1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00

Replace all calls to access by gnupg_access

* common/sysutils.c (gnupg_access): New.  Replace all calls to access
by this wrapper.
* common/homedir.c (w32_shgetfolderpath): Change to return UTF-8
directory name.
(standard_homedir): Adjust for change.
(w32_commondir, gnupg_cachedir): Ditto.
--

Also use SHGetFolderPathW instead of SHGetFolderPathA on Windows.

This is required to correctly handle non-ascii filenames on Windows.

GnuPG-bug-id: 5098
(cherry picked from commit c94ee1386e0d5cdac51086c4d5b92de59c09c9b5)
This commit is contained in:
Werner Koch 2020-10-20 10:43:55 +02:00
parent 25bec16d0b
commit dd5fd4a760
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
28 changed files with 163 additions and 115 deletions

View File

@ -170,7 +170,7 @@ agent_write_private_key (const unsigned char *grip,
/* FIXME: Write to a temp file first so that write failures during /* FIXME: Write to a temp file first so that write failures during
key updates won't lead to a key loss. */ key updates won't lead to a key loss. */
if (!force && !access (fname, F_OK)) if (!force && !gnupg_access (fname, F_OK))
{ {
log_error ("secret key file '%s' already exists\n", fname); log_error ("secret key file '%s' already exists\n", fname);
xfree (fname); xfree (fname);
@ -1377,7 +1377,7 @@ agent_key_available (const unsigned char *grip)
fname = make_filename (gnupg_homedir (), GNUPG_PRIVATE_KEYS_DIR, fname = make_filename (gnupg_homedir (), GNUPG_PRIVATE_KEYS_DIR,
hexgrip, NULL); hexgrip, NULL);
result = !access (fname, R_OK)? 0 : -1; result = !gnupg_access (fname, R_OK)? 0 : -1;
xfree (fname); xfree (fname);
return result; return result;
} }

View File

@ -186,6 +186,7 @@ read_one_trustfile (const char *fname, int allow_include,
{ {
char *etcname; char *etcname;
gpg_error_t err2; gpg_error_t err2;
gpg_err_code_t ec;
if (!allow_include) if (!allow_include)
{ {
@ -199,7 +200,7 @@ read_one_trustfile (const char *fname, int allow_include,
if ( !strcmp (etcname, fname) ) /* Same file. */ if ( !strcmp (etcname, fname) ) /* Same file. */
log_info (_("statement \"%s\" ignored in '%s', line %d\n"), log_info (_("statement \"%s\" ignored in '%s', line %d\n"),
"include-default", fname, lnr); "include-default", fname, lnr);
else if ( access (etcname, F_OK) && errno == ENOENT ) else if ((ec=gnupg_access (etcname, F_OK)) && ec == GPG_ERR_ENOENT)
{ {
/* A non existent system trustlist is not an error. /* A non existent system trustlist is not an error.
Just print a note. */ Just print a note. */
@ -337,6 +338,7 @@ read_trustfiles (void)
size_t tablesize; size_t tablesize;
char *fname; char *fname;
int allow_include = 1; int allow_include = 1;
gpg_err_code_t ec;
tablesize = 20; tablesize = 20;
table = xtrycalloc (tablesize, sizeof *table); table = xtrycalloc (tablesize, sizeof *table);
@ -352,13 +354,13 @@ read_trustfiles (void)
return err; return err;
} }
if ( access (fname, F_OK) ) if ((ec = gnupg_access (fname, F_OK)))
{ {
if ( errno == ENOENT ) if ( ec == GPG_ERR_ENOENT )
; /* Silently ignore a non-existing trustfile. */ ; /* Silently ignore a non-existing trustfile. */
else else
{ {
err = gpg_error_from_syserror (); err = gpg_error (ec);
log_error (_("error opening '%s': %s\n"), fname, gpg_strerror (err)); log_error (_("error opening '%s': %s\n"), fname, gpg_strerror (err));
} }
xfree (fname); xfree (fname);
@ -602,6 +604,7 @@ gpg_error_t
agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag) agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
{ {
gpg_error_t err = 0; gpg_error_t err = 0;
gpg_err_code_t ec;
char *desc; char *desc;
char *fname; char *fname;
estream_t fp; estream_t fp;
@ -619,7 +622,7 @@ agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
if (!fname) if (!fname)
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
if ( access (fname, W_OK) && errno != ENOENT) if ((ec = access (fname, W_OK)) && ec != GPG_ERR_ENOENT)
{ {
xfree (fname); xfree (fname);
return gpg_error (GPG_ERR_EPERM); return gpg_error (GPG_ERR_EPERM);
@ -752,12 +755,12 @@ agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
xfree (nameformatted); xfree (nameformatted);
return err; return err;
} }
if ( access (fname, F_OK) && errno == ENOENT) if ((ec = access (fname, F_OK)) && ec == GPG_ERR_ENOENT)
{ {
fp = es_fopen (fname, "wx,mode=-rw-r"); fp = es_fopen (fname, "wx,mode=-rw-r");
if (!fp) if (!fp)
{ {
err = gpg_error_from_syserror (); err = gpg_error (ec);
log_error ("can't create '%s': %s\n", fname, gpg_strerror (err)); log_error ("can't create '%s': %s\n", fname, gpg_strerror (err));
xfree (fname); xfree (fname);
unlock_trusttable (); unlock_trusttable ();

View File

@ -835,14 +835,15 @@ gpg_error_t
gnupg_spawn_process_detached (const char *pgmname, const char *argv[], gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
const char *envp[] ) const char *envp[] )
{ {
gpg_err_code_t ec;
pid_t pid; pid_t pid;
int i; int i;
if (getuid() != geteuid()) if (getuid() != geteuid())
return my_error (GPG_ERR_BUG); return my_error (GPG_ERR_BUG);
if (access (pgmname, X_OK)) if ((ec = gnupg_access (pgmname, X_OK)))
return my_error_from_syserror (); return gpg_err_make (default_errsource, ec);
pid = fork (); pid = fork ();
if (pid == (pid_t)(-1)) if (pid == (pid_t)(-1))

View File

@ -855,13 +855,13 @@ gnupg_spawn_process_detached (const char *pgmname, const char *argv[],
STARTUPINFO si; STARTUPINFO si;
int cr_flags; int cr_flags;
char *cmdline; char *cmdline;
gpg_err_code_t ec;
/* We don't use ENVP. */ /* We don't use ENVP. */
(void)envp; (void)envp;
if (access (pgmname, X_OK)) if ((ec = gnupg_access (pgmname, X_OK)))
return my_error_from_syserror (); return gpg_err_make (default_errsource, ec);
/* Prepare security attributes. */ /* Prepare security attributes. */
memset (&sec_attr, 0, sizeof sec_attr ); memset (&sec_attr, 0, sizeof sec_attr );

View File

@ -117,14 +117,16 @@ w32_try_mkdir (const char *dir)
#endif #endif
/* This is a helper function to load a Windows function from either of /* This is a helper function to load and call a Windows function from
one DLLs. */ * either of one DLLs. On success an UTF-8 file name is returned.
* ERRNO is _not_ set on error. */
#ifdef HAVE_W32_SYSTEM #ifdef HAVE_W32_SYSTEM
static HRESULT static char *
w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e) w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d)
{ {
static int initialized; static int initialized;
static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPSTR); static HRESULT (WINAPI * func)(HWND,int,HANDLE,DWORD,LPWSTR);
wchar_t wfname[MAX_PATH];
if (!initialized) if (!initialized)
{ {
@ -139,7 +141,7 @@ w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e)
handle = dlopen (dllnames[i], RTLD_LAZY); handle = dlopen (dllnames[i], RTLD_LAZY);
if (handle) if (handle)
{ {
func = dlsym (handle, "SHGetFolderPathA"); func = dlsym (handle, "SHGetFolderPathW");
if (!func) if (!func)
{ {
dlclose (handle); dlclose (handle);
@ -149,10 +151,10 @@ w32_shgetfolderpath (HWND a, int b, HANDLE c, DWORD d, LPSTR e)
} }
} }
if (func) if (func && func (a,b,c,d,wfname) >= 0)
return func (a,b,c,d,e); return wchar_to_utf8 (wfname);
else else
return -1; return NULL;
} }
#endif /*HAVE_W32_SYSTEM*/ #endif /*HAVE_W32_SYSTEM*/
@ -248,25 +250,17 @@ standard_homedir (void)
} }
else else
{ {
char path[MAX_PATH]; char *path;
/* It might be better to use LOCAL_APPDATA because this is path = w32_shgetfolderpath (NULL, CSIDL_APPDATA|CSIDL_FLAG_CREATE,
defined as "non roaming" and thus more likely to be kept NULL, 0);
locally. For private keys this is desired. However, if (path)
given that many users copy private keys anyway forth and
back, using a system roaming services might be better
than to let them do it manually. A security conscious
user will anyway use the registry entry to have better
control. */
if (w32_shgetfolderpath (NULL, CSIDL_APPDATA|CSIDL_FLAG_CREATE,
NULL, 0, path) >= 0)
{ {
char *tmp = xmalloc (strlen (path) + 6 +1); dir = xstrconcat (path, "\\gnupg", NULL);
strcpy (stpcpy (tmp, path), "\\gnupg"); xfree (path);
dir = tmp;
/* Try to create the directory if it does not yet exists. */ /* Try to create the directory if it does not yet exists. */
if (access (dir, F_OK)) if (gnupg_access (dir, F_OK))
w32_try_mkdir (dir); w32_try_mkdir (dir);
} }
else else
@ -360,10 +354,10 @@ check_portable_app (const char *dir)
char *fname; char *fname;
fname = xstrconcat (dir, DIRSEP_S "gpgconf.exe", NULL); fname = xstrconcat (dir, DIRSEP_S "gpgconf.exe", NULL);
if (!access (fname, F_OK)) if (!gnupg_access (fname, F_OK))
{ {
strcpy (fname + strlen (fname) - 3, "ctl"); strcpy (fname + strlen (fname) - 3, "ctl");
if (!access (fname, F_OK)) if (!gnupg_access (fname, F_OK))
{ {
/* gpgconf.ctl file found. Record this fact. */ /* gpgconf.ctl file found. Record this fact. */
w32_portable_app = 1; w32_portable_app = 1;
@ -440,7 +434,7 @@ w32_commondir (void)
if (!dir) if (!dir)
{ {
const char *rdir; const char *rdir;
char path[MAX_PATH]; char *path;
/* Make sure that w32_rootdir has been called so that we are /* Make sure that w32_rootdir has been called so that we are
able to check the portable application flag. The common dir able to check the portable application flag. The common dir
@ -450,19 +444,17 @@ w32_commondir (void)
if (w32_portable_app) if (w32_portable_app)
return rdir; return rdir;
if (w32_shgetfolderpath (NULL, CSIDL_COMMON_APPDATA, path = w32_shgetfolderpath (NULL, CSIDL_COMMON_APPDATA, NULL, 0);
NULL, 0, path) >= 0) if (path)
{ {
char *tmp = xmalloc (strlen (path) + 4 +1); dir = xstrconcat (path, "\\GNU", NULL);
strcpy (stpcpy (tmp, path), "\\GNU");
dir = tmp;
/* No auto create of the directory. Either the installer or /* No auto create of the directory. Either the installer or
the admin has to create these directories. */ * the admin has to create these directories. */
} }
else else
{ {
/* Ooops: Not defined - probably an old Windows version. /* Folder not found or defined - probably an old Windows
Use the installation directory instead. */ * version. Use the installation directory instead. */
dir = xstrdup (rdir); dir = xstrdup (rdir);
} }
} }
@ -903,7 +895,7 @@ gnupg_cachedir (void)
} }
else else
{ {
char path[MAX_PATH]; char *path;
const char *s1[] = { "GNU", "cache", "gnupg", NULL }; const char *s1[] = { "GNU", "cache", "gnupg", NULL };
int s1_len; int s1_len;
const char **comp; const char **comp;
@ -912,8 +904,10 @@ gnupg_cachedir (void)
for (comp = s1; *comp; comp++) for (comp = s1; *comp; comp++)
s1_len += 1 + strlen (*comp); s1_len += 1 + strlen (*comp);
if (w32_shgetfolderpath (NULL, CSIDL_LOCAL_APPDATA|CSIDL_FLAG_CREATE, path = w32_shgetfolderpath (NULL,
NULL, 0, path) >= 0) CSIDL_LOCAL_APPDATA|CSIDL_FLAG_CREATE,
NULL, 0);
if (path)
{ {
char *tmp = xmalloc (strlen (path) + s1_len + 1); char *tmp = xmalloc (strlen (path) + s1_len + 1);
char *p; char *p;
@ -924,11 +918,12 @@ gnupg_cachedir (void)
p = stpcpy (p, "\\"); p = stpcpy (p, "\\");
p = stpcpy (p, *comp); p = stpcpy (p, *comp);
if (access (tmp, F_OK)) if (gnupg_access (tmp, F_OK))
w32_try_mkdir (tmp); w32_try_mkdir (tmp);
} }
dir = tmp; dir = tmp;
xfree (path);
} }
else else
{ {
@ -1002,7 +997,7 @@ get_default_pinentry_name (int reset)
char *name2; char *name2;
name2 = xstrconcat (names[i].rfnc (), names[i].name, NULL); name2 = xstrconcat (names[i].rfnc (), names[i].name, NULL);
if (!access (name2, F_OK)) if (!gnupg_access (name2, F_OK))
{ {
/* Use that pinentry. */ /* Use that pinentry. */
xfree (name); xfree (name);

View File

@ -813,7 +813,7 @@ gnupg_chdir (const char *name)
#if GPG_ERROR_VERSION_NUMBER < 0x011c00 /* 1.28 */ #if GPG_ERROR_VERSION_NUMBER < 0x011c00 /* 1.28 */
return chdir (name); return chdir (name);
#else /* Use the improved version from libgpg_error. */ #else /* Use the improved version from libgpg_error. */
/* Note that gpgrt_chdir also sets ERRNO in addition to returing a /* Note that gpgrt_chdir also sets ERRNO in addition to returning a
* gpg-error style error code. */ * gpg-error style error code. */
return gpgrt_chdir (name); return gpgrt_chdir (name);
#endif #endif
@ -1036,10 +1036,14 @@ gnupg_unsetenv (const char *name)
/* Return the current working directory as a malloced string. Return /* Return the current working directory as a malloced string. Return
NULL and sets ERRNo on error. */ NULL and sets ERRNO on error. */
char * char *
gnupg_getcwd (void) gnupg_getcwd (void)
{ {
#if GPGRT_VERSION_NUMBER < 0x012800 /* 1.40 */
/* We use the old code which is okay despite that it does not
* support Unicode on Windows. For Windows this doesn't matter
* because we use the latest gpgrt anyway. */
char *buffer; char *buffer;
size_t size = 100; size_t size = 100;
@ -1048,18 +1052,47 @@ gnupg_getcwd (void)
buffer = xtrymalloc (size+1); buffer = xtrymalloc (size+1);
if (!buffer) if (!buffer)
return NULL; return NULL;
#ifdef HAVE_W32CE_SYSTEM # ifdef HAVE_W32CE_SYSTEM
strcpy (buffer, "/"); /* Always "/". */ strcpy (buffer, "/"); /* Always "/". */
return buffer; return buffer;
#else # else
if (getcwd (buffer, size) == buffer) if (getcwd (buffer, size) == buffer)
return buffer; return buffer;
xfree (buffer); xfree (buffer);
if (errno != ERANGE) if (errno != ERANGE)
return NULL; return NULL;
size *= 2; size *= 2;
#endif # endif
} }
#else
return gpgrt_getcwd ();
#endif
}
/* A simple wrapper around access. NAME is expected to be utf8
* encoded. This function returns an error code and sets ERRNO. */
gpg_err_code_t
gnupg_access (const char *name, int mode)
{
#if GPGRT_VERSION_NUMBER < 0x012800 /* 1.40 */
# ifdef HAVE_W32_SYSTEM
wchar_t *wfname;
wfname = utf8_to_wchar (fname);
if (!wfname)
ec = gpg_err_code_from_syserror ();
else
{
ec = _waccess (wfname, mode)? gpg_err_code_from_syserror () : 0;
xfree (wfname);
}
# else
return access (name, mode)? gpg_err_code_from_syserror () : 0;
# endif
#else /* gpgrt 1.40 or newer. */
return gpgrt_access (name, mode);
#endif
} }

View File

@ -72,6 +72,7 @@ char *gnupg_mkdtemp (char *template);
int gnupg_setenv (const char *name, const char *value, int overwrite); int gnupg_setenv (const char *name, const char *value, int overwrite);
int gnupg_unsetenv (const char *name); int gnupg_unsetenv (const char *name);
char *gnupg_getcwd (void); char *gnupg_getcwd (void);
gpg_err_code_t gnupg_access (const char *name, int mode);
char *gnupg_get_socket_name (int fd); char *gnupg_get_socket_name (int fd);
int gnupg_fd_valid (int fd); int gnupg_fd_valid (int fd);

View File

@ -45,6 +45,7 @@ test_executing_true (void)
char *result; char *result;
size_t len; size_t len;
/* Fixme: We should use gpgrt_access here. */
if (access (pgmname, X_OK)) if (access (pgmname, X_OK))
{ {
if (access (alt_pgmname, X_OK)) if (access (alt_pgmname, X_OK))

View File

@ -685,7 +685,7 @@ load_certs_from_system (void)
gpg_error_t err = 0; gpg_error_t err = 0;
for (idx=0; idx < DIM (table); idx++) for (idx=0; idx < DIM (table); idx++)
if (!access (table[idx].name, F_OK)) if (!gnupg_access (table[idx].name, F_OK))
{ {
/* Take the first available bundle. */ /* Take the first available bundle. */
err = load_certs_from_file (table[idx].name, CERTTRUST_CLASS_SYSTEM, 0); err = load_certs_from_file (table[idx].name, CERTTRUST_CLASS_SYSTEM, 0);

View File

@ -1078,7 +1078,7 @@ main (int argc, char **argv)
log_info (_("Note: '%s' is not considered an option\n"), argv[i]); log_info (_("Note: '%s' is not considered an option\n"), argv[i]);
} }
if (!access ("/etc/"DIRMNGR_NAME, F_OK) if (!gnupg_access ("/etc/"DIRMNGR_NAME, F_OK)
&& !strncmp (gnupg_homedir (), "/etc/", 5)) && !strncmp (gnupg_homedir (), "/etc/", 5))
log_info log_info
("NOTE: DirMngr is now a proper part of %s. The configuration and" ("NOTE: DirMngr is now a proper part of %s. The configuration and"

View File

@ -579,6 +579,7 @@ http_register_tls_callback (gpg_error_t (*cb)(http_t, http_session_t, int))
void void
http_register_tls_ca (const char *fname) http_register_tls_ca (const char *fname)
{ {
gpg_err_code_t ec;
strlist_t sl; strlist_t sl;
if (!fname) if (!fname)
@ -590,9 +591,8 @@ http_register_tls_ca (const char *fname)
{ {
/* Warn if we can't access right now, but register it anyway in /* Warn if we can't access right now, but register it anyway in
case it becomes accessible later */ case it becomes accessible later */
if (access (fname, F_OK)) if ((ec = gnupg_access (fname, F_OK)))
log_info (_("can't access '%s': %s\n"), fname, log_info (_("can't access '%s': %s\n"), fname, gpg_strerror (ec));
gpg_strerror (gpg_error_from_syserror()));
sl = add_to_strlist (&tls_ca_certlist, fname); sl = add_to_strlist (&tls_ca_certlist, fname);
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem")) if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
sl->flags = 1; sl->flags = 1;
@ -608,6 +608,7 @@ http_register_tls_ca (const char *fname)
void void
http_register_cfg_ca (const char *fname) http_register_cfg_ca (const char *fname)
{ {
gpg_err_code_t ec;
strlist_t sl; strlist_t sl;
if (!fname) if (!fname)
@ -619,9 +620,8 @@ http_register_cfg_ca (const char *fname)
{ {
/* Warn if we can't access right now, but register it anyway in /* Warn if we can't access right now, but register it anyway in
case it becomes accessible later */ case it becomes accessible later */
if (access (fname, F_OK)) if ((ec = gnupg_access (fname, F_OK)))
log_info (_("can't access '%s': %s\n"), fname, log_info (_("can't access '%s': %s\n"), fname, gpg_strerror (ec));
gpg_strerror (gpg_error_from_syserror()));
sl = add_to_strlist (&cfg_ca_certlist, fname); sl = add_to_strlist (&cfg_ca_certlist, fname);
if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem")) if (*sl->d && !strcmp (sl->d + strlen (sl->d) - 4, ".pem"))
sl->flags = 1; sl->flags = 1;

View File

@ -4021,10 +4021,11 @@ main (int argc, char **argv)
} }
/* Set the random seed file. */ /* Set the random seed file. */
if( use_random_seed ) { if (use_random_seed)
{
char *p = make_filename (gnupg_homedir (), "random_seed", NULL ); char *p = make_filename (gnupg_homedir (), "random_seed", NULL );
gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p); gcry_control (GCRYCTL_SET_RANDOM_SEED_FILE, p);
if (!access (p, F_OK)) if (!gnupg_access (p, F_OK))
register_secured_file (p); register_secured_file (p);
xfree(p); xfree(p);
} }

View File

@ -29,6 +29,7 @@
#include "gpg.h" #include "gpg.h"
#include "../common/util.h" #include "../common/util.h"
#include "../common/sysutils.h"
#include "options.h" #include "options.h"
#include "main.h" /*try_make_homedir ()*/ #include "main.h" /*try_make_homedir ()*/
#include "packet.h" #include "packet.h"
@ -293,6 +294,7 @@ keyblock_cache_clear (struct keydb_handle *hd)
static gpg_error_t static gpg_error_t
maybe_create_keyring_or_box (char *filename, int is_box, int force_create) maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
{ {
gpg_err_code_t ec;
dotlock_t lockhd = NULL; dotlock_t lockhd = NULL;
IOBUF iobuf; IOBUF iobuf;
int rc; int rc;
@ -303,8 +305,8 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
int save_slash; int save_slash;
/* A quick test whether the filename already exists. */ /* A quick test whether the filename already exists. */
if (!access (filename, F_OK)) if (!gnupg_access (filename, F_OK))
return !access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES); return !gnupg_access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES);
/* If we don't want to create a new file at all, there is no need to /* If we don't want to create a new file at all, there is no need to
go any further - bail out right here. */ go any further - bail out right here. */
@ -339,9 +341,9 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
tried = 1; tried = 1;
try_make_homedir (filename); try_make_homedir (filename);
} }
if (access (filename, F_OK)) if ((ec = gnupg_access (filename, F_OK)))
{ {
rc = gpg_error_from_syserror (); rc = gpg_error (ec);
*last_slash_in_filename = save_slash; *last_slash_in_filename = save_slash;
goto leave; goto leave;
} }
@ -398,12 +400,12 @@ maybe_create_keyring_or_box (char *filename, int is_box, int force_create)
if (rc) if (rc)
goto leave; goto leave;
if (!access (filename, F_OK)) if (!gnupg_access (filename, F_OK))
{ {
rc = 0; /* Okay, we may access the file now. */ rc = 0; /* Okay, we may access the file now. */
goto leave; goto leave;
} }
if (!access (bak_fname, F_OK) && !access (tmp_fname, F_OK)) if (!gnupg_access (bak_fname, F_OK) && !gnupg_access (tmp_fname, F_OK))
{ {
/* Very likely another process is updating a pubring.gpg and we /* Very likely another process is updating a pubring.gpg and we
should not create a pubring.kbx. */ should not create a pubring.kbx. */

View File

@ -228,7 +228,7 @@ keyring_is_writable (void *token)
{ {
KR_RESOURCE r = token; KR_RESOURCE r = token;
return r? (r->read_only || !access (r->fname, W_OK)) : 0; return r? (r->read_only || !gnupg_access (r->fname, W_OK)) : 0;
} }
@ -1606,6 +1606,7 @@ static int
do_copy (int mode, const char *fname, KBNODE root, do_copy (int mode, const char *fname, KBNODE root,
off_t start_offset, unsigned int n_packets ) off_t start_offset, unsigned int n_packets )
{ {
gpg_err_code_t ec;
IOBUF fp, newfp; IOBUF fp, newfp;
int rc=0; int rc=0;
char *bakfname = NULL; char *bakfname = NULL;
@ -1613,8 +1614,8 @@ do_copy (int mode, const char *fname, KBNODE root,
/* Open the source file. Because we do a rename, we have to check the /* Open the source file. Because we do a rename, we have to check the
permissions of the file */ permissions of the file */
if (access (fname, W_OK)) if ((ec = gnupg_access (fname, W_OK)))
return gpg_error_from_syserror (); return gpg_error (ec);
fp = iobuf_open (fname); fp = iobuf_open (fname);
if (mode == 1 && !fp && errno == ENOENT) { if (mode == 1 && !fp && errno == ENOENT) {

View File

@ -50,10 +50,10 @@ migrate_secring (ctrl_t ctrl)
char *agent_version = NULL; char *agent_version = NULL;
secring = make_filename (gnupg_homedir (), "secring" EXTSEP_S "gpg", NULL); secring = make_filename (gnupg_homedir (), "secring" EXTSEP_S "gpg", NULL);
if (access (secring, F_OK)) if (gnupg_access (secring, F_OK))
goto leave; /* Does not exist or is not readable. */ goto leave; /* Does not exist or is not readable. */
flagfile = make_filename (gnupg_homedir (), V21_MIGRATION_FNAME, NULL); flagfile = make_filename (gnupg_homedir (), V21_MIGRATION_FNAME, NULL);
if (!access (flagfile, F_OK)) if (!gnupg_access (flagfile, F_OK))
goto leave; /* Does exist - fine. */ goto leave; /* Does exist - fine. */
log_info ("starting migration from earlier GnuPG versions\n"); log_info ("starting migration from earlier GnuPG versions\n");

View File

@ -324,7 +324,7 @@ get_matching_datafile (const char *sigfilename)
fname = xstrdup (sigfilename); fname = xstrdup (sigfilename);
fname[len-(fname[len-1]=='n'?5:4)] = 0 ; fname[len-(fname[len-1]=='n'?5:4)] = 0 ;
if (access (fname, R_OK )) if (gnupg_access (fname, R_OK ))
{ {
/* Not found or other error. */ /* Not found or other error. */
xfree (fname); xfree (fname);

View File

@ -711,17 +711,19 @@ tdbio_set_dbname (ctrl_t ctrl, const char *new_dbname,
log_assert (p); log_assert (p);
save_slash = *p; save_slash = *p;
*p = 0; *p = 0;
if (access (fname, F_OK)) if (gnupg_access (fname, F_OK))
{ {
try_make_homedir (fname); try_make_homedir (fname);
if (access (fname, F_OK)) if (gnupg_access (fname, F_OK))
log_fatal (_("%s: directory does not exist!\n"), fname); log_fatal (_("%s: directory does not exist!\n"), fname);
} }
*p = save_slash; *p = save_slash;
take_write_lock (); take_write_lock ();
if (access (fname, R_OK) || stat (fname, &statbuf) || statbuf.st_size == 0) if (gnupg_access (fname, R_OK)
|| stat (fname, &statbuf)
|| statbuf.st_size == 0)
{ {
FILE *fp; FILE *fp;
TRUSTREC rec; TRUSTREC rec;

View File

@ -27,6 +27,7 @@
#include "g13.h" #include "g13.h"
#include "../common/i18n.h" #include "../common/i18n.h"
#include "../common/sysutils.h"
#include "keyblob.h" #include "keyblob.h"
#include "backend.h" #include "backend.h"
#include "be-encfs.h" #include "be-encfs.h"
@ -116,7 +117,7 @@ be_take_lock_for_create (ctrl_t ctrl, const char *fname, dotlock_t *r_lock)
/* A quick check to see that no container with that name already /* A quick check to see that no container with that name already
exists. */ exists. */
if (!access (fname, F_OK)) if (!gnupg_access (fname, F_OK))
{ {
err = gpg_error (GPG_ERR_EEXIST); err = gpg_error (GPG_ERR_EEXIST);
goto leave; goto leave;

View File

@ -588,7 +588,7 @@ g13_syshelp_i_know_what_i_am_doing (void)
char *fname; char *fname;
fname = make_filename (gnupg_sysconfdir (), yesfile, NULL); fname = make_filename (gnupg_sysconfdir (), yesfile, NULL);
if (access (fname, F_OK)) if (gnupg_access (fname, F_OK))
{ {
log_info ("*******************************************************\n"); log_info ("*******************************************************\n");
log_info ("* The G13 support for DM-Crypt is new and not matured.\n"); log_info ("* The G13 support for DM-Crypt is new and not matured.\n");

View File

@ -76,7 +76,7 @@ g13_mount_container (ctrl_t ctrl, const char *filename, const char *mountpoint)
else else
{ {
/* A quick check to see whether we can the container exists. */ /* A quick check to see whether we can the container exists. */
if (access (filename, R_OK)) if (gnupg_access (filename, R_OK))
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
} }

View File

@ -28,6 +28,7 @@
#include "g13.h" #include "g13.h"
#include "../common/i18n.h" #include "../common/i18n.h"
#include "../common/sysutils.h"
#include "suspend.h" #include "suspend.h"
#include "keyblob.h" #include "keyblob.h"
@ -45,7 +46,7 @@ g13_suspend_container (ctrl_t ctrl, const char *filename)
int needs_syshelp; int needs_syshelp;
/* A quick check to see whether the container exists. */ /* A quick check to see whether the container exists. */
if (access (filename, R_OK)) if (gnupg_access (filename, R_OK))
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
/* Decide whether we need to use the g13-syshelp because we can't /* Decide whether we need to use the g13-syshelp because we can't
@ -80,7 +81,7 @@ g13_resume_container (ctrl_t ctrl, const char *filename)
char *mountpoint_buffer = NULL; char *mountpoint_buffer = NULL;
/* A quick check to see whether the container exists. */ /* A quick check to see whether the container exists. */
if (access (filename, R_OK)) if (gnupg_access (filename, R_OK))
return gpg_error_from_syserror (); return gpg_error_from_syserror ();
/* Decide whether we need to use the g13-syshelp because we can't /* Decide whether we need to use the g13-syshelp because we can't

View File

@ -25,6 +25,7 @@
#include <assert.h> #include <assert.h>
#include "keybox-defs.h" #include "keybox-defs.h"
#include "../common/sysutils.h"
#include "../common/mischelp.h" #include "../common/mischelp.h"
static KB_NAME kb_names; static KB_NAME kb_names;
@ -80,7 +81,7 @@ keybox_is_writable (void *token)
{ {
KB_NAME r = token; KB_NAME r = token;
return r? !access (r->fname, W_OK) : 0; return r? !gnupg_access (r->fname, W_OK) : 0;
} }

View File

@ -161,6 +161,7 @@ static int
blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob, blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
int secret, int for_openpgp, off_t start_offset) int secret, int for_openpgp, off_t start_offset)
{ {
gpg_err_code_t ec;
FILE *fp, *newfp; FILE *fp, *newfp;
int rc=0; int rc=0;
char *bakfname = NULL; char *bakfname = NULL;
@ -170,8 +171,8 @@ blob_filecopy (int mode, const char *fname, KEYBOXBLOB blob,
/* Open the source file. Because we do a rename, we have to check the /* Open the source file. Because we do a rename, we have to check the
permissions of the file */ permissions of the file */
if (access (fname, W_OK)) if ((ec = gnupg_access (fname, W_OK)))
return gpg_error_from_syserror (); return gpg_error (ec);
fp = fopen (fname, "rb"); fp = fopen (fname, "rb");
if (mode == FILECOPY_INSERT && !fp && errno == ENOENT) if (mode == FILECOPY_INSERT && !fp && errno == ENOENT)
@ -626,6 +627,7 @@ keybox_delete (KEYBOX_HANDLE hd)
int int
keybox_compress (KEYBOX_HANDLE hd) keybox_compress (KEYBOX_HANDLE hd)
{ {
gpg_err_code_t ec;
int read_rc, rc; int read_rc, rc;
const char *fname; const char *fname;
FILE *fp, *newfp; FILE *fp, *newfp;
@ -651,8 +653,8 @@ keybox_compress (KEYBOX_HANDLE hd)
/* Open the source file. Because we do a rename, we have to check the /* Open the source file. Because we do a rename, we have to check the
permissions of the file */ permissions of the file */
if (access (fname, W_OK)) if ((ec = gnupg_access (fname, W_OK)))
return gpg_error_from_syserror (); return gpg_error (ec);
fp = fopen (fname, "rb"); fp = fopen (fname, "rb");
if (!fp && errno == ENOENT) if (!fp && errno == ENOENT)

View File

@ -1707,7 +1707,7 @@ main ( int argc, char **argv)
filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL); filelist[0] = make_filename (gnupg_datadir (),"com-certs.pem", NULL);
filelist[1] = NULL; filelist[1] = NULL;
if (!access (filelist[0], F_OK)) if (!gnupg_access (filelist[0], F_OK))
{ {
log_info (_("importing common certificates '%s'\n"), log_info (_("importing common certificates '%s'\n"),
filelist[0]); filelist[0]);

View File

@ -113,6 +113,7 @@ try_make_homedir (const char *fname)
static gpg_error_t static gpg_error_t
maybe_create_keybox (char *filename, int force, int *r_created) maybe_create_keybox (char *filename, int force, int *r_created)
{ {
gpg_err_code_t ec;
dotlock_t lockhd = NULL; dotlock_t lockhd = NULL;
FILE *fp; FILE *fp;
int rc; int rc;
@ -124,8 +125,8 @@ maybe_create_keybox (char *filename, int force, int *r_created)
*r_created = 0; *r_created = 0;
/* A quick test whether the filename already exists. */ /* A quick test whether the filename already exists. */
if (!access (filename, F_OK)) if (!gnupg_access (filename, F_OK))
return !access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES); return !gnupg_access (filename, R_OK)? 0 : gpg_error (GPG_ERR_EACCES);
/* If we don't want to create a new file at all, there is no need to /* If we don't want to create a new file at all, there is no need to
go any further - bail out right here. */ go any further - bail out right here. */
@ -160,9 +161,9 @@ maybe_create_keybox (char *filename, int force, int *r_created)
tried = 1; tried = 1;
try_make_homedir (filename); try_make_homedir (filename);
} }
if (access (filename, F_OK)) if ((ec = gnupg_access (filename, F_OK)))
{ {
rc = gpg_error_from_syserror (); rc = gpg_error (ec);
*last_slash_in_filename = save_slash; *last_slash_in_filename = save_slash;
goto leave; goto leave;
} }

View File

@ -1177,7 +1177,7 @@ process_new_key (server_ctx_t ctx, estream_t key)
goto leave; goto leave;
} }
if (access (dname, W_OK)) if (gnupg_access (dname, W_OK))
{ {
log_info ("skipping address '%s': Domain not configured\n", sl->mbox); log_info ("skipping address '%s': Domain not configured\n", sl->mbox);
continue; continue;
@ -1454,7 +1454,7 @@ check_and_publish (server_ctx_t ctx, const char *address, const char *nonce)
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
goto leave; goto leave;
} }
if (!access (fnewname, W_OK)) if (!gnupg_access (fnewname, W_OK))
{ {
/* Yes, we have a dane directory. */ /* Yes, we have a dane directory. */
s = strchr (address, '@'); s = strchr (address, '@');
@ -1790,7 +1790,7 @@ command_list_domains (void)
{ "pending", "-rwx" }, { "pending", "-rwx" },
{ "hu", "-rwxr-xr-x" } { "hu", "-rwxr-xr-x" }
}; };
gpg_err_code_t ec;
gpg_error_t err; gpg_error_t err;
strlist_t domaindirs; strlist_t domaindirs;
strlist_t sl; strlist_t sl;
@ -1827,9 +1827,9 @@ command_list_domains (void)
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
goto leave; goto leave;
} }
if (access (fname, W_OK)) if ((ec = gnupg_access (fname, W_OK)))
{ {
err = gpg_error_from_syserror (); err = gpg_error (ec);
if (gpg_err_code (err) == GPG_ERR_ENOENT) if (gpg_err_code (err) == GPG_ERR_ENOENT)
{ {
if (gnupg_mkdir (fname, requireddirs[i].perm)) if (gnupg_mkdir (fname, requireddirs[i].perm))
@ -1857,9 +1857,9 @@ command_list_domains (void)
err = gpg_error_from_syserror (); err = gpg_error_from_syserror ();
goto leave; goto leave;
} }
if (access (fname, F_OK)) if ((ec = gnupg_access (fname, F_OK)))
{ {
err = gpg_error_from_syserror (); err = gpg_error (ec);
if (gpg_err_code (err) == GPG_ERR_ENOENT) if (gpg_err_code (err) == GPG_ERR_ENOENT)
log_error ("domain %s: submission address not configured\n", log_error ("domain %s: submission address not configured\n",
domain); domain);
@ -1936,6 +1936,7 @@ command_cron (void)
static gpg_error_t static gpg_error_t
command_check_key (const char *userid) command_check_key (const char *userid)
{ {
gpg_err_code_t ec;
gpg_error_t err; gpg_error_t err;
char *addrspec = NULL; char *addrspec = NULL;
char *fname = NULL; char *fname = NULL;
@ -1944,9 +1945,9 @@ command_check_key (const char *userid)
if (err) if (err)
goto leave; goto leave;
if (access (fname, R_OK)) if ((ec = gnupg_access (fname, R_OK)))
{ {
err = gpg_error_from_syserror (); err = gpg_error (ec);
if (opt_with_file) if (opt_with_file)
es_printf ("%s n %s\n", addrspec, fname); es_printf ("%s n %s\n", addrspec, fname);
if (gpg_err_code (err) == GPG_ERR_ENOENT) if (gpg_err_code (err) == GPG_ERR_ENOENT)

View File

@ -2115,7 +2115,7 @@ retrieve_options_from_program (gc_component_t component, gc_backend_t backend,
argv[i++] = "--gpgconf-list"; argv[i++] = "--gpgconf-list";
argv[i++] = NULL; argv[i++] = NULL;
if (only_installed && access (pgmname, X_OK)) if (only_installed && gnupg_access (pgmname, X_OK))
{ {
return; /* The component is not installed. */ return; /* The component is not installed. */
} }
@ -4055,7 +4055,7 @@ gc_apply_profile (const char *fname)
* is installed and use that instead of the given file name. */ * is installed and use that instead of the given file name. */
fname_buffer = xstrconcat (gnupg_datadir (), DIRSEP_S, fname_buffer = xstrconcat (gnupg_datadir (), DIRSEP_S,
fname, ".prf", NULL); fname, ".prf", NULL);
if (!access (fname_buffer, F_OK)) if (!gnupg_access (fname_buffer, F_OK))
fname = fname_buffer; fname = fname_buffer;
} }

View File

@ -873,6 +873,7 @@ wks_compute_hu_fname (char **r_fname, const char *addrspec)
static gpg_error_t static gpg_error_t
ensure_policy_file (const char *addrspec) ensure_policy_file (const char *addrspec)
{ {
gpg_err_code_t ec;
gpg_error_t err; gpg_error_t err;
const char *domain; const char *domain;
char *fname; char *fname;
@ -890,12 +891,12 @@ ensure_policy_file (const char *addrspec)
goto leave; goto leave;
/* First a quick check whether it already exists. */ /* First a quick check whether it already exists. */
if (!access (fname, F_OK)) if (!(ec = gnupg_access (fname, F_OK)))
{ {
err = 0; /* File already exists. */ err = 0; /* File already exists. */
goto leave; goto leave;
} }
err = gpg_error_from_syserror (); err = gpg_error (ec);
if (gpg_err_code (err) == GPG_ERR_ENOENT) if (gpg_err_code (err) == GPG_ERR_ENOENT)
err = 0; err = 0;
else else