X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/3857519629ca8fbcf3466c3fc761a5bb6ed32d53..HEAD:/src/src/dbfn.c diff --git a/src/src/dbfn.c b/src/src/dbfn.c index 3c51162a4..2b5ec908b 100644 --- a/src/src/dbfn.c +++ b/src/src/dbfn.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) The Exim Maintainers 2020 - 2022 */ +/* Copyright (c) The Exim Maintainers 2020 - 2024 */ /* Copyright (c) University of Cambridge 1995 - 2018 */ /* See the file NOTICE for conditions of use and distribution. */ /* SPDX-License-Identifier: GPL-2.0-or-later */ @@ -20,7 +20,7 @@ with database files like $spooldirectory/db/ */ different DBM files. This module does not contain code for reading DBM files for (e.g.) alias expansion. That is all contained within the general search functions. As Exim now has support for several DBM interfaces, all the relevant -functions are called as macros. +functions are called as inlinable functions from an included file. All the data in Exim's database is in the nature of *hints*. Therefore it doesn't matter if it gets destroyed by accident. These functions are not @@ -35,7 +35,25 @@ means of locking on independent lock files. (Earlier attempts to lock on the DBM files themselves were never completely successful.) Since callers may in general want to do more than one read or write while holding the lock, there are separate open and close functions. However, the calling modules should -arrange to hold the locks for the bare minimum of time. */ +arrange to hold the locks for the bare minimum of time. + +API: + dbfn_open + dbfn_close + dbfn_read_with_length + dbfn_read_enforce_length + dbfn_write + dbfn_delete + dbfn_scan unused; ifdeffout out + +Users: + ACL ratelimit & seen conditions + delivery retry handling + delivery serialization + TLS session resumption + peer capability cache + callout & quota cache +*/ @@ -43,6 +61,68 @@ arrange to hold the locks for the bare minimum of time. */ * Open and lock a database file * *************************************************/ +/* Ensure the directory for the DB is present */ + +static inline void +db_dir_make(BOOL panic) +{ +(void) directory_make(spool_directory, US"db", EXIMDB_DIRECTORY_MODE, panic); +} + + +/* Lock a file to protect the DB. Return TRUE for success */ + +static inline BOOL +lockfile_take(open_db * dbblock, const uschar * filename, BOOL rdonly, BOOL panic) +{ +flock_t lock_data; +int rc, * fdp = &dbblock->lockfd; + +priv_drop_temp(exim_uid, exim_gid); +if ((*fdp = Uopen(filename, O_RDWR, EXIMDB_LOCKFILE_MODE)) < 0) + { + db_dir_make(panic); + *fdp = Uopen(filename, O_RDWR|O_CREAT, EXIMDB_LOCKFILE_MODE); + } +priv_restore(); + +if (*fdp < 0) + { + log_write(0, LOG_MAIN, "%s", + string_open_failed("database lock file %s", filename)); + errno = 0; /* Indicates locking failure */ + return FALSE; + } + +/* Now we must get a lock on the opened lock file; do this with a blocking +lock that times out. */ + +lock_data.l_type = rdonly ? F_RDLCK : F_WRLCK; +lock_data.l_whence = lock_data.l_start = lock_data.l_len = 0; + +DEBUG(D_hints_lookup|D_retry|D_route|D_deliver) + debug_printf_indent("locking %s\n", filename); + +sigalrm_seen = FALSE; +ALARM(EXIMDB_LOCK_TIMEOUT); +rc = fcntl(*fdp, F_SETLKW, &lock_data); +ALARM_CLR(0); + +if (sigalrm_seen) errno = ETIMEDOUT; +if (rc < 0) + { + log_write(0, LOG_MAIN|LOG_PANIC, "Failed to get %s lock for %s: %s", + rdonly ? "read" : "write", filename, + errno == ETIMEDOUT ? "timed out" : strerror(errno)); + (void)close(*fdp); *fdp = -1; + errno = 0; /* Indicates locking failure */ + return FALSE; + } + +DEBUG(D_hints_lookup) debug_printf_indent("locked %s\n", filename); +return TRUE; +} + /* Used for accessing Exim's hints databases. Arguments: @@ -59,17 +139,13 @@ Returns: NULL if the open failed, or the locking failed. After locking On success, dbblock is returned. This contains the dbm pointer and the fd of the locked lock file. - -There are some calls that use O_RDWR|O_CREAT for the flags. Having discovered -this in December 2005, I'm not sure if this is correct or not, but for the -moment I haven't changed them. */ open_db * -dbfn_open(uschar *name, int flags, open_db *dbblock, BOOL lof, BOOL panic) +dbfn_open(const uschar * name, int flags, open_db * dbblock, + BOOL lof, BOOL panic) { int rc, save_errno; -BOOL read_only = flags == O_RDONLY; flock_t lock_data; uschar dirname[PATHLEN], filename[PATHLEN]; @@ -91,51 +167,18 @@ exists, there is no error. */ snprintf(CS dirname, sizeof(dirname), "%s/db", spool_directory); snprintf(CS filename, sizeof(filename), "%s/%s.lockfile", dirname, name); -priv_drop_temp(exim_uid, exim_gid); -if ((dbblock->lockfd = Uopen(filename, O_RDWR, EXIMDB_LOCKFILE_MODE)) < 0) - { - (void)directory_make(spool_directory, US"db", EXIMDB_DIRECTORY_MODE, panic); - dbblock->lockfd = Uopen(filename, O_RDWR|O_CREAT, EXIMDB_LOCKFILE_MODE); - } -priv_restore(); - -if (dbblock->lockfd < 0) +dbblock->lockfd = -1; +if (!exim_lockfile_needed()) + db_dir_make(panic); +else { - log_write(0, LOG_MAIN, "%s", - string_open_failed("database lock file %s", filename)); - errno = 0; /* Indicates locking failure */ - DEBUG(D_hints_lookup) acl_level--; - return NULL; - } - -/* Now we must get a lock on the opened lock file; do this with a blocking -lock that times out. */ - -lock_data.l_type = read_only? F_RDLCK : F_WRLCK; -lock_data.l_whence = lock_data.l_start = lock_data.l_len = 0; - -DEBUG(D_hints_lookup|D_retry|D_route|D_deliver) - debug_printf_indent("locking %s\n", filename); - -sigalrm_seen = FALSE; -ALARM(EXIMDB_LOCK_TIMEOUT); -rc = fcntl(dbblock->lockfd, F_SETLKW, &lock_data); -ALARM_CLR(0); - -if (sigalrm_seen) errno = ETIMEDOUT; -if (rc < 0) - { - log_write(0, LOG_MAIN|LOG_PANIC, "Failed to get %s lock for %s: %s", - read_only ? "read" : "write", filename, - errno == ETIMEDOUT ? "timed out" : strerror(errno)); - (void)close(dbblock->lockfd); - errno = 0; /* Indicates locking failure */ - DEBUG(D_hints_lookup) acl_level--; - return NULL; + if (!lockfile_take(dbblock, filename, flags == O_RDONLY, panic)) + { + DEBUG(D_hints_lookup) acl_level--; + return NULL; + } } -DEBUG(D_hints_lookup) debug_printf_indent("locked %s\n", filename); - /* At this point we have an opened and locked separate lock file, that is, exclusive access to the database, so we can go ahead and open it. If we are expected to create it, don't do so at first, again so that we can detect @@ -145,6 +188,7 @@ databases - often this is caused by non-matching db.h and the library. To make it easy to pin this down, there are now debug statements on either side of the open call. */ +flags &= O_RDONLY | O_RDWR; snprintf(CS filename, sizeof(filename), "%s/%s", dirname, name); priv_drop_temp(exim_uid, exim_gid); @@ -173,6 +217,7 @@ if (!dbblock->dbptr) debug_printf_indent("%s\n", CS string_open_failed("DB file %s", filename)); (void)close(dbblock->lockfd); + dbblock->lockfd = -1; errno = save_errno; DEBUG(D_hints_lookup) acl_level--; return NULL; @@ -182,7 +227,6 @@ DEBUG(D_hints_lookup) debug_printf_indent("opened hints database %s: flags=%s\n", filename, flags == O_RDONLY ? "O_RDONLY" : flags == O_RDWR ? "O_RDWR" - : flags == (O_RDWR|O_CREAT) ? "O_RDWR|O_CREAT" : "??"); /* Pass back the block containing the opened database handle and the open fd @@ -199,7 +243,7 @@ return dbblock; *************************************************/ /* Closing a file automatically unlocks it, so after closing the database, just -close the lock file. +close the lock file if there was one. Argument: a pointer to an open database block Returns: nothing @@ -208,10 +252,17 @@ Returns: nothing void dbfn_close(open_db *dbblock) { +int * fdp = &dbblock->lockfd; + exim_dbclose(dbblock->dbptr); -(void)close(dbblock->lockfd); +if (*fdp >= 0) (void)close(*fdp); DEBUG(D_hints_lookup) - { debug_printf_indent("closed hints database and lockfile\n"); acl_level--; } + { + debug_printf_indent("closed hints database%s\n", + *fdp < 0 ? "" : " and lockfile"); + acl_level--; + } +*fdp = -1; } @@ -239,12 +290,13 @@ Returns: a pointer to the retrieved record, or */ void * -dbfn_read_with_length(open_db *dbblock, const uschar *key, int *length) +dbfn_read_with_length(open_db * dbblock, const uschar * key, int * length) { -void *yield; +void * yield; EXIM_DATUM key_datum, result_datum; int klen = Ustrlen(key) + 1; uschar * key_copy = store_get(klen, key); +unsigned dlen; memcpy(key_copy, key, klen); @@ -255,14 +307,20 @@ exim_datum_init(&result_datum); /* to be cleared before use. */ exim_datum_data_set(&key_datum, key_copy); exim_datum_size_set(&key_datum, klen); -if (!exim_dbget(dbblock->dbptr, &key_datum, &result_datum)) return NULL; +if (!exim_dbget(dbblock->dbptr, &key_datum, &result_datum)) + { + DEBUG(D_hints_lookup) debug_printf_indent("dbfn_read: null return\n"); + return NULL; + } /* Assume the data store could have been tainted. Properly, we should store the taint status with the data. */ -yield = store_get(exim_datum_size_get(&result_datum), GET_TAINTED); -memcpy(yield, exim_datum_data_get(&result_datum), exim_datum_size_get(&result_datum)); -if (length) *length = exim_datum_size_get(&result_datum); +dlen = exim_datum_size_get(&result_datum); +yield = store_get(dlen, GET_TAINTED); +memcpy(yield, exim_datum_data_get(&result_datum), dlen); +DEBUG(D_hints_lookup) debug_printf_indent("dbfn_read: size %u return\n", dlen); +if (length) *length = dlen; exim_datum_free(&result_datum); /* Some DBM libs require freeing */ return yield; @@ -324,7 +382,8 @@ uschar * key_copy = store_get(klen, key); memcpy(key_copy, key, klen); gptr->time_stamp = time(NULL); -DEBUG(D_hints_lookup) debug_printf_indent("dbfn_write: key=%s\n", key); +DEBUG(D_hints_lookup) + debug_printf_indent("dbfn_write: key=%s datalen %d\n", key, length); exim_datum_init(&key_datum); /* Some DBM libraries require the datum */ exim_datum_init(&value_datum); /* to be cleared before use. */ @@ -367,6 +426,11 @@ return exim_dbdel(dbblock->dbptr, &key_datum); +#ifdef notdef +/* XXX This appears to be unused. There's a separate implementation +in dbutils.c for dumpdb and fixdb, using the same underlying support. +*/ + /************************************************* * Scan the keys of a database file * *************************************************/ @@ -406,6 +470,7 @@ yield = exim_dbscan(dbblock->dbptr, &key_datum, &value_datum, start, *cursor) if (!yield) exim_dbdelete_cursor(*cursor); return yield; } +#endif @@ -488,7 +553,7 @@ while (Ufgets(buffer, 256, stdin) != NULL) { count = Uatoi(cmd); while (isdigit((uschar)*cmd)) cmd++; - while (isspace((uschar)*cmd)) cmd++; + Uskip_whitespace(&cmd); } if (Ustrncmp(cmd, "open", 4) == 0) @@ -496,7 +561,7 @@ while (Ufgets(buffer, 256, stdin) != NULL) int i; open_db *odb; uschar *s = cmd + 4; - while (isspace((uschar)*s)) s++; + Uskip_whitespace(&s); for (i = 0; i < max_db; i++) if (dbblock[i].dbptr == NULL) break; @@ -532,8 +597,7 @@ while (Ufgets(buffer, 256, stdin) != NULL) else if (Ustrncmp(cmd, "write", 5) == 0) { int rc = 0; - uschar *key = cmd + 5; - uschar *data; + uschar * key = cmd + 5, * data; if (current < 0) { @@ -541,11 +605,11 @@ while (Ufgets(buffer, 256, stdin) != NULL) continue; } - while (isspace((uschar)*key)) key++; + Uskip_whitespace(&key); data = key; - while (*data != 0 && !isspace((uschar)*data)) data++; - *data++ = 0; - while (isspace((uschar)*data)) data++; + Uskip_nonwhite(&data); + *data++ = '\0'; + Uskip_whitespace(&data); dbwait = (dbdata_wait *)(&structbuffer); Ustrcpy(dbwait->text, data); @@ -560,13 +624,13 @@ while (Ufgets(buffer, 256, stdin) != NULL) else if (Ustrncmp(cmd, "read", 4) == 0) { - uschar *key = cmd + 4; + uschar * key = cmd + 4; if (current < 0) { printf("No current database\n"); continue; } - while (isspace((uschar)*key)) key++; + Uskip_whitespace(&key); start = clock(); while (count-- > 0) dbwait = (dbdata_wait *)dbfn_read_with_length(dbblock+ current, key, NULL); @@ -576,13 +640,13 @@ while (Ufgets(buffer, 256, stdin) != NULL) else if (Ustrncmp(cmd, "delete", 6) == 0) { - uschar *key = cmd + 6; + uschar * key = cmd + 6; if (current < 0) { printf("No current database\n"); continue; } - while (isspace((uschar)*key)) key++; + Uskip_whitespace(&key); dbfn_delete(dbblock + current, key); } @@ -612,8 +676,8 @@ while (Ufgets(buffer, 256, stdin) != NULL) else if (Ustrncmp(cmd, "close", 5) == 0) { - uschar *s = cmd + 5; - while (isspace((uschar)*s)) s++; + uschar * s = cmd + 5; + Uskip_whitespace(&s); i = Uatoi(s); if (i >= max_db || dbblock[i].dbptr == NULL) printf("Not open\n"); else { @@ -627,8 +691,8 @@ while (Ufgets(buffer, 256, stdin) != NULL) else if (Ustrncmp(cmd, "file", 4) == 0) { - uschar *s = cmd + 4; - while (isspace((uschar)*s)) s++; + uschar * s = cmd + 4; + Uskip_whitespace(&s); i = Uatoi(s); if (i >= max_db || dbblock[i].dbptr == NULL) printf("Not open\n"); else current = i; @@ -680,3 +744,5 @@ return 0; #endif /* End of dbfn.c */ +/* vi: aw ai sw=2 +*/