diff options
| author | Werner Koch <[email protected]> | 2012-12-27 14:04:29 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2012-12-27 14:04:42 +0000 |
| commit | 91e61d52539b1808e209c43e51465c76cebb06f9 (patch) | |
| tree | 3ec3f91ece84ef574234df03eed9baf9b6b3b93f /g10/gpg.c | |
| parent | gpg: Import only packets which are allowed in a keyblock. (diff) | |
| download | gnupg-91e61d52539b1808e209c43e51465c76cebb06f9.tar.gz gnupg-91e61d52539b1808e209c43e51465c76cebb06f9.zip | |
gpg: First patches to support a keybox storage backend.
* kbx/keybox-defs.h (_keybox_write_header_blob): Move prototype to ..
* kbx/keybox.h: here.
* kbx/keybox-init.c (keybox_lock): Add dummy function
* g10/keydb.c: Include keybox.h.
(KeydbResourceType): Add KEYDB_RESOURCE_TYPE_KEYBOX.
(struct resource_item): Add field kb.
(maybe_create_keyring_or_box): Add error descriptions to diagnostics.
Add arg IS_BOX. Write a header for a new keybox file.
(keydb_add_resource): No more need for the force flag. Rename the
local variable "force" to "create". Add URL scheme "gnupg-kbx". Add
magic test to detect a keybox file. Add basic support for keybox.
(keydb_new, keydb_get_resource_name, keydb_delete_keyblock)
(keydb_locate_writable, keydb_search_reset, keydb_search2): Add
support for keybox.
(lock_all, unlock_all): Ditto.
* g10/Makefile.am (needed_libs): Add libkeybox.a.
(gpg2_LDADD, gpgv2_LDADD): Add KSBA_LIBS as a workaround.
* g10/keydb.h (KEYDB_RESOURCE_FLAG_PRIMARY)
KEYDB_RESOURCE_FLAG_DEFAULT, KEYDB_RESOURCE_FLAG_READONLY): New.
* g10/gpg.c, g10/gpgv.c (main): Use new constants.
--
I did most of these changes back in 2011 and only cleaned them up
now. More to follow soon.
Diffstat (limited to 'g10/gpg.c')
| -rw-r--r-- | g10/gpg.c | 13 |
1 files changed, 5 insertions, 8 deletions
@@ -2249,8 +2249,8 @@ main (int argc, char **argv) case oAnswerNo: opt.answer_no = 1; break; case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break; case oPrimaryKeyring: - sl=append_to_strlist( &nrings, pargs.r.ret_str); - sl->flags=2; + sl = append_to_strlist (&nrings, pargs.r.ret_str); + sl->flags = KEYDB_RESOURCE_FLAG_PRIMARY; break; case oShowKeyring: deprecated_warning(configname,configlineno,"--show-keyring", @@ -3398,11 +3398,7 @@ main (int argc, char **argv) if( opt.verbose > 1 ) set_packet_list_mode(1); - /* Add the keyrings, but not for some special commands. Also - avoid adding the secret keyring for a couple of commands to - avoid unneeded access in case the secrings are stored on a - floppy. - + /* Add the keyrings, but not for some special commands. We always need to add the keyrings if we are running under SELinux, this is so that the rings are added to the list of secured files. */ @@ -3410,7 +3406,8 @@ main (int argc, char **argv) || (cmd != aDeArmor && cmd != aEnArmor && cmd != aGPGConfTest) ) { if (!nrings || default_keyring) /* Add default ring. */ - keydb_add_resource ("pubring" EXTSEP_S "gpg", 4); + keydb_add_resource ("pubring" EXTSEP_S "gpg", + KEYDB_RESOURCE_FLAG_DEFAULT); for (sl = nrings; sl; sl = sl->next ) keydb_add_resource (sl->d, sl->flags); } |