Actually close the socket in keyd/the keyd backend
We were calling shutdown() on the socket, but this isn't sufficient -
we need to call close() as well. Otherwise we end up leaking sockets
and eventually keyd can no longer service requests.
We were defining a custom compile rule for the keydb .c -> .o stage,
which left out the CFLAGS. We don't need this; the custom bit is at
link time so we pick up the right libs.
libdb4.7 isn't in stable (lenny) and libdb4.8 is in testing (squeeze)
and sid, so given that we can do the auto upgrade no reason not to
bump to use the latest. Tested with 20000+ invocations of "onak index"
to try to confirm no repeat of the read-only-open problem hit with 4.6.
We didn't specify the version in the README, though it was correct in
debian/copyright. Add the version to the README and point to the
versioned file in debian/copyright rather than the symlink to the
current version.
Change PostgreSQL backend to use PQescapeStringConn
While the PostgreSQL backend is not known to be in use anywhere we were
using an older escaping function (PQescapeString) which does not have
knowledge of the connection character encoding and so has potential
problems. Switch to using PQescapeStringConn, which does have this
knowledge.
Don't add a key to the stats hash if it doesn't have any sigs
We always added a key to the stats hash if we tried to find its sigs,
even if it didn't exist. So if it doesn't have any sigs (either because
it doesn't exist or it's just a non linked in key), don't add it.
Closes Debian bug #542187.
Correct formatting of some places we output a keyid
Format keyids in various places to be 16 digits long, zero padded
if necessary. Closes Debian bug #540196 (which has a patch from
Philippe Teuwen, but that uses 8 digits instead of 16).
db4.6 (on Debian at least) seems to throw a fit after a number of
read-only opens. db4.7 (and 4.5) don't seem to suffer from this.
Closes Debian bug #520117
Ensure DB4 backend dbconns memory is initialised to zero
Change to using calloc to allocate the memory for the dbconns array,
as this will ensure that all the pointers in it are NULL which
prevents us segfaulting on abnormal cleanup. Fixes the segfault from
Debian bug #520117 but not the underlying issue.
We were using the void * ctx argument as the file descriptor. Find for
32 bit, but on 64 bit we're truncating. No reason not to just pass the
pointer to the fd, so do so.
Add initial support for upgrading db4 DBs built with older DB4 versions
DB4 data base files are tied to the version of DB4 that created them.
It'd be nice to be able to compile with a more recent version of db4
than db4.2, which is currently used for the Debian packages. However
we don't want to have dump and reload the database, so this adds a
first cut at trying to use the DB4 provided upgrade functions.
We sometimes see critical subpackets for signature UIDs and and Policy
URIs. While we should probably display such things in indexes in the
future this isn't critical enough for us to log the packets as an error.
We would always show the first photo ID on a key when displaying it
in /pks/lookup. Fix this so we show them all correctly. Patch from
Philippe Teuwen as reporting in Debian bug #467020
We don't want to add keys when there are no keys in the previous list,
we want to only add new keys on the first pass. Otherwise if we end up
with an empty list we'll start again as if none of the previous words
where specified.
Apparently PGP Desktop doesn't like our "Storing %d keys." success
message when storing keys received via HKP. Change our output to match
what the pgp.com and SKS keyservers return. Patch from Timothy Legge.
Fix up dynamic loading; we export a structure of functions now from
each of the backends, which means we can maintain unique namespaces.
This should allow further cleanups/cunningness, but hopefully this is
enough to get us operating correctly across all platforms to start with.
Fix config structure references for dynamic backends
This patch fixes the config structure when dynamic backends are
used - the basic issue is that when the backend was loaded, it wouldn't
(neccessarily) share the config structure with the program that called
it (and had therefore read the config). Thanks to Brett Parker.
Fixup config file for Debian package upgrades
We now need to configure a suitable DB backend and are also using the
mail_dir setting, so we need to add/fix these in onak.conf for package
upgrades.
Allow checking for signature times and use in merging
Add support for pulling out the creation time of a signature, then use
this information when we're merging key signatures. This allows for
updating of signatures (eg key preferences) or adding new signatures eg
with later expiry dates. As reported in Debian bug #410796
Fix assumption that a signature on a public key is a revocation
We've been assuming that a signature directly on a public key means the
key is revoked. This isn't the case; it's used for key preferences for
example. Change the structure element names to reflect this
(revocations->sigs) and check for revoked status by looking for a
signature type of 0x20.
Fix incoming mail spool directory
onak-mail has spooled incoming mail for a long time; fix up the default
config to put this in spool/onak rather than the hardcoded /community
that was previously configured.
Change Debian package to use dynamic backend.
This hopefully does all that's required to build a Debian package with
all our backends but defaulting to db4 so we don't break those
upgrading.
Try to load backends from current dir if none specified.
If we don't specify a directory for the backends in the config file
then try to load them from the current directory.
Gracefully fail when we can't open a DB4 DB.
If we don't have permissions to open a DB4 DB we'll not even get to
open our environment. As such we should close it cleanly and fail rather
than segfaulting. As reported in Debian bug #370440
Gracefully exit if no backend defined.
If no backend was defined we were attempting to strlen a NULL string,
which isn't sensible. Gracefully exit with a critical error instead.
Fix replyto email address bug.
If Reply-To wasn't set we wouldn't be able to send a reply email from
onak-mail.pl for ADD/(V)INDEX mails. Fix this so we'll use Reply-To or
From if that isn't set.
Enable ADD support for email interface.
onak-mail.pl didn't support ADD; this is still in use by some people,
so has now been added. Thanks to Ian Jackson for reporting, I'd
forgotten it didn't support this yet.
Support 16 digit key ids in lookup.
When generating our html keyindexes, use 64bit key ids for the links,
to help avoid collisions. Also make lookup support this length of id.
Add dynamic loading of backends.
This adds support for the dynamic loading of backends. By default we
now try to build all the backends we can and then dynamically load the
one the user wants.
Make onak-mail.pl queue requests.
onak-mail.pl sequentially processes requests. Rather than having a lot
of these processes hang around waiting for other requests to complete we
now dump requests to a file and then the active copy will process all
pending requests.
Handle signature revokations better.
Hanna Wallach reported an issue with UID revokations. This was because
we weren't allowing multiple signatures from the same keyid for a UID;
we now check the signature type and allow them if they're different.
Fix path bug in sendkeysync.
We weren't using the path configured for the MTA from the config file,
instead it was a hard coded value. This causes problems if the MTA isn't
on the path.
Fix problem with closing stderr in add.c
Fred Strauss reported a problem when we close stderr in add.c; we now
do some basic checking to try to ensure it's a valid file ptr before
we close it. Also do this for stdout just in case.
Fix parsing of empty config file lines.
Fred Strauss reported a problem with parsing empty lines in the config
file; we weren't checking if the line was empty before stripping
trailing white space. We do now.
Allow non ASCII characters to be stored.
Previously we only stored letters/numbers. Now we store anything except
punctuation and spaces. Based on a patch from Jason Harris for pks.
Move dumpdb over to using iterate_keys.
iterate_keys provides a generic way to do stuff with every key in the
DB, so use it instead for dumping the database and remove the old
dumpdb function.
Add links to HTML index output. (Debian bug #275227)
Add links to get the key data and the verbose index for a key to the
HTML output of op=index. I think this was previously removed to try to
make gpg --search happy, but I've tested 1.2.4 with this change and it
still works.
Add lladdend function and use in makewordlist.
Add a new function that adds an object to the end of a linked list.
We make use of this in makewordlist, which means we search for keys
containing words from the start of the email address first, rather than
starting with the words at the end. When you're dealing with TLDs like
com, net, org this makes a big difference, as you don't end up with a
huge list from the first word you try.
Introduce sorted keyid array functions and use in DB4.
Adds functions to keep a sorted array of keyids (aiding searching speed).
Makes use of these in the DB4 backed for searching for keys based on uid
text.
Cleanup db4 properly if we fail to open it.
Rather than exiting as soon as we hit a problem opening the DB4 db we
try to cleanup whatever we've managed to open.
Change buffer_put/fetchchar functions to use memcpy.
We used an inefficient loop to copy data in the buffer character
functions; change them to use memcpy.