Load the secret keyring before the public one.

Authored by gouttegd on Mar 29 2018, 2:52 PM.

Description

Load the secret keyring before the public one.

* src/keylist.c (gpa_keylist_init): Forcefully load the secret
keyring before attempting to load the public keys.

Gpa loads the private keyring in a kind of "lazy mode", in that
the private keyring is only loaded the first time Gpa needs to
lookup a private key. This normally happens during the loading
of the public keyring, since for each public key Gpa must lookup
in the private keyring to check whether a private counterpart is
available.

The result is that a Gpg process is spawn to list the secret keys
while another Gpg process is still listing the public keys. If
the trust model happens to be TOFU or TOFU+PGP, this can cause
some problems with regard to the locking of the TOFU database.

To avoid that, this patch makes sure the private keyring is
actively and synchronously loaded before we fetch the public keys
(no more lazy loading).

  • GnuPG-bug-id: T3748
  • Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>