2 * This file is part of secnet.
3 * See README for full list of copyright holders.
5 * secnet is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
10 * secnet is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * version 3 along with secnet; if not, see
17 * https://www.gnu.org/licenses/gpl.html.
23 #define DEFAULT_SIZE 5
27 struct sigprivkey_if *sigpriv; /* 0 means none such */
32 struct privcache_if ops;
34 struct pathprefix_template path;
36 struct buffer_if databuf;
37 struct hash_if *defhash;
40 static bool_t uncached_load_file(
41 const struct sigscheme_info *scheme,
43 struct buffer_if *databuf,
44 struct hash_if *defhash,
45 struct sigprivkey_if **sigpriv_r,
46 closure_t **closure_r,
49 static struct sigprivkey_if *uncached_get(struct privcache *st,
50 const struct sigkeyid *id, struct log_if *log)
52 sprintf(st->path.write_here, SIGKEYID_PR_FMT, SIGKEYID_PR_VAL(id));
54 const char *path=st->path.buffer;
55 const struct sigscheme_info *scheme;
56 for (scheme=sigschemes;
59 if (scheme->algid == id->b[GRPIDSZ])
62 slilog(log,M_ERR,"private key file %s not loaded (unknown algid)",
67 struct sigprivkey_if *sigpriv;
69 bool_t ok=uncached_load_file(scheme,
76 return ok ? sigpriv : 0;
79 static bool_t uncached_load_file(
80 const struct sigscheme_info *scheme,
82 struct buffer_if *databuf,
83 struct hash_if *defhash,
84 struct sigprivkey_if **sigpriv_r,
85 closure_t **closure_r,
90 struct sigprivkey_if *sigpriv=0;
94 if (errno == ENOENT) {
95 slilog(log,M_DEBUG,"private key %s not found",
98 slilog(log,M_ERR,"failed to open private key file %s",
105 buffer_init(databuf,0);
106 ssize_t got=fread(databuf->base,1,databuf->alloclen,f);
108 slilog(log,M_ERR,"failed to read private-key file %s",
113 slilog(log,M_ERR,"private key file %s longer than max %d",
114 path, (int)databuf->alloclen);
119 databuf->start=databuf->base;
121 struct cloc loc = { .file=path, .line=0 };
122 ok=scheme->loadpriv(scheme, databuf, &sigpriv, closure_r, log, loc);
123 if (!ok) goto error_out; /* loadpriv will have logged */
125 if (sigpriv->sethash) {
128 "private key %s requires `hash' config key for privcache to load",
132 sigpriv->sethash(sigpriv->st,defhash);
141 if (sigpriv) sigpriv->dispose(sigpriv->st);
146 static struct sigprivkey_if *privcache_lookup(void *sst,
147 const struct sigkeyid *id,
148 struct log_if *log) {
149 struct privcache *st=sst;
153 for (was=0; was<st->used; was++) {
154 if (sigkeyid_equal(id, &st->ents[was].id)) {
155 result = st->ents[was];
160 if (st->used < st->alloc) {
165 if (st->ents[was].sigpriv) {
166 st->ents[was].sigpriv->dispose(st->ents[was].sigpriv->st);
170 COPY_OBJ(result.id, *id);
171 result.sigpriv=uncached_get(st,id,log);
174 memmove(&st->ents[1], &st->ents[0], sizeof(st->ents[0]) * was);
176 return result.sigpriv;
179 static list_t *privcache_apply(closure_t *self, struct cloc loc,
180 dict_t *context, list_t *args)
182 struct privcache *st;
187 st->cl.description="privcache";
188 st->cl.type=CL_PRIVCACHE;
190 st->cl.interface=&st->ops;
192 st->ops.lookup=privcache_lookup;
195 st->used=st->alloc=0;
198 item=list_elem(args,0);
199 if (!item || item->type!=t_dict)
200 cfgfatal(loc,"privcache","parameter must be a dictionary\n");
202 dict=item->data.dict;
204 st->alloc=dict_read_number(dict,"privcache-size",False,"privcache",loc,
206 NEW_ARY(st->ents,st->alloc);
209 int32_t buflen=dict_read_number(dict,"privkey-max",False,"privcache",loc,
211 buffer_new(&st->databuf,buflen+1);
213 const char *path=dict_read_string(dict,"privkeys",True,"privcache",loc);
214 pathprefix_template_init(&st->path,path,KEYIDSZ*2);
216 st->defhash=find_cl_if(dict,"hash",CL_HASH,False,"site",loc);
218 return new_closure(&st->cl);
221 void privcache_module(dict_t *dict)
223 add_closure(dict,"priv-cache",privcache_apply);