lmi-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lmi-commits] [lmi] master 0f81d54: Obfuscate sensitive files

From: Greg Chicares
Subject: [lmi-commits] [lmi] master 0f81d54: Obfuscate sensitive files
Date: Mon, 29 Oct 2018 06:16:10 -0400 (EDT) 
branch: master
commit 0f81d54218a035034e1bfbda1105a7cc0a5f069c
Author: Gregory W. Chicares <address@hidden>
Commit: Gregory W. Chicares <address@hidden>

    Obfuscate sensitive files
---
 mst_to_xst.sh      | 44 ++++++++++++++++++++++++++++++++++++++++++++
 pdf_command_wx.cpp |  5 +++--
 workhorse.make     |  7 +++----
 3 files changed, 50 insertions(+), 6 deletions(-)

diff --git a/mst_to_xst.sh b/mst_to_xst.sh
new file mode 100755
index 0000000..e6e6a8c
--- /dev/null
+++ b/mst_to_xst.sh
@@ -0,0 +1,44 @@
+#!/bin/zsh
+
+# Copy MST files, obfuscating them for distribution.
+
+# Copyright (C) 2018 Gregory W. Chicares.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+#
+# http://savannah.nongnu.org/projects/lmi
+# email: <address@hidden>
+# snail: Chicares, 186 Belle Woods Drive, Glastonbury CT 06033, USA
+
+# MST files are so easy to edit that end users might be tempted to
+# customize them, which might impair regulatory compliance. That
+# temptation is removed by distributing only obfuscated copies.
+#
+# Mapping 255..0 to 0..255 is XORing with 0xFF.
+#
+# Stripping the copyright header before obfuscation is a possible
+# future enhancement that might improve runtime performance.
+
+# This script requires zsh because brace expansion is more convenient
+# than 'seq'. It is intended to be called from a makefile that sets
+# both $datadir and $srcdir.
+
+[ -d "$datadir" ] || { printf 'fail: invalid datadir\n'; exit 2; }
+[ -d "$srcdir"  ] || { printf 'fail: invalid srcdir\n';  exit 3; }
+
+X=$(printf '\%03o' {255..0})
+Y=$(printf '\%03o' {0..255})
+
+cd "$srcdir" || { printf 'fail: cd\n'; exit 4; }
+for z in *.mst; do tr "$X" "$Y" <"$z" >"$datadir/${z%%.mst}.xst"; done
diff --git a/pdf_command_wx.cpp b/pdf_command_wx.cpp
index 6f91a23..c739ce4 100644
--- a/pdf_command_wx.cpp
+++ b/pdf_command_wx.cpp
@@ -296,18 +296,19 @@ class html_interpolator
 
     std::string load_partial_from_file(std::string const& file) const
     {
-        std::ifstream ifs(AddDataDir(file + ".mst"));
+        std::ifstream ifs(AddDataDir(file + ".xst"));
         if(!ifs)
             {
             alarum()
                 << "Template file \""
                 << file
-                << ".mst\" not found."
+                << ".xst\" not found."
                 << std::flush
                 ;
             }
         std::string partial;
         istream_to_string(ifs, partial);
+        for(auto& i : partial) i = static_cast<unsigned char>(i ^ 0xff);
         return partial;
     }
 
diff --git a/workhorse.make b/workhorse.make
index d5b8903..a998550 100644
--- a/workhorse.make
+++ b/workhorse.make
@@ -1051,7 +1051,7 @@ test_dir       := $(exec_prefix)/test
 touchstone_dir := $(exec_prefix)/touchstone
 
 data_files := \
-  $(wildcard $(addprefix $(srcdir)/,*.ico *.mst *.png *.xml *.xrc *.xsd 
*.xsl)) \
+  $(wildcard $(addprefix $(srcdir)/,*.ico *.png *.xml *.xrc *.xsd *.xsl)) \
 
 help_files := \
   $(wildcard $(addprefix $(srcdir)/,*.html)) \
@@ -1071,6 +1071,7 @@ install: preinstall $(default_targets)
        @$(CP) --preserve --update $(default_targets) $(bindir)
        @$(CP) --preserve --update $(data_files) $(datadir)
        @$(CP) --preserve --update $(help_files) $(datadir)
+       @datadir=$(datadir) srcdir=$(srcdir) $(srcdir)/mst_to_xst.sh
 ifeq (,$(USE_SO_ATTRIBUTES))
        @cd $(datadir); $(PERFORM) $(bindir)/product_files$(EXEEXT)
 else
@@ -1182,11 +1183,9 @@ fardel_files := \
 extra_fardel_checksummed_files = \
   configurable_settings.xml \
 
-# PDF !! Add "*.mst" below, only when the MST implementation is released.
-
 fardel_checksummed_files = \
   $(extra_fardel_checksummed_files) \
-  *.dat *.database *.funds *.ndx *.policy *.rounding *.strata \
+  *.dat *.database *.funds *.ndx *.policy *.rounding *.strata *.xst \
   expiry \
   md5sum$(EXEEXT) \
reply via email to
[Prev in Thread] Current Thread [Next in Thread]