security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

some random changes

Browse source
This commit is contained in:
Werner Koch 1998-10-25 19:00:01 +00:00
parent e309a875cb
commit 5ccb92591e
32 changed files with 3463 additions and 787 deletions
Download patch file Download diff file Expand all files Collapse all files

49
g10/ChangeLog
View file

@ -1,3 +1,52 @@
Sun Oct 25 19:32:05 1998 Werner Koch (wk@isil.d.shuttle.de)
* openfile.c (copy_options_File): New.
* ringedit.c (add_keyblock_resource): Creates options file
* tdbio.c (tdbio_set_dbname): Ditto.
Sat Oct 24 14:10:53 1998 brian moore <bem@cmc.net>
* mainproc.c (proc_pubkey_enc): Don't release the DEK
(do_proc_packets): Ditto.
Fri Oct 23 06:49:38 1998 me,,, (wk@tobold)
* keyedit.c (keyedit_menu): Comments are now allowed
* trustdb.c: Rewrote large parts.
Thu Oct 22 15:56:45 1998 Michael Roth (mroth@nessie.de)
* encode.c: (encode_simple): Only the plain filename without
a given directory is stored in generated packets.
(encode_crypt): Ditto.
* sign.c: (sign_file) Ditto.
Thu Oct 22 10:53:41 1998 Werner Koch (wk@isil.d.shuttle.de)
* trustdb.c (update_trust_record): Add new optional arg.
* import.c (import_keys): Add statistics output
* trustdb.c (update_trustdb): Ditto.
(insert_trustdb): Ditto.
* tdbio.c (tdbio_begin_transaction): New.
(tdbio_end_transaction): New.
(tdbio_cancel_transaction): New.
* g10.c (main): New option --quit.
* trustdb.c (check_hint_sig): No tests for user-id w/o sig.
This caused an assert while checking the sigs.
* trustdb.c (upd_sig_record): Splitted into several functions.
* import.c (import_keys): New arg "fast".
* g10.c (main): New command --fast-import.
Wed Oct 21 18:19:36 1998 Michael Roth <mroth@nessie.de>
* ringedit.c (add_keyblock_resource): Directory is now created.

8
g10/Makefile.am
View file

@ -1,7 +1,7 @@
## Process this file with automake to produce Makefile.in
INCLUDES = -I$(top_srcdir)/include -I$(top_srcdir)/intl
EXTRA_DIST = OPTIONS pubring.asc
EXTRA_DIST = OPTIONS pubring.asc options.skel
OMIT_DEPENDENCIES = zlib.h zconf.h
LDFLAGS = @LDFLAGS@ @DYNLINK_LDFLAGS@
needed_libs = ../cipher/libcipher.a ../mpi/libmpi.a ../util/libutil.a
@ -87,3 +87,9 @@ g10maint.o: $(srcdir)/g10.c
$(PROGRAMS): $(needed_libs)
install-data-local:
$(mkinstalldirs) $(pkgdatadir)
$(INSTALL_DATA) $(srcdir)/options.skel $(pkgdatadir)/options.skel

6
g10/encode.c
View file

@ -140,10 +140,11 @@ encode_simple( const char *filename, int mode )
/* setup the inner packet */
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
char *s = make_basename( opt.set_filename ? opt.set_filename : filename );
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
m_free(s);
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );
@ -253,10 +254,11 @@ encode_crypt( const char *filename, STRLIST remusr )
/* setup the inner packet */
if( filename || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : filename;
char *s = make_basename( opt.set_filename ? opt.set_filename : filename );
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
m_free(s);
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );

11
g10/g10.c
View file

@ -57,6 +57,7 @@ enum cmd_and_opt_values { aNull = 0,
oKOption = 'k',
oDryRun = 'n',
oOutput = 'o',
oQuiet = 'q',
oRemote = 'r',
aSign = 's',
oTextmode = 't',
@ -76,6 +77,7 @@ enum cmd_and_opt_values { aNull = 0,
aKMode,
aKModeC,
aImport,
aFastImport,
aVerify,
aListKeys,
aListSigs,
@ -174,6 +176,7 @@ static ARGPARSE_OPTS opts[] = {
{ aExport, "export" , 256, N_("export keys") },
{ aExportSecret, "export-secret-keys" , 256, "@" },
{ aImport, "import", 256 , N_("import/merge keys")},
{ aFastImport, "fast-import", 256 , "@"},
{ aListPackets, "list-packets",256,N_("list only the sequence of packets")},
#ifdef IS_G10MAINT
{ aExportOwnerTrust,
@ -206,6 +209,7 @@ static ARGPARSE_OPTS opts[] = {
#endif
{ oOutput, "output", 2, N_("use as output file")},
{ oVerbose, "verbose", 0, N_("verbose") },
{ oQuiet, "quiet", 0, N_("be somewhat more quiet") },
{ oForceV3Sigs, "force-v3-sigs", 0, N_("force v3 signatures") },
/* { oDryRun, "dry-run", 0, N_("do not make any changes") }, */
{ oBatch, "batch", 0, N_("batch mode: never ask")},
@ -614,6 +618,7 @@ main( int argc, char **argv )
case aCheckKeys: set_cmd( &cmd, aCheckKeys); break;
case aListPackets: set_cmd( &cmd, aListPackets); break;
case aImport: set_cmd( &cmd, aImport); break;
case aFastImport: set_cmd( &cmd, aFastImport); break;
case aExport: set_cmd( &cmd, aExport); break;
case aListKeys: set_cmd( &cmd, aListKeys); break;
case aListSigs: set_cmd( &cmd, aListSigs); break;
@ -657,6 +662,7 @@ main( int argc, char **argv )
case oArmor: opt.armor = 1; opt.no_armor=0; break;
case oOutput: opt.outfile = pargs.r.ret_str; break;
case oQuiet: opt.quiet = 1; break;
case oVerbose: g10_opt_verbose++;
opt.verbose++; opt.list_sigs=1; break;
case oKOption: set_cmd( &cmd, aKMode ); break;
@ -1022,14 +1028,15 @@ main( int argc, char **argv )
break;
#endif
case aFastImport:
case aImport:
if( !argc ) {
rc = import_keys( NULL );
rc = import_keys( NULL, (cmd == aFastImport) );
if( rc )
log_error("import failed: %s\n", g10_errstr(rc) );
}
for( ; argc; argc--, argv++ ) {
rc = import_keys( *argv );
rc = import_keys( *argv, (cmd == aFastImport) );
if( rc )
log_error("import from '%s' failed: %s\n",
*argv, g10_errstr(rc) );

135
g10/import.c
View file

@ -36,9 +36,24 @@
#include "i18n.h"
static struct {
ulong no_user_id;
ulong imported;
ulong imported_rsa;
ulong n_uids;
ulong n_sigs;
ulong n_subk;
ulong unchanged;
ulong n_revoc;
ulong secret_read;
ulong secret_imported;
ulong secret_dups;
} stats;
static int read_block( IOBUF a, compress_filter_context_t *cfx,
PACKET **pending_pkt, KBNODE *ret_root );
static int import_one( const char *fname, KBNODE keyblock );
static int import_one( const char *fname, KBNODE keyblock, int fast );
static int import_secret_one( const char *fname, KBNODE keyblock );
static int import_revoke_cert( const char *fname, KBNODE node );
static int chk_self_sigs( const char *fname, KBNODE keyblock,
@ -59,7 +74,7 @@ static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
* least one userid. Only user ids which are self signed will be imported.
* Other signatures are not checked.
*
* Actually this functtion does a merge. It works like this:
* Actually this function does a merge. It works like this:
*
* - get the keyblock
* - check self-signatures and remove all userids and their signatures
@ -85,7 +100,7 @@ static int merge_sigs( KBNODE dst, KBNODE src, int *n_sigs,
*
*/
int
import_keys( const char *fname )
import_keys( const char *fname, int fast )
{
armor_filter_context_t afx;
compress_filter_context_t cfx;
@ -93,11 +108,15 @@ import_keys( const char *fname )
IOBUF inp = NULL;
KBNODE keyblock;
int rc = 0;
ulong count=0;
memset( &afx, 0, sizeof afx);
memset( &cfx, 0, sizeof cfx);
afx.only_keyblocks = 1;
/* fixme: don't use static variables */
memset( &stats, 0, sizeof( stats ) );
/* open file */
inp = iobuf_open(fname);
if( !fname )
@ -112,7 +131,7 @@ import_keys( const char *fname )
while( !(rc = read_block( inp, &cfx, &pending_pkt, &keyblock) )) {
if( keyblock->pkt->pkttype == PKT_PUBLIC_KEY )
rc = import_one( fname, keyblock );
rc = import_one( fname, keyblock, fast );
else if( keyblock->pkt->pkttype == PKT_SECRET_KEY )
rc = import_secret_one( fname, keyblock );
else if( keyblock->pkt->pkttype == PKT_SIGNATURE
@ -125,12 +144,41 @@ import_keys( const char *fname )
release_kbnode(keyblock);
if( rc )
break;
if( !(++count % 100) )
log_info(_("%lu keys so far processed\n"), count );
}
if( rc == -1 )
rc = 0;
else if( rc && rc != G10ERR_INV_KEYRING )
log_error_f( fname, _("read error: %s\n"), g10_errstr(rc));
log_info(_("Total number processed: %lu\n"), count );
if( stats.no_user_id )
log_info(_(" w/o user IDs: %lu\n"), stats.no_user_id );
if( stats.imported || stats.imported_rsa ) {
log_info(_(" imported: %lu"), stats.imported );
if( stats.imported_rsa )
fprintf(stderr, " (RSA: %lu)", stats.imported_rsa );
putc('\n', stderr);
}
if( stats.unchanged )
log_info(_(" unchanged: %lu\n"), stats.unchanged );
if( stats.n_uids )
log_info(_(" new user IDs: %lu\n"), stats.n_uids );
if( stats.n_subk )
log_info(_(" new subkeys: %lu\n"), stats.n_subk );
if( stats.n_sigs )
log_info(_(" new signatures: %lu\n"), stats.n_sigs );
if( stats.n_revoc )
log_info(_(" new key revocations: %lu\n"), stats.n_revoc );
if( stats.secret_read )
log_info(_(" secret keys read: %lu\n"), stats.secret_read );
if( stats.secret_imported )
log_info(_(" secret keys imported: %lu\n"), stats.secret_imported );
if( stats.secret_dups )
log_info(_(" secret keys unchanged: %lu\n"), stats.secret_dups );
iobuf_close(inp);
return rc;
}
@ -238,7 +286,7 @@ read_block( IOBUF a, compress_filter_context_t *cfx,
* which called g10.
*/
static int
import_one( const char *fname, KBNODE keyblock )
import_one( const char *fname, KBNODE keyblock, int fast )
{
PKT_public_key *pk;
PKT_public_key *pk_orig;
@ -280,9 +328,12 @@ import_one( const char *fname, KBNODE keyblock )
return rc== -1? 0:rc;
if( !delete_inv_parts( fname, keyblock, keyid ) ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
if( !opt.quiet ) {
log_info_f( fname, _("key %08lX: no valid user ids\n"),
(ulong)keyid[1]);
log_info(_("this may be caused by a missing self-signature\n"));
}
stats.no_user_id++;
return 0;
}
@ -311,7 +362,12 @@ import_one( const char *fname, KBNODE keyblock )
_("can't write to keyring: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
log_info_f( fname, _("key %08lX: public key imported\n"), (ulong)keyid[1]);
if( !opt.quiet )
log_info_f( fname, _("key %08lX: public key imported\n"),
(ulong)keyid[1]);
stats.imported++;
if( is_RSA( pk->pubkey_algo ) )
stats.imported_rsa++;
new_key = 1;
}
else { /* merge */
@ -366,29 +422,39 @@ import_one( const char *fname, KBNODE keyblock )
_("can't write keyblock: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
if( n_uids == 1 )
log_info_f(fname, _("key %08lX: 1 new user-id\n"),
(ulong)keyid[1]);
else if( n_uids )
log_info_f(fname, _("key %08lX: %d new user-ids\n"),
(ulong)keyid[1], n_uids );
if( n_sigs == 1 )
log_info_f(fname, _("key %08lX: 1 new signature\n"),
(ulong)keyid[1]);
else if( n_sigs )
log_info_f(fname, _("key %08lX: %d new signatures\n"),
(ulong)keyid[1], n_sigs );
if( n_subk == 1 )
log_info_f(fname, _("key %08lX: 1 new subkey\n"),
(ulong)keyid[1]);
else if( n_subk )
log_info_f(fname, _("key %08lX: %d new subkeys\n"),
(ulong)keyid[1], n_subk );
if( !opt.quiet ) {
if( n_uids == 1 )
log_info_f(fname, _("key %08lX: 1 new user-id\n"),
(ulong)keyid[1]);
else if( n_uids )
log_info_f(fname, _("key %08lX: %d new user-ids\n"),
(ulong)keyid[1], n_uids );
if( n_sigs == 1 )
log_info_f(fname, _("key %08lX: 1 new signature\n"),
(ulong)keyid[1]);
else if( n_sigs )
log_info_f(fname, _("key %08lX: %d new signatures\n"),
(ulong)keyid[1], n_sigs );
if( n_subk == 1 )
log_info_f(fname, _("key %08lX: 1 new subkey\n"),
(ulong)keyid[1]);
else if( n_subk )
log_info_f(fname, _("key %08lX: %d new subkeys\n"),
(ulong)keyid[1], n_subk );
}
stats.n_uids +=n_uids;
stats.n_sigs +=n_sigs;
stats.n_subk +=n_subk;
}
else {
if( !opt.quiet )
log_info_f(fname, _("key %08lX: not changed\n"),
(ulong)keyid[1] );
stats.unchanged++;
}
else
log_info_f(fname, _("key %08lX: not changed\n"), (ulong)keyid[1] );
}
if( !rc ) {
if( !rc && !fast ) {
rc = query_trust_record( new_key? pk : pk_orig );
if( rc && rc != -1 )
log_error("trustdb error: %s\n", g10_errstr(rc) );
@ -399,7 +465,7 @@ import_one( const char *fname, KBNODE keyblock )
(ulong)keyid[1], g10_errstr(rc) );
}
else if( mod_key )
rc = update_trust_record( keyblock_orig );
rc = update_trust_record( keyblock_orig, NULL );
else
rc = clear_trust_checked_flag( new_key? pk : pk_orig );
}
@ -442,6 +508,7 @@ import_secret_one( const char *fname, KBNODE keyblock )
uidnode->pkt->pkt.user_id->len, 0 );
putc('\n', stderr);
}
stats.secret_read++;
if( !uidnode ) {
log_error_f(fname, _("key %08lX: no user id\n"), (ulong)keyid[1]);
return 0;
@ -468,10 +535,12 @@ import_secret_one( const char *fname, KBNODE keyblock )
unlock_keyblock( &kbpos );
/* we are ready */
log_info_f(fname, _("key %08lX: secret key imported\n"), (ulong)keyid[1]);
stats.secret_imported++;
}
else if( !rc ) { /* we can't merge secret keys */
log_error_f(fname, _("key %08lX: already in secret keyring\n"),
(ulong)keyid[1]);
stats.secret_dups++;
}
else
log_error_f(fname, _("key %08lX: secret key not found: %s\n"),
@ -569,8 +638,10 @@ import_revoke_cert( const char *fname, KBNODE node )
_("can't write keyblock: %s\n"), g10_errstr(rc) );
unlock_keyblock( &kbpos );
/* we are ready */
log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
if( !opt.quiet )
log_info_f(fname, _("key %08lX: revocation certificate imported\n"),
(ulong)keyid[1]);
stats.n_revoc++;
leave:
release_kbnode( keyblock );

14
g10/keyedit.c
View file

@ -571,10 +571,12 @@ keyedit_menu( const char *username, STRLIST locusr )
tty_printf("\n");
redisplay = 0;
}
m_free(answer);
answer = cpr_get(N_("keyedit.cmd"), _("Command> "));
cpr_kill_prompt();
trim_spaces(answer);
do {
m_free(answer);
answer = cpr_get(N_("keyedit.cmd"), _("Command> "));
cpr_kill_prompt();
trim_spaces(answer);
} while( *answer == '#' );
arg_number = 0;
if( !*answer )
@ -645,7 +647,7 @@ keyedit_menu( const char *username, STRLIST locusr )
}
else
tty_printf(_("Key not changed so no update needed.\n"));
rc = update_trust_record( keyblock );
rc = update_trust_record( keyblock, NULL );
if( rc )
log_error(_("update of trust db failed: %s\n"),
g10_errstr(rc) );
@ -703,7 +705,7 @@ keyedit_menu( const char *username, STRLIST locusr )
sec_modified = modified = 1;
/* must update the trustdb already here, so that preferences
* get listed correctly */
rc = update_trust_record( keyblock );
rc = update_trust_record( keyblock, NULL );
if( rc ) {
log_error(_("update of trust db failed: %s\n"),
g10_errstr(rc) );

3
g10/main.h
View file

@ -88,6 +88,7 @@ int generate_subkeypair( KBNODE pub_keyblock, KBNODE sec_keyblock );
int overwrite_filep( const char *fname );
int open_outfile( const char *iname, int mode, IOBUF *a );
IOBUF open_sigfile( const char *iname );
void copy_options_file( const char *destdir );
/*-- seskey.c --*/
void make_session_key( DEK *dek );
@ -100,7 +101,7 @@ KBNODE make_comment_node( const char *s );
KBNODE make_mpi_comment_node( const char *s, MPI a );
/*-- import.c --*/
int import_keys( const char *filename );
int import_keys( const char *filename, int fast );
/*-- export.c --*/
int export_pubkeys( STRLIST users );
int export_seckeys( STRLIST users );

18
g10/mainproc.c
View file

@ -180,11 +180,12 @@ proc_pubkey_enc( CTX c, PACKET *pkt )
if( is_ELGAMAL(enc->pubkey_algo)
|| enc->pubkey_algo == PUBKEY_ALGO_DSA
|| is_RSA(enc->pubkey_algo) ) {
m_free(c->dek ); /* paranoid: delete a pending DEK */
c->dek = m_alloc_secure( sizeof *c->dek );
if( (result = get_session_key( enc, c->dek )) ) {
/* error: delete the DEK */
m_free(c->dek); c->dek = NULL;
if ( !c->dek ) {
c->dek = m_alloc_secure( sizeof *c->dek );
if( (result = get_session_key( enc, c->dek )) ) {
/* error: delete the DEK */
m_free(c->dek); c->dek = NULL;
}
}
}
else
@ -716,13 +717,6 @@ do_proc_packets( CTX c, IOBUF a )
c->iobuf = a;
init_packet(pkt);
while( (rc=parse_packet(a, pkt)) != -1 ) {
/* cleanup if we have an illegal data structure */
if( c->dek && pkt->pkttype != PKT_ENCRYPTED ) {
/* FIXME: do we need to ave it in case we have no secret
* key for one of the next reciepents- we should check it
* here. */
m_free(c->dek); c->dek = NULL; /* burn it */
}
if( rc ) {
free_packet(pkt);

54
g10/openfile.c
View file

@ -78,11 +78,11 @@ open_outfile( const char *iname, int mode, IOBUF *a )
*a = NULL;
if( (!iname || (*iname=='-' && !iname[1])) && !opt.outfile ) {
if( !(*a = iobuf_create(NULL)) ) {
log_error("can't open [stdout]: %s\n", strerror(errno) );
log_error(_("%s: can't open: %s\n"), "[stdout]", strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to stdout\n");
log_info(_("writing to stdout\n"));
}
else {
char *buf=NULL;
@ -98,11 +98,11 @@ open_outfile( const char *iname, int mode, IOBUF *a )
}
if( overwrite_filep( name ) ) {
if( !(*a = iobuf_create( name )) ) {
log_error("can't create %s: %s\n", name, strerror(errno) );
log_error(_("%s: can't create: %s\n"), name, strerror(errno) );
rc = G10ERR_CREATE_FILE;
}
else if( opt.verbose )
log_info("writing to '%s'\n", name );
log_info(_("writing to '%s'\n"), name );
}
else
rc = G10ERR_FILE_EXISTS;
@ -131,10 +131,54 @@ open_sigfile( const char *iname )
buf[len-4] = 0 ;
a = iobuf_open( buf );
if( opt.verbose )
log_info("assuming signed data in '%s'\n", buf );
log_info(_("assuming signed data in '%s'\n"), buf );
m_free(buf);
}
}
return a;
}
/****************
* Copy the option file skeleton to the given directory.
*/
void
copy_options_file( const char *destdir )
{
const char *datadir = GNUPG_DATADIR;
char *fname;
FILE *src, *dst;
int linefeeds=0;
int c;
fname = m_alloc( strlen(datadir) + strlen(destdir) + 15 );
strcpy(stpcpy(fname, datadir), "/options.skel" );
src = fopen( fname, "r" );
if( !src ) {
log_error(_("%s: can't open: %s\n"), fname, strerror(errno) );
m_free(fname);
return;
}
strcpy(stpcpy(fname, destdir), "/options" );
dst = fopen( fname, "w" );
if( !dst ) {
log_error(_("%s: can't create: %s\n"), fname, strerror(errno) );
fclose( src );
m_free(fname);
return;
}
while( (c=getc(src)) != EOF ) {
if( linefeeds < 3 ) {
if( c == '\n' )
linefeeds++;
}
else
putc( c, dst );
}
fclose( dst );
fclose( src );
log_info(_("%s: new options file created\n"), fname );
m_free(fname);
}

1
g10/options.h
View file

@ -26,6 +26,7 @@
struct {
int verbose;
int quiet;
unsigned debug;
int armor;
int compress;

37
g10/options.skel Normal file
View file

@ -0,0 +1,37 @@
These first three lines are not copied to the options file in
the users home directory.
$Id$
# Options for GnuPG
#
# Unless you you specify which option file to use (with the
# commandline option "--options filename"), GnuPG uses the
# file ~/.gnupg/options by default.
#
# An option file can contain all long options which are
# available in GnuPG. If the first non white space character of
# a line is a '#', this line is ignored. Empty lines are also
# ignored.
#
# See the man page for a list of options.
# Uncomment the next line to get rid of the copyright notice
#no-greeting
# If you have more than 1 secret key in your keyring, you may want
# to uncomment the following option and set your preffered keyid
# default-key 621CC013
# The next option is enabled because this one is needed for interoperation
# with PGP 5 users. To enable full OpenPGP compliance you have to remove
# this option.
force-v3-sigs
# Default is to use the newer compress algo 2, but PGP 5 does not
# like this, so we use the old one
# Hmm: Do we really need this ... preferences should decide which compress
# algo to use.
compress-algo 1

20
g10/ringedit.c
View file

@ -59,6 +59,7 @@
#include "keydb.h"
#include "host2net.h"
#include "options.h"
#include "main.h"
#include "i18n.h"
@ -153,7 +154,7 @@ add_keyblock_resource( const char *url, int force, int secret )
{
static int any_secret, any_public;
const char *resname = url;
IOBUF iobuf;
IOBUF iobuf = NULL;
int i;
char *filename = NULL;
int rc = 0;
@ -217,6 +218,8 @@ add_keyblock_resource( const char *url, int force, int secret )
else
rt = rt_RING;
}
else /* maybe empty: assume ring */
rt = rt_RING;
fclose( fp );
}
else /* no file yet: create ring */
@ -258,6 +261,7 @@ add_keyblock_resource( const char *url, int force, int secret )
}
else
log_info( _("%s: directory created\n"), filename );
copy_options_file( filename );
}
else
{
@ -513,6 +517,7 @@ locate_keyblock_by_fpr( KBPOS *kbpos, const byte *fpr, int fprlen, int secret )
rc = do_gdbm_locate( rentry->dbf, kbpos, fpr, fprlen );
break;
default:
rc = G10ERR_UNSUPPORTED;
break;
}
@ -521,7 +526,7 @@ locate_keyblock_by_fpr( KBPOS *kbpos, const byte *fpr, int fprlen, int secret )
kbpos->fp = NULL;
return 0;
}
else if( rc != -1 ) {
else if( rc != -1 && rc != G10ERR_UNSUPPORTED ) {
log_error("error searching resource %d: %s\n",
i, g10_errstr(rc));
last_rc = rc;
@ -551,6 +556,7 @@ locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid, int shortkid, int secret )
rc = do_gdbm_locate_by_keyid( rentry->dbf, kbpos, keyid );
break;
default:
rc = G10ERR_UNSUPPORTED;
break;
}
@ -559,7 +565,7 @@ locate_keyblock_by_keyid( KBPOS *kbpos, u32 *keyid, int shortkid, int secret )
kbpos->fp = NULL;
return 0;
}
else if( rc != -1 ) {
else if( rc != -1 && rc != G10ERR_UNSUPPORTED ) {
log_error("error searching resource %d: %s\n",
i, g10_errstr(rc));
last_rc = rc;
@ -719,7 +725,10 @@ enum_keyblocks( int mode, KBPOS *kbpos, KBNODE *ret_root )
break;
case rt_GDBM:
break;
default: BUG();
default:
log_error("OOPS in close enum_keyblocks - ignored\n");
return rc;
break;
}
/* release pending packet */
free_packet( kbpos->pkt );
@ -778,7 +787,8 @@ delete_keyblock( KBPOS *kbpos )
break;
#ifdef HAVE_LIBGDBM
case rt_GDBM:
/* FIXME!!!! */
log_debug("deleting gdbm keyblock is not yet implemented\n");
rc = 0;
break;
#endif
default: BUG();

5
g10/sign.c
View file

@ -253,7 +253,7 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
int skcount=0;
/* loop over the secret certificates and build headers
* The specs now say that the data should be bracket by
* the onepass-sig and signature-packet; so we muts build it
* the onepass-sig and signature-packet; so we must build it
* here in reverse order */
for( sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next )
skcount++;
@ -320,10 +320,11 @@ sign_file( STRLIST filenames, int detached, STRLIST locusr,
}
else {
if( fname || opt.set_filename ) {
const char *s = opt.set_filename ? opt.set_filename : fname;
char *s = make_basename( opt.set_filename ? opt.set_filename : fname );
pt = m_alloc( sizeof *pt + strlen(s) - 1 );
pt->namelen = strlen(s);
memcpy(pt->name, s, pt->namelen );
m_free(s);
}
else { /* no filename */
pt = m_alloc( sizeof *pt - 1 );

108
g10/tdbio.c
View file

@ -56,9 +56,11 @@ struct cache_ctrl_struct {
char data[TRUST_RECORD_LEN];
};
#define MAX_CACHE_ENTRIES 200
#define MAX_CACHE_ENTRIES_SOFT 200 /* may be increased due while in a */
#define MAX_CACHE_ENTRIES_HARD 1000 /* transaction to this one */
static CACHE_CTRL cache_list;
static int cache_entries;
static int cache_is_dirty;
/* a type used to pass infomation to cmp_krec_fpr */
struct cmp_krec_fpr_struct {
@ -76,6 +78,7 @@ struct cmp_sdir_struct {
static char *db_name;
static int db_fd = -1;
static int in_transaction;
static void open_db(void);
@ -143,8 +146,10 @@ put_record_into_cache( ulong recno, const char *data )
else if( r->recno == recno ) {
if( !r->flags.dirty ) {
/* Hmmm: should we use a a copy and compare? */
if( memcmp(r->data, data, TRUST_RECORD_LEN ) )
if( memcmp(r->data, data, TRUST_RECORD_LEN ) ) {
r->flags.dirty = 1;
cache_is_dirty = 1;
}
}
memcpy( r->data, data, TRUST_RECORD_LEN );
return 0;
@ -163,11 +168,12 @@ put_record_into_cache( ulong recno, const char *data )
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
r->flags.dirty = 1;
cache_is_dirty = 1;
cache_entries++;
return 0;
}
/* see whether we reached the limit */
if( cache_entries < MAX_CACHE_ENTRIES ) { /* no */
if( cache_entries < MAX_CACHE_ENTRIES_SOFT ) { /* no */
r = m_alloc( sizeof *r );
r->flags.used = 1;
r->recno = recno;
@ -175,6 +181,7 @@ put_record_into_cache( ulong recno, const char *data )
r->flags.dirty = 1;
r->next = cache_list;
cache_list = r;
cache_is_dirty = 1;
cache_entries++;
return 0;
}
@ -199,10 +206,31 @@ put_record_into_cache( ulong recno, const char *data )
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
r->flags.dirty = 1;
cache_is_dirty = 1;
cache_entries++;
return 0;
}
/* no clean entries: have to flush some dirty entries */
if( in_transaction ) {
/* but we can't do this while in a transaction
* we increase the cache size instead */
if( cache_entries < MAX_CACHE_ENTRIES_HARD ) { /* no */
if( !(cache_entries % 100) )
log_info("increasing tdbio cache size\n");
r = m_alloc( sizeof *r );
r->flags.used = 1;
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
r->flags.dirty = 1;
r->next = cache_list;
cache_list = r;
cache_is_dirty = 1;
cache_entries++;
return 0;
}
log_info("hard cache size limit reached\n");
return G10ERR_RESOURCE_LIMIT;
}
if( dirty_count ) {
int n = dirty_count / 5; /* discard some dirty entries */
if( !n )
@ -226,6 +254,7 @@ put_record_into_cache( ulong recno, const char *data )
r->recno = recno;
memcpy( r->data, data, TRUST_RECORD_LEN );
r->flags.dirty = 1;
cache_is_dirty = 1;
cache_entries++;
return 0;
}
@ -233,16 +262,27 @@ put_record_into_cache( ulong recno, const char *data )
}
int
tdbio_is_dirty()
{
return cache_is_dirty;
}
/****************
* Sync the cache to disk
* Flush the cache. This cannot be used while in a transaction.
*/
int
tdbio_sync()
{
CACHE_CTRL r;
if( in_transaction )
log_bug("tdbio: syncing while in transaction\n");
if( !cache_is_dirty )
return 0;
for( r = cache_list; r; r = r->next ) {
if( r->flags.used && r->flags.dirty ) {
int rc = write_cache_item( r );
@ -250,6 +290,63 @@ tdbio_sync()
return rc;
}
}
cache_is_dirty = 0;
return 0;
}
/****************
* Simple transactions system:
* Everything between begin_transaction and end/cancel_transaction
* is not immediatly written but at the time of end_transaction.
*
*/
int
tdbio_begin_transaction()
{
int rc;
if( in_transaction )
log_bug("tdbio: nested transactions\n");
/* flush everything out */
rc = tdbio_sync();
if( rc )
return rc;
in_transaction = 1;
return 0;
}
int
tdbio_end_transaction()
{
if( !in_transaction )
log_bug("tdbio: no active transaction\n");
in_transaction = 0;
return tdbio_sync();
}
int
tdbio_cancel_transaction()
{
CACHE_CTRL r;
if( !in_transaction )
log_bug("tdbio: no active transaction\n");
/* remove all dirty marked entries, so that the original ones
* are read back the next time */
if( cache_is_dirty ) {
for( r = cache_list; r; r = r->next ) {
if( r->flags.used && r->flags.dirty ) {
r->flags.used = 0;
cache_entries--;
}
}
cache_is_dirty = 0;
}
in_transaction = 0;
return 0;
}
@ -293,6 +390,7 @@ tdbio_set_dbname( const char *new_dbname, int create )
fname, strerror(errno) );
else
log_info( _("%s: directory created\n"), fname );
copy_options_file( fname );
}
else
log_fatal( _("%s: directory does not exist!\n"), fname );

4
g10/tdbio.h
View file

@ -168,7 +168,11 @@ const char *tdbio_get_dbname(void);
void tdbio_dump_record( TRUSTREC *rec, FILE *fp );
int tdbio_read_record( ulong recnum, TRUSTREC *rec, int expected );
int tdbio_write_record( TRUSTREC *rec );
int tdbio_is_dirty(void);
int tdbio_sync(void);
int tdbio_begin_transaction(void);
int tdbio_end_transaction(void);
int tdbio_cancel_transaction(void);
int tdbio_delete_record( ulong recnum );
ulong tdbio_new_recnum(void);
int tdbio_search_dir_bypk( PKT_public_key *pk, TRUSTREC *rec );

1389
g10/trustdb.c
View file

File diff suppressed because it is too large Load diff

2
g10/trustdb.h
View file

@ -60,7 +60,7 @@ ulong lid_from_keyblock( KBNODE keyblock );
int query_trust_record( PKT_public_key *pk );
int clear_trust_checked_flag( PKT_public_key *pk );
int insert_trust_record( PKT_public_key *pk );
int update_trust_record( KBNODE keyblock );
int update_trust_record( KBNODE keyblock, int *modified );
int update_ownertrust( ulong lid, unsigned new_trust );
/*-- pkclist.c --*/