core: For OpenPGP let offline mode disable dirmngr.

* src/engine-gpg.c (struct engine_gpg): New flag.offline. (gpg_set_engine_flags): Set it. Also fix setting of no_symkey_cache. (build_argv): Pass --disable-dirmngr in offline mode. -- GnuPG-bug-id: 3831 Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 11:06:27 +02:00 · 2018-04-17 11:06:27 +02:00 · c143ab692c
commit c143ab692c
parent bbfa7c4233
2 changed files with 38 additions and 17 deletions
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@ -2606,22 +2606,26 @@ valid pointer.
@deftypefun void gpgme_set_offline (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}})
@since{1.6.0}

-The function @code{gpgme_set_offline} specifies if offline mode
-should be used.  By default, offline mode is not used.
+The function @code{gpgme_set_offline} specifies if offline mode should
+be used.  Offline mode is disabled if @var{yes} is zero, and enabled
+otherwise.  By default, offline mode is disabled.

-The offline mode specifies if dirmngr should be used to do additional
-validation that might require connections to external services.
-(e.g. CRL / OCSP checks).
+The details of the offline mode depend on the used protocol and its
+backend engine.  It may eventually be extended to be more stricter and
+for example completely disable the use of Dirmngr for any engine.

-Offline mode only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}
-and is only relevant to the CMS crypto engine. Offline mode
-is ignored otherwise.
+For the CMS protocol the offline mode specifies whether Dirmngr shall
+be used to do additional validation that might require connecting
+external services (e.g. CRL / OCSP checks).  Here the offline mode
+only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}.

-This option may be extended in the future to completely disable
-the use of dirmngr for any engine.
+For the OpenPGP protocol offline mode entirely disables the use of the
+Dirmngr and will thus guarantee that no network connections are done
+as part of an operation on this context.  It has only an effect with
+GnuPG versions 2.1.23 or later.
+
+For all other protocols the offline mode is currently ignored.

-Offline mode is disabled if @var{yes} is zero, and enabled
-otherwise.
@end deftypefun

@deftypefun int gpgme_get_offline (@w{gpgme_ctx_t @var{ctx}})
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@ -148,6 +148,7 @@ struct engine_gpg

  struct {
    unsigned int no_symkey_cache : 1;
+    unsigned int offline : 1;
  } flags;

  /* NULL or the data object fed to --override_session_key-fd.  */
@ -647,12 +648,14 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx)
      else
        strcpy (gpg->request_origin, ctx->request_origin);
    }
-  else if (ctx->no_symkey_cache && have_gpg_version (gpg, "2.2.7"))
-    {
-      gpg->flags.no_symkey_cache = 1;
-    }
  else
    *gpg->request_origin = 0;
+
+  gpg->flags.no_symkey_cache = (ctx->no_symkey_cache
+                                && have_gpg_version (gpg, "2.2.7"));
+
+  gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23"));
+
 }


@ -884,7 +887,8 @@ build_argv (engine_gpg_t gpg, const char *pgmname)
    argc++;
  if (!gpg->cmd.used)
    argc++;	/* --batch */
-  argc += 3;	/* --no-sk-comments, --request-origin, --no-symkey-cache */
+  argc += 4;	/* --no-sk-comments, --request-origin, --no-symkey-cache */
+                /* --disable-dirmngr  */

  argv = calloc (argc + 1, sizeof *argv);
  if (!argv)
@ -959,6 +963,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname)
      argc++;
    }

+  if (gpg->flags.offline)
+    {
+      argv[argc] = strdup ("--disable-dirmngr");
+      if (!argv[argc])
+	{
+          int saved_err = gpg_error_from_syserror ();
+	  free (fd_data_map);
+	  free_argv (argv);
+	  return saved_err;
+        }
+      argc++;
+    }
+
  if (gpg->pinentry_mode && have_gpg_version (gpg, "2.1.0"))
    {
      const char *s = NULL;