Apply change of `global.h` template

Ensure all formatting overloads are always included before CppUnit's
headers

.github/stale.yml

@@ -0,0 +1,19 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - feature request
+  - enhancement
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.1.0 FATAL_ERROR)
+cmake_minimum_required(VERSION 3.17.0 FATAL_ERROR)
 
 # set meta data
 project(passwordfile)
@@ -10,7 +10,7 @@ set(META_APP_URL "https://github.com/${META_APP_AUTHOR}/${META_PROJECT_NAME}")
 set(META_APP_DESCRIPTION "C++ library to read/write passwords from/to encrypted files")
 set(META_VERSION_MAJOR 5)
 set(META_VERSION_MINOR 0)
-set(META_VERSION_PATCH 7)
+set(META_VERSION_PATCH 11)
 set(META_ADD_DEFAULT_CPP_UNIT_TEST_APPLICATION ON)
 
 # add project files
@@ -46,13 +46,14 @@ endif ()
 set(CONFIGURATION_PACKAGE_SUFFIX
     ""
     CACHE STRING "sets the suffix for find_package() calls to packages configured via c++utilities")
-find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.0.0 REQUIRED)
+find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.14.0 REQUIRED)
 use_cpp_utilities(VISIBILITY PUBLIC)
 
 # find 3rd party libraries
 include(3rdParty)
 use_zlib()
 use_crypto()
+use_standard_filesystem()
 
 # include modules to apply configuration
 include(BasicConfig)

README.md

@@ -7,3 +7,8 @@ applying the encryption.
 ## Build instructions
 The passwordfile library depends on c++utilities and is built in the same way.
 It also depends on OpenSSL and zlib.
+
+## Copyright notice and license
+Copyright © 2015-2024 Marius Kittler
+
+All code is licensed under [GPL-2-or-later](LICENSE).

global.h

@@ -4,6 +4,7 @@
 #ifndef PASSWORD_FILE_GLOBAL
 #define PASSWORD_FILE_GLOBAL
 
+#include "passwordfile-definitions.h"
 #include <c++utilities/application/global.h>
 
 #ifdef PASSWORD_FILE_STATIC

io/passwordfile.cpp

@@ -8,6 +8,7 @@
 
 #include <c++utilities/conversion/stringbuilder.h>
 #include <c++utilities/conversion/stringconversion.h>
+#include <c++utilities/io/path.h>
 
 #include <openssl/conf.h>
 #include <openssl/err.h>
@@ -17,6 +18,7 @@
 #include <zlib.h>
 
 #include <cstring>
+#include <filesystem>
 #include <functional>
 #include <limits>
 #include <memory>
@@ -89,12 +91,12 @@ PasswordFile::PasswordFile(const PasswordFile &other)
  * \brief Moves the password file.
  */
 PasswordFile::PasswordFile(PasswordFile &&other)
-    : m_path(move(other.m_path))
-    , m_password(move(other.m_password))
-    , m_rootEntry(move(other.m_rootEntry))
-    , m_extendedHeader(move(other.m_extendedHeader))
-    , m_encryptedExtendedHeader(move(other.m_encryptedExtendedHeader))
-    , m_file(move(other.m_file))
+    : m_path(std::move(other.m_path))
+    , m_password(std::move(other.m_password))
+    , m_rootEntry(std::move(other.m_rootEntry))
+    , m_extendedHeader(std::move(other.m_extendedHeader))
+    , m_encryptedExtendedHeader(std::move(other.m_encryptedExtendedHeader))
+    , m_file(std::move(other.m_file))
     , m_freader(BinaryReader(&m_file))
     , m_fwriter(BinaryWriter(&m_file))
     , m_version(other.m_version)
@@ -294,7 +296,7 @@ void PasswordFile::load()
                 msg += ERR_error_string(errorCode, nullptr);
                 errorCode = ERR_get_error();
             }
-            throw CryptoException(move(msg));
+            throw CryptoException(std::move(msg));
         }
 
         if (ctx) {
@@ -349,10 +351,10 @@ void PasswordFile::load()
     stringstream decryptedStream(stringstream::in | stringstream::out | stringstream::binary);
     decryptedStream.exceptions(ios_base::failbit | ios_base::badbit);
     try {
-#ifdef _LIBCPP_VERSION
-        decryptedStream.write(decryptedData.data(), static_cast<streamsize>(remainingSize));
-#else
+#if defined(__GLIBCXX__) && !defined(_LIBCPP_VERSION)
         decryptedStream.rdbuf()->pubsetbuf(decryptedData.data(), static_cast<streamsize>(remainingSize));
+#else
+        decryptedStream.write(decryptedData.data(), static_cast<streamsize>(remainingSize));
 #endif
         if (m_version >= 0x5u) {
             BinaryReader reader(&decryptedStream);
@@ -389,9 +391,10 @@ std::uint32_t PasswordFile::mininumVersion(PasswordFileSaveFlags options) const
 /*!
  * \brief Writes the current root entry to the file under path() replacing its previous contents.
  * \param options Specify the features (like encryption and compression) to be used.
- * \throws Throws ios_base::failure when an IO error occurs.
- * \throws Throws runtime_error when no root entry is present or a compression error occurs.
+ * \throws Throws std::ios_base::failure when an IO error occurs.
+ * \throws Throws std::filesystem::filesystem_error when a filesystem error occurs.
  * \throws Throws Io::CryptoException when an encryption error occurs.
+ * \throws Throws std::runtime_error when no root entry is present or a compression error occurs.
  */
 void PasswordFile::save(PasswordFileSaveFlags options)
 {
@@ -400,7 +403,9 @@ void PasswordFile::save(PasswordFileSaveFlags options)
     }
 
     // use already opened and writable file; otherwise re-open the file
+    auto fileSize = std::size_t();
     if (m_file.good() && m_file.is_open() && !(m_openOptions & PasswordFileOpenFlags::ReadOnly)) {
+        fileSize = size();
         m_file.seekp(0);
     } else {
         m_file.clear();
@@ -418,16 +423,24 @@ void PasswordFile::save(PasswordFileSaveFlags options)
         }
     }
 
+    // write entries
     write(options);
     m_file.flush();
+
+    // truncate file if it became smaller
+    const auto newSize = static_cast<std::size_t>(m_file.tellp());
+    if (fileSize && newSize < fileSize) {
+        m_file.close();
+        std::filesystem::resize_file(makeNativePath(m_path), newSize);
+    }
 }
 
 /*!
  * \brief Writes the current root entry to the file which is assumed to be opened and writeable.
  * \param options Specify the features (like encryption and compression) to be used.
- * \throws Throws ios_base::failure when an IO error occurs.
- * \throws Throws runtime_error when no root entry is present or a compression error occurs.
+ * \throws Throws std::ios_base::failure when an IO error occurs.
  * \throws Throws Io::CryptoException when an encryption error occurs.
+ * \throws Throws std::runtime_error when no root entry is present, a compression error occurs.
  */
 void PasswordFile::write(PasswordFileSaveFlags options)
 {
@@ -550,7 +563,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
             msg += ERR_error_string(errorCode, nullptr);
             errorCode = ERR_get_error();
         }
-        throw CryptoException(move(msg));
+        throw CryptoException(std::move(msg));
     }
 
     if (ctx) {

tests/entrytests.cpp

@@ -2,9 +2,6 @@
 
 #include "./utils.h"
 
-#include <c++utilities/tests/testutils.h>
-using namespace CppUtilities;
-
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
 

tests/fieldtests.cpp

@@ -3,9 +3,6 @@
 
 #include "./utils.h"
 
-#include <c++utilities/tests/testutils.h>
-using namespace CppUtilities;
-
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
 

tests/opensslrandomdevice.cpp

@@ -1,6 +1,6 @@
 #include "../util/opensslrandomdevice.h"
 
-#include <c++utilities/tests/testutils.h>
+#include "./utils.h"
 
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>

tests/passwordfiletests.cpp

@@ -2,7 +2,7 @@
 #include "../io/entry.h"
 #include "../io/passwordfile.h"
 
-#include <c++utilities/tests/testutils.h>
+#include "./utils.h"
 
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
@@ -208,7 +208,7 @@ void PasswordFileTests::testExtendedWriting()
     CPPUNIT_ASSERT_EQUAL(""s, file.extendedHeader());
     CPPUNIT_ASSERT_EQUAL(""s, file.encryptedExtendedHeader());
     file.rootEntry()->setLabel("testfile2 - modified");
-    new AccountEntry("newAccount", file.rootEntry());
+    auto *const newAccount = new AccountEntry("newAccount", file.rootEntry());
     file.setPassword("654321");
     file.extendedHeader() = "foo";
     file.encryptedExtendedHeader() = "bar";
@@ -220,4 +220,18 @@ void PasswordFileTests::testExtendedWriting()
 
     // check backup files
     testReading("extended writing", testfile1 + ".backup", "123456", testfile2 + ".backup", string(), false, false);
+
+    // remove newAccount again to check what happens if the file size decreases
+    const auto fileSize = file.size();
+    delete newAccount;
+    file.save(PasswordFileSaveFlags::Encryption | PasswordFileSaveFlags::PasswordHashing);
+    file.close();
+    file.clearEntries();
+    file.open();
+    CPPUNIT_ASSERT_LESS(fileSize, file.size());
+    file.load();
+
+    auto path = std::list<std::string>{ "newAccount" };
+    CPPUNIT_ASSERT(file.rootEntry());
+    CPPUNIT_ASSERT(!file.rootEntry()->entryByPath(path));
 }

tests/utils.h

@@ -23,4 +23,8 @@ inline std::ostream &operator<<(std::ostream &out, const Io::Field *field)
 
 } // namespace CppUtilities
 
+#include <c++utilities/tests/testutils.h>
+
+using namespace CppUtilities;
+
 #endif // PASSWORDFILE_TESTS_UTILS_H

util/openssl.cpp

@@ -49,16 +49,8 @@ void clean()
  */
 Sha256Sum computeSha256Sum(const unsigned char *buffer, std::size_t size)
 {
-    // init sha256 hashing
-    SHA256_CTX sha256;
-    SHA256_Init(&sha256);
-
-    // do the actual hashing
-    SHA256_Update(&sha256, buffer, size);
-
-    // finalize the hashing
-    Sha256Sum hash;
-    SHA256_Final(hash.data, &sha256);
+    auto hash = Sha256Sum();
+    SHA256(buffer, size, hash.data);
     return hash;
 }
 

util/opensslrandomdevice.cpp

@@ -45,7 +45,7 @@ OpenSslRandomDevice::result_type OpenSslRandomDevice::operator()() const
         errorMsg += ERR_error_string(errorCode, nullptr);
         errorCode = ERR_get_error();
     }
-    throw Io::CryptoException(move(errorMsg));
+    throw Io::CryptoException(std::move(errorMsg));
 }
 
 /*!