GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

core: Allow setting import filters when importing keys

Browse Source 
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".

* tests/run-import.c (main): Add option --import-filter.
--

This makes the --import-filter option available in the GPGME API for
key imports.

GnuPG-bug-id: 5739
This commit is contained in:
Ingo Klöcker 2021-12-14 15:44:37 +01:00
parent af820811ec
commit d35d44efaf
11 changed files with 70 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
NEWS
View File

@ -3,12 +3,15 @@ Noteworthy changes in version 1.16.1 (unreleased)
* New context flag "key-origin". [#5733]
* New context flag "import-filter". [#5739]
* qt: Extend ChangeExpiryJob to change expiration of primary key
and of subkeys at the same time. [#4717]
* Interface changes relative to the 1.16.0 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgme_set_ctx_flag EXTENDED: New flag 'key-origin'.
gpgme_set_ctx_flag EXTENDED: New flag 'import-filter'.
qt: ChangeExpiryJob::Option NEW.
qt: ChangeExpiryJob::Options NEW.
qt: ChangeExpiryJob::setOptions NEW.

6
doc/gpgme.texi
View File

@ -3207,6 +3207,12 @@ The string given in @var{value} is passed to the GnuPG engine to set
the origin of imported keys. Valid values are documented in the GnuPG
manual and the gpg man page under the option @option{--key-origin}.
@item "import-filter"
@since{1.16.1}
The string given in @var{value} is passed to the GnuPG engine to use as
filter when importing keys. Valid values are documented in the GnuPG
manual and the gpg man page under the option @option{--import-filter}.
@end table
This function returns @code{0} on success.

3
src/context.h
View File

@ -180,6 +180,9 @@ struct gpgme_context
/* The optional key origin. */
char *key_origin;
/* The optional import filter. */
char *import_filter;
/* The operation data hooked into the context. */
ctx_op_data_t op_data;

1
src/engine-backend.h
View File

@ -96,6 +96,7 @@ struct engine_ops
gpgme_data_t pubkey, gpgme_data_t seckey);
gpgme_error_t (*import) (void *engine, gpgme_data_t keydata,
gpgme_key_t *keyarray,
const char *import_filter,
const char *key_origin);
gpgme_error_t (*keylist) (void *engine, const char *pattern,
int secret_only, gpgme_keylist_mode_t mode,

20
src/engine-gpg.c
View File

@ -2767,7 +2767,7 @@ string_from_data (gpgme_data_t data, int delim,
static gpgme_error_t
gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
const char *key_origin)
const char *import_filter, const char *key_origin)
{
engine_gpg_t gpg = engine;
gpgme_error_t err;
@ -2782,6 +2782,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
if (keyarray)
{
err = add_arg (gpg, "--recv-keys");
if (!err && import_filter && have_gpg_version (gpg, "2.1.14"))
{
err = add_arg (gpg, "--import-filter");
if (!err)
err = add_arg (gpg, import_filter);
}
if (!err)
err = add_arg (gpg, "--");
for (idx=0; !err && keyarray[idx]; idx++)
@ -2813,6 +2819,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
should use an option to gpg to modify such commands (ala
--multifile). */
err = add_arg (gpg, "--fetch-keys");
if (!err && import_filter && have_gpg_version (gpg, "2.1.14"))
{
err = add_arg (gpg, "--import-filter");
if (!err)
err = add_arg (gpg, import_filter);
}
if (!err)
err = add_arg (gpg, "--");
helpptr = NULL;
@ -2831,6 +2843,12 @@ gpg_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
else
{
err = add_arg (gpg, "--import");
if (!err && import_filter && have_gpg_version (gpg, "2.1.14"))
{
err = add_arg (gpg, "--import-filter");
if (!err)
err = add_arg (gpg, import_filter);
}
if (!err && key_origin && have_gpg_version (gpg, "2.1.22"))
{
err = add_arg (gpg, "--key-origin");

4
src/engine-gpgsm.c
View File

@ -1696,13 +1696,15 @@ gpgsm_genkey (void *engine,
static gpgme_error_t
gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray, const char *key_origin)
gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray,
const char *import_filter, const char *key_origin)
{
engine_gpgsm_t gpgsm = engine;
gpgme_error_t err;
gpgme_data_encoding_t dataenc;
int idx;
(void)import_filter;
(void)key_origin;
if (!gpgsm)

6
src/engine.c
View File

@ -850,7 +850,8 @@ _gpgme_engine_op_tofu_policy (engine_t engine,
gpgme_error_t
_gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata,
gpgme_key_t *keyarray, const char *key_origin)
gpgme_key_t *keyarray, const char *import_filter,
const char *key_origin)
{
if (!engine)
return gpg_error (GPG_ERR_INV_VALUE);
@ -858,7 +859,8 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata,
if (!engine->ops->import)
return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
return (*engine->ops->import) (engine->engine, keydata, keyarray, key_origin);
return (*engine->ops->import) (engine->engine, keydata, keyarray, import_filter,
key_origin);
}

1
src/engine.h
View File

@ -142,6 +142,7 @@ gpgme_error_t _gpgme_engine_op_tofu_policy (engine_t engine,
gpgme_error_t _gpgme_engine_op_import (engine_t engine,
gpgme_data_t keydata,
gpgme_key_t *keyarray,
const char *import_filter,
const char *key_origin);
gpgme_error_t _gpgme_engine_op_keylist (engine_t engine,
const char *pattern,

12
src/gpgme.c
View File

@ -255,6 +255,7 @@ gpgme_release (gpgme_ctx_t ctx)
free (ctx->trust_model);
free (ctx->cert_expire);
free (ctx->key_origin);
free (ctx->import_filter);
_gpgme_engine_info_release (ctx->engine_info);
ctx->engine_info = NULL;
DESTROY_LOCK (ctx->lock);
@ -594,6 +595,13 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
if (!ctx->key_origin)
err = gpg_error_from_syserror ();
}
else if (!strcmp (name, "import-filter"))
{
free (ctx->import_filter);
ctx->import_filter = strdup (value);
if (!ctx->import_filter)
err = gpg_error_from_syserror ();
}
else
err = gpg_error (GPG_ERR_UNKNOWN_NAME);
@ -671,6 +679,10 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name)
{
return ctx->key_origin? ctx->key_origin : "";
}
else if (!strcmp (name, "import-filter"))
{
return ctx->import_filter? ctx->import_filter : "";
}
else
return NULL;
}

6
src/import.c
View File

@ -282,7 +282,8 @@ _gpgme_op_import_start (gpgme_ctx_t ctx, int synchronous, gpgme_data_t keydata)
_gpgme_engine_set_status_handler (ctx->engine, import_status_handler, ctx);
return _gpgme_engine_op_import (ctx->engine, keydata, NULL, ctx->key_origin);
return _gpgme_engine_op_import (ctx->engine, keydata, NULL, ctx->import_filter,
ctx->key_origin);
}
@ -365,7 +366,8 @@ _gpgme_op_import_keys_start (gpgme_ctx_t ctx, int synchronous,
_gpgme_engine_set_status_handler (ctx->engine, import_status_handler, ctx);
return _gpgme_engine_op_import (ctx->engine, NULL, keys, ctx->key_origin);
return _gpgme_engine_op_import (ctx->engine, NULL, keys, ctx->import_filter,
ctx->key_origin);
}

14
tests/run-import.c
View File

@ -64,6 +64,7 @@ main (int argc, char **argv)
gpgme_import_result_t impres;
gpgme_data_t data;
gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
char *import_filter = NULL;
char *key_origin = NULL;
if (argc)
@ -103,6 +104,14 @@ main (int argc, char **argv)
protocol = GPGME_PROTOCOL_CMS;
argc--; argv++;
}
else if (!strcmp (*argv, "--import-filter"))
{
argc--; argv++;
if (!argc)
show_usage (1);
import_filter = strdup (*argv);
argc--; argv++;
}
else if (!strcmp (*argv, "--key-origin"))
{
argc--; argv++;
@ -125,6 +134,11 @@ main (int argc, char **argv)
fail_if_err (err);
gpgme_set_protocol (ctx, protocol);
if (import_filter)
{
err = gpgme_set_ctx_flag (ctx, "import-filter", import_filter);
fail_if_err (err);
}
if (key_origin)
{
err = gpgme_set_ctx_flag (ctx, "key-origin", key_origin);