GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: Use offline mode for all operations of gpgsm engine

Browse Source 
* src/engine-backend.h (keylist, keylist_ext): Remove engine_flags.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
(_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): Remove.
* src/engine-gpgsm.c (struct engine_gpgsm): New field flags with offline
flag.
(have_gpgsm_version): New.
(gpg_set_engine_flags): Set the offline flag.
(start): Send OPTION "offline".
(gpgsm_keylist, gpgsm_keylist_ext): Remove engine_flags.  Remove
sending of OPTION "offline".
* src/keylist.c (gpgme_op_keylist_start, gpgme_op_keylist_ext_start):
Remove setting of offline flag.
--

GnuPG-bug-id: 6648
This commit is contained in:
Ingo Klöcker 2023-08-14 12:23:07 +02:00
parent d72811a2c0
commit bc98f01c85
No known key found for this signature in database
GPG Key ID: F5A5D1692277A1E9
7 changed files with 36 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/gpgme.texi
View File

@ -2694,8 +2694,9 @@ for example completely disable the use of Dirmngr for any engine.
For the CMS protocol the offline mode specifies whether Dirmngr shall
be used to do additional validation that might require connecting
external services (e.g. CRL / OCSP checks). Here the offline mode
only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}.
external services (e.g. CRL / OCSP checks). The offline mode is used
for all operations on this context. It has only an effect with
GnuPG versions 2.1.6 or later.
For the OpenPGP protocol offline mode entirely disables the use of the
Dirmngr and will thus guarantee that no network connections are done

6
src/engine-backend.h
View File

@ -100,12 +100,10 @@ struct engine_ops
const char *import_filter,
const char *key_origin);
gpgme_error_t (*keylist) (void *engine, const char *pattern,
int secret_only, gpgme_keylist_mode_t mode,
int engine_flags);
int secret_only, gpgme_keylist_mode_t mode);
gpgme_error_t (*keylist_ext) (void *engine, const char *pattern[],
int secret_only, int reserved,
gpgme_keylist_mode_t mode,
int engine_flags);
gpgme_keylist_mode_t mode);
gpgme_error_t (*keylist_data) (void *engine, gpgme_keylist_mode_t mode,
gpgme_data_t data);
gpgme_error_t (*keysign) (void *engine,

8
src/engine-gpg.c
View File

@ -3341,13 +3341,11 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only,
static gpgme_error_t
gpg_keylist (void *engine, const char *pattern, int secret_only,
gpgme_keylist_mode_t mode, int engine_flags)
gpgme_keylist_mode_t mode)
{
engine_gpg_t gpg = engine;
gpgme_error_t err;
(void)engine_flags;
err = gpg_keylist_build_options (gpg, secret_only, mode);
if (!err && pattern && *pattern)
@ -3362,13 +3360,11 @@ gpg_keylist (void *engine, const char *pattern, int secret_only,
static gpgme_error_t
gpg_keylist_ext (void *engine, const char *pattern[], int secret_only,
int reserved, gpgme_keylist_mode_t mode, int engine_flags)
int reserved, gpgme_keylist_mode_t mode)
{
engine_gpg_t gpg = engine;
gpgme_error_t err;
(void)engine_flags;
if (reserved)
return gpg_error (GPG_ERR_INV_VALUE);

34
src/engine-gpgsm.c
View File

@ -114,6 +114,10 @@ struct engine_gpgsm
/* Memory data containing diagnostics (--logger-fd) of gpgsm */
gpgme_data_t diagnostics;
struct {
unsigned int offline : 1;
} flags;
};
typedef struct engine_gpgsm *engine_gpgsm_t;
@ -123,6 +127,13 @@ static void gpgsm_io_event (void *engine,
gpgme_event_io_t type, void *type_data);
/* Return true if the engine's version is at least VERSION. */
static int
have_gpgsm_version (engine_gpgsm_t gpgsm, const char *version)
{
return _gpgme_compare_versions (gpgsm->version, version);
}
static char *
gpgsm_get_version (const char *file_name)
@ -613,6 +624,8 @@ gpgsm_set_engine_flags (void *engine, const gpgme_ctx_t ctx)
}
else
*gpgsm->request_origin = 0;
gpgsm->flags.offline = (ctx->offline && have_gpgsm_version (gpgsm, "2.1.6"));
}
@ -1175,6 +1188,12 @@ start (engine_gpgsm_t gpgsm, const char *command)
return err;
}
gpgsm_assuan_simple_command (gpgsm,
gpgsm->flags.offline ?
"OPTION offline=1":
"OPTION offline=0" ,
NULL, NULL);
/* We need to know the fd used by assuan for reads. We do this by
using the assumption that the first returned fd from
assuan_get_active_fds() is always this one. */
@ -1872,7 +1891,7 @@ gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
static gpgme_error_t
gpgsm_keylist (void *engine, const char *pattern, int secret_only,
gpgme_keylist_mode_t mode, int engine_flags)
gpgme_keylist_mode_t mode)
{
engine_gpgsm_t gpgsm = engine;
char *line;
@ -1928,12 +1947,6 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only,
"OPTION with-secret=1":
"OPTION with-secret=0" ,
NULL, NULL);
gpgsm_assuan_simple_command (gpgsm,
(engine_flags & GPGME_ENGINE_FLAG_OFFLINE)?
"OPTION offline=1":
"OPTION offline=0" ,
NULL, NULL);
/* Length is "LISTSECRETKEYS " + p + '\0'. */
line = malloc (15 + strlen (pattern) + 1);
@ -1963,7 +1976,7 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only,
static gpgme_error_t
gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
int reserved, gpgme_keylist_mode_t mode, int engine_flags)
int reserved, gpgme_keylist_mode_t mode)
{
engine_gpgsm_t gpgsm = engine;
char *line;
@ -2003,11 +2016,6 @@ gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
"OPTION with-secret=1":
"OPTION with-secret=0" ,
NULL, NULL);
gpgsm_assuan_simple_command (gpgsm,
(engine_flags & GPGME_ENGINE_FLAG_OFFLINE)?
"OPTION offline=1":
"OPTION offline=0" ,
NULL, NULL);
if (pattern && *pattern)
{

10
src/engine.c
View File

@ -866,8 +866,7 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata,
gpgme_error_t
_gpgme_engine_op_keylist (engine_t engine, const char *pattern,
int secret_only, gpgme_keylist_mode_t mode,
int engine_flags)
int secret_only, gpgme_keylist_mode_t mode)
{
if (!engine)
return gpg_error (GPG_ERR_INV_VALUE);
@ -875,15 +874,14 @@ _gpgme_engine_op_keylist (engine_t engine, const char *pattern,
if (!engine->ops->keylist)
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode,
engine_flags);
return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode);
}
gpgme_error_t
_gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
int secret_only, int reserved,
gpgme_keylist_mode_t mode, int engine_flags)
gpgme_keylist_mode_t mode)
{
if (!engine)
return gpg_error (GPG_ERR_INV_VALUE);
@ -892,7 +890,7 @@ _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
return (*engine->ops->keylist_ext) (engine->engine, pattern, secret_only,
reserved, mode, engine_flags);
reserved, mode);
}

9
src/engine.h
View File

@ -148,14 +148,12 @@ gpgme_error_t _gpgme_engine_op_import (engine_t engine,
gpgme_error_t _gpgme_engine_op_keylist (engine_t engine,
const char *pattern,
int secret_only,
gpgme_keylist_mode_t mode,
int engine_flags);
gpgme_keylist_mode_t mode);
gpgme_error_t _gpgme_engine_op_keylist_ext (engine_t engine,
const char *pattern[],
int secret_only,
int reserved,
gpgme_keylist_mode_t mode,
int engine_flags);
gpgme_keylist_mode_t mode);
gpgme_error_t _gpgme_engine_op_keylist_data (engine_t engine,
gpgme_keylist_mode_t mode,
gpgme_data_t data);
@ -227,8 +225,5 @@ gpgme_error_t _gpgme_engine_op_setexpire (engine_t engine,
const char *subfprs,
unsigned int reserved);
/* The available engine option flags. */
#define GPGME_ENGINE_FLAG_OFFLINE 1
#endif /* ENGINE_H */

13
src/keylist.c
View File

@ -1126,7 +1126,6 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only)
gpgme_error_t err;
void *hook;
op_data_t opd;
int flags = 0;
TRACE_BEG (DEBUG_CTX, "gpgme_op_keylist_start", ctx,
"pattern=%s, secret_only=%i", pattern, secret_only);
@ -1155,11 +1154,8 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only)
if (err)
return TRACE_ERR (err);
if (ctx->offline)
flags |= GPGME_ENGINE_FLAG_OFFLINE;
err = _gpgme_engine_op_keylist (ctx->engine, pattern, secret_only,
ctx->keylist_mode, flags);
ctx->keylist_mode);
return TRACE_ERR (err);
}
@ -1174,7 +1170,6 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[],
gpgme_error_t err;
void *hook;
op_data_t opd;
int flags = 0;
TRACE_BEG (DEBUG_CTX, "gpgme_op_keylist_ext_start", ctx,
"secret_only=%i, reserved=0x%x", secret_only, reserved);
@ -1202,12 +1197,8 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[],
if (err)
return TRACE_ERR (err);
if (ctx->offline)
flags |= GPGME_ENGINE_FLAG_OFFLINE;
err = _gpgme_engine_op_keylist_ext (ctx->engine, pattern, secret_only,
reserved, ctx->keylist_mode,
flags);
reserved, ctx->keylist_mode);
return TRACE_ERR (err);
}