From 52c795634b75156b6fe87e656eef3a8e0f986aef Mon Sep 17 00:00:00 2001
From: Michael Rash <mbr@cipherdyne.org>
Date: Wed, 10 Aug 2011 22:07:25 -0400
Subject: [PATCH] Updated digest file path for gdbm/ndbm support

If fwknopd is compiled with --disable-file-cache to the ./configure script
then it will assume that the default filename is "digest_db.cache" for the
digest cache.  If the file cache method is used (this is the default), then
"digest.cache" is the default filename.  A new variable DIGEST_DB_FILE in
the fwknopd.conf file controls the digest filename if gdbm/ndbm support is
required.
---
 server/config_init.c    | 11 ++++++++++-
 server/fwknopd.c        |  8 ++++++++
 server/fwknopd.conf     |  3 +++
 server/fwknopd_common.h | 14 +++++++++++++-
 server/replay_cache.c   | 30 +++++++++++++++++++++++-------
 5 files changed, 57 insertions(+), 9 deletions(-)

diff --git a/server/config_init.c b/server/config_init.c
index e3a700b5..0742fa79 100644
--- a/server/config_init.c
+++ b/server/config_init.c
@@ -248,16 +248,25 @@ validate_options(fko_srv_options_t *opts)
         set_config_entry(opts, CONF_FWKNOP_PID_FILE, tmp_path);
     }
 
+#if USE_FILE_CACHE
     if(opts->config[CONF_DIGEST_FILE] == NULL)
+#else
+    if(opts->config[CONF_DIGEST_DB_FILE] == NULL)
+#endif
     {
         strlcpy(tmp_path, opts->config[CONF_FWKNOP_RUN_DIR], MAX_PATH_LEN);
 
         if(tmp_path[strlen(tmp_path)-1] != '/')
             strlcat(tmp_path, "/", MAX_PATH_LEN);
 
-        strlcat(tmp_path, DEF_DIGEST_CACHE_FILENAME, MAX_PATH_LEN);
 
+#if USE_FILE_CACHE
+        strlcat(tmp_path, DEF_DIGEST_CACHE_FILENAME, MAX_PATH_LEN);
         set_config_entry(opts, CONF_DIGEST_FILE, tmp_path);
+#else
+        strlcat(tmp_path, DEF_DIGEST_CACHE_DB_FILENAME, MAX_PATH_LEN);
+        set_config_entry(opts, CONF_DIGEST_DB_FILE, tmp_path);
+#endif
     }
 
     /* Set remaining require CONF_ vars if they are not already set.  */
diff --git a/server/fwknopd.c b/server/fwknopd.c
index 1fa5486a..67e41237 100644
--- a/server/fwknopd.c
+++ b/server/fwknopd.c
@@ -166,7 +166,11 @@ main(int argc, char **argv)
          * in case it configured to be somewhere other than the run dir.
         */
         check_dir_path((const char *)opts.config[CONF_FWKNOP_RUN_DIR], "Run", 0);
+#if USE_FILE_CACHE
         check_dir_path((const char *)opts.config[CONF_DIGEST_FILE], "Run", 1);
+#else
+        check_dir_path((const char *)opts.config[CONF_DIGEST_DB_FILE], "Run", 1);
+#endif
 
         /* Process the access.conf file.
         */
@@ -258,7 +262,11 @@ main(int argc, char **argv)
             if(opts.verbose)
                 log_msg(LOG_ERR,
                     "Using Digest Cache: '%s' (entry count = %i)",
+#if USE_FILE_CACHE
                     opts.config[CONF_DIGEST_FILE], rp_cache_count
+#else
+                    opts.config[CONF_DIGEST_DB_FILE], rp_cache_count
+#endif
                 );
         }
 
diff --git a/server/fwknopd.conf b/server/fwknopd.conf
index 4e362c79..37937078 100644
--- a/server/fwknopd.conf
+++ b/server/fwknopd.conf
@@ -300,6 +300,9 @@
 #ACCESS_FILE                 access.conf;
 #FWKNOP_PID_FILE             $FWKNOP_RUN_DIR/fwknopd.pid;
 #DIGEST_FILE                 $FWKNOP_RUN_DIR/digest.cache;
+### The DB version is only used if fwknopd was built with gdbm/ndbm
+### support (not needed by default).
+#DIGEST_DB_FILE              $FWKNOP_RUN_DIR/digest_db.cache;
 
 # System binaries
 #
diff --git a/server/fwknopd_common.h b/server/fwknopd_common.h
index 30d4c855..bcd83408 100644
--- a/server/fwknopd_common.h
+++ b/server/fwknopd_common.h
@@ -72,7 +72,11 @@
 /* More Conf defaults
 */
 #define DEF_PID_FILENAME                MY_NAME".pid"
-#define DEF_DIGEST_CACHE_FILENAME       "digest.cache"
+#if USE_FILE_CACHE
+  #define DEF_DIGEST_CACHE_FILENAME       "digest.cache"
+#else
+  #define DEF_DIGEST_CACHE_DB_FILENAME    "digest_db.cache"
+#endif
 
 #define DEF_INTERFACE                   "eth0"
 #define DEF_ENABLE_PCAP_PROMISC         "N"
@@ -199,7 +203,11 @@ enum {
     CONF_FWKNOP_CONF_DIR,
     CONF_ACCESS_FILE,
     CONF_FWKNOP_PID_FILE,
+#if USE_FILE_CACHE
     CONF_DIGEST_FILE,
+#else
+    CONF_DIGEST_DB_FILE,
+#endif
     CONF_GPG_HOME_DIR,
     CONF_FIREWALL_EXE,
 
@@ -267,7 +275,11 @@ static char *config_map[NUMBER_OF_CONFIG_ENTRIES] = {
     "FWKNOP_CONF_DIR",
     "ACCESS_FILE",
     "FWKNOP_PID_FILE",
+#if USE_FILE_CACHE
     "DIGEST_FILE",
+#else
+    "DIGEST_DB_FILE",
+#endif
     "GPG_HOME_DIR",
     "FIREWALL_EXE",
 };  
diff --git a/server/replay_cache.c b/server/replay_cache.c
index 47c56d17..327f8f6a 100644
--- a/server/replay_cache.c
+++ b/server/replay_cache.c
@@ -88,7 +88,11 @@ rotate_digest_cache_file(fko_srv_options_t *opts)
 
     log_msg(LOG_INFO, "Rotating digest cache file.");
 
+#if USE_FILE_CACHE
     new_file = malloc(strlen(opts->config[CONF_DIGEST_FILE])+5);
+#else
+    new_file = malloc(strlen(opts->config[CONF_DIGEST_DB_FILE])+5);
+#endif
 
     if(new_file == NULL)
     {
@@ -98,14 +102,26 @@ rotate_digest_cache_file(fko_srv_options_t *opts)
 
     /* The new filename is just the original with a trailing '-old'.
     */
+#if USE_FILE_CACHE
     strcpy(new_file, opts->config[CONF_DIGEST_FILE]);
+#else
+    strcpy(new_file, opts->config[CONF_DIGEST_DB_FILE]);
+#endif
     strcat(new_file, "-old");
 
+#if USE_FILE_CACHE
     res = rename(opts->config[CONF_DIGEST_FILE], new_file);
+#else
+    res = rename(opts->config[CONF_DIGEST_DB_FILE], new_file);
+#endif
 
     if(res < 0)
         log_msg(LOG_ERR, "Unable to rename digest file: %s to %s: %s",
+#if USE_FILE_CACHE
             opts->config[CONF_DIGEST_FILE], new_file, strerror(errno)
+#else
+            opts->config[CONF_DIGEST_DB_FILE], new_file, strerror(errno)
+#endif
         );
 #endif /* NO_DIGEST_CACHE */
 }
@@ -164,11 +180,11 @@ replay_db_cache_init(fko_srv_options_t *opts)
 
 #ifdef HAVE_LIBGDBM
     rpdb = gdbm_open(
-        opts->config[CONF_DIGEST_FILE], 512, GDBM_WRCREAT, S_IRUSR|S_IWUSR, 0
+        opts->config[CONF_DIGEST_DB_FILE], 512, GDBM_WRCREAT, S_IRUSR|S_IWUSR, 0
     );
 #elif HAVE_LIBNDBM
     rpdb = dbm_open(
-        opts->config[CONF_DIGEST_FILE], O_RDWR|O_CREAT, S_IRUSR|S_IWUSR
+        opts->config[CONF_DIGEST_DB_FILE], O_RDWR|O_CREAT, S_IRUSR|S_IWUSR
     );
 #endif
 
@@ -176,7 +192,7 @@ replay_db_cache_init(fko_srv_options_t *opts)
     {
         log_msg(LOG_ERR,
             "Unable to open digest cache file: '%s': %s",
-            opts->config[CONF_DIGEST_FILE],
+            opts->config[CONF_DIGEST_DB_FILE],
             MY_DBM_STRERROR(errno)
         );
 
@@ -327,16 +343,16 @@ replay_check_dbm_cache(fko_srv_options_t *opts, fko_ctx_t ctx)
     */
 #ifdef HAVE_LIBGDBM
     rpdb = gdbm_open(
-         opts->config[CONF_DIGEST_FILE], 512, GDBM_WRCREAT, S_IRUSR|S_IWUSR, 0
+         opts->config[CONF_DIGEST_DB_FILE], 512, GDBM_WRCREAT, S_IRUSR|S_IWUSR, 0
     );
 #elif HAVE_LIBNDBM
-    rpdb = dbm_open(opts->config[CONF_DIGEST_FILE], O_RDWR, 0);
+    rpdb = dbm_open(opts->config[CONF_DIGEST_DB_FILE], O_RDWR, 0);
 #endif
 
     if(!rpdb)
     {
         log_msg(LOG_WARNING, "Error opening digest_cache: '%s': %s",
-            opts->config[CONF_DIGEST_FILE],
+            opts->config[CONF_DIGEST_DB_FILE],
             MY_DBM_STRERROR(errno)
         );
 
@@ -393,7 +409,7 @@ replay_check_dbm_cache(fko_srv_options_t *opts, fko_ctx_t ctx)
         */
         if(MY_DBM_STORE(rpdb, db_key, db_ent, MY_DBM_REPLACE) != 0)
             log_msg(LOG_WARNING, "Error updating entry in digest_cache: '%s': %s",
-                opts->config[CONF_DIGEST_FILE],
+                opts->config[CONF_DIGEST_DB_FILE],
                 MY_DBM_STRERROR(errno)
             );