diff --git a/g10/ChangeLog b/g10/ChangeLog index e1837bb19..121d57356 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,5 +1,15 @@ 2010-03-08 Werner Koch + * main.h: Include "estream.h" + * openfile.c (open_outfile): Replace dup/iobuf_fdopen by + iobuf_fdopen_nc. + * mainproc.c (proc_signature_packets_by_fd): Return error on + memory failure. + * plaintext.c (hash_datafile_by_fd): Ditto. + * verify.c (gpg_verify): Use iobuf_fdopen_nc. Change OUT_FP to an + estream_t. + * server.c (cmd_verify): Do not dup the fds. + Use macros for iobuf_ioctl commands. 2010-02-17 Werner Koch @@ -23,7 +33,7 @@ * revoke.c (gen_desig_revoke): Ditto. * skclist.c (release_sk_list): Ditto. * keyedit.c (sign_uids): Ditto. - * misc.c (get_signature_count): Ditto. + * misc.c (get_signature_count): Ditto. * main.h (struct expand_args): s/sk/pksk/. Change all users. * keyedit.c (keyedit_passwd): Finish implementation. diff --git a/g10/main.h b/g10/main.h index 1d31f476d..f0f1edc7c 100644 --- a/g10/main.h +++ b/g10/main.h @@ -25,7 +25,7 @@ #include "cipher.h" #include "keydb.h" #include "util.h" - +#include "../common/estream.h" /* It could be argued that the default cipher should be 3DES rather than CAST5, and the default compression should be 0 @@ -316,7 +316,7 @@ void print_card_key_info (FILE *fp, KBNODE keyblock); void print_file_status( int status, const char *name, int what ); int verify_signatures( int nfiles, char **files ); int verify_files( int nfiles, char **files ); -int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp); +int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp); /*-- decrypt.c --*/ int decrypt_message( const char *filename ); diff --git a/g10/mainproc.c b/g10/mainproc.c index 8707cd8c8..5d568474b 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -78,7 +78,7 @@ struct mainproc_context /* A list of filenames with the data files or NULL. This is only used if DATA_FD is -1. */ strlist_t data_names; - /* Flag to indicated that either one of the next previous fieldss + /* Flag to indicated that either one of the next previous fields is used. This is only needed for better readability. */ int used; } signed_data; @@ -1221,11 +1221,16 @@ proc_signature_packets( void *anchor, IOBUF a, return rc; } + int proc_signature_packets_by_fd (void *anchor, IOBUF a, int signed_data_fd ) { int rc; - CTX c = xcalloc (1, sizeof *c); + CTX c; + + c = xtrycalloc (1, sizeof *c); + if (!c) + return gpg_error_from_syserror (); c->anchor = anchor; c->sigs_only = 1; diff --git a/g10/openfile.c b/g10/openfile.c index 4b7fe3600..b1cd294c1 100644 --- a/g10/openfile.c +++ b/g10/openfile.c @@ -1,6 +1,6 @@ /* openfile.c - * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, - * 2005, 2009 Free Software Foundation, Inc. + * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2009, + * 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -192,13 +192,8 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a) if (inp_fd != -1) { char xname[64]; - int fd2; - fd2 = dup (inp_fd); - if (fd2 == -1) - *a = NULL; - else - *a = iobuf_fdopen (fd2, "wb"); + *a = iobuf_fdopen_nc (inp_fd, "wb"); if (!*a) { rc = gpg_error_from_syserror (); diff --git a/g10/plaintext.c b/g10/plaintext.c index d1ab92381..ee0d41357 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -1,6 +1,6 @@ /* plaintext.c - process plaintext packets * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, - * 2006, 2009 Free Software Foundation, Inc. + * 2006, 2009, 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -651,13 +651,14 @@ hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd, progress_filter_context_t *pfx = new_progress_context (); iobuf_t fp; - fp = iobuf_fdopen (data_fd, "rb"); - if (fp && is_secured_file (data_fd)) + if (is_secured_file (data_fd)) { - iobuf_close (fp); fp = NULL; errno = EPERM; } + else + fp = iobuf_fdopen_nc (data_fd, "rb"); + if (!fp) { int rc = gpg_error_from_syserror (); diff --git a/g10/server.c b/g10/server.c index 1be1ab3c2..3aca9b9de 100644 --- a/g10/server.c +++ b/g10/server.c @@ -400,7 +400,7 @@ cmd_verify (assuan_context_t ctx, char *line) ctrl_t ctrl = assuan_get_pointer (ctx); gnupg_fd_t fd = assuan_get_input_fd (ctx); gnupg_fd_t out_fd = assuan_get_output_fd (ctx); - FILE *out_fp = NULL; + estream_t out_fp = NULL; /* FIXME: Revamp this code it is nearly to 3 years old and was only intended as a quick test. */ @@ -412,23 +412,17 @@ cmd_verify (assuan_context_t ctx, char *line) if (out_fd != GNUPG_INVALID_FD) { - out_fp = fdopen ( dup (FD2INT (out_fd)), "w"); + out_fp = es_fdopen_nc (out_fd, "w"); if (!out_fp) - return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); + return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } log_debug ("WARNING: The server mode is WORK " "iN PROGRESS and not ready for use\n"); - /* Need to dup it because it might get closed and libassuan won't - know about it then. */ - rc = gpg_verify (ctrl, - dup ( FD2INT (fd)), - dup ( FD2INT (ctrl->server_local->message_fd)), - out_fp); + rc = gpg_verify (ctrl, fd, ctrl->server_local->message_fd, out_fp); - if (out_fp) - fclose (out_fp); + es_fclose (out_fp); close_message_fd (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); diff --git a/g10/verify.c b/g10/verify.c index 9ca5591bc..253a5920b 100644 --- a/g10/verify.c +++ b/g10/verify.c @@ -1,6 +1,6 @@ /* verify.c - Verify signed data * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004, 2005, 2006, - * 2007 Free Software Foundation, Inc. + * 2007, 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -39,7 +39,6 @@ #include "i18n.h" - /**************** * Assume that the input is a signature and verify it without * generating any output. With no arguments, the signature packet @@ -231,7 +230,7 @@ verify_files( int nfiles, char **files ) FIXME: OUTFP is not yet implemented. */ int -gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp) +gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp) { int rc; iobuf_t fp; @@ -241,13 +240,14 @@ gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp) (void)ctrl; (void)out_fp; - fp = iobuf_fdopen (sig_fd, "rb"); - if (fp && is_secured_file (sig_fd)) + if (is_secured_file (sig_fd)) { fp = NULL; - errno = EPERM; + gpg_err_set_errno (EPERM); } - if ( !fp ) + else + fp = iobuf_fdopen_nc (sig_fd, "rb"); + if (!fp) { rc = gpg_error_from_syserror (); log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno)); @@ -262,15 +262,14 @@ gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp) push_armor_filter (afx, fp); } - rc = proc_signature_packets_by_fd ( NULL, fp, data_fd ); + rc = proc_signature_packets_by_fd (NULL, fp, data_fd); if ( afx && afx->no_openpgp_data && (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) ) rc = gpg_error (GPG_ERR_NO_DATA); leave: - if (fp) - iobuf_close (fp); + iobuf_close (fp); release_progress_context (pfx); release_armor_context (afx); return rc; diff --git a/sm/ChangeLog b/sm/ChangeLog index bb979f996..ba5047a82 100644 --- a/sm/ChangeLog +++ b/sm/ChangeLog @@ -1,11 +1,20 @@ 2010-03-08 Werner Koch + * certreqgen.c (gpgsm_genkey): Change OUT_FP to an estream_t + OUT_STREAM. + * certreqgen-ui.c (gpgsm_gencertreq_tty): ditto. + + * server.c (cmd_genkey): Close IN_STREAM. + * server.c (cmd_encrypt, cmd_decrypt, cmd_verify, cmd_sign): Avoid dup call by using es_fdopen_nc. (do_listkeys): Use es_fdopen_nc instead of dup and es_fdopen. + (cmd_export): Ditto. + (cmd_genkey): Ditto. * export.c (popen_protect_tool): Change OUTFILE to an estream_t. (export_p12): Change OUTFP and arg RETFP to an estream_t. (gpgsm_p12_export): Change DATAFP to an estream_t. + (gpgsm_export): Remove arg FP. * import.c (import_one): Change CERTFP and arg FP to an estream_t. (popen_protect_tool): Ditto for OUTFILE. (parse_p12): Change CERTFP to an estream_t. @@ -23,6 +32,7 @@ (encrypt_cb): Use estream. * gpgsm.c (main) : Use estream functions. + (main) : Use open_es_fwrite. 2009-12-14 Werner Koch diff --git a/sm/certreqgen-ui.c b/sm/certreqgen-ui.c index 3e98b660f..3dabb654e 100644 --- a/sm/certreqgen-ui.c +++ b/sm/certreqgen-ui.c @@ -1,5 +1,5 @@ /* certreqgen-ui.c - Simple user interface for certreqgen.c - * Copyright (C) 2007 Free Software Foundation, Inc. + * Copyright (C) 2007, 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -125,7 +125,7 @@ check_keygrip (ctrl_t ctrl, const char *hexgrip) and thus is not suitable for the Windows port. So here is the re-implementation. */ void -gpgsm_gencertreq_tty (ctrl_t ctrl, FILE *output_fp) +gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t output_stream) { gpg_error_t err; char *answer; @@ -391,7 +391,7 @@ gpgsm_gencertreq_tty (ctrl_t ctrl, FILE *output_fp) { int save_pem = ctrl->create_pem; ctrl->create_pem = 1; /* Force creation of PEM. */ - err = gpgsm_genkey (ctrl, fp, output_fp); + err = gpgsm_genkey (ctrl, fp, output_stream); ctrl->create_pem = save_pem; } if (!err) diff --git a/sm/certreqgen.c b/sm/certreqgen.c index 7026a303f..043226a44 100644 --- a/sm/certreqgen.c +++ b/sm/certreqgen.c @@ -1,5 +1,6 @@ /* certreqgen.c - Generate a key and a certification request - * Copyright (C) 2002, 2003, 2005, 2007 Free Software Foundation, Inc. + * Copyright (C) 2002, 2003, 2005, 2007, + * 2010 Free Software Foundation, Inc. * * This file is part of GnuPG. * @@ -846,14 +847,14 @@ create_request (ctrl_t ctrl, /* Create a new key by reading the parameters from IN_FP. Multiple keys may be created */ int -gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, FILE *out_fp) +gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, estream_t out_stream) { int rc; Base64Context b64writer = NULL; ksba_writer_t writer; ctrl->pem_name = "CERTIFICATE REQUEST"; - rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, NULL, &writer); + rc = gpgsm_create_writer (&b64writer, ctrl, NULL, out_stream, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); diff --git a/sm/export.c b/sm/export.c index 9a05b5176..2c8e57b5d 100644 --- a/sm/export.c +++ b/sm/export.c @@ -125,12 +125,10 @@ insert_duptable (duptable_t *table, unsigned char *fpr, int *exists) } - - -/* Export all certificates or just those given in NAMES. If STREAM is - not NULL the output is send to this extended stream. */ +/* Export all certificates or just those given in NAMES. The output + is written to STREAM. */ void -gpgsm_export (ctrl_t ctrl, strlist_t names, FILE *fp, estream_t stream) +gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream) { KEYDB_HANDLE hd = NULL; KEYDB_SEARCH_DESC *desc = NULL; @@ -256,24 +254,17 @@ gpgsm_export (ctrl_t ctrl, strlist_t names, FILE *fp, estream_t stream) if (ctrl->create_pem) { if (count) - { - if (stream) - es_putc ('\n', stream); - else - putc ('\n', fp); - } - print_short_info (cert, fp, stream); - if (stream) es_putc ('\n', stream); - else - putc ('\n', fp); + print_short_info (cert, NULL, stream); + es_putc ('\n', stream); } count++; if (!b64writer) { ctrl->pem_name = "CERTIFICATE"; - rc = gpgsm_create_writer (&b64writer, ctrl, fp, stream, &writer); + rc = gpgsm_create_writer (&b64writer, ctrl, + NULL, stream, &writer); if (rc) { log_error ("can't create writer: %s\n", gpg_strerror (rc)); diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 8a8c017d9..39de29181 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1829,7 +1829,7 @@ main ( int argc, char **argv) case aKeygen: /* Generate a key; well kind of. */ { estream_t fpin = NULL; - FILE *fpout; + estream_t fpout; if (opt.batch) { @@ -1841,15 +1841,14 @@ main ( int argc, char **argv) wrong_args ("--gen-key --batch [parmfile]"); } - fpout = open_fwrite (opt.outfile?opt.outfile:"-"); + fpout = open_es_fwrite (opt.outfile?opt.outfile:"-"); if (fpin) gpgsm_genkey (&ctrl, fpin, fpout); else gpgsm_gencertreq_tty (&ctrl, fpout); - if (fpout != stdout) - fclose (fpout); + es_fclose (fpout); } break; @@ -1860,14 +1859,14 @@ main ( int argc, char **argv) case aExport: { - FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-"); + estream_t fp; + fp = open_es_fwrite (opt.outfile?opt.outfile:"-"); for (sl=NULL; argc; argc--, argv++) add_to_strlist (&sl, *argv); - gpgsm_export (&ctrl, sl, fp, NULL); + gpgsm_export (&ctrl, sl, fp); free_strlist(sl); - if (fp != stdout) - fclose (fp); + es_fclose (fp); } break; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 1a8aab91b..7e0353060 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -344,7 +344,7 @@ int gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files, int (*of)(const char *fname)); /*-- export.c --*/ -void gpgsm_export (ctrl_t ctrl, strlist_t names, FILE *fp, estream_t stream); +void gpgsm_export (ctrl_t ctrl, strlist_t names, estream_t stream); void gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp); /*-- delete.c --*/ @@ -366,10 +366,10 @@ int gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp); /*-- certreqgen.c --*/ -int gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, FILE *out_fp); +int gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, estream_t out_stream); /*-- certreqgen-ui.c --*/ -void gpgsm_gencertreq_tty (ctrl_t ctrl, FILE *out_fp); +void gpgsm_gencertreq_tty (ctrl_t ctrl, estream_t out_stream); /*-- qualified.c --*/ diff --git a/sm/server.c b/sm/server.c index e4de5dca8..42cadcca1 100644 --- a/sm/server.c +++ b/sm/server.c @@ -723,28 +723,28 @@ cmd_export (assuan_context_t ctx, char *line) return set_error (GPG_ERR_ASS_GENERAL, "error setting up a data stream"); } - gpgsm_export (ctrl, list, NULL, stream); + gpgsm_export (ctrl, list, stream); es_fclose (stream); } else { int fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); - FILE *out_fp; + estream_t out_fp; if (fd == -1) { free_strlist (list); return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); } - out_fp = fdopen ( dup(fd), "w"); + out_fp = es_fdopen_nc (fd, "w"); if (!out_fp) { free_strlist (list); - return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); + return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } - gpgsm_export (ctrl, list, out_fp, NULL); - fclose (out_fp); + gpgsm_export (ctrl, list, out_fp); + es_fclose (out_fp); } free_strlist (list); @@ -977,9 +977,8 @@ cmd_genkey (assuan_context_t ctx, char *line) { ctrl_t ctrl = assuan_get_pointer (ctx); int inp_fd, out_fd; - FILE *out_fp; + estream_t in_stream, out_stream; int rc; - estream_t in_stream; (void)line; @@ -994,14 +993,15 @@ cmd_genkey (assuan_context_t ctx, char *line) if (!in_stream) return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen failed"); - out_fp = fdopen ( dup(out_fd), "w"); - if (!out_fp) + out_stream = es_fdopen_nc (out_fd, "w"); + if (!out_stream) { es_fclose (in_stream); - return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); + return set_error (gpg_err_code_from_syserror (), "fdopen() failed"); } - rc = gpgsm_genkey (ctrl, in_stream, out_fp); - fclose (out_fp); + rc = gpgsm_genkey (ctrl, in_stream, out_stream); + es_fclose (out_stream); + es_fclose (in_stream); /* close and reset the fds */ assuan_close_input_fd (ctx);