5 files changed, 122 insertions, 39 deletions

diff --git a/kbx/ChangeLog b/kbx/ChangeLog
index 11dab22c4..8d7b91646 100644
--- a/kbx/ChangeLog
+++ b/kbx/ChangeLog
@@ -1,3 +1,10 @@
+2008-04-01  Werner Koch  <[email protected]>
+
+	* keybox-init.c (keybox_new, keybox_release): Track used handles.
+	(_keybox_close_file): New.
+	* keybox-update.c (keybox_insert_cert, keybox_set_flags) 
+	(keybox_delete, keybox_compress): Use the new close function.
+
 2008-03-13  Werner Koch  <[email protected]>
 
 	* keybox-blob.c (x509_email_kludge): Use the same code as in
@@ -280,7 +287,8 @@
 	names.
 
 
- Copyright 2001 g10 Code GmbH
+ Copyright 2001, 2002, 2003, 2004, 2005, 2006,
+	   2007, 2008 Free Software Foundation, Inc.
 
  This file is free software; as a special exception the author gives
  unlimited permission to copy and/or distribute it, with or without
@@ -289,4 +297,3 @@
  This file is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-	
\ No newline at end of file
diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h
index c425cdd40..626f3e5c3 100644
--- a/kbx/keybox-defs.h
+++ b/kbx/keybox-defs.h
@@ -53,13 +53,31 @@ typedef struct keyboxblob *KEYBOXBLOB;
 
 
 typedef struct keybox_name *KB_NAME;
-typedef struct keybox_name const * CONST_KB_NAME;
-struct keybox_name {
-  struct keybox_name *next;
+typedef struct keybox_name const *CONST_KB_NAME;
+struct keybox_name 
+{
+  /* Link to the next resources, so that we can walk all
+     resources.  */
+  KB_NAME next;
+
+  /* True if this is a keybox with secret keys.  */
   int secret;
+
   /*DOTLOCK lockhd;*/
+
+  /* A table with all the handles accessing this resources.
+     HANDLE_TABLE_SIZE gives the allocated length of this table unused
+     entrues are set to NULL.  HANDLE_TABLE may be NULL. */
+  KEYBOX_HANDLE *handle_table;
+  size_t handle_table_size;
+  
+  /* Not yet used.  */
   int is_locked;
+
+  /* Not yet used.  */
   int did_full_scan;
+
+  /* The name of the resource file. */
   char fname[1];
 };
 
@@ -129,6 +147,9 @@ typedef struct _keybox_openpgp_info *keybox_openpgp_info_t;
 /*    int preserve_permissions; */
 /*  } keybox_opt; */
 
+/*-- keybox-init.c --*/
+void _keybox_close_file (KEYBOX_HANDLE hd);
+
 
 /*-- keybox-blob.c --*/
 #ifdef KEYBOX_WITH_OPENPGP
diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c
index fcf3c7cee..e4138647e 100644
--- a/kbx/keybox-init.c
+++ b/kbx/keybox-init.c
@@ -30,10 +30,9 @@
 static KB_NAME kb_names;
 
 
-/* 
-  Register a filename for plain keybox files.  Returns a pointer to be
-  used to create a handles etc or NULL to indicate that it has already
-  been registered */
+/* Register a filename for plain keybox files.  Returns a pointer to
+   be used to create a handles and so on.  Returns NULL to indicate
+   that FNAME has already been registered.  */
 void *
 keybox_register_file (const char *fname, int secret)
 {
@@ -50,6 +49,10 @@ keybox_register_file (const char *fname, int secret)
     return NULL;
   strcpy (kr->fname, fname);
   kr->secret = !!secret;
+
+  kr->handle_table = NULL;
+  kr->handle_table_size = 0;
+
   /* kr->lockhd = NULL;*/
   kr->is_locked = 0;
   kr->did_full_scan = 0;
@@ -83,6 +86,7 @@ keybox_new (void *token, int secret)
 {
   KEYBOX_HANDLE hd;
   KB_NAME resource = token;
+  int idx;
 
   assert (resource && !resource->secret == !secret);
   hd = xtrycalloc (1, sizeof *hd);
@@ -90,6 +94,43 @@ keybox_new (void *token, int secret)
     {
       hd->kb = resource;
       hd->secret = !!secret;
+      if (!resource->handle_table)
+        {
+          resource->handle_table_size = 3;
+          resource->handle_table = xtrycalloc (resource->handle_table_size,
+                                               sizeof *resource->handle_table);
+          if (!resource->handle_table)
+            {
+              resource->handle_table_size = 0;
+              xfree (hd);
+              return NULL;
+            }
+        }
+      for (idx=0; idx < resource->handle_table_size; idx++)
+        if (!resource->handle_table[idx])
+          {
+            resource->handle_table[idx] = hd;
+            break;
+          }
+      if (!(idx < resource->handle_table_size))
+        {
+          KEYBOX_HANDLE *tmptbl;
+          size_t newsize;
+
+          newsize = resource->handle_table_size + 5;
+          tmptbl = xtryrealloc (resource->handle_table, 
+                                newsize * sizeof (*tmptbl));
+          if (!tmptbl)
+            {
+              xfree (hd);
+              return NULL;
+            }
+          resource->handle_table = tmptbl;
+          resource->handle_table_size = newsize;
+          resource->handle_table[idx] = hd;
+          for (idx++; idx < resource->handle_table_size; idx++)
+            resource->handle_table[idx] = NULL;
+        }
     }
   return hd;
 }
@@ -99,6 +140,13 @@ keybox_release (KEYBOX_HANDLE hd)
 {
   if (!hd)
     return;
+  if (hd->kb->handle_table)
+    {
+      int idx;
+      for (idx=0; idx < hd->kb->handle_table_size; idx++)
+        if (hd->kb->handle_table[idx] == hd)
+          hd->kb->handle_table[idx] = NULL;
+    }
   _keybox_release_blob (hd->found.blob);
   if (hd->fp)
     {
@@ -128,3 +176,27 @@ keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes)
   return 0;
 }
 
+
+/* Close the file of the resource identified by HD.  For consistent
+   results this fucntion closes the files of all handles pointing to
+   the resource identified by HD.  */
+void 
+_keybox_close_file (KEYBOX_HANDLE hd)
+{
+  int idx;
+  KEYBOX_HANDLE roverhd;
+
+  if (!hd || !hd->kb || !hd->kb->handle_table)
+    return;
+
+  for (idx=0; idx < hd->kb->handle_table_size; idx++)
+    if ((roverhd = hd->kb->handle_table[idx]))
+      {
+        if (roverhd->fp)
+          {
+            fclose (roverhd->fp);
+            roverhd->fp = NULL;
+          }
+      }
+  assert (!hd->fp);
+}
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index a45f617e9..fc397c7ed 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -458,7 +458,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr)
 #ifdef KEYBOX_WITH_X509
 /* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
    We don't have the keygrips as meta data, thus wen need to parse the
-   certificate. Fixme: We might wat to return proper error codes
+   certificate. Fixme: We might want to return proper error codes
    instead of failing a search for invalid certificates etc.  */
 static int
 blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
@@ -750,10 +750,10 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
         }
     }
 
-  /* kludge: we need to convert an SN given as hexstring to it's
-     binary representation - in some cases we are not able to store it
-     in the search descriptor, because due to its usage it is not
-     possible to free allocated memory */
+  /* Kludge: We need to convert an SN given as hexstring to its binary
+     representation - in some cases we are not able to store it in the
+     search descriptor, because due to the way we use it, it is not
+     possible to free allocated memory. */
   if (sn_array)
     {
       const unsigned char *s;
diff --git a/kbx/keybox-update.c b/kbx/keybox-update.c
index 0cd50e532..7a28de3f2 100644
--- a/kbx/keybox-update.c
+++ b/kbx/keybox-update.c
@@ -136,7 +136,7 @@ create_tmp_file (const char *template,
       xfree (bakfname);
       return tmperr;
     }
-  
+
   *r_bakfname = bakfname;
   *r_tmpfname = tmpfname;
   return 0;
@@ -167,7 +167,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
 /*    iobuf_ioctl (NULL, 2, 0, (char*)bakfname ); */
 /*    iobuf_ioctl (NULL, 2, 0, (char*)fname ); */
 
-  /* first make a backup file except for secret keyboxs */
+  /* First make a backup file except for secret keyboxes. */
   if (!secret)
     { 
 #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
@@ -179,7 +179,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
 	}
     }
   
-  /* then rename the file */
+  /* Then rename the file. */
 #if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
   remove (fname);
 #endif
@@ -386,12 +386,8 @@ keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
 
   /* Close this one otherwise we will mess up the position for a next
      search.  Fixme: it would be better to adjust the position after
-     the write opertions.  */
-  if (hd->fp)
-    {
-      fclose (hd->fp);
-      hd->fp = NULL;
-    }
+     the write operation.  */
+  _keybox_close_file (hd);
 
   rc = _keybox_create_x509_blob (&blob, cert, sha1_digest, hd->ephemeral);
   if (!rc)
@@ -453,11 +449,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int value)
   
   off += flag_pos;
 
-  if (hd->fp)
-    {
-      fclose (hd->fp);
-      hd->fp = NULL;
-    }
+  _keybox_close_file (hd);
   fp = fopen (hd->kb->fname, "r+b");
   if (!fp)
     return gpg_error (gpg_err_code_from_errno (errno));
@@ -522,12 +514,7 @@ keybox_delete (KEYBOX_HANDLE hd)
     return gpg_error (GPG_ERR_GENERAL);
   off += 4;
 
-  if (hd->fp)
-    {
-      fclose (hd->fp);
-      hd->fp = NULL;
-    }
-  
+  _keybox_close_file (hd);
   fp = fopen (hd->kb->fname, "r+b");
   if (!fp)
     return gpg_error (gpg_err_code_from_errno (errno));
@@ -575,11 +562,7 @@ keybox_compress (KEYBOX_HANDLE hd)
   if (!fname)
     return gpg_error (GPG_ERR_INV_HANDLE); 
 
-  if (hd->fp)
-    {
-      fclose (hd->fp);
-      hd->fp = NULL;
-    }
+  _keybox_close_file (hd);
 
   /* Open the source file. Because we do a rename, we have to check the 
      permissions of the file */