mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-03 12:11:33 +01:00
gpg: Skip overlong keys and a print a warning.
* kbx/keybox-search.c (keybox_search): Add arg r_skipped and skip too long blobs. * sm/keydb.c (keydb_search): Call keybox_search with a dummy param. * g10/keydb.c (struct keydb_handle): Add field skipped_long_blobs. (keydb_search_reset): Reset that field. (keydb_search): Update that field. (keydb_get_skipped_counter): New. * g10/keylist.c (list_all): Print count of skipped keys. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
60e21d8b85
commit
2ca90f78ce
11
g10/keydb.c
11
g10/keydb.c
@ -67,6 +67,7 @@ struct keydb_handle
|
|||||||
{
|
{
|
||||||
int locked;
|
int locked;
|
||||||
int found;
|
int found;
|
||||||
|
unsigned long skipped_long_blobs;
|
||||||
int current;
|
int current;
|
||||||
int used; /* Number of items in ACTIVE. */
|
int used; /* Number of items in ACTIVE. */
|
||||||
struct resource_item active[MAX_KEYDB_RESOURCES];
|
struct resource_item active[MAX_KEYDB_RESOURCES];
|
||||||
@ -1289,6 +1290,13 @@ keydb_rebuild_caches (int noisy)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/* Return the number of skipped blocks since the last search reset. */
|
||||||
|
unsigned long
|
||||||
|
keydb_get_skipped_counter (KEYDB_HANDLE hd)
|
||||||
|
{
|
||||||
|
return hd ? hd->skipped_long_blobs : 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Start the next search on this handle right at the beginning
|
* Start the next search on this handle right at the beginning
|
||||||
@ -1307,6 +1315,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
|
|||||||
if (DBG_CLOCK)
|
if (DBG_CLOCK)
|
||||||
log_clock ("keydb_search_reset");
|
log_clock ("keydb_search_reset");
|
||||||
|
|
||||||
|
hd->skipped_long_blobs = 0;
|
||||||
hd->current = 0;
|
hd->current = 0;
|
||||||
hd->found = -1;
|
hd->found = -1;
|
||||||
/* Now reset all resources. */
|
/* Now reset all resources. */
|
||||||
@ -1424,7 +1433,7 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
|
|||||||
break;
|
break;
|
||||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||||
rc = keybox_search (hd->active[hd->current].u.kb, desc,
|
rc = keybox_search (hd->active[hd->current].u.kb, desc,
|
||||||
ndesc, descindex);
|
ndesc, descindex, &hd->skipped_long_blobs);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
|
if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
|
||||||
|
@ -142,6 +142,7 @@ gpg_error_t keydb_insert_keyblock (KEYDB_HANDLE hd, kbnode_t kb);
|
|||||||
gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
|
gpg_error_t keydb_delete_keyblock (KEYDB_HANDLE hd);
|
||||||
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved);
|
gpg_error_t keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved);
|
||||||
void keydb_rebuild_caches (int noisy);
|
void keydb_rebuild_caches (int noisy);
|
||||||
|
unsigned long keydb_get_skipped_counter (KEYDB_HANDLE hd);
|
||||||
gpg_error_t keydb_search_reset (KEYDB_HANDLE hd);
|
gpg_error_t keydb_search_reset (KEYDB_HANDLE hd);
|
||||||
gpg_error_t keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
|
gpg_error_t keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
|
||||||
size_t ndesc, size_t *descindex);
|
size_t ndesc, size_t *descindex);
|
||||||
|
@ -499,6 +499,9 @@ list_all (int secret, int mark_secret)
|
|||||||
es_fflush (es_stdout);
|
es_fflush (es_stdout);
|
||||||
if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
|
if (rc && gpg_err_code (rc) != GPG_ERR_NOT_FOUND)
|
||||||
log_error ("keydb_search_next failed: %s\n", g10_errstr (rc));
|
log_error ("keydb_search_next failed: %s\n", g10_errstr (rc));
|
||||||
|
if (keydb_get_skipped_counter (hd))
|
||||||
|
log_info (_("Warning: %lu key(s) skipped due to their large size\n"),
|
||||||
|
keydb_get_skipped_counter (hd));
|
||||||
|
|
||||||
if (opt.check_sigs && !opt.with_colons)
|
if (opt.check_sigs && !opt.with_colons)
|
||||||
print_signature_stats (&stats);
|
print_signature_stats (&stats);
|
||||||
|
@ -718,10 +718,12 @@ keybox_search_reset (KEYBOX_HANDLE hd)
|
|||||||
|
|
||||||
|
|
||||||
/* Note: When in ephemeral mode the search function does visit all
|
/* Note: When in ephemeral mode the search function does visit all
|
||||||
blobs but in standard mode, blobs flagged as ephemeral are ignored. */
|
blobs but in standard mode, blobs flagged as ephemeral are ignored.
|
||||||
|
The value at R_SKIPPED is updated by the number of skipped long
|
||||||
|
records (counts PGP and X.509). */
|
||||||
int
|
int
|
||||||
keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
|
keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
|
||||||
size_t *r_descindex)
|
size_t *r_descindex, unsigned long *r_skipped)
|
||||||
{
|
{
|
||||||
int rc;
|
int rc;
|
||||||
size_t n;
|
size_t n;
|
||||||
@ -852,6 +854,13 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
|
|||||||
|
|
||||||
_keybox_release_blob (blob); blob = NULL;
|
_keybox_release_blob (blob); blob = NULL;
|
||||||
rc = _keybox_read_blob (&blob, hd->fp);
|
rc = _keybox_read_blob (&blob, hd->fp);
|
||||||
|
if (gpg_err_code (rc) == GPG_ERR_TOO_LARGE
|
||||||
|
&& gpg_err_source (rc) == GPG_ERR_SOURCE_KEYBOX)
|
||||||
|
{
|
||||||
|
++*r_skipped;
|
||||||
|
continue; /* Skip too large records. */
|
||||||
|
}
|
||||||
|
|
||||||
if (rc)
|
if (rc)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
@ -87,7 +87,7 @@ int keybox_get_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int *value);
|
|||||||
|
|
||||||
int keybox_search_reset (KEYBOX_HANDLE hd);
|
int keybox_search_reset (KEYBOX_HANDLE hd);
|
||||||
int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
|
int keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc,
|
||||||
size_t *r_descindex);
|
size_t *r_descindex, unsigned long *r_skipped);
|
||||||
|
|
||||||
|
|
||||||
/*-- keybox-update.c --*/
|
/*-- keybox-update.c --*/
|
||||||
|
@ -958,6 +958,7 @@ int
|
|||||||
keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
|
keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
|
||||||
{
|
{
|
||||||
int rc = -1;
|
int rc = -1;
|
||||||
|
unsigned long skipped;
|
||||||
|
|
||||||
if (!hd)
|
if (!hd)
|
||||||
return gpg_error (GPG_ERR_INV_VALUE);
|
return gpg_error (GPG_ERR_INV_VALUE);
|
||||||
@ -970,7 +971,8 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc)
|
|||||||
BUG(); /* we should never see it here */
|
BUG(); /* we should never see it here */
|
||||||
break;
|
break;
|
||||||
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
case KEYDB_RESOURCE_TYPE_KEYBOX:
|
||||||
rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc, NULL);
|
rc = keybox_search (hd->active[hd->current].u.kr, desc, ndesc,
|
||||||
|
NULL, &skipped);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (rc == -1) /* EOF -> switch to next resource */
|
if (rc == -1) /* EOF -> switch to next resource */
|
||||||
|
Loading…
x
Reference in New Issue
Block a user