1 files changed, 49 insertions, 5 deletions

diff --git a/src/main.c b/src/main.c
index 5a500ec..51d84e1 100644
--- a/src/main.c
+++ b/src/main.c
@@ -115,6 +115,40 @@ static void copy_file(const char *in, const char *out)
 	close(out_fd);
 }
 
+/* Like copy_file, but OUT is an encrypted version of IN. Encryption is done
+ * using GPG. */
+static void copy_and_encrypt_file(const char *in, const char *out)
+{
+	int rc = fork();
+	if (rc == 0) {
+		execlp("gpg",
+		       "gpg",
+		       "--output", out,
+		       /* do not ask for overwriting files, maybe dangerous if
+			* GPG asks security questions  */
+		       "--yes",
+		       "--encrypt", in,
+		       NULL);
+		fprintf(stderr, "exec: gpg:");
+		perror("");
+		exit(EXIT_FAILURE);
+	}
+	else if (rc > 0) {
+		int status;
+		wait(&status);
+		if (!(WIFEXITED(status) && WEXITSTATUS(status) == 0)) {
+			fprintf(stderr,
+				"ftag file add: "
+				"child process exited abnormally\n");
+			exit(EXIT_FAILURE);
+		}
+	}
+	else {
+		perror("fork");
+		exit(EXIT_FAILURE);
+	}
+}
+
 /* Prompt the user for yes or no (default is yes). Before calling, a prompt
  * should be printed to stdout, eventually not with an ending newline. */
 static int prompt_yes_no(void)
@@ -473,7 +507,7 @@ static void canonicalize(char *out, const char *in)
 
 /* Add a new file to the databse, prompting the user for needed information. */
 static void
-ftag_add_one_file(sqlite3 *db, int *next_id, const char *file, uint32_t file_sum)
+ftag_add_one_file(sqlite3 *db, int *next_id, const char *file, uint32_t file_sum, int encrypt)
 {
 	char sql[2048];
 	int rc;
@@ -576,9 +610,14 @@ ftag_add_one_file(sqlite3 *db, int *next_id, const char *file, uint32_t file_sum
 	(*next_id)++;
 
 	char new_path[512];
-	memset(new_path, 0, sizeof(new_path));
-	strbuild(new_path, "%s/files/%s", FTAG_ROOT, canonical_name);
-	copy_file(file, new_path);
+	if (encrypt) {
+		strbuild(new_path, "%s/files/%s.gpg", FTAG_ROOT, canonical_name);
+		copy_and_encrypt_file(file, new_path);
+	}
+	else {
+		strbuild(new_path, "%s/files/%s", FTAG_ROOT, canonical_name);
+		copy_file(file, new_path);
+	}
 
 	free(date_str);
 	free(full_name);
@@ -596,6 +635,7 @@ static void ftag_file_add_help(void)
 	ftag_file_add_usage();
 	puts("Add files to the database. Non-files arguments are ignored.");
 	puts("Available options (all options must precede arguments):");
+	puts("  -c  clear, do not encrypt file");
 	puts("  -f  force, do not search for duplicates");
 	puts("  -h  print help message");
 	puts("  -i  interactive, for each file, ask before adding it to the database");
@@ -635,8 +675,12 @@ static void ftag_file_add(int argc, char **argv)
 	}
 	int interactive = 0;
 	int eliminate_duplicates = 1;
+	int encrypt = 1;
 	while ((argc > 0) && (argv[0][0] == '-')) {
 		switch (argv[0][1]) {
+		case 'c':
+			encrypt = 0;
+			break;
 		case 'f':
 			eliminate_duplicates = 0;
 			break;
@@ -732,7 +776,7 @@ step4:
 			if (!prompt_yes_no())
 				continue;
 		}
-		ftag_add_one_file(db, &next_id, file, sums[i]);
+		ftag_add_one_file(db, &next_id, file, sums[i], encrypt);
 		next_id++;
 	}
 	free(sums);