From 160862978628b07ed5150ec2c8abad6af1656bc3 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Wed, 13 Jan 2016 10:16:27 +0100 Subject: [PATCH] kbx: Implement keybox_lock for use by gpg. * kbx/keybox-defs.h: Include dotlock.h and logging.h. (CONST_KB_NAME): Remove. Replace usage by KB_NAME. (struct keybox_name): Add field "lockhd". * kbx/keybox-init.c (keybox_register_file): Init LOCKHD. (keybox_lock): Chnage to return gpg_error_t. Implement locking. -- The keybox locking for gpg was not implemented - This needs to be fixed of course. Signed-off-by: Werner Koch --- kbx/keybox-defs.h | 10 ++++---- kbx/keybox-init.c | 58 +++++++++++++++++++++++++++++++++++++++-------- kbx/keybox.h | 2 +- 3 files changed, 55 insertions(+), 15 deletions(-) diff --git a/kbx/keybox-defs.h b/kbx/keybox-defs.h index 6fe984762..6af544810 100644 --- a/kbx/keybox-defs.h +++ b/kbx/keybox-defs.h @@ -40,6 +40,8 @@ fixme: Better use the LIBOBJ mechnism. */ #include "../common/types.h" #include "../common/stringhelp.h" +#include "../common/dotlock.h" +#include "../common/logging.h" #include "keybox.h" @@ -48,7 +50,6 @@ typedef struct keyboxblob *KEYBOXBLOB; typedef struct keybox_name *KB_NAME; -typedef struct keybox_name const *CONST_KB_NAME; struct keybox_name { /* Link to the next resources, so that we can walk all @@ -58,14 +59,15 @@ struct keybox_name /* True if this is a keybox with secret keys. */ int secret; - /*DOTLOCK lockhd;*/ - /* A table with all the handles accessing this resources. HANDLE_TABLE_SIZE gives the allocated length of this table unused entrues are set to NULL. HANDLE_TABLE may be NULL. */ KEYBOX_HANDLE *handle_table; size_t handle_table_size; + /* The lock handle or NULL it not yet initialized. */ + dotlock_t lockhd; + /* Not yet used. */ int is_locked; @@ -85,7 +87,7 @@ struct keybox_found_s }; struct keybox_handle { - CONST_KB_NAME kb; + KB_NAME kb; int secret; /* this is for a secret keybox */ FILE *fp; int eof; diff --git a/kbx/keybox-init.c b/kbx/keybox-init.c index 3ff592eaf..cfee7b8f7 100644 --- a/kbx/keybox-init.c +++ b/kbx/keybox-init.c @@ -60,7 +60,7 @@ keybox_register_file (const char *fname, int secret, void **r_token) kr->handle_table = NULL; kr->handle_table_size = 0; - /* kr->lockhd = NULL;*/ + kr->lockhd = NULL; kr->is_locked = 0; kr->did_full_scan = 0; /* keep a list of all issued pointers */ @@ -261,17 +261,55 @@ _keybox_close_file (KEYBOX_HANDLE hd) /* - * Lock the keybox at handle HD, or unlock if YES is false. Note that - * we currently ignore the handle and lock all registered keyboxes. + * Lock the keybox at handle HD, or unlock if YES is false. */ -int +gpg_error_t keybox_lock (KEYBOX_HANDLE hd, int yes) { - /* FIXME: We need to implement it before we can use it with gpg. - gpgsm does the locking in its local keydb.c driver; this should - be changed as well. */ + gpg_error_t err; + KB_NAME kb = hd->kb; - (void)hd; - (void)yes; - return 0; + if (!keybox_is_writable ((void*)kb)) + return 0; + + /* Make sure the lock handle has been created. */ + if (!kb->lockhd) + { + kb->lockhd = dotlock_create (kb->fname, 0); + if (!kb->lockhd) + { + /* Unfortuntaley dotlock_create does not properly set ERRNO. */ + log_info ("can't allocate lock for '%s'\n", kb->fname ); + return gpg_error (GPG_ERR_GENERAL); + } + } + + if (yes) /* Take the lock. */ + { + if (kb->is_locked) + ; + else if (!dotlock_take (kb->lockhd, -1)) + kb->is_locked = 1; + else + { + /* Unfortuntaley dotlock_take does not properly set ERRNO. */ + log_info ("can't lock '%s'\n", kb->fname ); + err = gpg_error (GPG_ERR_GENERAL); + } + } + else /* Release the lock. */ + { + if (!kb->is_locked) + ; + else if (!dotlock_release (kb->lockhd)) + kb->is_locked = 0; + else + { + /* Unfortuntaley dotlock_release does not properly set ERRNO. */ + log_info ("can't unlock '%s'\n", kb->fname ); + err = gpg_error (GPG_ERR_GENERAL); + } + } + + return err; } diff --git a/kbx/keybox.h b/kbx/keybox.h index acd7a4f89..9f91c53bd 100644 --- a/kbx/keybox.h +++ b/kbx/keybox.h @@ -76,7 +76,7 @@ void keybox_pop_found_state (KEYBOX_HANDLE hd); const char *keybox_get_resource_name (KEYBOX_HANDLE hd); int keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes); -int keybox_lock (KEYBOX_HANDLE hd, int yes); +gpg_error_t keybox_lock (KEYBOX_HANDLE hd, int yes); /*-- keybox-file.c --*/ /* Fixme: This function does not belong here: Provide a better