Path: blob/main/crypto/heimdal/lib/hdb/hdb-sqlite.c
34878 views
/*1* Copyright (c) 2009 Kungliga Tekniska H�gskolan2* (Royal Institute of Technology, Stockholm, Sweden).3* All rights reserved.4*5* Redistribution and use in source and binary forms, with or without6* modification, are permitted provided that the following conditions7* are met:8*9* 1. Redistributions of source code must retain the above copyright10* notice, this list of conditions and the following disclaimer.11*12* 2. Redistributions in binary form must reproduce the above copyright13* notice, this list of conditions and the following disclaimer in the14* documentation and/or other materials provided with the distribution.15*16* 3. Neither the name of the Institute nor the names of its contributors17* may be used to endorse or promote products derived from this software18* without specific prior written permission.19*20* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND21* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE22* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE23* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE24* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL25* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS26* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)27* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT28* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY29* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF30* SUCH DAMAGE.31*/3233#include "hdb_locl.h"34#include "sqlite3.h"3536#define MAX_RETRIES 103738typedef struct hdb_sqlite_db {39double version;40sqlite3 *db;41char *db_file;4243sqlite3_stmt *get_version;44sqlite3_stmt *fetch;45sqlite3_stmt *get_ids;46sqlite3_stmt *add_entry;47sqlite3_stmt *add_principal;48sqlite3_stmt *add_alias;49sqlite3_stmt *delete_aliases;50sqlite3_stmt *update_entry;51sqlite3_stmt *remove;52sqlite3_stmt *get_all_entries;5354} hdb_sqlite_db;5556/* This should be used to mark updates which make the code incompatible57* with databases created with previous versions. Don't update it if58* compatibility is not broken. */59#define HDBSQLITE_VERSION 0.16061#define _HDBSQLITE_STRINGIFY(x) #x62#define HDBSQLITE_STRINGIFY(x) _HDBSQLITE_STRINGIFY(x)6364#define HDBSQLITE_CREATE_TABLES \65" BEGIN TRANSACTION;" \66" CREATE TABLE Version (number REAL);" \67" INSERT INTO Version (number)" \68" VALUES (" HDBSQLITE_STRINGIFY(HDBSQLITE_VERSION) ");" \69" CREATE TABLE Principal" \70" (id INTEGER PRIMARY KEY," \71" principal TEXT UNIQUE NOT NULL," \72" canonical INTEGER," \73" entry INTEGER);" \74" CREATE TABLE Entry" \75" (id INTEGER PRIMARY KEY," \76" data BLOB);" \77" COMMIT"78#define HDBSQLITE_CREATE_TRIGGERS \79" CREATE TRIGGER remove_principals AFTER DELETE ON Entry" \80" BEGIN" \81" DELETE FROM Principal" \82" WHERE entry = OLD.id;" \83" END"84#define HDBSQLITE_GET_VERSION \85" SELECT number FROM Version"86#define HDBSQLITE_FETCH \87" SELECT Entry.data FROM Principal, Entry" \88" WHERE Principal.principal = ? AND" \89" Entry.id = Principal.entry"90#define HDBSQLITE_GET_IDS \91" SELECT id, entry FROM Principal" \92" WHERE principal = ?"93#define HDBSQLITE_ADD_ENTRY \94" INSERT INTO Entry (data) VALUES (?)"95#define HDBSQLITE_ADD_PRINCIPAL \96" INSERT INTO Principal (principal, entry, canonical)" \97" VALUES (?, last_insert_rowid(), 1)"98#define HDBSQLITE_ADD_ALIAS \99" INSERT INTO Principal (principal, entry, canonical)" \100" VALUES(?, ?, 0)"101#define HDBSQLITE_DELETE_ALIASES \102" DELETE FROM Principal" \103" WHERE entry = ? AND canonical = 0"104#define HDBSQLITE_UPDATE_ENTRY \105" UPDATE Entry SET data = ?" \106" WHERE id = ?"107#define HDBSQLITE_REMOVE \108" DELETE FROM ENTRY WHERE id = " \109" (SELECT entry FROM Principal" \110" WHERE principal = ?)"111#define HDBSQLITE_GET_ALL_ENTRIES \112" SELECT data FROM Entry"113114/**115* Wrapper around sqlite3_prepare_v2.116*117* @param context The current krb5 context118* @param statement Where to store the pointer to the statement119* after preparing it120* @param str SQL code for the statement121*122* @return 0 if OK, an error code if not123*/124static krb5_error_code125hdb_sqlite_prepare_stmt(krb5_context context,126sqlite3 *db,127sqlite3_stmt **statement,128const char *str)129{130int ret, tries = 0;131132ret = sqlite3_prepare_v2(db, str, -1, statement, NULL);133while((tries++ < MAX_RETRIES) &&134((ret == SQLITE_BUSY) ||135(ret == SQLITE_IOERR_BLOCKED) ||136(ret == SQLITE_LOCKED))) {137krb5_warnx(context, "hdb-sqlite: prepare busy");138sleep(1);139ret = sqlite3_prepare_v2(db, str, -1, statement, NULL);140}141142if (ret != SQLITE_OK) {143krb5_set_error_message(context, EINVAL,144"Failed to prepare stmt %s: %s",145str, sqlite3_errmsg(db));146return EINVAL;147}148149return 0;150}151152/**153* A wrapper around sqlite3_exec.154*155* @param context The current krb5 context156* @param database An open sqlite3 database handle157* @param statement SQL code to execute158* @param error_code What to return if the statement fails159*160* @return 0 if OK, else error_code161*/162static krb5_error_code163hdb_sqlite_exec_stmt(krb5_context context,164sqlite3 *database,165const char *statement,166krb5_error_code error_code)167{168int ret;169170ret = sqlite3_exec(database, statement, NULL, NULL, NULL);171172while(((ret == SQLITE_BUSY) ||173(ret == SQLITE_IOERR_BLOCKED) ||174(ret == SQLITE_LOCKED))) {175krb5_warnx(context, "hdb-sqlite: exec busy: %d", (int)getpid());176sleep(1);177ret = sqlite3_exec(database, statement, NULL, NULL, NULL);178}179180if (ret != SQLITE_OK && error_code) {181krb5_set_error_message(context, error_code,182"Execute %s: %s", statement,183sqlite3_errmsg(database));184return error_code;185}186187return 0;188}189190/**191* Opens an sqlite3 database handle to a file, may create the192* database file depending on flags.193*194* @param context The current krb5 context195* @param db Heimdal database handle196* @param flags Controls whether or not the file may be created,197* may be 0 or SQLITE_OPEN_CREATE198*/199static krb5_error_code200hdb_sqlite_open_database(krb5_context context, HDB *db, int flags)201{202int ret;203hdb_sqlite_db *hsdb = (hdb_sqlite_db*) db->hdb_db;204205ret = sqlite3_open_v2(hsdb->db_file, &hsdb->db,206SQLITE_OPEN_READWRITE | flags, NULL);207208if (ret) {209if (hsdb->db) {210ret = ENOENT;211krb5_set_error_message(context, ret,212"Error opening sqlite database %s: %s",213hsdb->db_file, sqlite3_errmsg(hsdb->db));214sqlite3_close(hsdb->db);215hsdb->db = NULL;216} else217ret = krb5_enomem(context);218return ret;219}220221return 0;222}223224static int225hdb_sqlite_step(krb5_context context, sqlite3 *db, sqlite3_stmt *stmt)226{227int ret;228229ret = sqlite3_step(stmt);230while(((ret == SQLITE_BUSY) ||231(ret == SQLITE_IOERR_BLOCKED) ||232(ret == SQLITE_LOCKED))) {233krb5_warnx(context, "hdb-sqlite: step busy: %d", (int)getpid());234sleep(1);235ret = sqlite3_step(stmt);236}237return ret;238}239240/**241* Closes the database and frees memory allocated for statements.242*243* @param context The current krb5 context244* @param db Heimdal database handle245*/246static krb5_error_code247hdb_sqlite_close_database(krb5_context context, HDB *db)248{249hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;250251sqlite3_finalize(hsdb->get_version);252sqlite3_finalize(hsdb->fetch);253sqlite3_finalize(hsdb->get_ids);254sqlite3_finalize(hsdb->add_entry);255sqlite3_finalize(hsdb->add_principal);256sqlite3_finalize(hsdb->add_alias);257sqlite3_finalize(hsdb->delete_aliases);258sqlite3_finalize(hsdb->update_entry);259sqlite3_finalize(hsdb->remove);260sqlite3_finalize(hsdb->get_all_entries);261262sqlite3_close(hsdb->db);263264return 0;265}266267/**268* Opens an sqlite database file and prepares it for use.269* If the file does not exist it will be created.270*271* @param context The current krb5_context272* @param db The heimdal database handle273* @param filename Where to store the database file274*275* @return 0 if everything worked, an error code if not276*/277static krb5_error_code278hdb_sqlite_make_database(krb5_context context, HDB *db, const char *filename)279{280int ret;281int created_file = 0;282hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;283284hsdb->db_file = strdup(filename);285if(hsdb->db_file == NULL)286return ENOMEM;287288ret = hdb_sqlite_open_database(context, db, 0);289if (ret) {290ret = hdb_sqlite_open_database(context, db, SQLITE_OPEN_CREATE);291if (ret) goto out;292293created_file = 1;294295ret = hdb_sqlite_exec_stmt(context, hsdb->db,296HDBSQLITE_CREATE_TABLES,297EINVAL);298if (ret) goto out;299300ret = hdb_sqlite_exec_stmt(context, hsdb->db,301HDBSQLITE_CREATE_TRIGGERS,302EINVAL);303if (ret) goto out;304}305306ret = hdb_sqlite_prepare_stmt(context, hsdb->db,307&hsdb->get_version,308HDBSQLITE_GET_VERSION);309if (ret) goto out;310ret = hdb_sqlite_prepare_stmt(context, hsdb->db,311&hsdb->fetch,312HDBSQLITE_FETCH);313if (ret) goto out;314ret = hdb_sqlite_prepare_stmt(context, hsdb->db,315&hsdb->get_ids,316HDBSQLITE_GET_IDS);317if (ret) goto out;318ret = hdb_sqlite_prepare_stmt(context, hsdb->db,319&hsdb->add_entry,320HDBSQLITE_ADD_ENTRY);321if (ret) goto out;322ret = hdb_sqlite_prepare_stmt(context, hsdb->db,323&hsdb->add_principal,324HDBSQLITE_ADD_PRINCIPAL);325if (ret) goto out;326ret = hdb_sqlite_prepare_stmt(context, hsdb->db,327&hsdb->add_alias,328HDBSQLITE_ADD_ALIAS);329if (ret) goto out;330ret = hdb_sqlite_prepare_stmt(context, hsdb->db,331&hsdb->delete_aliases,332HDBSQLITE_DELETE_ALIASES);333if (ret) goto out;334ret = hdb_sqlite_prepare_stmt(context, hsdb->db,335&hsdb->update_entry,336HDBSQLITE_UPDATE_ENTRY);337if (ret) goto out;338ret = hdb_sqlite_prepare_stmt(context, hsdb->db,339&hsdb->remove,340HDBSQLITE_REMOVE);341if (ret) goto out;342ret = hdb_sqlite_prepare_stmt(context, hsdb->db,343&hsdb->get_all_entries,344HDBSQLITE_GET_ALL_ENTRIES);345if (ret) goto out;346347ret = hdb_sqlite_step(context, hsdb->db, hsdb->get_version);348if(ret == SQLITE_ROW) {349hsdb->version = sqlite3_column_double(hsdb->get_version, 0);350}351sqlite3_reset(hsdb->get_version);352ret = 0;353354if(hsdb->version != HDBSQLITE_VERSION) {355ret = EINVAL;356krb5_set_error_message(context, ret, "HDBSQLITE_VERSION mismatch");357}358359if(ret) goto out;360361return 0;362363out:364if (hsdb->db)365sqlite3_close(hsdb->db);366if (created_file)367unlink(hsdb->db_file);368369return ret;370}371372/**373* Retrieves an entry by searching for the given374* principal in the Principal database table, both375* for canonical principals and aliases.376*377* @param context The current krb5_context378* @param db Heimdal database handle379* @param principal The principal whose entry to search for380* @param flags Currently only for HDB_F_DECRYPT381* @param kvno kvno to fetch is HDB_F_KVNO_SPECIFIED use used382*383* @return 0 if everything worked, an error code if not384*/385static krb5_error_code386hdb_sqlite_fetch_kvno(krb5_context context, HDB *db, krb5_const_principal principal,387unsigned flags, krb5_kvno kvno, hdb_entry_ex *entry)388{389int sqlite_error;390krb5_error_code ret;391char *principal_string;392hdb_sqlite_db *hsdb = (hdb_sqlite_db*)(db->hdb_db);393sqlite3_stmt *fetch = hsdb->fetch;394krb5_data value;395396ret = krb5_unparse_name(context, principal, &principal_string);397if (ret) {398free(principal_string);399return ret;400}401402sqlite3_bind_text(fetch, 1, principal_string, -1, SQLITE_STATIC);403404sqlite_error = hdb_sqlite_step(context, hsdb->db, fetch);405if (sqlite_error != SQLITE_ROW) {406if(sqlite_error == SQLITE_DONE) {407ret = HDB_ERR_NOENTRY;408goto out;409} else {410ret = EINVAL;411krb5_set_error_message(context, ret,412"sqlite fetch failed: %d",413sqlite_error);414goto out;415}416}417418value.length = sqlite3_column_bytes(fetch, 0);419value.data = (void *) sqlite3_column_blob(fetch, 0);420421ret = hdb_value2entry(context, &value, &entry->entry);422if(ret)423goto out;424425if (db->hdb_master_key_set && (flags & HDB_F_DECRYPT)) {426ret = hdb_unseal_keys(context, db, &entry->entry);427if(ret) {428hdb_free_entry(context, entry);429goto out;430}431}432433ret = 0;434435out:436437sqlite3_clear_bindings(fetch);438sqlite3_reset(fetch);439440free(principal_string);441442return ret;443}444445/**446* Convenience function to step a prepared statement with no447* value once.448*449* @param context The current krb5_context450* @param statement A prepared sqlite3 statement451*452* @return 0 if everything worked, an error code if not453*/454static krb5_error_code455hdb_sqlite_step_once(krb5_context context, HDB *db, sqlite3_stmt *statement)456{457int ret;458hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;459460ret = hdb_sqlite_step(context, hsdb->db, statement);461sqlite3_clear_bindings(statement);462sqlite3_reset(statement);463464return ret;465}466467468/**469* Stores an hdb_entry in the database. If flags contains HDB_F_REPLACE470* a previous entry may be replaced.471*472* @param context The current krb5_context473* @param db Heimdal database handle474* @param flags May currently only contain HDB_F_REPLACE475* @param entry The data to store476*477* @return 0 if everything worked, an error code if not478*/479static krb5_error_code480hdb_sqlite_store(krb5_context context, HDB *db, unsigned flags,481hdb_entry_ex *entry)482{483int ret;484int i;485sqlite_int64 entry_id;486char *principal_string = NULL;487char *alias_string;488const HDB_Ext_Aliases *aliases;489490hdb_sqlite_db *hsdb = (hdb_sqlite_db *)(db->hdb_db);491krb5_data value;492sqlite3_stmt *get_ids = hsdb->get_ids;493494ret = hdb_sqlite_exec_stmt(context, hsdb->db,495"BEGIN IMMEDIATE TRANSACTION", EINVAL);496if(ret != SQLITE_OK) {497ret = EINVAL;498krb5_set_error_message(context, ret,499"SQLite BEGIN TRANSACTION failed: %s",500sqlite3_errmsg(hsdb->db));501goto rollback;502}503504ret = krb5_unparse_name(context,505entry->entry.principal, &principal_string);506if (ret) {507goto rollback;508}509510ret = hdb_seal_keys(context, db, &entry->entry);511if(ret) {512goto rollback;513}514515ret = hdb_entry2value(context, &entry->entry, &value);516if(ret) {517goto rollback;518}519520sqlite3_bind_text(get_ids, 1, principal_string, -1, SQLITE_STATIC);521ret = hdb_sqlite_step(context, hsdb->db, get_ids);522523if(ret == SQLITE_DONE) { /* No such principal */524525sqlite3_bind_blob(hsdb->add_entry, 1,526value.data, value.length, SQLITE_STATIC);527ret = hdb_sqlite_step(context, hsdb->db, hsdb->add_entry);528sqlite3_clear_bindings(hsdb->add_entry);529sqlite3_reset(hsdb->add_entry);530if(ret != SQLITE_DONE)531goto rollback;532533sqlite3_bind_text(hsdb->add_principal, 1,534principal_string, -1, SQLITE_STATIC);535ret = hdb_sqlite_step(context, hsdb->db, hsdb->add_principal);536sqlite3_clear_bindings(hsdb->add_principal);537sqlite3_reset(hsdb->add_principal);538if(ret != SQLITE_DONE)539goto rollback;540541entry_id = sqlite3_column_int64(get_ids, 1);542543} else if(ret == SQLITE_ROW) { /* Found a principal */544545if(! (flags & HDB_F_REPLACE)) /* Not allowed to replace it */546goto rollback;547548entry_id = sqlite3_column_int64(get_ids, 1);549550sqlite3_bind_int64(hsdb->delete_aliases, 1, entry_id);551ret = hdb_sqlite_step_once(context, db, hsdb->delete_aliases);552if(ret != SQLITE_DONE)553goto rollback;554555sqlite3_bind_blob(hsdb->update_entry, 1,556value.data, value.length, SQLITE_STATIC);557sqlite3_bind_int64(hsdb->update_entry, 2, entry_id);558ret = hdb_sqlite_step_once(context, db, hsdb->update_entry);559if(ret != SQLITE_DONE)560goto rollback;561562} else {563/* Error! */564goto rollback;565}566567ret = hdb_entry_get_aliases(&entry->entry, &aliases);568if(ret || aliases == NULL)569goto commit;570571for(i = 0; i < aliases->aliases.len; i++) {572573ret = krb5_unparse_name(context, &aliases->aliases.val[i],574&alias_string);575if (ret) {576free(alias_string);577goto rollback;578}579580sqlite3_bind_text(hsdb->add_alias, 1, alias_string,581-1, SQLITE_STATIC);582sqlite3_bind_int64(hsdb->add_alias, 2, entry_id);583ret = hdb_sqlite_step_once(context, db, hsdb->add_alias);584585free(alias_string);586587if(ret != SQLITE_DONE)588goto rollback;589}590591ret = 0;592593commit:594595free(principal_string);596597krb5_data_free(&value);598599sqlite3_clear_bindings(get_ids);600sqlite3_reset(get_ids);601602ret = hdb_sqlite_exec_stmt(context, hsdb->db, "COMMIT", EINVAL);603if(ret != SQLITE_OK)604krb5_warnx(context, "hdb-sqlite: COMMIT problem: %d: %s",605ret, sqlite3_errmsg(hsdb->db));606607return ret;608609rollback:610611krb5_warnx(context, "hdb-sqlite: store rollback problem: %d: %s",612ret, sqlite3_errmsg(hsdb->db));613614free(principal_string);615616ret = hdb_sqlite_exec_stmt(context, hsdb->db,617"ROLLBACK", EINVAL);618return ret;619}620621/**622* This may be called often by other code, since the BDB backends623* can not have several open connections. SQLite can handle624* many processes with open handles to the database file625* and closing/opening the handle is an expensive operation.626* Hence, this function does nothing.627*628* @param context The current krb5 context629* @param db Heimdal database handle630*631* @return Always returns 0632*/633static krb5_error_code634hdb_sqlite_close(krb5_context context, HDB *db)635{636return 0;637}638639/**640* The opposite of hdb_sqlite_close. Since SQLite accepts641* many open handles to the database file the handle does not642* need to be closed, or reopened.643*644* @param context The current krb5 context645* @param db Heimdal database handle646* @param flags647* @param mode_t648*649* @return Always returns 0650*/651static krb5_error_code652hdb_sqlite_open(krb5_context context, HDB *db, int flags, mode_t mode)653{654return 0;655}656657/**658* Closes the databse and frees all resources.659*660* @param context The current krb5 context661* @param db Heimdal database handle662*663* @return 0 on success, an error code if not664*/665static krb5_error_code666hdb_sqlite_destroy(krb5_context context, HDB *db)667{668int ret;669hdb_sqlite_db *hsdb;670671ret = hdb_clear_master_key(context, db);672673hdb_sqlite_close_database(context, db);674675hsdb = (hdb_sqlite_db*)(db->hdb_db);676677free(hsdb->db_file);678free(db->hdb_db);679free(db);680681return ret;682}683684/*685* Not sure if this is needed.686*/687static krb5_error_code688hdb_sqlite_lock(krb5_context context, HDB *db, int operation)689{690krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB,691"lock not implemented");692return HDB_ERR_CANT_LOCK_DB;693}694695/*696* Not sure if this is needed.697*/698static krb5_error_code699hdb_sqlite_unlock(krb5_context context, HDB *db)700{701krb5_set_error_message(context, HDB_ERR_CANT_LOCK_DB,702"unlock not implemented");703return HDB_ERR_CANT_LOCK_DB;704}705706/*707* Should get the next entry, to allow iteration over all entries.708*/709static krb5_error_code710hdb_sqlite_nextkey(krb5_context context, HDB *db, unsigned flags,711hdb_entry_ex *entry)712{713krb5_error_code ret = 0;714int sqlite_error;715krb5_data value;716717hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;718719sqlite_error = hdb_sqlite_step(context, hsdb->db, hsdb->get_all_entries);720if(sqlite_error == SQLITE_ROW) {721/* Found an entry */722value.length = sqlite3_column_bytes(hsdb->get_all_entries, 0);723value.data = (void *) sqlite3_column_blob(hsdb->get_all_entries, 0);724memset(entry, 0, sizeof(*entry));725ret = hdb_value2entry(context, &value, &entry->entry);726}727else if(sqlite_error == SQLITE_DONE) {728/* No more entries */729ret = HDB_ERR_NOENTRY;730sqlite3_reset(hsdb->get_all_entries);731}732else {733/* XXX SQLite error. Should be handled in some way. */734ret = EINVAL;735}736737return ret;738}739740/*741* Should get the first entry in the database.742* What is flags used for?743*/744static krb5_error_code745hdb_sqlite_firstkey(krb5_context context, HDB *db, unsigned flags,746hdb_entry_ex *entry)747{748hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;749krb5_error_code ret;750751sqlite3_reset(hsdb->get_all_entries);752753ret = hdb_sqlite_nextkey(context, db, flags, entry);754if(ret)755return ret;756757return 0;758}759760/*761* Renames the database file.762*/763static krb5_error_code764hdb_sqlite_rename(krb5_context context, HDB *db, const char *new_name)765{766hdb_sqlite_db *hsdb = (hdb_sqlite_db *) db->hdb_db;767int ret;768769krb5_warnx(context, "hdb_sqlite_rename");770771if (strncasecmp(new_name, "sqlite:", 7) == 0)772new_name += 7;773774hdb_sqlite_close_database(context, db);775776ret = rename(hsdb->db_file, new_name);777free(hsdb->db_file);778779hdb_sqlite_make_database(context, db, new_name);780781return ret;782}783784/*785* Removes a principal, including aliases and associated entry.786*/787static krb5_error_code788hdb_sqlite_remove(krb5_context context, HDB *db,789krb5_const_principal principal)790{791krb5_error_code ret;792char *principal_string;793hdb_sqlite_db *hsdb = (hdb_sqlite_db*)(db->hdb_db);794sqlite3_stmt *remove = hsdb->remove;795796ret = krb5_unparse_name(context, principal, &principal_string);797if (ret) {798free(principal_string);799return ret;800}801802sqlite3_bind_text(remove, 1, principal_string, -1, SQLITE_STATIC);803804ret = hdb_sqlite_step(context, hsdb->db, remove);805if (ret != SQLITE_DONE) {806ret = EINVAL;807krb5_set_error_message(context, ret,808"sqlite remove failed: %d",809ret);810} else811ret = 0;812813sqlite3_clear_bindings(remove);814sqlite3_reset(remove);815816return ret;817}818819/**820* Create SQLITE object, and creates the on disk database if its doesn't exists.821*822* @param context A Kerberos 5 context.823* @param db a returned database handle.824* @param argument filename825*826* @return 0 on success, an error code if not827*/828829krb5_error_code830hdb_sqlite_create(krb5_context context, HDB **db, const char *argument)831{832krb5_error_code ret;833hdb_sqlite_db *hsdb;834835*db = calloc(1, sizeof (**db));836if (*db == NULL)837return krb5_enomem(context);838839hsdb = (hdb_sqlite_db*) calloc(1, sizeof (*hsdb));840if (hsdb == NULL) {841free(*db);842*db = NULL;843return krb5_enomem(context);844}845846(*db)->hdb_db = hsdb;847848/* XXX make_database should make sure everything else is freed on error */849ret = hdb_sqlite_make_database(context, *db, argument);850if (ret) {851free((*db)->hdb_db);852free(*db);853854return ret;855}856857(*db)->hdb_master_key_set = 0;858(*db)->hdb_openp = 0;859(*db)->hdb_capability_flags = 0;860861(*db)->hdb_open = hdb_sqlite_open;862(*db)->hdb_close = hdb_sqlite_close;863864(*db)->hdb_lock = hdb_sqlite_lock;865(*db)->hdb_unlock = hdb_sqlite_unlock;866(*db)->hdb_firstkey = hdb_sqlite_firstkey;867(*db)->hdb_nextkey = hdb_sqlite_nextkey;868(*db)->hdb_fetch_kvno = hdb_sqlite_fetch_kvno;869(*db)->hdb_store = hdb_sqlite_store;870(*db)->hdb_remove = hdb_sqlite_remove;871(*db)->hdb_destroy = hdb_sqlite_destroy;872(*db)->hdb_rename = hdb_sqlite_rename;873(*db)->hdb__get = NULL;874(*db)->hdb__put = NULL;875(*db)->hdb__del = NULL;876877return 0;878}879880881