* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are
not verifying.
--
Without this change, the signature verification would fail. This
problem was introduced in bded8ebc59 in
an attempt to avoid an error when *not* verifying. Clearly more test
suite coverage is needed to avoid introducing this sort of problem in
the future.
GnuPG-bug-id: 3464
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* configure.ac: Configure new Makefiles.
* lang/python/Makefile.am: Remove dirs from extra dist and use
subdirs.
* lang/python/examples/Makefile.am, lang/python/src/Makefile.am,
lang/python/doc/Makefile.am: New. Files that list EXTRA_DIST files.
--
This is similar to what lang/js does by explicitly listing the
files. This ensures that we have clean distribution tarballs
without accidentall additions that just lay in the directory.
GnuPG-Bug-Id: T4481
* configure.ac (CFLAGS): Move -Wno flags out of the maintainer mode.
--
It makes sense to have more warnings in maintainer mode and
not more warnings in release builds.
GnuPG-Bug-Id: T4477
* src/core.py (decrypt): filter out signatures with errors from the
returned verify_result, but avoid raising BadSignatures
* tests/t-decrypt-verify.py: ensure that only a single signature is
returned when evaluating cipher-3.asc, since the other signature is
unknown.
--
This change preserves the invariant that decrypt() only ever returns
valid signatures in the verify_result, but it avoids unnecessary
errors in the face of the presence of an additional bad signature.
GnuPG-bug-id: 4276
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/tests/t-decrypt.py: test decryption of cipher-3.asc and
cipher-no-sig.asc
* lang/python/tests/t-decrypt-verify.py: test decryption and
verification of cipher-3.asc and cipher-no-sig.asc
--
note that this introduces a failed test -- decrypt-verify.py
misbehaves on cipher-3.asc by throwing a BadSignature even though
GnuPG-bug-id: 4276
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* tests/gpg/cipher-3.asc: add an encrypted file containing signatures
(one from a known key, and one from an unknown key)
* tests/gpg/cipher-no-sig.asc: add an encrypted file containing no
signatures at all
--
We currently aren't using these files yet, but they should be useful
for exercising the library in unusual circumstances (where the bugs
are).
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/tests/Makefile.am: prefer py_tests from the environment
if present.
--
I'm trying to make it nicer/quicker to hack on the testsuite for
python bindings. With this change, if you're improving the python
bindings test suite, you can selectively run only a few specific tests
like so:
lang/python$ make check py_tests='t-decrypt.py t-decrypt-verify.py'
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* src/engine-gpgsm.c [!USE_DESCRIPTOR_PASSING] (gpgsm_new): Remove
last call to _gpgme_io_set_close_notify.
--
It is called just after the code in question for all cases.
GnuPG-bug-id: 4456
Fixes-commit: dd21ec997c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* src/w32-util.c (_gpgme_access): Respect mode parameter.
(_gpgme_create_process_utf8): Convert startupinfo, too.
--
This both did not show up in testing as we only use
mode F_OK and STARTUPINFOA is basically the same as
STARTUPINFOW.
Fixes commit: a82e3a0ae5
GnuPG-Bug-Id: T4453
* src/dirinfo.c (get_gpgconf_item): Use _gpgme_access.
* src/posix-util.c (_gpgme_access): Add forward to normal access.
* src/sys-util.h (_gpgme_access): New for posix and w32.
* src/w32-io.c (_gpgme_io_spawn): Use _gpgme_crate_process_utf8.
* src/w32-util.c (utf8_to_wchar, utf8_to_wchar0): The usual w32 conv.
(find_program_in_dir): Use _gpgme_access.
(find_program_at_standard_place): Use wchar API and convert to UTF-8.
(_gpgme_access): Convert UTF-8 to wchar and use wchar API.
(_gpgme_create_process_utf8): Convert UTF-8 to wchar and use wchar API.
--
While we should not say that we have full support for unicode path
installations of GnuPG, this ensures that GPGME works if GPGME
itself is installed in a unicode path. e.g.: Libreoffice supports
this.
GnuPG-Bug-Id: T4453
Based on a patch provided by Egor Pugin. Thanks.
* src/w32-io.c (_gpgme_io_spawn): Show MessageBox only once.
--
This prevents multiple message boxes from showing when
the GPGME installation is unworkable.
GnuPG-Bug-Id: T4453
* src/debug.c (_gpgme_debug): Use gpgrt_vasprintf instead of
vfprintf to have a more portable format.
--
This fixes crashes on Windows because "%zu" is used which
is not natively supported on Windows but which gpgrt supports.
* src/assuan-support.c (my_spawn): Fix using strtoul for
a long.
--
This was commented on in129def87b262 and is correct.
It is signed here to better handle cases where an
invalid handle value (-1) would be passed.
* NEWS: Mention interface change.
* lang/cpp/src/gpggencardkeyinteractor.cpp
(GpgGenCardKeyInteractor::setAlgo): New.
(GpgGenCardKeyInteractor::action),
(GpgGenCardKeyInteractor::nextState: Handle new interface.
--
Tested that this workes with the old interface of GnuPG 2.2.5
and the new interface since GnuPG 2.2.6
GnuPG-Bug-Id: T4428
* src/assuan-support.c (my_spawn): Add hack to
mark the logger fd for w32spawn translation.
--
The w32 spawn code needs to modify argv with
an updated fd that matches the real id
in the spawned process.
It uses spawn_fd_item_s.arg_loc for that.
We hack it here so that the arg_loc is set
for gpgsm's logger-fd without changing
the assuan API.
GnuPG-Bug-Id: T4426
* src/engine-gpgsm.c (struct engine_gpgsm): Add fields diag_cb and
diagnostics.
(close_notify_handler): Close the diag fd on status fd close.
Handle diag close.
(gpgsm_cancel): Handle diag.
(gpgsm_release): Free DIAGNOSTICS.
(gpgsm_new): Support the diag feature.
(start): Set a handler for the diag fd.
(gpgsm_getauditlog): Support GPGME_AUDITLOG_DIAG.
--
Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
Signed-off-by: Werner Koch <wk@gnupg.org>
* lang/cpp/src/context.cpp (Error::hasSystemError): Invert logic to
do what it says.
--
This is safe because according to codesearch it is only used
in QGpgME
* tests/run-verify.c (print_result): Chack is_de_vs.
* tests/run-import.c (main): Fix bad parameter for format string.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/cJSON.c (MAX_DEPTH): New. Maximum recursion depth.
(parse_value, parse_array, parse_object): Carry and check
depth argument.
(cJSON_ParseWithOpts): Initialize depth.
--
This fixes a stack overflow if we get weird recursive
json data.
GnuPG-Bug-Id: T4331
* lang/cpp/src/data.cpp (GpgME::Data::toKeys): Rewind afterards.
--
This fixes unexpected behavior that the seek pointer is changed
after calling the const toKeys.
* src/w32-util.c (_gpgme_get_gpgconf_path): Add NULL top strconcat.
--
Fortunately this is called early and the stack like cleared out so
that we have not seen wrong behaviour until now. We should really fix
all these annoying HANDLE/int cast warnings and alike so that real
bugs are not drowned by them.
GnuPG-bug-id: 4369
Signed-off-by: Werner Koch <wk@gnupg.org>
* A rather obvious variant of the existing key import examples, except
directed at Mailvelope's keyserver.
* Yeah, Werner, I know ... but it exists because I used it and there's
no harm in sharing.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Version bump in preparation for whenever GPGME 1.13.0 happens.
* Ran the post_installer.py for docs preparation again.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Removed auto-generated .texi files from doc/src/ so only the
corrected versions are left.
* Which means now it is complete, but with the initial work to expand
it with info file generation later.
* Moved post_installer.py into the examples/howto/ directory.
* Added instructions for its use to the Python Bindings HOWTO.
* Ran it as intended from the lang/python/ directory in order to both
prove it works and quickly and easily get the updated howto
replicated. Also to fix all those .texi files.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* src/gpgme-json.c (subkey_to_json): here
--
Avoid Windows ugliness of allowing different CRTs in the same
process.
Fixes-commit: 7f24233719
Signed-off-by: Werner Koch <wk@gnupg.org>
* Merging post installer script.
* Included ammended Sphinx config file to try to reduce the
auto-generated EPUB validation failures it produces.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed inter-edit.py so it will actually work now.
* made 3 others executable.
* Fixed the semantics of assuan.py's instructions.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed inter-edit.py so it will actually work now.
* made 3 others executable.
* Fixed the semantics of assuan.py's instructions.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added some EPUB specific config options to the Sphinx config file
which might help reduce some of Sphinx's more stupid default errors
with EPUB validation.
* Added lang/python/post_installer.py script for automating the
generation of .texi and .rst "source" files from the real source
files written in Org mode. Includes recreating the Sphinx Makefile
which is excluded due to the m4 toolchain in parent directories, it
also handles the rewriting of the reST index file properly and
rewrites the .texi files so they don't impale themselves on Unicode.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
