6 files changed, 18 insertions, 51 deletions
diff --git a/src/signframework/adddropbox b/src/signframework/adddropbox
index 0aca02c..4fe06d1 100755
--- a/src/signframework/adddropbox
+++ b/src/signframework/adddropbox
@@ -74,7 +74,7 @@ chmod 770 /home/dropbox/$USERID
 cp ./request_pub.pem /home/dropbox/$USERID
 mkdir /home/$USERID/dropbox
 mount --bind /home/dropbox/$USERID/ /home/$USERID/dropbox
-echo '/home/dropbox/$USERID/ /home/$USERID/dropbox    none   bind' >> /etc/fstab
+echo "/home/dropbox/$USERID/ /home/$USERID/dropbox    none   bind" >> /etc/fstab
 
 echo "
 Match User $USERID
diff --git a/src/signframework/dropbox_utils.c b/src/signframework/dropbox_utils.c
index d12ef12..5b59cfc 100644
--- a/src/signframework/dropbox_utils.c
+++ b/src/signframework/dropbox_utils.c
@@ -253,7 +253,6 @@ int processEvent(FrameworkConfig *frameworkConfig, struct inotify_event *i,
     char* filename = NULL;
     DropboxRequest request;
 
-    File_OpenMessageFile(frameworkConfig->outputBodyFilename, "w");
 
     if (verbose) displayInotifyEvent(i);
 
@@ -269,6 +268,9 @@ int processEvent(FrameworkConfig *frameworkConfig, struct inotify_event *i,
         // Ignore anything but a request.go file
         pos = strstr(i->name, ".request.go");
         if (pos != NULL) {
+            // Open message file here, will be closed after request processing
+            File_OpenMessageFile(frameworkConfig->outputBodyFilename, "w");
+
             dropboxRequestInit(&request, frameworkConfig);
             request.dbConfig = db;
             request.event = i;
diff --git a/src/signframework/framework_utils.c b/src/signframework/framework_utils.c
index 7c90968..e88b553 100644
--- a/src/signframework/framework_utils.c
+++ b/src/signframework/framework_utils.c
@@ -1906,8 +1906,8 @@ int Password_KDF(unsigned char *eku,			/* preallocated 16 bytes, 128 bits */
     unsigned char 	initialization_vector[IV_SIZE];
     unsigned char 	*cleartext = NULL;	/* freed @1 */
     unsigned char 	*ciphertext = NULL;	/* freed @2 */
-    long		cleartext_length;
-    long 		ciphertext_length;
+    long		cleartext_length = 0;
+    long 		ciphertext_length = 0;
 
     /* cannot modify 'sender', so make a copy.  The NUL terminator will be replaced by the 0,1,2 */
     if (rc == 0) {
@@ -2365,6 +2365,7 @@ int CallSigner(Arguments	*arguments,
       parent
     */
     else {
+        File_CloseMessageFile();
         /* NOTE: From here down, no printing to messageFile until child returns. */
         /* parent waits for the child signer program to complete.  The call to wait() gets the
            return code for the exec'ed child process */
diff --git a/src/signframework/getpubkeyecc.c b/src/signframework/getpubkeyecc.c
index 8e12d6c..f79c585 100644
--- a/src/signframework/getpubkeyecc.c
+++ b/src/signframework/getpubkeyecc.c
@@ -170,42 +170,6 @@ int main(int argc, char** argv)
         if (verbose) fprintf(messageFile, "Signing key file %s\n",
                              keyFileName);
     }
-    /* check the sender authorization */
-    /* NOTE: There's nothing really secret about the public key.  Anyone can read it.  This step is
-       more a demo of how a project program could check secondary authorization. */
-    /* determine whether senders are needed */
-    if (rc == 0) {
-        rc = File_MapNameToBool(&(projectConfig.needSenders),
-                                "needsenders",
-                                lineBuffer,
-                                MAX_LINE_SIZE,
-                                projectConfigFile);
-    }
-    if (rc == 0) {
-        if (verbose) fprintf(messageFile,
-                             "Signing project needs senders: %d\n", projectConfig. needSenders);
-    }
-    /* read the list of authorized senders */
-    if (rc == 0) {
-        rc = File_GetNameValueArray(&(projectConfig.senders),	/* freed by caller */
-                                    &(projectConfig.senderemails),	/* freed by caller */
-                                    &(projectConfig.sendersCount), /* number of authorized senders */
-                                    lineBuffer,
-                                    MAX_LINE_SIZE,
-                                    projectConfigFile);
-    }
-    /* check the sender authorization */
-    if (rc == 0) {
-        rc = ProjectConfig_ValidateSender(sender,
-                                          &projectConfig, NULL);
-        if (rc != 0) {
-            File_Printf(projectLogFile, messageFile,
-                        "ERROR1018: %s is not authorized for project: %s\n",
-                        sender, signproject);
-            fprintf(messageFile,
-                    "Contact framework administrator\n");
-        }
-    }
     /* get the key token */
     if (rc == 0) {
         if (verbose) fprintf(messageFile, "Key token at %s\n",
diff --git a/src/signframework/signecc/eccutils.c b/src/signframework/signecc/eccutils.c
index b56d4bb..d73e241 100644
--- a/src/signframework/signecc/eccutils.c
+++ b/src/signframework/signecc/eccutils.c
@@ -308,14 +308,6 @@ int GetSendersArray(char 	****senders,		/* array of senders per project,
             emails = NULL;
         }
         if (rc == 0) {
-            rc = File_GetValueArray(&((*senders)[i]),
-                                    (size_t*)&((*numberOfSenders)[i]),
-                                    "senders",
-                                    lineBuffer,
-                                    lineBufferLength,
-                                    projectConfigFile);
-        }
-        if (rc == 0) {
             if (verbose) fprintf(messageFile,
                                  "GetSendersArray: Found %u authorized senders\n",
                                  (*numberOfSenders)[i]);
diff --git a/src/signframework/utils.c b/src/signframework/utils.c
index 6edd0cc..f90f631 100644
--- a/src/signframework/utils.c
+++ b/src/signframework/utils.c
@@ -99,8 +99,16 @@ int File_Open(FILE **file,
     if (rc == 0) {
         *file = fopen(filename, mode);
         if (*file == NULL) {
-            if (verbose) fprintf(messageFile, "File_Open: Error opening %s for %s, %s\n",
+            if (verbose) {
+                // Check to make sure we aren't attempting to reroute the message file
+                if (file != &messageFile) {
+                    fprintf(messageFile, "File_Open: Error opening %s for %s, %s\n",
                                  filename, mode, strerror(errno));
+                } else {
+                    fprintf(stderr, "File_Open: Error opening %s for %s, %s\n",
+                                 filename, mode, strerror(errno));
+                }
+            }
             rc = ERROR_CODE;
         }
     }
@@ -135,12 +143,12 @@ int File_OpenMessageFile(const char *outputBodyFilename,
     }
     /* if the open failed */
     else {
+        messageFile = stdout;
         fprintf(messageFile,
                 "File_OpenMessageFile: Error cannot open %s\n", outputBodyFilename);
 	    /* Since the configuration is validated at startup, this should never fail.  The only
 	       possibilty is that something happened to the platform while the framework was
 	       running.  No email can be returned and messages go to stdout. */
-        messageFile= stdout;
         rc = RESPONSE_NO_EMAIL;
     }
     return rc;
@@ -817,7 +825,7 @@ int File_GetValueArray(char 		***values,	/* freed by caller */
     if (rc == 0) {
         if (*values != NULL) {
             if (verbose) fprintf(messageFile,
-                                 "File_GetNameValueArray: values %p not NULL\n",
+                                 "File_GetValueArray: values %p not NULL\n",
                                  *values);
         }
     }