diff options
author | Werner Koch <[email protected]> | 2016-01-13 08:29:39 +0000 |
---|---|---|
committer | Werner Koch <[email protected]> | 2016-01-13 09:43:33 +0000 |
commit | 9dc355ad3ae0026ab04c424dc984d748b8fad393 (patch) | |
tree | 31a6eb986c5a6f89cbbf8f33ed34352696b91cf2 /sm/keydb.c | |
parent | Fix to support git worktree. (diff) | |
download | gnupg-9dc355ad3ae0026ab04c424dc984d748b8fad393.tar.gz gnupg-9dc355ad3ae0026ab04c424dc984d748b8fad393.zip |
gpg: Make sure to mark a duplicate registered keybox as primary.
* kbx/keybox-init.c (keybox_register_file): Change interface to return
the token even if the file has already been registered.
* g10/keydb.c (primary_keyring): Rename to primary_keydb.
(maybe_create_keyring_or_box): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Mark an already registered as primary.
* sm/keydb.c (maybe_create_keybox): Change return type to gpg_error_t.
(keydb_add_resource): Ditto. s/rc/err/.
(keydb_add_resource): Adjust for changed keybox_register_file.
--
This change aligns the registering of keyboxes with those of
keyrings. This fixes a potential bug:
gpg --keyring foo.kbx --keyring bar.gpg --keyring foo.kbx
would have marked bar.gpg as primary resource and thus inserting new
keys there. The correct and now fixed behavior is to insert to
foo.kbx.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'sm/keydb.c')
-rw-r--r-- | sm/keydb.c | 34 |
1 files changed, 19 insertions, 15 deletions
diff --git a/sm/keydb.c b/sm/keydb.c index 168cf2ce7..0ef3c8f42 100644 --- a/sm/keydb.c +++ b/sm/keydb.c @@ -107,7 +107,7 @@ try_make_homedir (const char *fname) locked. This lock check does not work if the directory itself is not yet available. If R_CREATED is not NULL it will be set to true if the function created a new keybox. */ -static int +static gpg_error_t maybe_create_keybox (char *filename, int force, int *r_created) { dotlock_t lockhd = NULL; @@ -237,13 +237,13 @@ maybe_create_keybox (char *filename, int force, int *r_created) * does not exist. If AUTO_CREATED is not NULL it will be set to true * if the function has created a new keybox. */ -int +gpg_error_t keydb_add_resource (const char *url, int force, int secret, int *auto_created) { static int any_secret, any_public; const char *resname = url; char *filename = NULL; - int rc = 0; + gpg_error_t err = 0; KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE; if (auto_created) @@ -264,7 +264,7 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) else if (strchr (resname, ':')) { log_error ("invalid key resource URL '%s'\n", url ); - rc = gpg_error (GPG_ERR_GENERAL); + err = gpg_error (GPG_ERR_GENERAL); goto leave; } #endif /* !HAVE_DRIVE_LETTERS && !__riscos__ */ @@ -312,20 +312,24 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) { case KEYDB_RESOURCE_TYPE_NONE: log_error ("unknown type of key resource '%s'\n", url ); - rc = gpg_error (GPG_ERR_GENERAL); + err = gpg_error (GPG_ERR_GENERAL); goto leave; case KEYDB_RESOURCE_TYPE_KEYBOX: - rc = maybe_create_keybox (filename, force, auto_created); - if (rc) + err = maybe_create_keybox (filename, force, auto_created); + if (err) goto leave; /* Now register the file */ { - void *token = keybox_register_file (filename, secret); - if (!token) - ; /* already registered - ignore it */ + void *token; + + err = keybox_register_file (filename, secret, &token); + if (gpg_err_code (err) == GPG_ERR_EEXIST) + ; /* Already registered - ignore. */ + else if (err) + ; /* Other error. */ else if (used_resources >= MAX_KEYDB_RESOURCES) - rc = gpg_error (GPG_ERR_RESOURCE_LIMIT); + err = gpg_error (GPG_ERR_RESOURCE_LIMIT); else { all_resources[used_resources].type = rt; @@ -358,21 +362,21 @@ keydb_add_resource (const char *url, int force, int secret, int *auto_created) default: log_error ("resource type of '%s' not supported\n", url); - rc = gpg_error (GPG_ERR_NOT_SUPPORTED); + err = gpg_error (GPG_ERR_NOT_SUPPORTED); goto leave; } /* fixme: check directory permissions and print a warning */ leave: - if (rc) - log_error ("keyblock resource '%s': %s\n", filename, gpg_strerror(rc)); + if (err) + log_error ("keyblock resource '%s': %s\n", filename, gpg_strerror (err)); else if (secret) any_secret = 1; else any_public = 1; xfree (filename); - return rc; + return err; } |