7 files changed, 42 insertions, 38 deletions
diff --git a/g10/ChangeLog b/g10/ChangeLog
index e1837bb19..121d57356 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,5 +1,15 @@
 2010-03-08  Werner Koch  <[email protected]>
 
+	* main.h: Include "estream.h"
+	* openfile.c (open_outfile): Replace dup/iobuf_fdopen by
+	iobuf_fdopen_nc.
+	* mainproc.c (proc_signature_packets_by_fd): Return error on
+	memory failure.
+	* plaintext.c (hash_datafile_by_fd): Ditto.
+	* verify.c (gpg_verify): Use iobuf_fdopen_nc.  Change OUT_FP to an
+	estream_t.
+	* server.c (cmd_verify): Do not dup the fds.
+
 	Use macros for iobuf_ioctl commands.
 
 2010-02-17  Werner Koch  <[email protected]>
@@ -23,7 +33,7 @@
 	* revoke.c (gen_desig_revoke): Ditto.
 	* skclist.c (release_sk_list): Ditto.
 	* keyedit.c (sign_uids): Ditto.
-	* misc.c (get_signature_count): Ditto. 
+	* misc.c (get_signature_count): Ditto.
 	* main.h (struct expand_args): s/sk/pksk/.  Change all users.
 
 	* keyedit.c (keyedit_passwd): Finish implementation.
diff --git a/g10/main.h b/g10/main.h
index 1d31f476d..f0f1edc7c 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -25,7 +25,7 @@
 #include "cipher.h"
 #include "keydb.h"
 #include "util.h"
-
+#include "../common/estream.h"
 
 /* It could be argued that the default cipher should be 3DES rather
    than CAST5, and the default compression should be 0
@@ -316,7 +316,7 @@ void print_card_key_info (FILE *fp, KBNODE keyblock);
 void print_file_status( int status, const char *name, int what );
 int verify_signatures( int nfiles, char **files );
 int verify_files( int nfiles, char **files );
-int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp);
+int gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp);
 
 /*-- decrypt.c --*/
 int decrypt_message( const char *filename );
diff --git a/g10/mainproc.c b/g10/mainproc.c
index 8707cd8c8..5d568474b 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -78,7 +78,7 @@ struct mainproc_context
     /* A list of filenames with the data files or NULL. This is only
        used if DATA_FD is -1. */
     strlist_t data_names;
-    /* Flag to indicated that either one of the next previous fieldss
+    /* Flag to indicated that either one of the next previous fields
        is used.  This is only needed for better readability. */
     int used;
   } signed_data;
@@ -1221,11 +1221,16 @@ proc_signature_packets( void *anchor, IOBUF a,
     return rc;
 }
 
+
 int
 proc_signature_packets_by_fd (void *anchor, IOBUF a, int signed_data_fd )
 {
   int rc;
-  CTX c = xcalloc (1, sizeof *c);
+  CTX c;
+
+  c = xtrycalloc (1, sizeof *c);
+  if (!c)
+    return gpg_error_from_syserror ();
 
   c->anchor = anchor;
   c->sigs_only = 1;
diff --git a/g10/openfile.c b/g10/openfile.c
index 4b7fe3600..b1cd294c1 100644
--- a/g10/openfile.c
+++ b/g10/openfile.c
@@ -1,6 +1,6 @@
 /* openfile.c
- * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004,
- *               2005, 2009 Free Software Foundation, Inc.
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2009,
+ *               2010 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -192,13 +192,8 @@ open_outfile (int inp_fd, const char *iname, int mode, iobuf_t *a)
   if (inp_fd != -1)
     {
       char xname[64];
-      int fd2;
       
-      fd2 = dup (inp_fd);
-      if (fd2 == -1)
-        *a = NULL;
-      else
-        *a = iobuf_fdopen (fd2, "wb");
+      *a = iobuf_fdopen_nc (inp_fd, "wb");
       if (!*a)
         {
           rc = gpg_error_from_syserror ();
diff --git a/g10/plaintext.c b/g10/plaintext.c
index d1ab92381..ee0d41357 100644
--- a/g10/plaintext.c
+++ b/g10/plaintext.c
@@ -1,6 +1,6 @@
 /* plaintext.c -  process plaintext packets
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
- *               2006, 2009 Free Software Foundation, Inc.
+ *               2006, 2009, 2010 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -651,13 +651,14 @@ hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
   progress_filter_context_t *pfx = new_progress_context ();
   iobuf_t fp;
 
-  fp = iobuf_fdopen (data_fd, "rb");
-  if (fp && is_secured_file (data_fd))
+  if (is_secured_file (data_fd))
     {
-      iobuf_close (fp);
       fp = NULL;
       errno = EPERM;
     }
+  else
+    fp = iobuf_fdopen_nc (data_fd, "rb");
+
   if (!fp)
     {
       int rc = gpg_error_from_syserror ();
diff --git a/g10/server.c b/g10/server.c
index 1be1ab3c2..3aca9b9de 100644
--- a/g10/server.c
+++ b/g10/server.c
@@ -400,7 +400,7 @@ cmd_verify (assuan_context_t ctx, char *line)
   ctrl_t ctrl = assuan_get_pointer (ctx);
   gnupg_fd_t fd = assuan_get_input_fd (ctx);
   gnupg_fd_t out_fd = assuan_get_output_fd (ctx);
-  FILE *out_fp = NULL;
+  estream_t out_fp = NULL;
 
   /* FIXME: Revamp this code it is nearly to 3 years old and was only
      intended as a quick test.  */
@@ -412,23 +412,17 @@ cmd_verify (assuan_context_t ctx, char *line)
 
   if (out_fd != GNUPG_INVALID_FD)
     {
-      out_fp = fdopen ( dup (FD2INT (out_fd)), "w");
+      out_fp = es_fdopen_nc (out_fd, "w");
       if (!out_fp)
-        return set_error (GPG_ERR_ASS_GENERAL, "fdopen() failed");
+        return set_error (gpg_err_code_from_syserror (), "fdopen() failed");
     }
 
   log_debug ("WARNING: The server mode is WORK "
              "iN PROGRESS and not ready for use\n");
 
-  /* Need to dup it because it might get closed and libassuan won't
-     know about it then. */
-  rc = gpg_verify (ctrl,
-                   dup ( FD2INT (fd)), 
-                   dup ( FD2INT (ctrl->server_local->message_fd)),
-                   out_fp);
+  rc = gpg_verify (ctrl, fd, ctrl->server_local->message_fd, out_fp);
 
-  if (out_fp)
-    fclose (out_fp);
+  es_fclose (out_fp);
   close_message_fd (ctrl);
   assuan_close_input_fd (ctx);
   assuan_close_output_fd (ctx);
diff --git a/g10/verify.c b/g10/verify.c
index 9ca5591bc..253a5920b 100644
--- a/g10/verify.c
+++ b/g10/verify.c
@@ -1,6 +1,6 @@
 /* verify.c - Verify signed data
  * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2004, 2005, 2006,
- *               2007 Free Software Foundation, Inc.
+ *               2007, 2010 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -39,7 +39,6 @@
 #include "i18n.h"
 
 
-
 /****************
  * Assume that the input is a signature and verify it without
  * generating any output.  With no arguments, the signature packet
@@ -231,7 +230,7 @@ verify_files( int nfiles, char **files )
    FIXME: OUTFP is not yet implemented.
 */
 int
-gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp)
+gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, estream_t out_fp)
 {
   int rc;
   iobuf_t fp;
@@ -241,13 +240,14 @@ gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp)
   (void)ctrl;
   (void)out_fp;
 
-  fp = iobuf_fdopen (sig_fd, "rb");
-  if (fp && is_secured_file (sig_fd))
+  if (is_secured_file (sig_fd))
     {
       fp = NULL;
-      errno = EPERM;
+      gpg_err_set_errno (EPERM);
     }
-  if ( !fp )
+  else
+    fp = iobuf_fdopen_nc (sig_fd, "rb");
+  if (!fp)
     {
       rc = gpg_error_from_syserror ();
       log_error (_("can't open fd %d: %s\n"), sig_fd, strerror (errno));
@@ -262,15 +262,14 @@ gpg_verify (ctrl_t ctrl, int sig_fd, int data_fd, FILE *out_fp)
       push_armor_filter (afx, fp);
     }
 
-  rc = proc_signature_packets_by_fd ( NULL, fp, data_fd );
+  rc = proc_signature_packets_by_fd (NULL, fp, data_fd);
 
   if ( afx && afx->no_openpgp_data
        && (rc == -1 || gpg_err_code (rc) == GPG_ERR_EOF) )
     rc = gpg_error (GPG_ERR_NO_DATA);
 
  leave:  
-  if (fp)
-    iobuf_close (fp);
+  iobuf_close (fp);
   release_progress_context (pfx);
   release_armor_context (afx);
   return rc;