security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

Replace use stdio by estream functions.

Browse Source
This commit is contained in:
Werner Koch 2010-03-08 12:22:18 +00:00
parent 37088de63d
commit 943aaf0cba
13 changed files with 243 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
sm/ChangeLog
View File

@ -1,3 +1,29 @@
2010-03-08 Werner Koch <wk@g10code.com>
* server.c (cmd_encrypt, cmd_decrypt, cmd_verify, cmd_sign): Avoid
dup call by using es_fdopen_nc.
(do_listkeys): Use es_fdopen_nc instead of dup and es_fdopen.
* export.c (popen_protect_tool): Change OUTFILE to an estream_t.
(export_p12): Change OUTFP and arg RETFP to an estream_t.
(gpgsm_p12_export): Change DATAFP to an estream_t.
* import.c (import_one): Change CERTFP and arg FP to an estream_t.
(popen_protect_tool): Ditto for OUTFILE.
(parse_p12): Change CERTFP to an estream_t.
* sign.c (hash_data, hash_and_copy_data): Use estream.
(gpgsm_sign): Change arg OUT_FP to an estream_t.
* verify.c (gpgsm_verify): Rename FP to IN_FP. Change FP and arg
OUT_FP to an estream_t.
(hash_data): Use estream.
* base64.c (struct reader_cb_parm_s): Change FP to an estream_t.
(gpgsm_create_reader): Ditto.
(simple_reader_cb, base64_reader_cb): Adjust accordingly.
* decrypt.c (gpgsm_decrypt): Change OUT_FP and IN_FP to an estream_t.
* encrypt.c (gpgsm_encrypt): Change OUT_FP to an estream_t. Ditto
for DATA_FD.
(encrypt_cb): Use estream.
* gpgsm.c (main) <aEncr, aVerify, aSign, aDecrypt>: Use estream
functions.
2009-12-14 Werner Koch <wk@g10code.com> 2009-12-14 Werner Koch <wk@g10code.com>
* server.c (cmd_passwd): New. * server.c (cmd_passwd): New.
@ -2700,8 +2726,8 @@ h2007-11-22 Werner Koch <wk@g10code.com>
* server.c (rc_to_assuan_status): New. Use it for all commands. * server.c (rc_to_assuan_status): New. Use it for all commands.
Copyright 2001, 2002, 2003, 2004, 2005, 2006, Copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
2007, 2008, 2009 Free Software Foundation, Inc. 2010 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without unlimited permission to copy and/or distribute it, with or without

24
sm/base64.c
View File

@ -1,5 +1,5 @@
/* base64.c /* base64.c
* Copyright (C) 2001, 2003 Free Software Foundation, Inc. * Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -39,9 +39,10 @@
#define LF "\n" #define LF "\n"
#endif #endif
/* data used by the reader callbacks */ /* Data used by the reader callbacks. */
struct reader_cb_parm_s { struct reader_cb_parm_s
FILE *fp; {
estream_t fp;
unsigned char line[1024]; unsigned char line[1024];
int linelen; int linelen;
@ -69,7 +70,8 @@ struct reader_cb_parm_s {
} base64; } base64;
}; };
/* data used by the writer callbacks */
/* Data used by the writer callbacks. */
struct writer_cb_parm_s { struct writer_cb_parm_s {
FILE *fp; /* FP is only used if STREAM is NULL. */ FILE *fp; /* FP is only used if STREAM is NULL. */
estream_t stream; /* Alternative output if not NULL. */ estream_t stream; /* Alternative output if not NULL. */
@ -179,11 +181,11 @@ base64_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
parm->have_lf = 0; parm->have_lf = 0;
for (n=0; n < DIM(parm->line);) for (n=0; n < DIM(parm->line);)
{ {
c = getc (parm->fp); c = es_getc (parm->fp);
if (c == EOF) if (c == EOF)
{ {
parm->eof_seen = 1; parm->eof_seen = 1;
if (ferror (parm->fp)) if (es_ferror (parm->fp))
return -1; return -1;
break; break;
} }
@ -382,14 +384,14 @@ simple_reader_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
for (n=0; n < count; n++) for (n=0; n < count; n++)
{ {
c = getc (parm->fp); c = es_getc (parm->fp);
if (c == EOF) if (c == EOF)
{ {
parm->eof_seen = 1; parm->eof_seen = 1;
if ( ferror (parm->fp) ) if (es_ferror (parm->fp))
return -1; return -1;
if (n) if (n)
break; /* return what we have before an EOF */ break; /* Return what we have before an EOF. */
return -1; return -1;
} }
*(byte *)buffer++ = c; *(byte *)buffer++ = c;
@ -579,7 +581,7 @@ base64_finish_write (struct writer_cb_parm_s *parm)
until no more objects were found. */ until no more objects were found. */
int int
gpgsm_create_reader (Base64Context *ctx, gpgsm_create_reader (Base64Context *ctx,
ctrl_t ctrl, FILE *fp, int allow_multi_pem, ctrl_t ctrl, estream_t fp, int allow_multi_pem,
ksba_reader_t *r_reader) ksba_reader_t *r_reader)
{ {
int rc; int rc;

19
sm/decrypt.c
View File

@ -1,5 +1,5 @@
/* decrypt.c - Decrypt a message /* decrypt.c - Decrypt a message
* Copyright (C) 2001, 2003 Free Software Foundation, Inc. * Copyright (C) 2001, 2003, 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -33,7 +33,8 @@
#include "keydb.h" #include "keydb.h"
#include "i18n.h" #include "i18n.h"
struct decrypt_filter_parm_s { struct decrypt_filter_parm_s
{
int algo; int algo;
int mode; int mode;
int blklen; int blklen;
@ -237,7 +238,7 @@ decrypt_filter (void *arg,
/* Perform a decrypt operation. */ /* Perform a decrypt operation. */
int int
gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp) gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp)
{ {
int rc; int rc;
Base64Context b64reader = NULL; Base64Context b64reader = NULL;
@ -248,7 +249,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp)
ksba_stop_reason_t stopreason; ksba_stop_reason_t stopreason;
KEYDB_HANDLE kh; KEYDB_HANDLE kh;
int recp; int recp;
FILE *in_fp = NULL; estream_t in_fp = NULL;
struct decrypt_filter_parm_s dfparm; struct decrypt_filter_parm_s dfparm;
memset (&dfparm, 0, sizeof dfparm); memset (&dfparm, 0, sizeof dfparm);
@ -263,11 +264,10 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp)
goto leave; goto leave;
} }
in_fp = es_fdopen_nc (in_fd, "rb");
in_fp = fdopen ( dup (in_fd), "rb");
if (!in_fp) if (!in_fp)
{ {
rc = gpg_error (gpg_err_code_from_errno (errno)); rc = gpg_error_from_syserror ();
log_error ("fdopen() failed: %s\n", strerror (errno)); log_error ("fdopen() failed: %s\n", strerror (errno));
goto leave; goto leave;
} }
@ -279,7 +279,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp)
goto leave; goto leave;
} }
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, NULL, &writer); rc = gpgsm_create_writer (&b64writer, ctrl, NULL, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));
@ -576,8 +576,7 @@ gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp)
gpgsm_destroy_reader (b64reader); gpgsm_destroy_reader (b64reader);
gpgsm_destroy_writer (b64writer); gpgsm_destroy_writer (b64writer);
keydb_release (kh); keydb_release (kh);
if (in_fp) es_fclose (in_fp);
fclose (in_fp);
if (dfparm.hd) if (dfparm.hd)
gcry_cipher_close (dfparm.hd); gcry_cipher_close (dfparm.hd);
return rc; return rc;

28
sm/encrypt.c
View File

@ -1,5 +1,6 @@
/* encrypt.c - Encrypt a message /* encrypt.c - Encrypt a message
* Copyright (C) 2001, 2003, 2004, 2007, 2008 Free Software Foundation, Inc. * Copyright (C) 2001, 2003, 2004, 2007, 2008,
* 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -45,8 +46,11 @@ struct dek_s {
}; };
typedef struct dek_s *DEK; typedef struct dek_s *DEK;
struct encrypt_cb_parm_s {
FILE *fp; /* Callback parameters for the encryption. */
struct encrypt_cb_parm_s
{
estream_t fp;
DEK dek; DEK dek;
int eof_seen; int eof_seen;
int ready; int ready;
@ -239,10 +243,10 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
p = parm->buffer; p = parm->buffer;
for (n=parm->buflen; n < parm->bufsize; n++) for (n=parm->buflen; n < parm->bufsize; n++)
{ {
int c = getc (parm->fp); int c = es_getc (parm->fp);
if (c == EOF) if (c == EOF)
{ {
if (ferror (parm->fp)) if (es_ferror (parm->fp))
{ {
parm->readerror = errno; parm->readerror = errno;
return -1; return -1;
@ -289,7 +293,7 @@ encrypt_cb (void *cb_value, char *buffer, size_t count, size_t *nread)
recipients are take from the certificate given in recplist; if this recipients are take from the certificate given in recplist; if this
is NULL it will be encrypted for a default recipient */ is NULL it will be encrypted for a default recipient */
int int
gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, FILE *out_fp) gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, estream_t out_fp)
{ {
int rc = 0; int rc = 0;
Base64Context b64writer = NULL; Base64Context b64writer = NULL;
@ -302,7 +306,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, FILE *out_fp)
struct encrypt_cb_parm_s encparm; struct encrypt_cb_parm_s encparm;
DEK dek = NULL; DEK dek = NULL;
int recpno; int recpno;
FILE *data_fp = NULL; estream_t data_fp = NULL;
certlist_t cl; certlist_t cl;
int count; int count;
@ -337,10 +341,11 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, FILE *out_fp)
goto leave; goto leave;
} }
data_fp = fdopen ( dup (data_fd), "rb"); /* Fixme: We should use the unlocked version of the es functions. */
data_fp = es_fdopen_nc (data_fd, "rb");
if (!data_fp) if (!data_fp)
{ {
rc = gpg_error (gpg_err_code_from_errno (errno)); rc = gpg_error_from_syserror ();
log_error ("fdopen() failed: %s\n", strerror (errno)); log_error ("fdopen() failed: %s\n", strerror (errno));
goto leave; goto leave;
} }
@ -356,7 +361,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, FILE *out_fp)
encparm.fp = data_fp; encparm.fp = data_fp;
ctrl->pem_name = "ENCRYPTED MESSAGE"; ctrl->pem_name = "ENCRYPTED MESSAGE";
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, NULL, &writer); rc = gpgsm_create_writer (&b64writer, ctrl, NULL, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));
@ -506,8 +511,7 @@ gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int data_fd, FILE *out_fp)
ksba_reader_release (reader); ksba_reader_release (reader);
keydb_release (kh); keydb_release (kh);
xfree (dek); xfree (dek);
if (data_fp) es_fclose (data_fp);
fclose (data_fp);
xfree (encparm.buffer); xfree (encparm.buffer);
return rc; return rc;
} }

31
sm/export.c
View File

@ -1,5 +1,6 @@
/* export.c - Export certificates and private keys. /* export.c - Export certificates and private keys.
* Copyright (C) 2002, 2003, 2004, 2007, 2009 Free Software Foundation, Inc. * Copyright (C) 2002, 2003, 2004, 2007, 2009,
* 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -60,7 +61,7 @@ static void print_short_info (ksba_cert_t cert, FILE *fp, estream_t stream);
static gpg_error_t export_p12 (ctrl_t ctrl, static gpg_error_t export_p12 (ctrl_t ctrl,
const unsigned char *certimg, size_t certimglen, const unsigned char *certimg, size_t certimglen,
const char *prompt, const char *keygrip, const char *prompt, const char *keygrip,
FILE **retfp); estream_t *retfp);
/* Create a table used to indetify duplicated certificates. */ /* Create a table used to indetify duplicated certificates. */
@ -341,7 +342,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp)
char *prompt; char *prompt;
char buffer[1024]; char buffer[1024];
int nread; int nread;
FILE *datafp = NULL; estream_t datafp = NULL;
hd = keydb_new (0); hd = keydb_new (0);
@ -447,16 +448,16 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp)
xfree (prompt); xfree (prompt);
if (rc) if (rc)
goto leave; goto leave;
rewind (datafp); es_rewind (datafp);
while ( (nread = fread (buffer, 1, sizeof buffer, datafp)) > 0 ) while ( (nread = es_fread (buffer, 1, sizeof buffer, datafp)) > 0 )
if ((rc = ksba_writer_write (writer, buffer, nread))) if ((rc = ksba_writer_write (writer, buffer, nread)))
{ {
log_error ("write failed: %s\n", gpg_strerror (rc)); log_error ("write failed: %s\n", gpg_strerror (rc));
goto leave; goto leave;
} }
if (ferror (datafp)) if (es_ferror (datafp))
{ {
rc = gpg_error_from_errno (rc); rc = gpg_error_from_syserror ();
log_error ("error reading temporary file: %s\n", gpg_strerror (rc)); log_error ("error reading temporary file: %s\n", gpg_strerror (rc));
goto leave; goto leave;
} }
@ -478,8 +479,7 @@ gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp)
cert = NULL; cert = NULL;
leave: leave:
if (datafp) es_fclose (datafp);
fclose (datafp);
gpgsm_destroy_writer (b64writer); gpgsm_destroy_writer (b64writer);
ksba_cert_release (cert); ksba_cert_release (cert);
xfree (desc); xfree (desc);
@ -570,7 +570,7 @@ print_short_info (ksba_cert_t cert, FILE *fp, estream_t stream)
static gpg_error_t static gpg_error_t
popen_protect_tool (ctrl_t ctrl, const char *pgmname, popen_protect_tool (ctrl_t ctrl, const char *pgmname,
FILE *infile, FILE *outfile, FILE **statusfile, FILE *infile, estream_t outfile, FILE **statusfile,
const char *prompt, const char *keygrip, const char *prompt, const char *keygrip,
pid_t *pid) pid_t *pid)
{ {
@ -614,14 +614,14 @@ popen_protect_tool (ctrl_t ctrl, const char *pgmname,
static gpg_error_t static gpg_error_t
export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen, export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
const char *prompt, const char *keygrip, const char *prompt, const char *keygrip, estream_t *retfp)
FILE **retfp)
{ {
const char *pgmname; const char *pgmname;
gpg_error_t err = 0, child_err = 0; gpg_error_t err = 0, child_err = 0;
int c, cont_line; int c, cont_line;
unsigned int pos; unsigned int pos;
FILE *infp = NULL, *outfp = NULL, *fp = NULL; FILE *infp = NULL, *fp = NULL;
estream_t outfp = NULL;
char buffer[1024]; char buffer[1024];
pid_t pid = -1; pid_t pid = -1;
int bad_pass = 0; int bad_pass = 0;
@ -647,7 +647,7 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
goto cleanup; goto cleanup;
} }
outfp = gnupg_tmpfile (); outfp = es_tmpfile ();
if (!outfp) if (!outfp)
{ {
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
@ -731,8 +731,7 @@ export_p12 (ctrl_t ctrl, const unsigned char *certimg, size_t certimglen,
err = child_err; err = child_err;
if (err) if (err)
{ {
if (outfp) es_fclose (outfp);
fclose (outfp);
} }
else else
*retfp = outfp; *retfp = outfp;

31
sm/gpgsm.c
View File

@ -1,6 +1,6 @@
/* gpgsm.c - GnuPG for S/MIME /* gpgsm.c - GnuPG for S/MIME
* Copyright (C) 2001, 2002, 2003, 2004, 2005, * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008,
* 2006, 2007, 2008 Free Software Foundation, Inc. * 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -1702,7 +1702,7 @@ main ( int argc, char **argv)
case aEncr: /* Encrypt the given file. */ case aEncr: /* Encrypt the given file. */
{ {
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-"); estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
set_binary (stdin); set_binary (stdin);
@ -1713,14 +1713,13 @@ main ( int argc, char **argv)
else else
wrong_args ("--encrypt [datafile]"); wrong_args ("--encrypt [datafile]");
if (fp != stdout) es_fclose (fp);
fclose (fp);
} }
break; break;
case aSign: /* Sign the given file. */ case aSign: /* Sign the given file. */
{ {
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-"); estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
/* Fixme: We should also allow to concatenate multiple files for /* Fixme: We should also allow to concatenate multiple files for
signing because that is what gpg does.*/ signing because that is what gpg does.*/
@ -1733,8 +1732,7 @@ main ( int argc, char **argv)
else else
wrong_args ("--sign [datafile]"); wrong_args ("--sign [datafile]");
if (fp != stdout) es_fclose (fp);
fclose (fp);
} }
break; break;
@ -1748,13 +1746,13 @@ main ( int argc, char **argv)
case aVerify: case aVerify:
{ {
FILE *fp = NULL; estream_t fp = NULL;
set_binary (stdin); set_binary (stdin);
if (argc == 2 && opt.outfile) if (argc == 2 && opt.outfile)
log_info ("option --output ignored for a detached signature\n"); log_info ("option --output ignored for a detached signature\n");
else if (opt.outfile) else if (opt.outfile)
fp = open_fwrite (opt.outfile); fp = open_es_fwrite (opt.outfile);
if (!argc) if (!argc)
gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */ gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */
@ -1765,14 +1763,13 @@ main ( int argc, char **argv)
else else
wrong_args ("--verify [signature [detached_data]]"); wrong_args ("--verify [signature [detached_data]]");
if (fp && fp != stdout) es_fclose (fp);
fclose (fp);
} }
break; break;
case aDecrypt: case aDecrypt:
{ {
FILE *fp = open_fwrite (opt.outfile?opt.outfile:"-"); estream_t fp = open_es_fwrite (opt.outfile?opt.outfile:"-");
set_binary (stdin); set_binary (stdin);
if (!argc) if (!argc)
@ -1781,8 +1778,8 @@ main ( int argc, char **argv)
gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */ gpgsm_decrypt (&ctrl, open_read (*argv), fp); /* from file */
else else
wrong_args ("--decrypt [filename]"); wrong_args ("--decrypt [filename]");
if (fp != stdout)
fclose (fp); es_fclose (fp);
} }
break; break;
@ -2034,9 +2031,9 @@ check_special_filename (const char *fname, int for_write)
/* Open the FILENAME for read and return the filedescriptor. Stop /* Open the FILENAME for read and return the file descriptor. Stop
with an error message in case of problems. "-" denotes stdin and with an error message in case of problems. "-" denotes stdin and
if special filenames are allowed the given fd is opened instead. */ if special filenames are allowed the given fd is opened instead. */
static int static int
open_read (const char *filename) open_read (const char *filename)
{ {

14
sm/gpgsm.h
View File

@ -1,5 +1,6 @@
/* gpgsm.h - Global definitions for GpgSM /* gpgsm.h - Global definitions for GpgSM
* Copyright (C) 2001, 2003, 2004, 2007, 2009 Free Software Foundation, Inc. * Copyright (C) 2001, 2003, 2004, 2007, 2009,
* 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -255,7 +256,7 @@ char *gpgsm_get_certid (ksba_cert_t cert);
/*-- base64.c --*/ /*-- base64.c --*/
int gpgsm_create_reader (Base64Context *ctx, int gpgsm_create_reader (Base64Context *ctx,
ctrl_t ctrl, FILE *fp, int allow_multi_pem, ctrl_t ctrl, estream_t fp, int allow_multi_pem,
ksba_reader_t *r_reader); ksba_reader_t *r_reader);
int gpgsm_reader_eof_seen (Base64Context ctx); int gpgsm_reader_eof_seen (Base64Context ctx);
void gpgsm_destroy_reader (Base64Context ctx); void gpgsm_destroy_reader (Base64Context ctx);
@ -350,18 +351,19 @@ void gpgsm_p12_export (ctrl_t ctrl, const char *name, FILE *fp);
int gpgsm_delete (ctrl_t ctrl, strlist_t names); int gpgsm_delete (ctrl_t ctrl, strlist_t names);
/*-- verify.c --*/ /*-- verify.c --*/
int gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp); int gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp);
/*-- sign.c --*/ /*-- sign.c --*/
int gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert); int gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert);
int gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, int gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
int data_fd, int detached, FILE *out_fp); int data_fd, int detached, estream_t out_fp);
/*-- encrypt.c --*/ /*-- encrypt.c --*/
int gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist, int in_fd, FILE *out_fp); int gpgsm_encrypt (ctrl_t ctrl, certlist_t recplist,
int in_fd, estream_t out_fp);
/*-- decrypt.c --*/ /*-- decrypt.c --*/
int gpgsm_decrypt (ctrl_t ctrl, int in_fd, FILE *out_fp); int gpgsm_decrypt (ctrl_t ctrl, int in_fd, estream_t out_fp);
/*-- certreqgen.c --*/ /*-- certreqgen.c --*/
int gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, FILE *out_fp); int gpgsm_genkey (ctrl_t ctrl, estream_t in_stream, FILE *out_fp);

38
sm/import.c
View File

@ -48,8 +48,8 @@ struct stats_s {
}; };
static gpg_error_t parse_p12 (ctrl_t ctrl, ksba_reader_t reader, FILE **retfp, static gpg_error_t parse_p12 (ctrl_t ctrl, ksba_reader_t reader,
struct stats_s *stats); estream_t *retfp, struct stats_s *stats);
@ -254,14 +254,14 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
ksba_reader_t reader; ksba_reader_t reader;
ksba_cert_t cert = NULL; ksba_cert_t cert = NULL;
ksba_cms_t cms = NULL; ksba_cms_t cms = NULL;
FILE *fp = NULL; estream_t fp = NULL;
ksba_content_type_t ct; ksba_content_type_t ct;
int any = 0; int any = 0;
fp = fdopen ( dup (in_fd), "rb"); fp = es_fdopen_nc (in_fd, "rb");
if (!fp) if (!fp)
{ {
rc = gpg_error (gpg_err_code_from_errno (errno)); rc = gpg_error_from_syserror ();
log_error ("fdopen() failed: %s\n", strerror (errno)); log_error ("fdopen() failed: %s\n", strerror (errno));
goto leave; goto leave;
} }
@ -331,7 +331,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
certificate we included in the p12 file; then we continue certificate we included in the p12 file; then we continue
to look for other pkcs12 files (works only if they are in to look for other pkcs12 files (works only if they are in
PEM format. */ PEM format. */
FILE *certfp; estream_t certfp;
Base64Context b64p12rdr; Base64Context b64p12rdr;
ksba_reader_t p12rdr; ksba_reader_t p12rdr;
@ -340,12 +340,12 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
{ {
any = 1; any = 1;
rewind (certfp); es_rewind (certfp);
rc = gpgsm_create_reader (&b64p12rdr, ctrl, certfp, 1, &p12rdr); rc = gpgsm_create_reader (&b64p12rdr, ctrl, certfp, 1, &p12rdr);
if (rc) if (rc)
{ {
log_error ("can't create reader: %s\n", gpg_strerror (rc)); log_error ("can't create reader: %s\n", gpg_strerror (rc));
fclose (certfp); es_fclose (certfp);
goto leave; goto leave;
} }
@ -366,7 +366,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
if (gpg_err_code (rc) == GPG_ERR_EOF) if (gpg_err_code (rc) == GPG_ERR_EOF)
rc = 0; rc = 0;
gpgsm_destroy_reader (b64p12rdr); gpgsm_destroy_reader (b64p12rdr);
fclose (certfp); es_fclose (certfp);
if (rc) if (rc)
goto leave; goto leave;
} }
@ -401,8 +401,7 @@ import_one (ctrl_t ctrl, struct stats_s *stats, int in_fd)
ksba_cms_release (cms); ksba_cms_release (cms);
ksba_cert_release (cert); ksba_cert_release (cert);
gpgsm_destroy_reader (b64reader); gpgsm_destroy_reader (b64reader);
if (fp) es_fclose (fp);
fclose (fp);
return rc; return rc;
} }
@ -585,7 +584,8 @@ gpgsm_import_files (ctrl_t ctrl, int nfiles, char **files,
success or an error code. */ success or an error code. */
static gpg_error_t static gpg_error_t
popen_protect_tool (ctrl_t ctrl, const char *pgmname, popen_protect_tool (ctrl_t ctrl, const char *pgmname,
FILE *infile, FILE *outfile, FILE **statusfile, pid_t *pid) FILE *infile, estream_t outfile,
FILE **statusfile, pid_t *pid)
{ {
const char *argv[22]; const char *argv[22];
int i=0; int i=0;
@ -627,17 +627,18 @@ popen_protect_tool (ctrl_t ctrl, const char *pgmname,
certificates from that stupid format. We will also store secret certificates from that stupid format. We will also store secret
keys. All of the pkcs#12 parsing and key storing is handled by the keys. All of the pkcs#12 parsing and key storing is handled by the
gpg-protect-tool, we merely have to take care of receiving the gpg-protect-tool, we merely have to take care of receiving the
certificates. On success RETFP returns a temporary file with certificates. On success RETFP returns a stream to a temporary
certificates. */ file with certificates. */
static gpg_error_t static gpg_error_t
parse_p12 (ctrl_t ctrl, ksba_reader_t reader, parse_p12 (ctrl_t ctrl, ksba_reader_t reader,
FILE **retfp, struct stats_s *stats) estream_t *retfp, struct stats_s *stats)
{ {
const char *pgmname; const char *pgmname;
gpg_error_t err = 0, child_err = 0; gpg_error_t err = 0, child_err = 0;
int c, cont_line; int c, cont_line;
unsigned int pos; unsigned int pos;
FILE *tmpfp, *certfp = NULL, *fp = NULL; FILE *tmpfp, *fp = NULL;
estream_t certfp = NULL;
char buffer[1024]; char buffer[1024];
size_t nread; size_t nread;
pid_t pid = -1; pid_t pid = -1;
@ -679,7 +680,7 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader,
goto cleanup; goto cleanup;
} }
certfp = gnupg_tmpfile (); certfp = es_tmpfile ();
if (!certfp) if (!certfp)
{ {
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
@ -780,8 +781,7 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader,
err = child_err; err = child_err;
if (err) if (err)
{ {
if (certfp) es_fclose (certfp);
fclose (certfp);
} }
else else
*retfp = certfp; *retfp = certfp;

43
sm/server.c
View File

@ -1,6 +1,6 @@
/* server.c - Server mode and main entry point /* server.c - Server mode and main entry point
* Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009,
* 2007, 2008, 2009 Free Software Foundation, Inc. * 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -451,7 +451,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
ctrl_t ctrl = assuan_get_pointer (ctx); ctrl_t ctrl = assuan_get_pointer (ctx);
certlist_t cl; certlist_t cl;
int inp_fd, out_fd; int inp_fd, out_fd;
FILE *out_fp; estream_t out_fp;
int rc; int rc;
(void)line; (void)line;
@ -463,9 +463,9 @@ cmd_encrypt (assuan_context_t ctx, char *line)
if (out_fd == -1) if (out_fd == -1)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
out_fp = fdopen (dup (out_fd), "w"); out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp) if (!out_fp)
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
/* Now add all encrypt-to marked recipients from the default /* Now add all encrypt-to marked recipients from the default
list. */ list. */
@ -483,7 +483,7 @@ cmd_encrypt (assuan_context_t ctx, char *line)
rc = gpgsm_encrypt (assuan_get_pointer (ctx), rc = gpgsm_encrypt (assuan_get_pointer (ctx),
ctrl->server_local->recplist, ctrl->server_local->recplist,
inp_fd, out_fp); inp_fd, out_fp);
fclose (out_fp); es_fclose (out_fp);
gpgsm_release_certlist (ctrl->server_local->recplist); gpgsm_release_certlist (ctrl->server_local->recplist);
ctrl->server_local->recplist = NULL; ctrl->server_local->recplist = NULL;
@ -508,7 +508,7 @@ cmd_decrypt (assuan_context_t ctx, char *line)
{ {
ctrl_t ctrl = assuan_get_pointer (ctx); ctrl_t ctrl = assuan_get_pointer (ctx);
int inp_fd, out_fd; int inp_fd, out_fd;
FILE *out_fp; estream_t out_fp;
int rc; int rc;
(void)line; (void)line;
@ -520,16 +520,16 @@ cmd_decrypt (assuan_context_t ctx, char *line)
if (out_fd == -1) if (out_fd == -1)
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
out_fp = fdopen (dup(out_fd), "w"); out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp) if (!out_fp)
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
rc = start_audit_session (ctrl); rc = start_audit_session (ctrl);
if (!rc) if (!rc)
rc = gpgsm_decrypt (ctrl, inp_fd, out_fp); rc = gpgsm_decrypt (ctrl, inp_fd, out_fp);
fclose (out_fp); es_fclose (out_fp);
/* close and reset the fd */ /* Close and reset the fds. */
close_message_fd (ctrl); close_message_fd (ctrl);
assuan_close_input_fd (ctx); assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx); assuan_close_output_fd (ctx);
@ -554,7 +554,7 @@ cmd_verify (assuan_context_t ctx, char *line)
ctrl_t ctrl = assuan_get_pointer (ctx); ctrl_t ctrl = assuan_get_pointer (ctx);
int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0); int fd = translate_sys2libc_fd (assuan_get_input_fd (ctx), 0);
int out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1); int out_fd = translate_sys2libc_fd (assuan_get_output_fd (ctx), 1);
FILE *out_fp = NULL; estream_t out_fp = NULL;
(void)line; (void)line;
@ -563,19 +563,18 @@ cmd_verify (assuan_context_t ctx, char *line)
if (out_fd != -1) if (out_fd != -1)
{ {
out_fp = fdopen ( dup(out_fd), "w"); out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp) if (!out_fp)
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
} }
rc = start_audit_session (ctrl); rc = start_audit_session (ctrl);
if (!rc) if (!rc)
rc = gpgsm_verify (assuan_get_pointer (ctx), fd, rc = gpgsm_verify (assuan_get_pointer (ctx), fd,
ctrl->server_local->message_fd, out_fp); ctrl->server_local->message_fd, out_fp);
if (out_fp) es_fclose (out_fp);
fclose (out_fp);
/* close and reset the fd */ /* Close and reset the fd. */
close_message_fd (ctrl); close_message_fd (ctrl);
assuan_close_input_fd (ctx); assuan_close_input_fd (ctx);
assuan_close_output_fd (ctx); assuan_close_output_fd (ctx);
@ -595,7 +594,7 @@ cmd_sign (assuan_context_t ctx, char *line)
{ {
ctrl_t ctrl = assuan_get_pointer (ctx); ctrl_t ctrl = assuan_get_pointer (ctx);
int inp_fd, out_fd; int inp_fd, out_fd;
FILE *out_fp; estream_t out_fp;
int detached; int detached;
int rc; int rc;
@ -608,7 +607,7 @@ cmd_sign (assuan_context_t ctx, char *line)
detached = has_option (line, "--detached"); detached = has_option (line, "--detached");
out_fp = fdopen ( dup(out_fd), "w"); out_fp = es_fdopen_nc (out_fd, "w");
if (!out_fp) if (!out_fp)
return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed"); return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed");
@ -616,7 +615,7 @@ cmd_sign (assuan_context_t ctx, char *line)
if (!rc) if (!rc)
rc = gpgsm_sign (assuan_get_pointer (ctx), ctrl->server_local->signerlist, rc = gpgsm_sign (assuan_get_pointer (ctx), ctrl->server_local->signerlist,
inp_fd, detached, out_fp); inp_fd, detached, out_fp);
fclose (out_fp); es_fclose (out_fp);
/* close and reset the fd */ /* close and reset the fd */
close_message_fd (ctrl); close_message_fd (ctrl);
@ -916,9 +915,9 @@ do_listkeys (assuan_context_t ctx, char *line, int mode)
if ( outfd == -1 ) if ( outfd == -1 )
return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL); return set_error (GPG_ERR_ASS_NO_OUTPUT, NULL);
fp = es_fdopen ( dup (outfd), "w"); fp = es_fdopen_nc (outfd, "w");
if (!fp) if (!fp)
return set_error (GPG_ERR_ASS_GENERAL, "es_fdopen() failed"); return set_error (gpg_err_code_from_syserror (), "es_fdopen() failed");
} }
else else
{ {

36
sm/sign.c
View File

@ -1,5 +1,6 @@
/* sign.c - Sign a message /* sign.c - Sign a message
* Copyright (C) 2001, 2002, 2003, 2008 Free Software Foundation, Inc. * Copyright (C) 2001, 2002, 2003, 2008,
* 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -38,12 +39,12 @@
static int static int
hash_data (int fd, gcry_md_hd_t md) hash_data (int fd, gcry_md_hd_t md)
{ {
FILE *fp; estream_t fp;
char buffer[4096]; char buffer[4096];
int nread; int nread;
int rc = 0; int rc = 0;
fp = fdopen ( dup (fd), "rb"); fp = es_fdopen_nc (fd, "rb");
if (!fp) if (!fp)
{ {
log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno)); log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
@ -52,40 +53,41 @@ hash_data (int fd, gcry_md_hd_t md)
do do
{ {
nread = fread (buffer, 1, DIM(buffer), fp); nread = es_fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread); gcry_md_write (md, buffer, nread);
} }
while (nread); while (nread);
if (ferror (fp)) if (es_ferror (fp))
{ {
log_error ("read error on fd %d: %s\n", fd, strerror (errno)); log_error ("read error on fd %d: %s\n", fd, strerror (errno));
rc = -1; rc = -1;
} }
fclose (fp); es_fclose (fp);
return rc; return rc;
} }
static int static int
hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer) hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
{ {
gpg_error_t err; gpg_error_t err;
FILE *fp; estream_t fp;
char buffer[4096]; char buffer[4096];
int nread; int nread;
int rc = 0; int rc = 0;
int any = 0; int any = 0;
fp = fdopen ( dup (fd), "rb"); fp = es_fdopen_nc (fd, "rb");
if (!fp) if (!fp)
{ {
gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno)); gpg_error_t tmperr = gpg_error_from_syserror ();
log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno)); log_error ("fdopen(%d) failed: %s\n", fd, strerror (errno));
return tmperr; return tmperr;
} }
do do
{ {
nread = fread (buffer, 1, DIM(buffer), fp); nread = es_fread (buffer, 1, DIM(buffer), fp);
if (nread) if (nread)
{ {
any = 1; any = 1;
@ -99,18 +101,18 @@ hash_and_copy_data (int fd, gcry_md_hd_t md, ksba_writer_t writer)
} }
} }
while (nread && !rc); while (nread && !rc);
if (ferror (fp)) if (es_ferror (fp))
{ {
rc = gpg_error (gpg_err_code_from_errno (errno)); rc = gpg_error_from_syserror ();
log_error ("read error on fd %d: %s\n", fd, strerror (errno)); log_error ("read error on fd %d: %s\n", fd, strerror (errno));
} }
fclose (fp); es_fclose (fp);
if (!any) if (!any)
{ {
/* We can't allow to sign an empty message because it does not /* We can't allow to sign an empty message because it does not
make much sense and more seriously, ksba-cms_build has make much sense and more seriously, ksba_cms_build has
already written the tag for data and now expects an octet already written the tag for data and now expects an octet
string but an octet string of zeize 0 is illegal. */ string and an octet string of size 0 is illegal. */
log_error ("cannot sign an empty message\n"); log_error ("cannot sign an empty message\n");
rc = gpg_error (GPG_ERR_NO_DATA); rc = gpg_error (GPG_ERR_NO_DATA);
} }
@ -310,7 +312,7 @@ add_certificate_list (ctrl_t ctrl, ksba_cms_t cms, ksba_cert_t cert)
be used if the value of this argument is NULL. */ be used if the value of this argument is NULL. */
int int
gpgsm_sign (ctrl_t ctrl, certlist_t signerlist, gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
int data_fd, int detached, FILE *out_fp) int data_fd, int detached, estream_t out_fp)
{ {
int i, rc; int i, rc;
gpg_error_t err; gpg_error_t err;
@ -338,7 +340,7 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
} }
ctrl->pem_name = "SIGNED MESSAGE"; ctrl->pem_name = "SIGNED MESSAGE";
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, NULL, &writer); rc = gpgsm_create_writer (&b64writer, ctrl, NULL, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));

34
sm/verify.c
View File

@ -1,5 +1,6 @@
/* verify.c - Verify a messages signature /* verify.c - Verify a messages signature
* Copyright (C) 2001, 2002, 2003, 2007 Free Software Foundation, Inc. * Copyright (C) 2001, 2002, 2003, 2007,
* 2010 Free Software Foundation, Inc.
* *
* This file is part of GnuPG. * This file is part of GnuPG.
* *
@ -52,11 +53,11 @@ static gpg_error_t
hash_data (int fd, gcry_md_hd_t md) hash_data (int fd, gcry_md_hd_t md)
{ {
gpg_error_t err = 0; gpg_error_t err = 0;
FILE *fp; estream_t fp;
char buffer[4096]; char buffer[4096];
int nread; int nread;
fp = fdopen ( dup (fd), "rb"); fp = es_fdopen_nc (fd, "rb");
if (!fp) if (!fp)
{ {
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
@ -66,27 +67,27 @@ hash_data (int fd, gcry_md_hd_t md)
do do
{ {
nread = fread (buffer, 1, DIM(buffer), fp); nread = es_fread (buffer, 1, DIM(buffer), fp);
gcry_md_write (md, buffer, nread); gcry_md_write (md, buffer, nread);
} }
while (nread); while (nread);
if (ferror (fp)) if (es_ferror (fp))
{ {
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err)); log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err));
} }
fclose (fp); es_fclose (fp);
return err; return err;
} }
/* Perform a verify operation. To verify detached signatures, data_fd /* Perform a verify operation. To verify detached signatures, DATA_FD
must be different than -1. With OUT_FP given and a non-detached must be different than -1. With OUT_FP given and a non-detached
signature, the signed material is written to that stream. */ signature, the signed material is written to that stream. */
int int
gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp) gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp)
{ {
int i, rc; int i, rc;
Base64Context b64reader = NULL; Base64Context b64reader = NULL;
@ -102,7 +103,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
const char *algoid; const char *algoid;
int algo; int algo;
int is_detached; int is_detached;
FILE *fp = NULL; estream_t in_fp = NULL;
char *p; char *p;
audit_set_type (ctrl->audit, AUDIT_TYPE_VERIFY); audit_set_type (ctrl->audit, AUDIT_TYPE_VERIFY);
@ -116,15 +117,15 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
} }
fp = fdopen ( dup (in_fd), "rb"); in_fp = es_fdopen_nc (in_fd, "rb");
if (!fp) if (!in_fp)
{ {
rc = gpg_error (gpg_err_code_from_errno (errno)); rc = gpg_error_from_syserror ();
log_error ("fdopen() failed: %s\n", strerror (errno)); log_error ("fdopen() failed: %s\n", strerror (errno));
goto leave; goto leave;
} }
rc = gpgsm_create_reader (&b64reader, ctrl, fp, 0, &reader); rc = gpgsm_create_reader (&b64reader, ctrl, in_fp, 0, &reader);
if (rc) if (rc)
{ {
log_error ("can't create reader: %s\n", gpg_strerror (rc)); log_error ("can't create reader: %s\n", gpg_strerror (rc));
@ -133,7 +134,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
if (out_fp) if (out_fp)
{ {
rc = gpgsm_create_writer (&b64writer, ctrl, out_fp, NULL, &writer); rc = gpgsm_create_writer (&b64writer, ctrl, NULL, out_fp, &writer);
if (rc) if (rc)
{ {
log_error ("can't create writer: %s\n", gpg_strerror (rc)); log_error ("can't create writer: %s\n", gpg_strerror (rc));
@ -644,8 +645,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, FILE *out_fp)
gpgsm_destroy_writer (b64writer); gpgsm_destroy_writer (b64writer);
keydb_release (kh); keydb_release (kh);
gcry_md_close (data_md); gcry_md_close (data_md);
if (fp) es_fclose (in_fp);
fclose (fp);
if (rc) if (rc)
{ {

4
tools/ChangeLog
View File

@ -1,3 +1,7 @@
2010-03-08 Werner Koch <wk@g10code.com>
* no-libgcrypt.c (gcry_create_nonce): New.
2010-02-26 Werner Koch <wk@g10code.com> 2010-02-26 Werner Koch <wk@g10code.com>
* gpg-connect-agent.c (main): New option --tcp-socket. * gpg-connect-agent.c (main): New option --tcp-socket.

10
tools/no-libgcrypt.c
View File

@ -142,3 +142,13 @@ gcry_set_log_handler (gcry_handler_log_t f, void *opaque)
(void)f; (void)f;
(void)opaque; (void)opaque;
} }
void
gcry_create_nonce (void *buffer, size_t length)
{
(void)buffer;
(void)length;
log_fatal ("unexpected call to gcry_create_nonce\n");
}