1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

gpg: Detect Keybox files and print a diagnostic.

* g10/keydb.c (KEYDB_RESOURCE_TYPE_KEYBOX): New.
(keydb_add_resource): Handle scheme "gnupg-kbx:".  Detect Keybox
magic.  Print wanrning note for Keybox.
(keydb_new, keydb_release, keydb_get_resource_name)
(lock_all, unlock_all, keydb_get_keyblock)
(keydb_update_keyblock, keydb_insert_keyblock, keydb_delete_keyblock)
(keydb_locate_writable, keydb_rebuild_caches, keydb_search_reset)
(keydb_search2): Ignore Keybox type in switches.
* g10/gpg.h (G10ERR_UNSUPPORTED): Map to correct gpg-error value.
--

GnuPG 2.1 will support Keybox files in GPG and thus users might see
weird error messages if they accidentally use a keybox file with 2.0.
Better print a note here.
This commit is contained in:
Werner Koch 2013-01-03 20:19:23 +01:00
parent c291ebaf6f
commit f395a3e7ef
2 changed files with 35 additions and 3 deletions

View File

@ -114,7 +114,7 @@ struct server_control_s
#define G10ERR_TRUSTDB GPG_ERR_TRUSTDB #define G10ERR_TRUSTDB GPG_ERR_TRUSTDB
#define G10ERR_UNEXPECTED GPG_ERR_UNEXPECTED #define G10ERR_UNEXPECTED GPG_ERR_UNEXPECTED
#define G10ERR_UNKNOWN_PACKET GPG_ERR_UNKNOWN_PACKET #define G10ERR_UNKNOWN_PACKET GPG_ERR_UNKNOWN_PACKET
#define G10ERR_UNSUPPORTED GPG_ERR_UNSUPPORTED #define G10ERR_UNSUPPORTED GPG_ERR_NOT_SUPPORTED
#define G10ERR_UNU_PUBKEY GPG_ERR_UNUSABLE_PUBKEY #define G10ERR_UNU_PUBKEY GPG_ERR_UNUSABLE_PUBKEY
#define G10ERR_UNU_SECKEY GPG_ERR_UNUSABLE_SECKEY #define G10ERR_UNU_SECKEY GPG_ERR_UNUSABLE_SECKEY
#define G10ERR_WRONG_SECKEY GPG_ERR_WRONG_SECKEY #define G10ERR_WRONG_SECKEY GPG_ERR_WRONG_SECKEY

View File

@ -1,6 +1,6 @@
/* keydb.c - key database dispatcher /* keydb.c - key database dispatcher
* Copyright (C) 2001, 2002, 2003, 2004, 2005, * Copyright (C) 2001, 2002, 2003, 2004, 2005,
* 2008, 2009 Free Software Foundation, Inc. * 2008, 2009, 2012 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -41,7 +41,8 @@ static int active_handles;
typedef enum { typedef enum {
KEYDB_RESOURCE_TYPE_NONE = 0, KEYDB_RESOURCE_TYPE_NONE = 0,
KEYDB_RESOURCE_TYPE_KEYRING KEYDB_RESOURCE_TYPE_KEYRING,
KEYDB_RESOURCE_TYPE_KEYBOX
} KeydbResourceType; } KeydbResourceType;
#define MAX_KEYDB_RESOURCES 40 #define MAX_KEYDB_RESOURCES 40
@ -236,6 +237,11 @@ keydb_add_resource (const char *url, int flags, int secret)
rt = KEYDB_RESOURCE_TYPE_KEYRING; rt = KEYDB_RESOURCE_TYPE_KEYRING;
resname += 11; resname += 11;
} }
else if (strlen (resname) > 10 && !strncmp (resname, "gnupg-kbx:", 10) )
{
rt = KEYDB_RESOURCE_TYPE_KEYBOX;
resname += 10;
}
#if !defined(HAVE_DRIVE_LETTERS) && !defined(__riscos__) #if !defined(HAVE_DRIVE_LETTERS) && !defined(__riscos__)
else if (strchr (resname, ':')) { else if (strchr (resname, ':')) {
log_error ("invalid key resource URL `%s'\n", url ); log_error ("invalid key resource URL `%s'\n", url );
@ -267,6 +273,11 @@ keydb_add_resource (const char *url, int flags, int secret)
if (fread( &magic, 4, 1, fp) == 1 ) { if (fread( &magic, 4, 1, fp) == 1 ) {
if (magic == 0x13579ace || magic == 0xce9a5713) if (magic == 0x13579ace || magic == 0xce9a5713)
; /* GDBM magic - no more support */ ; /* GDBM magic - no more support */
else if (fread (&magic, 4, 1, fp) == 1
&& !memcmp (&magic, "\x01", 1)
&& fread (&magic, 4, 1, fp) == 1
&& !memcmp (&magic, "KBXf", 4))
rt = KEYDB_RESOURCE_TYPE_KEYBOX;
else else
rt = KEYDB_RESOURCE_TYPE_KEYRING; rt = KEYDB_RESOURCE_TYPE_KEYRING;
} }
@ -314,6 +325,10 @@ keydb_add_resource (const char *url, int flags, int secret)
} }
break; break;
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = G10ERR_UNSUPPORTED;
goto leave;
default: default:
log_error ("resource type of `%s' not supported\n", url); log_error ("resource type of `%s' not supported\n", url);
rc = G10ERR_GENERAL; rc = G10ERR_GENERAL;
@ -335,6 +350,9 @@ keydb_add_resource (const char *url, int flags, int secret)
else else
log_error (_("keyblock resource `%s': %s\n"), log_error (_("keyblock resource `%s': %s\n"),
filename, g10_errstr(rc)); filename, g10_errstr(rc));
if (rt == KEYDB_RESOURCE_TYPE_KEYBOX)
log_error ("Note: This version of GPG does not support"
" the Keybox format\n");
} }
else if (secret) else if (secret)
any_secret = 1; any_secret = 1;
@ -364,6 +382,7 @@ keydb_new (int secret)
switch (all_resources[i].type) switch (all_resources[i].type)
{ {
case KEYDB_RESOURCE_TYPE_NONE: /* ignore */ case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
case KEYDB_RESOURCE_TYPE_KEYBOX: /* ignore */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
hd->active[j].type = all_resources[i].type; hd->active[j].type = all_resources[i].type;
@ -398,6 +417,7 @@ keydb_release (KEYDB_HANDLE hd)
for (i=0; i < hd->used; i++) { for (i=0; i < hd->used; i++) {
switch (hd->active[i].type) { switch (hd->active[i].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
keyring_release (hd->active[i].u.kr); keyring_release (hd->active[i].u.kr);
@ -435,6 +455,7 @@ keydb_get_resource_name (KEYDB_HANDLE hd)
switch (hd->active[idx].type) { switch (hd->active[idx].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
s = NULL; s = NULL;
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -455,6 +476,7 @@ lock_all (KEYDB_HANDLE hd)
for (i=0; !rc && i < hd->used; i++) { for (i=0; !rc && i < hd->used; i++) {
switch (hd->active[i].type) { switch (hd->active[i].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
rc = keyring_lock (hd->active[i].u.kr, 1); rc = keyring_lock (hd->active[i].u.kr, 1);
@ -467,6 +489,7 @@ lock_all (KEYDB_HANDLE hd)
for (i--; i >= 0; i--) { for (i--; i >= 0; i--) {
switch (hd->active[i].type) { switch (hd->active[i].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
keyring_lock (hd->active[i].u.kr, 0); keyring_lock (hd->active[i].u.kr, 0);
@ -491,6 +514,7 @@ unlock_all (KEYDB_HANDLE hd)
for (i=hd->used-1; i >= 0; i--) { for (i=hd->used-1; i >= 0; i--) {
switch (hd->active[i].type) { switch (hd->active[i].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
keyring_lock (hd->active[i].u.kr, 0); keyring_lock (hd->active[i].u.kr, 0);
@ -520,6 +544,7 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
switch (hd->active[hd->found].type) { switch (hd->active[hd->found].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = G10ERR_GENERAL; /* oops */ rc = G10ERR_GENERAL; /* oops */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -553,6 +578,7 @@ keydb_update_keyblock (KEYDB_HANDLE hd, KBNODE kb)
switch (hd->active[hd->found].type) { switch (hd->active[hd->found].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = G10ERR_GENERAL; /* oops */ rc = G10ERR_GENERAL; /* oops */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -593,6 +619,7 @@ keydb_insert_keyblock (KEYDB_HANDLE hd, KBNODE kb)
switch (hd->active[idx].type) { switch (hd->active[idx].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = G10ERR_GENERAL; /* oops */ rc = G10ERR_GENERAL; /* oops */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -628,6 +655,7 @@ keydb_delete_keyblock (KEYDB_HANDLE hd)
switch (hd->active[hd->found].type) { switch (hd->active[hd->found].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
rc = G10ERR_GENERAL; /* oops */ rc = G10ERR_GENERAL; /* oops */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -683,6 +711,7 @@ keydb_locate_writable (KEYDB_HANDLE hd, const char *reserved)
switch (hd->active[hd->current].type) switch (hd->active[hd->current].type)
{ {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
BUG(); BUG();
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
@ -712,6 +741,7 @@ keydb_rebuild_caches (int noisy)
switch (all_resources[i].type) switch (all_resources[i].type)
{ {
case KEYDB_RESOURCE_TYPE_NONE: /* ignore */ case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
case KEYDB_RESOURCE_TYPE_KEYBOX: /* ignore */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
rc = keyring_rebuild_cache (all_resources[i].token,noisy); rc = keyring_rebuild_cache (all_resources[i].token,noisy);
@ -742,6 +772,7 @@ keydb_search_reset (KEYDB_HANDLE hd)
for (i=0; !rc && i < hd->used; i++) { for (i=0; !rc && i < hd->used; i++) {
switch (hd->active[i].type) { switch (hd->active[i].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING:
rc = keyring_search_reset (hd->active[i].u.kr); rc = keyring_search_reset (hd->active[i].u.kr);
@ -768,6 +799,7 @@ keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
while (rc == -1 && hd->current >= 0 && hd->current < hd->used) { while (rc == -1 && hd->current >= 0 && hd->current < hd->used) {
switch (hd->active[hd->current].type) { switch (hd->active[hd->current].type) {
case KEYDB_RESOURCE_TYPE_NONE: case KEYDB_RESOURCE_TYPE_NONE:
case KEYDB_RESOURCE_TYPE_KEYBOX:
BUG(); /* we should never see it here */ BUG(); /* we should never see it here */
break; break;
case KEYDB_RESOURCE_TYPE_KEYRING: case KEYDB_RESOURCE_TYPE_KEYRING: