naChoZ has asked for the wisdom of the Perl Monks concerning the following question:

Wondering if anyone could take a look at this. I had decryption working fine, but couldn't get encryption to work. I upgraded to the newest version of GnuPG::Interface. I finally managed to get encryption working not long after, however, the next time I checked, decryption is now broken. Now they're both broken... ARG

When I decrypt, it says "Broken pipe" and when I try to encrypt, it creates a file but never writes to it, with no errors displayed

The script: 

#!/usr/bin/perl -wT

# {{{ info
# 
# putmpw.pl
#
# Created: 2003-05-29 by Andy Harrison <ajharrison@gwi.net>
#
# putmpw.pl will reside on each server in the system for the purpose o
+f 
# syncing the master.passwd file
# 
# Usage: putmpw.pl --source # use when running on the source server
#        putmpw.pl --target # use when running on the target server
#
# $Id: putmpw.pl,v 1.6 2003/06/02 17:54:47 ajharrison Exp $
#
# }}}

# {{{ args
$|++;

use Data::Dumper;
use vars qw( $opt_source $opt_target $opt_v );
use Getopt::Long;

GetOptions ( 
    'source'    => \$opt_source, 
    'target'    => \$opt_target, 
    'v!'        => \$opt_v 
);

unless ( $opt_source || $opt_target ) {
    die "Arguments:\n\n
        Required:\n
            --source # use when running on the source server\n
            --target # use when running on the target server\n
        Optional:\n
            -v verbose\n
    ";
} else {

# }}}

    # {{{ modules/vars/handles

    use IO::Handle;
    use GnuPG::Interface;
    use IO::File;

    my $mpw = "master.passwd";
    my $gpgmpw = "/root/master.passwd.asc";

    # }}}

# {{{ main


    if ( $opt_target ) {
    
        # {{{ decrypt


        my $gnupg = GnuPG::Interface->new();
        $gnupg->options->hash_init( armor   => 1, homedir => '/root/.g
+nupg' );

        # Note you can set the recipients even if you aren't encryptin
+g!

        $gnupg->options->push_recipients( 'root@diesel.gwi' );
        $gnupg->options->meta_interactive( 0 );

        # This time we'll catch the standard error for our perusing
        # as well as passing in the passphrase manually
        # as well as the status information given by GnuPG

        my ( $input, $output, $error, $passphrase_fh, $status_fh ) = 
            (
                IO::Handle->new(),
                IO::Handle->new(),
                IO::Handle->new(),
                IO::Handle->new(),
                IO::Handle->new(),
            );


        my $handles = GnuPG::Handles->new( 
            stdin      => $input,
            stdout     => $output,
            stderr     => $error,
            passphrase => $passphrase_fh,
            status     => $status_fh,
        );

        my $cipher_file = IO::File->new( "$gpgmpw" ) || 
            die "\n\nUnable to open encrypted master.passwd file.  $!\
+n";

        # this sets up the communication

        my $pid = $gnupg->decrypt( handles => $handles );

        # This passes in the passphrase, which is blank to use an empt
+y
        # passphrase.  Not the best idea, but you still can't extract 
+the file
        # without access to the secret key in /root/.gnupg/

        print $passphrase_fh "";
        close $passphrase_fh;

        # this passes in the plaintext

        print "----step1\n\n\n";
        print $input $_ while <$cipher_file>;
        print "----step2\n\n\n";

        # this closes the communication channel, indicating we are don
+e
        close $input;
        close $cipher_file;

        my @plaintext    = <$output>;       # reading the output
        my @error_output = <$error>;        # reading the error
        my @status_info  = <$status_fh>;    # read the status info

        if ( $opt_v ) {

            # display the decrypted contents on screen

            print "--------- begin decrypted file ----------\n\n",
            @plaintext,
            "----------- end decrypted file ---------\n\n";
            print @error_output;
            print @status_info;

        }


        print "writing decrypted master.passwd file...  ";
        print $dec_mpw @plaintext || die "Unsuccessful\n\n";
        print "Successful\n\n";

        # clean up...

        close $output;
        close $error;
        close $status_fh;
        close $dec_mpw; 

        waitpid $pid, 0;  # clean up the finished GnuPG process

    # }}}

    } elsif ( $opt_source ) {
        
        # {{{ encrypt

        my $encrypted_file = IO::File->new( ">$gpgmpw" ) || 
            die "\n\nUnable to open encrypted master.

[download]

Any suggestions?

~~
naChoZ

Replies are listed 'Best First'.
Re: GnuPG::Interface
by naChoZ (Curate) on Jul 03, 2003 at 18:53 UTC
    Oop, just noticed that the cut and paste didn't get everything...

    Here's the rest...

    Read more... (3 kB)
[reply]
[d/l]
Re: GnuPG::Interface
by bobn (Chaplain) on Jul 04, 2003 at 18:31 UTC
    On my system, running with the -v switch produces: 
    Insecure $ENV{PATH} while running with -T switch at /usr/lib/perl5/sit
+e_perl/5.8.0/GnuPG/Interface.pm line 322.

    [download]
    On my system, gpg is in /usr/bin, so 
    $ENV{PATH} = '/usr/bin';

    [download]
    gets past this.

    --Bob Niederman, http://bob-n.com
[reply]
[d/l]
[select]
Re: GnuPG::Interface (solved)
by naChoZ (Curate) on Jul 07, 2003 at 19:57 UTC
    For possible future interested Super Searchers, here is the working version:
    Read more... (6 kB)
[reply]
[d/l]

Back to Seekers of Perl Wisdom