Browse Source

Do not always erase the reconstructed file

Add a -k, --keep option to gfsec-use to allow the user to keep
the reconstructed file instead of removing it upon termination of
the command.

As a special case, we do not spawn a shell if no command to run is
specified and the file is to be kept.

Incenp-bug-id: 3
master
Damien Goutte-Gattat 5 years ago
parent
commit
c44a13f6d4
  1. 22
      src/gfsec-use.c

22
src/gfsec-use.c

@ -54,6 +54,8 @@ secret is destroyed when the command or the shell terminates.\n");
puts("\
-c, --config FILE Read configuration from the specified\n\
file.\n\
-k, --keep Do not remove the reconstructed file\n\
once the command terminates.\n\
-o, --output FILE Write reconstructed secret in the specified\n\
file (override configuration file).\n");
@ -150,7 +152,7 @@ get_share_data(gfsec_share_t *share)
int
main(int argc, char **argv)
{
int c;
int c, keep;
const char *cfg_file, *output_file;
char cfg_path[255];
gfsec_secret_t *cfg;
@ -161,14 +163,16 @@ main(int argc, char **argv)
{ "help", 0, NULL, 'h' },
{ "version", 0, NULL, 'v' },
{ "config", 1, NULL, 'c' },
{ "keep", 0, NULL, 'k' },
{ "output", 1, NULL, 'o' },
{ NULL, 0, NULL, 0 }
};
setprogname(argv[0]);
cfg_file = output_file = NULL;
keep = 0;
while ( (c = getopt_long(argc, argv, "hvc:o:", options, NULL)) != -1 ) {
while ( (c = getopt_long(argc, argv, "hvc:ko:", options, NULL)) != -1 ) {
switch ( c ) {
case 'h':
usage(EXIT_SUCCESS);
@ -186,6 +190,10 @@ main(int argc, char **argv)
cfg_file = optarg;
break;
case 'k':
keep = 1;
break;
case 'o':
output_file = optarg;
break;
@ -225,6 +233,13 @@ main(int argc, char **argv)
if ( write_file(output_file, cfg->data, cfg->len) == -1 )
err(EXIT_FAILURE, "Cannot write secret");
if ( keep && argc >= optind ) {
/* If we keep the file at the end and there is no command to
* execute, we can leave here, there is no need to fork. */
gfsec_secret_free(cfg);
exit(EXIT_SUCCESS);
}
if ( (pid = fork()) == -1 ) {
unlink(cfg->filename);
err(EXIT_FAILURE, "Cannot fork");
@ -252,7 +267,8 @@ main(int argc, char **argv)
err(EXIT_FAILURE, "Cannot exec");
}
else {
else if ( ! keep ) { /* No need to wait if we do not have to
remove the file at the end. */
int status;
if ( waitpid(pid, &status, 0) == -1 )

Loading…
Cancel
Save