1
1
/* keyring.c - keyring file handling
2
* Copyright (C) 2001, 2003 Free Software Foundation, Inc.
2
* Copyright (C) 2001, 2004 Free Software Foundation, Inc.
4
4
* This file is part of GnuPG.
6
6
* GnuPG is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
8
* the Free Software Foundation; either version 3 of the License, or
9
9
* (at your option) any later version.
11
11
* GnuPG is distributed in the hope that it will be useful,
14
14
* GNU General Public License for more details.
16
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
17
* along with this program; if not, see <http://www.gnu.org/licenses/>.
21
20
#include <config.h>
208
207
for (kr=kr_names; kr; kr = kr->next)
210
if ( !compare_filenames (kr->fname, fname) )
209
if (same_file_p (kr->fname, fname))
213
return 0; /* already registered */
212
return 0; /* Already registered. */
217
register_secured_file (fname);
217
219
kr = xmalloc (sizeof *kr + strlen (fname));
218
220
strcpy (kr->fname, fname);
219
221
kr->secret = !!secret;
369
371
return -1; /* no successful search */
371
373
a = iobuf_open (hd->found.kr->fname);
373
log_error ("can't open `%s'\n", hd->found.kr->fname);
374
return GPG_ERR_KEYRING_OPEN;
376
log_error(_("can't open `%s'\n"), hd->found.kr->fname);
377
return G10ERR_KEYRING_OPEN;
377
380
if (iobuf_seek (a, hd->found.offset) ) {
378
381
log_error ("can't seek `%s'\n", hd->found.kr->fname);
380
return GPG_ERR_KEYRING_OPEN;
383
return G10ERR_KEYRING_OPEN;
383
386
pkt = xmalloc (sizeof *pkt);
387
390
save_mode = set_packet_list_mode(0);
388
391
while ((rc=parse_packet (a, pkt)) != -1) {
389
392
hd->found.n_packets++;
390
if (gpg_err_code (rc) == GPG_ERR_UNKNOWN_PACKET) {
393
if (rc == G10ERR_UNKNOWN_PACKET) {
391
394
free_packet (pkt);
392
395
init_packet (pkt);
396
399
log_error ("keyring_get_keyblock: read error: %s\n",
398
rc = GPG_ERR_INV_KEYRING;
401
rc = G10ERR_INV_KEYRING;
401
404
if (pkt->pkttype == PKT_COMPRESSED) {
496
499
/* need to know the number of packets - do a dummy get_keyblock*/
497
500
rc = keyring_get_keyblock (hd, NULL);
499
log_error ("re-reading keyblock failed: %s\n", gpg_strerror (rc));
502
log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc));
502
505
if (!hd->found.n_packets)
572
575
/* need to know the number of packets - do a dummy get_keyblock*/
573
576
rc = keyring_get_keyblock (hd, NULL);
575
log_error ("re-reading keyblock failed: %s\n", gpg_strerror (rc));
578
log_error ("re-reading keyblock failed: %s\n", g10_errstr (rc));
578
581
if (!hd->found.n_packets)
655
658
hd->current.eof = 0;
656
659
hd->current.iobuf = iobuf_open (hd->current.kr->fname);
657
if (!hd->current.iobuf) {
658
hd->current.error = gpg_error_from_errno (errno);
659
log_error ("can't open `%s'\n", hd->current.kr->fname );
660
if (!hd->current.iobuf)
662
hd->current.error = gpg_error_from_syserror ();
663
log_error(_("can't open `%s'\n"), hd->current.kr->fname );
660
664
return hd->current.error;
778
782
/* the original length is always enough for the pattern */
779
p = pattern = xmalloc (strlen(name)+1);
783
p = pattern = xmalloc(strlen(name)+1);
781
785
/* skip leading delimiters */
782
786
while( *name && !word_match_chars[*name] )
1085
1089
for (n=any_skip?0:ndesc; n < ndesc; n++)
1087
1091
if (desc[n].skipfnc
1088
&& desc[n].skipfnc (desc[n].skipfncvalue, aki))
1092
&& desc[n].skipfnc (desc[n].skipfncvalue, aki, uid))
1091
1095
if (n == ndesc)
1143
1147
create_tmp_file (const char *template,
1144
char **r_bakfname, char **r_tmpfname, iobuf_t *r_fp)
1148
char **r_bakfname, char **r_tmpfname, IOBUF *r_fp)
1146
1150
char *bakfname, *tmpfname;
1147
1151
mode_t oldmask;
1185
1189
/* Create the temp file with limited access */
1186
1190
oldmask=umask(077);
1187
*r_fp = iobuf_create (tmpfname);
1191
if (is_secured_filename (tmpfname))
1197
*r_fp = iobuf_create (tmpfname);
1188
1198
umask(oldmask);
1190
int tmperr = gpg_error_from_errno (errno);
1191
log_error ("can't create `%s': %s\n", tmpfname, strerror(errno) );
1201
int rc = gpg_error_from_syserror ();
1202
log_error(_("can't create `%s': %s\n"), tmpfname, strerror(errno) );
1192
1203
xfree (tmpfname);
1193
1204
xfree (bakfname);
1197
1208
*r_bakfname = bakfname;
1198
1209
*r_tmpfname = tmpfname;
1220
1231
if (rename (fname, bakfname) )
1222
int tmperr = gpg_error_from_errno (errno);
1233
rc = gpg_error_from_syserror ();
1223
1234
log_error ("renaming `%s' to `%s' failed: %s\n",
1224
1235
fname, bakfname, strerror(errno) );
1230
1241
#if defined(HAVE_DOSISH_SYSTEM) || defined(__riscos__)
1231
1242
remove( fname );
1245
unregister_secured_file (fname);
1233
1246
if (rename (tmpfname, fname) )
1235
rc = gpg_error_from_errno (errno);
1236
log_error ("renaming `%s' to `%s' failed: %s\n",
1248
rc = gpg_error_from_syserror ();
1249
log_error (_("renaming `%s' to `%s' failed: %s\n"),
1237
1250
tmpfname, fname, strerror(errno) );
1251
register_secured_file (fname);
1240
1254
log_info(_("WARNING: 2 files with confidential"
1272
write_keyblock (iobuf_t fp, KBNODE keyblock)
1286
write_keyblock (IOBUF fp, KBNODE keyblock)
1274
1288
KBNODE kbctx = NULL, node;
1282
1296
if ( (rc = build_packet (fp, node->pkt) ))
1284
1298
log_error ("build_packet(%d) failed: %s\n",
1285
node->pkt->pkttype, gpg_strerror (rc) );
1299
node->pkt->pkttype, g10_errstr(rc) );
1288
1302
if (node->pkt->pkttype == PKT_SIGNATURE)
1299
1313
iobuf_put (fp, 0xb0); /* old style packet 12, 1 byte len*/
1300
1314
iobuf_put (fp, 2); /* 2 bytes */
1301
1315
iobuf_put (fp, 0); /* unused */
1302
if (iobuf_put (fp, cacheval)) {
1303
int tmperr = gpg_error_from_errno (errno);
1304
log_error ("writing sigcache packet failed\n");
1316
if (iobuf_put (fp, cacheval))
1318
rc = gpg_error_from_syserror ();
1319
log_error ("writing sigcache packet failed\n");
1315
1330
* This is only done for the public keyrings.
1318
keyring_rebuild_cache (void *token)
1333
keyring_rebuild_cache (void *token,int noisy)
1320
1335
KEYRING_HANDLE hd;
1321
1336
KEYDB_SEARCH_DESC desc;
1322
1337
KBNODE keyblock = NULL, node;
1323
1338
const char *lastresname = NULL, *resname;
1324
iobuf_t tmpfp = NULL;
1325
1340
char *tmpfilename = NULL;
1326
1341
char *bakfilename = NULL;
1346
1361
if (iobuf_close (tmpfp))
1348
rc = gpg_error_from_errno (errno);
1363
rc = gpg_error_from_syserror ();
1349
1364
log_error ("error closing `%s': %s\n",
1350
1365
tmpfilename, strerror (errno));
1363
1378
lastresname = resname;
1365
log_info (_("checking keyring `%s'\n"), resname);
1379
if (noisy && !opt.quiet)
1380
log_info (_("caching keyring `%s'\n"), resname);
1366
1381
rc = create_tmp_file (resname, &bakfilename, &tmpfilename, &tmpfp);
1372
1387
rc = keyring_get_keyblock (hd, &keyblock);
1375
log_error ("keyring_get_keyblock failed: %s\n", gpg_strerror (rc));
1390
log_error ("keyring_get_keyblock failed: %s\n", g10_errstr(rc));
1378
1393
assert (keyblock->pkt->pkttype == PKT_PUBLIC_KEY);
1380
1395
/* check all signature to set the signature's cache flags */
1381
1396
for (node=keyblock; node; node=node->next)
1398
/* Note that this doesn't cache the result of a revocation
1399
issued by a designated revoker. This is because the pk
1400
in question does not carry the revkeys as we haven't
1401
merged the key and selfsigs. It is questionable whether
1402
this matters very much since there are very very few
1403
designated revoker revocation packets out there. */
1383
1405
if (node->pkt->pkttype == PKT_SIGNATURE)
1385
/* Note that this doesn't cache the result of a
1386
revocation issued by a designated revoker. This is
1387
because the pk in question does not carry the revkeys
1388
as we haven't merged the key and selfsigs. It is
1389
questionable whether this matters very much since
1390
there are very very few designated revoker revocation
1391
packets out there. */
1392
check_key_signature (keyblock, node, NULL);
1407
PKT_signature *sig=node->pkt->pkt.signature;
1409
if(!opt.no_sig_cache && sig->flags.checked && sig->flags.valid
1410
&& (openpgp_md_test_algo(sig->digest_algo)
1411
|| openpgp_pk_test_algo(sig->pubkey_algo)))
1412
sig->flags.checked=sig->flags.valid=0;
1414
check_key_signature (keyblock, node, NULL);
1402
if ( !(++count % 50) && !opt.quiet)
1403
log_info(_("%lu keys checked so far (%lu signatures)\n"),
1425
if ( !(++count % 50) && noisy && !opt.quiet)
1426
log_info(_("%lu keys cached so far (%lu signatures)\n"),
1404
1427
count, sigcount );
1406
1429
} /* end main loop */
1411
log_error ("keyring_search failed: %s\n", gpg_strerror (rc));
1434
log_error ("keyring_search failed: %s\n", g10_errstr(rc));
1414
log_info(_("%lu keys checked (%lu signatures)\n"), count, sigcount );
1437
if(noisy || opt.verbose)
1438
log_info(_("%lu keys cached (%lu signatures)\n"), count, sigcount );
1417
1441
if (iobuf_close (tmpfp))
1419
rc = gpg_error_from_errno (errno);
1443
rc = gpg_error_from_syserror ();
1420
1444
log_error ("error closing `%s': %s\n",
1421
1445
tmpfilename, strerror (errno));
1452
1476
do_copy (int mode, const char *fname, KBNODE root, int secret,
1453
1477
off_t start_offset, unsigned int n_packets )
1457
1481
char *bakfname = NULL;
1458
1482
char *tmpfname = NULL;
1460
/* Open the source file. Because we do a rname, we have to check the
1484
/* Open the source file. Because we do a rename, we have to check the
1461
1485
permissions of the file */
1462
1486
if (access (fname, W_OK))
1463
return gpg_error_from_errno (errno);
1487
return gpg_error_from_syserror ();
1466
1489
fp = iobuf_open (fname);
1467
1490
if (mode == 1 && !fp && errno == ENOENT) {
1470
1493
mode_t oldmask;
1472
1495
oldmask=umask(077);
1473
newfp = iobuf_create (fname);
1496
if (!secret && is_secured_filename (fname)) {
1501
newfp = iobuf_create (fname);
1474
1502
umask(oldmask);
1476
int tmperr = gpg_error_from_errno (errno);
1477
log_error (_("%s: can't create: %s\n"),
1478
fname, strerror(errno));
1505
rc = gpg_error_from_syserror ();
1506
log_error (_("can't create `%s': %s\n"), fname, strerror(errno));
1481
1509
if( !opt.quiet )
1482
1510
log_info(_("%s: keyring created\n"), fname );
1485
1513
while ( (node = walk_kbnode( root, &kbctx, 0 )) ) {
1486
1514
if( (rc = build_packet( newfp, node->pkt )) ) {
1487
1515
log_error("build_packet(%d) failed: %s\n",
1488
node->pkt->pkttype, gpg_strerror (rc) );
1516
node->pkt->pkttype, g10_errstr(rc) );
1489
1517
iobuf_cancel(newfp);
1493
if (iobuf_close(newfp)) {
1494
int tmperr = gpg_error_from_errno (errno);
1521
if( iobuf_close(newfp) ) {
1522
rc = gpg_error_from_syserror ();
1495
1523
log_error ("%s: close failed: %s\n", fname, strerror(errno));
1498
1526
return 0; /* ready */
1502
rc = gpg_error_from_errno (errno);
1503
log_error ("%s: can't open: %s\n", fname, strerror(errno) );
1531
rc = gpg_error_from_syserror ();
1532
log_error(_("can't open `%s': %s\n"), fname, strerror(errno) );
1507
/* create the new file */
1536
/* Create the new file. */
1508
1537
rc = create_tmp_file (fname, &bakfname, &tmpfname, &newfp);
1510
1539
iobuf_close(fp);
1543
register_secured_file (tmpfname);
1513
1545
if( mode == 1 ) { /* insert */
1514
1546
/* copy everything to the new file */
1515
1547
rc = copy_all_packets (fp, newfp);
1516
1548
if( rc != -1 ) {
1517
1549
log_error("%s: copy to `%s' failed: %s\n",
1518
fname, tmpfname, gpg_strerror (rc) );
1550
fname, tmpfname, g10_errstr(rc) );
1519
1551
iobuf_close(fp);
1553
unregister_secured_file (tmpfname);
1520
1554
iobuf_cancel(newfp);
1528
1562
rc = copy_some_packets( fp, newfp, start_offset );
1529
1563
if( rc ) { /* should never get EOF here */
1530
1564
log_error ("%s: copy to `%s' failed: %s\n",
1531
fname, tmpfname, gpg_strerror (rc) );
1565
fname, tmpfname, g10_errstr(rc) );
1532
1566
iobuf_close(fp);
1568
unregister_secured_file (tmpfname);
1533
1569
iobuf_cancel(newfp);
1538
1574
rc = skip_some_packets( fp, n_packets );
1540
1576
log_error("%s: skipping %u packets failed: %s\n",
1541
fname, n_packets, gpg_strerror (rc));
1577
fname, n_packets, g10_errstr(rc));
1542
1578
iobuf_close(fp);
1580
unregister_secured_file (tmpfname);
1543
1581
iobuf_cancel(newfp);
1559
1599
rc = copy_all_packets( fp, newfp );
1560
1600
if( rc != -1 ) {
1561
1601
log_error("%s: copy to `%s' failed: %s\n",
1562
fname, tmpfname, gpg_strerror (rc) );
1602
fname, tmpfname, g10_errstr(rc) );
1563
1603
iobuf_close(fp);
1605
unregister_secured_file (tmpfname);
1564
1606
iobuf_cancel(newfp);
1570
1612
/* close both files */
1571
1613
if( iobuf_close(fp) ) {
1572
rc = gpg_error_from_errno (errno);
1614
rc = gpg_error_from_syserror ();
1573
1615
log_error("%s: close failed: %s\n", fname, strerror(errno) );
1576
1618
if( iobuf_close(newfp) ) {
1577
rc = gpg_error_from_errno (errno);
1619
rc = gpg_error_from_syserror ();
1578
1620
log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
added
removed
g10/keyring.c
