From: Howard Chu <hyc@openldap.org>
Date: Fri, 30 Jun 2017 15:30:29 +0000 (+0100)
Subject: Save/restore enc IV in page 0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fafbd42cd28a07c4dc88f363719e7f0d56c0f304;p=thirdparty%2Fopenldap.git

Save/restore enc IV in page 0
---

diff --git a/libraries/liblmdb/mdb.c b/libraries/liblmdb/mdb.c
index c25f2d4f16..2e91fece3d 100644
--- a/libraries/liblmdb/mdb.c
+++ b/libraries/liblmdb/mdb.c
@@ -4213,6 +4213,15 @@ mdb_env_init_meta(MDB_env *env, MDB_meta *meta)
 	q->mp_flags = P_META;
 	*(MDB_meta *)METADATA(q) = *meta;
 
+#if MDB_RPAGE_CACHE
+	if ((env->me_flags & MDB_ENCRYPT) && env->me_enckey[1].mv_size) {
+		/* save the IV in tail of page 0 */
+		char *ptr = (char *)q;
+		unsigned short *u = (unsigned short *)(ptr-2);
+		*u = env->me_enckey[1].mv_size;
+		memcpy(ptr - 2 - env->me_enckey[1].mv_size, env->me_enckey[1].mv_data, env->me_enckey[1].mv_size);
+	}
+#endif
 	DO_PWRITE(rc, env->me_fd, p, psize * NUM_METAS, len, 0);
 	if (!rc)
 		rc = ErrCode();
@@ -4914,6 +4923,21 @@ mdb_env_open2(MDB_env *env)
 	if ((env->me_flags ^ env->me_metas[0]->mm_flags) & MDB_ENCRYPT)
 		return MDB_INCOMPATIBLE;
 
+#if MDB_RPAGE_CACHE
+	if (!newenv && env->me_flags & MDB_ENCRYPT) {
+		/* for encrypted env, read IV from tail of page 0 */
+		char *ptr = env->me_map + env->me_psize, *ekey;
+		unsigned short *u = (unsigned short *)(ptr - 2);
+		env->me_enckey[1].mv_size = *u;
+		ekey = realloc(env->me_enckey[0].mv_data, env->me_enckey[0].mv_size + env->me_enckey[1].mv_size);
+		if (!ekey)
+			return ENOMEM;
+		env->me_enckey[0].mv_data = ekey;
+		env->me_enckey[1].mv_data = ekey + env->me_enckey[0].mv_size;
+		memcpy(env->me_enckey[1].mv_data, ptr - 2 - env->me_enckey[1].mv_size, env->me_enckey[1].mv_size);
+	}
+#endif
+
 	env->me_maxfree_1pg = (env->me_psize - PAGEHDRSZ) / sizeof(pgno_t) - 1;
 	env->me_nodemax = (((env->me_psize - PAGEHDRSZ) / MDB_MINKEYS) & -2)
 		- sizeof(indx_t);