]> git.sommitrealweird.co.uk Git - onak.git/blobdiff - keydb_pg.c
Use nettle for hashing when available rather than internal MD5/SHA1 routines
[onak.git] / keydb_pg.c
index adfbc69619a05bea2ed5e81d9c36989d3a628ceb..8e0543b9f061210c5afda582f889d1d0009156cc 100644 (file)
@@ -1,16 +1,25 @@
 /*
  * keydb_pg.c - Routines to store and fetch keys in a PostGres database.
  *
 /*
  * keydb_pg.c - Routines to store and fetch keys in a PostGres database.
  *
- * Jonathan McDowell <noodles@earth.li>
+ * Copyright 2002-2004 Jonathan McDowell <noodles@earth.li>
  *
  *
- * Copyright 2002 Project Purple
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the Free
+ * Software Foundation; version 2 of the License.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
+ * more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * this program; if not, write to the Free Software Foundation, Inc., 51
+ * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  */
 
 #include <postgresql/libpq-fe.h>
 #include <postgresql/libpq/libpq-fs.h>
 
  */
 
 #include <postgresql/libpq-fe.h>
 #include <postgresql/libpq/libpq-fs.h>
 
-//#include <libpq-fe.h>
-//#include <libpq/libpq-fs.h>
 #include <sys/types.h>
 #include <sys/uio.h>
 #include <errno.h>
 #include <sys/types.h>
 #include <sys/uio.h>
 #include <errno.h>
@@ -25,6 +34,7 @@
 #include "keyid.h"
 #include "decodekey.h"
 #include "keystructs.h"
 #include "keyid.h"
 #include "decodekey.h"
 #include "keystructs.h"
+#include "log.h"
 #include "mem.h"
 #include "onak-conf.h"
 #include "parsekey.h"
 #include "mem.h"
 #include "onak-conf.h"
 #include "parsekey.h"
@@ -37,17 +47,17 @@ static PGconn *dbconn = NULL;
 /**
  *     keydb_fetchchar - Fetches a char from a file.
  */
 /**
  *     keydb_fetchchar - Fetches a char from a file.
  */
-static int keydb_fetchchar(void *fd, size_t count, unsigned char *c)
+static int keydb_fetchchar(void *fd, size_t count, void *c)
 {
 {
-       return (!lo_read(dbconn, *(int *) fd, c, count));
+       return (!lo_read(dbconn, *(int *) fd, (char *) c, count));
 }
 
 /**
  *     keydb_putchar - Puts a char to a file.
  */
 }
 
 /**
  *     keydb_putchar - Puts a char to a file.
  */
-static int keydb_putchar(void *fd, size_t count, unsigned char *c)
+static int keydb_putchar(void *fd, size_t count, void *c)
 {
 {
-       return !(lo_write(dbconn, *(int *) fd, c, count));
+       return !(lo_write(dbconn, *(int *) fd, (char *) c, count));
 }
 
 /**
 }
 
 /**
@@ -57,7 +67,7 @@ static int keydb_putchar(void *fd, size_t count, unsigned char *c)
  *     this file are called in order to allow the DB to be initialized ready
  *     for access.
  */
  *     this file are called in order to allow the DB to be initialized ready
  *     for access.
  */
-void initdb(void)
+static void pg_initdb(bool readonly)
 {
        dbconn = PQsetdbLogin(config.pg_dbhost, // host
                        NULL, // port
 {
        dbconn = PQsetdbLogin(config.pg_dbhost, // host
                        NULL, // port
@@ -68,8 +78,8 @@ void initdb(void)
                        config.pg_dbpass); // password
 
        if (PQstatus(dbconn) == CONNECTION_BAD) {
                        config.pg_dbpass); // password
 
        if (PQstatus(dbconn) == CONNECTION_BAD) {
-               fprintf(stderr, "Connection to database failed.\n");
-               fprintf(stderr, "%s\n", PQerrorMessage(dbconn));
+               logthing(LOGTHING_CRITICAL, "Connection to database failed.");
+               logthing(LOGTHING_CRITICAL, "%s", PQerrorMessage(dbconn));
                PQfinish(dbconn);
                dbconn = NULL;
                exit(1);
                PQfinish(dbconn);
                dbconn = NULL;
                exit(1);
@@ -82,7 +92,7 @@ void initdb(void)
  *     This function should be called upon program exit to allow the DB to
  *     cleanup after itself.
  */
  *     This function should be called upon program exit to allow the DB to
  *     cleanup after itself.
  */
-void cleanupdb(void)
+static void pg_cleanupdb(void)
 {
        PQfinish(dbconn);
        dbconn = NULL;
 {
        PQfinish(dbconn);
        dbconn = NULL;
@@ -95,7 +105,7 @@ void cleanupdb(void)
  *     operations on the database to help speed it all up, or if we want
  *     something to only succeed if all relevant operations are successful.
  */
  *     operations on the database to help speed it all up, or if we want
  *     something to only succeed if all relevant operations are successful.
  */
-bool starttrans(void)
+static bool pg_starttrans(void)
 {
        PGresult *result = NULL;
        
 {
        PGresult *result = NULL;
        
@@ -110,7 +120,7 @@ bool starttrans(void)
  *
  *     Ends a transaction.
  */
  *
  *     Ends a transaction.
  */
-void endtrans(void)
+static void pg_endtrans(void)
 {
        PGresult *result = NULL;
 
 {
        PGresult *result = NULL;
 
@@ -132,7 +142,7 @@ void endtrans(void)
  *     in and then parse_keys() to parse the packets into a publickey
  *     structure.
  */
  *     in and then parse_keys() to parse the packets into a publickey
  *     structure.
  */
-int fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
+static int pg_fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
                bool intrans)
 {
        struct openpgp_packet_list *packets = NULL;
                bool intrans)
 {
        struct openpgp_packet_list *packets = NULL;
@@ -151,12 +161,13 @@ int fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
        
        if (keyid > 0xFFFFFFFF) {
                snprintf(statement, 1023,
        
        if (keyid > 0xFFFFFFFF) {
                snprintf(statement, 1023,
-                       "SELECT keydata FROM onak_keys WHERE keyid = '%llX'",
+                       "SELECT keydata FROM onak_keys WHERE keyid = '%"
+                       PRIX64 "'",
                        keyid);
        } else {
                snprintf(statement, 1023,
                        "SELECT keydata FROM onak_keys WHERE keyid "
                        keyid);
        } else {
                snprintf(statement, 1023,
                        "SELECT keydata FROM onak_keys WHERE keyid "
-                       "LIKE '%%%llX'",
+                       "LIKE '%%%" PRIX64 "'",
                        keyid);
        }
        result = PQexec(dbconn, statement);
                        keyid);
        }
        result = PQexec(dbconn, statement);
@@ -169,10 +180,11 @@ int fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
 
                        fd = lo_open(dbconn, key_oid, INV_READ);
                        if (fd < 0) {
 
                        fd = lo_open(dbconn, key_oid, INV_READ);
                        if (fd < 0) {
-                               fprintf(stderr, "Can't open large object.\n");
+                               logthing(LOGTHING_ERROR,
+                                               "Can't open large object.");
                        } else {
                                read_openpgp_stream(keydb_fetchchar, &fd,
                        } else {
                                read_openpgp_stream(keydb_fetchchar, &fd,
-                                               &packets);
+                                               &packets, 0);
                                parse_keys(packets, publickey);
                                lo_close(dbconn, fd);
                                free_packet_list(packets);
                                parse_keys(packets, publickey);
                                lo_close(dbconn, fd);
                                free_packet_list(packets);
@@ -180,7 +192,7 @@ int fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
                        }
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
                        }
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
-               fprintf(stderr, "Problem retrieving key from DB.\n");
+               logthing(LOGTHING_ERROR, "Problem retrieving key from DB.");
        }
 
        PQclear(result);
        }
 
        PQclear(result);
@@ -200,7 +212,8 @@ int fetch_key(uint64_t keyid, struct openpgp_publickey **publickey,
  *     This function searches for the supplied text and returns the keys that
  *     contain it.
  */
  *     This function searches for the supplied text and returns the keys that
  *     contain it.
  */
-int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
+static int pg_fetch_key_text(const char *search,
+               struct openpgp_publickey **publickey)
 {
        struct openpgp_packet_list *packets = NULL;
        PGresult *result = NULL;
 {
        struct openpgp_packet_list *packets = NULL;
        PGresult *result = NULL;
@@ -217,7 +230,7 @@ int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
 
        newsearch = malloc(strlen(search) * 2 + 1);
        memset(newsearch, 0, strlen(search) * 2 + 1);
 
        newsearch = malloc(strlen(search) * 2 + 1);
        memset(newsearch, 0, strlen(search) * 2 + 1);
-       PQescapeString(newsearch, search, strlen(search));
+       PQescapeStringConn(dbconn, newsearch, search, strlen(search), NULL);
        snprintf(statement, 1023,
                        "SELECT DISTINCT onak_keys.keydata FROM onak_keys, "
                        "onak_uids WHERE onak_keys.keyid = onak_uids.keyid "
        snprintf(statement, 1023,
                        "SELECT DISTINCT onak_keys.keydata FROM onak_keys, "
                        "onak_uids WHERE onak_keys.keyid = onak_uids.keyid "
@@ -235,10 +248,12 @@ int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
 
                        fd = lo_open(dbconn, key_oid, INV_READ);
                        if (fd < 0) {
 
                        fd = lo_open(dbconn, key_oid, INV_READ);
                        if (fd < 0) {
-                               fprintf(stderr, "Can't open large object.\n");
+                               logthing(LOGTHING_ERROR,
+                                               "Can't open large object.");
                        } else {
                                read_openpgp_stream(keydb_fetchchar, &fd,
                        } else {
                                read_openpgp_stream(keydb_fetchchar, &fd,
-                                               &packets);
+                                               &packets,
+                                               0);
                                parse_keys(packets, publickey);
                                lo_close(dbconn, fd);
                                free_packet_list(packets);
                                parse_keys(packets, publickey);
                                lo_close(dbconn, fd);
                                free_packet_list(packets);
@@ -246,7 +261,7 @@ int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
                        }
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
                        }
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
-               fprintf(stderr, "Problem retrieving key from DB.\n");
+               logthing(LOGTHING_ERROR, "Problem retrieving key from DB.");
        }
 
        PQclear(result);
        }
 
        PQclear(result);
@@ -256,6 +271,77 @@ int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
        return (numkeys);
 }
 
        return (numkeys);
 }
 
+/**
+ *     delete_key - Given a keyid delete the key from storage.
+ *     @keyid: The keyid to delete.
+ *     @intrans: If we're already in a transaction.
+ *
+ *     This function deletes a public key from whatever storage mechanism we
+ *     are using. Returns 0 if the key existed.
+ */
+static int pg_delete_key(uint64_t keyid, bool intrans)
+{
+       PGresult *result = NULL;
+       char *oids = NULL;
+       char statement[1024];
+       int found = 1;
+       int i;
+       Oid key_oid;
+
+       if (!intrans) {
+               result = PQexec(dbconn, "BEGIN");
+               PQclear(result);
+       }
+       
+       snprintf(statement, 1023,
+                       "SELECT keydata FROM onak_keys WHERE keyid = '%"
+                       PRIX64 "'",
+                       keyid);
+       result = PQexec(dbconn, statement);
+
+       if (PQresultStatus(result) == PGRES_TUPLES_OK) {
+               found = 0;
+               i = PQntuples(result);
+               while (i > 0) {
+                       oids = PQgetvalue(result, i-1, 0);
+                       key_oid = (Oid) atoi(oids);
+                       lo_unlink(dbconn, key_oid);
+                       i--;
+               }
+               PQclear(result);
+
+               snprintf(statement, 1023,
+                       "DELETE FROM onak_keys WHERE keyid = '%" PRIX64 "'",
+                       keyid);
+               result = PQexec(dbconn, statement);
+               PQclear(result);
+
+               snprintf(statement, 1023,
+                       "DELETE FROM onak_sigs WHERE signee = '%" PRIX64 "'",
+                       keyid);
+               result = PQexec(dbconn, statement);
+               PQclear(result);
+
+               snprintf(statement, 1023,
+                       "DELETE FROM onak_uids WHERE keyid = '%" PRIX64 "'",
+                       keyid);
+               result = PQexec(dbconn, statement);
+       } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
+               logthing(LOGTHING_ERROR,
+                               "Problem retrieving key (%" PRIX64
+                               ") from DB.",
+                               keyid);
+       }
+
+       PQclear(result);
+
+       if (!intrans) {
+               result = PQexec(dbconn, "COMMIT");
+               PQclear(result);
+       }
+       return (found);
+}
+
 /**
  *     store_key - Takes a key and stores it.
  *     @publickey: A pointer to the public key to store.
 /**
  *     store_key - Takes a key and stores it.
  *     @publickey: A pointer to the public key to store.
@@ -268,7 +354,8 @@ int fetch_key_text(const char *search, struct openpgp_publickey **publickey)
  *     the file. If update is true then we delete the old key first, otherwise
  *     we trust that it doesn't exist.
  */
  *     the file. If update is true then we delete the old key first, otherwise
  *     we trust that it doesn't exist.
  */
-int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
+static int pg_store_key(struct openpgp_publickey *publickey, bool intrans,
+               bool update)
 {
        struct openpgp_packet_list *packets = NULL;
        struct openpgp_packet_list *list_end = NULL;
 {
        struct openpgp_packet_list *packets = NULL;
        struct openpgp_packet_list *list_end = NULL;
@@ -297,7 +384,7 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
         * it definitely needs updated.
         */
        if (update) {
         * it definitely needs updated.
         */
        if (update) {
-               delete_key(get_keyid(publickey), true);
+               pg_delete_key(get_keyid(publickey), true);
        }
 
        next = publickey->next;
        }
 
        next = publickey->next;
@@ -307,7 +394,7 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
                
        key_oid = lo_creat(dbconn, INV_READ | INV_WRITE);
        if (key_oid == 0) {
                
        key_oid = lo_creat(dbconn, INV_READ | INV_WRITE);
        if (key_oid == 0) {
-               fprintf(stderr, "Can't create key OID\n");
+               logthing(LOGTHING_ERROR, "Can't create key OID");
        } else {
                fd = lo_open(dbconn, key_oid, INV_WRITE);
                write_openpgp_stream(keydb_putchar, &fd, packets);
        } else {
                fd = lo_open(dbconn, key_oid, INV_WRITE);
                write_openpgp_stream(keydb_putchar, &fd, packets);
@@ -318,14 +405,14 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
 
        snprintf(statement, 1023, 
                        "INSERT INTO onak_keys (keyid, keydata) VALUES "
 
        snprintf(statement, 1023, 
                        "INSERT INTO onak_keys (keyid, keydata) VALUES "
-                       "('%llX', '%d')", 
+                       "('%" PRIX64 "', '%d')", 
                        get_keyid(publickey),
                        key_oid);
        result = PQexec(dbconn, statement);
 
        if (PQresultStatus(result) != PGRES_COMMAND_OK) {
                        get_keyid(publickey),
                        key_oid);
        result = PQexec(dbconn, statement);
 
        if (PQresultStatus(result) != PGRES_COMMAND_OK) {
-               fprintf(stderr, "Problem storing key in DB.\n");
-               fprintf(stderr, "%s\n", PQresultErrorMessage(result));
+               logthing(LOGTHING_ERROR, "Problem storing key in DB.");
+               logthing(LOGTHING_ERROR, "%s", PQresultErrorMessage(result));
        }
        PQclear(result);
 
        }
        PQclear(result);
 
@@ -335,13 +422,13 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
                        safeuid = malloc(strlen(uids[i]) * 2 + 1);
                        if (safeuid != NULL) {
                                memset(safeuid, 0, strlen(uids[i]) * 2 + 1);
                        safeuid = malloc(strlen(uids[i]) * 2 + 1);
                        if (safeuid != NULL) {
                                memset(safeuid, 0, strlen(uids[i]) * 2 + 1);
-                               PQescapeString(safeuid, uids[i],
-                                               strlen(uids[i]));
+                               PQescapeStringConn(dbconn, safeuid, uids[i],
+                                               strlen(uids[i]), NULL);
 
                                snprintf(statement, 1023,
                                        "INSERT INTO onak_uids "
                                        "(keyid, uid, pri) "
 
                                snprintf(statement, 1023,
                                        "INSERT INTO onak_uids "
                                        "(keyid, uid, pri) "
-                                       "VALUES ('%llX', '%s', '%c')",
+                                       "VALUES ('%" PRIX64 "', '%s', '%c')",
                                        get_keyid(publickey),
                                        safeuid,
                                        (uids[i] == primary) ? 't' : 'f');
                                        get_keyid(publickey),
                                        safeuid,
                                        (uids[i] == primary) ? 't' : 'f');
@@ -356,8 +443,9 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
                        }
 
                        if (PQresultStatus(result) != PGRES_COMMAND_OK) {
                        }
 
                        if (PQresultStatus(result) != PGRES_COMMAND_OK) {
-                               fprintf(stderr, "Problem storing key in DB.\n");
-                               fprintf(stderr, "%s\n",
+                               logthing(LOGTHING_ERROR,
+                                               "Problem storing key in DB.");
+                               logthing(LOGTHING_ERROR, "%s",
                                                PQresultErrorMessage(result));
                        }
                        /*
                                                PQresultErrorMessage(result));
                        }
                        /*
@@ -374,7 +462,7 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
                                packets = packets->next) {
                        snprintf(statement, 1023,
                                "INSERT INTO onak_sigs (signer, signee) "
                                packets = packets->next) {
                        snprintf(statement, 1023,
                                "INSERT INTO onak_sigs (signer, signee) "
-                               "VALUES ('%llX', '%llX')",
+                               "VALUES ('%" PRIX64 "', '%" PRIX64 "')",
                                sig_keyid(packets->packet),
                                get_keyid(publickey));
                        result = PQexec(dbconn, statement);
                                sig_keyid(packets->packet),
                                get_keyid(publickey));
                        result = PQexec(dbconn, statement);
@@ -390,86 +478,19 @@ int store_key(struct openpgp_publickey *publickey, bool intrans, bool update)
        return 0;
 }
 
        return 0;
 }
 
-/**
- *     delete_key - Given a keyid delete the key from storage.
- *     @keyid: The keyid to delete.
- *     @intrans: If we're already in a transaction.
- *
- *     This function deletes a public key from whatever storage mechanism we
- *     are using. Returns 0 if the key existed.
- */
-int delete_key(uint64_t keyid, bool intrans)
-{
-       PGresult *result = NULL;
-       char *oids = NULL;
-       char statement[1024];
-       int found = 1;
-       int i;
-       Oid key_oid;
-
-       if (!intrans) {
-               result = PQexec(dbconn, "BEGIN");
-               PQclear(result);
-       }
-       
-       snprintf(statement, 1023,
-                       "SELECT keydata FROM onak_keys WHERE keyid = '%llX'",
-                       keyid);
-       result = PQexec(dbconn, statement);
-
-       if (PQresultStatus(result) == PGRES_TUPLES_OK) {
-               found = 0;
-               i = PQntuples(result);
-               while (i > 0) {
-                       oids = PQgetvalue(result, i-1, 0);
-                       key_oid = (Oid) atoi(oids);
-                       lo_unlink(dbconn, key_oid);
-                       i--;
-               }
-               PQclear(result);
-
-               snprintf(statement, 1023,
-                       "DELETE FROM onak_keys WHERE keyid = '%llX'",
-                       keyid);
-               result = PQexec(dbconn, statement);
-               PQclear(result);
-
-               snprintf(statement, 1023,
-                       "DELETE FROM onak_sigs WHERE signee = '%llX'",
-                       keyid);
-               result = PQexec(dbconn, statement);
-               PQclear(result);
-
-               snprintf(statement, 1023,
-                       "DELETE FROM onak_uids WHERE keyid = '%llX'",
-                       keyid);
-               result = PQexec(dbconn, statement);
-       } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
-               fprintf(stderr, "Problem retrieving key (%llX) from DB.\n",
-                               keyid);
-       }
-
-       PQclear(result);
-
-       if (!intrans) {
-               result = PQexec(dbconn, "COMMIT");
-               PQclear(result);
-       }
-       return (found);
-}
-
 /**
  *     keyid2uid - Takes a keyid and returns the primary UID for it.
  *     @keyid: The keyid to lookup.
  */
 /**
  *     keyid2uid - Takes a keyid and returns the primary UID for it.
  *     @keyid: The keyid to lookup.
  */
-char *keyid2uid(uint64_t keyid)
+static char *pg_keyid2uid(uint64_t keyid)
 {
        PGresult *result = NULL;
        char statement[1024];
        char *uid = NULL;
 
        snprintf(statement, 1023,
 {
        PGresult *result = NULL;
        char statement[1024];
        char *uid = NULL;
 
        snprintf(statement, 1023,
-               "SELECT uid FROM onak_uids WHERE keyid = '%llX' AND pri = 't'",
+               "SELECT uid FROM onak_uids WHERE keyid = '%" PRIX64
+               "' AND pri = 't'",
                keyid);
        result = PQexec(dbconn, statement);
 
                keyid);
        result = PQexec(dbconn, statement);
 
@@ -484,7 +505,9 @@ char *keyid2uid(uint64_t keyid)
                        PQntuples(result) >= 1) {
                uid = strdup(PQgetvalue(result, 0, 0));
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
                        PQntuples(result) >= 1) {
                uid = strdup(PQgetvalue(result, 0, 0));
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
-               fprintf(stderr, "Problem retrieving key (%llX) from DB.\n",
+               logthing(LOGTHING_ERROR,
+                               "Problem retrieving key (%" PRIX64
+                               ") from DB.",
                                keyid);
        }
 
                                keyid);
        }
 
@@ -496,11 +519,12 @@ char *keyid2uid(uint64_t keyid)
 /**
  *     getkeysigs - Gets a linked list of the signatures on a key.
  *     @keyid: The keyid to get the sigs for.
 /**
  *     getkeysigs - Gets a linked list of the signatures on a key.
  *     @keyid: The keyid to get the sigs for.
+ *     @revoked: If the key is revoked.
  *
  *     This function gets the list of signatures on a key. Used for key 
  *     indexing and doing stats bits.
  */
  *
  *     This function gets the list of signatures on a key. Used for key 
  *     indexing and doing stats bits.
  */
-struct ll *getkeysigs(uint64_t keyid)
+static struct ll *pg_getkeysigs(uint64_t keyid, bool *revoked)
 {
        struct ll *sigs = NULL;
        PGresult *result = NULL;
 {
        struct ll *sigs = NULL;
        PGresult *result = NULL;
@@ -517,7 +541,8 @@ struct ll *getkeysigs(uint64_t keyid)
        }
 
        snprintf(statement, 1023,
        }
 
        snprintf(statement, 1023,
-               "SELECT DISTINCT signer FROM onak_sigs WHERE signee = '%llX'",
+               "SELECT DISTINCT signer FROM onak_sigs WHERE signee = '%"
+               PRIX64 "'",
                keyid);
        result = PQexec(dbconn, statement);
 
                keyid);
        result = PQexec(dbconn, statement);
 
@@ -539,7 +564,7 @@ struct ll *getkeysigs(uint64_t keyid)
                        sigs = lladd(sigs, createandaddtohash(signer));
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
                        sigs = lladd(sigs, createandaddtohash(signer));
                }
        } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
-               fprintf(stderr, "Problem retrieving key from DB.\n");
+               logthing(LOGTHING_ERROR, "Problem retrieving key from DB.");
        }
 
        PQclear(result);
        }
 
        PQclear(result);
@@ -548,11 +573,97 @@ struct ll *getkeysigs(uint64_t keyid)
                result = PQexec(dbconn, "COMMIT");
                PQclear(result);
        }
                result = PQexec(dbconn, "COMMIT");
                PQclear(result);
        }
+
+       /*
+        * TODO: What do we do about revocations? We don't have the details
+        * stored in a separate table, so we'd have to grab the key and decode
+        * it, which we're trying to avoid by having a signers table.
+        */
+       if (revoked != NULL) {
+               *revoked = false;
+       }
+       
        return sigs;
 }
 
        return sigs;
 }
 
+/**
+ *     iterate_keys - call a function once for each key in the db.
+ *     @iterfunc: The function to call.
+ *     @ctx: A context pointer
+ *
+ *     Calls iterfunc once for each key in the database. ctx is passed
+ *     unaltered to iterfunc. This function is intended to aid database dumps
+ *     and statistic calculations.
+ *
+ *     Returns the number of keys we iterated over.
+ */
+static int pg_iterate_keys(void (*iterfunc)(void *ctx,
+               struct openpgp_publickey *key), void *ctx)
+{
+       struct openpgp_packet_list *packets = NULL;
+       struct openpgp_publickey *key = NULL;
+       PGresult *result = NULL;
+       char *oids = NULL;
+       int fd = -1;
+       int i = 0;
+       int numkeys = 0;
+       Oid key_oid;
+
+       result = PQexec(dbconn, "SELECT keydata FROM onak_keys;");
+
+       if (PQresultStatus(result) == PGRES_TUPLES_OK) {
+               numkeys = PQntuples(result);
+               for (i = 0; i < numkeys; i++) {
+                       oids = PQgetvalue(result, i, 0);
+                       key_oid = (Oid) atoi(oids);
+
+                       fd = lo_open(dbconn, key_oid, INV_READ);
+                       if (fd < 0) {
+                               logthing(LOGTHING_ERROR,
+                                               "Can't open large object.");
+                       } else {
+                               read_openpgp_stream(keydb_fetchchar, &fd,
+                                               &packets, 0);
+                               parse_keys(packets, &key);
+                               lo_close(dbconn, fd);
+
+                               iterfunc(ctx, key);
+                                       
+                               free_publickey(key);
+                               key = NULL;
+                               free_packet_list(packets);
+                               packets = NULL;
+                       }
+               }
+       } else if (PQresultStatus(result) != PGRES_TUPLES_OK) {
+               logthing(LOGTHING_ERROR, "Problem retrieving key from DB.");
+       }
+
+       PQclear(result);
+
+       return (numkeys);
+}
+
 /*
  * Include the basic keydb routines.
  */
 #define NEED_GETFULLKEYID 1
 /*
  * Include the basic keydb routines.
  */
 #define NEED_GETFULLKEYID 1
+#define NEED_UPDATEKEYS 1
 #include "keydb.c"
 #include "keydb.c"
+
+struct dbfuncs keydb_pg_funcs = {
+       .initdb                 = pg_initdb,
+       .cleanupdb              = pg_cleanupdb,
+       .starttrans             = pg_starttrans,
+       .endtrans               = pg_endtrans,
+       .fetch_key              = pg_fetch_key,
+       .fetch_key_text         = pg_fetch_key_text,
+       .store_key              = pg_store_key,
+       .update_keys            = generic_update_keys,
+       .delete_key             = pg_delete_key,
+       .getkeysigs             = pg_getkeysigs,
+       .cached_getkeysigs      = generic_cached_getkeysigs,
+       .keyid2uid              = pg_keyid2uid,
+       .getfullkeyid           = generic_getfullkeyid,
+       .iterate_keys           = pg_iterate_keys,
+};