static void delete_tdb(char *keyname, size_t keylen)
{
TDB_DATA key;
if ((keyname == NULL) || (keylen == 0)) {
terror("need key");
return;
}
key.dptr = (unsigned char *)keyname;
key.dsize = keylen;
if (tdb_delete(tdb, key) != 0) {
terror("delete failed");
}
}
static void delete_tdb(void)
{
char *k = get_token(1);
TDB_DATA key;
if (!k) {
help();
return;
}
key.dptr = k;
key.dsize = strlen(k)+1;
if (tdb_delete(tdb, key) != 0) {
terror("delete failed");
}
}
int delete_key(const unsigned char *key, DATABASE *db){
if( NULL == db || NULL == db->tdb)
return ERR_DB_INVALID;
TDB_DATA dkey;
dkey = string_to_tdb(key);
while( sem_wait(&db->sem) == -1 && errno == EINTR );
int err = tdb_delete(db->tdb, dkey);
free(dkey.dptr);
sem_post(&db->sem);
if (err)
return ERR_FAIL;
return 0;
}
static PyObject *obj_delete(PyTdbObject *self, PyObject *args)
{
TDB_DATA key;
PyObject *py_key;
int ret;
PyErr_TDB_RAISE_IF_CLOSED(self);
if (!PyArg_ParseTuple(args, "O", &py_key))
return NULL;
key = PyString_AsTDB_DATA(py_key);
if (!key.dptr)
return NULL;
ret = tdb_delete(self->ctx, key);
PyErr_TDB_ERROR_IS_ERR_RAISE(ret, self->ctx);
Py_RETURN_NONE;
}
BOOL gencache_del(const char *keystr)
{
int ret;
TDB_DATA keybuf;
/* fail completely if get null pointers passed */
SMB_ASSERT(keystr);
if (!gencache_init()) return False;
keybuf.dptr = strdup(keystr);
keybuf.dsize = strlen(keystr)+1;
DEBUG(10, ("Deleting cache entry (key = %s)\n", keystr));
ret = tdb_delete(cache, keybuf);
SAFE_FREE(keybuf.dptr);
return ret == 0;
}
int db_hash_delete(struct db_hash_context *dh, uint8_t *keybuf, size_t keylen)
{
TDB_DATA key;
int ret;
key.dptr = keybuf;
key.dsize = keylen;
if (dh == NULL) {
return EINVAL;
}
ret = tdb_delete(dh->db, key);
if (ret != 0) {
ret = db_hash_map_tdb_error(dh);
}
return ret;
}
static void delete_tdb(char *keyname, size_t keylen)
{
TDB_DATA key;
enum TDB_ERROR ecode;
if ((keyname == NULL) || (keylen == 0)) {
terror(TDB_SUCCESS, "need key");
return;
}
key.dptr = (unsigned char *)keyname;
key.dsize = keylen;
ecode = tdb_delete(tdb, key);
if (ecode) {
terror(ecode, "delete failed");
}
}
/*
set a configration variable.
Returns 0 on success
*/
static int config_set(const char *name, char *value)
{
TDB_DATA data;
TDB_DATA key;
int ret;
key.dptr = name;
key.dsize = strlen(name)+1;
if (strcmp(value, "-") == 0) {
return tdb_delete(config_db, key);
}
data.dptr = value;
data.dsize = strlen(value)+1;
ret = tdb_store(config_db, key, data, TDB_REPLACE);
return ret;
}
BOOL yield_connection(connection_struct *conn, const char *name)
{
struct connections_key key;
TDB_DATA kbuf;
if (!tdb)
return False;
DEBUG(3,("Yielding connection to %s\n",name));
make_conn_key(conn, name, &kbuf, &key);
if (tdb_delete(tdb, kbuf) != 0) {
int dbg_lvl = (!conn && (tdb_error(tdb) == TDB_ERR_NOEXIST)) ? 3 : 0;
DEBUG(dbg_lvl,("yield_connection: tdb_delete for name %s failed with error %s.\n",
name, tdb_errorstr(tdb) ));
return (False);
}
return(True);
}
/*
delete a record from the database, not updating indexes (used for deleting
index records)
*/
int ltdb_delete_noindex(struct ldb_module *module, struct ldb_dn *dn)
{
void *data = ldb_module_get_private(module);
struct ltdb_private *ltdb = talloc_get_type(data, struct ltdb_private);
TDB_DATA tdb_key;
int ret;
tdb_key = ltdb_key(module, dn);
if (!tdb_key.dptr) {
return LDB_ERR_OTHER;
}
ret = tdb_delete(ltdb->tdb, tdb_key);
talloc_free(tdb_key.dptr);
if (ret != 0) {
ret = ltdb_err_map(tdb_error(ltdb->tdb));
}
return ret;
}
static BOOL message_notify(struct process_id procid)
{
pid_t pid = procid.pid;
/*
* Doing kill with a non-positive pid causes messages to be
* sent to places we don't want.
*/
SMB_ASSERT(pid > 0);
if (kill(pid, SIGUSR1) == -1) {
if (errno == ESRCH) {
DEBUG(2,("pid %d doesn't exist - deleting messages record\n", (int)pid));
tdb_delete(tdb, message_key_pid(procid));
} else {
DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(errno)));
}
return False;
}
return True;
}
static int modify_traverse(struct tdb_context *tdb, TDB_DATA key, TDB_DATA dbuf,
void *state)
{
#if CULL_PROB
if (random() % CULL_PROB == 0) {
tdb_delete(tdb, key);
}
#endif
#if TRAVERSE_MOD_PROB
if (random() % TRAVERSE_MOD_PROB == 0) {
addrec_db();
}
#endif
#if TRAVERSE_ABORT_PROB
if (random() % TRAVERSE_ABORT_PROB == 0)
return 1;
#endif
return 0;
}
/* called when a session is destroyed */
void session_yield(user_struct *vuser)
{
TDB_DATA dbuf;
struct sessionid sessionid;
struct in_addr *client_ip;
TDB_DATA key;
if (!tdb) return;
if (!vuser->session_keystr) {
return;
}
key.dptr = vuser->session_keystr;
key.dsize = strlen(vuser->session_keystr)+1;
dbuf = tdb_fetch(tdb, key);
if (dbuf.dsize != sizeof(sessionid))
return;
memcpy(&sessionid, dbuf.dptr, sizeof(sessionid));
client_ip = interpret_addr2(sessionid.ip_addr);
SAFE_FREE(dbuf.dptr);
if (lp_utmp()) {
sys_utmp_yield(sessionid.username, sessionid.hostname,
client_ip,
sessionid.id_str, sessionid.id_num);
}
smb_pam_close_session(sessionid.username, sessionid.id_str, sessionid.hostname);
tdb_delete(tdb, key);
}
static int traverse_fn(TDB_CONTEXT *the_tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *state)
{
struct connections_data crec;
struct msg_all *msg_all = (struct msg_all *)state;
if (dbuf.dsize != sizeof(crec))
return 0;
memcpy(&crec, dbuf.dptr, sizeof(crec));
if (crec.cnum != -1)
return 0;
/* Don't send if the receiver hasn't registered an interest. */
if(!(crec.bcast_msg_flags & msg_all->msg_flag))
return 0;
/* If the msg send fails because the pid was not found (i.e. smbd died),
* the msg has already been deleted from the messages.tdb.*/
if (!message_send_pid(crec.pid, msg_all->msg_type,
msg_all->buf, msg_all->len,
msg_all->duplicates)) {
/* If the pid was not found delete the entry from connections.tdb */
if (errno == ESRCH) {
DEBUG(2,("pid %s doesn't exist - deleting connections %d [%s]\n",
procid_str_static(&crec.pid),
crec.cnum, crec.name));
tdb_delete(the_tdb, kbuf);
}
}
msg_all->n_sent++;
return 0;
}
static int do_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state)
{
return tdb_delete(the_tdb, key);
}
/**
* write a record to a normal database
*
* This is the server-variant of the ctdb_ltdb_store function.
* It contains logic to determine whether a record should be
* stored or deleted. It also sends SCHEDULE_FOR_DELETION
* controls to the local ctdb daemon if apporpriate.
*/
static int ctdb_ltdb_store_server(struct ctdb_db_context *ctdb_db,
TDB_DATA key,
struct ctdb_ltdb_header *header,
TDB_DATA data)
{
struct ctdb_context *ctdb = ctdb_db->ctdb;
TDB_DATA rec;
int ret;
bool seqnum_suppressed = false;
bool keep = false;
bool schedule_for_deletion = false;
bool remove_from_delete_queue = false;
uint32_t lmaster;
if (ctdb->flags & CTDB_FLAG_TORTURE) {
struct ctdb_ltdb_header *h2;
rec = tdb_fetch(ctdb_db->ltdb->tdb, key);
h2 = (struct ctdb_ltdb_header *)rec.dptr;
if (rec.dptr && rec.dsize >= sizeof(h2) && h2->rsn > header->rsn) {
DEBUG(DEBUG_CRIT,("RSN regression! %llu %llu\n",
(unsigned long long)h2->rsn, (unsigned long long)header->rsn));
}
if (rec.dptr) free(rec.dptr);
}
if (ctdb->vnn_map == NULL) {
/*
* Called from a client: always store the record
* Also don't call ctdb_lmaster since it uses the vnn_map!
*/
keep = true;
goto store;
}
lmaster = ctdb_lmaster(ctdb_db->ctdb, &key);
/*
* If we migrate an empty record off to another node
* and the record has not been migrated with data,
* delete the record instead of storing the empty record.
*/
if (data.dsize != 0) {
keep = true;
} else if (header->flags & CTDB_REC_RO_FLAGS) {
keep = true;
} else if (ctdb_db->persistent) {
keep = true;
} else if (header->flags & CTDB_REC_FLAG_AUTOMATIC) {
/*
* The record is not created by the client but
* automatically by the ctdb_ltdb_fetch logic that
* creates a record with an initial header in the
* ltdb before trying to migrate the record from
* the current lmaster. Keep it instead of trying
* to delete the non-existing record...
*/
keep = true;
schedule_for_deletion = true;
} else if (header->flags & CTDB_REC_FLAG_MIGRATED_WITH_DATA) {
keep = true;
} else if (ctdb_db->ctdb->pnn == lmaster) {
/*
* If we are lmaster, then we usually keep the record.
* But if we retrieve the dmaster role by a VACUUM_MIGRATE
* and the record is empty and has never been migrated
* with data, then we should delete it instead of storing it.
* This is part of the vacuuming process.
*
* The reason that we usually need to store even empty records
* on the lmaster is that a client operating directly on the
* lmaster (== dmaster) expects the local copy of the record to
* exist after successful ctdb migrate call. If the record does
* not exist, the client goes into a migrate loop and eventually
* fails. So storing the empty record makes sure that we do not
* need to change the client code.
*/
if (!(header->flags & CTDB_REC_FLAG_VACUUM_MIGRATED)) {
keep = true;
} else if (ctdb_db->ctdb->pnn != header->dmaster) {
keep = true;
}
} else if (ctdb_db->ctdb->pnn == header->dmaster) {
keep = true;
}
if (keep) {
if (!ctdb_db->persistent &&
(ctdb_db->ctdb->pnn == header->dmaster) &&
!(header->flags & CTDB_REC_RO_FLAGS))
{
header->rsn++;
if (data.dsize == 0) {
schedule_for_deletion = true;
}
}
remove_from_delete_queue = !schedule_for_deletion;
}
store:
/*
* The VACUUM_MIGRATED flag is only set temporarily for
* the above logic when the record was retrieved by a
* VACUUM_MIGRATE call and should not be stored in the
* database.
*
* The VACUUM_MIGRATE call is triggered by a vacuum fetch,
* and there are two cases in which the corresponding record
* is stored in the local database:
* 1. The record has been migrated with data in the past
* (the MIGRATED_WITH_DATA record flag is set).
* 2. The record has been filled with data again since it
* had been submitted in the VACUUM_FETCH message to the
* lmaster.
* For such records it is important to not store the
* VACUUM_MIGRATED flag in the database.
*/
header->flags &= ~CTDB_REC_FLAG_VACUUM_MIGRATED;
/*
* Similarly, clear the AUTOMATIC flag which should not enter
* the local database copy since this would require client
* modifications to clear the flag when the client stores
* the record.
*/
header->flags &= ~CTDB_REC_FLAG_AUTOMATIC;
rec.dsize = sizeof(*header) + data.dsize;
rec.dptr = talloc_size(ctdb, rec.dsize);
CTDB_NO_MEMORY(ctdb, rec.dptr);
memcpy(rec.dptr, header, sizeof(*header));
memcpy(rec.dptr + sizeof(*header), data.dptr, data.dsize);
/* Databases with seqnum updates enabled only get their seqnum
changes when/if we modify the data */
if (ctdb_db->seqnum_update != NULL) {
TDB_DATA old;
old = tdb_fetch(ctdb_db->ltdb->tdb, key);
if ( (old.dsize == rec.dsize)
&& !memcmp(old.dptr+sizeof(struct ctdb_ltdb_header),
rec.dptr+sizeof(struct ctdb_ltdb_header),
rec.dsize-sizeof(struct ctdb_ltdb_header)) ) {
tdb_remove_flags(ctdb_db->ltdb->tdb, TDB_SEQNUM);
seqnum_suppressed = true;
}
if (old.dptr) free(old.dptr);
}
DEBUG(DEBUG_DEBUG, (__location__ " db[%s]: %s record: hash[0x%08x]\n",
ctdb_db->db_name,
keep?"storing":"deleting",
ctdb_hash(&key)));
if (keep) {
ret = tdb_store(ctdb_db->ltdb->tdb, key, rec, TDB_REPLACE);
} else {
ret = tdb_delete(ctdb_db->ltdb->tdb, key);
}
if (ret != 0) {
int lvl = DEBUG_ERR;
if (keep == false &&
tdb_error(ctdb_db->ltdb->tdb) == TDB_ERR_NOEXIST)
{
lvl = DEBUG_DEBUG;
}
DEBUG(lvl, (__location__ " db[%s]: Failed to %s record: "
"%d - %s\n",
ctdb_db->db_name,
keep?"store":"delete", ret,
tdb_errorstr(ctdb_db->ltdb->tdb)));
schedule_for_deletion = false;
remove_from_delete_queue = false;
}
if (seqnum_suppressed) {
tdb_add_flags(ctdb_db->ltdb->tdb, TDB_SEQNUM);
}
talloc_free(rec.dptr);
if (schedule_for_deletion) {
int ret2;
ret2 = ctdb_local_schedule_for_deletion(ctdb_db, header, key);
if (ret2 != 0) {
DEBUG(DEBUG_ERR, (__location__ " ctdb_local_schedule_for_deletion failed.\n"));
}
}
if (remove_from_delete_queue) {
ctdb_local_remove_from_delete_queue(ctdb_db, header, key);
}
return ret;
}
int main(int argc, char *argv[])
{
unsigned int i;
struct tdb_context *tdb;
int flags[] = { TDB_DEFAULT, TDB_NOMMAP,
TDB_CONVERT,
TDB_NOMMAP|TDB_CONVERT };
if (sizeof(off_t) <= 4) {
plan_tests(1);
pass("No 64 bit off_t");
return exit_status();
}
plan_tests(sizeof(flags) / sizeof(flags[0]) * 14);
for (i = 0; i < sizeof(flags) / sizeof(flags[0]); i++) {
off_t old_size;
TDB_DATA k, d;
struct hash_info h;
struct tdb_used_record rec;
tdb_off_t off;
tdb = tdb_open("run-64-bit-tdb.tdb", flags[i],
O_RDWR|O_CREAT|O_TRUNC, 0600, &tap_log_attr);
ok1(tdb);
if (!tdb)
continue;
old_size = tdb->file->map_size;
/* This makes a sparse file */
ok1(ftruncate(tdb->file->fd, 0xFFFFFFF0) == 0);
ok1(add_free_record(tdb, old_size, 0xFFFFFFF0 - old_size,
TDB_LOCK_WAIT, false) == TDB_SUCCESS);
/* Now add a little record past the 4G barrier. */
ok1(tdb_expand_file(tdb, 100) == TDB_SUCCESS);
ok1(add_free_record(tdb, 0xFFFFFFF0, 100, TDB_LOCK_WAIT, false)
== TDB_SUCCESS);
ok1(tdb_check(tdb, NULL, NULL) == TDB_SUCCESS);
/* Test allocation path. */
k = tdb_mkdata("key", 4);
d = tdb_mkdata("data", 5);
ok1(tdb_store(tdb, k, d, TDB_INSERT) == 0);
ok1(tdb_check(tdb, NULL, NULL) == TDB_SUCCESS);
/* Make sure it put it at end as we expected. */
off = find_and_lock(tdb, k, F_RDLCK, &h, &rec, NULL);
ok1(off >= 0xFFFFFFF0);
tdb_unlock_hashes(tdb, h.hlock_start, h.hlock_range, F_RDLCK);
ok1(tdb_fetch(tdb, k, &d) == 0);
ok1(d.dsize == 5);
ok1(strcmp((char *)d.dptr, "data") == 0);
free(d.dptr);
ok1(tdb_delete(tdb, k) == 0);
ok1(tdb_check(tdb, NULL, NULL) == TDB_SUCCESS);
tdb_close(tdb);
}
/* We might get messages about mmap failing, so don't test
* tap_log_messages */
return exit_status();
}
void brl_close(SMB_DEV_T dev, SMB_INO_T ino, pid_t pid, int tid, int fnum)
{
TDB_DATA kbuf, dbuf;
int count, i, j, dcount=0;
struct lock_struct *locks;
kbuf = locking_key(dev,ino);
dbuf.dptr = NULL;
tdb_chainlock(tdb, kbuf);
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr) goto fail;
/* there are existing locks - remove any for this fnum */
locks = (struct lock_struct *)dbuf.dptr;
count = dbuf.dsize / sizeof(*locks);
for (i=0; i<count; i++) {
struct lock_struct *lock = &locks[i];
if (lock->context.tid == tid &&
lock->context.pid == pid &&
lock->fnum == fnum) {
/* Send unlock messages to any pending waiters that overlap. */
for (j=0; j<count; j++) {
struct lock_struct *pend_lock = &locks[j];
/* Ignore our own or non-pending locks. */
if (pend_lock->lock_type != PENDING_LOCK)
continue;
if (pend_lock->context.tid == tid &&
pend_lock->context.pid == pid &&
pend_lock->fnum == fnum)
continue;
/* We could send specific lock info here... */
if (brl_pending_overlap(lock, pend_lock))
message_send_pid(pend_lock->context.pid,
MSG_SMB_UNLOCK,
NULL, 0, True);
}
/* found it - delete it */
if (count > 1 && i < count-1) {
memmove(&locks[i], &locks[i+1],
sizeof(*locks)*((count-1) - i));
}
count--;
i--;
dcount++;
}
}
if (count == 0) {
tdb_delete(tdb, kbuf);
} else if (count < (dbuf.dsize / sizeof(*locks))) {
dbuf.dsize -= dcount * sizeof(*locks);
tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);
}
/* we didn't find it */
fail:
SAFE_FREE(dbuf.dptr);
tdb_chainunlock(tdb, kbuf);
}
BOOL brl_unlock(SMB_DEV_T dev, SMB_INO_T ino, int fnum,
uint16 smbpid, pid_t pid, uint16 tid,
br_off start, br_off size,
BOOL remove_pending_locks_only)
{
TDB_DATA kbuf, dbuf;
int count, i, j;
struct lock_struct *locks;
struct lock_context context;
kbuf = locking_key(dev,ino);
dbuf.dptr = NULL;
tdb_chainlock(tdb, kbuf);
dbuf = tdb_fetch(tdb, kbuf);
if (!dbuf.dptr) {
DEBUG(10,("brl_unlock: tdb_fetch failed !\n"));
goto fail;
}
context.smbpid = smbpid;
context.pid = pid;
context.tid = tid;
/* there are existing locks - find a match */
locks = (struct lock_struct *)dbuf.dptr;
count = dbuf.dsize / sizeof(*locks);
#if ZERO_ZERO
for (i=0; i<count; i++) {
struct lock_struct *lock = &locks[i];
if (lock->lock_type == WRITE_LOCK &&
brl_same_context(&lock->context, &context) &&
lock->fnum == fnum &&
lock->start == start &&
lock->size == size) {
/* found it - delete it */
if (count == 1) {
tdb_delete(tdb, kbuf);
} else {
if (i < count-1) {
memmove(&locks[i], &locks[i+1],
sizeof(*locks)*((count-1) - i));
}
dbuf.dsize -= sizeof(*locks);
tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);
}
SAFE_FREE(dbuf.dptr);
tdb_chainunlock(tdb, kbuf);
return True;
}
}
#endif
locks = (struct lock_struct *)dbuf.dptr;
count = dbuf.dsize / sizeof(*locks);
for (i=0; i<count; i++) {
struct lock_struct *lock = &locks[i];
if (brl_same_context(&lock->context, &context) &&
lock->fnum == fnum &&
lock->start == start &&
lock->size == size) {
if (remove_pending_locks_only && lock->lock_type != PENDING_LOCK)
continue;
if (lock->lock_type != PENDING_LOCK) {
/* Send unlock messages to any pending waiters that overlap. */
for (j=0; j<count; j++) {
struct lock_struct *pend_lock = &locks[j];
/* Ignore non-pending locks. */
if (pend_lock->lock_type != PENDING_LOCK)
continue;
/* We could send specific lock info here... */
if (brl_pending_overlap(lock, pend_lock)) {
DEBUG(10,("brl_unlock: sending unlock message to pid %u\n",
(unsigned int)pend_lock->context.pid ));
message_send_pid(pend_lock->context.pid,
MSG_SMB_UNLOCK,
NULL, 0, True);
}
}
}
/* found it - delete it */
if (count == 1) {
tdb_delete(tdb, kbuf);
} else {
if (i < count-1) {
memmove(&locks[i], &locks[i+1],
sizeof(*locks)*((count-1) - i));
}
dbuf.dsize -= sizeof(*locks);
tdb_store(tdb, kbuf, dbuf, TDB_REPLACE);
}
SAFE_FREE(dbuf.dptr);
tdb_chainunlock(tdb, kbuf);
return True;
}
}
/* we didn't find it */
fail:
SAFE_FREE(dbuf.dptr);
tdb_chainunlock(tdb, kbuf);
return False;
}
/*
* ESP input processing, called (eventually) through the protocol switch.
*/
int
esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
struct tdb_crypto *tc;
int plen, alen, hlen;
struct m_tag *mtag;
u_int32_t btsx;
struct cryptodesc *crde = NULL, *crda = NULL;
struct cryptop *crp;
/* Determine the ESP header length */
if (tdb->tdb_flags & TDBF_NOREPLAY)
hlen = sizeof(u_int32_t) + tdb->tdb_ivlen; /* "old" ESP */
else
hlen = 2 * sizeof(u_int32_t) + tdb->tdb_ivlen; /* "new" ESP */
if (esph)
alen = AH_HMAC_HASHLEN;
else
alen = 0;
plen = m->m_pkthdr.len - (skip + hlen + alen);
if (plen <= 0) {
DPRINTF(("esp_input: invalid payload length\n"));
espstat.esps_badilen++;
m_freem(m);
return EINVAL;
}
if (espx) {
/*
* Verify payload length is multiple of encryption algorithm
* block size.
*/
if (plen & (espx->blocksize - 1)) {
DPRINTF(("esp_input(): payload of %d octets not a multiple of %d octets, SA %s/%08x\n", plen, espx->blocksize, ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
espstat.esps_badilen++;
m_freem(m);
return EINVAL;
}
}
/* Replay window checking, if appropriate -- no value commitment. */
if ((tdb->tdb_wnd > 0) && (!(tdb->tdb_flags & TDBF_NOREPLAY))) {
m_copydata(m, skip + sizeof(u_int32_t), sizeof(u_int32_t),
(unsigned char *) &btsx);
btsx = ntohl(btsx);
switch (checkreplaywindow32(btsx, 0, &(tdb->tdb_rpl),
tdb->tdb_wnd, &(tdb->tdb_bitmap), 0)) {
case 0: /* All's well */
break;
case 1:
m_freem(m);
DPRINTF(("esp_input(): replay counter wrapped for SA %s/%08x\n", ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
espstat.esps_wrap++;
return EACCES;
case 2:
case 3:
DPRINTF(("esp_input(): duplicate packet received in SA %s/%08x\n", ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
m_freem(m);
return EACCES;
default:
m_freem(m);
DPRINTF(("esp_input(): bogus value from checkreplaywindow32() in SA %s/%08x\n", ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
espstat.esps_replay++;
return EACCES;
}
}
/* Update the counters */
tdb->tdb_cur_bytes += m->m_pkthdr.len - skip - hlen - alen;
espstat.esps_ibytes += m->m_pkthdr.len - skip - hlen - alen;
/* Hard expiration */
if ((tdb->tdb_flags & TDBF_BYTES) &&
(tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes)) {
pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD);
tdb_delete(tdb);
m_freem(m);
return ENXIO;
}
/* Notify on soft expiration */
if ((tdb->tdb_flags & TDBF_SOFT_BYTES) &&
(tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes)) {
pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT);
tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking */
}
#ifdef notyet
/* Find out if we've already done crypto */
for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, NULL);
mtag != NULL;
mtag = m_tag_find(m, PACKET_TAG_IPSEC_IN_CRYPTO_DONE, mtag)) {
struct tdb_ident *tdbi;
tdbi = (struct tdb_ident *) (mtag + 1);
if (tdbi->proto == tdb->tdb_sproto && tdbi->spi == tdb->tdb_spi &&
!bcmp(&tdbi->dst, &tdb->tdb_dst, sizeof(union sockaddr_union)))
break;
}
#else
mtag = NULL;
#endif
/* Get crypto descriptors */
crp = crypto_getreq(esph && espx ? 2 : 1);
if (crp == NULL) {
m_freem(m);
DPRINTF(("esp_input(): failed to acquire crypto descriptors\n"));
espstat.esps_crypto++;
return ENOBUFS;
}
/* Get IPsec-specific opaque pointer */
if (esph == NULL || mtag != NULL)
tc = malloc(sizeof(*tc), M_XDATA, M_NOWAIT | M_ZERO);
else
tc = malloc(sizeof(*tc) + alen, M_XDATA, M_NOWAIT | M_ZERO);
if (tc == NULL) {
m_freem(m);
crypto_freereq(crp);
DPRINTF(("esp_input(): failed to allocate tdb_crypto\n"));
espstat.esps_crypto++;
return ENOBUFS;
}
tc->tc_ptr = (caddr_t) mtag;
if (esph) {
crda = crp->crp_desc;
crde = crda->crd_next;
/* Authentication descriptor */
crda->crd_skip = skip;
crda->crd_len = m->m_pkthdr.len - (skip + alen);
crda->crd_inject = m->m_pkthdr.len - alen;
crda->crd_alg = esph->type;
crda->crd_key = tdb->tdb_amxkey;
crda->crd_klen = tdb->tdb_amxkeylen * 8;
/* Copy the authenticator */
if (mtag == NULL)
m_copydata(m, m->m_pkthdr.len - alen, alen, (caddr_t) (tc + 1));
} else
crde = crp->crp_desc;
/* Crypto operation descriptor */
crp->crp_ilen = m->m_pkthdr.len; /* Total input length */
crp->crp_flags = CRYPTO_F_IMBUF;
crp->crp_buf = (caddr_t) m;
crp->crp_callback = (int (*) (struct cryptop *)) esp_input_cb;
crp->crp_sid = tdb->tdb_cryptoid;
crp->crp_opaque = (caddr_t) tc;
/* These are passed as-is to the callback */
tc->tc_skip = skip;
tc->tc_protoff = protoff;
tc->tc_spi = tdb->tdb_spi;
tc->tc_proto = tdb->tdb_sproto;
bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union));
/* Decryption descriptor */
if (espx) {
crde->crd_skip = skip + hlen;
crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen);
crde->crd_inject = skip + hlen - tdb->tdb_ivlen;
if (tdb->tdb_flags & TDBF_HALFIV) {
/* Copy half-IV from packet */
m_copydata(m, crde->crd_inject, tdb->tdb_ivlen, crde->crd_iv);
/* Cook IV */
for (btsx = 0; btsx < tdb->tdb_ivlen; btsx++)
crde->crd_iv[tdb->tdb_ivlen + btsx] = ~crde->crd_iv[btsx];
crde->crd_flags |= CRD_F_IV_EXPLICIT;
}
crde->crd_alg = espx->type;
crde->crd_key = tdb->tdb_emxkey;
crde->crd_klen = tdb->tdb_emxkeylen * 8;
/* XXX Rounds ? */
}
if (mtag == NULL)
return crypto_dispatch(crp);
else
return esp_input_cb(crp);
}
int main(int argc, char *argv[])
{
unsigned int i, j;
int num;
struct trav_data td;
TDB_DATA k;
struct tdb_context *tdb;
union tdb_attribute seed_attr;
enum TDB_ERROR ecode;
int flags[] = { TDB_INTERNAL, TDB_DEFAULT, TDB_NOMMAP,
TDB_INTERNAL|TDB_CONVERT, TDB_CONVERT,
TDB_NOMMAP|TDB_CONVERT };
seed_attr.base.attr = TDB_ATTRIBUTE_SEED;
seed_attr.base.next = &tap_log_attr;
seed_attr.seed.seed = 6334326220117065685ULL;
plan_tests(sizeof(flags) / sizeof(flags[0])
* (NUM_RECORDS*6 + (NUM_RECORDS-1)*3 + 22) + 1);
for (i = 0; i < sizeof(flags) / sizeof(flags[0]); i++) {
tdb = tdb_open("run-traverse.tdb", flags[i],
O_RDWR|O_CREAT|O_TRUNC, 0600, &seed_attr);
ok1(tdb);
if (!tdb)
continue;
ok1(tdb_firstkey(tdb, &k) == TDB_ERR_NOEXIST);
/* One entry... */
k.dptr = (unsigned char *)#
k.dsize = sizeof(num);
num = 0;
ok1(tdb_store(tdb, k, k, TDB_INSERT) == 0);
ok1(tdb_firstkey(tdb, &k) == TDB_SUCCESS);
ok1(k.dsize == sizeof(num));
ok1(memcmp(k.dptr, &num, sizeof(num)) == 0);
ok1(tdb_nextkey(tdb, &k) == TDB_ERR_NOEXIST);
/* Two entries. */
k.dptr = (unsigned char *)#
k.dsize = sizeof(num);
num = 1;
ok1(tdb_store(tdb, k, k, TDB_INSERT) == 0);
ok1(tdb_firstkey(tdb, &k) == TDB_SUCCESS);
ok1(k.dsize == sizeof(num));
memcpy(&num, k.dptr, sizeof(num));
ok1(num == 0 || num == 1);
ok1(tdb_nextkey(tdb, &k) == TDB_SUCCESS);
ok1(k.dsize == sizeof(j));
memcpy(&j, k.dptr, sizeof(j));
ok1(j == 0 || j == 1);
ok1(j != num);
ok1(tdb_nextkey(tdb, &k) == TDB_ERR_NOEXIST);
/* Clean up. */
k.dptr = (unsigned char *)#
k.dsize = sizeof(num);
num = 0;
ok1(tdb_delete(tdb, k) == 0);
num = 1;
ok1(tdb_delete(tdb, k) == 0);
/* Now lots of records. */
ok1(store_records(tdb));
td.calls = 0;
num = tdb_traverse(tdb, trav, &td);
ok1(num == NUM_RECORDS);
ok1(td.calls == NUM_RECORDS);
/* Simple loop should match tdb_traverse */
for (j = 0, ecode = tdb_firstkey(tdb, &k); j < td.calls; j++) {
int val;
ok1(ecode == TDB_SUCCESS);
ok1(k.dsize == sizeof(val));
memcpy(&val, k.dptr, k.dsize);
ok1(td.records[j] == val);
ecode = tdb_nextkey(tdb, &k);
}
/* But arbitrary orderings should work too. */
for (j = td.calls-1; j > 0; j--) {
k.dptr = (unsigned char *)&td.records[j-1];
k.dsize = sizeof(td.records[j-1]);
k = dup_key(k);
ok1(tdb_nextkey(tdb, &k) == TDB_SUCCESS);
ok1(k.dsize == sizeof(td.records[j]));
ok1(memcmp(k.dptr, &td.records[j], k.dsize) == 0);
free(k.dptr);
}
/* Even delete should work. */
for (j = 0, ecode = tdb_firstkey(tdb, &k);
ecode != TDB_ERR_NOEXIST;
j++) {
ok1(ecode == TDB_SUCCESS);
ok1(k.dsize == 4);
ok1(tdb_delete(tdb, k) == 0);
ecode = tdb_nextkey(tdb, &k);
}
diag("delete using first/nextkey gave %u of %u records",
j, NUM_RECORDS);
ok1(j == NUM_RECORDS);
tdb_close(tdb);
}
ok1(tap_log_messages == 0);
return exit_status();
}
int tdb_traverse_delete_fn(struct tdb_context *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state)
{
return tdb_delete(the_tdb, key);
}
int tdb_delete_bystring(struct tdb_context *tdb, const char *keystr)
{
TDB_DATA key = string_term_tdb_data(keystr);
return tdb_delete(tdb, key);
}
int main(int argc, char *argv[])
{
unsigned int i, j, num = 1000, stage = 0, stopat = -1;
int flags = TDB_DEFAULT;
bool transaction = false, summary = false;
TDB_DATA key, data;
struct tdb_context *tdb;
struct timeval start, stop;
union tdb_attribute seed, log;
bool do_stats = false;
enum TDB_ERROR ecode;
/* Try to keep benchmarks even. */
seed.base.attr = TDB_ATTRIBUTE_SEED;
seed.base.next = NULL;
seed.seed.seed = 0;
log.base.attr = TDB_ATTRIBUTE_LOG;
log.base.next = &seed;
log.log.fn = tdb_log;
if (argv[1] && strcmp(argv[1], "--internal") == 0) {
flags = TDB_INTERNAL;
argc--;
argv++;
}
if (argv[1] && strcmp(argv[1], "--transaction") == 0) {
transaction = true;
argc--;
argv++;
}
if (argv[1] && strcmp(argv[1], "--no-sync") == 0) {
flags |= TDB_NOSYNC;
argc--;
argv++;
}
if (argv[1] && strcmp(argv[1], "--summary") == 0) {
summary = true;
argc--;
argv++;
}
if (argv[1] && strcmp(argv[1], "--stats") == 0) {
do_stats = true;
argc--;
argv++;
}
tdb = tdb_open("/tmp/speed.tdb", flags, O_RDWR|O_CREAT|O_TRUNC,
0600, &log);
if (!tdb)
err(1, "Opening /tmp/speed.tdb");
key.dptr = (void *)&i;
key.dsize = sizeof(i);
data = key;
if (argv[1]) {
num = atoi(argv[1]);
argv++;
argc--;
}
if (argv[1]) {
stopat = atoi(argv[1]);
argv++;
argc--;
}
/* Add 1000 records. */
printf("Adding %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
gettimeofday(&start, NULL);
for (i = 0; i < num; i++)
if ((ecode = tdb_store(tdb, key, data, TDB_INSERT)) != 0)
errx(1, "Inserting key %u in tdb: %s",
i, tdb_errorstr(ecode));
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Finding 1000 records. */
printf("Finding %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
gettimeofday(&start, NULL);
for (i = 0; i < num; i++) {
struct tdb_data dbuf;
if ((ecode = tdb_fetch(tdb, key, &dbuf)) != TDB_SUCCESS
|| *(int *)dbuf.dptr != i) {
errx(1, "Fetching key %u in tdb gave %u",
i, ecode ? ecode : *(int *)dbuf.dptr);
}
}
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Missing 1000 records. */
printf("Missing %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
gettimeofday(&start, NULL);
for (i = num; i < num*2; i++) {
struct tdb_data dbuf;
ecode = tdb_fetch(tdb, key, &dbuf);
if (ecode != TDB_ERR_NOEXIST)
errx(1, "Fetching key %u in tdb gave %s",
i, tdb_errorstr(ecode));
}
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Traverse 1000 records. */
printf("Traversing %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
i = 0;
gettimeofday(&start, NULL);
if (tdb_traverse(tdb, count_record, &i) != num)
errx(1, "Traverse returned wrong number of records");
if (i != (num - 1) * (num / 2))
errx(1, "Traverse tallied to %u", i);
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Delete 1000 records (not in order). */
printf("Deleting %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
gettimeofday(&start, NULL);
for (j = 0; j < num; j++) {
i = (j + 100003) % num;
if ((ecode = tdb_delete(tdb, key)) != TDB_SUCCESS)
errx(1, "Deleting key %u in tdb: %s",
i, tdb_errorstr(ecode));
}
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Re-add 1000 records (not in order). */
printf("Re-adding %u records: ", num); fflush(stdout);
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
gettimeofday(&start, NULL);
for (j = 0; j < num; j++) {
i = (j + 100003) % num;
if ((ecode = tdb_store(tdb, key, data, TDB_INSERT)) != 0)
errx(1, "Inserting key %u in tdb: %s",
i, tdb_errorstr(ecode));
}
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
/* Append 1000 records. */
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
printf("Appending %u records: ", num); fflush(stdout);
gettimeofday(&start, NULL);
for (i = 0; i < num; i++)
if ((ecode = tdb_append(tdb, key, data)) != TDB_SUCCESS)
errx(1, "Appending key %u in tdb: %s",
i, tdb_errorstr(ecode));
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (++stage == stopat)
exit(0);
/* Churn 1000 records: not in order! */
if (transaction && (ecode = tdb_transaction_start(tdb)))
errx(1, "starting transaction: %s", tdb_errorstr(ecode));
printf("Churning %u records: ", num); fflush(stdout);
gettimeofday(&start, NULL);
for (j = 0; j < num; j++) {
i = (j + 1000019) % num;
if ((ecode = tdb_delete(tdb, key)) != TDB_SUCCESS)
errx(1, "Deleting key %u in tdb: %s",
i, tdb_errorstr(ecode));
i += num;
if ((ecode = tdb_store(tdb, key, data, TDB_INSERT)) != 0)
errx(1, "Inserting key %u in tdb: %s",
i, tdb_errorstr(ecode));
}
gettimeofday(&stop, NULL);
if (transaction && (ecode = tdb_transaction_commit(tdb)))
errx(1, "committing transaction: %s", tdb_errorstr(ecode));
printf(" %zu ns (%zu bytes)\n",
normalize(&start, &stop, num), file_size());
if (tdb_check(tdb, NULL, NULL))
errx(1, "tdb_check failed!");
if (summary) {
char *sumstr = NULL;
tdb_summary(tdb, TDB_SUMMARY_HISTOGRAMS, &sumstr);
printf("%s\n", sumstr);
free(sumstr);
}
if (do_stats)
dump_and_clear_stats(&tdb, flags, &log);
if (++stage == stopat)
exit(0);
return 0;
}
int main(int argc, char *argv[])
{
struct tdb_context *tdb;
TDB_DATA key, orig_data, data;
uint32_t hashval;
tdb_off_t rec_ptr;
struct tdb_record rec;
int ret;
plan_tests(24);
tdb = tdb_open_ex("run-36-file.tdb", 1024, TDB_CLEAR_IF_FIRST,
O_CREAT|O_TRUNC|O_RDWR, 0600, &taplogctx, NULL);
ok1(tdb);
tdb->methods = &large_io_methods;
key.dsize = strlen("hi");
key.dptr = (void *)"hi";
orig_data.dsize = strlen("world");
orig_data.dptr = (void *)"world";
/* Enlarge the file (internally multiplies by 2). */
ret = tdb_expand(tdb, 1500000000);
#ifdef HAVE_INCOHERENT_MMAP
/* This can fail due to mmap failure on 32 bit systems. */
if (ret == -1) {
/* These should now fail. */
ok1(tdb_store(tdb, key, orig_data, TDB_INSERT) == -1);
data = tdb_fetch(tdb, key);
ok1(data.dptr == NULL);
ok1(tdb_traverse(tdb, test_traverse, &orig_data) == -1);
ok1(tdb_delete(tdb, key) == -1);
ok1(tdb_traverse(tdb, test_traverse, NULL) == -1);
/* Skip the rest... */
for (ret = 0; ret < 24 - 6; ret++)
ok1(1);
tdb_close(tdb);
return exit_status();
}
#endif
ok1(ret == 0);
/* Put an entry in, and check it. */
ok1(tdb_store(tdb, key, orig_data, TDB_INSERT) == 0);
data = tdb_fetch(tdb, key);
ok1(data.dsize == strlen("world"));
ok1(memcmp(data.dptr, "world", strlen("world")) == 0);
free(data.dptr);
/* That currently fills at the end, make sure that's true. */
hashval = tdb->hash_fn(&key);
rec_ptr = tdb_find_lock_hash(tdb, key, hashval, F_RDLCK, &rec);
ok1(rec_ptr);
ok1(rec_ptr > 2U*1024*1024*1024);
tdb_unlock(tdb, BUCKET(rec.full_hash), F_RDLCK);
/* Traverse must work. */
ok1(tdb_traverse(tdb, test_traverse, &orig_data) == 1);
/* Delete should work. */
ok1(tdb_delete(tdb, key) == 0);
ok1(tdb_traverse(tdb, test_traverse, NULL) == 0);
/* Transactions should work. */
ok1(tdb_transaction_start(tdb) == 0);
ok1(tdb_store(tdb, key, orig_data, TDB_INSERT) == 0);
data = tdb_fetch(tdb, key);
ok1(data.dsize == strlen("world"));
ok1(memcmp(data.dptr, "world", strlen("world")) == 0);
free(data.dptr);
ok1(tdb_transaction_commit(tdb) == 0);
ok1(tdb_traverse(tdb, test_traverse, &orig_data) == 1);
tdb_close(tdb);
return exit_status();
}
/*
* ESP output routine, called by ipsp_process_packet().
*/
int
esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
int protoff)
{
struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
int ilen, hlen, rlen, padding, blks, alen;
struct mbuf *mi, *mo = (struct mbuf *) NULL;
struct tdb_crypto *tc;
unsigned char *pad;
u_int8_t prot;
struct cryptodesc *crde = NULL, *crda = NULL;
struct cryptop *crp;
#if NBPFILTER > 0
struct ifnet *ifn = &(encif[0].sc_if);
ifn->if_opackets++;
ifn->if_obytes += m->m_pkthdr.len;
if (ifn->if_bpf) {
struct enchdr hdr;
bzero (&hdr, sizeof(hdr));
hdr.af = tdb->tdb_dst.sa.sa_family;
hdr.spi = tdb->tdb_spi;
if (espx)
hdr.flags |= M_CONF;
if (esph)
hdr.flags |= M_AUTH;
bpf_mtap_hdr(ifn->if_bpf, (char *)&hdr, ENC_HDRLEN, m,
BPF_DIRECTION_OUT);
}
#endif
if (tdb->tdb_flags & TDBF_NOREPLAY)
hlen = sizeof(u_int32_t) + tdb->tdb_ivlen;
else
hlen = 2 * sizeof(u_int32_t) + tdb->tdb_ivlen;
rlen = m->m_pkthdr.len - skip; /* Raw payload length. */
if (espx)
blks = espx->blocksize;
else
blks = 4; /* If no encryption, we have to be 4-byte aligned. */
padding = ((blks - ((rlen + 2) % blks)) % blks) + 2;
if (esph)
alen = AH_HMAC_HASHLEN;
else
alen = 0;
espstat.esps_output++;
switch (tdb->tdb_dst.sa.sa_family) {
#ifdef INET
case AF_INET:
/* Check for IP maximum packet size violations. */
if (skip + hlen + rlen + padding + alen > IP_MAXPACKET) {
DPRINTF(("esp_output(): packet in SA %s/%08x got "
"too big\n", ipsp_address(tdb->tdb_dst),
ntohl(tdb->tdb_spi)));
m_freem(m);
espstat.esps_toobig++;
return EMSGSIZE;
}
break;
#endif /* INET */
#ifdef INET6
case AF_INET6:
/* Check for IPv6 maximum packet size violations. */
if (skip + hlen + rlen + padding + alen > IPV6_MAXPACKET) {
DPRINTF(("esp_output(): packet in SA %s/%08x got too "
"big\n", ipsp_address(tdb->tdb_dst),
ntohl(tdb->tdb_spi)));
m_freem(m);
espstat.esps_toobig++;
return EMSGSIZE;
}
break;
#endif /* INET6 */
default:
DPRINTF(("esp_output(): unknown/unsupported protocol "
"family %d, SA %s/%08x\n", tdb->tdb_dst.sa.sa_family
, ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
m_freem(m);
espstat.esps_nopf++;
return EPFNOSUPPORT;
}
/* Update the counters. */
tdb->tdb_cur_bytes += m->m_pkthdr.len - skip;
espstat.esps_obytes += m->m_pkthdr.len - skip;
/* Hard byte expiration. */
if (tdb->tdb_flags & TDBF_BYTES &&
tdb->tdb_cur_bytes >= tdb->tdb_exp_bytes) {
pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_HARD);
tdb_delete(tdb);
m_freem(m);
return EINVAL;
}
/* Soft byte expiration. */
if (tdb->tdb_flags & TDBF_SOFT_BYTES &&
tdb->tdb_cur_bytes >= tdb->tdb_soft_bytes) {
pfkeyv2_expire(tdb, SADB_EXT_LIFETIME_SOFT);
tdb->tdb_flags &= ~TDBF_SOFT_BYTES; /* Turn off checking. */
}
/*
* Loop through mbuf chain; if we find a readonly mbuf,
* replace the rest of the chain.
*/
mo = NULL;
mi = m;
while (mi != NULL && !M_READONLY(mi)) {
mo = mi;
mi = mi->m_next;
}
if (mi != NULL) {
/* Replace the rest of the mbuf chain. */
struct mbuf *n = m_copym2(mi, 0, M_COPYALL, M_DONTWAIT);
if (n == NULL) {
DPRINTF(("esp_output(): bad mbuf chain, SA %s/%08x\n",
ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
espstat.esps_hdrops++;
m_freem(m);
return ENOBUFS;
}
if (mo != NULL)
mo->m_next = n;
else
m = n;
m_freem(mi);
}
/* Inject ESP header. */
mo = m_inject(m, skip, hlen, M_DONTWAIT);
if (mo == NULL) {
DPRINTF(("esp_output(): failed to inject ESP header for "
"SA %s/%08x\n", ipsp_address(tdb->tdb_dst),
ntohl(tdb->tdb_spi)));
m_freem(m);
espstat.esps_hdrops++;
return ENOBUFS;
}
/* Initialize ESP header. */
bcopy((caddr_t) &tdb->tdb_spi, mtod(mo, caddr_t), sizeof(u_int32_t));
if (!(tdb->tdb_flags & TDBF_NOREPLAY)) {
u_int32_t replay = htonl(tdb->tdb_rpl++);
bcopy((caddr_t) &replay, mtod(mo, caddr_t) + sizeof(u_int32_t),
sizeof(u_int32_t));
#if NPFSYNC > 0
pfsync_update_tdb(tdb,1);
#endif
}
/*
* Add padding -- better to do it ourselves than use the crypto engine,
* although if/when we support compression, we'd have to do that.
*/
mo = m_inject(m, m->m_pkthdr.len, padding + alen, M_DONTWAIT);
if (mo == NULL) {
DPRINTF(("esp_output(): m_inject failed for SA %s/%08x\n",
ipsp_address(tdb->tdb_dst), ntohl(tdb->tdb_spi)));
m_freem(m);
return ENOBUFS;
}
pad = mtod(mo, u_char *);
/* Self-describing or random padding ? */
if (!(tdb->tdb_flags & TDBF_RANDOMPADDING))
for (ilen = 0; ilen < padding - 2; ilen++)
pad[ilen] = ilen + 1;
else
arc4random_buf((void *) pad, padding - 2);
/* Fix padding length and Next Protocol in padding itself. */
pad[padding - 2] = padding - 2;
m_copydata(m, protoff, sizeof(u_int8_t), pad + padding - 1);
/* Fix Next Protocol in IPv4/IPv6 header. */
prot = IPPROTO_ESP;
m_copyback(m, protoff, sizeof(u_int8_t), &prot);
/* Get crypto descriptors. */
crp = crypto_getreq(esph && espx ? 2 : 1);
if (crp == NULL) {
m_freem(m);
DPRINTF(("esp_output(): failed to acquire crypto "
"descriptors\n"));
espstat.esps_crypto++;
return ENOBUFS;
}
if (espx) {
crde = crp->crp_desc;
crda = crde->crd_next;
/* Encryption descriptor. */
crde->crd_skip = skip + hlen;
crde->crd_len = m->m_pkthdr.len - (skip + hlen + alen);
crde->crd_flags = CRD_F_ENCRYPT;
crde->crd_inject = skip + hlen - tdb->tdb_ivlen;
if (tdb->tdb_flags & TDBF_HALFIV) {
/* Copy half-iv in the packet. */
m_copyback(m, crde->crd_inject, tdb->tdb_ivlen,
tdb->tdb_iv);
/* Cook half-iv. */
bcopy(tdb->tdb_iv, crde->crd_iv, tdb->tdb_ivlen);
for (ilen = 0; ilen < tdb->tdb_ivlen; ilen++)
crde->crd_iv[tdb->tdb_ivlen + ilen] =
~crde->crd_iv[ilen];
crde->crd_flags |=
CRD_F_IV_PRESENT | CRD_F_IV_EXPLICIT;
}
/* Encryption operation. */
crde->crd_alg = espx->type;
crde->crd_key = tdb->tdb_emxkey;
crde->crd_klen = tdb->tdb_emxkeylen * 8;
/* XXX Rounds ? */
} else
crda = crp->crp_desc;
/* IPsec-specific opaque crypto info. */
tc = malloc(sizeof(*tc), M_XDATA, M_NOWAIT | M_ZERO);
if (tc == NULL) {
m_freem(m);
crypto_freereq(crp);
DPRINTF(("esp_output(): failed to allocate tdb_crypto\n"));
espstat.esps_crypto++;
return ENOBUFS;
}
tc->tc_spi = tdb->tdb_spi;
tc->tc_proto = tdb->tdb_sproto;
bcopy(&tdb->tdb_dst, &tc->tc_dst, sizeof(union sockaddr_union));
/* Crypto operation descriptor. */
crp->crp_ilen = m->m_pkthdr.len; /* Total input length. */
crp->crp_flags = CRYPTO_F_IMBUF;
crp->crp_buf = (caddr_t) m;
crp->crp_callback = (int (*) (struct cryptop *)) esp_output_cb;
crp->crp_opaque = (caddr_t) tc;
crp->crp_sid = tdb->tdb_cryptoid;
if (esph) {
/* Authentication descriptor. */
crda->crd_skip = skip;
crda->crd_len = m->m_pkthdr.len - (skip + alen);
crda->crd_inject = m->m_pkthdr.len - alen;
/* Authentication operation. */
crda->crd_alg = esph->type;
crda->crd_key = tdb->tdb_amxkey;
crda->crd_klen = tdb->tdb_amxkeylen * 8;
}
if ((tdb->tdb_flags & TDBF_SKIPCRYPTO) == 0)
return crypto_dispatch(crp);
else
return esp_output_cb(crp);
}
static bool make_way_for_eventlogs( TDB_CONTEXT * the_tdb, int32_t needed,
bool whack_by_date )
{
int32_t start_record, i, new_start;
int32_t end_record;
int32_t reclen, tresv1, trecnum, timegen, timewr;
int nbytes, len, Retention, MaxSize;
TDB_DATA key, ret;
time_t current_time, exp_time;
/* discard some eventlogs */
/* read eventlogs from oldest_entry -- there can't be any discontinuity in recnos,
although records not necessarily guaranteed to have successive times */
/* */
/* lock */
tdb_lock_bystring_with_timeout( the_tdb, EVT_NEXT_RECORD, 1 );
/* read */
end_record = tdb_fetch_int32( the_tdb, EVT_NEXT_RECORD );
start_record = tdb_fetch_int32( the_tdb, EVT_OLDEST_ENTRY );
Retention = tdb_fetch_int32( the_tdb, EVT_RETENTION );
MaxSize = tdb_fetch_int32( the_tdb, EVT_MAXSIZE );
time( ¤t_time );
/* calculate ... */
exp_time = current_time - Retention; /* discard older than exp_time */
/* todo - check for sanity in next_record */
nbytes = 0;
DEBUG( 3,
( "MaxSize [%d] Retention [%d] Current Time [%u] exp_time [%u]\n",
MaxSize, Retention, (unsigned int)current_time, (unsigned int)exp_time ) );
DEBUG( 3,
( "Start Record [%u] End Record [%u]\n",
(unsigned int)start_record,
(unsigned int)end_record ));
for ( i = start_record; i < end_record; i++ ) {
/* read a record, add the amt to nbytes */
key.dsize = sizeof(int32_t);
key.dptr = (unsigned char *)&i;
ret = tdb_fetch( the_tdb, key );
if ( ret.dsize == 0 ) {
DEBUG( 8,
( "Can't find a record for the key, record [%d]\n",
i ) );
tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD );
return False;
}
nbytes += ret.dsize; /* note this includes overhead */
len = tdb_unpack( ret.dptr, ret.dsize, "ddddd", &reclen,
&tresv1, &trecnum, &timegen, &timewr );
if (len == -1) {
DEBUG( 10,("make_way_for_eventlogs: tdb_unpack failed.\n"));
tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD );
SAFE_FREE( ret.dptr );
return False;
}
DEBUG( 8,
( "read record %u, record size is [%d], total so far [%d]\n",
(unsigned int)i, reclen, nbytes ) );
SAFE_FREE( ret.dptr );
/* note that other servers may just stop writing records when the size limit
is reached, and there are no records older than 'retention'. This doesn't
like a very useful thing to do, so instead we whack (as in sleeps with the
fishes) just enough records to fit the what we need. This behavior could
be changed to 'match', if the need arises. */
if ( !whack_by_date && ( nbytes >= needed ) )
break; /* done */
if ( whack_by_date && ( timegen >= exp_time ) )
break; /* done */
}
DEBUG( 3,
( "nbytes [%d] needed [%d] start_record is [%u], should be set to [%u]\n",
nbytes, needed, (unsigned int)start_record, (unsigned int)i ) );
/* todo - remove eventlog entries here and set starting record to start_record... */
new_start = i;
if ( start_record != new_start ) {
for ( i = start_record; i < new_start; i++ ) {
key.dsize = sizeof(int32_t);
key.dptr = (unsigned char *)&i;
tdb_delete( the_tdb, key );
}
tdb_store_int32( the_tdb, EVT_OLDEST_ENTRY, new_start );
}
tdb_unlock_bystring( the_tdb, EVT_NEXT_RECORD );
return True;
}
BOOL namecache_fetch(const char *name, int name_type, struct in_addr **ip_list,
int *num_names)
{
TDB_DATA key, value;
struct nc_value *data = NULL;
time_t now;
int i;
*ip_list = NULL;
*num_names = 0;
if (!enable_namecache)
return False;
/* Read value */
key = namecache_key(name, name_type);
value = tdb_fetch(namecache_tdb, key);
if (!value.dptr) {
DEBUG(5, ("namecache_fetch: %s#%02x not found\n",
name, name_type));
goto done;
}
data = (struct nc_value *)value.dptr;
/* Check expiry time */
now = time(NULL);
if (now > data->expiry) {
DEBUG(5, ("namecache_fetch: entry for %s#%02x expired\n",
name, name_type));
tdb_delete(namecache_tdb, key);
SAFE_FREE(value.dptr);
value = tdb_null;
goto done;
}
if ((data->expiry - now) > lp_name_cache_timeout()) {
/* Someone may have changed the system time on us */
DEBUG(5, ("namecache_fetch: entry for %s#%02x has bad expiry\n",
name, name_type));
tdb_delete(namecache_tdb, key);
SAFE_FREE(value.dptr);
value = tdb_null;
goto done;
}
/* Extract and return namelist */
DEBUG(5, ("namecache_fetch: returning %d address%s for %s#%02x: ",
data->count, data->count == 1 ? "" : "es", name, name_type));
if (data->count) {
*ip_list = (struct in_addr *)malloc(
sizeof(struct in_addr) * data->count);
memcpy(*ip_list, data->ip_list, sizeof(struct in_addr) * data->count);
*num_names = data->count;
for (i = 0; i < *num_names; i++)
DEBUGADD(5, ("%s%s", inet_ntoa((*ip_list)[i]),
i == (*num_names - 1) ? "" : ", "));
}
DEBUGADD(5, ("\n"));
done:
SAFE_FREE(key.dptr);
SAFE_FREE(value.dptr);
return value.dsize > 0;
}
int smb_delete_share_mode_entry(struct smbdb_ctx *db_ctx,
uint64_t dev,
uint64_t ino,
uint64_t extid,
const struct smb_share_mode_entry *del_entry)
{
TDB_DATA db_data;
struct locking_key lk;
TDB_DATA locking_key = get_locking_key(&lk, dev, ino, extid);
int orig_num_share_modes = 0;
struct locking_data *ld = NULL; /* internal samba db state. */
struct share_mode_entry *shares = NULL;
uint8 *new_data_p = NULL;
size_t remaining_size = 0;
size_t i, num_share_modes;
const uint8 *remaining_ptr = NULL;
db_data = tdb_fetch_compat(db_ctx->smb_tdb, locking_key);
if (!db_data.dptr) {
return -1; /* Error - missing entry ! */
}
ld = (struct locking_data *)db_data.dptr;
orig_num_share_modes = ld->u.s.num_share_mode_entries;
shares = (struct share_mode_entry *)(db_data.dptr + sizeof(struct locking_data));
if (orig_num_share_modes == 1) {
/* Only one entry - better be ours... */
if (!share_mode_entry_equal(del_entry, shares)) {
/* Error ! We can't delete someone else's entry ! */
free(db_data.dptr);
return -1;
}
/* It's ours - just remove the entire record. */
free(db_data.dptr);
return tdb_delete(db_ctx->smb_tdb, locking_key) ? -1 : 0;
}
/* More than one - allocate a new record minus the one we'll delete. */
new_data_p = (uint8 *)malloc(
db_data.dsize - sizeof(struct share_mode_entry));
if (!new_data_p) {
free(db_data.dptr);
return -1;
}
/* Copy the header. */
memcpy(new_data_p, db_data.dptr, sizeof(struct locking_data));
num_share_modes = 0;
for (i = 0; i < orig_num_share_modes; i++) {
struct share_mode_entry *share = &shares[i];
struct server_id pid = share->pid;
/* Check this process really exists. */
if (kill(sharemodes_procid_to_pid(&pid), 0) == -1 && (errno == ESRCH)) {
continue; /* No longer exists. */
}
if (share_mode_entry_equal(del_entry, share)) {
continue; /* This is our delete taget. */
}
memcpy(new_data_p + sizeof(struct locking_data) +
(num_share_modes * sizeof(struct share_mode_entry)),
share, sizeof(struct share_mode_entry) );
num_share_modes++;
}
if (num_share_modes == 0) {
/* None left after pruning. Delete record. */
free(db_data.dptr);
free(new_data_p);
return tdb_delete(db_ctx->smb_tdb, locking_key) ? -1 : 0;
}
/* Copy any delete tokens plus the terminating filenames. */
remaining_ptr = db_data.dptr + sizeof(struct locking_data) + (orig_num_share_modes * sizeof(struct share_mode_entry));
remaining_size = db_data.dsize - (remaining_ptr - db_data.dptr);
memcpy(new_data_p + sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)),
remaining_ptr,
remaining_size);
free(db_data.dptr);
db_data.dptr = new_data_p;
/* Re-save smaller record. */
ld = (struct locking_data *)db_data.dptr;
ld->u.s.num_share_mode_entries = num_share_modes;
db_data.dsize = sizeof(struct locking_data) + (num_share_modes * sizeof(struct share_mode_entry)) + remaining_size;
if (tdb_store(db_ctx->smb_tdb, locking_key, db_data, TDB_REPLACE) != 0) {
free(db_data.dptr);
return -1;
}
free(db_data.dptr);
return 0;
}
static int do_delete_fn(TDB_CONTEXT *context, TDB_DATA key, TDB_DATA dbuf,
void *state)
{
return tdb_delete(context, key);
}
