improve reporting of errors in DBM by translating system errors

into NSPR equivalents instead of just reporting BAD_DATABASE.

4 files changed, 262 insertions, 14 deletions

diff --git a/security/nss/lib/certdb/manifest.mn b/security/nss/lib/certdb/manifest.mn
index 1cb6ff4b7..b0adf2313 100644
--- a/security/nss/lib/certdb/manifest.mn
+++ b/security/nss/lib/certdb/manifest.mn
@@ -60,6 +60,7 @@ CSRCS = \
 	pcertdb.c \
 	polcyxtn.c \
 	secname.c \
+	syserr.c  \
 	xauthkid.c \
 	xbsconst.c \
 	xconst.c \
diff --git a/security/nss/lib/certdb/pcertdb.c b/security/nss/lib/certdb/pcertdb.c
index f6601d4cb..152615535 100644
--- a/security/nss/lib/certdb/pcertdb.c
+++ b/security/nss/lib/certdb/pcertdb.c
@@ -61,6 +61,23 @@
 CERTCertificate *
 CERT_FindCertByDERCertNoLocking(CERTCertDBHandle *handle, SECItem *derCert);
 
+extern void nss_MD_map_system_error();
+
+static void map_dbm_error(int dbmrv)
+{
+    /* a return > 0 indicates the database operation succeeded, but
+     *  1) a record that should have been in the db wasn't (read)
+     *  2) a record that should not have been in the db was (write)
+     * this is a corruption of the db, and hence a SEC_ERROR
+     */
+    if (dbmrv > 0) {
+	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+    } else {
+	/* otherwise, a system error occurred during a dbm operation */
+	nss_MD_map_system_error();
+    }
+}
+
 /*
  * the following functions are wrappers for the db library that implement
  * a global lock to make the database thread safe.
@@ -195,13 +212,13 @@ DeleteDBEntry(CERTCertDBHandle *handle, certDBEntryType type, SECItem *dbkey)
     /* delete entry from database */
     ret = certdb_Del(handle->permCertDB, &key, 0 );
     if ( ret != 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
     ret = certdb_Sync(handle->permCertDB, 0);
     if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
@@ -228,13 +245,13 @@ ReadDBEntry(CERTCertDBHandle *handle, certDBEntryCommon *entry,
     /* read entry from database */
     ret = certdb_Get(handle->permCertDB, &key, &data, 0 );
     if ( ret != 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
     
     /* validate the entry */
     if ( data.size < SEC_DB_ENTRY_HEADER_LEN ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
     buf = (unsigned char *)data.data;
@@ -2904,12 +2921,12 @@ FindSubjectList(CERTCertDBHandle *handle, SECItem *subject, PRBool create)
 
     /* error accessing the database */
     if ( ret < 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
     if ( ret == 0 ) {	/* found in temp database */
-	if ( tmpdata.size != sizeof(CERTCertificate *) ) {
+	if ( tmpdata.size != sizeof(CERTSubjectList *) ) {
 	    PORT_SetError(SEC_ERROR_BAD_DATABASE);
 	    goto loser;
 	}
@@ -2929,6 +2946,7 @@ FindSubjectList(CERTCertDBHandle *handle, SECItem *subject, PRBool create)
 		ret = certdb_Put(handle->tempCertDB, &namekey,
 				 &tmpdata, R_NOOVERWRITE);
 		if ( ret ) {
+		    map_dbm_error(ret);
 		    goto loser;
 		}
 	    }
@@ -4855,7 +4873,7 @@ CERT_OpenCertDB(CERTCertDBHandle *handle, PRBool readOnly,
         DBM_DEFAULT,    /* bucket size */
         DBM_DEFAULT,    /* fill factor */
         DBM_DEFAULT,    /* number of elements */
-        256 * 1024, 	/* bytes to cache */
+        1024 * 1024, 	/* bytes to cache */
         DBM_DEFAULT,    /* hash function */
         DBM_DEFAULT     /* byte order */
     };
@@ -4964,7 +4982,7 @@ SEC_AddTempNickname(CERTCertDBHandle *handle, char *nickname,
     ret = certdb_Put(handle->tempCertDB, &namekey, &keydata, R_NOOVERWRITE);
 
     if ( ret ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
@@ -5085,6 +5103,7 @@ NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, char *nickname,
 	/* enter into the subject index */
 	rv = AddTempCertToSubjectList(cert);
 	if ( rv != SECSuccess ) {
+	    promoteError = PR_FALSE;
 	    goto loser;
 	}
 	/*
@@ -5111,6 +5130,8 @@ NewTempCertificate(CERTCertDBHandle *handle, SECItem *derCert, char *nickname,
     /* enter into main db */
     status = certdb_Put(handle->tempCertDB, &key, &data, R_NOOVERWRITE);
     if ( status ) {
+	map_dbm_error(status);
+	promoteError = PR_FALSE;
 	goto loser;
     }
 
@@ -5310,7 +5331,7 @@ FindCertByKey(CERTCertDBHandle *handle, SECItem *certKey, PRBool lockdb)
 
     /* error accessing the database */
     if ( ret < 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
@@ -5493,7 +5514,7 @@ CERT_FindCertByNickname(CERTCertDBHandle *handle, char *nickname)
 
     /* error accessing the database */
     if ( ret < 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
@@ -6296,6 +6317,7 @@ SEC_AddPermCrlToTemp(CERTCertDBHandle *handle, certDBEntryRevocation *entry)
     /* enter into main db */
     status = certdb_Put(handle->tempCertDB, &key, &data, R_NOOVERWRITE);
     if ( status ) {
+	map_dbm_error(status);
 	goto loser;
     }
 
@@ -6319,7 +6341,6 @@ loser:
 	PORT_FreeArena(arena, PR_FALSE);
     }
     
-    PORT_SetError(SEC_ERROR_BAD_DATABASE);
     return(0);
 }
 
@@ -6408,7 +6429,7 @@ SEC_FindCrlByKey(CERTCertDBHandle *handle, SECItem *crlKey, int type)
 
     /* error accessing the database */
     if ( ret < 0 ) {
-	PORT_SetError(SEC_ERROR_BAD_DATABASE);
+	map_dbm_error(ret);
 	goto loser;
     }
 
diff --git a/security/nss/lib/certdb/syserr.c b/security/nss/lib/certdb/syserr.c
new file mode 100644
index 000000000..d7b27fd2c
--- /dev/null
+++ b/security/nss/lib/certdb/syserr.c
@@ -0,0 +1,226 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/*
+ * This file essentially replicates NSPR's source for the functions that
+ * map system-specific error codes to NSPR error codes.  We would use 
+ * NSPR's functions, instead of duplicating them, but they're private.
+ * As long as SSL's server session cache code must do platform native I/O
+ * to accomplish its job, and NSPR's error mapping functions remain private,
+ * this code will continue to need to be replicated.
+ * 
+ * The contents of this file are subject to the Mozilla Public
+ * License Version 1.1 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.mozilla.org/MPL/
+ * 
+ * Software distributed under the License is distributed on an "AS
+ * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * rights and limitations under the License.
+ * 
+ * The Original Code is the Netscape security libraries.
+ * 
+ * The Initial Developer of the Original Code is Netscape
+ * Communications Corporation.  Portions created by Netscape are 
+ * Copyright (C) 1994-2000 Netscape Communications Corporation.  All
+ * Rights Reserved.
+ * 
+ * Contributor(s):
+ * 
+ * Alternatively, the contents of this file may be used under the
+ * terms of the GNU General Public License Version 2 or later (the
+ * "GPL"), in which case the provisions of the GPL are applicable 
+ * instead of those above.  If you wish to allow use of your 
+ * version of this file only under the terms of the GPL and not to
+ * allow others to use your version of this file under the MPL,
+ * indicate your decision by deleting the provisions above and
+ * replace them with the notice and other provisions required by
+ * the GPL.  If you do not delete the provisions above, a recipient
+ * may use your version of this file under either the MPL or the
+ * GPL.
+ *
+ * $Id$
+ */
+
+#include "prerror.h"
+#include "prlog.h"
+#include <errno.h>
+ 
+/* mapping of system -> NSPR error codes, taken from libssl.
+ * used when dbm return value < 0, indicating system error.
+ */
+
+#if defined(WIN32)
+
+#include <windows.h>
+
+void nss_MD_map_system_error()
+{
+    PRErrorCode prError;
+    PRInt32 err = GetLastError();
+
+    switch (err) {
+    case EACCES: 		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case ENOENT: 		prError = PR_FILE_NOT_FOUND_ERROR; break;
+    case ERROR_ACCESS_DENIED: 	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case ERROR_ALREADY_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
+    case ERROR_DISK_CORRUPT: 	prError = PR_IO_ERROR; break;
+    case ERROR_DISK_FULL: 	prError = PR_NO_DEVICE_SPACE_ERROR; break;
+    case ERROR_DISK_OPERATION_FAILED: prError = PR_IO_ERROR; break;
+    case ERROR_DRIVE_LOCKED: 	prError = PR_FILE_IS_LOCKED_ERROR; break;
+    case ERROR_FILENAME_EXCED_RANGE: prError = PR_NAME_TOO_LONG_ERROR; break;
+    case ERROR_FILE_CORRUPT: 	prError = PR_IO_ERROR; break;
+    case ERROR_FILE_EXISTS: 	prError = PR_FILE_EXISTS_ERROR; break;
+    case ERROR_FILE_INVALID: 	prError = PR_BAD_DESCRIPTOR_ERROR; break;
+#if ERROR_FILE_NOT_FOUND != ENOENT
+    case ERROR_FILE_NOT_FOUND: 	prError = PR_FILE_NOT_FOUND_ERROR; break;
+#endif
+    case ERROR_HANDLE_DISK_FULL: prError = PR_NO_DEVICE_SPACE_ERROR; break;
+    case ERROR_INVALID_ADDRESS: prError = PR_ACCESS_FAULT_ERROR; break;
+    case ERROR_INVALID_HANDLE: 	prError = PR_BAD_DESCRIPTOR_ERROR; break;
+    case ERROR_INVALID_NAME: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case ERROR_INVALID_PARAMETER: prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case ERROR_INVALID_USER_BUFFER: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+    case ERROR_LOCKED:	 	prError = PR_FILE_IS_LOCKED_ERROR; break;
+    case ERROR_NETNAME_DELETED: prError = PR_CONNECT_RESET_ERROR; break;
+    case ERROR_NOACCESS: 	prError = PR_ACCESS_FAULT_ERROR; break;
+    case ERROR_NOT_ENOUGH_MEMORY: prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+    case ERROR_NOT_ENOUGH_QUOTA: prError = PR_OUT_OF_MEMORY_ERROR; break;
+    case ERROR_NOT_READY: 	prError = PR_IO_ERROR; break;
+    case ERROR_NO_MORE_FILES: 	prError = PR_NO_MORE_FILES_ERROR; break;
+    case ERROR_OPEN_FAILED: 	prError = PR_IO_ERROR; break;
+    case ERROR_OPEN_FILES: 	prError = PR_IO_ERROR; break;
+    case ERROR_OUTOFMEMORY: 	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+    case ERROR_PATH_BUSY: 	prError = PR_IO_ERROR; break;
+    case ERROR_PATH_NOT_FOUND: 	prError = PR_FILE_NOT_FOUND_ERROR; break;
+    case ERROR_SEEK_ON_DEVICE: 	prError = PR_IO_ERROR; break;
+    case ERROR_SHARING_VIOLATION: prError = PR_FILE_IS_BUSY_ERROR; break;
+    case ERROR_STACK_OVERFLOW: 	prError = PR_ACCESS_FAULT_ERROR; break;
+    case ERROR_TOO_MANY_OPEN_FILES: prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
+    case ERROR_WRITE_PROTECT: 	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case WSAEACCES: 		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case WSAEADDRINUSE: 	prError = PR_ADDRESS_IN_USE_ERROR; break;
+    case WSAEADDRNOTAVAIL: 	prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
+    case WSAEAFNOSUPPORT: 	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
+    case WSAEALREADY: 		prError = PR_ALREADY_INITIATED_ERROR; break;
+    case WSAEBADF: 		prError = PR_BAD_DESCRIPTOR_ERROR; break;
+    case WSAECONNABORTED: 	prError = PR_CONNECT_ABORTED_ERROR; break;
+    case WSAECONNREFUSED: 	prError = PR_CONNECT_REFUSED_ERROR; break;
+    case WSAECONNRESET: 	prError = PR_CONNECT_RESET_ERROR; break;
+    case WSAEDESTADDRREQ: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case WSAEFAULT: 		prError = PR_ACCESS_FAULT_ERROR; break;
+    case WSAEHOSTUNREACH: 	prError = PR_HOST_UNREACHABLE_ERROR; break;
+    case WSAEINVAL: 		prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case WSAEISCONN: 		prError = PR_IS_CONNECTED_ERROR; break;
+    case WSAEMFILE: 		prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
+    case WSAEMSGSIZE: 		prError = PR_BUFFER_OVERFLOW_ERROR; break;
+    case WSAENETDOWN: 		prError = PR_NETWORK_DOWN_ERROR; break;
+    case WSAENETRESET: 		prError = PR_CONNECT_ABORTED_ERROR; break;
+    case WSAENETUNREACH: 	prError = PR_NETWORK_UNREACHABLE_ERROR; break;
+    case WSAENOBUFS: 		prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+    case WSAENOPROTOOPT: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case WSAENOTCONN: 		prError = PR_NOT_CONNECTED_ERROR; break;
+    case WSAENOTSOCK: 		prError = PR_NOT_SOCKET_ERROR; break;
+    case WSAEOPNOTSUPP: 	prError = PR_OPERATION_NOT_SUPPORTED_ERROR; break;
+    case WSAEPROTONOSUPPORT: 	prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
+    case WSAEPROTOTYPE: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case WSAESHUTDOWN: 		prError = PR_SOCKET_SHUTDOWN_ERROR; break;
+    case WSAESOCKTNOSUPPORT: 	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case WSAETIMEDOUT: 		prError = PR_CONNECT_ABORTED_ERROR; break;
+    case WSAEWOULDBLOCK: 	prError = PR_WOULD_BLOCK_ERROR; break;
+    default: 			prError = PR_UNKNOWN_ERROR; break;
+    }
+    PR_SetError(prError, err);
+}
+
+#elif defined(XP_UNIX)
+
+void nss_MD_map_system_error()
+{
+    PRErrorCode prError;
+    int err = errno;
+
+    switch (err ) {
+    case EACCES:	prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case EADDRINUSE:	prError = PR_ADDRESS_IN_USE_ERROR; break;
+    case EADDRNOTAVAIL:	prError = PR_ADDRESS_NOT_AVAILABLE_ERROR; break;
+    case EAFNOSUPPORT:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
+    case EAGAIN:	prError = PR_WOULD_BLOCK_ERROR; break;
+    case EALREADY:	prError = PR_ALREADY_INITIATED_ERROR; break;
+    case EBADF:		prError = PR_BAD_DESCRIPTOR_ERROR; break;
+#ifdef EBADMSG
+    case EBADMSG:	prError = PR_IO_ERROR; break;
+#endif
+    case EBUSY:		prError = PR_FILESYSTEM_MOUNTED_ERROR; break;
+    case ECONNREFUSED:	prError = PR_CONNECT_REFUSED_ERROR; break;
+    case ECONNRESET:	prError = PR_CONNECT_RESET_ERROR; break;
+    case EDEADLK:	prError = PR_DEADLOCK_ERROR; break;
+#ifdef EDIRCORRUPTED
+    case EDIRCORRUPTED:	prError = PR_DIRECTORY_CORRUPTED_ERROR; break;
+#endif
+#ifdef EDQUOT
+    case EDQUOT:	prError = PR_NO_DEVICE_SPACE_ERROR; break;
+#endif
+    case EEXIST:	prError = PR_FILE_EXISTS_ERROR; break;
+    case EFAULT:	prError = PR_ACCESS_FAULT_ERROR; break;
+    case EFBIG:		prError = PR_FILE_TOO_BIG_ERROR; break;
+    case EINPROGRESS:	prError = PR_IN_PROGRESS_ERROR; break;
+    case EINTR:		prError = PR_PENDING_INTERRUPT_ERROR; break;
+    case EINVAL:	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case EIO:		prError = PR_IO_ERROR; break;
+    case EISCONN:	prError = PR_IS_CONNECTED_ERROR; break;
+    case EISDIR:	prError = PR_IS_DIRECTORY_ERROR; break;
+    case ELOOP:		prError = PR_LOOP_ERROR; break;
+    case EMFILE:	prError = PR_PROC_DESC_TABLE_FULL_ERROR; break;
+    case EMLINK:	prError = PR_MAX_DIRECTORY_ENTRIES_ERROR; break;
+    case EMSGSIZE:	prError = PR_INVALID_ARGUMENT_ERROR; break;
+#ifdef EMULTIHOP
+    case EMULTIHOP:	prError = PR_REMOTE_FILE_ERROR; break;
+#endif
+    case ENAMETOOLONG:	prError = PR_NAME_TOO_LONG_ERROR; break;
+    case ENETUNREACH:	prError = PR_NETWORK_UNREACHABLE_ERROR; break;
+    case ENFILE:	prError = PR_SYS_DESC_TABLE_FULL_ERROR; break;
+#if !defined(SCO)
+    case ENOBUFS:	prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+#endif
+    case ENODEV:	prError = PR_FILE_NOT_FOUND_ERROR; break;
+    case ENOENT:	prError = PR_FILE_NOT_FOUND_ERROR; break;
+    case ENOLCK:	prError = PR_FILE_IS_LOCKED_ERROR; break;
+#ifdef ENOLINK 
+    case ENOLINK:	prError = PR_REMOTE_FILE_ERROR; break;
+#endif
+    case ENOMEM:	prError = PR_OUT_OF_MEMORY_ERROR; break;
+    case ENOPROTOOPT:	prError = PR_INVALID_ARGUMENT_ERROR; break;
+    case ENOSPC:	prError = PR_NO_DEVICE_SPACE_ERROR; break;
+#ifdef ENOSR 
+    case ENOSR:		prError = PR_INSUFFICIENT_RESOURCES_ERROR; break;
+#endif
+    case ENOTCONN:	prError = PR_NOT_CONNECTED_ERROR; break;
+    case ENOTDIR:	prError = PR_NOT_DIRECTORY_ERROR; break;
+    case ENOTSOCK:	prError = PR_NOT_SOCKET_ERROR; break;
+    case ENXIO:		prError = PR_FILE_NOT_FOUND_ERROR; break;
+    case EOPNOTSUPP:	prError = PR_NOT_TCP_SOCKET_ERROR; break;
+#ifdef EOVERFLOW
+    case EOVERFLOW:	prError = PR_BUFFER_OVERFLOW_ERROR; break;
+#endif
+    case EPERM:		prError = PR_NO_ACCESS_RIGHTS_ERROR; break;
+    case EPIPE:		prError = PR_CONNECT_RESET_ERROR; break;
+#ifdef EPROTO
+    case EPROTO:	prError = PR_IO_ERROR; break;
+#endif
+    case EPROTONOSUPPORT: prError = PR_PROTOCOL_NOT_SUPPORTED_ERROR; break;
+    case EPROTOTYPE:	prError = PR_ADDRESS_NOT_SUPPORTED_ERROR; break;
+    case ERANGE:	prError = PR_INVALID_METHOD_ERROR; break;
+    case EROFS:		prError = PR_READ_ONLY_FILESYSTEM_ERROR; break;
+    case ESPIPE:	prError = PR_INVALID_METHOD_ERROR; break;
+    case ETIMEDOUT:	prError = PR_IO_TIMEOUT_ERROR; break;
+#if EWOULDBLOCK != EAGAIN
+    case EWOULDBLOCK:	prError = PR_WOULD_BLOCK_ERROR; break;
+#endif
+    case EXDEV:		prError = PR_NOT_SAME_DEVICE_ERROR; break;
+
+    default:		prError = PR_UNKNOWN_ERROR; break;
+    }
+    PR_SetError(prError, err);
+}
+
+#endif
diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h
index 74ce92b7c..4c10a6106 100644
--- a/security/nss/lib/nss/nss.h
+++ b/security/nss/lib/nss/nss.h
@@ -49,11 +49,11 @@ SEC_BEGIN_PROTOS
  * The format of the version string should be
  *     "<major version>.<minor version>[.<patch level>] [<Beta>]"
  */
-#define NSS_VERSION  "3.3.4.2rtm"
+#define NSS_VERSION  "3.3.4.3beta"
 #define NSS_VMAJOR   3
 #define NSS_VMINOR   3
 #define NSS_VPATCH   4
-#define NSS_BETA     PR_FALSE
+#define NSS_BETA     PR_TRUE
 
 
 /*