jaredj/glotawk - Change 6PBRWXF6AXYHYSCCVSKKBZJVS3Y4CS5JAKVMKV4G4I3TSCTXWP2AC

fail better when crypto key is not available

Created by jaredj on December 4, 2025

6PBRWXF6AXYHYSCCVSKKBZJVS3Y4CS5JAKVMKV4G4I3TSCTXWP2AC

Dependencies

In channels

main

Change contents

Replacement in dump.awk at line 30 [3.37838]

B:BD[3.38241] → [4.2397:2458]

function _dump(filename, append, main,   i, t, v, s, line) {

[3.38241]

[4.2458]

function _dump(filename, append, main,   i, t, v, s, line, errp) {

Replacement in dump.awk at line 66 [3.37838]

B:BD[2.4695] → [2.4695:4737]

            i = _encrypt_secret_string(i)

[2.4695]

[2.4737]

            errp[1] = 0
            i = _encrypt_secret_string(i, _nil(), 0, _nil(), _nil(), errp)
            # ^ since we passed in a nil list of handlers, if an error
            # happened, we have now aborted and are gone.
            #
            # dumping is supposed to save things, not destroy them. if
            # you've been working on an image for hours or days and
            # you dump it, you don't expect to lose everything
            # instantly because the dump crashed glotawk.
            #
            # but also dumping is supposed to dependably save
            # everything, not everything but a few things that didn't
            # work. If a dump is automated, an error message that
            # doesn't cause a failure exit may be entirely missed.

Replacement in eval.awk at line 576 [5.11057]

B:BD[2.5698] → [2.5698:5749]

            return _decrypt_encrypted_string(form)

[2.5698]

[5.16356]

            return _decrypt_encrypted_string(form, env, d+1, hdlrs, st, errp)

Replacement in printer.awk at line 56 [5.7981]
B:BD[2.8501] → [2.8501:8538]
```
    gsub(/[^a-zA-Z0-9\/+=]/, "_", s)
```
[2.8501]
[2.8538]
```
    gsub(/[^a-zA-Z0-9\/+= \n]/, "_", s)
```

Insertion in sane_lisp at line 272 [5.900]

[2.10362]

EXTRA_AWK_ARGS="-v KEY_FILE=._-NONEXISTENT-_." lisp_eval_should_be '(encrypt "foo")' '' 'cryptography without keyfile throws error' 87

Insertion in sane_lisp at line 313 [5.900]

[2.11987]

EXTRA_AWK_ARGS="-v KEY_FILE=._-NONEXISTENT-_." lisp_eval_should_be '(setq x S"woyfutnwyu") (dump "test-dump-file-2")' 'S"(redacted)"' 'dumping secrets with no key aborts' 87

Replacement in secrets.awk at line 22 [2.12062]

B:BD[2.12707] → [2.12707:12811]

function _decrypt_encrypted_string(n, env, d, hdlrs, st, errp,    line, out, status, dcmd, tfn, oors) {

[2.12707]

[2.12811]

function _assert_key_readable(env, d, hdlrs, st, errp,   n_exitcode) {
    # use glotawk's system function, not awk's, because the KEY_FILE
    # variable is a user input, we wouldn't want to allow shell
    # command injection, and glotawk's system function is shown by
    # testing to disallow shell injection.
    n_exitcode = _eval3(_cons(_symbol("system"),
                              _cons(_string("/bin/test"),
                                    _cons(_string("-r"),
                                          _cons(_string(KEY_FILE),
                                                _nil())))),
                      env, env, d+1, hdlrs, st, errp)
    if(_eq_awk(n_exitcode, _number(0))) {
        return _true()
    } else {
        return _error(_cons(_string("cryptography attempted but KEY_FILE not readable: %s"),
                            _cons(_string(KEY_FILE),
                                  _nil())),
                      env, d, hdlrs, st, errp)
    }
}
function _decrypt_encrypted_string(n, env, d, hdlrs, st, errp,    line, out, status, dcmd, tfn, oors, akr) {
    akr = _assert_key_readable(env, d, hdlrs, st, errp)
    if(!_eq_awk(_true(), akr))
        return akr

Replacement in secrets.awk at line 51 [2.12062]

B:BD[2.13066] → [2.13066:13131]

        return _error(_cons(_string("could not mktemp"),_nil()))

[2.13066]

[2.13131]

        return _error(_cons(_string("could not mktemp"),_nil()),
                      env, d, hdlrs, st, errp)

Replacement in secrets.awk at line 63 [2.12062]
B:BD[2.13484] → [2.13484:13507]
```
        out = out line
```
[2.13484]
[2.13507]
```
        out = out line RS
```

Insertion in secrets.awk at line 70 [2.12062]

[2.13696]

    gsub((RS "$"), "", out)  # deal with single line hopefully ok

Insertion in secrets.awk at line 80 [2.12062]

[2.13983]

    akr = _assert_key_readable(env, d, hdlrs, st, errp)
    if(!_eq_awk(_true(), akr))
        return akr

Replacement in secrets.awk at line 131 [2.12062]

B:BD[2.15523] → [2.15523:15572]

                return _encrypt_secret_string(n)

[2.15523]

[2.15572]

                return _encrypt_secret_string(n, env, d, hdlrs, st, errp)

Replacement in secrets.awk at line 133 [2.12062]

B:BD[2.15602] → [2.15602:15644]

                return _encrypt_string(n)

[2.15602]

[2.15644]

                return _encrypt_string(n, env, d, hdlrs, st, errp)

Replacement in secrets.awk at line 174 [2.12062]

B:BD[2.17067] → [2.17067:17143]

                return _unsafe_reveal(_decrypt(n), env, d, hdlrs, st, errp)

[2.17067]

[2.17143]

                return _unsafe_reveal(_decrypt(n, env, d, hdlrs, st, errp),
                                      env, d, hdlrs, st, errp)