gpgme/TODO

101 lines
4.4 KiB
Plaintext
Raw Normal View History

Hey Emacs, this is -*- outline -*- mode!
2002-01-15 19:59:54 +00:00
* ABI's to break:
** All result returns will be done as structs, not as XML. !!!
** Make sure that all results can be gotten in asynchronous mode (ie, avoid
returning information in the blocking version as function arguments).
** Drop the support for finding out if an operation is pending. After all, one
or two more ways for a user to shoot themselves in the foot don't matter.
** Compatibility interfaces that can be removed in future versions:
*** gpgme_data_new_from_filepart
*** gpgme_data_new_from_file
*** gpgme_data_new_with_read_cb
*** gpgme_data_rewind
*** GPGME_Busy, GPGME_No_Request
*** GPGME_No_Passphrase
*** GPGME_Invalid_Recipient, GPGME_No_Recipients
2002-01-15 19:59:54 +00:00
2002-06-04 12:19:00 +00:00
* Thread support:
** Build thread modules for static linking (which just suck in the
desired symbols the hard way). !!
2002-08-20 11:59:24 +00:00
* New features:
** notification system
We need a simple notification system, probably a simple callback
2002-08-20 11:59:24 +00:00
with a string and some optional arguments. This is for example
required to notify an application of a changed smartcard, The
application can then do whatever is required. There are other
usages too. This notfication system should be independent of any
contextes of course.
** --learn-code support
This might be integrated with import. we still need to work out how
to learn a card when gpg and gpgsm have support for smartcards.
** set_locale for thread safe and env independent locale selection.
2002-08-20 11:59:24 +00:00
2002-01-15 19:59:54 +00:00
* Documentation
** Add note about GPGME clearing out pointer return values.
** validity/trust
* Engines
2003-04-27 18:31:25 +00:00
** Do not create/destroy engines, but create engine and then reset it.
Internally the reset operation still spawns a new engine process,
but this can be replaced with a reset later. Also, be very sure to
release everything properly at a reset and at an error.
Think hard about where to guarantee what (ie, what happens if start fails,
are the fds unregistered immediately - i think so?)
gpgme/ 2002-10-08 Marcus Brinkmann <marcus@g10code.de> New data object component: * gpgme.h (GpgmeDataReadCb, GpgmeDataWriteCb, GpgmeDataSeekCb, GpgmeDataReleaseCb): New types. (struct GpgmeDataCbs): New structure. (gpgme_data_read): Changed prototype to match that of read() closely. (gpgme_data_write): Similar for write(). (gpgme_data_seek, gpgme_data_new_from_cbs, gpgme_data_new_from_fd, gpgme_data_new_from_stream): New prototypes. (gpgme_data_get_type, gpgme_check_engine): Prototype removed. * Makefile.am (libgpgme_la_SOURCES): Add data.h, data-fd.c, data-stream.c, data-mem.c, data-user.c and data-compat.c. * data.c: Reimplemented from scratch. * (data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c): New file. * context.h (struct gpgme_data_s): Removed. * conversion.c: Include <errno.h> and <sys/types.h>. (_gpgme_data_append): New function. * data.c (_gpgme_data_append_string): Move to ... * conversion.c (_gpgme_data_append_string): ... here. * data.c (_gpgme_data_append_for_xml): Move to ... * conversion.c (_gpgme_data_append_for_xml): ... here. * data.c (_gpgme_data_append_string_for_xml): Move to ... * conversion.c (_gpgme_data_append_string_for_xml): ... here. * data.c (_gpgme_data_append_percentstring_for_xml): Move to ... * conversion.c (_gpgme_data_append_percentstring_for_xml): ... here. * ops.h (_gpgme_data_get_mode, _gpgme_data_set_mode): Prototype removed. * types.h (GpgmeDataMode): Type removed. * decrypt.c (_gpgme_decrypt_start): Don't check data type or mode. * edit.c (_gpgme_op_edit_start): Likewise. * encrypt.c (_gpgme_op_encrypt_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * export.c (_gpgme_op_export_start): Likewise. * genkey.c (_gpgme_op_genkey_start): Likewise. * import.c (_gpgme_op_import_start): Likewise. * sign.c (_gpgme_op_sign_start): Likewise. * verify.c (_gpgme_op_verify_start): Likewise. * encrypt.c (gpgme_op_encrypt): Remove hack that returns invalid no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * engine.c (_gpgme_engine_op_verify): Add new argument to differentiate detached from normal signatures. * engine.h (_gpgme_engine_op_verify): Likewise for prototype. * engine-gpgsm.c (_gpgme_gpgsm_op_verify): Likewise. Don't check mode of data argument. * engine-gpgsm.h (_gpgme_gpgsm_op_verify): Likewise for prototype. * gpgme.h (gpgme_op_verify_start): Likewise for prototype. (gpgme_op_verify): Likewise for prototype. * rungpg.c (_gpgme_gpg_op_verify): Likewise. * rungpg.h (_gpgme_gpg_op_verify): Likewise for prototype. * verify.c (_gpgme_op_verify_start): Likewise. (gpgme_op_verify_start): Likewise. (gpgme_op_verify): Likewise. * rungpg.c (struct arg_and_data_s): New member INBOUND to hold direction of data object. (_gpgme_gpg_add_data): Add new argument INBOUND. Use it to determine direction of data object. (_gpgme_gpg_add_pm_data, _gpgme_gpg_set_command_handler, _gpgme_gpg_op_decrypt, _gpgme_gpg_op_edit, _gpgme_gpg_op_encrypt, _gpgme_gpg_op_encrypt_sign, _gpgme_gpg_op_export, _gpgme_gpg_op_genkey, _gpgme_gpg_op_import, _gpgme_gpg_op_sign, _gpgme_gpg_op_verify): Add new argument to _gpgme_gpg_add_data invocation. (build_argv): Use new member INBOUND to determine direction of file descriptor. Don't check the data type. * rungpg.h (_gpgme_gpg_add_data): Add new argument to prototype. * gpgme.c (gpgme_get_op_info): Don't call _gpgme_data_get_as_string if CTX->op_info is NULL. * version.c (gpgme_check_engine): Function removed. tests/ 2002-10-09 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c (print_data): Update to new gpgme_data_read interface, and use gpgme_engine_check_version instead gpgme_check_version. * gpg/t-decrypt-verify.c (print_data): Likewise. * gpg/t-edit.c (main): Likewise. * gpg/t-encrypt.c (print_data): Likewise. * gpg/t-encrypt-sign.c (print_data): Likewise. * gpg/t-encrypt-sym.c (print_data): Likewise. * gpg/t-eventloop.c (print_data): Likewise. * gpg/t-export.c (print_data): Likewise. * gpg/t-sign.c (print_data): Likewise. * gpg/t-signers.c (print_data): Likewise. * gpgsm/t-decrypt.c (print_data): Likewise. * gpgsm/t-encrypt.c (print_data): Likewise. * gpgsm/t-export.c (print_data): Likewise. * gpgsm/t-sign.c (print_data): Likewise. * gpg/t-verify.c (main): Likewise for gpgme_op_verify. * gpgsm/t-verify.c (main): Likewise for gpgme_op_verify. * t-data.c (read_once_test): Likewise. (write_test): Update for new behaviour of data objects. (main): Remove type test.
2002-10-09 00:16:38 +00:00
** Optimize the case where a data object has an underlying fd we can pass
directly to the engine.
2002-01-15 19:59:54 +00:00
** Move code common to all engines up from gpg to engine.
** engine operations can return General Error on unknown protocol
(it's an internal error, as select_protocol checks already).
** When server mode is implemented properly, more care has to be taken to
release all resources on error (for example to free assuan_cmd).
2001-11-21 03:43:16 +00:00
2002-01-22 14:24:50 +00:00
* Operations
** Passphrase callback should not copy password. !!!
2003-04-27 22:52:37 +00:00
*** If no passphrase cb is installed, status handler is not run even if
password is required by crypto engine. !!
gpgme/ 2002-10-08 Marcus Brinkmann <marcus@g10code.de> New data object component: * gpgme.h (GpgmeDataReadCb, GpgmeDataWriteCb, GpgmeDataSeekCb, GpgmeDataReleaseCb): New types. (struct GpgmeDataCbs): New structure. (gpgme_data_read): Changed prototype to match that of read() closely. (gpgme_data_write): Similar for write(). (gpgme_data_seek, gpgme_data_new_from_cbs, gpgme_data_new_from_fd, gpgme_data_new_from_stream): New prototypes. (gpgme_data_get_type, gpgme_check_engine): Prototype removed. * Makefile.am (libgpgme_la_SOURCES): Add data.h, data-fd.c, data-stream.c, data-mem.c, data-user.c and data-compat.c. * data.c: Reimplemented from scratch. * (data-compat.c, data-fd.c, data.h, data-mem.c, data-stream.c, data-user.c): New file. * context.h (struct gpgme_data_s): Removed. * conversion.c: Include <errno.h> and <sys/types.h>. (_gpgme_data_append): New function. * data.c (_gpgme_data_append_string): Move to ... * conversion.c (_gpgme_data_append_string): ... here. * data.c (_gpgme_data_append_for_xml): Move to ... * conversion.c (_gpgme_data_append_for_xml): ... here. * data.c (_gpgme_data_append_string_for_xml): Move to ... * conversion.c (_gpgme_data_append_string_for_xml): ... here. * data.c (_gpgme_data_append_percentstring_for_xml): Move to ... * conversion.c (_gpgme_data_append_percentstring_for_xml): ... here. * ops.h (_gpgme_data_get_mode, _gpgme_data_set_mode): Prototype removed. * types.h (GpgmeDataMode): Type removed. * decrypt.c (_gpgme_decrypt_start): Don't check data type or mode. * edit.c (_gpgme_op_edit_start): Likewise. * encrypt.c (_gpgme_op_encrypt_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * encrypt-sign.c (_gpgme_op_encrypt_sign_start): Likewise. * export.c (_gpgme_op_export_start): Likewise. * genkey.c (_gpgme_op_genkey_start): Likewise. * import.c (_gpgme_op_import_start): Likewise. * sign.c (_gpgme_op_sign_start): Likewise. * verify.c (_gpgme_op_verify_start): Likewise. * encrypt.c (gpgme_op_encrypt): Remove hack that returns invalid no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * encrypt-sign.c (gpgme_op_encrypt_sign): Remove hack that returns no recipient if no data was returned. * engine.c (_gpgme_engine_op_verify): Add new argument to differentiate detached from normal signatures. * engine.h (_gpgme_engine_op_verify): Likewise for prototype. * engine-gpgsm.c (_gpgme_gpgsm_op_verify): Likewise. Don't check mode of data argument. * engine-gpgsm.h (_gpgme_gpgsm_op_verify): Likewise for prototype. * gpgme.h (gpgme_op_verify_start): Likewise for prototype. (gpgme_op_verify): Likewise for prototype. * rungpg.c (_gpgme_gpg_op_verify): Likewise. * rungpg.h (_gpgme_gpg_op_verify): Likewise for prototype. * verify.c (_gpgme_op_verify_start): Likewise. (gpgme_op_verify_start): Likewise. (gpgme_op_verify): Likewise. * rungpg.c (struct arg_and_data_s): New member INBOUND to hold direction of data object. (_gpgme_gpg_add_data): Add new argument INBOUND. Use it to determine direction of data object. (_gpgme_gpg_add_pm_data, _gpgme_gpg_set_command_handler, _gpgme_gpg_op_decrypt, _gpgme_gpg_op_edit, _gpgme_gpg_op_encrypt, _gpgme_gpg_op_encrypt_sign, _gpgme_gpg_op_export, _gpgme_gpg_op_genkey, _gpgme_gpg_op_import, _gpgme_gpg_op_sign, _gpgme_gpg_op_verify): Add new argument to _gpgme_gpg_add_data invocation. (build_argv): Use new member INBOUND to determine direction of file descriptor. Don't check the data type. * rungpg.h (_gpgme_gpg_add_data): Add new argument to prototype. * gpgme.c (gpgme_get_op_info): Don't call _gpgme_data_get_as_string if CTX->op_info is NULL. * version.c (gpgme_check_engine): Function removed. tests/ 2002-10-09 Marcus Brinkmann <marcus@g10code.de> * gpg/t-decrypt.c (print_data): Update to new gpgme_data_read interface, and use gpgme_engine_check_version instead gpgme_check_version. * gpg/t-decrypt-verify.c (print_data): Likewise. * gpg/t-edit.c (main): Likewise. * gpg/t-encrypt.c (print_data): Likewise. * gpg/t-encrypt-sign.c (print_data): Likewise. * gpg/t-encrypt-sym.c (print_data): Likewise. * gpg/t-eventloop.c (print_data): Likewise. * gpg/t-export.c (print_data): Likewise. * gpg/t-sign.c (print_data): Likewise. * gpg/t-signers.c (print_data): Likewise. * gpgsm/t-decrypt.c (print_data): Likewise. * gpgsm/t-encrypt.c (print_data): Likewise. * gpgsm/t-export.c (print_data): Likewise. * gpgsm/t-sign.c (print_data): Likewise. * gpg/t-verify.c (main): Likewise for gpgme_op_verify. * gpgsm/t-verify.c (main): Likewise for gpgme_op_verify. * t-data.c (read_once_test): Likewise. (write_test): Update for new behaviour of data objects. (main): Remove type test.
2002-10-09 00:16:38 +00:00
** Export status handler need much more work. !!!
** Import should return a useful error when one happened.
2003-04-27 18:31:25 +00:00
*** Import does not take notice of NODATA status report.
*** When GPGSM does issue IMPORT_OK status reports, make sure to check for them
2003-04-27 22:52:37 +00:00
in tests/gpgs m/t-import.c.
** Genkey should return something more useful than General_Error.
2002-02-06 01:30:27 +00:00
** Factor out common code in _op_*_start functions.
** Add ATTR to return the number of subkeys or uids.
** Optimize the file descriptor list, so the number of open fds is
2003-04-27 18:31:25 +00:00
always known easily. This could replace the pending bit, too, with
the exception of keylisting operations maybe.
2002-02-06 01:30:27 +00:00
* Error Values
** Map ASSUAN/GpgSM ERR error values in a better way than is done now. !!
** Verify (and document) if Read_Error, Write_Error, Pipe_Error set errno.
* Tests
** Write a fake gpg-agent so that we can supply known passphrases to
gpgsm and setup the configuration files to use the agent. Without
this we are testing a currently running gpg-agent which is not a
clever idea. !
** t-data
*** Test gpgme_data_release_and_get_mem.
*** Test gpgme_data_rewind for invalid types.
*** Test gpgme_data_read's readable feature.
2002-05-08 04:22:07 +00:00
* Debug
** Handle malloc and vasprintf errors. But decide first if they should be
ignored (and logged with 255?!), or really be assertions. !
2002-05-08 04:22:07 +00:00
2001-12-18 23:46:36 +00:00
* Build suite
** Make sure everything is cleaned correctly (esp. test area).
2002-02-06 01:30:27 +00:00
Bugs reported by Stephane Corthesy:
> In GpgmeRecipients, would it be possible to provide a function which
> would return the validity assigned to a name contained in the
> GpgmeRecipients instance?
> passphrase callback. If I use the same GpgmeContext as the one which
> is currently asking for a passphrase, my app crashes: the r_hd in
> the
> callback has become invalid; if I use a brand new one, the callback
> is called recursively, when I ask to enumerate keys.