From d35d44efaf72f90ee4f92af8382c4bcb9982da3f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= Date: Tue, 14 Dec 2021 15:44:37 +0100 Subject: [PATCH] core: Allow setting import filters when importing keys * src/context.h (struct gpgme_context): New field import_filter. * src/engine-backend.h (struct engine_ops): Add arg import_filter to field 'import'. * src/engine-gpg.c (gpg_import): Add arg import_filter and pass option --import-filter with argument value to gpg. Adjust all callers. * src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter. * src/gpgme.c (gpgme_release): Free 'import_filter'. (gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter". * tests/run-import.c (main): Add option --import-filter. -- This makes the --import-filter option available in the GPGME API for key imports. GnuPG-bug-id: 5739 --- NEWS | 3 +++ doc/gpgme.texi | 6 ++++++ src/context.h | 3 +++ src/engine-backend.h | 1 + src/engine-gpg.c | 20 +++++++++++++++++++- src/engine-gpgsm.c | 4 +++- src/engine.c | 6 ++++-- src/engine.h | 1 + src/gpgme.c | 12 ++++++++++++ src/import.c | 6 ++++-- tests/run-import.c | 14 ++++++++++++++ 11 files changed, 70 insertions(+), 6 deletions(-) diff --git a/NEWS b/NEWS index 1331c13a..e57637d5 100644 --- a/NEWS +++ b/NEWS @@ -3,12 +3,15 @@ Noteworthy changes in version 1.16.1 (unreleased) * New context flag "key-origin". [#5733] + * New context flag "import-filter". [#5739] + * qt: Extend ChangeExpiryJob to change expiration of primary key and of subkeys at the same time. [#4717] * Interface changes relative to the 1.16.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_set_ctx_flag EXTENDED: New flag 'key-origin'. + gpgme_set_ctx_flag EXTENDED: New flag 'import-filter'. qt: ChangeExpiryJob::Option NEW. qt: ChangeExpiryJob::Options NEW. qt: ChangeExpiryJob::setOptions NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index c37141a0..cc8ff5e5 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3207,6 +3207,12 @@ The string given in @var{value} is passed to the GnuPG engine to set the origin of imported keys. Valid values are documented in the GnuPG manual and the gpg man page under the option @option{--key-origin}. +@item "import-filter" +@since{1.16.1} +The string given in @var{value} is passed to the GnuPG engine to use as +filter when importing keys. Valid values are documented in the GnuPG +manual and the gpg man page under the option @option{--import-filter}. + @end table This function returns @code{0} on success. diff --git a/src/context.h b/src/context.h index 10d297f6..e976ba3f 100644 --- a/src/context.h +++ b/src/context.h @@ -180,6 +180,9 @@ struct gpgme_context /* The optional key origin. */ char *key_origin; + /* The optional import filter. */ + char *import_filter; + /* The operation data hooked into the context. */ ctx_op_data_t op_data; diff --git a/src/engine-backend.h b/src/engine-backend.h index d4047fbf..d5d44a57 100644 --- a/src/engine-backend.h +++ b/src/engine-backend.h @@ -96,6 +96,7 @@ struct engine_ops gpgme_data_t pubkey, gpgme_data_t seckey); gpgme_error_t (*import) (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, + const char *import_filter, const char *key_origin); gpgme_error_t (*keylist) (void *engine, const char *pattern, int secret_only, gpgme_keylist_mode_t mode, diff --git a/src/engine-gpg.c b/src/engine-gpg.c index fe9ff101..fd39ad76 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -2767,7 +2767,7 @@ string_from_data (gpgme_data_t data, int delim, static gpgme_error_t gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, - const char *key_origin) + const char *import_filter, const char *key_origin) { engine_gpg_t gpg = engine; gpgme_error_t err; @@ -2782,6 +2782,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, if (keyarray) { err = add_arg (gpg, "--recv-keys"); + if (!err && import_filter && have_gpg_version (gpg, "2.1.14")) + { + err = add_arg (gpg, "--import-filter"); + if (!err) + err = add_arg (gpg, import_filter); + } if (!err) err = add_arg (gpg, "--"); for (idx=0; !err && keyarray[idx]; idx++) @@ -2813,6 +2819,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, should use an option to gpg to modify such commands (ala --multifile). */ err = add_arg (gpg, "--fetch-keys"); + if (!err && import_filter && have_gpg_version (gpg, "2.1.14")) + { + err = add_arg (gpg, "--import-filter"); + if (!err) + err = add_arg (gpg, import_filter); + } if (!err) err = add_arg (gpg, "--"); helpptr = NULL; @@ -2831,6 +2843,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, else { err = add_arg (gpg, "--import"); + if (!err && import_filter && have_gpg_version (gpg, "2.1.14")) + { + err = add_arg (gpg, "--import-filter"); + if (!err) + err = add_arg (gpg, import_filter); + } if (!err && key_origin && have_gpg_version (gpg, "2.1.22")) { err = add_arg (gpg, "--key-origin"); diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index 647734fe..0347f640 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -1696,13 +1696,15 @@ gpgsm_genkey (void *engine, static gpgme_error_t -gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, const char *key_origin) +gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, + const char *import_filter, const char *key_origin) { engine_gpgsm_t gpgsm = engine; gpgme_error_t err; gpgme_data_encoding_t dataenc; int idx; + (void)import_filter; (void)key_origin; if (!gpgsm) diff --git a/src/engine.c b/src/engine.c index 6baf1842..0b90d5b4 100644 --- a/src/engine.c +++ b/src/engine.c @@ -850,7 +850,8 @@ _gpgme_engine_op_tofu_policy (engine_t engine, gpgme_error_t _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata, - gpgme_key_t *keyarray, const char *key_origin) + gpgme_key_t *keyarray, const char *import_filter, + const char *key_origin) { if (!engine) return gpg_error (GPG_ERR_INV_VALUE); @@ -858,7 +859,8 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata, if (!engine->ops->import) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); - return (*engine->ops->import) (engine->engine, keydata, keyarray, key_origin); + return (*engine->ops->import) (engine->engine, keydata, keyarray, import_filter, + key_origin); } diff --git a/src/engine.h b/src/engine.h index 038c67cc..087f3586 100644 --- a/src/engine.h +++ b/src/engine.h @@ -142,6 +142,7 @@ gpgme_error_t _gpgme_engine_op_tofu_policy (engine_t engine, gpgme_error_t _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata, gpgme_key_t *keyarray, + const char *import_filter, const char *key_origin); gpgme_error_t _gpgme_engine_op_keylist (engine_t engine, const char *pattern, diff --git a/src/gpgme.c b/src/gpgme.c index 2703cd72..6a5232e1 100644 --- a/src/gpgme.c +++ b/src/gpgme.c @@ -255,6 +255,7 @@ gpgme_release (gpgme_ctx_t ctx) free (ctx->trust_model); free (ctx->cert_expire); free (ctx->key_origin); + free (ctx->import_filter); _gpgme_engine_info_release (ctx->engine_info); ctx->engine_info = NULL; DESTROY_LOCK (ctx->lock); @@ -594,6 +595,13 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value) if (!ctx->key_origin) err = gpg_error_from_syserror (); } + else if (!strcmp (name, "import-filter")) + { + free (ctx->import_filter); + ctx->import_filter = strdup (value); + if (!ctx->import_filter) + err = gpg_error_from_syserror (); + } else err = gpg_error (GPG_ERR_UNKNOWN_NAME); @@ -671,6 +679,10 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name) { return ctx->key_origin? ctx->key_origin : ""; } + else if (!strcmp (name, "import-filter")) + { + return ctx->import_filter? ctx->import_filter : ""; + } else return NULL; } diff --git a/src/import.c b/src/import.c index 5dc74907..9874b698 100644 --- a/src/import.c +++ b/src/import.c @@ -282,7 +282,8 @@ _gpgme_op_import_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t keydata) _gpgme_engine_set_status_handler (ctx->engine, import_status_handler, ctx); - return _gpgme_engine_op_import (ctx->engine, keydata, NULL, ctx->key_origin); + return _gpgme_engine_op_import (ctx->engine, keydata, NULL, ctx->import_filter, + ctx->key_origin); } @@ -365,7 +366,8 @@ _gpgme_op_import_keys_start (gpgme_ctx_t ctx, int synchronous, _gpgme_engine_set_status_handler (ctx->engine, import_status_handler, ctx); - return _gpgme_engine_op_import (ctx->engine, NULL, keys, ctx->key_origin); + return _gpgme_engine_op_import (ctx->engine, NULL, keys, ctx->import_filter, + ctx->key_origin); } diff --git a/tests/run-import.c b/tests/run-import.c index 0ddf158d..931a8d6e 100644 --- a/tests/run-import.c +++ b/tests/run-import.c @@ -64,6 +64,7 @@ main (int argc, char **argv) gpgme_import_result_t impres; gpgme_data_t data; gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP; + char *import_filter = NULL; char *key_origin = NULL; if (argc) @@ -103,6 +104,14 @@ main (int argc, char **argv) protocol = GPGME_PROTOCOL_CMS; argc--; argv++; } + else if (!strcmp (*argv, "--import-filter")) + { + argc--; argv++; + if (!argc) + show_usage (1); + import_filter = strdup (*argv); + argc--; argv++; + } else if (!strcmp (*argv, "--key-origin")) { argc--; argv++; @@ -125,6 +134,11 @@ main (int argc, char **argv) fail_if_err (err); gpgme_set_protocol (ctx, protocol); + if (import_filter) + { + err = gpgme_set_ctx_flag (ctx, "import-filter", import_filter); + fail_if_err (err); + } if (key_origin) { err = gpgme_set_ctx_flag (ctx, "key-origin", key_origin);