LCOV - code coverage report
Current view: top level - g10 - keydb.c (source / functions) Hit Total Coverage
Test: coverage.info Lines: 519 815 63.7 %
Date: 2016-09-12 13:01:59 Functions: 28 32 87.5 %

          Line data    Source code
       1             : /* keydb.c - key database dispatcher
       2             :  * Copyright (C) 2001-2013 Free Software Foundation, Inc.
       3             :  * Coyrright (C) 2001-2015 Werner Koch
       4             :  *
       5             :  * This file is part of GnuPG.
       6             :  *
       7             :  * GnuPG is free software; you can redistribute it and/or modify
       8             :  * it under the terms of the GNU General Public License as published by
       9             :  * the Free Software Foundation; either version 3 of the License, or
      10             :  * (at your option) any later version.
      11             :  *
      12             :  * GnuPG is distributed in the hope that it will be useful,
      13             :  * but WITHOUT ANY WARRANTY; without even the implied warranty of
      14             :  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      15             :  * GNU General Public License for more details.
      16             :  *
      17             :  * You should have received a copy of the GNU General Public License
      18             :  * along with this program; if not, see <http://www.gnu.org/licenses/>.
      19             :  */
      20             : 
      21             : #include <config.h>
      22             : #include <stdio.h>
      23             : #include <stdlib.h>
      24             : #include <string.h>
      25             : #include <errno.h>
      26             : #include <sys/types.h>
      27             : #include <sys/stat.h>
      28             : #include <unistd.h>
      29             : 
      30             : #include "gpg.h"
      31             : #include "util.h"
      32             : #include "options.h"
      33             : #include "main.h" /*try_make_homedir ()*/
      34             : #include "packet.h"
      35             : #include "keyring.h"
      36             : #include "../kbx/keybox.h"
      37             : #include "keydb.h"
      38             : #include "i18n.h"
      39             : 
      40             : static int active_handles;
      41             : 
      42             : typedef enum
      43             :   {
      44             :     KEYDB_RESOURCE_TYPE_NONE = 0,
      45             :     KEYDB_RESOURCE_TYPE_KEYRING,
      46             :     KEYDB_RESOURCE_TYPE_KEYBOX
      47             :   } KeydbResourceType;
      48             : #define MAX_KEYDB_RESOURCES 40
      49             : 
      50             : struct resource_item
      51             : {
      52             :   KeydbResourceType type;
      53             :   union {
      54             :     KEYRING_HANDLE kr;
      55             :     KEYBOX_HANDLE kb;
      56             :   } u;
      57             :   void *token;
      58             : };
      59             : 
      60             : static struct resource_item all_resources[MAX_KEYDB_RESOURCES];
      61             : static int used_resources;
      62             : 
      63             : /* A pointer used to check for the primary key database by comparing
      64             :    to the struct resource_item's TOKEN.  */
      65             : static void *primary_keydb;
      66             : 
      67             : 
      68             : /* This is a simple cache used to return the last result of a
      69             :    successful fingerprint search.  This works only for keybox resources
      70             :    because (due to lack of a copy_keyblock function) we need to store
      71             :    an image of the keyblock which is fortunately instantly available
      72             :    for keyboxes.  */
      73             : enum keyblock_cache_states {
      74             :   KEYBLOCK_CACHE_EMPTY,
      75             :   KEYBLOCK_CACHE_PREPARED,
      76             :   KEYBLOCK_CACHE_FILLED
      77             : };
      78             : 
      79             : struct keyblock_cache {
      80             :   enum keyblock_cache_states state;
      81             :   byte fpr[MAX_FINGERPRINT_LEN];
      82             :   iobuf_t iobuf; /* Image of the keyblock.  */
      83             :   u32 *sigstatus;
      84             :   int pk_no;
      85             :   int uid_no;
      86             :   /* Offset of the record in the keybox.  */
      87             :   int resource;
      88             :   off_t offset;
      89             : };
      90             : 
      91             : 
      92             : struct keydb_handle
      93             : {
      94             :   /* When we locked all of the resources in ACTIVE (using keyring_lock
      95             :      / keybox_lock, as appropriate).  */
      96             :   int locked;
      97             : 
      98             :   /* The index into ACTIVE of the resources in which the last search
      99             :      result was found.  Initially -1.  */
     100             :   int found;
     101             : 
     102             :   /* Initially -1 (invalid).  This is used to save a search result and
     103             :      later restore it as the selected result.  */
     104             :   int saved_found;
     105             : 
     106             :   /* The number of skipped long blobs since the last search
     107             :      (keydb_search_reset).  */
     108             :   unsigned long skipped_long_blobs;
     109             : 
     110             :   /* If set, this disables the use of the keyblock cache.  */
     111             :   int no_caching;
     112             : 
     113             :   /* Whether the next search will be from the beginning of the
     114             :      database (and thus consider all records).  */
     115             :   int is_reset;
     116             : 
     117             :   /* The "file position."  In our case, this is index of the current
     118             :      resource in ACTIVE.  */
     119             :   int current;
     120             : 
     121             :   /* The number of resources in ACTIVE.  */
     122             :   int used;
     123             : 
     124             :   /* Cache of the last found and parsed key block (only used for
     125             :      keyboxes, not keyrings).  */
     126             :   struct keyblock_cache keyblock_cache;
     127             : 
     128             :   /* Copy of ALL_RESOURCES when keydb_new is called.  */
     129             :   struct resource_item active[MAX_KEYDB_RESOURCES];
     130             : };
     131             : 
     132             : /* Looking up keys is expensive.  To hide the cost, we cache whether
     133             :    keys exist in the key database.  Then, if we know a key does not
     134             :    exist, we don't have to spend time looking it up.  This
     135             :    particularly helps the --list-sigs and --check-sigs commands.
     136             : 
     137             :    The cache stores the results in a hash using separate chaining.
     138             :    Concretely: we use the LSB of the keyid to index the hash table and
     139             :    each bucket consists of a linked list of entries.  An entry
     140             :    consists of the 64-bit key id.  If a key id is not in the cache,
     141             :    then we don't know whether it is in the DB or not.
     142             : 
     143             :    To simplify the cache consistency protocol, we simply flush the
     144             :    whole cache whenever a key is inserted or updated.  */
     145             : 
     146             : #define KID_NOT_FOUND_CACHE_BUCKETS 256
     147             : static struct kid_not_found_cache_bucket *
     148             :   kid_not_found_cache[KID_NOT_FOUND_CACHE_BUCKETS];
     149             : 
     150             : /* The total number of entries in the hash table.  */
     151             : static unsigned int kid_not_found_cache_count;
     152             : 
     153             : struct kid_not_found_cache_bucket
     154             : {
     155             :   struct kid_not_found_cache_bucket *next;
     156             :   u32 kid[2];
     157             : };
     158             : 
     159             : 
     160             : static int lock_all (KEYDB_HANDLE hd);
     161             : static void unlock_all (KEYDB_HANDLE hd);
     162             : 
     163             : 
     164             : /* Check whether the keyid KID is in key id is definitely not in the
     165             :    database.
     166             : 
     167             :    Returns:
     168             : 
     169             :      0 - Indeterminate: the key id is not in the cache; we don't know
     170             :          whether the key is in the database or not.  If you want a
     171             :          definitive answer, you'll need to perform a lookup.
     172             : 
     173             :      1 - There is definitely no key with this key id in the database.
     174             :          We searched for a key with this key id previously, but we
     175             :          didn't find it in the database.  */
     176             : static int
     177        2013 : kid_not_found_p (u32 *kid)
     178             : {
     179             :   struct kid_not_found_cache_bucket *k;
     180             : 
     181        2013 :   for (k = kid_not_found_cache[kid[0] % KID_NOT_FOUND_CACHE_BUCKETS]; k; k = k->next)
     182           3 :     if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
     183             :       {
     184           3 :         if (DBG_CACHE)
     185           0 :           log_debug ("keydb: kid_not_found_p (%08lx%08lx) => not in DB\n",
     186           0 :                      (ulong)kid[0], (ulong)kid[1]);
     187           3 :         return 1;
     188             :       }
     189             : 
     190        2010 :   if (DBG_CACHE)
     191           0 :     log_debug ("keydb: kid_not_found_p (%08lx%08lx) => indeterminate\n",
     192           0 :                (ulong)kid[0], (ulong)kid[1]);
     193        2010 :   return 0;
     194             : }
     195             : 
     196             : 
     197             : /* Insert the keyid KID into the kid_not_found_cache.  FOUND is whether
     198             :    the key is in the key database or not.
     199             : 
     200             :    Note this function does not check whether the key id is already in
     201             :    the cache.  As such, kid_not_found_p() should be called first.  */
     202             : static void
     203           7 : kid_not_found_insert (u32 *kid)
     204             : {
     205             :   struct kid_not_found_cache_bucket *k;
     206             : 
     207           7 :   if (DBG_CACHE)
     208           0 :     log_debug ("keydb: kid_not_found_insert (%08lx%08lx)\n",
     209           0 :                (ulong)kid[0], (ulong)kid[1]);
     210           7 :   k = xmalloc (sizeof *k);
     211           7 :   k->kid[0] = kid[0];
     212           7 :   k->kid[1] = kid[1];
     213           7 :   k->next = kid_not_found_cache[kid[0] % KID_NOT_FOUND_CACHE_BUCKETS];
     214           7 :   kid_not_found_cache[kid[0] % KID_NOT_FOUND_CACHE_BUCKETS] = k;
     215           7 :   kid_not_found_cache_count++;
     216           7 : }
     217             : 
     218             : 
     219             : /* Flush the kid not found cache.  */
     220             : static void
     221          70 : kid_not_found_flush (void)
     222             : {
     223             :   struct kid_not_found_cache_bucket *k, *knext;
     224             :   int i;
     225             : 
     226          70 :   if (DBG_CACHE)
     227           0 :     log_debug ("keydb: kid_not_found_flush\n");
     228             : 
     229          70 :   if (!kid_not_found_cache_count)
     230         138 :     return;
     231             : 
     232         514 :   for (i=0; i < DIM(kid_not_found_cache); i++)
     233             :     {
     234         514 :       for (k = kid_not_found_cache[i]; k; k = knext)
     235             :         {
     236           2 :           knext = k->next;
     237           2 :           xfree (k);
     238             :         }
     239         512 :       kid_not_found_cache[i] = NULL;
     240             :     }
     241           2 :   kid_not_found_cache_count = 0;
     242             : }
     243             : 
     244             : 
     245             : static void
     246        8108 : keyblock_cache_clear (struct keydb_handle *hd)
     247             : {
     248        8108 :   hd->keyblock_cache.state = KEYBLOCK_CACHE_EMPTY;
     249        8108 :   xfree (hd->keyblock_cache.sigstatus);
     250        8108 :   hd->keyblock_cache.sigstatus = NULL;
     251        8108 :   iobuf_close (hd->keyblock_cache.iobuf);
     252        8108 :   hd->keyblock_cache.iobuf = NULL;
     253        8108 :   hd->keyblock_cache.resource = -1;
     254        8108 :   hd->keyblock_cache.offset = -1;
     255        8108 : }
     256             : 
     257             : 
     258             : /* Handle the creation of a keyring or a keybox if it does not yet
     259             :    exist.  Take into account that other processes might have the
     260             :    keyring/keybox already locked.  This lock check does not work if
     261             :    the directory itself is not yet available.  If IS_BOX is true the
     262             :    filename is expected to refer to a keybox.  If FORCE_CREATE is true
     263             :    the keyring or keybox will be created.
     264             : 
     265             :    Return 0 if it is okay to access the specified file.  */
     266             : static gpg_error_t
     267        1293 : maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
     268             : {
     269        1293 :   dotlock_t lockhd = NULL;
     270             :   IOBUF iobuf;
     271             :   int rc;
     272             :   mode_t oldmask;
     273             :   char *last_slash_in_filename;
     274        1293 :   char *bak_fname = NULL;
     275        1293 :   char *tmp_fname = NULL;
     276             :   int save_slash;
     277             : 
     278             :   /* A quick test whether the filename already exists. */
     279        1293 :   if (!access (filename, F_OK))
     280        1291 :     return 0;
     281             : 
     282             :   /* If we don't want to create a new file at all, there is no need to
     283             :      go any further - bail out right here.  */
     284           2 :   if (!force_create)
     285           0 :     return gpg_error (GPG_ERR_ENOENT);
     286             : 
     287             :   /* First of all we try to create the home directory.  Note, that we
     288             :      don't do any locking here because any sane application of gpg
     289             :      would create the home directory by itself and not rely on gpg's
     290             :      tricky auto-creation which is anyway only done for certain home
     291             :      directory name pattern. */
     292           2 :   last_slash_in_filename = strrchr (filename, DIRSEP_C);
     293             : #if HAVE_W32_SYSTEM
     294             :   {
     295             :     /* Windows may either have a slash or a backslash.  Take care of it.  */
     296             :     char *p = strrchr (filename, '/');
     297             :     if (!last_slash_in_filename || p > last_slash_in_filename)
     298             :       last_slash_in_filename = p;
     299             :   }
     300             : #endif /*HAVE_W32_SYSTEM*/
     301           2 :   if (!last_slash_in_filename)
     302           0 :     return gpg_error (GPG_ERR_ENOENT);  /* No slash at all - should
     303             :                                            not happen though.  */
     304           2 :   save_slash = *last_slash_in_filename;
     305           2 :   *last_slash_in_filename = 0;
     306           2 :   if (access(filename, F_OK))
     307             :     {
     308             :       static int tried;
     309             : 
     310           0 :       if (!tried)
     311             :         {
     312           0 :           tried = 1;
     313           0 :           try_make_homedir (filename);
     314             :         }
     315           0 :       if (access (filename, F_OK))
     316             :         {
     317           0 :           rc = gpg_error_from_syserror ();
     318           0 :           *last_slash_in_filename = save_slash;
     319           0 :           goto leave;
     320             :         }
     321             :     }
     322           2 :   *last_slash_in_filename = save_slash;
     323             : 
     324             :   /* To avoid races with other instances of gpg trying to create or
     325             :      update the keyring (it is removed during an update for a short
     326             :      time), we do the next stuff in a locked state. */
     327           2 :   lockhd = dotlock_create (filename, 0);
     328           2 :   if (!lockhd)
     329             :     {
     330           0 :       rc = gpg_error_from_syserror ();
     331             :       /* A reason for this to fail is that the directory is not
     332             :          writable. However, this whole locking stuff does not make
     333             :          sense if this is the case. An empty non-writable directory
     334             :          with no keyring is not really useful at all. */
     335           0 :       if (opt.verbose)
     336           0 :         log_info ("can't allocate lock for '%s': %s\n",
     337             :                   filename, gpg_strerror (rc));
     338             : 
     339           0 :       if (!force_create)
     340           0 :         return gpg_error (GPG_ERR_ENOENT);  /* Won't happen.  */
     341             :       else
     342           0 :         return rc;
     343             :     }
     344             : 
     345           2 :   if ( dotlock_take (lockhd, -1) )
     346             :     {
     347           0 :       rc = gpg_error_from_syserror ();
     348             :       /* This is something bad.  Probably a stale lockfile.  */
     349           0 :       log_info ("can't lock '%s': %s\n", filename, gpg_strerror (rc));
     350           0 :       goto leave;
     351             :     }
     352             : 
     353             :   /* Now the real test while we are locked. */
     354             : 
     355             :   /* Gpg either uses pubring.gpg or pubring.kbx and thus different
     356             :    * lock files.  Now, when one gpg process is updating a pubring.gpg
     357             :    * and thus holding the corresponding lock, a second gpg process may
     358             :    * get to here at the time between the two rename operation used by
     359             :    * the first process to update pubring.gpg.  The lock taken above
     360             :    * may not protect the second process if it tries to create a
     361             :    * pubring.kbx file which would be protected by a different lock
     362             :    * file.
     363             :    *
     364             :    * We can detect this case by checking that the two temporary files
     365             :    * used by the update code exist at the same time.  In that case we
     366             :    * do not create a new file but act as if FORCE_CREATE has not been
     367             :    * given.  Obviously there is a race between our two checks but the
     368             :    * worst thing is that we won't create a new file, which is better
     369             :    * than to accidentally creating one.  */
     370           2 :   rc = keybox_tmp_names (filename, is_box, &bak_fname, &tmp_fname);
     371           2 :   if (rc)
     372           0 :     goto leave;
     373             : 
     374           2 :   if (!access (filename, F_OK))
     375             :     {
     376           0 :       rc = 0;  /* Okay, we may access the file now.  */
     377           0 :       goto leave;
     378             :     }
     379           2 :   if (!access (bak_fname, F_OK) && !access (tmp_fname, F_OK))
     380             :     {
     381             :       /* Very likely another process is updating a pubring.gpg and we
     382             :          should not create a pubring.kbx.  */
     383           0 :       rc = gpg_error (GPG_ERR_ENOENT);
     384           0 :       goto leave;
     385             :     }
     386             : 
     387             : 
     388             :   /* The file does not yet exist, create it now. */
     389           2 :   oldmask = umask (077);
     390           2 :   if (is_secured_filename (filename))
     391             :     {
     392           0 :       iobuf = NULL;
     393           0 :       gpg_err_set_errno (EPERM);
     394             :     }
     395             :   else
     396           2 :     iobuf = iobuf_create (filename, 0);
     397           2 :   umask (oldmask);
     398           2 :   if (!iobuf)
     399             :     {
     400           0 :       rc = gpg_error_from_syserror ();
     401           0 :       if (is_box)
     402           0 :         log_error (_("error creating keybox '%s': %s\n"),
     403             :                    filename, gpg_strerror (rc));
     404             :       else
     405           0 :         log_error (_("error creating keyring '%s': %s\n"),
     406             :                    filename, gpg_strerror (rc));
     407           0 :       goto leave;
     408             :     }
     409             : 
     410           2 :   iobuf_close (iobuf);
     411             :   /* Must invalidate that ugly cache */
     412           2 :   iobuf_ioctl (NULL, IOBUF_IOCTL_INVALIDATE_CACHE, 0, filename);
     413             : 
     414             :   /* Make sure that at least one record is in a new keybox file, so
     415             :      that the detection magic will work the next time it is used.  */
     416           2 :   if (is_box)
     417             :     {
     418           2 :       FILE *fp = fopen (filename, "w");
     419           2 :       if (!fp)
     420           0 :         rc = gpg_error_from_syserror ();
     421             :       else
     422             :         {
     423           2 :           rc = _keybox_write_header_blob (fp, 1);
     424           2 :           fclose (fp);
     425             :         }
     426           2 :       if (rc)
     427             :         {
     428           0 :           if (is_box)
     429           0 :             log_error (_("error creating keybox '%s': %s\n"),
     430             :                        filename, gpg_strerror (rc));
     431             :           else
     432           0 :             log_error (_("error creating keyring '%s': %s\n"),
     433             :                        filename, gpg_strerror (rc));
     434           0 :           goto leave;
     435             :         }
     436             :     }
     437             : 
     438           2 :   if (!opt.quiet)
     439             :     {
     440           2 :       if (is_box)
     441           2 :         log_info (_("keybox '%s' created\n"), filename);
     442             :       else
     443           0 :         log_info (_("keyring '%s' created\n"), filename);
     444             :     }
     445             : 
     446           2 :   rc = 0;
     447             : 
     448             :  leave:
     449           2 :   if (lockhd)
     450             :     {
     451           2 :       dotlock_release (lockhd);
     452           2 :       dotlock_destroy (lockhd);
     453             :     }
     454           2 :   xfree (bak_fname);
     455           2 :   xfree (tmp_fname);
     456           2 :   return rc;
     457             : }
     458             : 
     459             : 
     460             : /* Helper for keydb_add_resource.  Opens FILENAME to figure out the
     461             :    resource type.
     462             : 
     463             :    Returns the specified file's likely type.  If the file does not
     464             :    exist, returns KEYDB_RESOURCE_TYPE_NONE and sets *R_FOUND to 0.
     465             :    Otherwise, tries to figure out the file's type.  This is either
     466             :    KEYDB_RESOURCE_TYPE_KEYBOX, KEYDB_RESOURCE_TYPE_KEYRING or
     467             :    KEYDB_RESOURCE_TYPE_KEYNONE.  If the file is a keybox and it has
     468             :    the OpenPGP flag set, then R_OPENPGP is also set.  */
     469             : static KeydbResourceType
     470        2583 : rt_from_file (const char *filename, int *r_found, int *r_openpgp)
     471             : {
     472             :   u32 magic;
     473             :   unsigned char verbuf[4];
     474             :   FILE *fp;
     475        2583 :   KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
     476             : 
     477        2583 :   *r_found = *r_openpgp = 0;
     478        2583 :   fp = fopen (filename, "rb");
     479        2583 :   if (fp)
     480             :     {
     481        1292 :       *r_found = 1;
     482             : 
     483        1292 :       if (fread (&magic, 4, 1, fp) == 1 )
     484             :         {
     485        1290 :           if (magic == 0x13579ace || magic == 0xce9a5713)
     486             :             ; /* GDBM magic - not anymore supported. */
     487        1290 :           else if (fread (&verbuf, 4, 1, fp) == 1
     488        1290 :                    && verbuf[0] == 1
     489        1274 :                    && fread (&magic, 4, 1, fp) == 1
     490        1274 :                    && !memcmp (&magic, "KBXf", 4))
     491             :             {
     492        1274 :               if ((verbuf[3] & 0x02))
     493        1274 :                 *r_openpgp = 1;
     494        1274 :               rt = KEYDB_RESOURCE_TYPE_KEYBOX;
     495             :             }
     496             :           else
     497          16 :             rt = KEYDB_RESOURCE_TYPE_KEYRING;
     498             :         }
     499             :       else /* Maybe empty: assume keyring. */
     500           2 :         rt = KEYDB_RESOURCE_TYPE_KEYRING;
     501             : 
     502        1292 :       fclose (fp);
     503             :     }
     504             : 
     505        2583 :   return rt;
     506             : }
     507             : 
     508             : char *
     509           0 : keydb_search_desc_dump (struct keydb_search_desc *desc)
     510             : {
     511             :   char b[MAX_FORMATTED_FINGERPRINT_LEN + 1];
     512             :   char fpr[2 * MAX_FINGERPRINT_LEN + 1];
     513             : 
     514           0 :   switch (desc->mode)
     515             :     {
     516             :     case KEYDB_SEARCH_MODE_EXACT:
     517           0 :       return xasprintf ("EXACT: '%s'", desc->u.name);
     518             :     case KEYDB_SEARCH_MODE_SUBSTR:
     519           0 :       return xasprintf ("SUBSTR: '%s'", desc->u.name);
     520             :     case KEYDB_SEARCH_MODE_MAIL:
     521           0 :       return xasprintf ("MAIL: '%s'", desc->u.name);
     522             :     case KEYDB_SEARCH_MODE_MAILSUB:
     523           0 :       return xasprintf ("MAILSUB: '%s'", desc->u.name);
     524             :     case KEYDB_SEARCH_MODE_MAILEND:
     525           0 :       return xasprintf ("MAILEND: '%s'", desc->u.name);
     526             :     case KEYDB_SEARCH_MODE_WORDS:
     527           0 :       return xasprintf ("WORDS: '%s'", desc->u.name);
     528             :     case KEYDB_SEARCH_MODE_SHORT_KID:
     529           0 :       return xasprintf ("SHORT_KID: '%s'",
     530           0 :                         format_keyid (desc->u.kid, KF_SHORT, b, sizeof (b)));
     531             :     case KEYDB_SEARCH_MODE_LONG_KID:
     532           0 :       return xasprintf ("LONG_KID: '%s'",
     533           0 :                         format_keyid (desc->u.kid, KF_LONG, b, sizeof (b)));
     534             :     case KEYDB_SEARCH_MODE_FPR16:
     535           0 :       bin2hex (desc->u.fpr, 16, fpr);
     536           0 :       return xasprintf ("FPR16: '%s'",
     537             :                         format_hexfingerprint (fpr, b, sizeof (b)));
     538             :     case KEYDB_SEARCH_MODE_FPR20:
     539           0 :       bin2hex (desc->u.fpr, 20, fpr);
     540           0 :       return xasprintf ("FPR20: '%s'",
     541             :                         format_hexfingerprint (fpr, b, sizeof (b)));
     542             :     case KEYDB_SEARCH_MODE_FPR:
     543           0 :       bin2hex (desc->u.fpr, 20, fpr);
     544           0 :       return xasprintf ("FPR: '%s'",
     545             :                         format_hexfingerprint (fpr, b, sizeof (b)));
     546             :     case KEYDB_SEARCH_MODE_ISSUER:
     547           0 :       return xasprintf ("ISSUER: '%s'", desc->u.name);
     548             :     case KEYDB_SEARCH_MODE_ISSUER_SN:
     549           0 :       return xasprintf ("ISSUER_SN: '%*s'",
     550           0 :                         (int) (desc->snlen == -1
     551           0 :                                ? strlen (desc->sn) : desc->snlen),
     552             :                         desc->sn);
     553             :     case KEYDB_SEARCH_MODE_SN:
     554           0 :       return xasprintf ("SN: '%*s'",
     555           0 :                         (int) (desc->snlen == -1
     556           0 :                                ? strlen (desc->sn) : desc->snlen),
     557             :                         desc->sn);
     558             :     case KEYDB_SEARCH_MODE_SUBJECT:
     559           0 :       return xasprintf ("SUBJECT: '%s'", desc->u.name);
     560             :     case KEYDB_SEARCH_MODE_KEYGRIP:
     561           0 :       return xasprintf ("KEYGRIP: %s", desc->u.grip);
     562             :     case KEYDB_SEARCH_MODE_FIRST:
     563           0 :       return xasprintf ("FIRST");
     564             :     case KEYDB_SEARCH_MODE_NEXT:
     565           0 :       return xasprintf ("NEXT");
     566             :     default:
     567           0 :       return xasprintf ("Bad search mode (%d)", desc->mode);
     568             :     }
     569             : }
     570             : 
     571             : 
     572             : 
     573             : /* Register a resource (keyring or keybox).  The first keyring or
     574             :  * keybox that is added using this function is created if it does not
     575             :  * already exist and the KEYDB_RESOURCE_FLAG_READONLY is not set.
     576             :  *
     577             :  * FLAGS are a combination of the KEYDB_RESOURCE_FLAG_* constants.
     578             :  *
     579             :  * URL must have the following form:
     580             :  *
     581             :  *   gnupg-ring:filename  = plain keyring
     582             :  *   gnupg-kbx:filename   = keybox file
     583             :  *   filename             = check file's type (create as a plain keyring)
     584             :  *
     585             :  * Note: on systems with drive letters (Windows) invalid URLs (i.e.,
     586             :  * those with an unrecognized part before the ':' such as "c:\...")
     587             :  * will silently be treated as bare filenames.  On other systems, such
     588             :  * URLs will cause this function to return GPG_ERR_GENERAL.
     589             :  *
     590             :  * If KEYDB_RESOURCE_FLAG_DEFAULT is set, the resource is a keyring
     591             :  * and the file ends in ".gpg", then this function also checks if a
     592             :  * file with the same name, but the extension ".kbx" exists, is a
     593             :  * keybox and the OpenPGP flag is set.  If so, this function opens
     594             :  * that resource instead.
     595             :  *
     596             :  * If the file is not found, KEYDB_RESOURCE_FLAG_GPGVDEF is set and
     597             :  * the URL ends in ".kbx", then this function will try opening the
     598             :  * same URL, but with the extension ".gpg".  If that file is a keybox
     599             :  * with the OpenPGP flag set or it is a keyring, then we use that
     600             :  * instead.
     601             :  *
     602             :  * If the file is not found, KEYDB_RESOURCE_FLAG_DEFAULT is set, the
     603             :  * file should be created and the file's extension is ".gpg" then we
     604             :  * replace the extension with ".kbx".
     605             :  *
     606             :  * If the KEYDB_RESOURCE_FLAG_PRIMARY is set and the resource is a
     607             :  * keyring (not a keybox), then this resource is considered the
     608             :  * primary resource.  This is used by keydb_locate_writable().  If
     609             :  * another primary keyring is set, then that keyring is considered the
     610             :  * primary.
     611             :  *
     612             :  * If KEYDB_RESOURCE_FLAG_READONLY is set and the resource is a
     613             :  * keyring (not a keybox), then the keyring is marked as read only and
     614             :  * operations just as keyring_insert_keyblock will return
     615             :  * GPG_ERR_ACCESS.  */
     616             : gpg_error_t
     617        1293 : keydb_add_resource (const char *url, unsigned int flags)
     618             : {
     619             :   /* Whether we have successfully registered a resource.  */
     620             :   static int any_registered;
     621             :   /* The file named by the URL (i.e., without the prototype).  */
     622        1293 :   const char *resname = url;
     623             : 
     624        1293 :   char *filename = NULL;
     625             :   int create;
     626        1293 :   int read_only = !!(flags&KEYDB_RESOURCE_FLAG_READONLY);
     627        1293 :   int is_default = !!(flags&KEYDB_RESOURCE_FLAG_DEFAULT);
     628        1293 :   int is_gpgvdef = !!(flags&KEYDB_RESOURCE_FLAG_GPGVDEF);
     629        1293 :   gpg_error_t err = 0;
     630        1293 :   KeydbResourceType rt = KEYDB_RESOURCE_TYPE_NONE;
     631             :   void *token;
     632             : 
     633             :   /* Create the resource if it is the first registered one.  */
     634        1293 :   create = (!read_only && !any_registered);
     635             : 
     636        1293 :   if (strlen (resname) > 11 && !strncmp( resname, "gnupg-ring:", 11) )
     637             :     {
     638           0 :       rt = KEYDB_RESOURCE_TYPE_KEYRING;
     639           0 :       resname += 11;
     640             :     }
     641        1293 :   else if (strlen (resname) > 10 && !strncmp (resname, "gnupg-kbx:", 10) )
     642             :     {
     643           0 :       rt = KEYDB_RESOURCE_TYPE_KEYBOX;
     644           0 :       resname += 10;
     645             :     }
     646             : #if !defined(HAVE_DRIVE_LETTERS) && !defined(__riscos__)
     647        1293 :   else if (strchr (resname, ':'))
     648             :     {
     649           0 :       log_error ("invalid key resource URL '%s'\n", url );
     650           0 :       err = gpg_error (GPG_ERR_GENERAL);
     651           0 :       goto leave;
     652             :     }
     653             : #endif /* !HAVE_DRIVE_LETTERS && !__riscos__ */
     654             : 
     655        1293 :   if (*resname != DIRSEP_C
     656             : #ifdef HAVE_W32_SYSTEM
     657             :       && *resname != '/'  /* Fixme: does not handle drive letters.  */
     658             : #endif
     659             :         )
     660             :     {
     661             :       /* Do tilde expansion etc. */
     662        1292 :       if (strchr (resname, DIRSEP_C)
     663             : #ifdef HAVE_W32_SYSTEM
     664             :           || strchr (resname, '/')  /* Windows also accepts this.  */
     665             : #endif
     666             :           )
     667           2 :         filename = make_filename (resname, NULL);
     668             :       else
     669        1290 :         filename = make_filename (gnupg_homedir (), resname, NULL);
     670             :     }
     671             :   else
     672           1 :     filename = xstrdup (resname);
     673             : 
     674             :   /* See whether we can determine the filetype.  */
     675        1293 :   if (rt == KEYDB_RESOURCE_TYPE_NONE)
     676             :     {
     677             :       int found, openpgp_flag;
     678        1293 :       int pass = 0;
     679             :       size_t filenamelen;
     680             : 
     681             :     check_again:
     682        2568 :       filenamelen = strlen (filename);
     683        2568 :       rt = rt_from_file (filename, &found, &openpgp_flag);
     684        2568 :       if (found)
     685             :         {
     686             :           /* The file exists and we have the resource type in RT.
     687             : 
     688             :              Now let us check whether in addition to the "pubring.gpg"
     689             :              a "pubring.kbx with openpgp keys exists.  This is so that
     690             :              GPG 2.1 will use an existing "pubring.kbx" by default iff
     691             :              that file has been created or used by 2.1.  This check is
     692             :              needed because after creation or use of the kbx file with
     693             :              2.1 an older version of gpg may have created a new
     694             :              pubring.gpg for its own use.  */
     695        1291 :           if (!pass && is_default && rt == KEYDB_RESOURCE_TYPE_KEYRING
     696          15 :               && filenamelen > 4 && !strcmp (filename+filenamelen-4, ".gpg"))
     697             :             {
     698          15 :               strcpy (filename+filenamelen-4, ".kbx");
     699          15 :               if ((rt_from_file (filename, &found, &openpgp_flag)
     700           0 :                    == KEYDB_RESOURCE_TYPE_KEYBOX) && found && openpgp_flag)
     701           0 :                 rt = KEYDB_RESOURCE_TYPE_KEYBOX;
     702             :               else /* Restore filename */
     703          15 :                 strcpy (filename+filenamelen-4, ".gpg");
     704             :             }
     705             :         }
     706        1277 :       else if (!pass && is_gpgvdef
     707           0 :                && filenamelen > 4 && !strcmp (filename+filenamelen-4, ".kbx"))
     708           0 :         {
     709             :           /* Not found but gpgv's default "trustedkeys.kbx" file has
     710             :              been requested.  We did not found it so now check whether
     711             :              a "trustedkeys.gpg" file exists and use that instead.  */
     712             :           KeydbResourceType rttmp;
     713             : 
     714           0 :           strcpy (filename+filenamelen-4, ".gpg");
     715           0 :           rttmp = rt_from_file (filename, &found, &openpgp_flag);
     716           0 :           if (found
     717           0 :               && ((rttmp == KEYDB_RESOURCE_TYPE_KEYBOX && openpgp_flag)
     718           0 :                   || (rttmp == KEYDB_RESOURCE_TYPE_KEYRING)))
     719           0 :             rt = rttmp;
     720             :           else /* Restore filename */
     721           0 :             strcpy (filename+filenamelen-4, ".kbx");
     722             :         }
     723        1277 :       else if (!pass
     724        1275 :                && is_default && create
     725        1275 :                && filenamelen > 4 && !strcmp (filename+filenamelen-4, ".gpg"))
     726             :         {
     727             :           /* The file does not exist, the default resource has been
     728             :              requested, the file shall be created, and the file has a
     729             :              ".gpg" suffix.  Change the suffix to ".kbx" and try once
     730             :              more.  This way we achieve that we open an existing
     731             :              ".gpg" keyring, but create a new keybox file with an
     732             :              ".kbx" suffix.  */
     733        1275 :           strcpy (filename+filenamelen-4, ".kbx");
     734        1275 :           pass++;
     735        1275 :           goto check_again;
     736             :         }
     737             :       else /* No file yet: create keybox. */
     738           2 :         rt = KEYDB_RESOURCE_TYPE_KEYBOX;
     739             :     }
     740             : 
     741        1293 :   switch (rt)
     742             :     {
     743             :     case KEYDB_RESOURCE_TYPE_NONE:
     744           0 :       log_error ("unknown type of key resource '%s'\n", url );
     745           0 :       err = gpg_error (GPG_ERR_GENERAL);
     746           0 :       goto leave;
     747             : 
     748             :     case KEYDB_RESOURCE_TYPE_KEYRING:
     749          17 :       err = maybe_create_keyring_or_box (filename, 0, create);
     750          17 :       if (err)
     751           0 :         goto leave;
     752             : 
     753          17 :       if (keyring_register_filename (filename, read_only, &token))
     754             :         {
     755          17 :           if (used_resources >= MAX_KEYDB_RESOURCES)
     756           0 :             err = gpg_error (GPG_ERR_RESOURCE_LIMIT);
     757             :           else
     758             :             {
     759          17 :               if ((flags & KEYDB_RESOURCE_FLAG_PRIMARY))
     760           0 :                 primary_keydb = token;
     761          17 :               all_resources[used_resources].type = rt;
     762          17 :               all_resources[used_resources].u.kr = NULL; /* Not used here */
     763          17 :               all_resources[used_resources].token = token;
     764          17 :               used_resources++;
     765             :             }
     766             :         }
     767             :       else
     768             :         {
     769             :           /* This keyring was already registered, so ignore it.
     770             :              However, we can still mark it as primary even if it was
     771             :              already registered.  */
     772           0 :           if ((flags & KEYDB_RESOURCE_FLAG_PRIMARY))
     773           0 :             primary_keydb = token;
     774             :         }
     775          17 :       break;
     776             : 
     777             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
     778             :       {
     779        1276 :         err = maybe_create_keyring_or_box (filename, 1, create);
     780        1276 :         if (err)
     781           0 :           goto leave;
     782             : 
     783        1276 :         err = keybox_register_file (filename, 0, &token);
     784        1276 :         if (!err)
     785             :           {
     786        1276 :             if (used_resources >= MAX_KEYDB_RESOURCES)
     787           0 :               err = gpg_error (GPG_ERR_RESOURCE_LIMIT);
     788             :             else
     789             :               {
     790        1276 :                 if ((flags & KEYDB_RESOURCE_FLAG_PRIMARY))
     791           0 :                   primary_keydb = token;
     792        1276 :                 all_resources[used_resources].type = rt;
     793        1276 :                 all_resources[used_resources].u.kb = NULL; /* Not used here */
     794        1276 :                 all_resources[used_resources].token = token;
     795             : 
     796             :                 /* FIXME: Do a compress run if needed and no other
     797             :                    user is currently using the keybox. */
     798             : 
     799        1276 :                 used_resources++;
     800             :               }
     801             :           }
     802           0 :         else if (gpg_err_code (err) == GPG_ERR_EEXIST)
     803             :           {
     804             :             /* Already registered.  We will mark it as the primary key
     805             :                if requested.  */
     806           0 :             if ((flags & KEYDB_RESOURCE_FLAG_PRIMARY))
     807           0 :               primary_keydb = token;
     808             :           }
     809             :       }
     810        1276 :       break;
     811             : 
     812             :       default:
     813           0 :         log_error ("resource type of '%s' not supported\n", url);
     814           0 :         err = gpg_error (GPG_ERR_GENERAL);
     815           0 :         goto leave;
     816             :     }
     817             : 
     818             :   /* fixme: check directory permissions and print a warning */
     819             : 
     820             :  leave:
     821        1293 :   if (err)
     822           0 :     log_error (_("keyblock resource '%s': %s\n"), filename, gpg_strerror (err));
     823             :   else
     824        1293 :     any_registered = 1;
     825        1293 :   xfree (filename);
     826        1293 :   return err;
     827             : }
     828             : 
     829             : 
     830             : void
     831           0 : keydb_dump_stats (void)
     832             : {
     833           0 :   if (kid_not_found_cache_count)
     834           0 :     log_info ("keydb: kid_not_found_cache: total: %u\n",
     835             :               kid_not_found_cache_count);
     836           0 : }
     837             : 
     838             : 
     839             : /* Create a new database handle.  A database handle is similar to a
     840             :    file handle: it contains a local file position.  This is used when
     841             :    searching: subsequent searches resume where the previous search
     842             :    left off.  To rewind the position, use keydb_search_reset().  This
     843             :    function returns NULL on error, sets ERRNO, and prints an error
     844             :    diagnostic. */
     845             : KEYDB_HANDLE
     846        2710 : keydb_new (void)
     847             : {
     848             :   KEYDB_HANDLE hd;
     849             :   int i, j;
     850        2710 :   int die = 0;
     851             :   int reterrno;
     852             : 
     853        2710 :   if (DBG_CLOCK)
     854           0 :     log_clock ("keydb_new");
     855             : 
     856        2710 :   hd = xtrycalloc (1, sizeof *hd);
     857        2710 :   if (!hd)
     858           0 :     goto leave;
     859        2710 :   hd->found = -1;
     860        2710 :   hd->saved_found = -1;
     861        2710 :   hd->is_reset = 1;
     862             : 
     863        2710 :   log_assert (used_resources <= MAX_KEYDB_RESOURCES);
     864        5420 :   for (i=j=0; ! die && i < used_resources; i++)
     865             :     {
     866        2710 :       switch (all_resources[i].type)
     867             :         {
     868             :         case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
     869           0 :           break;
     870             :         case KEYDB_RESOURCE_TYPE_KEYRING:
     871          50 :           hd->active[j].type   = all_resources[i].type;
     872          50 :           hd->active[j].token  = all_resources[i].token;
     873          50 :           hd->active[j].u.kr = keyring_new (all_resources[i].token);
     874          50 :           if (!hd->active[j].u.kr)
     875             :             {
     876           0 :               reterrno = errno;
     877           0 :               die = 1;
     878             :             }
     879          50 :           j++;
     880          50 :           break;
     881             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
     882        2660 :           hd->active[j].type   = all_resources[i].type;
     883        2660 :           hd->active[j].token  = all_resources[i].token;
     884        2660 :           hd->active[j].u.kb   = keybox_new_openpgp (all_resources[i].token, 0);
     885        2660 :           if (!hd->active[j].u.kb)
     886             :             {
     887           0 :               reterrno = errno;
     888           0 :               die = 1;
     889             :             }
     890        2660 :           j++;
     891        2660 :           break;
     892             :         }
     893             :     }
     894        2710 :   hd->used = j;
     895             : 
     896        2710 :   active_handles++;
     897             : 
     898        2710 :   if (die)
     899             :     {
     900           0 :       keydb_release (hd);
     901           0 :       gpg_err_set_errno (reterrno);
     902           0 :       hd = NULL;
     903             :     }
     904             : 
     905             :  leave:
     906        2710 :   if (!hd)
     907           0 :     log_error (_("error opening key DB: %s\n"),
     908             :                gpg_strerror (gpg_error_from_syserror()));
     909             : 
     910        2710 :   return hd;
     911             : }
     912             : 
     913             : 
     914             : void
     915        2710 : keydb_release (KEYDB_HANDLE hd)
     916             : {
     917             :   int i;
     918             : 
     919        2710 :   if (!hd)
     920        2710 :     return;
     921        2710 :   log_assert (active_handles > 0);
     922        2710 :   active_handles--;
     923             : 
     924        2710 :   unlock_all (hd);
     925        5420 :   for (i=0; i < hd->used; i++)
     926             :     {
     927        2710 :       switch (hd->active[i].type)
     928             :         {
     929             :         case KEYDB_RESOURCE_TYPE_NONE:
     930           0 :           break;
     931             :         case KEYDB_RESOURCE_TYPE_KEYRING:
     932          50 :           keyring_release (hd->active[i].u.kr);
     933          50 :           break;
     934             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
     935        2660 :           keybox_release (hd->active[i].u.kb);
     936        2660 :           break;
     937             :         }
     938             :     }
     939             : 
     940        2710 :   keyblock_cache_clear (hd);
     941        2710 :   xfree (hd);
     942             : }
     943             : 
     944             : 
     945             : /* Set a flag on the handle to suppress use of cached results.  This
     946             :  * is required for updating a keyring and for key listings.  Fixme:
     947             :  * Using a new parameter for keydb_new might be a better solution.  */
     948             : void
     949         106 : keydb_disable_caching (KEYDB_HANDLE hd)
     950             : {
     951         106 :   if (hd)
     952         106 :     hd->no_caching = 1;
     953         106 : }
     954             : 
     955             : 
     956             : /* Return the file name of the resource in which the current search
     957             :  * result was found or, if there is no search result, the filename of
     958             :  * the current resource (i.e., the resource that the file position
     959             :  * points to).  Note: the filename is not necessarily the URL used to
     960             :  * open it!
     961             :  *
     962             :  * This function only returns NULL if no handle is specified, in all
     963             :  * other error cases an empty string is returned.  */
     964             : const char *
     965           9 : keydb_get_resource_name (KEYDB_HANDLE hd)
     966             : {
     967             :   int idx;
     968           9 :   const char *s = NULL;
     969             : 
     970           9 :   if (!hd)
     971           0 :     return NULL;
     972             : 
     973           9 :   if ( hd->found >= 0 && hd->found < hd->used)
     974           9 :     idx = hd->found;
     975           0 :   else if ( hd->current >= 0 && hd->current < hd->used)
     976           0 :     idx = hd->current;
     977             :   else
     978           0 :     idx = 0;
     979             : 
     980           9 :   switch (hd->active[idx].type)
     981             :     {
     982             :     case KEYDB_RESOURCE_TYPE_NONE:
     983           0 :       s = NULL;
     984           0 :       break;
     985             :     case KEYDB_RESOURCE_TYPE_KEYRING:
     986           9 :       s = keyring_get_resource_name (hd->active[idx].u.kr);
     987           9 :       break;
     988             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
     989           0 :       s = keybox_get_resource_name (hd->active[idx].u.kb);
     990           0 :       break;
     991             :     }
     992             : 
     993           9 :   return s? s: "";
     994             : }
     995             : 
     996             : 
     997             : 
     998             : static int
     999          70 : lock_all (KEYDB_HANDLE hd)
    1000             : {
    1001          70 :   int i, rc = 0;
    1002             : 
    1003             :   /* Fixme: This locking scheme may lead to a deadlock if the resources
    1004             :      are not added in the same order by all processes.  We are
    1005             :      currently only allowing one resource so it is not a problem.
    1006             :      [Oops: Who claimed the latter]
    1007             : 
    1008             :      To fix this we need to use a lock file to protect lock_all.  */
    1009             : 
    1010         140 :   for (i=0; !rc && i < hd->used; i++)
    1011             :     {
    1012          70 :       switch (hd->active[i].type)
    1013             :         {
    1014             :         case KEYDB_RESOURCE_TYPE_NONE:
    1015           0 :           break;
    1016             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1017           1 :           rc = keyring_lock (hd->active[i].u.kr, 1);
    1018           1 :           break;
    1019             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1020          69 :           rc = keybox_lock (hd->active[i].u.kb, 1);
    1021          69 :           break;
    1022             :         }
    1023             :     }
    1024             : 
    1025          70 :   if (rc)
    1026             :     {
    1027             :       /* Revert the already taken locks.  */
    1028           0 :       for (i--; i >= 0; i--)
    1029             :         {
    1030           0 :           switch (hd->active[i].type)
    1031             :             {
    1032             :             case KEYDB_RESOURCE_TYPE_NONE:
    1033           0 :               break;
    1034             :             case KEYDB_RESOURCE_TYPE_KEYRING:
    1035           0 :               keyring_lock (hd->active[i].u.kr, 0);
    1036           0 :               break;
    1037             :             case KEYDB_RESOURCE_TYPE_KEYBOX:
    1038           0 :               keybox_lock (hd->active[i].u.kb, 0);
    1039           0 :               break;
    1040             :             }
    1041             :         }
    1042             :     }
    1043             :   else
    1044          70 :     hd->locked = 1;
    1045             : 
    1046          70 :   return rc;
    1047             : }
    1048             : 
    1049             : 
    1050             : static void
    1051        2780 : unlock_all (KEYDB_HANDLE hd)
    1052             : {
    1053             :   int i;
    1054             : 
    1055        2780 :   if (!hd->locked)
    1056        5490 :     return;
    1057             : 
    1058         140 :   for (i=hd->used-1; i >= 0; i--)
    1059             :     {
    1060          70 :       switch (hd->active[i].type)
    1061             :         {
    1062             :         case KEYDB_RESOURCE_TYPE_NONE:
    1063           0 :           break;
    1064             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1065           1 :           keyring_lock (hd->active[i].u.kr, 0);
    1066           1 :           break;
    1067             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1068          69 :           keybox_lock (hd->active[i].u.kb, 0);
    1069          69 :           break;
    1070             :         }
    1071             :     }
    1072          70 :   hd->locked = 0;
    1073             : }
    1074             : 
    1075             : 
    1076             : 
    1077             : /* Save the last found state and invalidate the current selection
    1078             :  * (i.e., the entry selected by keydb_search() is invalidated and
    1079             :  * something like keydb_get_keyblock() will return an error).  This
    1080             :  * does not change the file position.  This makes it possible to do
    1081             :  * something like:
    1082             :  *
    1083             :  *   keydb_search (hd, ...);  // Result 1.
    1084             :  *   keydb_push_found_state (hd);
    1085             :  *     keydb_search_reset (hd);
    1086             :  *     keydb_search (hd, ...);  // Result 2.
    1087             :  *   keydb_pop_found_state (hd);
    1088             :  *   keydb_get_keyblock (hd, ...);  // -> Result 1.
    1089             :  *
    1090             :  * Note: it is only possible to save a single save state at a time.
    1091             :  * In other words, the the save stack only has room for a single
    1092             :  * instance of the state.  */
    1093             : void
    1094           0 : keydb_push_found_state (KEYDB_HANDLE hd)
    1095             : {
    1096           0 :   if (!hd)
    1097           0 :     return;
    1098             : 
    1099           0 :   if (hd->found < 0 || hd->found >= hd->used)
    1100             :     {
    1101           0 :       hd->saved_found = -1;
    1102           0 :       return;
    1103             :     }
    1104             : 
    1105           0 :   switch (hd->active[hd->found].type)
    1106             :     {
    1107             :     case KEYDB_RESOURCE_TYPE_NONE:
    1108           0 :       break;
    1109             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1110           0 :       keyring_push_found_state (hd->active[hd->found].u.kr);
    1111           0 :       break;
    1112             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1113           0 :       keybox_push_found_state (hd->active[hd->found].u.kb);
    1114           0 :       break;
    1115             :     }
    1116             : 
    1117           0 :   hd->saved_found = hd->found;
    1118           0 :   hd->found = -1;
    1119             : }
    1120             : 
    1121             : 
    1122             : /* Restore the previous save state.  If the saved state is NULL or
    1123             :    invalid, this is a NOP.  */
    1124             : void
    1125           0 : keydb_pop_found_state (KEYDB_HANDLE hd)
    1126             : {
    1127           0 :   if (!hd)
    1128           0 :     return;
    1129             : 
    1130           0 :   hd->found = hd->saved_found;
    1131           0 :   hd->saved_found = -1;
    1132           0 :   if (hd->found < 0 || hd->found >= hd->used)
    1133           0 :     return;
    1134             : 
    1135           0 :   switch (hd->active[hd->found].type)
    1136             :     {
    1137             :     case KEYDB_RESOURCE_TYPE_NONE:
    1138           0 :       break;
    1139             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1140           0 :       keyring_pop_found_state (hd->active[hd->found].u.kr);
    1141           0 :       break;
    1142             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1143           0 :       keybox_pop_found_state (hd->active[hd->found].u.kb);
    1144           0 :       break;
    1145             :     }
    1146             : }
    1147             : 
    1148             : 
    1149             : 
    1150             : static gpg_error_t
    1151        2527 : parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no,
    1152             :                       const u32 *sigstatus, kbnode_t *r_keyblock)
    1153             : {
    1154             :   gpg_error_t err;
    1155             :   PACKET *pkt;
    1156        2527 :   kbnode_t keyblock = NULL;
    1157             :   kbnode_t node, *tail;
    1158             :   int in_cert, save_mode;
    1159             :   u32 n_sigs;
    1160             :   int pk_count, uid_count;
    1161             : 
    1162        2527 :   *r_keyblock = NULL;
    1163             : 
    1164        2527 :   pkt = xtrymalloc (sizeof *pkt);
    1165        2527 :   if (!pkt)
    1166           0 :     return gpg_error_from_syserror ();
    1167        2527 :   init_packet (pkt);
    1168        2527 :   save_mode = set_packet_list_mode (0);
    1169        2527 :   in_cert = 0;
    1170        2527 :   n_sigs = 0;
    1171        2527 :   tail = NULL;
    1172        2527 :   pk_count = uid_count = 0;
    1173       19847 :   while ((err = parse_packet (iobuf, pkt)) != -1)
    1174             :     {
    1175       14793 :       if (gpg_err_code (err) == GPG_ERR_UNKNOWN_PACKET)
    1176             :         {
    1177           0 :           free_packet (pkt);
    1178           0 :           init_packet (pkt);
    1179           0 :           continue;
    1180             :         }
    1181       14793 :       if (err)
    1182             :         {
    1183           0 :           log_error ("parse_keyblock_image: read error: %s\n",
    1184             :                      gpg_strerror (err));
    1185           0 :           err = gpg_error (GPG_ERR_INV_KEYRING);
    1186           0 :           break;
    1187             :         }
    1188             : 
    1189             :       /* Filter allowed packets.  */
    1190       14793 :       switch (pkt->pkttype)
    1191             :         {
    1192             :         case PKT_PUBLIC_KEY:
    1193             :         case PKT_PUBLIC_SUBKEY:
    1194             :         case PKT_SECRET_KEY:
    1195             :         case PKT_SECRET_SUBKEY:
    1196             :         case PKT_USER_ID:
    1197             :         case PKT_ATTRIBUTE:
    1198             :         case PKT_SIGNATURE:
    1199       14793 :           break; /* Allowed per RFC.  */
    1200             : 
    1201             :         default:
    1202             :           /* Note that can't allow ring trust packets here and some of
    1203             :              the other GPG specific packets don't make sense either.  */
    1204           0 :           log_error ("skipped packet of type %d in keybox\n",
    1205           0 :                      (int)pkt->pkttype);
    1206           0 :           free_packet(pkt);
    1207           0 :           init_packet(pkt);
    1208           0 :           continue;
    1209             :         }
    1210             : 
    1211             :       /* Other sanity checks.  */
    1212       14793 :       if (!in_cert && pkt->pkttype != PKT_PUBLIC_KEY)
    1213             :         {
    1214           0 :           log_error ("parse_keyblock_image: first packet in a keybox blob "
    1215             :                      "is not a public key packet\n");
    1216           0 :           err = gpg_error (GPG_ERR_INV_KEYRING);
    1217           0 :           break;
    1218             :         }
    1219       14793 :       if (in_cert && (pkt->pkttype == PKT_PUBLIC_KEY
    1220       12266 :                       || pkt->pkttype == PKT_SECRET_KEY))
    1221             :         {
    1222           0 :           log_error ("parse_keyblock_image: "
    1223             :                      "multiple keyblocks in a keybox blob\n");
    1224           0 :           err = gpg_error (GPG_ERR_INV_KEYRING);
    1225           0 :           break;
    1226             :         }
    1227       14793 :       in_cert = 1;
    1228             : 
    1229       14793 :       if (pkt->pkttype == PKT_SIGNATURE && sigstatus)
    1230             :         {
    1231        6290 :           PKT_signature *sig = pkt->pkt.signature;
    1232             : 
    1233        6290 :           n_sigs++;
    1234        6290 :           if (n_sigs > sigstatus[0])
    1235             :             {
    1236           0 :               log_error ("parse_keyblock_image: "
    1237             :                          "more signatures than found in the meta data\n");
    1238           0 :               err = gpg_error (GPG_ERR_INV_KEYRING);
    1239           0 :               break;
    1240             : 
    1241             :             }
    1242        6290 :           if (sigstatus[n_sigs])
    1243             :             {
    1244        5979 :               sig->flags.checked = 1;
    1245        5979 :               if (sigstatus[n_sigs] == 1 )
    1246             :                 ; /* missing key */
    1247        5979 :               else if (sigstatus[n_sigs] == 2 )
    1248             :                 ; /* bad signature */
    1249        5979 :               else if (sigstatus[n_sigs] < 0x10000000)
    1250             :                 ; /* bad flag */
    1251             :               else
    1252             :                 {
    1253        5979 :                   sig->flags.valid = 1;
    1254             :                   /* Fixme: Shall we set the expired flag here?  */
    1255             :                 }
    1256             :             }
    1257             :         }
    1258             : 
    1259       14793 :       node = new_kbnode (pkt);
    1260             : 
    1261       14793 :       switch (pkt->pkttype)
    1262             :         {
    1263             :         case PKT_PUBLIC_KEY:
    1264             :         case PKT_PUBLIC_SUBKEY:
    1265             :         case PKT_SECRET_KEY:
    1266             :         case PKT_SECRET_SUBKEY:
    1267        5194 :           if (++pk_count == pk_no)
    1268        2304 :             node->flag |= 1;
    1269        5194 :           break;
    1270             : 
    1271             :         case PKT_USER_ID:
    1272        3309 :           if (++uid_count == uid_no)
    1273         138 :             node->flag |= 2;
    1274        3309 :           break;
    1275             : 
    1276             :         default:
    1277        6290 :           break;
    1278             :         }
    1279             : 
    1280       14793 :       if (!keyblock)
    1281        2527 :         keyblock = node;
    1282             :       else
    1283       12266 :         *tail = node;
    1284       14793 :       tail = &node->next;
    1285       14793 :       pkt = xtrymalloc (sizeof *pkt);
    1286       14793 :       if (!pkt)
    1287             :         {
    1288           0 :           err = gpg_error_from_syserror ();
    1289           0 :           break;
    1290             :         }
    1291       14793 :       init_packet (pkt);
    1292             :     }
    1293        2527 :   set_packet_list_mode (save_mode);
    1294             : 
    1295        2527 :   if (err == -1 && keyblock)
    1296        2527 :     err = 0; /* Got the entire keyblock.  */
    1297             : 
    1298        2527 :   if (!err && sigstatus && n_sigs != sigstatus[0])
    1299             :     {
    1300           0 :       log_error ("parse_keyblock_image: signature count does not match\n");
    1301           0 :       err = gpg_error (GPG_ERR_INV_KEYRING);
    1302             :     }
    1303             : 
    1304        2527 :   if (err)
    1305           0 :     release_kbnode (keyblock);
    1306             :   else
    1307        2527 :     *r_keyblock = keyblock;
    1308        2527 :   free_packet (pkt);
    1309        2527 :   xfree (pkt);
    1310        2527 :   return err;
    1311             : }
    1312             : 
    1313             : 
    1314             : /* Return the keyblock last found by keydb_search() in *RET_KB.
    1315             :  *
    1316             :  * On success, the function returns 0 and the caller must free *RET_KB
    1317             :  * using release_kbnode().  Otherwise, the function returns an error
    1318             :  * code.
    1319             :  *
    1320             :  * The returned keyblock has the kbnode flag bit 0 set for the node
    1321             :  * with the public key used to locate the keyblock or flag bit 1 set
    1322             :  * for the user ID node.  */
    1323             : gpg_error_t
    1324        2577 : keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
    1325             : {
    1326        2577 :   gpg_error_t err = 0;
    1327             : 
    1328        2577 :   *ret_kb = NULL;
    1329             : 
    1330        2577 :   if (!hd)
    1331           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1332             : 
    1333        2577 :   if (DBG_CLOCK)
    1334           0 :     log_clock ("keydb_get_keybock enter");
    1335             : 
    1336        2577 :   if (hd->keyblock_cache.state == KEYBLOCK_CACHE_FILLED)
    1337             :     {
    1338           0 :       err = iobuf_seek (hd->keyblock_cache.iobuf, 0);
    1339           0 :       if (err)
    1340             :         {
    1341           0 :           log_error ("keydb_get_keyblock: failed to rewind iobuf for cache\n");
    1342           0 :           keyblock_cache_clear (hd);
    1343             :         }
    1344             :       else
    1345             :         {
    1346           0 :           err = parse_keyblock_image (hd->keyblock_cache.iobuf,
    1347             :                                       hd->keyblock_cache.pk_no,
    1348             :                                       hd->keyblock_cache.uid_no,
    1349           0 :                                       hd->keyblock_cache.sigstatus,
    1350             :                                       ret_kb);
    1351           0 :           if (err)
    1352           0 :             keyblock_cache_clear (hd);
    1353           0 :           if (DBG_CLOCK)
    1354           0 :             log_clock (err? "keydb_get_keyblock leave (cached, failed)"
    1355             :                        : "keydb_get_keyblock leave (cached)");
    1356           0 :           return err;
    1357             :         }
    1358             :     }
    1359             : 
    1360        2577 :   if (hd->found < 0 || hd->found >= hd->used)
    1361           0 :     return gpg_error (GPG_ERR_VALUE_NOT_FOUND);
    1362             : 
    1363        2577 :   switch (hd->active[hd->found].type)
    1364             :     {
    1365             :     case KEYDB_RESOURCE_TYPE_NONE:
    1366           0 :       err = gpg_error (GPG_ERR_GENERAL); /* oops */
    1367           0 :       break;
    1368             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1369          50 :       err = keyring_get_keyblock (hd->active[hd->found].u.kr, ret_kb);
    1370          50 :       break;
    1371             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1372             :       {
    1373             :         iobuf_t iobuf;
    1374             :         u32 *sigstatus;
    1375             :         int pk_no, uid_no;
    1376             : 
    1377        2527 :         err = keybox_get_keyblock (hd->active[hd->found].u.kb,
    1378             :                                    &iobuf, &pk_no, &uid_no, &sigstatus);
    1379        2527 :         if (!err)
    1380             :           {
    1381        2527 :             err = parse_keyblock_image (iobuf, pk_no, uid_no, sigstatus,
    1382             :                                         ret_kb);
    1383        2527 :             if (!err && hd->keyblock_cache.state == KEYBLOCK_CACHE_PREPARED)
    1384             :               {
    1385         105 :                 hd->keyblock_cache.state     = KEYBLOCK_CACHE_FILLED;
    1386         105 :                 hd->keyblock_cache.sigstatus = sigstatus;
    1387         105 :                 hd->keyblock_cache.iobuf     = iobuf;
    1388         105 :                 hd->keyblock_cache.pk_no     = pk_no;
    1389         105 :                 hd->keyblock_cache.uid_no    = uid_no;
    1390             :               }
    1391             :             else
    1392             :               {
    1393        2422 :                 xfree (sigstatus);
    1394        2422 :                 iobuf_close (iobuf);
    1395             :               }
    1396             :           }
    1397             :       }
    1398        2527 :       break;
    1399             :     }
    1400             : 
    1401        2577 :   if (hd->keyblock_cache.state != KEYBLOCK_CACHE_FILLED)
    1402        2472 :     keyblock_cache_clear (hd);
    1403             : 
    1404        2577 :   if (DBG_CLOCK)
    1405           0 :     log_clock (err? "keydb_get_keyblock leave (failed)"
    1406             :                : "keydb_get_keyblock leave");
    1407        2577 :   return err;
    1408             : }
    1409             : 
    1410             : 
    1411             : /* Build a keyblock image from KEYBLOCK.  Returns 0 on success and
    1412             :    only then stores a new iobuf object at R_IOBUF and a signature
    1413             :    status vecotor at R_SIGSTATUS.  */
    1414             : static gpg_error_t
    1415          66 : build_keyblock_image (kbnode_t keyblock, iobuf_t *r_iobuf, u32 **r_sigstatus)
    1416             : {
    1417             :   gpg_error_t err;
    1418             :   iobuf_t iobuf;
    1419             :   kbnode_t kbctx, node;
    1420             :   u32 n_sigs;
    1421             :   u32 *sigstatus;
    1422             : 
    1423          66 :   *r_iobuf = NULL;
    1424          66 :   if (r_sigstatus)
    1425          64 :     *r_sigstatus = NULL;
    1426             : 
    1427             :   /* Allocate a vector for the signature cache.  This is an array of
    1428             :      u32 values with the first value giving the number of elements to
    1429             :      follow and each element descriping the cache status of the
    1430             :      signature.  */
    1431          66 :   if (r_sigstatus)
    1432             :     {
    1433         600 :       for (kbctx=NULL, n_sigs=0; (node = walk_kbnode (keyblock, &kbctx, 0));)
    1434         472 :         if (node->pkt->pkttype == PKT_SIGNATURE)
    1435         275 :           n_sigs++;
    1436          64 :       sigstatus = xtrycalloc (1+n_sigs, sizeof *sigstatus);
    1437          64 :       if (!sigstatus)
    1438           0 :         return gpg_error_from_syserror ();
    1439             :     }
    1440             :   else
    1441           2 :     sigstatus = NULL;
    1442             : 
    1443          66 :   iobuf = iobuf_temp ();
    1444         618 :   for (kbctx = NULL, n_sigs = 0; (node = walk_kbnode (keyblock, &kbctx, 0));)
    1445             :     {
    1446             :       /* Make sure to use only packets valid on a keyblock.  */
    1447         486 :       switch (node->pkt->pkttype)
    1448             :         {
    1449             :         case PKT_PUBLIC_KEY:
    1450             :         case PKT_PUBLIC_SUBKEY:
    1451             :         case PKT_SIGNATURE:
    1452             :         case PKT_USER_ID:
    1453             :         case PKT_ATTRIBUTE:
    1454             :           /* Note that we don't want the ring trust packets.  They are
    1455             :              not useful. */
    1456         486 :           break;
    1457             :         default:
    1458           0 :           continue;
    1459             :         }
    1460             : 
    1461         486 :       err = build_packet (iobuf, node->pkt);
    1462         486 :       if (err)
    1463             :         {
    1464           0 :           iobuf_close (iobuf);
    1465           0 :           return err;
    1466             :         }
    1467             : 
    1468             :       /* Build signature status vector.  */
    1469         486 :       if (node->pkt->pkttype == PKT_SIGNATURE)
    1470             :         {
    1471         282 :           PKT_signature *sig = node->pkt->pkt.signature;
    1472             : 
    1473         282 :           n_sigs++;
    1474             :           /* Fixme: Detect the "missing key" status.  */
    1475         282 :           if (sig->flags.checked && sigstatus)
    1476             :             {
    1477         136 :               if (sig->flags.valid)
    1478             :                 {
    1479         136 :                   if (!sig->expiredate)
    1480         136 :                     sigstatus[n_sigs] = 0xffffffff;
    1481           0 :                   else if (sig->expiredate < 0x1000000)
    1482           0 :                     sigstatus[n_sigs] = 0x10000000;
    1483             :                   else
    1484           0 :                     sigstatus[n_sigs] = sig->expiredate;
    1485             :                 }
    1486             :               else
    1487           0 :                 sigstatus[n_sigs] = 0x00000002; /* Bad signature.  */
    1488             :             }
    1489             :         }
    1490             :     }
    1491          66 :   if (sigstatus)
    1492          64 :     sigstatus[0] = n_sigs;
    1493             : 
    1494          66 :   *r_iobuf = iobuf;
    1495          66 :   if (r_sigstatus)
    1496          64 :     *r_sigstatus = sigstatus;
    1497          66 :   return 0;
    1498             : }
    1499             : 
    1500             : 
    1501             : /* Update the keyblock KB (i.e., extract the fingerprint and find the
    1502             :  * corresponding keyblock in the keyring).
    1503             :  *
    1504             :  * This doesn't do anything if --dry-run was specified.
    1505             :  *
    1506             :  * Returns 0 on success.  Otherwise, it returns an error code.  Note:
    1507             :  * if there isn't a keyblock in the keyring corresponding to KB, then
    1508             :  * this function returns GPG_ERR_VALUE_NOT_FOUND.
    1509             :  *
    1510             :  * This function selects the matching record and modifies the current
    1511             :  * file position to point to the record just after the selected entry.
    1512             :  * Thus, if you do a subsequent search using HD, you should first do a
    1513             :  * keydb_search_reset.  Further, if the selected record is important,
    1514             :  * you should use keydb_push_found_state and keydb_pop_found_state to
    1515             :  * save and restore it.  */
    1516             : gpg_error_t
    1517           2 : keydb_update_keyblock (KEYDB_HANDLE hd, kbnode_t kb)
    1518             : {
    1519             :   gpg_error_t err;
    1520             :   PKT_public_key *pk;
    1521             :   KEYDB_SEARCH_DESC desc;
    1522             :   size_t len;
    1523             : 
    1524           2 :   log_assert (kb);
    1525           2 :   log_assert (kb->pkt->pkttype == PKT_PUBLIC_KEY);
    1526           2 :   pk = kb->pkt->pkt.public_key;
    1527             : 
    1528           2 :   if (!hd)
    1529           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1530             : 
    1531           2 :   kid_not_found_flush ();
    1532           2 :   keyblock_cache_clear (hd);
    1533             : 
    1534           2 :   if (opt.dry_run)
    1535           0 :     return 0;
    1536             : 
    1537           2 :   err = lock_all (hd);
    1538           2 :   if (err)
    1539           0 :     return err;
    1540             : 
    1541           2 :   memset (&desc, 0, sizeof (desc));
    1542           2 :   fingerprint_from_pk (pk, desc.u.fpr, &len);
    1543           2 :   if (len == 20)
    1544           2 :     desc.mode = KEYDB_SEARCH_MODE_FPR20;
    1545             :   else
    1546           0 :     log_bug ("%s: Unsupported key length: %zu\n", __func__, len);
    1547             : 
    1548           2 :   keydb_search_reset (hd);
    1549           2 :   err = keydb_search (hd, &desc, 1, NULL);
    1550           2 :   if (err)
    1551           0 :     return gpg_error (GPG_ERR_VALUE_NOT_FOUND);
    1552           2 :   log_assert (hd->found >= 0 && hd->found < hd->used);
    1553             : 
    1554           2 :   switch (hd->active[hd->found].type)
    1555             :     {
    1556             :     case KEYDB_RESOURCE_TYPE_NONE:
    1557           0 :       err = gpg_error (GPG_ERR_GENERAL); /* oops */
    1558           0 :       break;
    1559             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1560           0 :       err = keyring_update_keyblock (hd->active[hd->found].u.kr, kb);
    1561           0 :       break;
    1562             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1563             :       {
    1564             :         iobuf_t iobuf;
    1565             : 
    1566           2 :         err = build_keyblock_image (kb, &iobuf, NULL);
    1567           2 :         if (!err)
    1568             :           {
    1569           4 :             err = keybox_update_keyblock (hd->active[hd->found].u.kb,
    1570           2 :                                           iobuf_get_temp_buffer (iobuf),
    1571           2 :                                           iobuf_get_temp_length (iobuf));
    1572           2 :             iobuf_close (iobuf);
    1573             :           }
    1574             :       }
    1575           2 :       break;
    1576             :     }
    1577             : 
    1578           2 :   unlock_all (hd);
    1579           2 :   return err;
    1580             : }
    1581             : 
    1582             : 
    1583             : /* Insert a keyblock into one of the underlying keyrings or keyboxes.
    1584             :  *
    1585             :  * Be default, the keyring / keybox from which the last search result
    1586             :  * came is used.  If there was no previous search result (or
    1587             :  * keydb_search_reset was called), then the keyring / keybox where the
    1588             :  * next search would start is used (i.e., the current file position).
    1589             :  *
    1590             :  * Note: this doesn't do anything if --dry-run was specified.
    1591             :  *
    1592             :  * Returns 0 on success.  Otherwise, it returns an error code.  */
    1593             : gpg_error_t
    1594          65 : keydb_insert_keyblock (KEYDB_HANDLE hd, kbnode_t kb)
    1595             : {
    1596             :   gpg_error_t err;
    1597             :   int idx;
    1598             : 
    1599          65 :   if (!hd)
    1600           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1601             : 
    1602          65 :   kid_not_found_flush ();
    1603          65 :   keyblock_cache_clear (hd);
    1604             : 
    1605          65 :   if (opt.dry_run)
    1606           0 :     return 0;
    1607             : 
    1608          65 :   if (hd->found >= 0 && hd->found < hd->used)
    1609           0 :     idx = hd->found;
    1610          65 :   else if (hd->current >= 0 && hd->current < hd->used)
    1611          65 :     idx = hd->current;
    1612             :   else
    1613           0 :     return gpg_error (GPG_ERR_GENERAL);
    1614             : 
    1615          65 :   err = lock_all (hd);
    1616          65 :   if (err)
    1617           0 :     return err;
    1618             : 
    1619          65 :   switch (hd->active[idx].type)
    1620             :     {
    1621             :     case KEYDB_RESOURCE_TYPE_NONE:
    1622           0 :       err = gpg_error (GPG_ERR_GENERAL); /* oops */
    1623           0 :       break;
    1624             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1625           1 :       err = keyring_insert_keyblock (hd->active[idx].u.kr, kb);
    1626           1 :       break;
    1627             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1628             :       { /* We need to turn our kbnode_t list of packets into a proper
    1629             :            keyblock first.  This is required by the OpenPGP key parser
    1630             :            included in the keybox code.  Eventually we can change this
    1631             :            kludge to have the caller pass the image.  */
    1632             :         iobuf_t iobuf;
    1633             :         u32 *sigstatus;
    1634             : 
    1635          64 :         err = build_keyblock_image (kb, &iobuf, &sigstatus);
    1636          64 :         if (!err)
    1637             :           {
    1638         192 :             err = keybox_insert_keyblock (hd->active[idx].u.kb,
    1639          64 :                                           iobuf_get_temp_buffer (iobuf),
    1640          64 :                                           iobuf_get_temp_length (iobuf),
    1641             :                                           sigstatus);
    1642          64 :             xfree (sigstatus);
    1643          64 :             iobuf_close (iobuf);
    1644             :           }
    1645             :       }
    1646          64 :       break;
    1647             :     }
    1648             : 
    1649          65 :   unlock_all (hd);
    1650          65 :   return err;
    1651             : }
    1652             : 
    1653             : 
    1654             : /* Delete the currently selected keyblock.  If you haven't done a
    1655             :  * search yet on this database handle (or called keydb_search_reset),
    1656             :  * then this will return an error.
    1657             :  *
    1658             :  * Returns 0 on success or an error code, if an error occurs.  */
    1659             : gpg_error_t
    1660           3 : keydb_delete_keyblock (KEYDB_HANDLE hd)
    1661             : {
    1662             :   gpg_error_t rc;
    1663             : 
    1664           3 :   if (!hd)
    1665           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1666             : 
    1667           3 :   kid_not_found_flush ();
    1668           3 :   keyblock_cache_clear (hd);
    1669             : 
    1670           3 :   if (hd->found < 0 || hd->found >= hd->used)
    1671           0 :     return gpg_error (GPG_ERR_VALUE_NOT_FOUND);
    1672             : 
    1673           3 :   if (opt.dry_run)
    1674           0 :     return 0;
    1675             : 
    1676           3 :   rc = lock_all (hd);
    1677           3 :   if (rc)
    1678           0 :     return rc;
    1679             : 
    1680           3 :   switch (hd->active[hd->found].type)
    1681             :     {
    1682             :     case KEYDB_RESOURCE_TYPE_NONE:
    1683           0 :       rc = gpg_error (GPG_ERR_GENERAL);
    1684           0 :       break;
    1685             :     case KEYDB_RESOURCE_TYPE_KEYRING:
    1686           0 :       rc = keyring_delete_keyblock (hd->active[hd->found].u.kr);
    1687           0 :       break;
    1688             :     case KEYDB_RESOURCE_TYPE_KEYBOX:
    1689           3 :       rc = keybox_delete (hd->active[hd->found].u.kb);
    1690           3 :       break;
    1691             :     }
    1692             : 
    1693           3 :   unlock_all (hd);
    1694           3 :   return rc;
    1695             : }
    1696             : 
    1697             : 
    1698             : 
    1699             : /* A database may consists of multiple keyrings / key boxes.  This
    1700             :  * sets the "file position" to the start of the first keyring / key
    1701             :  * box that is writable (i.e., doesn't have the read-only flag set).
    1702             :  *
    1703             :  * This first tries the primary keyring (the last keyring (not
    1704             :  * keybox!) added using keydb_add_resource() and with
    1705             :  * KEYDB_RESOURCE_FLAG_PRIMARY set).  If that is not writable, then it
    1706             :  * tries the keyrings / keyboxes in the order in which they were
    1707             :  * added.  */
    1708             : gpg_error_t
    1709          65 : keydb_locate_writable (KEYDB_HANDLE hd)
    1710             : {
    1711             :   gpg_error_t rc;
    1712             : 
    1713          65 :   if (!hd)
    1714           0 :     return GPG_ERR_INV_ARG;
    1715             : 
    1716          65 :   rc = keydb_search_reset (hd); /* this does reset hd->current */
    1717          65 :   if (rc)
    1718           0 :     return rc;
    1719             : 
    1720             :   /* If we have a primary set, try that one first */
    1721          65 :   if (primary_keydb)
    1722             :     {
    1723           0 :       for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
    1724             :         {
    1725           0 :           if(hd->active[hd->current].token == primary_keydb)
    1726             :             {
    1727           0 :               if(keyring_is_writable (hd->active[hd->current].token))
    1728           0 :                 return 0;
    1729             :               else
    1730           0 :                 break;
    1731             :             }
    1732             :         }
    1733             : 
    1734           0 :       rc = keydb_search_reset (hd); /* this does reset hd->current */
    1735           0 :       if (rc)
    1736           0 :         return rc;
    1737             :     }
    1738             : 
    1739          65 :   for ( ; hd->current >= 0 && hd->current < hd->used; hd->current++)
    1740             :     {
    1741          65 :       switch (hd->active[hd->current].type)
    1742             :         {
    1743             :         case KEYDB_RESOURCE_TYPE_NONE:
    1744           0 :           BUG();
    1745             :           break;
    1746             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1747           1 :           if (keyring_is_writable (hd->active[hd->current].token))
    1748           1 :             return 0; /* found (hd->current is set to it) */
    1749           0 :           break;
    1750             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1751          64 :           if (keybox_is_writable (hd->active[hd->current].token))
    1752          64 :             return 0; /* found (hd->current is set to it) */
    1753           0 :           break;
    1754             :         }
    1755             :     }
    1756             : 
    1757           0 :   return gpg_error (GPG_ERR_NOT_FOUND);
    1758             : }
    1759             : 
    1760             : 
    1761             : /* Rebuild the on-disk caches of all key resources.  */
    1762             : void
    1763           1 : keydb_rebuild_caches (int noisy)
    1764             : {
    1765             :   int i, rc;
    1766             : 
    1767           2 :   for (i=0; i < used_resources; i++)
    1768             :     {
    1769           1 :       if (!keyring_is_writable (all_resources[i].token))
    1770           0 :         continue;
    1771           1 :       switch (all_resources[i].type)
    1772             :         {
    1773             :         case KEYDB_RESOURCE_TYPE_NONE: /* ignore */
    1774           0 :           break;
    1775             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1776           1 :           rc = keyring_rebuild_cache (all_resources[i].token,noisy);
    1777           1 :           if (rc)
    1778           0 :             log_error (_("failed to rebuild keyring cache: %s\n"),
    1779             :                        gpg_strerror (rc));
    1780           1 :           break;
    1781             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1782             :           /* N/A.  */
    1783           0 :           break;
    1784             :         }
    1785             :     }
    1786           1 : }
    1787             : 
    1788             : 
    1789             : /* Return the number of skipped blocks (because they were to large to
    1790             :    read from a keybox) since the last search reset.  */
    1791             : unsigned long
    1792           3 : keydb_get_skipped_counter (KEYDB_HANDLE hd)
    1793             : {
    1794           3 :   return hd ? hd->skipped_long_blobs : 0;
    1795             : }
    1796             : 
    1797             : 
    1798             : /* Clears the current search result and resets the handle's position
    1799             :  * so that the next search starts at the beginning of the database
    1800             :  * (the start of the first resource).
    1801             :  *
    1802             :  * Returns 0 on success and an error code if an error occurred.
    1803             :  * (Currently, this function always returns 0 if HD is valid.)  */
    1804             : gpg_error_t
    1805          80 : keydb_search_reset (KEYDB_HANDLE hd)
    1806             : {
    1807          80 :   gpg_error_t rc = 0;
    1808             :   int i;
    1809             : 
    1810          80 :   if (!hd)
    1811           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1812             : 
    1813          80 :   keyblock_cache_clear (hd);
    1814             : 
    1815          80 :   if (DBG_CLOCK)
    1816           0 :     log_clock ("keydb_search_reset");
    1817             : 
    1818          80 :   if (DBG_CACHE)
    1819           0 :     log_debug ("keydb_search: reset  (hd=%p)", hd);
    1820             : 
    1821          80 :   hd->skipped_long_blobs = 0;
    1822          80 :   hd->current = 0;
    1823          80 :   hd->found = -1;
    1824             :   /* Now reset all resources.  */
    1825         160 :   for (i=0; !rc && i < hd->used; i++)
    1826             :     {
    1827          80 :       switch (hd->active[i].type)
    1828             :         {
    1829             :         case KEYDB_RESOURCE_TYPE_NONE:
    1830           0 :           break;
    1831             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1832           4 :           rc = keyring_search_reset (hd->active[i].u.kr);
    1833           4 :           break;
    1834             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1835          76 :           rc = keybox_search_reset (hd->active[i].u.kb);
    1836          76 :           break;
    1837             :         }
    1838             :     }
    1839          80 :   hd->is_reset = 1;
    1840          80 :   return rc;
    1841             : }
    1842             : 
    1843             : 
    1844             : /* Search the database for keys matching the search description.  If
    1845             :  * the DB contains any legacy keys, these are silently ignored.
    1846             :  *
    1847             :  * DESC is an array of search terms with NDESC entries.  The search
    1848             :  * terms are or'd together.  That is, the next entry in the DB that
    1849             :  * matches any of the descriptions will be returned.
    1850             :  *
    1851             :  * Note: this function resumes searching where the last search left
    1852             :  * off (i.e., at the current file position).  If you want to search
    1853             :  * from the start of the database, then you need to first call
    1854             :  * keydb_search_reset().
    1855             :  *
    1856             :  * If no key matches the search description, returns
    1857             :  * GPG_ERR_NOT_FOUND.  If there was a match, returns 0.  If an error
    1858             :  * occurred, returns an error code.
    1859             :  *
    1860             :  * The returned key is considered to be selected and the raw data can,
    1861             :  * for instance, be returned by calling keydb_get_keyblock().  */
    1862             : gpg_error_t
    1863        2779 : keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
    1864             :               size_t ndesc, size_t *descindex)
    1865             : {
    1866             :   int i;
    1867             :   gpg_error_t rc;
    1868        2779 :   int was_reset = hd->is_reset;
    1869             :   /* If an entry is already in the cache, then don't add it again.  */
    1870        2779 :   int already_in_cache = 0;
    1871             : 
    1872        2779 :   if (descindex)
    1873          14 :     *descindex = 0; /* Make sure it is always set on return.  */
    1874             : 
    1875        2779 :   if (!hd)
    1876           0 :     return gpg_error (GPG_ERR_INV_ARG);
    1877             : 
    1878        2779 :   if (DBG_CLOCK)
    1879           0 :     log_clock ("keydb_search enter");
    1880             : 
    1881        2779 :   if (DBG_LOOKUP)
    1882             :     {
    1883           0 :       log_debug ("%s: %zd search descriptions:\n", __func__, ndesc);
    1884           0 :       for (i = 0; i < ndesc; i ++)
    1885             :         {
    1886           0 :           char *t = keydb_search_desc_dump (&desc[i]);
    1887           0 :           log_debug ("%s   %d: %s\n", __func__, i, t);
    1888           0 :           xfree (t);
    1889             :         }
    1890             :     }
    1891             : 
    1892             : 
    1893        2779 :   if (ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID
    1894        2013 :       && (already_in_cache = kid_not_found_p (desc[0].u.kid)) == 1 )
    1895             :     {
    1896           3 :       if (DBG_CLOCK)
    1897           0 :         log_clock ("keydb_search leave (not found, cached)");
    1898           3 :       return gpg_error (GPG_ERR_NOT_FOUND);
    1899             :     }
    1900             : 
    1901             :   /* NB: If one of the exact search modes below is used in a loop to
    1902             :      walk over all keys (with the same fingerprint) the caching must
    1903             :      have been disabled for the handle.  */
    1904        2776 :   if (!hd->no_caching
    1905        2661 :       && ndesc == 1
    1906        2659 :       && (desc[0].mode == KEYDB_SEARCH_MODE_FPR20
    1907        2582 :           || desc[0].mode == KEYDB_SEARCH_MODE_FPR)
    1908         180 :       && hd->keyblock_cache.state  == KEYBLOCK_CACHE_FILLED
    1909           0 :       && !memcmp (hd->keyblock_cache.fpr, desc[0].u.fpr, 20)
    1910             :       /* Make sure the current file position occurs before the cached
    1911             :          result to avoid an infinite loop.  */
    1912           0 :       && (hd->current < hd->keyblock_cache.resource
    1913           0 :           || (hd->current == hd->keyblock_cache.resource
    1914           0 :               && (keybox_offset (hd->active[hd->current].u.kb)
    1915           0 :                   <= hd->keyblock_cache.offset))))
    1916             :     {
    1917             :       /* (DESCINDEX is already set).  */
    1918           0 :       if (DBG_CLOCK)
    1919           0 :         log_clock ("keydb_search leave (cached)");
    1920             : 
    1921           0 :       hd->current = hd->keyblock_cache.resource;
    1922             :       /* HD->KEYBLOCK_CACHE.OFFSET is the last byte in the record.
    1923             :          Seek just beyond that.  */
    1924           0 :       keybox_seek (hd->active[hd->current].u.kb,
    1925           0 :                    hd->keyblock_cache.offset + 1);
    1926           0 :       return 0;
    1927             :     }
    1928             : 
    1929        2776 :   rc = -1;
    1930        8328 :   while ((rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
    1931        2973 :          && hd->current >= 0 && hd->current < hd->used)
    1932             :     {
    1933        2776 :       if (DBG_LOOKUP)
    1934           0 :         log_debug ("%s: searching %s (resource %d of %d)\n",
    1935             :                    __func__,
    1936           0 :                    hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYRING
    1937             :                    ? "keyring"
    1938           0 :                    : (hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYBOX
    1939           0 :                       ? "keybox" : "unknown type"),
    1940             :                    hd->current, hd->used);
    1941             : 
    1942        2776 :        switch (hd->active[hd->current].type)
    1943             :         {
    1944             :         case KEYDB_RESOURCE_TYPE_NONE:
    1945           0 :           BUG(); /* we should never see it here */
    1946             :           break;
    1947             :         case KEYDB_RESOURCE_TYPE_KEYRING:
    1948          66 :           rc = keyring_search (hd->active[hd->current].u.kr, desc,
    1949             :                                ndesc, descindex, 1);
    1950          66 :           break;
    1951             :         case KEYDB_RESOURCE_TYPE_KEYBOX:
    1952             :           do
    1953        2710 :             rc = keybox_search (hd->active[hd->current].u.kb, desc,
    1954             :                                 ndesc, KEYBOX_BLOBTYPE_PGP,
    1955             :                                 descindex, &hd->skipped_long_blobs);
    1956        2710 :           while (rc == GPG_ERR_LEGACY_KEY);
    1957        2710 :           break;
    1958             :         }
    1959             : 
    1960        2776 :       if (DBG_LOOKUP)
    1961           0 :         log_debug ("%s: searched %s (resource %d of %d) => %s\n",
    1962             :                    __func__,
    1963           0 :                    hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYRING
    1964             :                    ? "keyring"
    1965           0 :                    : (hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYBOX
    1966           0 :                       ? "keybox" : "unknown type"),
    1967             :                    hd->current, hd->used,
    1968             :                    rc == -1 ? "EOF" : gpg_strerror (rc));
    1969             : 
    1970        2776 :       if (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
    1971             :         {
    1972             :           /* EOF -> switch to next resource */
    1973         197 :           hd->current++;
    1974             :         }
    1975        2579 :       else if (!rc)
    1976        2579 :         hd->found = hd->current;
    1977             :     }
    1978        2776 :   hd->is_reset = 0;
    1979             : 
    1980        5355 :   rc = ((rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
    1981             :         ? gpg_error (GPG_ERR_NOT_FOUND)
    1982        2973 :         : rc);
    1983             : 
    1984        2776 :   keyblock_cache_clear (hd);
    1985        2776 :   if (!hd->no_caching
    1986        2661 :       && !rc
    1987        2529 :       && ndesc == 1 && (desc[0].mode == KEYDB_SEARCH_MODE_FPR20
    1988        2451 :                         || desc[0].mode == KEYDB_SEARCH_MODE_FPR)
    1989         116 :       && hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYBOX)
    1990             :     {
    1991         105 :       hd->keyblock_cache.state = KEYBLOCK_CACHE_PREPARED;
    1992         105 :       hd->keyblock_cache.resource = hd->current;
    1993             :       /* The current offset is at the start of the next record.  Since
    1994             :          a record is at least 1 byte, we just use offset - 1, which is
    1995             :          within the record.  */
    1996             :       hd->keyblock_cache.offset
    1997         105 :         = keybox_offset (hd->active[hd->current].u.kb) - 1;
    1998         105 :       memcpy (hd->keyblock_cache.fpr, desc[0].u.fpr, 20);
    1999             :     }
    2000             : 
    2001        2776 :   if (gpg_err_code (rc) == GPG_ERR_NOT_FOUND
    2002         197 :       && ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID && was_reset
    2003           7 :       && !already_in_cache)
    2004           7 :     kid_not_found_insert (desc[0].u.kid);
    2005             : 
    2006        2776 :   if (DBG_CLOCK)
    2007           0 :     log_clock (rc? "keydb_search leave (not found)"
    2008             :                  : "keydb_search leave (found)");
    2009        2776 :   return rc;
    2010             : }
    2011             : 
    2012             : 
    2013             : /* Return the first non-legacy key in the database.
    2014             :  *
    2015             :  * If you want the very first key in the database, you can directly
    2016             :  * call keydb_search with the search description
    2017             :  *  KEYDB_SEARCH_MODE_FIRST.  */
    2018             : gpg_error_t
    2019           3 : keydb_search_first (KEYDB_HANDLE hd)
    2020             : {
    2021             :   gpg_error_t err;
    2022             :   KEYDB_SEARCH_DESC desc;
    2023             : 
    2024           3 :   err = keydb_search_reset (hd);
    2025           3 :   if (err)
    2026           0 :     return err;
    2027             : 
    2028           3 :   memset (&desc, 0, sizeof desc);
    2029           3 :   desc.mode = KEYDB_SEARCH_MODE_FIRST;
    2030           3 :   return keydb_search (hd, &desc, 1, NULL);
    2031             : }
    2032             : 
    2033             : 
    2034             : /* Return the next key (not the next matching key!).
    2035             :  *
    2036             :  * Unlike calling keydb_search with KEYDB_SEARCH_MODE_NEXT, this
    2037             :  * function silently skips legacy keys.  */
    2038             : gpg_error_t
    2039           9 : keydb_search_next (KEYDB_HANDLE hd)
    2040             : {
    2041             :   KEYDB_SEARCH_DESC desc;
    2042             : 
    2043           9 :   memset (&desc, 0, sizeof desc);
    2044           9 :   desc.mode = KEYDB_SEARCH_MODE_NEXT;
    2045           9 :   return keydb_search (hd, &desc, 1, NULL);
    2046             : }
    2047             : 
    2048             : 
    2049             : /* This is a convenience function for searching for keys with a long
    2050             :  * key id.
    2051             :  *
    2052             :  * Note: this function resumes searching where the last search left
    2053             :  * off.  If you want to search the whole database, then you need to
    2054             :  * first call keydb_search_reset().  */
    2055             : gpg_error_t
    2056           3 : keydb_search_kid (KEYDB_HANDLE hd, u32 *kid)
    2057             : {
    2058             :   KEYDB_SEARCH_DESC desc;
    2059             : 
    2060           3 :   memset (&desc, 0, sizeof desc);
    2061           3 :   desc.mode = KEYDB_SEARCH_MODE_LONG_KID;
    2062           3 :   desc.u.kid[0] = kid[0];
    2063           3 :   desc.u.kid[1] = kid[1];
    2064           3 :   return keydb_search (hd, &desc, 1, NULL);
    2065             : }
    2066             : 
    2067             : 
    2068             : /* This is a convenience function for searching for keys with a long
    2069             :  * (20 byte) fingerprint.
    2070             :  *
    2071             :  * Note: this function resumes searching where the last search left
    2072             :  * off.  If you want to search the whole database, then you need to
    2073             :  * first call keydb_search_reset().  */
    2074             : gpg_error_t
    2075         143 : keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr)
    2076             : {
    2077             :   KEYDB_SEARCH_DESC desc;
    2078             : 
    2079         143 :   memset (&desc, 0, sizeof desc);
    2080         143 :   desc.mode = KEYDB_SEARCH_MODE_FPR;
    2081         143 :   memcpy (desc.u.fpr, fpr, MAX_FINGERPRINT_LEN);
    2082         143 :   return keydb_search (hd, &desc, 1, NULL);
    2083             : }

Generated by: LCOV version 1.11