summaryrefslogtreecommitdiffstats
path: root/g10/plaintext.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:14:06 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:14:06 +0000
commiteee068778cb28ecf3c14e1bf843a95547d72c42d (patch)
tree0e07b30ddc5ea579d682d5dbe57998200d1c9ab7 /g10/plaintext.c
parentInitial commit. (diff)
downloadgnupg2-upstream.tar.xz
gnupg2-upstream.zip
Adding upstream version 2.2.40.upstream/2.2.40upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'g10/plaintext.c')
-rw-r--r--g10/plaintext.c814
1 files changed, 814 insertions, 0 deletions
diff --git a/g10/plaintext.c b/g10/plaintext.c
new file mode 100644
index 0000000..3bc8696
--- /dev/null
+++ b/g10/plaintext.c
@@ -0,0 +1,814 @@
+/* plaintext.c - process plaintext packets
+ * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
+ * 2006, 2009, 2010 Free Software Foundation, Inc.
+ *
+ * This file is part of GnuPG.
+ *
+ * GnuPG is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuPG is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/types.h>
+#ifdef HAVE_DOSISH_SYSTEM
+# include <fcntl.h> /* for setmode() */
+#endif
+
+#include "gpg.h"
+#include "../common/util.h"
+#include "options.h"
+#include "packet.h"
+#include "../common/ttyio.h"
+#include "filter.h"
+#include "main.h"
+#include "../common/status.h"
+#include "../common/i18n.h"
+
+
+/* Get the output filename. On success, the actual filename that is
+ used is set in *FNAMEP and a filepointer is returned in *FP.
+
+ EMBEDDED_NAME AND EMBEDDED_NAMELEN are normally stored in a
+ plaintext packet. EMBEDDED_NAMELEN should not include any NUL
+ terminator (EMBEDDED_NAME does not need to be NUL terminated).
+
+ DATA is the iobuf containing the input data. We just use it to get
+ the input file's filename.
+
+ On success, the caller is responsible for calling xfree on *FNAMEP
+ and calling es_close on *FPP. */
+gpg_error_t
+get_output_file (const byte *embedded_name, int embedded_namelen,
+ iobuf_t data, char **fnamep, estream_t *fpp)
+{
+ gpg_error_t err = 0;
+ char *fname = NULL;
+ estream_t fp = NULL;
+ int nooutput = 0;
+
+ /* Create the filename as C string. */
+ if (opt.outfp)
+ {
+ fname = xtrystrdup ("[FP]");
+ if (!fname)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ }
+ else if (opt.outfile
+ && !(opt.flags.use_embedded_filename && opt.flags.dummy_outfile))
+ {
+ fname = xtrystrdup (opt.outfile);
+ if (!fname)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+ }
+ else if (embedded_namelen == 8 && !memcmp (embedded_name, "_CONSOLE", 8))
+ {
+ log_info (_("data not saved; use option \"--output\" to save it\n"));
+ nooutput = 1;
+ }
+ else if (!opt.flags.use_embedded_filename)
+ {
+ if (data)
+ fname = make_outfile_name (iobuf_get_real_fname (data));
+ if (!fname)
+ fname = ask_outfile_name (embedded_name, embedded_namelen);
+ if (!fname)
+ {
+ err = gpg_error (GPG_ERR_GENERAL); /* Can't create file. */
+ goto leave;
+ }
+ }
+ else
+ fname = utf8_to_native (embedded_name, embedded_namelen, 0);
+
+ if (nooutput)
+ ;
+ else if (opt.outfp)
+ {
+ fp = opt.outfp;
+ es_set_binary (fp);
+ }
+ else if (iobuf_is_pipe_filename (fname) || !*fname)
+ {
+ /* Special file name, no filename, or "-" given; write to the
+ * file descriptor or to stdout. */
+ int fd;
+ char xname[64];
+
+ fd = check_special_filename (fname, 1, 0);
+ if (fd == -1)
+ {
+ /* Not a special filename, thus we want stdout. */
+ fp = es_stdout;
+ es_set_binary (fp);
+ }
+ else if (!(fp = es_fdopen_nc (fd, "wb")))
+ {
+ err = gpg_error_from_syserror ();
+ snprintf (xname, sizeof xname, "[fd %d]", fd);
+ log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err));
+ goto leave;
+ }
+ }
+ else
+ {
+ while (!overwrite_filep (fname))
+ {
+ char *tmp = ask_outfile_name (NULL, 0);
+ if (!tmp || !*tmp)
+ {
+ xfree (tmp);
+ /* FIXME: Below used to be GPG_ERR_CREATE_FILE */
+ err = gpg_error (GPG_ERR_GENERAL);
+ goto leave;
+ }
+ xfree (fname);
+ fname = tmp;
+ }
+ }
+
+#ifndef __riscos__
+ if (opt.outfp && is_secured_file (es_fileno (opt.outfp)))
+ {
+ err = gpg_error (GPG_ERR_EPERM);
+ log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
+ goto leave;
+ }
+ else if (fp || nooutput)
+ ;
+ else if (is_secured_filename (fname))
+ {
+ gpg_err_set_errno (EPERM);
+ err = gpg_error_from_syserror ();
+ log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
+ goto leave;
+ }
+ else if (!(fp = es_fopen (fname, "wb")))
+ {
+ err = gpg_error_from_syserror ();
+ log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
+ goto leave;
+ }
+#else /* __riscos__ */
+ /* If no output filename was given, i.e. we constructed it, convert
+ all '.' in fname to '/' but not vice versa as we don't create
+ directories! */
+ if (!opt.outfile)
+ for (c = 0; fname[c]; ++c)
+ if (fname[c] == '.')
+ fname[c] = '/';
+
+ if (fp || nooutput)
+ ;
+ else
+ {
+ /* Note: riscos stuff is not expected to work anymore. If we
+ want to port it again to riscos we should do most of the suff
+ in estream. FIXME: Consider to remove all riscos special
+ cases. */
+ fp = gnupg_fopen (fname, "wb");
+ if (!fp)
+ {
+ log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
+ err = GPG_ERR_CREATE_FILE;
+ if (errno == 106)
+ log_info ("Do output file and input file have the same name?\n");
+ goto leave;
+ }
+
+ /* If there's a ,xxx extension in the embedded filename,
+ use that, else check whether the user input (in fname)
+ has a ,xxx appended, then use that in preference */
+ if ((c = riscos_get_filetype_from_string (embedded_name,
+ embedded_namelen)) != -1)
+ filetype = c;
+ if ((c = riscos_get_filetype_from_string (fname, strlen (fname))) != -1)
+ filetype = c;
+ riscos_set_filetype_by_number (fname, filetype);
+ }
+#endif /* __riscos__ */
+
+ leave:
+ if (err)
+ {
+ if (fp && fp != es_stdout && fp != opt.outfp)
+ es_fclose (fp);
+ xfree (fname);
+ return err;
+ }
+
+ *fnamep = fname;
+ *fpp = fp;
+ return 0;
+}
+
+/* Handle a plaintext packet. If MFX is not NULL, update the MDs
+ * Note: We should have used the filter stuff here, but we have to add
+ * some easy mimic to set a read limit, so we calculate only the bytes
+ * from the plaintext. */
+int
+handle_plaintext (PKT_plaintext * pt, md_filter_context_t * mfx,
+ int nooutput, int clearsig)
+{
+ char *fname = NULL;
+ estream_t fp = NULL;
+ static off_t count = 0;
+ int err = 0;
+ int c;
+ int convert;
+#ifdef __riscos__
+ int filetype = 0xfff;
+#endif
+
+ if (pt->mode == 't' || pt->mode == 'u' || pt->mode == 'm')
+ convert = pt->mode;
+ else
+ convert = 0;
+
+ /* Let people know what the plaintext info is. This allows the
+ receiving program to try and do something different based on the
+ format code (say, recode UTF-8 to local). */
+ if (!nooutput && is_status_enabled ())
+ {
+ char status[50];
+
+ /* Better make sure that stdout has been flushed in case the
+ output will be written to it. This is to make sure that no
+ not-yet-flushed stuff will be written after the plaintext
+ status message. */
+ es_fflush (es_stdout);
+
+ snprintf (status, sizeof status,
+ "%X %lu ", (byte) pt->mode, (ulong) pt->timestamp);
+ write_status_text_and_buffer (STATUS_PLAINTEXT,
+ status, pt->name, pt->namelen, 0);
+
+ if (!pt->is_partial)
+ {
+ snprintf (status, sizeof status, "%lu", (ulong) pt->len);
+ write_status_text (STATUS_PLAINTEXT_LENGTH, status);
+ }
+ }
+
+ if (! nooutput)
+ {
+ err = get_output_file (pt->name, pt->namelen, pt->buf, &fname, &fp);
+ if (err)
+ goto leave;
+ }
+
+ if (!pt->is_partial)
+ {
+ /* We have an actual length (which might be zero). */
+
+ if (clearsig)
+ {
+ log_error ("clearsig encountered while not expected\n");
+ err = gpg_error (GPG_ERR_UNEXPECTED);
+ goto leave;
+ }
+
+ if (convert) /* Text mode. */
+ {
+ for (; pt->len; pt->len--)
+ {
+ if ((c = iobuf_get (pt->buf)) == -1)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("problem reading source (%u bytes remaining)\n",
+ (unsigned) pt->len);
+ goto leave;
+ }
+ if (mfx->md)
+ gcry_md_putc (mfx->md, c);
+#ifndef HAVE_DOSISH_SYSTEM
+ /* Convert to native line ending. */
+ /* fixme: this hack might be too simple */
+ if (c == '\r' && convert != 'm')
+ continue;
+#endif
+ if (fp)
+ {
+ if (opt.max_output && (++count) > opt.max_output)
+ {
+ log_error ("error writing to '%s': %s\n",
+ fname, "exceeded --max-output limit\n");
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ goto leave;
+ }
+ else if (es_putc (c, fp) == EOF)
+ {
+ if (es_ferror (fp))
+ err = gpg_error_from_syserror ();
+ else
+ err = gpg_error (GPG_ERR_EOF);
+ log_error ("error writing to '%s': %s\n",
+ fname, gpg_strerror (err));
+ goto leave;
+ }
+ }
+ }
+ }
+ else /* Binary mode. */
+ {
+ byte *buffer = xmalloc (32768);
+ while (pt->len)
+ {
+ int len = pt->len > 32768 ? 32768 : pt->len;
+ len = iobuf_read (pt->buf, buffer, len);
+ if (len == -1)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("problem reading source (%u bytes remaining)\n",
+ (unsigned) pt->len);
+ xfree (buffer);
+ goto leave;
+ }
+ if (mfx->md)
+ gcry_md_write (mfx->md, buffer, len);
+ if (fp)
+ {
+ if (opt.max_output && (count += len) > opt.max_output)
+ {
+ log_error ("error writing to '%s': %s\n",
+ fname, "exceeded --max-output limit\n");
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ xfree (buffer);
+ goto leave;
+ }
+ else if (es_fwrite (buffer, 1, len, fp) != len)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error writing to '%s': %s\n",
+ fname, gpg_strerror (err));
+ xfree (buffer);
+ goto leave;
+ }
+ }
+ pt->len -= len;
+ }
+ xfree (buffer);
+ }
+ }
+ else if (!clearsig)
+ {
+ if (convert)
+ { /* text mode */
+ while ((c = iobuf_get (pt->buf)) != -1)
+ {
+ if (mfx->md)
+ gcry_md_putc (mfx->md, c);
+#ifndef HAVE_DOSISH_SYSTEM
+ if (c == '\r' && convert != 'm')
+ continue; /* fixme: this hack might be too simple */
+#endif
+ if (fp)
+ {
+ if (opt.max_output && (++count) > opt.max_output)
+ {
+ log_error ("Error writing to '%s': %s\n",
+ fname, "exceeded --max-output limit\n");
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ goto leave;
+ }
+ else if (es_putc (c, fp) == EOF)
+ {
+ if (es_ferror (fp))
+ err = gpg_error_from_syserror ();
+ else
+ err = gpg_error (GPG_ERR_EOF);
+ log_error ("error writing to '%s': %s\n",
+ fname, gpg_strerror (err));
+ goto leave;
+ }
+ }
+ }
+ }
+ else
+ { /* binary mode */
+ byte *buffer;
+ int eof_seen = 0;
+
+ buffer = xtrymalloc (32768);
+ if (!buffer)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
+
+ while (!eof_seen)
+ {
+ /* Why do we check for len < 32768:
+ * If we won't, we would practically read 2 EOFs but
+ * the first one has already popped the block_filter
+ * off and therefore we don't catch the boundary.
+ * So, always assume EOF if iobuf_read returns less bytes
+ * then requested */
+ int len = iobuf_read (pt->buf, buffer, 32768);
+ if (len == -1)
+ break;
+ if (len < 32768)
+ eof_seen = 1;
+ if (mfx->md)
+ gcry_md_write (mfx->md, buffer, len);
+ if (fp)
+ {
+ if (opt.max_output && (count += len) > opt.max_output)
+ {
+ log_error ("error writing to '%s': %s\n",
+ fname, "exceeded --max-output limit\n");
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ xfree (buffer);
+ goto leave;
+ }
+ else if (es_fwrite (buffer, 1, len, fp) != len)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error writing to '%s': %s\n",
+ fname, gpg_strerror (err));
+ xfree (buffer);
+ goto leave;
+ }
+ }
+ }
+ xfree (buffer);
+ }
+ pt->buf = NULL;
+ }
+ else /* Clear text signature - don't hash the last CR,LF. */
+ {
+ int state = 0;
+
+ while ((c = iobuf_get (pt->buf)) != -1)
+ {
+ if (fp)
+ {
+ if (opt.max_output && (++count) > opt.max_output)
+ {
+ log_error ("error writing to '%s': %s\n",
+ fname, "exceeded --max-output limit\n");
+ err = gpg_error (GPG_ERR_TOO_LARGE);
+ goto leave;
+ }
+ else if (es_putc (c, fp) == EOF)
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error writing to '%s': %s\n",
+ fname, gpg_strerror (err));
+ goto leave;
+ }
+ }
+ if (!mfx->md)
+ continue;
+ if (state == 2)
+ {
+ gcry_md_putc (mfx->md, '\r');
+ gcry_md_putc (mfx->md, '\n');
+ state = 0;
+ }
+ if (!state)
+ {
+ if (c == '\r')
+ state = 1;
+ else if (c == '\n')
+ state = 2;
+ else
+ gcry_md_putc (mfx->md, c);
+ }
+ else if (state == 1)
+ {
+ if (c == '\n')
+ state = 2;
+ else
+ {
+ gcry_md_putc (mfx->md, '\r');
+ if (c == '\r')
+ state = 1;
+ else
+ {
+ state = 0;
+ gcry_md_putc (mfx->md, c);
+ }
+ }
+ }
+ }
+ pt->buf = NULL;
+ }
+
+ if (fp && fp != es_stdout && fp != opt.outfp && es_fclose (fp))
+ {
+ err = gpg_error_from_syserror ();
+ log_error ("error closing '%s': %s\n", fname, gpg_strerror (err));
+ fp = NULL;
+ goto leave;
+ }
+ fp = NULL;
+
+ leave:
+ /* Make sure that stdout gets flushed after the plaintext has been
+ handled. This is for extra security as we do a flush anyway
+ before checking the signature. */
+ if (es_fflush (es_stdout))
+ {
+ /* We need to check the return code to detect errors like disk
+ full for short plaintexts. See bug#1207. Checking return
+ values is a good idea in any case. */
+ if (!err)
+ err = gpg_error_from_syserror ();
+ log_error ("error flushing '%s': %s\n", "[stdout]",
+ gpg_strerror (err));
+ }
+
+ if (fp && fp != es_stdout && fp != opt.outfp)
+ es_fclose (fp);
+ xfree (fname);
+ return err;
+}
+
+
+static void
+do_hash (gcry_md_hd_t md, gcry_md_hd_t md2, IOBUF fp, int textmode)
+{
+ text_filter_context_t tfx;
+ int c;
+
+ if (textmode)
+ {
+ memset (&tfx, 0, sizeof tfx);
+ iobuf_push_filter (fp, text_filter, &tfx);
+ }
+ if (md2)
+ { /* work around a strange behaviour in pgp2 */
+ /* It seems that at least PGP5 converts a single CR to a CR,LF too */
+ int lc = -1;
+ while ((c = iobuf_get (fp)) != -1)
+ {
+ if (c == '\n' && lc == '\r')
+ gcry_md_putc (md2, c);
+ else if (c == '\n')
+ {
+ gcry_md_putc (md2, '\r');
+ gcry_md_putc (md2, c);
+ }
+ else if (c != '\n' && lc == '\r')
+ {
+ gcry_md_putc (md2, '\n');
+ gcry_md_putc (md2, c);
+ }
+ else
+ gcry_md_putc (md2, c);
+
+ if (md)
+ gcry_md_putc (md, c);
+ lc = c;
+ }
+ }
+ else
+ {
+ while ((c = iobuf_get (fp)) != -1)
+ {
+ if (md)
+ gcry_md_putc (md, c);
+ }
+ }
+}
+
+
+/****************
+ * Ask for the detached datafile and calculate the digest from it.
+ * INFILE is the name of the input file.
+ */
+int
+ask_for_detached_datafile (gcry_md_hd_t md, gcry_md_hd_t md2,
+ const char *inname, int textmode)
+{
+ progress_filter_context_t *pfx;
+ char *answer = NULL;
+ IOBUF fp;
+ int rc = 0;
+
+ pfx = new_progress_context ();
+ fp = open_sigfile (inname, pfx); /* Open default file. */
+
+ if (!fp && !opt.batch)
+ {
+ int any = 0;
+ tty_printf (_("Detached signature.\n"));
+ do
+ {
+ char *name;
+
+ xfree (answer);
+ tty_enable_completion (NULL);
+ name = cpr_get ("detached_signature.filename",
+ _("Please enter name of data file: "));
+ tty_disable_completion ();
+ cpr_kill_prompt ();
+ answer = make_filename (name, (void *) NULL);
+ xfree (name);
+
+ if (any && !*answer)
+ {
+ rc = gpg_error (GPG_ERR_GENERAL); /*G10ERR_READ_FILE */
+ goto leave;
+ }
+ fp = iobuf_open (answer);
+ if (fp && is_secured_file (iobuf_get_fd (fp)))
+ {
+ iobuf_close (fp);
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ if (!fp && errno == ENOENT)
+ {
+ tty_printf ("No such file, try again or hit enter to quit.\n");
+ any++;
+ }
+ else if (!fp)
+ {
+ rc = gpg_error_from_syserror ();
+ log_error (_("can't open '%s': %s\n"), answer,
+ strerror (errno));
+ goto leave;
+ }
+ }
+ while (!fp);
+ }
+
+ if (!fp)
+ {
+ if (opt.verbose)
+ log_info (_("reading stdin ...\n"));
+ fp = iobuf_open (NULL);
+ log_assert (fp);
+ }
+ do_hash (md, md2, fp, textmode);
+ iobuf_close (fp);
+
+leave:
+ xfree (answer);
+ release_progress_context (pfx);
+ return rc;
+}
+
+
+
+/* Hash the given files and append the hash to hash contexts MD and
+ * MD2. If FILES is NULL, stdin is hashed. */
+int
+hash_datafiles (gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files,
+ const char *sigfilename, int textmode)
+{
+ progress_filter_context_t *pfx;
+ IOBUF fp;
+ strlist_t sl;
+
+ pfx = new_progress_context ();
+
+ if (!files)
+ {
+ /* Check whether we can open the signed material. We avoid
+ trying to open a file if run in batch mode. This assumed
+ data file for a sig file feature is just a convenience thing
+ for the command line and the user needs to read possible
+ warning messages. */
+ if (!opt.batch)
+ {
+ fp = open_sigfile (sigfilename, pfx);
+ if (fp)
+ {
+ do_hash (md, md2, fp, textmode);
+ iobuf_close (fp);
+ release_progress_context (pfx);
+ return 0;
+ }
+ }
+ log_error (_("no signed data\n"));
+ release_progress_context (pfx);
+ return gpg_error (GPG_ERR_NO_DATA);
+ }
+
+
+ for (sl = files; sl; sl = sl->next)
+ {
+ fp = iobuf_open (sl->d);
+ if (fp && is_secured_file (iobuf_get_fd (fp)))
+ {
+ iobuf_close (fp);
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ if (!fp)
+ {
+ int rc = gpg_error_from_syserror ();
+ log_error (_("can't open signed data '%s'\n"),
+ print_fname_stdin (sl->d));
+ release_progress_context (pfx);
+ return rc;
+ }
+ handle_progress (pfx, fp, sl->d);
+ do_hash (md, md2, fp, textmode);
+ iobuf_close (fp);
+ }
+
+ release_progress_context (pfx);
+ return 0;
+}
+
+
+/* Hash the data from file descriptor DATA_FD and append the hash to hash
+ contexts MD and MD2. */
+int
+hash_datafile_by_fd (gcry_md_hd_t md, gcry_md_hd_t md2, int data_fd,
+ int textmode)
+{
+ progress_filter_context_t *pfx = new_progress_context ();
+ iobuf_t fp;
+
+ if (is_secured_file (data_fd))
+ {
+ fp = NULL;
+ gpg_err_set_errno (EPERM);
+ }
+ else
+ fp = iobuf_fdopen_nc (data_fd, "rb");
+
+ if (!fp)
+ {
+ int rc = gpg_error_from_syserror ();
+ log_error (_("can't open signed data fd=%d: %s\n"),
+ data_fd, strerror (errno));
+ release_progress_context (pfx);
+ return rc;
+ }
+
+ handle_progress (pfx, fp, NULL);
+
+ do_hash (md, md2, fp, textmode);
+
+ iobuf_close (fp);
+
+ release_progress_context (pfx);
+ return 0;
+}
+
+
+/* Set up a plaintext packet with the appropriate filename. If there
+ is a --set-filename, use it (it's already UTF8). If there is a
+ regular filename, UTF8-ize it if necessary. If there is no
+ filenames at all, set the field empty. */
+
+PKT_plaintext *
+setup_plaintext_name (const char *filename, IOBUF iobuf)
+{
+ PKT_plaintext *pt;
+
+ if ((filename && !iobuf_is_pipe_filename (filename))
+ || (opt.set_filename && !iobuf_is_pipe_filename (opt.set_filename)))
+ {
+ char *s;
+
+ if (opt.set_filename)
+ s = make_basename (opt.set_filename, iobuf_get_real_fname (iobuf));
+ else if (filename && !opt.flags.utf8_filename)
+ {
+ char *tmp = native_to_utf8 (filename);
+ s = make_basename (tmp, iobuf_get_real_fname (iobuf));
+ xfree (tmp);
+ }
+ else
+ s = make_basename (filename, iobuf_get_real_fname (iobuf));
+
+ pt = xmalloc (sizeof *pt + strlen (s) - 1);
+ pt->namelen = strlen (s);
+ memcpy (pt->name, s, pt->namelen);
+ xfree (s);
+ }
+ else
+ {
+ /* no filename */
+ pt = xmalloc (sizeof *pt - 1);
+ pt->namelen = 0;
+ }
+
+ return pt;
+}