Clean up. These functions and data types are now no longer used.
Signed-off-by: Chuck Lever <[email protected]>
---
src/include/nsdb.h | 22 ----
src/libnsdb/nsdb.c | 291 ----------------------------------------------------
2 files changed, 0 insertions(+), 313 deletions(-)
diff --git a/src/include/nsdb.h b/src/include/nsdb.h
index 1bbe947..4f6aadc 100644
--- a/src/include/nsdb.h
+++ b/src/include/nsdb.h
@@ -40,15 +40,6 @@ struct fedfs_nsdb;
typedef struct fedfs_nsdb *nsdb_t;
/**
- * Stored connection parameters
- */
-struct fedfs_secdata {
- FedFsConnectionSec type;
- char *data;
- unsigned int len;
-};
-
-/**
* Object that contains FedFS Fileset Name data
*
* Derived from the fedfsFsn object class, defined in
@@ -157,12 +148,6 @@ _Bool nsdb_is_default_parentdir(void);
_Bool nsdb_init_database(void);
/**
- * Extract contents of a certificate file
- */
-FedFsStatus nsdb_read_certfile(const char *pathname,
- char **certdata, unsigned int *certlen);
-
-/**
* Generate list of NSDB names we know about
*/
FedFsStatus nsdb_enumerate_nsdbs(char ***nsdblist);
@@ -207,13 +192,6 @@ FedFsStatus nsdb_connsec_get_cert_data(nsdb_t host,
char **data, unsigned int *len);
/**
- * Update stored connection parameters for an NSDB
- */
-FedFsStatus nsdb_update_nsdb(const char *hostname,
- const unsigned short port,
- const struct fedfs_secdata *sec);
-
-/**
* Set connection security parameters for an NSDB to "NONE"
*/
FedFsStatus nsdb_connsec_set_none(const char *hostname,
diff --git a/src/libnsdb/nsdb.c b/src/libnsdb/nsdb.c
index 5b75294..94f9317 100644
--- a/src/libnsdb/nsdb.c
+++ b/src/libnsdb/nsdb.c
@@ -560,138 +560,6 @@ nsdb_new_nsdb(const char *hostname, const unsigned long
port, nsdb_t *host)
}
/**
- * Read security data from an existing cert file
- *
- * @param pathname NUL-terminated C string containing pathname of certificate
file
- * @param certdata OUT: pointer to buffer containing certificate; caller must
free the buffer with free(3)
- * @param certlen OUT: length of buffer containing certificate
- * @return a FedFsStatus code
- */
-FedFsStatus
-nsdb_read_certfile(const char *pathname, char **certdata,
- unsigned int *certlen)
-{
- FedFsStatus retval;
- struct stat stb;
- ssize_t size;
- char *buf;
- int fd;
-
- retval = FEDFS_ERR_SVRFAULT;
- if (lstat(pathname, &stb) == -1) {
- xlog(D_GENERAL, "%s: Failed to stat %s: %m",
- __func__, pathname);
- goto out;
- }
-
- buf = malloc((size_t)stb.st_size);
- if (buf == NULL) {
- xlog(D_GENERAL, "%s: Failed to allocate buffer for %s: %m",
- __func__, pathname);
- goto out;
- }
-
- fd = open(pathname, O_RDONLY);
- if (fd == -1) {
- xlog(D_GENERAL, "%s: Failed to open %s: %m",
- __func__, pathname);
- free(buf);
- goto out;
- }
-
- size = read(fd, buf, stb.st_size);
- if (size < 0 || (off_t)size != stb.st_size) {
- xlog(D_GENERAL, "%s: Failed to read %s: %m",
- __func__, pathname);
- free(buf);
- (void)close(fd);
- goto out;
- }
-
- xlog(D_CALL, "%s: Successfully read %s", __func__, pathname);
-
- (void)close(fd);
- *certdata = buf;
- *certlen = stb.st_size;
- retval = FEDFS_OK;
-
-out:
- return retval;
-}
-
-/**
- * Create a new cert file and store the security data in it
- *
- * @param certdata pointer to buffer containing certificate
- * @param certlen length of certificate in "certdata"
- * @param pathname OUT: pointer to C string containing pathname of new
certificate file; caller must free the pathname with free(3)
- * @return a FedFsStatus value
- *
- * On success, FEDFS_OK is returned, a new cert file is created, and the
- * pathname is filled in.
- */
-static FedFsStatus
-nsdb_new_certfile(const char *certdata, const unsigned int certlen,
- char **pathname)
-{
- char pathbuf[PATH_MAX], uuidbuf[FEDFS_UUID_STRLEN];
- FedFsStatus retval;
- ssize_t size;
- int fd, len;
- uuid_t uu;
-
- /*
- * We require a guaranteed unique file name for each
- * new cert. Use uuid_generate_time(3) to avoid
- * depleting the local entropy pool.
- */
- uuid_generate_time(uu);
- uuid_unparse(uu, uuidbuf);
-
- retval = FEDFS_ERR_SVRFAULT;
- len = snprintf(pathbuf, sizeof(pathbuf), "%s/%s",
- fedfs_nsdbcerts_dirname, uuidbuf);
- if (len > PATH_MAX) {
- xlog(L_ERROR, "Fedfsd cert directory pathname is too long");
- goto out;
- }
-
- if (mkdir(fedfs_nsdbcerts_dirname, FEDFS_BASE_DIRMODE) == -1) {
- if (errno != EEXIST) {
- xlog(L_ERROR, "Failed to create certfile directory:
%m");
- return FEDFS_ERR_SVRFAULT;
- }
- }
-
- fd = open(pathbuf, O_WRONLY | O_SYNC | O_CREAT | O_EXCL,
- FEDFS_CERTFILE_MODE);
- if (fd == -1) {
- xlog(D_GENERAL, "%s: Failed to open %s: %m",
- __func__, pathbuf);
- goto out;
- }
-
- size = write(fd, certdata, certlen);
- if (size < 0 || (unsigned int)size != certlen) {
- xlog(D_GENERAL, "%s: Failed to write %s: %m",
- __func__, pathbuf);
- (void)unlink(pathbuf);
- (void)close(fd);
- goto out;
- }
-
- (void)close(fd);
-
- *pathname = strdup(pathbuf);
- if (*pathname == NULL)
- goto out;
-
- retval = FEDFS_OK;
-out:
- return retval;
-}
-
-/**
* Read information about an NSDB from our NSDB database
*
* @param db an open sqlite3 database descriptor
@@ -848,79 +716,6 @@ out:
}
/**
- * Update information about an NSDB in our NSDB database
- *
- * @param db an open sqlite3 database descriptor
- * @param host an instantiated nsdb_t object
- * @param sectype an integer value representing the security type
- * @param certfile a NUL-terminated UTF-8 C string containing the name of a
file containing an x.509 certificate
- * @return a FedFsStatus code
- *
- * Information is copied from the nsdb_t object to the cert store.
- */
-static FedFsStatus
-nsdb_update_nsdbname(sqlite3 *db, const nsdb_t host,
- unsigned int sectype, const char *certfile)
-{
- const char *domainname = host->fn_hostname;
- const int port = host->fn_port;
- sqlite3_stmt *stmt;
- FedFsStatus retval;
- int rc;
-
- retval = FEDFS_ERR_IO;
- if (!nsdb_prepare_stmt(db, &stmt, "UPDATE nsdbs "
- " SET securityType=?,securityFilename=?"
- "WHERE nsdbName=? and nsdbPort=?;"))
- goto out;
-
- rc = sqlite3_bind_int(stmt, 1, sectype);
- if (rc != SQLITE_OK) {
- xlog(L_ERROR, "Failed to bind connection security value: %s",
- sqlite3_errmsg(db));
- goto out_finalize;
- }
-
- rc = sqlite3_bind_text(stmt, 2, certfile, -1, SQLITE_STATIC);
- if (rc != SQLITE_OK) {
- xlog(L_ERROR, "Failed to bind security data value: %s",
- sqlite3_errmsg(db));
- goto out_finalize;
- }
-
- rc = sqlite3_bind_text(stmt, 3, domainname, -1, SQLITE_STATIC);
- if (rc != SQLITE_OK) {
- xlog(L_ERROR, "Failed to bind NSDB hostname %s: %s",
- domainname, sqlite3_errmsg(db));
- goto out_finalize;
- }
-
- rc = sqlite3_bind_int(stmt, 4, port);
- if (rc != SQLITE_OK) {
- xlog(L_ERROR, "Failed to bind port number: %s",
- sqlite3_errmsg(db));
- goto out_finalize;
- }
-
- rc = sqlite3_step(stmt);
- switch (rc) {
- case SQLITE_DONE:
- xlog(D_CALL, "%s: Updated NSDB info record for '%s:%u' "
- "to nsdbs table", __func__, domainname, port);
- retval = FEDFS_OK;
- break;
- default:
- xlog(L_ERROR, "Failed to update NSDB info record for '%s:%u':
%s",
- domainname, port, sqlite3_errmsg(db));
- }
-
-out_finalize:
- nsdb_finalize_stmt(stmt);
-out:
- return retval;
-}
-
-/**
* Update security information about an NSDB in our NSDB database
*
* @param db an open sqlite3 database descriptor
@@ -1395,92 +1190,6 @@ nsdb_create_nsdb(const char *hostname, const unsigned
short port)
}
/**
- * Update connection parameters for an NSDB
- *
- * @param host an instantiated nsdb_t object
- * @param sec new connection parameters
- * @return a FedFsStatus code
- */
-static FedFsStatus
-nsdb_update_nsdbparams(nsdb_t host, const struct fedfs_secdata *sec)
-{
- FedFsStatus retval;
- char *certfile;
- sqlite3 *db;
-
- xlog(D_CALL, "%s: writing parameters for NSDB '%s'",
- __func__, host->fn_hostname);
-
- switch (sec->type) {
- case FEDFS_SEC_NONE:
- certfile = strdup("");
- break;
- case FEDFS_SEC_TLS:
- retval = nsdb_new_certfile(sec->data, sec->len,
- &certfile);
- if (retval != FEDFS_OK)
- goto out;
- break;
- default:
- retval = FEDFS_ERR_INVAL;
- goto out;
- }
-
- retval = FEDFS_ERR_IO;
- db = nsdb_open_db(fedfs_db_filename, SQLITE_OPEN_READWRITE);
- if (db == NULL) {
- free(certfile);
- goto out;
- }
-
- retval = nsdb_new_nsdbname(db, host);
- if (retval != FEDFS_OK) {
- free(certfile);
- goto out_close;
- }
-
- retval = nsdb_update_nsdbname(db, host, sec->type, certfile);
- if (retval != FEDFS_OK) {
- free(certfile);
- goto out_close;
- }
-
- host->fn_sectype = (unsigned int)sec->type;
- host->fn_certfile = certfile;
- retval = FEDFS_OK;
-
-out_close:
- nsdb_close_db(db);
-out:
- return retval;
-}
-
-/**
- * Update connection parameters for an NSDB
- *
- * @param hostname NUL-terminated UTF-8 string containing NSDB hostname
- * @param port integer port number of NSDB
- * @param sec buffer containing new connection data
- * @return a FedFsStatus code
- */
-FedFsStatus
-nsdb_update_nsdb(const char *hostname, const unsigned short port,
- const struct fedfs_secdata *sec)
-{
- nsdb_t host;
- FedFsStatus retval;
-
- retval = nsdb_new_nsdb(hostname, port, &host);
- if (retval != FEDFS_OK)
- return retval;
-
- retval = nsdb_update_nsdbparams(host, sec);
-
- nsdb_free_nsdb(host);
- return retval;
-}
-
-/**
* Update connection security parameters for an NSDB
*
* @param host an instantiated nsdb_t object
_______________________________________________
fedfs-utils-devel mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel
