mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
gpgsm: Cache the non-existence of the policy file.
* sm/certchain.c (check_cert_policy): Add simple static cache. -- It is quite common that a policy file does not exist. Thus we can avoid the overhead of trying to open it over and over again just to assert that it does not exists.
This commit is contained in:
parent
625bd92410
commit
2a1e933dd7
@ -307,6 +307,7 @@ allowed_ca (ctrl_t ctrl,
|
|||||||
static int
|
static int
|
||||||
check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
|
check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
|
||||||
{
|
{
|
||||||
|
static int no_policy_file;
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
char *policies;
|
char *policies;
|
||||||
estream_t fp;
|
estream_t fp;
|
||||||
@ -341,12 +342,24 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (no_policy_file)
|
||||||
|
{
|
||||||
|
/* Avoid trying to open the policy file if we already know that
|
||||||
|
* it does not exist. */
|
||||||
|
fp = NULL;
|
||||||
|
gpg_err_set_errno (ENOENT);
|
||||||
|
}
|
||||||
|
else
|
||||||
fp = es_fopen (opt.policy_file, "r");
|
fp = es_fopen (opt.policy_file, "r");
|
||||||
if (!fp)
|
if (!fp)
|
||||||
{
|
{
|
||||||
if (opt.verbose || errno != ENOENT)
|
if ((opt.verbose || errno != ENOENT) && !no_policy_file)
|
||||||
log_info (_("failed to open '%s': %s\n"),
|
log_info (_("failed to open '%s': %s\n"),
|
||||||
opt.policy_file, strerror (errno));
|
opt.policy_file, strerror (errno));
|
||||||
|
|
||||||
|
if (errno == ENOENT)
|
||||||
|
no_policy_file = 1;
|
||||||
|
|
||||||
xfree (policies);
|
xfree (policies);
|
||||||
/* With no critical policies this is only a warning */
|
/* With no critical policies this is only a warning */
|
||||||
if (!any_critical)
|
if (!any_critical)
|
||||||
@ -361,6 +374,8 @@ check_cert_policy (ksba_cert_t cert, int listmode, estream_t fplist)
|
|||||||
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
return gpg_error (GPG_ERR_NO_POLICY_MATCH);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* FIXME: Cache the policy file content. */
|
||||||
|
|
||||||
for (;;)
|
for (;;)
|
||||||
{
|
{
|
||||||
int c;
|
int c;
|
||||||
|
Loading…
x
Reference in New Issue
Block a user