diff options
| author | Werner Koch <[email protected]> | 2016-08-03 13:31:27 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2016-08-03 13:31:27 +0000 |
| commit | 48a2c93a1886589d1a0e2a4a2173e0e81311200b (patch) | |
| tree | 80cee1c6eb19941ab9676482f9eb4984d7360e83 /kbx/keybox-update.c | |
| parent | common: New file utilproto.c (diff) | |
| download | gnupg-48a2c93a1886589d1a0e2a4a2173e0e81311200b.tar.gz gnupg-48a2c93a1886589d1a0e2a4a2173e0e81311200b.zip | |
gpg,gpgsm: Block signals during keyring/keybox update.
* kbx/keybox-util.c (keybox_file_rename): Add arg BLOCK_SIGNALS.
* kbx/keybox-update.c (rename_tmp_file): Block all signals when doing
a double rename.
* g10/keyring.c (rename_tmp_file): Block all signals during the double
rename.
--
This might fix
Debian-bug-id: 831510
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'kbx/keybox-update.c')
| -rw-r--r-- | kbx/keybox-update.c | 37 |
1 files changed, 23 insertions, 14 deletions
diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c index ff6590436..ec28b4c4a 100644 --- a/kbx/keybox-update.c +++ b/kbx/keybox-update.c @@ -97,6 +97,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, const char *fname, int secret ) { int rc=0; + int block = 0; /* restrict the permissions for secret keyboxs */ #ifndef HAVE_DOSISH_SYSTEM @@ -119,27 +120,35 @@ rename_tmp_file (const char *bakfname, const char *tmpfname, /* First make a backup file except for secret keyboxes. */ if (!secret) { - rc = keybox_file_rename (fname, bakfname); + block = 1; + rc = keybox_file_rename (fname, bakfname, &block); if (rc) - return rc; + goto leave; } /* Then rename the file. */ - rc = keybox_file_rename (tmpfname, fname); - if (rc) + rc = keybox_file_rename (tmpfname, fname, NULL); + if (block) { - if (secret) - { -/* log_info ("WARNING: 2 files with confidential" */ -/* " information exists.\n"); */ -/* log_info ("%s is the unchanged one\n", fname ); */ -/* log_info ("%s is the new one\n", tmpfname ); */ -/* log_info ("Please fix this possible security flaw\n"); */ - } - return rc; + gnupg_unblock_all_signals (); + block = 0; } + /* if (rc) */ + /* { */ + /* if (secret) */ + /* { */ + /* log_info ("WARNING: 2 files with confidential" */ + /* " information exists.\n"); */ + /* log_info ("%s is the unchanged one\n", fname ); */ + /* log_info ("%s is the new one\n", tmpfname ); */ + /* log_info ("Please fix this possible security flaw\n"); */ + /* } */ + /* } */ - return 0; + leave: + if (block) + gnupg_unblock_all_signals (); + return rc; } |