Line data Source code
1 : /* plaintext.c - process plaintext packets
2 : * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
3 : * 2006, 2009, 2010 Free Software Foundation, Inc.
4 : *
5 : * This file is part of GnuPG.
6 : *
7 : * GnuPG is free software; you can redistribute it and/or modify
8 : * it under the terms of the GNU General Public License as published by
9 : * the Free Software Foundation; either version 3 of the License, or
10 : * (at your option) any later version.
11 : *
12 : * GnuPG is distributed in the hope that it will be useful,
13 : * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : * GNU General Public License for more details.
16 : *
17 : * You should have received a copy of the GNU General Public License
18 : * along with this program; if not, see <https://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include <config.h>
22 : #include <stdio.h>
23 : #include <stdlib.h>
24 : #include <string.h>
25 : #include <errno.h>
26 : #include <sys/types.h>
27 : #ifdef HAVE_DOSISH_SYSTEM
28 : # include <fcntl.h> /* for setmode() */
29 : #endif
30 :
31 : #include "gpg.h"
32 : #include "util.h"
33 : #include "options.h"
34 : #include "packet.h"
35 : #include "ttyio.h"
36 : #include "filter.h"
37 : #include "main.h"
38 : #include "status.h"
39 : #include "i18n.h"
40 :
41 :
42 : /* Get the output filename. On success, the actual filename that is
43 : used is set in *FNAMEP and a filepointer is returned in *FP.
44 :
45 : EMBEDDED_NAME AND EMBEDDED_NAMELEN are normally stored in a
46 : plaintext packet. EMBEDDED_NAMELEN should not include any NUL
47 : terminator (EMBEDDED_NAME does not need to be NUL terminated).
48 :
49 : DATA is the iobuf containing the input data. We just use it to get
50 : the input file's filename.
51 :
52 : On success, the caller is responsible for calling xfree on *FNAMEP
53 : and calling es_close on *FPP. */
54 : gpg_error_t
55 405 : get_output_file (const byte *embedded_name, int embedded_namelen,
56 : iobuf_t data, char **fnamep, estream_t *fpp)
57 : {
58 405 : gpg_error_t err = 0;
59 405 : char *fname = NULL;
60 405 : estream_t fp = NULL;
61 405 : int nooutput = 0;
62 :
63 : /* Create the filename as C string. */
64 405 : if (opt.outfp)
65 : {
66 0 : fname = xtrystrdup ("[FP]");
67 0 : if (!fname)
68 : {
69 0 : err = gpg_error_from_syserror ();
70 0 : goto leave;
71 : }
72 : }
73 405 : else if (opt.outfile)
74 : {
75 402 : fname = xtrystrdup (opt.outfile);
76 402 : if (!fname)
77 : {
78 0 : err = gpg_error_from_syserror ();
79 0 : goto leave;
80 : }
81 : }
82 3 : else if (embedded_namelen == 8 && !memcmp (embedded_name, "_CONSOLE", 8))
83 : {
84 0 : log_info (_("data not saved; use option \"--output\" to save it\n"));
85 0 : nooutput = 1;
86 : }
87 3 : else if (!opt.flags.use_embedded_filename)
88 : {
89 3 : if (data)
90 3 : fname = make_outfile_name (iobuf_get_real_fname (data));
91 3 : if (!fname)
92 0 : fname = ask_outfile_name (embedded_name, embedded_namelen);
93 3 : if (!fname)
94 : {
95 0 : err = gpg_error (GPG_ERR_GENERAL); /* Can't create file. */
96 0 : goto leave;
97 : }
98 : }
99 : else
100 0 : fname = utf8_to_native (embedded_name, embedded_namelen, 0);
101 :
102 405 : if (nooutput)
103 : ;
104 405 : else if (opt.outfp)
105 : {
106 0 : fp = opt.outfp;
107 0 : es_set_binary (fp);
108 : }
109 405 : else if (iobuf_is_pipe_filename (fname) || !*fname)
110 40 : {
111 : /* Special file name, no filename, or "-" given; write to the
112 : * file descriptor or to stdout. */
113 : int fd;
114 : char xname[64];
115 :
116 40 : fd = check_special_filename (fname, 1, 0);
117 40 : if (fd == -1)
118 : {
119 : /* Not a special filename, thus we want stdout. */
120 40 : fp = es_stdout;
121 40 : es_set_binary (fp);
122 : }
123 0 : else if (!(fp = es_fdopen_nc (fd, "wb")))
124 : {
125 0 : err = gpg_error_from_syserror ();
126 0 : snprintf (xname, sizeof xname, "[fd %d]", fd);
127 0 : log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
128 0 : goto leave;
129 : }
130 : }
131 : else
132 : {
133 730 : while (!overwrite_filep (fname))
134 : {
135 0 : char *tmp = ask_outfile_name (NULL, 0);
136 0 : if (!tmp || !*tmp)
137 : {
138 0 : xfree (tmp);
139 : /* FIXME: Below used to be GPG_ERR_CREATE_FILE */
140 0 : err = gpg_error (GPG_ERR_GENERAL);
141 0 : goto leave;
142 : }
143 0 : xfree (fname);
144 0 : fname = tmp;
145 : }
146 : }
147 :
148 : #ifndef __riscos__
149 405 : if (opt.outfp && is_secured_file (es_fileno (opt.outfp)))
150 : {
151 0 : err = gpg_error (GPG_ERR_EPERM);
152 0 : log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
153 0 : goto leave;
154 : }
155 405 : else if (fp || nooutput)
156 : ;
157 365 : else if (is_secured_filename (fname))
158 : {
159 0 : gpg_err_set_errno (EPERM);
160 0 : err = gpg_error_from_syserror ();
161 0 : log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
162 0 : goto leave;
163 : }
164 365 : else if (!(fp = es_fopen (fname, "wb")))
165 : {
166 0 : err = gpg_error_from_syserror ();
167 0 : log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
168 0 : goto leave;
169 : }
170 : #else /* __riscos__ */
171 : /* If no output filename was given, i.e. we constructed it, convert
172 : all '.' in fname to '/' but not vice versa as we don't create
173 : directories! */
174 : if (!opt.outfile)
175 : for (c = 0; fname[c]; ++c)
176 : if (fname[c] == '.')
177 : fname[c] = '/';
178 :
179 : if (fp || nooutput)
180 : ;
181 : else
182 : {
183 : /* Note: riscos stuff is not expected to work anymore. If we
184 : want to port it again to riscos we should do most of the suff
185 : in estream. FIXME: Consider to remove all riscos special
186 : cases. */
187 : fp = fopen (fname, "wb");
188 : if (!fp)
189 : {
190 : log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
191 : err = GPG_ERR_CREATE_FILE;
192 : if (errno == 106)
193 : log_info ("Do output file and input file have the same name?\n");
194 : goto leave;
195 : }
196 :
197 : /* If there's a ,xxx extension in the embedded filename,
198 : use that, else check whether the user input (in fname)
199 : has a ,xxx appended, then use that in preference */
200 : if ((c = riscos_get_filetype_from_string (embedded_name,
201 : embedded_namelen)) != -1)
202 : filetype = c;
203 : if ((c = riscos_get_filetype_from_string (fname, strlen (fname))) != -1)
204 : filetype = c;
205 : riscos_set_filetype_by_number (fname, filetype);
206 : }
207 : #endif /* __riscos__ */
208 :
209 : leave:
210 405 : if (err)
211 : {
212 0 : if (fp && fp != es_stdout && fp != opt.outfp)
213 0 : es_fclose (fp);
214 0 : xfree (fname);
215 0 : return err;
216 : }
217 :
218 405 : *fnamep = fname;
219 405 : *fpp = fp;
220 405 : return 0;
221 : }
222 :
223 : /* Handle a plaintext packet. If MFX is not NULL, update the MDs
224 : * Note: We should have used the filter stuff here, but we have to add
225 : * some easy mimic to set a read limit, so we calculate only the bytes
226 : * from the plaintext. */
227 : int
228 460 : handle_plaintext (PKT_plaintext * pt, md_filter_context_t * mfx,
229 : int nooutput, int clearsig)
230 : {
231 460 : char *fname = NULL;
232 460 : estream_t fp = NULL;
233 : static off_t count = 0;
234 460 : int err = 0;
235 : int c;
236 : int convert;
237 : #ifdef __riscos__
238 : int filetype = 0xfff;
239 : #endif
240 :
241 460 : if (pt->mode == 't' || pt->mode == 'u' || pt->mode == 'm')
242 21 : convert = pt->mode;
243 : else
244 439 : convert = 0;
245 :
246 : /* Let people know what the plaintext info is. This allows the
247 : receiving program to try and do something different based on the
248 : format code (say, recode UTF-8 to local). */
249 460 : if (!nooutput && is_status_enabled ())
250 : {
251 : char status[50];
252 :
253 : /* Better make sure that stdout has been flushed in case the
254 : output will be written to it. This is to make sure that no
255 : not-yet-flushed stuff will be written after the plaintext
256 : status message. */
257 13 : es_fflush (es_stdout);
258 :
259 26 : snprintf (status, sizeof status,
260 26 : "%X %lu ", (byte) pt->mode, (ulong) pt->timestamp);
261 26 : write_status_text_and_buffer (STATUS_PLAINTEXT,
262 26 : status, pt->name, pt->namelen, 0);
263 :
264 13 : if (!pt->is_partial)
265 : {
266 13 : snprintf (status, sizeof status, "%lu", (ulong) pt->len);
267 13 : write_status_text (STATUS_PLAINTEXT_LENGTH, status);
268 : }
269 : }
270 :
271 460 : if (! nooutput)
272 : {
273 405 : err = get_output_file (pt->name, pt->namelen, pt->buf, &fname, &fp);
274 405 : if (err)
275 0 : goto leave;
276 : }
277 :
278 460 : if (!pt->is_partial)
279 : {
280 : /* We have an actual length (which might be zero). */
281 :
282 417 : if (clearsig)
283 : {
284 0 : log_error ("clearsig encountered while not expected\n");
285 0 : err = gpg_error (GPG_ERR_UNEXPECTED);
286 0 : goto leave;
287 : }
288 :
289 417 : if (convert) /* Text mode. */
290 : {
291 46 : for (; pt->len; pt->len--)
292 : {
293 45 : if ((c = iobuf_get (pt->buf)) == -1)
294 : {
295 0 : err = gpg_error_from_syserror ();
296 0 : log_error ("problem reading source (%u bytes remaining)\n",
297 : (unsigned) pt->len);
298 0 : goto leave;
299 : }
300 45 : if (mfx->md)
301 45 : gcry_md_putc (mfx->md, c);
302 : #ifndef HAVE_DOSISH_SYSTEM
303 : /* Convert to native line ending. */
304 : /* fixme: this hack might be too simple */
305 45 : if (c == '\r' && convert != 'm')
306 0 : continue;
307 : #endif
308 45 : if (fp)
309 : {
310 45 : if (opt.max_output && (++count) > opt.max_output)
311 : {
312 0 : log_error ("error writing to '%s': %s\n",
313 : fname, "exceeded --max-output limit\n");
314 0 : err = gpg_error (GPG_ERR_TOO_LARGE);
315 0 : goto leave;
316 : }
317 45 : else if (es_putc (c, fp) == EOF)
318 : {
319 0 : if (es_ferror (fp))
320 0 : err = gpg_error_from_syserror ();
321 : else
322 0 : err = gpg_error (GPG_ERR_EOF);
323 0 : log_error ("error writing to '%s': %s\n",
324 : fname, gpg_strerror (err));
325 0 : goto leave;
326 : }
327 : }
328 : }
329 : }
330 : else /* Binary mode. */
331 : {
332 416 : byte *buffer = xmalloc (32768);
333 1358 : while (pt->len)
334 : {
335 526 : int len = pt->len > 32768 ? 32768 : pt->len;
336 526 : len = iobuf_read (pt->buf, buffer, len);
337 526 : if (len == -1)
338 : {
339 0 : err = gpg_error_from_syserror ();
340 0 : log_error ("problem reading source (%u bytes remaining)\n",
341 : (unsigned) pt->len);
342 0 : xfree (buffer);
343 0 : goto leave;
344 : }
345 526 : if (mfx->md)
346 526 : gcry_md_write (mfx->md, buffer, len);
347 526 : if (fp)
348 : {
349 479 : if (opt.max_output && (count += len) > opt.max_output)
350 : {
351 0 : log_error ("error writing to '%s': %s\n",
352 : fname, "exceeded --max-output limit\n");
353 0 : err = gpg_error (GPG_ERR_TOO_LARGE);
354 0 : xfree (buffer);
355 0 : goto leave;
356 : }
357 479 : else if (es_fwrite (buffer, 1, len, fp) != len)
358 : {
359 0 : err = gpg_error_from_syserror ();
360 0 : log_error ("error writing to '%s': %s\n",
361 : fname, gpg_strerror (err));
362 0 : xfree (buffer);
363 0 : goto leave;
364 : }
365 : }
366 526 : pt->len -= len;
367 : }
368 416 : xfree (buffer);
369 : }
370 : }
371 43 : else if (!clearsig)
372 : {
373 26 : if (convert)
374 : { /* text mode */
375 3144 : while ((c = iobuf_get (pt->buf)) != -1)
376 : {
377 3138 : if (mfx->md)
378 3138 : gcry_md_putc (mfx->md, c);
379 : #ifndef HAVE_DOSISH_SYSTEM
380 3138 : if (c == '\r' && convert != 'm')
381 72 : continue; /* fixme: this hack might be too simple */
382 : #endif
383 3066 : if (fp)
384 : {
385 3066 : if (opt.max_output && (++count) > opt.max_output)
386 : {
387 0 : log_error ("Error writing to '%s': %s\n",
388 : fname, "exceeded --max-output limit\n");
389 0 : err = gpg_error (GPG_ERR_TOO_LARGE);
390 0 : goto leave;
391 : }
392 3066 : else if (es_putc (c, fp) == EOF)
393 : {
394 0 : if (es_ferror (fp))
395 0 : err = gpg_error_from_syserror ();
396 : else
397 0 : err = gpg_error (GPG_ERR_EOF);
398 0 : log_error ("error writing to '%s': %s\n",
399 : fname, gpg_strerror (err));
400 0 : goto leave;
401 : }
402 : }
403 : }
404 : }
405 : else
406 : { /* binary mode */
407 : byte *buffer;
408 23 : int eof_seen = 0;
409 :
410 23 : buffer = xtrymalloc (32768);
411 23 : if (!buffer)
412 : {
413 0 : err = gpg_error_from_syserror ();
414 0 : goto leave;
415 : }
416 :
417 116 : while (!eof_seen)
418 : {
419 : /* Why do we check for len < 32768:
420 : * If we won't, we would practically read 2 EOFs but
421 : * the first one has already popped the block_filter
422 : * off and therefore we don't catch the boundary.
423 : * So, always assume EOF if iobuf_read returns less bytes
424 : * then requested */
425 82 : int len = iobuf_read (pt->buf, buffer, 32768);
426 82 : if (len == -1)
427 12 : break;
428 70 : if (len < 32768)
429 11 : eof_seen = 1;
430 70 : if (mfx->md)
431 70 : gcry_md_write (mfx->md, buffer, len);
432 70 : if (fp)
433 : {
434 70 : if (opt.max_output && (count += len) > opt.max_output)
435 : {
436 0 : log_error ("error writing to '%s': %s\n",
437 : fname, "exceeded --max-output limit\n");
438 0 : err = gpg_error (GPG_ERR_TOO_LARGE);
439 0 : xfree (buffer);
440 0 : goto leave;
441 : }
442 70 : else if (es_fwrite (buffer, 1, len, fp) != len)
443 : {
444 0 : err = gpg_error_from_syserror ();
445 0 : log_error ("error writing to '%s': %s\n",
446 : fname, gpg_strerror (err));
447 0 : xfree (buffer);
448 0 : goto leave;
449 : }
450 : }
451 : }
452 23 : xfree (buffer);
453 : }
454 26 : pt->buf = NULL;
455 : }
456 : else /* Clear text signature - don't hash the last CR,LF. */
457 : {
458 17 : int state = 0;
459 :
460 207568 : while ((c = iobuf_get (pt->buf)) != -1)
461 : {
462 207534 : if (fp)
463 : {
464 204630 : if (opt.max_output && (++count) > opt.max_output)
465 : {
466 0 : log_error ("error writing to '%s': %s\n",
467 : fname, "exceeded --max-output limit\n");
468 0 : err = gpg_error (GPG_ERR_TOO_LARGE);
469 0 : goto leave;
470 : }
471 204630 : else if (es_putc (c, fp) == EOF)
472 : {
473 0 : err = gpg_error_from_syserror ();
474 0 : log_error ("error writing to '%s': %s\n",
475 : fname, gpg_strerror (err));
476 0 : goto leave;
477 : }
478 : }
479 207534 : if (!mfx->md)
480 0 : continue;
481 207534 : if (state == 2)
482 : {
483 5314 : gcry_md_putc (mfx->md, '\r');
484 5314 : gcry_md_putc (mfx->md, '\n');
485 5314 : state = 0;
486 : }
487 207534 : if (!state)
488 : {
489 207534 : if (c == '\r')
490 0 : state = 1;
491 207534 : else if (c == '\n')
492 5331 : state = 2;
493 : else
494 202203 : gcry_md_putc (mfx->md, c);
495 : }
496 0 : else if (state == 1)
497 : {
498 0 : if (c == '\n')
499 0 : state = 2;
500 : else
501 : {
502 0 : gcry_md_putc (mfx->md, '\r');
503 0 : if (c == '\r')
504 0 : state = 1;
505 : else
506 : {
507 0 : state = 0;
508 0 : gcry_md_putc (mfx->md, c);
509 : }
510 : }
511 : }
512 : }
513 17 : pt->buf = NULL;
514 : }
515 :
516 460 : if (fp && fp != es_stdout && fp != opt.outfp && es_fclose (fp))
517 : {
518 0 : err = gpg_error_from_syserror ();
519 0 : log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
520 0 : fp = NULL;
521 0 : goto leave;
522 : }
523 460 : fp = NULL;
524 :
525 : leave:
526 : /* Make sure that stdout gets flushed after the plaintext has been
527 : handled. This is for extra security as we do a flush anyway
528 : before checking the signature. */
529 460 : if (es_fflush (es_stdout))
530 : {
531 : /* We need to check the return code to detect errors like disk
532 : full for short plaintexts. See bug#1207. Checking return
533 : values is a good idea in any case. */
534 0 : if (!err)
535 0 : err = gpg_error_from_syserror ();
536 0 : log_error ("error flushing '%s': %s\n", "[stdout]",
537 : gpg_strerror (err));
538 : }
539 :
540 460 : if (fp && fp != es_stdout && fp != opt.outfp)
541 0 : es_fclose (fp);
542 460 : xfree (fname);
543 460 : return err;
544 : }
545 :
546 :
547 : static void
548 16 : do_hash (gcry_md_hd_t md, gcry_md_hd_t md2, IOBUF fp, int textmode)
549 : {
550 : text_filter_context_t tfx;
551 : int c;
552 :
553 16 : if (textmode)
554 : {
555 0 : memset (&tfx, 0, sizeof tfx);
556 0 : iobuf_push_filter (fp, text_filter, &tfx);
557 : }
558 16 : if (md2)
559 : { /* work around a strange behaviour in pgp2 */
560 : /* It seems that at least PGP5 converts a single CR to a CR,LF too */
561 0 : int lc = -1;
562 0 : while ((c = iobuf_get (fp)) != -1)
563 : {
564 0 : if (c == '\n' && lc == '\r')
565 0 : gcry_md_putc (md2, c);
566 0 : else if (c == '\n')
567 : {
568 0 : gcry_md_putc (md2, '\r');
569 0 : gcry_md_putc (md2, c);
570 : }
571 0 : else if (c != '\n' && lc == '\r')
572 : {
573 0 : gcry_md_putc (md2, '\n');
574 0 : gcry_md_putc (md2, c);
575 : }
576 : else
577 0 : gcry_md_putc (md2, c);
578 :
579 0 : if (md)
580 0 : gcry_md_putc (md, c);
581 0 : lc = c;
582 : }
583 : }
584 : else
585 : {
586 496872 : while ((c = iobuf_get (fp)) != -1)
587 : {
588 496840 : if (md)
589 496840 : gcry_md_putc (md, c);
590 : }
591 : }
592 16 : }
593 :
594 :
595 : /****************
596 : * Ask for the detached datafile and calculate the digest from it.
597 : * INFILE is the name of the input file.
598 : */
599 : int
600 16 : ask_for_detached_datafile (gcry_md_hd_t md, gcry_md_hd_t md2,
601 : const char *inname, int textmode)
602 : {
603 : progress_filter_context_t *pfx;
604 16 : char *answer = NULL;
605 : IOBUF fp;
606 16 : int rc = 0;
607 :
608 16 : pfx = new_progress_context ();
609 16 : fp = open_sigfile (inname, pfx); /* Open default file. */
610 :
611 16 : if (!fp && !opt.batch)
612 : {
613 0 : int any = 0;
614 0 : tty_printf (_("Detached signature.\n"));
615 : do
616 : {
617 : char *name;
618 :
619 0 : xfree (answer);
620 0 : tty_enable_completion (NULL);
621 0 : name = cpr_get ("detached_signature.filename",
622 0 : _("Please enter name of data file: "));
623 0 : tty_disable_completion ();
624 0 : cpr_kill_prompt ();
625 0 : answer = make_filename (name, (void *) NULL);
626 0 : xfree (name);
627 :
628 0 : if (any && !*answer)
629 : {
630 0 : rc = gpg_error (GPG_ERR_GENERAL); /*G10ERR_READ_FILE */
631 0 : goto leave;
632 : }
633 0 : fp = iobuf_open (answer);
634 0 : if (fp && is_secured_file (iobuf_get_fd (fp)))
635 : {
636 0 : iobuf_close (fp);
637 0 : fp = NULL;
638 0 : gpg_err_set_errno (EPERM);
639 : }
640 0 : if (!fp && errno == ENOENT)
641 : {
642 0 : tty_printf ("No such file, try again or hit enter to quit.\n");
643 0 : any++;
644 : }
645 0 : else if (!fp)
646 : {
647 0 : rc = gpg_error_from_syserror ();
648 0 : log_error (_("can't open '%s': %s\n"), answer,
649 0 : strerror (errno));
650 0 : goto leave;
651 : }
652 : }
653 0 : while (!fp);
654 : }
655 :
656 16 : if (!fp)
657 : {
658 16 : if (opt.verbose)
659 0 : log_info (_("reading stdin ...\n"));
660 16 : fp = iobuf_open (NULL);
661 16 : log_assert (fp);
662 : }
663 16 : do_hash (md, md2, fp, textmode);
664 16 : iobuf_close (fp);
665 :
666 : leave:
667 16 : xfree (answer);
668 16 : release_progress_context (pfx);
669 16 : return rc;
670 : }
671 :
672 :
673 :
674 : /* Hash the given files and append the hash to hash contexts MD and
675 : * MD2. If FILES is NULL, stdin is hashed. */
676 : int
677 0 : hash_datafiles (gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files,
678 : const char *sigfilename, int textmode)
679 : {
680 : progress_filter_context_t *pfx;
681 : IOBUF fp;
682 : strlist_t sl;
683 :
684 0 : pfx = new_progress_context ();
685 :
686 0 : if (!files)
687 : {
688 : /* Check whether we can open the signed material. We avoid
689 : trying to open a file if run in batch mode. This assumed
690 : data file for a sig file feature is just a convenience thing
691 : for the command line and the user needs to read possible
692 : warning messages. */
693 0 : if (!opt.batch)
694 : {
695 0 : fp = open_sigfile (sigfilename, pfx);
696 0 : if (fp)
697 : {
698 0 : do_hash (md, md2, fp, textmode);
699 0 : iobuf_close (fp);
700 0 : release_progress_context (pfx);
701 0 : return 0;
702 : }
703 : }
704 0 : log_error (_("no signed data\n"));
705 0 : release_progress_context (pfx);
706 0 : return gpg_error (GPG_ERR_NO_DATA);
707 : }
708 :
709 :
710 0 : for (sl = files; sl; sl = sl->next)
711 : {
712 0 : fp = iobuf_open (sl->d);
713 0 : if (fp && is_secured_file (iobuf_get_fd (fp)))
714 : {
715 0 : iobuf_close (fp);
716 0 : fp = NULL;
717 0 : gpg_err_set_errno (EPERM);
718 : }
719 0 : if (!fp)
720 : {
721 0 : int rc = gpg_error_from_syserror ();
722 0 : log_error (_("can't open signed data '%s'\n"),
723 0 : print_fname_stdin (sl->d));
724 0 : release_progress_context (pfx);
725 0 : return rc;
726 : }
727 0 : handle_progress (pfx, fp, sl->d);
728 0 : do_hash (md, md2, fp, textmode);
729 0 : iobuf_close (fp);
730 : }
731 :
732 0 : release_progress_context (pfx);
733 0 : return 0;
734 : }
735 :
736 :
737 : /* Hash the data from file descriptor DATA_FD and append the hash to hash
738 : contexts MD and MD2. */
739 : int
740 0 : hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
741 : int textmode)
742 : {
743 0 : progress_filter_context_t *pfx = new_progress_context ();
744 : iobuf_t fp;
745 :
746 0 : if (is_secured_file (data_fd))
747 : {
748 0 : fp = NULL;
749 0 : gpg_err_set_errno (EPERM);
750 : }
751 : else
752 0 : fp = iobuf_fdopen_nc (data_fd, "rb");
753 :
754 0 : if (!fp)
755 : {
756 0 : int rc = gpg_error_from_syserror ();
757 0 : log_error (_("can't open signed data fd=%d: %s\n"),
758 0 : data_fd, strerror (errno));
759 0 : release_progress_context (pfx);
760 0 : return rc;
761 : }
762 :
763 0 : handle_progress (pfx, fp, NULL);
764 :
765 0 : do_hash (md, md2, fp, textmode);
766 :
767 0 : iobuf_close (fp);
768 :
769 0 : release_progress_context (pfx);
770 0 : return 0;
771 : }
772 :
773 :
774 : /* Set up a plaintext packet with the appropriate filename. If there
775 : is a --set-filename, use it (it's already UTF8). If there is a
776 : regular filename, UTF8-ize it if necessary. If there is no
777 : filenames at all, set the field empty. */
778 :
779 : PKT_plaintext *
780 379 : setup_plaintext_name (const char *filename, IOBUF iobuf)
781 : {
782 : PKT_plaintext *pt;
783 :
784 379 : if ((filename && !iobuf_is_pipe_filename (filename))
785 38 : || (opt.set_filename && !iobuf_is_pipe_filename (opt.set_filename)))
786 341 : {
787 : char *s;
788 :
789 341 : if (opt.set_filename)
790 0 : s = make_basename (opt.set_filename, iobuf_get_real_fname (iobuf));
791 341 : else if (filename && !opt.flags.utf8_filename)
792 341 : {
793 341 : char *tmp = native_to_utf8 (filename);
794 341 : s = make_basename (tmp, iobuf_get_real_fname (iobuf));
795 341 : xfree (tmp);
796 : }
797 : else
798 0 : s = make_basename (filename, iobuf_get_real_fname (iobuf));
799 :
800 341 : pt = xmalloc (sizeof *pt + strlen (s) - 1);
801 341 : pt->namelen = strlen (s);
802 341 : memcpy (pt->name, s, pt->namelen);
803 341 : xfree (s);
804 : }
805 : else
806 : {
807 : /* no filename */
808 38 : pt = xmalloc (sizeof *pt - 1);
809 38 : pt->namelen = 0;
810 : }
811 :
812 379 : return pt;
813 : }
|