Commit Graph

2302 Commits

Author SHA1 Message Date
Justus Winter
48634e651f
python: Support quick key signing.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_keysign): Fix the description of the
'expire' argument.
* lang/python/gpg/constants/__init__.py: Import new file.
* lang/python/gpg/constants/keysign.py: New file.
* lang/python/gpg/core.py (Context.key_sign): New function.
* lang/python/tests/Makefile.am (py_tests): Add new test.
* lang/python/tests/t-quick-key-signing.py: New test.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 16:28:00 +01:00
Justus Winter
de8494b16b
python: Fix teardown of ephemeral contexts.
* lang/python/tests/support.py (EphemeralContext): New function.
* lang/python/tests/t-quick-key-creation.py: Use the new function to
manage ephemeral contexts.
* lang/python/tests/t-quick-key-manipulation.py: Likewise.
* lang/python/tests/t-quick-subkey-creation.py: Likewise.
--

Previously, there was a problem with cleaning up ephemeral home
directories.  shutil.rmtree deleted the agents main socket, gpg-agent
detected that, and deleted the other sockets as well, racing
shutil.rmtree which did not cope will with that.

Fix this by asking the agent nicely to shut down.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 12:18:56 +01:00
Justus Winter
9350168a1e
python: Fix using strings as commands in the assuan protocol.
* lang/python/gpg/core.py (Context.assuan_transact): Fix testing
whether the command is a string on Python2.
* lang/python/tests/t-protocol-assuan.py: Improve the test to detect
this problem.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 12:10:34 +01:00
Justus Winter
7641b7b5f2
python: Support adding and revoking UIDs.
* NEWS: Update.
* lang/python/gpg/core.py (Context.key_add_uid): New function.
(Context.key_revoke_uid): Likewise.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/t-quick-key-manipulation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 17:55:16 +01:00
Justus Winter
13bace25e3
python: Support quick subkey creation.
* NEWS: Update.
* lang/python/gpg/core.py (Context.create_subkey): New function.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/t-quick-subkey-creation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 16:45:25 +01:00
Justus Winter
476b97822b
python: Support quick key creation.
* NEWS: Update.
* lang/python/gpg/constants/__init__.py: Import new file.
* lang/python/gpg/constants/create.py: New file.
* lang/python/gpg/core.py (Context.create_key): New function.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/support.py (TemporaryDirectory): New class.
* lang/python/tests/t-quick-key-creation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 16:43:10 +01:00
Justus Winter
3bdce4aa3d
python: Fix passphrase callback wrapping.
* lang/python/helpers.c (pyPassphraseCb): Cope with 'passphrase_info'
being NULL.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 14:49:27 +01:00
Justus Winter
048c5f74b6
python: Fix error handling.
* lang/python/gpgme.i (typemap gpgme_key_t[]): Set an error if a
non-key element is discovered.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 14:42:17 +01:00
Justus Winter
de708e5934
core: Fix expiration time handling when creating keys.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
'expire' parameter.
(GPGME_CREATE_NOEXPIRE): Document new flag.
(gpgme_op_createsubkey): Clarify the meaning of the 'expire'
parameter.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
expiration time.
* src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
--

Previously, the documentation stated that the expiration time was an
absolute timestamp.  However, this value was passed using the
'seconds=N' syntax to GnuPG which specifies the expiration time in
seconds relative to the creation time.  Fix the documentation.

Furthermore, the documentation stated that using 0 results in keys
that do not expire.  This was communicated to GnuPG by using the
implicit default.  However, as of GnuPG 2.1.17, the default was
changed to create keys that expire within a reasonable timespan.

Fix this discrepancy by aligning the behavior with recent GnuPG
versions: 0 means use a reasonable default, and introduce a flag that
can be used to create keys that do not expire.  Communicate this
explicitly to GnuPG.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:45:45 +01:00
Justus Winter
27544d0a74
python: Fix build system integration.
* lang/python/Makefile.am (copystamp): Also copy the setup script, and
link the header files.
(all-local): Use local setup script.
(sdist): Fix Python source distribution creation.
(CLEANFILES): Remove now obsolete files.
(install-exec-local): Use local setup script.
* lang/python/setup.py.in: Adjust relative paths to in-tree files.

Fixes-commit: fe65a26ab5
Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:36:30 +01:00
Justus Winter
25f0435a00
python: Update lists of functions returning gpgme_error_t.
* lang/python/gpg/core.py (Context._errorcheck): Add instructions how
to update the list.  Update list.
(Data._errorcheck): Likewise.
(Context.set_engine_info): Simplify.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:36:29 +01:00
Justus Winter
6df6e01ed5
core: Fix error types.
* NEWS: Update.
* src/data.c (gpgme_data_set_flag): Return a 'gpgme_error_t'.
* src/error.c (gpgme_strerror_r): Fix type of first argument.
* src/gpgme.h.in (gpgme_strerror_r): Adapt.
(gpgme_data_set_flag): Likewise.
--
Fix for consistency.  This should not pose problems, because typedef
gpg_error_t gpgme_error_t.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:34:37 +01:00
Justus Winter
92adc9bbf6
python: Wrap utility functions.
* NEWS: Update.
* lang/python/gpg/core.py (pubkey_algo_string): New function.
(pubkey_algo_name): Add docstring.
(hash_algo_name): Likewise.
(get_protocol_name): Likewise.
(addrspec_from_uid): New function.
* lang/python/gpgme.i (gpgme_pubkey_algo_string): Result must be
freed.
(gpgme_addrspec_from_uid): Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 16:33:55 +01:00
Justus Winter
9fc9533c28
python: Use the correct function to free buffers.
* lang/python/gpgme.i (char *): Free using 'gpgme_free'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 16:33:54 +01:00
Justus Winter
fdc4e33dc3
python: Add keylist mode parameter.
* NEWS: Update.
* lang/python/gpg/core.py (Context.keylist): Add 'mode' parameter.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 16:33:40 +01:00
Justus Winter
e17ab84129
python: Nicer repr for user ids.
* lang/python/gpgme.i (_gpgme_user_id): Provide a nicer repr() for
user ids.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 16:33:37 +01:00
Justus Winter
99b7f4f34d
python: Add convenience functions for the home directory.
* NEWS: Update.
* lang/python/gpg/core.py (Context.__init__): Add 'home_dir' argument.
(__repr__): Include 'home_dir'.
(Context.home_dir): New property.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 16:33:19 +01:00
Justus Winter
30a603580e
qt: Make sure to remove the tofu.db on clean.
* lang/qt/tests/Makefile.am (CLEANFILES): Add 'tofu.db'.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-14 12:45:15 +01:00
Tobias Mueller
01d5c17587
python: Extend SWIG gpgme_{sub,}key with a __repr__ method.
* lang/python/gpgme.i: Added a genericrepr macro and use it for
gpgme_key, gpgme_subkey, and gpgme_key_sig.
--

To look nicer in Python's REPL.

We define a generic __repr__ as a SWIG macro and use that to extend some
defined SWIG objects.

The alternative would have been to write a custom __repr__ function for
each class but that would need to be changed everytime the object's
structure changes. The bindings should be easy to maintain, I guess.
This comes at the expense that the reprs are now relatively long and
contain, for example, both keyid and fingerprint.

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
2017-02-14 11:19:50 +01:00
Tobias Mueller
aa49be1ab8
python: Remove the -builtin flag for SWIG.
* lang/python/setup.py.in: Call SWIG without the builtin flag.
--

The SWIG documentation
<http://www.swig.org/Doc2.0/Python.html#Python_nn28> leaves the
impression that -builtin is solely for increasing performance:

    New in SWIG version 2.0.4: The use of Python proxy classes has
    performance implications that may be unacceptable for a high-
    performance library. The new -builtin option instructs SWIG to
    forego the use of proxy classes, and instead create wrapped types as
    new built-in Python types. When this option is used, the following
    section ("Proxy classes") does not apply. Details on the use of the
    -builtin option are in the Built-in Types section.

While not wasting CPU cycles is good, it also prevents Python code being
written in the wrapper itself. That, however, may be useful to make it
easier to extend the wrapper.

Partially reverts: 856bcfe293

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
2017-02-14 11:19:45 +01:00
Tobias Mueller
d356519170
python: Call SWIG_NewPointerObj rather than SWIG_Python_NewPointerObj.
* lang/python/gpgme.i (pygpgme_wrap_gpgme_data_t): Provide a "self"
variable for SWIG_NewPointerObj and call SWIG_NewPointerObj rather than
SWIG_Python_NewPointerObj.
--

SWIG_Python_NewPointerObj seems to be an implementation detail, because
SWIG's documentation does not mention that function at all.  In fact,
SWIG_NewPointerObj is a call to SWIG_Python_NewPointerObj with the first
parameter being either NULL or the "self" variable, depending on whether
SWIG is called with the -builtin flag.  So far, the first parameter was
hard-coded to NULL.  This change also hard-codes it to NULL but makes
it more explicit.  The benefit is that the documented function is being
used and that compilation works regardless of the -builtin flag.

Partially reverts: 856bcfe293

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
2017-02-14 11:19:17 +01:00
Tobias Mueller
d184dbbba8
python: Conditionally provide py3 argument to SWIG
* lang/python/setup.py.in: Only call with -py3 when we run under python3
or higher.
--

If we ever remove the -builtin flag and leave the the -py3 flag, SWIG
will generate Python code which will be incompatible with Python 2,
because the py3 flag generates python3 code which is incompatible with
python2.

So we conditionally generate SWIG bindings with -py3.

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
2017-02-14 11:19:12 +01:00
Justus Winter
fe65a26ab5
python: Use one copy of the source tree per Python version.
* lang/python/Makefile.am (copystamp): Create one copy per Python
version.
(all-local): Adapt.
(clean-local): Likewise.
(install-exec-local): Likewise.
* lang/python/tests/run-tests.py: Likewise.
--

Currently, we use one copy of the Python module's source to build for
all Python versions.  This is problematic, because SWIG writes a
wrapper file into the source tree.  Currently, this file works with
both Python 2 and 3, but this is purely by chance.

Improve the situation by creating one copy per Python version so that
SWIG can write version-specific code into each copy.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-13 16:44:53 +01:00
Justus Winter
60273e8b2c
build: Use macOS' compatibility macros to enable all features.
* configure.ac: On macOS, use the compatibility macros to expose every
feature of the libc.  This is the equivalent of _GNU_SOURCE on GNU
libc.
--
Not defining this leads to compilation errors or superfluous warnings
on macOS.

GnuPG-bug-id: 2910
Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-13 15:08:28 +01:00
Justus Winter
f8db658f8b
Revert "Disable fd-passing for Apple."
The actual bug has been located, so this can be reverted.

This reverts commit ef5b4ae37d.
2017-02-13 14:01:55 +01:00
Igor Gnatenko
60064c665e qt: Add missing #include <functional>
* lang/qt/src/qgpgmenewcryptoconfig.cpp,
lang/qt/src/threadedjobmixin.h: Include functional.

--
With GCC 7.0, functional is not included transitively and we get:
In file included from qgpgmedeletejob.h:39:0,
                 from qgpgmedeletejob.cpp:38:
threadedjobmixin.h:98:33: error: 'function' in namespace 'std'
    does not name a template type
     void setFunction(const std::function<T_result()> &function)
                                 ^~~~~~~~

std::{function,bind,placeholders,mem_fn} are defined in functional.

References: https://bugzilla.redhat.com/show_bug.cgi?id=1417383
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>

GnuPG-Bug-Id: 2955

Commit Message amended by Andre Heinecke

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2017-02-13 10:37:18 +01:00
Andre Heinecke
903bf16a41 qt: Don't rely on implicit include in t-verify
* lang/qt/tests/t-various.cpp: Include QTemporaryDir

--
This fixes build with some Qt Versions
2017-02-07 10:01:58 +01:00
Daniel Kahn Gillmor
ad22bee538 doc: Document that gpgme_op_genkey() parms parameter is not XML.
* doc/gpgme.texi (GnupgKeyParms): document that input format is not
true XML.

--

Please see discussion at
https://lists.gnupg.org/pipermail/gnupg-devel/2017-January/032507.html

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-05 23:38:53 -05:00
Werner Koch
51bd69f216
core: Optimize fork/exec for *BSD and Solaris.
* configure.ac (closefrom): Add to ac_check_funcs.
* src/posix-io.c (_gpgme_io_spawn): Use closefrom.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:56:23 +01:00
Werner Koch
93a59070c6
core: Fix possible deadlock due to get_max_fds.
* src/posix-io.c (get_max_fds): Do not use the Linux optimization.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:13:22 +01:00
Werner Koch
afc308598d
core: Minor cleanup of commit 195c735
* src/verify.c (parse_tofu_user): For cleanness use gpg_error ...
(_gpgme_verify_status_handler): ... and gpg_err_code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:08:39 +01:00
Andre Heinecke
43160a39f2 qt: Add test for tofu conflict
* lang/qt/tests/t-tofuinfo.cpp (TofuInfoTest::testTofuConflict): New.
2017-02-02 17:16:27 +01:00
Andre Heinecke
195c735892 core: Handle multiple TOFU_USER lines in verify
* src/verify.c (op_data_t): Add conflict_user_seen.
(parse_tofu_user): Return ERR_DUP_VALUE for mutltiple TOFU_USERS.
(_gpgme_verify_status_handler): Handle ERR_DUP_VALUE from
parse_tofu_user to ignore the next TOFU_STATS.

--
This fixes TOFU Conflict verification with GnuPG-2.1.17 and 2.1.18

GnuPG-Bug-Id: 2914
2017-02-02 14:06:52 +01:00
Werner Koch
15050ce5fc
core: Replace all calls to *sprintf by gpgrt_*sprintf.
* configure.ac (vasprintf): Remove check.
* src/vasprintf.c: Remove file.
* src/util.h (vasprintf, asprintf): Remove prototypes.  Replace all
calls to vasprintf and asprintf by gpgrt_vasprintf or gpgrt_asprintf.
Also take care to use gpgrt_free on the returned value.
* src/w32-util.c (_gpgme_get_gpgconf_path): Replace a gpgrt_asprintf
by _gpgme_strconcat.
(snprintf): New macro to use gpgrt_snprintf instead of the system's
standard snprintf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 12:35:59 +01:00
Werner Koch
563420a88f
core: Remove unused check for funopen/fopencookie.
* configure.ac (funopen): Remove check.
* src/funopen.c: Remove file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 12:28:39 +01:00
Werner Koch
0ceeb2948c
core: Explain in gpgme.h that most stucts are read-only.
--

It is common that developers look up only the header file and do not
read the manual.  These comments should make it clear that most
structures in gpgme.h are read-only and may only be allocated by
gpgme.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 10:13:50 +01:00
Werner Koch
d19bea52af
core: Un-deprecate gpgme_data_rewind.
* src/gpgme.h.in (gpgme_data_rewind): Un-deprecate.
* src/data-compat.c (gpgme_data_rewind): Move to ...
* src/data.c (gpgme_data_rewind): here.
--

That function is very convenient because it is required a lot with
memory streams.  It also documents the intention of the caller better
than gpgme_data_seek with its addition parameters and the need to map
system errors.  Thus it does not make sense to make it a first class
citizen again.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 09:53:48 +01:00
Werner Koch
9b7d81998b
core: Move all deprecated stuff to the end of gpgme.h.
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 09:53:48 +01:00
Andre Heinecke
8ede86795a core: Cleanup gpgme_key_unref frees
* src/key.c (gpgme_key_unref): Nowadays we assume free(NULL) is ok.
2017-02-01 18:06:54 +01:00
Andre Heinecke
b5075030be core: Fix leakage of address for mail only uids
* src/key.c (gpgme_key_unref): Always free address if set.
(_gpgme_key_append_name): Remove memory optimization for address.

--
The check if address is not allocated would now be more complicated
then just comparing it to email because email is set to address
also when an email was not parsed from the user id.
2017-02-01 18:06:22 +01:00
Andre Heinecke
a28d31fdb6 core: Improve mailbox only uid handling
* src/key.c (_gpgme_key_append_name): Set email and remove name
for uid only keys.

--
If we have a name and no email but the name can be parsed as
an address we now treat the address as email and remove the name.

This fixes downstream users that rely on email to show email
addresses and don't expilicity handle this case.

E.g. A userid foo@example.com was:
uid->name = "foo@example.com"
uid->email = ""
uid->address = "foo@example.com"

It is now:
uid->name = ""
uid->email = "foo@example.com"
uid->address = "foo@example.com"
2017-02-01 16:17:07 +01:00
Justus Winter
ba594d85e3 qt: Increase timeout when waiting for signals.
* lang/qt/tests/t-support.h (QSIGNALSPY_TIMEOUT): New macro.
* lang/qt/tests/t-encrypt.cpp: Use the new macro as timeout when
waiting for signals.
* lang/qt/tests/t-keylist.cpp: Likewise.
* lang/qt/tests/t-keylocate.cpp: Likewise.
* lang/qt/tests/t-ownertrust.cpp: Likewise.
* lang/qt/tests/t-wkspublish.cpp: Likewise.
--
Increase the timeout when waiting for signals from 5 seconds to 60.
This addresses intermittent test failures on slow machines.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-31 10:47:00 +01:00
Werner Koch
752d3597ef
core: Add new context flag "redraw".
* src/context.h (struct gpgme_context): New field 'redraw_suggested'.
* src/op-support.c (_gpgme_op_reset): Clear REDRAW_SUGGESTED.
* src/progress.c (_gpgme_progress_status_handler): Set REDRAW_SUGGESTED.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "redraw".
* tests/run-sign.c (main): Use it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-31 09:44:29 +01:00
Andre Heinecke
7bd6ab4a91 tests: Reduce iterations / threads
* tests/gpg/t-gpgconf.c (main): Reduce iterations to 10.
* tests/gpg/t-thread-keylist-verify.c,
tests/gpg/t-thread-keylist.c (THREAD_COUNT): Reduce to 10.

--
While these tests tested for race conditions a smaller number
of iteration should still show problems if they are run on
multiple systems and regulary. While the 100 Thread count in
the t-thread tests could lead to resource problems.
2017-01-30 14:19:52 +01:00
Andre Heinecke
f3ca2c9ce9 python: Ensure quick-random is used if gpg is gpg2
* lang/python/tests/Makefile.am (gpg.conf): Configure
agent-program accordingly.
2017-01-26 10:44:02 +01:00
Tobias Mueller
9291ebaa41 python: default op_keylist_start parameters.
* lang/python/gpgme.i: Added gpgme_op_keylist_start with defaults
* lang/python/tests/t-keylist.py: Added tests for default parameters
--

To increase the ease of use, op_keylist_start
parameters default to sensible values.
The empty string matches all keys.
We assume that the user wants to retrieve public keys most of the time,
so we default to public keys rather than secret keys.

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
2017-01-25 17:47:35 +01:00
Andre Heinecke
a98951a30a tests: Use --debug-quick-random for tests
* tests/start-stop-agent: Don't autostart agent on --stop and
running check. Use --debug-quick-random when starting.

--
This should speed up the tests especially on low entropy systems.
Possibly fixing a hang on pythons op_genkey test in the Launchpad
build enviorment (see launchpad issue 1655298)
2017-01-25 14:10:18 +01:00
Justus Winter
6f02133bb0 w32: Fix closing file descriptors.
* src/w32-io.c (writer): Only stop once the buffer is drained.
(destroy_writer): Wait for the writers buffer to be drained.  This
aligns '_gpgme_io_close's behavior with close(2) and fclose(3).

GnuPG-bug-id: 2881
Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-23 15:08:23 +01:00
Andre Heinecke
ca69df8c8d tests: Add safeguards against nullptr deref
* t-gpgconf.c (main): Test some values before dereferencing them.
2017-01-17 15:20:56 +01:00
Andre Heinecke
abfd241d1a qt: Use QVERIFY instead of Q_ASSERT in conf test
* lang/qt/tests/t-config.cpp: Use QVERIFY instead of Q_ASSERT.
2017-01-16 14:16:20 +01:00