denial_ttl; policy->denial_resalt = policy_copy->denial_resalt; policy->denial_algorithm = policy_copy->denial_algorithm; policy->denial_iterations = policy_copy->denial_iterations; policy->denial_salt_length = policy_copy->denial_salt_length; if (policy->denial_salt) { free(policy->denial_salt); } policy->denial_salt = denial_salt_text; policy->denial_salt_last_change = policy_copy->denial_salt_last_change; policy->keys_ttl = policy_copy->keys_ttl; policy->keys_retire_safety = policy_copy->keys_retire_safety; policy->keys_publish_safety = policy_copy->keys_publish_safety; policy->keys_shared = policy_copy->keys_shared; policy->keys_purge_after = policy_copy->keys_purge_after; policy->zone_propagation_delay = policy_copy->zone_propagation_delay; policy->zone_soa_ttl = policy_copy->zone_soa_ttl; policy->zone_soa_minimum = policy_copy->zone_soa_minimum; policy->zone_soa_serial = policy_copy->zone_soa_serial; policy->parent_registration_delay = policy_copy->parent_registration_delay; policy->parent_propagation_delay = policy_copy->parent_propagation_delay; policy->parent_ds_ttl = policy_copy->parent_ds_ttl; policy->parent_soa_ttl = policy_copy->parent_soa_ttl; policy->parent_soa_minimum = policy_copy->parent_soa_minimum; policy->passthrough = policy_copy->passthrough; return DB_OK; } int policy_from_result(policy_t* policy, const db_result_t* result) { const db_value_set_t* value_set; int denial_type; int zone_soa_serial; if (!policy) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(policy->id)); db_value_reset(&(policy->rev)); if (policy->name) { free(policy->name); } policy->name = NULL; if (policy->description) { free(policy->description); } policy->description = NULL; if (policy->denial_salt) { free(policy->denial_salt); } policy->denial_salt = NULL; policy->signatures_validity_keyset = 0; if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 36 || db_value_copy(&(policy->id), db_value_set_at(value_set, 0)) || db_value_copy(&(policy->rev), db_value_set_at(value_set, 1)) || db_value_to_text(db_value_set_at(value_set, 2), &(policy->name)) || db_value_to_text(db_value_set_at(value_set, 3), &(policy->description)) || db_value_to_uint32(db_value_set_at(value_set, 4), &(policy->signatures_resign)) || db_value_to_uint32(db_value_set_at(value_set, 5), &(policy->signatures_refresh)) || db_value_to_uint32(db_value_set_at(value_set, 6), &(policy->signatures_jitter)) || db_value_to_uint32(db_value_set_at(value_set, 7), &(policy->signatures_inception_offset)) || db_value_to_uint32(db_value_set_at(value_set, 8), &(policy->signatures_validity_default)) || db_value_to_uint32(db_value_set_at(value_set, 9), &(policy->signatures_validity_denial)) || (db_value_to_uint32(db_value_set_at(value_set, 10), &(policy->signatures_validity_keyset)) && 0) || db_value_to_uint32(db_value_set_at(value_set, 11), &(policy->signatures_max_zone_ttl)) || db_value_to_enum_value(db_value_set_at(value_set, 12), &denial_type, policy_enum_set_denial_type) || db_value_to_uint32(db_value_set_at(value_set, 13), &(policy->denial_optout)) || db_value_to_uint32(db_value_set_at(value_set, 14), &(policy->denial_ttl)) || db_value_to_uint32(db_value_set_at(value_set, 15), &(policy->denial_resalt)) || db_value_to_uint32(db_value_set_at(value_set, 16), &(policy->denial_algorithm)) || db_value_to_uint32(db_value_set_at(value_set, 17), &(policy->denial_iterations)) || db_value_to_uint32(db_value_set_at(value_set, 18), &(policy->denial_salt_length)) || db_value_to_text(db_value_set_at(value_set, 19), &(policy->denial_salt)) || db_value_to_uint32(db_value_set_at(value_set, 20), &(policy->denial_salt_last_change)) || db_value_to_uint32(db_value_set_at(value_set, 21), &(policy->keys_ttl)) || db_value_to_uint32(db_value_set_at(value_set, 22), &(policy->keys_retire_safety)) || db_value_to_uint32(db_value_set_at(value_set, 23), &(policy->keys_publish_safety)) || db_value_to_uint32(db_value_set_at(value_set, 24), &(policy->keys_shared)) || db_value_to_uint32(db_value_set_at(value_set, 25), &(policy->keys_purge_after)) || db_value_to_uint32(db_value_set_at(value_set, 26), &(policy->zone_propagation_delay)) || db_value_to_uint32(db_value_set_at(value_set, 27), &(policy->zone_soa_ttl)) || db_value_to_uint32(db_value_set_at(value_set, 28), &(policy->zone_soa_minimum)) || db_value_to_enum_value(db_value_set_at(value_set, 29), &zone_soa_serial, policy_enum_set_zone_soa_serial) || db_value_to_uint32(db_value_set_at(value_set, 30), &(policy->parent_registration_delay)) || db_value_to_uint32(db_value_set_at(value_set, 31), &(policy->parent_propagation_delay)) || db_value_to_uint32(db_value_set_at(value_set, 32), &(policy->parent_ds_ttl)) || db_value_to_uint32(db_value_set_at(value_set, 33), &(policy->parent_soa_ttl)) || db_value_to_uint32(db_value_set_at(value_set, 34), &(policy->parent_soa_minimum)) || db_value_to_uint32(db_value_set_at(value_set, 35), &(policy->passthrough))) { return DB_ERROR_UNKNOWN; } if (denial_type == (policy_denial_type_t)POLICY_DENIAL_TYPE_NSEC) { policy->denial_type = POLICY_DENIAL_TYPE_NSEC; } else if (denial_type == (policy_denial_type_t)POLICY_DENIAL_TYPE_NSEC3) { policy->denial_type = POLICY_DENIAL_TYPE_NSEC3; } else { return DB_ERROR_UNKNOWN; } if (zone_soa_serial == (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_COUNTER) { policy->zone_soa_serial = POLICY_ZONE_SOA_SERIAL_COUNTER; } else if (zone_soa_serial == (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_DATECOUNTER) { policy->zone_soa_serial = POLICY_ZONE_SOA_SERIAL_DATECOUNTER; } else if (zone_soa_serial == (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_UNIXTIME) { policy->zone_soa_serial = POLICY_ZONE_SOA_SERIAL_UNIXTIME; } else if (zone_soa_serial == (policy_zone_soa_serial_t)POLICY_ZONE_SOA_SERIAL_KEEP) { policy->zone_soa_serial = POLICY_ZONE_SOA_SERIAL_KEEP; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* policy_id(const policy_t* policy) { if (!policy) { return NULL; } return &(policy->id); } const char* policy_name(const policy_t* policy) { if (!policy) { return NULL; } return policy->name; } const char* policy_description(const policy_t* policy) { if (!policy) { return NULL; } return policy->description; } unsigned int policy_signatures_resign(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_resign; } unsigned int policy_signatures_refresh(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_refresh; } unsigned int policy_signatures_jitter(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_jitter; } unsigned int policy_signatures_inception_offset(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_inception_offset; } unsigned int policy_signatures_validity_default(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_validity_default; } unsigned int policy_signatures_validity_denial(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_validity_denial; } unsigned int policy_signatures_validity_keyset(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_validity_keyset; } unsigned int policy_signatures_max_zone_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->signatures_max_zone_ttl; } policy_denial_type_t policy_denial_type(const policy_t* policy) { if (!policy) { return POLICY_DENIAL_TYPE_INVALID; } return policy->denial_type; } unsigned int policy_denial_optout(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_optout; } unsigned int policy_denial_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_ttl; } unsigned int policy_denial_resalt(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_resalt; } unsigned int policy_denial_algorithm(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_algorithm; } unsigned int policy_denial_iterations(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_iterations; } unsigned int policy_denial_salt_length(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_salt_length; } const char* policy_denial_salt(const policy_t* policy) { if (!policy) { return NULL; } return policy->denial_salt; } unsigned int policy_denial_salt_last_change(const policy_t* policy) { if (!policy) { return 0; } return policy->denial_salt_last_change; } unsigned int policy_keys_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->keys_ttl; } unsigned int policy_keys_retire_safety(const policy_t* policy) { if (!policy) { return 0; } return policy->keys_retire_safety; } unsigned int policy_keys_publish_safety(const policy_t* policy) { if (!policy) { return 0; } return policy->keys_publish_safety; } unsigned int policy_keys_shared(const policy_t* policy) { if (!policy) { return 0; } return policy->keys_shared; } unsigned int policy_keys_purge_after(const policy_t* policy) { if (!policy) { return 0; } return policy->keys_purge_after; } unsigned int policy_zone_propagation_delay(const policy_t* policy) { if (!policy) { return 0; } return policy->zone_propagation_delay; } unsigned int policy_zone_soa_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->zone_soa_ttl; } unsigned int policy_zone_soa_minimum(const policy_t* policy) { if (!policy) { return 0; } return policy->zone_soa_minimum; } const char* policy_zone_soa_serial_text(const policy_t* policy) { const db_enum_t* enum_set = policy_enum_set_zone_soa_serial; if (!policy) { return NULL; } while (enum_set->text) { if (enum_set->value == policy->zone_soa_serial) { return enum_set->text; } enum_set++; } return NULL; } unsigned int policy_parent_registration_delay(const policy_t* policy) { if (!policy) { return 0; } return policy->parent_registration_delay; } unsigned int policy_parent_propagation_delay(const policy_t* policy) { if (!policy) { return 0; } return policy->parent_propagation_delay; } unsigned int policy_parent_ds_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->parent_ds_ttl; } unsigned int policy_parent_soa_ttl(const policy_t* policy) { if (!policy) { return 0; } return policy->parent_soa_ttl; } unsigned int policy_parent_soa_minimum(const policy_t* policy) { if (!policy) { return 0; } return policy->parent_soa_minimum; } unsigned int policy_passthrough(const policy_t* policy) { if (!policy) { return 0; } return policy->passthrough; } zone_list_db_t* policy_zone_list(policy_t* policy) { if (!policy) { return NULL; } if (!policy->dbo) { return NULL; } if (!policy->zone_list && policy_retrieve_zone_list(policy)) { return NULL; } return policy->zone_list; } int policy_retrieve_zone_list(policy_t* policy) { db_clause_list_t* clause_list; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (policy->zone_list) { zone_list_db_free(policy->zone_list); policy->zone_list = NULL; } if (!(clause_list = db_clause_list_new()) || !zone_db_policy_id_clause(clause_list, policy_id(policy)) || !(policy->zone_list = zone_list_db_new(db_object_connection(policy->dbo))) || zone_list_db_object_store(policy->zone_list) || zone_list_db_get_by_clauses(policy->zone_list, clause_list)) { zone_list_db_free(policy->zone_list); policy->zone_list = NULL; db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); return DB_OK; } int policy_set_name(policy_t* policy, const char* name_text) { char* new_name; if (!policy) { return DB_ERROR_UNKNOWN; } if (!name_text) { return DB_ERROR_UNKNOWN; } if (!(new_name = strdup(name_text))) { return DB_ERROR_UNKNOWN; } if (policy->name) { free(policy->name); } policy->name = new_name; return DB_OK; } int policy_set_description(policy_t* policy, const char* description_text) { char* new_description; if (!policy) { return DB_ERROR_UNKNOWN; } if (!description_text) { return DB_ERROR_UNKNOWN; } if (!(new_description = strdup(description_text))) { return DB_ERROR_UNKNOWN; } if (policy->description) { free(policy->description); } policy->description = new_description; return DB_OK; } int policy_set_signatures_resign(policy_t* policy, unsigned int signatures_resign) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_resign = signatures_resign; return DB_OK; } int policy_set_signatures_refresh(policy_t* policy, unsigned int signatures_refresh) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_refresh = signatures_refresh; return DB_OK; } int policy_set_signatures_jitter(policy_t* policy, unsigned int signatures_jitter) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_jitter = signatures_jitter; return DB_OK; } int policy_set_signatures_inception_offset(policy_t* policy, unsigned int signatures_inception_offset) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_inception_offset = signatures_inception_offset; return DB_OK; } int policy_set_signatures_validity_default(policy_t* policy, unsigned int signatures_validity_default) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_validity_default = signatures_validity_default; return DB_OK; } int policy_set_signatures_validity_denial(policy_t* policy, unsigned int signatures_validity_denial) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_validity_denial = signatures_validity_denial; return DB_OK; } int policy_set_signatures_validity_keyset(policy_t* policy, unsigned int signatures_validity_keyset) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_validity_keyset = signatures_validity_keyset; return DB_OK; } int policy_set_signatures_max_zone_ttl(policy_t* policy, unsigned int signatures_max_zone_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->signatures_max_zone_ttl = signatures_max_zone_ttl; return DB_OK; } int policy_set_denial_type(policy_t* policy, policy_denial_type_t denial_type) { if (!policy) { return DB_ERROR_UNKNOWN; } if (denial_type == POLICY_DENIAL_TYPE_INVALID) { return DB_ERROR_UNKNOWN; } policy->denial_type = denial_type; return DB_OK; } int policy_set_denial_optout(policy_t* policy, unsigned int denial_optout) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->denial_optout = denial_optout; return DB_OK; } int policy_set_denial_ttl(policy_t* policy, unsigned int denial_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->denial_ttl = denial_ttl; return DB_OK; } int policy_set_denial_resalt(policy_t* policy, unsigned int denial_resalt) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->denial_resalt = denial_resalt; return DB_OK; } int policy_set_denial_algorithm(policy_t* policy, unsigned int denial_algorithm) { if (!policy) { return DB_ERROR_UNKNOWN; } if (denial_algorithm > 255) { return DB_ERROR_UNKNOWN; } policy->denial_algorithm = denial_algorithm; return DB_OK; } int policy_set_denial_iterations(policy_t* policy, unsigned int denial_iterations) { if (!policy) { return DB_ERROR_UNKNOWN; } if (denial_iterations > 65535) { return DB_ERROR_UNKNOWN; } policy->denial_iterations = denial_iterations; return DB_OK; } int policy_set_denial_salt_length(policy_t* policy, unsigned int denial_salt_length) { if (!policy) { return DB_ERROR_UNKNOWN; } if (denial_salt_length > 255) { return DB_ERROR_UNKNOWN; } policy->denial_salt_length = denial_salt_length; return DB_OK; } int policy_set_denial_salt(policy_t* policy, const char* denial_salt_text) { char* new_denial_salt; if (!policy) { return DB_ERROR_UNKNOWN; } if (!denial_salt_text) { return DB_ERROR_UNKNOWN; } if (!(new_denial_salt = strdup(denial_salt_text))) { return DB_ERROR_UNKNOWN; } if (policy->denial_salt) { free(policy->denial_salt); } policy->denial_salt = new_denial_salt; return DB_OK; } int policy_set_denial_salt_last_change(policy_t* policy, unsigned int denial_salt_last_change) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->denial_salt_last_change = denial_salt_last_change; return DB_OK; } int policy_set_keys_ttl(policy_t* policy, unsigned int keys_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->keys_ttl = keys_ttl; return DB_OK; } int policy_set_keys_retire_safety(policy_t* policy, unsigned int keys_retire_safety) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->keys_retire_safety = keys_retire_safety; return DB_OK; } int policy_set_keys_publish_safety(policy_t* policy, unsigned int keys_publish_safety) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->keys_publish_safety = keys_publish_safety; return DB_OK; } int policy_set_keys_shared(policy_t* policy, unsigned int keys_shared) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->keys_shared = keys_shared; return DB_OK; } int policy_set_keys_purge_after(policy_t* policy, unsigned int keys_purge_after) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->keys_purge_after = keys_purge_after; return DB_OK; } int policy_set_zone_propagation_delay(policy_t* policy, unsigned int zone_propagation_delay) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->zone_propagation_delay = zone_propagation_delay; return DB_OK; } int policy_set_zone_soa_ttl(policy_t* policy, unsigned int zone_soa_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->zone_soa_ttl = zone_soa_ttl; return DB_OK; } int policy_set_zone_soa_minimum(policy_t* policy, unsigned int zone_soa_minimum) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->zone_soa_minimum = zone_soa_minimum; return DB_OK; } int policy_set_zone_soa_serial_text(policy_t* policy, const char* zone_soa_serial) { const db_enum_t* enum_set = policy_enum_set_zone_soa_serial; if (!policy) { return DB_ERROR_UNKNOWN; } while (enum_set->text) { if (!strcmp(enum_set->text, zone_soa_serial)) { policy->zone_soa_serial = enum_set->value; return DB_OK; } enum_set++; } return DB_ERROR_UNKNOWN; } int policy_set_parent_registration_delay(policy_t* policy, unsigned int parent_registration_delay) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->parent_registration_delay = parent_registration_delay; return DB_OK; } int policy_set_parent_propagation_delay(policy_t* policy, unsigned int parent_propagation_delay) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->parent_propagation_delay = parent_propagation_delay; return DB_OK; } int policy_set_parent_ds_ttl(policy_t* policy, unsigned int parent_ds_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->parent_ds_ttl = parent_ds_ttl; return DB_OK; } int policy_set_parent_soa_ttl(policy_t* policy, unsigned int parent_soa_ttl) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->parent_soa_ttl = parent_soa_ttl; return DB_OK; } int policy_set_parent_soa_minimum(policy_t* policy, unsigned int parent_soa_minimum) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->parent_soa_minimum = parent_soa_minimum; return DB_OK; } int policy_set_passthrough(policy_t* policy, unsigned int passthrough) { if (!policy) { return DB_ERROR_UNKNOWN; } policy->passthrough = passthrough; return DB_OK; } db_clause_t* policy_denial_type_clause(db_clause_list_t* clause_list, policy_denial_type_t denial_type) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "denialType") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), denial_type, policy_enum_set_denial_type) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } int policy_create(policy_t* policy) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(policy->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(policy->rev))) { return DB_ERROR_UNKNOWN; } if (!policy->name) { return DB_ERROR_UNKNOWN; } if (!policy->description) { return DB_ERROR_UNKNOWN; } if (!policy->denial_salt) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "description") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesResign") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesRefresh") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesJitter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesInceptionOffset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDefault") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDenial") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityKeyset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesMaxZoneTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_denial_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialOptout") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialResalt") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialAlgorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialIterations") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLength") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSalt") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysRetireSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPublishSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysShared") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPurgeAfter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zonePropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaSerial") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_zone_soa_serial) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentRegistrationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentPropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentDsTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "passthrough") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(34))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_from_text(db_value_set_get(value_set, 0), policy->name) || db_value_from_text(db_value_set_get(value_set, 1), policy->description) || db_value_from_uint32(db_value_set_get(value_set, 2), policy->signatures_resign) || db_value_from_uint32(db_value_set_get(value_set, 3), policy->signatures_refresh) || db_value_from_uint32(db_value_set_get(value_set, 4), policy->signatures_jitter) || db_value_from_uint32(db_value_set_get(value_set, 5), policy->signatures_inception_offset) || db_value_from_uint32(db_value_set_get(value_set, 6), policy->signatures_validity_default) || db_value_from_uint32(db_value_set_get(value_set, 7), policy->signatures_validity_denial) || (db_value_from_uint32(db_value_set_get(value_set, 8), policy->signatures_validity_keyset) && 0) /* not an error, the database layer cannot handle optional fields */ || db_value_from_uint32(db_value_set_get(value_set, 9), policy->signatures_max_zone_ttl) || db_value_from_enum_value(db_value_set_get(value_set, 10), policy->denial_type, policy_enum_set_denial_type) || db_value_from_uint32(db_value_set_get(value_set, 11), policy->denial_optout) || db_value_from_uint32(db_value_set_get(value_set, 12), policy->denial_ttl) || db_value_from_uint32(db_value_set_get(value_set, 13), policy->denial_resalt) || db_value_from_uint32(db_value_set_get(value_set, 14), policy->denial_algorithm) || db_value_from_uint32(db_value_set_get(value_set, 15), policy->denial_iterations) || db_value_from_uint32(db_value_set_get(value_set, 16), policy->denial_salt_length) || db_value_from_text(db_value_set_get(value_set, 17), policy->denial_salt) || db_value_from_uint32(db_value_set_get(value_set, 18), policy->denial_salt_last_change) || db_value_from_uint32(db_value_set_get(value_set, 19), policy->keys_ttl) || db_value_from_uint32(db_value_set_get(value_set, 20), policy->keys_retire_safety) || db_value_from_uint32(db_value_set_get(value_set, 21), policy->keys_publish_safety) || db_value_from_uint32(db_value_set_get(value_set, 22), policy->keys_shared) || db_value_from_uint32(db_value_set_get(value_set, 23), policy->keys_purge_after) || db_value_from_uint32(db_value_set_get(value_set, 24), policy->zone_propagation_delay) || db_value_from_uint32(db_value_set_get(value_set, 25), policy->zone_soa_ttl) || db_value_from_uint32(db_value_set_get(value_set, 26), policy->zone_soa_minimum) || db_value_from_enum_value(db_value_set_get(value_set, 27), policy->zone_soa_serial, policy_enum_set_zone_soa_serial) || db_value_from_uint32(db_value_set_get(value_set, 28), policy->parent_registration_delay) || db_value_from_uint32(db_value_set_get(value_set, 29), policy->parent_propagation_delay) || db_value_from_uint32(db_value_set_get(value_set, 30), policy->parent_ds_ttl) || db_value_from_uint32(db_value_set_get(value_set, 31), policy->parent_soa_ttl) || db_value_from_uint32(db_value_set_get(value_set, 32), policy->parent_soa_minimum) || db_value_from_uint32(db_value_set_get(value_set, 33), policy->passthrough)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(policy->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int policy_get_by_id(policy_t* policy, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(policy->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (policy_from_result(policy, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int policy_get_by_name(policy_t* policy, const char* name) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (!name) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "name") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_text(db_clause_get_value(clause), name) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(policy->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (policy_from_result(policy, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } policy_t* policy_new_get_by_name(const db_connection_t* connection, const char* name) { policy_t* policy; if (!connection) { return NULL; } if (!name) { return NULL; } if (!(policy = policy_new(connection)) || policy_get_by_name(policy, name)) { policy_free(policy); return NULL; } return policy; } int policy_update(policy_t* policy) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(policy->id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(policy->rev))) { return DB_ERROR_UNKNOWN; } if (!policy->name) { return DB_ERROR_UNKNOWN; } if (!policy->description) { return DB_ERROR_UNKNOWN; } if (!policy->denial_salt) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "description") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesResign") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesRefresh") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesJitter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesInceptionOffset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDefault") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityDenial") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesValidityKeyset") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signaturesMaxZoneTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_denial_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialOptout") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialResalt") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialAlgorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialIterations") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLength") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSalt") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "denialSaltLastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysRetireSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPublishSafety") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysShared") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keysPurgeAfter") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zonePropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneSoaSerial") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_enum_set_zone_soa_serial) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentRegistrationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentPropagationDelay") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentDsTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaTtl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "parentSoaMinimum") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "passthrough") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(34))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_from_text(db_value_set_get(value_set, 0), policy->name) || db_value_from_text(db_value_set_get(value_set, 1), policy->description) || db_value_from_uint32(db_value_set_get(value_set, 2), policy->signatures_resign) || db_value_from_uint32(db_value_set_get(value_set, 3), policy->signatures_refresh) || db_value_from_uint32(db_value_set_get(value_set, 4), policy->signatures_jitter) || db_value_from_uint32(db_value_set_get(value_set, 5), policy->signatures_inception_offset) || db_value_from_uint32(db_value_set_get(value_set, 6), policy->signatures_validity_default) || db_value_from_uint32(db_value_set_get(value_set, 7), policy->signatures_validity_denial) || (db_value_from_uint32(db_value_set_get(value_set, 8), policy->signatures_validity_keyset) && 0) /* the database layer cannot handle optional fields */ || db_value_from_uint32(db_value_set_get(value_set, 9), policy->signatures_max_zone_ttl) || db_value_from_enum_value(db_value_set_get(value_set, 10), policy->denial_type, policy_enum_set_denial_type) || db_value_from_uint32(db_value_set_get(value_set, 11), policy->denial_optout) || db_value_from_uint32(db_value_set_get(value_set, 12), policy->denial_ttl) || db_value_from_uint32(db_value_set_get(value_set, 13), policy->denial_resalt) || db_value_from_uint32(db_value_set_get(value_set, 14), policy->denial_algorithm) || db_value_from_uint32(db_value_set_get(value_set, 15), policy->denial_iterations) || db_value_from_uint32(db_value_set_get(value_set, 16), policy->denial_salt_length) || db_value_from_text(db_value_set_get(value_set, 17), policy->denial_salt) || db_value_from_uint32(db_value_set_get(value_set, 18), policy->denial_salt_last_change) || db_value_from_uint32(db_value_set_get(value_set, 19), policy->keys_ttl) || db_value_from_uint32(db_value_set_get(value_set, 20), policy->keys_retire_safety) || db_value_from_uint32(db_value_set_get(value_set, 21), policy->keys_publish_safety) || db_value_from_uint32(db_value_set_get(value_set, 22), policy->keys_shared) || db_value_from_uint32(db_value_set_get(value_set, 23), policy->keys_purge_after) || db_value_from_uint32(db_value_set_get(value_set, 24), policy->zone_propagation_delay) || db_value_from_uint32(db_value_set_get(value_set, 25), policy->zone_soa_ttl) || db_value_from_uint32(db_value_set_get(value_set, 26), policy->zone_soa_minimum) || db_value_from_enum_value(db_value_set_get(value_set, 27), policy->zone_soa_serial, policy_enum_set_zone_soa_serial) || db_value_from_uint32(db_value_set_get(value_set, 28), policy->parent_registration_delay) || db_value_from_uint32(db_value_set_get(value_set, 29), policy->parent_propagation_delay) || db_value_from_uint32(db_value_set_get(value_set, 30), policy->parent_ds_ttl) || db_value_from_uint32(db_value_set_get(value_set, 31), policy->parent_soa_ttl) || db_value_from_uint32(db_value_set_get(value_set, 32), policy->parent_soa_minimum) || db_value_from_uint32(db_value_set_get(value_set, 33), policy->passthrough)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_update(policy->dbo, object_field_list, value_set, clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); db_clause_list_free(clause_list); return ret; } int policy_delete(policy_t* policy) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(policy->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(policy->dbo, clause_list); db_clause_list_free(clause_list); return ret; } /* POLICY LIST */ policy_list_t* policy_list_new(const db_connection_t* connection) { policy_list_t* policy_list = (policy_list_t*)calloc(1, sizeof(policy_list_t)); if (policy_list) { if (!(policy_list->dbo = __policy_new_object(connection))) { free(policy_list); return NULL; } } return policy_list; } policy_list_t* policy_list_new_copy(const policy_list_t* from_policy_list) { policy_list_t* policy_list; if (!from_policy_list) { return NULL; } if (!from_policy_list->dbo) { return NULL; } if (!(policy_list = policy_list_new(db_object_connection(from_policy_list->dbo))) || policy_list_copy(policy_list, from_policy_list)) { policy_list_free(policy_list); return NULL; } return policy_list; } int policy_list_object_store(policy_list_t* policy_list) { if (!policy_list) { return DB_ERROR_UNKNOWN; } policy_list->object_store = 1; return DB_OK; } void policy_list_free(policy_list_t* policy_list) { size_t i; if (policy_list) { if (policy_list->dbo) { db_object_free(policy_list->dbo); } if (policy_list->result_list) { db_result_list_free(policy_list->result_list); } if (policy_list->policy) { policy_free(policy_list->policy); } for (i = 0; i < policy_list->object_list_size; i++) { if (policy_list->object_list[i]) { policy_free(policy_list->object_list[i]); } } if (policy_list->object_list) { free(policy_list->object_list); } free(policy_list); } } int policy_list_copy(policy_list_t* policy_list, const policy_list_t* from_policy_list) { size_t i; if (!policy_list) { return DB_ERROR_UNKNOWN; } if (!from_policy_list) { return DB_ERROR_UNKNOWN; } if (from_policy_list->object_list && !from_policy_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (policy_list->result_list) { db_result_list_free(policy_list->result_list); policy_list->result_list = NULL; } if (from_policy_list->result_list && !(policy_list->result_list = db_result_list_new_copy(from_policy_list->result_list))) { return DB_ERROR_UNKNOWN; } policy_list->object_store = from_policy_list->object_store; for (i = 0; i < policy_list->object_list_size; i++) { if (policy_list->object_list[i]) { policy_free(policy_list->object_list[i]); } } policy_list->object_list_size = 0; if (policy_list->object_list) { free(policy_list->object_list); policy_list->object_list = NULL; } if (from_policy_list->object_list) { if (!(policy_list->object_list = (policy_t**)calloc(from_policy_list->object_list_size, sizeof(policy_t*)))) { return DB_ERROR_UNKNOWN; } policy_list->object_list_size = from_policy_list->object_list_size; for (i = 0; i < from_policy_list->object_list_size; i++) { if (!from_policy_list->object_list[i]) { continue; } if (!(policy_list->object_list[i] = policy_new_copy(from_policy_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } policy_list->object_list_position = 0;; policy_list->object_list_first = 1; policy_list->associated_fetch = from_policy_list->associated_fetch; return DB_OK; } static int policy_list_get_associated(policy_list_t* policy_list) { size_t j, count; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const policy_t* policy; policy_key_list_t* policy_key_list; const policy_key_t* policy_key; zone_list_db_t* zone_list; const zone_db_t* zone; hsm_key_list_t* hsm_key_list; const hsm_key_t* hsm_key; if (!policy_list) { return DB_ERROR_UNKNOWN; } if (!policy_list->dbo) { return DB_ERROR_UNKNOWN; } if (!policy_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!policy_list->result_list) { return DB_ERROR_UNKNOWN; } if (policy_list->object_list) { return DB_ERROR_UNKNOWN; } policy = policy_list_begin(policy_list); while (policy) { policy = policy_list_next(policy_list); } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } policy = policy_list_begin(policy_list); while (policy) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), policy_id(policy)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } policy = policy_list_next(policy_list); } if (!(policy_key_list = policy_key_list_new(db_object_connection(policy_list->dbo))) || policy_key_list_object_store(policy_key_list) || policy_key_list_get_by_clauses(policy_key_list, clause_list)) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } for (i = 0; i < policy_list->object_list_size; i++) { if (!(policy_list->object_list[i])) { return DB_ERROR_UNKNOWN; } count = 0; policy_key = policy_key_list_begin(policy_key_list); while (policy_key) { if (db_value_cmp(policy_id(policy_list->object_list[i]), policy_key_policy_id(policy_key), &cmp)) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } policy_key = policy_key_list_next(policy_key_list); } if (policy_list->object_list[i]->policy_key_list) { policy_key_list_free(policy_list->object_list[i]->policy_key_list); policy_list->object_list[i]->policy_key_list = NULL; } if (!(policy_list->object_list[i]->policy_key_list = policy_key_list_new(db_object_connection(policy_list->dbo)))) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(policy_list->object_list[i]->policy_key_list->object_list = (policy_key_t**)calloc(count, sizeof(policy_key_t*)))) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; policy_key = policy_key_list_begin(policy_key_list); while (policy_key) { if (j >= count) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(policy_id(policy_list->object_list[i]), policy_key_policy_id(policy_key), &cmp)) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(policy_list->object_list[i]->policy_key_list->object_list[j] = policy_key_new_copy(policy_key))) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } policy_key = policy_key_list_next(policy_key_list); } if (j != count) { policy_key_list_free(policy_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } policy_list->object_list[i]->policy_key_list->object_store = 1; policy_list->object_list[i]->policy_key_list->object_list_size = count; policy_list->object_list[i]->policy_key_list->object_list_first = 1; } if (!(zone_list = zone_list_db_new(db_object_connection(policy_list->dbo))) || zone_list_db_object_store(zone_list) || zone_list_db_get_by_clauses(zone_list, clause_list)) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } for (i = 0; i < policy_list->object_list_size; i++) { if (!(policy_list->object_list[i])) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } count = 0; zone = zone_list_db_begin(zone_list); while (zone) { if (db_value_cmp(policy_id(policy_list->object_list[i]), zone_db_policy_id(zone), &cmp)) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } zone = zone_list_db_next(zone_list); } if (policy_list->object_list[i]->zone_list) { zone_list_db_free(policy_list->object_list[i]->zone_list); policy_list->object_list[i]->zone_list = NULL; } if (!(policy_list->object_list[i]->zone_list = zone_list_db_new(db_object_connection(policy_list->dbo)))) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(policy_list->object_list[i]->zone_list->object_list = (zone_db_t**)calloc(count, sizeof(zone_db_t*)))) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; zone = zone_list_db_begin(zone_list); while (zone) { if (j >= count) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(policy_id(policy_list->object_list[i]), zone_db_policy_id(zone), &cmp)) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(policy_list->object_list[i]->zone_list->object_list[j] = zone_db_new_copy(zone))) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } zone = zone_list_db_next(zone_list); } if (j != count) { zone_list_db_free(zone_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } policy_list->object_list[i]->zone_list->object_store = 1; policy_list->object_list[i]->zone_list->object_list_size = count; policy_list->object_list[i]->zone_list->object_list_first = 1; } zone_list_db_free(zone_list); if (!(hsm_key_list = hsm_key_list_new(db_object_connection(policy_list->dbo))) || hsm_key_list_object_store(hsm_key_list) || hsm_key_list_get_by_clauses(hsm_key_list, clause_list)) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } for (i = 0; i < policy_list->object_list_size; i++) { if (!(policy_list->object_list[i])) { hsm_key_list_free(hsm_key_list); return DB_ERROR_UNKNOWN; } count = 0; hsm_key = hsm_key_list_begin(hsm_key_list); while (hsm_key) { if (db_value_cmp(policy_id(policy_list->object_list[i]), hsm_key_policy_id(hsm_key), &cmp)) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } hsm_key = hsm_key_list_next(hsm_key_list); } if (policy_list->object_list[i]->hsm_key_list) { hsm_key_list_free(policy_list->object_list[i]->hsm_key_list); policy_list->object_list[i]->hsm_key_list = NULL; } if (!(policy_list->object_list[i]->hsm_key_list = hsm_key_list_new(db_object_connection(policy_list->dbo)))) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(policy_list->object_list[i]->hsm_key_list->object_list = (hsm_key_t**)calloc(count, sizeof(hsm_key_t*)))) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; hsm_key = hsm_key_list_begin(hsm_key_list); while (hsm_key) { if (j >= count) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(policy_id(policy_list->object_list[i]), hsm_key_policy_id(hsm_key), &cmp)) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(policy_list->object_list[i]->hsm_key_list->object_list[j] = hsm_key_new_copy(hsm_key))) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } hsm_key = hsm_key_list_next(hsm_key_list); } if (j != count) { hsm_key_list_free(hsm_key_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } policy_list->object_list[i]->hsm_key_list->object_store = 1; policy_list->object_list[i]->hsm_key_list->object_list_size = count; policy_list->object_list[i]->hsm_key_list->object_list_first = 1; } db_clause_list_free(clause_list); hsm_key_list_free(hsm_key_list); policy_list->object_list_first = 1; return DB_OK; } int policy_list_get(policy_list_t* policy_list) { size_t i; if (!policy_list) { return DB_ERROR_UNKNOWN; } if (!policy_list->dbo) { return DB_ERROR_UNKNOWN; } if (policy_list->result_list) { db_result_list_free(policy_list->result_list); } if (policy_list->object_list_size) { for (i = 0; i < policy_list->object_list_size; i++) { if (policy_list->object_list[i]) { policy_free(policy_list->object_list[i]); } } policy_list->object_list_size = 0; policy_list->object_list_first = 0; } if (policy_list->object_list) { free(policy_list->object_list); policy_list->object_list = NULL; } if (!(policy_list->result_list = db_object_read(policy_list->dbo, NULL, NULL)) || db_result_list_fetch_all(policy_list->result_list)) { return DB_ERROR_UNKNOWN; } if (policy_list->associated_fetch && policy_list_get_associated(policy_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } policy_list_t* policy_list_new_get(const db_connection_t* connection) { policy_list_t* policy_list; if (!connection) { return NULL; } if (!(policy_list = policy_list_new(connection)) || policy_list_get(policy_list)) { policy_list_free(policy_list); return NULL; } return policy_list; } int policy_list_get_by_clauses(policy_list_t* policy_list, const db_clause_list_t* clause_list) { size_t i; if (!policy_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!policy_list->dbo) { return DB_ERROR_UNKNOWN; } if (policy_list->result_list) { db_result_list_free(policy_list->result_list); } if (policy_list->object_list_size) { for (i = 0; i < policy_list->object_list_size; i++) { if (policy_list->object_list[i]) { policy_free(policy_list->object_list[i]); } } policy_list->object_list_size = 0; policy_list->object_list_first = 0; } if (policy_list->object_list) { free(policy_list->object_list); policy_list->object_list = NULL; } if (!(policy_list->result_list = db_object_read(policy_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(policy_list->result_list)) { return DB_ERROR_UNKNOWN; } if (policy_list->associated_fetch && policy_list_get_associated(policy_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } policy_list_t* policy_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list) { policy_list_t* policy_list; if (!connection) { return NULL; } if (!clause_list) { return NULL; } if (!(policy_list = policy_list_new(connection)) || policy_list_get_by_clauses(policy_list, clause_list)) { policy_list_free(policy_list); return NULL; } return policy_list; } const policy_t* policy_list_begin(policy_list_t* policy_list) { const db_result_t* result; if (!policy_list) { return NULL; } if (policy_list->object_store) { if (!policy_list->object_list) { if (!policy_list->result_list) { return NULL; } if (!db_result_list_size(policy_list->result_list)) { return NULL; } if (!(policy_list->object_list = (policy_t**)calloc(db_result_list_size(policy_list->result_list), sizeof(policy_t*)))) { return NULL; } policy_list->object_list_size = db_result_list_size(policy_list->result_list); } if (!(policy_list->object_list[0])) { if (!policy_list->result_list) { return NULL; } if (!(result = db_result_list_begin(policy_list->result_list))) { return NULL; } if (!(policy_list->object_list[0] = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } if (policy_from_result(policy_list->object_list[0], result)) { return NULL; } } policy_list->object_list_position = 0; return policy_list->object_list[0]; } if (!policy_list->result_list) { return NULL; } if (!(result = db_result_list_begin(policy_list->result_list))) { return NULL; } if (!policy_list->policy) { if (!(policy_list->policy = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } } if (policy_from_result(policy_list->policy, result)) { return NULL; } return policy_list->policy; } const policy_t* policy_list_next(policy_list_t* policy_list) { const db_result_t* result; if (!policy_list) { return NULL; } if (policy_list->object_store) { if (!policy_list->object_list) { if (!policy_list->result_list) { return NULL; } if (!db_result_list_size(policy_list->result_list)) { return NULL; } if (!(policy_list->object_list = (policy_t**)calloc(db_result_list_size(policy_list->result_list), sizeof(policy_t*)))) { return NULL; } policy_list->object_list_size = db_result_list_size(policy_list->result_list); policy_list->object_list_position = 0; } else if (policy_list->object_list_first) { policy_list->object_list_first = 0; policy_list->object_list_position = 0; } else { policy_list->object_list_position++; } if (policy_list->object_list_position >= policy_list->object_list_size) { return NULL; } if (!(policy_list->object_list[policy_list->object_list_position])) { if (!policy_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_list->result_list))) { return NULL; } if (!(policy_list->object_list[policy_list->object_list_position] = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } if (policy_from_result(policy_list->object_list[policy_list->object_list_position], result)) { return NULL; } } return policy_list->object_list[policy_list->object_list_position]; } if (!policy_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_list->result_list))) { return NULL; } if (!policy_list->policy) { if (!(policy_list->policy = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } } if (policy_from_result(policy_list->policy, result)) { return NULL; } return policy_list->policy; } policy_t* policy_list_get_next(policy_list_t* policy_list) { const db_result_t* result; policy_t* policy; if (!policy_list) { return NULL; } if (policy_list->object_store) { if (!(policy = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } if (policy_copy(policy, policy_list_next(policy_list))) { policy_free(policy); return NULL; } return policy; } if (!policy_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_list->result_list))) { return NULL; } if (!(policy = policy_new(db_object_connection(policy_list->dbo)))) { return NULL; } if (policy_from_result(policy, result)) { policy_free(policy); return NULL; } return policy; } opendnssec-2.1.5/enforcer/src/db/db_enum.h0000644000202300020240000000337513560310771015342 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_enum_h #define __db_enum_h /** * A enumerate value, represented by a character string and integer. * Used for converting database enumerate values from/to text and integer and is * often given as a NULL terminated list. */ typedef struct db_enum { const char* text; int value; } db_enum_t; #endif opendnssec-2.1.5/enforcer/src/db/db_clause.c0000644000202300020240000001425513560310771015644 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_clause.h" #include "db_error.h" #include #include /* DB CLAUSE */ /* TODO: add more check for type and what value/list is set, maybe add type to new */ db_clause_t* db_clause_new(void) { db_clause_t* clause = (db_clause_t*)calloc(1, sizeof(db_clause_t)); if (clause) { clause->type = DB_CLAUSE_UNKNOWN; clause->clause_operator = DB_CLAUSE_OPERATOR_AND; db_value_reset(&(clause->value)); } return clause; } void db_clause_free(db_clause_t* clause) { if (clause) { if (clause->field) { free(clause->field); } db_value_reset(&(clause->value)); if (clause->clause_list) { db_clause_list_free(clause->clause_list); } free(clause); } } const char* db_clause_field(const db_clause_t* clause) { if (!clause) { return NULL; } return clause->field; } db_clause_type_t db_clause_type(const db_clause_t* clause) { if (!clause) { return DB_CLAUSE_UNKNOWN; } return clause->type; } const db_value_t* db_clause_value(const db_clause_t* clause) { if (!clause) { return NULL; } return &(clause->value); } db_clause_operator_t db_clause_operator(const db_clause_t* clause) { if (!clause) { return DB_CLAUSE_OPERATOR_UNKNOWN; } return clause->clause_operator; } const db_clause_list_t* db_clause_list(const db_clause_t* clause) { if (!clause) { return NULL; } return clause->clause_list; } int db_clause_set_field(db_clause_t* clause, const char* field) { char* new_field; if (!clause) { return DB_ERROR_UNKNOWN; } if (clause->clause_list) { return DB_ERROR_UNKNOWN; } if (!(new_field = strdup(field))) { return DB_ERROR_UNKNOWN; } if (clause->field) { free(clause->field); } clause->field = new_field; return DB_OK; } int db_clause_set_type(db_clause_t* clause, db_clause_type_t type) { if (!clause) { return DB_ERROR_UNKNOWN; } if (type == DB_CLAUSE_UNKNOWN) { return DB_ERROR_UNKNOWN; } clause->type = type; return DB_OK; } int db_clause_set_operator(db_clause_t* clause, db_clause_operator_t clause_operator) { if (!clause) { return DB_ERROR_UNKNOWN; } if (clause_operator == DB_CLAUSE_OPERATOR_UNKNOWN) { return DB_ERROR_UNKNOWN; } clause->clause_operator = clause_operator; return DB_OK; } int db_clause_not_empty(const db_clause_t* clause) { if (!clause) { return DB_ERROR_UNKNOWN; } if (clause->type == DB_CLAUSE_UNKNOWN) { return DB_ERROR_UNKNOWN; } if (clause->type == DB_CLAUSE_NESTED) { if (!clause->clause_list) { return DB_ERROR_UNKNOWN; } } else { if (!clause->field) { return DB_ERROR_UNKNOWN; } if (db_value_type(&(clause->value)) == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } } return DB_OK; } const db_clause_t* db_clause_next(const db_clause_t* clause) { if (!clause) { return NULL; } return clause->next; } db_value_t* db_clause_get_value(db_clause_t* clause) { if (!clause) { return NULL; } if (clause->clause_list) { return NULL; } return &(clause->value); } /* DB CLAUSE LIST */ db_clause_list_t* db_clause_list_new(void) { db_clause_list_t* clause_list = (db_clause_list_t*)calloc(1, sizeof(db_clause_list_t)); return clause_list; } void db_clause_list_free(db_clause_list_t* clause_list) { if (clause_list) { if (clause_list->begin) { db_clause_t* this = clause_list->begin; db_clause_t* next = NULL; while (this) { next = this->next; this->clause_list = NULL; db_clause_free(this); this = next; } } free(clause_list); } } int db_clause_list_add(db_clause_list_t* clause_list, db_clause_t* clause) { if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!clause) { return DB_ERROR_UNKNOWN; } if (db_clause_not_empty(clause)) { return DB_ERROR_UNKNOWN; } if (clause->next) { return DB_ERROR_UNKNOWN; } if (clause_list->begin) { if (!clause_list->end) { return DB_ERROR_UNKNOWN; } clause_list->end->next = clause; clause_list->end = clause; } else { clause_list->begin = clause; clause_list->end = clause; } return DB_OK; } const db_clause_t* db_clause_list_begin(const db_clause_list_t* clause_list) { if (!clause_list) { return NULL; } return clause_list->begin; } opendnssec-2.1.5/enforcer/src/db/db_backend.c0000644000202300020240000003504613560311035015752 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "db_backend.h" #if defined(ENFORCER_DATABASE_SQLITE3) #include "db_backend_sqlite.h" #endif #include "db_backend_mysql.h" #include "db_error.h" #include "database_version.h" #include "hsm_key.h" #include #include /* DB BACKEND HANDLE */ db_backend_handle_t* db_backend_handle_new(void) { db_backend_handle_t* backend_handle = (db_backend_handle_t*)calloc(1, sizeof(db_backend_handle_t)); return backend_handle; } void db_backend_handle_free(db_backend_handle_t* backend_handle) { if (backend_handle) { if (backend_handle->disconnect_function) { (void)(*backend_handle->disconnect_function)(backend_handle->data); } if (backend_handle->free_function) { (*backend_handle->free_function)(backend_handle->data); } free(backend_handle); } } int db_backend_handle_initialize(const db_backend_handle_t* backend_handle) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!backend_handle->initialize_function) { return DB_ERROR_UNKNOWN; } return backend_handle->initialize_function((void*)backend_handle->data); } int db_backend_handle_connect(const db_backend_handle_t* backend_handle, const db_configuration_list_t* configuration_list) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!configuration_list) { return DB_ERROR_UNKNOWN; } if (!backend_handle->connect_function) { return DB_ERROR_UNKNOWN; } return backend_handle->connect_function((void*)backend_handle->data, configuration_list); } int db_backend_handle_create(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!backend_handle->create_function) { return DB_ERROR_UNKNOWN; } return backend_handle->create_function((void*)backend_handle->data, object, object_field_list, value_set); } db_result_list_t* db_backend_handle_read(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { if (!backend_handle) { return NULL; } if (!object) { return NULL; } if (!backend_handle->read_function) { return NULL; } return backend_handle->read_function((void*)backend_handle->data, object, join_list, clause_list); } int db_backend_handle_update(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!backend_handle->update_function) { return DB_ERROR_UNKNOWN; } return backend_handle->update_function((void*)backend_handle->data, object, object_field_list, value_set, clause_list); } int db_backend_handle_delete(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_clause_list_t* clause_list) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!backend_handle->delete_function) { return DB_ERROR_UNKNOWN; } return backend_handle->delete_function((void*)backend_handle->data, object, clause_list); } int db_backend_handle_count(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } if (!backend_handle->count_function) { return DB_ERROR_UNKNOWN; } return backend_handle->count_function((void*)backend_handle->data, object, join_list, clause_list, count); } int db_backend_handle_set_initialize(db_backend_handle_t* backend_handle, db_backend_handle_initialize_t initialize_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->initialize_function = initialize_function; return DB_OK; } int db_backend_handle_set_shutdown(db_backend_handle_t* backend_handle, db_backend_handle_shutdown_t shutdown_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->shutdown_function = shutdown_function; return DB_OK; } int db_backend_handle_set_connect(db_backend_handle_t* backend_handle, db_backend_handle_connect_t connect_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->connect_function = connect_function; return DB_OK; } int db_backend_handle_set_disconnect(db_backend_handle_t* backend_handle, db_backend_handle_disconnect_t disconnect_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->disconnect_function = disconnect_function; return DB_OK; } int db_backend_handle_set_create(db_backend_handle_t* backend_handle, db_backend_handle_create_t create_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->create_function = create_function; return DB_OK; } int db_backend_handle_set_read(db_backend_handle_t* backend_handle, db_backend_handle_read_t read_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->read_function = read_function; return DB_OK; } int db_backend_handle_set_update(db_backend_handle_t* backend_handle, db_backend_handle_update_t update_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->update_function = update_function; return DB_OK; } int db_backend_handle_set_delete(db_backend_handle_t* backend_handle, db_backend_handle_delete_t delete_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->delete_function = delete_function; return DB_OK; } int db_backend_handle_set_count(db_backend_handle_t* backend_handle, db_backend_handle_count_t count_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->count_function = count_function; return DB_OK; } int db_backend_handle_set_free(db_backend_handle_t* backend_handle, db_backend_handle_free_t free_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->free_function = free_function; return DB_OK; } int db_backend_handle_set_transaction_begin(db_backend_handle_t* backend_handle, db_backend_handle_transaction_begin_t transaction_begin_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->transaction_begin_function = transaction_begin_function; return DB_OK; } int db_backend_handle_set_transaction_commit(db_backend_handle_t* backend_handle, db_backend_handle_transaction_commit_t transaction_commit_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->transaction_commit_function = transaction_commit_function; return DB_OK; } int db_backend_handle_set_transaction_rollback(db_backend_handle_t* backend_handle, db_backend_handle_transaction_rollback_t transaction_rollback_function) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } backend_handle->transaction_rollback_function = transaction_rollback_function; return DB_OK; } int db_backend_handle_set_data(db_backend_handle_t* backend_handle, void* data) { if (!backend_handle) { return DB_ERROR_UNKNOWN; } if (backend_handle->data) { return DB_ERROR_UNKNOWN; } backend_handle->data = data; return DB_OK; } /* DB BACKEND */ db_backend_t* db_backend_new(void) { db_backend_t* backend = (db_backend_t*)calloc(1, sizeof(db_backend_t)); return backend; } void db_backend_free(db_backend_t* backend) { if (backend) { if (backend->handle) { db_backend_handle_free(backend->handle); } if (backend->name) { free(backend->name); } free(backend); } } int db_backend_set_name(db_backend_t* backend, const char* name) { char* new_name; if (!backend) { return DB_ERROR_UNKNOWN; } if (!(new_name = strdup(name))) { return DB_ERROR_UNKNOWN; } if (backend->name) { free(backend->name); } backend->name = new_name; return DB_OK; } int db_backend_set_handle(db_backend_t* backend, db_backend_handle_t* handle) { if (!backend) { return DB_ERROR_UNKNOWN; } if (backend->handle) { return DB_ERROR_UNKNOWN; } backend->handle = handle; return DB_OK; } int db_backend_initialize(const db_backend_t* backend) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_initialize(backend->handle); } int db_backend_connect(const db_backend_t* backend, const db_configuration_list_t* configuration_list) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!configuration_list) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_connect(backend->handle, configuration_list); } int db_backend_create(const db_backend_t* backend, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_create(backend->handle, object, object_field_list, value_set); } db_result_list_t* db_backend_read(const db_backend_t* backend, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { if (!backend) { return NULL; } if (!object) { return NULL; } if (!backend->handle) { return NULL; } return db_backend_handle_read(backend->handle, object, join_list, clause_list); } int db_backend_update(const db_backend_t* backend, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_update(backend->handle, object, object_field_list, value_set, clause_list); } int db_backend_delete(const db_backend_t* backend, const db_object_t* object, const db_clause_list_t* clause_list) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_delete(backend->handle, object, clause_list); } int db_backend_count(const db_backend_t* backend, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { if (!backend) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } if (!backend->handle) { return DB_ERROR_UNKNOWN; } return db_backend_handle_count(backend->handle, object, join_list, clause_list, count); } /* DB BACKEND FACTORY */ db_backend_t* db_backend_factory_get_backend(const char* name) { db_backend_t* backend = NULL; if (!name) { return NULL; } #if defined(ENFORCER_DATABASE_SQLITE3) if (!strcmp(name, "sqlite")) { if (!(backend = db_backend_new()) || db_backend_set_name(backend, "sqlite") || db_backend_set_handle(backend, db_backend_sqlite_new_handle()) || db_backend_initialize(backend)) { db_backend_free(backend); return NULL; } return backend; } #endif #if defined(ENFORCER_DATABASE_MYSQL) if (!strcmp(name, "mysql")) { if (!(backend = db_backend_new()) || db_backend_set_name(backend, "mysql") || db_backend_set_handle(backend, db_backend_mysql_new_handle()) || db_backend_initialize(backend)) { db_backend_free(backend); return NULL; } return backend; } #endif return backend; } opendnssec-2.1.5/enforcer/src/db/db_backend_mysql.c0000644000202300020240000021612513560311035017176 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_backend_mysql.h" #include "db_error.h" #include "log.h" #include #include #include #include #include #include #include #include static int db_backend_mysql_transaction_rollback(void*); /** * Keep track of if we have initialized the MySQL backend. */ static int __mysql_initialized = 0; /** * The MySQL database backend specific data. */ typedef struct db_backend_mysql { MYSQL* db; int transaction; unsigned int timeout; } db_backend_mysql_t; /** * The MySQL database backend specific data for a statement bind. */ typedef struct db_backend_mysql_bind db_backend_mysql_bind_t; struct db_backend_mysql_bind { db_backend_mysql_bind_t* next; MYSQL_BIND* bind; unsigned long length; my_bool error; int value_enum; }; /** * The MySQL database backend specific data for statements. */ typedef struct db_backend_mysql_statement { db_backend_mysql_t* backend_mysql; MYSQL_STMT* statement; MYSQL_BIND* mysql_bind_input; db_backend_mysql_bind_t* bind_input; db_backend_mysql_bind_t* bind_input_end; MYSQL_BIND* mysql_bind_output; db_backend_mysql_bind_t* bind_output; db_backend_mysql_bind_t* bind_output_end; db_object_field_list_t* object_field_list; int fields; int bound; } db_backend_mysql_statement_t; /** * MySQL finish function. * * Frees all data related to a db_backend_mysql_statement_t. */ static inline void __db_backend_mysql_finish(db_backend_mysql_statement_t* statement) { db_backend_mysql_bind_t* bind; if (!statement) { return; } if (statement->statement) { mysql_stmt_close(statement->statement); } if (statement->mysql_bind_input) { free(statement->mysql_bind_input); } while (statement->bind_input) { bind = statement->bind_input; statement->bind_input = bind->next; free(bind); } while (statement->bind_output) { bind = statement->bind_output; statement->bind_output = bind->next; if (bind->bind && bind->bind->buffer) { free(bind->bind->buffer); } free(bind); } if (statement->mysql_bind_output) { free(statement->mysql_bind_output); } if (statement->object_field_list) { db_object_field_list_free(statement->object_field_list); } free(statement); } /** * MySQL prepare function. * * Creates a db_backend_mysql_statement_t based on a SQL string and an object * field list. */ static inline int __db_backend_mysql_prepare(db_backend_mysql_t* backend_mysql, db_backend_mysql_statement_t** statement, const char* sql, size_t size, const db_object_field_list_t* object_field_list) { unsigned long i, params; db_backend_mysql_bind_t* bind; const db_object_field_t* object_field; MYSQL_BIND* mysql_bind; MYSQL_RES* result_metadata = NULL; MYSQL_FIELD* field; if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!backend_mysql->db) { return DB_ERROR_UNKNOWN; } if (!statement) { return DB_ERROR_UNKNOWN; } if (*statement) { return DB_ERROR_UNKNOWN; } if (!sql) { return DB_ERROR_UNKNOWN; } /* * Prepare the statement. */ ods_log_debug("%s", sql); if (!(*statement = calloc(1, sizeof(db_backend_mysql_statement_t))) || !((*statement)->statement = mysql_stmt_init(backend_mysql->db)) || mysql_stmt_prepare((*statement)->statement, sql, size)) { if ((*statement)->statement) { ods_log_info("DB prepare SQL %s", sql); ods_log_info("DB prepare Err %d: %s", mysql_stmt_errno((*statement)->statement), mysql_stmt_error((*statement)->statement)); } __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } (*statement)->backend_mysql = backend_mysql; /* * Create the input binding based on the number of parameters in the SQL * statement. */ if ((params = mysql_stmt_param_count((*statement)->statement)) > 0) { if (!((*statement)->mysql_bind_input = calloc(params, sizeof(MYSQL_BIND)))) { __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } for (i = 0; i < params; i++) { if (!(bind = calloc(1, sizeof(db_backend_mysql_bind_t)))) { __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } bind->bind = &((*statement)->mysql_bind_input[i]); if (!(*statement)->bind_input) { (*statement)->bind_input = bind; } if ((*statement)->bind_input_end) { (*statement)->bind_input_end->next = bind; } (*statement)->bind_input_end = bind; } } /* * Create the output binding based on the object field list given. */ if (object_field_list && (params = db_object_field_list_size(object_field_list)) > 0 && (result_metadata = mysql_stmt_result_metadata((*statement)->statement))) { if (!((*statement)->object_field_list = db_object_field_list_new_copy(object_field_list)) || !((*statement)->mysql_bind_output = calloc(params, sizeof(MYSQL_BIND)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } (*statement)->fields = params; field = mysql_fetch_field(result_metadata); object_field = db_object_field_list_begin(object_field_list); for (i = 0; i < params; i++) { if (!field || !object_field || !(bind = calloc(1, sizeof(db_backend_mysql_bind_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } bind->bind = (mysql_bind = &((*statement)->mysql_bind_output[i])); mysql_bind->is_null = (my_bool*)0; mysql_bind->error = &bind->error; mysql_bind->length = &bind->length; switch (db_object_field_type(object_field)) { case DB_TYPE_PRIMARY_KEY: switch (field->type) { case MYSQL_TYPE_TINY: case MYSQL_TYPE_SHORT: case MYSQL_TYPE_LONG: case MYSQL_TYPE_INT24: mysql_bind->buffer_type = MYSQL_TYPE_LONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint32_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint32_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 1; break; case MYSQL_TYPE_LONGLONG: mysql_bind->buffer_type = MYSQL_TYPE_LONGLONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint64_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint64_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 1; break; case MYSQL_TYPE_STRING: case MYSQL_TYPE_VAR_STRING: mysql_bind->buffer_type = MYSQL_TYPE_STRING; /* * field->length does not include ending NULL character so * we increase it by one. */ bind->length = field->length + 1; if (bind->length < DB_BACKEND_MYSQL_STRING_MIN_SIZE) { bind->length = DB_BACKEND_MYSQL_STRING_MIN_SIZE; } if (!(mysql_bind->buffer = calloc(1, bind->length))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = bind->length; mysql_bind->is_unsigned = 0; break; default: mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } break; case DB_TYPE_ENUM: /* * Enum needs to be handled elsewhere since we don't know the * enum_set_t here. * * TODO: can something be done here? */ case DB_TYPE_INT32: mysql_bind->buffer_type = MYSQL_TYPE_LONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_int32_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_int32_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 0; break; case DB_TYPE_UINT32: mysql_bind->buffer_type = MYSQL_TYPE_LONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint32_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint32_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 1; break; case DB_TYPE_INT64: mysql_bind->buffer_type = MYSQL_TYPE_LONGLONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_int64_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_int64_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 0; break; case DB_TYPE_UINT64: mysql_bind->buffer_type = MYSQL_TYPE_LONGLONG; if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint64_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint64_t); bind->length = mysql_bind->buffer_length; mysql_bind->is_unsigned = 1; break; case DB_TYPE_TEXT: mysql_bind->buffer_type = MYSQL_TYPE_STRING; /* * field->length does not include ending NULL character so * we increase it by one. */ bind->length = field->length + 1; if (bind->length < DB_BACKEND_MYSQL_STRING_MIN_SIZE) { bind->length = DB_BACKEND_MYSQL_STRING_MIN_SIZE; } if (!(mysql_bind->buffer = calloc(1, bind->length))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = bind->length; mysql_bind->is_unsigned = 0; break; case DB_TYPE_ANY: case DB_TYPE_REVISION: switch (field->type) { case MYSQL_TYPE_TINY: case MYSQL_TYPE_SHORT: case MYSQL_TYPE_LONG: case MYSQL_TYPE_INT24: mysql_bind->buffer_type = MYSQL_TYPE_LONG; if (field->flags & UNSIGNED_FLAG) { if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint32_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint32_t); mysql_bind->is_unsigned = 1; } else { if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_int32_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_int32_t); mysql_bind->is_unsigned = 0; } bind->length = mysql_bind->buffer_length; break; case MYSQL_TYPE_LONGLONG: mysql_bind->buffer_type = MYSQL_TYPE_LONGLONG; if (field->flags & UNSIGNED_FLAG) { if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_uint64_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_uint64_t); mysql_bind->is_unsigned = 1; } else { if (!(mysql_bind->buffer = calloc(1, sizeof(db_type_int64_t)))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = sizeof(db_type_int64_t); mysql_bind->is_unsigned = 0; } bind->length = mysql_bind->buffer_length; break; case MYSQL_TYPE_STRING: case MYSQL_TYPE_VAR_STRING: mysql_bind->buffer_type = MYSQL_TYPE_STRING; /* * field->length does not include ending NULL character so * we increase it by one. */ bind->length = field->length + 1; if (bind->length < DB_BACKEND_MYSQL_STRING_MIN_SIZE) { bind->length = DB_BACKEND_MYSQL_STRING_MIN_SIZE; } if (!(mysql_bind->buffer = calloc(1, bind->length))) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } mysql_bind->buffer_length = bind->length; mysql_bind->is_unsigned = 0; break; default: mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } if (!(*statement)->bind_output) { (*statement)->bind_output = bind; } if ((*statement)->bind_output_end) { (*statement)->bind_output_end->next = bind; } (*statement)->bind_output_end = bind; object_field = db_object_field_next(object_field); field = mysql_fetch_field(result_metadata); } /* * If we still have an object field or a MySQL field then the number of * fields in both is mismatching and we should return an error. */ if (object_field || field) { mysql_free_result(result_metadata); __db_backend_mysql_finish(*statement); *statement = NULL; return DB_ERROR_UNKNOWN; } } if (result_metadata) { mysql_free_result(result_metadata); } return DB_OK; } /** * MySQL fetch function. * * Fetch the next row in a db_backend_mysql_statement_t. */ static inline int __db_backend_mysql_fetch(db_backend_mysql_statement_t* statement) { int ret; if (!statement) { return DB_ERROR_UNKNOWN; } if (!statement->statement) { return DB_ERROR_UNKNOWN; } /* * Handle output binding if not already done. */ if (!statement->bound) { if (statement->mysql_bind_output && mysql_stmt_bind_result(statement->statement, statement->mysql_bind_output)) { ods_log_info("DB bind result Err %d: %s", mysql_stmt_errno(statement->statement), mysql_stmt_error(statement->statement)); return DB_ERROR_UNKNOWN; } statement->bound = 1; } /* * Fetch the next row. */ ret = mysql_stmt_fetch(statement->statement); if (ret == 1) { ods_log_info("DB fetch Err %d: %s", mysql_stmt_errno(statement->statement), mysql_stmt_error(statement->statement)); return DB_ERROR_UNKNOWN; } else if (ret == MYSQL_DATA_TRUNCATED) { int i; db_backend_mysql_bind_t* bind; /* * Scan through all of the output binds and check where the data was * truncated and reallocate the buffer and try again. MySQL should have * updated bind->length with the required buffer size. * * We can really only retry fetch on string columns, if another type had * a too small buffer its more a programmable error in the prepare * function. */ for (i = 0, bind = statement->bind_output; bind; i++, bind = bind->next) { if (bind->error) { if (statement->mysql_bind_output[i].buffer_type != MYSQL_TYPE_STRING || bind->length <= statement->mysql_bind_output[i].buffer_length) { ods_log_info("DB fetch Err data truncated"); return DB_ERROR_UNKNOWN; } free(statement->mysql_bind_output[i].buffer); statement->mysql_bind_output[i].buffer = NULL; if (!(statement->mysql_bind_output[i].buffer = calloc(1, bind->length))) { ods_log_info("DB fetch Err data truncated"); return DB_ERROR_UNKNOWN; } statement->mysql_bind_output[i].buffer_length = bind->length; bind->error = 0; if (mysql_stmt_fetch_column(statement->statement, &(statement->mysql_bind_output[i]), i, 0) || bind->error) { ods_log_info("DB fetch Err data truncated"); return DB_ERROR_UNKNOWN; } } } } else if (ret == MYSQL_NO_DATA) { /* * Not really an error but we need to indicate that there is no more * data some how. */ return DB_ERROR_UNKNOWN; } else if (ret) { ods_log_info("DB fetch UNKNOWN %d Err %d: %s", ret, mysql_stmt_errno(statement->statement), mysql_stmt_error(statement->statement)); return DB_ERROR_UNKNOWN; } return DB_OK; } /** * MySQL execute function. * * Execute a prepared statement in the db_backend_mysql_statement_t. */ static inline int __db_backend_mysql_execute(db_backend_mysql_statement_t* statement) { if (!statement) { return DB_ERROR_UNKNOWN; } if (!statement->statement) { return DB_ERROR_UNKNOWN; } /* * Bind the input parameters. */ if (statement->mysql_bind_input && mysql_stmt_bind_param(statement->statement, statement->mysql_bind_input)) { ods_log_info("DB bind param Err %d: %s", mysql_stmt_errno(statement->statement), mysql_stmt_error(statement->statement)); return DB_ERROR_UNKNOWN; } /* * Execute the statement. */ if (mysql_stmt_execute(statement->statement)) { ods_log_info("DB execute Err %d: %s", mysql_stmt_errno(statement->statement), mysql_stmt_error(statement->statement)); return DB_ERROR_UNKNOWN; } return DB_OK; } static int db_backend_mysql_initialize(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!__mysql_initialized) { if (mysql_library_init(0, NULL, NULL)) { return DB_ERROR_UNKNOWN; } __mysql_initialized = 1; } return DB_OK; } static int db_backend_mysql_shutdown(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (__mysql_initialized) { mysql_library_end(); __mysql_initialized = 0; } return DB_OK; } static int db_backend_mysql_connect(void* data, const db_configuration_list_t* configuration_list) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; const db_configuration_t* host; const db_configuration_t* user; const db_configuration_t* pass; const db_configuration_t* db; const db_configuration_t* port_configuration; const db_configuration_t* timeout_configuration; int timeout; unsigned int port = 0; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (backend_mysql->db) { return DB_ERROR_UNKNOWN; } if (!configuration_list) { return DB_ERROR_UNKNOWN; } host = db_configuration_list_find(configuration_list, "host"); user = db_configuration_list_find(configuration_list, "user"); pass = db_configuration_list_find(configuration_list, "pass"); db = db_configuration_list_find(configuration_list, "db"); port_configuration = db_configuration_list_find(configuration_list, "port"); if (port_configuration) { port = atoi(db_configuration_value(port_configuration)); } backend_mysql->timeout = DB_BACKEND_MYSQL_DEFAULT_TIMEOUT; if ((timeout_configuration = db_configuration_list_find(configuration_list, "timeout"))) { timeout = atoi(db_configuration_value(timeout_configuration)); if (timeout < 1) { backend_mysql->timeout = DB_BACKEND_MYSQL_DEFAULT_TIMEOUT; } else { backend_mysql->timeout = (unsigned int)timeout; } } if (!(backend_mysql->db = mysql_init(NULL)) || mysql_options(backend_mysql->db, MYSQL_OPT_CONNECT_TIMEOUT, &backend_mysql->timeout) || !mysql_real_connect(backend_mysql->db, (host ? db_configuration_value(host) : NULL), (user ? db_configuration_value(user) : NULL), (pass ? db_configuration_value(pass) : NULL), (db ? db_configuration_value(db) : NULL), port, NULL, 0) || mysql_autocommit(backend_mysql->db, 1)) { if (backend_mysql->db) { ods_log_error("db_backend_mysql: connect failed %d: %s", mysql_errno(backend_mysql->db), mysql_error(backend_mysql->db)); mysql_close(backend_mysql->db); backend_mysql->db = NULL; } return DB_ERROR_UNKNOWN; } return DB_OK; } static int db_backend_mysql_disconnect(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!backend_mysql->db) { return DB_ERROR_UNKNOWN; } if (backend_mysql->transaction) { db_backend_mysql_transaction_rollback(backend_mysql); } mysql_close(backend_mysql->db); backend_mysql->db = NULL; return DB_OK; } /** * Build the clause/WHERE SQL and append it to `sqlp`, how much that is left in * the buffer pointed by `sqlp` is specified by `left`. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[in] sqlp a character pointer pointer. * \param[in] left an integer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ static int __db_backend_mysql_build_clause(const db_object_t* object, const db_clause_list_t* clause_list, char** sqlp, int* left) { const db_clause_t* clause; int first, ret; if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!sqlp) { return DB_ERROR_UNKNOWN; } if (!*sqlp) { return DB_ERROR_UNKNOWN; } if (!left) { return DB_ERROR_UNKNOWN; } if (*left < 1) { return DB_ERROR_UNKNOWN; } clause = db_clause_list_begin(clause_list); first = 1; while (clause) { if (first) { first = 0; } else { switch (db_clause_operator(clause)) { case DB_CLAUSE_OPERATOR_AND: if ((ret = snprintf(*sqlp, *left, " AND")) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_OPERATOR_OR: if ((ret = snprintf(*sqlp, *left, " OR")) >= *left) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; } switch (db_clause_type(clause)) { case DB_CLAUSE_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s = ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_NOT_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s != ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_LESS_THEN: if ((ret = snprintf(*sqlp, *left, " %s.%s < ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_LESS_OR_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s <= ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_GREATER_OR_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s >= ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_GREATER_THEN: if ((ret = snprintf(*sqlp, *left, " %s.%s > ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NULL: if ((ret = snprintf(*sqlp, *left, " %s.%s IS NULL", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NOT_NULL: if ((ret = snprintf(*sqlp, *left, " %s.%s IS NOT NULL", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_NESTED: if ((ret = snprintf(*sqlp, *left, " (")) >= *left) { return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; if (__db_backend_mysql_build_clause(object, db_clause_list(clause), sqlp, left)) { return DB_ERROR_UNKNOWN; } if ((ret = snprintf(*sqlp, *left, " )")) >= *left) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; clause = db_clause_next(clause); } return DB_OK; } /** * Bind values from the clause list to a MySQL bind structure. * TODO * \return DB_ERROR_* on failure, otherwise DB_OK. */ static int __db_backend_mysql_bind_clause(db_backend_mysql_bind_t** bind, const db_clause_list_t* clause_list) { const db_clause_t* clause; const db_type_int32_t* int32; const db_type_uint32_t* uint32; const db_type_int64_t* int64; const db_type_uint64_t* uint64; const char* text; if (!bind) { return DB_ERROR_UNKNOWN; } if (!*bind) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } clause = db_clause_list_begin(clause_list); while (clause) { if (!*bind) { return DB_ERROR_UNKNOWN; } (*bind)->bind->length = &((*bind)->bind->buffer_length); (*bind)->bind->is_null = (my_bool*)0; switch (db_clause_type(clause)) { case DB_CLAUSE_EQUAL: case DB_CLAUSE_NOT_EQUAL: case DB_CLAUSE_LESS_THEN: case DB_CLAUSE_LESS_OR_EQUAL: case DB_CLAUSE_GREATER_OR_EQUAL: case DB_CLAUSE_GREATER_THEN: switch (db_value_type(db_clause_value(clause))) { case DB_TYPE_PRIMARY_KEY: case DB_TYPE_INT32: if (!(int32 = db_value_int32(db_clause_value(clause)))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_LONG; (*bind)->bind->buffer = (void*)int32; (*bind)->bind->buffer_length = sizeof(db_type_int32_t); (*bind)->bind->is_unsigned = 0; break; case DB_TYPE_UINT32: if (!(uint32 = db_value_uint32(db_clause_value(clause)))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_LONG; (*bind)->bind->buffer = (void*)uint32; (*bind)->bind->buffer_length = sizeof(db_type_uint32_t); (*bind)->bind->is_unsigned = 1; break; case DB_TYPE_INT64: if (!(int64 = db_value_int64(db_clause_value(clause)))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_LONGLONG; (*bind)->bind->buffer = (void*)int64; (*bind)->bind->buffer_length = sizeof(db_type_int64_t); (*bind)->bind->is_unsigned = 0; break; case DB_TYPE_UINT64: if (!(uint64 = db_value_uint64(db_clause_value(clause)))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_LONGLONG; (*bind)->bind->buffer = (void*)uint64; (*bind)->bind->buffer_length = sizeof(db_type_uint64_t); (*bind)->bind->is_unsigned = 1; break; case DB_TYPE_TEXT: if (!(text = db_value_text(db_clause_value(clause)))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_STRING; (*bind)->bind->buffer = (void*)text; (*bind)->bind->buffer_length = strlen(text); (*bind)->bind->is_unsigned = 0; break; case DB_TYPE_ENUM: if (db_value_enum_value(db_clause_value(clause), &((*bind)->value_enum))) { return DB_ERROR_UNKNOWN; } (*bind)->bind->buffer_type = MYSQL_TYPE_LONG; (*bind)->bind->buffer = (void*)&((*bind)->value_enum); (*bind)->bind->buffer_length = sizeof(int); (*bind)->bind->is_unsigned = 0; break; default: return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NULL: /* TODO: is null */ break; case DB_CLAUSE_IS_NOT_NULL: /* TODO: is not null */ break; case DB_CLAUSE_NESTED: *bind = (*bind)->next; if (__db_backend_mysql_bind_clause(bind, db_clause_list(clause))) { return DB_ERROR_UNKNOWN; } clause = db_clause_next(clause); continue; default: return DB_ERROR_UNKNOWN; } *bind = (*bind)->next; clause = db_clause_next(clause); } return DB_OK; } static int __db_backend_mysql_bind_value(db_backend_mysql_bind_t* bind, const db_value_t* value) { const db_type_int32_t* int32; const db_type_uint32_t* uint32; const db_type_int64_t* int64; const db_type_uint64_t* uint64; const char* text; if (!bind) { return DB_ERROR_UNKNOWN; } if (!bind->bind) { return DB_ERROR_UNKNOWN; } if (!value) { return DB_ERROR_UNKNOWN; } bind->bind->length = &(bind->bind->buffer_length); bind->bind->is_null = (my_bool*)0; switch (db_value_type(value)) { case DB_TYPE_PRIMARY_KEY: case DB_TYPE_INT32: if (!(int32 = db_value_int32(value))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_LONG; bind->bind->buffer = (void*)int32; bind->bind->buffer_length = sizeof(db_type_int32_t); bind->bind->is_unsigned = 0; break; case DB_TYPE_UINT32: if (!(uint32 = db_value_uint32(value))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_LONG; bind->bind->buffer = (void*)uint32; bind->bind->buffer_length = sizeof(db_type_uint32_t); bind->bind->is_unsigned = 1; break; case DB_TYPE_INT64: if (!(int64 = db_value_int64(value))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_LONGLONG; bind->bind->buffer = (void*)int64; bind->bind->buffer_length = sizeof(db_type_int64_t); bind->bind->is_unsigned = 0; break; case DB_TYPE_UINT64: if (!(uint64 = db_value_uint64(value))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_LONGLONG; bind->bind->buffer = (void*)uint64; bind->bind->buffer_length = sizeof(db_type_uint64_t); bind->bind->is_unsigned = 1; break; case DB_TYPE_TEXT: if (!(text = db_value_text(value))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_STRING; bind->bind->buffer = (void*)text; bind->bind->buffer_length = strlen(text); bind->bind->is_unsigned = 0; break; case DB_TYPE_ENUM: if (db_value_enum_value(value, &(bind->value_enum))) { return DB_ERROR_UNKNOWN; } bind->bind->buffer_type = MYSQL_TYPE_LONG; bind->bind->buffer = (void*)&(bind->value_enum); bind->bind->buffer_length = sizeof(int); bind->bind->is_unsigned = 0; break; default: return DB_ERROR_UNKNOWN; } return DB_OK; } static int __db_backend_mysql_bind_value_set(db_backend_mysql_bind_t** bind, const db_value_set_t* value_set) { size_t i; if (!bind) { return DB_ERROR_UNKNOWN; } if (!*bind) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } for (i = 0; i < db_value_set_size(value_set); i++, *bind = (*bind)->next) { if (!*bind) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_bind_value(*bind, db_value_set_at(value_set, i))) { return DB_ERROR_UNKNOWN; } } return DB_OK; } static db_result_t* db_backend_mysql_next(void* data, int finish) { db_backend_mysql_statement_t* statement = (db_backend_mysql_statement_t*)data; db_result_t* result = NULL; db_value_set_t* value_set = NULL; const db_object_field_t* object_field; db_backend_mysql_bind_t* bind; int value; if (!statement) { return NULL; } if (!statement->object_field_list) { return NULL; } if (!statement->statement) { return NULL; } if (finish) { __db_backend_mysql_finish(statement); return NULL; } if (__db_backend_mysql_fetch(statement)) { return NULL; } if (!(result = db_result_new()) || !(value_set = db_value_set_new(statement->fields)) || db_result_set_value_set(result, value_set)) { db_result_free(result); db_value_set_free(value_set); return NULL; } object_field = db_object_field_list_begin(statement->object_field_list); bind = statement->bind_output; value = 0; while (object_field) { if (!bind || !bind->bind || !bind->bind->buffer) { db_result_free(result); return NULL; } switch (db_object_field_type(object_field)) { case DB_TYPE_PRIMARY_KEY: case DB_TYPE_ANY: case DB_TYPE_REVISION: switch (bind->bind->buffer_type) { case MYSQL_TYPE_LONG: if ((bind->bind->is_unsigned && db_value_from_uint32(db_value_set_get(value_set, value), *((db_type_uint32_t*)bind->bind->buffer))) || (!bind->bind->is_unsigned && db_value_from_int32(db_value_set_get(value_set, value), *((db_type_int32_t*)bind->bind->buffer)))) { db_result_free(result); return NULL; } break; case MYSQL_TYPE_LONGLONG: if ((bind->bind->is_unsigned && db_value_from_uint64(db_value_set_get(value_set, value), *((db_type_uint64_t*)bind->bind->buffer))) || (!bind->bind->is_unsigned && db_value_from_int64(db_value_set_get(value_set, value), *((db_type_int64_t*)bind->bind->buffer)))) { db_result_free(result); return NULL; } break; case MYSQL_TYPE_STRING: if ((!bind->length && db_value_from_text(db_value_set_get(value_set, value), "")) || (bind->length && db_value_from_text2(db_value_set_get(value_set, value), (char*)bind->bind->buffer, bind->length))) { db_result_free(result); return NULL; } break; default: db_result_free(result); return NULL; } if (db_object_field_type(object_field) == DB_TYPE_PRIMARY_KEY && db_value_set_primary_key(db_value_set_get(value_set, value))) { db_result_free(result); return NULL; } break; case DB_TYPE_ENUM: /* * Enum needs to be handled elsewhere since we don't know the * enum_set_t here. */ case DB_TYPE_INT32: case DB_TYPE_UINT32: if (bind->bind->buffer_type != MYSQL_TYPE_LONG || (bind->bind->is_unsigned && db_value_from_uint32(db_value_set_get(value_set, value), *((db_type_uint32_t*)bind->bind->buffer))) || (!bind->bind->is_unsigned && db_value_from_int32(db_value_set_get(value_set, value), *((db_type_int32_t*)bind->bind->buffer)))) { db_result_free(result); return NULL; } break; case DB_TYPE_INT64: case DB_TYPE_UINT64: if (bind->bind->buffer_type != MYSQL_TYPE_LONGLONG || (bind->bind->is_unsigned && db_value_from_uint64(db_value_set_get(value_set, value), *((db_type_uint64_t*)bind->bind->buffer))) || (!bind->bind->is_unsigned && db_value_from_int64(db_value_set_get(value_set, value), *((db_type_int64_t*)bind->bind->buffer)))) { db_result_free(result); return NULL; } break; case DB_TYPE_TEXT: if (bind->bind->buffer_type != MYSQL_TYPE_STRING || (!bind->length && db_value_from_text(db_value_set_get(value_set, value), "")) || (bind->length && db_value_from_text2(db_value_set_get(value_set, value), (char*)bind->bind->buffer, bind->length))) { db_result_free(result); return NULL; } break; default: db_result_free(result); return NULL; } object_field = db_object_field_next(object_field); value++; bind = bind->next; } return result; } static int db_backend_mysql_create(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; const db_object_field_t* object_field; const db_object_field_t* revision_field = NULL; char sql[4*1024]; char* sqlp; int ret, left, first; db_backend_mysql_statement_t* statement = NULL; db_backend_mysql_bind_t* bind; db_value_t revision = DB_VALUE_EMPTY; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if (!db_object_field_list_begin(object_field_list) && !revision_field) { /* * Special case when tables has no fields except maybe a primary key. */ if ((ret = snprintf(sqlp, left, "INSERT INTO %s () VALUES ()", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } else { if ((ret = snprintf(sqlp, left, "INSERT INTO %s (", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Add the fields from the given object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Add the revision field if we have one. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } if ((ret = snprintf(sqlp, left, " ) VALUES (")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Mark all the fields for binding from the object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " ?")) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", ?")) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Mark revision field for binding if we have one. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " ?")) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", ?")) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } if ((ret = snprintf(sqlp, left, " )")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } /* * Prepare the SQL, create a MySQL statement. */ if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), db_object_object_field_list(object)) || !statement || !(bind = statement->bind_input)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } /* * Bind all the values from value_set. */ if (__db_backend_mysql_bind_value_set(&bind, value_set)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } /* * Bind the revision field value if we have one. */ if (revision_field) { if (db_value_from_int64(&revision, 1) || __db_backend_mysql_bind_value(bind, &revision)) { db_value_reset(&revision); __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } db_value_reset(&revision); } /* * Execute the SQL. */ if (__db_backend_mysql_execute(statement) || mysql_stmt_affected_rows(statement->statement) != 1) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } __db_backend_mysql_finish(statement); return DB_OK; } static db_result_list_t* db_backend_mysql_read(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; const db_object_field_t* object_field; const db_join_t* join; char sql[4*1024]; char* sqlp; int ret, left, first; db_result_list_t* result_list; db_backend_mysql_statement_t* statement = NULL; db_backend_mysql_bind_t* bind; if (!__mysql_initialized) { return NULL; } if (!backend_mysql) { return NULL; } if (!object) { return NULL; } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "SELECT")) >= left) { return NULL; } sqlp += ret; left -= ret; object_field = db_object_field_list_begin(db_object_object_field_list(object)); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s.%s", db_object_table(object), db_object_field_name(object_field))) >= left) { return NULL; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s.%s", db_object_table(object), db_object_field_name(object_field))) >= left) { return NULL; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } if ((ret = snprintf(sqlp, left, " FROM %s", db_object_table(object))) >= left) { return NULL; } sqlp += ret; left -= ret; if (join_list) { join = db_join_list_begin(join_list); while (join) { if ((ret = snprintf(sqlp, left, " INNER JOIN %s ON %s.%s = %s.%s", db_join_to_table(join), db_join_to_table(join), db_join_to_field(join), db_join_from_table(join), db_join_from_field(join))) >= left) { return NULL; } sqlp += ret; left -= ret; join = db_join_next(join); } } if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return NULL; } sqlp += ret; left -= ret; } if (__db_backend_mysql_build_clause(object, clause_list, &sqlp, &left)) { return NULL; } } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), db_object_object_field_list(object)) || !statement) { __db_backend_mysql_finish(statement); return NULL; } bind = statement->bind_input; if (clause_list) { if (__db_backend_mysql_bind_clause(&bind, clause_list)) { __db_backend_mysql_finish(statement); return NULL; } } /* * Execute the SQL. */ if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return NULL; } if (!(result_list = db_result_list_new()) || db_result_list_set_next(result_list, db_backend_mysql_next, statement, mysql_stmt_affected_rows(statement->statement))) { db_result_list_free(result_list); __db_backend_mysql_finish(statement); return NULL; } return result_list; } static int db_backend_mysql_update(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; const db_object_field_t* object_field; const db_object_field_t* revision_field = NULL; const db_clause_t* clause; const db_clause_t* revision_clause = NULL; db_type_int64_t revision_number = -1; char sql[4*1024]; char* sqlp; int ret, left, first; db_backend_mysql_statement_t* statement = NULL; db_backend_mysql_bind_t* bind; db_value_t revision = DB_VALUE_EMPTY; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } if (revision_field) { /* * If we have a revision field we should also have it in the clause, * find it and get the value for later use or return error if not found. */ clause = db_clause_list_begin(clause_list); while (clause) { if (!strcmp(db_clause_field(clause), db_object_field_name(revision_field))) { revision_clause = clause; break; } clause = db_clause_next(clause); } if (!revision_clause) { return DB_ERROR_UNKNOWN; } switch (db_value_type(db_clause_value(revision_clause))) { case DB_TYPE_INT32: if (db_value_to_int32(db_clause_value(revision_clause), &int32)) { return DB_ERROR_UNKNOWN; } revision_number = int32; break; case DB_TYPE_UINT32: if (db_value_to_uint32(db_clause_value(revision_clause), &uint32)) { return DB_ERROR_UNKNOWN; } revision_number = uint32; break; case DB_TYPE_INT64: if (db_value_to_int64(db_clause_value(revision_clause), &int64)) { return DB_ERROR_UNKNOWN; } revision_number = int64; break; case DB_TYPE_UINT64: if (db_value_to_uint64(db_clause_value(revision_clause), &uint64)) { return DB_ERROR_UNKNOWN; } revision_number = uint64; break; default: return DB_ERROR_UNKNOWN; } } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "UPDATE %s SET", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Build the update SQL from the object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s = ?", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s = ?", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Add a new revision if we have any. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s = ?", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s = ?", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } /* * Build the clauses. */ if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_mysql_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } /* * Prepare the SQL. */ if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), db_object_object_field_list(object)) || !statement) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } bind = statement->bind_input; /* * Bind all the values from value_set. */ if (value_set) { if (__db_backend_mysql_bind_value_set(&bind, value_set)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } /* * Bind the new revision if we have any. */ if (revision_field) { if (db_value_from_int64(&revision, revision_number + 1) || __db_backend_mysql_bind_value(bind, &revision)) { db_value_reset(&revision); __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } if (bind) { bind = bind->next; } } /* * Bind the clauses values. */ if (clause_list) { if (__db_backend_mysql_bind_clause(&bind, clause_list)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } /* * Execute the SQL. */ if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } /* * If we are using revision we have to have a positive number of changes * otherwise its a failure. */ if (revision_field) { if (mysql_stmt_affected_rows(statement->statement) < 1) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } __db_backend_mysql_finish(statement); return DB_OK; } static int db_backend_mysql_delete(void* data, const db_object_t* object, const db_clause_list_t* clause_list) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; char sql[4*1024]; char* sqlp; int ret, left; const db_object_field_t* revision_field = NULL; const db_object_field_t* object_field; const db_clause_t* clause; db_backend_mysql_statement_t* statement = NULL; db_backend_mysql_bind_t* bind; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } if (revision_field) { /* * If we have a revision field we should also have it in the clause, * find it or return error if not found. */ clause = db_clause_list_begin(clause_list); while (clause) { if (!strcmp(db_clause_field(clause), db_object_field_name(revision_field))) { break; } clause = db_clause_next(clause); } if (!clause) { return DB_ERROR_UNKNOWN; } } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "DELETE FROM %s", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_mysql_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), db_object_object_field_list(object)) || !statement) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } bind = statement->bind_input; if (clause_list) { if (__db_backend_mysql_bind_clause(&bind, clause_list)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } /* * If we are using revision we have to have a positive number of changes * otherwise its a failure. */ if (revision_field) { if (mysql_stmt_affected_rows(statement->statement) < 1) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } __db_backend_mysql_finish(statement); return DB_OK; } static int db_backend_mysql_count(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; const db_join_t* join; char sql[4*1024]; char* sqlp; int ret, left; db_backend_mysql_statement_t* statement = NULL; db_backend_mysql_bind_t* bind; db_object_field_list_t* object_field_list; db_object_field_t* object_field = NULL; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "SELECT COUNT(*)")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if ((ret = snprintf(sqlp, left, " FROM %s", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if (join_list) { join = db_join_list_begin(join_list); while (join) { if ((ret = snprintf(sqlp, left, " INNER JOIN %s ON %s.%s = %s.%s", db_join_to_table(join), db_join_to_table(join), db_join_to_field(join), db_join_from_table(join), db_join_from_field(join))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; join = db_join_next(join); } } if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_mysql_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } if (!(object_field_list = db_object_field_list_new()) || !(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "countField") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), object_field_list) || !statement) { db_object_field_list_free(object_field_list); __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } db_object_field_list_free(object_field_list); bind = statement->bind_input; if (clause_list) { if (__db_backend_mysql_bind_clause(&bind, clause_list)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } } if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_fetch(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } bind = statement->bind_output; if (!bind || !bind->bind || !bind->bind->buffer || bind->bind->buffer_type != MYSQL_TYPE_LONG || !bind->bind->is_unsigned || bind->length != sizeof(db_type_uint32_t)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } *count = *((db_type_uint32_t*)bind->bind->buffer); __db_backend_mysql_finish(statement); return DB_OK; } static void db_backend_mysql_free(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; if (backend_mysql) { if (backend_mysql->db) { (void)db_backend_mysql_disconnect(backend_mysql); } free(backend_mysql); } } static int db_backend_mysql_transaction_begin(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; static const char* sql = "BEGIN TRANSACTION"; db_backend_mysql_statement_t* statement = NULL; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (backend_mysql->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), NULL)) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } __db_backend_mysql_finish(statement); backend_mysql->transaction = 1; return DB_OK; } static int db_backend_mysql_transaction_commit(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; static const char* sql = "COMMIT TRANSACTION"; db_backend_mysql_statement_t* statement = NULL; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!backend_mysql->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), NULL)) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } __db_backend_mysql_finish(statement); backend_mysql->transaction = 0; return DB_OK; } static int db_backend_mysql_transaction_rollback(void* data) { db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)data; static const char* sql = "ROLLBACK TRANSACTION"; db_backend_mysql_statement_t* statement = NULL; if (!__mysql_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_mysql) { return DB_ERROR_UNKNOWN; } if (!backend_mysql->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_prepare(backend_mysql, &statement, sql, strlen(sql), NULL)) { return DB_ERROR_UNKNOWN; } if (__db_backend_mysql_execute(statement)) { __db_backend_mysql_finish(statement); return DB_ERROR_UNKNOWN; } __db_backend_mysql_finish(statement); backend_mysql->transaction = 0; return DB_OK; } db_backend_handle_t* db_backend_mysql_new_handle(void) { db_backend_handle_t* backend_handle = NULL; db_backend_mysql_t* backend_mysql = (db_backend_mysql_t*)calloc(1, sizeof(db_backend_mysql_t)); if (backend_mysql && (backend_handle = db_backend_handle_new())) { if (db_backend_handle_set_data(backend_handle, (void*)backend_mysql) || db_backend_handle_set_initialize(backend_handle, db_backend_mysql_initialize) || db_backend_handle_set_shutdown(backend_handle, db_backend_mysql_shutdown) || db_backend_handle_set_connect(backend_handle, db_backend_mysql_connect) || db_backend_handle_set_disconnect(backend_handle, db_backend_mysql_disconnect) || db_backend_handle_set_create(backend_handle, db_backend_mysql_create) || db_backend_handle_set_read(backend_handle, db_backend_mysql_read) || db_backend_handle_set_update(backend_handle, db_backend_mysql_update) || db_backend_handle_set_delete(backend_handle, db_backend_mysql_delete) || db_backend_handle_set_count(backend_handle, db_backend_mysql_count) || db_backend_handle_set_free(backend_handle, db_backend_mysql_free) || db_backend_handle_set_transaction_begin(backend_handle, db_backend_mysql_transaction_begin) || db_backend_handle_set_transaction_commit(backend_handle, db_backend_mysql_transaction_commit) || db_backend_handle_set_transaction_rollback(backend_handle, db_backend_mysql_transaction_rollback)) { db_backend_handle_free(backend_handle); free(backend_mysql); return NULL; } } return backend_handle; } opendnssec-2.1.5/enforcer/src/db/zone_db_ext.h0000644000202300020240000000557113560310771016231 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __zone_db_ext_h #define __zone_db_ext_h #include "key_data.h" #include "key_dependency.h" #include /** * Convert zone ID to name, caller must free resulting string. * return NULL on error */ char * zone_db_ext_zonename_from_id(const db_connection_t* connection, const db_value_t* id); /** * Get a list of keys for an enforcer zone object. * \param[in] zone an zone_db_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* zone_db_get_keys(const zone_db_t* zone); /** * Get a list of key dependencies for an enforcer zone object. * \param[in] zone an zone_db_t pointer. * \return a key_dependency_list_t pointer or NULL on error. */ key_dependency_list_t* zone_db_get_key_dependencies(const zone_db_t* zone); /** * Create a zone object from XML. * \param[in] zone a zone_db_t object being created. * \param[in] zone_node a xmlNodePtr to the XML for the zone. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_create_from_xml(zone_db_t* zone, xmlNodePtr zone_node); /** * Update a zone object from XML. * \param[in] zone a zone_db_t object being updated. * \param[in] zone_node a xmlNodePtr to the XML for the zone. * \param[out] updated an integer pointer that will be set to non-zero if any * values in the zone was updated. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_update_from_xml(zone_db_t* zone, xmlNodePtr zone_node, int* updated); #endif opendnssec-2.1.5/enforcer/src/db/zone_db_ext.c0000644000202300020240000005331413560310771016222 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "zone_db.h" #include "db_error.h" #include "log.h" #include "policy.h" #include char * zone_db_ext_zonename_from_id(const db_connection_t* connection, const db_value_t* id) { zone_db_t *zone; char *zonename = NULL; if (!connection || !id) { return NULL; } if ((zone = zone_db_new(connection)) && !zone_db_get_by_id(zone, id)) { zonename = strdup(zone_db_name(zone)); } zone_db_free(zone); return zonename; } key_data_list_t* zone_db_get_keys(const zone_db_t* zone) { if (!zone) { return NULL; } if (!zone->dbo) { return NULL; } if (db_value_not_empty(&(zone->id))) { return NULL; } return key_data_list_new_get_by_zone_id(db_object_connection(zone->dbo), &(zone->id)); /* * TODO: associated return key_data_list_new_copy(zone_key_data_list(zone)); */ } key_dependency_list_t* zone_db_get_key_dependencies(const zone_db_t* zone) { if (!zone) { return NULL; } if (!zone->dbo) { return NULL; } if (db_value_not_empty(&(zone->id))) { return NULL; } return key_dependency_list_new_get_by_zone_id(db_object_connection(zone->dbo), &(zone->id)); /* * TODO: associated return key_dependency_list_new_copy(zone_key_dependency_list(zone)); */ } static int __xmlNode2zone(zone_db_t* zone, xmlNodePtr zone_node, int* updated) { xmlNodePtr node; xmlNodePtr node2; xmlNodePtr node3; xmlChar* xml_text = NULL; int check_if_updated = 0; int update_this = 1; policy_t* policy = NULL; int ret; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone_node) { return DB_ERROR_UNKNOWN; } /* * If updated is set we will check if the content is changed and set the * integer pointed by updated to non-zero. */ if (updated) { *updated = 0; check_if_updated = 1; } if (!(xml_text = xmlGetProp(zone_node, (xmlChar*)"name"))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] zone %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_name(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_name(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_name(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } for (node = zone_node->children; node; node = node->next) { if (node->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node->name, "Policy")) { if (!(xml_text = xmlNodeGetContent(node))) { policy_free(policy); return DB_ERROR_UNKNOWN; } if (policy) { if (strcmp(policy_name(policy), (char*)xml_text) && policy_get_by_name(policy, (char*)xml_text)) { policy_free(policy); if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } else { if (!(policy = policy_new(db_object_connection(zone->dbo))) || policy_get_by_name(policy, (char*)xml_text)) { policy_free(policy); if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } ods_log_deeebug("[zone_*_from_xml] policy %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (db_value_cmp(zone_db_policy_id(zone), policy_id(policy), &ret)) { policy_free(policy); if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (ret) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_policy_id(zone, policy_id(policy))) { policy_free(policy); if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "SignerConfiguration")) { if (!(xml_text = xmlNodeGetContent(node))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] signconf path %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_signconf_path(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_signconf_path(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_signconf_path(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "Adapters")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "Input")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "File")) { ods_log_deeebug("[zone_*_from_xml] input adapter type File"); if (check_if_updated) { update_this = 0; if (!zone_db_input_adapter_type(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_input_adapter_type(zone), "File")) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_input_adapter_type(zone, "File")) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (!(xml_text = xmlNodeGetContent(node3))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] input adapter uri %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_input_adapter_uri(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_input_adapter_uri(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_input_adapter_uri(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node3->name, "Adapter")) { if (!(xml_text = xmlGetProp(node3, (xmlChar*)"type"))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] input adapter type %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_input_adapter_type(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_input_adapter_type(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_input_adapter_type(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (!(xml_text = xmlNodeGetContent(node3))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] input adapter uri %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_input_adapter_uri(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_input_adapter_uri(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_input_adapter_uri(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else { ods_log_deeebug("[zone_*_from_xml] unknown %s", (char*)node3->name); policy_free(policy); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node2->name, "Output")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "File")) { ods_log_deeebug("[zone_*_from_xml] output adapter type File"); if (check_if_updated) { update_this = 0; if (!zone_db_output_adapter_type(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_output_adapter_type(zone), "File")) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_output_adapter_type(zone, "File")) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (!(xml_text = xmlNodeGetContent(node3))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] output adapter uri %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_output_adapter_uri(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_output_adapter_uri(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_output_adapter_uri(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node3->name, "Adapter")) { if (!(xml_text = xmlGetProp(node3, (xmlChar*)"type"))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] output adapter type %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_output_adapter_type(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_output_adapter_type(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_output_adapter_type(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (!(xml_text = xmlNodeGetContent(node3))) { policy_free(policy); return DB_ERROR_UNKNOWN; } ods_log_deeebug("[zone_*_from_xml] output adapter uri %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!zone_db_output_adapter_uri(zone)) { *updated = 1; update_this = 1; } else if (strcmp(zone_db_output_adapter_uri(zone), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (zone_db_set_output_adapter_uri(zone, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else { ods_log_deeebug("[zone_*_from_xml] unknown %s", (char*)node3->name); policy_free(policy); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[zone_*_from_xml] unknown %s", (char*)node2->name); policy_free(policy); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[zone_*_from_xml] unknown %s", (char*)node->name); policy_free(policy); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } policy_free(policy); return DB_OK; } int zone_db_create_from_xml(zone_db_t* zone, xmlNodePtr zone_node) { if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone_node) { return DB_ERROR_UNKNOWN; } return __xmlNode2zone(zone, zone_node, NULL); } int zone_db_update_from_xml(zone_db_t* zone, xmlNodePtr zone_node, int* updated) { if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone_node) { return DB_ERROR_UNKNOWN; } if (!updated) { return DB_ERROR_UNKNOWN; } return __xmlNode2zone(zone, zone_node, updated); } opendnssec-2.1.5/enforcer/src/db/schema.mysql0000644000202300020240000001522613560310771016105 00000000000000-- Copyright (c) 2014 Jerry Lundström -- Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). -- Copyright (c) 2014 OpenDNSSEC AB (svb) -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -- IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -- WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -- DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -- GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -- IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -- OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -- IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. CREATE TABLE zone ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, name TEXT NOT NULL, signconfNeedsWriting INT UNSIGNED NOT NULL, signconfPath TEXT NOT NULL, nextChange INT NOT NULL, ttlEndDs INT UNSIGNED NOT NULL, ttlEndDk INT UNSIGNED NOT NULL, ttlEndRs INT UNSIGNED NOT NULL, rollKskNow INT UNSIGNED NOT NULL, rollZskNow INT UNSIGNED NOT NULL, rollCskNow INT UNSIGNED NOT NULL, inputAdapterType TEXT NOT NULL, inputAdapterUri TEXT NOT NULL, outputAdapterType TEXT NOT NULL, outputAdapterUri TEXT NOT NULL, nextKskRoll INT UNSIGNED NOT NULL, nextZskRoll INT UNSIGNED NOT NULL, nextCskRoll INT UNSIGNED NOT NULL ); CREATE INDEX zonePolicyId ON zone ( policyId ); CREATE UNIQUE INDEX zoneName ON zone ( name(255) ); CREATE TABLE keyData ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, zoneId BIGINT UNSIGNED NOT NULL, hsmKeyId BIGINT UNSIGNED NOT NULL, algorithm INT UNSIGNED NOT NULL, inception INT UNSIGNED NOT NULL, role INT NOT NULL, introducing INT UNSIGNED NOT NULL, shouldRevoke INT UNSIGNED NOT NULL, standby INT UNSIGNED NOT NULL, activeZsk INT UNSIGNED NOT NULL, publish INT UNSIGNED NOT NULL, activeKsk INT UNSIGNED NOT NULL, dsAtParent INT NOT NULL, keytag INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL ); CREATE INDEX keyDataZoneId ON keyData ( zoneId ); CREATE INDEX keyDataHsmKeyId ON keyData ( hsmKeyId ); CREATE TABLE keyState ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, keyDataId BIGINT UNSIGNED NOT NULL, type INT NOT NULL, state INT NOT NULL, lastChange INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL, ttl INT UNSIGNED NOT NULL ); CREATE INDEX keyStateKeyDataId ON keyState ( keyDataId ); CREATE TABLE keyDependency ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, zoneId BIGINT UNSIGNED NOT NULL, fromKeyDataId BIGINT UNSIGNED NOT NULL, toKeyDataId BIGINT UNSIGNED NOT NULL, type INT NOT NULL ); CREATE INDEX keyDependencyZoneId ON keyDependency ( zoneId ); CREATE INDEX keyDependencyFromKeyDataId ON keyDependency ( fromKeyDataId ); CREATE INDEX keyDependencyToKeyDataId ON keyDependency ( toKeyDataId ); CREATE TABLE hsmKey ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, locator TEXT NOT NULL, state INT NOT NULL, bits INT UNSIGNED NOT NULL, algorithm INT UNSIGNED NOT NULL, role INT NOT NULL, inception INT UNSIGNED NOT NULL, isRevoked INT UNSIGNED NOT NULL, keyType INT NOT NULL, repository TEXT NOT NULL, backup INT NOT NULL ); CREATE INDEX hsmKeyPolicyId ON hsmKey ( policyId ); CREATE UNIQUE INDEX hsmKeyLocator ON hsmKey ( locator(255) ); CREATE TABLE policy ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, name TEXT NOT NULL, description TEXT NOT NULL, signaturesResign INT UNSIGNED NOT NULL, signaturesRefresh INT UNSIGNED NOT NULL, signaturesJitter INT UNSIGNED NOT NULL, signaturesInceptionOffset INT UNSIGNED NOT NULL, signaturesValidityDefault INT UNSIGNED NOT NULL, signaturesValidityDenial INT UNSIGNED NOT NULL, signaturesValidityKeyset INT UNSIGNED, signaturesMaxZoneTtl INT UNSIGNED NOT NULL, denialType INT NOT NULL, denialOptout INT UNSIGNED NOT NULL, denialTtl INT UNSIGNED NOT NULL, denialResalt INT UNSIGNED NOT NULL, denialAlgorithm INT UNSIGNED NOT NULL, denialIterations INT UNSIGNED NOT NULL, denialSaltLength INT UNSIGNED NOT NULL, denialSalt TEXT NOT NULL, denialSaltLastChange INT UNSIGNED NOT NULL, keysTtl INT UNSIGNED NOT NULL, keysRetireSafety INT UNSIGNED NOT NULL, keysPublishSafety INT UNSIGNED NOT NULL, keysShared INT UNSIGNED NOT NULL, keysPurgeAfter INT UNSIGNED NOT NULL, zonePropagationDelay INT UNSIGNED NOT NULL, zoneSoaTtl INT UNSIGNED NOT NULL, zoneSoaMinimum INT UNSIGNED NOT NULL, zoneSoaSerial INT NOT NULL, parentRegistrationDelay INT UNSIGNED NOT NULL, parentPropagationDelay INT UNSIGNED NOT NULL, parentDsTtl INT UNSIGNED NOT NULL, parentSoaTtl INT UNSIGNED NOT NULL, parentSoaMinimum INT UNSIGNED NOT NULL, passthrough INT UNSIGNED NOT NULL ); CREATE UNIQUE INDEX policyName ON policy ( name(255) ); CREATE TABLE policyKey ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, role INT NOT NULL, algorithm INT UNSIGNED NOT NULL, bits INT UNSIGNED NOT NULL, lifetime INT UNSIGNED NOT NULL, repository TEXT NOT NULL, standby INT UNSIGNED NOT NULL, manualRollover INT UNSIGNED NOT NULL, rfc5011 INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL ); CREATE INDEX policyKeyPolicyId ON policyKey ( policyId ); CREATE TABLE databaseVersion ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, version INT UNSIGNED NOT NULL ); opendnssec-2.1.5/enforcer/src/db/db_join.c0000644000202300020240000000453013560310771015322 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_join.h" #include "db_error.h" #include #include /* DB JOIN */ const char* db_join_from_table(const db_join_t* join) { if (!join) { return NULL; } return join->from_table; } const char* db_join_from_field(const db_join_t* join) { if (!join) { return NULL; } return join->from_field; } const char* db_join_to_table(const db_join_t* join) { if (!join) { return NULL; } return join->to_table; } const char* db_join_to_field(const db_join_t* join) { if (!join) { return NULL; } return join->to_field; } const db_join_t* db_join_next(const db_join_t* join) { if (!join) { return NULL; } return join->next; } /* DB JOIN LIST */ const db_join_t* db_join_list_begin(const db_join_list_t* join_list) { if (!join_list) { return NULL; } return join_list->begin; } opendnssec-2.1.5/enforcer/src/db/schema.sqlite0000644000202300020240000001471713560310771016245 00000000000000-- Copyright (c) 2014 Jerry Lundström -- Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). -- Copyright (c) 2014 OpenDNSSEC AB (svb) -- All rights reserved. -- -- Redistribution and use in source and binary forms, with or without -- modification, are permitted provided that the following conditions -- are met: -- 1. Redistributions of source code must retain the above copyright -- notice, this list of conditions and the following disclaimer. -- 2. Redistributions in binary form must reproduce the above copyright -- notice, this list of conditions and the following disclaimer in the -- documentation and/or other materials provided with the distribution. -- -- THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -- IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -- WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -- ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -- DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -- DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -- GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -- INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -- IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -- OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -- IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. CREATE TABLE zone ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, name TEXT NOT NULL, signconfNeedsWriting UNSIGNED INT NOT NULL, signconfPath TEXT NOT NULL, nextChange INT NOT NULL, ttlEndDs UNSIGNED INT NOT NULL, ttlEndDk UNSIGNED INT NOT NULL, ttlEndRs UNSIGNED INT NOT NULL, rollKskNow UNSIGNED INT NOT NULL, rollZskNow UNSIGNED INT NOT NULL, rollCskNow UNSIGNED INT NOT NULL, inputAdapterType TEXT NOT NULL, inputAdapterUri TEXT NOT NULL, outputAdapterType TEXT NOT NULL, outputAdapterUri TEXT NOT NULL, nextKskRoll UNSIGNED INT NOT NULL, nextZskRoll UNSIGNED INT NOT NULL, nextCskRoll UNSIGNED INT NOT NULL ); CREATE INDEX zonePolicyId ON zone ( policyId ); CREATE UNIQUE INDEX zoneName ON zone ( name ); CREATE TABLE keyData ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, zoneId INTEGER NOT NULL, hsmKeyId INTEGER NOT NULL, algorithm UNSIGNED INT NOT NULL, inception UNSIGNED INT NOT NULL, role INT NOT NULL, introducing UNSIGNED INT NOT NULL, shouldRevoke UNSIGNED INT NOT NULL, standby UNSIGNED INT NOT NULL, activeZsk UNSIGNED INT NOT NULL, publish UNSIGNED INT NOT NULL, activeKsk UNSIGNED INT NOT NULL, dsAtParent INT NOT NULL, keytag UNSIGNED INT NOT NULL, minimize UNSIGNED INT NOT NULL ); CREATE INDEX keyDataZoneId ON keyData ( zoneId ); CREATE INDEX keyDataHsmKeyId ON keyData ( hsmKeyId ); CREATE TABLE keyState ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, keyDataId INTEGER NOT NULL, type INT NOT NULL, state INT NOT NULL, lastChange UNSIGNED INT NOT NULL, minimize UNSIGNED INT NOT NULL, ttl UNSIGNED INT NOT NULL ); CREATE INDEX keyStateKeyDataId ON keyState ( keyDataId ); CREATE TABLE keyDependency ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, zoneId INTEGER NOT NULL, fromKeyDataId INTEGER NOT NULL, toKeyDataId INTEGER NOT NULL, type INT NOT NULL ); CREATE INDEX keyDependencyZoneId ON keyDependency ( zoneId ); CREATE INDEX keyDependencyFromKeyDataId ON keyDependency ( fromKeyDataId ); CREATE INDEX keyDependencyToKeyDataId ON keyDependency ( toKeyDataId ); CREATE TABLE hsmKey ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, locator TEXT NOT NULL, state INT NOT NULL, bits UNSIGNED INT NOT NULL, algorithm UNSIGNED INT NOT NULL, role INT NOT NULL, inception UNSIGNED INT NOT NULL, isRevoked UNSIGNED INT NOT NULL, keyType INT NOT NULL, repository TEXT NOT NULL, backup INT NOT NULL ); CREATE INDEX hsmKeyPolicyId ON hsmKey ( policyId ); CREATE UNIQUE INDEX hsmKeyLocator ON hsmKey ( locator ); CREATE TABLE policy ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, name TEXT NOT NULL, description TEXT NOT NULL, signaturesResign UNSIGNED INT NOT NULL, signaturesRefresh UNSIGNED INT NOT NULL, signaturesJitter UNSIGNED INT NOT NULL, signaturesInceptionOffset UNSIGNED INT NOT NULL, signaturesValidityDefault UNSIGNED INT NOT NULL, signaturesValidityDenial UNSIGNED INT NOT NULL, signaturesValidityKeyset UNSIGNED INT, signaturesMaxZoneTtl UNSIGNED INT NOT NULL, denialType INT NOT NULL, denialOptout UNSIGNED INT NOT NULL, denialTtl UNSIGNED INT NOT NULL, denialResalt UNSIGNED INT NOT NULL, denialAlgorithm UNSIGNED INT NOT NULL, denialIterations UNSIGNED INT NOT NULL, denialSaltLength UNSIGNED INT NOT NULL, denialSalt TEXT NOT NULL, denialSaltLastChange UNSIGNED INT NOT NULL, keysTtl UNSIGNED INT NOT NULL, keysRetireSafety UNSIGNED INT NOT NULL, keysPublishSafety UNSIGNED INT NOT NULL, keysShared UNSIGNED INT NOT NULL, keysPurgeAfter UNSIGNED INT NOT NULL, zonePropagationDelay UNSIGNED INT NOT NULL, zoneSoaTtl UNSIGNED INT NOT NULL, zoneSoaMinimum UNSIGNED INT NOT NULL, zoneSoaSerial INT NOT NULL, parentRegistrationDelay UNSIGNED INT NOT NULL, parentPropagationDelay UNSIGNED INT NOT NULL, parentDsTtl UNSIGNED INT NOT NULL, parentSoaTtl UNSIGNED INT NOT NULL, parentSoaMinimum UNSIGNED INT NOT NULL, passthrough UNSIGNED INT NOT NULL ); CREATE UNIQUE INDEX policyName ON policy ( name ); CREATE TABLE policyKey ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, role INT NOT NULL, algorithm UNSIGNED INT NOT NULL, bits UNSIGNED INT NOT NULL, lifetime UNSIGNED INT NOT NULL, repository TEXT NOT NULL, standby UNSIGNED INT NOT NULL, manualRollover UNSIGNED INT NOT NULL, rfc5011 UNSIGNED INT NOT NULL, minimize UNSIGNED INT NOT NULL ); CREATE INDEX policyKeyPolicyId ON policyKey ( policyId ); CREATE TABLE databaseVersion ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, version UNSIGNED INT NOT NULL ); opendnssec-2.1.5/enforcer/src/db/hsm_key_ext.c0000644000202300020240000000661313560310771016241 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "hsm_key.h" #include "db_error.h" char const * hsm_key_to_backup_state(hsm_key_t const *hsm_key) { int i; for (i = 0; hsm_key_enum_set_backup[i].text; i++) { if (hsm_key_enum_set_backup[i].value == hsm_key_backup(hsm_key)) return hsm_key_enum_set_backup[i].text; } return NULL; } hsm_key_list_t* hsm_key_list_new_get_by_policy_key(const policy_key_t *pkey) { hsm_key_list_t* hkey_list = NULL; db_clause_list_t* clause_list; db_clause_t* clause; if (!pkey || !pkey->dbo || !(clause_list = db_clause_list_new())) return NULL; if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), policy_key_policy_id(pkey)) || db_clause_list_add(clause_list, clause) || !(clause = db_clause_new()) || db_clause_set_field(clause, "algorithm") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_uint32(db_clause_get_value(clause), policy_key_algorithm(pkey)) || db_clause_list_add(clause_list, clause) || !(clause = db_clause_new()) || db_clause_set_field(clause, "bits") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_uint32(db_clause_get_value(clause), policy_key_bits(pkey)) || db_clause_list_add(clause_list, clause) || !(clause = db_clause_new()) || db_clause_set_field(clause, "repository") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_text(db_clause_get_value(clause), policy_key_repository(pkey)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return NULL; } hkey_list = hsm_key_list_new_get_by_clauses( db_object_connection(pkey->dbo), clause_list); db_clause_list_free(clause_list); return hkey_list; } opendnssec-2.1.5/enforcer/src/db/db_value.h0000644000202300020240000002526313560310771015512 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_value_h #define __db_value_h struct db_value; struct db_value_set; typedef struct db_value db_value_t; typedef struct db_value_set db_value_set_t; #include "config.h" #include "db_type.h" #include "db_enum.h" #include /** * A container for a database value. */ struct db_value { db_type_t type; int primary_key; char* text; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; int enum_value; const char* enum_text; }; #define DB_VALUE_EMPTY { DB_TYPE_EMPTY, 0, NULL, 0, 0, 0, 0, 0, NULL } /** * Create a new database value. * \return a db_value_t pointer or NULL on error. */ db_value_t* db_value_new(void); /** * Delete a database value. * \param[in] value a db_value_t pointer. */ void db_value_free(db_value_t* value); /** * Reset a database value, releasing all interal resources and marking it empty. * \param[in] value a db_value_t pointer. */ void db_value_reset(db_value_t* value); /** * Copy the contant from one database value into another. * \param[in] value a db_value_t pointer to copy to. * \param[in] from_value a db_value_t pointer to copy from. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_copy(db_value_t* value, const db_value_t* from_value); /** * Compare two database values A and B. Sets `result` with less than, equal to, * or greater than zero if A is found, respectively, to be less than, to match, * or be greater than B. * \param[in] value_a a db_value_t pointer. * \param[in] value_b a db_value_t pointer. * \param[out] result an integer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_cmp(const db_value_t* value_a, const db_value_t* value_b, int* result); /** * Get the type of a database value. * \param[in] value a db_value_t pointer. * \return a db_type_t. */ db_type_t db_value_type(const db_value_t* value); /** * Get a pointer for the 32bit integer in a database value. * \param[in] value a db_value_t pointer. * \return a db_type_int32_t pointer or NULL on error, if empty or not a 32bit * integer value. * TODO: unit test */ const db_type_int32_t* db_value_int32(const db_value_t* value); /** * Get a pointer for the unsigned 32bit integer in a database value. * \param[in] value a db_value_t pointer. * \return a db_type_uint32_t pointer or NULL on error, if empty or not an * unsigned 32bit integer value. * TODO: unit test */ const db_type_uint32_t* db_value_uint32(const db_value_t* value); /** * Get a pointer for the 64bit integer in a database value. * \param[in] value a db_value_t pointer. * \return a db_type_int64_t pointer or NULL on error, if empty or not a 64bit * integer value. * TODO: unit test */ const db_type_int64_t* db_value_int64(const db_value_t* value); /** * Get a pointer for the unsigned 64bit integer in a database value. * \param[in] value a db_value_t pointer. * \return a db_type_uint64_t pointer or NULL on error, if empty or not an * unsigned 64bit integer value. * TODO: unit test */ const db_type_uint64_t* db_value_uint64(const db_value_t* value); /** * Get a character pointer for the text in a database value. * \param[in] value a db_value_t pointer. * \return a character pointer or NULL on error, if empty or not a text value. */ const char* db_value_text(const db_value_t* value); /** * Sets `enum_value` with the integer value of an enumeration database value. * \param[in] value a db_value_t pointer. * \param[out] enum_value an integer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_enum_value(const db_value_t* value, int* enum_value); /** * Check if a database value is not empty. * \param[in] value a db_value_t pointer. * \return DB_ERROR_* if empty, otherwise DB_OK. */ int db_value_not_empty(const db_value_t* value); /** * Get the 32bit integer representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_int32 a db_type_int32_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_int32(const db_value_t* value, db_type_int32_t* to_int32); /** * Get the unsigned 32bit integer representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_uint32 a db_type_uint32_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_uint32(const db_value_t* value, db_type_uint32_t* to_uint32); /** * Get the 64bit integer representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_int64 a db_type_int64_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_int64(const db_value_t* value, db_type_int64_t* to_int64); /** * Get the unsigned 64bit integer representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_uint64 a db_type_uint64_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_uint64(const db_value_t* value, db_type_uint64_t* to_uint64); /** * Get the character representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_text a character pointer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_text(const db_value_t* value, char** to_text); /** * Get the integer enumeration representation of the database value. * \param[in] value a db_value_t pointer. * \param[out] to_int an integer pointer. * \param[in] enum_set a db_enum_t array that MUST end with NULL. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_to_enum_value(const db_value_t* value, int* to_int, const db_enum_t* enum_set); /** * Set the database value to a 32bit integer value. * \param[in] value a db_value_t pointer. * \param[in] from_int32 a db_type_int32_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_int32(db_value_t* value, db_type_int32_t from_int32); /** * Set the database value to an unsigned 32bit integer value. * \param[in] value a db_value_t pointer. * \param[in] from_uint32 a db_type_uint32_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_uint32(db_value_t* value, db_type_uint32_t from_uint32); /** * Set the database value to a 64bit integer value. * \param[in] value a db_value_t pointer. * \param[in] from_int64 a db_type_int64_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_int64(db_value_t* value, db_type_int64_t from_int64); /** * Set the database value to an unsigned 64bit integer value. * \param[in] value a db_value_t pointer. * \param[in] from_uint64 a db_type_uint64_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_uint64(db_value_t* value, db_type_uint64_t from_uint64); /** * Set the database value to a text value. * \param[in] value a db_value_t pointer. * \param[in] from_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_text(db_value_t* value, const char* from_text); /** * Set the database value to a text value. * \param[in] value a db_value_t pointer. * \param[in] from_text a character pointer. * \param[in] size a size_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_text2(db_value_t* value, const char* from_text, size_t size); /** * Set the database value to an enumeration value based on an integer value. * \param[in] value a db_value_t pointer. * \param[in] enum_value an integer pointer. * \param[in] enum_set a db_enum_t array that MUST end with NULL. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_from_enum_value(db_value_t* value, int enum_value, const db_enum_t* enum_set); /** * Mark the database as a primary key. * \param[in] value a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_value_set_primary_key(db_value_t* value); /** * A container for a fixed set of database values. */ struct db_value_set { db_value_t* values; size_t size; }; /** * Create a new set of database value. * \param[in] size a size_t. * \return a db_value_set_t pointer or NULL on error. */ db_value_set_t* db_value_set_new(size_t size); /** * Create a new set of database value that is a copy of another. * \param[in] from_value_set a db_value_set_t pointer. * \return a db_value_set_t pointer or NULL on error. */ db_value_set_t* db_value_set_new_copy(const db_value_set_t* from_value_set); /** * Delete a database value set and all values within the set. * \param[in] value_set a db_value_set_t pointer. */ void db_value_set_free(db_value_set_t* value_set); /** * Get the size of database value set. * \param[in] value_set a db_value_set_t pointer. * \return a size_t. */ size_t db_value_set_size(const db_value_set_t* value_set); /** * Get a read only database value at a position in a database value set. * \param[in] value_set a db_value_set_t pointer. * \param[in] at a size_t. * \return a db_value_t pointer or NULL on error. */ const db_value_t* db_value_set_at(const db_value_set_t* value_set, size_t at); /** * Get a writable database value at a position in a database value set. * \param[in] value_set a db_value_set_t pointer. * \param[in] at a size_t. * \return a db_value_t pointer or NULL on error. */ db_value_t* db_value_set_get(db_value_set_t* value_set, size_t at); #endif opendnssec-2.1.5/enforcer/src/db/policy_ext.c0000644000202300020240000015600713560310771016104 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "policy.h" #include "db_error.h" #include "duration.h" #include "log.h" #include static int __xmlNode2policy(policy_t* policy, xmlNodePtr policy_node, int* updated) { xmlNodePtr node; xmlNodePtr node2; xmlNodePtr node3; xmlNodePtr node4; xmlChar* xml_text = NULL; duration_type* duration = NULL; int check_if_updated = 0; int update_this = 1; int denial_optout = 0; int keys_shared = 0; int signatures_max_zone_ttl = 0; int keys_purge = 0; int denial_ttl = 0; unsigned int passthrough = 0; if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy_node) { return DB_ERROR_UNKNOWN; } /* * If updated is set we will check if the content is changed and set the * integer pointed by updated to non-zero. */ if (updated) { *updated = 0; check_if_updated = 1; } if (!(xml_text = xmlGetProp(policy_node, (xmlChar*)"name"))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] policy %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!policy_name(policy)) { *updated = 1; update_this = 1; } else if (strcmp(policy_name(policy), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_name(policy, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } for (node = policy_node->children; node; node = node->next) { if (node->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node->name, "Description")) { if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] description %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (!policy_description(policy)) { *updated = 1; update_this = 1; } else if (strcmp(policy_description(policy), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_description(policy, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "Passthrough")) { passthrough = 1; } else if (!strcmp((char*)node->name, "Signatures")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "Resign")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature resign %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_resign(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_resign(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "Refresh")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature refresh %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_refresh(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_refresh(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "Validity")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "Default")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature validity default %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_validity_default(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_validity_default(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Denial")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature validity denial %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_validity_denial(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_validity_denial(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Keyset")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature validity keyset %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_validity_keyset(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_validity_keyset(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node3->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node2->name, "Jitter")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature jitter %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_jitter(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_jitter(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "InceptionOffset")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature inception offset %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_inception_offset(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_inception_offset(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "MaxZoneTTL")) { signatures_max_zone_ttl = 1; if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] signature max zone ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_signatures_max_zone_ttl(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_signatures_max_zone_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node2->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node->name, "Denial")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "NSEC")) { ods_log_deeebug("[policy_*_from_xml] denial nsec"); if (check_if_updated) { update_this = 0; if (policy_denial_type(policy) != POLICY_DENIAL_TYPE_NSEC) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_type(policy, POLICY_DENIAL_TYPE_NSEC)) { return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node2->name, "NSEC3")) { ods_log_deeebug("[policy_*_from_xml] denial nsec3"); if (check_if_updated) { update_this = 0; if (policy_denial_type(policy) != POLICY_DENIAL_TYPE_NSEC3) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_type(policy, POLICY_DENIAL_TYPE_NSEC3)) { return DB_ERROR_UNKNOWN; } } for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "TTL")) { denial_ttl = 1; if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] denial ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_denial_ttl(policy) != duration2time(duration)) { if (policy_set_denial_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } if (check_if_updated) *updated = 1; } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "OptOut")) { denial_optout = 1; ods_log_deeebug("[policy_*_from_xml] denial optout"); if (check_if_updated) { update_this = 0; if (!policy_denial_optout(policy)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_optout(policy, 1)) { return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node3->name, "Resalt")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] denial resalt %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_denial_resalt(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_resalt(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Hash")) { for (node4 = node3->children; node4; node4 = node4->next) { if (node4->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node4->name, "Algorithm")) { if (!(xml_text = xmlNodeGetContent(node4))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] denial algorithm %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (policy_denial_algorithm(policy) != (unsigned int)atoi((char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_algorithm(policy, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node4->name, "Iterations")) { if (!(xml_text = xmlNodeGetContent(node4))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] denial iterations %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (policy_denial_iterations(policy) != (unsigned int)atoi((char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_iterations(policy, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node4->name, "Salt")) { if (!(xml_text = xmlGetProp(node4, (xmlChar*)"length"))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] denial salt length %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (policy_denial_salt_length(policy) != (unsigned int)atoi((char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_salt_length(policy, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node4->name); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node3->name); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node2->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node->name, "Keys")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "TTL")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] keys ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_keys_ttl(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "RetireSafety")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] keys retire safety %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_keys_retire_safety(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_retire_safety(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "PublishSafety")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] keys publish safety %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_keys_publish_safety(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_publish_safety(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "ShareKeys")) { keys_shared = 1; ods_log_deeebug("[policy_*_from_xml] keys shared keys"); if (check_if_updated) { update_this = 0; if (!policy_keys_shared(policy)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_shared(policy, 1)) { return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node2->name, "Purge")) { keys_purge = 1; if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] keys purge %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_keys_purge_after(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_purge_after(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "KSK")) { continue; } else if (!strcmp((char*)node2->name, "ZSK")) { continue; } else if (!strcmp((char*)node2->name, "CSK")) { continue; } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node2->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node->name, "Zone")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "PropagationDelay")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] zone propagation delay %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_zone_propagation_delay(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_zone_propagation_delay(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "SOA")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "TTL")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] zone soa ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_zone_soa_ttl(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_zone_soa_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Minimum")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] zone soa minimum %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_zone_soa_minimum(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_zone_soa_minimum(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Serial")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] zone soa serial %s", (char*)xml_text); if (check_if_updated) { update_this = 0; if (strcmp(policy_zone_soa_serial_text(policy), (char*)xml_text)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_zone_soa_serial_text(policy, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node3->name); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node2->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node->name, "Parent")) { for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node2->name, "RegistrationDelay")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] parent registration delay %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_parent_registration_delay(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_parent_registration_delay(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "PropagationDelay")) { if (!(xml_text = xmlNodeGetContent(node2))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] parent propagation delay %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_parent_propagation_delay(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_parent_propagation_delay(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node2->name, "SOA")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "TTL")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] parent soa ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_parent_soa_ttl(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_parent_soa_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node3->name, "Minimum")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] parent soa minimum %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_parent_soa_minimum(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_parent_soa_minimum(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node3->name); return DB_ERROR_UNKNOWN; } } } else if (!strcmp((char*)node2->name, "DS")) { for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node3->name, "TTL")) { if (!(xml_text = xmlNodeGetContent(node3))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_*_from_xml] parent ds ttl %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (check_if_updated) { update_this = 0; if (policy_parent_ds_ttl(policy) != duration2time(duration)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_parent_ds_ttl(policy, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } } duration_cleanup(duration); duration = NULL; } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node3->name); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node2->name); return DB_ERROR_UNKNOWN; } } } else { ods_log_deeebug("[policy_*_from_xml] unknown %s", (char*)node->name); return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } duration_cleanup(duration); duration = NULL; /* * If we did not find these XML elements we need to disable them */ if (!denial_optout) { ods_log_deeebug("[policy_*_from_xml] - denial optout"); if (check_if_updated) { update_this = 0; if (policy_denial_optout(policy)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_denial_optout(policy, 0)) { return DB_ERROR_UNKNOWN; } } } if (!keys_shared) { ods_log_deeebug("[policy_*_from_xml] - keys shared keys"); if (check_if_updated) { update_this = 0; if (policy_keys_shared(policy)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_shared(policy, 0)) { return DB_ERROR_UNKNOWN; } } } if (!signatures_max_zone_ttl) { ods_log_deeebug("[policy_*_from_xml] - signatures max zone ttl"); if (policy_signatures_max_zone_ttl(policy) != 86400) { if (policy_set_signatures_max_zone_ttl(policy, 86400)) { return DB_ERROR_UNKNOWN; } if (check_if_updated) *updated = 1; } } if (!keys_purge) { ods_log_deeebug("[policy_*_from_xml] - keys purge"); if (check_if_updated) { update_this = 0; if (policy_keys_purge_after(policy)) { *updated = 1; update_this = 1; } } if (update_this) { if (policy_set_keys_purge_after(policy, 0)) { return DB_ERROR_UNKNOWN; } } } if (!denial_ttl) { ods_log_deeebug("[policy_*_from_xml] - denial ttl"); update_this = 0; if (policy_denial_ttl(policy)) { /* it was not mentioned in kasp. set it to 0 */ update_this = 1; } if (update_this) { if (policy_set_denial_ttl(policy, 0)) { return DB_ERROR_UNKNOWN; } if (check_if_updated) *updated = 1; } } /* Check if passtrough has toggled */ if (passthrough != policy_passthrough(policy)) { ods_log_deeebug("[policy_*_from_xml] - passthrough set to %d", passthrough); if (check_if_updated) *updated = 1; if (policy_set_passthrough(policy, passthrough)) { return DB_ERROR_UNKNOWN; } } return DB_OK; } int policy_create_from_xml(policy_t* policy, xmlNodePtr policy_node) { if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy_node) { return DB_ERROR_UNKNOWN; } return __xmlNode2policy(policy, policy_node, NULL); } int policy_update_from_xml(policy_t* policy, xmlNodePtr policy_node, int* updated) { if (!policy) { return DB_ERROR_UNKNOWN; } if (!policy_node) { return DB_ERROR_UNKNOWN; } if (!updated) { return DB_ERROR_UNKNOWN; } return __xmlNode2policy(policy, policy_node, updated); } policy_key_list_t* policy_get_policy_keys(const policy_t* policy) { if (!policy) { return NULL; } if (!policy->dbo) { return NULL; } if (db_value_not_empty(&(policy->id))) { return NULL; } return policy_key_list_new_get_by_policy_id(db_object_connection(policy->dbo), &(policy->id)); } opendnssec-2.1.5/enforcer/src/db/db_data_sqlite.h0000644000202300020240000000303213560310771016656 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef __db_data_sqlite_h #define __db_data_sqlite_h extern const char* db_data_sqlite[]; #endif opendnssec-2.1.5/enforcer/src/db/key_state_ext.h0000644000202300020240000000276513560311035016575 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_state_ext_h #define __key_state_ext_h #endif opendnssec-2.1.5/enforcer/src/db/db_backend_mysql.h0000644000202300020240000000351313560310771017204 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_backend_mysql_h #define __db_backend_mysql_h #include "db_backend.h" #define DB_BACKEND_MYSQL_DEFAULT_TIMEOUT 30 #define DB_BACKEND_MYSQL_STRING_MIN_SIZE 64 #define DB_BACKEND_MYSQL_STRING_MAX_SIZE 4096 /** * Create a new database backend handle for SQLite. * \return a db_backend_handle_t pointer or NULL on error. */ db_backend_handle_t* db_backend_mysql_new_handle(void); #endif opendnssec-2.1.5/enforcer/src/db/db_schema_sqlite.h0000644000202300020240000000312313560310771017206 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef __db_schema_sqlite_h #define __db_schema_sqlite_h extern const char* db_schema_sqlite_create[]; extern const char* db_schema_sqlite_drop[]; #endif opendnssec-2.1.5/enforcer/src/db/hsm_key_ext.h0000644000202300020240000000347613560310771016252 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __hsm_key_ext_h #define __hsm_key_ext_h #include "policy_key.h" /** * Return the human readable backup state of hsm_key as static string. */ char const * hsm_key_to_backup_state(hsm_key_t const *hsm_key); /** * Get all HSM keys for policy/algorithm/bits/repository. * NULL on failure */ hsm_key_list_t* hsm_key_list_new_get_by_policy_key(const policy_key_t *pkey); #endif opendnssec-2.1.5/enforcer/src/db/key_data_ext.h0000644000202300020240000001033313560310771016362 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_data_ext_h #define __key_data_ext_h #include "key_state.h" #include "hsm_key.h" /** * Cache all key states objects for a key data object. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_cache_key_states(key_data_t* key_data); /** * Get the cached DS key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ const key_state_t* key_data_cached_ds(key_data_t* key_data); /** * Get the cached RRSIG key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ const key_state_t* key_data_cached_rrsig(key_data_t* key_data); /** * Get the cached DNSKEY key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ const key_state_t* key_data_cached_dnskey(key_data_t* key_data); /** * Get the cached RRSIG DNSKEY key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ const key_state_t* key_data_cached_rrsigdnskey(key_data_t* key_data); /** * Get the cached DS key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ key_state_t* key_data_get_cached_ds(key_data_t* key_data); /** * Get the cached RRSIG key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ key_state_t* key_data_get_cached_rrsig(key_data_t* key_data); /** * Get the cached DNSKEY key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ key_state_t* key_data_get_cached_dnskey(key_data_t* key_data); /** * Get the cached RRSIG DNSKEY key state object of a key data object. * key_data_cache_key_states() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ key_state_t* key_data_get_cached_rrsigdnskey(key_data_t* key_data); /** * Get the cached hsm key object of a key data object. * key_data_cache_hsm_key() must have been called before this. * \param[in] key_data a key_data_t pointer. * \return a key_state_t pointer. */ const hsm_key_t* key_data_cached_hsm_key(const key_data_t* key_data); #endif opendnssec-2.1.5/enforcer/src/db/db_connection.h0000644000202300020240000001320413560311035016517 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_connection_h #define __db_connection_h struct db_connection; typedef struct db_connection db_connection_t; #include "db_configuration.h" #include "db_backend.h" #include "db_result.h" #include "db_object.h" #include "db_join.h" #include "db_clause.h" /** * A database connection. */ struct db_connection { const db_configuration_list_t* configuration_list; db_backend_t* backend; }; /** * Create a new database connection. * \return a db_connection_t pointer or NULL on error. */ db_connection_t* db_connection_new(void); /** * Delete a database connection and the database backend within. * \param[in] connection a db_connection_t pointer. */ void db_connection_free(db_connection_t* connection); /** * Set the database configuration list for a database connection. * \param[in] connection a db_connection_t pointer. * \param[in] configuration_list a db_configuration_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_set_configuration_list(db_connection_t* connection, const db_configuration_list_t* configuration_list); /** * Setup the database connection, this verifies the information in the database * configuration list and allocated a database backend. * \param[in] connection a db_connection_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_setup(db_connection_t* connection); /** * Connect to the database. * \param[in] connection a db_connection_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_connect(const db_connection_t* connection); /** * Create an object in the database. The `object` refer to the database object * begin created, the `object_field_list` describes the fields that should be * set in the object and the `value_set` has the values for each field. * \param[in] connection a db_connection_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_create(const db_connection_t* connection, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set); /** * Read an object or objects from the database. * \param[in] connection a db_connection_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_result_list_t pointer or NULL on error or if no objects where * read. */ db_result_list_t* db_connection_read(const db_connection_t* connection, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list); /** * Update an object or objects in the database. * \param[in] connection a db_connection_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_update(const db_connection_t* connection, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list); /** * Delete an object or objects from the database. * \param[in] connection a db_connection_t pointer. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_delete(const db_connection_t* connection, const db_object_t* object, const db_clause_list_t* clause_list); /** * Count objects from the database. Return the count in `count`. * \param[in] connection a db_connection_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[out] count a size_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_connection_count(const db_connection_t* connection, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count); #endif opendnssec-2.1.5/enforcer/src/db/db_object.h0000644000202300020240000002710613560311035015634 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_object_h #define __db_object_h struct db_object; struct db_object_field; struct db_object_field_list; typedef struct db_object db_object_t; typedef struct db_object_field db_object_field_t; typedef struct db_object_field_list db_object_field_list_t; #include "db_connection.h" #include "db_result.h" #include "db_join.h" #include "db_clause.h" #include "db_type.h" #include "db_value.h" #include "db_enum.h" #include "db_backend.h" /** * A representation of an field/value for a database object. */ struct db_object_field { db_object_field_t* next; const char* name; db_type_t type; const db_enum_t* enum_set; }; /** * Create a database object field. * \return a db_object_field_t pointer or NULL on error. */ db_object_field_t* db_object_field_new(void); /** * Create a database object field that is a copy of another. * \param[in] from_object_field a db_object_field_t pointer. * \return a db_object_field_t pointer or NULL on error. */ db_object_field_t* db_object_field_new_copy(const db_object_field_t* from_object_field); /** * Delete a database object field. * \param[in] object_field a db_object_field_t pointer. */ void db_object_field_free(db_object_field_t* object_field); /** * Copy the content of a database object field. * \param[in] object_field a db_object_field_t pointer. * \param[in] from_object_field a db_object_field_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_copy(db_object_field_t* object_field, const db_object_field_t* from_object_field); /** * Get the name of a database object field. * \param[in] object_field a db_object_field_t pointer. * \return a character pointer or NULL on error or if no field name has been set. */ const char* db_object_field_name(const db_object_field_t* object_field); /** * Get the type of a database object field. * \param[in] object_field a db_object_field_t pointer. * \return a db_type_t. */ db_type_t db_object_field_type(const db_object_field_t* object_field); /** * Set the name of a database object field. * \param[in] object_field a db_object_field_t pointer. * \param[in] name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_set_name(db_object_field_t* object_field, const char* name); /** * Set the type of a database object field. * \param[in] object_field a db_object_field_t pointer. * \param[in] type a db_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_set_type(db_object_field_t* object_field, db_type_t type); /** * Set the enumerate set of a database object field. * \param[in] object_field a db_object_field_t pointer. * \param[in] enum_set a NULL terminated db_enum_t list. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_set_enum_set(db_object_field_t* object_field, const db_enum_t* enum_set); /** * Check if the object field is not empty. * \param[in] object_field a db_object_field_t pointer. * \return DB_ERROR_* if empty, otherwise DB_OK. */ int db_object_field_not_empty(const db_object_field_t* object_field); /** * Get the next object field connected in a database object field list. * \param[in] object_field a db_object_field_t pointer. * \return a db_object_field_t pointer or NULL on error or if there are no more * object fields in the list. */ const db_object_field_t* db_object_field_next(const db_object_field_t* object_field); /** * A list of object fields. */ struct db_object_field_list { db_object_field_t* begin; db_object_field_t* end; size_t size; }; /** * Create a new object field list. * \return a db_object_field_list_t pointer or NULL on error. */ db_object_field_list_t* db_object_field_list_new(void); /** * Create a new object field list that is a copy of another. * \param[in] from_object_field_list a db_object_field_list_t pointer. * \return a db_object_field_list_t pointer or NULL on error. */ db_object_field_list_t* db_object_field_list_new_copy(const db_object_field_list_t* from_object_field_list); /** * Delete a object field list and all object fields within the list. * \param[in] object_field_list a db_object_field_list_t pointer. */ void db_object_field_list_free(db_object_field_list_t* object_field_list); /** * Copy the content of a database object field list. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] from_object_field_list a db_object_field_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_list_copy(db_object_field_list_t* object_field_list, const db_object_field_list_t* from_object_field_list); /** * Add a database object field to a database object field list, this will takes * over the ownership of the object field. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] object_field a db_object_field_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_field_list_add(db_object_field_list_t* object_field_list, db_object_field_t* object_field); /** * Return the first database object field in a database object field list. * \param[in] object_field_list a db_object_field_list_t pointer. * \return a db_object_field_t pointer or NULL on error or if the list is empty. */ const db_object_field_t* db_object_field_list_begin(const db_object_field_list_t* object_field_list); /** * Return the size of a object field list. * \param[in] object_field_list a db_object_field_list_t pointer. * \return a size_t, may be zero on error. */ size_t db_object_field_list_size(const db_object_field_list_t* object_field_list); /** * A database object. */ struct db_object { const db_connection_t* connection; const char* table; const char* primary_key_name; db_object_field_list_t* object_field_list; }; /** * Create a new database object. * \return a db_object_t pointer or NULL on error. */ db_object_t* db_object_new(void); /** * Delete a database object and the object field list and backend meta data list * if set. * \param[in] object a db_object_t pointer. */ void db_object_free(db_object_t* object); /** * Get the database connection of a database object. * \param[in] object a db_object_t pointer. * \return a db_connection_t pointer or NULL on error or if no connection has * been set. */ const db_connection_t* db_object_connection(const db_object_t* object); /** * Get the table name of a database object. * \param[in] object a db_object_t pointer. * \return a character pointer or NULL on error or if no table name has been * set. */ const char* db_object_table(const db_object_t* object); /** * Get the object field list of a database object. * \param[in] object a db_object_t pointer. * \return a db_object_field_list_t pointer or NULL on error or if no object * field list has been set. */ const db_object_field_list_t* db_object_object_field_list(const db_object_t* object); /** * Set the database connection of a database object. * \param[in] object a db_object_t pointer. * \param[in] connection a db_connection_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_set_connection(db_object_t* object, const db_connection_t* connection); /** * Set the table name of a database object. * \param[in] object a db_object_t pointer. * \param[in] table a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_set_table(db_object_t* object, const char* table); /** * Set the primary key name of a database object. * \param[in] object a db_object_t pointer. * \param[in] primary_key_name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_set_primary_key_name(db_object_t* object, const char* primary_key_name); /** * Set the object field list of a database object, this takes over the ownership * of the object field list. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_set_object_field_list(db_object_t* object, db_object_field_list_t* object_field_list); /** * Create an object in the database. The `object_field_list` describes the * fields that should be set in the object and the `value_set` has the values * for each field. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_create(const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set); /** * Read an object or objects from the database. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_result_list_t pointer or NULL on error or if no objects where * read. */ db_result_list_t* db_object_read(const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list); /** * Update an object or objects in the database. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_update(const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list); /** * Delete an object or objects from the database. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_delete(const db_object_t* object, const db_clause_list_t* clause_list); /** * Count objects from the database. Return the count in `count`. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[out] count a size_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_object_count(const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count); #endif opendnssec-2.1.5/enforcer/src/db/key_dependency_ext.h0000644000202300020240000000277713560311035017576 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_dependency_ext_h #define __key_dependency_ext_h #endif opendnssec-2.1.5/enforcer/src/db/db_object.c0000644000202300020240000003153313560311035015626 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_object.h" #include "db_error.h" #include /* DB OBJECT FIELD */ db_object_field_t* db_object_field_new(void) { db_object_field_t* object_field = (db_object_field_t*)calloc(1, sizeof(db_object_field_t)); if (object_field) { object_field->type = DB_TYPE_EMPTY; } return object_field; } /* TODO: unit test */ db_object_field_t* db_object_field_new_copy(const db_object_field_t* from_object_field) { db_object_field_t* object_field; if (!from_object_field) { return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_copy(object_field, from_object_field)) { db_object_field_free(object_field); return NULL; } return object_field; } void db_object_field_free(db_object_field_t* object_field) { if (object_field) { free(object_field); } } /* TODO: unit test */ int db_object_field_copy(db_object_field_t* object_field, const db_object_field_t* from_object_field) { if (!object_field) { return DB_ERROR_UNKNOWN; } if (!from_object_field) { return DB_ERROR_UNKNOWN; } if (object_field->next) { return DB_ERROR_UNKNOWN; } object_field->name = from_object_field->name; object_field->type = from_object_field->type; object_field->enum_set = from_object_field->enum_set; return DB_OK; } const char* db_object_field_name(const db_object_field_t* object_field) { if (!object_field) { return NULL; } return object_field->name; } db_type_t db_object_field_type(const db_object_field_t* object_field) { if (!object_field) { return DB_TYPE_EMPTY; } return object_field->type; } int db_object_field_set_name(db_object_field_t* object_field, const char* name) { if (!object_field) { return DB_ERROR_UNKNOWN; } if (!name) { return DB_ERROR_UNKNOWN; } object_field->name = name; return DB_OK; } int db_object_field_set_type(db_object_field_t* object_field, db_type_t type) { if (!object_field) { return DB_ERROR_UNKNOWN; } if (type == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } object_field->type = type; return DB_OK; } int db_object_field_set_enum_set(db_object_field_t* object_field, const db_enum_t* enum_set) { if (!object_field) { return DB_ERROR_UNKNOWN; } if (object_field->type != DB_TYPE_ENUM) { return DB_ERROR_UNKNOWN; } object_field->enum_set = enum_set; return DB_OK; } int db_object_field_not_empty(const db_object_field_t* object_field) { if (!object_field) { return DB_ERROR_UNKNOWN; } if (!object_field->name) { return DB_ERROR_UNKNOWN; } if (object_field->type == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } if (object_field->type == DB_TYPE_ENUM && !object_field->enum_set) { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_object_field_t* db_object_field_next(const db_object_field_t* object_field) { if (!object_field) { return NULL; } return object_field->next; } /* DB OBJECT FIELD LIST */ db_object_field_list_t* db_object_field_list_new(void) { db_object_field_list_t* object_field_list = (db_object_field_list_t*)calloc(1, sizeof(db_object_field_list_t)); return object_field_list; } /* TODO: unit test */ db_object_field_list_t* db_object_field_list_new_copy(const db_object_field_list_t* from_object_field_list) { db_object_field_list_t* object_field_list; if (!from_object_field_list) { return NULL; } if (!(object_field_list = db_object_field_list_new()) || db_object_field_list_copy(object_field_list, from_object_field_list)) { db_object_field_list_free(object_field_list); return NULL; } return object_field_list; } void db_object_field_list_free(db_object_field_list_t* object_field_list) { if (object_field_list) { if (object_field_list->begin) { db_object_field_t* this = object_field_list->begin; db_object_field_t* next = NULL; while (this) { next = this->next; db_object_field_free(this); this = next; } } free(object_field_list); } } /* TODO: unit test */ int db_object_field_list_copy(db_object_field_list_t* object_field_list, const db_object_field_list_t* from_object_field_list) { db_object_field_t* object_field; db_object_field_t* object_field_copy; if (!object_field_list) { return DB_ERROR_UNKNOWN; } /* * TODO: Should we be able to copy into a object field list that already * contains data? */ if (object_field_list->begin) { return DB_ERROR_UNKNOWN; } if (object_field_list->end) { return DB_ERROR_UNKNOWN; } if (object_field_list->size) { return DB_ERROR_UNKNOWN; } if (!from_object_field_list) { return DB_ERROR_UNKNOWN; } object_field = from_object_field_list->begin; while (object_field) { if (!(object_field_copy = db_object_field_new_copy(object_field)) || db_object_field_list_add(object_field_list, object_field_copy)) { return DB_ERROR_UNKNOWN; } object_field = object_field->next; } return DB_OK; } int db_object_field_list_add(db_object_field_list_t* object_field_list, db_object_field_t* object_field) { if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!object_field) { return DB_ERROR_UNKNOWN; } if (db_object_field_not_empty(object_field)) { return DB_ERROR_UNKNOWN; } if (object_field->next) { return DB_ERROR_UNKNOWN; } if (object_field_list->begin) { if (!object_field_list->end) { return DB_ERROR_UNKNOWN; } object_field_list->end->next = object_field; object_field_list->end = object_field; } else { object_field_list->begin = object_field; object_field_list->end = object_field; } object_field_list->size++; return DB_OK; } const db_object_field_t* db_object_field_list_begin(const db_object_field_list_t* object_field_list) { if (!object_field_list) { return NULL; } return object_field_list->begin; } size_t db_object_field_list_size(const db_object_field_list_t* object_field_list) { if (!object_field_list) { return 0; } return object_field_list->size; } /* DB OBJECT */ db_object_t* db_object_new(void) { db_object_t* object = (db_object_t*)calloc(1, sizeof(db_object_t)); return object; } void db_object_free(db_object_t* object) { if (object) { if (object->object_field_list) { db_object_field_list_free(object->object_field_list); } free(object); } } const db_connection_t* db_object_connection(const db_object_t* object) { if (!object) { return NULL; } return object->connection; } const char* db_object_table(const db_object_t* object) { if (!object) { return NULL; } return object->table; } const db_object_field_list_t* db_object_object_field_list(const db_object_t* object) { if (!object) { return NULL; } return object->object_field_list; } int db_object_set_connection(db_object_t* object, const db_connection_t* connection) { if (!object) { return DB_ERROR_UNKNOWN; } if (!connection) { return DB_ERROR_UNKNOWN; } if (object->connection) { return DB_ERROR_UNKNOWN; } object->connection = connection; return DB_OK; } int db_object_set_table(db_object_t* object, const char* table) { if (!object) { return DB_ERROR_UNKNOWN; } if (!table) { return DB_ERROR_UNKNOWN; } if (object->table) { return DB_ERROR_UNKNOWN; } object->table = table; return DB_OK; } int db_object_set_primary_key_name(db_object_t* object, const char* primary_key_name) { if (!object) { return DB_ERROR_UNKNOWN; } if (!primary_key_name) { return DB_ERROR_UNKNOWN; } if (object->primary_key_name) { return DB_ERROR_UNKNOWN; } object->primary_key_name = primary_key_name; return DB_OK; } int db_object_set_object_field_list(db_object_t* object, db_object_field_list_t* object_field_list) { if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (object->object_field_list) { return DB_ERROR_UNKNOWN; } object->object_field_list = object_field_list; return DB_OK; } int db_object_create(const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { if (!object) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!object->connection) { return DB_ERROR_UNKNOWN; } if (!object->table) { return DB_ERROR_UNKNOWN; } if (!object->primary_key_name) { return DB_ERROR_UNKNOWN; } if (object_field_list) { return db_connection_create(object->connection, object, object_field_list, value_set); } return db_connection_create(object->connection, object, object->object_field_list, value_set); } db_result_list_t* db_object_read(const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { if (!object) { return NULL; } if (!object->connection) { return NULL; } if (!object->table) { return NULL; } if (!object->primary_key_name) { return NULL; } return db_connection_read(object->connection, object, join_list, clause_list); } int db_object_update(const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { if (!object) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!object->connection) { return DB_ERROR_UNKNOWN; } if (!object->table) { return DB_ERROR_UNKNOWN; } if (!object->primary_key_name) { return DB_ERROR_UNKNOWN; } if (object_field_list) { return db_connection_update(object->connection, object, object_field_list, value_set, clause_list); } return db_connection_update(object->connection, object, object->object_field_list, value_set, clause_list); } int db_object_delete(const db_object_t* object, const db_clause_list_t* clause_list) { if (!object) { return DB_ERROR_UNKNOWN; } if (!object->connection) { return DB_ERROR_UNKNOWN; } if (!object->table) { return DB_ERROR_UNKNOWN; } if (!object->primary_key_name) { return DB_ERROR_UNKNOWN; } return db_connection_delete(object->connection, object, clause_list); } int db_object_count(const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } if (!object->connection) { return DB_ERROR_UNKNOWN; } if (!object->table) { return DB_ERROR_UNKNOWN; } if (!object->primary_key_name) { return DB_ERROR_UNKNOWN; } return db_connection_count(object->connection, object, join_list, clause_list, count); } opendnssec-2.1.5/enforcer/src/db/db_error.h0000644000202300020240000000315713560310771015525 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_error_h #define __db_error_h /** * A successful operation. */ #define DB_OK 0 /** * A failed operation with an unknown error. */ #define DB_ERROR_UNKNOWN 1 #endif opendnssec-2.1.5/enforcer/src/db/policy.h0000644000202300020240000007102213560311035015214 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __policy_h #define __policy_h #include "db_object.h" struct policy; struct policy_list; typedef struct policy policy_t; typedef struct policy_list policy_list_t; typedef enum policy_denial_type { POLICY_DENIAL_TYPE_INVALID = -1, POLICY_DENIAL_TYPE_NSEC = 0, POLICY_DENIAL_TYPE_NSEC3 = 1 } policy_denial_type_t; extern const db_enum_t policy_enum_set_denial_type[]; typedef enum policy_zone_soa_serial { POLICY_ZONE_SOA_SERIAL_INVALID = -1, POLICY_ZONE_SOA_SERIAL_COUNTER = 0, POLICY_ZONE_SOA_SERIAL_DATECOUNTER = 1, POLICY_ZONE_SOA_SERIAL_UNIXTIME = 2, POLICY_ZONE_SOA_SERIAL_KEEP = 3 } policy_zone_soa_serial_t; #include "policy_ext.h" /** * A policy object. */ struct policy { db_object_t* dbo; db_value_t id; db_value_t rev; char* name; /* if passthrough set, no modifications to the zonefile should * be made. I.e. No signatures added or removed */ unsigned int passthrough; char* description; unsigned int signatures_resign; unsigned int signatures_refresh; unsigned int signatures_jitter; unsigned int signatures_inception_offset; unsigned int signatures_validity_default; unsigned int signatures_validity_denial; unsigned int signatures_validity_keyset; unsigned int signatures_max_zone_ttl; policy_denial_type_t denial_type; unsigned int denial_optout; unsigned int denial_ttl; unsigned int denial_resalt; unsigned int denial_algorithm; unsigned int denial_iterations; unsigned int denial_salt_length; char* denial_salt; unsigned int denial_salt_last_change; unsigned int keys_ttl; unsigned int keys_retire_safety; unsigned int keys_publish_safety; unsigned int keys_shared; unsigned int keys_purge_after; unsigned int zone_propagation_delay; unsigned int zone_soa_ttl; unsigned int zone_soa_minimum; policy_zone_soa_serial_t zone_soa_serial; unsigned int parent_registration_delay; unsigned int parent_propagation_delay; unsigned int parent_ds_ttl; unsigned int parent_soa_ttl; unsigned int parent_soa_minimum; policy_key_list_t* policy_key_list; zone_list_db_t* zone_list; hsm_key_list_t* hsm_key_list; }; /** * Create a new policy object. * \param[in] connection a db_connection_t pointer. * \return a policy_t pointer or NULL on error. */ policy_t* policy_new(const db_connection_t* connection); /** * Create a new policy object that is a copy of another policy object. * \param[in] policy a policy_t pointer. * \return a policy_t pointer or NULL on error. */ policy_t* policy_new_copy(const policy_t* policy); /** * Delete a policy object, this does not delete it from the database. * \param[in] policy a policy_t pointer. */ void policy_free(policy_t* policy); /** * Copy the content of a policy object. * \param[in] policy a policy_t pointer. * \param[in] policy_copy a policy_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_copy(policy_t* policy, const policy_t* policy_copy); /** * Set the content of a policy object based on a database result. * \param[in] policy a policy_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_from_result(policy_t* policy, const db_result_t* result); /** * Get the id of a policy object. * \param[in] policy a policy_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* policy_id(const policy_t* policy); /** * Get the name of a policy object. * \param[in] policy a policy_t pointer. * \return a character pointer or NULL on error or if no name has been set. */ const char* policy_name(const policy_t* policy); /** * Get the passthrough of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_passthrough(const policy_t* policy); /** * Get the description of a policy object. * \param[in] policy a policy_t pointer. * \return a character pointer or NULL on error or if no description has been set. */ const char* policy_description(const policy_t* policy); /** * Get the signatures_resign of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_resign(const policy_t* policy); /** * Get the signatures_refresh of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_refresh(const policy_t* policy); /** * Get the signatures_jitter of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_jitter(const policy_t* policy); /** * Get the signatures_inception_offset of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_inception_offset(const policy_t* policy); /** * Get the signatures_validity_default of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_validity_default(const policy_t* policy); /** * Get the signatures_validity_denial of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_validity_denial(const policy_t* policy); /** * Get the signatures_validity_keyset of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_validity_keyset(const policy_t* policy); /** * Get the signatures_max_zone_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_signatures_max_zone_ttl(const policy_t* policy); /** * Get the denial_type of a policy object. * \param[in] policy a policy_t pointer. * \return a policy_denial_type_t which may be POLICY_DENIAL_TYPE_INVALID on error or if no denial_type has been set. */ policy_denial_type_t policy_denial_type(const policy_t* policy); /** * Get the denial_optout of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_optout(const policy_t* policy); /** * Get the denial_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_ttl(const policy_t* policy); /** * Get the denial_resalt of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_resalt(const policy_t* policy); /** * Get the denial_algorithm of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_algorithm(const policy_t* policy); /** * Get the denial_iterations of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_iterations(const policy_t* policy); /** * Get the denial_salt_length of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_salt_length(const policy_t* policy); /** * Get the denial_salt of a policy object. * \param[in] policy a policy_t pointer. * \return a character pointer or NULL on error or if no denial_salt has been set. */ const char* policy_denial_salt(const policy_t* policy); /** * Get the denial_salt_last_change of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_denial_salt_last_change(const policy_t* policy); /** * Get the keys_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_keys_ttl(const policy_t* policy); /** * Get the keys_retire_safety of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_keys_retire_safety(const policy_t* policy); /** * Get the keys_publish_safety of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_keys_publish_safety(const policy_t* policy); /** * Get the keys_shared of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_keys_shared(const policy_t* policy); /** * Get the keys_purge_after of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_keys_purge_after(const policy_t* policy); /** * Get the zone_propagation_delay of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_zone_propagation_delay(const policy_t* policy); /** * Get the zone_soa_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_zone_soa_ttl(const policy_t* policy); /** * Get the zone_soa_minimum of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_zone_soa_minimum(const policy_t* policy); /** * Get the zone_soa_serial as text of a policy object. * \param[in] policy a policy_t pointer. * \return a character pointer or NULL on error or if no zone_soa_serial has been set. */ const char* policy_zone_soa_serial_text(const policy_t* policy); /** * Get the parent_registration_delay of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_parent_registration_delay(const policy_t* policy); /** * Get the parent_propagation_delay of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_parent_propagation_delay(const policy_t* policy); /** * Get the parent_ds_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_parent_ds_ttl(const policy_t* policy); /** * Get the parent_soa_ttl of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_parent_soa_ttl(const policy_t* policy); /** * Get the parent_soa_minimum of a policy object. Undefined behavior if `policy` is NULL. * \param[in] policy a policy_t pointer. * \return an unsigned integer. */ unsigned int policy_parent_soa_minimum(const policy_t* policy); /** * Get the zone objects related to a policy object. * \param[in] policy a policy_t pointer. * \return a zone_list_db_t pointer or NULL on error. */ zone_list_db_t* policy_zone_list(policy_t* policy); /** * Retrieve zone objects related to a policy object. * Use policy_zone_list() to get the list afterwards. * This will refetch objects if already retrieved. * \param[in] policy a policy_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_retrieve_zone_list(policy_t* policy); /** * Set the name of a policy object. * \param[in] policy a policy_t pointer. * \param[in] name_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_name(policy_t* policy, const char* name_text); /** * Set the passthrough of a policy object. * \param[in] policy a policy_t pointer. * \param[in] passthrough an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_passthrough(policy_t* policy, unsigned int passthrough); /** * Set the description of a policy object. * \param[in] policy a policy_t pointer. * \param[in] description_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_description(policy_t* policy, const char* description_text); /** * Set the signatures_resign of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_resign an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_resign(policy_t* policy, unsigned int signatures_resign); /** * Set the signatures_refresh of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_refresh an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_refresh(policy_t* policy, unsigned int signatures_refresh); /** * Set the signatures_jitter of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_jitter an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_jitter(policy_t* policy, unsigned int signatures_jitter); /** * Set the signatures_inception_offset of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_inception_offset an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_inception_offset(policy_t* policy, unsigned int signatures_inception_offset); /** * Set the signatures_validity_default of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_validity_default an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_validity_default(policy_t* policy, unsigned int signatures_validity_default); /** * Set the signatures_validity_denial of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_validity_denial an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_validity_denial(policy_t* policy, unsigned int signatures_validity_denial); /** * Set the signatures_validity_keyset of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_validity_keyset an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_validity_keyset(policy_t* policy, unsigned int signatures_validity_keyset); /** * Set the signatures_max_zone_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] signatures_max_zone_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_signatures_max_zone_ttl(policy_t* policy, unsigned int signatures_max_zone_ttl); /** * Set the denial_type of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_type a policy_denial_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_type(policy_t* policy, policy_denial_type_t denial_type); /** * Set the denial_optout of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_optout an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_optout(policy_t* policy, unsigned int denial_optout); /** * Set the denial_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_ttl(policy_t* policy, unsigned int denial_ttl); /** * Set the denial_resalt of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_resalt an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_resalt(policy_t* policy, unsigned int denial_resalt); /** * Set the denial_algorithm of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_algorithm an unsigned integer with a maximum value of 255. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_algorithm(policy_t* policy, unsigned int denial_algorithm); /** * Set the denial_iterations of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_iterations an unsigned integer with a maximum value of 65535. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_iterations(policy_t* policy, unsigned int denial_iterations); /** * Set the denial_salt_length of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_salt_length an unsigned integer with a maximum value of 255. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_salt_length(policy_t* policy, unsigned int denial_salt_length); /** * Set the denial_salt of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_salt_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_salt(policy_t* policy, const char* denial_salt_text); /** * Set the denial_salt_last_change of a policy object. * \param[in] policy a policy_t pointer. * \param[in] denial_salt_last_change an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_denial_salt_last_change(policy_t* policy, unsigned int denial_salt_last_change); /** * Set the keys_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] keys_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_keys_ttl(policy_t* policy, unsigned int keys_ttl); /** * Set the keys_retire_safety of a policy object. * \param[in] policy a policy_t pointer. * \param[in] keys_retire_safety an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_keys_retire_safety(policy_t* policy, unsigned int keys_retire_safety); /** * Set the keys_publish_safety of a policy object. * \param[in] policy a policy_t pointer. * \param[in] keys_publish_safety an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_keys_publish_safety(policy_t* policy, unsigned int keys_publish_safety); /** * Set the keys_shared of a policy object. * \param[in] policy a policy_t pointer. * \param[in] keys_shared an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_keys_shared(policy_t* policy, unsigned int keys_shared); /** * Set the keys_purge_after of a policy object. * \param[in] policy a policy_t pointer. * \param[in] keys_purge_after an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_keys_purge_after(policy_t* policy, unsigned int keys_purge_after); /** * Set the zone_propagation_delay of a policy object. * \param[in] policy a policy_t pointer. * \param[in] zone_propagation_delay an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_zone_propagation_delay(policy_t* policy, unsigned int zone_propagation_delay); /** * Set the zone_soa_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] zone_soa_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_zone_soa_ttl(policy_t* policy, unsigned int zone_soa_ttl); /** * Set the zone_soa_minimum of a policy object. * \param[in] policy a policy_t pointer. * \param[in] zone_soa_minimum an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_zone_soa_minimum(policy_t* policy, unsigned int zone_soa_minimum); /** * Set the zone_soa_serial of a policy object from text. * \param[in] policy a policy_t pointer. * \param[in] zone_soa_serial a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_zone_soa_serial_text(policy_t* policy, const char* zone_soa_serial); /** * Set the parent_registration_delay of a policy object. * \param[in] policy a policy_t pointer. * \param[in] parent_registration_delay an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_parent_registration_delay(policy_t* policy, unsigned int parent_registration_delay); /** * Set the parent_propagation_delay of a policy object. * \param[in] policy a policy_t pointer. * \param[in] parent_propagation_delay an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_parent_propagation_delay(policy_t* policy, unsigned int parent_propagation_delay); /** * Set the parent_ds_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] parent_ds_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_parent_ds_ttl(policy_t* policy, unsigned int parent_ds_ttl); /** * Set the parent_soa_ttl of a policy object. * \param[in] policy a policy_t pointer. * \param[in] parent_soa_ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_parent_soa_ttl(policy_t* policy, unsigned int parent_soa_ttl); /** * Set the parent_soa_minimum of a policy object. * \param[in] policy a policy_t pointer. * \param[in] parent_soa_minimum an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_set_parent_soa_minimum(policy_t* policy, unsigned int parent_soa_minimum); /** * Create a clause for denial_type of a policy object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] denial_type a policy_denial_type_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* policy_denial_type_clause(db_clause_list_t* clause_list, policy_denial_type_t denial_type); /** * Create a policy object in the database. * \param[in] policy a policy_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_create(policy_t* policy); /** * Get a policy object from the database by a id specified in `id`. * \param[in] policy a policy_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_get_by_id(policy_t* policy, const db_value_t* id); /** * Get a policy object from the database by a name specified in `name`. * \param[in] policy a policy_t pointer. * \param[in] name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_get_by_name(policy_t* policy, const char* name); /** * Get a new policy object from the database by a name specified in `name`. * \param[in] connection a db_connection_t pointer. * \param[in] name a character pointer. * \return a policy_t pointer or NULL on error or if it does not exist. */ policy_t* policy_new_get_by_name(const db_connection_t* connection, const char* name); /** * Update a policy object in the database. * \param[in] policy a policy_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_update(policy_t* policy); /** * Delete a policy object from the database. * \param[in] policy a policy_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_delete(policy_t* policy); /** * A list of policy objects. */ struct policy_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; policy_t* policy; int object_store; policy_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; }; /** * Create a new policy object list. * \param[in] connection a db_connection_t pointer. * \return a policy_list_t pointer or NULL on error. */ policy_list_t* policy_list_new(const db_connection_t* connection); /** * Create a new policy object list that is a copy of another. * \param[in] policy_list a policy_list_t pointer. * \return a policy_list_t pointer or NULL on error. */ policy_list_t* policy_list_new_copy(const policy_list_t* policy_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] policy_list a policy_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_list_object_store(policy_list_t* policy_list); /** * Delete a policy object list. * \param[in] policy_list a policy_list_t pointer. */ void policy_list_free(policy_list_t* policy_list); /** * Copy the content of another policy object list. * \param[in] policy_list a policy_list_t pointer. * \param[in] from_policy_list a policy_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_list_copy(policy_list_t* policy_list, const policy_list_t* from_policy_list); /** * Get all policy objects. * \param[in] policy_list a policy_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_list_get(policy_list_t* policy_list); /** * Get a new list with all policy objects. * \param[in] connection a db_connection_t pointer. * \return a policy_list_t pointer or NULL on error. */ policy_list_t* policy_list_new_get(const db_connection_t* connection); /** * Get policy objects from the database by a clause list. * \param[in] policy_list a policy_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_list_get_by_clauses(policy_list_t* policy_list, const db_clause_list_t* clause_list); /** * Get a new list of policy objects from the database by a clause list. * \param[in] connection a db_connection_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a policy_list_t pointer or NULL on error. */ policy_list_t* policy_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list); /** * Get the first policy object in a policy object list and reset the * position of the list. * \param[in] policy_list a policy_list_t pointer. * \return a policy_t pointer or NULL on error or if there are no * policy objects in the policy object list. */ const policy_t* policy_list_begin(policy_list_t* policy_list); /** * Get the next policy object in a policy object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] policy_list a policy_list_t pointer. * \return a policy_t pointer or NULL on error or if there are no more * policy objects in the policy object list. */ const policy_t* policy_list_next(policy_list_t* policy_list); /** * Get the next policy object in a policy object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] policy_list a policy_list_t pointer. * \return a policy_t pointer or NULL on error or if there are no more * policy objects in the policy object list. */ policy_t* policy_list_get_next(policy_list_t* policy_list); #endif opendnssec-2.1.5/enforcer/src/db/db_data_mysql.h0000644000202300020240000000302713560310771016526 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef __db_data_mysql_h #define __db_data_mysql_h extern const char* db_data_mysql[]; #endif opendnssec-2.1.5/enforcer/src/db/hsm_key.h0000644000202300020240000005011413560311035015353 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __hsm_key_h #define __hsm_key_h #include "db_object.h" struct hsm_key; struct hsm_key_list; typedef struct hsm_key hsm_key_t; typedef struct hsm_key_list hsm_key_list_t; typedef enum hsm_key_state { HSM_KEY_STATE_INVALID = -1, HSM_KEY_STATE_UNUSED = 1, HSM_KEY_STATE_PRIVATE = 2, HSM_KEY_STATE_SHARED = 3, HSM_KEY_STATE_DELETE = 4 } hsm_key_state_t; extern const db_enum_t hsm_key_enum_set_state[]; typedef enum hsm_key_role { HSM_KEY_ROLE_INVALID = -1, HSM_KEY_ROLE_KSK = 1, HSM_KEY_ROLE_ZSK = 2, HSM_KEY_ROLE_CSK = 3 } hsm_key_role_t; extern const db_enum_t hsm_key_enum_set_role[]; typedef enum hsm_key_key_type { HSM_KEY_KEY_TYPE_INVALID = -1, HSM_KEY_KEY_TYPE_RSA = 1 } hsm_key_key_type_t; typedef enum hsm_key_backup { HSM_KEY_BACKUP_INVALID = -1, HSM_KEY_BACKUP_NO_BACKUP = 0, HSM_KEY_BACKUP_BACKUP_REQUIRED = 1, HSM_KEY_BACKUP_BACKUP_REQUESTED = 2, HSM_KEY_BACKUP_BACKUP_DONE = 3 } hsm_key_backup_t; extern const db_enum_t hsm_key_enum_set_backup[]; #include "hsm_key_ext.h" #include "policy.h" /** * A hsm key object. */ struct hsm_key { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t policy_id; const policy_t* associated_policy_id; policy_t* private_policy_id; char* locator; hsm_key_state_t state; unsigned int bits; unsigned int algorithm; hsm_key_role_t role; unsigned int inception; unsigned int is_revoked; hsm_key_key_type_t key_type; char* repository; hsm_key_backup_t backup; }; /** * Create a new hsm key object. * \param[in] connection a db_connection_t pointer. * \return a hsm_key_t pointer or NULL on error. */ hsm_key_t* hsm_key_new(const db_connection_t* connection); /** * Create a new hsm key object that is a copy of another hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a hsm_key_t pointer or NULL on error. */ hsm_key_t* hsm_key_new_copy(const hsm_key_t* hsm_key); /** * Delete a hsm key object, this does not delete it from the database. * \param[in] hsm_key a hsm_key_t pointer. */ void hsm_key_free(hsm_key_t* hsm_key); /** * Copy the content of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] hsm_key_copy a hsm_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_copy(hsm_key_t* hsm_key, const hsm_key_t* hsm_key_copy); /** * Set the content of a hsm key object based on a database result. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_from_result(hsm_key_t* hsm_key, const db_result_t* result); /** * Get the id of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* hsm_key_id(const hsm_key_t* hsm_key); /** * Get the policy_id of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* hsm_key_policy_id(const hsm_key_t* hsm_key); /** * Get the locator of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a character pointer or NULL on error or if no locator has been set. */ const char* hsm_key_locator(const hsm_key_t* hsm_key); /** * Get the state of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a hsm_key_state_t which may be HSM_KEY_STATE_INVALID on error or if no state has been set. */ hsm_key_state_t hsm_key_state(const hsm_key_t* hsm_key); /** * Get the bits of a hsm key object. Undefined behavior if `hsm_key` is NULL. * \param[in] hsm_key a hsm_key_t pointer. * \return an unsigned integer. */ unsigned int hsm_key_bits(const hsm_key_t* hsm_key); /** * Get the algorithm of a hsm key object. Undefined behavior if `hsm_key` is NULL. * \param[in] hsm_key a hsm_key_t pointer. * \return an unsigned integer. */ unsigned int hsm_key_algorithm(const hsm_key_t* hsm_key); /** * Get the role of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a hsm_key_role_t which may be HSM_KEY_ROLE_INVALID on error or if no role has been set. */ hsm_key_role_t hsm_key_role(const hsm_key_t* hsm_key); /** * Get the inception of a hsm key object. Undefined behavior if `hsm_key` is NULL. * \param[in] hsm_key a hsm_key_t pointer. * \return an unsigned integer. */ unsigned int hsm_key_inception(const hsm_key_t* hsm_key); /** * Get the repository of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a character pointer or NULL on error or if no repository has been set. */ const char* hsm_key_repository(const hsm_key_t* hsm_key); /** * Get the backup of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \return a hsm_key_backup_t which may be HSM_KEY_BACKUP_INVALID on error or if no backup has been set. */ hsm_key_backup_t hsm_key_backup(const hsm_key_t* hsm_key); /** * Set the policy_id of a hsm key object. If this fails the original value may have been lost. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_policy_id(hsm_key_t* hsm_key, const db_value_t* policy_id); /** * Set the locator of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] locator_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_locator(hsm_key_t* hsm_key, const char* locator_text); /** * Set the state of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] state a hsm_key_state_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_state(hsm_key_t* hsm_key, hsm_key_state_t state); /** * Set the bits of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] bits an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_bits(hsm_key_t* hsm_key, unsigned int bits); /** * Set the algorithm of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] algorithm an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_algorithm(hsm_key_t* hsm_key, unsigned int algorithm); /** * Set the role of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] role a hsm_key_role_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_role(hsm_key_t* hsm_key, hsm_key_role_t role); /** * Set the inception of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] inception an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_inception(hsm_key_t* hsm_key, unsigned int inception); /** * Set the key_type of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] key_type a hsm_key_key_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_key_type(hsm_key_t* hsm_key, hsm_key_key_type_t key_type); /** * Set the repository of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] repository_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_repository(hsm_key_t* hsm_key, const char* repository_text); /** * Set the backup of a hsm key object. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] backup a hsm_key_backup_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_set_backup(hsm_key_t* hsm_key, hsm_key_backup_t backup); /** * Create a clause for policy_id of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] policy_id a db_value_t pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_policy_id_clause(db_clause_list_t* clause_list, const db_value_t* policy_id); /** * Create a clause for state of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] state a hsm_key_state_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_state_clause(db_clause_list_t* clause_list, hsm_key_state_t state); /** * Create a clause for bits of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] bits an unsigned integer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_bits_clause(db_clause_list_t* clause_list, unsigned int bits); /** * Create a clause for algorithm of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] algorithm an unsigned integer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_algorithm_clause(db_clause_list_t* clause_list, unsigned int algorithm); /** * Create a clause for role of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] role a hsm_key_role_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_role_clause(db_clause_list_t* clause_list, hsm_key_role_t role); /** * Create a clause for is_revoked of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] is_revoked an unsigned integer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_is_revoked_clause(db_clause_list_t* clause_list, unsigned int is_revoked); /** * Create a clause for key_type of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] key_type a hsm_key_key_type_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_key_type_clause(db_clause_list_t* clause_list, hsm_key_key_type_t key_type); /** * Create a clause for repository of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] repository_text a character pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_repository_clause(db_clause_list_t* clause_list, const char* repository_text); /** * Create a clause for backup of a hsm key object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] backup a hsm_key_backup_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* hsm_key_backup_clause(db_clause_list_t* clause_list, hsm_key_backup_t backup); /** * Create a hsm key object in the database. * \param[in] hsm_key a hsm_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_create(hsm_key_t* hsm_key); /** * Get a hsm key object from the database by a id specified in `id`. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_get_by_id(hsm_key_t* hsm_key, const db_value_t* id); /** * Get a hsm key object from the database by a locator specified in `locator`. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] locator a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_get_by_locator(hsm_key_t* hsm_key, const char* locator); /** * Get a new hsm key object from the database by a locator specified in `locator`. * \param[in] connection a db_connection_t pointer. * \param[in] locator a character pointer. * \return a hsm_key_t pointer or NULL on error or if it does not exist. */ hsm_key_t* hsm_key_new_get_by_locator(const db_connection_t* connection, const char* locator); /** * Update a hsm key object in the database. * \param[in] hsm_key a hsm_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_update(hsm_key_t* hsm_key); /** * Count the number of hsm key objects in the database, if a selection of * objects should be counted then it can be limited by a database clause list * otherwise all objects are counted. * \param[in] hsm_key a hsm_key_t pointer. * \param[in] clause_list a db_clause_list_t pointer or NULL if all objects. * \param[out] count a size_t pointer to where the count should be stored. * should be counted. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_count(hsm_key_t* hsm_key, db_clause_list_t* clause_list, size_t* count); /** * A list of hsm key objects. */ struct hsm_key_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; hsm_key_t* hsm_key; int object_store; hsm_key_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; policy_list_t* policy_id_list; }; /** * Create a new hsm key object list. * \param[in] connection a db_connection_t pointer. * \return a hsm_key_list_t pointer or NULL on error. */ hsm_key_list_t* hsm_key_list_new(const db_connection_t* connection); /** * Create a new hsm key object list that is a copy of another. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return a hsm_key_list_t pointer or NULL on error. */ hsm_key_list_t* hsm_key_list_new_copy(const hsm_key_list_t* hsm_key_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_list_object_store(hsm_key_list_t* hsm_key_list); /** * Delete a hsm key object list. * \param[in] hsm_key_list a hsm_key_list_t pointer. */ void hsm_key_list_free(hsm_key_list_t* hsm_key_list); /** * free global allocator. * hsm_key_list_free MUST be called for all its contents. */ /** * Copy the content of another hsm key object list. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \param[in] from_hsm_key_list a hsm_key_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_list_copy(hsm_key_list_t* hsm_key_list, const hsm_key_list_t* from_hsm_key_list); /** * Get hsm key objects from the database by a clause list. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_list_get_by_clauses(hsm_key_list_t* hsm_key_list, const db_clause_list_t* clause_list); /** * Get a new list of hsm key objects from the database by a clause list. * \param[in] connection a db_connection_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a hsm_key_list_t pointer or NULL on error. */ hsm_key_list_t* hsm_key_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list); /** * Get hsm key objects from the database by a policy_id specified in `policy_id`. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int hsm_key_list_get_by_policy_id(hsm_key_list_t* hsm_key_list, const db_value_t* policy_id); /** * Get a new list of hsm key objects from the database by a policy_id specified in `policy_id`. * \param[in] connection a db_connection_t pointer. * \param[in] policy_id a db_value_t pointer. * \return a hsm_key_list_t pointer or NULL on error. */ hsm_key_list_t* hsm_key_list_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id); /** * Get the first hsm key object in a hsm key object list and reset the * position of the list. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return a hsm_key_t pointer or NULL on error or if there are no * hsm key objects in the hsm key object list. */ const hsm_key_t* hsm_key_list_begin(hsm_key_list_t* hsm_key_list); /** * Get the first hsm key object in a hsm key object list and reset the * position of the list. The caller will be given ownership of this object and * is responsible for freeing it. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return a hsm_key_t pointer or NULL on error or if there are no * hsm key objects in the hsm key object list. */ hsm_key_t* hsm_key_list_get_begin(hsm_key_list_t* hsm_key_list); /** * Get the next hsm key object in a hsm key object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return a hsm_key_t pointer or NULL on error or if there are no more * hsm key objects in the hsm key object list. */ const hsm_key_t* hsm_key_list_next(hsm_key_list_t* hsm_key_list); /** * Get the next hsm key object in a hsm key object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] hsm_key_list a hsm_key_list_t pointer. * \return a hsm_key_t pointer or NULL on error or if there are no more * hsm key objects in the hsm key object list. */ hsm_key_t* hsm_key_list_get_next(hsm_key_list_t* hsm_key_list); #endif opendnssec-2.1.5/enforcer/src/db/database_version.c0000644000202300020240000002664113560310771017236 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "database_version.h" #include "db_error.h" #include /** * Create a new database version object. * \param[in] connection a db_connection_t pointer. * \return a database_version_t pointer or NULL on error. */ static db_object_t* __database_version_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "databaseVersion") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "version") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* DATABASE VERSION */ database_version_t* database_version_new(const db_connection_t* connection) { database_version_t* database_version = (database_version_t*)calloc(1, sizeof(database_version_t)); if (database_version) { if (!(database_version->dbo = __database_version_new_object(connection))) { free(database_version); return NULL; } db_value_reset(&(database_version->id)); db_value_reset(&(database_version->rev)); } return database_version; } void database_version_free(database_version_t* database_version) { if (database_version) { if (database_version->dbo) { db_object_free(database_version->dbo); } db_value_reset(&(database_version->id)); db_value_reset(&(database_version->rev)); free(database_version); } } int database_version_from_result(database_version_t* database_version, const db_result_t* result) { const db_value_set_t* value_set; if (!database_version) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(database_version->id)); db_value_reset(&(database_version->rev)); if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 3 || db_value_copy(&(database_version->id), db_value_set_at(value_set, 0)) || db_value_copy(&(database_version->rev), db_value_set_at(value_set, 1)) || db_value_to_uint32(db_value_set_at(value_set, 2), &(database_version->version))) { return DB_ERROR_UNKNOWN; } return DB_OK; } unsigned int database_version_version(const database_version_t* database_version) { if (!database_version) { return 0; } return database_version->version; } /* DATABASE VERSION LIST */ database_version_list_t* database_version_list_new(const db_connection_t* connection) { database_version_list_t* database_version_list = (database_version_list_t*)calloc(1, sizeof(database_version_list_t)); if (database_version_list) { if (!(database_version_list->dbo = __database_version_new_object(connection))) { free(database_version_list); return NULL; } } return database_version_list; } void database_version_list_free(database_version_list_t* database_version_list) { size_t i; if (database_version_list) { if (database_version_list->dbo) { db_object_free(database_version_list->dbo); } if (database_version_list->result_list) { db_result_list_free(database_version_list->result_list); } if (database_version_list->database_version) { database_version_free(database_version_list->database_version); } for (i = 0; i < database_version_list->object_list_size; i++) { if (database_version_list->object_list[i]) { database_version_free(database_version_list->object_list[i]); } } if (database_version_list->object_list) { free(database_version_list->object_list); } free(database_version_list); } } static int database_version_list_get_associated(database_version_list_t* database_version_list) { (void)database_version_list; return DB_OK; } int database_version_list_get(database_version_list_t* database_version_list) { size_t i; if (!database_version_list) { return DB_ERROR_UNKNOWN; } if (!database_version_list->dbo) { return DB_ERROR_UNKNOWN; } if (database_version_list->result_list) { db_result_list_free(database_version_list->result_list); } if (database_version_list->object_list_size) { for (i = 0; i < database_version_list->object_list_size; i++) { if (database_version_list->object_list[i]) { database_version_free(database_version_list->object_list[i]); } } database_version_list->object_list_size = 0; database_version_list->object_list_first = 0; } if (database_version_list->object_list) { free(database_version_list->object_list); database_version_list->object_list = NULL; } if (!(database_version_list->result_list = db_object_read(database_version_list->dbo, NULL, NULL)) || db_result_list_fetch_all(database_version_list->result_list)) { return DB_ERROR_UNKNOWN; } if (database_version_list->associated_fetch && database_version_list_get_associated(database_version_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } database_version_list_t* database_version_list_new_get(const db_connection_t* connection) { database_version_list_t* database_version_list; if (!connection) { return NULL; } if (!(database_version_list = database_version_list_new(connection)) || database_version_list_get(database_version_list)) { database_version_list_free(database_version_list); return NULL; } return database_version_list; } const database_version_t* database_version_list_next(database_version_list_t* database_version_list) { const db_result_t* result; if (!database_version_list) { return NULL; } if (database_version_list->object_store) { if (!database_version_list->object_list) { if (!database_version_list->result_list) { return NULL; } if (!db_result_list_size(database_version_list->result_list)) { return NULL; } if (!(database_version_list->object_list = (database_version_t**)calloc(db_result_list_size(database_version_list->result_list), sizeof(database_version_t*)))) { return NULL; } database_version_list->object_list_size = db_result_list_size(database_version_list->result_list); database_version_list->object_list_position = 0; } else if (database_version_list->object_list_first) { database_version_list->object_list_first = 0; database_version_list->object_list_position = 0; } else { database_version_list->object_list_position++; } if (database_version_list->object_list_position >= database_version_list->object_list_size) { return NULL; } if (!(database_version_list->object_list[database_version_list->object_list_position])) { if (!database_version_list->result_list) { return NULL; } if (!(result = db_result_list_next(database_version_list->result_list))) { return NULL; } if (!(database_version_list->object_list[database_version_list->object_list_position] = database_version_new(db_object_connection(database_version_list->dbo)))) { return NULL; } if (database_version_from_result(database_version_list->object_list[database_version_list->object_list_position], result)) { return NULL; } } return database_version_list->object_list[database_version_list->object_list_position]; } else { database_version_free(database_version_list->database_version); database_version_list->database_version = NULL; } if (!database_version_list->result_list) { return NULL; } if (!(result = db_result_list_next(database_version_list->result_list))) { return NULL; } if (!database_version_list->database_version) { if (!(database_version_list->database_version = database_version_new(db_object_connection(database_version_list->dbo)))) { return NULL; } } if (database_version_from_result(database_version_list->database_version, result)) { return NULL; } return database_version_list->database_version; } opendnssec-2.1.5/enforcer/src/db/database_version.h0000644000202300020240000001142313560310771017233 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __database_version_h #define __database_version_h #include "db_object.h" struct database_version; struct database_version_list; typedef struct database_version database_version_t; typedef struct database_version_list database_version_list_t; #include "database_version_ext.h" /** * A database version object. */ struct database_version { db_object_t* dbo; db_value_t id; db_value_t rev; unsigned int version; }; /** * Create a new database version object. * \param[in] connection a db_connection_t pointer. * \return a database_version_t pointer or NULL on error. */ database_version_t* database_version_new(const db_connection_t* connection); /** * Delete a database version object, this does not delete it from the database. * \param[in] database_version a database_version_t pointer. */ void database_version_free(database_version_t* database_version); /** * Set the content of a database version object based on a database result. * \param[in] database_version a database_version_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int database_version_from_result(database_version_t* database_version, const db_result_t* result); /** * Get the version of a database version object. Undefined behavior if `database_version` is NULL. * \param[in] database_version a database_version_t pointer. * \return an unsigned integer. */ unsigned int database_version_version(const database_version_t* database_version); /** * A list of database version objects. */ struct database_version_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; database_version_t* database_version; int object_store; database_version_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; }; /** * Create a new database version object list. * \param[in] connection a db_connection_t pointer. * \return a database_version_list_t pointer or NULL on error. */ database_version_list_t* database_version_list_new(const db_connection_t* connection); /** * Delete a database version object list. * \param[in] database_version_list a database_version_list_t pointer. */ void database_version_list_free(database_version_list_t* database_version_list); /** * Get all database version objects. * \param[in] database_version_list a database_version_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int database_version_list_get(database_version_list_t* database_version_list); /** * Get a new list with all database version objects. * \param[in] connection a db_connection_t pointer. * \return a database_version_list_t pointer or NULL on error. */ database_version_list_t* database_version_list_new_get(const db_connection_t* connection); /** * Get the next database version object in a database version object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] database_version_list a database_version_list_t pointer. * \return a database_version_t pointer or NULL on error or if there are no more * database version objects in the database version object list. */ const database_version_t* database_version_list_next(database_version_list_t* database_version_list); #endif opendnssec-2.1.5/enforcer/src/db/db_backend.h0000644000202300020240000005176113560311035015761 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_backend_h #define __db_backend_h struct db_backend_handle; struct db_backend; typedef struct db_backend_handle db_backend_handle_t; typedef struct db_backend db_backend_t; #include "db_configuration.h" #include "db_result.h" #include "db_object.h" #include "db_join.h" #include "db_clause.h" #include "db_value.h" /** * Function pointer for initializing a database backend. The backend handle * specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_initialize_t)(void* data); /** * Function pointer for shutting down a database backend. The backend handle * specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_shutdown_t)(void* data); /** * Function pointer for connecting a database backend. The backend handle * specific data is supplied in `data`. * \param[in] data a void pointer. * \param[in] configuration_list a db_configuration_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_connect_t)(void* data, const db_configuration_list_t* configuration_list); /** * Function pointer for disconnecting a database backend. The backend handle * specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_disconnect_t)(void* data); /** * Function pointer for creating a object in a database backend. The backend * handle specific data is supplied in `data`. * \param[in] data a void pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_create_t)(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set); /** * Function pointer for reading objects from database backend. The backend * handle specific data is supplied in `data`. * \param[in] data a void pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_result_list_t pointer or NULL on error or if no objects where * read. */ typedef db_result_list_t* (*db_backend_handle_read_t)(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list); /** * Function pointer for updating objects in a database backend. The backend * handle specific data is supplied in `data`. * \param[in] data a void pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_update_t)(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list); /** * Function pointer for deleting objects from database backend. The backend * handle specific data is supplied in `data`. * \param[in] data a void pointer. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_delete_t)(void* data, const db_object_t* object, const db_clause_list_t* clause_list); /** * Function pointer for counting objects from database backend. The backend * handle specific data is supplied in `data`. Returns the size in `size`. * \param[in] data a void pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[out] count a size_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_count_t)(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count); /** * Function pointer for freeing the backend handle specific data in `data`. * \param[in] data a void pointer. */ typedef void (*db_backend_handle_free_t)(void* data); /** * Function pointer for beginning a transaction in a database backend. The * backend handle specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_transaction_begin_t)(void* data); /** * Function pointer for committing a transaction in a database backend. The * backend handle specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_transaction_commit_t)(void* data); /** * Function pointer for rolling back a transaction in a database backend. The * backend handle specific data is supplied in `data`. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ typedef int (*db_backend_handle_transaction_rollback_t)(void* data); /** * A database backend handle that contains all function pointers for a backend * and the backend specific data. */ struct db_backend_handle { void* data; db_backend_handle_initialize_t initialize_function; db_backend_handle_shutdown_t shutdown_function; db_backend_handle_connect_t connect_function; db_backend_handle_disconnect_t disconnect_function; db_backend_handle_create_t create_function; db_backend_handle_read_t read_function; db_backend_handle_update_t update_function; db_backend_handle_delete_t delete_function; db_backend_handle_count_t count_function; db_backend_handle_free_t free_function; db_backend_handle_transaction_begin_t transaction_begin_function; db_backend_handle_transaction_commit_t transaction_commit_function; db_backend_handle_transaction_rollback_t transaction_rollback_function; }; /** * Create a new database backend handle. * \return a db_backend_handle_t pointer or NULL on error. */ db_backend_handle_t* db_backend_handle_new(void); /** * Delete a database backend handle, disconnecting the backend and freeing the * backend specific data. * \param[in] backend_handle a db_backend_handle_t pointer. */ void db_backend_handle_free(db_backend_handle_t* backend_handle); /** * Initiate the backend of a database backend. * \param[in] backend_handle a db_backend_handle_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_initialize(const db_backend_handle_t* backend_handle); /** * Connect to the database of a database backend, the connection specific * configuration is given by `configuration_list`. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] configuration_list a db_configuration_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_connect(const db_backend_handle_t* backend_handle, const db_configuration_list_t* configuration_list); /** * Create an object in the database. The `object` refer to the database object * begin created, the `object_field_list` describes the fields that should be * set in the object and the `value_set` has the values for each field. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_create(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set); /** * Read an object or objects from the database. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_result_list_t pointer or NULL on error or if no objects where * read. */ db_result_list_t* db_backend_handle_read(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list); /** * Update an object or objects in the database. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_update(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list); /** * Delete an object or objects from the database. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_delete(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_clause_list_t* clause_list); /** * Count objects from the database. Return the count in `count`. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[out] count a size_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_count(const db_backend_handle_t* backend_handle, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count); /** * Set the initialize function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] initialize_function a db_backend_handle_initialize_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_initialize(db_backend_handle_t* backend_handle, db_backend_handle_initialize_t initialize_function); /** * Set the shutdown function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] shutdown_function a db_backend_handle_shutdown_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_shutdown(db_backend_handle_t* backend_handle, db_backend_handle_shutdown_t shutdown_function); /** * Set the connect function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] connect_function a db_backend_handle_connect_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_connect(db_backend_handle_t* backend_handle, db_backend_handle_connect_t connect_function); /** * Set the disconnect function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] disconnect_function a db_backend_handle_disconnect_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_disconnect(db_backend_handle_t* backend_handle, db_backend_handle_disconnect_t disconnect_function); /** * Set the create function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] create_function a db_backend_handle_create_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_create(db_backend_handle_t* backend_handle, db_backend_handle_create_t create_function); /** * Set the read function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] read_function a db_backend_handle_read_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_read(db_backend_handle_t* backend_handle, db_backend_handle_read_t read_function); /** * Set the update function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] update_function a db_backend_handle_update_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_update(db_backend_handle_t* backend_handle, db_backend_handle_update_t update_function); /** * Set the delete function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] delete_function a db_backend_handle_delete_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_delete(db_backend_handle_t* backend_handle, db_backend_handle_delete_t delete_function); /** * Set the count function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] count_function a db_backend_handle_count_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_count(db_backend_handle_t* backend_handle, db_backend_handle_count_t count_function); /** * Set the free function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] free_function a db_backend_handle_free_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_free(db_backend_handle_t* backend_handle, db_backend_handle_free_t free_function); /** * Set the transaction begin function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] transaction_begin_function a db_backend_handle_transaction_begin_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_transaction_begin(db_backend_handle_t* backend_handle, db_backend_handle_transaction_begin_t transaction_begin_function); /** * Set the transaction commit function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] transaction_commit_function a db_backend_handle_transaction_commit_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_transaction_commit(db_backend_handle_t* backend_handle, db_backend_handle_transaction_commit_t transaction_commit_function); /** * Set the transaction rollback function of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] transaction_rollback_function a db_backend_handle_transaction_rollback_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_transaction_rollback(db_backend_handle_t* backend_handle, db_backend_handle_transaction_rollback_t transaction_rollback_function); /** * Set the backend specific data of a database backend handle. * \param[in] backend_handle a db_backend_handle_t pointer. * \param[in] data a void pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_handle_set_data(db_backend_handle_t* backend_handle, void* data); /** * A database backend. */ struct db_backend { db_backend_t* next; char* name; db_backend_handle_t* handle; }; /** * Create a new database backend. * \return a db_backend_t pointer or NULL on error. */ db_backend_t* db_backend_new(void); /** * Delete a database backend. * \param[in] backend a db_backend_t pointer. */ void db_backend_free(db_backend_t* backend); /** * Get the database backend handle of a database backend. * \param[in] backend a db_backend_t pointer. * \return a db_backend_handle_t pointer or NULL on error or if no database * backend handle has been set. */ const db_backend_handle_t* db_backend_handle(const db_backend_t* backend); /** * Set the name of a database backend. * \param[in] backend a db_backend_t pointer. * \param[in] name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_set_name(db_backend_t* backend, const char* name); /** * Det the database backend handle of a database backend, this takes over the * ownership of the database backend handle. * \param[in] backend a db_backend_t pointer. * \param[in] handle a db_backend_handle_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_set_handle(db_backend_t* backend, db_backend_handle_t* handle); /** * Initiate the backend of a database backend. * \param[in] backend a db_backend_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_initialize(const db_backend_t* backend); /** * Connect to the database of a database backend, the connection specific * configuration is given by `configuration_list`. * \param[in] backend a db_backend_t pointer. * \param[in] configuration_list a db_configuration_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_connect(const db_backend_t* backend, const db_configuration_list_t* configuration_list); /** * Create an object in the database. The `object` refer to the database object * begin created, the `object_field_list` describes the fields that should be * set in the object and the `value_set` has the values for each field. * \param[in] backend a db_backend_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_create(const db_backend_t* backend, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set); /** * Read an object or objects from the database. * \param[in] backend a db_backend_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_result_list_t pointer or NULL on error or if no objects where * read. */ db_result_list_t* db_backend_read(const db_backend_t* backend, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list); /** * Update an object or objects in the database. * \param[in] backend a db_backend_t pointer. * \param[in] object a db_object_t pointer. * \param[in] object_field_list a db_object_field_list_t pointer. * \param[in] value_set a db_value_set_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_update(const db_backend_t* backend, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list); /** * Delete an object or objects from the database. * \param[in] backend a db_backend_t pointer. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_delete(const db_backend_t* backend, const db_object_t* object, const db_clause_list_t* clause_list); /** * Count objects from the database. Return the count in `count`. * \param[in] backend a db_backend_t pointer. * \param[in] object a db_object_t pointer. * \param[in] join_list a db_join_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[out] count a size_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_backend_count(const db_backend_t* backend, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count); /** * Get a new database backend by the name supplied in `name`. * \param[in] name a character pointer. * \return a db_backend_t pointer or NULL on error or if the database backend * does not exist. */ db_backend_t* db_backend_factory_get_backend(const char* name); #endif opendnssec-2.1.5/enforcer/src/db/db_backend_sqlite.h0000644000202300020240000000344513560310771017344 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_backend_sqlite_h #define __db_backend_sqlite_h #include "db_backend.h" #define DB_BACKEND_SQLITE_DEFAULT_TIMEOUT 30 #define DB_BACKEND_SQLITE_DEFAULT_USLEEP 200000 /** * Create a new database backend handle for SQLite. * \return a db_backend_handle_t pointer or NULL on error. */ db_backend_handle_t* db_backend_sqlite_new_handle(void); #endif opendnssec-2.1.5/enforcer/src/db/db_data_mysql.c0000644000202300020240000000304213560310771016516 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ const char* db_data_mysql[] = { "INSERT INTO databaseVersion ( version ) VALUES ( 1 )", 0, 0 }; opendnssec-2.1.5/enforcer/src/db/key_state.h0000644000202300020240000003212313560311035015704 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_state_h #define __key_state_h #include "db_object.h" struct key_state; struct key_state_list; typedef struct key_state key_state_t; typedef struct key_state_list key_state_list_t; typedef enum key_state_type { KEY_STATE_TYPE_INVALID = -1, KEY_STATE_TYPE_DS = 0, KEY_STATE_TYPE_RRSIG = 1, KEY_STATE_TYPE_DNSKEY = 2, KEY_STATE_TYPE_RRSIGDNSKEY = 3 } key_state_type_t; extern const db_enum_t key_state_enum_set_type[]; typedef enum key_state_state { KEY_STATE_STATE_INVALID = -1, KEY_STATE_STATE_HIDDEN = 0, KEY_STATE_STATE_RUMOURED = 1, KEY_STATE_STATE_OMNIPRESENT = 2, KEY_STATE_STATE_UNRETENTIVE = 3, KEY_STATE_STATE_NA = 4 } key_state_state_t; extern const db_enum_t key_state_enum_set_state[]; #include "key_state_ext.h" #include "key_data.h" /** * A key state object. */ struct key_state { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t key_data_id; const key_data_t* associated_key_data_id; key_data_t* private_key_data_id; key_state_type_t type; key_state_state_t state; unsigned int last_change; unsigned int minimize; unsigned int ttl; }; /** * Create a new key state object. * \param[in] connection a db_connection_t pointer. * \return a key_state_t pointer or NULL on error. */ key_state_t* key_state_new(const db_connection_t* connection); /** * Create a new key state object that is a copy of another key state object. * \param[in] key_state a key_state_t pointer. * \return a key_state_t pointer or NULL on error. */ key_state_t* key_state_new_copy(const key_state_t* key_state); /** * Delete a key state object, this does not delete it from the database. * \param[in] key_state a key_state_t pointer. */ void key_state_free(key_state_t* key_state); /** * Copy the content of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] key_state_copy a key_state_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_copy(key_state_t* key_state, const key_state_t* key_state_copy); /** * Set the content of a key state object based on a database result. * \param[in] key_state a key_state_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_from_result(key_state_t* key_state, const db_result_t* result); /** * Get the key_data_id of a key state object. * \param[in] key_state a key_state_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_state_key_data_id(const key_state_t* key_state); /** * Get the type of a key state object. * \param[in] key_state a key_state_t pointer. * \return a key_state_type_t which may be KEY_STATE_TYPE_INVALID on error or if no type has been set. */ key_state_type_t key_state_type(const key_state_t* key_state); /** * Get the type as text of a key state object. * \param[in] key_state a key_state_t pointer. * \return a character pointer or NULL on error or if no type has been set. */ const char* key_state_type_text(const key_state_t* key_state); /** * Get the state of a key state object. * \param[in] key_state a key_state_t pointer. * \return a key_state_state_t which may be KEY_STATE_STATE_INVALID on error or if no state has been set. */ key_state_state_t key_state_state(const key_state_t* key_state); /** * Get the state as text of a key state object. * \param[in] key_state a key_state_t pointer. * \return a character pointer or NULL on error or if no state has been set. */ const char* key_state_state_text(const key_state_t* key_state); /** * Get the last_change of a key state object. Undefined behavior if `key_state` is NULL. * \param[in] key_state a key_state_t pointer. * \return an unsigned integer. */ unsigned int key_state_last_change(const key_state_t* key_state); /** * Get the minimize of a key state object. Undefined behavior if `key_state` is NULL. * \param[in] key_state a key_state_t pointer. * \return an unsigned integer. */ unsigned int key_state_minimize(const key_state_t* key_state); /** * Get the ttl of a key state object. Undefined behavior if `key_state` is NULL. * \param[in] key_state a key_state_t pointer. * \return an unsigned integer. */ unsigned int key_state_ttl(const key_state_t* key_state); /** * Set the key_data_id of a key state object. If this fails the original value may have been lost. * \param[in] key_state a key_state_t pointer. * \param[in] key_data_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_key_data_id(key_state_t* key_state, const db_value_t* key_data_id); /** * Set the type of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] type a key_state_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_type(key_state_t* key_state, key_state_type_t type); /** * Set the state of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] state a key_state_state_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_state(key_state_t* key_state, key_state_state_t state); /** * Set the last_change of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] last_change an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_last_change(key_state_t* key_state, unsigned int last_change); /** * Set the minimize of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] minimize an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_minimize(key_state_t* key_state, unsigned int minimize); /** * Set the ttl of a key state object. * \param[in] key_state a key_state_t pointer. * \param[in] ttl an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_set_ttl(key_state_t* key_state, unsigned int ttl); /** * Create a clause for key_data_id of a key state object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] key_data_id a db_value_t pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_state_key_data_id_clause(db_clause_list_t* clause_list, const db_value_t* key_data_id); /** * Create a key state object in the database. * \param[in] key_state a key_state_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_create(key_state_t* key_state); /** * Get a key state object from the database by a id specified in `id`. * \param[in] key_state a key_state_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_get_by_id(key_state_t* key_state, const db_value_t* id); /** * Update a key state object in the database. * \param[in] key_state a key_state_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_update(key_state_t* key_state); /** * Delete a key state object from the database. * \param[in] key_state a key_state_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_delete(const key_state_t* key_state); /** * A list of key state objects. */ struct key_state_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; key_state_t* key_state; int object_store; key_state_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; key_data_list_t* key_data_id_list; }; /** * Create a new key state object list. * \param[in] connection a db_connection_t pointer. * \return a key_state_list_t pointer or NULL on error. */ key_state_list_t* key_state_list_new(const db_connection_t* connection); /** * Create a new key state object list that is a copy of another. * \param[in] key_state_list a key_state_list_t pointer. * \return a key_state_list_t pointer or NULL on error. */ key_state_list_t* key_state_list_new_copy(const key_state_list_t* key_state_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] key_state_list a key_state_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_list_object_store(key_state_list_t* key_state_list); /** * Delete a key state object list. * \param[in] key_state_list a key_state_list_t pointer. */ void key_state_list_free(key_state_list_t* key_state_list); /** * Copy the content of another key state object list. * \param[in] key_state_list a key_state_list_t pointer. * \param[in] from_key_state_list a key_state_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_list_copy(key_state_list_t* key_state_list, const key_state_list_t* from_key_state_list); /** * Get key state objects from the database by a clause list. * \param[in] key_state_list a key_state_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_list_get_by_clauses(key_state_list_t* key_state_list, const db_clause_list_t* clause_list); /** * Get key state objects from the database by a key_data_id specified in `key_data_id`. * \param[in] key_state_list a key_state_list_t pointer. * \param[in] key_data_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_state_list_get_by_key_data_id(key_state_list_t* key_state_list, const db_value_t* key_data_id); /** * Get a new list of key state objects from the database by a key_data_id specified in `key_data_id`. * \param[in] connection a db_connection_t pointer. * \param[in] key_data_id a db_value_t pointer. * \return a key_state_list_t pointer or NULL on error. */ key_state_list_t* key_state_list_new_get_by_key_data_id(const db_connection_t* connection, const db_value_t* key_data_id); /** * Get the first key state object in a key state object list and reset the * position of the list. * \param[in] key_state_list a key_state_list_t pointer. * \return a key_state_t pointer or NULL on error or if there are no * key state objects in the key state object list. */ const key_state_t* key_state_list_begin(key_state_list_t* key_state_list); /** * Get the first key state object in a key state object list and reset the * position of the list. The caller will be given ownership of this object and * is responsible for freeing it. * \param[in] key_state_list a key_state_list_t pointer. * \return a key_state_t pointer or NULL on error or if there are no * key state objects in the key state object list. */ key_state_t* key_state_list_get_begin(key_state_list_t* key_state_list); /** * Get the next key state object in a key state object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] key_state_list a key_state_list_t pointer. * \return a key_state_t pointer or NULL on error or if there are no more * key state objects in the key state object list. */ const key_state_t* key_state_list_next(key_state_list_t* key_state_list); /** * Get the next key state object in a key state object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] key_state_list a key_state_list_t pointer. * \return a key_state_t pointer or NULL on error or if there are no more * key state objects in the key state object list. */ key_state_t* key_state_list_get_next(key_state_list_t* key_state_list); #endif opendnssec-2.1.5/enforcer/src/db/database_version_ext.c0000644000202300020240000000422313560310771020106 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "database_version.h" int database_version_get_version(db_connection_t* connection) { database_version_list_t* database_version_list; const database_version_t* database_version; int ret; if (!(database_version_list = database_version_list_new_get(connection)) || !(database_version = database_version_list_next(database_version_list))) { database_version_list_free(database_version_list); return 0; } ret = database_version_version(database_version); if (database_version_list_next(database_version_list)) { database_version_list_free(database_version_list); return 0; } database_version_list_free(database_version_list); return ret; } opendnssec-2.1.5/enforcer/src/db/db_data_sqlite.c0000644000202300020240000000304313560310771016653 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ const char* db_data_sqlite[] = { "INSERT INTO databaseVersion ( version ) VALUES ( 1 )", 0, 0 }; opendnssec-2.1.5/enforcer/src/db/db_result.c0000644000202300020240000002256313560310771015707 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_result.h" #include "db_error.h" /* DB RESULT */ db_result_t* db_result_new(void) { db_result_t* result = (db_result_t*)calloc(1, sizeof(db_result_t)); return result; } /* TODO: unit test */ db_result_t* db_result_new_copy(const db_result_t* from_result) { db_result_t* result; if (!from_result) { return NULL; } if ((result = db_result_new())) { if (db_result_copy(result, from_result)) { db_result_free(result); return NULL; } } return result; } void db_result_free(db_result_t* result) { if (result) { if (result->value_set) { db_value_set_free(result->value_set); } free(result); } } /* TODO: unit test */ int db_result_copy(db_result_t* result, const db_result_t* from_result) { db_value_set_t* value_set = NULL; if (!result) { return DB_ERROR_UNKNOWN; } if (!from_result) { return DB_ERROR_UNKNOWN; } if (from_result->value_set && !(value_set = db_value_set_new_copy(from_result->value_set))) { return DB_ERROR_UNKNOWN; } if (result->value_set) { db_value_set_free(result->value_set); } result->value_set = value_set; return DB_OK; } const db_value_set_t* db_result_value_set(const db_result_t* result) { if (!result) { return NULL; } return result->value_set; } int db_result_set_value_set(db_result_t* result, db_value_set_t* value_set) { if (!result) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (result->value_set) { return DB_ERROR_UNKNOWN; } result->value_set = value_set; return DB_OK; } int db_result_not_empty(const db_result_t* result) { if (!result) { return DB_ERROR_UNKNOWN; } if (!result->value_set) { return DB_ERROR_UNKNOWN; } return DB_OK; } /* DB RESULT LIST */ db_result_list_t* db_result_list_new(void) { db_result_list_t* result_list = (db_result_list_t*)calloc(1, sizeof(db_result_list_t)); return result_list; } /* TODO: unit test */ db_result_list_t* db_result_list_new_copy(const db_result_list_t* from_result_list) { db_result_list_t* result_list; if (!from_result_list) { return NULL; } result_list = (db_result_list_t*)calloc(1, sizeof(db_result_list_t)); if (result_list) { if (db_result_list_copy(result_list, from_result_list)) { db_result_list_free(result_list); return NULL; } } return result_list; } void db_result_list_free(db_result_list_t* result_list) { if (result_list) { if (result_list->begin) { db_result_t* this = result_list->begin; db_result_t* next = NULL; while (this) { next = this->next; db_result_free(this); this = next; } } if (result_list->next_function) { (void)result_list->next_function(result_list->next_data, 1); if (result_list->current) { db_result_free(result_list->current); } } free(result_list); } } /* TODO: unit test */ int db_result_list_copy(db_result_list_t* result_list, const db_result_list_t* from_result_list) { db_result_t* result; db_result_t* result_copy; if (!result_list) { return DB_ERROR_UNKNOWN; } /* * TODO: Should we be able to copy into a result list that already contains * data? */ if (result_list->begin) { return DB_ERROR_UNKNOWN; } if (result_list->end) { return DB_ERROR_UNKNOWN; } if (result_list->current) { return DB_ERROR_UNKNOWN; } if (result_list->size) { return DB_ERROR_UNKNOWN; } if (result_list->next_function) { return DB_ERROR_UNKNOWN; } if (!from_result_list) { return DB_ERROR_UNKNOWN; } if (from_result_list->next_function) { return DB_ERROR_UNKNOWN; } result = from_result_list->begin; while (result) { if (!(result_copy = db_result_new_copy(result)) || db_result_list_add(result_list, result_copy)) { return DB_ERROR_UNKNOWN; } if (result == from_result_list->current) { result_list->current = result_copy; } result = result->next; } return DB_OK; } int db_result_list_set_next(db_result_list_t* result_list, db_result_list_next_t next_function, void* next_data, size_t size) { if (!result_list) { return DB_ERROR_UNKNOWN; } if (result_list->begin) { return DB_ERROR_UNKNOWN; } if (result_list->next_function) { return DB_ERROR_UNKNOWN; } if (!next_data) { return DB_ERROR_UNKNOWN; } if (result_list->next_data) { return DB_ERROR_UNKNOWN; } result_list->next_function = next_function; result_list->next_data = next_data; result_list->size = size; return 0; } int db_result_list_add(db_result_list_t* result_list, db_result_t* result) { if (!result_list) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } if (db_result_not_empty(result)) { return DB_ERROR_UNKNOWN; } if (result->next) { return DB_ERROR_UNKNOWN; } if (result_list->next_function) { return DB_ERROR_UNKNOWN; } if (result_list->begin) { if (!result_list->end) { return DB_ERROR_UNKNOWN; } result_list->end->next = result; result_list->end = result; } else { result_list->begin = result; result_list->end = result; } result_list->size++; return DB_OK; } const db_result_t* db_result_list_begin(db_result_list_t* result_list) { if (!result_list) { return NULL; } if (result_list->next_function) { /* * Can not start over a list that uses next function */ if (result_list->current) { return NULL; } result_list->current = result_list->next_function(result_list->next_data, 0); return result_list->current; } result_list->current = result_list->begin; result_list->begun = 1; return result_list->current; } const db_result_t* db_result_list_next(db_result_list_t* result_list) { if (!result_list) { return NULL; } if (result_list->next_function) { if (result_list->current) { db_result_free(result_list->current); } result_list->current = result_list->next_function(result_list->next_data, 0); return result_list->current; } if (!result_list->begun) { result_list->begun = 1; result_list->current = result_list->begin; } else if (result_list->current) { result_list->current = result_list->current->next; } return result_list->current; } size_t db_result_list_size(const db_result_list_t* result_list) { if (!result_list) { return 0; } return result_list->size; } int db_result_list_fetch_all(db_result_list_t* result_list) { db_result_t* result; db_result_list_next_t next_function; if (!result_list) { return DB_ERROR_UNKNOWN; } if (result_list->next_function) { if (result_list->current) { return DB_ERROR_UNKNOWN; } next_function = result_list->next_function; result_list->next_function = NULL; result_list->size = 0; while ((result = next_function(result_list->next_data, 0))) { if (db_result_list_add(result_list, result)) { next_function(result_list->next_data, 1); result_list->next_data = NULL; db_result_free(result); return DB_ERROR_UNKNOWN; } } next_function(result_list->next_data, 1); result_list->next_data = NULL; } return DB_OK; } opendnssec-2.1.5/enforcer/src/db/db_schema_sqlite.c0000644000202300020240000001552613560310771017213 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ const char* db_schema_sqlite_create[] = { "CREATE TABLE zone ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, name TEXT NOT NULL, signconfNeedsWriting UNSIGNED INT NOT NULL, signconfPath TEXT NOT NULL, nextChange INT NOT NULL, ttlEndDs UNSIGNED INT NOT NULL, ttlEndDk UNSIGNED INT NOT NULL, ttlEndRs UNSIGNED INT NOT NULL, rollKskNow UNSIGNED INT NOT NULL, rollZskNow UNSIGNED INT NOT NULL, rollCskNow UNSIGNED INT NOT NULL, inputAdapterType TEXT NOT NULL, inputAdapterU", "ri TEXT NOT NULL, outputAdapterType TEXT NOT NULL, outputAdapterUri TEXT NOT NULL, nextKskRoll UNSIGNED INT NOT NULL, nextZskRoll UNSIGNED INT NOT NULL, nextCskRoll UNSIGNED INT NOT NULL)", 0, "CREATE INDEX zonePolicyId ON zone ( policyId )", 0, "CREATE UNIQUE INDEX zoneName ON zone ( name )", 0, "CREATE TABLE keyData ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, zoneId INTEGER NOT NULL, hsmKeyId INTEGER NOT NULL, algorithm UNSIGNED INT NOT NULL, inception UNSIGNED INT NOT NULL, role INT NOT NULL, introducing UNSIGNED INT NOT NULL, shouldRevoke UNSIGNED INT NOT NULL, standby UNSIGNED INT NOT NULL, activeZsk UNSIGNED INT NOT NULL, publish UNSIGNED INT NOT NULL, activeKsk UNSIGNED INT NOT NULL, dsAtParent INT NOT NULL, keytag UNSIGNED INT NOT", " NULL, minimize UNSIGNED INT NOT NULL)", 0, "CREATE INDEX keyDataZoneId ON keyData ( zoneId )", 0, "CREATE INDEX keyDataHsmKeyId ON keyData ( hsmKeyId )", 0, "CREATE TABLE keyState ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, keyDataId INTEGER NOT NULL, type INT NOT NULL, state INT NOT NULL, lastChange UNSIGNED INT NOT NULL, minimize UNSIGNED INT NOT NULL, ttl UNSIGNED INT NOT NULL)", 0, "CREATE INDEX keyStateKeyDataId ON keyState ( keyDataId )", 0, "CREATE TABLE keyDependency ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, zoneId INTEGER NOT NULL, fromKeyDataId INTEGER NOT NULL, toKeyDataId INTEGER NOT NULL, type INT NOT NULL)", 0, "CREATE INDEX keyDependencyZoneId ON keyDependency ( zoneId )", 0, "CREATE INDEX keyDependencyFromKeyDataId ON keyDependency ( fromKeyDataId )", 0, "CREATE INDEX keyDependencyToKeyDataId ON keyDependency ( toKeyDataId )", 0, "CREATE TABLE hsmKey ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, locator TEXT NOT NULL, state INT NOT NULL, bits UNSIGNED INT NOT NULL, algorithm UNSIGNED INT NOT NULL, role INT NOT NULL, inception UNSIGNED INT NOT NULL, isRevoked UNSIGNED INT NOT NULL, keyType INT NOT NULL, repository TEXT NOT NULL, backup INT NOT NULL)", 0, "CREATE INDEX hsmKeyPolicyId ON hsmKey ( policyId )", 0, "CREATE UNIQUE INDEX hsmKeyLocator ON hsmKey ( locator )", 0, "CREATE TABLE policy ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, name TEXT NOT NULL, description TEXT NOT NULL, signaturesResign UNSIGNED INT NOT NULL, signaturesRefresh UNSIGNED INT NOT NULL, signaturesJitter UNSIGNED INT NOT NULL, signaturesInceptionOffset UNSIGNED INT NOT NULL, signaturesValidityDefault UNSIGNED INT NOT NULL, signaturesValidityDenial UNSIGNED INT NOT NULL, signaturesValidityKeyset UNSIGNED INT, signaturesMaxZoneTtl UNSIGNED INT NOT NULL, denialType INT NOT NULL, deni", "alOptout UNSIGNED INT NOT NULL, denialTtl UNSIGNED INT NOT NULL, denialResalt UNSIGNED INT NOT NULL, denialAlgorithm UNSIGNED INT NOT NULL, denialIterations UNSIGNED INT NOT NULL, denialSaltLength UNSIGNED INT NOT NULL, denialSalt TEXT NOT NULL, denialSaltLastChange UNSIGNED INT NOT NULL, keysTtl UNSIGNED INT NOT NULL, keysRetireSafety UNSIGNED INT NOT NULL, keysPublishSafety UNSIGNED INT NOT NULL, keysShared UNSIGNED INT NOT NULL, keysPurgeAfter UNSIGNED INT NOT NULL, zonePropagati", "onDelay UNSIGNED INT NOT NULL, zoneSoaTtl UNSIGNED INT NOT NULL, zoneSoaMinimum UNSIGNED INT NOT NULL, zoneSoaSerial INT NOT NULL, parentRegistrationDelay UNSIGNED INT NOT NULL, parentPropagationDelay UNSIGNED INT NOT NULL, parentDsTtl UNSIGNED INT NOT NULL, parentSoaTtl UNSIGNED INT NOT NULL, parentSoaMinimum UNSIGNED INT NOT NULL, passthrough UNSIGNED INT NOT NULL)", 0, "CREATE UNIQUE INDEX policyName ON policy ( name )", 0, "CREATE TABLE policyKey ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, policyId INTEGER NOT NULL, role INT NOT NULL, algorithm UNSIGNED INT NOT NULL, bits UNSIGNED INT NOT NULL, lifetime UNSIGNED INT NOT NULL, repository TEXT NOT NULL, standby UNSIGNED INT NOT NULL, manualRollover UNSIGNED INT NOT NULL, rfc5011 UNSIGNED INT NOT NULL, minimize UNSIGNED INT NOT NULL)", 0, "CREATE INDEX policyKeyPolicyId ON policyKey ( policyId )", 0, "CREATE TABLE databaseVersion ( id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, rev INTEGER NOT NULL DEFAULT 1, version UNSIGNED INT NOT NULL)", 0, 0 }; const char* db_schema_sqlite_drop[] = { "DROP TABLE IF EXISTS zone", 0, "DROP TABLE IF EXISTS keyData", 0, "DROP TABLE IF EXISTS keyState", 0, "DROP TABLE IF EXISTS keyDependency", 0, "DROP TABLE IF EXISTS hsmKey", 0, "DROP TABLE IF EXISTS policy", 0, "DROP TABLE IF EXISTS policyKey", 0, "DROP TABLE IF EXISTS databaseVersion", 0, 0 }; opendnssec-2.1.5/enforcer/src/db/zone_db.c0000644000202300020240000024703313560310771015345 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "zone_db.h" #include "db_error.h" #include /** * Create a new zone object. * \param[in] connection a db_connection_t pointer. * \return a zone_db_t pointer or NULL on error. */ static db_object_t* __zone_db_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "zone") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfNeedsWriting") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfPath") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextChange") || db_object_field_set_type(object_field, DB_TYPE_INT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndRs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollKskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollZskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollCskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextKskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextZskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextCskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* ZONE */ zone_db_t* zone_db_new(const db_connection_t* connection) { zone_db_t* zone = (zone_db_t*)calloc(1, sizeof(zone_db_t)); if (zone) { if (!(zone->dbo = __zone_db_new_object(connection))) { free(zone); return NULL; } db_value_reset(&(zone->id)); db_value_reset(&(zone->rev)); db_value_reset(&(zone->policy_id)); zone->input_adapter_type = strdup("File"); zone->output_adapter_type = strdup("File"); } return zone; } zone_db_t* zone_db_new_copy(const zone_db_t* zone) { zone_db_t* new_zone; if (!zone) { return NULL; } if (!zone->dbo) { return NULL; } if (!(new_zone = zone_db_new(db_object_connection(zone->dbo))) || zone_db_copy(new_zone, zone)) { zone_db_free(new_zone); return NULL; } return new_zone; } void zone_db_free(zone_db_t* zone) { if (zone) { if (zone->dbo) { db_object_free(zone->dbo); } db_value_reset(&(zone->id)); db_value_reset(&(zone->rev)); db_value_reset(&(zone->policy_id)); if (zone->private_policy_id) { policy_free(zone->private_policy_id); } if (zone->name) { free(zone->name); } if (zone->signconf_path) { free(zone->signconf_path); } if (zone->input_adapter_type) { free(zone->input_adapter_type); } if (zone->input_adapter_uri) { free(zone->input_adapter_uri); } if (zone->output_adapter_type) { free(zone->output_adapter_type); } if (zone->output_adapter_uri) { free(zone->output_adapter_uri); } if (zone->key_data_list) { key_data_list_free(zone->key_data_list); } if (zone->key_dependency_list) { key_dependency_list_free(zone->key_dependency_list); } free(zone); } } int zone_db_copy(zone_db_t* zone, const zone_db_t* zone_copy) { char* name_text = NULL; char* signconf_path_text = NULL; char* input_adapter_type_text = NULL; char* input_adapter_uri_text = NULL; char* output_adapter_type_text = NULL; char* output_adapter_uri_text = NULL; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone_copy) { return DB_ERROR_UNKNOWN; } if (zone_copy->name) { if (!(name_text = strdup(zone_copy->name))) { return DB_ERROR_UNKNOWN; } } if (zone_copy->signconf_path) { if (!(signconf_path_text = strdup(zone_copy->signconf_path))) { if (name_text) { free(name_text); } return DB_ERROR_UNKNOWN; } } if (zone_copy->input_adapter_type) { if (!(input_adapter_type_text = strdup(zone_copy->input_adapter_type))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } return DB_ERROR_UNKNOWN; } } if (zone_copy->input_adapter_uri) { if (!(input_adapter_uri_text = strdup(zone_copy->input_adapter_uri))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } return DB_ERROR_UNKNOWN; } } if (zone_copy->output_adapter_type) { if (!(output_adapter_type_text = strdup(zone_copy->output_adapter_type))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } return DB_ERROR_UNKNOWN; } } if (zone_copy->output_adapter_uri) { if (!(output_adapter_uri_text = strdup(zone_copy->output_adapter_uri))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } return DB_ERROR_UNKNOWN; } } if (db_value_copy(&(zone->id), &(zone_copy->id))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(zone->rev), &(zone_copy->rev))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(zone->policy_id), &(zone_copy->policy_id))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (zone->private_policy_id) { policy_free(zone->private_policy_id); zone->private_policy_id = NULL; } if (zone_copy->private_policy_id && !(zone->private_policy_id = policy_new_copy(zone_copy->private_policy_id))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } zone->associated_policy_id = NULL; if (!zone_copy->private_policy_id && zone_copy->associated_policy_id && !(zone->private_policy_id = policy_new_copy(zone_copy->associated_policy_id))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (zone->key_data_list) { key_data_list_free(zone->key_data_list); zone->key_data_list = NULL; } if (zone_copy->key_data_list && !(zone->key_data_list = key_data_list_new_copy(zone_copy->key_data_list))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (zone->key_dependency_list) { key_dependency_list_free(zone->key_dependency_list); zone->key_dependency_list = NULL; } if (zone_copy->key_dependency_list && !(zone->key_dependency_list = key_dependency_list_new_copy(zone_copy->key_dependency_list))) { if (name_text) { free(name_text); } if (signconf_path_text) { free(signconf_path_text); } if (input_adapter_type_text) { free(input_adapter_type_text); } if (input_adapter_uri_text) { free(input_adapter_uri_text); } if (output_adapter_type_text) { free(output_adapter_type_text); } if (output_adapter_uri_text) { free(output_adapter_uri_text); } return DB_ERROR_UNKNOWN; } if (zone->name) { free(zone->name); } zone->name = name_text; zone->signconf_needs_writing = zone_copy->signconf_needs_writing; if (zone->signconf_path) { free(zone->signconf_path); } zone->signconf_path = signconf_path_text; zone->next_change = zone_copy->next_change; zone->ttl_end_ds = zone_copy->ttl_end_ds; zone->ttl_end_dk = zone_copy->ttl_end_dk; zone->ttl_end_rs = zone_copy->ttl_end_rs; zone->roll_ksk_now = zone_copy->roll_ksk_now; zone->roll_zsk_now = zone_copy->roll_zsk_now; zone->roll_csk_now = zone_copy->roll_csk_now; if (zone->input_adapter_type) { free(zone->input_adapter_type); } zone->input_adapter_type = input_adapter_type_text; if (zone->input_adapter_uri) { free(zone->input_adapter_uri); } zone->input_adapter_uri = input_adapter_uri_text; if (zone->output_adapter_type) { free(zone->output_adapter_type); } zone->output_adapter_type = output_adapter_type_text; if (zone->output_adapter_uri) { free(zone->output_adapter_uri); } zone->output_adapter_uri = output_adapter_uri_text; zone->next_ksk_roll = zone_copy->next_ksk_roll; zone->next_zsk_roll = zone_copy->next_zsk_roll; zone->next_csk_roll = zone_copy->next_csk_roll; return DB_OK; } int zone_db_from_result(zone_db_t* zone, const db_result_t* result) { const db_value_set_t* value_set; if (!zone) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(zone->id)); db_value_reset(&(zone->rev)); db_value_reset(&(zone->policy_id)); if (zone->name) { free(zone->name); } zone->name = NULL; if (zone->signconf_path) { free(zone->signconf_path); } zone->signconf_path = NULL; if (zone->input_adapter_type) { free(zone->input_adapter_type); } zone->input_adapter_type = NULL; if (zone->input_adapter_uri) { free(zone->input_adapter_uri); } zone->input_adapter_uri = NULL; if (zone->output_adapter_type) { free(zone->output_adapter_type); } zone->output_adapter_type = NULL; if (zone->output_adapter_uri) { free(zone->output_adapter_uri); } zone->output_adapter_uri = NULL; if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 20 || db_value_copy(&(zone->id), db_value_set_at(value_set, 0)) || db_value_copy(&(zone->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(zone->policy_id), db_value_set_at(value_set, 2)) || db_value_to_text(db_value_set_at(value_set, 3), &(zone->name)) || db_value_to_uint32(db_value_set_at(value_set, 4), &(zone->signconf_needs_writing)) || db_value_to_text(db_value_set_at(value_set, 5), &(zone->signconf_path)) || db_value_to_int32(db_value_set_at(value_set, 6), &(zone->next_change)) || db_value_to_uint32(db_value_set_at(value_set, 7), &(zone->ttl_end_ds)) || db_value_to_uint32(db_value_set_at(value_set, 8), &(zone->ttl_end_dk)) || db_value_to_uint32(db_value_set_at(value_set, 9), &(zone->ttl_end_rs)) || db_value_to_uint32(db_value_set_at(value_set, 10), &(zone->roll_ksk_now)) || db_value_to_uint32(db_value_set_at(value_set, 11), &(zone->roll_zsk_now)) || db_value_to_uint32(db_value_set_at(value_set, 12), &(zone->roll_csk_now)) || db_value_to_text(db_value_set_at(value_set, 13), &(zone->input_adapter_type)) || db_value_to_text(db_value_set_at(value_set, 14), &(zone->input_adapter_uri)) || db_value_to_text(db_value_set_at(value_set, 15), &(zone->output_adapter_type)) || db_value_to_text(db_value_set_at(value_set, 16), &(zone->output_adapter_uri)) || db_value_to_uint32(db_value_set_at(value_set, 17), &(zone->next_ksk_roll)) || db_value_to_uint32(db_value_set_at(value_set, 18), &(zone->next_zsk_roll)) || db_value_to_uint32(db_value_set_at(value_set, 19), &(zone->next_csk_roll))) { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* zone_db_id(const zone_db_t* zone) { if (!zone) { return NULL; } return &(zone->id); } const db_value_t* zone_db_policy_id(const zone_db_t* zone) { if (!zone) { return NULL; } return &(zone->policy_id); } policy_t* zone_db_get_policy(const zone_db_t* zone) { policy_t* policy_id = NULL; if (!zone) { return NULL; } if (!zone->dbo) { return NULL; } if (db_value_not_empty(&(zone->policy_id))) { return NULL; } if (!(policy_id = policy_new(db_object_connection(zone->dbo)))) { return NULL; } if (zone->private_policy_id) { if (policy_copy(policy_id, zone->private_policy_id)) { policy_free(policy_id); return NULL; } } else if (zone->associated_policy_id) { if (policy_copy(policy_id, zone->associated_policy_id)) { policy_free(policy_id); return NULL; } } else { if (policy_get_by_id(policy_id, &(zone->policy_id))) { policy_free(policy_id); return NULL; } } return policy_id; } const char* zone_db_name(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->name; } unsigned int zone_db_signconf_needs_writing(const zone_db_t* zone) { if (!zone) { return 0; } return zone->signconf_needs_writing; } const char* zone_db_signconf_path(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->signconf_path; } int zone_db_next_change(const zone_db_t* zone) { if (!zone) { return 0; } return zone->next_change; } unsigned int zone_db_ttl_end_ds(const zone_db_t* zone) { if (!zone) { return 0; } return zone->ttl_end_ds; } unsigned int zone_db_ttl_end_dk(const zone_db_t* zone) { if (!zone) { return 0; } return zone->ttl_end_dk; } unsigned int zone_db_ttl_end_rs(const zone_db_t* zone) { if (!zone) { return 0; } return zone->ttl_end_rs; } unsigned int zone_db_roll_ksk_now(const zone_db_t* zone) { if (!zone) { return 0; } return zone->roll_ksk_now; } unsigned int zone_db_roll_zsk_now(const zone_db_t* zone) { if (!zone) { return 0; } return zone->roll_zsk_now; } unsigned int zone_db_roll_csk_now(const zone_db_t* zone) { if (!zone) { return 0; } return zone->roll_csk_now; } const char* zone_db_input_adapter_type(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->input_adapter_type; } const char* zone_db_input_adapter_uri(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->input_adapter_uri; } const char* zone_db_output_adapter_type(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->output_adapter_type; } const char* zone_db_output_adapter_uri(const zone_db_t* zone) { if (!zone) { return NULL; } return zone->output_adapter_uri; } unsigned int zone_db_next_ksk_roll(const zone_db_t* zone) { if (!zone) { return 0; } return zone->next_ksk_roll; } unsigned int zone_db_next_zsk_roll(const zone_db_t* zone) { if (!zone) { return 0; } return zone->next_zsk_roll; } unsigned int zone_db_next_csk_roll(const zone_db_t* zone) { if (!zone) { return 0; } return zone->next_csk_roll; } int zone_db_set_policy_id(zone_db_t* zone, const db_value_t* policy_id) { if (!zone) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(zone->policy_id)); if (db_value_copy(&(zone->policy_id), policy_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int zone_db_set_name(zone_db_t* zone, const char* name_text) { char* new_name; if (!zone) { return DB_ERROR_UNKNOWN; } if (!name_text) { return DB_ERROR_UNKNOWN; } if (!(new_name = strdup(name_text))) { return DB_ERROR_UNKNOWN; } if (zone->name) { free(zone->name); } zone->name = new_name; return DB_OK; } int zone_db_set_signconf_needs_writing(zone_db_t* zone, unsigned int signconf_needs_writing) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->signconf_needs_writing = signconf_needs_writing; return DB_OK; } int zone_db_set_signconf_path(zone_db_t* zone, const char* signconf_path_text) { char* new_signconf_path; if (!zone) { return DB_ERROR_UNKNOWN; } if (!signconf_path_text) { return DB_ERROR_UNKNOWN; } if (!(new_signconf_path = strdup(signconf_path_text))) { return DB_ERROR_UNKNOWN; } if (zone->signconf_path) { free(zone->signconf_path); } zone->signconf_path = new_signconf_path; return DB_OK; } int zone_db_set_next_change(zone_db_t* zone, int next_change) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->next_change = next_change; return DB_OK; } int zone_db_set_ttl_end_ds(zone_db_t* zone, unsigned int ttl_end_ds) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->ttl_end_ds = ttl_end_ds; return DB_OK; } int zone_db_set_ttl_end_dk(zone_db_t* zone, unsigned int ttl_end_dk) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->ttl_end_dk = ttl_end_dk; return DB_OK; } int zone_db_set_ttl_end_rs(zone_db_t* zone, unsigned int ttl_end_rs) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->ttl_end_rs = ttl_end_rs; return DB_OK; } int zone_db_set_roll_ksk_now(zone_db_t* zone, unsigned int roll_ksk_now) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->roll_ksk_now = roll_ksk_now; return DB_OK; } int zone_db_set_roll_zsk_now(zone_db_t* zone, unsigned int roll_zsk_now) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->roll_zsk_now = roll_zsk_now; return DB_OK; } int zone_db_set_roll_csk_now(zone_db_t* zone, unsigned int roll_csk_now) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->roll_csk_now = roll_csk_now; return DB_OK; } int zone_db_set_input_adapter_type(zone_db_t* zone, const char* input_adapter_type_text) { char* new_input_adapter_type; if (!zone) { return DB_ERROR_UNKNOWN; } if (!input_adapter_type_text) { return DB_ERROR_UNKNOWN; } if (!(new_input_adapter_type = strdup(input_adapter_type_text))) { return DB_ERROR_UNKNOWN; } if (zone->input_adapter_type) { free(zone->input_adapter_type); } zone->input_adapter_type = new_input_adapter_type; return DB_OK; } int zone_db_set_input_adapter_uri(zone_db_t* zone, const char* input_adapter_uri_text) { char* new_input_adapter_uri; if (!zone) { return DB_ERROR_UNKNOWN; } if (!input_adapter_uri_text) { return DB_ERROR_UNKNOWN; } if (!(new_input_adapter_uri = strdup(input_adapter_uri_text))) { return DB_ERROR_UNKNOWN; } if (zone->input_adapter_uri) { free(zone->input_adapter_uri); } zone->input_adapter_uri = new_input_adapter_uri; return DB_OK; } int zone_db_set_output_adapter_type(zone_db_t* zone, const char* output_adapter_type_text) { char* new_output_adapter_type; if (!zone) { return DB_ERROR_UNKNOWN; } if (!output_adapter_type_text) { return DB_ERROR_UNKNOWN; } if (!(new_output_adapter_type = strdup(output_adapter_type_text))) { return DB_ERROR_UNKNOWN; } if (zone->output_adapter_type) { free(zone->output_adapter_type); } zone->output_adapter_type = new_output_adapter_type; return DB_OK; } int zone_db_set_output_adapter_uri(zone_db_t* zone, const char* output_adapter_uri_text) { char* new_output_adapter_uri; if (!zone) { return DB_ERROR_UNKNOWN; } if (!output_adapter_uri_text) { return DB_ERROR_UNKNOWN; } if (!(new_output_adapter_uri = strdup(output_adapter_uri_text))) { return DB_ERROR_UNKNOWN; } if (zone->output_adapter_uri) { free(zone->output_adapter_uri); } zone->output_adapter_uri = new_output_adapter_uri; return DB_OK; } int zone_db_set_next_ksk_roll(zone_db_t* zone, unsigned int next_ksk_roll) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->next_ksk_roll = next_ksk_roll; return DB_OK; } int zone_db_set_next_zsk_roll(zone_db_t* zone, unsigned int next_zsk_roll) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->next_zsk_roll = next_zsk_roll; return DB_OK; } int zone_db_set_next_csk_roll(zone_db_t* zone, unsigned int next_csk_roll) { if (!zone) { return DB_ERROR_UNKNOWN; } zone->next_csk_roll = next_csk_roll; return DB_OK; } db_clause_t* zone_db_policy_id_clause(db_clause_list_t* clause_list, const db_value_t* policy_id) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!policy_id) { return NULL; } if (db_value_not_empty(policy_id)) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), policy_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } int zone_db_create(zone_db_t* zone) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(zone->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(zone->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(zone->policy_id))) { return DB_ERROR_UNKNOWN; } if (!zone->name) { return DB_ERROR_UNKNOWN; } if (!zone->signconf_path) { return DB_ERROR_UNKNOWN; } if (!zone->input_adapter_type) { return DB_ERROR_UNKNOWN; } if (!zone->input_adapter_uri) { return DB_ERROR_UNKNOWN; } if (!zone->output_adapter_type) { return DB_ERROR_UNKNOWN; } if (!zone->output_adapter_uri) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfNeedsWriting") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfPath") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextChange") || db_object_field_set_type(object_field, DB_TYPE_INT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndRs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollKskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollZskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollCskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextKskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextZskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextCskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(18))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(zone->policy_id)) || db_value_from_text(db_value_set_get(value_set, 1), zone->name) || db_value_from_uint32(db_value_set_get(value_set, 2), zone->signconf_needs_writing) || db_value_from_text(db_value_set_get(value_set, 3), zone->signconf_path) || db_value_from_int32(db_value_set_get(value_set, 4), zone->next_change) || db_value_from_uint32(db_value_set_get(value_set, 5), zone->ttl_end_ds) || db_value_from_uint32(db_value_set_get(value_set, 6), zone->ttl_end_dk) || db_value_from_uint32(db_value_set_get(value_set, 7), zone->ttl_end_rs) || db_value_from_uint32(db_value_set_get(value_set, 8), zone->roll_ksk_now) || db_value_from_uint32(db_value_set_get(value_set, 9), zone->roll_zsk_now) || db_value_from_uint32(db_value_set_get(value_set, 10), zone->roll_csk_now) || db_value_from_text(db_value_set_get(value_set, 11), zone->input_adapter_type) || db_value_from_text(db_value_set_get(value_set, 12), zone->input_adapter_uri) || db_value_from_text(db_value_set_get(value_set, 13), zone->output_adapter_type) || db_value_from_text(db_value_set_get(value_set, 14), zone->output_adapter_uri) || db_value_from_uint32(db_value_set_get(value_set, 15), zone->next_ksk_roll) || db_value_from_uint32(db_value_set_get(value_set, 16), zone->next_zsk_roll) || db_value_from_uint32(db_value_set_get(value_set, 17), zone->next_csk_roll)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(zone->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int zone_db_get_by_id(zone_db_t* zone, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(zone->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (zone_db_from_result(zone, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int zone_db_get_by_name(zone_db_t* zone, const char* name) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (!name) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "name") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_text(db_clause_get_value(clause), name) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(zone->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (zone_db_from_result(zone, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } zone_db_t* zone_db_new_get_by_name(const db_connection_t* connection, const char* name) { zone_db_t* zone; if (!connection) { return NULL; } if (!name) { return NULL; } if (!(zone = zone_db_new(connection)) || zone_db_get_by_name(zone, name)) { zone_db_free(zone); return NULL; } return zone; } int zone_db_update(zone_db_t* zone) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(zone->id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(zone->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(zone->policy_id))) { return DB_ERROR_UNKNOWN; } if (!zone->name) { return DB_ERROR_UNKNOWN; } if (!zone->signconf_path) { return DB_ERROR_UNKNOWN; } if (!zone->input_adapter_type) { return DB_ERROR_UNKNOWN; } if (!zone->input_adapter_uri) { return DB_ERROR_UNKNOWN; } if (!zone->output_adapter_type) { return DB_ERROR_UNKNOWN; } if (!zone->output_adapter_uri) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "name") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfNeedsWriting") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "signconfPath") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextChange") || db_object_field_set_type(object_field, DB_TYPE_INT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndDk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttlEndRs") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollKskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollZskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rollCskNow") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterType") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "outputAdapterUri") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextKskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextZskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "nextCskRoll") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(18))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(zone->policy_id)) || db_value_from_text(db_value_set_get(value_set, 1), zone->name) || db_value_from_uint32(db_value_set_get(value_set, 2), zone->signconf_needs_writing) || db_value_from_text(db_value_set_get(value_set, 3), zone->signconf_path) || db_value_from_int32(db_value_set_get(value_set, 4), zone->next_change) || db_value_from_uint32(db_value_set_get(value_set, 5), zone->ttl_end_ds) || db_value_from_uint32(db_value_set_get(value_set, 6), zone->ttl_end_dk) || db_value_from_uint32(db_value_set_get(value_set, 7), zone->ttl_end_rs) || db_value_from_uint32(db_value_set_get(value_set, 8), zone->roll_ksk_now) || db_value_from_uint32(db_value_set_get(value_set, 9), zone->roll_zsk_now) || db_value_from_uint32(db_value_set_get(value_set, 10), zone->roll_csk_now) || db_value_from_text(db_value_set_get(value_set, 11), zone->input_adapter_type) || db_value_from_text(db_value_set_get(value_set, 12), zone->input_adapter_uri) || db_value_from_text(db_value_set_get(value_set, 13), zone->output_adapter_type) || db_value_from_text(db_value_set_get(value_set, 14), zone->output_adapter_uri) || db_value_from_uint32(db_value_set_get(value_set, 15), zone->next_ksk_roll) || db_value_from_uint32(db_value_set_get(value_set, 16), zone->next_zsk_roll) || db_value_from_uint32(db_value_set_get(value_set, 17), zone->next_csk_roll)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(zone->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(zone->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_update(zone->dbo, object_field_list, value_set, clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); db_clause_list_free(clause_list); return ret; } int zone_db_delete(zone_db_t* zone) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(zone->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(zone->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(zone->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(zone->dbo, clause_list); db_clause_list_free(clause_list); return ret; } int zone_db_count(zone_db_t* zone, db_clause_list_t* clause_list, size_t* count) { if (!zone) { return DB_ERROR_UNKNOWN; } if (!zone->dbo) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } return db_object_count(zone->dbo, NULL, clause_list, count); } /* ZONE LIST */ zone_list_db_t* zone_list_db_new(const db_connection_t* connection) { zone_list_db_t* zone_list = (zone_list_db_t*)calloc(1, sizeof(zone_list_db_t)); if (zone_list) { if (!(zone_list->dbo = __zone_db_new_object(connection))) { free(zone_list); return NULL; } } return zone_list; } zone_list_db_t* zone_list_db_new_copy(const zone_list_db_t* from_zone_list) { zone_list_db_t* zone_list; if (!from_zone_list) { return NULL; } if (!from_zone_list->dbo) { return NULL; } if (!(zone_list = zone_list_db_new(db_object_connection(from_zone_list->dbo))) || zone_list_db_copy(zone_list, from_zone_list)) { zone_list_db_free(zone_list); return NULL; } return zone_list; } int zone_list_db_object_store(zone_list_db_t* zone_list) { if (!zone_list) { return DB_ERROR_UNKNOWN; } zone_list->object_store = 1; return DB_OK; } void zone_list_db_free(zone_list_db_t* zone_list) { size_t i; if (zone_list) { if (zone_list->dbo) { db_object_free(zone_list->dbo); } if (zone_list->result_list) { db_result_list_free(zone_list->result_list); } if (zone_list->zone) { zone_db_free(zone_list->zone); } for (i = 0; i < zone_list->object_list_size; i++) { if (zone_list->object_list[i]) { zone_db_free(zone_list->object_list[i]); } } if (zone_list->object_list) { free(zone_list->object_list); } if (zone_list->policy_id_list) { policy_list_free(zone_list->policy_id_list); } free(zone_list); } } int zone_list_db_copy(zone_list_db_t* zone_list, const zone_list_db_t* from_zone_list) { size_t i; if (!zone_list) { return DB_ERROR_UNKNOWN; } if (!from_zone_list) { return DB_ERROR_UNKNOWN; } if (from_zone_list->object_list && !from_zone_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (zone_list->result_list) { db_result_list_free(zone_list->result_list); zone_list->result_list = NULL; } if (from_zone_list->result_list && !(zone_list->result_list = db_result_list_new_copy(from_zone_list->result_list))) { return DB_ERROR_UNKNOWN; } zone_list->object_store = from_zone_list->object_store; for (i = 0; i < zone_list->object_list_size; i++) { if (zone_list->object_list[i]) { zone_db_free(zone_list->object_list[i]); } } zone_list->object_list_size = 0; if (zone_list->object_list) { free(zone_list->object_list); zone_list->object_list = NULL; } if (from_zone_list->object_list) { if (!(zone_list->object_list = (zone_db_t**)calloc(from_zone_list->object_list_size, sizeof(zone_db_t*)))) { return DB_ERROR_UNKNOWN; } zone_list->object_list_size = from_zone_list->object_list_size; for (i = 0; i < from_zone_list->object_list_size; i++) { if (!from_zone_list->object_list[i]) { continue; } if (!(zone_list->object_list[i] = zone_db_new_copy(from_zone_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } zone_list->object_list_position = 0;; zone_list->object_list_first = 1; zone_list->associated_fetch = from_zone_list->associated_fetch; if (from_zone_list->policy_id_list && !(zone_list->policy_id_list = policy_list_new_copy(from_zone_list->policy_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int zone_list_db_get_associated(zone_list_db_t* zone_list) { const db_clause_t* clause_walk; const policy_t* policy_policy_id; size_t j, count; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const zone_db_t* zone; key_data_list_t* key_data_list; const key_data_t* key_data; key_dependency_list_t* key_dependency_list; const key_dependency_t* key_dependency; if (!zone_list) { return DB_ERROR_UNKNOWN; } if (!zone_list->dbo) { return DB_ERROR_UNKNOWN; } if (!zone_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!zone_list->result_list) { return DB_ERROR_UNKNOWN; } if (zone_list->object_list) { return DB_ERROR_UNKNOWN; } if (zone_list->policy_id_list) { policy_list_free(zone_list->policy_id_list); zone_list->policy_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } zone = zone_list_db_begin(zone_list); while (zone) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), zone_db_policy_id(zone), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), zone_db_policy_id(zone)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } zone = zone_list_db_next(zone_list); } if (!(zone_list->policy_id_list = policy_list_new(db_object_connection(zone_list->dbo))) || policy_list_object_store(zone_list->policy_id_list) || policy_list_get_by_clauses(zone_list->policy_id_list, clause_list)) { if (zone_list->policy_id_list) { policy_list_free(zone_list->policy_id_list); zone_list->policy_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < zone_list->object_list_size; i++) { if (!(zone_list->object_list[i])) { return DB_ERROR_UNKNOWN; } policy_policy_id = policy_list_begin(zone_list->policy_id_list); while (policy_policy_id) { if (db_value_cmp(zone_db_policy_id(zone_list->object_list[i]), policy_id(policy_policy_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { zone_list->object_list[i]->associated_policy_id = policy_policy_id; } policy_policy_id = policy_list_next(zone_list->policy_id_list); } } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } zone = zone_list_db_begin(zone_list); while (zone) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "zoneId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), zone_db_id(zone)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } zone = zone_list_db_next(zone_list); } if (!(key_data_list = key_data_list_new(db_object_connection(zone_list->dbo))) || key_data_list_object_store(key_data_list) || key_data_list_get_by_clauses(key_data_list, clause_list)) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } for (i = 0; i < zone_list->object_list_size; i++) { if (!(zone_list->object_list[i])) { return DB_ERROR_UNKNOWN; } count = 0; key_data = key_data_list_begin(key_data_list); while (key_data) { if (db_value_cmp(zone_db_id(zone_list->object_list[i]), key_data_zone_id(key_data), &cmp)) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } key_data = key_data_list_next(key_data_list); } if (zone_list->object_list[i]->key_data_list) { key_data_list_free(zone_list->object_list[i]->key_data_list); zone_list->object_list[i]->key_data_list = NULL; } if (!(zone_list->object_list[i]->key_data_list = key_data_list_new(db_object_connection(zone_list->dbo)))) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(zone_list->object_list[i]->key_data_list->object_list = (key_data_t**)calloc(count, sizeof(key_data_t*)))) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; key_data = key_data_list_begin(key_data_list); while (key_data) { if (j >= count) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(zone_db_id(zone_list->object_list[i]), key_data_zone_id(key_data), &cmp)) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(zone_list->object_list[i]->key_data_list->object_list[j] = key_data_new_copy(key_data))) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } key_data = key_data_list_next(key_data_list); } if (j != count) { key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } zone_list->object_list[i]->key_data_list->object_store = 1; zone_list->object_list[i]->key_data_list->object_list_size = count; zone_list->object_list[i]->key_data_list->object_list_first = 1; } if (!(key_dependency_list = key_dependency_list_new(db_object_connection(zone_list->dbo))) || key_dependency_list_object_store(key_dependency_list) || key_dependency_list_get_by_clauses(key_dependency_list, clause_list)) { key_dependency_list_free(key_dependency_list); key_data_list_free(key_data_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } key_data_list_free(key_data_list); for (i = 0; i < zone_list->object_list_size; i++) { if (!(zone_list->object_list[i])) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } count = 0; key_dependency = key_dependency_list_begin(key_dependency_list); while (key_dependency) { if (db_value_cmp(zone_db_id(zone_list->object_list[i]), key_dependency_zone_id(key_dependency), &cmp)) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } key_dependency = key_dependency_list_next(key_dependency_list); } if (zone_list->object_list[i]->key_dependency_list) { key_dependency_list_free(zone_list->object_list[i]->key_dependency_list); zone_list->object_list[i]->key_dependency_list = NULL; } if (!(zone_list->object_list[i]->key_dependency_list = key_dependency_list_new(db_object_connection(zone_list->dbo)))) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(zone_list->object_list[i]->key_dependency_list->object_list = (key_dependency_t**)calloc(count, sizeof(key_dependency_t*)))) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; key_dependency = key_dependency_list_begin(key_dependency_list); while (key_dependency) { if (j >= count) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(zone_db_id(zone_list->object_list[i]), key_dependency_zone_id(key_dependency), &cmp)) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(zone_list->object_list[i]->key_dependency_list->object_list[j] = key_dependency_new_copy(key_dependency))) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } key_dependency = key_dependency_list_next(key_dependency_list); } if (j != count) { key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } zone_list->object_list[i]->key_dependency_list->object_store = 1; zone_list->object_list[i]->key_dependency_list->object_list_size = count; zone_list->object_list[i]->key_dependency_list->object_list_first = 1; } key_dependency_list_free(key_dependency_list); db_clause_list_free(clause_list); zone_list->object_list_first = 1; return DB_OK; } int zone_list_db_get(zone_list_db_t* zone_list) { size_t i; if (!zone_list) { return DB_ERROR_UNKNOWN; } if (!zone_list->dbo) { return DB_ERROR_UNKNOWN; } if (zone_list->result_list) { db_result_list_free(zone_list->result_list); } if (zone_list->object_list_size) { for (i = 0; i < zone_list->object_list_size; i++) { if (zone_list->object_list[i]) { zone_db_free(zone_list->object_list[i]); } } zone_list->object_list_size = 0; zone_list->object_list_first = 0; } if (zone_list->object_list) { free(zone_list->object_list); zone_list->object_list = NULL; } if (!(zone_list->result_list = db_object_read(zone_list->dbo, NULL, NULL)) || db_result_list_fetch_all(zone_list->result_list)) { return DB_ERROR_UNKNOWN; } if (zone_list->associated_fetch && zone_list_db_get_associated(zone_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } zone_list_db_t* zone_list_db_new_get(const db_connection_t* connection) { zone_list_db_t* zone_list; if (!connection) { return NULL; } if (!(zone_list = zone_list_db_new(connection)) || zone_list_db_get(zone_list)) { zone_list_db_free(zone_list); return NULL; } return zone_list; } int zone_list_db_get_by_clauses(zone_list_db_t* zone_list, const db_clause_list_t* clause_list) { size_t i; if (!zone_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!zone_list->dbo) { return DB_ERROR_UNKNOWN; } if (zone_list->result_list) { db_result_list_free(zone_list->result_list); } if (zone_list->object_list_size) { for (i = 0; i < zone_list->object_list_size; i++) { if (zone_list->object_list[i]) { zone_db_free(zone_list->object_list[i]); } } zone_list->object_list_size = 0; zone_list->object_list_first = 0; } if (zone_list->object_list) { free(zone_list->object_list); zone_list->object_list = NULL; } if (!(zone_list->result_list = db_object_read(zone_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(zone_list->result_list)) { return DB_ERROR_UNKNOWN; } if (zone_list->associated_fetch && zone_list_db_get_associated(zone_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int zone_list_db_get_by_policy_id(zone_list_db_t* zone_list, const db_value_t* policy_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!zone_list) { return DB_ERROR_UNKNOWN; } if (!zone_list->dbo) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), policy_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (zone_list->result_list) { db_result_list_free(zone_list->result_list); } if (zone_list->object_list_size) { for (i = 0; i < zone_list->object_list_size; i++) { if (zone_list->object_list[i]) { zone_db_free(zone_list->object_list[i]); } } zone_list->object_list_size = 0; zone_list->object_list_first = 0; } if (zone_list->object_list) { free(zone_list->object_list); zone_list->object_list = NULL; } if (!(zone_list->result_list = db_object_read(zone_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(zone_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (zone_list->associated_fetch && zone_list_db_get_associated(zone_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } zone_list_db_t* zone_list_db_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id) { zone_list_db_t* zone_list; if (!connection) { return NULL; } if (!policy_id) { return NULL; } if (db_value_not_empty(policy_id)) { return NULL; } if (!(zone_list = zone_list_db_new(connection)) || zone_list_db_get_by_policy_id(zone_list, policy_id)) { zone_list_db_free(zone_list); return NULL; } return zone_list; } const zone_db_t* zone_list_db_begin(zone_list_db_t* zone_list) { const db_result_t* result; if (!zone_list) { return NULL; } if (zone_list->object_store) { if (!zone_list->object_list) { if (!zone_list->result_list) { return NULL; } if (!db_result_list_size(zone_list->result_list)) { return NULL; } if (!(zone_list->object_list = (zone_db_t**)calloc(db_result_list_size(zone_list->result_list), sizeof(zone_db_t*)))) { return NULL; } zone_list->object_list_size = db_result_list_size(zone_list->result_list); } if (!(zone_list->object_list[0])) { if (!zone_list->result_list) { return NULL; } if (!(result = db_result_list_begin(zone_list->result_list))) { return NULL; } if (!(zone_list->object_list[0] = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } if (zone_db_from_result(zone_list->object_list[0], result)) { return NULL; } } zone_list->object_list_position = 0; return zone_list->object_list[0]; } if (!zone_list->result_list) { return NULL; } if (!(result = db_result_list_begin(zone_list->result_list))) { return NULL; } if (!zone_list->zone) { if (!(zone_list->zone = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } } if (zone_db_from_result(zone_list->zone, result)) { return NULL; } return zone_list->zone; } const zone_db_t* zone_list_db_next(zone_list_db_t* zone_list) { const db_result_t* result; if (!zone_list) { return NULL; } if (zone_list->object_store) { if (!zone_list->object_list) { if (!zone_list->result_list) { return NULL; } if (!db_result_list_size(zone_list->result_list)) { return NULL; } if (!(zone_list->object_list = (zone_db_t**)calloc(db_result_list_size(zone_list->result_list), sizeof(zone_db_t*)))) { return NULL; } zone_list->object_list_size = db_result_list_size(zone_list->result_list); zone_list->object_list_position = 0; } else if (zone_list->object_list_first) { zone_list->object_list_first = 0; zone_list->object_list_position = 0; } else { zone_list->object_list_position++; } if (zone_list->object_list_position >= zone_list->object_list_size) { return NULL; } if (!(zone_list->object_list[zone_list->object_list_position])) { if (!zone_list->result_list) { return NULL; } if (!(result = db_result_list_next(zone_list->result_list))) { return NULL; } if (!(zone_list->object_list[zone_list->object_list_position] = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } if (zone_db_from_result(zone_list->object_list[zone_list->object_list_position], result)) { return NULL; } } return zone_list->object_list[zone_list->object_list_position]; } if (!zone_list->result_list) { return NULL; } if (!(result = db_result_list_next(zone_list->result_list))) { return NULL; } if (!zone_list->zone) { if (!(zone_list->zone = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } } if (zone_db_from_result(zone_list->zone, result)) { return NULL; } return zone_list->zone; } zone_db_t* zone_list_db_get_next(zone_list_db_t* zone_list) { const db_result_t* result; zone_db_t* zone; if (!zone_list) { return NULL; } if (zone_list->object_store) { if (!(zone = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } if (zone_db_copy(zone, zone_list_db_next(zone_list))) { zone_db_free(zone); return NULL; } return zone; } if (!zone_list->result_list) { return NULL; } if (!(result = db_result_list_next(zone_list->result_list))) { return NULL; } if (!(zone = zone_db_new(db_object_connection(zone_list->dbo)))) { return NULL; } if (zone_db_from_result(zone, result)) { zone_db_free(zone); return NULL; } return zone; } size_t zone_list_db_size(zone_list_db_t* zone_list) { if (!zone_list) { return 0; } if (zone_list->object_store && zone_list->object_list) { return zone_list->object_list_size; } if (!zone_list->result_list) { return 0; } return db_result_list_size(zone_list->result_list); } opendnssec-2.1.5/enforcer/src/db/db_result.h0000644000202300020240000001635113560310771015712 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_result_h #define __db_result_h struct db_result; struct db_result_list; typedef struct db_result db_result_t; typedef struct db_result_list db_result_list_t; /** * Function pointer for walking a db_result_list. The backend handle specific * data is supplied in `data` and setting `finish` to non-zero tells the backend * that we are finished with the db_result_list. * \param[in] data a void pointer for the backend specific data. * \param[in] finish an integer that if non-zero will tell the backend that we * are finished with the result list. * \return A pointer to the next db_result_t or NULL on error. */ typedef db_result_t* (*db_result_list_next_t)(void* data, int finish); #include "db_value.h" #include "db_backend.h" /** * A container for a database result, the data in the result is represented by * a fixed size db_value_set_t. */ struct db_result { db_result_t* next; db_value_set_t* value_set; }; /** * Create a new database result. * \return a db_result_t pointer or NULL on error. */ db_result_t* db_result_new(void); /** * Create a new database result that is a copy of another. * \param[in] from_result a db_result_t pointer. * \return a db_result_t pointer or NULL on error. */ db_result_t* db_result_new_copy(const db_result_t* from_result); /** * Delete a database result and the backend meta data list if set. * \param[in] result a db_result_t pointer. */ void db_result_free(db_result_t* result); /** * Copy the content of another database result. * \param[in] result a db_result_t pointer. * \param[in] from_result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_copy(db_result_t* result, const db_result_t* from_result); /** * Get the value set of a database result. * \param[in] result a db_result_t pointer. * \return a db_value_set_t pointer or NULL on error or if no value set has * been set. */ const db_value_set_t* db_result_value_set(const db_result_t* result); /** * Set the value set of a database result. * \param[in] result a db_result_t pointer. * \param[in] value_set a db_value_set_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_set_value_set(db_result_t* result, db_value_set_t* value_set); /** * Check if a database result is not empty. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* if empty, otherwise DB_OK. */ int db_result_not_empty(const db_result_t* result); /** * A list of database results. */ struct db_result_list { db_result_t* begin; db_result_t* end; db_result_t* current; db_result_list_next_t next_function; void* next_data; size_t size; int begun; }; /** * Create a new database result list. * \return a db_result_list_t pointer or NULL on error. */ db_result_list_t* db_result_list_new(void); /** * Create a new database result list that is a copy of another. * \param[in] from_result_list a db_result_list_t pointer. * \return a db_result_list_t pointer or NULL on error. */ db_result_list_t* db_result_list_new_copy(const db_result_list_t* from_result_list); /** * Delete a database result list and all database results within the list. * \param[in] result_list a db_result_list_t pointer. */ void db_result_list_free(db_result_list_t* result_list); /** * free global allocator. * db_result_list_free MUST be called for all its contents. */ /** * Copy the content of another database result list. * \param[in] result_list a db_result_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_list_copy(db_result_list_t* result_list, const db_result_list_t* from_result_list); /** * Set the function pointer for fetching the next database result for a database * result list. The backend handle specific data is supplied in `next_data` * along with the total size of the result list in `size`. * \param[in] result_list a db_result_list_t pointer. * \param[in] next_function a db_result_list_next_t function pointer. * \param[in] next_data a void pointer. * \param[in] size a size_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_list_set_next(db_result_list_t* result_list, db_result_list_next_t next_function, void* next_data, size_t size); /** * Add a database result to a database result list, this will takes over the * ownership of the database result. * \param[in] result_list a db_result_list_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_list_add(db_result_list_t* result_list, db_result_t* result); /** * Return the first database result in a database result list and reset the * position of the list. * \param[in] result_list a db_result_list_t pointer. * \return a db_result_t pointer or NULL on error or if the list is empty. */ const db_result_t* db_result_list_begin(db_result_list_t* result_list); /** * Return the next database result in a database result list. * \param[in] result_list a db_result_list_t pointer. * \return a db_result_t pointer or NULL on error or if the end of the list has * been reached. */ const db_result_t* db_result_list_next(db_result_list_t* result_list); /** * Return the size of the database result list. * \param[in] result_list a db_result_list_t pointer. * \return a size_t with the size of the database result list or zero on error * , if the database result list is empty or if the backend does not support * returning the size. */ size_t db_result_list_size(const db_result_list_t* result_list); /** * Make sure that all objects in this database result list is loaded into memory * so that db_result_list_begin() can be used to iterate over the list multiple * times. * \param[in] result_list a db_result_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_result_list_fetch_all(db_result_list_t* result_list); #endif opendnssec-2.1.5/enforcer/src/db/policy_ext.h0000644000202300020240000000470613560310771016107 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __policy_ext_h #define __policy_ext_h #include #include "zone_db.h" #include "policy_key.h" /** * Create a policy object from XML. * \param[in] policy a policy_t object being created. * \param[in] policy_node a xmlNodePtr to the XML for the policy. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_create_from_xml(policy_t* policy, xmlNodePtr policy_node); /** * Update a policy object from XML. * \param[in] policy a policy_t object being updated. * \param[in] policy_node a xmlNodePtr to the XML for the policy. * \param[out] updated an integer pointer that will be set to non-zero if any * values in the policy was updated. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_update_from_xml(policy_t* policy, xmlNodePtr policy_node, int* updated); /** * Get the policy keys for a policy. * \param[in] policy a policy_t object. * \return a policy_key_list_t pointer or NULL on error. */ policy_key_list_t* policy_get_policy_keys(const policy_t* policy); #endif opendnssec-2.1.5/enforcer/src/db/db_backend_sqlite.c0000644000202300020240000016140013560311035017325 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_backend_sqlite.h" #include "db_error.h" #include "log.h" #include #include #include #include #include #include #include #include static int db_backend_sqlite_transaction_rollback(void*); /** * Keep track of if we have initialized the SQLite backend. */ static int __sqlite3_initialized = 0; /** * A pthread mutex and cond to use for SQLite database locks / busy handler. * * SQLite may lock the database if a thread wants to write to the database then * all other threads needs to wait for that action to be completed and SQLite * only releases the lock when the statement is finalized. Our busy handler * function waits for a cond to be signaled instead of sleeping a fix amount of * time and in so speeds up access to the database once the lock is released. */ static pthread_mutex_t __sqlite_mutex = PTHREAD_MUTEX_INITIALIZER; static pthread_cond_t __sqlite_cond = PTHREAD_COND_INITIALIZER; /** * The SQLite database backend specific data. */ typedef struct db_backend_sqlite { sqlite3* db; int transaction; int timeout; int time; long usleep; } db_backend_sqlite_t; /** * The SQLite database backend specific data for walking a result. */ typedef struct db_backend_sqlite_statement { db_backend_sqlite_t* backend_sqlite; sqlite3_stmt* statement; int fields; const db_object_t* object; } db_backend_sqlite_statement_t; /** * The SQLite bust handler that is used to wait for database access. */ static int __db_backend_sqlite_busy_handler(void *data, int retry) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; struct timespec busy_ts; int rc; (void)retry; if (!backend_sqlite) { return 0; } ods_log_deeebug("db_backend_sqlite_busy_handler: Database busy, waiting..."); if (pthread_mutex_lock(&__sqlite_mutex)) { ods_log_error("db_backend_sqlite_busy_handler: Mutex error"); return 0; } if (clock_gettime(CLOCK_REALTIME, &busy_ts)) { pthread_mutex_unlock(&__sqlite_mutex); return 0; } busy_ts.tv_nsec += backend_sqlite->usleep * 1000; if (busy_ts.tv_nsec > 999999999) { busy_ts.tv_sec += (busy_ts.tv_nsec / 1000000000); busy_ts.tv_nsec -= (busy_ts.tv_nsec / 1000000000) * 1000000000; } rc = pthread_cond_timedwait(&__sqlite_cond, &__sqlite_mutex, &busy_ts); if (rc == ETIMEDOUT) { if (time(NULL) < (backend_sqlite->time + backend_sqlite->timeout)) { ods_log_deeebug("db_backend_sqlite_busy_handler: Woke up, checking database..."); pthread_mutex_unlock(&__sqlite_mutex); return 1; } pthread_mutex_unlock(&__sqlite_mutex); return 0; } else if (rc) { ods_log_error("db_backend_sqlite_busy_handler: pthread_cond_timedwait() error %d", rc); pthread_mutex_unlock(&__sqlite_mutex); return 0; } ods_log_deeebug("db_backend_sqlite_busy_handler: Woke up, checking database..."); pthread_mutex_unlock(&__sqlite_mutex); return 1; } /** * SQLite prepare function. */ static inline int __db_backend_sqlite_prepare(db_backend_sqlite_t* backend_sqlite, sqlite3_stmt** statement, const char* sql, size_t size) { int ret; if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite->db) { return DB_ERROR_UNKNOWN; } if (!statement) { return DB_ERROR_UNKNOWN; } if (*statement) { return DB_ERROR_UNKNOWN; } if (!sql) { return DB_ERROR_UNKNOWN; } ods_log_debug("%s", sql); backend_sqlite->time = time(NULL); ret = sqlite3_prepare_v2(backend_sqlite->db, sql, size, statement, NULL); if (ret != SQLITE_OK) { ods_log_info("DB prepare SQL %s", sql); ods_log_crit("DB prepare Err %d", ret); if (*statement) { sqlite3_finalize(*statement); } *statement = NULL; return DB_ERROR_UNKNOWN; } return DB_OK; } /** * SQLite step function. */ static inline int __db_backend_sqlite_step(db_backend_sqlite_t* backend_sqlite, sqlite3_stmt* statement) { /* struct timespec busy_ts; int rc, ret, been_busy = 0; */ int ret; if (!backend_sqlite) { return SQLITE_INTERNAL; } if (!statement) { return SQLITE_INTERNAL; } backend_sqlite->time = time(NULL); ret = sqlite3_step(statement); /* if (ret == SQLITE_BUSY) { ods_log_deeebug("db_backend_sqlite_step: Database busy, waiting..."); } while (ret == SQLITE_BUSY) { if (pthread_mutex_lock(&__sqlite_mutex)) { ods_log_error("db_backend_sqlite_step: Mutex error"); return ret; } if (clock_gettime(CLOCK_REALTIME, &busy_ts)) { pthread_mutex_unlock(&__sqlite_mutex); return ret; } busy_ts.tv_sec += backend_sqlite->timeout; rc = pthread_cond_timedwait(&__sqlite_cond, &__sqlite_mutex, &busy_ts); if (rc == ETIMEDOUT) { pthread_mutex_unlock(&__sqlite_mutex); return ret; } else if (rc) { ods_log_error("db_backend_sqlite_step: pthread_cond_timedwait() error %d", rc); pthread_mutex_unlock(&__sqlite_mutex); return ret; } ods_log_deeebug("db_backend_sqlite_step: Woke up, checking database..."); ret = sqlite3_step(statement); pthread_mutex_unlock(&__sqlite_mutex); } if (been_busy) { ods_log_deeebug("db_backend_sqlite_step: Got lock or failed/timed out"); } */ return ret; } /** * SQLite finalize function. * * This will also signal the pthread cond that is used for busy handler. */ static inline int __db_backend_sqlite_finalize(sqlite3_stmt* statement) { int ret; ret = sqlite3_finalize(statement); pthread_cond_broadcast(&__sqlite_cond); return ret; } static int db_backend_sqlite_initialize(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!__sqlite3_initialized) { int ret = sqlite3_initialize(); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } __sqlite3_initialized = 1; } return DB_OK; } static int db_backend_sqlite_shutdown(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (__sqlite3_initialized) { int ret = sqlite3_shutdown(); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } __sqlite3_initialized = 0; } return DB_OK; } static int db_backend_sqlite_connect(void* data, const db_configuration_list_t* configuration_list) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; const db_configuration_t* file; const db_configuration_t* timeout; const db_configuration_t* usleep; int ret; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (backend_sqlite->db) { return DB_ERROR_UNKNOWN; } if (!configuration_list) { return DB_ERROR_UNKNOWN; } if (!(file = db_configuration_list_find(configuration_list, "file"))) { return DB_ERROR_UNKNOWN; } backend_sqlite->timeout = DB_BACKEND_SQLITE_DEFAULT_TIMEOUT; if ((timeout = db_configuration_list_find(configuration_list, "timeout"))) { backend_sqlite->timeout = atoi(db_configuration_value(timeout)); if (backend_sqlite->timeout < 1) { backend_sqlite->timeout = DB_BACKEND_SQLITE_DEFAULT_TIMEOUT; } } backend_sqlite->usleep = DB_BACKEND_SQLITE_DEFAULT_USLEEP; if ((usleep = db_configuration_list_find(configuration_list, "usleep"))) { backend_sqlite->usleep = atoi(db_configuration_value(usleep)); if (backend_sqlite->usleep < 1) { backend_sqlite->usleep = DB_BACKEND_SQLITE_DEFAULT_TIMEOUT; } } ret = sqlite3_open_v2( db_configuration_value(file), &(backend_sqlite->db), SQLITE_OPEN_READWRITE | SQLITE_OPEN_FULLMUTEX, NULL); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } if ((ret = sqlite3_busy_handler(backend_sqlite->db, __db_backend_sqlite_busy_handler, backend_sqlite)) != SQLITE_OK) { ods_log_error("db_backend_sqlite: sqlite3_busy_handler() error %d", ret); sqlite3_close(backend_sqlite->db); backend_sqlite->db = NULL; return DB_ERROR_UNKNOWN; } /* * Enable This line to log complete queries to stdout. * sqlite3_trace(backend_sqlite->db, printf, "SQL: %s\n"); * */ return DB_OK; } static int db_backend_sqlite_disconnect(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; int ret; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite->db) { return DB_ERROR_UNKNOWN; } if (backend_sqlite->transaction) { db_backend_sqlite_transaction_rollback(backend_sqlite); } ret = sqlite3_close(backend_sqlite->db); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } backend_sqlite->db = NULL; return DB_OK; } /** * Build the clause/WHERE SQL and append it to `sqlp`, how much that is left in * the buffer pointed by `sqlp` is specified by `left`. * \param[in] object a db_object_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[in] sqlp a character pointer pointer. * \param[in] left an integer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ static int __db_backend_sqlite_build_clause(const db_object_t* object, const db_clause_list_t* clause_list, char** sqlp, int* left) { const db_clause_t* clause; int first, ret; if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!sqlp) { return DB_ERROR_UNKNOWN; } if (!*sqlp) { return DB_ERROR_UNKNOWN; } if (!left) { return DB_ERROR_UNKNOWN; } if (*left < 1) { return DB_ERROR_UNKNOWN; } clause = db_clause_list_begin(clause_list); first = 1; while (clause) { if (first) { first = 0; } else { switch (db_clause_operator(clause)) { case DB_CLAUSE_OPERATOR_AND: if ((ret = snprintf(*sqlp, *left, " AND")) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_OPERATOR_OR: if ((ret = snprintf(*sqlp, *left, " OR")) >= *left) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; } switch (db_clause_type(clause)) { case DB_CLAUSE_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s = ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_NOT_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s != ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_LESS_THEN: if ((ret = snprintf(*sqlp, *left, " %s.%s < ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_LESS_OR_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s <= ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_GREATER_OR_EQUAL: if ((ret = snprintf(*sqlp, *left, " %s.%s >= ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_GREATER_THEN: if ((ret = snprintf(*sqlp, *left, " %s.%s > ?", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NULL: if ((ret = snprintf(*sqlp, *left, " %s.%s IS NULL", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NOT_NULL: if ((ret = snprintf(*sqlp, *left, " %s.%s IS NOT NULL", db_object_table(object), db_clause_field(clause))) >= *left) { return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_NESTED: if ((ret = snprintf(*sqlp, *left, " (")) >= *left) { return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; if (__db_backend_sqlite_build_clause(object, db_clause_list(clause), sqlp, left)) { return DB_ERROR_UNKNOWN; } if ((ret = snprintf(*sqlp, *left, " )")) >= *left) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } *sqlp += ret; *left -= ret; clause = db_clause_next(clause); } return DB_OK; } /** * Bind values from the clause list to the SQLite statement, `bind` contains the * position of the bind value. * \param[in] statement a sqlite3_stmt pointer. * \param[in] clause_list a db_clause_list_t pointer. * \param[in] bind an integer pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ static int __db_backend_sqlite_bind_clause(sqlite3_stmt* statement, const db_clause_list_t* clause_list, int* bind) { const db_clause_t* clause; int ret; int to_int; sqlite3_int64 to_int64; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; if (!statement) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!bind) { return DB_ERROR_UNKNOWN; } if (!*bind) { return DB_ERROR_UNKNOWN; } clause = db_clause_list_begin(clause_list); while (clause) { switch (db_clause_type(clause)) { case DB_CLAUSE_EQUAL: case DB_CLAUSE_NOT_EQUAL: case DB_CLAUSE_LESS_THEN: case DB_CLAUSE_LESS_OR_EQUAL: case DB_CLAUSE_GREATER_OR_EQUAL: case DB_CLAUSE_GREATER_THEN: switch (db_value_type(db_clause_value(clause))) { case DB_TYPE_PRIMARY_KEY: case DB_TYPE_INT32: if (db_value_to_int32(db_clause_value(clause), &int32)) { return DB_ERROR_UNKNOWN; } to_int = int32; ret = sqlite3_bind_int(statement, (*bind)++, to_int); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT32: if (db_value_to_uint32(db_clause_value(clause), &uint32)) { return DB_ERROR_UNKNOWN; } to_int = uint32; ret = sqlite3_bind_int(statement, (*bind)++, to_int); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; case DB_TYPE_INT64: if (db_value_to_int64(db_clause_value(clause), &int64)) { return DB_ERROR_UNKNOWN; } to_int64 = int64; ret = sqlite3_bind_int64(statement, (*bind)++, to_int64); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT64: if (db_value_to_uint64(db_clause_value(clause), &uint64)) { return DB_ERROR_UNKNOWN; } to_int64 = uint64; ret = sqlite3_bind_int64(statement, (*bind)++, to_int64); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; case DB_TYPE_TEXT: ret = sqlite3_bind_text(statement, (*bind)++, db_value_text(db_clause_value(clause)), -1, SQLITE_TRANSIENT); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; case DB_TYPE_ENUM: if (db_value_enum_value(db_clause_value(clause), &to_int)) { return DB_ERROR_UNKNOWN; } ret = sqlite3_bind_int(statement, (*bind)++, to_int); if (ret != SQLITE_OK) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } break; case DB_CLAUSE_IS_NULL: case DB_CLAUSE_IS_NOT_NULL: break; case DB_CLAUSE_NESTED: if (__db_backend_sqlite_bind_clause(statement, db_clause_list(clause), bind)) { return DB_ERROR_UNKNOWN; } break; default: return DB_ERROR_UNKNOWN; } clause = db_clause_next(clause); } return DB_OK; } static db_result_t* db_backend_sqlite_next(void* data, int finish) { db_backend_sqlite_statement_t* statement = (db_backend_sqlite_statement_t*)data; int ret; int bind; db_result_t* result = NULL; db_value_set_t* value_set = NULL; const db_object_field_t* object_field; int from_int; sqlite3_int64 from_int64; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; const char* text; if (!statement) { return NULL; } if (!statement->object) { return NULL; } if (!statement->statement) { return NULL; } if (finish) { __db_backend_sqlite_finalize(statement->statement); free(statement); return NULL; } if (__db_backend_sqlite_step(statement->backend_sqlite, statement->statement) != SQLITE_ROW) { return NULL; } if (!(result = db_result_new()) || !(value_set = db_value_set_new(statement->fields)) || db_result_set_value_set(result, value_set)) { db_result_free(result); db_value_set_free(value_set); return NULL; } object_field = db_object_field_list_begin(db_object_object_field_list(statement->object)); bind = 0; while (object_field) { switch (db_object_field_type(object_field)) { case DB_TYPE_PRIMARY_KEY: from_int = sqlite3_column_int(statement->statement, bind); int32 = from_int; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_int32(db_value_set_get(value_set, bind), int32) || db_value_set_primary_key(db_value_set_get(value_set, bind))) { db_result_free(result); return NULL; } break; case DB_TYPE_ENUM: /* * Enum needs to be handled elsewhere since we don't know the * enum_set_t here. */ case DB_TYPE_INT32: from_int = sqlite3_column_int(statement->statement, bind); int32 = from_int; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_int32(db_value_set_get(value_set, bind), int32)) { db_result_free(result); return NULL; } break; case DB_TYPE_UINT32: from_int = sqlite3_column_int(statement->statement, bind); uint32 = from_int; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_uint32(db_value_set_get(value_set, bind), uint32)) { db_result_free(result); return NULL; } break; case DB_TYPE_INT64: from_int64 = sqlite3_column_int64(statement->statement, bind); int64 = from_int64; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_int64(db_value_set_get(value_set, bind), int64)) { db_result_free(result); return NULL; } break; case DB_TYPE_UINT64: from_int64 = sqlite3_column_int64(statement->statement, bind); uint64 = from_int64; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_uint64(db_value_set_get(value_set, bind), uint64)) { db_result_free(result); return NULL; } break; case DB_TYPE_TEXT: text = (const char*)sqlite3_column_text(statement->statement, bind); ret = sqlite3_errcode(statement->backend_sqlite->db); if (!text || (ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_text(db_value_set_get(value_set, bind), text)) { db_result_free(result); return NULL; } break; case DB_TYPE_ANY: case DB_TYPE_REVISION: switch (sqlite3_column_type(statement->statement, bind)) { case SQLITE_INTEGER: from_int64 = sqlite3_column_int64(statement->statement, bind); int64 = from_int64; ret = sqlite3_errcode(statement->backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_int64(db_value_set_get(value_set, bind), int64)) { db_result_free(result); return NULL; } break; case SQLITE_TEXT: text = (const char*)sqlite3_column_text(statement->statement, bind); ret = sqlite3_errcode(statement->backend_sqlite->db); if (!text || (ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE) || db_value_from_text(db_value_set_get(value_set, bind), text)) { db_result_free(result); return NULL; } break; default: db_result_free(result); return NULL; } break; default: db_result_free(result); return NULL; } object_field = db_object_field_next(object_field); bind++; } return result; } static int db_backend_sqlite_create(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; const db_object_field_t* object_field; const db_object_field_t* revision_field = NULL; const db_value_t* value; char sql[4*1024]; char* sqlp; int ret, left, bind, first; sqlite3_stmt* statement = NULL; size_t value_pos; int to_int; sqlite3_int64 to_int64; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if (!db_object_field_list_begin(object_field_list) && !revision_field) { /* * Special case when tables has no fields except maybe a primary key. */ if ((ret = snprintf(sqlp, left, "INSERT INTO %s DEFAULT VALUES", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } else { if ((ret = snprintf(sqlp, left, "INSERT INTO %s (", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Add the fields from the given object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Add the revision field if we have one. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } if ((ret = snprintf(sqlp, left, " ) VALUES (")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Mark all the fields for binding from the object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " ?")) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", ?")) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Mark revision field for binding if we have one. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " ?")) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", ?")) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } if ((ret = snprintf(sqlp, left, " )")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } /* * Prepare the SQL, create a SQLite statement. */ if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, sizeof(sql))) { return DB_ERROR_UNKNOWN; } /* * Bind all the values from value_set. */ bind = 1; for (value_pos = 0; value_pos < db_value_set_size(value_set); value_pos++) { if (!(value = db_value_set_at(value_set, value_pos))) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } switch (db_value_type(value)) { case DB_TYPE_INT32: if (db_value_to_int32(value, &int32)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int = int32; ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT32: if (db_value_to_uint32(value, &uint32)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int = uint32; ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_INT64: if (db_value_to_int64(value, &int64)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int64 = int64; ret = sqlite3_bind_int64(statement, bind++, to_int64); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT64: if (db_value_to_uint64(value, &uint64)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int64 = uint64; ret = sqlite3_bind_int64(statement, bind++, to_int64); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_TEXT: ret = sqlite3_bind_text(statement, bind++, db_value_text(value), -1, SQLITE_TRANSIENT); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_ENUM: if (db_value_enum_value(value, &to_int)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; default: __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } /* * Bind the revision field value if we have one. */ if (revision_field) { ret = sqlite3_bind_int(statement, bind++, 1); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } /* * Execute the SQL. */ if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); return DB_OK; } static db_result_list_t* db_backend_sqlite_read(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; const db_object_field_t* object_field; const db_join_t* join; char sql[4*1024]; char* sqlp; int ret, left, first, fields, bind; db_result_list_t* result_list; db_backend_sqlite_statement_t* statement; if (!__sqlite3_initialized) { return NULL; } if (!backend_sqlite) { return NULL; } if (!object) { return NULL; } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "SELECT")) >= left) { return NULL; } sqlp += ret; left -= ret; object_field = db_object_field_list_begin(db_object_object_field_list(object)); first = 1; fields = 0; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s.%s", db_object_table(object), db_object_field_name(object_field))) >= left) { return NULL; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s.%s", db_object_table(object), db_object_field_name(object_field))) >= left) { return NULL; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); fields++; } if ((ret = snprintf(sqlp, left, " FROM %s", db_object_table(object))) >= left) { return NULL; } sqlp += ret; left -= ret; if (join_list) { join = db_join_list_begin(join_list); while (join) { if ((ret = snprintf(sqlp, left, " INNER JOIN %s ON %s.%s = %s.%s", db_join_to_table(join), db_join_to_table(join), db_join_to_field(join), db_join_from_table(join), db_join_from_field(join))) >= left) { return NULL; } sqlp += ret; left -= ret; join = db_join_next(join); } } if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return NULL; } sqlp += ret; left -= ret; } if (__db_backend_sqlite_build_clause(object, clause_list, &sqlp, &left)) { return NULL; } } statement = calloc(1, sizeof(db_backend_sqlite_statement_t)); if (!statement) { return NULL; } statement->backend_sqlite = backend_sqlite; statement->object = object; statement->fields = fields; statement->statement = NULL; if (__db_backend_sqlite_prepare(backend_sqlite, &(statement->statement), sql, sizeof(sql))) { free(statement); return NULL; } if (clause_list) { bind = 1; if (__db_backend_sqlite_bind_clause(statement->statement, clause_list, &bind)) { __db_backend_sqlite_finalize(statement->statement); free(statement); return NULL; } } if (!(result_list = db_result_list_new()) || db_result_list_set_next(result_list, db_backend_sqlite_next, statement, 0)) { db_result_list_free(result_list); __db_backend_sqlite_finalize(statement->statement); free(statement); return NULL; } return result_list; } static int db_backend_sqlite_update(void* data, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; const db_object_field_t* object_field; const db_object_field_t* revision_field = NULL; const db_clause_t* clause; const db_clause_t* revision_clause = NULL; sqlite3_int64 revision_number = -1; const db_value_t* value; char sql[4*1024]; char* sqlp; int ret, left, bind, first; sqlite3_stmt* statement = NULL; size_t value_pos; int to_int; sqlite3_int64 to_int64; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } if (revision_field) { /* * If we have a revision field we should also have it in the clause, * find it and get the value for later use or return error if not found. */ clause = db_clause_list_begin(clause_list); while (clause) { if (!strcmp(db_clause_field(clause), db_object_field_name(revision_field))) { revision_clause = clause; break; } clause = db_clause_next(clause); } if (!revision_clause) { return DB_ERROR_UNKNOWN; } switch (db_value_type(db_clause_value(revision_clause))) { case DB_TYPE_INT32: if (db_value_to_int32(db_clause_value(revision_clause), &int32)) { return DB_ERROR_UNKNOWN; } revision_number = int32; break; case DB_TYPE_UINT32: if (db_value_to_uint32(db_clause_value(revision_clause), &uint32)) { return DB_ERROR_UNKNOWN; } revision_number = uint32; break; case DB_TYPE_INT64: if (db_value_to_int64(db_clause_value(revision_clause), &int64)) { return DB_ERROR_UNKNOWN; } revision_number = int64; break; case DB_TYPE_UINT64: if (db_value_to_uint64(db_clause_value(revision_clause), &uint64)) { return DB_ERROR_UNKNOWN; } revision_number = uint64; break; default: return DB_ERROR_UNKNOWN; } } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "UPDATE %s SET", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; /* * Build the update SQL from the object_field_list. */ object_field = db_object_field_list_begin(object_field_list); first = 1; while (object_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s = ?", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s = ?", db_object_field_name(object_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; object_field = db_object_field_next(object_field); } /* * Add a new revision if we have any. */ if (revision_field) { if (first) { if ((ret = snprintf(sqlp, left, " %s = ?", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } first = 0; } else { if ((ret = snprintf(sqlp, left, ", %s = ?", db_object_field_name(revision_field))) >= left) { return DB_ERROR_UNKNOWN; } } sqlp += ret; left -= ret; } /* * Build the clauses. */ if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_sqlite_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } /* * Prepare the SQL. */ if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, sizeof(sql))) { return DB_ERROR_UNKNOWN; } /* * Bind all the values from value_set. */ bind = 1; for (value_pos = 0; value_pos < db_value_set_size(value_set); value_pos++) { if (!(value = db_value_set_at(value_set, value_pos))) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } switch (db_value_type(value)) { case DB_TYPE_INT32: if (db_value_to_int32(value, &int32)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int = int32; ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT32: if (db_value_to_uint32(value, &uint32)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int = uint32; ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_INT64: if (db_value_to_int64(value, &int64)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int64 = int64; ret = sqlite3_bind_int64(statement, bind++, to_int64); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_UINT64: if (db_value_to_uint64(value, &uint64)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } to_int64 = uint64; ret = sqlite3_bind_int64(statement, bind++, to_int64); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_TEXT: ret = sqlite3_bind_text(statement, bind++, db_value_text(value), -1, SQLITE_TRANSIENT); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; case DB_TYPE_ENUM: if (db_value_enum_value(value, &to_int)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } ret = sqlite3_bind_int(statement, bind++, to_int); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } break; default: __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } /* * Bind the new revision if we have any. */ if (revision_field) { ret = sqlite3_bind_int64(statement, bind++, revision_number + 1); if (ret != SQLITE_OK) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } /* * Bind the clauses values. */ if (clause_list) { if (__db_backend_sqlite_bind_clause(statement, clause_list, &bind)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } /* * Execute the SQL. */ if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); /* * If we are using revision we have to have a positive number of changes * otherwise its a failure. */ if (revision_field) { if (sqlite3_changes(backend_sqlite->db) < 1) { return DB_ERROR_UNKNOWN; } } return DB_OK; } static int db_backend_sqlite_delete(void* data, const db_object_t* object, const db_clause_list_t* clause_list) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; char sql[4*1024]; char* sqlp; int ret, left, bind; sqlite3_stmt* statement = NULL; const db_object_field_t* revision_field = NULL; const db_object_field_t* object_field; const db_clause_t* clause; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } /* * Check if the object has a revision field and keep it for later use. */ object_field = db_object_field_list_begin(db_object_object_field_list(object)); while (object_field) { if (db_object_field_type(object_field) == DB_TYPE_REVISION) { if (revision_field) { /* * We do not support multiple revision fields. */ return DB_ERROR_UNKNOWN; } revision_field = object_field; } object_field = db_object_field_next(object_field); } if (revision_field) { /* * If we have a revision field we should also have it in the clause, * find it or return error if not found. */ clause = db_clause_list_begin(clause_list); while (clause) { if (!strcmp(db_clause_field(clause), db_object_field_name(revision_field))) { break; } clause = db_clause_next(clause); } if (!clause) { return DB_ERROR_UNKNOWN; } } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "DELETE FROM %s", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_sqlite_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, sizeof(sql))) { return DB_ERROR_UNKNOWN; } if (clause_list) { bind = 1; if (__db_backend_sqlite_bind_clause(statement, clause_list, &bind)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); /* * If we are using revision we have to have a positive number of changes * otherwise its a failure. */ if (revision_field) { if (sqlite3_changes(backend_sqlite->db) < 1) { return DB_ERROR_UNKNOWN; } } return DB_OK; } static int db_backend_sqlite_count(void* data, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; const db_join_t* join; char sql[4*1024]; char* sqlp; int ret, left, bind; sqlite3_stmt* statement = NULL; int sqlite_count; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } left = sizeof(sql); sqlp = sql; memset(sql, 0, left); if ((ret = snprintf(sqlp, left, "SELECT COUNT(*)")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if ((ret = snprintf(sqlp, left, " FROM %s", db_object_table(object))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; if (join_list) { join = db_join_list_begin(join_list); while (join) { if ((ret = snprintf(sqlp, left, " INNER JOIN %s ON %s.%s = %s.%s", db_join_to_table(join), db_join_to_table(join), db_join_to_field(join), db_join_from_table(join), db_join_from_field(join))) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; join = db_join_next(join); } } if (clause_list) { if (db_clause_list_begin(clause_list)) { if ((ret = snprintf(sqlp, left, " WHERE")) >= left) { return DB_ERROR_UNKNOWN; } sqlp += ret; left -= ret; } if (__db_backend_sqlite_build_clause(object, clause_list, &sqlp, &left)) { return DB_ERROR_UNKNOWN; } } if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, sizeof(sql))) { return DB_ERROR_UNKNOWN; } if (clause_list) { bind = 1; if (__db_backend_sqlite_bind_clause(statement, clause_list, &bind)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } } ret = __db_backend_sqlite_step(backend_sqlite, statement); if (ret != SQLITE_DONE && ret != SQLITE_ROW) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } sqlite_count = sqlite3_column_int(statement, 0); ret = sqlite3_errcode(backend_sqlite->db); if ((ret != SQLITE_OK && ret != SQLITE_ROW && ret != SQLITE_DONE)) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } *count = sqlite_count; __db_backend_sqlite_finalize(statement); return DB_OK; } static void db_backend_sqlite_free(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; if (backend_sqlite) { if (backend_sqlite->db) { (void)db_backend_sqlite_disconnect(backend_sqlite); } free(backend_sqlite); } } static int db_backend_sqlite_transaction_begin(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; static const char* sql = "BEGIN TRANSACTION"; sqlite3_stmt* statement = NULL; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (backend_sqlite->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, strlen(sql))) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); backend_sqlite->transaction = 1; return DB_OK; } static int db_backend_sqlite_transaction_commit(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; static const char* sql = "COMMIT TRANSACTION"; sqlite3_stmt* statement = NULL; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, strlen(sql))) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); backend_sqlite->transaction = 0; return DB_OK; } static int db_backend_sqlite_transaction_rollback(void* data) { db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)data; static const char* sql = "ROLLBACK TRANSACTION"; sqlite3_stmt* statement = NULL; if (!__sqlite3_initialized) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite) { return DB_ERROR_UNKNOWN; } if (!backend_sqlite->transaction) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_prepare(backend_sqlite, &statement, sql, strlen(sql))) { return DB_ERROR_UNKNOWN; } if (__db_backend_sqlite_step(backend_sqlite, statement) != SQLITE_DONE) { __db_backend_sqlite_finalize(statement); return DB_ERROR_UNKNOWN; } __db_backend_sqlite_finalize(statement); backend_sqlite->transaction = 0; return DB_OK; } db_backend_handle_t* db_backend_sqlite_new_handle(void) { db_backend_handle_t* backend_handle = NULL; db_backend_sqlite_t* backend_sqlite = (db_backend_sqlite_t*)calloc(1, sizeof(db_backend_sqlite_t)); if (backend_sqlite && (backend_handle = db_backend_handle_new())) { if (db_backend_handle_set_data(backend_handle, (void*)backend_sqlite) || db_backend_handle_set_initialize(backend_handle, db_backend_sqlite_initialize) || db_backend_handle_set_shutdown(backend_handle, db_backend_sqlite_shutdown) || db_backend_handle_set_connect(backend_handle, db_backend_sqlite_connect) || db_backend_handle_set_disconnect(backend_handle, db_backend_sqlite_disconnect) || db_backend_handle_set_create(backend_handle, db_backend_sqlite_create) || db_backend_handle_set_read(backend_handle, db_backend_sqlite_read) || db_backend_handle_set_update(backend_handle, db_backend_sqlite_update) || db_backend_handle_set_delete(backend_handle, db_backend_sqlite_delete) || db_backend_handle_set_count(backend_handle, db_backend_sqlite_count) || db_backend_handle_set_free(backend_handle, db_backend_sqlite_free) || db_backend_handle_set_transaction_begin(backend_handle, db_backend_sqlite_transaction_begin) || db_backend_handle_set_transaction_commit(backend_handle, db_backend_sqlite_transaction_commit) || db_backend_handle_set_transaction_rollback(backend_handle, db_backend_sqlite_transaction_rollback)) { db_backend_handle_free(backend_handle); free(backend_sqlite); return NULL; } return backend_handle; } free(backend_sqlite); return NULL; } opendnssec-2.1.5/enforcer/src/db/key_data_ext.c0000644000202300020240000000671513560310771016366 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_data.h" #include "db_error.h" int key_data_cache_key_states(key_data_t* key_data) { return key_data_retrieve_key_state_list(key_data); } static const key_state_t* get_key_state(key_data_t* key_data, key_state_type_t type) { key_state_list_t* state_list; const key_state_t* state; if (!key_data) { return NULL; } if (!(state_list = key_data_key_state_list(key_data))) { return NULL; } state = key_state_list_begin(state_list); while (state) { if (key_state_type(state) == type) { break; } state = key_state_list_next(state_list); } return state; } const key_state_t* key_data_cached_ds(key_data_t* key_data) { return get_key_state(key_data, KEY_STATE_TYPE_DS); } const key_state_t* key_data_cached_rrsig(key_data_t* key_data) { return get_key_state(key_data, KEY_STATE_TYPE_RRSIG); } const key_state_t* key_data_cached_dnskey(key_data_t* key_data) { return get_key_state(key_data, KEY_STATE_TYPE_DNSKEY); } const key_state_t* key_data_cached_rrsigdnskey(key_data_t* key_data) { return get_key_state(key_data, KEY_STATE_TYPE_RRSIGDNSKEY); } key_state_t* key_data_get_cached_ds(key_data_t* key_data) { if (!key_data) { return NULL; } return key_state_new_copy(get_key_state(key_data, KEY_STATE_TYPE_DS)); } key_state_t* key_data_get_cached_rrsig(key_data_t* key_data) { if (!key_data) { return NULL; } return key_state_new_copy(get_key_state(key_data, KEY_STATE_TYPE_RRSIG)); } key_state_t* key_data_get_cached_dnskey(key_data_t* key_data) { if (!key_data) { return NULL; } return key_state_new_copy(get_key_state(key_data, KEY_STATE_TYPE_DNSKEY)); } key_state_t* key_data_get_cached_rrsigdnskey(key_data_t* key_data) { if (!key_data) { return NULL; } return key_state_new_copy(get_key_state(key_data, KEY_STATE_TYPE_RRSIGDNSKEY)); } const hsm_key_t* key_data_cached_hsm_key(const key_data_t* key_data) { return key_data_hsm_key(key_data); } opendnssec-2.1.5/enforcer/src/db/key_data.h0000644000202300020240000005453713560311035015512 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_data_h #define __key_data_h #include "db_object.h" struct key_data; struct key_data_list; typedef struct key_data key_data_t; typedef struct key_data_list key_data_list_t; typedef enum key_data_role { KEY_DATA_ROLE_INVALID = -1, KEY_DATA_ROLE_KSK = 1, KEY_DATA_ROLE_ZSK = 2, KEY_DATA_ROLE_CSK = 3 } key_data_role_t; extern const db_enum_t key_data_enum_set_role[]; typedef enum key_data_ds_at_parent { KEY_DATA_DS_AT_PARENT_INVALID = -1, KEY_DATA_DS_AT_PARENT_UNSUBMITTED = 0, KEY_DATA_DS_AT_PARENT_SUBMIT = 1, KEY_DATA_DS_AT_PARENT_SUBMITTED = 2, KEY_DATA_DS_AT_PARENT_SEEN = 3, KEY_DATA_DS_AT_PARENT_RETRACT = 4, KEY_DATA_DS_AT_PARENT_RETRACTED = 5 } key_data_ds_at_parent_t; extern const db_enum_t key_data_enum_set_ds_at_parent[]; #include "key_data_ext.h" #include "zone_db.h" #include "hsm_key.h" /** * A key data object. */ struct key_data { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t zone_id; const zone_db_t* associated_zone_id; zone_db_t* private_zone_id; db_value_t hsm_key_id; const hsm_key_t* associated_hsm_key_id; hsm_key_t* private_hsm_key_id; unsigned int algorithm; unsigned int inception; key_data_role_t role; unsigned int introducing; unsigned int should_revoke; unsigned int standby; unsigned int active_zsk; unsigned int publish; unsigned int active_ksk; key_data_ds_at_parent_t ds_at_parent; unsigned int keytag; unsigned int minimize; key_state_list_t* key_state_list; }; /** * Create a new key data object. * \param[in] connection a db_connection_t pointer. * \return a key_data_t pointer or NULL on error. */ key_data_t* key_data_new(const db_connection_t* connection); /** * Create a new key data object that is a copy of another key data object. * \param[in] key_data a key_data_t pointer. * \return a key_data_t pointer or NULL on error. */ key_data_t* key_data_new_copy(const key_data_t* key_data); /** * Delete a key data object, this does not delete it from the database. * \param[in] key_data a key_data_t pointer. */ void key_data_free(key_data_t* key_data); /** * Copy the content of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] key_data_copy a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_copy(key_data_t* key_data, const key_data_t* key_data_copy); /** * Compare two key data objects and return less than, equal to, * or greater than zero if A is found, respectively, to be less than, to match, * or be greater than B. * \param[in] key_data_a a key_data_t pointer. * \param[in] key_data_b a key_data_t pointer. * \return less than, equal to, or greater than zero if A is found, respectively, * to be less than, to match, or be greater than B. */ int key_data_cmp(const key_data_t* key_data_a, const key_data_t* key_data_b); /** * Set the content of a key data object based on a database result. * \param[in] key_data a key_data_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_from_result(key_data_t* key_data, const db_result_t* result); /** * Get the id of a key data object. * \param[in] key_data a key_data_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_data_id(const key_data_t* key_data); /** * Get the zone_id of a key data object. * \param[in] key_data a key_data_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_data_zone_id(const key_data_t* key_data); /** * Get the zone_id object related to a key data object. * The caller will be given ownership of this object and is responsible for freeing it. * \param[in] key_data a key_data_t pointer. * \return a zone_db_t pointer or NULL on error or if no object could be found. */ zone_db_t* key_data_get_zone(const key_data_t* key_data); /** * Get the hsm_key_id of a key data object. * \param[in] key_data a key_data_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_data_hsm_key_id(const key_data_t* key_data); /** * Cache the hsm_key_id object related to a key data object. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_cache_hsm_key(key_data_t* key_data); /** * Get the hsm_key_id object related to a key data object. * \param[in] key_data a key_data_t pointer. * \return a hsm_key_t pointer or NULL on error or if no object could be found. */ const hsm_key_t* key_data_hsm_key(const key_data_t* key_data); /** * Get the hsm_key_id object related to a key data object. * The caller will be given ownership of this object and is responsible for freeing it. * \param[in] key_data a key_data_t pointer. * \return a hsm_key_t pointer or NULL on error or if no object could be found. */ hsm_key_t* key_data_get_hsm_key(const key_data_t* key_data); /** * Get the algorithm of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_algorithm(const key_data_t* key_data); /** * Get the inception of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_inception(const key_data_t* key_data); /** * Get the role of a key data object. * \param[in] key_data a key_data_t pointer. * \return a key_data_role_t which may be KEY_DATA_ROLE_INVALID on error or if no role has been set. */ key_data_role_t key_data_role(const key_data_t* key_data); /** * Get the role as text of a key data object. * \param[in] key_data a key_data_t pointer. * \return a character pointer or NULL on error or if no role has been set. */ const char* key_data_role_text(const key_data_t* key_data); /** * Get the introducing of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_introducing(const key_data_t* key_data); /** * Get the active_zsk of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_active_zsk(const key_data_t* key_data); /** * Get the publish of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_publish(const key_data_t* key_data); /** * Get the active_ksk of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_active_ksk(const key_data_t* key_data); /** * Get the ds_at_parent of a key data object. * \param[in] key_data a key_data_t pointer. * \return a key_data_ds_at_parent_t which may be KEY_DATA_DS_AT_PARENT_INVALID on error or if no ds_at_parent has been set. */ key_data_ds_at_parent_t key_data_ds_at_parent(const key_data_t* key_data); /** * Get the keytag of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_keytag(const key_data_t* key_data); /** * Get the minimize of a key data object. Undefined behavior if `key_data` is NULL. * \param[in] key_data a key_data_t pointer. * \return an unsigned integer. */ unsigned int key_data_minimize(const key_data_t* key_data); /** * Get the key_state objects related to a key data object. * \param[in] key_data a key_data_t pointer. * \return a key_state_list_t pointer or NULL on error. */ key_state_list_t* key_data_key_state_list(key_data_t* key_data); /** * Retrieve key_state objects related to a key data object. * Use key_data_key_state_list() to get the list afterwards. * This will refetch objects if already retrieved. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_retrieve_key_state_list(key_data_t* key_data); /** * Set the zone_id of a key data object. If this fails the original value may have been lost. * \param[in] key_data a key_data_t pointer. * \param[in] zone_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_zone_id(key_data_t* key_data, const db_value_t* zone_id); /** * Set the hsm_key_id of a key data object. If this fails the original value may have been lost. * \param[in] key_data a key_data_t pointer. * \param[in] hsm_key_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_hsm_key_id(key_data_t* key_data, const db_value_t* hsm_key_id); /** * Set the algorithm of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] algorithm an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_algorithm(key_data_t* key_data, unsigned int algorithm); /** * Set the inception of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] inception an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_inception(key_data_t* key_data, unsigned int inception); /** * Set the role of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] role a key_data_role_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_role(key_data_t* key_data, key_data_role_t role); /** * Set the introducing of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] introducing an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_introducing(key_data_t* key_data, unsigned int introducing); /** * Set the active_zsk of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] active_zsk an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_active_zsk(key_data_t* key_data, unsigned int active_zsk); /** * Set the publish of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] publish an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_publish(key_data_t* key_data, unsigned int publish); /** * Set the active_ksk of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] active_ksk an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_active_ksk(key_data_t* key_data, unsigned int active_ksk); /** * Set the ds_at_parent of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] ds_at_parent a key_data_ds_at_parent_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_ds_at_parent(key_data_t* key_data, key_data_ds_at_parent_t ds_at_parent); /** * Set the keytag of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] keytag an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_keytag(key_data_t* key_data, unsigned int keytag); /** * Set the minimize of a key data object. * \param[in] key_data a key_data_t pointer. * \param[in] minimize an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_set_minimize(key_data_t* key_data, unsigned int minimize); /** * Create a clause for zone_id of a key data object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] zone_id a db_value_t pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_data_zone_id_clause(db_clause_list_t* clause_list, const db_value_t* zone_id); /** * Create a clause for hsm_key_id of a key data object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] hsm_key_id a db_value_t pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_data_hsm_key_id_clause(db_clause_list_t* clause_list, const db_value_t* hsm_key_id); /** * Create a clause for role of a key data object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] role a key_data_role_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_data_role_clause(db_clause_list_t* clause_list, key_data_role_t role); /** * Create a clause for ds_at_parent of a key data object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] ds_at_parent a key_data_ds_at_parent_t. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_data_ds_at_parent_clause(db_clause_list_t* clause_list, key_data_ds_at_parent_t ds_at_parent); /** * Create a clause for keytag of a key data object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] keytag an unsigned integer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* key_data_keytag_clause(db_clause_list_t* clause_list, unsigned int keytag); /** * Create a key data object in the database. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_create(key_data_t* key_data); /** * Get a key data object from the database by a id specified in `id`. * \param[in] key_data a key_data_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_get_by_id(key_data_t* key_data, const db_value_t* id); /** * Update a key data object in the database. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_update(key_data_t* key_data); /** * Delete a key data object from the database. * \param[in] key_data a key_data_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_delete(key_data_t* key_data); /** * Count the number of key data objects in the database, if a selection of * objects should be counted then it can be limited by a database clause list * otherwise all objects are counted. * \param[in] key_data a key_data_t pointer. * \param[in] clause_list a db_clause_list_t pointer or NULL if all objects. * \param[out] count a size_t pointer to where the count should be stored. * should be counted. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_count(key_data_t* key_data, db_clause_list_t* clause_list, size_t* count); /** * A list of key data objects. */ struct key_data_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; key_data_t* key_data; int object_store; key_data_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; zone_list_db_t* zone_id_list; hsm_key_list_t* hsm_key_id_list; }; /** * Create a new key data object list. * \param[in] connection a db_connection_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* key_data_list_new(const db_connection_t* connection); /** * Create a new key data object list that is a copy of another. * \param[in] key_data_list a key_data_list_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* key_data_list_new_copy(const key_data_list_t* key_data_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] key_data_list a key_data_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_list_object_store(key_data_list_t* key_data_list); /** * Delete a key data object list. * \param[in] key_data_list a key_data_list_t pointer. */ void key_data_list_free(key_data_list_t* key_data_list); /** * Copy the content of another key data object list. * \param[in] key_data_list a key_data_list_t pointer. * \param[in] from_key_data_list a key_data_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_list_copy(key_data_list_t* key_data_list, const key_data_list_t* from_key_data_list); /** * Get all key data objects. * \param[in] key_data_list a key_data_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_list_get(key_data_list_t* key_data_list); /** * Get a new list with all key data objects. * \param[in] connection a db_connection_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* key_data_list_new_get(const db_connection_t* connection); /** * Get key data objects from the database by a clause list. * \param[in] key_data_list a key_data_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_list_get_by_clauses(key_data_list_t* key_data_list, const db_clause_list_t* clause_list); /** * Get a new list of key data objects from the database by a clause list. * \param[in] connection a db_connection_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* key_data_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list); /** * Get key data objects from the database by a zone_id specified in `zone_id`. * \param[in] key_data_list a key_data_list_t pointer. * \param[in] zone_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_data_list_get_by_zone_id(key_data_list_t* key_data_list, const db_value_t* zone_id); /** * Get a new list of key data objects from the database by a zone_id specified in `zone_id`. * \param[in] connection a db_connection_t pointer. * \param[in] zone_id a db_value_t pointer. * \return a key_data_list_t pointer or NULL on error. */ key_data_list_t* key_data_list_new_get_by_zone_id(const db_connection_t* connection, const db_value_t* zone_id); /** * Get the first key data object in a key data object list and reset the * position of the list. * \param[in] key_data_list a key_data_list_t pointer. * \return a key_data_t pointer or NULL on error or if there are no * key data objects in the key data object list. */ const key_data_t* key_data_list_begin(key_data_list_t* key_data_list); /** * Get the first key data object in a key data object list and reset the * position of the list. The caller will be given ownership of this object and * is responsible for freeing it. * \param[in] key_data_list a key_data_list_t pointer. * \return a key_data_t pointer or NULL on error or if there are no * key data objects in the key data object list. */ key_data_t* key_data_list_get_begin(key_data_list_t* key_data_list); /** * Get the next key data object in a key data object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] key_data_list a key_data_list_t pointer. * \return a key_data_t pointer or NULL on error or if there are no more * key data objects in the key data object list. */ const key_data_t* key_data_list_next(key_data_list_t* key_data_list); /** * Get the next key data object in a key data object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] key_data_list a key_data_list_t pointer. * \return a key_data_t pointer or NULL on error or if there are no more * key data objects in the key data object list. */ key_data_t* key_data_list_get_next(key_data_list_t* key_data_list); /** * Get the size of a key data object list. * \param[in] key_data_list a key_data_list_t pointer. * \return a size_t with the size of the list or zero on error, if the list is * empty or if the backend does not support returning the size. */ size_t key_data_list_size(key_data_list_t* key_data_list); key_data_t* key_data_new_get_by_hsm_key_id (const db_connection_t* connection, const db_value_t* hsm_key_id); int key_data_get_by_hsm_key_id (key_data_t* key_data, const db_value_t* hsm_key_id); #endif opendnssec-2.1.5/enforcer/src/db/key_dependency.c0000644000202300020240000013657113560311035016711 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_dependency.h" #include "db_error.h" #include const db_enum_t key_dependency_enum_set_type[] = { { "DS", (key_dependency_type_t)KEY_DEPENDENCY_TYPE_DS }, { "RRSIG", (key_dependency_type_t)KEY_DEPENDENCY_TYPE_RRSIG }, { "DNSKEY", (key_dependency_type_t)KEY_DEPENDENCY_TYPE_DNSKEY }, { "RRSIGDNSKEY", (key_dependency_type_t)KEY_DEPENDENCY_TYPE_RRSIGDNSKEY }, { NULL, 0 } }; /** * Create a new key dependency object. * \param[in] connection a db_connection_t pointer. * \return a key_dependency_t pointer or NULL on error. */ static db_object_t* __key_dependency_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "keyDependency") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "fromKeyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "toKeyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "type") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_dependency_enum_set_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* KEY DEPENDENCY */ key_dependency_t* key_dependency_new(const db_connection_t* connection) { key_dependency_t* key_dependency = (key_dependency_t*)calloc(1, sizeof(key_dependency_t)); if (key_dependency) { if (!(key_dependency->dbo = __key_dependency_new_object(connection))) { free(key_dependency); return NULL; } db_value_reset(&(key_dependency->id)); db_value_reset(&(key_dependency->rev)); db_value_reset(&(key_dependency->zone_id)); db_value_reset(&(key_dependency->from_key_data_id)); db_value_reset(&(key_dependency->to_key_data_id)); key_dependency->type = KEY_DEPENDENCY_TYPE_INVALID; } return key_dependency; } key_dependency_t* key_dependency_new_copy(const key_dependency_t* key_dependency) { key_dependency_t* new_key_dependency; if (!key_dependency) { return NULL; } if (!key_dependency->dbo) { return NULL; } if (!(new_key_dependency = key_dependency_new(db_object_connection(key_dependency->dbo))) || key_dependency_copy(new_key_dependency, key_dependency)) { key_dependency_free(new_key_dependency); return NULL; } return new_key_dependency; } void key_dependency_free(key_dependency_t* key_dependency) { if (key_dependency) { if (key_dependency->dbo) { db_object_free(key_dependency->dbo); } db_value_reset(&(key_dependency->id)); db_value_reset(&(key_dependency->rev)); db_value_reset(&(key_dependency->zone_id)); if (key_dependency->private_zone_id) { zone_db_free(key_dependency->private_zone_id); } db_value_reset(&(key_dependency->from_key_data_id)); if (key_dependency->private_from_key_data_id) { key_data_free(key_dependency->private_from_key_data_id); } db_value_reset(&(key_dependency->to_key_data_id)); if (key_dependency->private_to_key_data_id) { key_data_free(key_dependency->private_to_key_data_id); } free(key_dependency); } } int key_dependency_copy(key_dependency_t* key_dependency, const key_dependency_t* key_dependency_copy) { if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!key_dependency_copy) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_dependency->id), &(key_dependency_copy->id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_dependency->rev), &(key_dependency_copy->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_dependency->zone_id), &(key_dependency_copy->zone_id))) { return DB_ERROR_UNKNOWN; } if (key_dependency->private_zone_id) { zone_db_free(key_dependency->private_zone_id); key_dependency->private_zone_id = NULL; } if (key_dependency_copy->private_zone_id && !(key_dependency->private_zone_id = zone_db_new_copy(key_dependency_copy->private_zone_id))) { return DB_ERROR_UNKNOWN; } key_dependency->associated_zone_id = NULL; if (!key_dependency_copy->private_zone_id && key_dependency_copy->associated_zone_id && !(key_dependency->private_zone_id = zone_db_new_copy(key_dependency_copy->associated_zone_id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_dependency->from_key_data_id), &(key_dependency_copy->from_key_data_id))) { return DB_ERROR_UNKNOWN; } if (key_dependency->private_from_key_data_id) { key_data_free(key_dependency->private_from_key_data_id); key_dependency->private_from_key_data_id = NULL; } if (key_dependency_copy->private_from_key_data_id && !(key_dependency->private_from_key_data_id = key_data_new_copy(key_dependency_copy->private_from_key_data_id))) { return DB_ERROR_UNKNOWN; } key_dependency->associated_from_key_data_id = NULL; if (!key_dependency_copy->private_from_key_data_id && key_dependency_copy->associated_from_key_data_id && !(key_dependency->private_from_key_data_id = key_data_new_copy(key_dependency_copy->associated_from_key_data_id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_dependency->to_key_data_id), &(key_dependency_copy->to_key_data_id))) { return DB_ERROR_UNKNOWN; } if (key_dependency->private_to_key_data_id) { key_data_free(key_dependency->private_to_key_data_id); key_dependency->private_to_key_data_id = NULL; } if (key_dependency_copy->private_to_key_data_id && !(key_dependency->private_to_key_data_id = key_data_new_copy(key_dependency_copy->private_to_key_data_id))) { return DB_ERROR_UNKNOWN; } key_dependency->associated_to_key_data_id = NULL; if (!key_dependency_copy->private_to_key_data_id && key_dependency_copy->associated_to_key_data_id && !(key_dependency->private_to_key_data_id = key_data_new_copy(key_dependency_copy->associated_to_key_data_id))) { return DB_ERROR_UNKNOWN; } key_dependency->type = key_dependency_copy->type; return DB_OK; } int key_dependency_from_result(key_dependency_t* key_dependency, const db_result_t* result) { const db_value_set_t* value_set; int type; if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_dependency->id)); db_value_reset(&(key_dependency->rev)); db_value_reset(&(key_dependency->zone_id)); db_value_reset(&(key_dependency->from_key_data_id)); db_value_reset(&(key_dependency->to_key_data_id)); if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 6 || db_value_copy(&(key_dependency->id), db_value_set_at(value_set, 0)) || db_value_copy(&(key_dependency->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(key_dependency->zone_id), db_value_set_at(value_set, 2)) || db_value_copy(&(key_dependency->from_key_data_id), db_value_set_at(value_set, 3)) || db_value_copy(&(key_dependency->to_key_data_id), db_value_set_at(value_set, 4)) || db_value_to_enum_value(db_value_set_at(value_set, 5), &type, key_dependency_enum_set_type)) { return DB_ERROR_UNKNOWN; } if (type == (key_dependency_type_t)KEY_DEPENDENCY_TYPE_DS) { key_dependency->type = KEY_DEPENDENCY_TYPE_DS; } else if (type == (key_dependency_type_t)KEY_DEPENDENCY_TYPE_RRSIG) { key_dependency->type = KEY_DEPENDENCY_TYPE_RRSIG; } else if (type == (key_dependency_type_t)KEY_DEPENDENCY_TYPE_DNSKEY) { key_dependency->type = KEY_DEPENDENCY_TYPE_DNSKEY; } else if (type == (key_dependency_type_t)KEY_DEPENDENCY_TYPE_RRSIGDNSKEY) { key_dependency->type = KEY_DEPENDENCY_TYPE_RRSIGDNSKEY; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* key_dependency_zone_id(const key_dependency_t* key_dependency) { if (!key_dependency) { return NULL; } return &(key_dependency->zone_id); } const db_value_t* key_dependency_from_key_data_id(const key_dependency_t* key_dependency) { if (!key_dependency) { return NULL; } return &(key_dependency->from_key_data_id); } key_data_t* key_dependency_get_from_key_data(const key_dependency_t* key_dependency) { key_data_t* from_key_data_id = NULL; if (!key_dependency) { return NULL; } if (!key_dependency->dbo) { return NULL; } if (db_value_not_empty(&(key_dependency->from_key_data_id))) { return NULL; } if (!(from_key_data_id = key_data_new(db_object_connection(key_dependency->dbo)))) { return NULL; } if (key_dependency->private_from_key_data_id) { if (key_data_copy(from_key_data_id, key_dependency->private_from_key_data_id)) { key_data_free(from_key_data_id); return NULL; } } else if (key_dependency->associated_from_key_data_id) { if (key_data_copy(from_key_data_id, key_dependency->associated_from_key_data_id)) { key_data_free(from_key_data_id); return NULL; } } else { if (key_data_get_by_id(from_key_data_id, &(key_dependency->from_key_data_id))) { key_data_free(from_key_data_id); return NULL; } } return from_key_data_id; } const db_value_t* key_dependency_to_key_data_id(const key_dependency_t* key_dependency) { if (!key_dependency) { return NULL; } return &(key_dependency->to_key_data_id); } key_dependency_type_t key_dependency_type(const key_dependency_t* key_dependency) { if (!key_dependency) { return KEY_DEPENDENCY_TYPE_INVALID; } return key_dependency->type; } int key_dependency_set_zone_id(key_dependency_t* key_dependency, const db_value_t* zone_id) { if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!zone_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(zone_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_dependency->zone_id)); if (db_value_copy(&(key_dependency->zone_id), zone_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_dependency_set_from_key_data_id(key_dependency_t* key_dependency, const db_value_t* from_key_data_id) { if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!from_key_data_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(from_key_data_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_dependency->from_key_data_id)); if (db_value_copy(&(key_dependency->from_key_data_id), from_key_data_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_dependency_set_to_key_data_id(key_dependency_t* key_dependency, const db_value_t* to_key_data_id) { if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!to_key_data_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(to_key_data_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_dependency->to_key_data_id)); if (db_value_copy(&(key_dependency->to_key_data_id), to_key_data_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_dependency_set_type(key_dependency_t* key_dependency, key_dependency_type_t type) { if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (type == KEY_DEPENDENCY_TYPE_INVALID) { return DB_ERROR_UNKNOWN; } key_dependency->type = type; return DB_OK; } int key_dependency_create(key_dependency_t* key_dependency) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!key_dependency->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_dependency->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_dependency->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_dependency->zone_id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_dependency->from_key_data_id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_dependency->to_key_data_id))) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "fromKeyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "toKeyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "type") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_dependency_enum_set_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(4))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(key_dependency->zone_id)) || db_value_copy(db_value_set_get(value_set, 1), &(key_dependency->from_key_data_id)) || db_value_copy(db_value_set_get(value_set, 2), &(key_dependency->to_key_data_id)) || db_value_from_enum_value(db_value_set_get(value_set, 3), key_dependency->type, key_dependency_enum_set_type)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(key_dependency->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int key_dependency_get_by_id(key_dependency_t* key_dependency, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!key_dependency->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(key_dependency->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (key_dependency_from_result(key_dependency, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int key_dependency_delete(key_dependency_t* key_dependency) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!key_dependency) { return DB_ERROR_UNKNOWN; } if (!key_dependency->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_dependency->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_dependency->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_dependency->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(key_dependency->dbo, clause_list); db_clause_list_free(clause_list); return ret; } /* KEY DEPENDENCY LIST */ key_dependency_list_t* key_dependency_list_new(const db_connection_t* connection) { key_dependency_list_t* key_dependency_list = (key_dependency_list_t*)calloc(1, sizeof(key_dependency_list_t)); if (key_dependency_list) { if (!(key_dependency_list->dbo = __key_dependency_new_object(connection))) { free(key_dependency_list); return NULL; } } return key_dependency_list; } key_dependency_list_t* key_dependency_list_new_copy(const key_dependency_list_t* from_key_dependency_list) { key_dependency_list_t* key_dependency_list; if (!from_key_dependency_list) { return NULL; } if (!from_key_dependency_list->dbo) { return NULL; } if (!(key_dependency_list = key_dependency_list_new(db_object_connection(from_key_dependency_list->dbo))) || key_dependency_list_copy(key_dependency_list, from_key_dependency_list)) { key_dependency_list_free(key_dependency_list); return NULL; } return key_dependency_list; } int key_dependency_list_object_store(key_dependency_list_t* key_dependency_list) { if (!key_dependency_list) { return DB_ERROR_UNKNOWN; } key_dependency_list->object_store = 1; return DB_OK; } void key_dependency_list_free(key_dependency_list_t* key_dependency_list) { size_t i; if (key_dependency_list) { if (key_dependency_list->dbo) { db_object_free(key_dependency_list->dbo); } if (key_dependency_list->result_list) { db_result_list_free(key_dependency_list->result_list); } if (key_dependency_list->key_dependency) { key_dependency_free(key_dependency_list->key_dependency); } for (i = 0; i < key_dependency_list->object_list_size; i++) { if (key_dependency_list->object_list[i]) { key_dependency_free(key_dependency_list->object_list[i]); } } if (key_dependency_list->object_list) { free(key_dependency_list->object_list); } if (key_dependency_list->zone_id_list) { zone_list_db_free(key_dependency_list->zone_id_list); } if (key_dependency_list->from_key_data_id_list) { key_data_list_free(key_dependency_list->from_key_data_id_list); } if (key_dependency_list->to_key_data_id_list) { key_data_list_free(key_dependency_list->to_key_data_id_list); } free(key_dependency_list); } } int key_dependency_list_copy(key_dependency_list_t* key_dependency_list, const key_dependency_list_t* from_key_dependency_list) { size_t i; if (!key_dependency_list) { return DB_ERROR_UNKNOWN; } if (!from_key_dependency_list) { return DB_ERROR_UNKNOWN; } if (from_key_dependency_list->object_list && !from_key_dependency_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (key_dependency_list->result_list) { db_result_list_free(key_dependency_list->result_list); key_dependency_list->result_list = NULL; } if (from_key_dependency_list->result_list && !(key_dependency_list->result_list = db_result_list_new_copy(from_key_dependency_list->result_list))) { return DB_ERROR_UNKNOWN; } key_dependency_list->object_store = from_key_dependency_list->object_store; for (i = 0; i < key_dependency_list->object_list_size; i++) { if (key_dependency_list->object_list[i]) { key_dependency_free(key_dependency_list->object_list[i]); } } key_dependency_list->object_list_size = 0; if (key_dependency_list->object_list) { free(key_dependency_list->object_list); key_dependency_list->object_list = NULL; } if (from_key_dependency_list->object_list) { if (!(key_dependency_list->object_list = (key_dependency_t**)calloc(from_key_dependency_list->object_list_size, sizeof(key_dependency_t*)))) { return DB_ERROR_UNKNOWN; } key_dependency_list->object_list_size = from_key_dependency_list->object_list_size; for (i = 0; i < from_key_dependency_list->object_list_size; i++) { if (!from_key_dependency_list->object_list[i]) { continue; } if (!(key_dependency_list->object_list[i] = key_dependency_new_copy(from_key_dependency_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } key_dependency_list->object_list_position = 0;; key_dependency_list->object_list_first = 1; key_dependency_list->associated_fetch = from_key_dependency_list->associated_fetch; if (from_key_dependency_list->zone_id_list && !(key_dependency_list->zone_id_list = zone_list_db_new_copy(from_key_dependency_list->zone_id_list))) { return DB_ERROR_UNKNOWN; } if (from_key_dependency_list->from_key_data_id_list && !(key_dependency_list->from_key_data_id_list = key_data_list_new_copy(from_key_dependency_list->from_key_data_id_list))) { return DB_ERROR_UNKNOWN; } if (from_key_dependency_list->to_key_data_id_list && !(key_dependency_list->to_key_data_id_list = key_data_list_new_copy(from_key_dependency_list->to_key_data_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int key_dependency_list_get_associated(key_dependency_list_t* key_dependency_list) { const db_clause_t* clause_walk; const zone_db_t* zone_zone_id; const key_data_t* key_data_from_key_data_id; const key_data_t* key_data_to_key_data_id; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const key_dependency_t* key_dependency; if (!key_dependency_list) { return DB_ERROR_UNKNOWN; } if (!key_dependency_list->dbo) { return DB_ERROR_UNKNOWN; } if (!key_dependency_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!key_dependency_list->result_list) { return DB_ERROR_UNKNOWN; } if (key_dependency_list->object_list) { return DB_ERROR_UNKNOWN; } if (key_dependency_list->zone_id_list) { zone_list_db_free(key_dependency_list->zone_id_list); key_dependency_list->zone_id_list = NULL; } if (key_dependency_list->from_key_data_id_list) { key_data_list_free(key_dependency_list->from_key_data_id_list); key_dependency_list->from_key_data_id_list = NULL; } if (key_dependency_list->to_key_data_id_list) { key_data_list_free(key_dependency_list->to_key_data_id_list); key_dependency_list->to_key_data_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_dependency = key_dependency_list_begin(key_dependency_list); while (key_dependency) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_dependency_zone_id(key_dependency), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_dependency_zone_id(key_dependency)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_dependency = key_dependency_list_next(key_dependency_list); } if (!(key_dependency_list->zone_id_list = zone_list_db_new(db_object_connection(key_dependency_list->dbo))) || zone_list_db_object_store(key_dependency_list->zone_id_list) || zone_list_db_get_by_clauses(key_dependency_list->zone_id_list, clause_list)) { if (key_dependency_list->zone_id_list) { zone_list_db_free(key_dependency_list->zone_id_list); key_dependency_list->zone_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_dependency_list->object_list_size; i++) { if (!(key_dependency_list->object_list[i])) { return DB_ERROR_UNKNOWN; } zone_zone_id = zone_list_db_begin(key_dependency_list->zone_id_list); while (zone_zone_id) { if (db_value_cmp(key_dependency_zone_id(key_dependency_list->object_list[i]), zone_db_id(zone_zone_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_dependency_list->object_list[i]->associated_zone_id = zone_zone_id; } zone_zone_id = zone_list_db_next(key_dependency_list->zone_id_list); } } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_dependency = key_dependency_list_begin(key_dependency_list); while (key_dependency) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_dependency_from_key_data_id(key_dependency), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_dependency_from_key_data_id(key_dependency)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_dependency = key_dependency_list_next(key_dependency_list); } if (!(key_dependency_list->from_key_data_id_list = key_data_list_new(db_object_connection(key_dependency_list->dbo))) || key_data_list_object_store(key_dependency_list->from_key_data_id_list) || key_data_list_get_by_clauses(key_dependency_list->from_key_data_id_list, clause_list)) { if (key_dependency_list->from_key_data_id_list) { key_data_list_free(key_dependency_list->from_key_data_id_list); key_dependency_list->from_key_data_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_dependency_list->object_list_size; i++) { if (!(key_dependency_list->object_list[i])) { return DB_ERROR_UNKNOWN; } key_data_from_key_data_id = key_data_list_begin(key_dependency_list->from_key_data_id_list); while (key_data_from_key_data_id) { if (db_value_cmp(key_dependency_from_key_data_id(key_dependency_list->object_list[i]), key_data_id(key_data_from_key_data_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_dependency_list->object_list[i]->associated_from_key_data_id = key_data_from_key_data_id; } key_data_from_key_data_id = key_data_list_next(key_dependency_list->from_key_data_id_list); } } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_dependency = key_dependency_list_begin(key_dependency_list); while (key_dependency) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_dependency_to_key_data_id(key_dependency), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_dependency_to_key_data_id(key_dependency)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_dependency = key_dependency_list_next(key_dependency_list); } if (!(key_dependency_list->to_key_data_id_list = key_data_list_new(db_object_connection(key_dependency_list->dbo))) || key_data_list_object_store(key_dependency_list->to_key_data_id_list) || key_data_list_get_by_clauses(key_dependency_list->to_key_data_id_list, clause_list)) { if (key_dependency_list->to_key_data_id_list) { key_data_list_free(key_dependency_list->to_key_data_id_list); key_dependency_list->to_key_data_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_dependency_list->object_list_size; i++) { if (!(key_dependency_list->object_list[i])) { return DB_ERROR_UNKNOWN; } key_data_to_key_data_id = key_data_list_begin(key_dependency_list->to_key_data_id_list); while (key_data_to_key_data_id) { if (db_value_cmp(key_dependency_to_key_data_id(key_dependency_list->object_list[i]), key_data_id(key_data_to_key_data_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_dependency_list->object_list[i]->associated_to_key_data_id = key_data_to_key_data_id; } key_data_to_key_data_id = key_data_list_next(key_dependency_list->to_key_data_id_list); } } key_dependency_list->object_list_first = 1; return DB_OK; } int key_dependency_list_get_by_clauses(key_dependency_list_t* key_dependency_list, const db_clause_list_t* clause_list) { size_t i; if (!key_dependency_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!key_dependency_list->dbo) { return DB_ERROR_UNKNOWN; } if (key_dependency_list->result_list) { db_result_list_free(key_dependency_list->result_list); } if (key_dependency_list->object_list_size) { for (i = 0; i < key_dependency_list->object_list_size; i++) { if (key_dependency_list->object_list[i]) { key_dependency_free(key_dependency_list->object_list[i]); } } key_dependency_list->object_list_size = 0; key_dependency_list->object_list_first = 0; } if (key_dependency_list->object_list) { free(key_dependency_list->object_list); key_dependency_list->object_list = NULL; } if (!(key_dependency_list->result_list = db_object_read(key_dependency_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_dependency_list->result_list)) { return DB_ERROR_UNKNOWN; } if (key_dependency_list->associated_fetch && key_dependency_list_get_associated(key_dependency_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_dependency_list_get_by_zone_id(key_dependency_list_t* key_dependency_list, const db_value_t* zone_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!key_dependency_list) { return DB_ERROR_UNKNOWN; } if (!key_dependency_list->dbo) { return DB_ERROR_UNKNOWN; } if (!zone_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(zone_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "zoneId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), zone_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (key_dependency_list->result_list) { db_result_list_free(key_dependency_list->result_list); } if (key_dependency_list->object_list_size) { for (i = 0; i < key_dependency_list->object_list_size; i++) { if (key_dependency_list->object_list[i]) { key_dependency_free(key_dependency_list->object_list[i]); } } key_dependency_list->object_list_size = 0; key_dependency_list->object_list_first = 0; } if (key_dependency_list->object_list) { free(key_dependency_list->object_list); key_dependency_list->object_list = NULL; } if (!(key_dependency_list->result_list = db_object_read(key_dependency_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_dependency_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (key_dependency_list->associated_fetch && key_dependency_list_get_associated(key_dependency_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } key_dependency_list_t* key_dependency_list_new_get_by_zone_id(const db_connection_t* connection, const db_value_t* zone_id) { key_dependency_list_t* key_dependency_list; if (!connection) { return NULL; } if (!zone_id) { return NULL; } if (db_value_not_empty(zone_id)) { return NULL; } if (!(key_dependency_list = key_dependency_list_new(connection)) || key_dependency_list_get_by_zone_id(key_dependency_list, zone_id)) { key_dependency_list_free(key_dependency_list); return NULL; } return key_dependency_list; } const key_dependency_t* key_dependency_list_begin(key_dependency_list_t* key_dependency_list) { const db_result_t* result; if (!key_dependency_list) { return NULL; } if (key_dependency_list->object_store) { if (!key_dependency_list->object_list) { if (!key_dependency_list->result_list) { return NULL; } if (!db_result_list_size(key_dependency_list->result_list)) { return NULL; } if (!(key_dependency_list->object_list = (key_dependency_t**)calloc(db_result_list_size(key_dependency_list->result_list), sizeof(key_dependency_t*)))) { return NULL; } key_dependency_list->object_list_size = db_result_list_size(key_dependency_list->result_list); } if (!(key_dependency_list->object_list[0])) { if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_dependency_list->result_list))) { return NULL; } if (!(key_dependency_list->object_list[0] = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_from_result(key_dependency_list->object_list[0], result)) { return NULL; } } key_dependency_list->object_list_position = 0; return key_dependency_list->object_list[0]; } if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_dependency_list->result_list))) { return NULL; } if (!key_dependency_list->key_dependency) { if (!(key_dependency_list->key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } } if (key_dependency_from_result(key_dependency_list->key_dependency, result)) { return NULL; } return key_dependency_list->key_dependency; } key_dependency_t* key_dependency_list_get_begin(key_dependency_list_t* key_dependency_list) { const db_result_t* result; key_dependency_t* key_dependency; if (!key_dependency_list) { return NULL; } if (key_dependency_list->object_store) { if (!(key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_copy(key_dependency, key_dependency_list_begin(key_dependency_list))) { key_dependency_free(key_dependency); return NULL; } return key_dependency; } if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_dependency_list->result_list))) { return NULL; } if (!(key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_from_result(key_dependency, result)) { key_dependency_free(key_dependency); return NULL; } return key_dependency; } const key_dependency_t* key_dependency_list_next(key_dependency_list_t* key_dependency_list) { const db_result_t* result; if (!key_dependency_list) { return NULL; } if (key_dependency_list->object_store) { if (!key_dependency_list->object_list) { if (!key_dependency_list->result_list) { return NULL; } if (!db_result_list_size(key_dependency_list->result_list)) { return NULL; } if (!(key_dependency_list->object_list = (key_dependency_t**)calloc(db_result_list_size(key_dependency_list->result_list), sizeof(key_dependency_t*)))) { return NULL; } key_dependency_list->object_list_size = db_result_list_size(key_dependency_list->result_list); key_dependency_list->object_list_position = 0; } else if (key_dependency_list->object_list_first) { key_dependency_list->object_list_first = 0; key_dependency_list->object_list_position = 0; } else { key_dependency_list->object_list_position++; } if (key_dependency_list->object_list_position >= key_dependency_list->object_list_size) { return NULL; } if (!(key_dependency_list->object_list[key_dependency_list->object_list_position])) { if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_dependency_list->result_list))) { return NULL; } if (!(key_dependency_list->object_list[key_dependency_list->object_list_position] = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_from_result(key_dependency_list->object_list[key_dependency_list->object_list_position], result)) { return NULL; } } return key_dependency_list->object_list[key_dependency_list->object_list_position]; } if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_dependency_list->result_list))) { return NULL; } if (!key_dependency_list->key_dependency) { if (!(key_dependency_list->key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } } if (key_dependency_from_result(key_dependency_list->key_dependency, result)) { return NULL; } return key_dependency_list->key_dependency; } key_dependency_t* key_dependency_list_get_next(key_dependency_list_t* key_dependency_list) { const db_result_t* result; key_dependency_t* key_dependency; if (!key_dependency_list) { return NULL; } if (key_dependency_list->object_store) { if (!(key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_copy(key_dependency, key_dependency_list_next(key_dependency_list))) { key_dependency_free(key_dependency); return NULL; } return key_dependency; } if (!key_dependency_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_dependency_list->result_list))) { return NULL; } if (!(key_dependency = key_dependency_new(db_object_connection(key_dependency_list->dbo)))) { return NULL; } if (key_dependency_from_result(key_dependency, result)) { key_dependency_free(key_dependency); return NULL; } return key_dependency; } size_t key_dependency_list_size(key_dependency_list_t* key_dependency_list) { if (!key_dependency_list) { return 0; } if (key_dependency_list->object_store && key_dependency_list->object_list) { return key_dependency_list->object_list_size; } if (!key_dependency_list->result_list) { return 0; } return db_result_list_size(key_dependency_list->result_list); } opendnssec-2.1.5/enforcer/src/db/db_schema_mysql.h0000644000202300020240000000311713560310771017055 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef __db_schema_mysql_h #define __db_schema_mysql_h extern const char* db_schema_mysql_create[]; extern const char* db_schema_mysql_drop[]; #endif opendnssec-2.1.5/enforcer/src/db/zone_db.h0000644000202300020240000004712613560310771015353 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __zone_db_h #define __zone_db_h #include "db_object.h" struct zone_db; struct zone_list_db; typedef struct zone_db zone_db_t; typedef struct zone_list_db zone_list_db_t; #include "zone_db_ext.h" #include "policy.h" /** * A zone object. */ struct zone_db { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t policy_id; const policy_t* associated_policy_id; policy_t* private_policy_id; char* name; unsigned int signconf_needs_writing; char* signconf_path; int next_change; unsigned int ttl_end_ds; unsigned int ttl_end_dk; unsigned int ttl_end_rs; unsigned int roll_ksk_now; unsigned int roll_zsk_now; unsigned int roll_csk_now; char* input_adapter_type; char* input_adapter_uri; char* output_adapter_type; char* output_adapter_uri; unsigned int next_ksk_roll; unsigned int next_zsk_roll; unsigned int next_csk_roll; key_data_list_t* key_data_list; key_dependency_list_t* key_dependency_list; }; /** * Create a new zone object. * \param[in] connection a db_connection_t pointer. * \return a zone_db_t pointer or NULL on error. */ zone_db_t* zone_db_new(const db_connection_t* connection); /** * Create a new zone object that is a copy of another zone object. * \param[in] zone a zone_db_t pointer. * \return a zone_db_t pointer or NULL on error. */ zone_db_t* zone_db_new_copy(const zone_db_t* zone); /** * Delete a zone object, this does not delete it from the database. * \param[in] zone a zone_db_t pointer. */ void zone_db_free(zone_db_t* zone); /** * Copy the content of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] zone_copy a zone_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_copy(zone_db_t* zone, const zone_db_t* zone_copy); /** * Set the content of a zone object based on a database result. * \param[in] zone a zone_db_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_from_result(zone_db_t* zone, const db_result_t* result); /** * Get the id of a zone object. * \param[in] zone a zone_db_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* zone_db_id(const zone_db_t* zone); /** * Get the policy_id of a zone object. * \param[in] zone a zone_db_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* zone_db_policy_id(const zone_db_t* zone); /** * Get the policy_id object related to a zone object. * The caller will be given ownership of this object and is responsible for freeing it. * \param[in] zone a zone_db_t pointer. * \return a policy_t pointer or NULL on error or if no object could be found. */ policy_t* zone_db_get_policy(const zone_db_t* zone); /** * Get the name of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no name has been set. */ const char* zone_db_name(const zone_db_t* zone); /** * Get the signconf_needs_writing of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_signconf_needs_writing(const zone_db_t* zone); /** * Get the signconf_path of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no signconf_path has been set. */ const char* zone_db_signconf_path(const zone_db_t* zone); /** * Get the next_change of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an integer. */ int zone_db_next_change(const zone_db_t* zone); /** * Get the ttl_end_ds of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_ttl_end_ds(const zone_db_t* zone); /** * Get the ttl_end_dk of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_ttl_end_dk(const zone_db_t* zone); /** * Get the ttl_end_rs of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_ttl_end_rs(const zone_db_t* zone); /** * Get the roll_ksk_now of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_roll_ksk_now(const zone_db_t* zone); /** * Get the roll_zsk_now of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_roll_zsk_now(const zone_db_t* zone); /** * Get the roll_csk_now of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_roll_csk_now(const zone_db_t* zone); /** * Get the input_adapter_type of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no input_adapter_type has been set. */ const char* zone_db_input_adapter_type(const zone_db_t* zone); /** * Get the input_adapter_uri of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no input_adapter_uri has been set. */ const char* zone_db_input_adapter_uri(const zone_db_t* zone); /** * Get the output_adapter_type of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no output_adapter_type has been set. */ const char* zone_db_output_adapter_type(const zone_db_t* zone); /** * Get the output_adapter_uri of a zone object. * \param[in] zone a zone_db_t pointer. * \return a character pointer or NULL on error or if no output_adapter_uri has been set. */ const char* zone_db_output_adapter_uri(const zone_db_t* zone); /** * Get the next_ksk_roll of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_next_ksk_roll(const zone_db_t* zone); /** * Get the next_zsk_roll of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_next_zsk_roll(const zone_db_t* zone); /** * Get the next_csk_roll of a zone object. Undefined behavior if `zone` is NULL. * \param[in] zone a zone_db_t pointer. * \return an unsigned integer. */ unsigned int zone_db_next_csk_roll(const zone_db_t* zone); /** * Set the policy_id of a zone object. If this fails the original value may have been lost. * \param[in] zone a zone_db_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_policy_id(zone_db_t* zone, const db_value_t* policy_id); /** * Set the name of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] name_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_name(zone_db_t* zone, const char* name_text); /** * Set the signconf_needs_writing of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] signconf_needs_writing an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_signconf_needs_writing(zone_db_t* zone, unsigned int signconf_needs_writing); /** * Set the signconf_path of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] signconf_path_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_signconf_path(zone_db_t* zone, const char* signconf_path_text); /** * Set the next_change of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] next_change an integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_next_change(zone_db_t* zone, int next_change); /** * Set the ttl_end_ds of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] ttl_end_ds an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_ttl_end_ds(zone_db_t* zone, unsigned int ttl_end_ds); /** * Set the ttl_end_dk of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] ttl_end_dk an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_ttl_end_dk(zone_db_t* zone, unsigned int ttl_end_dk); /** * Set the ttl_end_rs of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] ttl_end_rs an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_ttl_end_rs(zone_db_t* zone, unsigned int ttl_end_rs); /** * Set the roll_ksk_now of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] roll_ksk_now an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_roll_ksk_now(zone_db_t* zone, unsigned int roll_ksk_now); /** * Set the roll_zsk_now of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] roll_zsk_now an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_roll_zsk_now(zone_db_t* zone, unsigned int roll_zsk_now); /** * Set the roll_csk_now of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] roll_csk_now an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_roll_csk_now(zone_db_t* zone, unsigned int roll_csk_now); /** * Set the input_adapter_type of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] input_adapter_type_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_input_adapter_type(zone_db_t* zone, const char* input_adapter_type_text); /** * Set the input_adapter_uri of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] input_adapter_uri_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_input_adapter_uri(zone_db_t* zone, const char* input_adapter_uri_text); /** * Set the output_adapter_type of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] output_adapter_type_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_output_adapter_type(zone_db_t* zone, const char* output_adapter_type_text); /** * Set the output_adapter_uri of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] output_adapter_uri_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_output_adapter_uri(zone_db_t* zone, const char* output_adapter_uri_text); /** * Set the next_ksk_roll of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] next_ksk_roll an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_next_ksk_roll(zone_db_t* zone, unsigned int next_ksk_roll); /** * Set the next_zsk_roll of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] next_zsk_roll an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_next_zsk_roll(zone_db_t* zone, unsigned int next_zsk_roll); /** * Set the next_csk_roll of a zone object. * \param[in] zone a zone_db_t pointer. * \param[in] next_csk_roll an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_set_next_csk_roll(zone_db_t* zone, unsigned int next_csk_roll); /** * Create a clause for policy_id of a zone object and add it to a database clause list. * The clause operator is set to DB_CLAUSE_OPERATOR_AND and the clause type is * set to DB_CLAUSE_EQUAL, if you want to change these you can do it with the * returned db_clause_t pointer. * \param[in] clause_list db_clause_list_t pointer. * \param[in] policy_id a db_value_t pointer. * \return a db_clause_t pointer to the added clause or NULL on error. */ db_clause_t* zone_db_policy_id_clause(db_clause_list_t* clause_list, const db_value_t* policy_id); /** * Create a zone object in the database. * \param[in] zone a zone_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_create(zone_db_t* zone); /** * Get a zone object from the database by a id specified in `id`. * \param[in] zone a zone_db_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_get_by_id(zone_db_t* zone, const db_value_t* id); /** * Get a zone object from the database by a name specified in `name`. * \param[in] zone a zone_db_t pointer. * \param[in] name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_get_by_name(zone_db_t* zone, const char* name); /** * Get a new zone object from the database by a name specified in `name`. * \param[in] connection a db_connection_t pointer. * \param[in] name a character pointer. * \return a zone_db_t pointer or NULL on error or if it does not exist. */ zone_db_t* zone_db_new_get_by_name(const db_connection_t* connection, const char* name); /** * Update a zone object in the database. * \param[in] zone a zone_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_update(zone_db_t* zone); /** * Delete a zone object from the database. * \param[in] zone a zone_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_delete(zone_db_t* zone); /** * Count the number of zone objects in the database, if a selection of * objects should be counted then it can be limited by a database clause list * otherwise all objects are counted. * \param[in] zone a zone_db_t pointer. * \param[in] clause_list a db_clause_list_t pointer or NULL if all objects. * \param[out] count a size_t pointer to where the count should be stored. * should be counted. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_db_count(zone_db_t* zone, db_clause_list_t* clause_list, size_t* count); /** * A list of zone objects. */ struct zone_list_db { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; zone_db_t* zone; int object_store; zone_db_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; policy_list_t* policy_id_list; }; /** * Create a new zone object list. * \param[in] connection a db_connection_t pointer. * \return a zone_list_db_t pointer or NULL on error. */ zone_list_db_t* zone_list_db_new(const db_connection_t* connection); /** * Create a new zone object list that is a copy of another. * \param[in] zone_list_db a zone_list_db_t pointer. * \return a zone_list_db_t pointer or NULL on error. */ zone_list_db_t* zone_list_db_new_copy(const zone_list_db_t* zone_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] zone_list_db a zone_list_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_list_db_object_store(zone_list_db_t* zone_list_db); /** * Delete a zone object list. * \param[in] zone_list_db a zone_list_db_t pointer. */ void zone_list_db_free(zone_list_db_t* zone_list_db); /** * Copy the content of another zone object list. * \param[in] zone_list_db a zone_list_db_t pointer. * \param[in] from_zone_list_db a zone_list_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_list_db_copy(zone_list_db_t* zone_list_db, const zone_list_db_t* from_zone_list_db); /** * Get all zone objects. * \param[in] zone_list_db a zone_list_db_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_list_db_get(zone_list_db_t* zone_list_db); /** * Get a new list with all zone objects. * \param[in] connection a db_connection_t pointer. * \return a zone_list_db_t pointer or NULL on error. */ zone_list_db_t* zone_list_db_new_get(const db_connection_t* connection); /** * Get zone objects from the database by a clause list. * \param[in] zone_list_db a zone_list_db_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_list_db_get_by_clauses(zone_list_db_t* zone_list_db, const db_clause_list_t* clause_list); /** * Get zone objects from the database by a policy_id specified in `policy_id`. * \param[in] zone_list_db a zone_list_db_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int zone_list_db_get_by_policy_id(zone_list_db_t* zone_list_db, const db_value_t* policy_id); /** * Get a new list of zone objects from the database by a policy_id specified in `policy_id`. * \param[in] connection a db_connection_t pointer. * \param[in] policy_id a db_value_t pointer. * \return a zone_list_db_t pointer or NULL on error. */ zone_list_db_t* zone_list_db_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id); /** * Get the first zone object in a zone object list and reset the * position of the list. * \param[in] zone_list_db a zone_list_db_t pointer. * \return a zone_db_t pointer or NULL on error or if there are no * zone objects in the zone object list. */ const zone_db_t* zone_list_db_begin(zone_list_db_t* zone_list_db); /** * Get the next zone object in a zone object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] zone_list_db a zone_list_db_t pointer. * \return a zone_db_t pointer or NULL on error or if there are no more * zone objects in the zone object list. */ const zone_db_t* zone_list_db_next(zone_list_db_t* zone_list_db); /** * Get the next zone object in a zone object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] zone_list_db a zone_list_db_t pointer. * \return a zone_db_t pointer or NULL on error or if there are no more * zone objects in the zone object list. */ zone_db_t* zone_list_db_get_next(zone_list_db_t* zone_list_db); /** * Get the size of a zone object list. * \param[in] zone_list_db a zone_list_db_t pointer. * \return a size_t with the size of the list or zero on error, if the list is * empty or if the backend does not support returning the size. */ size_t zone_list_db_size(zone_list_db_t* zone_list_db); #endif opendnssec-2.1.5/enforcer/src/db/key_state_ext.c0000644000202300020240000000272113560311035016560 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_state.h" opendnssec-2.1.5/enforcer/src/db/db_value.c0000644000202300020240000004461613560310771015510 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_value.h" #include "db_error.h" #include /* DB VALUE */ db_value_t* db_value_new() { db_value_t* value = (db_value_t*)calloc(1, sizeof(db_value_t)); if (value) { value->type = DB_TYPE_EMPTY; } return value; } void db_value_free(db_value_t* value) { if (value) { if (value->text) { free(value->text); } free(value); } } void db_value_reset(db_value_t* value) { if (value) { value->type = DB_TYPE_EMPTY; value->primary_key = 0; if (value->text) { free(value->text); } value->text = NULL; value->int32 = 0; value->uint32 = 0; value->int64 = 0; value->uint64 = 0; value->enum_value = 0; value->enum_text = NULL; } } int db_value_copy(db_value_t* value, const db_value_t* from_value) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } if (!from_value) { return DB_ERROR_UNKNOWN; } if (from_value->type == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } memcpy(value, from_value, sizeof(db_value_t)); if (from_value->text) { value->text = strdup(from_value->text); if (!value->text) { db_value_reset(value); return DB_ERROR_UNKNOWN; } } return DB_OK; } int db_value_cmp(const db_value_t* value_a, const db_value_t* value_b, int* result) { if (!value_a) { return DB_ERROR_UNKNOWN; } if (!value_b) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } if (value_a->type == DB_TYPE_EMPTY && value_b->type != DB_TYPE_EMPTY) { *result = -1; return DB_OK; } else if (value_a->type == DB_TYPE_EMPTY && value_b->type == DB_TYPE_EMPTY) { *result = 0; return DB_OK; } else if (value_a->type != DB_TYPE_EMPTY && value_b->type == DB_TYPE_EMPTY) { *result = 1; return DB_OK; } /* TODO: ability to compare different types to each other */ if (value_a->type != value_b->type) { switch (value_a->type) { case DB_TYPE_INT32: if (value_b->type == DB_TYPE_INT64) { if ((db_type_int64_t)(value_a->int32) < value_b->int64) { *result = -1; } else if ((db_type_int64_t)(value_a->int32) > value_b->int64) { *result = 1; } else { *result = 0; } return DB_OK; } break; case DB_TYPE_INT64: if (value_b->type == DB_TYPE_INT32) { if (value_a->int64 < (db_type_int64_t)(value_b->int32)) { *result = -1; } else if (value_a->int64 > (db_type_int64_t)(value_b->int32)) { *result = 1; } else { *result = 0; } return DB_OK; } break; case DB_TYPE_UINT32: if (value_b->type == DB_TYPE_UINT64) { if ((db_type_uint64_t)(value_a->uint32) < value_b->uint64) { *result = -1; } else if ((db_type_uint64_t)(value_a->uint32) > value_b->uint64) { *result = 1; } else { *result = 0; } return DB_OK; } break; case DB_TYPE_UINT64: if (value_b->type == DB_TYPE_UINT32) { if (value_a->uint64 < (db_type_uint64_t)(value_b->uint32)) { *result = -1; } else if (value_a->uint64 > (db_type_uint64_t)(value_b->uint32)) { *result = 1; } else { *result = 0; } return DB_OK; } break; default: break; } return DB_ERROR_UNKNOWN; } switch (value_a->type) { case DB_TYPE_INT32: if (value_a->int32 < value_b->int32) { *result = -1; } else if (value_a->int32 > value_b->int32) { *result = 1; } else { *result = 0; } break; case DB_TYPE_UINT32: if (value_a->uint32 < value_b->uint32) { *result = -1; } else if (value_a->uint32 > value_b->uint32) { *result = 1; } else { *result = 0; } break; case DB_TYPE_INT64: if (value_a->int64 < value_b->int64) { *result = -1; } else if (value_a->int64 > value_b->int64) { *result = 1; } else { *result = 0; } break; case DB_TYPE_UINT64: if (value_a->uint64 < value_b->uint64) { *result = -1; } else if (value_a->uint64 > value_b->uint64) { *result = 1; } else { *result = 0; } break; case DB_TYPE_TEXT: *result = strcmp(value_a->text, value_b->text); break; case DB_TYPE_ENUM: /* TODO: Document that enum can only really be checked if eq */ if (value_a->enum_value < value_b->enum_value) { *result = -1; } else if (value_a->enum_value > value_b->enum_value) { *result = 1; } else { *result = 0; } break; default: return DB_ERROR_UNKNOWN; } return DB_OK; } db_type_t db_value_type(const db_value_t* value) { if (!value) { return DB_TYPE_EMPTY; } return value->type; } const db_type_int32_t* db_value_int32(const db_value_t* value) { if (!value) { return NULL; } if (value->type != DB_TYPE_INT32) { return NULL; } return &value->int32; } const db_type_uint32_t* db_value_uint32(const db_value_t* value) { if (!value) { return NULL; } if (value->type != DB_TYPE_UINT32) { return NULL; } return &value->uint32; } const db_type_int64_t* db_value_int64(const db_value_t* value) { if (!value) { return NULL; } if (value->type != DB_TYPE_INT64) { return NULL; } return &value->int64; } const db_type_uint64_t* db_value_uint64(const db_value_t* value) { if (!value) { return NULL; } if (value->type != DB_TYPE_UINT64) { return NULL; } return &value->uint64; } const char* db_value_text(const db_value_t* value) { if (!value) { return NULL; } if (value->type != DB_TYPE_TEXT) { return NULL; } return value->text; } int db_value_enum_value(const db_value_t* value, int* enum_value) { if (!value) { return DB_ERROR_UNKNOWN; } if (!enum_value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_ENUM) { return DB_ERROR_UNKNOWN; } *enum_value = value->enum_value; return DB_OK; } int db_value_not_empty(const db_value_t* value) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } return DB_OK; } int db_value_to_int32(const db_value_t* value, db_type_int32_t* to_int32) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_int32) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_INT32) { return DB_ERROR_UNKNOWN; } *to_int32 = value->int32; return DB_OK; } int db_value_to_uint32(const db_value_t* value, db_type_uint32_t* to_uint32) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_uint32) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_UINT32) { return DB_ERROR_UNKNOWN; } *to_uint32 = value->uint32; return DB_OK; } int db_value_to_int64(const db_value_t* value, db_type_int64_t* to_int64) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_int64) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_INT64) { return DB_ERROR_UNKNOWN; } *to_int64 = value->int64; return DB_OK; } int db_value_to_uint64(const db_value_t* value, db_type_uint64_t* to_uint64) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_uint64) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_UINT64) { return DB_ERROR_UNKNOWN; } *to_uint64 = value->uint64; return DB_OK; } int db_value_to_text(const db_value_t* value, char** to_text) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_text) { return DB_ERROR_UNKNOWN; } if (*to_text) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_TEXT) { return DB_ERROR_UNKNOWN; } *to_text = strdup(value->text); if (!*to_text) { return DB_ERROR_UNKNOWN; } return DB_OK; } int db_value_to_enum_value(const db_value_t* value, int* to_int, const db_enum_t* enum_set) { if (!value) { return DB_ERROR_UNKNOWN; } if (!to_int) { return DB_ERROR_UNKNOWN; } if (!enum_set) { return DB_ERROR_UNKNOWN; } if (value->type == DB_TYPE_ENUM) { while (enum_set->text) { if (enum_set->value == value->enum_value) { *to_int = enum_set->value; return DB_OK; } enum_set++; } } else if (value->type == DB_TYPE_TEXT) { while (enum_set->text) { if (!strcmp(enum_set->text, value->text)) { *to_int = enum_set->value; return DB_OK; } enum_set++; } } else if (value->type == DB_TYPE_INT32) { while (enum_set->text) { if (enum_set->value == value->int32) { *to_int = enum_set->value; return DB_OK; } enum_set++; } } return DB_ERROR_UNKNOWN; } int db_value_from_int32(db_value_t* value, db_type_int32_t from_int32) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->int32 = from_int32; value->type = DB_TYPE_INT32; return DB_OK; } int db_value_from_uint32(db_value_t* value, db_type_uint32_t from_uint32) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->uint32 = from_uint32; value->type = DB_TYPE_UINT32; return DB_OK; } int db_value_from_int64(db_value_t* value, db_type_int64_t from_int64) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->int64 = from_int64; value->type = DB_TYPE_INT64; return DB_OK; } int db_value_from_uint64(db_value_t* value, db_type_uint64_t from_uint64) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->uint64 = from_uint64; value->type = DB_TYPE_UINT64; return DB_OK; } int db_value_from_text(db_value_t* value, const char* from_text) { if (!value) { return DB_ERROR_UNKNOWN; } if (!from_text) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->text = (void*)strdup(from_text); if (!value->text) { return DB_ERROR_UNKNOWN; } value->type = DB_TYPE_TEXT; return DB_OK; } int db_value_from_text2(db_value_t* value, const char* from_text, size_t size) { if (!value) { return DB_ERROR_UNKNOWN; } if (!from_text) { return DB_ERROR_UNKNOWN; } if (!size) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } value->text = (void*)strndup(from_text, size); if (!value->text) { return DB_ERROR_UNKNOWN; } value->type = DB_TYPE_TEXT; return DB_OK; } int db_value_from_enum_value(db_value_t* value, int enum_value, const db_enum_t* enum_set) { if (!value) { return DB_ERROR_UNKNOWN; } if (!enum_set) { return DB_ERROR_UNKNOWN; } if (value->type != DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } while (enum_set->text) { if (enum_set->value == enum_value) { value->enum_text = enum_set->text; value->enum_value = enum_set->value; value->type = DB_TYPE_ENUM; return DB_OK; } enum_set++; } return DB_ERROR_UNKNOWN; } int db_value_set_primary_key(db_value_t* value) { if (!value) { return DB_ERROR_UNKNOWN; } if (value->type == DB_TYPE_EMPTY) { return DB_ERROR_UNKNOWN; } if (value->type == DB_TYPE_ENUM) { return DB_ERROR_UNKNOWN; } value->primary_key = 1; return DB_OK; } /* DB VALUE SET */ db_value_set_t* db_value_set_new(size_t size) { db_value_set_t* value_set; size_t i; if (size == 0 || size > 128) { return NULL; } value_set = (db_value_set_t*)calloc(1, sizeof(db_value_set_t)); if (value_set) { if (size <= 4) { value_set->values = (db_value_t*)calloc(4, sizeof(db_value_t)); } else if (size <= 8) { value_set->values = (db_value_t*)calloc(8, sizeof(db_value_t)); } else if (size <= 12) { value_set->values = (db_value_t*)calloc(12, sizeof(db_value_t)); } else if (size <= 16) { value_set->values = (db_value_t*)calloc(16, sizeof(db_value_t)); } else if (size <= 24) { value_set->values = (db_value_t*)calloc(24, sizeof(db_value_t)); } else if (size <= 32) { value_set->values = (db_value_t*)calloc(32, sizeof(db_value_t)); } else if (size <= 64) { value_set->values = (db_value_t*)calloc(64, sizeof(db_value_t)); } else if (size <= 128) { value_set->values = (db_value_t*)calloc(128, sizeof(db_value_t)); } if (!value_set->values) { free(value_set); return NULL; } value_set->size = size; for (i=0; isize; i++) { value_set->values[i].type = DB_TYPE_EMPTY; } } return value_set; } /* TODO: unit test */ db_value_set_t* db_value_set_new_copy(const db_value_set_t* from_value_set) { db_value_set_t* value_set; size_t i; if (!from_value_set) { return NULL; } if (!from_value_set->values) { return NULL; } value_set = db_value_set_new(from_value_set->size); if (value_set) { for (i=0; isize; i++) { if (db_value_type(&from_value_set->values[i]) == DB_TYPE_EMPTY) { continue; } if (db_value_copy(&value_set->values[i], &from_value_set->values[i])) { db_value_set_free(value_set); return NULL; } } } return value_set; } void db_value_set_free(db_value_set_t* value_set) { if (value_set) { if (value_set->values) { size_t i; for (i=0; isize; i++) { db_value_reset(&value_set->values[i]); } if (value_set->size <= 4) { free(value_set->values); } else if (value_set->size <= 8) { free(value_set->values); } else if (value_set->size <= 12) { free(value_set->values); } else if (value_set->size <= 16) { free(value_set->values); } else if (value_set->size <= 24) { free(value_set->values); } else if (value_set->size <= 32) { free(value_set->values); } else if (value_set->size <= 64) { free(value_set->values); } else if (value_set->size <= 128) { free(value_set->values); } } free(value_set); } } size_t db_value_set_size(const db_value_set_t* value_set) { if (!value_set) { return DB_OK; } return value_set->size; } const db_value_t* db_value_set_at(const db_value_set_t* value_set, size_t at) { if (!value_set) { return NULL; } if (!value_set->values) { return NULL; } if (!(at < value_set->size)) { return NULL; } return &value_set->values[at]; } db_value_t* db_value_set_get(db_value_set_t* value_set, size_t at) { if (!value_set) { return NULL; } if (!value_set->values) { return NULL; } if (!(at < value_set->size)) { return NULL; } return &value_set->values[at]; } opendnssec-2.1.5/enforcer/src/db/db_join.h0000644000202300020240000000651613560310771015335 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_join_h #define __db_join_h struct db_join; struct db_join_list; typedef struct db_join db_join_t; typedef struct db_join_list db_join_list_t; #include "db_type.h" /** * A database join description. */ struct db_join { db_join_t* next; char* from_table; char* from_field; char* to_table; char* to_field; }; /** * Get the from table name of a database join. * \param[in] join a db_join_t pointer. * \return a character pointer or NULL on error or if no from table name has * been set. */ const char* db_join_from_table(const db_join_t* join); /** * Get the from field name of a database join. * \param[in] join a db_join_t pointer. * \return a character pointer or NULL on error or if no from field name has * been set. */ const char* db_join_from_field(const db_join_t* join); /** * Get the to table name of a database join. * \param[in] join a db_join_t pointer. * \return a character pointer or NULL on error or if no to table name has been * set. */ const char* db_join_to_table(const db_join_t* join); /** * Get the to field name of a database join. * \param[in] join a db_join_t pointer. * \return a character pointer or NULL on error or if no to field name has been * set. */ const char* db_join_to_field(const db_join_t* join); /** * Get the next database join connected in a database join list. * \param[in] join a db_join_t pointer. * \return a db_join_t pointer or NULL on error or if there are no more database * joins in the list. */ const db_join_t* db_join_next(const db_join_t* join); /** * A list of database joins. */ struct db_join_list { db_join_t* begin; db_join_t* end; }; /** * Return the first database join in a database join list. * \param[in] join_list a db_join_list_t pointer. * \return a db_join_t pointer or NULL on error or if the list is empty. */ const db_join_t* db_join_list_begin(const db_join_list_t* join_list); #endif opendnssec-2.1.5/enforcer/src/db/policy_key_ext.c0000644000202300020240000003423313560310771016750 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "policy_key.h" #include "db_error.h" #include "duration.h" #include "log.h" #include int policy_key_create_from_xml(policy_key_t* policy_key, xmlNodePtr key_node) { xmlNodePtr node; xmlChar* xml_text = NULL; duration_type* duration = NULL; int algorithm_length = 0; int standby = 0; int manual_rollover = 0; int rfc5011 = 0; int rolltype = 0; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!key_node) { return DB_ERROR_UNKNOWN; } if (!strcmp((char*)key_node->name, "KSK")) { ods_log_deeebug("[policy_key_*_from_xml] KSK"); policy_key_set_role(policy_key, POLICY_KEY_ROLE_KSK); } else if (!strcmp((char*)key_node->name, "ZSK")) { ods_log_deeebug("[policy_key_*_from_xml] ZSK"); policy_key_set_role(policy_key, POLICY_KEY_ROLE_ZSK); } else if (!strcmp((char*)key_node->name, "CSK")) { ods_log_deeebug("[policy_key_*_from_xml] CSK"); policy_key_set_role(policy_key, POLICY_KEY_ROLE_CSK); } else { return DB_ERROR_UNKNOWN; } for (node = key_node->children; node; node = node->next) { if (node->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)node->name, "Algorithm")) { if ((xml_text = xmlGetProp(node, (xmlChar*)"length"))) { algorithm_length = 1; ods_log_deeebug("[policy_key_*_from_xml] algorithm length %s", (char*)xml_text); if (policy_key_set_bits(policy_key, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] algorithm %s", (char*)xml_text); if (policy_key_set_algorithm(policy_key, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "Lifetime")) { if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] lifetime %s", (char*)xml_text); if (!(duration = duration_create_from_string((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_lifetime(policy_key, duration2time(duration))) { duration_cleanup(duration); return DB_ERROR_UNKNOWN; } duration_cleanup(duration); duration = NULL; } else if (!strcmp((char*)node->name, "Repository")) { if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] repository %s", (char*)xml_text); if (policy_key_set_repository(policy_key, (char*)xml_text)) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "Standby")) { standby = 1; if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] standby %s", (char*)xml_text); if (policy_key_set_standby(policy_key, (unsigned int)atoi((char*)xml_text))) { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } } else if (!strcmp((char*)node->name, "ManualRollover")) { manual_rollover = 1; ods_log_deeebug("[policy_key_*_from_xml] manual rollover"); if (policy_key_set_manual_rollover(policy_key, 1)) { return DB_ERROR_UNKNOWN; } } else if (policy_key_role(policy_key) == POLICY_KEY_ROLE_KSK && !strcmp((char*)node->name, "KskRollType")) { rolltype = 1; if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] KSK rolltype %s", (char*)xml_text); if (!strcmp((char*)xml_text, "KskDoubleRRset")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_NONE)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "KskDoubleDS")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DNSKEY)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "KskDoubleSignature")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DS)) { return DB_ERROR_UNKNOWN; } } else { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } else if (policy_key_role(policy_key) == POLICY_KEY_ROLE_ZSK && !strcmp((char*)node->name, "ZskRollType")) { rolltype = 1; if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] ZSK rolltype %s", (char*)xml_text); if (!strcmp((char*)xml_text, "ZskDoubleSignature")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_NONE)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "ZskPrePublication")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_RRSIG)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "ZskDoubleRRsig")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DNSKEY)) { return DB_ERROR_UNKNOWN; } } else { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } else if (policy_key_role(policy_key) == POLICY_KEY_ROLE_CSK && !strcmp((char*)node->name, "CskRollType")) { rolltype = 1; if (!(xml_text = xmlNodeGetContent(node))) { return DB_ERROR_UNKNOWN; } ods_log_deeebug("[policy_key_*_from_xml] CSK rolltype %s", (char*)xml_text); if (!strcmp((char*)xml_text, "CskDoubleRRset")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_NONE)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "CskSingleSignature")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_RRSIG)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "CskDoubleDS")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DNSKEY)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "CskDoubleSignature")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DS)) { return DB_ERROR_UNKNOWN; } } else if (!strcmp((char*)xml_text, "CskPrePublication")) { if (xml_text) { xmlFree(xml_text); xml_text = NULL; } if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DS_AND_RRSIG)) { return DB_ERROR_UNKNOWN; } } else { if (xml_text) { xmlFree(xml_text); } return DB_ERROR_UNKNOWN; } } else if ((policy_key_role(policy_key) == POLICY_KEY_ROLE_KSK || policy_key_role(policy_key) == POLICY_KEY_ROLE_CSK) && !strcmp((char*)node->name, "RFC5011")) { rfc5011 = 1; ods_log_deeebug("[policy_key_*_from_xml] rfc5011"); if (policy_key_set_rfc5011(policy_key, 1)) { return DB_ERROR_UNKNOWN; } } else { return DB_ERROR_UNKNOWN; } } if (xml_text) { xmlFree(xml_text); xml_text = NULL; } duration_cleanup(duration); duration = NULL; /* * If we did not find these XML elements we need to disable them */ if (!algorithm_length) { ods_log_deeebug("[policy_key_*_from_xml] - algorithm length"); if (policy_key_set_bits(policy_key, 0)) { return DB_ERROR_UNKNOWN; } } if (!standby) { ods_log_deeebug("[policy_key_*_from_xml] - standby"); if (policy_key_set_standby(policy_key, 0)) { return DB_ERROR_UNKNOWN; } } if (!manual_rollover) { ods_log_deeebug("[policy_key_*_from_xml] - manual rollover"); if (policy_key_set_manual_rollover(policy_key, 0)) { return DB_ERROR_UNKNOWN; } } if (!rolltype) { if (policy_key_role(policy_key) == POLICY_KEY_ROLE_KSK) { ods_log_deeebug("[policy_key_*_from_xml] - minimize default KskDoubleSignature"); if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DS)) { return DB_ERROR_UNKNOWN; } } else if (policy_key_role(policy_key) == POLICY_KEY_ROLE_ZSK) { ods_log_deeebug("[policy_key_*_from_xml] - minimize default ZskPrePublication"); if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_RRSIG)) { return DB_ERROR_UNKNOWN; } } else if (policy_key_role(policy_key) == POLICY_KEY_ROLE_CSK) { ods_log_deeebug("[policy_key_*_from_xml] - minimize default CskPrePublication"); if (policy_key_set_minimize(policy_key, POLICY_KEY_MINIMIZE_DS_AND_RRSIG)) { return DB_ERROR_UNKNOWN; } } else { return DB_ERROR_UNKNOWN; } } if ((policy_key_role(policy_key) == POLICY_KEY_ROLE_KSK || policy_key_role(policy_key) == POLICY_KEY_ROLE_CSK) && !rfc5011) { ods_log_deeebug("[policy_key_*_from_xml] - rfc5011"); if (policy_key_set_rfc5011(policy_key, 0)) { return DB_ERROR_UNKNOWN; } } return DB_OK; } opendnssec-2.1.5/enforcer/src/db/db_connection.c0000644000202300020240000001323013560311035016511 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_connection.h" #include "db_error.h" #include db_connection_t* db_connection_new(void) { db_connection_t* connection = (db_connection_t*)calloc(1, sizeof(db_connection_t)); return connection; } void db_connection_free(db_connection_t* connection) { if (connection) { if (connection->backend) { db_backend_free(connection->backend); } free(connection); } } int db_connection_set_configuration_list(db_connection_t* connection, const db_configuration_list_t* configuration_list) { if (!connection) { return DB_ERROR_UNKNOWN; } if (connection->configuration_list) { return DB_ERROR_UNKNOWN; } connection->configuration_list = configuration_list; return DB_OK; } int db_connection_setup(db_connection_t* connection) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!connection->configuration_list) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { const db_configuration_t* backend = db_configuration_list_find(connection->configuration_list, "backend"); if (!backend) { return DB_ERROR_UNKNOWN; } connection->backend = db_backend_factory_get_backend(db_configuration_value(backend)); if (!connection->backend) { return DB_ERROR_UNKNOWN; } } return DB_OK; } int db_connection_connect(const db_connection_t* connection) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!connection->configuration_list) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { return DB_ERROR_UNKNOWN; } return db_backend_connect(connection->backend, connection->configuration_list); } int db_connection_create(const db_connection_t* connection, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { return DB_ERROR_UNKNOWN; } return db_backend_create(connection->backend, object, object_field_list, value_set); } db_result_list_t* db_connection_read(const db_connection_t* connection, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { if (!connection) { return NULL; } if (!object) { return NULL; } if (!connection->backend) { return NULL; } return db_backend_read(connection->backend, object, join_list, clause_list); } int db_connection_update(const db_connection_t* connection, const db_object_t* object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!object_field_list) { return DB_ERROR_UNKNOWN; } if (!value_set) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { return DB_ERROR_UNKNOWN; } return db_backend_update(connection->backend, object, object_field_list, value_set, clause_list); } int db_connection_delete(const db_connection_t* connection, const db_object_t* object, const db_clause_list_t* clause_list) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { return DB_ERROR_UNKNOWN; } return db_backend_delete(connection->backend, object, clause_list); } int db_connection_count(const db_connection_t* connection, const db_object_t* object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { if (!connection) { return DB_ERROR_UNKNOWN; } if (!object) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } if (!connection->backend) { return DB_ERROR_UNKNOWN; } return db_backend_count(connection->backend, object, join_list, clause_list, count); } opendnssec-2.1.5/enforcer/src/db/test/0000755000202300020240000000000013560311327014605 500000000000000opendnssec-2.1.5/enforcer/src/db/test/test_initialization.c0000644000202300020240000001254513560310771020770 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "../db_configuration.h" #include "../db_connection.h" #include "CUnit/Basic.h" static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; int init_suite_initialization(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } return 0; } int clean_suite_initialization(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 0; } void test_initialization_configuration(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((configuration_list = db_configuration_list_new())); #if defined(ENFORCER_DATABASE_SQLITE3) CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "backend")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, "sqlite")); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "file")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, "test.db")); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; #endif #if defined(ENFORCER_DATABASE_MYSQL) CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "backend")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, "mysql")); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "host")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, ENFORCER_DB_HOST)); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "port")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT)); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "user")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, ENFORCER_DB_USERNAME)); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "pass")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD)); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT_FATAL(!db_configuration_set_name(configuration, "db")); CU_ASSERT_FATAL(!db_configuration_set_value(configuration, ENFORCER_DB_DATABASE)); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; #endif } void test_initialization_connection(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((connection = db_connection_new())); CU_ASSERT_FATAL(!db_connection_set_configuration_list(connection, configuration_list)); CU_ASSERT_FATAL(!db_connection_setup(connection)); CU_ASSERT_FATAL(!db_connection_connect(connection)); } opendnssec-2.1.5/enforcer/src/db/test/test_policy.c0000644000202300020240000012336413560310771017242 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../policy.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static policy_t* object = NULL; static policy_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_policy_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_policy_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_policy_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_policy_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = policy_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = policy_list_new(connection))); } static void test_policy_set(void) { CU_ASSERT(!policy_set_name(object, "name 1")); CU_ASSERT(!policy_set_description(object, "description 1")); CU_ASSERT(!policy_set_signatures_resign(object, 1)); CU_ASSERT(!policy_set_signatures_refresh(object, 1)); CU_ASSERT(!policy_set_signatures_jitter(object, 1)); CU_ASSERT(!policy_set_signatures_inception_offset(object, 1)); CU_ASSERT(!policy_set_signatures_validity_default(object, 1)); CU_ASSERT(!policy_set_signatures_validity_denial(object, 1)); CU_ASSERT(!policy_set_signatures_max_zone_ttl(object, 1)); CU_ASSERT(!policy_set_denial_type(object, POLICY_DENIAL_TYPE_NSEC)); CU_ASSERT(!policy_set_denial_type(object, POLICY_DENIAL_TYPE_NSEC3)); CU_ASSERT(!policy_set_denial_optout(object, 1)); CU_ASSERT(!policy_set_denial_ttl(object, 1)); CU_ASSERT(!policy_set_denial_resalt(object, 1)); CU_ASSERT(!policy_set_denial_algorithm(object, 1)); CU_ASSERT(!policy_set_denial_iterations(object, 1)); CU_ASSERT(!policy_set_denial_salt_length(object, 1)); CU_ASSERT(!policy_set_denial_salt(object, "denial_salt 1")); CU_ASSERT(!policy_set_denial_salt_last_change(object, 1)); CU_ASSERT(!policy_set_keys_ttl(object, 1)); CU_ASSERT(!policy_set_keys_retire_safety(object, 1)); CU_ASSERT(!policy_set_keys_publish_safety(object, 1)); CU_ASSERT(!policy_set_keys_shared(object, 1)); CU_ASSERT(!policy_set_keys_purge_after(object, 1)); CU_ASSERT(!policy_set_zone_propagation_delay(object, 1)); CU_ASSERT(!policy_set_zone_soa_ttl(object, 1)); CU_ASSERT(!policy_set_zone_soa_minimum(object, 1)); CU_ASSERT(!policy_set_zone_soa_serial_text(object, "counter")); CU_ASSERT(!policy_set_zone_soa_serial_text(object, "datecounter")); CU_ASSERT(!policy_set_zone_soa_serial_text(object, "unixtime")); CU_ASSERT(!policy_set_zone_soa_serial_text(object, "keep")); CU_ASSERT(!policy_set_parent_registration_delay(object, 1)); CU_ASSERT(!policy_set_parent_propagation_delay(object, 1)); CU_ASSERT(!policy_set_parent_ds_ttl(object, 1)); CU_ASSERT(!policy_set_parent_soa_ttl(object, 1)); CU_ASSERT(!policy_set_parent_soa_minimum(object, 1)); } static void test_policy_get(void) { CU_ASSERT_PTR_NOT_NULL_FATAL(policy_name(object)); CU_ASSERT(!strcmp(policy_name(object), "name 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_description(object)); CU_ASSERT(!strcmp(policy_description(object), "description 1")); CU_ASSERT(policy_signatures_resign(object) == 1); CU_ASSERT(policy_signatures_refresh(object) == 1); CU_ASSERT(policy_signatures_jitter(object) == 1); CU_ASSERT(policy_signatures_inception_offset(object) == 1); CU_ASSERT(policy_signatures_validity_default(object) == 1); CU_ASSERT(policy_signatures_validity_denial(object) == 1); CU_ASSERT(policy_signatures_max_zone_ttl(object) == 1); CU_ASSERT(policy_denial_type(object) == POLICY_DENIAL_TYPE_NSEC3); CU_ASSERT(policy_denial_optout(object) == 1); CU_ASSERT(policy_denial_ttl(object) == 1); CU_ASSERT(policy_denial_resalt(object) == 1); CU_ASSERT(policy_denial_algorithm(object) == 1); CU_ASSERT(policy_denial_iterations(object) == 1); CU_ASSERT(policy_denial_salt_length(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_denial_salt(object)); CU_ASSERT(!strcmp(policy_denial_salt(object), "denial_salt 1")); CU_ASSERT(policy_denial_salt_last_change(object) == 1); CU_ASSERT(policy_keys_ttl(object) == 1); CU_ASSERT(policy_keys_retire_safety(object) == 1); CU_ASSERT(policy_keys_publish_safety(object) == 1); CU_ASSERT(policy_keys_shared(object) == 1); CU_ASSERT(policy_keys_purge_after(object) == 1); CU_ASSERT(policy_zone_propagation_delay(object) == 1); CU_ASSERT(policy_zone_soa_ttl(object) == 1); CU_ASSERT(policy_zone_soa_minimum(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_zone_soa_serial_text(object)); CU_ASSERT(!strcmp(policy_zone_soa_serial_text(object), "keep")); CU_ASSERT(policy_parent_registration_delay(object) == 1); CU_ASSERT(policy_parent_propagation_delay(object) == 1); CU_ASSERT(policy_parent_ds_ttl(object) == 1); CU_ASSERT(policy_parent_soa_ttl(object) == 1); CU_ASSERT(policy_parent_soa_minimum(object) == 1); } static void test_policy_create(void) { CU_ASSERT_FATAL(!policy_create(object)); } static void test_policy_clauses(void) { policy_list_t* new_list; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(policy_denial_type_clause(clause_list, policy_denial_type(object))); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; } static void test_policy_list(void) { const policy_t* item; policy_t* item2; policy_list_t* new_list; CU_ASSERT_FATAL(!policy_list_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = policy_list_next(object_list))); CU_ASSERT_FATAL(!db_value_copy(&id, policy_id(item))); CU_ASSERT_PTR_NOT_NULL_FATAL((item = policy_list_begin(object_list))); CU_ASSERT_FATAL(!policy_list_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item2 = policy_list_get_next(object_list))); policy_free(item2); CU_PASS("policy_free"); CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new_get(connection))); CU_ASSERT_PTR_NOT_NULL(policy_list_next(new_list)); policy_list_free(new_list); } static void test_policy_list_store(void) { policy_list_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new(connection))); CU_ASSERT_FATAL(!policy_list_object_store(new_list)); CU_ASSERT_FATAL(!policy_list_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_list_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_list_begin(new_list)); CU_PASS("policy_free"); policy_list_free(new_list); } static void test_policy_list_associated(void) { policy_list_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = policy_list_new(connection))); CU_ASSERT_FATAL(!policy_list_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_list_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_list_begin(new_list)); CU_PASS("policy_free"); policy_list_free(new_list); } static void test_policy_read(void) { CU_ASSERT_FATAL(!policy_get_by_id(object, &id)); } static void test_policy_verify(void) { CU_ASSERT_PTR_NOT_NULL_FATAL(policy_name(object)); CU_ASSERT(!strcmp(policy_name(object), "name 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_description(object)); CU_ASSERT(!strcmp(policy_description(object), "description 1")); CU_ASSERT(policy_signatures_resign(object) == 1); CU_ASSERT(policy_signatures_refresh(object) == 1); CU_ASSERT(policy_signatures_jitter(object) == 1); CU_ASSERT(policy_signatures_inception_offset(object) == 1); CU_ASSERT(policy_signatures_validity_default(object) == 1); CU_ASSERT(policy_signatures_validity_denial(object) == 1); CU_ASSERT(policy_signatures_max_zone_ttl(object) == 1); CU_ASSERT(policy_denial_type(object) == POLICY_DENIAL_TYPE_NSEC3); CU_ASSERT(policy_denial_optout(object) == 1); CU_ASSERT(policy_denial_ttl(object) == 1); CU_ASSERT(policy_denial_resalt(object) == 1); CU_ASSERT(policy_denial_algorithm(object) == 1); CU_ASSERT(policy_denial_iterations(object) == 1); CU_ASSERT(policy_denial_salt_length(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_denial_salt(object)); CU_ASSERT(!strcmp(policy_denial_salt(object), "denial_salt 1")); CU_ASSERT(policy_denial_salt_last_change(object) == 1); CU_ASSERT(policy_keys_ttl(object) == 1); CU_ASSERT(policy_keys_retire_safety(object) == 1); CU_ASSERT(policy_keys_publish_safety(object) == 1); CU_ASSERT(policy_keys_shared(object) == 1); CU_ASSERT(policy_keys_purge_after(object) == 1); CU_ASSERT(policy_zone_propagation_delay(object) == 1); CU_ASSERT(policy_zone_soa_ttl(object) == 1); CU_ASSERT(policy_zone_soa_minimum(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_zone_soa_serial_text(object)); CU_ASSERT(!strcmp(policy_zone_soa_serial_text(object), "keep")); CU_ASSERT(policy_parent_registration_delay(object) == 1); CU_ASSERT(policy_parent_propagation_delay(object) == 1); CU_ASSERT(policy_parent_ds_ttl(object) == 1); CU_ASSERT(policy_parent_soa_ttl(object) == 1); CU_ASSERT(policy_parent_soa_minimum(object) == 1); } static void test_policy_read_by_name(void) { CU_ASSERT_FATAL(!policy_get_by_name(object, "name 1")); } static void test_policy_verify_name(void) { CU_ASSERT_PTR_NOT_NULL_FATAL(policy_name(object)); CU_ASSERT(!strcmp(policy_name(object), "name 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_description(object)); CU_ASSERT(!strcmp(policy_description(object), "description 1")); CU_ASSERT(policy_signatures_resign(object) == 1); CU_ASSERT(policy_signatures_refresh(object) == 1); CU_ASSERT(policy_signatures_jitter(object) == 1); CU_ASSERT(policy_signatures_inception_offset(object) == 1); CU_ASSERT(policy_signatures_validity_default(object) == 1); CU_ASSERT(policy_signatures_validity_denial(object) == 1); CU_ASSERT(policy_signatures_max_zone_ttl(object) == 1); CU_ASSERT(policy_denial_type(object) == POLICY_DENIAL_TYPE_NSEC3); CU_ASSERT(policy_denial_optout(object) == 1); CU_ASSERT(policy_denial_ttl(object) == 1); CU_ASSERT(policy_denial_resalt(object) == 1); CU_ASSERT(policy_denial_algorithm(object) == 1); CU_ASSERT(policy_denial_iterations(object) == 1); CU_ASSERT(policy_denial_salt_length(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_denial_salt(object)); CU_ASSERT(!strcmp(policy_denial_salt(object), "denial_salt 1")); CU_ASSERT(policy_denial_salt_last_change(object) == 1); CU_ASSERT(policy_keys_ttl(object) == 1); CU_ASSERT(policy_keys_retire_safety(object) == 1); CU_ASSERT(policy_keys_publish_safety(object) == 1); CU_ASSERT(policy_keys_shared(object) == 1); CU_ASSERT(policy_keys_purge_after(object) == 1); CU_ASSERT(policy_zone_propagation_delay(object) == 1); CU_ASSERT(policy_zone_soa_ttl(object) == 1); CU_ASSERT(policy_zone_soa_minimum(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_zone_soa_serial_text(object)); CU_ASSERT(!strcmp(policy_zone_soa_serial_text(object), "keep")); CU_ASSERT(policy_parent_registration_delay(object) == 1); CU_ASSERT(policy_parent_propagation_delay(object) == 1); CU_ASSERT(policy_parent_ds_ttl(object) == 1); CU_ASSERT(policy_parent_soa_ttl(object) == 1); CU_ASSERT(policy_parent_soa_minimum(object) == 1); } static void test_policy_change(void) { CU_ASSERT(!policy_set_name(object, "name 2")); CU_ASSERT(!policy_set_description(object, "description 2")); CU_ASSERT(!policy_set_signatures_resign(object, 2)); CU_ASSERT(!policy_set_signatures_refresh(object, 2)); CU_ASSERT(!policy_set_signatures_jitter(object, 2)); CU_ASSERT(!policy_set_signatures_inception_offset(object, 2)); CU_ASSERT(!policy_set_signatures_validity_default(object, 2)); CU_ASSERT(!policy_set_signatures_validity_denial(object, 2)); CU_ASSERT(!policy_set_signatures_max_zone_ttl(object, 2)); CU_ASSERT(!policy_set_denial_type(object, POLICY_DENIAL_TYPE_NSEC)); CU_ASSERT(!policy_set_denial_optout(object, 2)); CU_ASSERT(!policy_set_denial_ttl(object, 2)); CU_ASSERT(!policy_set_denial_resalt(object, 2)); CU_ASSERT(!policy_set_denial_algorithm(object, 2)); CU_ASSERT(!policy_set_denial_iterations(object, 2)); CU_ASSERT(!policy_set_denial_salt_length(object, 2)); CU_ASSERT(!policy_set_denial_salt(object, "denial_salt 2")); CU_ASSERT(!policy_set_denial_salt_last_change(object, 2)); CU_ASSERT(!policy_set_keys_ttl(object, 2)); CU_ASSERT(!policy_set_keys_retire_safety(object, 2)); CU_ASSERT(!policy_set_keys_publish_safety(object, 2)); CU_ASSERT(!policy_set_keys_shared(object, 2)); CU_ASSERT(!policy_set_keys_purge_after(object, 2)); CU_ASSERT(!policy_set_zone_propagation_delay(object, 2)); CU_ASSERT(!policy_set_zone_soa_ttl(object, 2)); CU_ASSERT(!policy_set_zone_soa_minimum(object, 2)); CU_ASSERT(!policy_set_zone_soa_serial_text(object, "counter")); CU_ASSERT(!policy_set_parent_registration_delay(object, 2)); CU_ASSERT(!policy_set_parent_propagation_delay(object, 2)); CU_ASSERT(!policy_set_parent_ds_ttl(object, 2)); CU_ASSERT(!policy_set_parent_soa_ttl(object, 2)); CU_ASSERT(!policy_set_parent_soa_minimum(object, 2)); } static void test_policy_update(void) { CU_ASSERT_FATAL(!policy_update(object)); } static void test_policy_read2(void) { CU_ASSERT_FATAL(!policy_get_by_id(object, &id)); } static void test_policy_verify2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL(policy_name(object)); CU_ASSERT(!strcmp(policy_name(object), "name 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_description(object)); CU_ASSERT(!strcmp(policy_description(object), "description 2")); CU_ASSERT(policy_signatures_resign(object) == 2); CU_ASSERT(policy_signatures_refresh(object) == 2); CU_ASSERT(policy_signatures_jitter(object) == 2); CU_ASSERT(policy_signatures_inception_offset(object) == 2); CU_ASSERT(policy_signatures_validity_default(object) == 2); CU_ASSERT(policy_signatures_validity_denial(object) == 2); CU_ASSERT(policy_signatures_max_zone_ttl(object) == 2); CU_ASSERT(policy_denial_type(object) == POLICY_DENIAL_TYPE_NSEC); CU_ASSERT(policy_denial_optout(object) == 2); CU_ASSERT(policy_denial_ttl(object) == 2); CU_ASSERT(policy_denial_resalt(object) == 2); CU_ASSERT(policy_denial_algorithm(object) == 2); CU_ASSERT(policy_denial_iterations(object) == 2); CU_ASSERT(policy_denial_salt_length(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_denial_salt(object)); CU_ASSERT(!strcmp(policy_denial_salt(object), "denial_salt 2")); CU_ASSERT(policy_denial_salt_last_change(object) == 2); CU_ASSERT(policy_keys_ttl(object) == 2); CU_ASSERT(policy_keys_retire_safety(object) == 2); CU_ASSERT(policy_keys_publish_safety(object) == 2); CU_ASSERT(policy_keys_shared(object) == 2); CU_ASSERT(policy_keys_purge_after(object) == 2); CU_ASSERT(policy_zone_propagation_delay(object) == 2); CU_ASSERT(policy_zone_soa_ttl(object) == 2); CU_ASSERT(policy_zone_soa_minimum(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_zone_soa_serial_text(object)); CU_ASSERT(!strcmp(policy_zone_soa_serial_text(object), "counter")); CU_ASSERT(policy_parent_registration_delay(object) == 2); CU_ASSERT(policy_parent_propagation_delay(object) == 2); CU_ASSERT(policy_parent_ds_ttl(object) == 2); CU_ASSERT(policy_parent_soa_ttl(object) == 2); CU_ASSERT(policy_parent_soa_minimum(object) == 2); } static void test_policy_cmp(void) { policy_t* local_object; CU_ASSERT_PTR_NOT_NULL_FATAL((local_object = policy_new(connection))); } static void test_policy_read_by_name2(void) { CU_ASSERT_FATAL(!policy_get_by_name(object, "name 2")); } static void test_policy_verify_name2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL(policy_name(object)); CU_ASSERT(!strcmp(policy_name(object), "name 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_description(object)); CU_ASSERT(!strcmp(policy_description(object), "description 2")); CU_ASSERT(policy_signatures_resign(object) == 2); CU_ASSERT(policy_signatures_refresh(object) == 2); CU_ASSERT(policy_signatures_jitter(object) == 2); CU_ASSERT(policy_signatures_inception_offset(object) == 2); CU_ASSERT(policy_signatures_validity_default(object) == 2); CU_ASSERT(policy_signatures_validity_denial(object) == 2); CU_ASSERT(policy_signatures_max_zone_ttl(object) == 2); CU_ASSERT(policy_denial_type(object) == POLICY_DENIAL_TYPE_NSEC); CU_ASSERT(policy_denial_optout(object) == 2); CU_ASSERT(policy_denial_ttl(object) == 2); CU_ASSERT(policy_denial_resalt(object) == 2); CU_ASSERT(policy_denial_algorithm(object) == 2); CU_ASSERT(policy_denial_iterations(object) == 2); CU_ASSERT(policy_denial_salt_length(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_denial_salt(object)); CU_ASSERT(!strcmp(policy_denial_salt(object), "denial_salt 2")); CU_ASSERT(policy_denial_salt_last_change(object) == 2); CU_ASSERT(policy_keys_ttl(object) == 2); CU_ASSERT(policy_keys_retire_safety(object) == 2); CU_ASSERT(policy_keys_publish_safety(object) == 2); CU_ASSERT(policy_keys_shared(object) == 2); CU_ASSERT(policy_keys_purge_after(object) == 2); CU_ASSERT(policy_zone_propagation_delay(object) == 2); CU_ASSERT(policy_zone_soa_ttl(object) == 2); CU_ASSERT(policy_zone_soa_minimum(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_zone_soa_serial_text(object)); CU_ASSERT(!strcmp(policy_zone_soa_serial_text(object), "counter")); CU_ASSERT(policy_parent_registration_delay(object) == 2); CU_ASSERT(policy_parent_propagation_delay(object) == 2); CU_ASSERT(policy_parent_ds_ttl(object) == 2); CU_ASSERT(policy_parent_soa_ttl(object) == 2); CU_ASSERT(policy_parent_soa_minimum(object) == 2); } static void test_policy_delete(void) { CU_ASSERT_FATAL(!policy_delete(object)); } static void test_policy_list2(void) { CU_ASSERT_FATAL(!policy_list_get(object_list)); CU_ASSERT_PTR_NULL(policy_list_next(object_list)); } static void test_policy_end(void) { if (object) { policy_free(object); CU_PASS("policy_free"); } if (object_list) { policy_list_free(object_list); CU_PASS("policy_list_free"); } } static int test_policy_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_policy_new) || !CU_add_test(pSuite, "set fields", test_policy_set) || !CU_add_test(pSuite, "get fields", test_policy_get) || !CU_add_test(pSuite, "create object", test_policy_create) || !CU_add_test(pSuite, "object clauses", test_policy_clauses) || !CU_add_test(pSuite, "list objects", test_policy_list) || !CU_add_test(pSuite, "list objects (store)", test_policy_list_store) || !CU_add_test(pSuite, "list objects (associated)", test_policy_list_associated) || !CU_add_test(pSuite, "read object by id", test_policy_read) || !CU_add_test(pSuite, "verify fields", test_policy_verify) || !CU_add_test(pSuite, "read object by name", test_policy_read_by_name) || !CU_add_test(pSuite, "verify fields (name)", test_policy_verify_name) || !CU_add_test(pSuite, "change object", test_policy_change) || !CU_add_test(pSuite, "update object", test_policy_update) || !CU_add_test(pSuite, "reread object by id", test_policy_read2) || !CU_add_test(pSuite, "verify fields after update", test_policy_verify2) || !CU_add_test(pSuite, "compare objects", test_policy_cmp) || !CU_add_test(pSuite, "reread object by name", test_policy_read_by_name2) || !CU_add_test(pSuite, "verify fields after update (name)", test_policy_verify_name2) || !CU_add_test(pSuite, "delete object", test_policy_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_policy_list2) || !CU_add_test(pSuite, "end test", test_policy_end)) { return CU_get_error(); } return 0; } int test_policy_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of policy (SQLite)", test_policy_init_suite_sqlite, test_policy_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_policy_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of policy (MySQL)", test_policy_init_suite_mysql, test_policy_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_policy_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_key_state.c0000644000202300020240000003753413560310771017736 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../key_state.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static key_state_t* object = NULL; static key_state_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_key_state_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_key_state_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_key_state_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_key_state_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = key_state_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = key_state_list_new(connection))); } static void test_key_state_set(void) { db_value_t key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&key_data_id, 1)); } CU_ASSERT(!key_state_set_key_data_id(object, &key_data_id)); CU_ASSERT(!key_state_set_type(object, KEY_STATE_TYPE_DS)); CU_ASSERT(!key_state_set_type(object, KEY_STATE_TYPE_RRSIG)); CU_ASSERT(!key_state_set_type(object, KEY_STATE_TYPE_DNSKEY)); CU_ASSERT(!key_state_set_type(object, KEY_STATE_TYPE_RRSIGDNSKEY)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_HIDDEN)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_RUMOURED)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_OMNIPRESENT)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_UNRETENTIVE)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_NA)); CU_ASSERT(!key_state_set_last_change(object, 1)); CU_ASSERT(!key_state_set_minimize(object, 1)); CU_ASSERT(!key_state_set_ttl(object, 1)); db_value_reset(&key_data_id); } static void test_key_state_get(void) { int ret; db_value_t key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_state_key_data_id(object), &key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_state_type(object) == KEY_STATE_TYPE_RRSIGDNSKEY); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_type_text(object)); CU_ASSERT(!strcmp(key_state_type_text(object), "RRSIGDNSKEY")); CU_ASSERT(key_state_state(object) == KEY_STATE_STATE_NA); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_state_text(object)); CU_ASSERT(!strcmp(key_state_state_text(object), "NA")); CU_ASSERT(key_state_last_change(object) == 1); CU_ASSERT(key_state_minimize(object) == 1); CU_ASSERT(key_state_ttl(object) == 1); db_value_reset(&key_data_id); } static void test_key_state_create(void) { CU_ASSERT_FATAL(!key_state_create(object)); } static void test_key_state_clauses(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_state_key_data_id_clause(clause_list, key_state_key_data_id(object))); CU_ASSERT(!key_state_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_state_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; } static void test_key_state_verify(void) { int ret; db_value_t key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_state_key_data_id(object), &key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_state_type(object) == KEY_STATE_TYPE_RRSIGDNSKEY); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_type_text(object)); CU_ASSERT(!strcmp(key_state_type_text(object), "RRSIGDNSKEY")); CU_ASSERT(key_state_state(object) == KEY_STATE_STATE_NA); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_state_text(object)); CU_ASSERT(!strcmp(key_state_state_text(object), "NA")); CU_ASSERT(key_state_last_change(object) == 1); CU_ASSERT(key_state_minimize(object) == 1); CU_ASSERT(key_state_ttl(object) == 1); db_value_reset(&key_data_id); } static void test_key_state_change(void) { db_value_t key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&key_data_id, 1)); } CU_ASSERT(!key_state_set_key_data_id(object, &key_data_id)); CU_ASSERT(!key_state_set_type(object, KEY_STATE_TYPE_DS)); CU_ASSERT(!key_state_set_state(object, KEY_STATE_STATE_HIDDEN)); CU_ASSERT(!key_state_set_last_change(object, 2)); CU_ASSERT(!key_state_set_minimize(object, 2)); CU_ASSERT(!key_state_set_ttl(object, 2)); db_value_reset(&key_data_id); } static void test_key_state_update(void) { CU_ASSERT_FATAL(!key_state_update(object)); } static void test_key_state_read(void) { db_value_t id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&id, 1)); } CU_ASSERT_FATAL(!key_state_get_by_id(object, &id)); } static void test_key_state_read2(void) { db_value_t id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&id, 1)); } CU_ASSERT_FATAL(!key_state_get_by_id(object, &id)); } static void test_key_state_verify2(void) { int ret; db_value_t key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_state_key_data_id(object), &key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_state_type(object) == KEY_STATE_TYPE_DS); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_type_text(object)); CU_ASSERT(!strcmp(key_state_type_text(object), "DS")); CU_ASSERT(key_state_state(object) == KEY_STATE_STATE_HIDDEN); CU_ASSERT_PTR_NOT_NULL_FATAL(key_state_state_text(object)); CU_ASSERT(!strcmp(key_state_state_text(object), "hidden")); CU_ASSERT(key_state_last_change(object) == 2); CU_ASSERT(key_state_minimize(object) == 2); CU_ASSERT(key_state_ttl(object) == 2); db_value_reset(&key_data_id); } static void test_key_state_delete(void) { CU_ASSERT_FATAL(!key_state_delete(object)); } static void test_key_state_end(void) { if (object) { key_state_free(object); CU_PASS("key_state_free"); } if (object_list) { key_state_list_free(object_list); CU_PASS("key_state_list_free"); } } static int test_key_state_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_key_state_new) || !CU_add_test(pSuite, "set fields", test_key_state_set) || !CU_add_test(pSuite, "get fields", test_key_state_get) || !CU_add_test(pSuite, "create object", test_key_state_create) || !CU_add_test(pSuite, "object clauses", test_key_state_clauses) || !CU_add_test(pSuite, "read object by id", test_key_state_read) || !CU_add_test(pSuite, "verify fields", test_key_state_verify) || !CU_add_test(pSuite, "change object", test_key_state_change) || !CU_add_test(pSuite, "update object", test_key_state_update) || !CU_add_test(pSuite, "reread object by id", test_key_state_read2) || !CU_add_test(pSuite, "verify fields after update", test_key_state_verify2) || !CU_add_test(pSuite, "delete object", test_key_state_delete) || !CU_add_test(pSuite, "end test", test_key_state_end)) { return CU_get_error(); } return 0; } int test_key_state_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of key state (SQLite)", test_key_state_init_suite_sqlite, test_key_state_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_state_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of key state (MySQL)", test_key_state_init_suite_mysql, test_key_state_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_state_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_policy_key.c0000644000202300020240000004534213560310771020111 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../policy_key.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static policy_key_t* object = NULL; static policy_key_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_policy_key_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_policy_key_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_policy_key_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_policy_key_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = policy_key_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = policy_key_list_new(connection))); } static void test_policy_key_set(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!policy_key_set_policy_id(object, &policy_id)); CU_ASSERT(!policy_key_set_role(object, POLICY_KEY_ROLE_KSK)); CU_ASSERT(!policy_key_set_role(object, POLICY_KEY_ROLE_ZSK)); CU_ASSERT(!policy_key_set_role(object, POLICY_KEY_ROLE_CSK)); CU_ASSERT(!policy_key_set_algorithm(object, 1)); CU_ASSERT(!policy_key_set_bits(object, 1)); CU_ASSERT(!policy_key_set_lifetime(object, 1)); CU_ASSERT(!policy_key_set_repository(object, "repository 1")); CU_ASSERT(!policy_key_set_standby(object, 1)); CU_ASSERT(!policy_key_set_manual_rollover(object, 1)); CU_ASSERT(!policy_key_set_rfc5011(object, 1)); CU_ASSERT(!policy_key_set_minimize(object, 1)); db_value_reset(&policy_id); } static void test_policy_key_get(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(policy_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(policy_key_role(object) == POLICY_KEY_ROLE_CSK); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_role_text(object)); CU_ASSERT(!strcmp(policy_key_role_text(object), "CSK")); CU_ASSERT(policy_key_algorithm(object) == 1); CU_ASSERT(policy_key_bits(object) == 1); CU_ASSERT(policy_key_lifetime(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_repository(object)); CU_ASSERT(!strcmp(policy_key_repository(object), "repository 1")); CU_ASSERT(policy_key_standby(object) == 1); CU_ASSERT(policy_key_manual_rollover(object) == 1); CU_ASSERT(policy_key_rfc5011(object) == 1); CU_ASSERT(policy_key_minimize(object) == 1); db_value_reset(&policy_id); } static void test_policy_key_create(void) { CU_ASSERT_FATAL(!policy_key_create(object)); } static void test_policy_key_clauses(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!policy_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(policy_key_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; } static void test_policy_key_list_store(void) { CU_PASS("policy_key_free"); } static void test_policy_key_verify(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(policy_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(policy_key_role(object) == POLICY_KEY_ROLE_CSK); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_role_text(object)); CU_ASSERT(!strcmp(policy_key_role_text(object), "CSK")); CU_ASSERT(policy_key_algorithm(object) == 1); CU_ASSERT(policy_key_bits(object) == 1); CU_ASSERT(policy_key_lifetime(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_repository(object)); CU_ASSERT(!strcmp(policy_key_repository(object), "repository 1")); CU_ASSERT(policy_key_standby(object) == 1); CU_ASSERT(policy_key_manual_rollover(object) == 1); CU_ASSERT(policy_key_rfc5011(object) == 1); CU_ASSERT(policy_key_minimize(object) == 1); db_value_reset(&policy_id); } static void test_policy_key_change(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!policy_key_set_policy_id(object, &policy_id)); CU_ASSERT(!policy_key_set_role(object, POLICY_KEY_ROLE_KSK)); CU_ASSERT(!policy_key_set_algorithm(object, 2)); CU_ASSERT(!policy_key_set_bits(object, 2)); CU_ASSERT(!policy_key_set_lifetime(object, 2)); CU_ASSERT(!policy_key_set_repository(object, "repository 2")); CU_ASSERT(!policy_key_set_standby(object, 2)); CU_ASSERT(!policy_key_set_manual_rollover(object, 2)); CU_ASSERT(!policy_key_set_rfc5011(object, 2)); CU_ASSERT(!policy_key_set_minimize(object, 2)); db_value_reset(&policy_id); } static void test_policy_key_read2(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT_FATAL(!policy_key_get_by_id(object, &policy_id)); } static void test_policy_key_verify2(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(policy_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(policy_key_role(object) == POLICY_KEY_ROLE_KSK); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_role_text(object)); CU_ASSERT(!strcmp(policy_key_role_text(object), "KSK")); CU_ASSERT(policy_key_algorithm(object) == 2); CU_ASSERT(policy_key_bits(object) == 2); CU_ASSERT(policy_key_lifetime(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(policy_key_repository(object)); CU_ASSERT(!strcmp(policy_key_repository(object), "repository 2")); CU_ASSERT(policy_key_standby(object) == 2); CU_ASSERT(policy_key_manual_rollover(object) == 2); CU_ASSERT(policy_key_rfc5011(object) == 2); CU_ASSERT(policy_key_minimize(object) == 2); db_value_reset(&policy_id); } static void test_policy_key_cmp(void) { policy_key_t* local_object; CU_ASSERT_PTR_NOT_NULL_FATAL((local_object = policy_key_new(connection))); CU_ASSERT(policy_key_cmp(object, local_object)); } static void test_policy_key_delete(void) { CU_ASSERT_FATAL(!policy_key_delete(object)); } static void test_policy_key_list2(void) { CU_ASSERT_PTR_NULL(policy_key_list_next(object_list)); } static void test_policy_key_end(void) { if (object) { policy_key_free(object); CU_PASS("policy_key_free"); } if (object_list) { policy_key_list_free(object_list); CU_PASS("policy_key_list_free"); } } static int test_policy_key_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_policy_key_new) || !CU_add_test(pSuite, "set fields", test_policy_key_set) || !CU_add_test(pSuite, "get fields", test_policy_key_get) || !CU_add_test(pSuite, "create object", test_policy_key_create) || !CU_add_test(pSuite, "object clauses", test_policy_key_clauses) || !CU_add_test(pSuite, "list objects (store)", test_policy_key_list_store) || !CU_add_test(pSuite, "verify fields", test_policy_key_verify) || !CU_add_test(pSuite, "change object", test_policy_key_change) || !CU_add_test(pSuite, "verify fields after update", test_policy_key_verify2) || !CU_add_test(pSuite, "compare objects", test_policy_key_cmp) || !CU_add_test(pSuite, "reread object by id", test_policy_key_read2) || !CU_add_test(pSuite, "delete object", test_policy_key_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_policy_key_list2) || !CU_add_test(pSuite, "end test", test_policy_key_end)) { return CU_get_error(); } return 0; } int test_policy_key_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of policy key (SQLite)", test_policy_key_init_suite_sqlite, test_policy_key_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_policy_key_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of policy key (MySQL)", test_policy_key_init_suite_mysql, test_policy_key_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_policy_key_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_policy_key.h0000644000202300020240000000303713560310771020111 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_policy_key_h #define __test_policy_key_h int test_policy_key_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_key_data.c0000644000202300020240000007522713560310771017530 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../key_data.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static key_data_t* object = NULL; static key_data_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_key_data_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_key_data_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_key_data_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_key_data_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = key_data_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = key_data_list_new(connection))); } static void test_key_data_set(void) { db_value_t zone_id = DB_VALUE_EMPTY; db_value_t hsm_key_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&hsm_key_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&hsm_key_id, 1)); } CU_ASSERT(!key_data_set_zone_id(object, &zone_id)); CU_ASSERT(!key_data_set_hsm_key_id(object, &hsm_key_id)); CU_ASSERT(!key_data_set_algorithm(object, 1)); CU_ASSERT(!key_data_set_inception(object, 1)); CU_ASSERT(!key_data_set_role(object, KEY_DATA_ROLE_KSK)); CU_ASSERT(!key_data_set_role(object, KEY_DATA_ROLE_ZSK)); CU_ASSERT(!key_data_set_role(object, KEY_DATA_ROLE_CSK)); CU_ASSERT(!key_data_set_introducing(object, 1)); CU_ASSERT(!key_data_set_active_zsk(object, 1)); CU_ASSERT(!key_data_set_publish(object, 1)); CU_ASSERT(!key_data_set_active_ksk(object, 1)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_UNSUBMITTED)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_SUBMIT)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_SUBMITTED)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_SEEN)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_RETRACT)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_RETRACTED)); CU_ASSERT(!key_data_set_keytag(object, 1)); CU_ASSERT(!key_data_set_minimize(object, 1)); db_value_reset(&zone_id); db_value_reset(&hsm_key_id); } static void test_key_data_get(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t hsm_key_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&hsm_key_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&hsm_key_id, 1)); } CU_ASSERT(!db_value_cmp(key_data_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_data_hsm_key_id(object), &hsm_key_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_data_algorithm(object) == 1); CU_ASSERT(key_data_inception(object) == 1); CU_ASSERT(key_data_role(object) == KEY_DATA_ROLE_CSK); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_role_text(object)); CU_ASSERT(!strcmp(key_data_role_text(object), "CSK")); CU_ASSERT(key_data_introducing(object) == 1); CU_ASSERT(key_data_active_zsk(object) == 1); CU_ASSERT(key_data_publish(object) == 1); CU_ASSERT(key_data_active_ksk(object) == 1); CU_ASSERT(key_data_ds_at_parent(object) == KEY_DATA_DS_AT_PARENT_RETRACTED); CU_ASSERT(key_data_keytag(object) == 1); CU_ASSERT(key_data_minimize(object) == 1); db_value_reset(&zone_id); db_value_reset(&hsm_key_id); } static void test_key_data_create(void) { CU_ASSERT_FATAL(!key_data_create(object)); } static void test_key_data_clauses(void) { key_data_list_t* new_list; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_zone_id_clause(clause_list, key_data_zone_id(object))); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_hsm_key_id_clause(clause_list, key_data_hsm_key_id(object))); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_role_clause(clause_list, key_data_role(object))); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_ds_at_parent_clause(clause_list, key_data_ds_at_parent(object))); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_keytag_clause(clause_list, key_data_keytag(object))); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; } static void test_key_data_count(void) { size_t count; CU_ASSERT(!key_data_count(object, NULL, &count)); CU_ASSERT(count == 1); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_zone_id_clause(clause_list, key_data_zone_id(object))); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_hsm_key_id_clause(clause_list, key_data_hsm_key_id(object))); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_role_clause(clause_list, key_data_role(object))); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_ds_at_parent_clause(clause_list, key_data_ds_at_parent(object))); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(key_data_keytag_clause(clause_list, key_data_keytag(object))); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_data_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; } static void test_key_data_list(void) { const key_data_t* item; key_data_t* item2; key_data_list_t* new_list; CU_ASSERT_FATAL(!key_data_list_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = key_data_list_next(object_list))); CU_ASSERT_FATAL(!db_value_copy(&id, key_data_id(item))); CU_ASSERT_PTR_NOT_NULL_FATAL((item = key_data_list_begin(object_list))); CU_ASSERT_FATAL(!key_data_list_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item2 = key_data_list_get_next(object_list))); key_data_free(item2); CU_PASS("key_data_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((item2 = key_data_list_get_begin(object_list))); key_data_free(item2); CU_PASS("key_data_free"); CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new_get(connection))); CU_ASSERT_PTR_NOT_NULL(key_data_list_next(new_list)); key_data_list_free(new_list); } static void test_key_data_list_store(void) { key_data_t* item; key_data_list_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new(connection))); CU_ASSERT_FATAL(!key_data_list_object_store(new_list)); CU_ASSERT_FATAL(!key_data_list_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_list_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_list_begin(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = key_data_list_get_begin(new_list))); key_data_free(item); CU_PASS("key_data_free"); key_data_list_free(new_list); } static void test_key_data_list_associated(void) { key_data_t* item; key_data_list_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = key_data_list_new(connection))); CU_ASSERT_FATAL(!key_data_list_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_list_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_list_begin(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = key_data_list_get_begin(new_list))); key_data_free(item); CU_PASS("key_data_free"); key_data_list_free(new_list); } static void test_key_data_read(void) { CU_ASSERT_FATAL(!key_data_get_by_id(object, &id)); } static void test_key_data_verify(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t hsm_key_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&hsm_key_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&hsm_key_id, 1)); } CU_ASSERT(!db_value_cmp(key_data_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_data_hsm_key_id(object), &hsm_key_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_data_algorithm(object) == 1); CU_ASSERT(key_data_inception(object) == 1); CU_ASSERT(key_data_role(object) == KEY_DATA_ROLE_CSK); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_role_text(object)); CU_ASSERT(!strcmp(key_data_role_text(object), "CSK")); CU_ASSERT(key_data_introducing(object) == 1); CU_ASSERT(key_data_active_zsk(object) == 1); CU_ASSERT(key_data_publish(object) == 1); CU_ASSERT(key_data_active_ksk(object) == 1); CU_ASSERT(key_data_ds_at_parent(object) == KEY_DATA_DS_AT_PARENT_RETRACTED); CU_ASSERT(key_data_keytag(object) == 1); CU_ASSERT(key_data_minimize(object) == 1); db_value_reset(&zone_id); db_value_reset(&hsm_key_id); } static void test_key_data_change(void) { db_value_t zone_id = DB_VALUE_EMPTY; db_value_t hsm_key_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&hsm_key_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&hsm_key_id, 1)); } CU_ASSERT(!key_data_set_zone_id(object, &zone_id)); CU_ASSERT(!key_data_set_hsm_key_id(object, &hsm_key_id)); CU_ASSERT(!key_data_set_algorithm(object, 2)); CU_ASSERT(!key_data_set_inception(object, 2)); CU_ASSERT(!key_data_set_role(object, KEY_DATA_ROLE_KSK)); CU_ASSERT(!key_data_set_introducing(object, 2)); CU_ASSERT(!key_data_set_active_zsk(object, 2)); CU_ASSERT(!key_data_set_publish(object, 2)); CU_ASSERT(!key_data_set_active_ksk(object, 2)); CU_ASSERT(!key_data_set_ds_at_parent(object, KEY_DATA_DS_AT_PARENT_UNSUBMITTED)); CU_ASSERT(!key_data_set_keytag(object, 2)); CU_ASSERT(!key_data_set_minimize(object, 2)); db_value_reset(&zone_id); db_value_reset(&hsm_key_id); } static void test_key_data_update(void) { CU_ASSERT_FATAL(!key_data_update(object)); } static void test_key_data_read2(void) { CU_ASSERT_FATAL(!key_data_get_by_id(object, &id)); } static void test_key_data_verify2(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t hsm_key_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&hsm_key_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&hsm_key_id, 1)); } CU_ASSERT(!db_value_cmp(key_data_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_data_hsm_key_id(object), &hsm_key_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_data_algorithm(object) == 2); CU_ASSERT(key_data_inception(object) == 2); CU_ASSERT(key_data_role(object) == KEY_DATA_ROLE_KSK); CU_ASSERT_PTR_NOT_NULL_FATAL(key_data_role_text(object)); CU_ASSERT(!strcmp(key_data_role_text(object), "KSK")); CU_ASSERT(key_data_introducing(object) == 2); CU_ASSERT(key_data_active_zsk(object) == 2); CU_ASSERT(key_data_publish(object) == 2); CU_ASSERT(key_data_active_ksk(object) == 2); CU_ASSERT(key_data_ds_at_parent(object) == KEY_DATA_DS_AT_PARENT_UNSUBMITTED); CU_ASSERT(key_data_keytag(object) == 2); CU_ASSERT(key_data_minimize(object) == 2); db_value_reset(&zone_id); db_value_reset(&hsm_key_id); } static void test_key_data_cmp(void) { key_data_t* local_object; CU_ASSERT_PTR_NOT_NULL_FATAL((local_object = key_data_new(connection))); CU_ASSERT(key_data_cmp(object, local_object)); } static void test_key_data_delete(void) { CU_ASSERT_FATAL(!key_data_delete(object)); } static void test_key_data_list2(void) { CU_ASSERT_FATAL(!key_data_list_get(object_list)); CU_ASSERT_PTR_NULL(key_data_list_next(object_list)); } static void test_key_data_end(void) { if (object) { key_data_free(object); CU_PASS("key_data_free"); } if (object_list) { key_data_list_free(object_list); CU_PASS("key_data_list_free"); } } static int test_key_data_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_key_data_new) || !CU_add_test(pSuite, "set fields", test_key_data_set) || !CU_add_test(pSuite, "get fields", test_key_data_get) || !CU_add_test(pSuite, "create object", test_key_data_create) || !CU_add_test(pSuite, "object clauses", test_key_data_clauses) || !CU_add_test(pSuite, "object count", test_key_data_count) || !CU_add_test(pSuite, "list objects", test_key_data_list) || !CU_add_test(pSuite, "list objects (store)", test_key_data_list_store) || !CU_add_test(pSuite, "list objects (associated)", test_key_data_list_associated) || !CU_add_test(pSuite, "read object by id", test_key_data_read) || !CU_add_test(pSuite, "verify fields", test_key_data_verify) || !CU_add_test(pSuite, "change object", test_key_data_change) || !CU_add_test(pSuite, "update object", test_key_data_update) || !CU_add_test(pSuite, "reread object by id", test_key_data_read2) || !CU_add_test(pSuite, "verify fields after update", test_key_data_verify2) || !CU_add_test(pSuite, "compare objects", test_key_data_cmp) || !CU_add_test(pSuite, "delete object", test_key_data_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_key_data_list2) || !CU_add_test(pSuite, "end test", test_key_data_end)) { return CU_get_error(); } return 0; } int test_key_data_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of key data (SQLite)", test_key_data_init_suite_sqlite, test_key_data_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_data_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of key data (MySQL)", test_key_data_init_suite_mysql, test_key_data_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_data_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_classes.c0000644000202300020240000007025713560310771017402 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "../db_backend.h" #include "../db_clause.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../db_join.h" #include "../db_object.h" #include "../db_result.h" #include "../db_value.h" #include "CUnit/Basic.h" static int fake_pointer = 0; static db_backend_handle_t* backend_handle = NULL; static db_backend_t* backend = NULL; static db_clause_t* clause = NULL; static db_clause_t* clause2 = NULL; static db_clause_list_t* clause_list = NULL; static db_configuration_t* configuration = NULL; static db_configuration_t* configuration2 = NULL; static db_configuration_list_t* configuration_list = NULL; static db_connection_t* connection = NULL; static db_join_t* join = NULL; static db_join_t* join2 = NULL; static db_join_list_t* join_list = NULL; static db_object_field_t* object_field = NULL; static db_object_field_t* object_field2 = NULL; static db_object_field_list_t* object_field_list = NULL; static db_object_t* object = NULL; static db_value_set_t* value_set = NULL; static db_value_set_t* value_set2 = NULL; static db_result_t* result = NULL; static db_result_t* result2 = NULL; static db_result_list_t* result_list = NULL; static db_value_t* value = NULL; static db_value_t* value2 = NULL; static const db_enum_t enum_set[] = { { "enum1", 1 }, { "enum2", 2 }, { "enum3", 3 }, { NULL, 0 } }; int init_suite_classes(void) { if (backend_handle) { return 1; } if (backend) { return 1; } if (clause) { return 1; } if (clause2) { return 1; } if (clause_list) { return 1; } if (configuration) { return 1; } if (configuration2) { return 1; } if (configuration_list) { return 1; } if (connection) { return 1; } if (join) { return 1; } if (join2) { return 1; } if (join_list) { return 1; } if (object_field) { return 1; } if (object_field2) { return 1; } if (object_field_list) { return 1; } if (object) { return 1; } if (value_set) { return 1; } if (value_set2) { return 1; } if (result) { return 1; } if (result2) { return 1; } if (result_list) { return 1; } if (value) { return 1; } if (value2) { return 1; } return 0; } int clean_suite_classes(void) { db_backend_handle_free(backend_handle); backend_handle = NULL; db_backend_free(backend); backend = NULL; db_clause_free(clause); clause = NULL; db_clause_free(clause2); clause2 = NULL; db_clause_list_free(clause_list); clause_list = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_free(configuration2); configuration2 = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_connection_free(connection); connection = NULL; db_object_field_free(object_field); object_field = NULL; db_object_field_free(object_field2); object_field2 = NULL; db_object_field_list_free(object_field_list); object_field_list = NULL; db_object_free(object); object = NULL; db_value_set_free(value_set); value_set = NULL; db_value_set_free(value_set2); value_set2 = NULL; db_result_free(result); result = NULL; db_result_free(result2); result2 = NULL; db_result_list_free(result_list); result_list = NULL; db_value_free(value); value = NULL; db_value_free(value2); value2 = NULL; return 0; } int __db_backend_handle_initialize(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } int __db_backend_handle_shutdown(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } int __db_backend_handle_connect(void* data, const db_configuration_list_t* configuration_list) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)configuration_list == &fake_pointer); return 0; } int __db_backend_handle_disconnect(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } int __db_backend_handle_create(void* data, const db_object_t* _object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)_object == &fake_pointer || (object != NULL && _object == object)); CU_ASSERT((void*)object_field_list == &fake_pointer); CU_ASSERT((void*)value_set == &fake_pointer); return 0; } db_result_list_t* __db_backend_handle_read(void* data, const db_object_t* _object, const db_join_list_t* join_list, const db_clause_list_t* clause_list) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)_object == &fake_pointer || (object != NULL && _object == object)); CU_ASSERT((void*)join_list == &fake_pointer); CU_ASSERT((void*)clause_list == &fake_pointer); return (db_result_list_t*)&fake_pointer; } int __db_backend_handle_update(void* data, const db_object_t* _object, const db_object_field_list_t* object_field_list, const db_value_set_t* value_set, const db_clause_list_t* clause_list) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)_object == &fake_pointer || (object != NULL && _object == object)); CU_ASSERT((void*)object_field_list == &fake_pointer); CU_ASSERT((void*)value_set == &fake_pointer); CU_ASSERT((void*)clause_list == &fake_pointer); return 0; } int __db_backend_handle_delete(void* data, const db_object_t* _object, const db_clause_list_t* clause_list) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)_object == &fake_pointer || (object != NULL && _object == object)); CU_ASSERT((void*)clause_list == &fake_pointer); return 0; } int __db_backend_handle_count(void* data, const db_object_t* _object, const db_join_list_t* join_list, const db_clause_list_t* clause_list, size_t* count) { CU_ASSERT(data == &fake_pointer); CU_ASSERT((void*)_object == &fake_pointer || (object != NULL && _object == object)); CU_ASSERT((void*)join_list == &fake_pointer); CU_ASSERT((void*)clause_list == &fake_pointer); CU_ASSERT((void*)count == &fake_pointer); return 0; } void __db_backend_handle_free(void* data) { CU_ASSERT(data == &fake_pointer); } int __db_backend_handle_transaction_begin(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } int __db_backend_handle_transaction_commit(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } int __db_backend_handle_transaction_rollback(void* data) { CU_ASSERT(data == &fake_pointer); return 0; } void test_class_db_backend_handle(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((backend_handle = db_backend_handle_new())); CU_ASSERT(!db_backend_handle_set_initialize(backend_handle, __db_backend_handle_initialize)); CU_ASSERT(!db_backend_handle_set_shutdown(backend_handle, __db_backend_handle_shutdown)); CU_ASSERT(!db_backend_handle_set_connect(backend_handle, __db_backend_handle_connect)); CU_ASSERT(!db_backend_handle_set_disconnect(backend_handle, __db_backend_handle_disconnect)); CU_ASSERT(!db_backend_handle_set_create(backend_handle, __db_backend_handle_create)); CU_ASSERT(!db_backend_handle_set_read(backend_handle, __db_backend_handle_read)); CU_ASSERT(!db_backend_handle_set_update(backend_handle, __db_backend_handle_update)); CU_ASSERT(!db_backend_handle_set_delete(backend_handle, __db_backend_handle_delete)); CU_ASSERT(!db_backend_handle_set_count(backend_handle, __db_backend_handle_count)); CU_ASSERT(!db_backend_handle_set_free(backend_handle, __db_backend_handle_free)); CU_ASSERT(!db_backend_handle_set_transaction_begin(backend_handle, __db_backend_handle_transaction_begin)); CU_ASSERT(!db_backend_handle_set_transaction_commit(backend_handle, __db_backend_handle_transaction_commit)); CU_ASSERT(!db_backend_handle_set_transaction_rollback(backend_handle, __db_backend_handle_transaction_rollback)); CU_ASSERT(!db_backend_handle_set_data(backend_handle, &fake_pointer)); CU_ASSERT(!db_backend_handle_connect(backend_handle, (db_configuration_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_handle_create(backend_handle, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer)); CU_ASSERT(db_backend_handle_read(backend_handle, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer) == (db_result_list_t*)&fake_pointer); CU_ASSERT(!db_backend_handle_update(backend_handle, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_handle_delete(backend_handle, (db_object_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_handle_count(backend_handle, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer, (size_t*)&fake_pointer)); } void test_class_db_backend(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((backend = db_backend_new())); CU_ASSERT(!db_backend_set_name(backend, "test")); CU_ASSERT_FATAL(!db_backend_set_handle(backend, backend_handle)); backend_handle = NULL; CU_ASSERT(!db_backend_initialize(backend)); CU_ASSERT(!db_backend_connect(backend, (db_configuration_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_create(backend, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer)); CU_ASSERT(db_backend_read(backend, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer) == (db_result_list_t*)&fake_pointer); CU_ASSERT(!db_backend_update(backend, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_delete(backend, (db_object_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_backend_count(backend, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer, (size_t*)&fake_pointer)); } void test_class_db_clause(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT(!db_clause_set_field(clause, "field")); CU_ASSERT(!db_clause_set_type(clause, DB_CLAUSE_NOT_EQUAL)); CU_ASSERT(!db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_clause_get_value(clause)); CU_ASSERT(!db_value_from_int32(db_clause_get_value(clause), 1)); CU_ASSERT(!db_clause_not_empty(clause)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_clause_field(clause)); CU_ASSERT(!strcmp(db_clause_field(clause), "field")); CU_ASSERT(db_clause_type(clause) == DB_CLAUSE_NOT_EQUAL); CU_ASSERT(db_clause_operator(clause) == DB_CLAUSE_OPERATOR_OR); CU_ASSERT_PTR_NOT_NULL(db_clause_value(clause)); CU_ASSERT_PTR_NULL(db_clause_next(clause)); } void test_class_db_clause_list(void) { db_clause_t* local_clause = clause; const db_clause_t* clause_walk; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT((clause_walk = db_clause_list_begin(clause_list)) == local_clause); db_clause_list_free(clause_list); clause_list = NULL; CU_PASS("db_clause_list_free"); CU_PASS("db_clause_free"); } void test_class_db_configuration(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((configuration = db_configuration_new())); CU_ASSERT(!db_configuration_set_name(configuration, "name1")); CU_ASSERT(!db_configuration_set_value(configuration, "value1")); CU_ASSERT(!db_configuration_not_empty(configuration)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_configuration_value(configuration)); CU_ASSERT(!strcmp(db_configuration_value(configuration), "value1")); CU_ASSERT_PTR_NOT_NULL_FATAL((configuration2 = db_configuration_new())); CU_ASSERT(!db_configuration_set_name(configuration2, "name2")); CU_ASSERT(!db_configuration_set_value(configuration2, "value2")); CU_ASSERT(!db_configuration_not_empty(configuration2)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_configuration_value(configuration2)); CU_ASSERT(!strcmp(db_configuration_value(configuration2), "value2")); } void test_class_db_configuration_list(void) { db_configuration_t* local_configuration = configuration; db_configuration_t* local_configuration2 = configuration2; CU_ASSERT_PTR_NOT_NULL_FATAL((configuration_list = db_configuration_list_new())); CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration)); configuration = NULL; CU_ASSERT_FATAL(!db_configuration_list_add(configuration_list, configuration2)); configuration2 = NULL; CU_ASSERT(db_configuration_list_find(configuration_list, "name1") == local_configuration); CU_ASSERT(db_configuration_list_find(configuration_list, "name2") == local_configuration2); db_configuration_list_free(configuration_list); configuration_list = NULL; CU_PASS("db_configuration_list_free"); CU_PASS("db_configuration_free"); } void test_class_db_connection(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((connection = db_connection_new())); CU_ASSERT_FATAL(!db_connection_set_configuration_list(connection, (db_configuration_list_t*)&fake_pointer)); connection->backend = backend; backend = NULL; CU_ASSERT_FATAL(!db_connection_setup(connection)); CU_ASSERT(!db_connection_connect(connection)); CU_ASSERT(!db_connection_create(connection, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer)); CU_ASSERT(db_connection_read(connection, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer) == (db_result_list_t*)&fake_pointer); CU_ASSERT(!db_connection_update(connection, (db_object_t*)&fake_pointer, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_connection_delete(connection, (db_object_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_connection_count(connection, (db_object_t*)&fake_pointer, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer, (size_t*)&fake_pointer)); } void test_class_db_object_field(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT(!db_object_field_set_name(object_field, "field1")); CU_ASSERT(!db_object_field_set_type(object_field, DB_TYPE_INT32)); CU_ASSERT(!db_object_field_not_empty(object_field)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_object_field_name(object_field)); CU_ASSERT(!strcmp(db_object_field_name(object_field), "field1")); CU_ASSERT(db_object_field_type(object_field) == DB_TYPE_INT32); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field2 = db_object_field_new())); CU_ASSERT(!db_object_field_set_name(object_field2, "field2")); CU_ASSERT(!db_object_field_set_type(object_field2, DB_TYPE_ENUM)); CU_ASSERT(!db_object_field_set_enum_set(object_field2, (db_enum_t*)&fake_pointer)); CU_ASSERT(!db_object_field_not_empty(object_field2)); CU_ASSERT_PTR_NOT_NULL_FATAL(db_object_field_name(object_field2)); CU_ASSERT(!strcmp(db_object_field_name(object_field2), "field2")); CU_ASSERT(db_object_field_type(object_field2) == DB_TYPE_ENUM); } void test_class_db_object_field_list(void) { db_object_field_t* local_object_field = object_field; db_object_field_t* local_object_field2 = object_field2; const db_object_field_t* object_field_walk; CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); object_field = NULL; CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field2)); object_field2 = NULL; CU_ASSERT((object_field_walk = db_object_field_list_begin(object_field_list)) == local_object_field); CU_ASSERT(db_object_field_next(object_field_walk) == local_object_field2); } void test_class_db_object(void) { db_object_field_list_t* local_object_field_list = object_field_list; CU_ASSERT_PTR_NOT_NULL_FATAL((object = db_object_new())); CU_ASSERT(!db_object_set_connection(object, connection)); CU_ASSERT(!db_object_set_table(object, "table")); CU_ASSERT(!db_object_set_primary_key_name(object, "primary_key")); CU_ASSERT(!db_object_set_object_field_list(object, object_field_list)); object_field_list = NULL; CU_ASSERT(db_object_connection(object) == connection); CU_ASSERT_PTR_NOT_NULL_FATAL(db_object_table(object)); CU_ASSERT(!strcmp(db_object_table(object), "table")); CU_ASSERT(db_object_object_field_list(object) == local_object_field_list); CU_ASSERT(!db_object_create(object, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer)); CU_ASSERT(db_object_read(object, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer) == (db_result_list_t*)&fake_pointer); CU_ASSERT(!db_object_update(object, (db_object_field_list_t*)&fake_pointer, (db_value_set_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_object_delete(object, (db_clause_list_t*)&fake_pointer)); CU_ASSERT(!db_object_count(object, (db_join_list_t*)&fake_pointer, (db_clause_list_t*)&fake_pointer, (size_t*)&fake_pointer)); db_object_free(object); object = NULL; CU_PASS("db_object_free"); } void test_class_db_value_set(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(2))); CU_ASSERT(db_value_set_size(value_set) == 2); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set, 1)); CU_ASSERT_PTR_NULL(db_value_set_at(value_set, 2)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set, 1)); CU_ASSERT_PTR_NULL(db_value_set_get(value_set, 2)); CU_ASSERT_PTR_NOT_NULL_FATAL((value_set2 = db_value_set_new(6))); CU_ASSERT(db_value_set_size(value_set2) == 6); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 1)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 2)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 3)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 4)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set2, 5)); CU_ASSERT_PTR_NULL(db_value_set_at(value_set2, 6)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 1)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 2)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 3)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 4)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set2, 5)); CU_ASSERT_PTR_NULL(db_value_set_get(value_set2, 6)); } void test_class_db_result(void) { db_value_set_t* local_value_set = value_set; db_value_set_t* local_value_set2 = value_set2; CU_ASSERT_PTR_NOT_NULL_FATAL((result = db_result_new())); CU_ASSERT(!db_result_set_value_set(result, value_set)); value_set = NULL; CU_ASSERT(db_result_value_set(result) == local_value_set); CU_ASSERT_PTR_NOT_NULL_FATAL((result2 = db_result_new())); CU_ASSERT(!db_result_set_value_set(result2, value_set2)); value_set2 = NULL; CU_ASSERT(db_result_value_set(result2) == local_value_set2); CU_ASSERT(!db_result_not_empty(result2)); } static int __db_result_list_next_count = 0; db_result_t* __db_result_list_next(void* data, int finish) { db_value_set_t* value_set; db_result_t* result; CU_ASSERT_FATAL(data == &fake_pointer); if (finish) { return NULL; } if (__db_result_list_next_count > 2) { return NULL; } CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(2))); CU_ASSERT(db_value_set_size(value_set) == 2); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_at(value_set, 1)); CU_ASSERT_PTR_NULL(db_value_set_at(value_set, 2)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set, 0)); CU_ASSERT_PTR_NOT_NULL(db_value_set_get(value_set, 1)); CU_ASSERT_PTR_NULL(db_value_set_get(value_set, 2)); CU_ASSERT_PTR_NOT_NULL_FATAL((result = db_result_new())); CU_ASSERT(!db_result_set_value_set(result, value_set)); CU_ASSERT(!db_result_not_empty(result)); __db_result_list_next_count++; return result; } void test_class_db_result_list(void) { db_result_t* local_result = result; db_result_t* local_result2 = result2; CU_ASSERT_PTR_NOT_NULL_FATAL((result_list = db_result_list_new())); CU_ASSERT_FATAL(!db_result_list_add(result_list, result)); result = NULL; CU_ASSERT_FATAL(!db_result_list_add(result_list, result2)); result2 = NULL; CU_ASSERT(db_result_list_size(result_list) == 2); CU_ASSERT(db_result_list_begin(result_list) == local_result); CU_ASSERT(db_result_list_next(result_list) == local_result2); db_result_list_free(result_list); result_list = NULL; CU_PASS("db_result_list_free"); CU_PASS("db_result_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((result_list = db_result_list_new())); CU_ASSERT_FATAL(!db_result_list_set_next(result_list, __db_result_list_next, &fake_pointer, 2)); CU_ASSERT(db_result_list_size(result_list) == 2); CU_ASSERT_PTR_NOT_NULL(db_result_list_begin(result_list)); CU_ASSERT_PTR_NOT_NULL(db_result_list_next(result_list)); db_result_list_free(result_list); result_list = NULL; CU_PASS("db_result_list_free"); CU_PASS("db_result_free"); } void test_class_db_value(void) { char* text = NULL; int ret; db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; CU_ASSERT_PTR_NOT_NULL_FATAL((value2 = db_value_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((value = db_value_new())); CU_ASSERT(!db_value_from_text(value, "test")); CU_ASSERT(db_value_type(value) == DB_TYPE_TEXT); CU_ASSERT_PTR_NOT_NULL_FATAL(db_value_text(value)); CU_ASSERT(!strcmp(db_value_text(value), "test")); CU_ASSERT(!db_value_to_text(value, &text)); CU_ASSERT_PTR_NOT_NULL(text); free(text); text = NULL; CU_ASSERT(!db_value_not_empty(value)); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_TEXT); CU_ASSERT_PTR_NOT_NULL_FATAL(db_value_text(value2)); CU_ASSERT(!strcmp(db_value_text(value2), "test")); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_from_int32(value, -12345)); CU_ASSERT(db_value_type(value) == DB_TYPE_INT32); CU_ASSERT(!db_value_to_int32(value, &int32)); CU_ASSERT(int32 == -12345); CU_ASSERT(!db_value_not_empty(value)); db_value_reset(value2); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_INT32); CU_ASSERT(!db_value_to_int32(value2, &int32)); CU_ASSERT(int32 == -12345); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_from_uint32(value, 12345)); CU_ASSERT(db_value_type(value) == DB_TYPE_UINT32); CU_ASSERT(!db_value_to_uint32(value, &uint32)); CU_ASSERT(uint32 == 12345); CU_ASSERT(!db_value_not_empty(value)); db_value_reset(value2); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_UINT32); CU_ASSERT(!db_value_to_uint32(value2, &uint32)); CU_ASSERT(uint32 == 12345); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_from_int64(value, -9223372036854775800)); CU_ASSERT(db_value_type(value) == DB_TYPE_INT64); CU_ASSERT(!db_value_to_int64(value, &int64)); CU_ASSERT(int64 == -9223372036854775800); CU_ASSERT(!db_value_not_empty(value)); db_value_reset(value2); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_INT64); CU_ASSERT(!db_value_to_int64(value2, &int64)); CU_ASSERT(int64 == -9223372036854775800); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_from_uint64(value, 17446744073709551615UL)); CU_ASSERT(db_value_type(value) == DB_TYPE_UINT64); CU_ASSERT(!db_value_to_uint64(value, &uint64)); CU_ASSERT(uint64 == 17446744073709551615UL); CU_ASSERT(!db_value_not_empty(value)); db_value_reset(value2); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_UINT64); CU_ASSERT(!db_value_to_uint64(value2, &uint64)); CU_ASSERT(uint64 == 17446744073709551615UL); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_from_enum_value(value, 2, enum_set)); CU_ASSERT(db_value_type(value) == DB_TYPE_ENUM); CU_ASSERT(!db_value_enum_value(value, &ret)); CU_ASSERT(ret == 2); CU_ASSERT(!db_value_to_enum_value(value, &ret, enum_set)); CU_ASSERT(ret == 2); CU_ASSERT(!db_value_not_empty(value)); db_value_reset(value2); CU_PASS("db_value_reset"); CU_ASSERT(!db_value_copy(value2, value)); CU_ASSERT(db_value_type(value2) == DB_TYPE_ENUM); CU_ASSERT(!db_value_enum_value(value2, &ret)); CU_ASSERT(ret == 2); CU_ASSERT(!db_value_to_enum_value(value2, &ret, enum_set)); CU_ASSERT(ret == 2); CU_ASSERT(!db_value_cmp(value, value2, &ret)); CU_ASSERT(!ret); CU_ASSERT(db_value_set_primary_key(value)); db_value_reset(value); CU_PASS("db_value_reset"); db_value_free(value); value = NULL; CU_PASS("db_value_free"); db_value_free(value2); value2 = NULL; CU_PASS("db_value_free"); } void test_class_end(void) { db_result_free(result); result = NULL; db_result_free(result2); result2 = NULL; CU_PASS("db_result_free"); db_value_set_free(value_set); value_set = NULL; db_value_set_free(value_set2); value_set2 = NULL; CU_PASS("db_value_set_free"); db_object_field_list_free(object_field_list); object_field_list = NULL; CU_PASS("db_object_field_list_free"); CU_PASS("db_object_field_free"); db_connection_free(connection); connection = NULL; CU_PASS("db_connection_free"); db_backend_free(backend); backend = NULL; CU_PASS("db_backend_handle_free"); CU_PASS("db_backend_free"); } opendnssec-2.1.5/enforcer/src/db/test/test_policy.h0000644000202300020240000000302313560310771017234 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_policy_h #define __test_policy_h int test_policy_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_key_state.h0000644000202300020240000000303413560310771017727 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_key_state_h #define __test_key_state_h int test_key_state_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_database_operations.c0000644000202300020240000012422213560310771021744 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../db_object.h" #include "CUnit/Basic.h" #include typedef struct { db_object_t* dbo; db_value_t* id; char* name; } test_t; typedef struct { db_object_t* dbo; db_result_list_t* result_list; test_t* test; } test_list_t; static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static test_t* test = NULL; static test_list_t* test_list = NULL; static db_value_t object2_id, object3_id; db_object_t* __test_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; CU_ASSERT_PTR_NOT_NULL_FATAL((object = db_object_new())); CU_ASSERT_FATAL(!db_object_set_connection(object, connection)); CU_ASSERT_FATAL(!db_object_set_table(object, "test")); CU_ASSERT_FATAL(!db_object_set_primary_key_name(object, "id")); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "id")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); CU_ASSERT_FATAL(!db_object_set_object_field_list(object, object_field_list)); return object; } test_t* test_new(const db_connection_t* connection) { test_t* test = (test_t*)calloc(1, sizeof(test_t)); if (test) { CU_ASSERT_PTR_NOT_NULL_FATAL((test->dbo = __test_new_object(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((test->id = db_value_new())); } return test; } void test_free(test_t* test) { if (test) { if (test->dbo) { db_object_free(test->dbo); } if (test->id) { db_value_free(test->id); } if (test->name) { free(test->name); } free(test); } } const db_value_t* test_id(const test_t* test) { CU_ASSERT_PTR_NOT_NULL_FATAL(test); return test->id; } const char* test_name(const test_t* test) { CU_ASSERT_PTR_NOT_NULL_FATAL(test); return test->name; } int test_set_name(test_t* test, const char *name) { CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(name); if (test->name) { free(test->name); } test->name = strdup(name); CU_ASSERT_PTR_NOT_NULL_FATAL(test->name); return 0; } int test_from_result(test_t* test, const db_result_t* result) { const db_value_set_t* value_set; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(result); db_value_reset(test->id); if (test->name) { free(test->name); } test->name = NULL; value_set = db_result_value_set(result); CU_ASSERT_PTR_NOT_NULL_FATAL(value_set); CU_ASSERT_FATAL(db_value_set_size(value_set) == 2); CU_ASSERT_FATAL(!db_value_copy(test->id, db_value_set_at(value_set, 0))); CU_ASSERT_FATAL(!db_value_to_text(db_value_set_at(value_set, 1), &(test->name))); return 0; } int test_get_by_name(test_t* test, const char* name) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; int ret; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(name); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "name")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_from_text(db_clause_get_value(clause), name)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; ret = 1; result_list = db_object_read(test->dbo, NULL, clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { test_from_result(test, result); ret = 0; } CU_ASSERT_PTR_NULL((result = db_result_list_next(result_list))); if (result) { db_result_list_free(result_list); db_clause_list_free(clause_list); return 1; } } db_result_list_free(result_list); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } int test_get_by_id(test_t* test, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; int ret; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(id); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; ret = 1; result_list = db_object_read(test->dbo, NULL, clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { test_from_result(test, result); ret = 0; } CU_ASSERT_PTR_NULL((result = db_result_list_next(result_list))); if (result) { db_result_list_free(result_list); db_clause_list_free(clause_list); return 1; } } db_result_list_free(result_list); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } int test_create(test_t* test) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_value_t* value; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_FATAL(db_value_not_empty(test->id)); CU_ASSERT_PTR_NOT_NULL_FATAL(test->name); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); object_field = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(1))); CU_ASSERT_PTR_NOT_NULL_FATAL((value = db_value_set_get(value_set, 0))); CU_ASSERT_FATAL(!db_value_from_text(value, test->name)); if (db_object_create(test->dbo, object_field_list, value_set)) { ret = 1; } db_value_set_free(value_set); db_object_field_free(object_field); db_object_field_list_free(object_field_list); CU_ASSERT(!ret); return ret; } int test_update(test_t* test) { db_clause_list_t* clause_list; db_clause_t* clause; db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_value_t* value; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_FATAL(!db_value_not_empty(test->id)); CU_ASSERT_PTR_NOT_NULL_FATAL(test->name); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test->id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); object_field = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(1))); CU_ASSERT_PTR_NOT_NULL_FATAL((value = db_value_set_get(value_set, 0))); CU_ASSERT_FATAL(!db_value_from_text(value, test->name)); if (db_object_update(test->dbo, object_field_list, value_set, clause_list)) { ret = 1; } db_clause_list_free(clause_list); db_clause_free(clause); db_value_set_free(value_set); db_object_field_free(object_field); db_object_field_list_free(object_field_list); CU_ASSERT(!ret); return ret; } int test_delete(test_t* test) { db_clause_list_t* clause_list; db_clause_t* clause; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_FATAL(!db_value_not_empty(test->id)); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test->id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; if (db_object_delete(test->dbo, clause_list)) { ret = 1; } db_clause_list_free(clause_list); db_clause_free(clause); CU_ASSERT(!ret); return ret; } size_t test_count_by_name(test_t* test, const char* name) { db_clause_list_t* clause_list; db_clause_t* clause; size_t ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(name); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "name")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_from_text(db_clause_get_value(clause), name)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT(!db_object_count(test->dbo, NULL, clause_list, &ret)); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } size_t test_count_by_id(test_t* test, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test); CU_ASSERT_PTR_NOT_NULL_FATAL(id); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT(!db_object_count(test->dbo, NULL, clause_list, &ret)); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } test_list_t* test_list_new(const db_connection_t* connection) { test_list_t* test_list = (test_list_t*)calloc(1, sizeof(test_list_t)); if (test_list) { CU_ASSERT_PTR_NOT_NULL_FATAL((test_list->dbo = __test_new_object(connection))); } return test_list; } void test_list_free(test_list_t* test_list) { if (test_list) { if (test_list->dbo) { db_object_free(test_list->dbo); } if (test_list->result_list) { db_result_list_free(test_list->result_list); } if (test_list->test) { test_free(test_list->test); } free(test_list); } } int test_list_get(test_list_t* test_list) { CU_ASSERT_PTR_NOT_NULL_FATAL(test_list); CU_ASSERT_PTR_NOT_NULL_FATAL(test_list->dbo); if (test_list->result_list) { db_result_list_free(test_list->result_list); } CU_ASSERT_PTR_NOT_NULL((test_list->result_list = db_object_read(test_list->dbo, NULL, NULL))); if (!test_list->result_list) { return 1; } return 0; } const test_t* test_list_begin(test_list_t* test_list) { const db_result_t* result; CU_ASSERT_PTR_NOT_NULL_FATAL(test_list); CU_ASSERT_PTR_NOT_NULL_FATAL(test_list->result_list); result = db_result_list_next(test_list->result_list); if (!result) { return NULL; } if (!test_list->test) { CU_ASSERT_PTR_NOT_NULL_FATAL((test_list->test = test_new(db_object_connection(test_list->dbo)))); } if (test_from_result(test_list->test, result)) { return NULL; } return test_list->test; } const test_t* test_list_next(test_list_t* test_list) { const db_result_t* result; CU_ASSERT_PTR_NOT_NULL_FATAL(test_list); result = db_result_list_next(test_list->result_list); if (!result) { return NULL; } if (!test_list->test) { CU_ASSERT_PTR_NOT_NULL_FATAL((test_list->test = test_new(db_object_connection(test_list->dbo)))); } if (test_from_result(test_list->test, result)) { return NULL; } return test_list->test; } typedef struct { db_object_t* dbo; db_value_t* id; db_value_t* rev; char* name; } test2_t; static test2_t* test2 = NULL; static test2_t* test2_2 = NULL; db_object_t* __test2_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; CU_ASSERT_PTR_NOT_NULL_FATAL((object = db_object_new())); CU_ASSERT_FATAL(!db_object_set_connection(object, connection)); CU_ASSERT_FATAL(!db_object_set_table(object, "test2")); CU_ASSERT_FATAL(!db_object_set_primary_key_name(object, "id")); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "id")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "rev")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_REVISION)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); CU_ASSERT_FATAL(!db_object_set_object_field_list(object, object_field_list)); return object; } test2_t* test2_new(const db_connection_t* connection) { test2_t* test2 = (test2_t*)calloc(1, sizeof(test2_t)); if (test2) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2->dbo = __test2_new_object(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((test2->id = db_value_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((test2->rev = db_value_new())); } return test2; } void test2_free(test2_t* test2) { if (test2) { if (test2->dbo) { db_object_free(test2->dbo); } if (test2->id) { db_value_free(test2->id); } if (test2->rev) { db_value_free(test2->rev); } if (test2->name) { free(test2->name); } free(test2); } } const db_value_t* test2_id(const test2_t* test2) { CU_ASSERT_PTR_NOT_NULL_FATAL(test2); return test2->id; } const char* test2_name(const test2_t* test2) { CU_ASSERT_PTR_NOT_NULL_FATAL(test2); return test2->name; } int test2_set_name(test2_t* test2, const char *name) { CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_PTR_NOT_NULL_FATAL(name); if (test2->name) { free(test2->name); } test2->name = strdup(name); CU_ASSERT_PTR_NOT_NULL_FATAL(test2->name); return 0; } int test2_from_result(test2_t* test2, const db_result_t* result) { const db_value_set_t* value_set; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_PTR_NOT_NULL_FATAL(result); db_value_reset(test2->id); db_value_reset(test2->rev); if (test2->name) { free(test2->name); } test2->name = NULL; value_set = db_result_value_set(result); CU_ASSERT_PTR_NOT_NULL_FATAL(value_set); CU_ASSERT_FATAL(db_value_set_size(value_set) == 3); CU_ASSERT_FATAL(!db_value_copy(test2->id, db_value_set_at(value_set, 0))); CU_ASSERT_FATAL(!db_value_copy(test2->rev, db_value_set_at(value_set, 1))); CU_ASSERT_FATAL(!db_value_to_text(db_value_set_at(value_set, 2), &(test2->name))); return 0; } int test2_get_by_name(test2_t* test2, const char* name) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; int ret; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_PTR_NOT_NULL_FATAL(name); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "name")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_from_text(db_clause_get_value(clause), name)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; ret = 1; result_list = db_object_read(test2->dbo, NULL, clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { test2_from_result(test2, result); ret = 0; } CU_ASSERT_PTR_NULL((result = db_result_list_next(result_list))); if (result) { db_result_list_free(result_list); db_clause_list_free(clause_list); return 1; } } db_result_list_free(result_list); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } int test2_get_by_id(test2_t* test2, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; int ret; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_PTR_NOT_NULL_FATAL(id); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; ret = 1; result_list = db_object_read(test2->dbo, NULL, clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { test2_from_result(test2, result); ret = 0; } CU_ASSERT_PTR_NULL((result = db_result_list_next(result_list))); if (result) { db_result_list_free(result_list); db_clause_list_free(clause_list); return 1; } } db_result_list_free(result_list); db_clause_list_free(clause_list); db_clause_free(clause); return ret; } int test2_create(test2_t* test2) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_value_t* value; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_FATAL(db_value_not_empty(test2->id)); CU_ASSERT_FATAL(db_value_not_empty(test2->rev)); CU_ASSERT_PTR_NOT_NULL_FATAL(test2->name); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); object_field = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(1))); CU_ASSERT_PTR_NOT_NULL_FATAL((value = db_value_set_get(value_set, 0))); CU_ASSERT_FATAL(!db_value_from_text(value, test2->name)); if (db_object_create(test2->dbo, object_field_list, value_set)) { ret = 1; } db_value_set_free(value_set); db_object_field_free(object_field); db_object_field_list_free(object_field_list); CU_ASSERT(!ret); return ret; } int test2_update(test2_t* test2) { db_clause_list_t* clause_list; db_clause_t* clause; db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_value_t* value; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_FATAL(!db_value_not_empty(test2->id)); CU_ASSERT_FATAL(!db_value_not_empty(test2->rev)); CU_ASSERT_PTR_NOT_NULL_FATAL(test2->name); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test2->id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "rev")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test2->rev)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((object_field_list = db_object_field_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((object_field = db_object_field_new())); CU_ASSERT_FATAL(!db_object_field_set_name(object_field, "name")); CU_ASSERT_FATAL(!db_object_field_set_type(object_field, DB_TYPE_TEXT)); CU_ASSERT_FATAL(!db_object_field_list_add(object_field_list, object_field)); object_field = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((value_set = db_value_set_new(1))); CU_ASSERT_PTR_NOT_NULL_FATAL((value = db_value_set_get(value_set, 0))); CU_ASSERT_FATAL(!db_value_from_text(value, test2->name)); if (db_object_update(test2->dbo, object_field_list, value_set, clause_list)) { ret = 1; } db_clause_list_free(clause_list); db_clause_free(clause); db_value_set_free(value_set); db_object_field_free(object_field); db_object_field_list_free(object_field_list); return ret; } int test2_delete(test2_t* test2) { db_clause_list_t* clause_list; db_clause_t* clause; int ret = 0; CU_ASSERT_PTR_NOT_NULL_FATAL(test2); CU_ASSERT_FATAL(!db_value_not_empty(test2->id)); CU_ASSERT_FATAL(!db_value_not_empty(test2->rev)); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "id")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test2->id)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause = db_clause_new())); CU_ASSERT_FATAL(!db_clause_set_field(clause, "rev")); CU_ASSERT_FATAL(!db_clause_set_type(clause, DB_CLAUSE_EQUAL)); CU_ASSERT_FATAL(!db_value_copy(db_clause_get_value(clause), test2->rev)); CU_ASSERT_FATAL(!db_clause_list_add(clause_list, clause)); clause = NULL; if (db_object_delete(test2->dbo, clause_list)) { ret = 1; } db_clause_list_free(clause_list); db_clause_free(clause); CU_ASSERT(!ret); return ret; } #if defined(ENFORCER_DATABASE_SQLITE3) int init_suite_database_operations_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } if (test) { return 1; } if (test2) { return 1; } if (test2_2) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int init_suite_database_operations_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } if (test) { return 1; } if (test2) { return 1; } if (test2_2) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } return 0; } #endif int clean_suite_database_operations(void) { test_free(test); test = NULL; test_list_free(test_list); test_list = NULL; test2_free(test2); test2 = NULL; test2_free(test2_2); test2_2 = NULL; db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&object2_id); db_value_reset(&object3_id); return 0; } void __check_id(const db_value_t* id, int id_int, const char* id_text) { db_type_int32_t int32; db_type_uint32_t uint32; db_type_int64_t int64; db_type_uint64_t uint64; const char* text; CU_ASSERT_PTR_NOT_NULL(id); switch (db_value_type(id)) { case DB_TYPE_INT32: CU_ASSERT(!db_value_to_int32(id, &int32)); CU_ASSERT(int32 == (db_type_int32_t)id_int); break; case DB_TYPE_UINT32: CU_ASSERT(!db_value_to_uint32(id, &uint32)); CU_ASSERT(uint32 == (db_type_uint32_t)id_int); break; case DB_TYPE_INT64: CU_ASSERT(!db_value_to_int64(id, &int64)); CU_ASSERT(int64 == (db_type_int64_t)id_int); break; case DB_TYPE_UINT64: CU_ASSERT(!db_value_to_uint64(id, &uint64)); CU_ASSERT(uint64 == (db_type_uint64_t)id_int); break; case DB_TYPE_TEXT: CU_ASSERT_PTR_NOT_NULL_FATAL((text = db_value_text(id))); CU_ASSERT(!strcmp(text, id_text)); break; default: CU_FAIL("db_value_type(id)"); } } void test_database_operations_read_object1(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_name(test, "test")); __check_id(test_id(test), 1, "1"); CU_ASSERT_PTR_NOT_NULL_FATAL(test_name(test)); CU_ASSERT(!strcmp(test_name(test), "test")); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_create_object2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_set_name(test, "name 2")); CU_ASSERT(!strcmp(test_name(test), "name 2")); CU_ASSERT_FATAL(!test_create(test)); test_free(test); test = NULL; CU_PASS("test_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_name(test, "name 2")); db_value_reset(&object2_id); CU_ASSERT(!db_value_copy(&object2_id, test_id(test))); CU_ASSERT(!strcmp(test_name(test), "name 2")); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_read_object2(void) { int cmp = 0; CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_id(test, &object2_id)); CU_ASSERT(!db_value_cmp(test_id(test), &object2_id, &cmp)); CU_ASSERT(!cmp); CU_ASSERT(!strcmp(test_name(test), "name 2")); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_update_object2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_id(test, &object2_id)); CU_ASSERT_FATAL(!test_set_name(test, "name 3")); CU_ASSERT(!strcmp(test_name(test), "name 3")); CU_ASSERT_FATAL(!test_update(test)); test_free(test); test = NULL; CU_PASS("test_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_id(test, &object2_id)); CU_ASSERT(!strcmp(test_name(test), "name 3")); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_delete_object2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_id(test, &object2_id)); CU_ASSERT_FATAL(!test_delete(test)); test_free(test); test = NULL; CU_PASS("test_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(test_get_by_id(test, &object2_id)); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_create_object3(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_set_name(test, "name 3")); CU_ASSERT(!strcmp(test_name(test), "name 3")); CU_ASSERT_FATAL(!test_create(test)); test_free(test); test = NULL; CU_PASS("test_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_name(test, "name 3")); db_value_reset(&object3_id); CU_ASSERT(!db_value_copy(&object3_id, test_id(test))); CU_ASSERT(!strcmp(test_name(test), "name 3")); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_delete_object3(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(!test_get_by_id(test, &object3_id)); CU_ASSERT_FATAL(!test_delete(test)); test_free(test); test = NULL; CU_PASS("test_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT_FATAL(test_get_by_id(test, &object3_id)); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_read_all(void) { const test_t* local_test; int count = 0; CU_ASSERT_PTR_NOT_NULL_FATAL((test_list = test_list_new(connection))); CU_ASSERT_FATAL(!test_list_get(test_list)); local_test = test_list_begin(test_list); while (local_test) { count++; local_test = test_list_next(test_list); } CU_ASSERT(count == 3); test_list_free(test_list); test_list = NULL; CU_PASS("test_list_free"); } void test_database_operations_count(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test = test_new(connection))); CU_ASSERT(test_count_by_name(test, "test") == 1); CU_ASSERT(test_count_by_id(test, &object2_id) == 1); CU_ASSERT(test_count_by_id(test, &object3_id) == 1); CU_ASSERT(test_count_by_name(test, "name 3") == 2); test_free(test); test = NULL; CU_PASS("test_free"); } void test_database_operations_read_object1_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_name(test2, "test")); __check_id(test2_id(test2), 1, "1"); CU_ASSERT_PTR_NOT_NULL_FATAL(test2_name(test2)); CU_ASSERT(!strcmp(test2_name(test2), "test")); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_create_object2_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_set_name(test2, "name 2")); CU_ASSERT(!strcmp(test2_name(test2), "name 2")); CU_ASSERT_FATAL(!test2_create(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_name(test2, "name 2")); db_value_reset(&object2_id); CU_ASSERT(!db_value_copy(&object2_id, test2_id(test2))); CU_ASSERT(!strcmp(test2_name(test2), "name 2")); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_read_object2_2(void) { int cmp = 0; CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_id(test2, &object2_id)); CU_ASSERT(!db_value_cmp(test2_id(test2), &object2_id, &cmp)); CU_ASSERT(!cmp); CU_ASSERT(!strcmp(test2_name(test2), "name 2")); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_update_object2_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_id(test2, &object2_id)); CU_ASSERT_FATAL(!test2_set_name(test2, "name 3")); CU_ASSERT(!strcmp(test2_name(test2), "name 3")); CU_ASSERT_FATAL(!test2_update(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_id(test2, &object2_id)); CU_ASSERT(!strcmp(test2_name(test2), "name 3")); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_update_objects_revisions(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_set_name(test2, "name 4")); CU_ASSERT(!strcmp(test2_name(test2), "name 4")); CU_ASSERT_FATAL(!test2_create(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_name(test2, "name 4")); CU_ASSERT(!strcmp(test2_name(test2), "name 4")); CU_ASSERT_PTR_NOT_NULL_FATAL((test2_2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_name(test2_2, "name 4")); CU_ASSERT(!strcmp(test2_name(test2_2), "name 4")); CU_ASSERT_FATAL(!test2_set_name(test2_2, "name 5")); CU_ASSERT(!strcmp(test2_name(test2_2), "name 5")); CU_ASSERT_FATAL(!test2_update(test2_2)); CU_ASSERT_FATAL(!test2_set_name(test2, "name 5")); CU_ASSERT(!strcmp(test2_name(test2), "name 5")); CU_ASSERT_FATAL(test2_update(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); test2_free(test2_2); test2_2 = NULL; CU_PASS("test2_free"); } void test_database_operations_delete_object2_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_id(test2, &object2_id)); CU_ASSERT_FATAL(!test2_delete(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(test2_get_by_id(test2, &object2_id)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_create_object3_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_set_name(test2, "name 3")); CU_ASSERT(!strcmp(test2_name(test2), "name 3")); CU_ASSERT_FATAL(!test2_create(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_name(test2, "name 3")); db_value_reset(&object3_id); CU_ASSERT(!db_value_copy(&object3_id, test2_id(test2))); CU_ASSERT(!strcmp(test2_name(test2), "name 3")); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } void test_database_operations_delete_object3_2(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(!test2_get_by_id(test2, &object3_id)); CU_ASSERT_FATAL(!test2_delete(test2)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); CU_ASSERT_PTR_NOT_NULL_FATAL((test2 = test2_new(connection))); CU_ASSERT_FATAL(test2_get_by_id(test2, &object3_id)); test2_free(test2); test2 = NULL; CU_PASS("test2_free"); } opendnssec-2.1.5/enforcer/src/db/test/test_key_dependency.c0000644000202300020240000004427313560310771020732 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../key_dependency.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static key_dependency_t* object = NULL; static key_dependency_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_key_dependency_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_key_dependency_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_key_dependency_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_key_dependency_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = key_dependency_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = key_dependency_list_new(connection))); } static void test_key_dependency_set(void) { db_value_t zone_id = DB_VALUE_EMPTY; db_value_t from_key_data_id = DB_VALUE_EMPTY; db_value_t to_key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&from_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&from_key_data_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&to_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&to_key_data_id, 1)); } CU_ASSERT(!key_dependency_set_zone_id(object, &zone_id)); CU_ASSERT(!key_dependency_set_from_key_data_id(object, &from_key_data_id)); CU_ASSERT(!key_dependency_set_to_key_data_id(object, &to_key_data_id)); CU_ASSERT(!key_dependency_set_type(object, KEY_DEPENDENCY_TYPE_DS)); CU_ASSERT(!key_dependency_set_type(object, KEY_DEPENDENCY_TYPE_RRSIG)); CU_ASSERT(!key_dependency_set_type(object, KEY_DEPENDENCY_TYPE_DNSKEY)); CU_ASSERT(!key_dependency_set_type(object, KEY_DEPENDENCY_TYPE_RRSIGDNSKEY)); db_value_reset(&zone_id); db_value_reset(&from_key_data_id); db_value_reset(&to_key_data_id); } static void test_key_dependency_get(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t from_key_data_id = DB_VALUE_EMPTY; db_value_t to_key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&from_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&from_key_data_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&to_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&to_key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_dependency_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_from_key_data_id(object), &from_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_to_key_data_id(object), &to_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_dependency_type(object) == KEY_DEPENDENCY_TYPE_RRSIGDNSKEY); db_value_reset(&zone_id); db_value_reset(&from_key_data_id); db_value_reset(&to_key_data_id); } static void test_key_dependency_create(void) { CU_ASSERT_FATAL(!key_dependency_create(object)); } static void test_key_dependency_clauses(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_dependency_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_dependency_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_dependency_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_dependency_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_dependency_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_dependency_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!key_dependency_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(key_dependency_list_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; } static void test_key_dependency_verify(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t from_key_data_id = DB_VALUE_EMPTY; db_value_t to_key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&from_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&from_key_data_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&to_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&to_key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_dependency_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_from_key_data_id(object), &from_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_to_key_data_id(object), &to_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_dependency_type(object) == KEY_DEPENDENCY_TYPE_RRSIGDNSKEY); db_value_reset(&zone_id); db_value_reset(&to_key_data_id); } static void test_key_dependency_change(void) { db_value_t zone_id = DB_VALUE_EMPTY; db_value_t from_key_data_id = DB_VALUE_EMPTY; db_value_t to_key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&from_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&from_key_data_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&to_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&to_key_data_id, 1)); } CU_ASSERT(!key_dependency_set_zone_id(object, &zone_id)); CU_ASSERT(!key_dependency_set_from_key_data_id(object, &from_key_data_id)); CU_ASSERT(!key_dependency_set_to_key_data_id(object, &to_key_data_id)); CU_ASSERT(!key_dependency_set_type(object, KEY_DEPENDENCY_TYPE_DS)); db_value_reset(&zone_id); db_value_reset(&from_key_data_id); db_value_reset(&to_key_data_id); } static void test_key_dependency_read(void) { db_value_t id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&id, 1)); } CU_ASSERT_FATAL(!key_dependency_get_by_id(object, &id)); } static void test_key_dependency_verify2(void) { int ret; db_value_t zone_id = DB_VALUE_EMPTY; db_value_t from_key_data_id = DB_VALUE_EMPTY; db_value_t to_key_data_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&zone_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&zone_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&from_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&from_key_data_id, 1)); } if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&to_key_data_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&to_key_data_id, 1)); } CU_ASSERT(!db_value_cmp(key_dependency_zone_id(object), &zone_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_from_key_data_id(object), &from_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(!db_value_cmp(key_dependency_to_key_data_id(object), &to_key_data_id, &ret)); CU_ASSERT(!ret); CU_ASSERT(key_dependency_type(object) == KEY_DEPENDENCY_TYPE_DS); db_value_reset(&zone_id); db_value_reset(&from_key_data_id); db_value_reset(&to_key_data_id); } static void test_key_dependency_cmp(void) { key_dependency_t* local_object; CU_ASSERT_PTR_NOT_NULL_FATAL((local_object = key_dependency_new(connection))); } static void test_key_dependency_delete(void) { CU_ASSERT_FATAL(!key_dependency_delete(object)); } static void test_key_dependency_list2(void) { CU_ASSERT_PTR_NULL(key_dependency_list_next(object_list)); } static void test_key_dependency_end(void) { if (object) { key_dependency_free(object); CU_PASS("key_dependency_free"); } if (object_list) { key_dependency_list_free(object_list); CU_PASS("key_dependency_list_free"); } } static int test_key_dependency_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_key_dependency_new) || !CU_add_test(pSuite, "set fields", test_key_dependency_set) || !CU_add_test(pSuite, "get fields", test_key_dependency_get) || !CU_add_test(pSuite, "create object", test_key_dependency_create) || !CU_add_test(pSuite, "object clauses", test_key_dependency_clauses) || !CU_add_test(pSuite, "verify fields", test_key_dependency_verify) || !CU_add_test(pSuite, "change object", test_key_dependency_change) || !CU_add_test(pSuite, "verify fields after update", test_key_dependency_verify2) || !CU_add_test(pSuite, "compare objects", test_key_dependency_cmp) || !CU_add_test(pSuite, "read object by id", test_key_dependency_read) || !CU_add_test(pSuite, "delete object", test_key_dependency_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_key_dependency_list2) || !CU_add_test(pSuite, "end test", test_key_dependency_end)) { return CU_get_error(); } return 0; } int test_key_dependency_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of key dependency (SQLite)", test_key_dependency_init_suite_sqlite, test_key_dependency_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_dependency_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of key dependency (MySQL)", test_key_dependency_init_suite_mysql, test_key_dependency_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_key_dependency_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_zone.c0000644000202300020240000010274513560310771016716 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../zone_db.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static zone_db_t* object = NULL; static zone_list_db_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_zone_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_zone_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_zone_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_zone_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = zone_db_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = zone_list_db_new(connection))); } static void test_zone_set(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!zone_db_set_policy_id(object, &policy_id)); CU_ASSERT(!zone_db_set_name(object, "name 1")); CU_ASSERT(!zone_db_set_signconf_needs_writing(object, 1)); CU_ASSERT(!zone_db_set_signconf_path(object, "signconf_path 1")); CU_ASSERT(!zone_db_set_next_change(object, 1)); CU_ASSERT(!zone_db_set_ttl_end_ds(object, 1)); CU_ASSERT(!zone_db_set_ttl_end_dk(object, 1)); CU_ASSERT(!zone_db_set_ttl_end_rs(object, 1)); CU_ASSERT(!zone_db_set_roll_ksk_now(object, 1)); CU_ASSERT(!zone_db_set_roll_zsk_now(object, 1)); CU_ASSERT(!zone_db_set_roll_csk_now(object, 1)); CU_ASSERT(!zone_db_set_input_adapter_type(object, "input_adapter_type 1")); CU_ASSERT(!zone_db_set_input_adapter_uri(object, "input_adapter_uri 1")); CU_ASSERT(!zone_db_set_output_adapter_type(object, "output_adapter_type 1")); CU_ASSERT(!zone_db_set_output_adapter_uri(object, "output_adapter_uri 1")); CU_ASSERT(!zone_db_set_next_ksk_roll(object, 1)); CU_ASSERT(!zone_db_set_next_zsk_roll(object, 1)); CU_ASSERT(!zone_db_set_next_csk_roll(object, 1)); db_value_reset(&policy_id); } static void test_zone_get(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(zone_db_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_name(object)); CU_ASSERT(!strcmp(zone_db_name(object), "name 1")); CU_ASSERT(zone_db_signconf_needs_writing(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_signconf_path(object)); CU_ASSERT(!strcmp(zone_db_signconf_path(object), "signconf_path 1")); CU_ASSERT(zone_db_next_change(object) == 1); CU_ASSERT(zone_db_ttl_end_ds(object) == 1); CU_ASSERT(zone_db_ttl_end_dk(object) == 1); CU_ASSERT(zone_db_ttl_end_rs(object) == 1); CU_ASSERT(zone_db_roll_ksk_now(object) == 1); CU_ASSERT(zone_db_roll_zsk_now(object) == 1); CU_ASSERT(zone_db_roll_csk_now(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_type(object), "input_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_uri(object), "input_adapter_uri 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_type(object), "output_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_uri(object), "output_adapter_uri 1")); CU_ASSERT(zone_db_next_ksk_roll(object) == 1); CU_ASSERT(zone_db_next_zsk_roll(object) == 1); CU_ASSERT(zone_db_next_csk_roll(object) == 1); db_value_reset(&policy_id); } static void test_zone_create(void) { CU_ASSERT_FATAL(!zone_db_create(object)); } static void test_zone_clauses(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(zone_db_policy_id_clause(clause_list, zone_db_policy_id(object))); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_list_db_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(object_list)); db_clause_list_free(clause_list); clause_list = NULL; } static void test_zone_count(void) { size_t count; CU_ASSERT(!zone_db_count(object, NULL, &count)); CU_ASSERT(count == 1); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(zone_db_policy_id_clause(clause_list, zone_db_policy_id(object))); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!zone_db_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; } static void test_zone_list(void) { const zone_db_t* item; zone_db_t* item2; zone_list_db_t* new_list; CU_ASSERT_FATAL(!zone_list_db_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = zone_list_db_next(object_list))); CU_ASSERT_FATAL(!db_value_copy(&id, zone_db_id(item))); CU_ASSERT_PTR_NOT_NULL_FATAL((item = zone_list_db_begin(object_list))); CU_ASSERT_FATAL(!zone_list_db_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item2 = zone_list_db_get_next(object_list))); zone_db_free(item2); CU_PASS("zone_db_free"); CU_ASSERT_PTR_NOT_NULL((new_list = zone_list_db_new_get(connection))); CU_ASSERT_PTR_NOT_NULL(zone_list_db_next(new_list)); zone_list_db_free(new_list); } static void test_zone_list_store(void) { zone_list_db_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = zone_list_db_new(connection))); CU_ASSERT_FATAL(!zone_list_db_object_store(new_list)); CU_ASSERT_FATAL(!zone_list_db_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_list_db_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_list_db_begin(new_list)); CU_PASS("zone_db_free"); zone_list_db_free(new_list); } static void test_zone_list_associated(void) { zone_list_db_t* new_list; CU_ASSERT_PTR_NOT_NULL((new_list = zone_list_db_new(connection))); CU_ASSERT_FATAL(!zone_list_db_get(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_list_db_next(new_list)); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_list_db_begin(new_list)); CU_PASS("zone_db_free"); zone_list_db_free(new_list); } static void test_zone_read(void) { CU_ASSERT_FATAL(!zone_db_get_by_id(object, &id)); } static void test_zone_verify(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(zone_db_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_name(object)); CU_ASSERT(!strcmp(zone_db_name(object), "name 1")); CU_ASSERT(zone_db_signconf_needs_writing(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_signconf_path(object)); CU_ASSERT(!strcmp(zone_db_signconf_path(object), "signconf_path 1")); CU_ASSERT(zone_db_next_change(object) == 1); CU_ASSERT(zone_db_ttl_end_ds(object) == 1); CU_ASSERT(zone_db_ttl_end_dk(object) == 1); CU_ASSERT(zone_db_ttl_end_rs(object) == 1); CU_ASSERT(zone_db_roll_ksk_now(object) == 1); CU_ASSERT(zone_db_roll_zsk_now(object) == 1); CU_ASSERT(zone_db_roll_csk_now(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_type(object), "input_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_uri(object), "input_adapter_uri 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_type(object), "output_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_uri(object), "output_adapter_uri 1")); CU_ASSERT(zone_db_next_ksk_roll(object) == 1); CU_ASSERT(zone_db_next_zsk_roll(object) == 1); CU_ASSERT(zone_db_next_csk_roll(object) == 1); db_value_reset(&policy_id); } static void test_zone_read_by_name(void) { CU_ASSERT_FATAL(!zone_db_get_by_name(object, "name 1")); } static void test_zone_verify_name(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(zone_db_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_name(object)); CU_ASSERT(!strcmp(zone_db_name(object), "name 1")); CU_ASSERT(zone_db_signconf_needs_writing(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_signconf_path(object)); CU_ASSERT(!strcmp(zone_db_signconf_path(object), "signconf_path 1")); CU_ASSERT(zone_db_next_change(object) == 1); CU_ASSERT(zone_db_ttl_end_ds(object) == 1); CU_ASSERT(zone_db_ttl_end_dk(object) == 1); CU_ASSERT(zone_db_ttl_end_rs(object) == 1); CU_ASSERT(zone_db_roll_ksk_now(object) == 1); CU_ASSERT(zone_db_roll_zsk_now(object) == 1); CU_ASSERT(zone_db_roll_csk_now(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_type(object), "input_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_uri(object), "input_adapter_uri 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_type(object), "output_adapter_type 1")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_uri(object), "output_adapter_uri 1")); CU_ASSERT(zone_db_next_ksk_roll(object) == 1); CU_ASSERT(zone_db_next_zsk_roll(object) == 1); CU_ASSERT(zone_db_next_csk_roll(object) == 1); db_value_reset(&policy_id); } static void test_zone_change(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!zone_db_set_policy_id(object, &policy_id)); CU_ASSERT(!zone_db_set_name(object, "name 2")); CU_ASSERT(!zone_db_set_signconf_needs_writing(object, 2)); CU_ASSERT(!zone_db_set_signconf_path(object, "signconf_path 2")); CU_ASSERT(!zone_db_set_next_change(object, 2)); CU_ASSERT(!zone_db_set_ttl_end_ds(object, 2)); CU_ASSERT(!zone_db_set_ttl_end_dk(object, 2)); CU_ASSERT(!zone_db_set_ttl_end_rs(object, 2)); CU_ASSERT(!zone_db_set_roll_ksk_now(object, 2)); CU_ASSERT(!zone_db_set_roll_zsk_now(object, 2)); CU_ASSERT(!zone_db_set_roll_csk_now(object, 2)); CU_ASSERT(!zone_db_set_input_adapter_type(object, "input_adapter_type 2")); CU_ASSERT(!zone_db_set_input_adapter_uri(object, "input_adapter_uri 2")); CU_ASSERT(!zone_db_set_output_adapter_type(object, "output_adapter_type 2")); CU_ASSERT(!zone_db_set_output_adapter_uri(object, "output_adapter_uri 2")); CU_ASSERT(!zone_db_set_next_ksk_roll(object, 2)); CU_ASSERT(!zone_db_set_next_zsk_roll(object, 2)); CU_ASSERT(!zone_db_set_next_csk_roll(object, 2)); db_value_reset(&policy_id); } static void test_zone_update(void) { CU_ASSERT_FATAL(!zone_db_update(object)); } static void test_zone_read2(void) { CU_ASSERT_FATAL(!zone_db_get_by_id(object, &id)); } static void test_zone_verify2(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(zone_db_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_name(object)); CU_ASSERT(!strcmp(zone_db_name(object), "name 2")); CU_ASSERT(zone_db_signconf_needs_writing(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_signconf_path(object)); CU_ASSERT(!strcmp(zone_db_signconf_path(object), "signconf_path 2")); CU_ASSERT(zone_db_next_change(object) == 2); CU_ASSERT(zone_db_ttl_end_ds(object) == 2); CU_ASSERT(zone_db_ttl_end_dk(object) == 2); CU_ASSERT(zone_db_ttl_end_rs(object) == 2); CU_ASSERT(zone_db_roll_ksk_now(object) == 2); CU_ASSERT(zone_db_roll_zsk_now(object) == 2); CU_ASSERT(zone_db_roll_csk_now(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_type(object), "input_adapter_type 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_uri(object), "input_adapter_uri 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_type(object), "output_adapter_type 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_uri(object), "output_adapter_uri 2")); CU_ASSERT(zone_db_next_ksk_roll(object) == 2); CU_ASSERT(zone_db_next_zsk_roll(object) == 2); CU_ASSERT(zone_db_next_csk_roll(object) == 2); db_value_reset(&policy_id); } static void test_zone_read_by_name2(void) { CU_ASSERT_FATAL(!zone_db_get_by_name(object, "name 2")); } static void test_zone_verify_name2(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(zone_db_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_name(object)); CU_ASSERT(!strcmp(zone_db_name(object), "name 2")); CU_ASSERT(zone_db_signconf_needs_writing(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_signconf_path(object)); CU_ASSERT(!strcmp(zone_db_signconf_path(object), "signconf_path 2")); CU_ASSERT(zone_db_next_change(object) == 2); CU_ASSERT(zone_db_ttl_end_ds(object) == 2); CU_ASSERT(zone_db_ttl_end_dk(object) == 2); CU_ASSERT(zone_db_ttl_end_rs(object) == 2); CU_ASSERT(zone_db_roll_ksk_now(object) == 2); CU_ASSERT(zone_db_roll_zsk_now(object) == 2); CU_ASSERT(zone_db_roll_csk_now(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_type(object), "input_adapter_type 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_input_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_input_adapter_uri(object), "input_adapter_uri 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_type(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_type(object), "output_adapter_type 2")); CU_ASSERT_PTR_NOT_NULL_FATAL(zone_db_output_adapter_uri(object)); CU_ASSERT(!strcmp(zone_db_output_adapter_uri(object), "output_adapter_uri 2")); CU_ASSERT(zone_db_next_ksk_roll(object) == 2); CU_ASSERT(zone_db_next_zsk_roll(object) == 2); CU_ASSERT(zone_db_next_csk_roll(object) == 2); db_value_reset(&policy_id); } static void test_zone_delete(void) { CU_ASSERT_FATAL(!zone_db_delete(object)); } static void test_zone_list2(void) { CU_ASSERT_FATAL(!zone_list_db_get(object_list)); CU_ASSERT_PTR_NULL(zone_list_db_next(object_list)); } static void test_zone_end(void) { if (object) { zone_db_free(object); CU_PASS("zone_db_free"); } if (object_list) { zone_list_db_free(object_list); CU_PASS("zone_list_db_free"); } } static int test_zone_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_zone_new) || !CU_add_test(pSuite, "set fields", test_zone_set) || !CU_add_test(pSuite, "get fields", test_zone_get) || !CU_add_test(pSuite, "create object", test_zone_create) || !CU_add_test(pSuite, "object clauses", test_zone_clauses) || !CU_add_test(pSuite, "object count", test_zone_count) || !CU_add_test(pSuite, "list objects", test_zone_list) || !CU_add_test(pSuite, "list objects (store)", test_zone_list_store) || !CU_add_test(pSuite, "list objects (associated)", test_zone_list_associated) || !CU_add_test(pSuite, "read object by id", test_zone_read) || !CU_add_test(pSuite, "verify fields", test_zone_verify) || !CU_add_test(pSuite, "read object by name", test_zone_read_by_name) || !CU_add_test(pSuite, "verify fields (name)", test_zone_verify_name) || !CU_add_test(pSuite, "change object", test_zone_change) || !CU_add_test(pSuite, "update object", test_zone_update) || !CU_add_test(pSuite, "reread object by id", test_zone_read2) || !CU_add_test(pSuite, "verify fields after update", test_zone_verify2) || !CU_add_test(pSuite, "reread object by name", test_zone_read_by_name2) || !CU_add_test(pSuite, "verify fields after update (name)", test_zone_verify_name2) || !CU_add_test(pSuite, "delete object", test_zone_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_zone_list2) || !CU_add_test(pSuite, "end test", test_zone_end)) { return CU_get_error(); } return 0; } int test_zone_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of zone (SQLite)", test_zone_init_suite_sqlite, test_zone_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_zone_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of zone (MySQL)", test_zone_init_suite_mysql, test_zone_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_zone_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test_zone.h0000644000202300020240000000301513560310771016711 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_zone_h #define __test_zone_h int test_zone_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_hsm_key.c0000644000202300020240000006555713560310771017413 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../hsm_key.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static hsm_key_t* object = NULL; static hsm_key_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_hsm_key_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_hsm_key_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_hsm_key_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_hsm_key_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = hsm_key_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = hsm_key_list_new(connection))); } static void test_hsm_key_set(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!hsm_key_set_policy_id(object, &policy_id)); CU_ASSERT(!hsm_key_set_locator(object, "locator 1")); CU_ASSERT(!hsm_key_set_state(object, HSM_KEY_STATE_UNUSED)); CU_ASSERT(!hsm_key_set_state(object, HSM_KEY_STATE_PRIVATE)); CU_ASSERT(!hsm_key_set_state(object, HSM_KEY_STATE_SHARED)); CU_ASSERT(!hsm_key_set_state(object, HSM_KEY_STATE_DELETE)); CU_ASSERT(!hsm_key_set_bits(object, 1)); CU_ASSERT(!hsm_key_set_algorithm(object, 1)); CU_ASSERT(!hsm_key_set_role(object, HSM_KEY_ROLE_KSK)); CU_ASSERT(!hsm_key_set_role(object, HSM_KEY_ROLE_ZSK)); CU_ASSERT(!hsm_key_set_role(object, HSM_KEY_ROLE_CSK)); CU_ASSERT(!hsm_key_set_inception(object, 1)); CU_ASSERT(!hsm_key_set_key_type(object, HSM_KEY_KEY_TYPE_RSA)); CU_ASSERT(!hsm_key_set_repository(object, "repository 1")); CU_ASSERT(!hsm_key_set_backup(object, HSM_KEY_BACKUP_NO_BACKUP)); CU_ASSERT(!hsm_key_set_backup(object, HSM_KEY_BACKUP_BACKUP_REQUIRED)); CU_ASSERT(!hsm_key_set_backup(object, HSM_KEY_BACKUP_BACKUP_REQUESTED)); CU_ASSERT(!hsm_key_set_backup(object, HSM_KEY_BACKUP_BACKUP_DONE)); db_value_reset(&policy_id); } static void test_hsm_key_get(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(hsm_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_locator(object)); CU_ASSERT(!strcmp(hsm_key_locator(object), "locator 1")); CU_ASSERT(hsm_key_state(object) == HSM_KEY_STATE_DELETE); CU_ASSERT(hsm_key_bits(object) == 1); CU_ASSERT(hsm_key_algorithm(object) == 1); CU_ASSERT(hsm_key_role(object) == HSM_KEY_ROLE_CSK); CU_ASSERT(hsm_key_inception(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_repository(object)); CU_ASSERT(!strcmp(hsm_key_repository(object), "repository 1")); CU_ASSERT(hsm_key_backup(object) == HSM_KEY_BACKUP_BACKUP_DONE); db_value_reset(&policy_id); } static void test_hsm_key_create(void) { CU_ASSERT_FATAL(!hsm_key_create(object)); } static void test_hsm_key_clauses(void) { hsm_key_list_t* new_list; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_policy_id_clause(clause_list, hsm_key_policy_id(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_state_clause(clause_list, hsm_key_state(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_bits_clause(clause_list, hsm_key_bits(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_algorithm_clause(clause_list, hsm_key_algorithm(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_role_clause(clause_list, hsm_key_role(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_repository_clause(clause_list, hsm_key_repository(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_backup_clause(clause_list, hsm_key_backup(object))); CU_ASSERT(!hsm_key_list_get_by_clauses(object_list, clause_list)); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(object_list)); CU_ASSERT_PTR_NOT_NULL((new_list = hsm_key_list_new_get_by_clauses(connection, clause_list))); CU_ASSERT_PTR_NOT_NULL(hsm_key_list_next(new_list)); hsm_key_list_free(new_list); db_clause_list_free(clause_list); clause_list = NULL; } static void test_hsm_key_count(void) { size_t count; CU_ASSERT(!hsm_key_count(object, NULL, &count)); CU_ASSERT(count == 1); CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_policy_id_clause(clause_list, hsm_key_policy_id(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_state_clause(clause_list, hsm_key_state(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_bits_clause(clause_list, hsm_key_bits(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_algorithm_clause(clause_list, hsm_key_algorithm(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_role_clause(clause_list, hsm_key_role(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_repository_clause(clause_list, hsm_key_repository(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; CU_ASSERT_PTR_NOT_NULL_FATAL((clause_list = db_clause_list_new())); CU_ASSERT_PTR_NOT_NULL(hsm_key_backup_clause(clause_list, hsm_key_backup(object))); CU_ASSERT(!hsm_key_count(object, clause_list, &count)); CU_ASSERT(count == 1); db_clause_list_free(clause_list); clause_list = NULL; } static void test_hsm_key_verify(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(hsm_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_locator(object)); CU_ASSERT(!strcmp(hsm_key_locator(object), "locator 1")); CU_ASSERT(hsm_key_state(object) == HSM_KEY_STATE_DELETE); CU_ASSERT(hsm_key_bits(object) == 1); CU_ASSERT(hsm_key_algorithm(object) == 1); CU_ASSERT(hsm_key_role(object) == HSM_KEY_ROLE_CSK); CU_ASSERT(hsm_key_inception(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_repository(object)); CU_ASSERT(!strcmp(hsm_key_repository(object), "repository 1")); CU_ASSERT(hsm_key_backup(object) == HSM_KEY_BACKUP_BACKUP_DONE); db_value_reset(&policy_id); } static void test_hsm_key_read_by_locator(void) { CU_ASSERT_FATAL(!hsm_key_get_by_locator(object, "locator 1")); } static void test_hsm_key_verify_locator(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(hsm_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_locator(object)); CU_ASSERT(!strcmp(hsm_key_locator(object), "locator 1")); CU_ASSERT(hsm_key_state(object) == HSM_KEY_STATE_DELETE); CU_ASSERT(hsm_key_bits(object) == 1); CU_ASSERT(hsm_key_algorithm(object) == 1); CU_ASSERT(hsm_key_role(object) == HSM_KEY_ROLE_CSK); CU_ASSERT(hsm_key_inception(object) == 1); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_repository(object)); CU_ASSERT(!strcmp(hsm_key_repository(object), "repository 1")); CU_ASSERT(hsm_key_backup(object) == HSM_KEY_BACKUP_BACKUP_DONE); db_value_reset(&policy_id); } static void test_hsm_key_change(void) { db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!hsm_key_set_policy_id(object, &policy_id)); CU_ASSERT(!hsm_key_set_locator(object, "locator 2")); CU_ASSERT(!hsm_key_set_state(object, HSM_KEY_STATE_UNUSED)); CU_ASSERT(!hsm_key_set_bits(object, 2)); CU_ASSERT(!hsm_key_set_algorithm(object, 2)); CU_ASSERT(!hsm_key_set_role(object, HSM_KEY_ROLE_KSK)); CU_ASSERT(!hsm_key_set_inception(object, 2)); CU_ASSERT(!hsm_key_set_key_type(object, HSM_KEY_KEY_TYPE_RSA)); CU_ASSERT(!hsm_key_set_repository(object, "repository 2")); CU_ASSERT(!hsm_key_set_backup(object, HSM_KEY_BACKUP_NO_BACKUP)); db_value_reset(&policy_id); } static void test_hsm_key_update(void) { CU_ASSERT_FATAL(!hsm_key_update(object)); } static void test_hsm_key_verify2(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(hsm_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_locator(object)); CU_ASSERT(!strcmp(hsm_key_locator(object), "locator 2")); CU_ASSERT(hsm_key_state(object) == HSM_KEY_STATE_UNUSED); CU_ASSERT(hsm_key_bits(object) == 2); CU_ASSERT(hsm_key_algorithm(object) == 2); CU_ASSERT(hsm_key_role(object) == HSM_KEY_ROLE_KSK); CU_ASSERT(hsm_key_inception(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_repository(object)); CU_ASSERT(!strcmp(hsm_key_repository(object), "repository 2")); CU_ASSERT(hsm_key_backup(object) == HSM_KEY_BACKUP_NO_BACKUP); db_value_reset(&policy_id); } static void test_hsm_key_cmp(void) { hsm_key_t* local_object; CU_ASSERT_PTR_NOT_NULL_FATAL((local_object = hsm_key_new(connection))); } static void test_hsm_key_read_by_locator2(void) { CU_ASSERT_FATAL(!hsm_key_get_by_locator(object, "locator 2")); } static void test_hsm_key_verify_locator2(void) { int ret; db_value_t policy_id = DB_VALUE_EMPTY; if (db_sqlite) { CU_ASSERT(!db_value_from_int32(&policy_id, 1)); } if (db_mysql) { CU_ASSERT(!db_value_from_uint64(&policy_id, 1)); } CU_ASSERT(!db_value_cmp(hsm_key_policy_id(object), &policy_id, &ret)); CU_ASSERT(!ret); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_locator(object)); CU_ASSERT(!strcmp(hsm_key_locator(object), "locator 2")); CU_ASSERT(hsm_key_state(object) == HSM_KEY_STATE_UNUSED); CU_ASSERT(hsm_key_bits(object) == 2); CU_ASSERT(hsm_key_algorithm(object) == 2); CU_ASSERT(hsm_key_role(object) == HSM_KEY_ROLE_KSK); CU_ASSERT(hsm_key_inception(object) == 2); CU_ASSERT_PTR_NOT_NULL_FATAL(hsm_key_repository(object)); CU_ASSERT(!strcmp(hsm_key_repository(object), "repository 2")); CU_ASSERT(hsm_key_backup(object) == HSM_KEY_BACKUP_NO_BACKUP); db_value_reset(&policy_id); } static void test_hsm_key_delete(void) { } static void test_hsm_key_list2(void) { CU_ASSERT_PTR_NULL(hsm_key_list_next(object_list)); } static void test_hsm_key_end(void) { if (object) { hsm_key_free(object); CU_PASS("hsm_key_free"); } if (object_list) { hsm_key_list_free(object_list); CU_PASS("hsm_key_list_free"); } } static int test_hsm_key_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_hsm_key_new) || !CU_add_test(pSuite, "set fields", test_hsm_key_set) || !CU_add_test(pSuite, "get fields", test_hsm_key_get) || !CU_add_test(pSuite, "create object", test_hsm_key_create) || !CU_add_test(pSuite, "object clauses", test_hsm_key_clauses) || !CU_add_test(pSuite, "object count", test_hsm_key_count) || !CU_add_test(pSuite, "verify fields", test_hsm_key_verify) || !CU_add_test(pSuite, "read object by locator", test_hsm_key_read_by_locator) || !CU_add_test(pSuite, "verify fields (locator)", test_hsm_key_verify_locator) || !CU_add_test(pSuite, "change object", test_hsm_key_change) || !CU_add_test(pSuite, "update object", test_hsm_key_update) || !CU_add_test(pSuite, "verify fields after update", test_hsm_key_verify2) || !CU_add_test(pSuite, "compare objects", test_hsm_key_cmp) || !CU_add_test(pSuite, "reread object by locator", test_hsm_key_read_by_locator2) || !CU_add_test(pSuite, "verify fields after update (locator)", test_hsm_key_verify_locator2) || !CU_add_test(pSuite, "delete object", test_hsm_key_delete) || !CU_add_test(pSuite, "list objects to verify delete", test_hsm_key_list2) || !CU_add_test(pSuite, "end test", test_hsm_key_end)) { return CU_get_error(); } return 0; } int test_hsm_key_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of hsm key (SQLite)", test_hsm_key_init_suite_sqlite, test_hsm_key_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_hsm_key_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of hsm key (MySQL)", test_hsm_key_init_suite_mysql, test_hsm_key_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_hsm_key_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/test.h0000644000202300020240000000657713560310771015676 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #ifndef __test_test_h #define __test_test_h int init_suite_classes(void); int clean_suite_classes(void); void test_class_db_backend_handle(void); void test_class_db_backend(void); void test_class_db_clause(void); void test_class_db_clause_list(void); void test_class_db_configuration(void); void test_class_db_configuration_list(void); void test_class_db_connection(void); void test_class_db_join(void); void test_class_db_join_list(void); void test_class_db_object_field(void); void test_class_db_object_field_list(void); void test_class_db_object(void); void test_class_db_value_set(void); void test_class_db_result(void); void test_class_db_result_list(void); void test_class_db_value(void); void test_class_end(void); int init_suite_initialization(void); int clean_suite_initialization(void); void test_initialization_configuration(void); void test_initialization_connection(void); #if defined(ENFORCER_DATABASE_SQLITE3) int init_suite_database_operations_sqlite(void); #endif int init_suite_database_operations_mysql(void); int clean_suite_database_operations(void); void test_database_operations_read_object1(void); void test_database_operations_create_object2(void); void test_database_operations_read_object2(void); void test_database_operations_update_object2(void); void test_database_operations_delete_object2(void); void test_database_operations_create_object3(void); void test_database_operations_delete_object3(void); void test_database_operations_read_all(void); void test_database_operations_count(void); void test_database_operations_read_object1_2(void); void test_database_operations_create_object2_2(void); void test_database_operations_read_object2_2(void); void test_database_operations_update_object2_2(void); void test_database_operations_delete_object2_2(void); void test_database_operations_create_object3_2(void); void test_database_operations_delete_object3_2(void); void test_database_operations_update_objects_revisions(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_database_version.c0000644000202300020240000002460313560310771021250 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "CUnit/Basic.h" #include "../db_configuration.h" #include "../db_connection.h" #include "../database_version.h" #include static db_configuration_list_t* configuration_list = NULL; static db_configuration_t* configuration = NULL; static db_connection_t* connection = NULL; static database_version_t* object = NULL; static database_version_list_t* object_list = NULL; static db_value_t id = DB_VALUE_EMPTY; static db_clause_list_t* clause_list = NULL; static int db_sqlite = 0; static int db_mysql = 0; #if defined(ENFORCER_DATABASE_SQLITE3) int test_database_version_init_suite_sqlite(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "sqlite") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "file") || db_configuration_set_value(configuration, "test.db") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 1; db_mysql = 0; return 0; } #endif #if defined(ENFORCER_DATABASE_MYSQL) int test_database_version_init_suite_mysql(void) { if (configuration_list) { return 1; } if (configuration) { return 1; } if (connection) { return 1; } /* * Setup the configuration for the connection */ if (!(configuration_list = db_configuration_list_new())) { return 1; } if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "backend") || db_configuration_set_value(configuration, "mysql") || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "host") || db_configuration_set_value(configuration, ENFORCER_DB_HOST) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "port") || db_configuration_set_value(configuration, ENFORCER_DB_PORT_TEXT) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "user") || db_configuration_set_value(configuration, ENFORCER_DB_USERNAME) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "pass") || db_configuration_set_value(configuration, ENFORCER_DB_PASSWORD) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; if (!(configuration = db_configuration_new()) || db_configuration_set_name(configuration, "db") || db_configuration_set_value(configuration, ENFORCER_DB_DATABASE) || db_configuration_list_add(configuration_list, configuration)) { db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration = NULL; /* * Connect to the database */ if (!(connection = db_connection_new()) || db_connection_set_configuration_list(connection, configuration_list)) { db_connection_free(connection); connection = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; return 1; } configuration_list = NULL; if (db_connection_setup(connection) || db_connection_connect(connection)) { db_connection_free(connection); connection = NULL; return 1; } db_sqlite = 0; db_mysql = 1; return 0; } #endif static int test_database_version_clean_suite(void) { db_connection_free(connection); connection = NULL; db_configuration_free(configuration); configuration = NULL; db_configuration_list_free(configuration_list); configuration_list = NULL; db_value_reset(&id); db_clause_list_free(clause_list); clause_list = NULL; return 0; } static void test_database_version_new(void) { CU_ASSERT_PTR_NOT_NULL_FATAL((object = database_version_new(connection))); CU_ASSERT_PTR_NOT_NULL_FATAL((object_list = database_version_list_new(connection))); } static void test_database_version_get(void) { CU_ASSERT_EQUAL(database_version_get_version(connection), 1); } static void test_database_version_list(void) { const database_version_t* item; database_version_list_t* new_list; CU_ASSERT_FATAL(!database_version_list_get(object_list)); CU_ASSERT_PTR_NOT_NULL_FATAL((item = database_version_list_next(object_list))); CU_ASSERT_FATAL(!database_version_list_get(object_list)); CU_PASS("database_version_free"); CU_PASS("database_version_free"); CU_ASSERT_PTR_NOT_NULL((new_list = database_version_list_new_get(connection))); CU_ASSERT_PTR_NOT_NULL(database_version_list_next(new_list)); database_version_list_free(new_list); } static void test_database_version_end(void) { if (object) { database_version_free(object); CU_PASS("database_version_free"); } if (object_list) { database_version_list_free(object_list); CU_PASS("database_version_list_free"); } } static int test_database_version_add_tests(CU_pSuite pSuite) { if (!CU_add_test(pSuite, "new object", test_database_version_new) || !CU_add_test(pSuite, "get fields", test_database_version_get) || !CU_add_test(pSuite, "list objects", test_database_version_list) || !CU_add_test(pSuite, "end test", test_database_version_end)) { return CU_get_error(); } return 0; } int test_database_version_add_suite(void) { CU_pSuite pSuite = NULL; int ret; #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("Test of database version (SQLite)", test_database_version_init_suite_sqlite, test_database_version_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_database_version_add_tests(pSuite); if (ret) { return ret; } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("Test of database version (MySQL)", test_database_version_init_suite_mysql, test_database_version_clean_suite); if (!pSuite) { return CU_get_error(); } ret = test_database_version_add_tests(pSuite); if (ret) { return ret; } #endif return 0; } opendnssec-2.1.5/enforcer/src/db/test/Makefile.am0000644000202300020240000000424713560311035016564 00000000000000MAINTAINERCLEANFILES = $(srcdir)/Makefile.in AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ @ENFORCER_DB_INCLUDES@ \ @CUNIT_INCLUDES@ \ @XML2_INCLUDES@ check_PROGRAMS = test test_SOURCES = \ test.c test.h \ test_classes.c \ test_initialization.c \ test_database_operations.c \ test_hsm_key.c test_hsm_key.h \ test_key_data.c test_key_data.h \ test_key_state.c test_key_state.h \ test_key_dependency.c test_key_dependency.h \ test_policy.c test_policy.h \ test_policy_key.c test_policy_key.h \ test_database_version.c test_database_version.h \ test_zone.c test_zone.h BACKEND_LDADD_CUSTOM = BACKEND_LDFLAGS_CUSTOM = if USE_SQLITE BACKEND_LDADD_CUSTOM += ../db_backend_sqlite.o endif if USE_MYSQL BACKEND_LDADD_CUSTOM += ../db_backend_mysql.o endif test_LDADD = \ ../db_backend.o \ ../db_clause.o \ ../db_configuration.o \ ../db_connection.o \ ../db_join.o \ ../db_object.o \ ../db_result.o \ ../db_value.o \ ../hsm_key.o ../hsm_key_ext.o \ ../key_data.o ../key_data_ext.o \ ../key_state.o ../key_state_ext.o \ ../key_dependency.o ../key_dependency_ext.o \ ../policy.o ../policy_ext.o \ ../policy_key.o ../policy_key_ext.o \ ../database_version.o ../database_version_ext.o \ ../zone_db.o ../zone_db_ext.o \ ${top_builddir}/common/duration.o \ ${top_builddir}/common/log.o \ ${top_builddir}/common/file.o \ $(BACKEND_LDADD_CUSTOM) test_LDFLAGS = -no-install \ @XML2_LIBS@ \ @PTHREAD_LIBS@ \ @RT_LIBS@ \ @CUNIT_LIBS@ \ @ENFORCER_DB_LIBS@ \ $(BACKEND_LDFLAGS_CUSTOM) check: regress-db regress-db: test if USE_SQLITE rm -f test.db sqlite3 test.db < $(srcdir)/test.sqlite sqlite3 test.db < $(srcdir)/../schema.sqlite sqlite3 test.db < $(srcdir)/../data.sqlite endif if USE_MYSQL mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/test.mysql mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../drop.mysql mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../schema.mysql mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../data.mysql endif ./test opendnssec-2.1.5/enforcer/src/db/test/test_key_data.h0000644000202300020240000000303113560310771017515 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_key_data_h #define __test_key_data_h int test_key_data_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_database_version.h0000644000202300020240000000306113560310771021250 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_database_version_h #define __test_database_version_h int test_database_version_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/test_hsm_key.h0000644000202300020240000000302613560310771017377 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_hsm_key_h #define __test_hsm_key_h int test_hsm_key_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/test/Makefile.in0000644000202300020240000006674213560311314016605 00000000000000# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY, to the extent permitted by law; without # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. @SET_MAKE@ VPATH = @srcdir@ am__is_gnu_make = { \ if test -z '$(MAKELEVEL)'; then \ false; \ elif test -n '$(MAKE_HOST)'; then \ true; \ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ true; \ else \ false; \ fi; \ } am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ *) echo "am__make_running_with_option: internal error: invalid" \ "target option '$${target_option-}' specified" >&2; \ exit 1;; \ esac; \ has_opt=no; \ sane_makeflags=$$MAKEFLAGS; \ if $(am__is_gnu_make); then \ sane_makeflags=$$MFLAGS; \ else \ case $$MAKEFLAGS in \ *\\[\ \ ]*) \ bs=\\; \ sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ esac; \ fi; \ skip_next=no; \ strip_trailopt () \ { \ flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ }; \ for flg in $$sane_makeflags; do \ test $$skip_next = yes && { skip_next=no; continue; }; \ case $$flg in \ *=*|--*) continue;; \ -*I) strip_trailopt 'I'; skip_next=yes;; \ -*I?*) strip_trailopt 'I';; \ -*O) strip_trailopt 'O'; skip_next=yes;; \ -*O?*) strip_trailopt 'O';; \ -*l) strip_trailopt 'l'; skip_next=yes;; \ -*l?*) strip_trailopt 'l';; \ -[dEDm]) skip_next=yes;; \ -[JT]) skip_next=yes;; \ esac; \ case $$flg in \ *$$target_option*) has_opt=yes; break;; \ esac; \ done; \ test $$has_opt = yes am__make_dryrun = (target_option=n; $(am__make_running_with_option)) am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ pkglibdir = $(libdir)/@PACKAGE@ pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c install_sh_SCRIPT = $(install_sh) -c INSTALL_HEADER = $(INSTALL_DATA) transform = $(program_transform_name) NORMAL_INSTALL = : PRE_INSTALL = : POST_INSTALL = : NORMAL_UNINSTALL = : PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ check_PROGRAMS = test$(EXEEXT) @USE_SQLITE_TRUE@am__append_1 = ../db_backend_sqlite.o @USE_MYSQL_TRUE@am__append_2 = ../db_backend_mysql.o subdir = enforcer/src/db/test ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/acx_broken_setres.m4 \ $(top_srcdir)/m4/acx_check_strptime.m4 \ $(top_srcdir)/m4/acx_cunit.m4 $(top_srcdir)/m4/acx_dlopen.m4 \ $(top_srcdir)/m4/acx_enforcer_database.m4 \ $(top_srcdir)/m4/acx_ldns.m4 $(top_srcdir)/m4/acx_libc.m4 \ $(top_srcdir)/m4/acx_libreadline.m4 \ $(top_srcdir)/m4/acx_libxml2.m4 \ $(top_srcdir)/m4/acx_pedantic.m4 \ $(top_srcdir)/m4/acx_pkcs11_modules.m4 \ $(top_srcdir)/m4/acx_prefixhack.m4 \ $(top_srcdir)/m4/acx_rpath.m4 $(top_srcdir)/m4/acx_rt.m4 \ $(top_srcdir)/m4/acx_ssl.m4 \ $(top_srcdir)/m4/ax_append_compile_flags.m4 \ $(top_srcdir)/m4/ax_append_flag.m4 \ $(top_srcdir)/m4/ax_c___attribute__.m4 \ $(top_srcdir)/m4/ax_cflags_warn_all.m4 \ $(top_srcdir)/m4/ax_check_compile_flag.m4 \ $(top_srcdir)/m4/ax_compiler_flags_cflags.m4 \ $(top_srcdir)/m4/ax_lib_mysql.m4 \ $(top_srcdir)/m4/ax_lib_sqlite3.m4 \ $(top_srcdir)/m4/ax_prog_doxygen.m4 \ $(top_srcdir)/m4/ax_pthread.m4 \ $(top_srcdir)/m4/ax_require_defined.m4 \ $(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \ $(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \ $(top_srcdir)/m4/lt~obsolete.m4 \ $(top_srcdir)/m4/opendnssec_common.m4 $(top_srcdir)/version.m4 \ $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/common/config.h CONFIG_CLEAN_FILES = CONFIG_CLEAN_VPATH_FILES = am_test_OBJECTS = test.$(OBJEXT) test_classes.$(OBJEXT) \ test_initialization.$(OBJEXT) \ test_database_operations.$(OBJEXT) test_hsm_key.$(OBJEXT) \ test_key_data.$(OBJEXT) test_key_state.$(OBJEXT) \ test_key_dependency.$(OBJEXT) test_policy.$(OBJEXT) \ test_policy_key.$(OBJEXT) test_database_version.$(OBJEXT) \ test_zone.$(OBJEXT) test_OBJECTS = $(am_test_OBJECTS) test_DEPENDENCIES = ../db_backend.o ../db_clause.o \ ../db_configuration.o ../db_connection.o ../db_join.o \ ../db_object.o ../db_result.o ../db_value.o ../hsm_key.o \ ../hsm_key_ext.o ../key_data.o ../key_data_ext.o \ ../key_state.o ../key_state_ext.o ../key_dependency.o \ ../key_dependency_ext.o ../policy.o ../policy_ext.o \ ../policy_key.o ../policy_key_ext.o ../database_version.o \ ../database_version_ext.o ../zone_db.o ../zone_db_ext.o \ ${top_builddir}/common/duration.o ${top_builddir}/common/log.o \ ${top_builddir}/common/file.o $(BACKEND_LDADD_CUSTOM) AM_V_lt = $(am__v_lt_@AM_V@) am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(test_LDFLAGS) $(LDFLAGS) -o $@ AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false am__v_P_1 = : AM_V_GEN = $(am__v_GEN_@AM_V@) am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) am__v_GEN_0 = @echo " GEN " $@; am__v_GEN_1 = AM_V_at = $(am__v_at_@AM_V@) am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)/common depcomp = $(SHELL) $(top_srcdir)/depcomp am__maybe_remake_depfiles = depfiles am__depfiles_remade = ./$(DEPDIR)/test.Po ./$(DEPDIR)/test_classes.Po \ ./$(DEPDIR)/test_database_operations.Po \ ./$(DEPDIR)/test_database_version.Po \ ./$(DEPDIR)/test_hsm_key.Po ./$(DEPDIR)/test_initialization.Po \ ./$(DEPDIR)/test_key_data.Po \ ./$(DEPDIR)/test_key_dependency.Po \ ./$(DEPDIR)/test_key_state.Po ./$(DEPDIR)/test_policy.Po \ ./$(DEPDIR)/test_policy_key.Po ./$(DEPDIR)/test_zone.Po am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ $(AM_CFLAGS) $(CFLAGS) AM_V_CC = $(am__v_CC_@AM_V@) am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) am__v_CC_0 = @echo " CC " $@; am__v_CC_1 = CCLD = $(CC) LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ $(AM_LDFLAGS) $(LDFLAGS) -o $@ AM_V_CCLD = $(am__v_CCLD_@AM_V@) am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(test_SOURCES) DIST_SOURCES = $(test_SOURCES) am__can_run_installinfo = \ case $$AM_UPDATE_INFO_DIR in \ n|no|NO) false;; \ *) (install-info --version) >/dev/null 2>&1;; \ esac am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is # *not* preserved. am__uniquify_input = $(AWK) '\ BEGIN { nonempty = 0; } \ { items[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in items) print i; }; } \ ' # Make sure the list of sources is unique. This is necessary because, # e.g., the same source file might be shared among _SOURCES variables # for different programs/libraries. am__define_uniq_tagged_files = \ list='$(am__tagged_files)'; \ unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AR = @AR@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ AWK = @AWK@ CC = @CC@ CCDEPMODE = @CCDEPMODE@ CFLAGS = @CFLAGS@ CP = @CP@ CPP = @CPP@ CPPFLAGS = @CPPFLAGS@ CUNIT_INCLUDES = @CUNIT_INCLUDES@ CUNIT_LIBS = @CUNIT_LIBS@ CXX = @CXX@ CXXCPP = @CXXCPP@ CXXDEPMODE = @CXXDEPMODE@ CXXFLAGS = @CXXFLAGS@ CYGPATH_W = @CYGPATH_W@ C_LIBS = @C_LIBS@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ DOXYGEN_PAPER_SIZE = @DOXYGEN_PAPER_SIZE@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ DX_CONFIG = @DX_CONFIG@ DX_DOCDIR = @DX_DOCDIR@ DX_DOT = @DX_DOT@ DX_DOXYGEN = @DX_DOXYGEN@ DX_DVIPS = @DX_DVIPS@ DX_EGREP = @DX_EGREP@ DX_ENV = @DX_ENV@ DX_FLAG_chi = @DX_FLAG_chi@ DX_FLAG_chm = @DX_FLAG_chm@ DX_FLAG_doc = @DX_FLAG_doc@ DX_FLAG_dot = @DX_FLAG_dot@ DX_FLAG_html = @DX_FLAG_html@ DX_FLAG_man = @DX_FLAG_man@ DX_FLAG_pdf = @DX_FLAG_pdf@ DX_FLAG_ps = @DX_FLAG_ps@ DX_FLAG_rtf = @DX_FLAG_rtf@ DX_FLAG_xml = @DX_FLAG_xml@ DX_HHC = @DX_HHC@ DX_LATEX = @DX_LATEX@ DX_MAKEINDEX = @DX_MAKEINDEX@ DX_PDFLATEX = @DX_PDFLATEX@ DX_PERL = @DX_PERL@ DX_PROJECT = @DX_PROJECT@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ ENFORCER_DB_DATABASE = @ENFORCER_DB_DATABASE@ ENFORCER_DB_HOST = @ENFORCER_DB_HOST@ ENFORCER_DB_INCLUDES = @ENFORCER_DB_INCLUDES@ ENFORCER_DB_LIBS = @ENFORCER_DB_LIBS@ ENFORCER_DB_PASSWORD = @ENFORCER_DB_PASSWORD@ ENFORCER_DB_PORT = @ENFORCER_DB_PORT@ ENFORCER_DB_PORT_TEXT = @ENFORCER_DB_PORT_TEXT@ ENFORCER_DB_USERNAME = @ENFORCER_DB_USERNAME@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ GREP = @GREP@ HAVE_SSL = @HAVE_SSL@ HAVE_SSL_NEW_HMAC = @HAVE_SSL_NEW_HMAC@ INSTALL = @INSTALL@ INSTALLATIONCOND = @INSTALLATIONCOND@ INSTALLATIONGROUP = @INSTALLATIONGROUP@ INSTALLATIONGROUPARG = @INSTALLATIONGROUPARG@ INSTALLATIONUSER = @INSTALLATIONUSER@ INSTALLATIONUSERARG = @INSTALLATIONUSERARG@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SCRIPT = @INSTALL_SCRIPT@ INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ JAVA = @JAVA@ LD = @LD@ LDFLAGS = @LDFLAGS@ LDNS_CONFIG = @LDNS_CONFIG@ LDNS_INCLUDES = @LDNS_INCLUDES@ LDNS_LIBS = @LDNS_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ LIBUNWIND_CFLAGS = @LIBUNWIND_CFLAGS@ LIBUNWIND_LIBS = @LIBUNWIND_LIBS@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ MYSQL_CFLAGS = @MYSQL_CFLAGS@ MYSQL_CONFIG = @MYSQL_CONFIG@ MYSQL_LDFLAGS = @MYSQL_LDFLAGS@ MYSQL_VERSION = @MYSQL_VERSION@ NM = @NM@ NMEDIT = @NMEDIT@ OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OPENDNSSEC_BIN_DIR = @OPENDNSSEC_BIN_DIR@ OPENDNSSEC_CONFIG_DIR = @OPENDNSSEC_CONFIG_DIR@ OPENDNSSEC_CONFIG_FILE = @OPENDNSSEC_CONFIG_FILE@ OPENDNSSEC_DATA_DIR = @OPENDNSSEC_DATA_DIR@ OPENDNSSEC_ENFORCER_PIDFILE = @OPENDNSSEC_ENFORCER_PIDFILE@ OPENDNSSEC_ENFORCER_SOCKETFILE = @OPENDNSSEC_ENFORCER_SOCKETFILE@ OPENDNSSEC_FETCH_PIDFILE = @OPENDNSSEC_FETCH_PIDFILE@ OPENDNSSEC_LIBEXEC_DIR = @OPENDNSSEC_LIBEXEC_DIR@ OPENDNSSEC_LIB_DIR = @OPENDNSSEC_LIB_DIR@ OPENDNSSEC_LOCALSTATE_DIR = @OPENDNSSEC_LOCALSTATE_DIR@ OPENDNSSEC_PID_DIR = @OPENDNSSEC_PID_DIR@ OPENDNSSEC_SBIN_DIR = @OPENDNSSEC_SBIN_DIR@ OPENDNSSEC_SCHEMA_DIR = @OPENDNSSEC_SCHEMA_DIR@ OPENDNSSEC_SIGNER_CLI = @OPENDNSSEC_SIGNER_CLI@ OPENDNSSEC_SIGNER_ENGINE = @OPENDNSSEC_SIGNER_ENGINE@ OPENDNSSEC_SIGNER_PIDFILE = @OPENDNSSEC_SIGNER_PIDFILE@ OPENDNSSEC_SIGNER_SOCKET = @OPENDNSSEC_SIGNER_SOCKET@ OPENDNSSEC_STATE_DIR = @OPENDNSSEC_STATE_DIR@ OPENDNSSEC_SYSCONF_DIR = @OPENDNSSEC_SYSCONF_DIR@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ PACKAGE = @PACKAGE@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ PTHREAD_CC = @PTHREAD_CC@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ RANLIB = @RANLIB@ READLINE_LIBS = @READLINE_LIBS@ RT_LIBS = @RT_LIBS@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ SQLITE3_CFLAGS = @SQLITE3_CFLAGS@ SQLITE3_LDFLAGS = @SQLITE3_LDFLAGS@ SQLITE3_VERSION = @SQLITE3_VERSION@ SSL_INCLUDES = @SSL_INCLUDES@ SSL_LIBS = @SSL_LIBS@ STRIP = @STRIP@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XML2_CONFIG = @XML2_CONFIG@ XML2_INCLUDES = @XML2_INCLUDES@ XML2_LIBS = @XML2_LIBS@ XMLLINT = @XMLLINT@ XSLTPROC = @XSLTPROC@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ am__include = @am__include@ am__leading_dot = @am__leading_dot@ am__quote = @am__quote@ am__tar = @am__tar@ am__untar = @am__untar@ ax_pthread_config = @ax_pthread_config@ bindir = @bindir@ build = @build@ build_alias = @build_alias@ build_cpu = @build_cpu@ build_os = @build_os@ build_vendor = @build_vendor@ builddir = @builddir@ datadir = @datadir@ datarootdir = @datarootdir@ docdir = @docdir@ dvidir = @dvidir@ exec_prefix = @exec_prefix@ host = @host@ host_alias = @host_alias@ host_cpu = @host_cpu@ host_os = @host_os@ host_vendor = @host_vendor@ htmldir = @htmldir@ includedir = @includedir@ infodir = @infodir@ install_sh = @install_sh@ libdir = @libdir@ libexecdir = @libexecdir@ localedir = @localedir@ localstatedir = @localstatedir@ mandir = @mandir@ mkdir_p = @mkdir_p@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ pkcs11_aepkeyper_module = @pkcs11_aepkeyper_module@ pkcs11_etoken_module = @pkcs11_etoken_module@ pkcs11_ncipher_module = @pkcs11_ncipher_module@ pkcs11_opensc_module = @pkcs11_opensc_module@ pkcs11_sca6000_module = @pkcs11_sca6000_module@ pkcs11_softhsm_module = @pkcs11_softhsm_module@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ MAINTAINERCLEANFILES = $(srcdir)/Makefile.in AM_CPPFLAGS = \ -I$(top_srcdir)/common \ -I$(top_builddir)/common \ @ENFORCER_DB_INCLUDES@ \ @CUNIT_INCLUDES@ \ @XML2_INCLUDES@ test_SOURCES = \ test.c test.h \ test_classes.c \ test_initialization.c \ test_database_operations.c \ test_hsm_key.c test_hsm_key.h \ test_key_data.c test_key_data.h \ test_key_state.c test_key_state.h \ test_key_dependency.c test_key_dependency.h \ test_policy.c test_policy.h \ test_policy_key.c test_policy_key.h \ test_database_version.c test_database_version.h \ test_zone.c test_zone.h BACKEND_LDADD_CUSTOM = $(am__append_1) $(am__append_2) BACKEND_LDFLAGS_CUSTOM = test_LDADD = \ ../db_backend.o \ ../db_clause.o \ ../db_configuration.o \ ../db_connection.o \ ../db_join.o \ ../db_object.o \ ../db_result.o \ ../db_value.o \ ../hsm_key.o ../hsm_key_ext.o \ ../key_data.o ../key_data_ext.o \ ../key_state.o ../key_state_ext.o \ ../key_dependency.o ../key_dependency_ext.o \ ../policy.o ../policy_ext.o \ ../policy_key.o ../policy_key_ext.o \ ../database_version.o ../database_version_ext.o \ ../zone_db.o ../zone_db_ext.o \ ${top_builddir}/common/duration.o \ ${top_builddir}/common/log.o \ ${top_builddir}/common/file.o \ $(BACKEND_LDADD_CUSTOM) test_LDFLAGS = -no-install \ @XML2_LIBS@ \ @PTHREAD_LIBS@ \ @RT_LIBS@ \ @CUNIT_LIBS@ \ @ENFORCER_DB_LIBS@ \ $(BACKEND_LDFLAGS_CUSTOM) all: all-am .SUFFIXES: .SUFFIXES: .c .lo .o .obj $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign enforcer/src/db/test/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign enforcer/src/db/test/Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(top_srcdir)/configure: $(am__configure_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(ACLOCAL_M4): $(am__aclocal_m4_deps) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh $(am__aclocal_m4_deps): clean-checkPROGRAMS: @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ echo " rm -f" $$list; \ rm -f $$list || exit $$?; \ test -n "$(EXEEXT)" || exit 0; \ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ echo " rm -f" $$list; \ rm -f $$list test$(EXEEXT): $(test_OBJECTS) $(test_DEPENDENCIES) $(EXTRA_test_DEPENDENCIES) @rm -f test$(EXEEXT) $(AM_V_CCLD)$(test_LINK) $(test_OBJECTS) $(test_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_classes.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_database_operations.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_database_version.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_hsm_key.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_initialization.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_key_data.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_key_dependency.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_key_state.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_policy.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_policy_key.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_zone.Po@am__quote@ # am--include-marker $(am__depfiles_remade): @$(MKDIR_P) $(@D) @echo '# dummy' >$@-t && $(am__mv) $@-t $@ am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ @am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs ID: $(am__tagged_files) $(am__define_uniq_tagged_files); mkid -fID $$unique tags: tags-am TAGS: tags tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) set x; \ here=`pwd`; \ $(am__define_uniq_tagged_files); \ shift; \ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ if test $$# -gt 0; then \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ "$$@" $$unique; \ else \ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ $$unique; \ fi; \ fi ctags: ctags-am CTAGS: ctags ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) $(am__define_uniq_tagged_files); \ test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ && $(am__cd) $(top_srcdir) \ && gtags -i $(GTAGS_ARGS) "$$here" cscopelist: cscopelist-am cscopelist-am: $(am__tagged_files) list='$(am__tagged_files)'; \ case "$(srcdir)" in \ [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ *) sdir=$(subdir)/$(srcdir) ;; \ esac; \ for i in $$list; do \ if test -f "$$i"; then \ echo "$(subdir)/$$i"; \ else \ echo "$$sdir/$$i"; \ fi; \ done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags distdir: $(BUILT_SOURCES) $(MAKE) $(AM_MAKEFLAGS) distdir-am distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ dist_files=`for file in $$list; do echo $$file; done | \ sed -e "s|^$$srcdirstrip/||;t" \ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ case $$dist_files in \ */*) $(MKDIR_P) `echo "$$dist_files" | \ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ sort -u` ;; \ esac; \ for file in $$dist_files; do \ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ if test -d "$(distdir)/$$file"; then \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ test -f "$(distdir)/$$file" \ || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done check-am: all-am $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) check: check-am all-am: Makefile installdirs: install: install-am install-exec: install-exec-am install-data: install-data-am uninstall: uninstall-am install-am: all-am @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am installcheck: installcheck-am install-strip: if test -z '$(STRIP)'; then \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ install; \ else \ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ fi mostlyclean-generic: clean-generic: distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) maintainer-clean-generic: @echo "This command is intended for maintainers to use" @echo "it deletes files that may require special tools to rebuild." -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES) clean: clean-am clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ mostlyclean-am distclean: distclean-am -rm -f ./$(DEPDIR)/test.Po -rm -f ./$(DEPDIR)/test_classes.Po -rm -f ./$(DEPDIR)/test_database_operations.Po -rm -f ./$(DEPDIR)/test_database_version.Po -rm -f ./$(DEPDIR)/test_hsm_key.Po -rm -f ./$(DEPDIR)/test_initialization.Po -rm -f ./$(DEPDIR)/test_key_data.Po -rm -f ./$(DEPDIR)/test_key_dependency.Po -rm -f ./$(DEPDIR)/test_key_state.Po -rm -f ./$(DEPDIR)/test_policy.Po -rm -f ./$(DEPDIR)/test_policy_key.Po -rm -f ./$(DEPDIR)/test_zone.Po -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags dvi: dvi-am dvi-am: html: html-am html-am: info: info-am info-am: install-data-am: install-dvi: install-dvi-am install-dvi-am: install-exec-am: install-html: install-html-am install-html-am: install-info: install-info-am install-info-am: install-man: install-pdf: install-pdf-am install-pdf-am: install-ps: install-ps-am install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am -rm -f ./$(DEPDIR)/test.Po -rm -f ./$(DEPDIR)/test_classes.Po -rm -f ./$(DEPDIR)/test_database_operations.Po -rm -f ./$(DEPDIR)/test_database_version.Po -rm -f ./$(DEPDIR)/test_hsm_key.Po -rm -f ./$(DEPDIR)/test_initialization.Po -rm -f ./$(DEPDIR)/test_key_data.Po -rm -f ./$(DEPDIR)/test_key_dependency.Po -rm -f ./$(DEPDIR)/test_key_state.Po -rm -f ./$(DEPDIR)/test_policy.Po -rm -f ./$(DEPDIR)/test_policy_key.Po -rm -f ./$(DEPDIR)/test_zone.Po -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic mostlyclean: mostlyclean-am mostlyclean-am: mostlyclean-compile mostlyclean-generic \ mostlyclean-libtool pdf: pdf-am pdf-am: ps: ps-am ps-am: uninstall-am: .MAKE: check-am install-am install-strip .PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-am clean \ clean-checkPROGRAMS clean-generic clean-libtool cscopelist-am \ ctags ctags-am distclean distclean-compile distclean-generic \ distclean-libtool distclean-tags distdir dvi dvi-am html \ html-am info info-am install install-am install-data \ install-data-am install-dvi install-dvi-am install-exec \ install-exec-am install-html install-html-am install-info \ install-info-am install-man install-pdf install-pdf-am \ install-ps install-ps-am install-strip installcheck \ installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags tags-am uninstall uninstall-am .PRECIOUS: Makefile check: regress-db regress-db: test @USE_SQLITE_TRUE@ rm -f test.db @USE_SQLITE_TRUE@ sqlite3 test.db < $(srcdir)/test.sqlite @USE_SQLITE_TRUE@ sqlite3 test.db < $(srcdir)/../schema.sqlite @USE_SQLITE_TRUE@ sqlite3 test.db < $(srcdir)/../data.sqlite @USE_MYSQL_TRUE@ mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/test.mysql @USE_MYSQL_TRUE@ mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../drop.mysql @USE_MYSQL_TRUE@ mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../schema.mysql @USE_MYSQL_TRUE@ mysql -u "@ENFORCER_DB_USERNAME@" "-p@ENFORCER_DB_PASSWORD@" "@ENFORCER_DB_DATABASE@" < $(srcdir)/../data.mysql ./test # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: opendnssec-2.1.5/enforcer/src/db/test/test.c0000644000202300020240000002240213560310771015652 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "test.h" #include "test_hsm_key.h" #include "test_key_data.h" #include "test_key_state.h" #include "test_key_dependency.h" #include "test_policy.h" #include "test_policy_key.h" #include "test_database_version.h" #include "test_zone.h" #include "CUnit/Basic.h" int main(void) { CU_pSuite pSuite = NULL; if (CUE_SUCCESS != CU_initialize_registry()) { return CU_get_error(); } pSuite = CU_add_suite("Classes", init_suite_classes, clean_suite_classes); if (!pSuite) { CU_cleanup_registry(); return CU_get_error(); } if (!CU_add_test(pSuite, "test of db_backend_handle", test_class_db_backend_handle) || !CU_add_test(pSuite, "test of db_backend", test_class_db_backend) || !CU_add_test(pSuite, "test of db_clause", test_class_db_clause) || !CU_add_test(pSuite, "test of db_clause_list", test_class_db_clause_list) || !CU_add_test(pSuite, "test of db_configuration", test_class_db_configuration) || !CU_add_test(pSuite, "test of db_configuration_list", test_class_db_configuration_list) || !CU_add_test(pSuite, "test of db_connection", test_class_db_connection) || !CU_add_test(pSuite, "test of db_object_field", test_class_db_object_field) || !CU_add_test(pSuite, "test of db_object_field_list", test_class_db_object_field_list) || !CU_add_test(pSuite, "test of db_object", test_class_db_object) || !CU_add_test(pSuite, "test of db_value_set", test_class_db_value_set) || !CU_add_test(pSuite, "test of db_result", test_class_db_result) || !CU_add_test(pSuite, "test of db_result_list", test_class_db_result_list) || !CU_add_test(pSuite, "test of db_value", test_class_db_value) || !CU_add_test(pSuite, "test of db_*_free", test_class_end)) { CU_cleanup_registry(); return CU_get_error(); } pSuite = CU_add_suite("Initialization", init_suite_initialization, clean_suite_initialization); if (!pSuite) { CU_cleanup_registry(); return CU_get_error(); } if (!CU_add_test(pSuite, "test of configuration", test_initialization_configuration) || !CU_add_test(pSuite, "test of connection", test_initialization_connection)) { CU_cleanup_registry(); return CU_get_error(); } #if defined(ENFORCER_DATABASE_SQLITE3) pSuite = CU_add_suite("SQLite database operations", init_suite_database_operations_sqlite, clean_suite_database_operations); if (!pSuite) { CU_cleanup_registry(); return CU_get_error(); } if (!CU_add_test(pSuite, "test of read object 1", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of create object 2", test_database_operations_create_object2) || !CU_add_test(pSuite, "test of read object 2", test_database_operations_read_object2) || !CU_add_test(pSuite, "test of read object 1 (#2)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of create object 3", test_database_operations_create_object3) || !CU_add_test(pSuite, "test of update object 2", test_database_operations_update_object2) || !CU_add_test(pSuite, "test of read all", test_database_operations_read_all) || !CU_add_test(pSuite, "test of count", test_database_operations_count) || !CU_add_test(pSuite, "test of delete object 3", test_database_operations_delete_object3) || !CU_add_test(pSuite, "test of read object 1 (#3)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of delete object 2", test_database_operations_delete_object2) || !CU_add_test(pSuite, "test of read object 1 (#4)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of read object 1 (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of create object 2 (REV)", test_database_operations_create_object2_2) || !CU_add_test(pSuite, "test of read object 2 (REV)", test_database_operations_read_object2_2) || !CU_add_test(pSuite, "test of read object 1 (#2) (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of create object 3 (REV)", test_database_operations_create_object3_2) || !CU_add_test(pSuite, "test of update object 2 (REV)", test_database_operations_update_object2_2) || !CU_add_test(pSuite, "test of updates revisions (REV)", test_database_operations_update_objects_revisions) || !CU_add_test(pSuite, "test of delete object 3 (REV)", test_database_operations_delete_object3_2) || !CU_add_test(pSuite, "test of read object 1 (#3) (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of delete object 2 (REV)", test_database_operations_delete_object2_2) || !CU_add_test(pSuite, "test of read object 1 (#4) (REV)", test_database_operations_read_object1_2)) { CU_cleanup_registry(); return CU_get_error(); } #endif #if defined(ENFORCER_DATABASE_MYSQL) pSuite = CU_add_suite("MySQL database operations", init_suite_database_operations_mysql, clean_suite_database_operations); if (!pSuite) { CU_cleanup_registry(); return CU_get_error(); } if (!CU_add_test(pSuite, "test of read object 1", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of create object 2", test_database_operations_create_object2) || !CU_add_test(pSuite, "test of read object 2", test_database_operations_read_object2) || !CU_add_test(pSuite, "test of read object 1 (#2)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of create object 3", test_database_operations_create_object3) || !CU_add_test(pSuite, "test of update object 2", test_database_operations_update_object2) || !CU_add_test(pSuite, "test of read all", test_database_operations_read_all) || !CU_add_test(pSuite, "test of delete object 3", test_database_operations_delete_object3) || !CU_add_test(pSuite, "test of read object 1 (#3)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of delete object 2", test_database_operations_delete_object2) || !CU_add_test(pSuite, "test of read object 1 (#4)", test_database_operations_read_object1) || !CU_add_test(pSuite, "test of read object 1 (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of create object 2 (REV)", test_database_operations_create_object2_2) || !CU_add_test(pSuite, "test of read object 2 (REV)", test_database_operations_read_object2_2) || !CU_add_test(pSuite, "test of read object 1 (#2) (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of create object 3 (REV)", test_database_operations_create_object3_2) || !CU_add_test(pSuite, "test of update object 2 (REV)", test_database_operations_update_object2_2) || !CU_add_test(pSuite, "test of updates revisions (REV)", test_database_operations_update_objects_revisions) || !CU_add_test(pSuite, "test of delete object 3 (REV)", test_database_operations_delete_object3_2) || !CU_add_test(pSuite, "test of read object 1 (#3) (REV)", test_database_operations_read_object1_2) || !CU_add_test(pSuite, "test of delete object 2 (REV)", test_database_operations_delete_object2_2) || !CU_add_test(pSuite, "test of read object 1 (#4) (REV)", test_database_operations_read_object1_2)) { CU_cleanup_registry(); return CU_get_error(); } #endif test_hsm_key_add_suite(); test_key_data_add_suite(); test_key_state_add_suite(); test_key_dependency_add_suite(); test_policy_add_suite(); test_policy_key_add_suite(); test_database_version_add_suite(); test_zone_add_suite(); CU_basic_set_mode(CU_BRM_VERBOSE); CU_basic_run_tests(); CU_cleanup_registry(); return CU_get_error(); } opendnssec-2.1.5/enforcer/src/db/test/test_key_dependency.h0000644000202300020240000000305313560310771020726 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __test_key_dependency_h #define __test_key_dependency_h int test_key_dependency_add_suite(void); #endif opendnssec-2.1.5/enforcer/src/db/db_configuration.c0000644000202300020240000001261313560310771017233 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "db_configuration.h" #include "db_error.h" #include #include /* DB CONFIGURATION */ db_configuration_t* db_configuration_new(void) { db_configuration_t* configuration = (db_configuration_t*)calloc(1, sizeof(db_configuration_t)); return configuration; } void db_configuration_free(db_configuration_t* configuration) { if (configuration) { if (configuration->name) { free(configuration->name); } if (configuration->value) { free(configuration->value); } free(configuration); } } const char* db_configuration_value(const db_configuration_t* configuration) { if (!configuration) { return NULL; } return configuration->value; } int db_configuration_set_name(db_configuration_t* configuration, const char* name) { char* new_name; if (!configuration) { return DB_ERROR_UNKNOWN; } if (!name) { return DB_ERROR_UNKNOWN; } if (!(new_name = strdup(name))) { return DB_ERROR_UNKNOWN; } if (configuration->name) { free(configuration->name); } configuration->name = new_name; return DB_OK; } int db_configuration_set_value(db_configuration_t* configuration, const char* value) { char* new_value; if (!configuration) { return DB_ERROR_UNKNOWN; } if (!value) { return DB_ERROR_UNKNOWN; } if (!(new_value = strdup(value))) { return DB_ERROR_UNKNOWN; } if (configuration->value) { free(configuration->value); } configuration->value = new_value; return DB_OK; } int db_configuration_not_empty(const db_configuration_t* configuration) { if (!configuration) { return DB_ERROR_UNKNOWN; } if (!configuration->name) { return DB_ERROR_UNKNOWN; } if (!configuration->value) { return DB_ERROR_UNKNOWN; } return DB_OK; } /* DB CONFIGURATION LIST */ db_configuration_list_t* db_configuration_list_new(void) { db_configuration_list_t* configuration_list = (db_configuration_list_t*)calloc(1, sizeof(db_configuration_list_t)); return configuration_list; } void db_configuration_list_free(db_configuration_list_t* configuration_list) { if (configuration_list) { if (configuration_list->begin) { db_configuration_t* this = configuration_list->begin; db_configuration_t* next = NULL; while (this) { next = this->next; db_configuration_free(this); this = next; } } free(configuration_list); } } int db_configuration_list_add(db_configuration_list_t* configuration_list, db_configuration_t* configuration) { if (!configuration_list) { return DB_ERROR_UNKNOWN; } if (!configuration) { return DB_ERROR_UNKNOWN; } if (db_configuration_not_empty(configuration)) { return DB_ERROR_UNKNOWN; } if (configuration->next) { return DB_ERROR_UNKNOWN; } if (configuration_list->begin) { if (!configuration_list->end) { return DB_ERROR_UNKNOWN; } configuration_list->end->next = configuration; configuration_list->end = configuration; } else { configuration_list->begin = configuration; configuration_list->end = configuration; } return DB_OK; } const db_configuration_t* db_configuration_list_find(const db_configuration_list_t* configuration_list, const char* name) { db_configuration_t* configuration; if (!configuration_list) { return NULL; } if (!name) { return NULL; } configuration = configuration_list->begin; while (configuration) { if (db_configuration_not_empty(configuration)) { return NULL; } if (!strcmp(configuration->name, name)) { break; } configuration = configuration->next; } return configuration; } opendnssec-2.1.5/enforcer/src/db/db_configuration.h0000644000202300020240000001131413560310771017235 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_configuration_h #define __db_configuration_h struct db_configuration; struct db_configuration_list; typedef struct db_configuration db_configuration_t; typedef struct db_configuration_list db_configuration_list_t; /** * A database configuration represented by a key and value. */ struct db_configuration { db_configuration_t* next; char* name; char* value; }; /** * Create a new database configuration. * \return a db_configuration_t pointer or NULL on error. */ db_configuration_t* db_configuration_new(void); /** * Delete a database configuration. * \param[in] configuration a db_configuration_t pointer. */ void db_configuration_free(db_configuration_t* configuration); /** * Get the value of a database configuration. * \param[in] configuration a db_configuration_t pointer. * \return a character pointer or NULL on error or if no database configuration * value has been set. */ const char* db_configuration_value(const db_configuration_t* configuration); /** * Set the name of a database configuration. * \param[in] configuration a db_configuration_t pointer. * \param[in] name a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_configuration_set_name(db_configuration_t* configuration, const char* name); /** * Set the value of a database configuration. * \param[in] configuration a db_configuration_t pointer. * \param[in] value a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_configuration_set_value(db_configuration_t* configuration, const char* value); /** * Check if the database configuration is not empty. * \param[in] configuration a db_configuration_t pointer. * \return DB_ERROR_* if empty, otherwise DB_OK. */ int db_configuration_not_empty(const db_configuration_t* configuration); /** * A list of database configurations. */ struct db_configuration_list { db_configuration_t* begin; db_configuration_t* end; }; /** * Create a new database configuration list. * \return a db_configuration_list_t pointer or NULL on error. */ db_configuration_list_t* db_configuration_list_new(void); /** * Delete a database configuration list and all database configurations in the * list. * \param[in] configuration_list a db_configuration_list_t pointer. */ void db_configuration_list_free(db_configuration_list_t* configuration_list); /** * free global allocator. * db_configuration_list_free MUST be called for all its contents. */ /** * Add a database configuration to a database configuration list, this takes * over the ownership of the database configuration. * \param[in] configuration_list a db_configuration_list_t pointer. * \param[in] configuration a db_configuration_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_configuration_list_add(db_configuration_list_t* configuration_list, db_configuration_t* configuration); /** * Find a database configuration by name within a database configuration list. * \param[in] configuration_list a db_configuration_list_t pointer. * \param[in] name a character pointer. * \return a db_configuration_t pointer or NULL on error or if the database * configuration does not exist. */ const db_configuration_t* db_configuration_list_find(const db_configuration_list_t* configuration_list, const char* name); #endif opendnssec-2.1.5/enforcer/src/db/policy_key.c0000644000202300020240000014061213560311035016061 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "policy_key.h" #include "db_error.h" #include const db_enum_t policy_key_enum_set_role[] = { { "KSK", (policy_key_role_t)POLICY_KEY_ROLE_KSK }, { "ZSK", (policy_key_role_t)POLICY_KEY_ROLE_ZSK }, { "CSK", (policy_key_role_t)POLICY_KEY_ROLE_CSK }, { NULL, 0 } }; /** * Create a new policy key object. * \param[in] connection a db_connection_t pointer. * \return a policy_key_t pointer or NULL on error. */ static db_object_t* __policy_key_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "policyKey") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_key_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "bits") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "lifetime") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "repository") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "standby") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "manualRollover") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rfc5011") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* POLICY KEY */ policy_key_t* policy_key_new(const db_connection_t* connection) { policy_key_t* policy_key = (policy_key_t*)calloc(1, sizeof(policy_key_t)); if (policy_key) { if (!(policy_key->dbo = __policy_key_new_object(connection))) { free(policy_key); return NULL; } db_value_reset(&(policy_key->id)); db_value_reset(&(policy_key->rev)); db_value_reset(&(policy_key->policy_id)); policy_key->role = POLICY_KEY_ROLE_INVALID; } return policy_key; } policy_key_t* policy_key_new_copy(const policy_key_t* policy_key) { policy_key_t* new_policy_key; if (!policy_key) { return NULL; } if (!policy_key->dbo) { return NULL; } if (!(new_policy_key = policy_key_new(db_object_connection(policy_key->dbo))) || policy_key_copy(new_policy_key, policy_key)) { policy_key_free(new_policy_key); return NULL; } return new_policy_key; } void policy_key_free(policy_key_t* policy_key) { if (policy_key) { if (policy_key->dbo) { db_object_free(policy_key->dbo); } db_value_reset(&(policy_key->id)); db_value_reset(&(policy_key->rev)); db_value_reset(&(policy_key->policy_id)); if (policy_key->private_policy_id) { policy_free(policy_key->private_policy_id); } if (policy_key->repository) { free(policy_key->repository); } free(policy_key); } } void policy_key_reset(policy_key_t* policy_key) { if (policy_key) { db_value_reset(&(policy_key->id)); db_value_reset(&(policy_key->rev)); db_value_reset(&(policy_key->policy_id)); if (policy_key->private_policy_id) { policy_free(policy_key->private_policy_id); policy_key->private_policy_id = NULL; } policy_key->associated_policy_id = NULL; policy_key->role = POLICY_KEY_ROLE_INVALID; policy_key->algorithm = 0; policy_key->bits = 0; policy_key->lifetime = 0; if (policy_key->repository) { free(policy_key->repository); policy_key->repository = NULL; } policy_key->standby = 0; policy_key->manual_rollover = 0; policy_key->rfc5011 = 0; policy_key->minimize = 0; } } int policy_key_copy(policy_key_t* policy_key, const policy_key_t* policy_key_copy) { char* repository_text = NULL; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_key_copy) { return DB_ERROR_UNKNOWN; } if (policy_key_copy->repository) { if (!(repository_text = strdup(policy_key_copy->repository))) { return DB_ERROR_UNKNOWN; } } if (db_value_copy(&(policy_key->id), &(policy_key_copy->id))) { if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(policy_key->rev), &(policy_key_copy->rev))) { if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(policy_key->policy_id), &(policy_key_copy->policy_id))) { if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (policy_key->private_policy_id) { policy_free(policy_key->private_policy_id); policy_key->private_policy_id = NULL; } if (policy_key_copy->private_policy_id && !(policy_key->private_policy_id = policy_new_copy(policy_key_copy->private_policy_id))) { if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } policy_key->associated_policy_id = NULL; if (!policy_key_copy->private_policy_id && policy_key_copy->associated_policy_id && !(policy_key->private_policy_id = policy_new_copy(policy_key_copy->associated_policy_id))) { if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } policy_key->role = policy_key_copy->role; policy_key->algorithm = policy_key_copy->algorithm; policy_key->bits = policy_key_copy->bits; policy_key->lifetime = policy_key_copy->lifetime; if (policy_key->repository) { free(policy_key->repository); } policy_key->repository = repository_text; policy_key->standby = policy_key_copy->standby; policy_key->manual_rollover = policy_key_copy->manual_rollover; policy_key->rfc5011 = policy_key_copy->rfc5011; policy_key->minimize = policy_key_copy->minimize; return DB_OK; } int policy_key_cmp(const policy_key_t* policy_key_a, const policy_key_t* policy_key_b) { int ret; if (!policy_key_a && !policy_key_b) { return 0; } if (!policy_key_a && policy_key_b) { return -1; } if (policy_key_a && !policy_key_b) { return 1; } ret = 0; db_value_cmp(&(policy_key_a->policy_id), &(policy_key_b->policy_id), &ret); if (ret) { return ret; } if (policy_key_a->role != policy_key_b->role) { return policy_key_a->role < policy_key_b->role ? -1 : 1; } if (policy_key_a->algorithm != policy_key_b->algorithm) { return policy_key_a->algorithm < policy_key_b->algorithm ? -1 : 1; } if (policy_key_a->bits != policy_key_b->bits) { return policy_key_a->bits < policy_key_b->bits ? -1 : 1; } if (policy_key_a->lifetime != policy_key_b->lifetime) { return policy_key_a->lifetime < policy_key_b->lifetime ? -1 : 1; } if (policy_key_a->repository && policy_key_b->repository) { if ((ret = strcmp(policy_key_a->repository, policy_key_b->repository))) { return ret; } } else { if (!policy_key_a->repository && policy_key_b->repository) { return -1; } if (policy_key_a->repository && !policy_key_b->repository) { return -1; } } if (policy_key_a->standby != policy_key_b->standby) { return policy_key_a->standby < policy_key_b->standby ? -1 : 1; } if (policy_key_a->manual_rollover != policy_key_b->manual_rollover) { return policy_key_a->manual_rollover < policy_key_b->manual_rollover ? -1 : 1; } if (policy_key_a->rfc5011 != policy_key_b->rfc5011) { return policy_key_a->rfc5011 < policy_key_b->rfc5011 ? -1 : 1; } if (policy_key_a->minimize != policy_key_b->minimize) { return policy_key_a->minimize < policy_key_b->minimize ? -1 : 1; } return 0; } int policy_key_from_result(policy_key_t* policy_key, const db_result_t* result) { const db_value_set_t* value_set; int role; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(policy_key->id)); db_value_reset(&(policy_key->rev)); db_value_reset(&(policy_key->policy_id)); if (policy_key->repository) { free(policy_key->repository); } policy_key->repository = NULL; if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 12 || db_value_copy(&(policy_key->id), db_value_set_at(value_set, 0)) || db_value_copy(&(policy_key->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(policy_key->policy_id), db_value_set_at(value_set, 2)) || db_value_to_enum_value(db_value_set_at(value_set, 3), &role, policy_key_enum_set_role) || db_value_to_uint32(db_value_set_at(value_set, 4), &(policy_key->algorithm)) || db_value_to_uint32(db_value_set_at(value_set, 5), &(policy_key->bits)) || db_value_to_uint32(db_value_set_at(value_set, 6), &(policy_key->lifetime)) || db_value_to_text(db_value_set_at(value_set, 7), &(policy_key->repository)) || db_value_to_uint32(db_value_set_at(value_set, 8), &(policy_key->standby)) || db_value_to_uint32(db_value_set_at(value_set, 9), &(policy_key->manual_rollover)) || db_value_to_uint32(db_value_set_at(value_set, 10), &(policy_key->rfc5011)) || db_value_to_uint32(db_value_set_at(value_set, 11), &(policy_key->minimize))) { return DB_ERROR_UNKNOWN; } if (role == (policy_key_role_t)POLICY_KEY_ROLE_KSK) { policy_key->role = POLICY_KEY_ROLE_KSK; } else if (role == (policy_key_role_t)POLICY_KEY_ROLE_ZSK) { policy_key->role = POLICY_KEY_ROLE_ZSK; } else if (role == (policy_key_role_t)POLICY_KEY_ROLE_CSK) { policy_key->role = POLICY_KEY_ROLE_CSK; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* policy_key_policy_id(const policy_key_t* policy_key) { if (!policy_key) { return NULL; } return &(policy_key->policy_id); } policy_key_role_t policy_key_role(const policy_key_t* policy_key) { if (!policy_key) { return POLICY_KEY_ROLE_INVALID; } return policy_key->role; } const char* policy_key_role_text(const policy_key_t* policy_key) { const db_enum_t* enum_set = policy_key_enum_set_role; if (!policy_key) { return NULL; } while (enum_set->text) { if (enum_set->value == policy_key->role) { return enum_set->text; } enum_set++; } return NULL; } unsigned int policy_key_algorithm(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->algorithm; } unsigned int policy_key_bits(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->bits; } unsigned int policy_key_lifetime(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->lifetime; } const char* policy_key_repository(const policy_key_t* policy_key) { if (!policy_key) { return NULL; } return policy_key->repository; } int policy_key_standby(const policy_key_t* policy_key) { if (!policy_key) { return -1; } return policy_key->standby; } unsigned int policy_key_manual_rollover(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->manual_rollover; } unsigned int policy_key_rfc5011(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->rfc5011; } unsigned int policy_key_minimize(const policy_key_t* policy_key) { if (!policy_key) { return 0; } return policy_key->minimize; } int policy_key_set_policy_id(policy_key_t* policy_key, const db_value_t* policy_id) { if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(policy_key->policy_id)); if (db_value_copy(&(policy_key->policy_id), policy_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int policy_key_set_role(policy_key_t* policy_key, policy_key_role_t role) { if (!policy_key) { return DB_ERROR_UNKNOWN; } if (role == POLICY_KEY_ROLE_INVALID) { return DB_ERROR_UNKNOWN; } policy_key->role = role; return DB_OK; } int policy_key_set_algorithm(policy_key_t* policy_key, unsigned int algorithm) { if (!policy_key) { return DB_ERROR_UNKNOWN; } if (algorithm > 255) { return DB_ERROR_UNKNOWN; } policy_key->algorithm = algorithm; return DB_OK; } int policy_key_set_bits(policy_key_t* policy_key, unsigned int bits) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->bits = bits; return DB_OK; } int policy_key_set_lifetime(policy_key_t* policy_key, unsigned int lifetime) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->lifetime = lifetime; return DB_OK; } int policy_key_set_repository(policy_key_t* policy_key, const char* repository_text) { char* new_repository; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!repository_text) { return DB_ERROR_UNKNOWN; } if (!(new_repository = strdup(repository_text))) { return DB_ERROR_UNKNOWN; } if (policy_key->repository) { free(policy_key->repository); } policy_key->repository = new_repository; return DB_OK; } int policy_key_set_standby(policy_key_t* policy_key, unsigned int standby) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->standby = standby; return DB_OK; } int policy_key_set_manual_rollover(policy_key_t* policy_key, unsigned int manual_rollover) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->manual_rollover = manual_rollover; return DB_OK; } int policy_key_set_rfc5011(policy_key_t* policy_key, unsigned int rfc5011) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->rfc5011 = rfc5011; return DB_OK; } int policy_key_set_minimize(policy_key_t* policy_key, unsigned int minimize) { if (!policy_key) { return DB_ERROR_UNKNOWN; } policy_key->minimize = minimize; return DB_OK; } int policy_key_create(policy_key_t* policy_key) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_key->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(policy_key->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(policy_key->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(policy_key->policy_id))) { return DB_ERROR_UNKNOWN; } if (!policy_key->repository) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, policy_key_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "bits") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "lifetime") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "repository") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "standby") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "manualRollover") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rfc5011") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(10))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(policy_key->policy_id)) || db_value_from_enum_value(db_value_set_get(value_set, 1), policy_key->role, policy_key_enum_set_role) || db_value_from_uint32(db_value_set_get(value_set, 2), policy_key->algorithm) || db_value_from_uint32(db_value_set_get(value_set, 3), policy_key->bits) || db_value_from_uint32(db_value_set_get(value_set, 4), policy_key->lifetime) || db_value_from_text(db_value_set_get(value_set, 5), policy_key->repository) || db_value_from_uint32(db_value_set_get(value_set, 6), policy_key->standby) || db_value_from_uint32(db_value_set_get(value_set, 7), policy_key->manual_rollover) || db_value_from_uint32(db_value_set_get(value_set, 8), policy_key->rfc5011) || db_value_from_uint32(db_value_set_get(value_set, 9), policy_key->minimize)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(policy_key->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int policy_key_get_by_id(policy_key_t* policy_key, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_key->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(policy_key->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (policy_key_from_result(policy_key, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int policy_key_delete(policy_key_t* policy_key) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_key->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(policy_key->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy_key->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(policy_key->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(policy_key->dbo, clause_list); db_clause_list_free(clause_list); return ret; } /* POLICY KEY LIST */ policy_key_list_t* policy_key_list_new(const db_connection_t* connection) { policy_key_list_t* policy_key_list = (policy_key_list_t*)calloc(1, sizeof(policy_key_list_t)); if (policy_key_list) { if (!(policy_key_list->dbo = __policy_key_new_object(connection))) { free(policy_key_list); return NULL; } } return policy_key_list; } policy_key_list_t* policy_key_list_new_copy(const policy_key_list_t* from_policy_key_list) { policy_key_list_t* policy_key_list; if (!from_policy_key_list) { return NULL; } if (!from_policy_key_list->dbo) { return NULL; } if (!(policy_key_list = policy_key_list_new(db_object_connection(from_policy_key_list->dbo))) || policy_key_list_copy(policy_key_list, from_policy_key_list)) { policy_key_list_free(policy_key_list); return NULL; } return policy_key_list; } int policy_key_list_object_store(policy_key_list_t* policy_key_list) { if (!policy_key_list) { return DB_ERROR_UNKNOWN; } policy_key_list->object_store = 1; return DB_OK; } void policy_key_list_free(policy_key_list_t* policy_key_list) { size_t i; if (policy_key_list) { if (policy_key_list->dbo) { db_object_free(policy_key_list->dbo); } if (policy_key_list->result_list) { db_result_list_free(policy_key_list->result_list); } if (policy_key_list->policy_key) { policy_key_free(policy_key_list->policy_key); } for (i = 0; i < policy_key_list->object_list_size; i++) { if (policy_key_list->object_list[i]) { policy_key_free(policy_key_list->object_list[i]); } } if (policy_key_list->object_list) { free(policy_key_list->object_list); } if (policy_key_list->policy_id_list) { policy_list_free(policy_key_list->policy_id_list); } free(policy_key_list); } } int policy_key_list_copy(policy_key_list_t* policy_key_list, const policy_key_list_t* from_policy_key_list) { size_t i; if (!policy_key_list) { return DB_ERROR_UNKNOWN; } if (!from_policy_key_list) { return DB_ERROR_UNKNOWN; } if (from_policy_key_list->object_list && !from_policy_key_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (policy_key_list->result_list) { db_result_list_free(policy_key_list->result_list); policy_key_list->result_list = NULL; } if (from_policy_key_list->result_list && !(policy_key_list->result_list = db_result_list_new_copy(from_policy_key_list->result_list))) { return DB_ERROR_UNKNOWN; } policy_key_list->object_store = from_policy_key_list->object_store; for (i = 0; i < policy_key_list->object_list_size; i++) { if (policy_key_list->object_list[i]) { policy_key_free(policy_key_list->object_list[i]); } } policy_key_list->object_list_size = 0; if (policy_key_list->object_list) { free(policy_key_list->object_list); policy_key_list->object_list = NULL; } if (from_policy_key_list->object_list) { if (!(policy_key_list->object_list = (policy_key_t**)calloc(from_policy_key_list->object_list_size, sizeof(policy_key_t*)))) { return DB_ERROR_UNKNOWN; } policy_key_list->object_list_size = from_policy_key_list->object_list_size; for (i = 0; i < from_policy_key_list->object_list_size; i++) { if (!from_policy_key_list->object_list[i]) { continue; } if (!(policy_key_list->object_list[i] = policy_key_new_copy(from_policy_key_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } policy_key_list->object_list_position = 0;; policy_key_list->object_list_first = 1; policy_key_list->associated_fetch = from_policy_key_list->associated_fetch; if (from_policy_key_list->policy_id_list && !(policy_key_list->policy_id_list = policy_list_new_copy(from_policy_key_list->policy_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int policy_key_list_get_associated(policy_key_list_t* policy_key_list) { const db_clause_t* clause_walk; const policy_t* policy_policy_id; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const policy_key_t* policy_key; if (!policy_key_list) { return DB_ERROR_UNKNOWN; } if (!policy_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (!policy_key_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!policy_key_list->result_list) { return DB_ERROR_UNKNOWN; } if (policy_key_list->object_list) { return DB_ERROR_UNKNOWN; } if (policy_key_list->policy_id_list) { policy_list_free(policy_key_list->policy_id_list); policy_key_list->policy_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } policy_key = policy_key_list_begin(policy_key_list); while (policy_key) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), policy_key_policy_id(policy_key), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), policy_key_policy_id(policy_key)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } policy_key = policy_key_list_next(policy_key_list); } if (!(policy_key_list->policy_id_list = policy_list_new(db_object_connection(policy_key_list->dbo))) || policy_list_object_store(policy_key_list->policy_id_list) || policy_list_get_by_clauses(policy_key_list->policy_id_list, clause_list)) { if (policy_key_list->policy_id_list) { policy_list_free(policy_key_list->policy_id_list); policy_key_list->policy_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < policy_key_list->object_list_size; i++) { if (!(policy_key_list->object_list[i])) { return DB_ERROR_UNKNOWN; } policy_policy_id = policy_list_begin(policy_key_list->policy_id_list); while (policy_policy_id) { if (db_value_cmp(policy_key_policy_id(policy_key_list->object_list[i]), policy_id(policy_policy_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { policy_key_list->object_list[i]->associated_policy_id = policy_policy_id; } policy_policy_id = policy_list_next(policy_key_list->policy_id_list); } } policy_key_list->object_list_first = 1; return DB_OK; } int policy_key_list_get_by_clauses(policy_key_list_t* policy_key_list, const db_clause_list_t* clause_list) { size_t i; if (!policy_key_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!policy_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (policy_key_list->result_list) { db_result_list_free(policy_key_list->result_list); } if (policy_key_list->object_list_size) { for (i = 0; i < policy_key_list->object_list_size; i++) { if (policy_key_list->object_list[i]) { policy_key_free(policy_key_list->object_list[i]); } } policy_key_list->object_list_size = 0; policy_key_list->object_list_first = 0; } if (policy_key_list->object_list) { free(policy_key_list->object_list); policy_key_list->object_list = NULL; } if (!(policy_key_list->result_list = db_object_read(policy_key_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(policy_key_list->result_list)) { return DB_ERROR_UNKNOWN; } if (policy_key_list->associated_fetch && policy_key_list_get_associated(policy_key_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int policy_key_list_get_by_policy_id(policy_key_list_t* policy_key_list, const db_value_t* policy_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!policy_key_list) { return DB_ERROR_UNKNOWN; } if (!policy_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), policy_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (policy_key_list->result_list) { db_result_list_free(policy_key_list->result_list); } if (policy_key_list->object_list_size) { for (i = 0; i < policy_key_list->object_list_size; i++) { if (policy_key_list->object_list[i]) { policy_key_free(policy_key_list->object_list[i]); } } policy_key_list->object_list_size = 0; policy_key_list->object_list_first = 0; } if (policy_key_list->object_list) { free(policy_key_list->object_list); policy_key_list->object_list = NULL; } if (!(policy_key_list->result_list = db_object_read(policy_key_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(policy_key_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (policy_key_list->associated_fetch && policy_key_list_get_associated(policy_key_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } policy_key_list_t* policy_key_list_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id) { policy_key_list_t* policy_key_list; if (!connection) { return NULL; } if (!policy_id) { return NULL; } if (db_value_not_empty(policy_id)) { return NULL; } if (!(policy_key_list = policy_key_list_new(connection)) || policy_key_list_get_by_policy_id(policy_key_list, policy_id)) { policy_key_list_free(policy_key_list); return NULL; } return policy_key_list; } const policy_key_t* policy_key_list_begin(policy_key_list_t* policy_key_list) { const db_result_t* result; if (!policy_key_list) { return NULL; } if (policy_key_list->object_store) { if (!policy_key_list->object_list) { if (!policy_key_list->result_list) { return NULL; } if (!db_result_list_size(policy_key_list->result_list)) { return NULL; } if (!(policy_key_list->object_list = (policy_key_t**)calloc(db_result_list_size(policy_key_list->result_list), sizeof(policy_key_t*)))) { return NULL; } policy_key_list->object_list_size = db_result_list_size(policy_key_list->result_list); } if (!(policy_key_list->object_list[0])) { if (!policy_key_list->result_list) { return NULL; } if (!(result = db_result_list_begin(policy_key_list->result_list))) { return NULL; } if (!(policy_key_list->object_list[0] = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } if (policy_key_from_result(policy_key_list->object_list[0], result)) { return NULL; } } policy_key_list->object_list_position = 0; return policy_key_list->object_list[0]; } if (!policy_key_list->result_list) { return NULL; } if (!(result = db_result_list_begin(policy_key_list->result_list))) { return NULL; } if (!policy_key_list->policy_key) { if (!(policy_key_list->policy_key = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } } if (policy_key_from_result(policy_key_list->policy_key, result)) { return NULL; } return policy_key_list->policy_key; } const policy_key_t* policy_key_list_next(policy_key_list_t* policy_key_list) { const db_result_t* result; if (!policy_key_list) { return NULL; } if (policy_key_list->object_store) { if (!policy_key_list->object_list) { if (!policy_key_list->result_list) { return NULL; } if (!db_result_list_size(policy_key_list->result_list)) { return NULL; } if (!(policy_key_list->object_list = (policy_key_t**)calloc(db_result_list_size(policy_key_list->result_list), sizeof(policy_key_t*)))) { return NULL; } policy_key_list->object_list_size = db_result_list_size(policy_key_list->result_list); policy_key_list->object_list_position = 0; } else if (policy_key_list->object_list_first) { policy_key_list->object_list_first = 0; policy_key_list->object_list_position = 0; } else { policy_key_list->object_list_position++; } if (policy_key_list->object_list_position >= policy_key_list->object_list_size) { return NULL; } if (!(policy_key_list->object_list[policy_key_list->object_list_position])) { if (!policy_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_key_list->result_list))) { return NULL; } if (!(policy_key_list->object_list[policy_key_list->object_list_position] = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } if (policy_key_from_result(policy_key_list->object_list[policy_key_list->object_list_position], result)) { return NULL; } } return policy_key_list->object_list[policy_key_list->object_list_position]; } if (!policy_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_key_list->result_list))) { return NULL; } if (!policy_key_list->policy_key) { if (!(policy_key_list->policy_key = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } } if (policy_key_from_result(policy_key_list->policy_key, result)) { return NULL; } return policy_key_list->policy_key; } policy_key_t* policy_key_list_get_next(policy_key_list_t* policy_key_list) { const db_result_t* result; policy_key_t* policy_key; if (!policy_key_list) { return NULL; } if (policy_key_list->object_store) { if (!(policy_key = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } if (policy_key_copy(policy_key, policy_key_list_next(policy_key_list))) { policy_key_free(policy_key); return NULL; } return policy_key; } if (!policy_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(policy_key_list->result_list))) { return NULL; } if (!(policy_key = policy_key_new(db_object_connection(policy_key_list->dbo)))) { return NULL; } if (policy_key_from_result(policy_key, result)) { policy_key_free(policy_key); return NULL; } return policy_key; } size_t policy_key_list_size(policy_key_list_t* policy_key_list) { if (!policy_key_list) { return 0; } if (policy_key_list->object_store && policy_key_list->object_list) { return policy_key_list->object_list_size; } if (!policy_key_list->result_list) { return 0; } return db_result_list_size(policy_key_list->result_list); } int policy_key_get_by_policyid_and_role(policy_key_t* policy_key, const db_value_t* policyid, const policy_key_role_t role) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!policy_key) { return DB_ERROR_UNKNOWN; } if (!policy_key->dbo) { return DB_ERROR_UNKNOWN; } if (!policyid || !role) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), policyid) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "role") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), role, policy_key_enum_set_role) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(policy_key->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (policy_key_from_result(policy_key, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } policy_key_t * policy_key_new_get_by_policyid_and_role (const db_connection_t* connection, const db_value_t* policyid, const policy_key_role_t role) { policy_key_t* policy_key; if (!connection || !policyid || !role) return NULL; if (!(policy_key = policy_key_new(connection)) || policy_key_get_by_policyid_and_role(policy_key, policyid, role)) { policy_key_free(policy_key); return NULL; } return policy_key; } opendnssec-2.1.5/enforcer/src/db/key_state.c0000644000202300020240000013134013560311035015700 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_state.h" #include "db_error.h" #include const db_enum_t key_state_enum_set_type[] = { { "DS", (key_state_type_t)KEY_STATE_TYPE_DS }, { "RRSIG", (key_state_type_t)KEY_STATE_TYPE_RRSIG }, { "DNSKEY", (key_state_type_t)KEY_STATE_TYPE_DNSKEY }, { "RRSIGDNSKEY", (key_state_type_t)KEY_STATE_TYPE_RRSIGDNSKEY }, { NULL, 0 } }; const db_enum_t key_state_enum_set_state[] = { { "hidden", (key_state_state_t)KEY_STATE_STATE_HIDDEN }, { "rumoured", (key_state_state_t)KEY_STATE_STATE_RUMOURED }, { "omnipresent", (key_state_state_t)KEY_STATE_STATE_OMNIPRESENT }, { "unretentive", (key_state_state_t)KEY_STATE_STATE_UNRETENTIVE }, { "NA", (key_state_state_t)KEY_STATE_STATE_NA }, { NULL, 0 } }; /** * Create a new key state object. * \param[in] connection a db_connection_t pointer. * \return a key_state_t pointer or NULL on error. */ static db_object_t* __key_state_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "keyState") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "type") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "lastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* KEY STATE */ key_state_t* key_state_new(const db_connection_t* connection) { key_state_t* key_state = (key_state_t*)calloc(1, sizeof(key_state_t)); if (key_state) { if (!(key_state->dbo = __key_state_new_object(connection))) { free(key_state); return NULL; } db_value_reset(&(key_state->id)); db_value_reset(&(key_state->rev)); db_value_reset(&(key_state->key_data_id)); key_state->type = KEY_STATE_TYPE_INVALID; key_state->state = KEY_STATE_STATE_HIDDEN; } return key_state; } key_state_t* key_state_new_copy(const key_state_t* key_state) { key_state_t* new_key_state; if (!key_state) { return NULL; } if (!key_state->dbo) { return NULL; } if (!(new_key_state = key_state_new(db_object_connection(key_state->dbo))) || key_state_copy(new_key_state, key_state)) { key_state_free(new_key_state); return NULL; } return new_key_state; } void key_state_free(key_state_t* key_state) { if (key_state) { if (key_state->dbo) { db_object_free(key_state->dbo); } db_value_reset(&(key_state->id)); db_value_reset(&(key_state->rev)); db_value_reset(&(key_state->key_data_id)); if (key_state->private_key_data_id) { key_data_free(key_state->private_key_data_id); } free(key_state); } } int key_state_copy(key_state_t* key_state, const key_state_t* key_state_copy) { if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_state_copy) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_state->id), &(key_state_copy->id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_state->rev), &(key_state_copy->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_state->key_data_id), &(key_state_copy->key_data_id))) { return DB_ERROR_UNKNOWN; } if (key_state->private_key_data_id) { key_data_free(key_state->private_key_data_id); key_state->private_key_data_id = NULL; } if (key_state_copy->private_key_data_id && !(key_state->private_key_data_id = key_data_new_copy(key_state_copy->private_key_data_id))) { return DB_ERROR_UNKNOWN; } key_state->associated_key_data_id = NULL; if (!key_state_copy->private_key_data_id && key_state_copy->associated_key_data_id && !(key_state->private_key_data_id = key_data_new_copy(key_state_copy->associated_key_data_id))) { return DB_ERROR_UNKNOWN; } key_state->type = key_state_copy->type; key_state->state = key_state_copy->state; key_state->last_change = key_state_copy->last_change; key_state->minimize = key_state_copy->minimize; key_state->ttl = key_state_copy->ttl; return DB_OK; } int key_state_from_result(key_state_t* key_state, const db_result_t* result) { const db_value_set_t* value_set; int type; int state; if (!key_state) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_state->id)); db_value_reset(&(key_state->rev)); db_value_reset(&(key_state->key_data_id)); if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 8 || db_value_copy(&(key_state->id), db_value_set_at(value_set, 0)) || db_value_copy(&(key_state->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(key_state->key_data_id), db_value_set_at(value_set, 2)) || db_value_to_enum_value(db_value_set_at(value_set, 3), &type, key_state_enum_set_type) || db_value_to_enum_value(db_value_set_at(value_set, 4), &state, key_state_enum_set_state) || db_value_to_uint32(db_value_set_at(value_set, 5), &(key_state->last_change)) || db_value_to_uint32(db_value_set_at(value_set, 6), &(key_state->minimize)) || db_value_to_uint32(db_value_set_at(value_set, 7), &(key_state->ttl))) { return DB_ERROR_UNKNOWN; } if (type == (key_state_type_t)KEY_STATE_TYPE_DS) { key_state->type = KEY_STATE_TYPE_DS; } else if (type == (key_state_type_t)KEY_STATE_TYPE_RRSIG) { key_state->type = KEY_STATE_TYPE_RRSIG; } else if (type == (key_state_type_t)KEY_STATE_TYPE_DNSKEY) { key_state->type = KEY_STATE_TYPE_DNSKEY; } else if (type == (key_state_type_t)KEY_STATE_TYPE_RRSIGDNSKEY) { key_state->type = KEY_STATE_TYPE_RRSIGDNSKEY; } else { return DB_ERROR_UNKNOWN; } if (state == (key_state_state_t)KEY_STATE_STATE_HIDDEN) { key_state->state = KEY_STATE_STATE_HIDDEN; } else if (state == (key_state_state_t)KEY_STATE_STATE_RUMOURED) { key_state->state = KEY_STATE_STATE_RUMOURED; } else if (state == (key_state_state_t)KEY_STATE_STATE_OMNIPRESENT) { key_state->state = KEY_STATE_STATE_OMNIPRESENT; } else if (state == (key_state_state_t)KEY_STATE_STATE_UNRETENTIVE) { key_state->state = KEY_STATE_STATE_UNRETENTIVE; } else if (state == (key_state_state_t)KEY_STATE_STATE_NA) { key_state->state = KEY_STATE_STATE_NA; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* key_state_key_data_id(const key_state_t* key_state) { if (!key_state) { return NULL; } return &(key_state->key_data_id); } key_state_type_t key_state_type(const key_state_t* key_state) { if (!key_state) { return KEY_STATE_TYPE_INVALID; } return key_state->type; } const char* key_state_type_text(const key_state_t* key_state) { const db_enum_t* enum_set = key_state_enum_set_type; if (!key_state) { return NULL; } while (enum_set->text) { if (enum_set->value == key_state->type) { return enum_set->text; } enum_set++; } return NULL; } key_state_state_t key_state_state(const key_state_t* key_state) { if (!key_state) { return KEY_STATE_STATE_INVALID; } return key_state->state; } const char* key_state_state_text(const key_state_t* key_state) { const db_enum_t* enum_set = key_state_enum_set_state; if (!key_state) { return NULL; } while (enum_set->text) { if (enum_set->value == key_state->state) { return enum_set->text; } enum_set++; } return NULL; } unsigned int key_state_last_change(const key_state_t* key_state) { if (!key_state) { return 0; } return key_state->last_change; } unsigned int key_state_minimize(const key_state_t* key_state) { if (!key_state) { return 0; } return key_state->minimize; } unsigned int key_state_ttl(const key_state_t* key_state) { if (!key_state) { return 0; } return key_state->ttl; } int key_state_set_key_data_id(key_state_t* key_state, const db_value_t* key_data_id) { if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_data_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(key_data_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_state->key_data_id)); if (db_value_copy(&(key_state->key_data_id), key_data_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_state_set_type(key_state_t* key_state, key_state_type_t type) { if (!key_state) { return DB_ERROR_UNKNOWN; } if (type == KEY_STATE_TYPE_INVALID) { return DB_ERROR_UNKNOWN; } key_state->type = type; return DB_OK; } int key_state_set_state(key_state_t* key_state, key_state_state_t state) { if (!key_state) { return DB_ERROR_UNKNOWN; } if (state == KEY_STATE_STATE_INVALID) { return DB_ERROR_UNKNOWN; } key_state->state = state; return DB_OK; } int key_state_set_last_change(key_state_t* key_state, unsigned int last_change) { if (!key_state) { return DB_ERROR_UNKNOWN; } key_state->last_change = last_change; return DB_OK; } int key_state_set_minimize(key_state_t* key_state, unsigned int minimize) { if (!key_state) { return DB_ERROR_UNKNOWN; } key_state->minimize = minimize; return DB_OK; } int key_state_set_ttl(key_state_t* key_state, unsigned int ttl) { if (!key_state) { return DB_ERROR_UNKNOWN; } key_state->ttl = ttl; return DB_OK; } db_clause_t* key_state_key_data_id_clause(db_clause_list_t* clause_list, const db_value_t* key_data_id) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!key_data_id) { return NULL; } if (db_value_not_empty(key_data_id)) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "keyDataId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), key_data_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } int key_state_create(key_state_t* key_state) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_state->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_state->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_state->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_state->key_data_id))) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "type") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "lastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(6))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(key_state->key_data_id)) || db_value_from_enum_value(db_value_set_get(value_set, 1), key_state->type, key_state_enum_set_type) || db_value_from_enum_value(db_value_set_get(value_set, 2), key_state->state, key_state_enum_set_state) || db_value_from_uint32(db_value_set_get(value_set, 3), key_state->last_change) || db_value_from_uint32(db_value_set_get(value_set, 4), key_state->minimize) || db_value_from_uint32(db_value_set_get(value_set, 5), key_state->ttl)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(key_state->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int key_state_get_by_id(key_state_t* key_state, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_state->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(key_state->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (key_state_from_result(key_state, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int key_state_update(key_state_t* key_state) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_state->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_state->id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_state->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_state->key_data_id))) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyDataId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "type") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_state_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "lastChange") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "ttl") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(6))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(key_state->key_data_id)) || db_value_from_enum_value(db_value_set_get(value_set, 1), key_state->type, key_state_enum_set_type) || db_value_from_enum_value(db_value_set_get(value_set, 2), key_state->state, key_state_enum_set_state) || db_value_from_uint32(db_value_set_get(value_set, 3), key_state->last_change) || db_value_from_uint32(db_value_set_get(value_set, 4), key_state->minimize) || db_value_from_uint32(db_value_set_get(value_set, 5), key_state->ttl)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_state->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_state->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_update(key_state->dbo, object_field_list, value_set, clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); db_clause_list_free(clause_list); return ret; } int key_state_delete(const key_state_t* key_state) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!key_state) { return DB_ERROR_UNKNOWN; } if (!key_state->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_state->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_state->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_state->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(key_state->dbo, clause_list); db_clause_list_free(clause_list); return ret; } /* KEY STATE LIST */ key_state_list_t* key_state_list_new(const db_connection_t* connection) { key_state_list_t* key_state_list = (key_state_list_t*)calloc(1, sizeof(key_state_list_t)); if (key_state_list) { if (!(key_state_list->dbo = __key_state_new_object(connection))) { free(key_state_list); return NULL; } } return key_state_list; } key_state_list_t* key_state_list_new_copy(const key_state_list_t* from_key_state_list) { key_state_list_t* key_state_list; if (!from_key_state_list) { return NULL; } if (!from_key_state_list->dbo) { return NULL; } if (!(key_state_list = key_state_list_new(db_object_connection(from_key_state_list->dbo))) || key_state_list_copy(key_state_list, from_key_state_list)) { key_state_list_free(key_state_list); return NULL; } return key_state_list; } int key_state_list_object_store(key_state_list_t* key_state_list) { if (!key_state_list) { return DB_ERROR_UNKNOWN; } key_state_list->object_store = 1; return DB_OK; } void key_state_list_free(key_state_list_t* key_state_list) { size_t i; if (key_state_list) { if (key_state_list->dbo) { db_object_free(key_state_list->dbo); } if (key_state_list->result_list) { db_result_list_free(key_state_list->result_list); } if (key_state_list->key_state) { key_state_free(key_state_list->key_state); } for (i = 0; i < key_state_list->object_list_size; i++) { if (key_state_list->object_list[i]) { key_state_free(key_state_list->object_list[i]); } } if (key_state_list->object_list) { free(key_state_list->object_list); } if (key_state_list->key_data_id_list) { key_data_list_free(key_state_list->key_data_id_list); } free(key_state_list); } } int key_state_list_copy(key_state_list_t* key_state_list, const key_state_list_t* from_key_state_list) { size_t i; if (!key_state_list) { return DB_ERROR_UNKNOWN; } if (!from_key_state_list) { return DB_ERROR_UNKNOWN; } if (from_key_state_list->object_list && !from_key_state_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (key_state_list->result_list) { db_result_list_free(key_state_list->result_list); key_state_list->result_list = NULL; } if (from_key_state_list->result_list && !(key_state_list->result_list = db_result_list_new_copy(from_key_state_list->result_list))) { return DB_ERROR_UNKNOWN; } key_state_list->object_store = from_key_state_list->object_store; for (i = 0; i < key_state_list->object_list_size; i++) { if (key_state_list->object_list[i]) { key_state_free(key_state_list->object_list[i]); } } key_state_list->object_list_size = 0; if (key_state_list->object_list) { free(key_state_list->object_list); key_state_list->object_list = NULL; } if (from_key_state_list->object_list) { if (!(key_state_list->object_list = (key_state_t**)calloc(from_key_state_list->object_list_size, sizeof(key_state_t*)))) { return DB_ERROR_UNKNOWN; } key_state_list->object_list_size = from_key_state_list->object_list_size; for (i = 0; i < from_key_state_list->object_list_size; i++) { if (!from_key_state_list->object_list[i]) { continue; } if (!(key_state_list->object_list[i] = key_state_new_copy(from_key_state_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } key_state_list->object_list_position = 0;; key_state_list->object_list_first = 1; key_state_list->associated_fetch = from_key_state_list->associated_fetch; if (from_key_state_list->key_data_id_list && !(key_state_list->key_data_id_list = key_data_list_new_copy(from_key_state_list->key_data_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int key_state_list_get_associated(key_state_list_t* key_state_list) { const db_clause_t* clause_walk; const key_data_t* key_data_key_data_id; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const key_state_t* key_state; if (!key_state_list) { return DB_ERROR_UNKNOWN; } if (!key_state_list->dbo) { return DB_ERROR_UNKNOWN; } if (!key_state_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!key_state_list->result_list) { return DB_ERROR_UNKNOWN; } if (key_state_list->object_list) { return DB_ERROR_UNKNOWN; } if (key_state_list->key_data_id_list) { key_data_list_free(key_state_list->key_data_id_list); key_state_list->key_data_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_state = key_state_list_begin(key_state_list); while (key_state) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_state_key_data_id(key_state), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_state_key_data_id(key_state)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_state = key_state_list_next(key_state_list); } if (!(key_state_list->key_data_id_list = key_data_list_new(db_object_connection(key_state_list->dbo))) || key_data_list_object_store(key_state_list->key_data_id_list) || key_data_list_get_by_clauses(key_state_list->key_data_id_list, clause_list)) { if (key_state_list->key_data_id_list) { key_data_list_free(key_state_list->key_data_id_list); key_state_list->key_data_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_state_list->object_list_size; i++) { if (!(key_state_list->object_list[i])) { return DB_ERROR_UNKNOWN; } key_data_key_data_id = key_data_list_begin(key_state_list->key_data_id_list); while (key_data_key_data_id) { if (db_value_cmp(key_state_key_data_id(key_state_list->object_list[i]), key_data_id(key_data_key_data_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_state_list->object_list[i]->associated_key_data_id = key_data_key_data_id; } key_data_key_data_id = key_data_list_next(key_state_list->key_data_id_list); } } key_state_list->object_list_first = 1; return DB_OK; } int key_state_list_get_by_clauses(key_state_list_t* key_state_list, const db_clause_list_t* clause_list) { size_t i; if (!key_state_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!key_state_list->dbo) { return DB_ERROR_UNKNOWN; } if (key_state_list->result_list) { db_result_list_free(key_state_list->result_list); } if (key_state_list->object_list_size) { for (i = 0; i < key_state_list->object_list_size; i++) { if (key_state_list->object_list[i]) { key_state_free(key_state_list->object_list[i]); } } key_state_list->object_list_size = 0; key_state_list->object_list_first = 0; } if (key_state_list->object_list) { free(key_state_list->object_list); key_state_list->object_list = NULL; } if (!(key_state_list->result_list = db_object_read(key_state_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_state_list->result_list)) { return DB_ERROR_UNKNOWN; } if (key_state_list->associated_fetch && key_state_list_get_associated(key_state_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_state_list_get_by_key_data_id(key_state_list_t* key_state_list, const db_value_t* key_data_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!key_state_list) { return DB_ERROR_UNKNOWN; } if (!key_state_list->dbo) { return DB_ERROR_UNKNOWN; } if (!key_data_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(key_data_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "keyDataId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), key_data_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (key_state_list->result_list) { db_result_list_free(key_state_list->result_list); } if (key_state_list->object_list_size) { for (i = 0; i < key_state_list->object_list_size; i++) { if (key_state_list->object_list[i]) { key_state_free(key_state_list->object_list[i]); } } key_state_list->object_list_size = 0; key_state_list->object_list_first = 0; } if (key_state_list->object_list) { free(key_state_list->object_list); key_state_list->object_list = NULL; } if (!(key_state_list->result_list = db_object_read(key_state_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_state_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (key_state_list->associated_fetch && key_state_list_get_associated(key_state_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } key_state_list_t* key_state_list_new_get_by_key_data_id(const db_connection_t* connection, const db_value_t* key_data_id) { key_state_list_t* key_state_list; if (!connection) { return NULL; } if (!key_data_id) { return NULL; } if (db_value_not_empty(key_data_id)) { return NULL; } if (!(key_state_list = key_state_list_new(connection)) || key_state_list_get_by_key_data_id(key_state_list, key_data_id)) { key_state_list_free(key_state_list); return NULL; } return key_state_list; } const key_state_t* key_state_list_begin(key_state_list_t* key_state_list) { const db_result_t* result; if (!key_state_list) { return NULL; } if (key_state_list->object_store) { if (!key_state_list->object_list) { if (!key_state_list->result_list) { return NULL; } if (!db_result_list_size(key_state_list->result_list)) { return NULL; } if (!(key_state_list->object_list = (key_state_t**)calloc(db_result_list_size(key_state_list->result_list), sizeof(key_state_t*)))) { return NULL; } key_state_list->object_list_size = db_result_list_size(key_state_list->result_list); } if (!(key_state_list->object_list[0])) { if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_state_list->result_list))) { return NULL; } if (!(key_state_list->object_list[0] = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_from_result(key_state_list->object_list[0], result)) { return NULL; } } key_state_list->object_list_position = 0; return key_state_list->object_list[0]; } if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_state_list->result_list))) { return NULL; } if (!key_state_list->key_state) { if (!(key_state_list->key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } } if (key_state_from_result(key_state_list->key_state, result)) { return NULL; } return key_state_list->key_state; } key_state_t* key_state_list_get_begin(key_state_list_t* key_state_list) { const db_result_t* result; key_state_t* key_state; if (!key_state_list) { return NULL; } if (key_state_list->object_store) { if (!(key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_copy(key_state, key_state_list_begin(key_state_list))) { key_state_free(key_state); return NULL; } return key_state; } if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_state_list->result_list))) { return NULL; } if (!(key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_from_result(key_state, result)) { key_state_free(key_state); return NULL; } return key_state; } const key_state_t* key_state_list_next(key_state_list_t* key_state_list) { const db_result_t* result; if (!key_state_list) { return NULL; } if (key_state_list->object_store) { if (!key_state_list->object_list) { if (!key_state_list->result_list) { return NULL; } if (!db_result_list_size(key_state_list->result_list)) { return NULL; } if (!(key_state_list->object_list = (key_state_t**)calloc(db_result_list_size(key_state_list->result_list), sizeof(key_state_t*)))) { return NULL; } key_state_list->object_list_size = db_result_list_size(key_state_list->result_list); key_state_list->object_list_position = 0; } else if (key_state_list->object_list_first) { key_state_list->object_list_first = 0; key_state_list->object_list_position = 0; } else { key_state_list->object_list_position++; } if (key_state_list->object_list_position >= key_state_list->object_list_size) { return NULL; } if (!(key_state_list->object_list[key_state_list->object_list_position])) { if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_state_list->result_list))) { return NULL; } if (!(key_state_list->object_list[key_state_list->object_list_position] = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_from_result(key_state_list->object_list[key_state_list->object_list_position], result)) { return NULL; } } return key_state_list->object_list[key_state_list->object_list_position]; } if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_state_list->result_list))) { return NULL; } if (!key_state_list->key_state) { if (!(key_state_list->key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } } if (key_state_from_result(key_state_list->key_state, result)) { return NULL; } return key_state_list->key_state; } key_state_t* key_state_list_get_next(key_state_list_t* key_state_list) { const db_result_t* result; key_state_t* key_state; if (!key_state_list) { return NULL; } if (key_state_list->object_store) { if (!(key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_copy(key_state, key_state_list_next(key_state_list))) { key_state_free(key_state); return NULL; } return key_state; } if (!key_state_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_state_list->result_list))) { return NULL; } if (!(key_state = key_state_new(db_object_connection(key_state_list->dbo)))) { return NULL; } if (key_state_from_result(key_state, result)) { key_state_free(key_state); return NULL; } return key_state; } opendnssec-2.1.5/enforcer/src/db/key_dependency_ext.c0000644000202300020240000000272613560311035017563 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_dependency.h" opendnssec-2.1.5/enforcer/src/db/key_dependency.h0000644000202300020240000003127113560311035016705 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __key_dependency_h #define __key_dependency_h #include "db_object.h" struct key_dependency; struct key_dependency_list; typedef struct key_dependency key_dependency_t; typedef struct key_dependency_list key_dependency_list_t; typedef enum key_dependency_type { KEY_DEPENDENCY_TYPE_INVALID = -1, KEY_DEPENDENCY_TYPE_DS = 0, KEY_DEPENDENCY_TYPE_RRSIG = 1, KEY_DEPENDENCY_TYPE_DNSKEY = 2, KEY_DEPENDENCY_TYPE_RRSIGDNSKEY = 3 } key_dependency_type_t; extern const db_enum_t key_dependency_enum_set_type[]; #include "key_dependency_ext.h" #include "zone_db.h" #include "key_data.h" /** * A key dependency object. */ struct key_dependency { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t zone_id; const zone_db_t* associated_zone_id; zone_db_t* private_zone_id; db_value_t from_key_data_id; const key_data_t* associated_from_key_data_id; key_data_t* private_from_key_data_id; db_value_t to_key_data_id; const key_data_t* associated_to_key_data_id; key_data_t* private_to_key_data_id; key_dependency_type_t type; }; /** * Create a new key dependency object. * \param[in] connection a db_connection_t pointer. * \return a key_dependency_t pointer or NULL on error. */ key_dependency_t* key_dependency_new(const db_connection_t* connection); /** * Create a new key dependency object that is a copy of another key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \return a key_dependency_t pointer or NULL on error. */ key_dependency_t* key_dependency_new_copy(const key_dependency_t* key_dependency); /** * Delete a key dependency object, this does not delete it from the database. * \param[in] key_dependency a key_dependency_t pointer. */ void key_dependency_free(key_dependency_t* key_dependency); /** * Copy the content of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] key_dependency_copy a key_dependency_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_copy(key_dependency_t* key_dependency, const key_dependency_t* key_dependency_copy); /** * Set the content of a key dependency object based on a database result. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_from_result(key_dependency_t* key_dependency, const db_result_t* result); /** * Get the zone_id of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_dependency_zone_id(const key_dependency_t* key_dependency); /** * Get the from_key_data_id of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_dependency_from_key_data_id(const key_dependency_t* key_dependency); /** * Get the from_key_data_id object related to a key dependency object. * The caller will be given ownership of this object and is responsible for freeing it. * \param[in] key_dependency a key_dependency_t pointer. * \return a key_data_t pointer or NULL on error or if no object could be found. */ key_data_t* key_dependency_get_from_key_data(const key_dependency_t* key_dependency); /** * Get the to_key_data_id of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* key_dependency_to_key_data_id(const key_dependency_t* key_dependency); /** * Get the type of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \return a key_dependency_type_t which may be KEY_DEPENDENCY_TYPE_INVALID on error or if no type has been set. */ key_dependency_type_t key_dependency_type(const key_dependency_t* key_dependency); /** * Set the zone_id of a key dependency object. If this fails the original value may have been lost. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] zone_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_set_zone_id(key_dependency_t* key_dependency, const db_value_t* zone_id); /** * Set the from_key_data_id of a key dependency object. If this fails the original value may have been lost. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] from_key_data_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_set_from_key_data_id(key_dependency_t* key_dependency, const db_value_t* from_key_data_id); /** * Set the to_key_data_id of a key dependency object. If this fails the original value may have been lost. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] to_key_data_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_set_to_key_data_id(key_dependency_t* key_dependency, const db_value_t* to_key_data_id); /** * Set the type of a key dependency object. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] type a key_dependency_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_set_type(key_dependency_t* key_dependency, key_dependency_type_t type); /** * Create a key dependency object in the database. * \param[in] key_dependency a key_dependency_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_create(key_dependency_t* key_dependency); /** * Get a key dependency object from the database by a id specified in `id`. * \param[in] key_dependency a key_dependency_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_get_by_id(key_dependency_t* key_dependency, const db_value_t* id); /** * Delete a key dependency object from the database. * \param[in] key_dependency a key_dependency_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_delete(key_dependency_t* key_dependency); /** * A list of key dependency objects. */ struct key_dependency_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; key_dependency_t* key_dependency; int object_store; key_dependency_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; zone_list_db_t* zone_id_list; key_data_list_t* from_key_data_id_list; key_data_list_t* to_key_data_id_list; }; /** * Create a new key dependency object list. * \param[in] connection a db_connection_t pointer. * \return a key_dependency_list_t pointer or NULL on error. */ key_dependency_list_t* key_dependency_list_new(const db_connection_t* connection); /** * Create a new key dependency object list that is a copy of another. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a key_dependency_list_t pointer or NULL on error. */ key_dependency_list_t* key_dependency_list_new_copy(const key_dependency_list_t* key_dependency_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_list_object_store(key_dependency_list_t* key_dependency_list); /** * Delete a key dependency object list. * \param[in] key_dependency_list a key_dependency_list_t pointer. */ void key_dependency_list_free(key_dependency_list_t* key_dependency_list); /** * Copy the content of another key dependency object list. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \param[in] from_key_dependency_list a key_dependency_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_list_copy(key_dependency_list_t* key_dependency_list, const key_dependency_list_t* from_key_dependency_list); /** * Get key dependency objects from the database by a clause list. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_list_get_by_clauses(key_dependency_list_t* key_dependency_list, const db_clause_list_t* clause_list); /** * Get key dependency objects from the database by a zone_id specified in `zone_id`. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \param[in] zone_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int key_dependency_list_get_by_zone_id(key_dependency_list_t* key_dependency_list, const db_value_t* zone_id); /** * Get a new list of key dependency objects from the database by a zone_id specified in `zone_id`. * \param[in] connection a db_connection_t pointer. * \param[in] zone_id a db_value_t pointer. * \return a key_dependency_list_t pointer or NULL on error. */ key_dependency_list_t* key_dependency_list_new_get_by_zone_id(const db_connection_t* connection, const db_value_t* zone_id); /** * Get the first key dependency object in a key dependency object list and reset the * position of the list. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a key_dependency_t pointer or NULL on error or if there are no * key dependency objects in the key dependency object list. */ const key_dependency_t* key_dependency_list_begin(key_dependency_list_t* key_dependency_list); /** * Get the first key dependency object in a key dependency object list and reset the * position of the list. The caller will be given ownership of this object and * is responsible for freeing it. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a key_dependency_t pointer or NULL on error or if there are no * key dependency objects in the key dependency object list. */ key_dependency_t* key_dependency_list_get_begin(key_dependency_list_t* key_dependency_list); /** * Get the next key dependency object in a key dependency object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a key_dependency_t pointer or NULL on error or if there are no more * key dependency objects in the key dependency object list. */ const key_dependency_t* key_dependency_list_next(key_dependency_list_t* key_dependency_list); /** * Get the next key dependency object in a key dependency object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a key_dependency_t pointer or NULL on error or if there are no more * key dependency objects in the key dependency object list. */ key_dependency_t* key_dependency_list_get_next(key_dependency_list_t* key_dependency_list); /** * Get the size of a key dependency object list. * \param[in] key_dependency_list a key_dependency_list_t pointer. * \return a size_t with the size of the list or zero on error, if the list is * empty or if the backend does not support returning the size. */ size_t key_dependency_list_size(key_dependency_list_t* key_dependency_list); #endif opendnssec-2.1.5/enforcer/src/db/db_schema_mysql.c0000644000202300020240000001603313560310771017051 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ const char* db_schema_mysql_create[] = { "CREATE TABLE zone ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, name TEXT NOT NULL, signconfNeedsWriting INT UNSIGNED NOT NULL, signconfPath TEXT NOT NULL, nextChange INT NOT NULL, ttlEndDs INT UNSIGNED NOT NULL, ttlEndDk INT UNSIGNED NOT NULL, ttlEndRs INT UNSIGNED NOT NULL, rollKskNow INT UNSIGNED NOT NULL, rollZskNow INT UNSIGNED NOT NULL, rollCskNow INT UNSIGNED NOT NULL, inputAdapterType TEXT NO", "T NULL, inputAdapterUri TEXT NOT NULL, outputAdapterType TEXT NOT NULL, outputAdapterUri TEXT NOT NULL, nextKskRoll INT UNSIGNED NOT NULL, nextZskRoll INT UNSIGNED NOT NULL, nextCskRoll INT UNSIGNED NOT NULL)", 0, "CREATE INDEX zonePolicyId ON zone ( policyId )", 0, "CREATE UNIQUE INDEX zoneName ON zone ( name(255) )", 0, "CREATE TABLE keyData ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, zoneId BIGINT UNSIGNED NOT NULL, hsmKeyId BIGINT UNSIGNED NOT NULL, algorithm INT UNSIGNED NOT NULL, inception INT UNSIGNED NOT NULL, role INT NOT NULL, introducing INT UNSIGNED NOT NULL, shouldRevoke INT UNSIGNED NOT NULL, standby INT UNSIGNED NOT NULL, activeZsk INT UNSIGNED NOT NULL, publish INT UNSIGNED NOT NULL, activeKsk INT UNSIGNED NOT NULL, dsAtParent INT NOT ", "NULL, keytag INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL)", 0, "CREATE INDEX keyDataZoneId ON keyData ( zoneId )", 0, "CREATE INDEX keyDataHsmKeyId ON keyData ( hsmKeyId )", 0, "CREATE TABLE keyState ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, keyDataId BIGINT UNSIGNED NOT NULL, type INT NOT NULL, state INT NOT NULL, lastChange INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL, ttl INT UNSIGNED NOT NULL)", 0, "CREATE INDEX keyStateKeyDataId ON keyState ( keyDataId )", 0, "CREATE TABLE keyDependency ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, zoneId BIGINT UNSIGNED NOT NULL, fromKeyDataId BIGINT UNSIGNED NOT NULL, toKeyDataId BIGINT UNSIGNED NOT NULL, type INT NOT NULL)", 0, "CREATE INDEX keyDependencyZoneId ON keyDependency ( zoneId )", 0, "CREATE INDEX keyDependencyFromKeyDataId ON keyDependency ( fromKeyDataId )", 0, "CREATE INDEX keyDependencyToKeyDataId ON keyDependency ( toKeyDataId )", 0, "CREATE TABLE hsmKey ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, locator TEXT NOT NULL, state INT NOT NULL, bits INT UNSIGNED NOT NULL, algorithm INT UNSIGNED NOT NULL, role INT NOT NULL, inception INT UNSIGNED NOT NULL, isRevoked INT UNSIGNED NOT NULL, keyType INT NOT NULL, repository TEXT NOT NULL, backup INT NOT NULL)", 0, "CREATE INDEX hsmKeyPolicyId ON hsmKey ( policyId )", 0, "CREATE UNIQUE INDEX hsmKeyLocator ON hsmKey ( locator(255) )", 0, "CREATE TABLE policy ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, name TEXT NOT NULL, description TEXT NOT NULL, signaturesResign INT UNSIGNED NOT NULL, signaturesRefresh INT UNSIGNED NOT NULL, signaturesJitter INT UNSIGNED NOT NULL, signaturesInceptionOffset INT UNSIGNED NOT NULL, signaturesValidityDefault INT UNSIGNED NOT NULL, signaturesValidityDenial INT UNSIGNED NOT NULL, signaturesValidityKeyset INT UNSIGNED, signaturesMaxZoneTtl INT UNSIGNED NOT NULL, denialType INT N", "OT NULL, denialOptout INT UNSIGNED NOT NULL, denialTtl INT UNSIGNED NOT NULL, denialResalt INT UNSIGNED NOT NULL, denialAlgorithm INT UNSIGNED NOT NULL, denialIterations INT UNSIGNED NOT NULL, denialSaltLength INT UNSIGNED NOT NULL, denialSalt TEXT NOT NULL, denialSaltLastChange INT UNSIGNED NOT NULL, keysTtl INT UNSIGNED NOT NULL, keysRetireSafety INT UNSIGNED NOT NULL, keysPublishSafety INT UNSIGNED NOT NULL, keysShared INT UNSIGNED NOT NULL, keysPurgeAfter INT UNSIGNED NOT NULL, ", " zonePropagationDelay INT UNSIGNED NOT NULL, zoneSoaTtl INT UNSIGNED NOT NULL, zoneSoaMinimum INT UNSIGNED NOT NULL, zoneSoaSerial INT NOT NULL, parentRegistrationDelay INT UNSIGNED NOT NULL, parentPropagationDelay INT UNSIGNED NOT NULL, parentDsTtl INT UNSIGNED NOT NULL, parentSoaTtl INT UNSIGNED NOT NULL, parentSoaMinimum INT UNSIGNED NOT NULL, passthrough INT UNSIGNED NOT NULL)", 0, "CREATE UNIQUE INDEX policyName ON policy ( name(255) )", 0, "CREATE TABLE policyKey ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, policyId BIGINT UNSIGNED NOT NULL, role INT NOT NULL, algorithm INT UNSIGNED NOT NULL, bits INT UNSIGNED NOT NULL, lifetime INT UNSIGNED NOT NULL, repository TEXT NOT NULL, standby INT UNSIGNED NOT NULL, manualRollover INT UNSIGNED NOT NULL, rfc5011 INT UNSIGNED NOT NULL, minimize INT UNSIGNED NOT NULL)", 0, "CREATE INDEX policyKeyPolicyId ON policyKey ( policyId )", 0, "CREATE TABLE databaseVersion ( id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT NOT NULL, rev INT UNSIGNED NOT NULL DEFAULT 1, version INT UNSIGNED NOT NULL)", 0, 0 }; const char* db_schema_mysql_drop[] = { "DROP TABLE IF EXISTS zone", 0, "DROP TABLE IF EXISTS keyData", 0, "DROP TABLE IF EXISTS keyState", 0, "DROP TABLE IF EXISTS keyDependency", 0, "DROP TABLE IF EXISTS hsmKey", 0, "DROP TABLE IF EXISTS policy", 0, "DROP TABLE IF EXISTS policyKey", 0, "DROP TABLE IF EXISTS databaseVersion", 0, 0 }; opendnssec-2.1.5/enforcer/src/db/hsm_key.c0000644000202300020240000017261413560311035015360 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "hsm_key.h" #include "db_error.h" #include const db_enum_t hsm_key_enum_set_state[] = { { "UNUSED", (hsm_key_state_t)HSM_KEY_STATE_UNUSED }, { "PRIVATE", (hsm_key_state_t)HSM_KEY_STATE_PRIVATE }, { "SHARED", (hsm_key_state_t)HSM_KEY_STATE_SHARED }, { "DELETE", (hsm_key_state_t)HSM_KEY_STATE_DELETE }, { NULL, 0 } }; const db_enum_t hsm_key_enum_set_role[] = { { "KSK", (hsm_key_role_t)HSM_KEY_ROLE_KSK }, { "ZSK", (hsm_key_role_t)HSM_KEY_ROLE_ZSK }, { "CSK", (hsm_key_role_t)HSM_KEY_ROLE_CSK }, { NULL, 0 } }; const db_enum_t hsm_key_enum_set_key_type[] = { { "RSA", (hsm_key_key_type_t)HSM_KEY_KEY_TYPE_RSA }, { NULL, 0 } }; const db_enum_t hsm_key_enum_set_backup[] = { { "Not Required", (hsm_key_backup_t)HSM_KEY_BACKUP_NO_BACKUP }, { "Required", (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_REQUIRED }, { "Prepared", (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_REQUESTED }, { "Done", (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_DONE }, { NULL, 0 } }; /** * Create a new hsm key object. * \param[in] connection a db_connection_t pointer. * \return a hsm_key_t pointer or NULL on error. */ static db_object_t* __hsm_key_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "hsmKey") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "locator") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "bits") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "isRevoked") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_key_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "repository") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "backup") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_backup) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* HSM KEY */ hsm_key_t* hsm_key_new(const db_connection_t* connection) { hsm_key_t* hsm_key = (hsm_key_t*)calloc(1, sizeof(hsm_key_t)); if (hsm_key) { if (!(hsm_key->dbo = __hsm_key_new_object(connection))) { free(hsm_key); return NULL; } db_value_reset(&(hsm_key->id)); db_value_reset(&(hsm_key->rev)); db_value_reset(&(hsm_key->policy_id)); hsm_key->state = HSM_KEY_STATE_UNUSED; hsm_key->bits = 2048; hsm_key->algorithm = 1; hsm_key->role = HSM_KEY_ROLE_ZSK; hsm_key->key_type = HSM_KEY_KEY_TYPE_RSA; hsm_key->backup = HSM_KEY_BACKUP_NO_BACKUP; } return hsm_key; } hsm_key_t* hsm_key_new_copy(const hsm_key_t* hsm_key) { hsm_key_t* new_hsm_key; if (!hsm_key) { return NULL; } if (!hsm_key->dbo) { return NULL; } if (!(new_hsm_key = hsm_key_new(db_object_connection(hsm_key->dbo))) || hsm_key_copy(new_hsm_key, hsm_key)) { hsm_key_free(new_hsm_key); return NULL; } return new_hsm_key; } void hsm_key_free(hsm_key_t* hsm_key) { if (hsm_key) { if (hsm_key->dbo) { db_object_free(hsm_key->dbo); } db_value_reset(&(hsm_key->id)); db_value_reset(&(hsm_key->rev)); db_value_reset(&(hsm_key->policy_id)); if (hsm_key->private_policy_id) { policy_free(hsm_key->private_policy_id); } if (hsm_key->locator) { free(hsm_key->locator); } if (hsm_key->repository) { free(hsm_key->repository); } free(hsm_key); } } int hsm_key_copy(hsm_key_t* hsm_key, const hsm_key_t* hsm_key_copy) { char* locator_text = NULL; char* repository_text = NULL; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key_copy) { return DB_ERROR_UNKNOWN; } if (hsm_key_copy->locator) { if (!(locator_text = strdup(hsm_key_copy->locator))) { return DB_ERROR_UNKNOWN; } } if (hsm_key_copy->repository) { if (!(repository_text = strdup(hsm_key_copy->repository))) { if (locator_text) { free(locator_text); } return DB_ERROR_UNKNOWN; } } if (db_value_copy(&(hsm_key->id), &(hsm_key_copy->id))) { if (locator_text) { free(locator_text); } if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(hsm_key->rev), &(hsm_key_copy->rev))) { if (locator_text) { free(locator_text); } if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (db_value_copy(&(hsm_key->policy_id), &(hsm_key_copy->policy_id))) { if (locator_text) { free(locator_text); } if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (hsm_key->private_policy_id) { policy_free(hsm_key->private_policy_id); hsm_key->private_policy_id = NULL; } if (hsm_key_copy->private_policy_id && !(hsm_key->private_policy_id = policy_new_copy(hsm_key_copy->private_policy_id))) { if (locator_text) { free(locator_text); } if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } hsm_key->associated_policy_id = NULL; if (!hsm_key_copy->private_policy_id && hsm_key_copy->associated_policy_id && !(hsm_key->private_policy_id = policy_new_copy(hsm_key_copy->associated_policy_id))) { if (locator_text) { free(locator_text); } if (repository_text) { free(repository_text); } return DB_ERROR_UNKNOWN; } if (hsm_key->locator) { free(hsm_key->locator); } hsm_key->locator = locator_text; hsm_key->state = hsm_key_copy->state; hsm_key->bits = hsm_key_copy->bits; hsm_key->algorithm = hsm_key_copy->algorithm; hsm_key->role = hsm_key_copy->role; hsm_key->inception = hsm_key_copy->inception; hsm_key->is_revoked = hsm_key_copy->is_revoked; hsm_key->key_type = hsm_key_copy->key_type; if (hsm_key->repository) { free(hsm_key->repository); } hsm_key->repository = repository_text; hsm_key->backup = hsm_key_copy->backup; return DB_OK; } int hsm_key_from_result(hsm_key_t* hsm_key, const db_result_t* result) { const db_value_set_t* value_set; int state; int role; int key_type; int backup; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(hsm_key->id)); db_value_reset(&(hsm_key->rev)); db_value_reset(&(hsm_key->policy_id)); if (hsm_key->locator) { free(hsm_key->locator); } hsm_key->locator = NULL; if (hsm_key->repository) { free(hsm_key->repository); } hsm_key->repository = NULL; if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 13 || db_value_copy(&(hsm_key->id), db_value_set_at(value_set, 0)) || db_value_copy(&(hsm_key->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(hsm_key->policy_id), db_value_set_at(value_set, 2)) || db_value_to_text(db_value_set_at(value_set, 3), &(hsm_key->locator)) || db_value_to_enum_value(db_value_set_at(value_set, 4), &state, hsm_key_enum_set_state) || db_value_to_uint32(db_value_set_at(value_set, 5), &(hsm_key->bits)) || db_value_to_uint32(db_value_set_at(value_set, 6), &(hsm_key->algorithm)) || db_value_to_enum_value(db_value_set_at(value_set, 7), &role, hsm_key_enum_set_role) || db_value_to_uint32(db_value_set_at(value_set, 8), &(hsm_key->inception)) || db_value_to_uint32(db_value_set_at(value_set, 9), &(hsm_key->is_revoked)) || db_value_to_enum_value(db_value_set_at(value_set, 10), &key_type, hsm_key_enum_set_key_type) || db_value_to_text(db_value_set_at(value_set, 11), &(hsm_key->repository)) || db_value_to_enum_value(db_value_set_at(value_set, 12), &backup, hsm_key_enum_set_backup)) { return DB_ERROR_UNKNOWN; } if (state == (hsm_key_state_t)HSM_KEY_STATE_UNUSED) { hsm_key->state = HSM_KEY_STATE_UNUSED; } else if (state == (hsm_key_state_t)HSM_KEY_STATE_PRIVATE) { hsm_key->state = HSM_KEY_STATE_PRIVATE; } else if (state == (hsm_key_state_t)HSM_KEY_STATE_SHARED) { hsm_key->state = HSM_KEY_STATE_SHARED; } else if (state == (hsm_key_state_t)HSM_KEY_STATE_DELETE) { hsm_key->state = HSM_KEY_STATE_DELETE; } else { return DB_ERROR_UNKNOWN; } if (role == (hsm_key_role_t)HSM_KEY_ROLE_KSK) { hsm_key->role = HSM_KEY_ROLE_KSK; } else if (role == (hsm_key_role_t)HSM_KEY_ROLE_ZSK) { hsm_key->role = HSM_KEY_ROLE_ZSK; } else if (role == (hsm_key_role_t)HSM_KEY_ROLE_CSK) { hsm_key->role = HSM_KEY_ROLE_CSK; } else { return DB_ERROR_UNKNOWN; } if (key_type == (hsm_key_key_type_t)HSM_KEY_KEY_TYPE_RSA) { hsm_key->key_type = HSM_KEY_KEY_TYPE_RSA; } else { return DB_ERROR_UNKNOWN; } if (backup == (hsm_key_backup_t)HSM_KEY_BACKUP_NO_BACKUP) { hsm_key->backup = HSM_KEY_BACKUP_NO_BACKUP; } else if (backup == (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_REQUIRED) { hsm_key->backup = HSM_KEY_BACKUP_BACKUP_REQUIRED; } else if (backup == (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_REQUESTED) { hsm_key->backup = HSM_KEY_BACKUP_BACKUP_REQUESTED; } else if (backup == (hsm_key_backup_t)HSM_KEY_BACKUP_BACKUP_DONE) { hsm_key->backup = HSM_KEY_BACKUP_BACKUP_DONE; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* hsm_key_id(const hsm_key_t* hsm_key) { if (!hsm_key) { return NULL; } return &(hsm_key->id); } const db_value_t* hsm_key_policy_id(const hsm_key_t* hsm_key) { if (!hsm_key) { return NULL; } return &(hsm_key->policy_id); } const char* hsm_key_locator(const hsm_key_t* hsm_key) { if (!hsm_key) { return NULL; } return hsm_key->locator; } hsm_key_state_t hsm_key_state(const hsm_key_t* hsm_key) { if (!hsm_key) { return HSM_KEY_STATE_INVALID; } return hsm_key->state; } unsigned int hsm_key_bits(const hsm_key_t* hsm_key) { if (!hsm_key) { return 0; } return hsm_key->bits; } unsigned int hsm_key_algorithm(const hsm_key_t* hsm_key) { if (!hsm_key) { return 0; } return hsm_key->algorithm; } hsm_key_role_t hsm_key_role(const hsm_key_t* hsm_key) { if (!hsm_key) { return HSM_KEY_ROLE_INVALID; } return hsm_key->role; } unsigned int hsm_key_inception(const hsm_key_t* hsm_key) { if (!hsm_key) { return 0; } return hsm_key->inception; } const char* hsm_key_repository(const hsm_key_t* hsm_key) { if (!hsm_key) { return NULL; } return hsm_key->repository; } hsm_key_backup_t hsm_key_backup(const hsm_key_t* hsm_key) { if (!hsm_key) { return HSM_KEY_BACKUP_INVALID; } return hsm_key->backup; } int hsm_key_set_policy_id(hsm_key_t* hsm_key, const db_value_t* policy_id) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(hsm_key->policy_id)); if (db_value_copy(&(hsm_key->policy_id), policy_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int hsm_key_set_locator(hsm_key_t* hsm_key, const char* locator_text) { char* new_locator; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!locator_text) { return DB_ERROR_UNKNOWN; } if (!(new_locator = strdup(locator_text))) { return DB_ERROR_UNKNOWN; } if (hsm_key->locator) { free(hsm_key->locator); } hsm_key->locator = new_locator; return DB_OK; } int hsm_key_set_state(hsm_key_t* hsm_key, hsm_key_state_t state) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (state == HSM_KEY_STATE_INVALID) { return DB_ERROR_UNKNOWN; } hsm_key->state = state; return DB_OK; } int hsm_key_set_bits(hsm_key_t* hsm_key, unsigned int bits) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } hsm_key->bits = bits; return DB_OK; } int hsm_key_set_algorithm(hsm_key_t* hsm_key, unsigned int algorithm) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } hsm_key->algorithm = algorithm; return DB_OK; } int hsm_key_set_role(hsm_key_t* hsm_key, hsm_key_role_t role) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (role == HSM_KEY_ROLE_INVALID) { return DB_ERROR_UNKNOWN; } hsm_key->role = role; return DB_OK; } int hsm_key_set_inception(hsm_key_t* hsm_key, unsigned int inception) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } hsm_key->inception = inception; return DB_OK; } int hsm_key_set_key_type(hsm_key_t* hsm_key, hsm_key_key_type_t key_type) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (key_type == HSM_KEY_KEY_TYPE_INVALID) { return DB_ERROR_UNKNOWN; } hsm_key->key_type = key_type; return DB_OK; } int hsm_key_set_repository(hsm_key_t* hsm_key, const char* repository_text) { char* new_repository; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!repository_text) { return DB_ERROR_UNKNOWN; } if (!(new_repository = strdup(repository_text))) { return DB_ERROR_UNKNOWN; } if (hsm_key->repository) { free(hsm_key->repository); } hsm_key->repository = new_repository; return DB_OK; } int hsm_key_set_backup(hsm_key_t* hsm_key, hsm_key_backup_t backup) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (backup == HSM_KEY_BACKUP_INVALID) { return DB_ERROR_UNKNOWN; } hsm_key->backup = backup; return DB_OK; } db_clause_t* hsm_key_policy_id_clause(db_clause_list_t* clause_list, const db_value_t* policy_id) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!policy_id) { return NULL; } if (db_value_not_empty(policy_id)) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), policy_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_state_clause(db_clause_list_t* clause_list, hsm_key_state_t state) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "state") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), state, hsm_key_enum_set_state) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_bits_clause(db_clause_list_t* clause_list, unsigned int bits) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "bits") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_uint32(db_clause_get_value(clause), bits) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_algorithm_clause(db_clause_list_t* clause_list, unsigned int algorithm) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "algorithm") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_uint32(db_clause_get_value(clause), algorithm) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_role_clause(db_clause_list_t* clause_list, hsm_key_role_t role) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "role") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), role, hsm_key_enum_set_role) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_is_revoked_clause(db_clause_list_t* clause_list, unsigned int is_revoked) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "isRevoked") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_uint32(db_clause_get_value(clause), is_revoked) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_key_type_clause(db_clause_list_t* clause_list, hsm_key_key_type_t key_type) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "keyType") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), key_type, hsm_key_enum_set_key_type) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_repository_clause(db_clause_list_t* clause_list, const char* repository_text) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!repository_text) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "repository") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_text(db_clause_get_value(clause), repository_text) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* hsm_key_backup_clause(db_clause_list_t* clause_list, hsm_key_backup_t backup) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "backup") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), backup, hsm_key_enum_set_backup) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } int hsm_key_create(hsm_key_t* hsm_key) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(hsm_key->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(hsm_key->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(hsm_key->policy_id))) { return DB_ERROR_UNKNOWN; } if (!hsm_key->locator) { return DB_ERROR_UNKNOWN; } if (!hsm_key->repository) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "locator") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "bits") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "isRevoked") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_key_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "repository") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "backup") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_backup) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(11))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(hsm_key->policy_id)) || db_value_from_text(db_value_set_get(value_set, 1), hsm_key->locator) || db_value_from_enum_value(db_value_set_get(value_set, 2), hsm_key->state, hsm_key_enum_set_state) || db_value_from_uint32(db_value_set_get(value_set, 3), hsm_key->bits) || db_value_from_uint32(db_value_set_get(value_set, 4), hsm_key->algorithm) || db_value_from_enum_value(db_value_set_get(value_set, 5), hsm_key->role, hsm_key_enum_set_role) || db_value_from_uint32(db_value_set_get(value_set, 6), hsm_key->inception) || db_value_from_uint32(db_value_set_get(value_set, 7), hsm_key->is_revoked) || db_value_from_enum_value(db_value_set_get(value_set, 8), hsm_key->key_type, hsm_key_enum_set_key_type) || db_value_from_text(db_value_set_get(value_set, 9), hsm_key->repository) || db_value_from_enum_value(db_value_set_get(value_set, 10), hsm_key->backup, hsm_key_enum_set_backup)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(hsm_key->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int hsm_key_get_by_id(hsm_key_t* hsm_key, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(hsm_key->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (hsm_key_from_result(hsm_key, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int hsm_key_get_by_locator(hsm_key_t* hsm_key, const char* locator) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key->dbo) { return DB_ERROR_UNKNOWN; } if (!locator) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "locator") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_from_text(db_clause_get_value(clause), locator) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(hsm_key->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (hsm_key_from_result(hsm_key, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } hsm_key_t* hsm_key_new_get_by_locator(const db_connection_t* connection, const char* locator) { hsm_key_t* hsm_key; if (!connection) { return NULL; } if (!locator) { return NULL; } if (!(hsm_key = hsm_key_new(connection)) || hsm_key_get_by_locator(hsm_key, locator)) { hsm_key_free(hsm_key); return NULL; } return hsm_key; } int hsm_key_update(hsm_key_t* hsm_key) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(hsm_key->id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(hsm_key->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(hsm_key->policy_id))) { return DB_ERROR_UNKNOWN; } if (!hsm_key->locator) { return DB_ERROR_UNKNOWN; } if (!hsm_key->repository) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "policyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "locator") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "state") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_state) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "bits") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "isRevoked") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keyType") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_key_type) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "repository") || db_object_field_set_type(object_field, DB_TYPE_TEXT) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "backup") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, hsm_key_enum_set_backup) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(11))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(hsm_key->policy_id)) || db_value_from_text(db_value_set_get(value_set, 1), hsm_key->locator) || db_value_from_enum_value(db_value_set_get(value_set, 2), hsm_key->state, hsm_key_enum_set_state) || db_value_from_uint32(db_value_set_get(value_set, 3), hsm_key->bits) || db_value_from_uint32(db_value_set_get(value_set, 4), hsm_key->algorithm) || db_value_from_enum_value(db_value_set_get(value_set, 5), hsm_key->role, hsm_key_enum_set_role) || db_value_from_uint32(db_value_set_get(value_set, 6), hsm_key->inception) || db_value_from_uint32(db_value_set_get(value_set, 7), hsm_key->is_revoked) || db_value_from_enum_value(db_value_set_get(value_set, 8), hsm_key->key_type, hsm_key_enum_set_key_type) || db_value_from_text(db_value_set_get(value_set, 9), hsm_key->repository) || db_value_from_enum_value(db_value_set_get(value_set, 10), hsm_key->backup, hsm_key_enum_set_backup)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(hsm_key->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(hsm_key->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_update(hsm_key->dbo, object_field_list, value_set, clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); db_clause_list_free(clause_list); return ret; } int hsm_key_count(hsm_key_t* hsm_key, db_clause_list_t* clause_list, size_t* count) { if (!hsm_key) { return DB_ERROR_UNKNOWN; } if (!hsm_key->dbo) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } return db_object_count(hsm_key->dbo, NULL, clause_list, count); } /* HSM KEY LIST */ hsm_key_list_t* hsm_key_list_new(const db_connection_t* connection) { hsm_key_list_t* hsm_key_list = (hsm_key_list_t*)calloc(1, sizeof(hsm_key_list_t)); if (hsm_key_list) { if (!(hsm_key_list->dbo = __hsm_key_new_object(connection))) { free(hsm_key_list); return NULL; } } return hsm_key_list; } hsm_key_list_t* hsm_key_list_new_copy(const hsm_key_list_t* from_hsm_key_list) { hsm_key_list_t* hsm_key_list; if (!from_hsm_key_list) { return NULL; } if (!from_hsm_key_list->dbo) { return NULL; } if (!(hsm_key_list = hsm_key_list_new(db_object_connection(from_hsm_key_list->dbo))) || hsm_key_list_copy(hsm_key_list, from_hsm_key_list)) { hsm_key_list_free(hsm_key_list); return NULL; } return hsm_key_list; } int hsm_key_list_object_store(hsm_key_list_t* hsm_key_list) { if (!hsm_key_list) { return DB_ERROR_UNKNOWN; } hsm_key_list->object_store = 1; return DB_OK; } void hsm_key_list_free(hsm_key_list_t* hsm_key_list) { size_t i; if (hsm_key_list) { if (hsm_key_list->dbo) { db_object_free(hsm_key_list->dbo); } if (hsm_key_list->result_list) { db_result_list_free(hsm_key_list->result_list); } if (hsm_key_list->hsm_key) { hsm_key_free(hsm_key_list->hsm_key); } for (i = 0; i < hsm_key_list->object_list_size; i++) { if (hsm_key_list->object_list[i]) { hsm_key_free(hsm_key_list->object_list[i]); } } if (hsm_key_list->object_list) { free(hsm_key_list->object_list); } if (hsm_key_list->policy_id_list) { policy_list_free(hsm_key_list->policy_id_list); } free(hsm_key_list); } } int hsm_key_list_copy(hsm_key_list_t* hsm_key_list, const hsm_key_list_t* from_hsm_key_list) { size_t i; if (!hsm_key_list) { return DB_ERROR_UNKNOWN; } if (!from_hsm_key_list) { return DB_ERROR_UNKNOWN; } if (from_hsm_key_list->object_list && !from_hsm_key_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (hsm_key_list->result_list) { db_result_list_free(hsm_key_list->result_list); hsm_key_list->result_list = NULL; } if (from_hsm_key_list->result_list && !(hsm_key_list->result_list = db_result_list_new_copy(from_hsm_key_list->result_list))) { return DB_ERROR_UNKNOWN; } hsm_key_list->object_store = from_hsm_key_list->object_store; for (i = 0; i < hsm_key_list->object_list_size; i++) { if (hsm_key_list->object_list[i]) { hsm_key_free(hsm_key_list->object_list[i]); } } hsm_key_list->object_list_size = 0; if (hsm_key_list->object_list) { free(hsm_key_list->object_list); hsm_key_list->object_list = NULL; } if (from_hsm_key_list->object_list) { if (!(hsm_key_list->object_list = (hsm_key_t**)calloc(from_hsm_key_list->object_list_size, sizeof(hsm_key_t*)))) { return DB_ERROR_UNKNOWN; } hsm_key_list->object_list_size = from_hsm_key_list->object_list_size; for (i = 0; i < from_hsm_key_list->object_list_size; i++) { if (!from_hsm_key_list->object_list[i]) { continue; } if (!(hsm_key_list->object_list[i] = hsm_key_new_copy(from_hsm_key_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } hsm_key_list->object_list_position = 0;; hsm_key_list->object_list_first = 1; hsm_key_list->associated_fetch = from_hsm_key_list->associated_fetch; if (from_hsm_key_list->policy_id_list && !(hsm_key_list->policy_id_list = policy_list_new_copy(from_hsm_key_list->policy_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int hsm_key_list_get_associated(hsm_key_list_t* hsm_key_list) { const db_clause_t* clause_walk; const policy_t* policy_policy_id; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const hsm_key_t* hsm_key; if (!hsm_key_list) { return DB_ERROR_UNKNOWN; } if (!hsm_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (!hsm_key_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!hsm_key_list->result_list) { return DB_ERROR_UNKNOWN; } if (hsm_key_list->object_list) { return DB_ERROR_UNKNOWN; } if (hsm_key_list->policy_id_list) { policy_list_free(hsm_key_list->policy_id_list); hsm_key_list->policy_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } hsm_key = hsm_key_list_begin(hsm_key_list); while (hsm_key) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), hsm_key_policy_id(hsm_key), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), hsm_key_policy_id(hsm_key)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } hsm_key = hsm_key_list_next(hsm_key_list); } if (!(hsm_key_list->policy_id_list = policy_list_new(db_object_connection(hsm_key_list->dbo))) || policy_list_object_store(hsm_key_list->policy_id_list) || policy_list_get_by_clauses(hsm_key_list->policy_id_list, clause_list)) { if (hsm_key_list->policy_id_list) { policy_list_free(hsm_key_list->policy_id_list); hsm_key_list->policy_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < hsm_key_list->object_list_size; i++) { if (!(hsm_key_list->object_list[i])) { return DB_ERROR_UNKNOWN; } policy_policy_id = policy_list_begin(hsm_key_list->policy_id_list); while (policy_policy_id) { if (db_value_cmp(hsm_key_policy_id(hsm_key_list->object_list[i]), policy_id(policy_policy_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { hsm_key_list->object_list[i]->associated_policy_id = policy_policy_id; } policy_policy_id = policy_list_next(hsm_key_list->policy_id_list); } } hsm_key_list->object_list_first = 1; return DB_OK; } int hsm_key_list_get_by_clauses(hsm_key_list_t* hsm_key_list, const db_clause_list_t* clause_list) { size_t i; if (!hsm_key_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!hsm_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (hsm_key_list->result_list) { db_result_list_free(hsm_key_list->result_list); } if (hsm_key_list->object_list_size) { for (i = 0; i < hsm_key_list->object_list_size; i++) { if (hsm_key_list->object_list[i]) { hsm_key_free(hsm_key_list->object_list[i]); } } hsm_key_list->object_list_size = 0; hsm_key_list->object_list_first = 0; } if (hsm_key_list->object_list) { free(hsm_key_list->object_list); hsm_key_list->object_list = NULL; } if (!(hsm_key_list->result_list = db_object_read(hsm_key_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(hsm_key_list->result_list)) { return DB_ERROR_UNKNOWN; } if (hsm_key_list->associated_fetch && hsm_key_list_get_associated(hsm_key_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } hsm_key_list_t* hsm_key_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list) { hsm_key_list_t* hsm_key_list; if (!connection) { return NULL; } if (!clause_list) { return NULL; } if (!(hsm_key_list = hsm_key_list_new(connection)) || hsm_key_list_get_by_clauses(hsm_key_list, clause_list)) { hsm_key_list_free(hsm_key_list); return NULL; } return hsm_key_list; } int hsm_key_list_get_by_policy_id(hsm_key_list_t* hsm_key_list, const db_value_t* policy_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!hsm_key_list) { return DB_ERROR_UNKNOWN; } if (!hsm_key_list->dbo) { return DB_ERROR_UNKNOWN; } if (!policy_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(policy_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "policyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), policy_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (hsm_key_list->result_list) { db_result_list_free(hsm_key_list->result_list); } if (hsm_key_list->object_list_size) { for (i = 0; i < hsm_key_list->object_list_size; i++) { if (hsm_key_list->object_list[i]) { hsm_key_free(hsm_key_list->object_list[i]); } } hsm_key_list->object_list_size = 0; hsm_key_list->object_list_first = 0; } if (hsm_key_list->object_list) { free(hsm_key_list->object_list); hsm_key_list->object_list = NULL; } if (!(hsm_key_list->result_list = db_object_read(hsm_key_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(hsm_key_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (hsm_key_list->associated_fetch && hsm_key_list_get_associated(hsm_key_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } hsm_key_list_t* hsm_key_list_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id) { hsm_key_list_t* hsm_key_list; if (!connection) { return NULL; } if (!policy_id) { return NULL; } if (db_value_not_empty(policy_id)) { return NULL; } if (!(hsm_key_list = hsm_key_list_new(connection)) || hsm_key_list_get_by_policy_id(hsm_key_list, policy_id)) { hsm_key_list_free(hsm_key_list); return NULL; } return hsm_key_list; } const hsm_key_t* hsm_key_list_begin(hsm_key_list_t* hsm_key_list) { const db_result_t* result; if (!hsm_key_list) { return NULL; } if (hsm_key_list->object_store) { if (!hsm_key_list->object_list) { if (!hsm_key_list->result_list) { return NULL; } if (!db_result_list_size(hsm_key_list->result_list)) { return NULL; } if (!(hsm_key_list->object_list = (hsm_key_t**)calloc(db_result_list_size(hsm_key_list->result_list), sizeof(hsm_key_t*)))) { return NULL; } hsm_key_list->object_list_size = db_result_list_size(hsm_key_list->result_list); } if (!(hsm_key_list->object_list[0])) { if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_begin(hsm_key_list->result_list))) { return NULL; } if (!(hsm_key_list->object_list[0] = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_from_result(hsm_key_list->object_list[0], result)) { return NULL; } } hsm_key_list->object_list_position = 0; return hsm_key_list->object_list[0]; } if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_begin(hsm_key_list->result_list))) { return NULL; } if (!hsm_key_list->hsm_key) { if (!(hsm_key_list->hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } } if (hsm_key_from_result(hsm_key_list->hsm_key, result)) { return NULL; } return hsm_key_list->hsm_key; } hsm_key_t* hsm_key_list_get_begin(hsm_key_list_t* hsm_key_list) { const db_result_t* result; hsm_key_t* hsm_key; if (!hsm_key_list) { return NULL; } if (hsm_key_list->object_store) { if (!(hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_copy(hsm_key, hsm_key_list_begin(hsm_key_list))) { hsm_key_free(hsm_key); return NULL; } return hsm_key; } if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_begin(hsm_key_list->result_list))) { return NULL; } if (!(hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_from_result(hsm_key, result)) { hsm_key_free(hsm_key); return NULL; } return hsm_key; } const hsm_key_t* hsm_key_list_next(hsm_key_list_t* hsm_key_list) { const db_result_t* result; if (!hsm_key_list) { return NULL; } if (hsm_key_list->object_store) { if (!hsm_key_list->object_list) { if (!hsm_key_list->result_list) { return NULL; } if (!db_result_list_size(hsm_key_list->result_list)) { return NULL; } if (!(hsm_key_list->object_list = (hsm_key_t**)calloc(db_result_list_size(hsm_key_list->result_list), sizeof(hsm_key_t*)))) { return NULL; } hsm_key_list->object_list_size = db_result_list_size(hsm_key_list->result_list); hsm_key_list->object_list_position = 0; } else if (hsm_key_list->object_list_first) { hsm_key_list->object_list_first = 0; hsm_key_list->object_list_position = 0; } else { hsm_key_list->object_list_position++; } if (hsm_key_list->object_list_position >= hsm_key_list->object_list_size) { return NULL; } if (!(hsm_key_list->object_list[hsm_key_list->object_list_position])) { if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(hsm_key_list->result_list))) { return NULL; } if (!(hsm_key_list->object_list[hsm_key_list->object_list_position] = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_from_result(hsm_key_list->object_list[hsm_key_list->object_list_position], result)) { return NULL; } } return hsm_key_list->object_list[hsm_key_list->object_list_position]; } if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(hsm_key_list->result_list))) { return NULL; } if (!hsm_key_list->hsm_key) { if (!(hsm_key_list->hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } } if (hsm_key_from_result(hsm_key_list->hsm_key, result)) { return NULL; } return hsm_key_list->hsm_key; } hsm_key_t* hsm_key_list_get_next(hsm_key_list_t* hsm_key_list) { const db_result_t* result; hsm_key_t* hsm_key; if (!hsm_key_list) { return NULL; } if (hsm_key_list->object_store) { if (!(hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_copy(hsm_key, hsm_key_list_next(hsm_key_list))) { hsm_key_free(hsm_key); return NULL; } return hsm_key; } if (!hsm_key_list->result_list) { return NULL; } if (!(result = db_result_list_next(hsm_key_list->result_list))) { return NULL; } if (!(hsm_key = hsm_key_new(db_object_connection(hsm_key_list->dbo)))) { return NULL; } if (hsm_key_from_result(hsm_key, result)) { hsm_key_free(hsm_key); return NULL; } return hsm_key; } opendnssec-2.1.5/enforcer/src/db/database_version_ext.h0000644000202300020240000000335713560310771020122 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __database_version_ext_h #define __database_version_ext_h #include "db_connection.h" /** * Get the database version. * \param[in] a db_connection_t pointer. * \return an integer with the database version or zero on error. */ int database_version_get_version(db_connection_t* connection); #endif opendnssec-2.1.5/enforcer/src/db/policy_key.h0000644000202300020240000003710113560311035016064 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __policy_key_h #define __policy_key_h #include "db_object.h" struct policy_key; struct policy_key_list; typedef struct policy_key policy_key_t; typedef struct policy_key_list policy_key_list_t; typedef enum policy_key_role { POLICY_KEY_ROLE_INVALID = -1, POLICY_KEY_ROLE_KSK = 1, POLICY_KEY_ROLE_ZSK = 2, POLICY_KEY_ROLE_CSK = 3 } policy_key_role_t; extern const db_enum_t policy_key_enum_set_role[]; #include "policy_key_ext.h" #include "policy.h" /** * A policy key object. */ struct policy_key { db_object_t* dbo; db_value_t id; db_value_t rev; db_value_t policy_id; const policy_t* associated_policy_id; policy_t* private_policy_id; policy_key_role_t role; unsigned int algorithm; unsigned int bits; unsigned int lifetime; char* repository; unsigned int standby; unsigned int manual_rollover; unsigned int rfc5011; unsigned int minimize; }; /** * Create a new policy key object. * \param[in] connection a db_connection_t pointer. * \return a policy_key_t pointer or NULL on error. */ policy_key_t* policy_key_new(const db_connection_t* connection); /** * Create a new policy key object that is a copy of another policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a policy_key_t pointer or NULL on error. */ policy_key_t* policy_key_new_copy(const policy_key_t* policy_key); /** * Delete a policy key object, this does not delete it from the database. * \param[in] policy_key a policy_key_t pointer. */ void policy_key_free(policy_key_t* policy_key); /** * Reset the content of a policy key object making it as if its new. This does not change anything in the database. * \param[in] policy_key a policy_key_t pointer. */ void policy_key_reset(policy_key_t* policy_key); /** * Copy the content of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] policy_key_copy a policy_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_copy(policy_key_t* policy_key, const policy_key_t* policy_key_copy); /** * Compare two policy key objects and return less than, equal to, * or greater than zero if A is found, respectively, to be less than, to match, * or be greater than B. * \param[in] policy_key_a a policy_key_t pointer. * \param[in] policy_key_b a policy_key_t pointer. * \return less than, equal to, or greater than zero if A is found, respectively, * to be less than, to match, or be greater than B. */ int policy_key_cmp(const policy_key_t* policy_key_a, const policy_key_t* policy_key_b); /** * Set the content of a policy key object based on a database result. * \param[in] policy_key a policy_key_t pointer. * \param[in] result a db_result_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_from_result(policy_key_t* policy_key, const db_result_t* result); /** * Get the policy_id of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* policy_key_policy_id(const policy_key_t* policy_key); /** * Get the policy_id object related to a policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a policy_t pointer or NULL on error or if no object could be found. */ const policy_t* policy_key_policy(const policy_key_t* policy_key); /** * Get the policy_id object related to a policy key object. * The caller will be given ownership of this object and is responsible for freeing it. * \param[in] policy_key a policy_key_t pointer. * \return a policy_t pointer or NULL on error or if no object could be found. */ policy_t* policy_key_get_policy(const policy_key_t* policy_key); /** * Get the role of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a policy_key_role_t which may be POLICY_KEY_ROLE_INVALID on error or if no role has been set. */ policy_key_role_t policy_key_role(const policy_key_t* policy_key); /** * Get the role as text of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a character pointer or NULL on error or if no role has been set. */ const char* policy_key_role_text(const policy_key_t* policy_key); /** * Get the algorithm of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_algorithm(const policy_key_t* policy_key); /** * Get the bits of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_bits(const policy_key_t* policy_key); /** * Get the lifetime of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_lifetime(const policy_key_t* policy_key); /** * Get the repository of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \return a character pointer or NULL on error or if no repository has been set. */ const char* policy_key_repository(const policy_key_t* policy_key); /** * Get the standby of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an integer. */ int policy_key_standby(const policy_key_t* policy_key); /** * Get the manual_rollover of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_manual_rollover(const policy_key_t* policy_key); /** * Get the rfc5011 of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_rfc5011(const policy_key_t* policy_key); /** * Get the minimize of a policy key object. Undefined behavior if `policy_key` is NULL. * \param[in] policy_key a policy_key_t pointer. * \return an unsigned integer. */ unsigned int policy_key_minimize(const policy_key_t* policy_key); /** * Set the policy_id of a policy key object. If this fails the original value may have been lost. * \param[in] policy_key a policy_key_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_policy_id(policy_key_t* policy_key, const db_value_t* policy_id); /** * Set the role of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] role a policy_key_role_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_role(policy_key_t* policy_key, policy_key_role_t role); /** * Set the algorithm of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] algorithm an unsigned integer with a maximum value of 255. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_algorithm(policy_key_t* policy_key, unsigned int algorithm); /** * Set the bits of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] bits an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_bits(policy_key_t* policy_key, unsigned int bits); /** * Set the lifetime of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] lifetime an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_lifetime(policy_key_t* policy_key, unsigned int lifetime); /** * Set the repository of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] repository_text a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_repository(policy_key_t* policy_key, const char* repository_text); /** * Set the standby of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] standby an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_standby(policy_key_t* policy_key, unsigned int standby); /** * Set the manual_rollover of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] manual_rollover an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_manual_rollover(policy_key_t* policy_key, unsigned int manual_rollover); /** * Set the rfc5011 of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] rfc5011 an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_rfc5011(policy_key_t* policy_key, unsigned int rfc5011); /** * Set the minimize of a policy key object. * \param[in] policy_key a policy_key_t pointer. * \param[in] minimize an unsigned integer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_set_minimize(policy_key_t* policy_key, unsigned int minimize); /** * Create a policy key object in the database. * \param[in] policy_key a policy_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_create(policy_key_t* policy_key); /** * Get a policy key object from the database by a id specified in `id`. * \param[in] policy_key a policy_key_t pointer. * \param[in] id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_get_by_id(policy_key_t* policy_key, const db_value_t* id); /** * Delete a policy key object from the database. * \param[in] policy_key a policy_key_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_delete(policy_key_t* policy_key); /** * A list of policy key objects. */ struct policy_key_list { db_object_t* dbo; db_result_list_t* result_list; const db_result_t* result; policy_key_t* policy_key; int object_store; policy_key_t** object_list; size_t object_list_size; size_t object_list_position; int object_list_first; int associated_fetch; policy_list_t* policy_id_list; }; /** * Create a new policy key object list. * \param[in] connection a db_connection_t pointer. * \return a policy_key_list_t pointer or NULL on error. */ policy_key_list_t* policy_key_list_new(const db_connection_t* connection); /** * Create a new policy key object list that is a copy of another. * \param[in] policy_key_list a policy_key_list_t pointer. * \return a policy_key_list_t pointer or NULL on error. */ policy_key_list_t* policy_key_list_new_copy(const policy_key_list_t* policy_key_copy); /** * Specify that objects should be stored within the list as they are fetch, * this is optimal if the list is to be iterated over more then once. * \param[in] policy_key_list a policy_key_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_list_object_store(policy_key_list_t* policy_key_list); /** * Delete a policy key object list. * \param[in] policy_key_list a policy_key_list_t pointer. */ void policy_key_list_free(policy_key_list_t* policy_key_list); /** * Copy the content of another policy key object list. * \param[in] policy_key_list a policy_key_list_t pointer. * \param[in] from_policy_key_list a policy_key_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_list_copy(policy_key_list_t* policy_key_list, const policy_key_list_t* from_policy_key_list); /** * Get policy key objects from the database by a clause list. * \param[in] policy_key_list a policy_key_list_t pointer. * \param[in] clause_list a db_clause_list_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_list_get_by_clauses(policy_key_list_t* policy_key_list, const db_clause_list_t* clause_list); /** * Get policy key objects from the database by a policy_id specified in `policy_id`. * \param[in] policy_key_list a policy_key_list_t pointer. * \param[in] policy_id a db_value_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_list_get_by_policy_id(policy_key_list_t* policy_key_list, const db_value_t* policy_id); /** * Get a new list of policy key objects from the database by a policy_id specified in `policy_id`. * \param[in] connection a db_connection_t pointer. * \param[in] policy_id a db_value_t pointer. * \return a policy_key_list_t pointer or NULL on error. */ policy_key_list_t* policy_key_list_new_get_by_policy_id(const db_connection_t* connection, const db_value_t* policy_id); /** * Get the first policy key object in a policy key object list and reset the * position of the list. * \param[in] policy_key_list a policy_key_list_t pointer. * \return a policy_key_t pointer or NULL on error or if there are no * policy key objects in the policy key object list. */ const policy_key_t* policy_key_list_begin(policy_key_list_t* policy_key_list); /** * Get the next policy key object in a policy key object list. * Ownership of this object is retained within the list and the object is only * valid until the next call to this function. * \param[in] policy_key_list a policy_key_list_t pointer. * \return a policy_key_t pointer or NULL on error or if there are no more * policy key objects in the policy key object list. */ const policy_key_t* policy_key_list_next(policy_key_list_t* policy_key_list); /** * Get the next policy key object in a policy key object list. * The caller will be given ownership of this object and is responsible for * freeing it. * \param[in] policy_key_list a policy_key_list_t pointer. * \return a policy_key_t pointer or NULL on error or if there are no more * policy key objects in the policy key object list. */ policy_key_t* policy_key_list_get_next(policy_key_list_t* policy_key_list); /** * Get the size of a policy key object list. * \param[in] policy_key_list a policy_key_list_t pointer. * \return a size_t with the size of the list or zero on error, if the list is * empty or if the backend does not support returning the size. */ size_t policy_key_list_size(policy_key_list_t* policy_key_list); policy_key_t * policy_key_new_get_by_policyid_and_role (const db_connection_t* connection, const db_value_t* policyid, const policy_key_role_t role); int policy_key_get_by_policyid_and_role(policy_key_t* policy_key, const db_value_t* policyid , const policy_key_role_t role); #endif opendnssec-2.1.5/enforcer/src/db/key_data.c0000644000202300020240000023716513560311035015505 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "key_data.h" #include "db_error.h" #include const db_enum_t key_data_enum_set_role[] = { { "KSK", (key_data_role_t)KEY_DATA_ROLE_KSK }, { "ZSK", (key_data_role_t)KEY_DATA_ROLE_ZSK }, { "CSK", (key_data_role_t)KEY_DATA_ROLE_CSK }, { NULL, 0 } }; const db_enum_t key_data_enum_set_ds_at_parent[] = { { "unsubmitted", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_UNSUBMITTED }, { "submit", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SUBMIT }, { "submitted", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SUBMITTED }, { "seen", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SEEN }, { "retract", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_RETRACT }, { "retracted", (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_RETRACTED }, { NULL, 0 } }; /** * Create a new key data object. * \param[in] connection a db_connection_t pointer. * \return a key_data_t pointer or NULL on error. */ static db_object_t* __key_data_new_object(const db_connection_t* connection) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_object_t* object; if (!(object = db_object_new()) || db_object_set_connection(object, connection) || db_object_set_table(object, "keyData") || db_object_set_primary_key_name(object, "id") || !(object_field_list = db_object_field_list_new())) { db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "id") || db_object_field_set_type(object_field, DB_TYPE_PRIMARY_KEY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "rev") || db_object_field_set_type(object_field, DB_TYPE_REVISION) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "hsmKeyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "introducing") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "shouldRevoke") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "standby") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeZsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "publish") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeKsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "dsAtParent") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_ds_at_parent) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keytag") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } if (db_object_set_object_field_list(object, object_field_list)) { db_object_field_list_free(object_field_list); db_object_free(object); return NULL; } return object; } /* KEY DATA */ key_data_t* key_data_new(const db_connection_t* connection) { key_data_t* key_data = (key_data_t*)calloc(1, sizeof(key_data_t)); if (key_data) { if (!(key_data->dbo = __key_data_new_object(connection))) { free(key_data); return NULL; } db_value_reset(&(key_data->id)); db_value_reset(&(key_data->rev)); db_value_reset(&(key_data->zone_id)); db_value_reset(&(key_data->hsm_key_id)); key_data->role = KEY_DATA_ROLE_INVALID; key_data->introducing = 1; key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_UNSUBMITTED; } return key_data; } key_data_t* key_data_new_copy(const key_data_t* key_data) { key_data_t* new_key_data; if (!key_data) { return NULL; } if (!key_data->dbo) { return NULL; } if (!(new_key_data = key_data_new(db_object_connection(key_data->dbo))) || key_data_copy(new_key_data, key_data)) { key_data_free(new_key_data); return NULL; } return new_key_data; } void key_data_free(key_data_t* key_data) { if (key_data) { if (key_data->dbo) { db_object_free(key_data->dbo); } db_value_reset(&(key_data->id)); db_value_reset(&(key_data->rev)); db_value_reset(&(key_data->zone_id)); if (key_data->private_zone_id) { zone_db_free(key_data->private_zone_id); } db_value_reset(&(key_data->hsm_key_id)); if (key_data->private_hsm_key_id) { hsm_key_free(key_data->private_hsm_key_id); } if (key_data->key_state_list) { key_state_list_free(key_data->key_state_list); } free(key_data); } } int key_data_copy(key_data_t* key_data, const key_data_t* key_data_copy) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data_copy) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_data->id), &(key_data_copy->id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_data->rev), &(key_data_copy->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_data->zone_id), &(key_data_copy->zone_id))) { return DB_ERROR_UNKNOWN; } if (key_data->private_zone_id) { zone_db_free(key_data->private_zone_id); key_data->private_zone_id = NULL; } if (key_data_copy->private_zone_id && !(key_data->private_zone_id = zone_db_new_copy(key_data_copy->private_zone_id))) { return DB_ERROR_UNKNOWN; } key_data->associated_zone_id = NULL; if (!key_data_copy->private_zone_id && key_data_copy->associated_zone_id && !(key_data->private_zone_id = zone_db_new_copy(key_data_copy->associated_zone_id))) { return DB_ERROR_UNKNOWN; } if (db_value_copy(&(key_data->hsm_key_id), &(key_data_copy->hsm_key_id))) { return DB_ERROR_UNKNOWN; } if (key_data->private_hsm_key_id) { hsm_key_free(key_data->private_hsm_key_id); key_data->private_hsm_key_id = NULL; } if (key_data_copy->private_hsm_key_id && !(key_data->private_hsm_key_id = hsm_key_new_copy(key_data_copy->private_hsm_key_id))) { return DB_ERROR_UNKNOWN; } key_data->associated_hsm_key_id = NULL; if (!key_data_copy->private_hsm_key_id && key_data_copy->associated_hsm_key_id && !(key_data->private_hsm_key_id = hsm_key_new_copy(key_data_copy->associated_hsm_key_id))) { return DB_ERROR_UNKNOWN; } if (key_data->key_state_list) { key_state_list_free(key_data->key_state_list); key_data->key_state_list = NULL; } if (key_data_copy->key_state_list && !(key_data->key_state_list = key_state_list_new_copy(key_data_copy->key_state_list))) { return DB_ERROR_UNKNOWN; } key_data->algorithm = key_data_copy->algorithm; key_data->inception = key_data_copy->inception; key_data->role = key_data_copy->role; key_data->introducing = key_data_copy->introducing; key_data->should_revoke = key_data_copy->should_revoke; key_data->standby = key_data_copy->standby; key_data->active_zsk = key_data_copy->active_zsk; key_data->publish = key_data_copy->publish; key_data->active_ksk = key_data_copy->active_ksk; key_data->ds_at_parent = key_data_copy->ds_at_parent; key_data->keytag = key_data_copy->keytag; key_data->minimize = key_data_copy->minimize; return DB_OK; } int key_data_cmp(const key_data_t* key_data_a, const key_data_t* key_data_b) { int ret; if (!key_data_a && !key_data_b) { return 0; } if (!key_data_a && key_data_b) { return -1; } if (key_data_a && !key_data_b) { return 1; } ret = 0; db_value_cmp(&(key_data_a->zone_id), &(key_data_b->zone_id), &ret); if (ret) { return ret; } ret = 0; db_value_cmp(&(key_data_a->hsm_key_id), &(key_data_b->hsm_key_id), &ret); if (ret) { return ret; } if (key_data_a->algorithm != key_data_b->algorithm) { return key_data_a->algorithm < key_data_b->algorithm ? -1 : 1; } if (key_data_a->inception != key_data_b->inception) { return key_data_a->inception < key_data_b->inception ? -1 : 1; } if (key_data_a->role != key_data_b->role) { return key_data_a->role < key_data_b->role ? -1 : 1; } if (key_data_a->introducing != key_data_b->introducing) { return key_data_a->introducing < key_data_b->introducing ? -1 : 1; } if (key_data_a->should_revoke != key_data_b->should_revoke) { return key_data_a->should_revoke < key_data_b->should_revoke ? -1 : 1; } if (key_data_a->standby != key_data_b->standby) { return key_data_a->standby < key_data_b->standby ? -1 : 1; } if (key_data_a->active_zsk != key_data_b->active_zsk) { return key_data_a->active_zsk < key_data_b->active_zsk ? -1 : 1; } if (key_data_a->publish != key_data_b->publish) { return key_data_a->publish < key_data_b->publish ? -1 : 1; } if (key_data_a->active_ksk != key_data_b->active_ksk) { return key_data_a->active_ksk < key_data_b->active_ksk ? -1 : 1; } if (key_data_a->ds_at_parent != key_data_b->ds_at_parent) { return key_data_a->ds_at_parent < key_data_b->ds_at_parent ? -1 : 1; } if (key_data_a->keytag != key_data_b->keytag) { return key_data_a->keytag < key_data_b->keytag ? -1 : 1; } if (key_data_a->minimize != key_data_b->minimize) { return key_data_a->minimize < key_data_b->minimize ? -1 : 1; } return 0; } int key_data_from_result(key_data_t* key_data, const db_result_t* result) { const db_value_set_t* value_set; int role; int ds_at_parent; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!result) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_data->id)); db_value_reset(&(key_data->rev)); db_value_reset(&(key_data->zone_id)); db_value_reset(&(key_data->hsm_key_id)); if (!(value_set = db_result_value_set(result)) || db_value_set_size(value_set) != 16 || db_value_copy(&(key_data->id), db_value_set_at(value_set, 0)) || db_value_copy(&(key_data->rev), db_value_set_at(value_set, 1)) || db_value_copy(&(key_data->zone_id), db_value_set_at(value_set, 2)) || db_value_copy(&(key_data->hsm_key_id), db_value_set_at(value_set, 3)) || db_value_to_uint32(db_value_set_at(value_set, 4), &(key_data->algorithm)) || db_value_to_uint32(db_value_set_at(value_set, 5), &(key_data->inception)) || db_value_to_enum_value(db_value_set_at(value_set, 6), &role, key_data_enum_set_role) || db_value_to_uint32(db_value_set_at(value_set, 7), &(key_data->introducing)) || db_value_to_uint32(db_value_set_at(value_set, 8), &(key_data->should_revoke)) || db_value_to_uint32(db_value_set_at(value_set, 9), &(key_data->standby)) || db_value_to_uint32(db_value_set_at(value_set, 10), &(key_data->active_zsk)) || db_value_to_uint32(db_value_set_at(value_set, 11), &(key_data->publish)) || db_value_to_uint32(db_value_set_at(value_set, 12), &(key_data->active_ksk)) || db_value_to_enum_value(db_value_set_at(value_set, 13), &ds_at_parent, key_data_enum_set_ds_at_parent) || db_value_to_uint32(db_value_set_at(value_set, 14), &(key_data->keytag)) || db_value_to_uint32(db_value_set_at(value_set, 15), &(key_data->minimize))) { return DB_ERROR_UNKNOWN; } if (role == (key_data_role_t)KEY_DATA_ROLE_KSK) { key_data->role = KEY_DATA_ROLE_KSK; } else if (role == (key_data_role_t)KEY_DATA_ROLE_ZSK) { key_data->role = KEY_DATA_ROLE_ZSK; } else if (role == (key_data_role_t)KEY_DATA_ROLE_CSK) { key_data->role = KEY_DATA_ROLE_CSK; } else { return DB_ERROR_UNKNOWN; } if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_UNSUBMITTED) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_UNSUBMITTED; } else if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SUBMIT) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_SUBMIT; } else if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SUBMITTED) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_SUBMITTED; } else if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_SEEN) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_SEEN; } else if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_RETRACT) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_RETRACT; } else if (ds_at_parent == (key_data_ds_at_parent_t)KEY_DATA_DS_AT_PARENT_RETRACTED) { key_data->ds_at_parent = KEY_DATA_DS_AT_PARENT_RETRACTED; } else { return DB_ERROR_UNKNOWN; } return DB_OK; } const db_value_t* key_data_id(const key_data_t* key_data) { if (!key_data) { return NULL; } return &(key_data->id); } const db_value_t* key_data_zone_id(const key_data_t* key_data) { if (!key_data) { return NULL; } return &(key_data->zone_id); } zone_db_t* key_data_get_zone(const key_data_t* key_data) { zone_db_t* zone_id = NULL; if (!key_data) { return NULL; } if (!key_data->dbo) { return NULL; } if (db_value_not_empty(&(key_data->zone_id))) { return NULL; } if (!(zone_id = zone_db_new(db_object_connection(key_data->dbo)))) { return NULL; } if (key_data->private_zone_id) { if (zone_db_copy(zone_id, key_data->private_zone_id)) { zone_db_free(zone_id); return NULL; } } else if (key_data->associated_zone_id) { if (zone_db_copy(zone_id, key_data->associated_zone_id)) { zone_db_free(zone_id); return NULL; } } else { if (zone_db_get_by_id(zone_id, &(key_data->zone_id))) { zone_db_free(zone_id); return NULL; } } return zone_id; } const db_value_t* key_data_hsm_key_id(const key_data_t* key_data) { if (!key_data) { return NULL; } return &(key_data->hsm_key_id); } int key_data_cache_hsm_key(key_data_t* key_data) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (key_data->associated_hsm_key_id || key_data->private_hsm_key_id) { return DB_OK; } if (!(key_data->private_hsm_key_id = hsm_key_new(db_object_connection(key_data->dbo)))) { return DB_ERROR_UNKNOWN; } if (hsm_key_get_by_id(key_data->private_hsm_key_id, &(key_data->hsm_key_id))) { hsm_key_free(key_data->private_hsm_key_id); key_data->private_hsm_key_id = NULL; return DB_ERROR_UNKNOWN; } return DB_OK; } const hsm_key_t* key_data_hsm_key(const key_data_t* key_data) { if (!key_data) { return NULL; } if (key_data->private_hsm_key_id) { return key_data->private_hsm_key_id; } return key_data->associated_hsm_key_id; } hsm_key_t* key_data_get_hsm_key(const key_data_t* key_data) { hsm_key_t* hsm_key_id = NULL; if (!key_data) { return NULL; } if (!key_data->dbo) { return NULL; } if (db_value_not_empty(&(key_data->hsm_key_id))) { return NULL; } if (!(hsm_key_id = hsm_key_new(db_object_connection(key_data->dbo)))) { return NULL; } if (key_data->private_hsm_key_id) { if (hsm_key_copy(hsm_key_id, key_data->private_hsm_key_id)) { hsm_key_free(hsm_key_id); return NULL; } } else if (key_data->associated_hsm_key_id) { if (hsm_key_copy(hsm_key_id, key_data->associated_hsm_key_id)) { hsm_key_free(hsm_key_id); return NULL; } } else { if (hsm_key_get_by_id(hsm_key_id, &(key_data->hsm_key_id))) { hsm_key_free(hsm_key_id); return NULL; } } return hsm_key_id; } unsigned int key_data_algorithm(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->algorithm; } unsigned int key_data_inception(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->inception; } key_data_role_t key_data_role(const key_data_t* key_data) { if (!key_data) { return KEY_DATA_ROLE_INVALID; } return key_data->role; } const char* key_data_role_text(const key_data_t* key_data) { const db_enum_t* enum_set = key_data_enum_set_role; if (!key_data) { return NULL; } while (enum_set->text) { if (enum_set->value == key_data->role) { return enum_set->text; } enum_set++; } return NULL; } unsigned int key_data_introducing(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->introducing; } unsigned int key_data_active_zsk(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->active_zsk; } unsigned int key_data_publish(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->publish; } unsigned int key_data_active_ksk(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->active_ksk; } key_data_ds_at_parent_t key_data_ds_at_parent(const key_data_t* key_data) { if (!key_data) { return KEY_DATA_DS_AT_PARENT_INVALID; } return key_data->ds_at_parent; } unsigned int key_data_keytag(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->keytag; } unsigned int key_data_minimize(const key_data_t* key_data) { if (!key_data) { return 0; } return key_data->minimize; } key_state_list_t* key_data_key_state_list(key_data_t* key_data) { if (!key_data) { return NULL; } if (!key_data->dbo) { return NULL; } if (!key_data->key_state_list && key_data_retrieve_key_state_list(key_data)) { return NULL; } return key_data->key_state_list; } int key_data_retrieve_key_state_list(key_data_t* key_data) { db_clause_list_t* clause_list; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (key_data->key_state_list) { key_state_list_free(key_data->key_state_list); key_data->key_state_list = NULL; } if (!(clause_list = db_clause_list_new()) || !key_state_key_data_id_clause(clause_list, key_data_id(key_data)) || !(key_data->key_state_list = key_state_list_new(db_object_connection(key_data->dbo))) || key_state_list_object_store(key_data->key_state_list) || key_state_list_get_by_clauses(key_data->key_state_list, clause_list)) { key_state_list_free(key_data->key_state_list); key_data->key_state_list = NULL; db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); return DB_OK; } int key_data_set_zone_id(key_data_t* key_data, const db_value_t* zone_id) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (!zone_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(zone_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_data->zone_id)); if (db_value_copy(&(key_data->zone_id), zone_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_data_set_hsm_key_id(key_data_t* key_data, const db_value_t* hsm_key_id) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (!hsm_key_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(hsm_key_id)) { return DB_ERROR_UNKNOWN; } db_value_reset(&(key_data->hsm_key_id)); if (db_value_copy(&(key_data->hsm_key_id), hsm_key_id)) { return DB_ERROR_UNKNOWN; } return DB_OK; } int key_data_set_algorithm(key_data_t* key_data, unsigned int algorithm) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->algorithm = algorithm; return DB_OK; } int key_data_set_inception(key_data_t* key_data, unsigned int inception) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->inception = inception; return DB_OK; } int key_data_set_role(key_data_t* key_data, key_data_role_t role) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (role == KEY_DATA_ROLE_INVALID) { return DB_ERROR_UNKNOWN; } key_data->role = role; return DB_OK; } int key_data_set_introducing(key_data_t* key_data, unsigned int introducing) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->introducing = introducing; return DB_OK; } int key_data_set_active_zsk(key_data_t* key_data, unsigned int active_zsk) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->active_zsk = active_zsk; return DB_OK; } int key_data_set_publish(key_data_t* key_data, unsigned int publish) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->publish = publish; return DB_OK; } int key_data_set_active_ksk(key_data_t* key_data, unsigned int active_ksk) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->active_ksk = active_ksk; return DB_OK; } int key_data_set_ds_at_parent(key_data_t* key_data, key_data_ds_at_parent_t ds_at_parent) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (ds_at_parent == KEY_DATA_DS_AT_PARENT_INVALID) { return DB_ERROR_UNKNOWN; } key_data->ds_at_parent = ds_at_parent; return DB_OK; } int key_data_set_keytag(key_data_t* key_data, unsigned int keytag) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->keytag = keytag; return DB_OK; } int key_data_set_minimize(key_data_t* key_data, unsigned int minimize) { if (!key_data) { return DB_ERROR_UNKNOWN; } key_data->minimize = minimize; return DB_OK; } db_clause_t* key_data_zone_id_clause(db_clause_list_t* clause_list, const db_value_t* zone_id) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!zone_id) { return NULL; } if (db_value_not_empty(zone_id)) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "zoneId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), zone_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* key_data_hsm_key_id_clause(db_clause_list_t* clause_list, const db_value_t* hsm_key_id) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!hsm_key_id) { return NULL; } if (db_value_not_empty(hsm_key_id)) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "hsmKeyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_copy(db_clause_get_value(clause), hsm_key_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* key_data_role_clause(db_clause_list_t* clause_list, key_data_role_t role) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "role") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), role, key_data_enum_set_role) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* key_data_ds_at_parent_clause(db_clause_list_t* clause_list, key_data_ds_at_parent_t ds_at_parent) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "dsAtParent") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_enum_value(db_clause_get_value(clause), ds_at_parent, key_data_enum_set_ds_at_parent) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } db_clause_t* key_data_keytag_clause(db_clause_list_t* clause_list, unsigned int keytag) { db_clause_t* clause; if (!clause_list) { return NULL; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "keytag") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_AND) || db_value_from_uint32(db_clause_get_value(clause), keytag) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); return NULL; } return clause; } int key_data_create(key_data_t* key_data) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; int ret; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_data->id))) { return DB_ERROR_UNKNOWN; } if (!db_value_not_empty(&(key_data->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->zone_id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->hsm_key_id))) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "hsmKeyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "introducing") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "shouldRevoke") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "standby") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeZsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "publish") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeKsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "dsAtParent") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_ds_at_parent) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keytag") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(14))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(key_data->zone_id)) || db_value_copy(db_value_set_get(value_set, 1), &(key_data->hsm_key_id)) || db_value_from_uint32(db_value_set_get(value_set, 2), key_data->algorithm) || db_value_from_uint32(db_value_set_get(value_set, 3), key_data->inception) || db_value_from_enum_value(db_value_set_get(value_set, 4), key_data->role, key_data_enum_set_role) || db_value_from_uint32(db_value_set_get(value_set, 5), key_data->introducing) || db_value_from_uint32(db_value_set_get(value_set, 6), key_data->should_revoke) || db_value_from_uint32(db_value_set_get(value_set, 7), key_data->standby) || db_value_from_uint32(db_value_set_get(value_set, 8), key_data->active_zsk) || db_value_from_uint32(db_value_set_get(value_set, 9), key_data->publish) || db_value_from_uint32(db_value_set_get(value_set, 10), key_data->active_ksk) || db_value_from_enum_value(db_value_set_get(value_set, 11), key_data->ds_at_parent, key_data_enum_set_ds_at_parent) || db_value_from_uint32(db_value_set_get(value_set, 12), key_data->keytag) || db_value_from_uint32(db_value_set_get(value_set, 13), key_data->minimize)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_create(key_data->dbo, object_field_list, value_set); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return ret; } int key_data_get_by_id(key_data_t* key_data, const db_value_t* id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (!id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(key_data->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (key_data_from_result(key_data, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } int key_data_update(key_data_t* key_data) { db_object_field_list_t* object_field_list; db_object_field_t* object_field; db_value_set_t* value_set; db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->rev))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->zone_id))) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->hsm_key_id))) { return DB_ERROR_UNKNOWN; } /* TODO: validate content more */ if (!(object_field_list = db_object_field_list_new())) { return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "zoneId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "hsmKeyId") || db_object_field_set_type(object_field, DB_TYPE_ANY) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "algorithm") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "inception") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "role") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_role) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "introducing") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "shouldRevoke") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "standby") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeZsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "publish") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "activeKsk") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "dsAtParent") || db_object_field_set_type(object_field, DB_TYPE_ENUM) || db_object_field_set_enum_set(object_field, key_data_enum_set_ds_at_parent) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "keytag") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(object_field = db_object_field_new()) || db_object_field_set_name(object_field, "minimize") || db_object_field_set_type(object_field, DB_TYPE_UINT32) || db_object_field_list_add(object_field_list, object_field)) { db_object_field_free(object_field); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(value_set = db_value_set_new(14))) { db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (db_value_copy(db_value_set_get(value_set, 0), &(key_data->zone_id)) || db_value_copy(db_value_set_get(value_set, 1), &(key_data->hsm_key_id)) || db_value_from_uint32(db_value_set_get(value_set, 2), key_data->algorithm) || db_value_from_uint32(db_value_set_get(value_set, 3), key_data->inception) || db_value_from_enum_value(db_value_set_get(value_set, 4), key_data->role, key_data_enum_set_role) || db_value_from_uint32(db_value_set_get(value_set, 5), key_data->introducing) || db_value_from_uint32(db_value_set_get(value_set, 6), key_data->should_revoke) || db_value_from_uint32(db_value_set_get(value_set, 7), key_data->standby) || db_value_from_uint32(db_value_set_get(value_set, 8), key_data->active_zsk) || db_value_from_uint32(db_value_set_get(value_set, 9), key_data->publish) || db_value_from_uint32(db_value_set_get(value_set, 10), key_data->active_ksk) || db_value_from_enum_value(db_value_set_get(value_set, 11), key_data->ds_at_parent, key_data_enum_set_ds_at_parent) || db_value_from_uint32(db_value_set_get(value_set, 12), key_data->keytag) || db_value_from_uint32(db_value_set_get(value_set, 13), key_data->minimize)) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_data->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_data->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); return DB_ERROR_UNKNOWN; } ret = db_object_update(key_data->dbo, object_field_list, value_set, clause_list); db_value_set_free(value_set); db_object_field_list_free(object_field_list); db_clause_list_free(clause_list); return ret; } int key_data_delete(key_data_t* key_data) { db_clause_list_t* clause_list; db_clause_t* clause; int ret; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(&(key_data->id))) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_data->id)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "rev") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), &(key_data->rev)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } ret = db_object_delete(key_data->dbo, clause_list); db_clause_list_free(clause_list); return ret; } int key_data_count(key_data_t* key_data, db_clause_list_t* clause_list, size_t* count) { if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (!count) { return DB_ERROR_UNKNOWN; } return db_object_count(key_data->dbo, NULL, clause_list, count); } /* KEY DATA LIST */ key_data_list_t* key_data_list_new(const db_connection_t* connection) { key_data_list_t* key_data_list = (key_data_list_t*)calloc(1, sizeof(key_data_list_t)); if (key_data_list) { if (!(key_data_list->dbo = __key_data_new_object(connection))) { free(key_data_list); return NULL; } } return key_data_list; } key_data_list_t* key_data_list_new_copy(const key_data_list_t* from_key_data_list) { key_data_list_t* key_data_list; if (!from_key_data_list) { return NULL; } if (!from_key_data_list->dbo) { return NULL; } if (!(key_data_list = key_data_list_new(db_object_connection(from_key_data_list->dbo))) || key_data_list_copy(key_data_list, from_key_data_list)) { key_data_list_free(key_data_list); return NULL; } return key_data_list; } int key_data_list_object_store(key_data_list_t* key_data_list) { if (!key_data_list) { return DB_ERROR_UNKNOWN; } key_data_list->object_store = 1; return DB_OK; } void key_data_list_free(key_data_list_t* key_data_list) { size_t i; if (key_data_list) { if (key_data_list->dbo) { db_object_free(key_data_list->dbo); } if (key_data_list->result_list) { db_result_list_free(key_data_list->result_list); } if (key_data_list->key_data) { key_data_free(key_data_list->key_data); } for (i = 0; i < key_data_list->object_list_size; i++) { if (key_data_list->object_list[i]) { key_data_free(key_data_list->object_list[i]); } } if (key_data_list->object_list) { free(key_data_list->object_list); } if (key_data_list->zone_id_list) { zone_list_db_free(key_data_list->zone_id_list); } if (key_data_list->hsm_key_id_list) { hsm_key_list_free(key_data_list->hsm_key_id_list); } free(key_data_list); } } int key_data_list_copy(key_data_list_t* key_data_list, const key_data_list_t* from_key_data_list) { size_t i; if (!key_data_list) { return DB_ERROR_UNKNOWN; } if (!from_key_data_list) { return DB_ERROR_UNKNOWN; } if (from_key_data_list->object_list && !from_key_data_list->object_list_size) { return DB_ERROR_UNKNOWN; } if (key_data_list->result_list) { db_result_list_free(key_data_list->result_list); key_data_list->result_list = NULL; } if (from_key_data_list->result_list && !(key_data_list->result_list = db_result_list_new_copy(from_key_data_list->result_list))) { return DB_ERROR_UNKNOWN; } key_data_list->object_store = from_key_data_list->object_store; for (i = 0; i < key_data_list->object_list_size; i++) { if (key_data_list->object_list[i]) { key_data_free(key_data_list->object_list[i]); } } key_data_list->object_list_size = 0; if (key_data_list->object_list) { free(key_data_list->object_list); key_data_list->object_list = NULL; } if (from_key_data_list->object_list) { if (!(key_data_list->object_list = (key_data_t**)calloc(from_key_data_list->object_list_size, sizeof(key_data_t*)))) { return DB_ERROR_UNKNOWN; } key_data_list->object_list_size = from_key_data_list->object_list_size; for (i = 0; i < from_key_data_list->object_list_size; i++) { if (!from_key_data_list->object_list[i]) { continue; } if (!(key_data_list->object_list[i] = key_data_new_copy(from_key_data_list->object_list[i]))) { return DB_ERROR_UNKNOWN; } } } key_data_list->object_list_position = 0;; key_data_list->object_list_first = 1; key_data_list->associated_fetch = from_key_data_list->associated_fetch; if (from_key_data_list->zone_id_list && !(key_data_list->zone_id_list = zone_list_db_new_copy(from_key_data_list->zone_id_list))) { return DB_ERROR_UNKNOWN; } if (from_key_data_list->hsm_key_id_list && !(key_data_list->hsm_key_id_list = hsm_key_list_new_copy(from_key_data_list->hsm_key_id_list))) { return DB_ERROR_UNKNOWN; } return DB_OK; } static int key_data_list_get_associated(key_data_list_t* key_data_list) { const db_clause_t* clause_walk; const zone_db_t* zone_zone_id; const hsm_key_t* hsm_key_hsm_key_id; size_t j, count; int cmp; size_t i; db_clause_list_t* clause_list; db_clause_t* clause; const key_data_t* key_data; key_state_list_t* key_state_list; const key_state_t* key_state; if (!key_data_list) { return DB_ERROR_UNKNOWN; } if (!key_data_list->dbo) { return DB_ERROR_UNKNOWN; } if (!key_data_list->associated_fetch) { return DB_ERROR_UNKNOWN; } if (!key_data_list->result_list) { return DB_ERROR_UNKNOWN; } if (key_data_list->object_list) { return DB_ERROR_UNKNOWN; } if (key_data_list->zone_id_list) { zone_list_db_free(key_data_list->zone_id_list); key_data_list->zone_id_list = NULL; } if (key_data_list->hsm_key_id_list) { hsm_key_list_free(key_data_list->hsm_key_id_list); key_data_list->hsm_key_id_list = NULL; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_data = key_data_list_begin(key_data_list); while (key_data) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_data_zone_id(key_data), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_data_zone_id(key_data)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_data = key_data_list_next(key_data_list); } if (!(key_data_list->zone_id_list = zone_list_db_new(db_object_connection(key_data_list->dbo))) || zone_list_db_object_store(key_data_list->zone_id_list) || zone_list_db_get_by_clauses(key_data_list->zone_id_list, clause_list)) { if (key_data_list->zone_id_list) { zone_list_db_free(key_data_list->zone_id_list); key_data_list->zone_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_data_list->object_list_size; i++) { if (!(key_data_list->object_list[i])) { return DB_ERROR_UNKNOWN; } zone_zone_id = zone_list_db_begin(key_data_list->zone_id_list); while (zone_zone_id) { if (db_value_cmp(key_data_zone_id(key_data_list->object_list[i]), zone_db_id(zone_zone_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_data_list->object_list[i]->associated_zone_id = zone_zone_id; } zone_zone_id = zone_list_db_next(key_data_list->zone_id_list); } } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_data = key_data_list_begin(key_data_list); while (key_data) { cmp = 1; clause_walk = db_clause_list_begin(clause_list); while (clause_walk) { if (db_value_cmp(db_clause_value(clause_walk), key_data_hsm_key_id(key_data), &cmp)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { break; } clause_walk = db_clause_next(clause_walk); } if (cmp) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "id") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_data_hsm_key_id(key_data)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_data = key_data_list_next(key_data_list); } if (!(key_data_list->hsm_key_id_list = hsm_key_list_new(db_object_connection(key_data_list->dbo))) || hsm_key_list_object_store(key_data_list->hsm_key_id_list) || hsm_key_list_get_by_clauses(key_data_list->hsm_key_id_list, clause_list)) { if (key_data_list->hsm_key_id_list) { hsm_key_list_free(key_data_list->hsm_key_id_list); key_data_list->hsm_key_id_list = NULL; } db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); for (i = 0; i < key_data_list->object_list_size; i++) { if (!(key_data_list->object_list[i])) { return DB_ERROR_UNKNOWN; } hsm_key_hsm_key_id = hsm_key_list_begin(key_data_list->hsm_key_id_list); while (hsm_key_hsm_key_id) { if (db_value_cmp(key_data_hsm_key_id(key_data_list->object_list[i]), hsm_key_id(hsm_key_hsm_key_id), &cmp)) { return DB_ERROR_UNKNOWN; } if (!cmp) { key_data_list->object_list[i]->associated_hsm_key_id = hsm_key_hsm_key_id; } hsm_key_hsm_key_id = hsm_key_list_next(key_data_list->hsm_key_id_list); } } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } key_data = key_data_list_begin(key_data_list); while (key_data) { if (!(clause = db_clause_new()) || db_clause_set_field(clause, "keyDataId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_clause_set_operator(clause, DB_CLAUSE_OPERATOR_OR) || db_value_copy(db_clause_get_value(clause), key_data_id(key_data)) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } key_data = key_data_list_next(key_data_list); } if (!(key_state_list = key_state_list_new(db_object_connection(key_data_list->dbo))) || key_state_list_object_store(key_state_list) || key_state_list_get_by_clauses(key_state_list, clause_list)) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } for (i = 0; i < key_data_list->object_list_size; i++) { if (!(key_data_list->object_list[i])) { return DB_ERROR_UNKNOWN; } count = 0; key_state = key_state_list_begin(key_state_list); while (key_state) { if (db_value_cmp(key_data_id(key_data_list->object_list[i]), key_state_key_data_id(key_state), &cmp)) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { count++; } key_state = key_state_list_next(key_state_list); } if (key_data_list->object_list[i]->key_state_list) { key_state_list_free(key_data_list->object_list[i]->key_state_list); key_data_list->object_list[i]->key_state_list = NULL; } if (!(key_data_list->object_list[i]->key_state_list = key_state_list_new(db_object_connection(key_data_list->dbo)))) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (count) { if (!(key_data_list->object_list[i]->key_state_list->object_list = (key_state_t**)calloc(count, sizeof(key_state_t*)))) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j = 0; key_state = key_state_list_begin(key_state_list); while (key_state) { if (j >= count) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (db_value_cmp(key_data_id(key_data_list->object_list[i]), key_state_key_data_id(key_state), &cmp)) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (!cmp) { if (!(key_data_list->object_list[i]->key_state_list->object_list[j] = key_state_new_copy(key_state))) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } j++; } key_state = key_state_list_next(key_state_list); } if (j != count) { key_state_list_free(key_state_list); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } } key_data_list->object_list[i]->key_state_list->object_store = 1; key_data_list->object_list[i]->key_state_list->object_list_size = count; key_data_list->object_list[i]->key_state_list->object_list_first = 1; } db_clause_list_free(clause_list); key_state_list_free(key_state_list); key_data_list->object_list_first = 1; return DB_OK; } int key_data_list_get(key_data_list_t* key_data_list) { size_t i; if (!key_data_list) { return DB_ERROR_UNKNOWN; } if (!key_data_list->dbo) { return DB_ERROR_UNKNOWN; } if (key_data_list->result_list) { db_result_list_free(key_data_list->result_list); } if (key_data_list->object_list_size) { for (i = 0; i < key_data_list->object_list_size; i++) { if (key_data_list->object_list[i]) { key_data_free(key_data_list->object_list[i]); } } key_data_list->object_list_size = 0; key_data_list->object_list_first = 0; } if (key_data_list->object_list) { free(key_data_list->object_list); key_data_list->object_list = NULL; } if (!(key_data_list->result_list = db_object_read(key_data_list->dbo, NULL, NULL)) || db_result_list_fetch_all(key_data_list->result_list)) { return DB_ERROR_UNKNOWN; } if (key_data_list->associated_fetch && key_data_list_get_associated(key_data_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } key_data_list_t* key_data_list_new_get(const db_connection_t* connection) { key_data_list_t* key_data_list; if (!connection) { return NULL; } if (!(key_data_list = key_data_list_new(connection)) || key_data_list_get(key_data_list)) { key_data_list_free(key_data_list); return NULL; } return key_data_list; } int key_data_list_get_by_clauses(key_data_list_t* key_data_list, const db_clause_list_t* clause_list) { size_t i; if (!key_data_list) { return DB_ERROR_UNKNOWN; } if (!clause_list) { return DB_ERROR_UNKNOWN; } if (!key_data_list->dbo) { return DB_ERROR_UNKNOWN; } if (key_data_list->result_list) { db_result_list_free(key_data_list->result_list); } if (key_data_list->object_list_size) { for (i = 0; i < key_data_list->object_list_size; i++) { if (key_data_list->object_list[i]) { key_data_free(key_data_list->object_list[i]); } } key_data_list->object_list_size = 0; key_data_list->object_list_first = 0; } if (key_data_list->object_list) { free(key_data_list->object_list); key_data_list->object_list = NULL; } if (!(key_data_list->result_list = db_object_read(key_data_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_data_list->result_list)) { return DB_ERROR_UNKNOWN; } if (key_data_list->associated_fetch && key_data_list_get_associated(key_data_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } key_data_list_t* key_data_list_new_get_by_clauses(const db_connection_t* connection, const db_clause_list_t* clause_list) { key_data_list_t* key_data_list; if (!connection) { return NULL; } if (!clause_list) { return NULL; } if (!(key_data_list = key_data_list_new(connection)) || key_data_list_get_by_clauses(key_data_list, clause_list)) { key_data_list_free(key_data_list); return NULL; } return key_data_list; } int key_data_list_get_by_zone_id(key_data_list_t* key_data_list, const db_value_t* zone_id) { db_clause_list_t* clause_list; db_clause_t* clause; size_t i; if (!key_data_list) { return DB_ERROR_UNKNOWN; } if (!key_data_list->dbo) { return DB_ERROR_UNKNOWN; } if (!zone_id) { return DB_ERROR_UNKNOWN; } if (db_value_not_empty(zone_id)) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "zoneId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), zone_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } if (key_data_list->result_list) { db_result_list_free(key_data_list->result_list); } if (key_data_list->object_list_size) { for (i = 0; i < key_data_list->object_list_size; i++) { if (key_data_list->object_list[i]) { key_data_free(key_data_list->object_list[i]); } } key_data_list->object_list_size = 0; key_data_list->object_list_first = 0; } if (key_data_list->object_list) { free(key_data_list->object_list); key_data_list->object_list = NULL; } if (!(key_data_list->result_list = db_object_read(key_data_list->dbo, NULL, clause_list)) || db_result_list_fetch_all(key_data_list->result_list)) { db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } db_clause_list_free(clause_list); if (key_data_list->associated_fetch && key_data_list_get_associated(key_data_list)) { return DB_ERROR_UNKNOWN; } return DB_OK; } key_data_list_t* key_data_list_new_get_by_zone_id(const db_connection_t* connection, const db_value_t* zone_id) { key_data_list_t* key_data_list; if (!connection) { return NULL; } if (!zone_id) { return NULL; } if (db_value_not_empty(zone_id)) { return NULL; } if (!(key_data_list = key_data_list_new(connection)) || key_data_list_get_by_zone_id(key_data_list, zone_id)) { key_data_list_free(key_data_list); return NULL; } return key_data_list; } const key_data_t* key_data_list_begin(key_data_list_t* key_data_list) { const db_result_t* result; if (!key_data_list) { return NULL; } if (key_data_list->object_store) { if (!key_data_list->object_list) { if (!key_data_list->result_list) { return NULL; } if (!db_result_list_size(key_data_list->result_list)) { return NULL; } if (!(key_data_list->object_list = (key_data_t**)calloc(db_result_list_size(key_data_list->result_list), sizeof(key_data_t*)))) { return NULL; } key_data_list->object_list_size = db_result_list_size(key_data_list->result_list); } if (!(key_data_list->object_list[0])) { if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_data_list->result_list))) { return NULL; } if (!(key_data_list->object_list[0] = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_from_result(key_data_list->object_list[0], result)) { return NULL; } } key_data_list->object_list_position = 0; return key_data_list->object_list[0]; } if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_data_list->result_list))) { return NULL; } if (!key_data_list->key_data) { if (!(key_data_list->key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } } if (key_data_from_result(key_data_list->key_data, result)) { return NULL; } return key_data_list->key_data; } key_data_t* key_data_list_get_begin(key_data_list_t* key_data_list) { const db_result_t* result; key_data_t* key_data; if (!key_data_list) { return NULL; } if (key_data_list->object_store) { if (!(key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_copy(key_data, key_data_list_begin(key_data_list))) { key_data_free(key_data); return NULL; } return key_data; } if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_begin(key_data_list->result_list))) { return NULL; } if (!(key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_from_result(key_data, result)) { key_data_free(key_data); return NULL; } return key_data; } const key_data_t* key_data_list_next(key_data_list_t* key_data_list) { const db_result_t* result; if (!key_data_list) { return NULL; } if (key_data_list->object_store) { if (!key_data_list->object_list) { if (!key_data_list->result_list) { return NULL; } if (!db_result_list_size(key_data_list->result_list)) { return NULL; } if (!(key_data_list->object_list = (key_data_t**)calloc(db_result_list_size(key_data_list->result_list), sizeof(key_data_t*)))) { return NULL; } key_data_list->object_list_size = db_result_list_size(key_data_list->result_list); key_data_list->object_list_position = 0; } else if (key_data_list->object_list_first) { key_data_list->object_list_first = 0; key_data_list->object_list_position = 0; } else { key_data_list->object_list_position++; } if (key_data_list->object_list_position >= key_data_list->object_list_size) { return NULL; } if (!(key_data_list->object_list[key_data_list->object_list_position])) { if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_data_list->result_list))) { return NULL; } if (!(key_data_list->object_list[key_data_list->object_list_position] = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_from_result(key_data_list->object_list[key_data_list->object_list_position], result)) { return NULL; } } return key_data_list->object_list[key_data_list->object_list_position]; } if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_data_list->result_list))) { return NULL; } if (!key_data_list->key_data) { if (!(key_data_list->key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } } if (key_data_from_result(key_data_list->key_data, result)) { return NULL; } return key_data_list->key_data; } key_data_t* key_data_list_get_next(key_data_list_t* key_data_list) { const db_result_t* result; key_data_t* key_data; if (!key_data_list) { return NULL; } if (key_data_list->object_store) { if (!(key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_copy(key_data, key_data_list_next(key_data_list))) { key_data_free(key_data); return NULL; } return key_data; } if (!key_data_list->result_list) { return NULL; } if (!(result = db_result_list_next(key_data_list->result_list))) { return NULL; } if (!(key_data = key_data_new(db_object_connection(key_data_list->dbo)))) { return NULL; } if (key_data_from_result(key_data, result)) { key_data_free(key_data); return NULL; } return key_data; } size_t key_data_list_size(key_data_list_t* key_data_list) { if (!key_data_list) { return 0; } if (key_data_list->object_store && key_data_list->object_list) { return key_data_list->object_list_size; } if (!key_data_list->result_list) { return 0; } return db_result_list_size(key_data_list->result_list); } int key_data_get_by_hsm_key_id(key_data_t * key_data, const db_value_t* hsm_key_id) { db_clause_list_t* clause_list; db_clause_t* clause; db_result_list_t* result_list; const db_result_t* result; if (!key_data) { return DB_ERROR_UNKNOWN; } if (!key_data->dbo) { return DB_ERROR_UNKNOWN; } if (!hsm_key_id) { return DB_ERROR_UNKNOWN; } if (!(clause_list = db_clause_list_new())) { return DB_ERROR_UNKNOWN; } if (!(clause = db_clause_new()) || db_clause_set_field(clause, "hsmKeyId") || db_clause_set_type(clause, DB_CLAUSE_EQUAL) || db_value_copy(db_clause_get_value(clause), hsm_key_id) || db_clause_list_add(clause_list, clause)) { db_clause_free(clause); db_clause_list_free(clause_list); return DB_ERROR_UNKNOWN; } result_list = db_object_read(key_data->dbo, NULL, clause_list); db_clause_list_free(clause_list); if (result_list) { result = db_result_list_next(result_list); if (result) { if (key_data_from_result(key_data, result)) { db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } db_result_list_free(result_list); return DB_OK; } } db_result_list_free(result_list); return DB_ERROR_UNKNOWN; } key_data_t* key_data_new_get_by_hsm_key_id(const db_connection_t* connection, const db_value_t * hsm_key_id) { key_data_t* key_data; if (!connection) { return NULL; } if (!hsm_key_id) { return NULL; } if (!(key_data = key_data_new(connection)) || key_data_get_by_hsm_key_id(key_data, hsm_key_id)) { key_data_free(key_data); return NULL; } return key_data; } opendnssec-2.1.5/enforcer/src/db/db_type.h0000644000202300020240000000550113560310771015350 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_type_h #define __db_type_h #include /** * A signed 32bit integer. */ typedef int32_t db_type_int32_t; /** * An unsigned 32bit integer. */ typedef uint32_t db_type_uint32_t; /** * A signed 64bit integer. */ typedef int64_t db_type_int64_t; /** * An unsigned 64bit integer. */ typedef uint64_t db_type_uint64_t; /** * The type of a database value. */ typedef enum { /** * No value, empty, not set. */ DB_TYPE_EMPTY, /** * This will make the value a primary key / ID that can be any type. */ DB_TYPE_PRIMARY_KEY, /** * A db_type_int32_t. */ DB_TYPE_INT32, /** * A db_type_uint32_t. */ DB_TYPE_UINT32, /** * A db_type_int64_t. */ DB_TYPE_INT64, /** * A db_type_uint64_t. */ DB_TYPE_UINT64, /** * A null terminated character string. */ DB_TYPE_TEXT, /** * A enumerate value that can be represented as an integer or string. */ DB_TYPE_ENUM, /** * This can be any type, primarily used for ID fields. */ DB_TYPE_ANY, /** * This is a special revision type that can be used to track revisions of * objects and only do changes against the current revision and in so will * fail if someone else has changed the object. The revision type can be * any type. */ DB_TYPE_REVISION } db_type_t; #endif opendnssec-2.1.5/enforcer/src/db/db_clause.h0000644000202300020240000001615513560310771015652 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __db_clause_h #define __db_clause_h /** * The clause operation to make on the value. */ typedef enum { /** * Empty, not set or unknown. */ DB_CLAUSE_UNKNOWN, /** * == */ DB_CLAUSE_EQUAL, /** * != */ DB_CLAUSE_NOT_EQUAL, /** * < */ DB_CLAUSE_LESS_THEN, /** * <= */ DB_CLAUSE_LESS_OR_EQUAL, /** * >= */ DB_CLAUSE_GREATER_OR_EQUAL, /** * > */ DB_CLAUSE_GREATER_THEN, /** * Is null. */ DB_CLAUSE_IS_NULL, /** * Is not null. */ DB_CLAUSE_IS_NOT_NULL, /** * This adds a nested clause as in wrapping the content with ( ). */ DB_CLAUSE_NESTED } db_clause_type_t; #define DB_CLAUSE_EQ DB_CLAUSE_EQUAL #define DB_CLAUSE_NE DB_CLAUSE_NOT_EQUAL #define DB_CLAUSE_LT DB_CLAUSE_LESS_THEN #define DB_CLAUSE_LE DB_CLAUSE_LESS_OR_EQUAL #define DB_CLAUSE_GE DB_CLAUSE_GREATER_OR_EQUAL #define DB_CLAUSE_GT DB_CLAUSE_GREATER_THEN /** * The operator to do between the previous clause and this one. */ typedef enum { /** * Empty, not set or unknown. */ DB_CLAUSE_OPERATOR_UNKNOWN, /** * || */ DB_CLAUSE_OPERATOR_AND, /** * && */ DB_CLAUSE_OPERATOR_OR } db_clause_operator_t; #define DB_CLAUSE_OP_AND DB_CLAUSE_OPERATOR_AND #define DB_CLAUSE_OP_OR DB_CLAUSE_OPERATOR_OR struct db_clause; struct db_clause_list; typedef struct db_clause db_clause_t; typedef struct db_clause_list db_clause_list_t; #include "db_value.h" /** * A database clause, describes the comparison of a database object field and a * value. */ struct db_clause { db_clause_t* next; char* table; char* field; db_clause_type_t type; db_value_t value; db_clause_operator_t clause_operator; db_clause_list_t* clause_list; }; /** * Create a new database clause. * \return a db_clause_t pointer or NULL on error. */ db_clause_t* db_clause_new(void); /** * Delete a database clause. * \param[in] clause a db_clause_t pointer. */ void db_clause_free(db_clause_t* clause); /** * Get the field name of a database clause. * \param[in] a db_clause_t pointer. * \return a character pointer or NULL on error or if no field name has been set. */ const char* db_clause_field(const db_clause_t* clause); /** * Get the database clause type of a database clause. * \param[in] a db_clause_t pointer. * \return a db_clause_type_t. */ db_clause_type_t db_clause_type(const db_clause_t* clause); /** * Get the database value of a database value. * \param[in] a db_clause_t pointer. * \return a db_value_t pointer or NULL on error. */ const db_value_t* db_clause_value(const db_clause_t* clause); /** * Get the database clause operator of a database clause. * \param[in] a db_clause_t pointer. * \return a db_clause_operator_t. */ db_clause_operator_t db_clause_operator(const db_clause_t* clause); /** * Get the database clause list of a database clause, this is used for nested * database clauses. * \param[in] a db_clause_t pointer. * \return a db_clause_list_t pointer or NULL on error or if no database clause * list has been set. */ const db_clause_list_t* db_clause_list(const db_clause_t* clause); /** * Set the field name of a database clause. * \param[in] a db_clause_t pointer. * \param[in] field a character pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_clause_set_field(db_clause_t* clause, const char* field); /** * Set the database clause type of a database clause. * \param[in] a db_clause_t pointer. * \param[in] type a db_clause_type_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_clause_set_type(db_clause_t* clause, db_clause_type_t type); /** * Set the database clause operator of a database clause. * \param[in] a db_clause_t pointer. * \param[in] clause_operator a db_clause_operator_t. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_clause_set_operator(db_clause_t* clause, db_clause_operator_t clause_operator); /** * Check if the database clause is not empty. * \param[in] a db_clause_t pointer. * \return DB_ERROR_* if empty, otherwise DB_OK. */ int db_clause_not_empty(const db_clause_t* clause); /** * Return the next database clause connected in a database clause list. * \param[in] a db_clause_t pointer. * \return a db_clause_t pointer or NULL on error or if there are no more * database clauses in the list. */ const db_clause_t* db_clause_next(const db_clause_t* clause); /** * Get the writable database value of a database clause. * \param[in] a db_clause_t pointer. * \return a db_value_t pointer or NULL on error. */ db_value_t* db_clause_get_value(db_clause_t* clause); /** * A list of database clauses. */ struct db_clause_list { db_clause_t* begin; db_clause_t* end; }; /** * Create a new database clause list. * \return a db_clause_list_t pointer or NULL on error. */ db_clause_list_t* db_clause_list_new(void); /** * Delete a database clause list and all database clauses in the list. * \param[in] clause_list a db_clause_list_t pointer. */ void db_clause_list_free(db_clause_list_t* clause_list); /** * Add a database clause to a database clause list, this takes over the * ownership of the database clause. * \param[in] clause_list a db_clause_list_t pointer. * \param[in] a db_clause_t pointer. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int db_clause_list_add(db_clause_list_t* clause_list, db_clause_t* clause); /** * Return the first database clause of a database clause list. * \param[in] clause_list a db_clause_list_t pointer. * \return a db_clause_t pointer or NULL on error or if the list is empty. */ const db_clause_t* db_clause_list_begin(const db_clause_list_t* clause_list); #endif opendnssec-2.1.5/enforcer/src/db/policy_key_ext.h0000644000202300020240000000414213560310771016751 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef __policy_key_ext_h #define __policy_key_ext_h #include #define POLICY_KEY_MINIMIZE_NONE 0 #define POLICY_KEY_MINIMIZE_RRSIG (1<<0) #define POLICY_KEY_MINIMIZE_DNSKEY (1<<1) #define POLICY_KEY_MINIMIZE_DS (1<<2) #define POLICY_KEY_MINIMIZE_DS_AND_RRSIG (POLICY_KEY_MINIMIZE_DS|POLICY_KEY_MINIMIZE_RRSIG) /** * Create a policy key object from XML. * \param[in] policy_key a policy_key_t object being created. * \param[in] key_node a xmlNodePtr to the XML for the policy key. * \return DB_ERROR_* on failure, otherwise DB_OK. */ int policy_key_create_from_xml(policy_key_t* policy_key, xmlNodePtr key_node); #endif opendnssec-2.1.5/enforcer/src/signconf/0000755000202300020240000000000013560311327015047 500000000000000opendnssec-2.1.5/enforcer/src/signconf/signconf_task.c0000644000202300020240000001036413560311035017763 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "signconf/signconf_xml.h" #include "duration.h" #include "log.h" #include "file.h" #include "signconf/signconf_task.h" static const char *module_str = "signconf_cmd"; static time_t perform(task_type* task, char const *zonename, void *userdata, void *context) { (void)userdata; int ret; char cmd[SYSTEM_MAXLEN]; db_connection_t* dbconn = (db_connection_t*) context; ods_log_info("[%s] performing signconf for zone %s", module_str, zonename); /* exports all that have "needswriting set */ ret = signconf_export_zone(zonename, dbconn); if (ret == SIGNCONF_EXPORT_NO_CHANGE) { ods_log_info("[%s] signconf done, no change", module_str); return schedule_SUCCESS; } if (ret != SIGNCONF_EXPORT_OK) { ods_log_error("[%s] signconf failed", module_str); /* YBS reschedule backoff? */ return schedule_SUCCESS; } ods_log_info("[%s] signconf done for zone %s, notifying signer", module_str, zonename); /* TODO: do this better, connect directly or use execve() */ if (snprintf(cmd, sizeof(cmd), "%s %s", SIGNER_CLI_UPDATE, zonename) >= (int)sizeof(cmd) || system(cmd)) { ods_log_error("[%s] unable to notify signer of signconf changes for zone %s!", module_str, zonename); } return schedule_SUCCESS; } void signconf_task_flush_zone(engine_type *engine, db_connection_t *dbconn, const char* zonename) { task_type* task = task_create(strdup(zonename), TASK_CLASS_ENFORCER, TASK_TYPE_SIGNCONF, perform, NULL, NULL, time_now()); (void) schedule_task(engine->taskq, task, 1, 0); } void signconf_task_flush_policy(engine_type *engine, db_connection_t *dbconn, policy_t const *policy) { zone_db_t const *zone; zone_list_db_t *zonelist; ods_log_assert(policy); zonelist = zone_list_db_new_get_by_policy_id(dbconn, policy_id(policy)); if (!zonelist) { ods_log_error("[%s] Can't fetch zones for policy %s from database", module_str, policy_name(policy)); return; } while ((zone = zone_list_db_next(zonelist))) { signconf_task_flush_zone(engine, dbconn, zone_db_name(zone)); } zone_list_db_free(zonelist); } void signconf_task_flush_all(engine_type *engine, db_connection_t *dbconn) { zone_list_db_t *zonelist; zone_db_t const *zone; zonelist = zone_list_db_new(dbconn); if (!zonelist) { ods_log_error("[%s] Can't fetch zones from database", module_str); return; } if (zone_list_db_get(zonelist)) { /* fetch all */ ods_log_error("[%s] Can't fetch zones from database", module_str); zone_list_db_free(zonelist); return; } while ((zone = zone_list_db_next(zonelist))) { signconf_task_flush_zone(engine, dbconn, zone_db_name(zone)); } zone_list_db_free(zonelist); } opendnssec-2.1.5/enforcer/src/signconf/signconf_cmd.h0000644000202300020240000000305413560310771017575 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _SIGNCONF_SIGNCONF_CMD_H_ #define _SIGNCONF_SIGNCONF_CMD_H_ struct cmd_func_block signconf_funcblock; #endif /* _SIGNCONF_SIGNCONF_CMD_H_ */ opendnssec-2.1.5/enforcer/src/signconf/signconf_task.h0000644000202300020240000000347213560311035017772 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _SIGNCONF_SIGNCONF_TASK_H_ #define _SIGNCONF_SIGNCONF_TASK_H_ #include "db/db_connection.h" #include "db/policy.h" void signconf_task_flush_zone(engine_type *engine, db_connection_t *dbconn, const char* zonename); void signconf_task_flush_policy(engine_type *engine, db_connection_t *dbconn, policy_t const *policy); void signconf_task_flush_all(engine_type *engine, db_connection_t *dbconn); #endif opendnssec-2.1.5/enforcer/src/signconf/signconf_cmd.c0000644000202300020240000000447413560311035017571 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "daemon/engine.h" #include "signconf/signconf_task.h" #include "file.h" #include "log.h" #include "str.h" #include "clientpipe.h" #include "signconf/signconf_cmd.h" static const char *module_str = "signconf_cmd"; static void usage(int sockfd) { client_printf(sockfd, "signconf\n" ); } static void help(int sockfd) { client_printf(sockfd, "Force write of signer configuration files for all zones.\n\n" ); } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { db_connection_t* dbconn = getconnectioncontext(context); engine_type* engine = getglobalcontext(context); (void)cmd; ods_log_debug("[%s] %s command", module_str, signconf_funcblock.cmdname); signconf_task_flush_all(engine, dbconn); return 0; } struct cmd_func_block signconf_funcblock = { "signconf", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/signconf/signconf_xml.c0000644000202300020240000004236013560311035017622 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "log.h" #include "str.h" #include "clientpipe.h" #include "duration.h" #include "db/key_data.h" #include "db/hsm_key.h" #include "utils/kc_helper.h" #include "signconf/signconf_xml.h" #include #include #include #include /** * Export the signconf XML for the given zone that uses the given policy. * \param[in] sockfd a socket fd. * \param[in] policy a policy_t pointer. * \param[in] zone a zone_db_t pointer. * \param[in] force if non-zero it will force the export for all zones even if * there are no updates for the zones. * \return SIGNCONF_EXPORT_ERR_* on error, otherwise SIGNCONF_EXPORT_OK or * SIGNCONF_EXPORT_NO_CHANGE. */ static int signconf_xml_export(int sockfd, const policy_t* policy, zone_db_t* zone, int force); int signconf_export_zone(char const *zonename, db_connection_t* dbconn) { zone_db_t* zone; int ret; policy_t* policy; zone = zone_db_new_get_by_name(dbconn, zonename); if (!zone) { ods_log_error("[signconf_export] Unable to fetch zone %s from" " database", zonename); return SIGNCONF_EXPORT_ERR_DATABASE; } policy = zone_db_get_policy(zone); if (!policy) { ods_log_error("[signconf_export] Unable to fetch policy for zone" " %s from database", zonename); zone_db_free(zone); return SIGNCONF_EXPORT_ERR_DATABASE; } /* We always force. Since now it is scheduled per zone */ ret = signconf_xml_export(-1, policy, zone, 1); policy_free(policy); zone_db_free(zone); return ret; } int signconf_export_all(int sockfd, const db_connection_t* connection, int force) { zone_list_db_t* zone_list; zone_db_t* zone; int ret; policy_t *policy = NULL; int cmp; int change = 0; if (!connection) { return SIGNCONF_EXPORT_ERR_ARGS; } if (!(zone_list = zone_list_db_new(connection)) || zone_list_db_get(zone_list)) { if (zone_list) { zone_list_db_free(zone_list); return SIGNCONF_EXPORT_ERR_DATABASE; } return SIGNCONF_EXPORT_ERR_MEMORY; } for (zone = zone_list_db_get_next(zone_list); zone; zone = zone_list_db_get_next(zone_list)) { if (policy) { /* * If we already have a policy object; If policy_id compare fails * or if they are not the same, free the policy object so we will * later retrieve the correct policy */ if (db_value_cmp(policy_id(policy), zone_db_policy_id(zone), &cmp) || cmp) { policy_free(policy); policy = NULL; } } if (!policy) { if (!(policy = zone_db_get_policy(zone))) { zone_db_free(zone); zone_list_db_free(zone_list); return SIGNCONF_EXPORT_ERR_DATABASE; } } ret = signconf_xml_export(sockfd, policy, zone, force); if (ret == SIGNCONF_EXPORT_OK) { change = 1; } else if (ret != SIGNCONF_EXPORT_NO_CHANGE) { zone_db_free(zone); zone_list_db_free(zone_list); return ret; } zone_db_free(zone); } policy_free(policy); zone_list_db_free(zone_list); if (change) { return SIGNCONF_EXPORT_OK; } return SIGNCONF_EXPORT_NO_CHANGE; } static int __free(char **p) { if (!p || !*p) { return 1; } free(*p); *p = NULL; return 0; } static int signconf_xml_export(int sockfd, const policy_t* policy, zone_db_t* zone, int force) { char path[PATH_MAX]; xmlDocPtr doc; xmlNodePtr root; xmlNodePtr node; xmlNodePtr node2; xmlNodePtr node3; xmlNodePtr node4; xmlNodePtr node5; xmlNodePtr keys; duration_type* duration; char* duration_text = NULL; char text[1024]; key_data_list_t* key_data_list; const key_data_t* key_data; hsm_key_t* hsm_key; int error; if (!policy) { return SIGNCONF_EXPORT_ERR_ARGS; } if (!zone) { return SIGNCONF_EXPORT_ERR_ARGS; } if (!force && !zone_db_signconf_needs_writing(zone)) { return SIGNCONF_EXPORT_NO_CHANGE; } if (snprintf(path, sizeof(path), "%s.new", zone_db_signconf_path(zone)) >= (int)sizeof(path)) { ods_log_error("[signconf_export] Unable to write updated XML for zone %s, path to long!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to write updated XML for zone %s, path to long!\n", zone_db_name(zone)); return SIGNCONF_EXPORT_ERR_MEMORY; } if (!(duration = duration_create())) { ods_log_error("[signconf_export] Unable to process signconf for zone %s, memory allocation error!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to process signconf for zone %s, memory allocation error!\n", zone_db_name(zone)); return SIGNCONF_EXPORT_ERR_MEMORY; } if (!(doc = xmlNewDoc((xmlChar*)"1.0")) || !(root = xmlNewNode(NULL, (xmlChar*)"SignerConfiguration")) || !(node = xmlNewChild(root, NULL, (xmlChar*)"Zone", NULL))) { ods_log_error("[signconf_export] Unable to create XML elements for zone %s, memory allocation error!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to create XML elements for zone %s, memory allocation error!\n", zone_db_name(zone)); if (doc) { xmlFreeDoc(doc); } duration_cleanup(duration); return SIGNCONF_EXPORT_ERR_MEMORY; } xmlDocSetRootElement(doc, root); error = 1; if (!xmlNewProp(node, (xmlChar*)"name", (xmlChar*)zone_db_name(zone)) || !(error = 26) || (policy_passthrough(policy) && !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Passthrough", NULL))) || !(error = 2) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Signatures", NULL)) || !(error = 3) || duration_set_time(duration, policy_signatures_resign(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Resign", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 4) || duration_set_time(duration, policy_signatures_refresh(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Refresh", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 5) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Validity", NULL)) || !(error = 6) || duration_set_time(duration, policy_signatures_validity_default(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Default", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 7) || duration_set_time(duration, policy_signatures_validity_denial(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Denial", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 8) || (policy_signatures_validity_keyset(policy) > 0 ? duration_set_time(duration, policy_signatures_validity_keyset(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Keyset", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 100) : 0) || duration_set_time(duration, policy_signatures_jitter(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Jitter", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 9) || duration_set_time(duration, policy_signatures_inception_offset(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"InceptionOffset", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 10) || (policy_signatures_max_zone_ttl(policy) && (duration_set_time(duration, policy_signatures_max_zone_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"MaxZoneTTL", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 11) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Denial", NULL)) || !(error = 12) || (policy_denial_type(policy) == POLICY_DENIAL_TYPE_NSEC && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"NSEC", NULL))) || !(error = 13) || (policy_denial_type(policy) == POLICY_DENIAL_TYPE_NSEC3 && (!(node3 = xmlNewChild(node2, NULL, (xmlChar*)"NSEC3", NULL)) || !(error = 14) || (policy_denial_ttl(policy) && (duration_set_time(duration, policy_denial_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 15) || (policy_denial_optout(policy) && !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"OptOut", NULL))) || !(error = 16) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Hash", NULL)) || !(error = 17) || snprintf(text, sizeof(text), "%u", policy_denial_algorithm(policy)) >= (int)sizeof(text) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 18) || snprintf(text, sizeof(text), "%u", policy_denial_iterations(policy)) >= (int)sizeof(text) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Iterations", (xmlChar*)text)) || !(error = 19) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Salt", (xmlChar*)policy_denial_salt(policy))))) || !(error = 20) || !(keys = xmlNewChild(node, NULL, (xmlChar*)"Keys", NULL)) || !(error = 21) || duration_set_time(duration, policy_keys_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 22) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"SOA", NULL)) || !(error = 23) || duration_set_time(duration, policy_zone_soa_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 24) || duration_set_time(duration, policy_zone_soa_minimum(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Minimum", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 25) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Serial", (xmlChar*)policy_zone_soa_serial_text(policy))) ) { ods_log_error("[signconf_export] Unable to create XML elements for zone %s! [%d]", zone_db_name(zone), error); if (sockfd > -1) client_printf_err(sockfd, "Unable to create XML elements for zone %s!\n", zone_db_name(zone)); __free(&duration_text); duration_cleanup(duration); xmlFreeDoc(doc); return SIGNCONF_EXPORT_ERR_XML; } __free(&duration_text); duration_cleanup(duration); if (!(key_data_list = zone_db_get_keys(zone))) { ods_log_error("[signconf_export] Unable to get keys for zone %s!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to get keys for zone %s!\n", zone_db_name(zone)); xmlFreeDoc(doc); return SIGNCONF_EXPORT_ERR_DATABASE; } for (key_data = key_data_list_next(key_data_list); key_data; key_data = key_data_list_next(key_data_list)) { if (!(hsm_key = key_data_get_hsm_key(key_data))) { ods_log_error("[signconf_export] Unable to get HSM key from database for zone %s!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to get HSM key from database for zone %s!\n", zone_db_name(zone)); key_data_list_free(key_data_list); xmlFreeDoc(doc); return SIGNCONF_EXPORT_ERR_DATABASE; } error = 100; if (!(node2 = xmlNewChild(keys, NULL, (xmlChar*)"Key", NULL)) || !(error = 101) || (key_data_role(key_data) == KEY_DATA_ROLE_ZSK && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Flags", (xmlChar*)"256"))) || !(error = 102) || (key_data_role(key_data) != KEY_DATA_ROLE_ZSK && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Flags", (xmlChar*)"257"))) || !(error = 103) || snprintf(text, sizeof(text), "%u", key_data_algorithm(key_data)) >= (int)sizeof(text) || !(error = 104) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 105) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Locator",(xmlChar*)hsm_key_locator(hsm_key))) || !(error = 106) || (key_data_active_ksk(key_data) && (key_data_role(key_data) == KEY_DATA_ROLE_KSK || key_data_role(key_data) == KEY_DATA_ROLE_CSK) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"KSK", NULL))) || !(error = 107) || (key_data_active_zsk(key_data) && (key_data_role(key_data) == KEY_DATA_ROLE_ZSK || key_data_role(key_data) == KEY_DATA_ROLE_CSK) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ZSK", NULL))) || !(error = 108) || (key_data_publish(key_data) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Publish", NULL))) /* TODO: * What about ? */ ) { ods_log_error("[signconf_export] Unable to create key XML elements for zone %s! [%d]", zone_db_name(zone), error); if (sockfd > -1) client_printf_err(sockfd, "Unable to create key XML elements for zone %s!\n", zone_db_name(zone)); hsm_key_free(hsm_key); key_data_list_free(key_data_list); xmlFreeDoc(doc); return SIGNCONF_EXPORT_ERR_XML; } hsm_key_free(hsm_key); } key_data_list_free(key_data_list); unlink(path); if (xmlSaveFormatFileEnc(path, doc, "UTF-8", 1) == -1) { ods_log_error("[signconf_export] Unable to write signconf for zone %s, LibXML error!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to write signconf for zone %s, LibXML error!\n", zone_db_name(zone)); xmlFreeDoc(doc); return SIGNCONF_EXPORT_ERR_FILE; } xmlFreeDoc(doc); if (check_rng(path, OPENDNSSEC_SCHEMA_DIR "/signconf.rng", 0)) { ods_log_error("[signconf_export] Unable to validate the exported signconf XML for zone %s!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to validate the exported signconf XML for zone %s!\n", zone_db_name(zone)); return SIGNCONF_EXPORT_ERR_XML; } if (rename(path, zone_db_signconf_path(zone))) { ods_log_error("[signconf_export] Unable to write signconf for zone %s, rename failed!", zone_db_name(zone)); if (sockfd > -1) client_printf_err(sockfd, "Unable to write signconf for zone %s, rename failed!\n", zone_db_name(zone)); unlink(path); return SIGNCONF_EXPORT_ERR_FILE; } zone_db_set_signconf_needs_writing(zone, 0); zone_db_update(zone); return SIGNCONF_EXPORT_OK; } opendnssec-2.1.5/enforcer/src/signconf/signconf_xml.h0000644000202300020240000000713313560311035017626 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef SIGNCONF_SIGNCONF_XML_H_ #define SIGNCONF_SIGNCONF_XML_H_ #include "daemon/engine.h" #include "db/db_connection.h" #include "db/zone_db.h" #include "db/policy.h" /** * Indicates a successful signconf export. */ #define SIGNCONF_EXPORT_OK 0 /** * Indicates an error with the arguments provided to signconf_export*(). */ #define SIGNCONF_EXPORT_ERR_ARGS 1 /** * Indicates an error with the signconf XML like parsing, validating or content. */ #define SIGNCONF_EXPORT_ERR_XML 2 /** * Indicates an error with the database like reading, updating or creating. */ #define SIGNCONF_EXPORT_ERR_DATABASE 3 /** * Indicates a memory allocation error or generic internal error. */ #define SIGNCONF_EXPORT_ERR_MEMORY 4 /** * Indicates an error when handing files. */ #define SIGNCONF_EXPORT_ERR_FILE 5 /** * Indicates that the operation was successful but no changes where made. */ #define SIGNCONF_EXPORT_NO_CHANGE 6 /** * Export the signconf XML for all zones. * \param[in] sockfd a socket fd. * \param[in] connection a db_connection_t pointer. * \param[in] force if non-zero it will force the export for all zones even if * there are no updates for the zones. * \return SIGNCONF_EXPORT_ERR_* on error, otherwise SIGNCONF_EXPORT_OK or * SIGNCONF_EXPORT_NO_CHANGE. */ int signconf_export_all(int sockfd, const db_connection_t* connection, int force); /** * Export the signconf XML for zone. * \param[in] zonename Name of zone to write signconf for. * \param[in] dbconn a db_connection_t pointer. * \return SIGNCONF_EXPORT_ERR_* on error, otherwise SIGNCONF_EXPORT_OK or * SIGNCONF_EXPORT_NO_CHANGE. */ int signconf_export_zone(char const *zonename, db_connection_t* dbconn); /** * Export the signconf XML for all zones that uses a specified policy. * \param[in] sockfd a socket fd. * \param[in] connection a db_connection_t pointer. * \param[in] policy a policy_t pointer. * \param[in] force if non-zero it will force the export for all zones even if * there are no updates for the zones. * \return SIGNCONF_EXPORT_ERR_* on error, otherwise SIGNCONF_EXPORT_OK or * SIGNCONF_EXPORT_NO_CHANGE. */ int signconf_export_policy(int sockfd, const db_connection_t* connection, const policy_t* policy, int force); #endif /* SIGNCONF_SIGNCONF_H_ */ opendnssec-2.1.5/enforcer/src/ods-enforcer-db-setup.c0000644000202300020240000001716213560311035017437 00000000000000/* * Copyright (c) 2014 Jerry Lundström * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /** * OpenDNSSEC enforcer database setup tool. */ #include "config.h" #include #include #include #include "daemon/engine.h" #include "log.h" #if defined(ENFORCER_DATABASE_SQLITE3) #include #include "db/db_schema_sqlite.h" #include "db/db_data_sqlite.h" static const char** create = db_schema_sqlite_create; static const char** drop = db_schema_sqlite_drop; static const char** data = db_data_sqlite; static sqlite3* db = NULL; #elif defined(ENFORCER_DATABASE_MYSQL) #include #include "db/db_schema_mysql.h" #include "db/db_data_mysql.h" static const char** create = db_schema_mysql_create; static const char** drop = db_schema_mysql_drop; static const char** data = db_data_mysql; static MYSQL* db = NULL; #endif #define AUTHOR_NAME "Jerry Lundström" #define COPYRIGHT_STR "Copyright (c) 2014 .SE (The Internet Infrastructure Foundation) OpenDNSSEC" static void usage(FILE* out) { fprintf(out, "\nBSD licensed, see LICENSE in source package for details.\n" "Version %s. Report bugs to <%s>.\n", PACKAGE_VERSION, PACKAGE_BUGREPORT); fprintf(out, "--help, -h: Print usage.\n"); fprintf(out, "--version, -V: Print version.\n"); fprintf(out, "--force, -f: Yes to all questions.\n"); } static void version(FILE* out) { fprintf(out, "Database setup tool for %s version %s\n" "Written by %s.\n\n" "%s. This is free software.\n" "See source files for more license information\n", PACKAGE_NAME, PACKAGE_VERSION, AUTHOR_NAME, COPYRIGHT_STR); exit(0); } static int connect_db(engineconfig_type* cfg) { #if defined(ENFORCER_DATABASE_SQLITE3) if (!cfg->datastore) { return -1; } if (db) { return -1; } if (sqlite3_initialize() != SQLITE_OK) { return -1; } if (sqlite3_open_v2(cfg->datastore, &db, SQLITE_OPEN_READWRITE | SQLITE_OPEN_FULLMUTEX | SQLITE_OPEN_CREATE, NULL) != SQLITE_OK) { return -1; } return 0; #elif defined(ENFORCER_DATABASE_MYSQL) if (!cfg->datastore) { return -1; } if (db) { return -1; } if (mysql_library_init(0, NULL, NULL)) { return -1; } if (!(db = mysql_init(NULL)) || !mysql_real_connect(db, cfg->db_host, cfg->db_username, cfg->db_password, cfg->datastore, cfg->db_port, NULL, 0)) { if (db) { mysql_close(db); db = NULL; } return -1; } return 0; #else return -1; #endif } static int disconnect_db() { #if defined(ENFORCER_DATABASE_SQLITE3) if (db) { sqlite3_close(db); db = NULL; } sqlite3_shutdown(); return 0; #elif defined(ENFORCER_DATABASE_MYSQL) if (db) { mysql_close(db); db = NULL; } mysql_library_end(); return 0; #else return -1; #endif } static int db_do(const char *sql, size_t size) { #if defined(ENFORCER_DATABASE_SQLITE3) sqlite3_stmt* stmt = NULL; if (!db) { return -1; } if (!sql) { return -1; } if (sqlite3_prepare_v2(db, sql, size, &stmt, NULL) != SQLITE_OK || sqlite3_step(stmt) != SQLITE_DONE) { if (stmt) { sqlite3_finalize(stmt); } return -1; } sqlite3_finalize(stmt); return 0; #elif defined(ENFORCER_DATABASE_MYSQL) if (!db) { return -1; } if (!sql) { return -1; } if (mysql_real_query(db, sql, size)) { return -1; } return 0; #else return -1; #endif } static int db_do2(const char** strs) { char sql[4096]; char *sqlp; int ret, left, i; for (i = 0; strs[i]; i++) { left = sizeof(sql); sqlp = sql; for (; strs[i]; i++) { if ((ret = snprintf(sqlp, left, "%s", strs[i])) >= left) { return -1; } sqlp += ret; left -= ret; } if (db_do(sql, sizeof(sql) - left)) { return -1; } } return 0; } int main(int argc, char* argv[]) { int c, options_index = 0; static struct option long_options[] = { {"help", no_argument, 0, 'h'}, {"version", no_argument, 0, 'V'}, {"force", no_argument, 0, 'f'}, { 0, 0, 0, 0} }; int user_certain; int force = 0; engineconfig_type* cfg; const char* cfgfile = ODS_SE_CFGFILE; ods_log_init("ods-enforcerd", 0, NULL, 0); while ((c=getopt_long(argc, argv, "hVf", long_options, &options_index)) != -1) { switch (c) { case 'h': usage(stdout); exit(0); case 'V': version(stdout); exit(0); case 'f': force = 1; break; default: exit(100); } } if (!force) { printf("*WARNING* This will erase all data in the database; " "are you sure? [y/N] "); user_certain = getchar(); if (user_certain != 'y' && user_certain != 'Y') { printf("Okay, quitting...\n"); return 0; } } cfg = engine_config(cfgfile, 0, NULL); if (engine_config_check(cfg) != ODS_STATUS_OK) { engine_config_cleanup(cfg); fprintf(stderr, "Error: unable to load configuration!\n"); return 1; } if (connect_db(cfg)) { engine_config_cleanup(cfg); fprintf(stderr, "Error: unable to connect to database!\n"); return 2; } /* * Drop existing schema. */ if (db_do2(drop)) { fprintf(stderr, "Error: unable to drop existing schema!\n"); disconnect_db(); return 3; } /* * Create new schema. */ if (db_do2(create)) { fprintf(stderr, "Error: unable to create schema!\n"); disconnect_db(); return 4; } /* * Insert initial data. */ if (db_do2(data)) { fprintf(stderr, "Error: unable to insert initial data!\n"); disconnect_db(); return 5; } engine_config_cleanup(cfg); printf("Database setup successfully.\n"); return 0; } opendnssec-2.1.5/enforcer/src/policy/0000755000202300020240000000000013560311327014540 500000000000000opendnssec-2.1.5/enforcer/src/policy/policy_resalt_task.c0000644000202300020240000001333113560311035020514 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * Copyright (c) 2014 NLnet Labs * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" /* On MacOSX arc4random is only available when we undef _ANSI_SOURCE and define _DARWIN_C_SOURCE. */ #ifdef __APPLE__ #undef _ANSI_SOURCE #define _DARWIN_C_SOURCE 1 #endif /* Make arc4random visible on FreeBSD */ #ifndef __BSD_VISIBLE #define __BSD_VISIBLE 1 #endif #include "duration.h" #include "file.h" #include "log.h" #include "str.h" #include "scheduler/task.h" #include "daemon/engine.h" #include "db/policy.h" #include #include "policy/policy_resalt_task.h" #include "signconf/signconf_task.h" static const char *module_str = "policy_resalt_task"; static const time_t TIME_INF = ((time_t)-1); /** * Generate salt of len bytes, make sure prng is seeded. * arc4random needs no seed. * \param buf, buffer at least len bytes wide * \param len, len of bytes of entropy to store in buf */ static void generate_salt(char *buf, int len) { #ifdef HAVE_ARC4RANDOM arc4random_buf(buf, len); #else int i; /* Not really sure how many bits we get, but pseudo randomness * is cheap. */ for (i = 0; i < len; i++) buf[i] = rand() & 0xFF; #endif } /** * convert buf to hexstring * \param buf, input * \param len, lenght of buf * \param[out] out, resulting hex string must be at least 2*len+1 lenght */ static void to_hex(const char *buf, int len, char *out) { const char *h = "0123456789abcdef"; int i; for (i = 0; i < len; i++) { out[2*i] = h[(buf[i]>>4) & 0x0F]; out[2*i+1] = h[buf[i] & 0x0F]; } out[2*len] = 0; } /** * Generate new salt for specified policy. Schedules signconf task * when done. */ static time_t perform_policy_resalt(task_type* task, char const *policyname, void *userdata, void *context) { policy_t *policy; db_connection_t *dbconn = (db_connection_t *) context; time_t resalt_time, now = time_now(); char salt[255], salthex[511]; int saltlength; engine_type *engine = (engine_type *)userdata; policy = policy_new_get_by_name(dbconn, policyname); if (!policy) { ods_log_error("[%s] could not fetch policy %s from database," " rescheduling", module_str, policyname); /* TODO: figure out if it was a database error. if it is truly * not in database we should just return schedule_SUCCESS */ return schedule_DEFER; } if (policy_denial_type(policy) != POLICY_DENIAL_TYPE_NSEC3 || policy_passthrough(policy)) { policy_free(policy); return schedule_SUCCESS; } resalt_time = policy_denial_salt_last_change(policy) + policy_denial_resalt(policy); if (now >= resalt_time) { saltlength = policy_denial_salt_length(policy); if (saltlength <= 0 || saltlength > 255) { ods_log_error("[%s] policy %s has an invalid salt length. " "Must be in range [0..255]", module_str, policy_name(policy)); policy_free(policy); return schedule_SUCCESS; /* no point in rescheduling */ } #ifndef HAVE_ARC4RANDOM srand(now); #endif /* Yes, we need to resalt this policy */ generate_salt(salt, saltlength); to_hex(salt, saltlength, salthex); if(policy_set_denial_salt(policy, salthex) || policy_set_denial_salt_last_change(policy, now) || policy_update(policy)) { ods_log_error("[%s] db error", module_str); policy_free(policy); return schedule_DEFER; } resalt_time = now + policy_denial_resalt(policy); ods_log_debug("[%s] policy %s resalted successfully", module_str, policy_name(policy)); signconf_task_flush_policy(engine, dbconn, policy); } if (policy_denial_resalt(policy) <= 0) resalt_time = -1; policy_free(policy); return resalt_time; } static task_type * policy_resalt_task(char const *owner, engine_type *engine) { return task_create(strdup(owner), TASK_CLASS_ENFORCER, TASK_TYPE_RESALT, perform_policy_resalt, engine, NULL, time_now()); } /* * Schedule resalt tasks for all policies. * */ int flush_resalt_task_all(engine_type *engine, db_connection_t *dbconn) { policy_list_t *policylist; const policy_t *policy; task_type *task; int status = ODS_STATUS_OK; policylist = policy_list_new(dbconn); if (policy_list_get(policylist)) { ods_log_error("[%s] Unable to get list of policies from database", module_str); policy_list_free(policylist); return ODS_STATUS_ERR; } while ((policy = policy_list_next(policylist))) { task = policy_resalt_task(policy_name(policy), engine); status |= schedule_task(engine->taskq, task, 1, 0); } policy_list_free(policylist); return status; } opendnssec-2.1.5/enforcer/src/policy/policy_export_cmd.h0000644000202300020240000000307213560310771020360 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_EXPORT_CMD_H_ #define _POLICY_POLICY_EXPORT_CMD_H_ struct cmd_func_block policy_export_funcblock; #endif /* _POLICY_POLICY_EXPORT_CMD_H_ */ opendnssec-2.1.5/enforcer/src/policy/policy_export.c0000644000202300020240000006764413560311035017541 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "log.h" #include "str.h" #include "clientpipe.h" #include "duration.h" #include "db/policy_key.h" #include "utils/kc_helper.h" #include "policy/policy_export.h" #include #include #include #include #include #include #include #define POLICY_EXPORT_MAX_LENGHT 1000 static int __free(char **p) { if (!p || !*p) { return 1; } free(*p); *p = NULL; return 0; } static int __policy_export(int sockfd, const policy_t* policy, xmlNodePtr root) { xmlNodePtr node; xmlNodePtr node2; xmlNodePtr node3; xmlNodePtr node4; xmlNodePtr node5; xmlNodePtr keys; int error; duration_type* duration; char* duration_text = NULL; char text[1024]; policy_key_list_t* policy_key_list; const policy_key_t* policy_key; if (!(duration = duration_create())) { client_printf_err(sockfd, "Unable to export KASP XML, memory allocation error!\n"); return POLICY_EXPORT_ERR_MEMORY; } error = 1; if (!(node = xmlNewChild(root, NULL, (xmlChar*)"Policy", NULL)) || !(error = 2) || !xmlNewProp(node, (xmlChar*)"name", (xmlChar*)policy_name(policy)) || !(error = 3) || !xmlNewChild(node, NULL, (xmlChar*)"Description", (xmlChar*)policy_description(policy)) || !(error = 4) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Signatures", NULL)) || !(error = 5) || duration_set_time(duration, policy_signatures_resign(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Resign", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 6) || duration_set_time(duration, policy_signatures_refresh(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Refresh", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 7) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Validity", NULL)) || !(error = 8) || duration_set_time(duration, policy_signatures_validity_default(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Default", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 9) || duration_set_time(duration, policy_signatures_validity_denial(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Denial", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 10) || !( policy_signatures_validity_keyset(policy) == 0 || !(duration_set_time(duration, policy_signatures_validity_keyset(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Keyset", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 10))) || duration_set_time(duration, policy_signatures_jitter(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Jitter", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 11) || duration_set_time(duration, policy_signatures_inception_offset(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"InceptionOffset", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 12) || (duration_set_time(duration, policy_signatures_max_zone_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"MaxZoneTTL", (xmlChar*)duration_text)) || __free(&duration_text)) || !(error = 13) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Denial", NULL)) || !(error = 14) || (policy_denial_type(policy) == POLICY_DENIAL_TYPE_NSEC && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"NSEC", NULL))) || !(error = 15) || (policy_denial_type(policy) == POLICY_DENIAL_TYPE_NSEC3 && (!(node3 = xmlNewChild(node2, NULL, (xmlChar*)"NSEC3", NULL)) || !(error = 16) || (policy_denial_ttl(policy) && (duration_set_time(duration, policy_denial_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 17) || (policy_denial_optout(policy) && !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"OptOut", NULL))) || !(error = 18) || (policy_denial_resalt(policy) && (duration_set_time(duration, policy_denial_resalt(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Resalt", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 19) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Hash", NULL)) || !(error = 20) || snprintf(text, sizeof(text), "%u", policy_denial_algorithm(policy)) >= (int)sizeof(text) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 21) || snprintf(text, sizeof(text), "%u", policy_denial_iterations(policy)) >= (int)sizeof(text) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Iterations", (xmlChar*)text)) || !(error = 22) || !(node5 = xmlNewChild(node4, NULL, (xmlChar*)"Salt", NULL)) || !(error = 23) || snprintf(text, sizeof(text), "%u", policy_denial_salt_length(policy)) >= (int)sizeof(text) || !xmlNewProp(node5, (xmlChar*)"length", (xmlChar*)text))) || !(error = 24) || !(keys = xmlNewChild(node, NULL, (xmlChar*)"Keys", NULL)) || !(error = 25) || duration_set_time(duration, policy_keys_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 26) || duration_set_time(duration, policy_keys_retire_safety(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"RetireSafety", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 27) || duration_set_time(duration, policy_keys_publish_safety(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"PublishSafety", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 28) || (policy_keys_shared(policy) && !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"ShareKeys", NULL))) || !(error = 29) || (policy_keys_purge_after(policy) && (duration_set_time(duration, policy_keys_purge_after(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(keys, NULL, (xmlChar*)"Purge", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 30) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Zone", NULL)) || !(error = 31) || duration_set_time(duration, policy_zone_propagation_delay(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"PropagationDelay", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 32) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"SOA", NULL)) || !(error = 33) || duration_set_time(duration, policy_zone_soa_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 34) || duration_set_time(duration, policy_zone_soa_minimum(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Minimum", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 35) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Serial", (xmlChar*)policy_zone_soa_serial_text(policy))) || !(error = 36) || !(node2 = xmlNewChild(node, NULL, (xmlChar*)"Parent", NULL)) || !(error = 37) || (policy_parent_registration_delay(policy) && (duration_set_time(duration, policy_parent_registration_delay(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"RegistrationDelay", (xmlChar*)duration_text)) || __free(&duration_text))) || !(error = 38) || duration_set_time(duration, policy_parent_propagation_delay(policy)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"PropagationDelay", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 39) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"DS", NULL)) || !(error = 40) || duration_set_time(duration, policy_parent_ds_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 41) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"SOA", NULL)) || !(error = 42) || duration_set_time(duration, policy_parent_soa_ttl(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"TTL", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 43) || duration_set_time(duration, policy_parent_soa_minimum(policy)) || !(duration_text = duration2string(duration)) || !(node4 = xmlNewChild(node3, NULL, (xmlChar*)"Minimum", (xmlChar*)duration_text)) || __free(&duration_text) ) { client_printf_err(sockfd, "Unable to create XML elements, error code %d!\n", error); __free(&duration_text); duration_cleanup(duration); return POLICY_EXPORT_ERR_XML; } __free(&duration_text); if (!(policy_key_list = policy_get_policy_keys(policy))) { duration_cleanup(duration); return POLICY_EXPORT_ERR_DATABASE; } for (policy_key = policy_key_list_next(policy_key_list); policy_key; policy_key = policy_key_list_next(policy_key_list)) { switch (policy_key_role(policy_key)) { case POLICY_KEY_ROLE_ZSK: error = 100; if (!(node2 = xmlNewChild(keys, NULL, (xmlChar*)"ZSK", NULL)) || !(error = 101) || snprintf(text, sizeof(text), "%u", policy_key_algorithm(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 102) || snprintf(text, sizeof(text), "%u", policy_key_bits(policy_key)) >= (int)sizeof(text) || !xmlNewProp(node3, (xmlChar*)"length", (xmlChar*)text) || !(error = 103) || duration_set_time(duration, policy_key_lifetime(policy_key)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Lifetime", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 104) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Repository", (xmlChar*)policy_key_repository(policy_key))) || !(error = 105) || (policy_key_standby(policy_key) != -1 && (snprintf(text, sizeof(text), "%u", policy_key_standby(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Standby", (xmlChar*)text)))) || !(error = 106) || (policy_key_manual_rollover(policy_key) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ManualRollover", NULL))) || !(error = 107) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_NONE && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ZskRollType", (xmlChar*)"ZskDoubleSignature"))) || !(error = 108) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_RRSIG && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ZskRollType", (xmlChar*)"ZskPrePublication"))) || !(error = 109) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DNSKEY && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ZskRollType", (xmlChar*)"ZskDoubleRRsig"))) ) { client_printf_err(sockfd, "Unable to create XML elements, error code %d!\n", error); __free(&duration_text); duration_cleanup(duration); return POLICY_EXPORT_ERR_XML; } __free(&duration_text); break; case POLICY_KEY_ROLE_KSK: error = 200; if (!(node2 = xmlNewChild(keys, NULL, (xmlChar*)"KSK", NULL)) || !(error = 201) || snprintf(text, sizeof(text), "%u", policy_key_algorithm(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 202) || snprintf(text, sizeof(text), "%u", policy_key_bits(policy_key)) >= (int)sizeof(text) || !xmlNewProp(node3, (xmlChar*)"length", (xmlChar*)text) || !(error = 203) || duration_set_time(duration, policy_key_lifetime(policy_key)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Lifetime", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 204) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Repository", (xmlChar*)policy_key_repository(policy_key))) || !(error = 205) || (policy_key_standby(policy_key) != -1 && (snprintf(text, sizeof(text), "%u", policy_key_standby(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Standby", (xmlChar*)text)))) || !(error = 206) || (policy_key_manual_rollover(policy_key) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ManualRollover", NULL))) || !(error = 207) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_NONE && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"KskRollType", (xmlChar*)"KskDoubleRRset"))) || !(error = 208) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DNSKEY && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"KskRollType", (xmlChar*)"KskDoubleDS"))) || !(error = 209) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DS && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"KskRollType", (xmlChar*)"KskDoubleSignature"))) || !(error = 210) || (policy_key_rfc5011(policy_key) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"RFC5011", NULL))) ) { client_printf_err(sockfd, "Unable to create XML elements, error code %d!\n", error); __free(&duration_text); duration_cleanup(duration); return POLICY_EXPORT_ERR_XML; } __free(&duration_text); break; case POLICY_KEY_ROLE_CSK: error = 300; if (!(node2 = xmlNewChild(keys, NULL, (xmlChar*)"CSK", NULL)) || !(error = 301) || snprintf(text, sizeof(text), "%u", policy_key_algorithm(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Algorithm", (xmlChar*)text)) || !(error = 302) || snprintf(text, sizeof(text), "%u", policy_key_bits(policy_key)) >= (int)sizeof(text) || !xmlNewProp(node3, (xmlChar*)"length", (xmlChar*)text) || !(error = 303) || duration_set_time(duration, policy_key_lifetime(policy_key)) || !(duration_text = duration2string(duration)) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Lifetime", (xmlChar*)duration_text)) || __free(&duration_text) || !(error = 304) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Repository", (xmlChar*)policy_key_repository(policy_key))) || !(error = 305) || (policy_key_standby(policy_key) && (snprintf(text, sizeof(text), "%u", policy_key_standby(policy_key)) >= (int)sizeof(text) || !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"Standby", (xmlChar*)text)))) || !(error = 306) || (policy_key_manual_rollover(policy_key) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"ManualRollover", NULL))) || !(error = 307) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_NONE && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"CskRollType", (xmlChar*)"CskDoubleRRset"))) || !(error = 308) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_RRSIG && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"CskRollType", (xmlChar*)"CskSingleSignature"))) || !(error = 309) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DNSKEY && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"CskRollType", (xmlChar*)"CskDoubleDS"))) || !(error = 310) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DS && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"CskRollType", (xmlChar*)"CskDoubleSignature"))) || !(error = 311) || (policy_key_minimize(policy_key) == POLICY_KEY_MINIMIZE_DS_AND_RRSIG && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"CskRollType", (xmlChar*)"CskPrePublication"))) || !(error = 312) || (policy_key_rfc5011(policy_key) && !(node3 = xmlNewChild(node2, NULL, (xmlChar*)"RFC5011", NULL))) ) { client_printf_err(sockfd, "Unable to create XML elements, error code %d!\n", error); __free(&duration_text); duration_cleanup(duration); return POLICY_EXPORT_ERR_XML; } __free(&duration_text); break; default: policy_key_list_free(policy_key_list); duration_cleanup(duration); return POLICY_EXPORT_ERR_DATABASE; } } policy_key_list_free(policy_key_list); duration_cleanup(duration); return POLICY_EXPORT_OK; } int policy_export_all(int sockfd, const db_connection_t* connection, const char* filename) { policy_list_t* policy_list; const policy_t* policy; xmlDocPtr doc; xmlNodePtr root = NULL; int ret; char path[PATH_MAX]; xmlChar* xml = NULL; char* xml_out; int xml_length = 0; int xml_write; char* dirname, *dirlast; if (!connection) { return POLICY_EXPORT_ERR_ARGS; } if (filename) { if (access(filename, W_OK)) { if (errno == ENOENT) { if ((dirname = strdup(filename))) { if ((dirlast = strrchr(dirname, '/'))) { *dirlast = 0; if (access(dirname, W_OK)) { client_printf_err(sockfd, "Write access to directory denied: %s\n", strerror(errno)); free(dirname); return POLICY_EXPORT_ERR_FILE; } } free(dirname); } } else { client_printf_err(sockfd, "Write access to file denied!\n"); return POLICY_EXPORT_ERR_FILE; } } if (snprintf(path, sizeof(path), "%s.new", filename) >= (int)sizeof(path)) { client_printf_err(sockfd, "Unable to write XML to %s, path to long!\n", filename); return POLICY_EXPORT_ERR_MEMORY; } } if (!(doc = xmlNewDoc((xmlChar*)"1.0")) || !(root = xmlNewNode(NULL, (xmlChar*)"KASP"))) { client_printf_err(sockfd, "Unable to create XML elements, memory allocation error!\n"); if (doc) { xmlFreeDoc(doc); } return POLICY_EXPORT_ERR_MEMORY; } xmlDocSetRootElement(doc, root); if (!(policy_list = policy_list_new(connection)) || policy_list_get(policy_list)) { xmlFreeDoc(doc); if (policy_list) { policy_list_free(policy_list); return POLICY_EXPORT_ERR_DATABASE; } return POLICY_EXPORT_ERR_MEMORY; } for (policy = policy_list_next(policy_list); policy; policy = policy_list_next(policy_list)) { ret = __policy_export(sockfd, policy, root); if (ret != POLICY_EXPORT_OK) { policy_list_free(policy_list); xmlFreeDoc(doc); return ret; } } policy_list_free(policy_list); if (filename) { unlink(path); if (xmlSaveFormatFileEnc(path, doc, "UTF-8", 1) == -1) { client_printf_err(sockfd, "Unable to write policy, LibXML error!\n"); xmlFreeDoc(doc); return POLICY_EXPORT_ERR_FILE; } xmlFreeDoc(doc); if (check_kasp(path, NULL, 0, 0, NULL, NULL)) { client_printf_err(sockfd, "Unable to validate the exported policy XML!\n"); unlink(path); return POLICY_EXPORT_ERR_XML; } if (rename(path, filename)) { client_printf_err(sockfd, "Unable to write policy, rename failed!\n"); unlink(path); return POLICY_EXPORT_ERR_FILE; } } else { xmlDocDumpFormatMemoryEnc(doc, &xml, &xml_length, "UTF-8", 1); xmlFreeDoc(doc); if (xml && xml_length) { for (xml_out = (char*)xml, xml_write = xml_length; xml_write > POLICY_EXPORT_MAX_LENGHT; xml_write -= POLICY_EXPORT_MAX_LENGHT, xml_out += POLICY_EXPORT_MAX_LENGHT) { client_printf(sockfd, "%.*s", POLICY_EXPORT_MAX_LENGHT, xml_out); } if (xml_write) { client_printf(sockfd, "%.*s", xml_write, xml_out); } xmlFree(xml); } else { client_printf_err(sockfd, "Unable to create policy XML, LibXML error!\n"); return POLICY_EXPORT_ERR_XML; } } return POLICY_EXPORT_OK; } int policy_export(int sockfd, const policy_t* policy, const char* filename) { xmlDocPtr doc; xmlNodePtr root = NULL; int ret; char path[PATH_MAX]; xmlChar* xml = NULL; char* xml_out; int xml_length = 0; int xml_write; char* dirname, *dirlast; if (!policy) { return POLICY_EXPORT_ERR_ARGS; } if (filename) { if (access(filename, W_OK)) { if (errno == ENOENT) { if ((dirname = strdup(filename))) { if ((dirlast = strrchr(dirname, '/'))) { *dirlast = 0; if (access(dirname, W_OK)) { client_printf_err(sockfd, "Write access to directory denied: %s\n", strerror(errno)); free(dirname); return POLICY_EXPORT_ERR_FILE; } } free(dirname); } } else { client_printf_err(sockfd, "Write access to file denied!\n"); return POLICY_EXPORT_ERR_FILE; } } if (snprintf(path, sizeof(path), "%s.new", filename) >= (int)sizeof(path)) { client_printf_err(sockfd, "Unable to write XML to %s, path to long!\n", filename); return POLICY_EXPORT_ERR_MEMORY; } } if (!(doc = xmlNewDoc((xmlChar*)"1.0")) || !(root = xmlNewNode(NULL, (xmlChar*)"KASP"))) { client_printf_err(sockfd, "Unable to create XML elements, memory allocation error!\n"); if (doc) { xmlFreeDoc(doc); } return POLICY_EXPORT_ERR_MEMORY; } xmlDocSetRootElement(doc, root); ret = __policy_export(sockfd, policy, root); if (ret != POLICY_EXPORT_OK) { xmlFreeDoc(doc); return ret; } if (filename) { unlink(path); if (xmlSaveFormatFileEnc(path, doc, "UTF-8", 1) == -1) { client_printf_err(sockfd, "Unable to write policy, LibXML error!\n"); xmlFreeDoc(doc); return POLICY_EXPORT_ERR_FILE; } xmlFreeDoc(doc); if (check_kasp(path, NULL, 0, 0, NULL, NULL)) { client_printf_err(sockfd, "Unable to validate the exported policy XML!\n"); unlink(path); return POLICY_EXPORT_ERR_XML; } if (rename(path, filename)) { client_printf_err(sockfd, "Unable to write policy, rename failed!\n"); unlink(path); return POLICY_EXPORT_ERR_FILE; } } else { xmlDocDumpFormatMemoryEnc(doc, &xml, &xml_length, "UTF-8", 1); xmlFreeDoc(doc); if (xml && xml_length) { for (xml_out = (char*)xml, xml_write = xml_length; xml_write > POLICY_EXPORT_MAX_LENGHT; xml_write -= POLICY_EXPORT_MAX_LENGHT, xml_out += POLICY_EXPORT_MAX_LENGHT) { client_printf(sockfd, "%.*s", POLICY_EXPORT_MAX_LENGHT, xml_out); } if (xml_write) { client_printf(sockfd, "%.*s", xml_write, xml_out); } xmlFree(xml); } else { client_printf_err(sockfd, "Unable to create policy XML, LibXML error!\n"); return POLICY_EXPORT_ERR_XML; } } return POLICY_EXPORT_OK; } opendnssec-2.1.5/enforcer/src/policy/policy_import_cmd.c0000644000202300020240000001131613560311035020336 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include #include "daemon/engine.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "log.h" #include "str.h" #include "clientpipe.h" #include "policy/policy_import.h" #include "policy/policy_resalt_task.h" #include "enforcer/enforce_task.h" #include "policy/policy_import_cmd.h" static const char *module_str = "policy_import_cmd"; static void database_error_help(int sockfd) { client_printf_err(sockfd, "\nThe information in the database may have been changed during KASP update" " and caused an update error, try rerunning policy import. If the problem persists" " please check logs and database setup and after correcting the problem rerun policy import.\n" ); } static void usage(int sockfd) { client_printf(sockfd, "policy import\n" " [--remove-missing-policies] aka -r\n" ); } static void help(int sockfd) { client_printf(sockfd, "Import policies from kasp.xml into the enforcer database.\n" "\nOptions:\n" "remove-missing-policies Remove any policies from database " "that do not exist in the KASP file\n\n" ); } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { #define NARGV 3 db_connection_t* dbconn = getconnectioncontext(context);; engine_type* engine = getglobalcontext(context); int remove_missing_policies = 0, argc = 0; int long_index = 0, opt = 0; char buf[ODS_SE_MAXLINE]; char const *argv[NARGV]; static struct option long_options[] = { {"remove-missing-policies", no_argument, 0, 'r'}, {0, 0, 0, 0} }; if (!engine || !engine->config || !engine->config->policy_filename || !dbconn) { return 1; } ods_log_debug("[%s] %s command", module_str, policy_import_funcblock.cmdname); if (!cmd) return -1; strncpy(buf, cmd, sizeof(buf)); buf[sizeof(buf)-1] = '\0'; /* separate the arguments*/ argc = ods_str_explode(buf, NARGV, argv); if (argc == -1) { ods_log_error("[%s] too many arguments for %s command", module_str, policy_import_funcblock.cmdname); client_printf_err(sockfd,"too many arguments\n"); return -1; } optind = 0; while ((opt = getopt_long(argc, (char* const*)argv, "r", long_options, &long_index)) != -1 ) { switch (opt) { case 'r': remove_missing_policies = 1; break; default: client_printf_err(sockfd, "unknown arguments\n"); ods_log_error("[%s] unknown arguments for %s command", module_str, policy_import_funcblock.cmdname); return -1; } } switch (policy_import(sockfd, engine, dbconn, remove_missing_policies)) { case POLICY_IMPORT_OK: /* only zones in policy, and force! */ enforce_task_flush_all(engine, dbconn); (void)flush_resalt_task_all(engine, dbconn); return 0; break; case POLICY_IMPORT_ERR_ARGS: case POLICY_IMPORT_ERR_XML: case POLICY_IMPORT_ERR_MEMORY: break; case POLICY_IMPORT_ERR_DATABASE: database_error_help(sockfd); break; default: break; } return 1; } struct cmd_func_block policy_import_funcblock = { "policy import", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/policy/policy_purge_cmd.c0000644000202300020240000000422013560311035020142 00000000000000#include "daemon/engine.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "log.h" #include "str.h" #include "clientpipe.h" #include "enforcer/enforce_task.h" #include "db/policy.h" #include "policy/policy_purge_cmd.h" static const char *module_str = "policy_purge_cmd"; static void usage(int sockfd) { client_printf(sockfd, "policy purge\n" ); } static void help(int sockfd) { client_printf(sockfd, "This command will remove any policies from the database which have no\n" "associated zones. Use with caution.\n\n" ); } /** * Purge * @param dbconn, Active database connection * * @return: error status, >0 on error */ static int purge_policies(int sockfd, db_connection_t *dbconn) { policy_list_t* policy_list; policy_t* policy; zone_list_db_t* zonelist; const char* name; size_t listsize; int result = 0; client_printf(sockfd, "Purging policies\n"); policy_list = policy_list_new_get(dbconn); if (!policy_list) return 1; while ((policy = policy_list_get_next(policy_list))) { name = policy_name(policy); /*fetch zonelist from db, owned by policy*/ if (policy_retrieve_zone_list(policy)) { result = 1; client_printf(sockfd, "Error fetching zones\n"); break; } zonelist = policy_zone_list(policy); listsize = zone_list_db_size(zonelist); if (listsize == 0) { ods_log_info("[%s] No zones on policy %s; purging...", module_str, name); client_printf(sockfd, "No zones on policy %s; purging...\n", name); if (policy_delete(policy)) { ods_log_crit("[%s] Error while purging policy from database", module_str); client_printf(sockfd, "Error while updating database\n", name); result++; } } policy_free(policy); } policy_list_free(policy_list); return result; } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { db_connection_t* dbconn = getconnectioncontext(context);; engine_type* engine = getglobalcontext(context); (void) cmd; ods_log_debug("[%s] %s command", module_str, policy_purge_funcblock.cmdname); return purge_policies(sockfd, dbconn); } struct cmd_func_block policy_purge_funcblock = { "policy purge", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/policy/policy_resalt_cmd.h0000644000202300020240000000306113560310771020327 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_RESALT_CMD_H_ #define _POLICY_POLICY_RESALT_CMD_H_ struct cmd_func_block resalt_funcblock; #endif /*_POLICY_POLICY_RESALT_CMD_H_*/ opendnssec-2.1.5/enforcer/src/policy/policy_import_cmd.h0000644000202300020240000000307213560310771020351 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_IMPORT_CMD_H_ #define _POLICY_POLICY_IMPORT_CMD_H_ struct cmd_func_block policy_import_funcblock; #endif /* _POLICY_POLICY_IMPORT_CMD_H_ */ opendnssec-2.1.5/enforcer/src/policy/policy_resalt_cmd.c0000644000202300020240000000446413560311035020324 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "policy/policy_resalt_task.h" #include "duration.h" #include "file.h" #include "log.h" #include "str.h" #include "daemon/engine.h" #include "clientpipe.h" #include "policy/policy_resalt_cmd.h" /* static const char *module_str = "policy_resalt_cmd"; */ static void usage(int sockfd) { client_printf(sockfd, "policy resalt\n" ); } static void help(int sockfd) { client_printf(sockfd, "Generate new NSEC3 salts for policies that have salts older than the resalt duration.\n\n"); } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { db_connection_t* dbconn = getconnectioncontext(context);; engine_type* engine = getglobalcontext(context); (void)cmd; return flush_resalt_task_all(engine, dbconn); } struct cmd_func_block resalt_funcblock = { "policy resalt", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/policy/policy_export_cmd.c0000644000202300020240000001112313560311035020341 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include #include "daemon/engine.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "log.h" #include "str.h" #include "clientpipe.h" #include "policy/policy_export.h" #include "policy/policy_export_cmd.h" static const char *module_str = "policy_export_cmd"; /* TODO: add export to specific file */ static void usage(int sockfd) { client_printf(sockfd, "policy export\n" " --policy | --all aka -p | -a \n" ); } static void help(int sockfd) { client_printf(sockfd, "Export a specified policy or all of them from the database.\n" "\nOptions:\n" "policy|all limit the operation to a specified policy or all of them\n\n" ); } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { #define NARGV 4 char* buf; const char* argv[NARGV]; int returnCode; int argc = 0, long_index = 0, opt = 0; const char* policy_name = NULL; int all = 0; policy_t* policy; db_connection_t* dbconn = getconnectioncontext(context);; engine_type* engine = getglobalcontext(context); static struct option long_options[] = { {"policy", required_argument, 0, 'p'}, {"all", no_argument, 0, 'a'}, {0, 0, 0, 0} }; ods_log_debug("[%s] %s command", module_str, policy_export_funcblock.cmdname); if (!cmd || !(buf = strdup(cmd))) { client_printf_err(sockfd, "memory error\n"); return -1; } argc = ods_str_explode(buf, NARGV, argv); if (argc == -1) { client_printf_err(sockfd, "too many arguments\n"); ods_log_error("[%s] too many arguments for %s command", module_str, policy_export_funcblock.cmdname); free(buf); return -1; } optind = 0; while ((opt = getopt_long(argc, (char* const*)argv, "p:a", long_options, &long_index)) != -1) { switch (opt) { case 'p': policy_name = optarg; break; case 'a': all = 1; break; default: client_printf_err(sockfd, "unknown arguments\n"); ods_log_error("[%s] unknown arguments for %s command", module_str, policy_export_funcblock.cmdname); free(buf); return -1; } } if (!dbconn) { free(buf); return 1; } if (all) { if (policy_export_all(sockfd, dbconn, NULL) != POLICY_EXPORT_OK) { free(buf); return 1; } } else if (policy_name) { if (!(policy = policy_new_get_by_name(dbconn, policy_name))) { client_printf_err(sockfd, "Unable to find policy %s!\n", policy_name); free(buf); return 1; } if (policy_export(sockfd, policy, NULL) != POLICY_EXPORT_OK) { policy_free(policy); free(buf); return 1; } policy_free(policy); } else { client_printf_err(sockfd, "Either --all or --policy needs to be given!\n"); free(buf); return 1; } free(buf); return 0; } struct cmd_func_block policy_export_funcblock = { "policy export", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/policy/policy_import.h0000644000202300020240000000510113560311035017513 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_IMPORT_H_ #define _POLICY_POLICY_IMPORT_H_ #include "daemon/engine.h" #include "db/db_connection.h" /** * Indicates a successful policy import. */ #define POLICY_IMPORT_OK 0 /** * Indicates an error with the arguments provided to policy_import(). */ #define POLICY_IMPORT_ERR_ARGS 1 /** * Indicates an error with the KASP XML like parsing, validating or content. */ #define POLICY_IMPORT_ERR_XML 2 /** * Indicates an error with the database like reading, updating or creating. */ #define POLICY_IMPORT_ERR_DATABASE 3 /** * Indicates a memory allocation error or generic internal error. */ #define POLICY_IMPORT_ERR_MEMORY 4 /* * Import policies from the configured KASP XML and sync it with the database. * \param[in] sockfd a client socket which progress is written to if non-zero. * \param[in] engine a engine_type pointer. * \param[in] dbconn a db_connection_t pointer. * \param[in] do_delete a interger which will trigger deletion of policies not * in the KASP if non-zero. * \return POLICY_IMPORT_ERR_* on error otherwise POLICY_IMPORT_OK. */ int policy_import(int sockfd, engine_type* engine, db_connection_t *dbconn, int do_delete); #endif /* _POLICY_POLICY_IMPORT_H_ */ opendnssec-2.1.5/enforcer/src/policy/policy_resalt_task.h0000644000202300020240000000315313560311035020522 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_RESALT_TASK_H_ #define _POLICY_POLICY_RESALT_TASK_H_ #include "daemon/engine.h" #include "scheduler/task.h" int flush_resalt_task_all(engine_type *engine, db_connection_t *dbconn); #endif opendnssec-2.1.5/enforcer/src/policy/policy_purge_cmd.h0000644000202300020240000000024113560310771020154 00000000000000#ifndef _POLICY_POLICY_PURGE_CMD_H_ #define _POLICY_POLICY_PURGE_CMD_H_ struct cmd_func_block policy_purge_funcblock; #endif /* _POLICY_POLICY_PURGE_CMD_H_ */ opendnssec-2.1.5/enforcer/src/policy/policy_import.c0000644000202300020240000010726113560311035017520 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "log.h" #include "clientpipe.h" #include "db/policy.h" #include "db/policy_key.h" #include "utils/kc_helper.h" #include "db/zone_db.h" #include "db/hsm_key.h" #include "hsmkey/hsm_key_factory.h" #include "signconf/signconf_task.h" #include "policy/policy_import.h" #include #include struct __policy_import_policy_key; struct __policy_import_policy_key { struct __policy_import_policy_key* next; policy_key_t *policy_key; int processed; }; struct __policy_import_policy; struct __policy_import_policy { struct __policy_import_policy* next; char* name; int processed; }; static void __policy_import_cleanup(struct __policy_import_policy_key** policy_keys_db, struct __policy_import_policy_key** policy_keys_xml, struct __policy_import_policy** policies) { struct __policy_import_policy_key* policy_key_db; struct __policy_import_policy_key* policy_key_xml; struct __policy_import_policy* policy2; for (policy_key_db = *policy_keys_db; policy_key_db; policy_key_db = *policy_keys_db) { *policy_keys_db = policy_key_db->next; if (policy_key_db->policy_key) { policy_key_free(policy_key_db->policy_key); } free(policy_key_db); } for (policy_key_xml = *policy_keys_xml; policy_key_xml; policy_key_xml = *policy_keys_xml) { *policy_keys_xml = policy_key_xml->next; if (policy_key_xml->policy_key) { policy_key_free(policy_key_xml->policy_key); } free(policy_key_xml); policy_key_xml = *policy_keys_xml; } for (policy2 = *policies; policy2; policy2 = *policies) { *policies = policy2->next; free(policy2->name); free(policy2); } } static int check_duplicated_policy_keys(db_connection_t *dbconn, xmlNodePtr node) { xmlNodePtr node2; xmlNodePtr node3; xmlNodePtr* keys; size_t count = 0, i, j, found; policy_key_t *A, *B = NULL; /* * Count the keys in the XML */ for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node2->name, "Keys")) { continue; } for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node3->name, "KSK") && strcmp((char*)node3->name, "ZSK") && strcmp((char*)node3->name, "CSK")) { continue; } count++; } break; /* Look no further, there is only one 'Keys' section */ } if (!count) { return 0; } /* * Allocate an array of nodes and put all keys in it */ if (!(keys = (xmlNodePtr*)calloc(count, sizeof(xmlNodePtr)))) { return -1; } for (i = 0, node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node2->name, "Keys")) { continue; } for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node3->name, "KSK") && strcmp((char*)node3->name, "ZSK") && strcmp((char*)node3->name, "CSK")) { continue; } if (i >= count) { free(keys); return -1; } keys[i] = node3; i++; } } /* * Walk the array and check for duplicated keys * * TODO: this could be optimized by creating all the policy_key objects * before checking them. */ if (!(A = policy_key_new(dbconn)) || !(B = policy_key_new(dbconn))) { policy_key_free(A); policy_key_free(B); free(keys); return -1; } for (found = 0, i = 0; i < count && !found; i++) { policy_key_reset(A); if (policy_key_create_from_xml(A, keys[i])) { found = -1; break; } for (j = i + 1; j < count && !found; j++) { policy_key_reset(B); if (policy_key_create_from_xml(B, keys[j])) { found = -1; break; } if (!policy_key_cmp(A, B)) { found = 1; break; } } } policy_key_free(A); policy_key_free(B); free(keys); return found; } int policy_import(int sockfd, engine_type* engine, db_connection_t *dbconn, int do_delete) { xmlDocPtr doc; xmlNodePtr real_root; xmlNodePtr root; xmlNodePtr node; xmlNodePtr node2; xmlNodePtr node3; xmlChar* name; policy_t* policy; policy_key_t* policy_key; const policy_key_t* policy_key2; int updated; int successful; struct __policy_import_policy_key* policy_keys_db = NULL; struct __policy_import_policy_key* policy_key_db; struct __policy_import_policy_key* policy_keys_xml = NULL; struct __policy_import_policy_key* policy_key_xml; policy_key_list_t* policy_key_list; int keys_updated; int database_error = 0; int xml_error = 0; char **repositories = NULL; int repository_count = 0; hsm_repository_t* hsm; int i; struct __policy_import_policy* policies = NULL; struct __policy_import_policy* policy2; policy_list_t* policy_list; const policy_t* policy_walk; zone_list_db_t* zone_list; hsm_key_list_t* hsm_key_list; int any_update = 0; if (!engine) { return POLICY_IMPORT_ERR_ARGS; } if (!engine->config) { return POLICY_IMPORT_ERR_ARGS; } if (!engine->config->policy_filename) { return POLICY_IMPORT_ERR_ARGS; } if (!dbconn) { return POLICY_IMPORT_ERR_ARGS; } /* * Retrieve all the current policies so they can be marked processed later * and then the unprocessed can be deleted */ if (!(policy_list = policy_list_new_get(dbconn))) { client_printf_err(sockfd, "Unable to fetch all the current policies in the database!\n"); return POLICY_IMPORT_ERR_DATABASE; } for (policy_walk = policy_list_next(policy_list); policy_walk; policy_walk = policy_list_next(policy_list)) { if (!(policy2 = calloc(1, sizeof(struct __policy_import_policy))) || !(policy2->name = strdup(policy_name(policy_walk)))) { client_printf_err(sockfd, "Memory allocation error!\n"); policy_list_free(policy_list); if (policy2) { free(policy2); } for (policy2 = policies; policy2; policy2 = policies) { free(policy2->name); policies = policy2->next; free(policy2); } return POLICY_IMPORT_ERR_MEMORY; } policy2->next = policies; policies = policy2; } policy_list_free(policy_list); /* * Get HSM Repositories */ if (engine->config->repositories) { for (hsm = engine->config->repositories; hsm; hsm = hsm->next, repository_count++) ; if (!(repositories = calloc(repository_count, sizeof(char*)))) { __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } for (i = 0, hsm = engine->config->repositories; hsm && inext, i++) repositories[i] = hsm->name; } /* * Validate KASP */ if (check_kasp(engine->config->policy_filename, repositories, repository_count, 0, NULL, NULL)) { client_printf_err(sockfd, "Unable to validate the KASP XML, please run ods-kaspcheck for more details!\n"); if (repositories) { free(repositories); } __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } if (repositories) { free(repositories); } if (!(doc = xmlParseFile(engine->config->policy_filename))) { client_printf_err(sockfd, "Unable to read/parse KASP XML file %s!\n", engine->config->policy_filename); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } if (!(real_root = xmlDocGetRootElement(doc))) { client_printf_err(sockfd, "Unable to get the root element in the KASP XML!\n"); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } /* * Check for duplicated policy keys */ for (root = real_root; root; root = root->next) { if (root->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)root->name, "KASP")) { for (node = root->children; node; node = node->next) { if (node->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node->name, "Policy")) { continue; } if (!(name = xmlGetProp(node, (const xmlChar*)"name"))) { client_printf_err(sockfd, "Invalid Policy element in KASP XML!\n"); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } if (check_duplicated_policy_keys(dbconn, node)) { client_printf_err(sockfd, "Duplicated Policy Key elements in KASP XML is not allowed!\n"); xmlFree(name); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } xmlFree(name); } } } /* * Process XML */ for (root = real_root; root; root = root->next) { if (root->type != XML_ELEMENT_NODE) { continue; } if (!strcmp((char*)root->name, "KASP")) { for (node = root->children; node; node = node->next) { if (node->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node->name, "Policy")) { continue; } if (!(name = xmlGetProp(node, (const xmlChar*)"name"))) { client_printf_err(sockfd, "Invalid Policy element in KASP XML!\n"); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_XML; } if (!(policy = policy_new(dbconn))) { client_printf_err(sockfd, "Memory allocation error!\n"); xmlFree(name); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } /* * Fetch the policy by name, if we can't find it create a new * one otherwise update the existing one */ if (policy_get_by_name(policy, (char*)name)) { if (policy_create_from_xml(policy, node)) { client_printf_err(sockfd, "Unable to create policy %s from XML, XML content may be invalid!\n", (char*)name); policy_free(policy); xmlFree(name); xml_error = 1; continue; } if (policy_create(policy)) { client_printf_err(sockfd, "Unable to create policy %s in the database!\n", (char*)name); policy_free(policy); xmlFree(name); database_error = 1; continue; } if (policy_get_by_name(policy, (char*)name)) { client_printf_err(sockfd, "Unable to get policy %s from the database after creation, the policy may be corrupt in the database now!\n", (char*)name); policy_free(policy); xmlFree(name); database_error = 1; continue; } /* * Walk deeper into the XML and create all the keys we find */ successful = 1; for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node2->name, "Keys")) { continue; } for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node3->name, "KSK") && strcmp((char*)node3->name, "ZSK") && strcmp((char*)node3->name, "CSK")) { continue; } /* * Create the policy key */ if (!(policy_key = policy_key_new(dbconn))) { client_printf_err(sockfd, "Memory allocation error!\n"); policy_free(policy); policy_key_free(policy_key); xmlFree(name); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } if (policy_key_create_from_xml(policy_key, node3)) { client_printf_err(sockfd, "Unable to create %s key for policy %s from XML!\n", (char*)node3->name, (char*)name); policy_key_free(policy_key); successful = 0; xml_error = 1; continue; } if (policy_key_set_policy_id(policy_key, policy_id(policy)) || policy_key_create(policy_key)) { client_printf_err(sockfd, "Unable to create %s key for policy %s in the database, the policy is not complete in the database now!\n", (char*)node3->name, (char*)name); policy_key_free(policy_key); successful = 0; database_error = 1; continue; } policy_key_free(policy_key); } } if (successful) { ods_log_info("[policy_import] policy %s created", (char*)name); client_printf(sockfd, "Created policy %s successfully\n", (char*)name); any_update = 1; } } else { /* * Mark it processed even if update fails so its not deleted */ for (policy2 = policies; policy2; policy2 = policy2->next) { if (policy2->processed) { continue; } if (!strcmp(policy2->name, (char*)name)) { policy2->processed = 1; break; } } /* * Fetch all current keys, put them in a list for later * processing */ if (!(policy_key_list = policy_key_list_new(dbconn)) || policy_key_list_get_by_policy_id(policy_key_list, policy_id(policy))) { client_printf_err(sockfd, "Unable to retrieve policy keys for policy %s, unknown database error!\n", (char*)name); policy_key_list_free(policy_key_list); policy_free(policy); xmlFree(name); database_error = 1; continue; } /* * Clear the list if its been used before */ for (policy_key_db = policy_keys_db; policy_key_db; policy_key_db = policy_keys_db) { policy_keys_db = policy_key_db->next; if (policy_key_db->policy_key) { policy_key_free(policy_key_db->policy_key); } free(policy_key_db); } policy_key2 = policy_key_list_next(policy_key_list); while (policy_key2) { if (!(policy_key_db = calloc(1, sizeof(struct __policy_import_policy_key))) || !(policy_key_db->policy_key = policy_key_new(dbconn)) || policy_key_copy(policy_key_db->policy_key, policy_key2)) { client_printf_err(sockfd, "Memory allocation or internal error!\n"); if (policy_key_db->policy_key) { policy_key_free(policy_key_db->policy_key); } free(policy_key_db); policy_key_list_free(policy_key_list); policy_free(policy); xmlFree(name); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } policy_key_db->next = policy_keys_db; policy_keys_db = policy_key_db; policy_key2 = policy_key_list_next(policy_key_list); } policy_key_list_free(policy_key_list); /* * Update the policy, if any data has changed then updated * will be set to non-zero and if so we update the database */ if (policy_update_from_xml(policy, node, &updated)) { client_printf_err(sockfd, "Unable to update policy %s from XML, XML content may be invalid!\n", (char*)name); policy_free(policy); xmlFree(name); xml_error = 1; continue; } /* * Walk deeper into the XML and create objects for all the * keys we find but do not update the database yet */ /* * Clear the list if its been used before */ for (policy_key_xml = policy_keys_xml; policy_key_xml; policy_key_xml = policy_keys_xml) { policy_keys_xml = policy_key_xml->next; if (policy_key_xml->policy_key) { policy_key_free(policy_key_xml->policy_key); } free(policy_key_xml); policy_key_xml = policy_keys_xml; } successful = 1; for (node2 = node->children; node2; node2 = node2->next) { if (node2->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node2->name, "Keys")) { continue; } for (node3 = node2->children; node3; node3 = node3->next) { if (node3->type != XML_ELEMENT_NODE) { continue; } if (strcmp((char*)node3->name, "KSK") && strcmp((char*)node3->name, "ZSK") && strcmp((char*)node3->name, "CSK")) { continue; } if (!(policy_key_xml = calloc(1, sizeof(struct __policy_import_policy_key))) || !(policy_key_xml->policy_key = policy_key_new(dbconn))) { client_printf_err(sockfd, "Memory allocation or internal error!\n"); if (policy_key_xml->policy_key) { policy_key_free(policy_key_xml->policy_key); } free(policy_key_xml); policy_free(policy); xmlFree(name); xmlFreeDoc(doc); __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } if (policy_key_set_policy_id(policy_key_xml->policy_key, policy_id(policy)) || policy_key_create_from_xml(policy_key_xml->policy_key, node3)) { client_printf_err(sockfd, "Unable to create %s key for policy %s from XML, XML content may be invalid!\n", (char*)node3->name, (char*)name); successful = 0; if (policy_key_xml->policy_key) { policy_key_free(policy_key_xml->policy_key); } free(policy_key_xml); xml_error = 1; continue; } policy_key_xml->next = policy_keys_xml; policy_keys_xml = policy_key_xml; } } if (!successful) { client_printf_err(sockfd, "Unable to update policy %s from XML because of previous policy key error!\n", (char*)name); policy_free(policy); xmlFree(name); xml_error = 1; continue; } /* * Compare the two lists, one from the database and the * other from the XML. If the policy key objects match then * mark them processed in both lists. */ policy_key_xml = policy_keys_xml; while (policy_key_xml) { if (policy_key_xml->processed) { policy_key_xml = policy_key_xml->next; continue; } policy_key_db = policy_keys_db; while (policy_key_db) { if (policy_key_db->processed) { policy_key_db = policy_key_db->next; continue; } if (!policy_key_cmp(policy_key_xml->policy_key, policy_key_db->policy_key)) { policy_key_xml->processed = 1; policy_key_db->processed = 1; break; } policy_key_db = policy_key_db->next; } policy_key_xml = policy_key_xml->next; } keys_updated = 0; /* * For each object in XML list that has not been processed, * create it in the database */ successful = 1; policy_key_xml = policy_keys_xml; while (policy_key_xml) { if (policy_key_xml->processed) { policy_key_xml = policy_key_xml->next; continue; } keys_updated = 1; if (policy_key_create(policy_key_xml->policy_key)) { client_printf_err(sockfd, "Unable to create %s key for policy %s in database!\n", policy_key_role_text(policy_key_xml->policy_key), (char*)name); successful = 0; database_error = 1; continue; } policy_key_xml = policy_key_xml->next; } if (!successful) { client_printf_err(sockfd, "Unable to update policy %s in the database because of previous policy key creation error, policy is not complete in the database now!\n", (char*)name); policy_free(policy); xmlFree(name); database_error = 1; continue; } /* * For each object in the database list that has not been * processed, delete it from the database */ policy_key_db = policy_keys_db; while (policy_key_db) { if (policy_key_db->processed) { policy_key_db = policy_key_db->next; continue; } keys_updated = 1; if (policy_key_delete(policy_key_db->policy_key)) { client_printf_err(sockfd, "Unable to delete %s key for policy %s from database!\n", policy_key_role_text(policy_key_db->policy_key), (char*)name); successful = 0; database_error = 1; continue; } policy_key_db = policy_key_db->next; } if (!successful) { client_printf_err(sockfd, "Unable to update policy %s in the database because of previous policy key deletion error, policy is invalid in the database now!\n", (char*)name); policy_free(policy); xmlFree(name); database_error = 1; continue; } /* * Update the policy in the database */ if (updated) { if (policy_update(policy)) { client_printf_err(sockfd, "Unable to update policy %s in database!\n", (char*)name); policy_free(policy); xmlFree(name); database_error = 1; continue; } ods_log_info("[policy_import] policy %s updated", (char*)name); client_printf(sockfd, "Updated policy %s successfully\n", (char*)name); any_update = 1; } else if (keys_updated) { ods_log_info("[policy_import] policy %s updated", (char*)name); client_printf(sockfd, "Updated policy %s successfully\n", (char*)name); any_update = 1; } else { client_printf(sockfd, "Policy %s already up-to-date\n", (char*)name); } } policy_free(policy); xmlFree(name); } } } signconf_task_flush_all(engine, dbconn); if (do_delete) { /* * Delete policies that has not been processed */ for (policy2 = policies; policy2; policy2 = policy2->next) { if (policy2->processed) { continue; } if (!(policy = policy_new(dbconn))) { client_printf_err(sockfd, "Memory allocation error!\n"); xmlFreeDoc(doc); for (policy2 = policies; policy2; policy2 = policies) { free(policy2->name); policies = policy2->next; free(policy2); } __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); return POLICY_IMPORT_ERR_MEMORY; } if (!policy_get_by_name(policy, policy2->name)) { /* * Check if there are still zones or hsm keys using this policy and * abort if there is */ if (!(zone_list = zone_list_db_new_get_by_policy_id(dbconn, policy_id(policy)))) { client_printf_err(sockfd, "Unable to check for zones using policy %s from database!\n", policy2->name); policy_free(policy); database_error = 1; continue; } if (zone_list_db_next(zone_list)) { zone_list_db_free(zone_list); client_printf_err(sockfd, "Unable to delete policy %s, there are still zones using this policy!\n", policy2->name); policy_free(policy); database_error = 1; continue; } zone_list_db_free(zone_list); if (!(hsm_key_list = hsm_key_list_new_get_by_policy_id(dbconn, policy_id(policy)))) { client_printf_err(sockfd, "Unable to check for hsm keys using policy %s from database!\n", policy2->name); policy_free(policy); database_error = 1; continue; } if (hsm_key_list_next(hsm_key_list)) { hsm_key_list_free(hsm_key_list); client_printf_err(sockfd, "Unable to delete policy %s, there are still hsm keys using this policy!\n", policy2->name); policy_free(policy); database_error = 1; continue; } hsm_key_list_free(hsm_key_list); /* * Try and delete all the policy keys for this policy */ if (!(policy_key_list = policy_key_list_new_get_by_policy_id(dbconn, policy_id(policy)))) { client_printf_err(sockfd, "Unable to get policy keys for policy %s from database!\n", policy2->name); policy_free(policy); database_error = 1; continue; } successful = 1; for (policy_key = policy_key_list_get_next(policy_key_list); policy_key; policy_key_free(policy_key), policy_key = policy_key_list_get_next(policy_key_list)) { if (policy_key_delete(policy_key)) { client_printf_err(sockfd, "Unable to delete policy key %s in policy %s from database!\n", policy_key_role_text(policy_key), policy2->name); database_error = 1; successful = 0; continue; } } policy_key_list_free(policy_key_list); if (!successful) { policy_free(policy); continue; } if (policy_delete(policy)) { client_printf_err(sockfd, "Unable to delete policy %s from database!\n", policy2->name); policy_free(policy); database_error = 1; continue; } ods_log_info("[policy_import] policy %s deleted", policy2->name); client_printf(sockfd, "Deleted policy %s successfully\n", policy2->name); } else { client_printf_err(sockfd, "Unable to delete policy %s from database!\n", policy2->name); database_error = 1; } policy_free(policy); } } if (any_update && !engine->config->manual_keygen) { hsm_key_factory_schedule_generate_all(engine, 0); } __policy_import_cleanup(&policy_keys_db, &policy_keys_xml, &policies); xmlFreeDoc(doc); if (database_error) { return POLICY_IMPORT_ERR_DATABASE; } if (xml_error) { return POLICY_IMPORT_ERR_XML; } return POLICY_IMPORT_OK; } opendnssec-2.1.5/enforcer/src/policy/policy_list_cmd.c0000644000202300020240000000534013560311035017777 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include "config.h" #include "cmdhandler.h" #include "daemon/enforcercommands.h" #include "log.h" #include "str.h" #include "daemon/engine.h" #include "clientpipe.h" #include "db/policy.h" #include "policy/policy_list_cmd.h" /* static const char *module_str = "policy_list_cmd"; */ static void usage(int sockfd) { client_printf(sockfd, "policy list\n"); } static void help(int sockfd) { client_printf(sockfd, "List all policies in the database.\n\n" ); } static int run(int sockfd, cmdhandler_ctx_type* context, const char *cmd) { const char *fmt = "%-31s %-48s\n"; policy_list_t *pol_list; const policy_t *policy; db_connection_t* dbconn = getconnectioncontext(context);; engine_type* engine = getglobalcontext(context); (void)cmd; if (!(pol_list = policy_list_new_get(dbconn))) return 1; /* May want to keep this for compatibility? * client_printf(sockfd, "Database set to: %s\nPolicies:\n", engine->config->datastore);*/ client_printf(sockfd, fmt, "Policy:", "Description:"); policy = policy_list_next(pol_list); while (policy) { client_printf(sockfd, fmt, policy_name(policy), policy_description(policy)); policy = policy_list_next(pol_list); } policy_list_free(pol_list); return 0; } struct cmd_func_block policy_list_funcblock = { "policy list", &usage, &help, NULL, &run }; opendnssec-2.1.5/enforcer/src/policy/policy_export.h0000644000202300020240000000555113560311035017533 00000000000000/* * Copyright (c) 2014 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2014 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_EXPORT_H_ #define _POLICY_POLICY_EXPORT_H_ #include "db/db_connection.h" #include "db/policy.h" /** * Indicates a successful policy export. */ #define POLICY_EXPORT_OK 0 /** * Indicates an error with the arguments provided to policy_export(). */ #define POLICY_EXPORT_ERR_ARGS 1 /** * Indicates an error with the policy XML like parsing, validating or content. */ #define POLICY_EXPORT_ERR_XML 2 /** * Indicates an error with the database like reading, updating or creating. */ #define POLICY_EXPORT_ERR_DATABASE 3 /** * Indicates a memory allocation error or generic internal error. */ #define POLICY_EXPORT_ERR_MEMORY 4 /** * Indicates an error when handing files. */ #define POLICY_EXPORT_ERR_FILE 5 /** * Export all policies from the database to XML. * \param[in] sockfd a socket. * \param[in] dbconn a db_connection_t pointer. * \param[in] filename the filename to write to, if NULL write to stdout. * \return POLICY_EXPORT_ERR_* on error otherwise POLICY_EXPORT_OK. */ int policy_export_all(int sockfd, const db_connection_t* connection, const char* filename); /** * Export the policy from the database to XML. * \param[in] sockfd a socket. * \param[in] policy a policy_t pointer with the policy to export. * \param[in] filename the filename to write to, if NULL write to stdout. * \return POLICY_EXPORT_ERR_* on error otherwise POLICY_EXPORT_OK. */ int policy_export(int sockfd, const policy_t* policy, const char* filename); #endif /* _POLICY_POLICY_EXPORT_H_ */ opendnssec-2.1.5/enforcer/src/policy/policy_list_cmd.h0000644000202300020240000000306213560310771020011 00000000000000/* * Copyright (c) 2011 Surfnet * Copyright (c) 2011 .SE (The Internet Infrastructure Foundation). * Copyright (c) 2011 OpenDNSSEC AB (svb) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #ifndef _POLICY_POLICY_LIST_CMD_H_ #define _POLICY_POLICY_LIST_CMD_H_ struct cmd_func_block policy_list_funcblock; #endif /* _POLICY_POLICY_LIST_CMD_H_ */ opendnssec-2.1.5/enforcer/src/ods-enforcerd.c0000644000202300020240000002164013560311035016056 00000000000000/* * Copyright (c) 2009 NLNet Labs. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ /** * OpenDNSSEC key and signing policy enforcer daemon. * */ #include "config.h" #include #include #include "daemon/engine.h" #include "log.h" #include "duration.h" #include "locks.h" #include "enforcer/autostart_cmd.h" #include "parser/confparser.h" #define AUTHOR_NAME "Matthijs Mekking, Yuri Schaeffer, René Post" #define COPYRIGHT_STR "Copyright (C) 2010-2011 NLnet Labs OpenDNSSEC" static const char* enforcerd_str = "engine"; /** * Prints usage. * */ static void usage(FILE* out) { fprintf(out, "Usage: %s [OPTIONS]\n", "ods-enforcerd"); fprintf(out, "Start the OpenDNSSEC key and signing policy enforcer " "daemon.\n\n"); fprintf(out, "Supported options:\n"); fprintf(out, " -c | --config Read configuration from file.\n"); fprintf(out, " -d | --no-daemon Do not daemonize the enforcer " "engine.\n"); fprintf(out, " -1 | --single-run Run once, then exit.\n"); fprintf(out, " -h | --help Show this help and exit.\n"); fprintf(out, " -i | --info Print configuration and exit.\n"); fprintf(out, " -v | --verbose Increase verbosity.\n"); fprintf(out, " -V | --version Show version and exit.\n"); fprintf(out, " --set-time