diff options
| author | NIIBE Yutaka <[email protected]> | 2023-07-13 01:54:11 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2023-07-13 02:20:54 +0000 |
| commit | a43d0f7d461089bc345bfa6e9813513c27ccf8b9 (patch) | |
| tree | c5df6001a83c7e6a99a8eee75007e954cddbef7f | |
| parent | sm: Use open_stream_nc for HANDLE by assuan_get_output_fd. (diff) | |
| download | gnupg-a43d0f7d461089bc345bfa6e9813513c27ccf8b9.tar.gz gnupg-a43d0f7d461089bc345bfa6e9813513c27ccf8b9.zip | |
sm: Use estream_t for DATA_FP for verify operation.
* sm/gpgsm.c (main): Use es_fopen for DATA_FP to call gpgsm_verify.
* sm/gpgsm.h (gpgsm_verify): Use estream_t for DATA_FP.
* sm/server.c (struct server_local_s): Rename MESSAGE_FD to
MESSAGE_FP.
(close_message_fp): Rename from close_message_fd.
(reset_notify): Follow the change of close_message_fp.
(cmd_encrypt, cmd_decrypt, cmd_verify, cmd_sign): Likewise.
(cmd_export, cmd_delkeys, gpgsm_server): Likewise.
(cmd_message): Setup MESSAGE_FP with open_stream_nc.
(cmd_verify): Use MESSAGE_FP.
* sm/verify.c (hash_data): Use estream_t for FP.
(gpgsm_verify): Use estream_t for DATA_FP.
--
GnuPG-bug-id: 6592
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | sm/gpgsm.c | 18 | ||||
| -rw-r--r-- | sm/gpgsm.h | 2 | ||||
| -rw-r--r-- | sm/server.c | 55 | ||||
| -rw-r--r-- | sm/verify.c | 30 |
4 files changed, 53 insertions, 52 deletions
diff --git a/sm/gpgsm.c b/sm/gpgsm.c index ce977413d..1b4692c13 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1981,11 +1981,23 @@ main ( int argc, char **argv) fp = open_es_fwrite (opt.outfile); if (!argc) - gpgsm_verify (&ctrl, 0, -1, fp); /* normal signature from stdin */ + gpgsm_verify (&ctrl, 0, NULL, fp); /* normal signature from stdin */ else if (argc == 1) - gpgsm_verify (&ctrl, open_read (*argv), -1, fp); /* std signature */ + gpgsm_verify (&ctrl, open_read (*argv), NULL, fp); /* std signature */ else if (argc == 2) /* detached signature (sig, detached) */ - gpgsm_verify (&ctrl, open_read (*argv), open_read (argv[1]), NULL); + { + estream_t data_fp = es_fopen (argv[1], "rb"); + + if (!data_fp) + { + log_error (_("can't open '%s': %s\n"), argv[1], + strerror (errno)); + gpgsm_exit (2); + } + + gpgsm_verify (&ctrl, open_read (*argv), data_fp, NULL); + es_fclose (data_fp); + } else wrong_args ("--verify [signature [detached_data]]"); diff --git a/sm/gpgsm.h b/sm/gpgsm.h index e1aca8bb7..71bb3bd71 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -439,7 +439,7 @@ void gpgsm_p12_export (ctrl_t ctrl, const char *name, estream_t stream, int gpgsm_delete (ctrl_t ctrl, strlist_t names); /*-- verify.c --*/ -int gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp); +int gpgsm_verify (ctrl_t ctrl, int in_fd, estream_t data_fp, estream_t out_fp); /*-- sign.c --*/ int gpgsm_get_default_cert (ctrl_t ctrl, ksba_cert_t *r_cert); diff --git a/sm/server.c b/sm/server.c index 934d3764d..3e012f1e6 100644 --- a/sm/server.c +++ b/sm/server.c @@ -43,7 +43,7 @@ static FILE *statusfp; /* Data used to assuciate an Assuan context with local server data */ struct server_local_s { assuan_context_t assuan_ctx; - int message_fd; + estream_t message_fp; int list_internal; int list_external; int list_to_output; /* Write keylistings to the output fd. */ @@ -130,12 +130,12 @@ data_line_cookie_close (void *cookie) static void -close_message_fd (ctrl_t ctrl) +close_message_fp (ctrl_t ctrl) { - if (ctrl->server_local->message_fd != -1) + if (ctrl->server_local->message_fp) { - close (ctrl->server_local->message_fd); - ctrl->server_local->message_fd = -1; + es_fclose (ctrl->server_local->message_fp); + ctrl->server_local->message_fp = NULL; } } @@ -320,7 +320,7 @@ reset_notify (assuan_context_t ctx, char *line) gpgsm_release_certlist (ctrl->server_local->signerlist); ctrl->server_local->recplist = NULL; ctrl->server_local->signerlist = NULL; - close_message_fd (ctrl); + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return 0; @@ -489,8 +489,8 @@ cmd_encrypt (assuan_context_t ctx, char *line) gpgsm_release_certlist (ctrl->server_local->recplist); ctrl->server_local->recplist = NULL; - /* Close and reset the fd */ - close_message_fd (ctrl); + /* Close and reset the fp and the fds */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return rc; @@ -533,7 +533,7 @@ cmd_decrypt (assuan_context_t ctx, char *line) es_fclose (out_fp); /* Close and reset the fds. */ - close_message_fd (ctrl); + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); @@ -574,11 +574,11 @@ cmd_verify (assuan_context_t ctx, char *line) rc = start_audit_session (ctrl); if (!rc) rc = gpgsm_verify (assuan_get_pointer (ctx), fd, - ctrl->server_local->message_fd, out_fp); + ctrl->server_local->message_fp, out_fp); es_fclose (out_fp); - /* Close and reset the fd. */ - close_message_fd (ctrl); + /* Close and reset the fp and the fd. */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); @@ -621,8 +621,8 @@ cmd_sign (assuan_context_t ctx, char *line) inp_fd, detached, out_fp); es_fclose (out_fp); - /* close and reset the fd */ - close_message_fd (ctrl); + /* close and reset the fp and the fds */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); @@ -657,8 +657,8 @@ cmd_import (assuan_context_t ctx, char *line) rc = gpgsm_import (assuan_get_pointer (ctx), fd, reimport); - /* close and reset the fd */ - close_message_fd (ctrl); + /* close and reset the fp and the fds */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); @@ -783,8 +783,8 @@ cmd_export (assuan_context_t ctx, char *line) } free_strlist (list); - /* Close and reset the fds. */ - close_message_fd (ctrl); + /* Close and reset the fp and the fds. */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); return 0; @@ -832,8 +832,8 @@ cmd_delkeys (assuan_context_t ctx, char *line) rc = gpgsm_delete (ctrl, list); free_strlist (list); - /* close and reset the fd */ - close_message_fd (ctrl); + /* close and reset the fp and the fds */ + close_message_fp (ctrl); assuan_close_input_fd (ctx); assuan_close_output_fd (ctx); @@ -867,19 +867,18 @@ static gpg_error_t cmd_message (assuan_context_t ctx, char *line) { int rc; - gnupg_fd_t sysfd; - int fd; + gnupg_fd_t fd; + estream_t fp; ctrl_t ctrl = assuan_get_pointer (ctx); - rc = assuan_command_parse_fd (ctx, line, &sysfd); + rc = assuan_command_parse_fd (ctx, line, &fd); if (rc) return rc; - - fd = translate_sys2libc_fd (sysfd, 0); - if (fd == -1) + fp = open_stream_nc (fd, "rb"); + if (!fp) return set_error (GPG_ERR_ASS_NO_INPUT, NULL); - ctrl->server_local->message_fd = fd; + ctrl->server_local->message_fp = fp; return 0; } @@ -1425,7 +1424,7 @@ gpgsm_server (certlist_t default_recplist) assuan_set_pointer (ctx, &ctrl); ctrl.server_local = xcalloc (1, sizeof *ctrl.server_local); ctrl.server_local->assuan_ctx = ctx; - ctrl.server_local->message_fd = -1; + ctrl.server_local->message_fp = NULL; ctrl.server_local->list_internal = 1; ctrl.server_local->list_external = 0; ctrl.server_local->default_recplist = default_recplist; diff --git a/sm/verify.c b/sm/verify.c index c7f4492ce..3d246d030 100644 --- a/sm/verify.c +++ b/sm/verify.c @@ -53,21 +53,12 @@ strtimestamp_r (ksba_isotime_t atime) /* Hash the data for a detached signature. Returns 0 on success. */ static gpg_error_t -hash_data (int fd, gcry_md_hd_t md) +hash_data (estream_t fp, gcry_md_hd_t md) { gpg_error_t err = 0; - estream_t fp; char buffer[4096]; int nread; - fp = es_fdopen_nc (fd, "rb"); - if (!fp) - { - err = gpg_error_from_syserror (); - log_error ("fdopen(%d) failed: %s\n", fd, gpg_strerror (err)); - return err; - } - do { nread = es_fread (buffer, 1, DIM(buffer), fp); @@ -77,20 +68,19 @@ hash_data (int fd, gcry_md_hd_t md) if (es_ferror (fp)) { err = gpg_error_from_syserror (); - log_error ("read error on fd %d: %s\n", fd, gpg_strerror (err)); + log_error ("read error on fp %p: %s\n", fp, gpg_strerror (err)); } - es_fclose (fp); return err; } -/* Perform a verify operation. To verify detached signatures, DATA_FD - must be different than -1. With OUT_FP given and a non-detached +/* Perform a verify operation. To verify detached signatures, DATA_FP + must be different than NULL. With OUT_FP given and a non-detached signature, the signed material is written to that stream. */ int -gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) +gpgsm_verify (ctrl_t ctrl, int in_fd, estream_t data_fp, estream_t out_fp) { int i, rc; gnupg_ksba_io_t b64reader = NULL; @@ -114,7 +104,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) /* Although we detect detached signatures during the parsing phase, * we need to know it earlier and thus accept the caller idea of * what to verify. */ - maybe_detached = (data_fd != -1); + maybe_detached = (data_fp != NULL); kh = keydb_new (ctrl); if (!kh) @@ -242,7 +232,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) } if (is_detached) { - if (data_fd == -1) + if (!data_fp) { log_info ("detached signature w/o data " "- assuming certs-only\n"); @@ -250,7 +240,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) } else audit_log_ok (ctrl->audit, AUDIT_DATA_HASHING, - hash_data (data_fd, data_md)); + hash_data (data_fp, data_md)); } else { @@ -275,7 +265,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) } } - if (data_fd != -1 && !is_detached) + if (data_fp && !is_detached) { log_error ("data given for a non-detached signature\n"); rc = gpg_error (GPG_ERR_CONFLICT); @@ -315,7 +305,7 @@ gpgsm_verify (ctrl_t ctrl, int in_fd, int data_fd, estream_t out_fp) rc = ksba_cms_get_issuer_serial (cms, signer, &issuer, &serial); if (!signer && gpg_err_code (rc) == GPG_ERR_NO_DATA - && data_fd == -1 && is_detached) + && !data_fp && is_detached) { log_info ("certs-only message accepted\n"); rc = 0; |