Updated to latest safefile lib - fixed up caller sites.

go.mod

@@ -5,16 +5,17 @@ go 1.21.1
 require (
 	github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a
 	github.com/opencoff/go-mmap v0.1.2
-	github.com/opencoff/go-utils v0.9.0
+	github.com/opencoff/go-utils v0.9.3
 	github.com/opencoff/pflag v1.0.6-sh1
-	golang.org/x/crypto v0.17.0
-	google.golang.org/protobuf v1.32.0
+	golang.org/x/crypto v0.21.0
+	google.golang.org/protobuf v1.33.0
 	gopkg.in/yaml.v2 v2.4.0
 )
 
 require (
-	golang.org/x/sys v0.16.0 // indirect
-	golang.org/x/term v0.15.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/term v0.18.0 // indirect
 )
 
 //replace github.com/opencoff/go-mmap => ../go-mmap
+//replace github.com/opencoff/go-utils => ../go-utils

go.sum

@@ -4,20 +4,20 @@ github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/opencoff/go-mmap v0.1.2 h1:2yrYleq0x9cBruDRTafs7GZt4tCYmsUlvyN77HnY9hA=
 github.com/opencoff/go-mmap v0.1.2/go.mod h1:+UjRnKQ3l5dLqSNAczz7zKI8LJ7mBhJhaSqU4S91tFs=
-github.com/opencoff/go-utils v0.9.0 h1:qJcRsjLHADmej3/BkH6cLX3pxapLwHf9uSN0E7vvZf4=
-github.com/opencoff/go-utils v0.9.0/go.mod h1:IHjYSeM+bOKhCD2rBEba4/0C7Apko+KZKKyFgDF43Sc=
+github.com/opencoff/go-utils v0.9.3 h1:Gdx1uB6QZ9/8FNU4h+94xGJ+onu8bQLRE4gyKRrrDD8=
+github.com/opencoff/go-utils v0.9.3/go.mod h1:nNx572v21m3AkY9JomSXUG8iruY56Fm2zceNKNJDJaU=
 github.com/opencoff/pflag v1.0.6-sh1 h1:6RO8GgnpH928yu6earGDD01FnFT//bDJ1hCovcVVqY4=
 github.com/opencoff/pflag v1.0.6-sh1/go.mod h1:2bXtpAD/5h/2LarkbsRwiUxqnvB1nZBzn9Xjad1P41A=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
-golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=

sign/iomisc.go

@@ -26,11 +26,19 @@ import (
 // Does MORE than ioutil.WriteFile() - in that it doesn't trash the
 // existing file with an incomplete write.
 func writeFile(fn string, b []byte, ovwrite bool, mode uint32) error {
-	sf, err := utils.NewSafeFile(fn, ovwrite, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode))
+	var opts uint32
+	if ovwrite {
+		opts |= utils.OPT_OVERWRITE
+	}
+	sf, err := utils.NewSafeFile(fn, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode))
 	if err != nil {
 		return err
 	}
-	sf.Write(b)
+	defer sf.Abort()
+	if _, err = sf.Write(b); err != nil {
+		return err
+	}
+
 	return sf.Close()
 }
 

src/crypt.go

@@ -140,7 +140,11 @@ func encrypt(args []string) {
 			mode = ist.Mode()
 		}
 
-		sf, err := utils.NewSafeFile(outfile, force, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
+		var opts uint32
+		if force {
+			opts |= utils.OPT_OVERWRITE
+		}
+		sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
 		if err != nil {
 			Die("%s", err)
 		}
@@ -302,7 +306,11 @@ func decrypt(args []string) {
 			mode = ist.Mode()
 		}
 
-		sf, err := utils.NewSafeFile(outfile, force, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
+		var opts uint32
+		if force {
+			opts |= utils.OPT_OVERWRITE
+		}
+		sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode)
 		if err != nil {
 			Die("%s", err)
 		}

src/sign.go

@@ -68,7 +68,11 @@ Options:
 	var fd io.WriteCloser = os.Stdout
 
 	if outf != "-" {
-		sf, err := utils.NewSafeFile(outf, force, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644)
+		var opts uint32
+		if force {
+			opts |= utils.OPT_OVERWRITE
+		}
+		sf, err := utils.NewSafeFile(outf, opts, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644)
 		if err != nil {
 			Die("can't create sig file: %s", err)
 		}

tests.sh

@@ -80,9 +80,9 @@ $keygen -q -C 'ssk2@foo' -t ed25519 -f $ssk2 -N ""
 # extract the pk string
 spk1_str=$(cat $spk1 | awk '{ print $2 }')
 
-$bin s --no-password $ssk1 -o $sig $0 || die "can't sign with $ssk1"
-$bin v -q $spk1 $sig $0               || die "can't verify with $spk2"
-$bin v -q $spk1_str $sig $0               || die "can't verify with $spk2_str"
+$bin s --no-password $ssk1 -o $sig $0       || die "can't sign with $ssk1"
+$bin v -q $spk1 $sig $0                     || die "can't verify with $spk2"
+$bin v -q $spk1_str $sig $0                 || die "can't verify with $spk2_str"
 
 $bin e --no-password -o $encout $spk2 $0         || die "can't encrypt to $spk2 with $ssk1"
 $bin d --no-password -o $decout $ssk2 $encout    || die "can't decrypt with $ssk2"
@@ -101,9 +101,9 @@ pk_str=$(cat $pk | grep 'pk:' | sed -e 's/^pk: //g')
 pk2_str=$(cat $pk2 | grep 'pk:' | sed -e 's/^pk: //g')
 
 # sign and verify
-$bin s -E FOO $sk $0 -o $sig       || die "can't sign $0"
-$bin v -q $pk $sig $0              || die "can't verify signature of $0"
-$bin v -q $pk_str $sig $0              || die "can't verify signature of $0"
+$bin s -E FOO $sk $0 -o $sig            || die "can't sign $0"
+$bin v -q $pk $sig $0                   || die "can't verify signature of $0"
+$bin v -q $pk_str $sig $0               || die "can't verify signature of $0"
 $bin v -q $pk2 $sig $0 2>/dev/null && die "bad verification with wrong $pk2"
 $bin v -q $pk2_str $sig $0 2>/dev/null && die "bad verification with wrong $pk2"
 
@@ -115,7 +115,7 @@ cmp -s $decout $0                     || die "decrypted file mismatch with $0"
 # now with sender verification
 $bin e -E FOO --overwrite -o $encout -s $sk $pk2 $0      || die "can't sender-encrypt to $pk2"
 $bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2"
-cmp -s $decout $0                            || die "decrypted file mismatch with $0"
+cmp -s $decout $0                                        || die "decrypted file mismatch with $0"
 
 # Only delete if everything worked
 echo "$Z: All tests pass!"