[git] GnuPG - branch, master, updated. gnupg-2.1.9-173-g40dbee8
by Justus Winter
cvs at cvs.gnupg.org
Wed Nov 25 12:25:36 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 40dbee86f3043aff8a8c2055521e270318e33068 (commit)
via 03bf88f32c8d203d5b3bfbbc48cc45e6c08cc187 (commit)
via cb18d802308bde4e28219417bb4d107a4c0001b4 (commit)
via ba1a5cc17d43d9cba32447876f06a8ab8f97e5ae (commit)
from e9c16fee2576c772de9d4fb5d53fee28e4b84202 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 40dbee86f3043aff8a8c2055521e270318e33068
Author: Justus Winter <justus at g10code.com>
Date: Tue Nov 24 18:39:30 2015 +0100
tools: Add encryption and decryption support to gpgtar.
* tools/Makefile.am: Amend CFLAGS and LDADD.
* tools/gpgtar-create.c (gpgtar_create): Add encrypt flag and encrypt
stream if requested.
* tools/gpgtar-extract.c (gpgtar_extract): Likewise for decryption.
* tools/gpgtar-list.c (gpgtar_list): Likewise.
* tools/gpgtar.c (main): Initialize npth and assuan. Parse recipient
and local user, and note which flags are currently ignored. Adapt
calls to gpgtar_list and friends.
(tar_and_encrypt): Drop stub function and prototype.
(decrypt_and_untar): Likewise.
(decrypt_and_list): Likewise.
* tools/gpgtar.h (gpgtar_{create,extract,list}): Add encryption or
decryption argument.
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/tools/Makefile.am b/tools/Makefile.am
index 496b1a6..a793cca 100644
--- a/tools/Makefile.am
+++ b/tools/Makefile.am
@@ -142,9 +142,9 @@ gpgtar_SOURCES = \
gpgtar-extract.c \
gpgtar-list.c \
no-libgcrypt.c
-gpgtar_CFLAGS = $(GPG_ERROR_CFLAGS) $(PTH_CFLAGS)
-#gpgtar_LDADD = $(commonpth_libs) $(PTH_LIBS) $(GPG_ERROR_LIBS)
-gpgtar_LDADD = $(common_libs) $(GPG_ERROR_LIBS) \
+gpgtar_CFLAGS = $(GPG_ERROR_CFLAGS) $(NPTH_CFLAGS) $(LIBASSUAN_CFLAGS)
+gpgtar_LDADD = $(libcommonpth) $(GPG_ERROR_LIBS) \
+ $(NPTH_LIBS) $(LIBASSUAN_LIBS) \
$(LIBINTL) $(NETLIBS) $(LIBICONV) $(W32SOCKLIBS)
diff --git a/tools/gpgtar-create.c b/tools/gpgtar-create.c
index fad6d57..59b88bf 100644
--- a/tools/gpgtar-create.c
+++ b/tools/gpgtar-create.c
@@ -36,6 +36,7 @@
#include <assert.h>
#include "i18n.h"
+#include "../common/call-gpg.h"
#include "../common/sysutils.h"
#include "gpgtar.h"
@@ -740,13 +741,14 @@ write_eof_mark (estream_t stream)
INPATTERN is NULL take the pattern as null terminated strings from
stdin. */
void
-gpgtar_create (char **inpattern)
+gpgtar_create (char **inpattern, int encrypt)
{
gpg_error_t err = 0;
struct scanctrl_s scanctrl_buffer;
scanctrl_t scanctrl = &scanctrl_buffer;
tar_header_t hdr, *start_tail;
estream_t outstream = NULL;
+ estream_t cipher_stream = NULL;
int eof_seen = 0;
if (!inpattern)
@@ -863,6 +865,17 @@ gpgtar_create (char **inpattern)
if (outstream == es_stdout)
es_set_binary (es_stdout);
+ if (encrypt)
+ {
+ cipher_stream = outstream;
+ outstream = es_fopenmem (0, "rwb");
+ if (! outstream)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ }
+
for (hdr = scanctrl->flist; hdr; hdr = hdr->next)
{
err = write_file (outstream, hdr);
@@ -870,6 +883,22 @@ gpgtar_create (char **inpattern)
goto leave;
}
err = write_eof_mark (outstream);
+ if (err)
+ goto leave;
+
+ if (encrypt)
+ {
+ err = es_fseek (outstream, 0, SEEK_SET);
+ if (err)
+ goto leave;
+
+ err = gpg_encrypt_stream (NULL, NULL,
+ outstream,
+ opt.recipients,
+ cipher_stream);
+ if (err)
+ goto leave;
+ }
leave:
if (!err)
@@ -879,6 +908,11 @@ gpgtar_create (char **inpattern)
else
err = es_fflush (outstream);
outstream = NULL;
+ if (cipher_stream != es_stdout)
+ err = es_fclose (cipher_stream);
+ else
+ err = es_fflush (cipher_stream);
+ cipher_stream = NULL;
}
if (err)
{
@@ -886,6 +920,8 @@ gpgtar_create (char **inpattern)
es_fname_get (outstream), gpg_strerror (err));
if (outstream && outstream != es_stdout)
es_fclose (outstream);
+ if (cipher_stream && cipher_stream != es_stdout)
+ es_fclose (cipher_stream);
if (opt.outfile)
gnupg_remove (opt.outfile);
}
diff --git a/tools/gpgtar-extract.c b/tools/gpgtar-extract.c
index 6e506d9..19db0eb 100644
--- a/tools/gpgtar-extract.c
+++ b/tools/gpgtar-extract.c
@@ -28,6 +28,7 @@
#include <assert.h>
#include "i18n.h"
+#include "../common/call-gpg.h"
#include "../common/sysutils.h"
#include "gpgtar.h"
@@ -265,10 +266,11 @@ create_directory (const char *dirprefix)
void
-gpgtar_extract (const char *filename)
+gpgtar_extract (const char *filename, int decrypt)
{
gpg_error_t err;
estream_t stream;
+ estream_t cipher_stream = NULL;
tar_header_t header = NULL;
const char *dirprefix = NULL;
char *dirname = NULL;
@@ -292,6 +294,24 @@ gpgtar_extract (const char *filename)
if (stream == es_stdin)
es_set_binary (es_stdin);
+ if (decrypt)
+ {
+ cipher_stream = stream;
+ stream = es_fopenmem (0, "rwb");
+ if (! stream)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ err = gpg_decrypt_stream (NULL, NULL, cipher_stream, stream);
+ if (err)
+ goto leave;
+
+ err = es_fseek (stream, 0, SEEK_SET);
+ if (err)
+ goto leave;
+ }
+
if (filename)
{
dirprefix = strrchr (filename, '/');
@@ -340,5 +360,7 @@ gpgtar_extract (const char *filename)
xfree (dirname);
if (stream != es_stdin)
es_fclose (stream);
+ if (stream != cipher_stream)
+ es_fclose (cipher_stream);
return;
}
diff --git a/tools/gpgtar-list.c b/tools/gpgtar-list.c
index d525d24..41e08db 100644
--- a/tools/gpgtar-list.c
+++ b/tools/gpgtar-list.c
@@ -26,6 +26,7 @@
#include "i18n.h"
#include "gpgtar.h"
+#include "../common/call-gpg.h"
@@ -267,10 +268,11 @@ print_header (tar_header_t header, estream_t out)
/* List the tarball FILENAME or, if FILENAME is NULL, the tarball read
from stdin. */
void
-gpgtar_list (const char *filename)
+gpgtar_list (const char *filename, int decrypt)
{
gpg_error_t err;
estream_t stream;
+ estream_t cipher_stream = NULL;
tar_header_t header;
if (filename)
@@ -292,6 +294,24 @@ gpgtar_list (const char *filename)
if (stream == es_stdin)
es_set_binary (es_stdin);
+ if (decrypt)
+ {
+ cipher_stream = stream;
+ stream = es_fopenmem (0, "rwb");
+ if (! stream)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ err = gpg_decrypt_stream (NULL, NULL, cipher_stream, stream);
+ if (err)
+ goto leave;
+
+ err = es_fseek (stream, 0, SEEK_SET);
+ if (err)
+ goto leave;
+ }
+
for (;;)
{
header = read_header (stream);
@@ -311,6 +331,8 @@ gpgtar_list (const char *filename)
xfree (header);
if (stream != es_stdin)
es_fclose (stream);
+ if (stream != cipher_stream)
+ es_fclose (cipher_stream);
return;
}
diff --git a/tools/gpgtar.c b/tools/gpgtar.c
index 4d3954b..a86aafe 100644
--- a/tools/gpgtar.c
+++ b/tools/gpgtar.c
@@ -27,7 +27,9 @@
gpg. So here we go. */
#include <config.h>
+#include <assuan.h>
#include <errno.h>
+#include <npth.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -100,13 +102,6 @@ static ARGPARSE_OPTS opts[] = {
-static void tar_and_encrypt (char **inpattern);
-static void decrypt_and_untar (const char *fname);
-static void decrypt_and_list (const char *fname);
-
-
-
-
/* Print usage information and and provide strings for help. */
static const char *
my_strusage( int level )
@@ -156,6 +151,7 @@ set_cmd (enum cmd_and_opt_values *ret_cmd, enum cmd_and_opt_values new_cmd)
*ret_cmd = cmd;
}
+ASSUAN_SYSTEM_NPTH_IMPL;
/* gpgtar main. */
@@ -179,6 +175,11 @@ main (int argc, char **argv)
/* Make sure that our subsystems are ready. */
i18n_init();
init_common_subsystems (&argc, &argv);
+ npth_init ();
+ assuan_set_assuan_log_prefix (log_get_prefix (NULL));
+ assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT);
+ assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH);
+ assuan_sock_init ();
/* Parse the command line. */
pargs.argc = &argc;
@@ -203,7 +204,17 @@ main (int argc, char **argv)
set_cmd (&cmd, pargs.r_opt);
break;
+ case oRecipient:
+ add_to_strlist (&opt.recipients, pargs.r.ret_str);
+ break;
+
+ case oUser:
+ log_info ("note: ignoring option --user\n");
+ opt.user = pargs.r.ret_str;
+ break;
+
case oSymmetric:
+ log_info ("note: ignoring option --symmetric\n");
set_cmd (&cmd, aEncrypt);
opt.symmetric = 1;
break;
@@ -237,6 +248,10 @@ main (int argc, char **argv)
log_info (_("NOTE: '%s' is not considered an option\n"), argv[i]);
}
+ if (opt.verbose > 1)
+ opt.debug_level = 1024;
+ setup_libassuan_logging (&opt.debug_level);
+
switch (cmd)
{
case aList:
@@ -247,10 +262,7 @@ main (int argc, char **argv)
log_info ("note: ignoring option --set-filename\n");
if (files_from)
log_info ("note: ignoring option --files-from\n");
- if (skip_crypto)
- gpgtar_list (fname);
- else
- decrypt_and_list (fname);
+ gpgtar_list (fname, !skip_crypto);
break;
case aEncrypt:
@@ -259,10 +271,7 @@ main (int argc, char **argv)
usage (1);
if (opt.filename)
log_info ("note: ignoring option --set-filename\n");
- if (skip_crypto)
- gpgtar_create (null_names? NULL :argv);
- else
- tar_and_encrypt (null_names? NULL : argv);
+ gpgtar_create (null_names? NULL :argv, !skip_crypto);
break;
case aDecrypt:
@@ -273,10 +282,7 @@ main (int argc, char **argv)
if (files_from)
log_info ("note: ignoring option --files-from\n");
fname = argc ? *argv : NULL;
- if (skip_crypto)
- gpgtar_extract (fname);
- else
- decrypt_and_untar (fname);
+ gpgtar_extract (fname, !skip_crypto);
break;
default:
@@ -378,31 +384,3 @@ openpgp_message_p (estream_t fp)
return 0;
}
#endif
-
-
-
-
-static void
-tar_and_encrypt (char **inpattern)
-{
- (void)inpattern;
- log_error ("tar_and_encrypt has not yet been implemented\n");
-}
-
-
-
-static void
-decrypt_and_untar (const char *fname)
-{
- (void)fname;
- log_error ("decrypt_and_untar has not yet been implemented\n");
-}
-
-
-
-static void
-decrypt_and_list (const char *fname)
-{
- (void)fname;
- log_error ("decrypt_and_list has not yet been implemented\n");
-}
diff --git a/tools/gpgtar.h b/tools/gpgtar.h
index 08dfcf8..a96ee09 100644
--- a/tools/gpgtar.h
+++ b/tools/gpgtar.h
@@ -21,13 +21,17 @@
#define GPGTAR_H
#include "../common/util.h"
+#include "../common/strlist.h"
/* We keep all global options in the structure OPT. */
struct
{
int verbose;
+ unsigned int debug_level;
int quiet;
const char *outfile;
+ strlist_t recipients;
+ const char *user;
int symmetric;
const char *filename;
} opt;
@@ -111,13 +115,13 @@ gpg_error_t read_record (estream_t stream, void *record);
gpg_error_t write_record (estream_t stream, const void *record);
/*-- gpgtar-create.c --*/
-void gpgtar_create (char **inpattern);
+void gpgtar_create (char **inpattern, int encrypt);
/*-- gpgtar-extract.c --*/
-void gpgtar_extract (const char *filename);
+void gpgtar_extract (const char *filename, int decrypt);
/*-- gpgtar-list.c --*/
-void gpgtar_list (const char *filename);
+void gpgtar_list (const char *filename, int decrypt);
tar_header_t gpgtar_read_header (estream_t stream);
void gpgtar_print_header (tar_header_t header, estream_t out);
commit 03bf88f32c8d203d5b3bfbbc48cc45e6c08cc187
Author: Justus Winter <justus at g10code.com>
Date: Tue Nov 24 18:31:14 2015 +0100
common: Add stream interface to call-pgp.
* common/call-gpg.c (struct writer_thread_parms): Add field 'stream'.
(writer_thread_main): Support reading from a stream.
(start_writer): Add stream argument.
(struct reader_thread_parms): Add field 'stream'.
(reader_thread_main): Support writing to a stream.
(start_reader): Add stream argument.
(_gpg_encrypt): Add stream api.
(gpg_encrypt_blob): Adapt accordingly.
(gpg_encrypt_stream): New function.
(_gpg_decrypt): Add stream api.
(gpg_decrypt_blob): Adapt accordingly.
(gpg_decrypt_stream): New function.
* common/call-gpg.h (gpg_encrypt_stream): New prototype.
(gpg_decrypt_stream): Likewise.
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/common/call-gpg.c b/common/call-gpg.c
index cc6b1e8..8258b83 100644
--- a/common/call-gpg.c
+++ b/common/call-gpg.c
@@ -151,6 +151,7 @@ struct writer_thread_parms
int fd;
const void *data;
size_t datalen;
+ estream_t stream;
gpg_error_t *err_addr;
};
@@ -159,9 +160,27 @@ struct writer_thread_parms
static void *
writer_thread_main (void *arg)
{
+ gpg_error_t err = 0;
struct writer_thread_parms *parm = arg;
- const char *buffer = parm->data;
- size_t length = parm->datalen;
+ char _buffer[4096];
+ char *buffer;
+ size_t length;
+
+ if (parm->stream)
+ {
+ buffer = _buffer;
+ err = es_read (parm->stream, buffer, sizeof _buffer, &length);
+ if (err)
+ {
+ log_error ("reading stream failed: %s\n", gpg_strerror (err));
+ goto leave;
+ }
+ }
+ else
+ {
+ buffer = (char *) parm->data;
+ length = parm->datalen;
+ }
while (length)
{
@@ -172,13 +191,33 @@ writer_thread_main (void *arg)
{
if (errno == EINTR)
continue;
- *parm->err_addr = gpg_error_from_syserror ();
+ err = gpg_error_from_syserror ();
break; /* Write error. */
}
length -= nwritten;
- buffer += nwritten;
+
+ if (parm->stream)
+ {
+ if (length == 0)
+ {
+ err = es_read (parm->stream, buffer, sizeof _buffer, &length);
+ if (err)
+ {
+ log_error ("reading stream failed: %s\n",
+ gpg_strerror (err));
+ break;
+ }
+ if (length == 0)
+ /* We're done. */
+ break;
+ }
+ }
+ else
+ buffer += nwritten;
}
+ leave:
+ *parm->err_addr = err;
if (close (parm->fd))
log_error ("closing writer fd %d failed: %s\n", parm->fd, strerror (errno));
xfree (parm);
@@ -192,7 +231,7 @@ writer_thread_main (void *arg)
variable to receive a possible write error after the thread has
finished. */
static gpg_error_t
-start_writer (int fd, const void *data, size_t datalen,
+start_writer (int fd, const void *data, size_t datalen, estream_t stream,
npth_t *r_thread, gpg_error_t *err_addr)
{
gpg_error_t err;
@@ -210,6 +249,7 @@ start_writer (int fd, const void *data, size_t datalen,
parm->fd = fd;
parm->data = data;
parm->datalen = datalen;
+ parm->stream = stream;
parm->err_addr = err_addr;
npth_attr_init (&tattr);
@@ -239,6 +279,7 @@ struct reader_thread_parms
{
int fd;
membuf_t *mb;
+ estream_t stream;
gpg_error_t *err_addr;
};
@@ -247,6 +288,7 @@ struct reader_thread_parms
static void *
reader_thread_main (void *arg)
{
+ gpg_error_t err = 0;
struct reader_thread_parms *parm = arg;
char buffer[4096];
int nread;
@@ -257,13 +299,33 @@ reader_thread_main (void *arg)
{
if (errno == EINTR)
continue;
- *parm->err_addr = gpg_error_from_syserror ();
+ err = gpg_error_from_syserror ();
break; /* Read error. */
}
- put_membuf (parm->mb, buffer, nread);
+ if (parm->stream)
+ {
+ const char *p = buffer;
+ size_t nwritten;
+ while (nread)
+ {
+ err = es_write (parm->stream, p, nread, &nwritten);
+ if (err)
+ {
+ log_error ("writing stream failed: %s\n",
+ gpg_strerror (err));
+ goto leave;
+ }
+ nread -= nwritten;
+ p += nwritten;
+ }
+ }
+ else
+ put_membuf (parm->mb, buffer, nread);
}
+ leave:
+ *parm->err_addr = err;
if (close (parm->fd))
log_error ("closing reader fd %d failed: %s\n", parm->fd, strerror (errno));
xfree (parm);
@@ -276,7 +338,8 @@ reader_thread_main (void *arg)
is stored at R_TID. After the thread has finished an error from
the thread will be stored at ERR_ADDR. */
static gpg_error_t
-start_reader (int fd, membuf_t *mb, npth_t *r_thread, gpg_error_t *err_addr)
+start_reader (int fd, membuf_t *mb, estream_t stream,
+ npth_t *r_thread, gpg_error_t *err_addr)
{
gpg_error_t err;
struct reader_thread_parms *parm;
@@ -292,6 +355,7 @@ start_reader (int fd, membuf_t *mb, npth_t *r_thread, gpg_error_t *err_addr)
return gpg_error_from_syserror ();
parm->fd = fd;
parm->mb = mb;
+ parm->stream = stream;
parm->err_addr = err_addr;
npth_attr_init (&tattr);
@@ -324,8 +388,10 @@ start_reader (int fd, membuf_t *mb, npth_t *r_thread, gpg_error_t *err_addr)
static gpg_error_t
_gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
const void *plain, size_t plainlen,
+ estream_t plain_stream,
strlist_t keys,
- membuf_t *reader_mb)
+ membuf_t *reader_mb,
+ estream_t cipher_stream)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -338,6 +404,11 @@ _gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
strlist_t sl;
int ret;
+ /* Make sure that either the stream interface xor the buffer
+ interface is used. */
+ assert ((plain == NULL) != (plain_stream == NULL));
+ assert ((reader_mb == NULL) != (cipher_stream == NULL));
+
/* Create two pipes. */
err = gnupg_create_outbound_pipe (outbound_fds);
if (!err)
@@ -356,7 +427,7 @@ _gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
close (inbound_fds[1]); inbound_fds[1] = -1;
/* Start a writer thread to feed the INPUT command of the server. */
- err = start_writer (outbound_fds[1], plain, plainlen,
+ err = start_writer (outbound_fds[1], plain, plainlen, plain_stream,
&writer_thread, &writer_err);
if (err)
return err;
@@ -364,7 +435,7 @@ _gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
/* Start a reader thread to eat from the OUTPUT command of the
server. */
- err = start_reader (inbound_fds[0], reader_mb,
+ err = start_reader (inbound_fds[0], reader_mb, cipher_stream,
&reader_thread, &reader_err);
if (err)
return err;
@@ -458,9 +529,9 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
init_membuf (&reader_mb, 4096);
err = _gpg_encrypt (ctrl, gpg_program,
- plain, plainlen,
+ plain, plainlen, NULL,
keys,
- &reader_mb);
+ &reader_mb, NULL);
if (! err)
{
@@ -478,6 +549,17 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
return err;
}
+gpg_error_t
+gpg_encrypt_stream (ctrl_t ctrl, const char *gpg_program,
+ estream_t plain_stream,
+ strlist_t keys,
+ estream_t cipher_stream)
+{
+ return _gpg_encrypt (ctrl, gpg_program,
+ NULL, 0, plain_stream,
+ keys,
+ NULL, cipher_stream);
+}
/* Call GPG to decrypt a block of data.
@@ -486,7 +568,9 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
static gpg_error_t
_gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
const void *ciph, size_t ciphlen,
- membuf_t *reader_mb)
+ estream_t cipher_stream,
+ membuf_t *reader_mb,
+ estream_t plain_stream)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -497,6 +581,11 @@ _gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
gpg_error_t writer_err, reader_err;
int ret;
+ /* Make sure that either the stream interface xor the buffer
+ interface is used. */
+ assert ((ciph == NULL) != (cipher_stream == NULL));
+ assert ((reader_mb == NULL) != (plain_stream == NULL));
+
/* Create two pipes. */
err = gnupg_create_outbound_pipe (outbound_fds);
if (!err)
@@ -515,7 +604,7 @@ _gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
close (inbound_fds[1]); inbound_fds[1] = -1;
/* Start a writer thread to feed the INPUT command of the server. */
- err = start_writer (outbound_fds[1], ciph, ciphlen,
+ err = start_writer (outbound_fds[1], ciph, ciphlen, cipher_stream,
&writer_thread, &writer_err);
if (err)
return err;
@@ -523,7 +612,7 @@ _gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
/* Start a reader thread to eat from the OUTPUT command of the
server. */
- err = start_reader (inbound_fds[0], reader_mb,
+ err = start_reader (inbound_fds[0], reader_mb, plain_stream,
&reader_thread, &reader_err);
if (err)
return err;
@@ -602,8 +691,8 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
init_membuf_secure (&reader_mb, 1024);
err = _gpg_decrypt (ctrl, gpg_program,
- ciph, ciphlen,
- &reader_mb);
+ ciph, ciphlen, NULL,
+ &reader_mb, NULL);
if (! err)
{
@@ -620,3 +709,13 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
xfree (get_membuf (&reader_mb, NULL));
return err;
}
+
+gpg_error_t
+gpg_decrypt_stream (ctrl_t ctrl, const char *gpg_program,
+ estream_t cipher_stream,
+ estream_t plain_stream)
+{
+ return _gpg_decrypt (ctrl, gpg_program,
+ NULL, 0, cipher_stream,
+ NULL, plain_stream);
+}
diff --git a/common/call-gpg.h b/common/call-gpg.h
index 606473d..2c5854d 100644
--- a/common/call-gpg.h
+++ b/common/call-gpg.h
@@ -20,6 +20,8 @@
#ifndef G13_CALL_GPG_H
#define G13_CALL_GPG_H
+#include <gpg-error.h>
+
#include "strlist.h"
typedef struct server_control_s *ctrl_t;
@@ -28,10 +30,18 @@ gpg_error_t gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
const void *plain, size_t plainlen,
strlist_t keys,
void **r_ciph, size_t *r_ciphlen);
+
+gpg_error_t gpg_encrypt_stream (ctrl_t ctrl, const char *gpg_program,
+ estream_t plain_stream,
+ strlist_t keys,
+ estream_t cipher_stream);
+
gpg_error_t gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
const void *ciph, size_t ciphlen,
void **r_plain, size_t *r_plainlen);
-
+gpg_error_t gpg_decrypt_stream (ctrl_t ctrl, const char *gpg_program,
+ estream_t cipher_stream,
+ estream_t plain_stream);
#endif /*G13_CALL_GPG_H*/
commit cb18d802308bde4e28219417bb4d107a4c0001b4
Author: Justus Winter <justus at g10code.com>
Date: Tue Nov 24 14:58:31 2015 +0100
common: Refactor the call-gpg code.
* common/call-gpg.c (gpg_{en,de}crypt_blob): Move most of the code
into two new functions, _gpg_encrypt and _gpg_decrypt.
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/common/call-gpg.c b/common/call-gpg.c
index bcad1d6..cc6b1e8 100644
--- a/common/call-gpg.c
+++ b/common/call-gpg.c
@@ -321,11 +321,11 @@ start_reader (int fd, membuf_t *mb, npth_t *r_thread, gpg_error_t *err_addr)
*/
-gpg_error_t
-gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
- const void *plain, size_t plainlen,
- strlist_t keys,
- void **r_ciph, size_t *r_ciphlen)
+static gpg_error_t
+_gpg_encrypt (ctrl_t ctrl, const char *gpg_program,
+ const void *plain, size_t plainlen,
+ strlist_t keys,
+ membuf_t *reader_mb)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -334,17 +334,10 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
npth_t writer_thread = (npth_t)0;
npth_t reader_thread = (npth_t)0;
gpg_error_t writer_err, reader_err;
- membuf_t reader_mb;
char line[ASSUAN_LINELENGTH];
strlist_t sl;
int ret;
- *r_ciph = NULL;
- *r_ciphlen = 0;
-
- /* Init the memory buffer to receive the encrypted stuff. */
- init_membuf (&reader_mb, 4096);
-
/* Create two pipes. */
err = gnupg_create_outbound_pipe (outbound_fds);
if (!err)
@@ -371,7 +364,7 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
/* Start a reader thread to eat from the OUTPUT command of the
server. */
- err = start_reader (inbound_fds[0], &reader_mb,
+ err = start_reader (inbound_fds[0], reader_mb,
&reader_thread, &reader_err);
if (err)
return err;
@@ -431,16 +424,6 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
goto leave;
}
- /* Return the data. */
- *r_ciph = get_membuf (&reader_mb, r_ciphlen);
- if (!*r_ciph)
- {
- err = gpg_error_from_syserror ();
- log_error ("error while storing the data in the reader thread: %s\n",
- gpg_strerror (err));
- goto leave;
- }
-
leave:
/* FIXME: Not valid, as npth_t is an opaque type. */
if (reader_thread)
@@ -456,20 +439,54 @@ gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
if (inbound_fds[1] != -1)
close (inbound_fds[1]);
release_gpg (ctx);
- xfree (get_membuf (&reader_mb, NULL));
return err;
}
+gpg_error_t
+gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
+ const void *plain, size_t plainlen,
+ strlist_t keys,
+ void **r_ciph, size_t *r_ciphlen)
+{
+ gpg_error_t err;
+ membuf_t reader_mb;
+
+ *r_ciph = NULL;
+ *r_ciphlen = 0;
+
+ /* Init the memory buffer to receive the encrypted stuff. */
+ init_membuf (&reader_mb, 4096);
+
+ err = _gpg_encrypt (ctrl, gpg_program,
+ plain, plainlen,
+ keys,
+ &reader_mb);
+
+ if (! err)
+ {
+ /* Return the data. */
+ *r_ciph = get_membuf (&reader_mb, r_ciphlen);
+ if (!*r_ciph)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error while storing the data in the reader thread: %s\n",
+ gpg_strerror (err));
+ }
+ }
+
+ xfree (get_membuf (&reader_mb, NULL));
+ return err;
+}
/* Call GPG to decrypt a block of data.
*/
-gpg_error_t
-gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
- const void *ciph, size_t ciphlen,
- void **r_plain, size_t *r_plainlen)
+static gpg_error_t
+_gpg_decrypt (ctrl_t ctrl, const char *gpg_program,
+ const void *ciph, size_t ciphlen,
+ membuf_t *reader_mb)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -478,15 +495,8 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
npth_t writer_thread = (npth_t)0;
npth_t reader_thread = (npth_t)0;
gpg_error_t writer_err, reader_err;
- membuf_t reader_mb;
int ret;
- *r_plain = NULL;
- *r_plainlen = 0;
-
- /* Init the memory buffer to receive the encrypted stuff. */
- init_membuf_secure (&reader_mb, 1024);
-
/* Create two pipes. */
err = gnupg_create_outbound_pipe (outbound_fds);
if (!err)
@@ -513,7 +523,7 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
/* Start a reader thread to eat from the OUTPUT command of the
server. */
- err = start_reader (inbound_fds[0], &reader_mb,
+ err = start_reader (inbound_fds[0], reader_mb,
&reader_thread, &reader_err);
if (err)
return err;
@@ -560,16 +570,6 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
goto leave;
}
- /* Return the data. */
- *r_plain = get_membuf (&reader_mb, r_plainlen);
- if (!*r_plain)
- {
- err = gpg_error_from_syserror ();
- log_error ("error while storing the data in the reader thread: %s\n",
- gpg_strerror (err));
- goto leave;
- }
-
leave:
if (reader_thread)
npth_detach (reader_thread);
@@ -584,6 +584,39 @@ gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
if (inbound_fds[1] != -1)
close (inbound_fds[1]);
release_gpg (ctx);
+ return err;
+}
+
+gpg_error_t
+gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
+ const void *ciph, size_t ciphlen,
+ void **r_plain, size_t *r_plainlen)
+{
+ gpg_error_t err;
+ membuf_t reader_mb;
+
+ *r_plain = NULL;
+ *r_plainlen = 0;
+
+ /* Init the memory buffer to receive the encrypted stuff. */
+ init_membuf_secure (&reader_mb, 1024);
+
+ err = _gpg_decrypt (ctrl, gpg_program,
+ ciph, ciphlen,
+ &reader_mb);
+
+ if (! err)
+ {
+ /* Return the data. */
+ *r_plain = get_membuf (&reader_mb, r_plainlen);
+ if (!*r_plain)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error while storing the data in the reader thread: %s\n",
+ gpg_strerror (err));
+ }
+ }
+
xfree (get_membuf (&reader_mb, NULL));
return err;
}
commit ba1a5cc17d43d9cba32447876f06a8ab8f97e5ae
Author: Justus Winter <justus at g10code.com>
Date: Tue Nov 24 13:40:56 2015 +0100
g13: Move 'call-gpg.c' to common.
* common/Makefile.am (common_sources): Add files.
* g13/call-gpg.c: Move to 'common' and adapt slightly. Add a
parameter to let callees override the gpg program to execute.
* g13/call-gpg.h: Likewise.
* g13/Makefile.am (g13_SOURCES): Drop files.
* g13/create.c (encrypt_keyblob): Hand in the gpg program to execute.
* g13/mount.c (decrypt_keyblob): Likewise.
Signed-off-by: Justus Winter <justus at g10code.com>
diff --git a/common/Makefile.am b/common/Makefile.am
index 678e1a2..c02c60e 100644
--- a/common/Makefile.am
+++ b/common/Makefile.am
@@ -86,7 +86,8 @@ common_sources = \
agent-opt.c \
helpfile.c \
mkdir_p.c mkdir_p.h \
- strlist.c strlist.h
+ strlist.c strlist.h \
+ call-gpg.c call-gpg.h
if HAVE_W32_SYSTEM
common_sources += w32-reg.c w32-afunix.c w32-afunix.h
diff --git a/g13/call-gpg.c b/common/call-gpg.c
similarity index 93%
rename from g13/call-gpg.c
rename to common/call-gpg.c
index 0bd935c..bcad1d6 100644
--- a/g13/call-gpg.c
+++ b/common/call-gpg.c
@@ -18,27 +18,29 @@
*/
#include <config.h>
-#include <stdio.h>
+
+#include <assert.h>
+#include <assuan.h>
+#include <errno.h>
+#include <npth.h>
#include <stdlib.h>
+#include <stdio.h>
#include <string.h>
-#include <errno.h>
#include <time.h>
-#include <assert.h>
-#include <npth.h>
-#include "g13.h"
-#include <assuan.h>
-#include "i18n.h"
#include "call-gpg.h"
-#include "utils.h"
-#include "../common/exechelp.h"
-
+#include "exechelp.h"
+#include "i18n.h"
+#include "logging.h"
+#include "membuf.h"
+#include "util.h"
/* Fire up a new GPG. Handle the server's initial greeting. Returns
0 on success and stores the assuan context at R_CTX. */
static gpg_error_t
-start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx)
+start_gpg (ctrl_t ctrl, const char *gpg_program,
+ int input_fd, int output_fd, assuan_context_t *r_ctx)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -60,15 +62,12 @@ start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx)
}
/* The first time we are used, intialize the gpg_program variable. */
- if ( !opt.gpg_program || !*opt.gpg_program )
- opt.gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG);
-
- if (opt.verbose)
- log_info (_("no running gpg - starting '%s'\n"), opt.gpg_program);
+ if ( !gpg_program || !*gpg_program )
+ gpg_program = gnupg_module_name (GNUPG_MODULE_NAME_GPG);
/* Compute argv[0]. */
- if ( !(pgmname = strrchr (opt.gpg_program, '/')))
- pgmname = opt.gpg_program;
+ if ( !(pgmname = strrchr (gpg_program, '/')))
+ pgmname = gpg_program;
else
pgmname++;
@@ -82,8 +81,6 @@ start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx)
i = 0;
argv[i++] = pgmname;
argv[i++] = "--server";
- if ((opt.debug & 1024))
- argv[i++] = "--debug=1024";
argv[i++] = "-z";
argv[i++] = "0";
argv[i++] = "--trust-model";
@@ -101,7 +98,7 @@ start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx)
no_close_list[i] = -1;
/* Connect to GPG and perform initial handshaking. */
- err = assuan_pipe_connect (ctx, opt.gpg_program, argv, no_close_list,
+ err = assuan_pipe_connect (ctx, gpg_program, argv, no_close_list,
NULL, NULL, 0);
if (err)
{
@@ -135,9 +132,6 @@ start_gpg (ctrl_t ctrl, int input_fd, int output_fd, assuan_context_t *r_ctx)
}
*r_ctx = ctx;
-
- if (DBG_IPC)
- log_debug ("connection to GPG established\n");
return 0;
}
@@ -328,8 +322,10 @@ start_reader (int fd, membuf_t *mb, npth_t *r_thread, gpg_error_t *err_addr)
*/
gpg_error_t
-gpg_encrypt_blob (ctrl_t ctrl, const void *plain, size_t plainlen,
- strlist_t keys, void **r_ciph, size_t *r_ciphlen)
+gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
+ const void *plain, size_t plainlen,
+ strlist_t keys,
+ void **r_ciph, size_t *r_ciphlen)
{
gpg_error_t err;
assuan_context_t ctx = NULL;
@@ -360,7 +356,7 @@ gpg_encrypt_blob (ctrl_t ctrl, const void *plain, size_t plainlen,
}
/* Start GPG and send the INPUT and OUTPUT commands. */
- err = start_gpg (ctrl, outbound_fds[0], inbound_fds[1], &ctx);
+ err = start_gpg (ctrl, gpg_program, outbound_fds[0], inbound_fds[1], &ctx);
if (err)
goto leave;
close (outbound_fds[0]); outbound_fds[0] = -1;
@@ -471,7 +467,8 @@ gpg_encrypt_blob (ctrl_t ctrl, const void *plain, size_t plainlen,
*/
gpg_error_t
-gpg_decrypt_blob (ctrl_t ctrl, const void *ciph, size_t ciphlen,
+gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
+ const void *ciph, size_t ciphlen,
void **r_plain, size_t *r_plainlen)
{
gpg_error_t err;
@@ -501,7 +498,7 @@ gpg_decrypt_blob (ctrl_t ctrl, const void *ciph, size_t ciphlen,
}
/* Start GPG and send the INPUT and OUTPUT commands. */
- err = start_gpg (ctrl, outbound_fds[0], inbound_fds[1], &ctx);
+ err = start_gpg (ctrl, gpg_program, outbound_fds[0], inbound_fds[1], &ctx);
if (err)
goto leave;
close (outbound_fds[0]); outbound_fds[0] = -1;
diff --git a/g13/call-gpg.h b/common/call-gpg.h
similarity index 82%
rename from g13/call-gpg.h
rename to common/call-gpg.h
index 339544d..606473d 100644
--- a/g13/call-gpg.h
+++ b/common/call-gpg.h
@@ -20,11 +20,16 @@
#ifndef G13_CALL_GPG_H
#define G13_CALL_GPG_H
-gpg_error_t gpg_encrypt_blob (ctrl_t ctrl,
+#include "strlist.h"
+
+typedef struct server_control_s *ctrl_t;
+
+gpg_error_t gpg_encrypt_blob (ctrl_t ctrl, const char *gpg_program,
const void *plain, size_t plainlen,
strlist_t keys,
void **r_ciph, size_t *r_ciphlen);
-gpg_error_t gpg_decrypt_blob (ctrl_t ctrl, const void *ciph, size_t ciphlen,
+gpg_error_t gpg_decrypt_blob (ctrl_t ctrl, const char *gpg_program,
+ const void *ciph, size_t ciphlen,
void **r_plain, size_t *r_plainlen);
diff --git a/g13/Makefile.am b/g13/Makefile.am
index 152cf36..e17d099 100644
--- a/g13/Makefile.am
+++ b/g13/Makefile.am
@@ -37,7 +37,6 @@ g13_SOURCES = \
create.c create.h \
mount.c mount.h \
mountinfo.c mountinfo.h \
- call-gpg.c call-gpg.h \
runner.c runner.h \
backend.c backend.h \
be-encfs.c be-encfs.h \
diff --git a/g13/create.c b/g13/create.c
index 6c09c2e..c4e94b8 100644
--- a/g13/create.c
+++ b/g13/create.c
@@ -33,7 +33,7 @@
#include "keyblob.h"
#include "backend.h"
#include "utils.h"
-#include "call-gpg.h"
+#include "../common/call-gpg.h"
/* Create a new blob with all the session keys and other meta
information which are to be stored encrypted in the crypto
@@ -111,7 +111,7 @@ encrypt_keyblob (ctrl_t ctrl, void *keyblob, size_t keybloblen,
gpg_error_t err;
/* FIXME: For now we only implement OpenPGP. */
- err = gpg_encrypt_blob (ctrl, keyblob, keybloblen, keys,
+ err = gpg_encrypt_blob (ctrl, opt.gpg_program, keyblob, keybloblen, keys,
r_encblob, r_encbloblen);
return err;
diff --git a/g13/mount.c b/g13/mount.c
index 8d1c015..1f7fbcc 100644
--- a/g13/mount.c
+++ b/g13/mount.c
@@ -34,7 +34,7 @@
#include "backend.h"
#include "utils.h"
#include "../common/sysutils.h"
-#include "call-gpg.h"
+#include "../common/call-gpg.h"
#include "mountinfo.h"
#include "runner.h"
#include "host2net.h"
@@ -202,7 +202,7 @@ decrypt_keyblob (ctrl_t ctrl, const void *enckeyblob, size_t enckeybloblen,
gpg_error_t err;
/* FIXME: For now we only implement OpenPGP. */
- err = gpg_decrypt_blob (ctrl, enckeyblob, enckeybloblen,
+ err = gpg_decrypt_blob (ctrl, opt.gpg_program, enckeyblob, enckeybloblen,
r_keyblob, r_keybloblen);
return err;
-----------------------------------------------------------------------
Summary of changes:
common/Makefile.am | 3 +-
{g13 => common}/call-gpg.c | 283 +++++++++++++++++++++++++++++++++------------
{g13 => common}/call-gpg.h | 21 +++-
g13/Makefile.am | 1 -
g13/create.c | 4 +-
g13/mount.c | 4 +-
tools/Makefile.am | 6 +-
tools/gpgtar-create.c | 38 +++++-
tools/gpgtar-extract.c | 24 +++-
tools/gpgtar-list.c | 24 +++-
tools/gpgtar.c | 72 ++++--------
tools/gpgtar.h | 10 +-
12 files changed, 348 insertions(+), 142 deletions(-)
rename {g13 => common}/call-gpg.c (70%)
rename {g13 => common}/call-gpg.h (67%)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list