[PATCH gpa] Load the secret keyring before the public one.

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH gpa] Load the secret keyring before the public one.

Damien Goutte-Gattat
* src/keylist.c (gpa_keylist_init): Forcefully load the secret
keyring before attempting to load the public keys.
--

Gpa loads the private keyring in a kind of "lazy mode", in that
the private keyring is only loaded the first time Gpa needs to
lookup a private key. This normally happens during the loading
of the public keyring, since for each public key Gpa must lookup
in the private keyring to check whether a private counterpart is
available.

The result is that a Gpg process is spawn to list the secret keys
while another Gpg process is still listing the public keys. If
the trust model happens to be TOFU or TOFU+PGP, this can cause
some problems with regard to the locking of the TOFU database.

To avoid that, this patch makes sure the private keyring is
actively and synchronously loaded before we fetch the public keys
(no more lazy loading).

GnuPG-bug-id: 3748
Signed-off-by: Damien Goutte-Gattat <[hidden email]>
---
 src/keylist.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/keylist.c b/src/keylist.c
index 442da08..2c8e7e8 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -231,7 +231,16 @@ gpa_keylist_init (GTypeInstance *instance, void *class_ptr)
     }
   else
     {
-      /* Initialize from the global keytable.  */
+      /* Initialize from the global keytable.
+       *
+       * We must forcefully load the secret keytable first to
+       * prevent concurrent access to the TOFU database. */
+      gpa_keytable_force_reload (gpa_keytable_get_secret_instance (),
+                                 NULL, (GpaKeyTableEndFunc) gtk_main_quit,
+                                 NULL);
+      gtk_main ();
+
+      /* Now we can load the public keyring. */
       gpa_keytable_list_keys (gpa_keytable_get_public_instance(),
                               gpa_keylist_next, gpa_keylist_end, list);
     }
--
2.14.1


_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH gpa] Load the secret keyring before the public one.

Damien Goutte-Gattat
Hi GnuPG folks,

I sent the patch below a few weeks ago to tentatively fix bug 3748,
which affects GPA when using a TOFU trust model.

Any follow-up on this?

I am not sure this is the best way to fix 3748, but for what it's
worth, I am using GPA with this patch applied since I first posted
it and never ran into the bug again, nor into any other problem.

-- >8 --
Subject: [PATCH gpa] Load the secret keyring before the public one.

* src/keylist.c (gpa_keylist_init): Forcefully load the secret
keyring before attempting to load the public keys.
--

Gpa loads the private keyring in a kind of "lazy mode", in that
the private keyring is only loaded the first time Gpa needs to
lookup a private key. This normally happens during the loading
of the public keyring, since for each public key Gpa must lookup
in the private keyring to check whether a private counterpart is
available.

The result is that a Gpg process is spawn to list the secret keys
while another Gpg process is still listing the public keys. If
the trust model happens to be TOFU or TOFU+PGP, this can cause
some problems with regard to the locking of the TOFU database.

To avoid that, this patch makes sure the private keyring is
actively and synchronously loaded before we fetch the public keys
(no more lazy loading).

GnuPG-bug-id: 3748
Signed-off-by: Damien Goutte-Gattat <[hidden email]>
---
 src/keylist.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/keylist.c b/src/keylist.c
index 442da08..2c8e7e8 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -231,7 +231,16 @@ gpa_keylist_init (GTypeInstance *instance, void *class_ptr)
     }
   else
     {
-      /* Initialize from the global keytable.  */
+      /* Initialize from the global keytable.
+       *
+       * We must forcefully load the secret keytable first to
+       * prevent concurrent access to the TOFU database. */
+      gpa_keytable_force_reload (gpa_keytable_get_secret_instance (),
+                                 NULL, (GpaKeyTableEndFunc) gtk_main_quit,
+                                 NULL);
+      gtk_main ();
+
+      /* Now we can load the public keyring. */
       gpa_keytable_list_keys (gpa_keytable_get_public_instance(),
                               gpa_keylist_next, gpa_keylist_end, list);
     }
--
2.14.1



_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (499 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [PATCH gpa] Load the secret keyring before the public one.

Werner Koch
On Thu, 29 Mar 2018 14:52, [hidden email] said:

> I sent the patch below a few weeks ago to tentatively fix bug 3748,
> which affects GPA when using a TOFU trust model.
>
> Any follow-up on this?

Thanks for the reminder.  I just pushed it.


Shalom-Salam,

   Werner

--
#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

attachment0 (233 bytes) Download Attachment