1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

sm: Fix finding of issuer in use-keyboxd mode.

* sm/keydb.c (struct keydb_local_s): Add field saved_search_result.
(keydb_push_found_state): Implement for keyboxd.
(keydb_pop_found_state): Ditto.
(keydb_get_cert): Do not release the cert so that the function can be
used again to get the same cert.  This is the same behaviour as in
pubring.kbx mode.

* sm/certchain.c, sm/import.c: Improve some error messages.

Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch 2021-06-11 20:15:13 +02:00
parent 4e02db75e3
commit 6b76693ff5
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
3 changed files with 64 additions and 39 deletions

View File

@ -459,7 +459,8 @@ find_up_search_by_keyid (ctrl_t ctrl, KEYDB_HANDLE kh,
rc = keydb_get_cert (kh, &cert); rc = keydb_get_cert (kh, &cert);
if (rc) if (rc)
{ {
log_error ("keydb_get_cert() failed: rc=%d\n", rc); log_error ("keydb_get_cert failed in %s: %s <%s>\n",
__func__, gpg_strerror (rc), gpg_strsource (rc));
rc = gpg_error (GPG_ERR_NOT_FOUND); rc = gpg_error (GPG_ERR_NOT_FOUND);
goto leave; goto leave;
} }
@ -1084,8 +1085,8 @@ gpgsm_walk_cert_chain (ctrl_t ctrl, ksba_cert_t start, ksba_cert_t *r_next)
err = keydb_get_cert (kh, r_next); err = keydb_get_cert (kh, r_next);
if (err) if (err)
{ {
log_error ("keydb_get_cert() failed: %s <%s>\n", log_error ("keydb_get_cert failed in %s: %s <%s>\n",
gpg_strerror (err), gpg_strsource (err)); __func__, gpg_strerror (err), gpg_strsource (err));
err = gpg_error (GPG_ERR_GENERAL); err = gpg_error (GPG_ERR_GENERAL);
} }
@ -1824,7 +1825,8 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg,
rc = keydb_get_cert (kh, &issuer_cert); rc = keydb_get_cert (kh, &issuer_cert);
if (rc) if (rc)
{ {
log_error ("keydb_get_cert() failed: rc=%d\n", rc); log_error ("keydb_get_cert failed in %s: %s <%s>\n",
__func__, gpg_strerror (rc), gpg_strsource (rc));
rc = gpg_error (GPG_ERR_GENERAL); rc = gpg_error (GPG_ERR_GENERAL);
goto leave; goto leave;
} }
@ -2253,7 +2255,8 @@ gpgsm_basic_cert_check (ctrl_t ctrl, ksba_cert_t cert)
rc = keydb_get_cert (kh, &issuer_cert); rc = keydb_get_cert (kh, &issuer_cert);
if (rc) if (rc)
{ {
log_error ("keydb_get_cert() failed: rc=%d\n", rc); log_error ("keydb_get_cert failed in %s: %s <%s>\n",
__func__, gpg_strerror (rc), gpg_strsource (rc));
rc = gpg_error (GPG_ERR_GENERAL); rc = gpg_error (GPG_ERR_GENERAL);
goto leave; goto leave;
} }

View File

@ -459,7 +459,8 @@ reimport_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
err = keydb_get_cert (kh, &cert); err = keydb_get_cert (kh, &cert);
if (err) if (err)
{ {
log_error ("keydb_get_cert() failed: %s\n", gpg_strerror (err)); log_error ("keydb_get_cert failed in %s: %s <%s>\n",
__func__, gpg_strerror (err), gpg_strsource (err));
print_import_problem (ctrl, NULL, 1); print_import_problem (ctrl, NULL, 1);
stats->not_imported++; stats->not_imported++;
continue; continue;

View File

@ -72,6 +72,11 @@ struct keydb_local_s
char *buf; char *buf;
size_t len; size_t len;
} search_result; } search_result;
/* The "stack" used by keydb_push_found_state. */
struct {
char *buf;
size_t len;
} saved_search_result;
/* This flag set while an operation is running on this context. */ /* This flag set while an operation is running on this context. */
unsigned int is_active : 1; unsigned int is_active : 1;
@ -855,7 +860,7 @@ unlock_all (KEYDB_HANDLE hd)
/* Push the last found state if any. */ /* Push the last found state if any. Only one state is saved. */
void void
keydb_push_found_state (KEYDB_HANDLE hd) keydb_push_found_state (KEYDB_HANDLE hd)
{ {
@ -863,14 +868,19 @@ keydb_push_found_state (KEYDB_HANDLE hd)
return; return;
if (hd->use_keyboxd) if (hd->use_keyboxd)
return; /* FIXME: Do we need this? */
if (hd->found < 0 || hd->found >= hd->used)
{ {
hd->saved_found = -1; xfree (hd->kbl->saved_search_result.buf);
return; hd->kbl->saved_search_result.buf = hd->kbl->search_result.buf;
hd->kbl->saved_search_result.len = hd->kbl->search_result.len;
hd->kbl->search_result.buf = NULL;
hd->kbl->search_result.len = 0;
} }
else
{
if (hd->found < 0 || hd->found >= hd->used)
hd->saved_found = -1;
else
{
switch (hd->active[hd->found].type) switch (hd->active[hd->found].type)
{ {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
@ -882,6 +892,9 @@ keydb_push_found_state (KEYDB_HANDLE hd)
hd->saved_found = hd->found; hd->saved_found = hd->found;
hd->found = -1; hd->found = -1;
}
}
if (DBG_CLOCK) if (DBG_CLOCK)
log_clock ("%s: done (hd=%p)\n", __func__, hd); log_clock ("%s: done (hd=%p)\n", __func__, hd);
} }
@ -895,13 +908,21 @@ keydb_pop_found_state (KEYDB_HANDLE hd)
return; return;
if (hd->use_keyboxd) if (hd->use_keyboxd)
return; /* FIXME: Do we need this? */ {
xfree (hd->kbl->search_result.buf);
hd->kbl->search_result.buf = hd->kbl->saved_search_result.buf;
hd->kbl->search_result.len = hd->kbl->saved_search_result.len;
hd->kbl->saved_search_result.buf = NULL;
hd->kbl->saved_search_result.len = 0;
}
else
{
hd->found = hd->saved_found; hd->found = hd->saved_found;
hd->saved_found = -1; hd->saved_found = -1;
if (hd->found < 0 || hd->found >= hd->used) if (hd->found < 0 || hd->found >= hd->used)
return; ;
else
{
switch (hd->active[hd->found].type) switch (hd->active[hd->found].type)
{ {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
@ -910,6 +931,9 @@ keydb_pop_found_state (KEYDB_HANDLE hd)
keybox_pop_found_state (hd->active[hd->found].u.kr); keybox_pop_found_state (hd->active[hd->found].u.kr);
break; break;
} }
}
}
if (DBG_CLOCK) if (DBG_CLOCK)
log_clock ("%s: done (hd=%p)\n", __func__, hd); log_clock ("%s: done (hd=%p)\n", __func__, hd);
} }
@ -955,9 +979,6 @@ keydb_get_cert (KEYDB_HANDLE hd, ksba_cert_t *r_cert)
ksba_cert_release (cert); ksba_cert_release (cert);
goto leave; goto leave;
} }
xfree (hd->kbl->search_result.buf);
hd->kbl->search_result.buf = NULL;
hd->kbl->search_result.len = 0;
*r_cert = cert; *r_cert = cert;
goto leave; goto leave;
} }