security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

2005-04-15 Marcus Brinkmann <marcus@g10code.de> 

* configure.ac: Check for /usr/bin/shred and define SHRED.

tools/
2005-04-15  Marcus Brinkmann  <marcus@g10code.de>

	* symcryptrun.c (remove_file): New function.
	(confucius_copy_file): Accept new argument PLAIN and shred the
	file if it is set on error.
This commit is contained in:
Marcus Brinkmann 2005-04-15 02:24:44 +00:00
parent f527f721d4
commit e0d6d1c476
4 changed files with 90 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -1,5 +1,7 @@
2005-04-15 Marcus Brinkmann <marcus@g10code.de> 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* configure.ac: Check for /usr/bin/shred and define SHRED.
* configure.ac: Add --enable-symcryptrun, disabled by default. * configure.ac: Add --enable-symcryptrun, disabled by default.
Define automake variable BUILD_SYMCRYPTRUN. Define automake variable BUILD_SYMCRYPTRUN.
Check for openpty -lutil, define LIBUTIL_LIBS. Check for openpty -lutil, define LIBUTIL_LIBS.

23
configure.ac
View File

@ -470,8 +470,18 @@ AC_SUBST(LIBUSB_LIBS)
AC_CHECK_FUNCS(usb_create_match) AC_CHECK_FUNCS(usb_create_match)
# #
# libutil has openpty() and login_tty(). # Check wether it is necessary to link against libdl.
# #
LIBS=""
AC_SEARCH_LIBS(dlopen, c dl,,,)
DL_LIBS=$LIBS
AC_SUBST(DL_LIBS)
#
# Checks for symcryptrun:
#
# libutil has openpty() and login_tty().
AC_CHECK_LIB(util, openpty, AC_CHECK_LIB(util, openpty,
[ LIBUTIL_LIBS="$LIBUTIL_LIBS -lutil" [ LIBUTIL_LIBS="$LIBUTIL_LIBS -lutil"
AC_DEFINE(HAVE_LIBUTIL,1, AC_DEFINE(HAVE_LIBUTIL,1,
@ -479,13 +489,10 @@ AC_CHECK_LIB(util, openpty,
]) ])
AC_SUBST(LIBUTIL_LIBS) AC_SUBST(LIBUTIL_LIBS)
# # shred is used to clean temporary plain text files.
# Check wether it is necessary to link against libdl. AC_PATH_PROG(SHRED, shred, /usr/bin/shred)
# AC_DEFINE_UNQUOTED(SHRED,
LIBS="" "${SHRED}", [defines the filename of the shred program])
AC_SEARCH_LIBS(dlopen, c dl,,,)
DL_LIBS=$LIBS
AC_SUBST(DL_LIBS)
# #
# OpenSC is needed by the SCdaemon - if it is not availbale we can only # OpenSC is needed by the SCdaemon - if it is not availbale we can only

4
tools/ChangeLog
View File

@ -1,5 +1,9 @@
2005-04-15 Marcus Brinkmann <marcus@g10code.de> 2005-04-15 Marcus Brinkmann <marcus@g10code.de>
* symcryptrun.c (remove_file): New function.
(confucius_copy_file): Accept new argument PLAIN and shred the
file if it is set on error.
* Makefile.am: Define symcryptrun make variable depending on * Makefile.am: Define symcryptrun make variable depending on
BUILD_SYMCRYPTUN. BUILD_SYMCRYPTUN.
(bin_PROGRAMS): Add ${symcryptrun} instead symcryptrun. (bin_PROGRAMS): Add ${symcryptrun} instead symcryptrun.

80
tools/symcryptrun.c
View File

@ -216,6 +216,61 @@ i18n_init(void)
#endif #endif
} }
/* Unlink a file, and shred it if SHRED is true. */
int
remove_file (char *name, int shred)
{
if (!shred)
return unlink (name);
else
{
int status;
pid_t pid;
pid = fork ();
if (pid == 0)
{
/* Child. */
/* -f forces file to be writable, and -u unlinks it afterwards. */
char *args[] = { SHRED, "-uf", name, NULL };
execv (SHRED, args);
_exit (127);
}
else if (pid < 0)
{
/* Fork failed. */
status = -1;
}
else
{
/* Parent. */
if (TEMP_FAILURE_RETRY (waitpid (pid, &status, 0)) != pid)
status = -1;
}
if (!WIFEXITED (status))
{
log_error (_("%s on %s aborted with status %i\n"),
SHRED, name, status);
unlink (name);
return 1;
}
else if (WEXITSTATUS (status))
{
log_error (_("%s on %s failed with status %i\n"), SHRED, name,
WEXITSTATUS (status));
unlink (name);
return 1;
}
return 0;
}
}
/* Class Confucius. /* Class Confucius.
@ -248,9 +303,11 @@ confucius_mktmpdir (void)
#define CONFUCIUS_LINESIZE 4096 #define CONFUCIUS_LINESIZE 4096
/* Copy the file IN to OUT, either of which may be "-". */ /* Copy the file IN to OUT, either of which may be "-". If PLAIN is
true, and the copying fails, and OUT is not STDOUT, then shred the
file instead unlinking it. */
static int static int
confucius_copy_file (const char *infile, const char *outfile) confucius_copy_file (char *infile, char *outfile, int plain)
{ {
FILE *in; FILE *in;
int in_is_stdin = 0; int in_is_stdin = 0;
@ -327,7 +384,8 @@ confucius_copy_file (const char *infile, const char *outfile)
copy_err: copy_err:
if (!out_is_stdout) if (!out_is_stdout)
unlink (outfile); remove_file (outfile, plain);
return 1; return 1;
} }
@ -712,7 +770,7 @@ confucius_main (int mode)
strcat (outfile, "/out"); strcat (outfile, "/out");
/* Create INFILE and fill it with content. */ /* Create INFILE and fill it with content. */
res = confucius_copy_file ("-", infile); res = confucius_copy_file ("-", infile, mode == oEncrypt);
if (res) if (res)
{ {
free (outfile); free (outfile);
@ -726,8 +784,8 @@ confucius_main (int mode)
res = confucius_process (mode, infile, outfile); res = confucius_process (mode, infile, outfile);
if (res) if (res)
{ {
unlink (outfile); remove_file (outfile, mode == oDecrypt);
unlink (infile); remove_file (infile, mode == oEncrypt);
free (outfile); free (outfile);
free (infile); free (infile);
rmdir (tmpdir); rmdir (tmpdir);
@ -735,19 +793,19 @@ confucius_main (int mode)
} }
/* Dump the output file to stdout. */ /* Dump the output file to stdout. */
res = confucius_copy_file (outfile, "-"); res = confucius_copy_file (outfile, "-", mode == oDecrypt);
if (res) if (res)
{ {
unlink (outfile); remove_file (outfile, mode == oDecrypt);
unlink (infile); remove_file (infile, mode == oEncrypt);
free (outfile); free (outfile);
free (infile); free (infile);
rmdir (tmpdir); rmdir (tmpdir);
return res; return res;
} }
unlink (outfile); remove_file (outfile, mode == oDecrypt);
unlink (infile); remove_file (infile, mode == oEncrypt);
free (outfile); free (outfile);
free (infile); free (infile);
rmdir (tmpdir); rmdir (tmpdir);