slipenkomk/sequoia-sq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use certd's new interfaces to lookup special names.

Browse Source
This commit is contained in:
Neal H. Walfield 2023-12-14 14:46:15 +01:00 committed by Justus Winter
parent b8cb988182
commit 1bb215e67f
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
1 changed files with 13 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/sq.rs
View File

@ -887,14 +887,8 @@ impl<'store> Config<'store> {
fn get_special(&mut self, name: &str, userid: &str, create: bool) fn get_special(&mut self, name: &str, userid: &str, create: bool)
-> Result<(bool, Cert)> -> Result<(bool, Cert)>
{ {
// XXX: openpgp-cert-d only supports a single special, let certd = if let Some(certd) = self.cert_store_or_else()?.certd() {
// "trust-root", even though the spec allows for other special certd.certd()
// names. To workaround this, we open the special files by
// hand. This is a bit unfortunate as we don't implement the
// write lock.
let filename = if let Some(base) = self.cert_store_base() {
base.join(name)
} else { } else {
return Err(anyhow::anyhow!( return Err(anyhow::anyhow!(
"A local trust root and other special certificates are \ "A local trust root and other special certificates are \
@ -902,30 +896,18 @@ impl<'store> Config<'store> {
directory")); directory"));
}; };
// Make sure the name is actually a special name. (CertD::get
// will also accepts fingerprints.)
let filename = certd.get_path_by_special(name)?;
// Read it. // Read it.
// let cert_bytes = certd.get(&name)
// XXX: Because we don't lock the cert-d, there is a chance .with_context(|| {
// that we only read the first half of the key :/. format!(
let cert_bytes = match std::fs::read(&filename) { "Looking up {} ({}) in the certificate directory",
Ok(data) => Some(data), name, userid)
Err(err) => { })?
let err = anyhow::Error::from(err); .map(|(_tag, bytes)| bytes);
let mut not_found = false;
if let Some(err) = err.downcast_ref::<std::io::Error>() {
if err.kind() == std::io::ErrorKind::NotFound {
not_found = true;
}
}
if ! not_found {
return Err(err).context(format!(
"Looking up {} ({}) in the certificate directory",
name, userid));
}
None
}
};
let mut created = false; let mut created = false;
let special: Cert = if let Some(cert_bytes) = cert_bytes { let special: Cert = if let Some(cert_bytes) = cert_bytes {