krb5_error_code
osa_adb_close_and_unlock(osa_adb_princ_t db)
{
if (--db->opencnt)
return osa_adb_release_lock(db);
if(db->db != NULL && db->db->close(db->db) == -1) {
(void) osa_adb_release_lock(db);
return OSA_ADB_FAILURE;
}
db->db = NULL;
return(osa_adb_release_lock(db));
}
krb5_error_code
krb5_db2_unlock(krb5_context context)
{
krb5_db2_context *db_ctx;
DB *db;
krb5_error_code retval;
if (!k5db2_inited(context))
return KRB5_KDB_DBNOTINITED;
db_ctx = context->dal_handle->db_context;
if ((retval = osa_adb_release_lock(db_ctx->policy_db))) {
return retval;
}
if (!db_ctx->db_locks_held) /* lock already unlocked */
return KRB5_KDB_NOTLOCKED;
db = db_ctx->db;
if (--(db_ctx->db_locks_held) == 0) {
(*db->close) (db);
db_ctx->db = NULL;
retval = krb5_lock_file(context, db_ctx->db_lf_file,
KRB5_LOCKMODE_UNLOCK);
db_ctx->db_lock_mode = 0;
return (retval);
}
return 0;
}
krb5_error_code
osa_adb_open_and_lock(osa_adb_princ_t db, int locktype)
{
int ret;
ret = osa_adb_get_lock(db, locktype);
if (ret != OSA_ADB_OK)
return ret;
if (db->opencnt)
goto open_ok;
db->db = dbopen(db->filename, O_RDWR, 0600, DB_BTREE, &db->btinfo);
if (db->db != NULL)
goto open_ok;
if (IS_EFTYPE(errno)) {
db->db = dbopen(db->filename, O_RDWR, 0600, DB_HASH, &db->info);
if (db->db != NULL)
goto open_ok;
} else {
(void) osa_adb_release_lock(db);
if (errno == EINVAL)
return OSA_ADB_BAD_DB;
return errno;
}
open_ok:
db->opencnt++;
return OSA_ADB_OK;
}
static krb5_error_code
ctx_unlock(krb5_context context, krb5_db2_context *dbc)
{
krb5_error_code retval, retval2;
DB *db;
retval = osa_adb_release_lock(dbc->policy_db);
if (!dbc->db_locks_held) /* lock already unlocked */
return KRB5_KDB_NOTLOCKED;
db = dbc->db;
if (--(dbc->db_locks_held) == 0) {
db->close(db);
dbc->db = NULL;
dbc->db_lock_mode = 0;
retval2 = krb5_lock_file(context, dbc->db_lf_file,
KRB5_LOCKMODE_UNLOCK);
if (retval2)
return retval2;
}
/* We may be unlocking because osa_adb_get_lock() failed. */
if (retval == OSA_ADB_NOTLOCKED)
return 0;
return retval;
}
static krb5_error_code
ctx_lock(krb5_context context, krb5_db2_context *dbc, int lockmode)
{
krb5_error_code retval;
int kmode, tries;
if (lockmode == KRB5_DB_LOCKMODE_PERMANENT ||
lockmode == KRB5_DB_LOCKMODE_EXCLUSIVE)
kmode = KRB5_LOCKMODE_EXCLUSIVE;
else if (lockmode == KRB5_DB_LOCKMODE_SHARED)
kmode = KRB5_LOCKMODE_SHARED;
else
return EINVAL;
if (dbc->db_locks_held == 0 || dbc->db_lock_mode < kmode) {
/* Acquire or upgrade the lock. */
for (tries = 0; tries < MAX_LOCK_TRIES; tries++) {
retval = krb5_lock_file(context, dbc->db_lf_file,
kmode | KRB5_LOCKMODE_DONTBLOCK);
if (retval == 0)
break;
if (retval == EBADF && kmode == KRB5_LOCKMODE_EXCLUSIVE)
/* Tried to lock something we don't have write access to. */
return KRB5_KDB_CANTLOCK_DB;
sleep(1);
}
if (retval == EACCES)
return KRB5_KDB_CANTLOCK_DB;
else if (retval == EAGAIN || retval == EWOULDBLOCK)
return OSA_ADB_CANTLOCK_DB;
else if (retval)
return retval;
/* Open the DB (or re-open it for read/write). */
if (dbc->db != NULL)
dbc->db->close(dbc->db);
dbc->db = open_db(dbc,
kmode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR,
0600);
if (dbc->db == NULL) {
retval = errno;
dbc->db_locks_held = 0;
dbc->db_lock_mode = 0;
(void) osa_adb_release_lock(dbc->policy_db);
(void) krb5_lock_file(context, dbc->db_lf_file,
KRB5_LOCKMODE_UNLOCK);
return retval;
}
dbc->db_lock_mode = kmode;
}
dbc->db_locks_held++;
/* Acquire or upgrade the policy lock. */
retval = osa_adb_get_lock(dbc->policy_db, lockmode);
if (retval)
(void) ctx_unlock(context, dbc);
return retval;
}
static krb5_error_code
ctx_lock(krb5_context context, krb5_db2_context *dbc, int lockmode)
{
krb5_error_code retval;
int kmode;
if (lockmode == KRB5_DB_LOCKMODE_PERMANENT ||
lockmode == KRB5_DB_LOCKMODE_EXCLUSIVE)
kmode = KRB5_LOCKMODE_EXCLUSIVE;
else if (lockmode == KRB5_DB_LOCKMODE_SHARED)
kmode = KRB5_LOCKMODE_SHARED;
else
return EINVAL;
if (dbc->db_locks_held == 0 || dbc->db_lock_mode < kmode) {
/* Acquire or upgrade the lock. */
retval = krb5_lock_file(context, dbc->db_lf_file, kmode);
/* Check if we tried to lock something not open for write. */
if (retval == EBADF && kmode == KRB5_LOCKMODE_EXCLUSIVE)
return KRB5_KDB_CANTLOCK_DB;
else if (retval == EACCES || retval == EAGAIN || retval == EWOULDBLOCK)
return KRB5_KDB_CANTLOCK_DB;
else if (retval)
return retval;
/* Open the DB (or re-open it for read/write). */
if (dbc->db != NULL)
dbc->db->close(dbc->db);
dbc->db = open_db(dbc,
kmode == KRB5_LOCKMODE_SHARED ? O_RDONLY : O_RDWR,
0600);
if (dbc->db == NULL) {
retval = errno;
dbc->db_locks_held = 0;
dbc->db_lock_mode = 0;
(void) osa_adb_release_lock(dbc->policy_db);
(void) krb5_lock_file(context, dbc->db_lf_file,
KRB5_LOCKMODE_UNLOCK);
return retval;
}
dbc->db_lock_mode = kmode;
}
dbc->db_locks_held++;
/* Acquire or upgrade the policy lock. */
retval = osa_adb_get_lock(dbc->policy_db, lockmode);
if (retval) {
(void) ctx_unlock(context, dbc);
if (retval == OSA_ADB_NOEXCL_PERM || retval == OSA_ADB_CANTLOCK_DB ||
retval == OSA_ADB_NOLOCKFILE)
retval = KRB5_KDB_CANTLOCK_DB;
}
return retval;
}
krb5_error_code
osa_adb_rename_db(char *filefrom, char *lockfrom, char *fileto, char *lockto,
int magic)
{
osa_adb_db_t fromdb, todb;
krb5_error_code ret;
/* make sure todb exists */
if ((ret = osa_adb_create_db(fileto, lockto, magic)) &&
ret != EEXIST)
return ret;
if ((ret = osa_adb_init_db(&fromdb, filefrom, lockfrom, magic)))
return ret;
if ((ret = osa_adb_init_db(&todb, fileto, lockto, magic))) {
(void) osa_adb_fini_db(fromdb, magic);
return ret;
}
if ((ret = osa_adb_get_lock(fromdb, KRB5_DB_LOCKMODE_PERMANENT))) {
(void) osa_adb_fini_db(fromdb, magic);
(void) osa_adb_fini_db(todb, magic);
return ret;
}
if ((ret = osa_adb_get_lock(todb, KRB5_DB_LOCKMODE_PERMANENT))) {
(void) osa_adb_fini_db(fromdb, magic);
(void) osa_adb_fini_db(todb, magic);
return ret;
}
if ((rename(filefrom, fileto) < 0)) {
(void) osa_adb_fini_db(fromdb, magic);
(void) osa_adb_fini_db(todb, magic);
return errno;
}
/*
* Do not release the lock on fromdb because it is being renamed
* out of existence; no one can ever use it again.
*/
if ((ret = osa_adb_release_lock(todb))) {
(void) osa_adb_fini_db(fromdb, magic);
(void) osa_adb_fini_db(todb, magic);
return ret;
}
(void) osa_adb_fini_db(fromdb, magic);
(void) osa_adb_fini_db(todb, magic);
return 0;
}
static krb5_error_code
ctx_unlock(krb5_context context, krb5_db2_context *dbc)
{
krb5_error_code retval;
DB *db;
retval = osa_adb_release_lock(dbc->policy_db);
if (retval)
return retval;
if (!dbc->db_locks_held) /* lock already unlocked */
return KRB5_KDB_NOTLOCKED;
db = dbc->db;
if (--(dbc->db_locks_held) == 0) {
db->close(db);
dbc->db = NULL;
dbc->db_lock_mode = 0;
retval = krb5_lock_file(context, dbc->db_lf_file,
KRB5_LOCKMODE_UNLOCK);
}
return retval;
}
