From bc98f01c8599f612dd1035b08f827b0657d94984 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= Date: Mon, 14 Aug 2023 12:23:07 +0200 Subject: [PATCH] core: Use offline mode for all operations of gpgsm engine * src/engine-backend.h (keylist, keylist_ext): Remove engine_flags. * src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto. * src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto. (_gpgme_engine_op_keylist_ext): Ditto. * src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): Remove. * src/engine-gpgsm.c (struct engine_gpgsm): New field flags with offline flag. (have_gpgsm_version): New. (gpg_set_engine_flags): Set the offline flag. (start): Send OPTION "offline". (gpgsm_keylist, gpgsm_keylist_ext): Remove engine_flags. Remove sending of OPTION "offline". * src/keylist.c (gpgme_op_keylist_start, gpgme_op_keylist_ext_start): Remove setting of offline flag. -- GnuPG-bug-id: 6648 --- doc/gpgme.texi | 5 +++-- src/engine-backend.h | 6 ++---- src/engine-gpg.c | 8 ++------ src/engine-gpgsm.c | 34 +++++++++++++++++++++------------- src/engine.c | 10 ++++------ src/engine.h | 9 ++------- src/keylist.c | 13 ++----------- 7 files changed, 36 insertions(+), 49 deletions(-) diff --git a/doc/gpgme.texi b/doc/gpgme.texi index fb604f30..8fc6a263 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2694,8 +2694,9 @@ for example completely disable the use of Dirmngr for any engine. For the CMS protocol the offline mode specifies whether Dirmngr shall be used to do additional validation that might require connecting -external services (e.g. CRL / OCSP checks). Here the offline mode -only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}. +external services (e.g. CRL / OCSP checks). The offline mode is used +for all operations on this context. It has only an effect with +GnuPG versions 2.1.6 or later. For the OpenPGP protocol offline mode entirely disables the use of the Dirmngr and will thus guarantee that no network connections are done diff --git a/src/engine-backend.h b/src/engine-backend.h index d430620b..850ffaa9 100644 --- a/src/engine-backend.h +++ b/src/engine-backend.h @@ -100,12 +100,10 @@ struct engine_ops const char *import_filter, const char *key_origin); gpgme_error_t (*keylist) (void *engine, const char *pattern, - int secret_only, gpgme_keylist_mode_t mode, - int engine_flags); + int secret_only, gpgme_keylist_mode_t mode); gpgme_error_t (*keylist_ext) (void *engine, const char *pattern[], int secret_only, int reserved, - gpgme_keylist_mode_t mode, - int engine_flags); + gpgme_keylist_mode_t mode); gpgme_error_t (*keylist_data) (void *engine, gpgme_keylist_mode_t mode, gpgme_data_t data); gpgme_error_t (*keysign) (void *engine, diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 4314938e..99667c6d 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -3341,13 +3341,11 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only, static gpgme_error_t gpg_keylist (void *engine, const char *pattern, int secret_only, - gpgme_keylist_mode_t mode, int engine_flags) + gpgme_keylist_mode_t mode) { engine_gpg_t gpg = engine; gpgme_error_t err; - (void)engine_flags; - err = gpg_keylist_build_options (gpg, secret_only, mode); if (!err && pattern && *pattern) @@ -3362,13 +3360,11 @@ gpg_keylist (void *engine, const char *pattern, int secret_only, static gpgme_error_t gpg_keylist_ext (void *engine, const char *pattern[], int secret_only, - int reserved, gpgme_keylist_mode_t mode, int engine_flags) + int reserved, gpgme_keylist_mode_t mode) { engine_gpg_t gpg = engine; gpgme_error_t err; - (void)engine_flags; - if (reserved) return gpg_error (GPG_ERR_INV_VALUE); diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index cfbef315..8a8beb87 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -114,6 +114,10 @@ struct engine_gpgsm /* Memory data containing diagnostics (--logger-fd) of gpgsm */ gpgme_data_t diagnostics; + + struct { + unsigned int offline : 1; + } flags; }; typedef struct engine_gpgsm *engine_gpgsm_t; @@ -123,6 +127,13 @@ static void gpgsm_io_event (void *engine, gpgme_event_io_t type, void *type_data); +/* Return true if the engine's version is at least VERSION. */ +static int +have_gpgsm_version (engine_gpgsm_t gpgsm, const char *version) +{ + return _gpgme_compare_versions (gpgsm->version, version); +} + static char * gpgsm_get_version (const char *file_name) @@ -613,6 +624,8 @@ gpgsm_set_engine_flags (void *engine, const gpgme_ctx_t ctx) } else *gpgsm->request_origin = 0; + + gpgsm->flags.offline = (ctx->offline && have_gpgsm_version (gpgsm, "2.1.6")); } @@ -1175,6 +1188,12 @@ start (engine_gpgsm_t gpgsm, const char *command) return err; } + gpgsm_assuan_simple_command (gpgsm, + gpgsm->flags.offline ? + "OPTION offline=1": + "OPTION offline=0" , + NULL, NULL); + /* We need to know the fd used by assuan for reads. We do this by using the assumption that the first returned fd from assuan_get_active_fds() is always this one. */ @@ -1872,7 +1891,7 @@ gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, static gpgme_error_t gpgsm_keylist (void *engine, const char *pattern, int secret_only, - gpgme_keylist_mode_t mode, int engine_flags) + gpgme_keylist_mode_t mode) { engine_gpgsm_t gpgsm = engine; char *line; @@ -1928,12 +1947,6 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only, "OPTION with-secret=1": "OPTION with-secret=0" , NULL, NULL); - gpgsm_assuan_simple_command (gpgsm, - (engine_flags & GPGME_ENGINE_FLAG_OFFLINE)? - "OPTION offline=1": - "OPTION offline=0" , - NULL, NULL); - /* Length is "LISTSECRETKEYS " + p + '\0'. */ line = malloc (15 + strlen (pattern) + 1); @@ -1963,7 +1976,7 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only, static gpgme_error_t gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only, - int reserved, gpgme_keylist_mode_t mode, int engine_flags) + int reserved, gpgme_keylist_mode_t mode) { engine_gpgsm_t gpgsm = engine; char *line; @@ -2003,11 +2016,6 @@ gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only, "OPTION with-secret=1": "OPTION with-secret=0" , NULL, NULL); - gpgsm_assuan_simple_command (gpgsm, - (engine_flags & GPGME_ENGINE_FLAG_OFFLINE)? - "OPTION offline=1": - "OPTION offline=0" , - NULL, NULL); if (pattern && *pattern) { diff --git a/src/engine.c b/src/engine.c index ab399e73..69f1c150 100644 --- a/src/engine.c +++ b/src/engine.c @@ -866,8 +866,7 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata, gpgme_error_t _gpgme_engine_op_keylist (engine_t engine, const char *pattern, - int secret_only, gpgme_keylist_mode_t mode, - int engine_flags) + int secret_only, gpgme_keylist_mode_t mode) { if (!engine) return gpg_error (GPG_ERR_INV_VALUE); @@ -875,15 +874,14 @@ _gpgme_engine_op_keylist (engine_t engine, const char *pattern, if (!engine->ops->keylist) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); - return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode, - engine_flags); + return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode); } gpgme_error_t _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[], int secret_only, int reserved, - gpgme_keylist_mode_t mode, int engine_flags) + gpgme_keylist_mode_t mode) { if (!engine) return gpg_error (GPG_ERR_INV_VALUE); @@ -892,7 +890,7 @@ _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[], return gpg_error (GPG_ERR_NOT_IMPLEMENTED); return (*engine->ops->keylist_ext) (engine->engine, pattern, secret_only, - reserved, mode, engine_flags); + reserved, mode); } diff --git a/src/engine.h b/src/engine.h index 59d159a4..654deddf 100644 --- a/src/engine.h +++ b/src/engine.h @@ -148,14 +148,12 @@ gpgme_error_t _gpgme_engine_op_import (engine_t engine, gpgme_error_t _gpgme_engine_op_keylist (engine_t engine, const char *pattern, int secret_only, - gpgme_keylist_mode_t mode, - int engine_flags); + gpgme_keylist_mode_t mode); gpgme_error_t _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[], int secret_only, int reserved, - gpgme_keylist_mode_t mode, - int engine_flags); + gpgme_keylist_mode_t mode); gpgme_error_t _gpgme_engine_op_keylist_data (engine_t engine, gpgme_keylist_mode_t mode, gpgme_data_t data); @@ -227,8 +225,5 @@ gpgme_error_t _gpgme_engine_op_setexpire (engine_t engine, const char *subfprs, unsigned int reserved); -/* The available engine option flags. */ -#define GPGME_ENGINE_FLAG_OFFLINE 1 - #endif /* ENGINE_H */ diff --git a/src/keylist.c b/src/keylist.c index 23b97087..3375f2ef 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -1126,7 +1126,6 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only) gpgme_error_t err; void *hook; op_data_t opd; - int flags = 0; TRACE_BEG (DEBUG_CTX, "gpgme_op_keylist_start", ctx, "pattern=%s, secret_only=%i", pattern, secret_only); @@ -1155,11 +1154,8 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only) if (err) return TRACE_ERR (err); - if (ctx->offline) - flags |= GPGME_ENGINE_FLAG_OFFLINE; - err = _gpgme_engine_op_keylist (ctx->engine, pattern, secret_only, - ctx->keylist_mode, flags); + ctx->keylist_mode); return TRACE_ERR (err); } @@ -1174,7 +1170,6 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[], gpgme_error_t err; void *hook; op_data_t opd; - int flags = 0; TRACE_BEG (DEBUG_CTX, "gpgme_op_keylist_ext_start", ctx, "secret_only=%i, reserved=0x%x", secret_only, reserved); @@ -1202,12 +1197,8 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[], if (err) return TRACE_ERR (err); - if (ctx->offline) - flags |= GPGME_ENGINE_FLAG_OFFLINE; - err = _gpgme_engine_op_keylist_ext (ctx->engine, pattern, secret_only, - reserved, ctx->keylist_mode, - flags); + reserved, ctx->keylist_mode); return TRACE_ERR (err); }