trans: add transparent GnuPG translatorjustus/gpg-0

* trans/Makefile: Add new file.
* trans/gpg.c: New file.
* utils/Makefile: Add new file.
* utils/gpg-env.sh: New file.

2 files changed, 125 insertions, 3 deletions

diff --git a/utils/Makefile b/utils/Makefile
index d2ef9e86..aa6ff348 100644
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -22,16 +22,16 @@ targets = shd ps settrans showtrans syncfs fsysopts \
 	storeinfo login w uptime ids loginpr sush vmstat portinfo \
 	devprobe vminfo addauth rmauth unsu setauth ftpcp ftpdir storecat \
 	storeread msgport rpctrace mount gcore fakeauth fakeroot remap \
-	umount nullauth rpcscan vmallocate
+	umount nullauth rpcscan vmallocate gpg-env
 
-special-targets = loginpr sush uptime fakeroot remap
+special-targets = loginpr sush uptime fakeroot remap gpg-env
 SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
 	fsysopts.c storeinfo.c login.c loginpr.sh sush.sh w.c \
 	uptime.sh psout.c ids.c vmstat.c portinfo.c devprobe.c vminfo.c \
 	parse.c frobauth.c frobauth-mod.c setauth.c pids.c nonsugid.c \
 	unsu.c ftpcp.c ftpdir.c storeread.c storecat.c msgport.c \
 	rpctrace.c mount.c gcore.c fakeauth.c fakeroot.sh remap.sh \
-	nullauth.c match-options.c msgids.c rpcscan.c
+	nullauth.c match-options.c msgids.c rpcscan.c gpg-env.sh
 
 OBJS = $(filter-out %.sh,$(SRCS:.c=.o))
 HURDLIBS = ps ihash store fshelp ports ftpconn shouldbeinlibc
diff --git a/utils/gpg-env.sh b/utils/gpg-env.sh
new file mode 100644
index 00000000..cd3c9d5d
--- /dev/null
+++ b/utils/gpg-env.sh
@@ -0,0 +1,122 @@
+#!/bin/sh
+# Execute a command in an environment which encrypts, decrypts, and
+# verifies files on demand.
+#
+# Copyright (C) 2016 Free Software Foundation, Inc.
+#
+# This file is part of the GNU Hurd.
+#
+# The GNU Hurd is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2, or (at
+# your option) any later version.
+#
+# The GNU Hurd is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+
+USAGE="Usage:
+    [gpg-env] encrypt for RECIPIENT [RECIPIENT...] -- [OPTION...] [COMMAND...]
+    [gpg-env] encrypt with password                   [OPTION...] [COMMAND...]
+    [gpg-env] decrypt                                 [OPTION...] [COMMAND...]
+    [gpg-env] decrypt with password                   [OPTION...] [COMMAND...]
+    [gpg-env] verify                                  [OPTION...] [COMMAND...]"
+DOC="Execute COMMAND in an environment where files are automatically
+encrypted, decrypted and verified."
+
+help()
+{
+    [ "$1" ] && echo "$1
+"
+    echo "$USAGE"
+    echo ""
+    echo "$DOC"
+    echo ""
+    echo "  -?, --help                 Give this help list"
+    echo "      --usage                Give a short usage message"
+    echo "  -V, --version              Print program version"
+    [ "$1" ] && exit 1 || exit 0
+}
+
+if [ "$(basename $0)" = "gpg-env.sh" ] \
+   || [ "$(basename $0)" = "gpg-env" ]; then
+    ACTION="$1"
+    if [ ! "$ACTION" ]; then
+	help "No action given."
+    fi
+    shift
+else
+    ACTION="$(basename $0)"
+fi
+
+case "$ACTION" in
+    "encrypt") ;;
+    "decrypt") ;;
+    "verify") ;;
+    *)
+	help "Invalid action '$ACTION'."
+esac
+
+ENCRYPT=""
+if [ "$ACTION" = "encrypt" ]; then
+    if [ "$1" = "with" ] && [ "$2" = "password" ]; then
+	ENCRYPT="--symmetric"
+	shift 2
+    elif [ "$1" = "for" ]; then
+	shift
+	while [ "$#" -gt 0 ] && [ "x$1" != "x--" ]; do
+	    ENCRYPT="$ENCRYPT --recipient $1"
+	    shift
+	done
+	if [ "$ENCRYPT" = "" ]; then
+	    echo "No recipients given."
+	    exit 1
+	fi
+	if [ "x$1" = "x--" ]; then
+	    shift
+	elif [ "$#" -eq 0 ]; then
+	    # it's ok if there are no more arguments
+	    :
+	else
+	    echo "Recipient list must be terminated using '--'."
+	    exit 1
+	fi
+    fi
+fi
+
+while [ "$#" -gt 0 ]; do
+  case "$1" in
+    --help|"-?")
+      help
+      ;;
+    --usage)
+      echo "$USAGE"
+      echo "Options: [-V?] [--help] [--usage] [--version]"
+      exit 0;;
+    --version|-V)
+      echo "STANDARD_HURD_VERSION_gpg-env_"; exit 0;;
+    --)
+      shift
+      break
+      ;;
+    *)
+      break
+  esac
+done
+
+if [ $# -eq 0 ]; then
+  set -- ${SHELL:-/bin/sh}
+fi
+
+# We exec settrans, which execs the target command in the chroot
+# context provided by /hurd/gpg.
+exec /bin/settrans \
+     --chroot-chdir "$PWD" \
+     --chroot "$@" -- \
+     / /hurd/gpg $ENCRYPT