Although gpg is in most cases used in a pipeline or via file descriptors, the classic use case of decrypting on the command line is still relevant. To avoid that a broken decrypted file lingers around on the disk it seems to be better to integrate the write-to-tmpfile-and-rename method in openfile.c and do the rename only after a good decryption.
Description
Description
Event Timeline
Comment Actions
Here is my idea to implement the feature:
(1) Extend struct iobuf_struct to have a field of temporary output (of int), just after real_fname.
- OUTPUTFILE: When it's 1, it means that a temporary output file generated with real_fname original suffix removed and appended .tmp
(2) Modify get_output_file in plaintext.c and make_outfile_name in openfile.c, so that OUTPUTFILE semantics above is used and the field in iobuf_struct is marked accordingly.
(3) Modify proc_encrypted in mainproc.c so that it can rename .tmp file to the OUTPUTFILE or it can remove it when failure, when the field is active.
Comment Actions
@ikloecker says that Kleo already support this feature. (I didn't know that.)
So, compatibility flag to switch on/off the feature would be needed,
or this feature is not needed in GnuPG at all.
Comment Actions
When --output option is used and the user uses temporary file and is ready for checking an error, that is, it's already prepared, it's redundant and useless, indeed.
The patch of mine above handles a particular (quite limited) case where:
(1) No --output option
(2) Input file is file.asc or file.gpg, and GnuPG deduces its output name file removing the extension
(3) In this particular use case (traditional/old one), it uses temporary filename and rename/remove the temporary file.
Comment Actions
The extension .part is used by Mozilla/Firefox. Curl uses .tmp. Is that OK for Windows machine to use .part?