diff options
Diffstat (limited to 'g10/keyring.c')
| -rw-r--r-- | g10/keyring.c | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/g10/keyring.c b/g10/keyring.c index 1259c0b1b..f4bca709e 100644 --- a/g10/keyring.c +++ b/g10/keyring.c @@ -1,5 +1,5 @@ /* keyring.c - keyring file handling - * Copyright (C) 2001, 2004 Free Software Foundation, Inc. + * Copyright (C) 2001, 2004, 2007, 2009 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -1212,10 +1212,17 @@ static int rename_tmp_file (const char *bakfname, const char *tmpfname, const char *fname, int secret ) { - int rc=0; + int rc=G10ERR_GENERAL; + + /* It's a secret keyring, so let's force a fsync just to be safe on + filesystems that may not sync data and metadata together + (ext4). */ + if(secret && iobuf_ioctl(NULL,4,0,(char*)tmpfname)!=0) + goto fail; /* invalidate close caches*/ - iobuf_ioctl (NULL, 2, 0, (char*)tmpfname ); + if(iobuf_ioctl (NULL, 2, 0, (char*)tmpfname )!=0) + goto fail; iobuf_ioctl (NULL, 2, 0, (char*)bakfname ); iobuf_ioctl (NULL, 2, 0, (char*)fname ); @@ -1245,15 +1252,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, tmpfname, fname, strerror(errno) ); register_secured_file (fname); rc = G10ERR_RENAME_FILE; - if (secret) - { - log_info(_("WARNING: 2 files with confidential" - " information exists.\n")); - log_info(_("%s is the unchanged one\n"), fname ); - log_info(_("%s is the new one\n"), tmpfname ); - log_info(_("Please fix this possible security flaw\n")); - } - return rc; + goto fail; } /* Now make sure the file has the same permissions as the original */ @@ -1275,6 +1274,17 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, #endif return 0; + + fail: + if(secret) + { + log_info(_("WARNING: 2 files with confidential information exists.\n")); + log_info(_("%s is the unchanged one\n"), fname ); + log_info(_("%s is the new one\n"), tmpfname ); + log_info(_("Please fix this possible security flaw\n")); + } + + return rc; } |