// Returns total number of CPUs (including down CPUs) Lng32 NAClusterInfo::getTotalNumberOfCPUs() { Lng32 cpuCount = cpuArray_.entries(); #ifndef NDEBUG if ( inTestMode() ) { NADefaults & defs = ActiveSchemaDB()->getDefaults(); cpuCount = (Int32)(defs.getAsLong(POS_TEST_NUM_NODES)); } #endif // return cpuCount; }
/** * @brief decrypt the file specified at parentKey * @param pluginConfig holds the plugin configuration * @param parentKey holds the path to the file to be encrypted. Will hold an error description in case of failure. * @param state holds the plugin state * @retval 1 on success * @retval -1 on error, errorKey holds an error description */ static int fcryptDecrypt (KeySet * pluginConfig, Key * parentKey, fcryptState * state) { int tmpFileFd = -1; char * tmpFile = getTemporaryFileName (pluginConfig, keyString (parentKey), &tmpFileFd); if (!tmpFile) { ELEKTRA_SET_ERROR (87, parentKey, "Memory allocation failed"); return -1; } const size_t testMode = inTestMode (pluginConfig); // prepare argument vector for gpg call // 8 static arguments (magic number below) are: // 1. path to the binary // 2. --batch // 3. -o // 4. path to tmp file // 5. yes // 6. -d // 7. file to be encrypted // 8. NULL terminator int argc = 8 + (2 * testMode); char * argv[argc]; int i = 0; argv[i++] = NULL; argv[i++] = "--batch"; argv[i++] = "--yes"; // if we are in test mode we add the trust model if (testMode) { argv[i++] = "--trust-model"; argv[i++] = "always"; } argv[i++] = "-o"; argv[i++] = tmpFile; argv[i++] = "-d"; // safely discarding const from keyString() return value argv[i++] = (char *) keyString (parentKey); argv[i++] = NULL; // NOTE the decryption process works like this: // gpg2 --batch --yes -o tmpfile -d configFile int result = ELEKTRA_PLUGIN_FUNCTION (gpgCall) (pluginConfig, parentKey, NULL, argv, argc); if (result == 1) { state->originalFilePath = elektraStrDup (keyString (parentKey)); state->tmpFilePath = tmpFile; state->tmpFileFd = tmpFileFd; keySetString (parentKey, tmpFile); } else { // if anything went wrong above the temporary file is shredded and removed shredTemporaryFile (tmpFileFd, parentKey); if (unlink (tmpFile)) { ELEKTRA_ADD_WARNINGF (ELEKTRA_WARNING_FCRYPT_UNLINK, parentKey, "Affected file: %s, error description: %s", tmpFile, strerror (errno)); } if (close (tmpFileFd)) { ELEKTRA_ADD_WARNINGF (ELEKTRA_WARNING_FCRYPT_CLOSE, parentKey, "%s", strerror (errno)); } elektraFree (tmpFile); } return result; }
/** * @brief encrypt or sign the file specified at parentKey * @param pluginConfig holds the plugin configuration * @param parentKey holds the path to the file to be encrypted. Will hold an error description in case of failure. * @retval 1 on success * @retval -1 on error, errorKey holds an error description */ static int fcryptEncrypt (KeySet * pluginConfig, Key * parentKey) { Key * k; const size_t recipientCount = getRecipientCount (pluginConfig, ELEKTRA_RECIPIENT_KEY); const size_t signatureCount = getRecipientCount (pluginConfig, ELEKTRA_SIGNATURE_KEY); if (recipientCount == 0 && signatureCount == 0) { ELEKTRA_SET_ERRORF ( ELEKTRA_ERROR_NO_GPG_RECIPIENTS, parentKey, "Missing GPG recipient key (specified as %s) or GPG signature key (specified as %s) in plugin configuration.", ELEKTRA_RECIPIENT_KEY, ELEKTRA_SIGNATURE_KEY); return -1; } int tmpFileFd = -1; char * tmpFile = getTemporaryFileName (pluginConfig, keyString (parentKey), &tmpFileFd); if (!tmpFile) { ELEKTRA_SET_ERROR (87, parentKey, "Memory allocation failed"); return -1; } const size_t testMode = inTestMode (pluginConfig); const size_t textMode = inTextMode (pluginConfig); // prepare argument vector for gpg call // 7 static arguments (magic number below) are: // 1. path to the binary // 2. --batch // 3. -o // 4. path to tmp file // 5. yes // 6. file to be encrypted // 7. NULL terminator int argc = 7 + (2 * recipientCount) + (2 * signatureCount) + (2 * testMode) + textMode + (recipientCount > 0 ? 1 : 0) + (signatureCount > 0 ? 1 : 0); kdb_unsigned_short_t i = 0; char * argv[argc]; argv[i++] = NULL; argv[i++] = "--batch"; argv[i++] = "-o"; argv[i++] = tmpFile; argv[i++] = "--yes"; // overwrite files if they exist // add recipients Key * gpgRecipientRoot = ksLookupByName (pluginConfig, ELEKTRA_RECIPIENT_KEY, 0); // append root (gpg/key) as gpg recipient if (gpgRecipientRoot && strlen (keyString (gpgRecipientRoot)) > 0) { argv[i++] = "-r"; // NOTE argv[] values will not be modified, so const can be discarded safely argv[i++] = (char *) keyString (gpgRecipientRoot); } // append keys beneath root (crypto/key/#_) as gpg recipients if (gpgRecipientRoot) { ksRewind (pluginConfig); while ((k = ksNext (pluginConfig)) != 0) { const char * kStringVal = keyString (k); if (keyIsBelow (k, gpgRecipientRoot) && strlen (kStringVal) > 0) { argv[i++] = "-r"; // NOTE argv[] values will not be modified, so const can be discarded safely argv[i++] = (char *) kStringVal; } } } // add signature keys Key * gpgSignatureRoot = ksLookupByName (pluginConfig, ELEKTRA_SIGNATURE_KEY, 0); // append root signature key if (gpgSignatureRoot && strlen (keyString (gpgSignatureRoot)) > 0) { argv[i++] = "-u"; // NOTE argv[] values will not be modified, so const can be discarded safely argv[i++] = (char *) keyString (gpgSignatureRoot); } // append keys beneath root (fcrypt/sign/#_) as gpg signature keys if (gpgSignatureRoot) { ksRewind (pluginConfig); while ((k = ksNext (pluginConfig)) != 0) { const char * kStringVal = keyString (k); if (keyIsBelow (k, gpgSignatureRoot) && strlen (kStringVal) > 0) { argv[i++] = "-u"; // NOTE argv[] values will not be modified, so const can be discarded safely argv[i++] = (char *) kStringVal; } } } // if we are in test mode we add the trust model if (testMode > 0) { argv[i++] = "--trust-model"; argv[i++] = "always"; } // ASCII armor in text mode if (textMode) { argv[i++] = "--armor"; } // prepare rest of the argument vector if (recipientCount > 0) { // encrypt the file argv[i++] = "-e"; } if (signatureCount > 0) { if (textMode && recipientCount == 0) { // clear-sign the file argv[i++] = "--clearsign"; } else { // sign the file argv[i++] = "-s"; } } argv[i++] = (char *) keyString (parentKey); argv[i++] = NULL; // NOTE the encryption process works like this: // gpg2 --batch --yes -o encryptedFile -r keyID -e configFile // mv encryptedFile configFile return fcryptGpgCallAndCleanup (parentKey, pluginConfig, argv, argc, tmpFileFd, tmpFile); }