"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "util/gpgmeutils.c" between
gvm-libs-11.0.0.tar.gz and gvm-libs-11.0.1.tar.gz

About: GVM Libraries for the Greenbone Vulnerability Management (GVM-10) framework (derived from the former openvas-libraries).

gpgmeutils.c  (gvm-libs-11.0.0):gpgmeutils.c  (gvm-libs-11.0.1)
skipping to change at line 362 skipping to change at line 362
if (recipient_found) if (recipient_found)
return key; return key;
else else
{ {
g_warning ("%s: No suitable key found for %s", __FUNCTION__, uid_email); g_warning ("%s: No suitable key found for %s", __FUNCTION__, uid_email);
return NULL; return NULL;
} }
} }
/** /**
* @brief Wrapper for fread for use as a GPGME callback.
*
* @param[in] handle The file handle.
* @param[out] buffer The data buffer to read data into.
* @param[in] size The size of the buffer.
*
* @return The number of bytes read or -1 on error.
*/
static ssize_t
gvm_gpgme_fread (void *handle, void *buffer, size_t size)
{
int ret;
FILE *file = (FILE *)handle;
ret = fread (buffer, 1, size, file);
if (ferror (file))
return -1;
return ret;
}
/**
* @brief Wrapper for fread for use as a GPGME callback.
*
* @param[in] handle The file handle.
* @param[in] buffer The data buffer to read data into.
* @param[in] size The amount of buffered data.
*
* @return The number of bytes written or -1 on error.
*/
static ssize_t
gvm_gpgme_fwrite (void *handle, const void *buffer, size_t size)
{
int ret;
FILE *file = (FILE *)handle;
ret = fwrite (buffer, 1, size, file);
if (ferror (file))
return -1;
return ret;
}
/**
* @brief Adds a trust list of all current certificates to a GPG homedir.
*
* This will overwrite the existing trustlist, so it should only be used for
* temporary, automatically generated GPG home directories.
*
* TODO: This should use or be replaced by a trust model inside GVM.
*
* @param[in] ctx The GPGME context to get the keys from.
* @param[in] homedir The directory to write the trust list file to.
*
* @return 0 success, -1 error.
*/
static int
create_all_certificates_trustlist (gpgme_ctx_t ctx, const char *homedir)
{
gpgme_key_t key;
gchar *trustlist_filename;
GString *trustlist_content;
GError *g_err;
g_err = NULL;
gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_CANCEL);
trustlist_filename = g_build_filename (homedir,
"trustlist.txt",
NULL);
trustlist_content = g_string_new ("");
gpgme_op_keylist_start (ctx, NULL, 0);
gpgme_op_keylist_next (ctx, &key);
while (key)
{
g_string_append_printf (trustlist_content, "%s S\n", key->fpr);
gpgme_op_keylist_next (ctx, &key);
}
if (g_file_set_contents (trustlist_filename,
trustlist_content->str,
trustlist_content->len,
&g_err) == FALSE)
{
g_warning ("%s: Could not write trust list: %s",
__func__, g_err->message);
g_free (trustlist_filename);
g_string_free (trustlist_content, TRUE);
return -1;
}
g_free (trustlist_filename);
g_string_free (trustlist_content, TRUE);
return 0;
}
/**
* @brief Encrypt a stream for a PGP public key, writing to another stream. * @brief Encrypt a stream for a PGP public key, writing to another stream.
* *
* The output will use ASCII armor mode and no compression. * The output will use ASCII armor mode and no compression.
* *
* @param[in] plain_file Stream / FILE* providing the plain text. * @param[in] plain_file Stream / FILE* providing the plain text.
* @param[in] encrypted_file Stream to write the encrypted text to. * @param[in] encrypted_file Stream to write the encrypted text to.
* @param[in] key_str String containing the public key or certificate. * @param[in] key_str String containing the public key or certificate.
* @param[in] key_len Length of key / certificate, -1 to use strlen. * @param[in] key_len Length of key / certificate, -1 to use strlen.
* @param[in] uid_email Email address of key / certificate to use. * @param[in] uid_email Email address of key / certificate to use.
* @param[in] protocol The protocol to use, e.g. OpenPGP or CMS. * @param[in] protocol The protocol to use, e.g. OpenPGP or CMS.
skipping to change at line 390 skipping to change at line 488
GArray* key_types) GArray* key_types)
{ {
char gpg_temp_dir[] = "/tmp/gvmd-gpg-XXXXXX"; char gpg_temp_dir[] = "/tmp/gvmd-gpg-XXXXXX";
gpgme_ctx_t ctx; gpgme_ctx_t ctx;
gpgme_data_t plain_data, encrypted_data; gpgme_data_t plain_data, encrypted_data;
gpgme_key_t key; gpgme_key_t key;
gpgme_key_t keys[2] = {NULL, NULL}; gpgme_key_t keys[2] = {NULL, NULL};
gpgme_error_t err; gpgme_error_t err;
gpgme_encrypt_flags_t encrypt_flags; gpgme_encrypt_flags_t encrypt_flags;
const char *key_type_str; const char *key_type_str;
struct gpgme_data_cbs callbacks;
if (uid_email == NULL || strcmp (uid_email, "") == 0) if (uid_email == NULL || strcmp (uid_email, "") == 0)
{ {
g_warning ("%s: No email address for user identification given", g_warning ("%s: No email address for user identification given",
__FUNCTION__); __FUNCTION__);
return -1; return -1;
} }
if (protocol == GPGME_PROTOCOL_CMS) if (protocol == GPGME_PROTOCOL_CMS)
key_type_str = "certificate"; key_type_str = "certificate";
skipping to change at line 444 skipping to change at line 543
g_warning ("%s: Could not find %s for encryption", __FUNCTION__, g_warning ("%s: Could not find %s for encryption", __FUNCTION__,
key_type_str); key_type_str);
gpgme_release (ctx); gpgme_release (ctx);
gvm_file_remove_recurse (gpg_temp_dir); gvm_file_remove_recurse (gpg_temp_dir);
return -1; return -1;
} }
keys[0] = key; keys[0] = key;
// Set up data objects for input and output streams // Set up data objects for input and output streams
gpgme_data_new_from_stream (&plain_data, plain_file); gpgme_data_new_from_stream (&plain_data, plain_file);
gpgme_data_new_from_stream (&encrypted_data, encrypted_file);
/* Create a GPGME data buffer with custom read and write functions.
*
* This is neccessary as gpgme_data_new_from_stream may cause problems
* when trying to write to the stream after some operations. */
memset (&callbacks, 0, sizeof (callbacks));
callbacks.read = gvm_gpgme_fread;
callbacks.write = gvm_gpgme_fwrite;
gpgme_data_new_from_cbs (&encrypted_data, &callbacks, encrypted_file);
if (protocol == GPGME_PROTOCOL_CMS) if (protocol == GPGME_PROTOCOL_CMS)
gpgme_data_set_encoding (encrypted_data, GPGME_DATA_ENCODING_BASE64); {
gpgme_data_set_encoding (encrypted_data, GPGME_DATA_ENCODING_BASE64);
if (create_all_certificates_trustlist (ctx, gpg_temp_dir))
{
gpgme_data_release (plain_data);
gpgme_data_release (encrypted_data);
gpgme_release (ctx);
gvm_file_remove_recurse (gpg_temp_dir);
return -1;
}
}
// Encrypt data // Encrypt data
err = gpgme_op_encrypt (ctx, keys, encrypt_flags, plain_data, encrypted_data); err = gpgme_op_encrypt (ctx, keys, encrypt_flags, plain_data, encrypted_data);
if (err) if (err)
{ {
g_warning ("%s: Encryption failed: %s", __FUNCTION__, g_warning ("%s: Encryption failed: %s", __FUNCTION__,
gpgme_strerror (err)); gpgme_strerror (err));
gpgme_data_release (plain_data); gpgme_data_release (plain_data);
gpgme_data_release (encrypted_data); gpgme_data_release (encrypted_data);
 End of changes. 4 change blocks. 
2 lines changed or deleted 120 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)