[git] GnuPG - branch, key-storage-work, updated. gnupg-2.1.0beta3-129-gf6d7b3f
by Werner Koch
cvs at cvs.gnupg.org
Mon Jan 7 21:23:22 CET 2013
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, key-storage-work has been updated
via f6d7b3f1ee5eed32bc3257c99cb878091d26c482 (commit)
via 0baedfd25a4bdc6c8e7aefbd67006b063e2dc33f (commit)
via fb31462e7e92d4b19256e6fd40b1b6ffcef2676c (commit)
via 7d00e52bd58d9e40c18dcc0122b2c236ef3318f5 (commit)
from 79f08fb0699f4a065e3a29bc7676a90534d7ba60 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f6d7b3f1ee5eed32bc3257c99cb878091d26c482
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 7 21:14:52 2013 +0100
gpg: Set the node flags while retrieving a keyblock.
* g10/keydb.c (parse_keyblock_image): Add args PK_NO and UID_NO and
set the note flags accordingly.
(keydb_get_keyblock): Transfer PK_NO and UID_NO to parse_keyblock_image.
* kbx/keybox-search.c (blob_cmp_fpr, blob_cmp_fpr_part)
(blob_cmp_name, blob_cmp_mail): Return the key/user number.
(keybox_search): Set the key and user number into the found struct.
(keybox_get_keyblock): Add args R_PK_NO and R_UID_NO and set them from
the found struct.
--
getkey.c needs to know whether the correct subkey was found. Thus we
need to set the node flags the same way we did it with the keyring
storage.
diff --git a/g10/keydb.c b/g10/keydb.c
index d293948..186f017 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -1,6 +1,6 @@
/* keydb.c - key database dispatcher
* Copyright (C) 2001, 2002, 2003, 2004, 2005,
- * 2008, 2009, 2011 Free Software Foundation, Inc.
+ * 2008, 2009, 2011, 2013 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -617,7 +617,8 @@ unlock_all (KEYDB_HANDLE hd)
static gpg_error_t
-parse_keyblock_image (iobuf_t iobuf, const u32 *sigstatus, kbnode_t *r_keyblock)
+parse_keyblock_image (iobuf_t iobuf, int pk_no, int uid_no,
+ const u32 *sigstatus, kbnode_t *r_keyblock)
{
gpg_error_t err;
PACKET *pkt;
@@ -625,6 +626,7 @@ parse_keyblock_image (iobuf_t iobuf, const u32 *sigstatus, kbnode_t *r_keyblock)
kbnode_t node, *tail;
int in_cert, save_mode;
u32 n_sigs;
+ int pk_count, uid_count;
*r_keyblock = NULL;
@@ -636,6 +638,7 @@ parse_keyblock_image (iobuf_t iobuf, const u32 *sigstatus, kbnode_t *r_keyblock)
in_cert = 0;
n_sigs = 0;
tail = NULL;
+ pk_count = uid_count = 0;
while ((err = parse_packet (iobuf, pkt)) != -1)
{
if (gpg_err_code (err) == GPG_ERR_UNKNOWN_PACKET)
@@ -714,6 +717,26 @@ parse_keyblock_image (iobuf_t iobuf, const u32 *sigstatus, kbnode_t *r_keyblock)
}
node = new_kbnode (pkt);
+
+ switch (pkt->pkttype)
+ {
+ case PKT_PUBLIC_KEY:
+ case PKT_PUBLIC_SUBKEY:
+ case PKT_SECRET_KEY:
+ case PKT_SECRET_SUBKEY:
+ if (++pk_count == pk_no)
+ node->flag |= 1;
+ break;
+
+ case PKT_USER_ID:
+ if (++uid_count == uid_no)
+ node->flag |= 2;
+ break;
+
+ default:
+ break;
+ }
+
if (!keyblock)
keyblock = node;
else
@@ -779,12 +802,14 @@ keydb_get_keyblock (KEYDB_HANDLE hd, KBNODE *ret_kb)
{
iobuf_t iobuf;
u32 *sigstatus;
+ int pk_no, uid_no;
err = keybox_get_keyblock (hd->active[hd->found].u.kb,
- &iobuf, &sigstatus);
+ &iobuf, &pk_no, &uid_no, &sigstatus);
if (!err)
{
- err = parse_keyblock_image (iobuf, sigstatus, ret_kb);
+ err = parse_keyblock_image (iobuf, pk_no, uid_no, sigstatus,
+ ret_kb);
xfree (sigstatus);
iobuf_close (iobuf);
}
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index a12216b..5e6432f 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -1,5 +1,6 @@
/* keybox-search.c - Search operations
- * Copyright (C) 2001, 2002, 2003, 2004, 2012 Free Software Foundation, Inc.
+ * Copyright (C) 2001, 2002, 2003, 2004, 2012,
+ * 2013 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
@@ -233,6 +234,9 @@ blob_cmp_sn (KEYBOXBLOB blob, const unsigned char *sn, int snlen)
}
+/* Returns 0 if not found or the number of the key which was found.
+ For X.509 this is always 1, for OpenPGP this is 1 for the primary
+ key and 2 and more for the subkeys. */
static int
blob_cmp_fpr (KEYBOXBLOB blob, const unsigned char *fpr)
{
@@ -259,7 +263,7 @@ blob_cmp_fpr (KEYBOXBLOB blob, const unsigned char *fpr)
{
off = pos + idx*keyinfolen;
if (!memcmp (buffer + off, fpr, 20))
- return 1; /* found */
+ return idx+1; /* found */
}
return 0; /* not found */
}
@@ -291,7 +295,7 @@ blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
{
off = pos + idx*keyinfolen;
if (!memcmp (buffer + off + fproff, fpr, fprlen))
- return 1; /* found */
+ return idx+1; /* found */
}
return 0; /* not found */
}
@@ -352,15 +356,14 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
if (substr)
{
if (ascii_memcasemem (buffer+off, len, name, namelen))
- return 1; /* found */
+ return idx+1; /* found */
}
else
{
if (len == namelen && !memcmp (buffer+off, name, len))
- return 1; /* found */
+ return idx+1; /* found */
}
}
- return 0; /* not found */
}
else
{
@@ -376,13 +379,16 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
if (substr)
{
- return !!ascii_memcasemem (buffer+off, len, name, namelen);
+ if (ascii_memcasemem (buffer+off, len, name, namelen))
+ return idx+1; /* found */
}
else
{
- return len == namelen && !memcmp (buffer+off, name, len);
+ if (len == namelen && !memcmp (buffer+off, name, len))
+ return idx+1; /* found */
}
}
+ return 0; /* not found */
}
@@ -458,12 +464,12 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
if (substr)
{
if (ascii_memcasemem (buffer+off+1, len, name, namelen))
- return 1; /* found */
+ return idx+1; /* found */
}
else
{
if (len == namelen && !ascii_memcasecmp (buffer+off+1, name, len))
- return 1; /* found */
+ return idx+1; /* found */
}
}
return 0; /* not found */
@@ -734,6 +740,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
int need_words, any_skip;
KEYBOXBLOB blob = NULL;
struct sn_array_s *sn_array = NULL;
+ int pk_no, uid_no;
if (!hd)
return gpg_error (GPG_ERR_INV_VALUE);
@@ -850,6 +857,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
}
+ pk_no = uid_no = 0;
for (;;)
{
unsigned int blobflags;
@@ -875,19 +883,23 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
never_reached ();
break;
case KEYDB_SEARCH_MODE_EXACT:
- if (has_username (blob, desc[n].u.name, 0))
+ uid_no = has_username (blob, desc[n].u.name, 0);
+ if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAIL:
- if (has_mail (blob, desc[n].u.name, 0))
+ uid_no = has_mail (blob, desc[n].u.name, 0);
+ if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAILSUB:
- if (has_mail (blob, desc[n].u.name, 1))
+ uid_no = has_mail (blob, desc[n].u.name, 1);
+ if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_SUBSTR:
- if (has_username (blob, desc[n].u.name, 1))
+ uid_no = has_username (blob, desc[n].u.name, 1);
+ if (uid_no)
goto found;
break;
case KEYDB_SEARCH_MODE_MAILEND:
@@ -914,16 +926,19 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
goto found;
break;
case KEYDB_SEARCH_MODE_SHORT_KID:
- if (has_short_kid (blob, desc[n].u.kid[1]))
+ pk_no = has_short_kid (blob, desc[n].u.kid[1]);
+ if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_LONG_KID:
- if (has_long_kid (blob, desc[n].u.kid[0], desc[n].u.kid[1]))
+ pk_no = has_long_kid (blob, desc[n].u.kid[0], desc[n].u.kid[1]);
+ if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_FPR:
case KEYDB_SEARCH_MODE_FPR20:
- if (has_fingerprint (blob, desc[n].u.fpr))
+ pk_no = has_fingerprint (blob, desc[n].u.fpr);
+ if (pk_no)
goto found;
break;
case KEYDB_SEARCH_MODE_KEYGRIP:
@@ -956,6 +971,8 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
if (!rc)
{
hd->found.blob = blob;
+ hd->found.pk_no = pk_no;
+ hd->found.uid_no = uid_no;
}
else if (rc == -1)
{
@@ -985,9 +1002,12 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
/* Return the last found keyblock. Returns 0 on success and stores a
new iobuf at R_IOBUF and a signature status vector at R_SIGSTATUS
- in that case. */
+ in that case. R_UID_NO and R_PK_NO are used to retun the number of
+ the key or user id which was matched the search criteria; if not
+ known they are set to 0. */
gpg_error_t
-keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf, u32 **r_sigstatus)
+keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf,
+ int *r_pk_no, int *r_uid_no, u32 **r_sigstatus)
{
gpg_error_t err;
const unsigned char *buffer, *p;
@@ -1029,6 +1049,8 @@ keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf, u32 **r_sigstatus)
for (n=1; n <= n_sigs; n++, p += sigilen)
sigstatus[n] = get32 (p);
+ *r_pk_no = hd->found.pk_no;
+ *r_uid_no = hd->found.uid_no;
*r_sigstatus = sigstatus;
*r_iobuf = iobuf_temp_with_content (buffer+image_off, image_len);
return 0;
diff --git a/kbx/keybox.h b/kbx/keybox.h
index 03a9245..4f7e23d 100644
--- a/kbx/keybox.h
+++ b/kbx/keybox.h
@@ -81,8 +81,8 @@ int keybox_lock (KEYBOX_HANDLE hd, int yes);
int _keybox_write_header_blob (FILE *fp);
/*-- keybox-search.c --*/
-gpg_error_t keybox_get_keyblock (KEYBOX_HANDLE hd,
- iobuf_t *r_iobuf, u32 **sigstatus);
+gpg_error_t keybox_get_keyblock (KEYBOX_HANDLE hd, iobuf_t *r_iobuf,
+ int *r_uid_no, int *r_pk_no, u32 **sigstatus);
#ifdef KEYBOX_WITH_X509
int keybox_get_cert (KEYBOX_HANDLE hd, ksba_cert_t *ret_cert);
#endif /*KEYBOX_WITH_X509*/
@@ -114,7 +114,6 @@ int keybox_compress (KEYBOX_HANDLE hd);
/*-- --*/
#if 0
-int keybox_get_keyblock (KEYBOX_HANDLE hd, KBNODE *ret_kb);
int keybox_locate_writable (KEYBOX_HANDLE hd);
int keybox_search_reset (KEYBOX_HANDLE hd);
int keybox_search (KEYBOX_HANDLE hd, KEYDB_SEARCH_DESC *desc, size_t ndesc);
commit 0baedfd25a4bdc6c8e7aefbd67006b063e2dc33f
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 7 16:51:24 2013 +0100
New function log_clock.
* common/logging.c (log_clock): New.
* g10/gpg.c (set_debug): Print clock debug flag.
* g10/options.h (DBG_CLOCK_VALUE, DBG_CLOCK): New.
--
To actually use log_clock you need to enable the code in
logginc.c:log_check() and link against librt. --debug 4096 may then
be used to enable it at runtime.
diff --git a/common/logging.c b/common/logging.c
index f91671e..a8acb52 100644
--- a/common/logging.c
+++ b/common/logging.c
@@ -857,6 +857,33 @@ log_printhex (const char *text, const void *buffer, size_t length)
}
+void
+log_clock (const char *string)
+{
+#if 0
+ static unsigned long long initial;
+ struct timespec tv;
+ unsigned long long now;
+
+ if (clock_gettime (CLOCK_REALTIME, &tv))
+ {
+ log_debug ("error getting the realtime clock value\n");
+ return;
+ }
+ now = tv.tv_sec * 1000000000ull;
+ now += tv.tv_nsec;
+
+ if (!initial)
+ initial = now;
+
+ log_debug ("[%llu] %s", now - initial, string);
+#else
+ /* You need to link with -ltr to enable the above code. */
+ log_debug ("[not enabled in the source] %s", string);
+#endif
+}
+
+
#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5 )
void
bug_at( const char *file, int line, const char *func )
diff --git a/common/logging.h b/common/logging.h
index b0d662b..89913e6 100644
--- a/common/logging.h
+++ b/common/logging.h
@@ -96,5 +96,7 @@ void log_flush (void);
by the hexdump and a final LF. */
void log_printhex (const char *text, const void *buffer, size_t length);
+void log_clock (const char *string);
+
#endif /*LIBJNLIB_LOGGING_H*/
diff --git a/g10/gpg.c b/g10/gpg.c
index 5773d5e..7e4339b 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -1029,7 +1029,7 @@ set_debug (const char *level)
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
+ log_info ("enabled debug flags:%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
(opt.debug & DBG_PACKET_VALUE )? " packet":"",
(opt.debug & DBG_MPI_VALUE )? " mpi":"",
(opt.debug & DBG_CIPHER_VALUE )? " cipher":"",
@@ -1042,7 +1042,8 @@ set_debug (const char *level)
(opt.debug & DBG_HASHING_VALUE)? " hashing":"",
(opt.debug & DBG_EXTPROG_VALUE)? " extprog":"",
(opt.debug & DBG_CARD_IO_VALUE)? " cardio":"",
- (opt.debug & DBG_ASSUAN_VALUE )? " assuan":"");
+ (opt.debug & DBG_ASSUAN_VALUE )? " assuan":"",
+ (opt.debug & DBG_CLOCK_VALUE )? " clock":"");
}
@@ -3114,6 +3115,8 @@ main (int argc, char **argv)
}
set_debug (debug_level);
+ if (DBG_CLOCK)
+ log_clock ("start");
/* Do these after the switch(), so they can override settings. */
if(PGP2)
@@ -4097,6 +4100,8 @@ void
g10_exit( int rc )
{
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
+ if (DBG_CLOCK)
+ log_clock ("stop");
if ( (opt.debug & DBG_MEMSTAT_VALUE) )
{
gcry_control (GCRYCTL_DUMP_MEMORY_STATS);
diff --git a/g10/keydb.c b/g10/keydb.c
index dff58cc..d293948 100644
--- a/g10/keydb.c
+++ b/g10/keydb.c
@@ -1156,6 +1156,9 @@ keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
if (!hd)
return gpg_error (GPG_ERR_INV_ARG);
+ if (DBG_CLOCK)
+ log_clock ("keydb_search enter");
+
rc = -1;
while ((rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
&& hd->current >= 0 && hd->current < hd->used)
@@ -1182,6 +1185,8 @@ keydb_search2 (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc,
hd->found = hd->current;
}
+ if (DBG_CLOCK)
+ log_clock ("keydb_search leave");
return ((rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF)
? gpg_error (GPG_ERR_NOT_FOUND)
: rc);
diff --git a/g10/options.h b/g10/options.h
index e67d0ce..d4824bc 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -271,6 +271,7 @@ struct {
#define DBG_HASHING_VALUE 512 /* debug hashing operations */
#define DBG_EXTPROG_VALUE 1024 /* debug external program calls */
#define DBG_CARD_IO_VALUE 2048 /* debug smart card I/O. */
+#define DBG_CLOCK_VALUE 4096
/* Fixme: For now alias this value. */
#define DBG_ASSUAN_VALUE DBG_EXTPROG_VALUE
@@ -286,6 +287,7 @@ struct {
#define DBG_EXTPROG (opt.debug & DBG_EXTPROG_VALUE)
#define DBG_CARD_IO (opt.debug & DBG_CARD_IO_VALUE)
#define DBG_ASSUAN (opt.debug & DBG_ASSUAN_VALUE)
+#define DBG_CLOCK (opt.debug & DBG_CLOCK_VALUE)
/* FIXME: We need to check whey we did not put this into opt. */
#define DBG_MEMORY memory_debug_mode
commit fb31462e7e92d4b19256e6fd40b1b6ffcef2676c
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 7 15:41:10 2013 +0100
gpg: Allow searching for user ids in a keybox.
* kbx/keybox-search.c (blob_cmp_name): Add arg X509 and adjust for PGP
use. Change callers.
(blob_cmp_mail): Add arg X509 and find the mailbox offset for PGP.
Chnage callers.
(has_subject_or_alt): Rename to has_username.
(has_username): Allow blobtype PGP.
(has_mail): Ditto.
diff --git a/kbx/keybox-search.c b/kbx/keybox-search.c
index d683e14..a12216b 100644
--- a/kbx/keybox-search.c
+++ b/kbx/keybox-search.c
@@ -299,7 +299,7 @@ blob_cmp_fpr_part (KEYBOXBLOB blob, const unsigned char *fpr,
static int
blob_cmp_name (KEYBOXBLOB blob, int idx,
- const char *name, size_t namelen, int substr)
+ const char *name, size_t namelen, int substr, int x509)
{
const unsigned char *buffer;
size_t length;
@@ -336,10 +336,9 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
return 0; /* out of bounds */
if (idx < 0)
- { /* compare all names starting with that (negated) index */
- idx = -idx;
-
- for ( ;idx < nuids; idx++)
+ { /* Compare all names. Note that for X.509 we start with index 1
+ so to skip the issuer at index 0. */
+ for (idx = !!x509; idx < nuids; idx++)
{
size_t mypos = pos;
@@ -387,10 +386,12 @@ blob_cmp_name (KEYBOXBLOB blob, int idx,
}
-/* compare all email addresses of the subject. With SUBSTR given as
- True a substring search is done in the mail address */
+/* Compare all email addresses of the subject. With SUBSTR given as
+ True a substring search is done in the mail address. If X509
+ states whether thr search is done on an X.509 blob. */
static int
-blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr)
+blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr,
+ int x509)
{
const unsigned char *buffer;
size_t length;
@@ -431,7 +432,9 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr)
if (namelen < 1)
return 0;
- for (idx=1 ;idx < nuids; idx++)
+ /* Note that for X.509 we start at index 1 becuase index 0 is used
+ for the issuer name. */
+ for (idx=!!x509 ;idx < nuids; idx++)
{
size_t mypos = pos;
@@ -440,6 +443,12 @@ blob_cmp_mail (KEYBOXBLOB blob, const char *name, size_t namelen, int substr)
len = get32 (buffer+mypos+4);
if (off+len > length)
return 0; /* error: better stop here out of bounds */
+ if (!x509)
+ {
+ /* For OpenPGP we need to forward to the mailbox part. */
+ for ( ;len && buffer[off] != '<'; len--, off++)
+ ;
+ }
if (len < 2 || buffer[off] != '<')
continue; /* empty name or trailing 0 not stored */
len--; /* one back */
@@ -589,7 +598,7 @@ has_issuer (KEYBOXBLOB blob, const char *name)
return 0;
namelen = strlen (name);
- return blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0);
+ return blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1);
}
static inline int
@@ -607,7 +616,7 @@ has_issuer_sn (KEYBOXBLOB blob, const char *name,
namelen = strlen (name);
return (blob_cmp_sn (blob, sn, snlen)
- && blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0));
+ && blob_cmp_name (blob, 0 /* issuer */, name, namelen, 0, 1));
}
static inline int
@@ -631,22 +640,25 @@ has_subject (KEYBOXBLOB blob, const char *name)
return 0;
namelen = strlen (name);
- return blob_cmp_name (blob, 1 /* subject */, name, namelen, 0);
+ return blob_cmp_name (blob, 1 /* subject */, name, namelen, 0, 1);
}
+
static inline int
-has_subject_or_alt (KEYBOXBLOB blob, const char *name, int substr)
+has_username (KEYBOXBLOB blob, const char *name, int substr)
{
size_t namelen;
+ int btype;
return_val_if_fail (name, 0);
- if (blob_get_type (blob) != BLOBTYPE_X509)
+ btype = blob_get_type (blob);
+ if (btype != BLOBTYPE_PGP && btype != BLOBTYPE_X509)
return 0;
namelen = strlen (name);
- return blob_cmp_name (blob, -1 /* all subject names*/, name,
- namelen, substr);
+ return blob_cmp_name (blob, -1 /* all subject/user names */, name,
+ namelen, substr, (btype == BLOBTYPE_X509));
}
@@ -654,16 +666,21 @@ static inline int
has_mail (KEYBOXBLOB blob, const char *name, int substr)
{
size_t namelen;
+ int btype;
return_val_if_fail (name, 0);
- if (blob_get_type (blob) != BLOBTYPE_X509)
+ btype = blob_get_type (blob);
+ if (btype != BLOBTYPE_PGP && btype != BLOBTYPE_X509)
return 0;
+ if (btype == BLOBTYPE_PGP && *name == '<')
+ name++; /* Hack to remove the leading '<' for gpg. */
+
namelen = strlen (name);
if (namelen && name[namelen-1] == '>')
namelen--;
- return blob_cmp_mail (blob, name, namelen, substr);
+ return blob_cmp_mail (blob, name, namelen, substr, (btype == BLOBTYPE_X509));
}
@@ -858,7 +875,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
never_reached ();
break;
case KEYDB_SEARCH_MODE_EXACT:
- if (has_subject_or_alt (blob, desc[n].u.name, 0))
+ if (has_username (blob, desc[n].u.name, 0))
goto found;
break;
case KEYDB_SEARCH_MODE_MAIL:
@@ -870,7 +887,7 @@ keybox_search (KEYBOX_HANDLE hd, KEYBOX_SEARCH_DESC *desc, size_t ndesc)
goto found;
break;
case KEYDB_SEARCH_MODE_SUBSTR:
- if (has_subject_or_alt (blob, desc[n].u.name, 1))
+ if (has_username (blob, desc[n].u.name, 1))
goto found;
break;
case KEYDB_SEARCH_MODE_MAILEND:
commit 7d00e52bd58d9e40c18dcc0122b2c236ef3318f5
Author: Werner Koch <wk at gnupg.org>
Date: Mon Jan 7 15:37:50 2013 +0100
gpg: Allow generation of more than 4096 keys in one run.
* g10/getkey.c (cache_public_key): Make room in the cache if needed.
--
To create the selfsigs, the key generation code makes use of the key
cache. However, after 4096 the cache is filled up and then disabled.
Thus generating more than 4096 keys in one run was not possible. We
now clear the first half the inserted keys every time the cache gets
full.
diff --git a/g10/getkey.c b/g10/getkey.c
index 002a2be..0030f42 100644
--- a/g10/getkey.c
+++ b/g10/getkey.c
@@ -128,7 +128,7 @@ void
cache_public_key (PKT_public_key * pk)
{
#if MAX_PK_CACHE_ENTRIES
- pk_cache_entry_t ce;
+ pk_cache_entry_t ce, ce2;
u32 keyid[2];
if (pk_cache_disabled)
@@ -158,11 +158,25 @@ cache_public_key (PKT_public_key * pk)
if (pk_cache_entries >= MAX_PK_CACHE_ENTRIES)
{
- /* fixme: Use another algorithm to free some cache slots. */
- pk_cache_disabled = 1;
- if (opt.verbose > 1)
- log_info (_("too many entries in pk cache - disabled\n"));
- return;
+ int n;
+
+ /* Remove the last 50% of the entries. */
+ for (ce = pk_cache, n = 0; ce && n < pk_cache_entries/2; n++)
+ ce = ce->next;
+ if (ce != pk_cache && ce->next)
+ {
+ ce2 = ce->next;
+ ce->next = NULL;
+ ce = ce2;
+ for (; ce; ce = ce2)
+ {
+ ce2 = ce->next;
+ free_public_key (ce->pk);
+ xfree (ce);
+ pk_cache_entries--;
+ }
+ }
+ assert (pk_cache_entries < MAX_PK_CACHE_ENTRIES);
}
pk_cache_entries++;
ce = xmalloc (sizeof *ce);
-----------------------------------------------------------------------
Summary of changes:
common/logging.c | 27 ++++++++++++
common/logging.h | 2 +
g10/getkey.c | 26 +++++++++---
g10/gpg.c | 9 +++-
g10/keydb.c | 38 +++++++++++++++--
g10/options.h | 2 +
kbx/keybox-search.c | 113 ++++++++++++++++++++++++++++++++++-----------------
kbx/keybox.h | 5 +-
8 files changed, 170 insertions(+), 52 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list