mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-18 14:17:03 +01:00
Fix a problem with dirmngr looked up certificates.
Typo fixes.
This commit is contained in:
parent
03d6961073
commit
80f77d79c5
@ -1,3 +1,8 @@
|
||||
2008-04-01 Werner Koch <wk@g10code.com>
|
||||
|
||||
* configure.ac: Require curl 7.10 (Oct 1 2002) or later as we use
|
||||
curl_version_info().
|
||||
|
||||
2008-03-27 Werner Koch <wk@g10code.com>
|
||||
|
||||
* Makefile.am (dist_doc_DATA): New. Install README.
|
||||
|
@ -831,8 +831,9 @@ fi
|
||||
|
||||
#
|
||||
# Check for curl. We fake the curl API if libcurl isn't installed.
|
||||
# We require 7.10 or later as we use curl_version_info().
|
||||
#
|
||||
LIBCURL_CHECK_CONFIG([yes],,,[fake_curl=yes])
|
||||
LIBCURL_CHECK_CONFIG([yes],[7.10],,[fake_curl=yes])
|
||||
AM_CONDITIONAL(FAKE_CURL,test x"$fake_curl" = xyes)
|
||||
|
||||
# Generic, for us, means curl
|
||||
|
@ -1,3 +1,10 @@
|
||||
2008-04-01 Werner Koch <wk@g10code.com>
|
||||
|
||||
* keybox-init.c (keybox_new, keybox_release): Track used handles.
|
||||
(_keybox_close_file): New.
|
||||
* keybox-update.c (keybox_insert_cert, keybox_set_flags)
|
||||
(keybox_delete, keybox_compress): Use the new close function.
|
||||
|
||||
2008-03-13 Werner Koch <wk@g10code.com>
|
||||
|
||||
* keybox-blob.c (x509_email_kludge): Use the same code as in
|
||||
@ -280,7 +287,8 @@
|
||||
names.
|
||||
|
||||
|
||||
Copyright 2001 g10 Code GmbH
|
||||
Copyright 2001, 2002, 2003, 2004, 2005, 2006,
|
||||
2007, 2008 Free Software Foundation, Inc.
|
||||
|
||||
This file is free software; as a special exception the author gives
|
||||
unlimited permission to copy and/or distribute it, with or without
|
||||
@ -289,4 +297,3 @@
|
||||
This file is distributed in the hope that it will be useful, but
|
||||
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
|
||||
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
||||
|
@ -53,13 +53,31 @@ typedef struct keyboxblob *KEYBOXBLOB;
|
||||
|
||||
|
||||
typedef struct keybox_name *KB_NAME;
|
||||
typedef struct keybox_name const * CONST_KB_NAME;
|
||||
struct keybox_name {
|
||||
struct keybox_name *next;
|
||||
typedef struct keybox_name const *CONST_KB_NAME;
|
||||
struct keybox_name
|
||||
{
|
||||
/* Link to the next resources, so that we can walk all
|
||||
resources. */
|
||||
KB_NAME next;
|
||||
|
||||
/* True if this is a keybox with secret keys. */
|
||||
int secret;
|
||||
|
||||
/*DOTLOCK lockhd;*/
|
||||
|
||||
/* A table with all the handles accessing this resources.
|
||||
HANDLE_TABLE_SIZE gives the allocated length of this table unused
|
||||
entrues are set to NULL. HANDLE_TABLE may be NULL. */
|
||||
KEYBOX_HANDLE *handle_table;
|
||||
size_t handle_table_size;
|
||||
|
||||
/* Not yet used. */
|
||||
int is_locked;
|
||||
|
||||
/* Not yet used. */
|
||||
int did_full_scan;
|
||||
|
||||
/* The name of the resource file. */
|
||||
char fname[1];
|
||||
};
|
||||
|
||||
@ -129,6 +147,9 @@ typedef struct _keybox_openpgp_info *keybox_openpgp_info_t;
|
||||
/* int preserve_permissions; */
|
||||
/* } keybox_opt; */
|
||||
|
||||
/*-- keybox-init.c --*/
|
||||
void _keybox_close_file (KEYBOX_HANDLE hd);
|
||||
|
||||
|
||||
/*-- keybox-blob.c --*/
|
||||
#ifdef KEYBOX_WITH_OPENPGP
|
||||
|
@ -30,10 +30,9 @@
|
||||
static KB_NAME kb_names;
|
||||
|
||||
|
||||
/*
|
||||
Register a filename for plain keybox files. Returns a pointer to be
|
||||
used to create a handles etc or NULL to indicate that it has already
|
||||
been registered */
|
||||
/* Register a filename for plain keybox files. Returns a pointer to
|
||||
be used to create a handles and so on. Returns NULL to indicate
|
||||
that FNAME has already been registered. */
|
||||
void *
|
||||
keybox_register_file (const char *fname, int secret)
|
||||
{
|
||||
@ -50,6 +49,10 @@ keybox_register_file (const char *fname, int secret)
|
||||
return NULL;
|
||||
strcpy (kr->fname, fname);
|
||||
kr->secret = !!secret;
|
||||
|
||||
kr->handle_table = NULL;
|
||||
kr->handle_table_size = 0;
|
||||
|
||||
/* kr->lockhd = NULL;*/
|
||||
kr->is_locked = 0;
|
||||
kr->did_full_scan = 0;
|
||||
@ -83,6 +86,7 @@ keybox_new (void *token, int secret)
|
||||
{
|
||||
KEYBOX_HANDLE hd;
|
||||
KB_NAME resource = token;
|
||||
int idx;
|
||||
|
||||
assert (resource && !resource->secret == !secret);
|
||||
hd = xtrycalloc (1, sizeof *hd);
|
||||
@ -90,6 +94,43 @@ keybox_new (void *token, int secret)
|
||||
{
|
||||
hd->kb = resource;
|
||||
hd->secret = !!secret;
|
||||
if (!resource->handle_table)
|
||||
{
|
||||
resource->handle_table_size = 3;
|
||||
resource->handle_table = xtrycalloc (resource->handle_table_size,
|
||||
sizeof *resource->handle_table);
|
||||
if (!resource->handle_table)
|
||||
{
|
||||
resource->handle_table_size = 0;
|
||||
xfree (hd);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
for (idx=0; idx < resource->handle_table_size; idx++)
|
||||
if (!resource->handle_table[idx])
|
||||
{
|
||||
resource->handle_table[idx] = hd;
|
||||
break;
|
||||
}
|
||||
if (!(idx < resource->handle_table_size))
|
||||
{
|
||||
KEYBOX_HANDLE *tmptbl;
|
||||
size_t newsize;
|
||||
|
||||
newsize = resource->handle_table_size + 5;
|
||||
tmptbl = xtryrealloc (resource->handle_table,
|
||||
newsize * sizeof (*tmptbl));
|
||||
if (!tmptbl)
|
||||
{
|
||||
xfree (hd);
|
||||
return NULL;
|
||||
}
|
||||
resource->handle_table = tmptbl;
|
||||
resource->handle_table_size = newsize;
|
||||
resource->handle_table[idx] = hd;
|
||||
for (idx++; idx < resource->handle_table_size; idx++)
|
||||
resource->handle_table[idx] = NULL;
|
||||
}
|
||||
}
|
||||
return hd;
|
||||
}
|
||||
@ -99,6 +140,13 @@ keybox_release (KEYBOX_HANDLE hd)
|
||||
{
|
||||
if (!hd)
|
||||
return;
|
||||
if (hd->kb->handle_table)
|
||||
{
|
||||
int idx;
|
||||
for (idx=0; idx < hd->kb->handle_table_size; idx++)
|
||||
if (hd->kb->handle_table[idx] == hd)
|
||||
hd->kb->handle_table[idx] = NULL;
|
||||
}
|
||||
_keybox_release_blob (hd->found.blob);
|
||||
if (hd->fp)
|
||||
{
|
||||
@ -128,3 +176,27 @@ keybox_set_ephemeral (KEYBOX_HANDLE hd, int yes)
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Close the file of the resource identified by HD. For consistent
|
||||
results this fucntion closes the files of all handles pointing to
|
||||
the resource identified by HD. */
|
||||
void
|
||||
_keybox_close_file (KEYBOX_HANDLE hd)
|
||||
{
|
||||
int idx;
|
||||
KEYBOX_HANDLE roverhd;
|
||||
|
||||
if (!hd || !hd->kb || !hd->kb->handle_table)
|
||||
return;
|
||||
|
||||
for (idx=0; idx < hd->kb->handle_table_size; idx++)
|
||||
if ((roverhd = hd->kb->handle_table[idx]))
|
||||
{
|
||||
if (roverhd->fp)
|
||||
{
|
||||
fclose (roverhd->fp);
|
||||
roverhd->fp = NULL;
|
||||
}
|
||||
}
|
||||
assert (!hd->fp);
|
||||
}
|
||||
|
@ -458,7 +458,7 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr)
|
||||
#ifdef KEYBOX_WITH_X509
|
||||
/* Return true if the key in BLOB matches the 20 bytes keygrip GRIP.
|
||||
We don't have the keygrips as meta data, thus wen need to parse the
|
||||
certificate. Fixme: We might wat to return proper error codes
|
||||
certificate. Fixme: We might want to return proper error codes
|
||||
instead of failing a search for invalid certificates etc. */
|
||||
static int
|
||||
blob_x509_has_grip (KEYBOXBLOB blob, const unsigned char *grip)
|
||||
@ -750,10 +750,10 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
|
||||
}
|
||||
}
|
||||
|
||||
/* kludge: we need to convert an SN given as hexstring to it's
|
||||
binary representation - in some cases we are not able to store it
|
||||
in the search descriptor, because due to its usage it is not
|
||||
possible to free allocated memory */
|
||||
/* Kludge: We need to convert an SN given as hexstring to its binary
|
||||
representation - in some cases we are not able to store it in the
|
||||
search descriptor, because due to the way we use it, it is not
|
||||
possible to free allocated memory. */
|
||||
if (sn_array)
|
||||
{
|
||||
const unsigned char *s;
|
||||
|
@ -136,7 +136,7 @@ create_tmp_file (const char *template,
|
||||
xfree (bakfname);
|
||||
return tmperr;
|
||||
}
|
||||
|
||||
|
||||
*r_bakfname = bakfname;
|
||||
*r_tmpfname = tmpfname;
|
||||
return 0;
|
||||
@ -167,7 +167,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
|
||||
/* iobuf_ioctl (NULL, 2, 0, (char*)bakfname ); */
|
||||
/* iobuf_ioctl (NULL, 2, 0, (char*)fname ); */
|
||||
|
||||
/* first make a backup file except for secret keyboxs */
|
||||
/* First make a backup file except for secret keyboxes. */
|
||||
if (!secret)
|
||||
{
|
||||
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
|
||||
@ -179,7 +179,7 @@ rename_tmp_file (const char *bakfname, const char *tmpfname,
|
||||
}
|
||||
}
|
||||
|
||||
/* then rename the file */
|
||||
/* Then rename the file. */
|
||||
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
|
||||
remove (fname);
|
||||
#endif
|
||||
@ -386,12 +386,8 @@ keybox_insert_cert (KEYBOX_HANDLE hd, ksba_cert_t cert,
|
||||
|
||||
/* Close this one otherwise we will mess up the position for a next
|
||||
search. Fixme: it would be better to adjust the position after
|
||||
the write opertions. */
|
||||
if (hd->fp)
|
||||
{
|
||||
fclose (hd->fp);
|
||||
hd->fp = NULL;
|
||||
}
|
||||
the write operation. */
|
||||
_keybox_close_file (hd);
|
||||
|
||||
rc = _keybox_create_x509_blob (&blob, cert, sha1_digest, hd->ephemeral);
|
||||
if (!rc)
|
||||
@ -453,11 +449,7 @@ keybox_set_flags (KEYBOX_HANDLE hd, int what, int idx, unsigned int value)
|
||||
|
||||
off += flag_pos;
|
||||
|
||||
if (hd->fp)
|
||||
{
|
||||
fclose (hd->fp);
|
||||
hd->fp = NULL;
|
||||
}
|
||||
_keybox_close_file (hd);
|
||||
fp = fopen (hd->kb->fname, "r+b");
|
||||
if (!fp)
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
@ -522,12 +514,7 @@ keybox_delete (KEYBOX_HANDLE hd)
|
||||
return gpg_error (GPG_ERR_GENERAL);
|
||||
off += 4;
|
||||
|
||||
if (hd->fp)
|
||||
{
|
||||
fclose (hd->fp);
|
||||
hd->fp = NULL;
|
||||
}
|
||||
|
||||
_keybox_close_file (hd);
|
||||
fp = fopen (hd->kb->fname, "r+b");
|
||||
if (!fp)
|
||||
return gpg_error (gpg_err_code_from_errno (errno));
|
||||
@ -575,11 +562,7 @@ keybox_compress (KEYBOX_HANDLE hd)
|
||||
if (!fname)
|
||||
return gpg_error (GPG_ERR_INV_HANDLE);
|
||||
|
||||
if (hd->fp)
|
||||
{
|
||||
fclose (hd->fp);
|
||||
hd->fp = NULL;
|
||||
}
|
||||
_keybox_close_file (hd);
|
||||
|
||||
/* Open the source file. Because we do a rename, we have to check the
|
||||
permissions of the file */
|
||||
|
@ -703,7 +703,7 @@ lookup_status_cb (void *opaque, const char *line)
|
||||
}
|
||||
|
||||
|
||||
/* Run the Directroy Managers lookup command using the pattern
|
||||
/* Run the Directory Manager's lookup command using the pattern
|
||||
compiled from the strings given in NAMES. The caller must provide
|
||||
the callback CB which will be passed cert by cert. Note that CTRL
|
||||
is optional. With CACHE_ONLY the dirmngr will search only its own
|
||||
|
@ -596,9 +596,9 @@ find_up (ctrl_t ctrl, KEYDB_HANDLE kh,
|
||||
{
|
||||
rc = keydb_search_issuer_sn (kh, s, authidno);
|
||||
if (rc)
|
||||
keydb_search_reset (kh);
|
||||
keydb_search_reset (kh);
|
||||
|
||||
/* In case of an error, try to get the certifcate from the
|
||||
/* In case of an error, try to get the certificate from the
|
||||
dirmngr. That is done by trying to put that certifcate
|
||||
into the ephemeral DB and let the code below do the
|
||||
actual retrieve. Thus there is no error checking.
|
||||
|
@ -392,7 +392,7 @@ keydb_set_ephemeral (KEYDB_HANDLE hd, int yes)
|
||||
|
||||
|
||||
/* If the keyring has not yet been locked, lock it now. This
|
||||
operation is required before any update opeations; it is optionaly
|
||||
operation is required before any update operation; it is optional
|
||||
for an insert operation. The lock is released with
|
||||
keydb_released. */
|
||||
gpg_error_t
|
||||
|
Loading…
x
Reference in New Issue
Block a user