security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-05-27 21:41:23 +02:00
Code Activity

sm: Do away with the locked flag in keydb.c

Browse Source 
* sm/keydb.c (struct keydb_handle): Remove field locked.
(keydb_lock): Remove use of locked flag.
(lock_all): Ditto.
(unlock_all): Ditto.
(keydb_set_flags): Use dotlock_is_locked instead of the locked flag.
(keydb_insert_cert): Ditto.
(keydb_delete): Ditto.
(keydb_search): s/keydb_lock/lock_all/.
(keydb_set_cert_flags): Ditto.
(keydb_clear_some_cert_flags): Ditto.

* sm/keydb.c (maybe_create_keybox): s/access/gnupg_access/.
--

We already keep the lock state in the dotlock module so it does not
make sense to add and sync another one here.  Instead we use a new
dotlock function to test whether we are locked.
This commit is contained in:
Werner Koch 2021-03-02 18:40:12 +01:00
parent 67b82a9c60
commit f3e68e39da
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 15 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
sm/keydb.c
View File

@ -58,7 +58,6 @@ static int any_registered;
struct keydb_handle { struct keydb_handle {
int locked;
int found; int found;
int saved_found; int saved_found;
int current; int current;
@ -147,7 +146,7 @@ maybe_create_keybox (char *filename, int force, int *r_created)
} }
*last_slash_in_filename = save_slash; *last_slash_in_filename = save_slash;
/* To avoid races with other instances of gpg trying to create or /* To avoid races with other instances of gpg/gpgsm trying to create or
update the keybox (it is removed during an update for a short update the keybox (it is removed during an update for a short
time), we do the next stuff in a locked state. */ time), we do the next stuff in a locked state. */
lockhd = dotlock_create (filename, 0); lockhd = dotlock_create (filename, 0);
@ -175,7 +174,7 @@ maybe_create_keybox (char *filename, int force, int *r_created)
} }
/* Now the real test while we are locked. */ /* Now the real test while we are locked. */
if (!access(filename, F_OK)) if (!gnupg_access(filename, F_OK))
{ {
rc = 0; /* Okay, we may access the file now. */ rc = 0; /* Okay, we may access the file now. */
goto leave; goto leave;
@ -522,22 +521,22 @@ keydb_set_ephemeral (KEYDB_HANDLE hd, int yes)
} }
/* If the keyring has not yet been locked, lock it now. This /* If the keyring has not yet been locked, lock it now. This
operation is required before any update operation; it is optional operation is required before any update operation; On Windows it is
for an insert operation. The lock is released with always required to disallow other processes to open the file which
keydb_released. */ in turn would inhibit our copy+update+rename method. The lock is
released with keydb_released. */
gpg_error_t gpg_error_t
keydb_lock (KEYDB_HANDLE hd) keydb_lock (KEYDB_HANDLE hd)
{ {
if (!hd) if (!hd)
return gpg_error (GPG_ERR_INV_HANDLE); return gpg_error (GPG_ERR_INV_HANDLE);
if (hd->locked)
return 0; /* Already locked. */
return lock_all (hd); return lock_all (hd);
} }
/* Same as keydb_lock but no check for an invalid HD. */
static int static int
lock_all (KEYDB_HANDLE hd) lock_all (KEYDB_HANDLE hd)
{ {
@ -577,8 +576,6 @@ lock_all (KEYDB_HANDLE hd)
} }
} }
} }
else
hd->locked = 1;
/* make_dotlock () does not yet guarantee that errno is set, thus /* make_dotlock () does not yet guarantee that errno is set, thus
we can't rely on the error reason and will simply use we can't rely on the error reason and will simply use
@ -586,14 +583,12 @@ lock_all (KEYDB_HANDLE hd)
return rc? gpg_error (GPG_ERR_EACCES) : 0; return rc? gpg_error (GPG_ERR_EACCES) : 0;
} }
static void static void
unlock_all (KEYDB_HANDLE hd) unlock_all (KEYDB_HANDLE hd)
{ {
int i; int i;
if (!hd->locked)
return;
for (i=hd->used-1; i >= 0; i--) for (i=hd->used-1; i >= 0; i--)
{ {
switch (hd->active[i].type) switch (hd->active[i].type)
@ -606,7 +601,6 @@ unlock_all (KEYDB_HANDLE hd)
break; break;
} }
} }
hd->locked = 0;
} }
@ -736,7 +730,7 @@ keydb_set_flags (KEYDB_HANDLE hd, int which, int idx, unsigned int value)
if ( hd->found < 0 || hd->found >= hd->used) if ( hd->found < 0 || hd->found >= hd->used)
return gpg_error (GPG_ERR_NOTHING_FOUND); return gpg_error (GPG_ERR_NOTHING_FOUND);
if (!hd->locked) if (!dotlock_is_locked (hd->active[hd->found].lockhandle))
return gpg_error (GPG_ERR_NOT_LOCKED); return gpg_error (GPG_ERR_NOT_LOCKED);
switch (hd->active[hd->found].type) switch (hd->active[hd->found].type)
@ -775,7 +769,7 @@ keydb_insert_cert (KEYDB_HANDLE hd, ksba_cert_t cert)
else else
return gpg_error (GPG_ERR_GENERAL); return gpg_error (GPG_ERR_GENERAL);
if (!hd->locked) if (!dotlock_is_locked (hd->active[idx].lockhandle))
return gpg_error (GPG_ERR_NOT_LOCKED); return gpg_error (GPG_ERR_NOT_LOCKED);
gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); /* kludge*/ gpgsm_get_fingerprint (cert, GCRY_MD_SHA1, digest, NULL); /* kludge*/
@ -812,7 +806,7 @@ keydb_delete (KEYDB_HANDLE hd, int unlock)
if( opt.dry_run ) if( opt.dry_run )
return 0; return 0;
if (!hd->locked) if (!dotlock_is_locked (hd->active[hd->found].lockhandle))
return gpg_error (GPG_ERR_NOT_LOCKED); return gpg_error (GPG_ERR_NOT_LOCKED);
switch (hd->active[hd->found].type) switch (hd->active[hd->found].type)
@ -944,7 +938,7 @@ keydb_search (ctrl_t ctrl, KEYDB_HANDLE hd,
return gpg_error (GPG_ERR_NOT_FOUND); return gpg_error (GPG_ERR_NOT_FOUND);
} }
rc = keydb_lock (hd); rc = lock_all (hd);
if (rc) if (rc)
return rc; return rc;
rc = -1; rc = -1;
@ -1189,7 +1183,7 @@ keydb_set_cert_flags (ctrl_t ctrl, ksba_cert_t cert, int ephemeral,
keydb_set_ephemeral (kh, 1); keydb_set_ephemeral (kh, 1);
keydb_close_all_files (); keydb_close_all_files ();
err = keydb_lock (kh); err = lock_all (kh);
if (err) if (err)
{ {
log_error (_("error locking keybox: %s\n"), gpg_strerror (err)); log_error (_("error locking keybox: %s\n"), gpg_strerror (err));
@ -1288,7 +1282,7 @@ keydb_clear_some_cert_flags (ctrl_t ctrl, strlist_t names)
} }
keydb_close_all_files (); keydb_close_all_files ();
err = keydb_lock (hd); err = lock_all (hd);
if (err) if (err)
{ {
log_error (_("error locking keybox: %s\n"), gpg_strerror (err)); log_error (_("error locking keybox: %s\n"), gpg_strerror (err));