1
/* ringedit.c - Function for key ring editing
2
* Copyright (C) 1998, 2000 Free Software Foundation, Inc.
4
* This file is part of GnuPG.
6
* GnuPG is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; either version 2 of the License, or
9
* (at your option) any later version.
11
* GnuPG is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with this program; if not, write to the Free Software
18
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
23
* This module supplies function for:
25
* - Search for a key block (pubkey and all other stuff) and return a
28
* - Lock/Unlock a key block
30
* - Read a key block into a tree
32
* - Update a key block
34
* - Insert a new key block
36
* - Delete a key block
47
#include <sys/types.h>
49
#include <unistd.h> /* for truncate */
66
struct resource_table_struct {
68
int secret; /* this is a secret keyring */
71
enum resource_type rt;
75
typedef struct resource_table_struct RESTBL;
78
struct keyblock_pos_struct {
79
int resno; /* resource number */
80
enum resource_type rt;
81
ulong offset; /* position information */
82
unsigned count; /* length of the keyblock in packets */
83
IOBUF fp; /* used by enum_keyblocks */
84
int secret; /* working on a secret keyring */
85
PACKET *pkt; /* ditto */
93
#define MAX_RESOURCES 10
94
static RESTBL resource_table[MAX_RESOURCES];
95
static int default_public_resource;
96
static int default_secret_resource;
98
static int keyring_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs );
99
static int keyring_copy( KBPOS kbpos, int mode, KBNODE root );
101
static int do_kbxf_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs );
102
static int do_kbxf_copy( KBPOS kbpos, int mode, KBNODE root );
106
check_pos( KBPOS kbpos )
108
if( kbpos->resno < 0 || kbpos->resno >= MAX_RESOURCES )
110
if( !resource_table[kbpos->resno].used )
112
return resource_table + kbpos->resno;
117
* Hmmm, how to avoid deadlock? They should not happen if everyone
118
* locks the key resources in the same order; but who knows.
119
* A solution is to use only one lock file in the gnupg homedir but
120
* what will happen with key resources which normally don't belong
121
* to the gpg homedir?
124
lock_rentry( RESTBL *rentry )
126
if( !rentry->lockhd ) {
127
rentry->lockhd = create_dotlock( rentry->fname );
128
if( !rentry->lockhd )
129
log_fatal("can't allocate lock for `%s'\n", rentry->fname );
130
rentry->is_locked = 0;
132
if( !rentry->is_locked ) {
133
if( make_dotlock( rentry->lockhd, -1 ) )
134
log_fatal("can't lock `%s'\n", rentry->fname );
135
rentry->is_locked = 1;
140
unlock_rentry( RESTBL *rentry )
144
if( !release_dotlock( rentry->lockhd ) )
145
rentry->is_locked = 0;
149
/****************************************************************
150
****************** public functions ****************************
151
****************************************************************/
154
* Get the name of the keyrings, start with a sequence number pointing to a 0.
157
enum_keyblock_resources( int *sequence, int secret )
160
const char *name = NULL;
162
for(; i < MAX_RESOURCES; i++ )
163
if( resource_table[i].used && !resource_table[i].secret == !secret ) {
164
if( resource_table[i].fname ) {
165
name = resource_table[i].fname;
175
* Register a resource (which currently may only be a keyring file).
176
* The first keyring which is added by this function is
177
* created if it does not exist.
178
* Note: this function may be called before secure memory is
182
add_keyblock_resource( const char *url, int force, int secret )
184
static int any_secret, any_public;
185
const char *resname = url;
188
char *filename = NULL;
190
enum resource_type rt = rt_UNKNOWN;
193
/* Do we have an URL?
194
* gnupg-kbxf:filename := this is a KBX file resource
195
* gnupg-ring:filename := this is a plain keyring
196
* filename := See what is is, but create as plain keyring.
198
if( strlen( resname ) > 11 ) {
199
if( !strncmp( resname, "gnupg-ring:", 11 ) ) {
203
else if( !strncmp( resname, "gnupg-kbxf:", 11 ) ) {
207
#ifndef HAVE_DRIVE_LETTERS
208
else if( strchr( resname, ':' ) ) {
209
log_error("%s: invalid URL\n", url );
216
if( *resname != '/' ) { /* do tilde expansion etc */
217
if( strchr(resname, '/') )
218
filename = make_filename(resname, NULL);
220
filename = make_filename(opt.homedir, resname, NULL);
223
filename = gcry_xstrdup( resname );
226
force = secret? !any_secret : !any_public;
228
for(i=0; i < MAX_RESOURCES; i++ )
229
if( !resource_table[i].used )
231
if( i == MAX_RESOURCES ) {
232
rc = GPGERR_RESOURCE_LIMIT;
236
/* see whether we can determine the filetype */
237
if( rt == rt_UNKNOWN ) {
238
FILE *fp = fopen( filename, "rb" );
243
if( fread( &magic, 4, 1, fp) == 1 ) {
247
if( fread( buf, 8, 1, fp) == 1 ) {
248
if( !memcmp( buf+4, "KBXf", 4 )
249
&& buf[0] == 1 && buf[1] == 1 ) {
254
else /* maybe empty: assume ring */
258
else /* no file yet: create ring */
264
log_error("%s: unknown resource type\n", url );
270
iobuf = iobuf_open( filename );
271
if( !iobuf && !force ) {
272
rc = GPGERR_OPEN_FILE;
277
char *last_slash_in_filename;
279
last_slash_in_filename = strrchr(filename, '/');
280
*last_slash_in_filename = 0;
282
if( access(filename, F_OK) ) {
283
/* on the first time we try to create the default homedir and
284
* in this case the process will be terminated, so that on the
285
* next invocation it can read the options file in on startup
287
try_make_homedir( filename );
288
rc = GPGERR_OPEN_FILE;
292
*last_slash_in_filename = '/';
294
iobuf = iobuf_create( filename );
296
log_error(_("%s: can't create keyring: %s\n"),
297
filename, strerror(errno));
298
rc = GPGERR_OPEN_FILE;
302
#ifndef HAVE_DOSISH_SYSTEM
304
if( chmod( filename, S_IRUSR | S_IWUSR ) ) {
305
log_error("%s: chmod failed: %s\n",
306
filename, strerror(errno) );
307
rc = GPGERR_WRITE_FILE;
313
log_info(_("%s: keyring created\n"), filename );
316
#if HAVE_DOSISH_SYSTEM || 1
317
iobuf_close( iobuf );
319
/* must close it again */
325
log_error("%s: unsupported resource type\n", url );
330
#ifndef HAVE_DOSISH_SYSTEM
331
#if 0 /* fixme: check directory permissions and print a warning */
337
/* fixme: avoid duplicate resources */
338
resource_table[i].used = 1;
339
resource_table[i].secret = !!secret;
340
resource_table[i].fname = gcry_xstrdup(filename);
341
resource_table[i].iobuf = iobuf;
342
resource_table[i].rt = rt;
344
default_secret_resource = i;
346
default_public_resource = i;
350
log_error("keyblock resource `%s': %s\n", filename, gpg_errstr(rc) );
355
gcry_free( filename );
360
* Return the resource name of the keyblock associated with KBPOS.
363
keyblock_resource_name( KBPOS kbpos )
367
if( !(rentry = check_pos( kbpos )) || !rentry->fname )
368
log_bug("no name for keyblock resource %d\n", kbpos->resno );
369
return rentry->fname;
374
* Get a keyblock handle KBPOS from a filename. This can be used
375
* to get a handle for insert_keyblock for a new keyblock.
376
* Using a filename of NULL returns the default resource
379
get_keyblock_handle( const char *filename, int secret, KBPOS kbpos )
384
i = secret? default_secret_resource : default_public_resource;
386
for(; i < MAX_RESOURCES; i++ ) {
387
if( resource_table[i].used && !resource_table[i].secret == !secret ) {
388
/* fixme: dos needs case insensitive file compare */
389
if( !filename || !strcmp( resource_table[i].fname, filename ) ) {
390
memset( kbpos, 0, sizeof *kbpos );
392
kbpos->rt = resource_table[i].rt;
397
return -1; /* not found */
402
* Return the filename of the firstkeyblock resource which is intended
403
* for write access. This will either be the default resource or in
404
* case this is not writable one of the others. If no writable is found,
405
* the default filename in the homedirectory will be returned.
406
* Caller must free, will never return NULL.
409
get_writable_keyblock_file( int secret )
411
int i = secret? default_secret_resource : default_public_resource;
413
if( resource_table[i].used && !resource_table[i].secret == !secret ) {
414
if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
415
return gcry_xstrdup( resource_table[i].fname );
418
for(i=0; i < MAX_RESOURCES; i++ ) {
419
if( resource_table[i].used && !resource_table[i].secret == !secret ) {
420
if( !access( resource_table[i].fname, R_OK|W_OK ) ) {
421
return gcry_xstrdup( resource_table[i].fname );
425
/* Assume the home dir is always writable */
426
return make_filename(opt.homedir, secret? "secring.gpg"
427
: "pubring.gpg", NULL );
432
ringedit_copy_kbpos ( KBPOS d, KBPOS s )
439
* Lock the keyblock; wait until it's available
440
* This function may change the internal data in kbpos, in cases
441
* when the keyblock to be locked has been modified.
442
* fixme: remove this function and add an option to search()?
445
lock_keyblock( KBPOS kbpos )
447
if( !check_pos(kbpos) )
448
return GPGERR_GENERAL;
453
* Release a lock on a keyblock
456
unlock_keyblock( KBPOS kbpos )
458
if( !check_pos(kbpos) )
464
enum_keyrings_open_helper( KBPOS kbpos, int where )
469
for(; i < MAX_RESOURCES; i++ )
470
if( resource_table[i].used
471
&& !resource_table[i].secret == !kbpos->secret )
473
if( i == MAX_RESOURCES )
474
return -1; /* no resources */
476
rentry = check_pos( kbpos );
477
kbpos->rt = resource_table[i].rt;
479
switch( kbpos->rt ) {
482
kbpos->fp = iobuf_open( rentry->fname );
484
log_error("can't open `%s'\n", rentry->fname );
485
return GPGERR_OPEN_FILE;
497
* This set of functions is used to scan over all keyrings.
498
* The mode in enum_keyblocks_next() is used liek this:
500
* 11 = read but skip signature and comment packets.
503
enum_keyblocks_begin( KBPOS *rkbpos, int use_secret )
510
kbpos = gcry_xcalloc( 1, sizeof *kbpos );
512
kbpos->rt = rt_UNKNOWN;
522
rc = enum_keyrings_open_helper( kbpos, i );
527
/* return the handle */
533
enum_keyblocks_end( KBPOS kbpos )
537
switch( kbpos->rt ) {
541
iobuf_close( kbpos->fp );
546
/* this happens when we have no keyring at all */
553
/* release pending packet */
554
free_packet( kbpos->pkt );
555
gcry_free( kbpos->pkt );
560
enum_keyblocks_next( KBPOS kbpos, int mode, KBNODE *ret_root )
565
if( mode != 1 && mode != 11 )
566
return GPGERR_INV_ARG;
570
switch( kbpos->rt ) {
573
return GPGERR_GENERAL;
574
rc = keyring_enum( kbpos, ret_root, mode == 11 );
578
return GPGERR_GENERAL;
579
rc = do_kbxf_enum( kbpos, ret_root, mode == 11 );
588
assert( !kbpos->pkt );
589
rentry = check_pos( kbpos );
594
iobuf_close( kbpos->fp );
597
free_packet( kbpos->pkt );
598
gcry_free( kbpos->pkt );
600
/* and then open the next one */
601
rc = enum_keyrings_open_helper( kbpos, i );
604
/* hmm, that is not really correct: if we got an error kbpos
605
* might be not well anymore */
616
* Insert the keyblock described by ROOT into the keyring described
617
* by KBPOS. This actually appends the data to the keyfile.
620
insert_keyblock( KBNODE root )
624
if( !check_pos(kbpos) )
625
return GPGERR_GENERAL;
627
switch( kbpos->rt ) {
629
rc = keyring_copy( kbpos, 1, root );
632
rc = do_kbxf_copy( kbpos, 1, root );
641
* Delete the keyblock described by KBPOS.
642
* The current code simply changes the keyblock in the keyring
643
* to packet of type 0 with the correct length. To help detect errors,
644
* zero bytes are written.
647
delete_keyblock( KBNODE keyblock )
651
if( !check_pos(kbpos) )
652
return GPGERR_GENERAL;
654
switch( kbpos->rt ) {
656
rc = keyring_copy( kbpos, 2, NULL );
659
rc = do_kbxf_copy( kbpos, 2, NULL );
669
* Update the keyblock in the ring (or whatever resource) one in ROOT.
672
update_keyblock( KBNODE root )
675
struct keyblock_pos_struct kbpos;
677
/* We need to get the file position of original keyblock first */
678
if ( root->pkt->pkttype == PKT_PUBLIC_KEY )
679
rc = find_kblocation_bypk( &kbpos, root->pkt->pkt.public_key );
680
else if ( root->pkt->pkttype == PKT_SECRET_KEY )
681
rc = find_kblocation_bysk( &kbpos, root->pkt->pkt.secret_key );
688
if( !check_pos(&kbpos) )
689
return GPGERR_GENERAL;
693
rc = keyring_copy( &kbpos, 3, root );
696
rc = do_kbxf_copy( &kbpos, 3, root );
706
/****************************************************************
707
********** Functions which operates on regular keyrings ********
708
****************************************************************/
711
keyring_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs )
717
ulong offset, first_offset=0;
719
if( !(rentry=check_pos(kbpos)) )
720
return GPGERR_GENERAL;
723
root = new_kbnode( kbpos->pkt );
724
first_offset = kbpos->save_offset;
729
pkt = gcry_xmalloc( sizeof *pkt );
731
while( (rc=parse_packet(kbpos->fp, pkt, &offset )) != -1 ) {
732
if( rc ) { /* ignore errors */
733
if( rc != GPGERR_UNKNOWN_PACKET ) {
734
log_error("keyring_enum: read error: %s\n", gpg_errstr(rc) );
735
rc = GPGERR_INV_KEYRING;
742
/* make a linked list of all packets */
743
switch( pkt->pkttype ) {
745
log_error("skipped compressed packet in keyring\n" );
752
if( root ) { /* save this packet */
754
kbpos->save_offset = offset;
758
root = new_kbnode( pkt );
759
first_offset = offset;
760
pkt = gcry_xmalloc( sizeof *pkt );
765
/* skip pakets at the beginning of a keyring, until we find
766
* a start packet; issue a warning if it is not a comment */
767
if( !root && pkt->pkttype != PKT_COMMENT
768
&& pkt->pkttype != PKT_OLD_COMMENT ) {
771
if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
772
||pkt->pkttype == PKT_COMMENT
773
||pkt->pkttype == PKT_OLD_COMMENT )) ) {
777
add_kbnode( root, new_kbnode( pkt ) );
778
pkt = gcry_xmalloc( sizeof *pkt );
784
if( rc == -1 && root )
788
release_kbnode( root );
791
kbpos->offset = first_offset;
804
* Perform insert/delete/update operation.
810
keyring_copy( KBPOS kbpos, int mode, KBNODE root )
815
char *bakfname = NULL;
816
char *tmpfname = NULL;
817
#warning We need to lock the keyring while we are editing it.
818
/* rethink this whole module */
820
if( !(rentry = check_pos( kbpos )) )
821
return GPGERR_GENERAL;
826
lock_rentry( rentry );
828
/* open the source file */
830
/* BUG(); not allowed with such a handle */
831
log_debug("keyring_copy: closing fp %p\n", kbpos->fp );
832
iobuf_close (kbpos->fp);
836
fp = iobuf_open( rentry->fname );
837
if( mode == 1 && !fp && errno == ENOENT ) { /* no file yet */
840
/* insert: create a new file */
841
newfp = iobuf_create( rentry->fname );
843
log_error(_("%s: can't create: %s\n"), rentry->fname, strerror(errno));
844
unlock_rentry( rentry );
845
return GPGERR_OPEN_FILE;
847
else if( !opt.quiet )
848
log_info(_("%s: keyring created\n"), rentry->fname );
851
while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
852
if( (rc = build_packet( newfp, node->pkt )) ) {
853
log_error("build_packet(%d) failed: %s\n",
854
node->pkt->pkttype, gpg_errstr(rc) );
856
unlock_rentry( rentry );
857
return GPGERR_WRITE_FILE;
860
if( iobuf_close(newfp) ) {
861
log_error("%s: close failed: %s\n", rentry->fname, strerror(errno));
862
unlock_rentry( rentry );
863
return GPGERR_CLOSE_FILE;
865
if( chmod( rentry->fname, S_IRUSR | S_IWUSR ) ) {
866
log_error("%s: chmod failed: %s\n",
867
rentry->fname, strerror(errno) );
868
unlock_rentry( rentry );
869
return GPGERR_WRITE_FILE;
874
log_error("%s: can't open: %s\n", rentry->fname, strerror(errno) );
875
rc = GPGERR_OPEN_FILE;
879
/* create the new file */
880
#ifdef USE_ONLY_8DOT3
881
/* Here is another Windoze bug?:
882
* you cant rename("pubring.gpg.tmp", "pubring.gpg");
883
* but rename("pubring.gpg.tmp", "pubring.aaa");
884
* works. So we replace .gpg by .bak or .tmp
886
if( strlen(rentry->fname) > 4
887
&& !strcmp(rentry->fname+strlen(rentry->fname)-4, ".gpg") ) {
888
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
889
strcpy(bakfname,rentry->fname);
890
strcpy(bakfname+strlen(rentry->fname)-4, ".bak");
891
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
892
strcpy(tmpfname,rentry->fname);
893
strcpy(tmpfname+strlen(rentry->fname)-4, ".tmp");
895
else { /* file does not end with gpg; hmmm */
896
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
897
strcpy(stpcpy(bakfname,rentry->fname),".bak");
898
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
899
strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
902
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 2 );
903
strcpy(stpcpy(bakfname,rentry->fname),"~");
904
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
905
strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
907
newfp = iobuf_create( tmpfname );
909
log_error("%s: can't create: %s\n", tmpfname, strerror(errno) );
911
rc = GPGERR_OPEN_FILE;
915
if( mode == 1 ) { /* insert */
916
/* copy everything to the new file */
917
rc = copy_all_packets( fp, newfp );
919
log_error("%s: copy to %s failed: %s\n",
920
rentry->fname, tmpfname, gpg_errstr(rc) );
928
if( mode == 2 || mode == 3 ) { /* delete or update */
929
/* copy first part to the new file */
930
rc = copy_some_packets( fp, newfp, kbpos->offset );
931
if( rc ) { /* should never get EOF here */
932
log_error("%s: copy to %s failed: %s\n",
933
rentry->fname, tmpfname, gpg_errstr(rc) );
938
/* skip this keyblock */
939
assert( kbpos->count );
940
rc = skip_some_packets( fp, kbpos->count );
942
log_error("%s: skipping %u packets failed: %s\n",
943
rentry->fname, kbpos->count, gpg_errstr(rc));
950
if( mode == 1 || mode == 3 ) { /* insert or update */
953
/* append the new data */
955
while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
956
if( (rc = build_packet( newfp, node->pkt )) ) {
957
log_error("build_packet(%d) failed: %s\n",
958
node->pkt->pkttype, gpg_errstr(rc) );
961
rc = GPGERR_WRITE_FILE;
968
if( mode == 2 || mode == 3 ) { /* delete or update */
970
rc = copy_all_packets( fp, newfp );
972
log_error("%s: copy to %s failed: %s\n",
973
rentry->fname, tmpfname, gpg_errstr(rc) );
981
/* close both files */
982
if( iobuf_close(fp) ) {
983
log_error("%s: close failed: %s\n", rentry->fname, strerror(errno) );
984
rc = GPGERR_CLOSE_FILE;
987
if( iobuf_close(newfp) ) {
988
log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
989
rc = GPGERR_CLOSE_FILE;
992
/* if the new file is a secring, restrict the permissions */
993
#ifndef HAVE_DOSISH_SYSTEM
994
if( rentry->secret ) {
995
if( chmod( tmpfname, S_IRUSR | S_IWUSR ) ) {
996
log_error("%s: chmod failed: %s\n",
997
tmpfname, strerror(errno) );
998
rc = GPGERR_WRITE_FILE;
1004
/* rename and make backup file */
1005
if( !rentry->secret ) { /* but not for secret keyrings */
1006
#ifdef HAVE_DOSISH_SYSTEM
1009
if( rename( rentry->fname, bakfname ) ) {
1010
log_error("%s: rename to %s failed: %s\n",
1011
rentry->fname, bakfname, strerror(errno) );
1012
rc = GPGERR_RENAME_FILE;
1016
#ifdef HAVE_DOSISH_SYSTEM
1017
remove( rentry->fname );
1019
if( rename( tmpfname, rentry->fname ) ) {
1020
log_error("%s: rename to %s failed: %s\n",
1021
tmpfname, rentry->fname,strerror(errno) );
1022
rc = GPGERR_RENAME_FILE;
1023
if( rentry->secret ) {
1025
"WARNING: 2 files with confidential information exists.\n"));
1026
log_info(_("%s is the unchanged one\n"), rentry->fname );
1027
log_info(_("%s is the new one\n"), tmpfname );
1028
log_info(_("Please fix this possible security flaw\n"));
1034
unlock_rentry( rentry );
1035
gcry_free(bakfname);
1036
gcry_free(tmpfname);
1041
/****************************************************************
1042
********** Functions which operate on KBX files ****************
1043
****************************************************************/
1046
do_kbxf_enum( KBPOS kbpos, KBNODE *ret_root, int skipsigs )
1053
if( !(rentry=check_pos(kbpos)) )
1054
return GPGERR_GENERAL;
1057
root = new_kbnode( kbpos->pkt );
1061
pkt = gcry_xmalloc( sizeof *pkt );
1063
while( (rc=parse_packet(kbpos->fp, pkt, NULL)) != -1 ) {
1064
if( rc ) { /* ignore errors */
1065
if( rc != GPGERR_UNKNOWN_PACKET ) {
1066
log_error("do_kbxf_enum: read error: %s\n", gpg_errstr(rc) );
1067
rc = GPGERR_INV_KEYRING;
1074
/* make a linked list of all packets */
1075
switch( pkt->pkttype ) {
1076
case PKT_COMPRESSED:
1077
log_error("skipped compressed packet in keyring\n" );
1082
case PKT_PUBLIC_KEY:
1083
case PKT_SECRET_KEY:
1084
if( root ) { /* store this packet */
1089
root = new_kbnode( pkt );
1090
pkt = gcry_xmalloc( sizeof *pkt );
1095
/* skip pakets at the beginning of a keyring, until we find
1096
* a start packet; issue a warning if it is not a comment */
1097
if( !root && pkt->pkttype != PKT_COMMENT
1098
&& pkt->pkttype != PKT_OLD_COMMENT ) {
1101
if( !root || (skipsigs && ( pkt->pkttype == PKT_SIGNATURE
1102
||pkt->pkttype == PKT_COMMENT
1103
||pkt->pkttype == PKT_OLD_COMMENT )) ) {
1107
add_kbnode( root, new_kbnode( pkt ) );
1108
pkt = gcry_xmalloc( sizeof *pkt );
1114
if( rc == -1 && root )
1118
release_kbnode( root );
1129
* Perform insert/delete/update operation.
1135
do_kbxf_copy( KBPOS kbpos, int mode, KBNODE root )
1140
char *bakfname = NULL;
1141
char *tmpfname = NULL;
1143
if( !(rentry = check_pos( kbpos )) )
1144
return GPGERR_GENERAL;
1146
BUG(); /* not allowed with such a handle */
1151
lock_rentry( rentry );
1153
/* open the source file */
1154
fp = iobuf_open( rentry->fname );
1155
if( mode == 1 && !fp && errno == ENOENT ) { /* no file yet */
1158
/* insert: create a new file */
1159
newfp = iobuf_create( rentry->fname );
1161
log_error(_("%s: can't create: %s\n"), rentry->fname, strerror(errno));
1162
unlock_rentry( rentry );
1163
return GPGERR_OPEN_FILE;
1165
else if( !opt.quiet )
1166
log_info(_("%s: keyring created\n"), rentry->fname );
1169
while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
1170
if( (rc = build_packet( newfp, node->pkt )) ) {
1171
log_error("build_packet(%d) failed: %s\n",
1172
node->pkt->pkttype, gpg_errstr(rc) );
1173
iobuf_cancel(newfp);
1174
unlock_rentry( rentry );
1175
return GPGERR_WRITE_FILE;
1178
if( iobuf_close(newfp) ) {
1179
log_error("%s: close failed: %s\n", rentry->fname, strerror(errno));
1180
unlock_rentry( rentry );
1181
return GPGERR_CLOSE_FILE;
1183
if( chmod( rentry->fname, S_IRUSR | S_IWUSR ) ) {
1184
log_error("%s: chmod failed: %s\n",
1185
rentry->fname, strerror(errno) );
1186
unlock_rentry( rentry );
1187
return GPGERR_WRITE_FILE;
1192
log_error("%s: can't open: %s\n", rentry->fname, strerror(errno) );
1193
rc = GPGERR_OPEN_FILE;
1197
/* create the new file */
1198
#ifdef USE_ONLY_8DOT3
1199
/* Here is another Windoze bug?:
1200
* you cant rename("pubring.gpg.tmp", "pubring.gpg");
1201
* but rename("pubring.gpg.tmp", "pubring.aaa");
1202
* works. So we replace .gpg by .bak or .tmp
1204
if( strlen(rentry->fname) > 4
1205
&& !strcmp(rentry->fname+strlen(rentry->fname)-4, ".gpg") ) {
1206
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
1207
strcpy(bakfname,rentry->fname);
1208
strcpy(bakfname+strlen(rentry->fname)-4, ".bak");
1209
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 1 );
1210
strcpy(tmpfname,rentry->fname);
1211
strcpy(tmpfname+strlen(rentry->fname)-4, ".tmp");
1213
else { /* file does not end with gpg; hmmm */
1214
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
1215
strcpy(stpcpy(bakfname,rentry->fname),".bak");
1216
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
1217
strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
1220
bakfname = gcry_xmalloc( strlen( rentry->fname ) + 2 );
1221
strcpy(stpcpy(bakfname,rentry->fname),"~");
1222
tmpfname = gcry_xmalloc( strlen( rentry->fname ) + 5 );
1223
strcpy(stpcpy(tmpfname,rentry->fname),".tmp");
1225
newfp = iobuf_create( tmpfname );
1227
log_error("%s: can't create: %s\n", tmpfname, strerror(errno) );
1229
rc = GPGERR_OPEN_FILE;
1233
if( mode == 1 ) { /* insert */
1234
/* copy everything to the new file */
1235
rc = copy_all_packets( fp, newfp );
1237
log_error("%s: copy to %s failed: %s\n",
1238
rentry->fname, tmpfname, gpg_errstr(rc) );
1240
iobuf_cancel(newfp);
1246
if( mode == 2 || mode == 3 ) { /* delete or update */
1247
/* copy first part to the new file */
1248
rc = copy_some_packets( fp, newfp, kbpos->offset );
1249
if( rc ) { /* should never get EOF here */
1250
log_error("%s: copy to %s failed: %s\n",
1251
rentry->fname, tmpfname, gpg_errstr(rc) );
1253
iobuf_cancel(newfp);
1256
/* skip this keyblock */
1257
assert( kbpos->count );
1258
rc = skip_some_packets( fp, kbpos->count );
1260
log_error("%s: skipping %u packets failed: %s\n",
1261
rentry->fname, kbpos->count, gpg_errstr(rc));
1263
iobuf_cancel(newfp);
1268
if( mode == 1 || mode == 3 ) { /* insert or update */
1271
/* append the new data */
1273
while( (node = walk_kbnode( root, &kbctx, 0 )) ) {
1274
if( (rc = build_packet( newfp, node->pkt )) ) {
1275
log_error("build_packet(%d) failed: %s\n",
1276
node->pkt->pkttype, gpg_errstr(rc) );
1278
iobuf_cancel(newfp);
1279
rc = GPGERR_WRITE_FILE;
1286
if( mode == 2 || mode == 3 ) { /* delete or update */
1288
rc = copy_all_packets( fp, newfp );
1290
log_error("%s: copy to %s failed: %s\n",
1291
rentry->fname, tmpfname, gpg_errstr(rc) );
1293
iobuf_cancel(newfp);
1299
/* close both files */
1300
if( iobuf_close(fp) ) {
1301
log_error("%s: close failed: %s\n", rentry->fname, strerror(errno) );
1302
rc = GPGERR_CLOSE_FILE;
1305
if( iobuf_close(newfp) ) {
1306
log_error("%s: close failed: %s\n", tmpfname, strerror(errno) );
1307
rc = GPGERR_CLOSE_FILE;
1310
/* if the new file is a secring, restrict the permissions */
1311
#ifndef HAVE_DOSISH_SYSTEM
1312
if( rentry->secret ) {
1313
if( chmod( tmpfname, S_IRUSR | S_IWUSR ) ) {
1314
log_error("%s: chmod failed: %s\n",
1315
tmpfname, strerror(errno) );
1316
rc = GPGERR_WRITE_FILE;
1322
/* rename and make backup file */
1323
if( !rentry->secret ) { /* but not for secret keyrings */
1324
#ifdef HAVE_DOSISH_SYSTEM
1327
if( rename( rentry->fname, bakfname ) ) {
1328
log_error("%s: rename to %s failed: %s\n",
1329
rentry->fname, bakfname, strerror(errno) );
1330
rc = GPGERR_RENAME_FILE;
1334
#ifdef HAVE_DOSISH_SYSTEM
1335
remove( rentry->fname );
1337
if( rename( tmpfname, rentry->fname ) ) {
1338
log_error("%s: rename to %s failed: %s\n",
1339
tmpfname, rentry->fname,strerror(errno) );
1340
rc = GPGERR_RENAME_FILE;
1341
if( rentry->secret ) {
1343
"WARNING: 2 files with confidential information exists.\n"));
1344
log_info(_("%s is the unchanged one\n"), rentry->fname );
1345
log_info(_("%s is the new one\n"), tmpfname );
1346
log_info(_("Please fix this possible security flaw\n"));
1352
unlock_rentry( rentry );
1353
gcry_free(bakfname);
1354
gcry_free(tmpfname);