Commit Graph

692 Commits

Author SHA1 Message Date
NIIBE Yutaka
a36d71a8e3 core: Don't use internal __assuan functions.
* configure.ac (nanosleep): Detect.
* src/assuan-support.c: Don't use __assuan_usleep.
(my_socketpair): Don't use __assuan_socketpair.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-05 14:42:59 +09:00
NIIBE Yutaka
110a375401 core: Don't keep using deprecated ath_ API.
* src/posix-io.c: Don't include ath.h.
(_gpgme_io_read): Call read directly.
(_gpgme_io_write): Call write directly.
(_gpgme_io_waitpid): Call waitpid directly.
(_gpgme_io_select_select): Call select directly.
(_gpgme_io_recvmsg): Call recvmsg directly.
(_gpgme_io_sendmsg): Call sendmsg directly.
(_gpgme_io_connect): Call connect directly.
* src/assuan-support.c: Don't include ath.h.
(my_waitpid): Call waitpid directly.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-05 14:25:00 +09:00
NIIBE Yutaka
b2a2158384 core: Support keylist mode for op_keylist_from_data.
* src/engine-backend.h (keylist_data): Add MODE argument.
* src/engine-gpg.c (gpg_keylist_data): Add MODE argument.
* src/engine.c (_gpgme_engine_op_keylist_data): Likewise.
* src/engine.h (_gpgme_engine_op_keylist_data): Declaration.
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_engine_op_keylist_data with ctx->keylist_mode.

--

GnuPG-bug-id: 5438
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-16 16:19:50 +09:00
Ingo Klöcker
3c2cff74b5 core: New function gpgme_op_receive_keys
* src/gpgme.h.in (gpgme_op_receive_keys_start, gpgme_op_receive_keys):
New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-backend.h (struct engine_ops): Add arg keyids to field
'import'.
* src/engine.h, src/engine.c (_gpgme_engine_op_import): Add arg keyids.
* src/engine.c (_gpgme_engine_op_import): Forward new arg keyids.
* src/import.c: (_gpgme_op_import_start, _gpgme_op_import_keys_start):
Pass NULL to new arg of _gpgme_op_import_start.
(_gpgme_op_receive_keys_start, gpgme_op_receive_keys_start,
gpgme_op_receive_keys): New.
* src/engine-gpg.c (gpg_import): Add arg keyids. Extend check for
valid arguments. Build command line if keyids are given.
* src/engine-gpgsm.c (gpgsm_import): Add arg keyids. Return error if
keyids is not NULL.

tests/run-receive-keys.c: New.
tests/Makefile.am (noinst_PROGRAMS): Add new test runner.
--

The new function allows importing keys given by their key ids or
fingerprints from a keyserver (like gpg's --recv-keys command).

GnuPG-bug-id: 5808
2022-02-03 15:56:30 +01:00
Ingo Klöcker
a527bd7cf5 core: Return an error for secret key export operations
src/export.c (export_status_handler): Handle "export_keys.secret".
--

This allows callers of the synchronous export operations to react
properly to errors (e.g. wrong passphrase) during the export of secret
keys.

GnuPG-bug-id: 5766
2022-01-10 12:34:49 +01:00
Ingo Klöcker
2752e81f89 core: Add new option --secret-subkey to help texts.
* src/gpgme-tool.c (hlp_export): Add new option.
* tests/run-export.c (show_usage): Print new option.
--

GnuPG-bug-id: 5757
2022-01-04 12:30:22 +01:00
Ingo Klöcker
0e19c48791 core: New export mode to export secret subkeys.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New.
* src/export.c (check_mode): Allow new mode and check for invalid
combinations.
(export_keys_start): Return error if new mode flag is set.
* src/engine-gpg.c (export_common): Implement.
* src/gpgme-tool.c (cmd_export): New option --secret-subkey.
* tests/run-export.c (main): New option --secret-subkey.
--

This adds support for exporting secret subkeys (via gpg's
--export-secret-subkeys) to gpgme_op_export[_ext][_start].
The flag is not supported by gpgme_op_export_keys[_start] because
there is no way to specify which subkey(s) to export with these
functions.

GnuPG-bug-id: 5757
2022-01-04 09:23:40 +01:00
Ingo Klöcker
c710af223c core: Check for unsupported export mode flags
src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Return error if an
unsupported mode flag is set.
--

The minimal mode flag has no effect for X.509 certificates, but we still
treat it as supported (as documented in the API documentation).

GnuPG-bug-id: 5757
2022-01-04 09:22:46 +01:00
Ingo Klöcker
c0581adabe core: Check for combination of ssh mode with other mode flags
* src/export.c (check_mode): Return error if ssh mode is combined with
another mode flag.
--

The SSH mode flag cannot be used in combination with other flags.

GnuPG-bug-id: 5757
2022-01-04 09:22:25 +01:00
Ingo Klöcker
3268575115 core: Factor out the check for valid export mode flags.
* src/export.c (check_mode): New.
(export_start, export_ext_start): Call check_mode.
--

GnuPG-bug-id: 5757
2022-01-04 09:21:37 +01:00
Ingo Klöcker
305d8668ca core: Detect bad passphrase error on certificate import
* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.

* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.

* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--

When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.

GnuPG-bug-id: 5713
2021-12-22 15:25:42 +01:00
Ingo Klöcker
d35d44efaf core: Allow setting import filters when importing keys
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".

* tests/run-import.c (main): Add option --import-filter.
--

This makes the --import-filter option available in the GPGME API for
key imports.

GnuPG-bug-id: 5739
2021-12-14 15:44:37 +01:00
Ingo Klöcker
fd680254da core: Set --key-origin option only if supported by gpg
* src/engine-gpg.c (gpg_import): Do not pass --key-origin option to
gpg if gpg is too old.
--

GnuPG-bug-id: 5733
2021-12-14 14:41:23 +01:00
Ingo Klöcker
60880adafa core: Allow specifiying a key origin when importing keys
* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".

* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--

This makes the --key-origin option available in the GPGME API for
key imports.

GnuPG-bug-id: 5733
2021-12-13 16:52:23 +01:00
Ingo Klöcker
0ac3679a74 core: Support all components with dirinfo()
* src/dirinfo.c (WANT_KEYBOXD_NAME, WANT_AGENT_NAME, WANT_SCDAEMON_NAME,
WANT_DIRMNGR_NAME, WANT_PINENTRY_NAME): New.
(dirinfo): Add fields keyboxd_name, agent_name, scdaemon_name,
dirmngr_name, pinentry_name.
(parse_output): Support "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry".
(get_gpgconf_item): Return new components.

tests/t-engine-info.c (main): Add new components to the output.
--

GnuPG-bug-id: 5727
2021-12-10 12:04:05 +01:00
Werner Koch
b8b49c11e9
core: Make the gpgconf option parsing of string types more robust
* src/engine-gpgconf.c (gpgconf_parse_option): Skip the string
indicator if it is not the empty string.
--

Some versions of GnuPG (~2.2.28 to 2.2.33) returned a compliance
indicator which should be an int but actually used string as type.
Simply skipping the indicator without checking that this is the
indicator does not allow to work around this type mismatch by the
gpgme users.
2021-11-25 11:48:11 +01:00
Werner Koch
eb37d6469e
core: Support dirinfo("socketdir")
* src/dirinfo.c (WANT_SOCKETDIR): New.
(dirinfo): Add field socketdir.
(parse_output): Support "socketdir".
(get_gpgconf_item): Return socketdir.

* tests/t-engine-info.c (main): Add socketdir to the output.

* src/w32-util.c (_gpgme_create_process_utf8): Fix indentation.
--

GnuPG-bug-id: 5613

This is not strictly necessary because we could deduce this from one
of the other socket info items but it is more clean to have a
dedicated info item.  The socketdir item is available for 5 years now
(GnuPG commit 8e3fa5a4b205c534de2142e5d071712f957cf06a)
2021-11-25 11:40:59 +01:00
NIIBE Yutaka
8148237cb4 posix: Use poll instead, when available, removing use of select.
* configure.ac (HAVE_POLL_H): Add the check.
* src/ath.c [!HAVE_POLL_H] (ath_select): Enable conditionally.
* src/posix-io.c [HAVE_POLL_H] (_gpgme_io_select_poll): Use poll.
* tests/gpg/t-cancel.c [HAVE_POLL_H] (do_select): Use poll.
* tests/gpg/t-eventloop.c [HAVE_POLL_H] (do_select): Use poll.

--

GnuPG-bug-id: 2385
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-25 11:13:17 +09:00
NIIBE Yutaka
4583ab77e5 gpgme.pc: Fix library dependency and use of includedir, libdir.
* src/gpgme.pc.in (Require): Move gpg-error, libassuan to...
(Requires.private): ... here.
(Cflags): Add -I${includedir}.
(Libs): Add -L${libdir}.

--

This will result better library dependency for applications using
gpgme.  It will break build of an application which directly uses
gpg-error or libassuan without specifying them (which means, depending
on redundant/wrong gpgme.pc).

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-12 11:05:53 +09:00
NIIBE Yutaka
3c1c98a434 core: Use flexible array member if compiler has support.
* configure.ac (AC_C_FLEXIBLE_ARRAY_MEMBER): Add.
* src/engine-gpg.c (struct arg_and_data_s): Use FLEXIBLE_ARRAY_MEMBER.
(_add_arg): Use offsetof instead of sizeof.
(add_data): Likewise.

--

Before this fix, GCC 11 warns (with its bound checking feature).

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-08-13 14:52:03 +09:00
Ingo Klöcker
7cfc93193d core: Fix results returned by gpgme_data_* functions
src/debug.h (TRACE_SYSRES_OFF_T, _trace_sysres_off_t,
TRACE_SYSRES_SSIZE_T, _trace_sysres_ssize_t): New.
src/data.c (gpgme_data_read, gpgme_data_write, gpgme_data_seek): Use
appropriate new tracing macros instead of casting the results to int.
--

This change adds tracing macros for results of system functions of
type __off_t and __ssize_t.

GnuPG-bug-id: 5481
2021-08-03 12:13:27 +02:00
Jiri Kucera
4b64774b6d
core: Support closefrom also for glibc.
* src/posix-io.c (_gpgme_io_spawn): Use glibc's closefrom.
--

Since 2.34, glibc introduces closefrom (the implementation
follows *BSD standard).

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-07-27 10:52:13 +02:00
Ingo Klöcker
34d9defc42 core: Allow specifying an expiration date for key signatures
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".

* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--

The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.

GnuPG-bug-id: 5336, 5505
2021-06-22 16:35:03 +02:00
Werner Koch
fde20940b5
core: New data flags "io-buffer-size" and "sensitive".
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.

* src/conversion.c (_gpgme_wipememory): New.  Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.

* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--

GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 19:51:28 +02:00
Werner Koch
ea290108e4
core: Also detect AuthEnvelopedData (AEAD for CMS)
* src/data-identify.c (basic_detection): Add OID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 17:10:49 +02:00
Andre Heinecke
ceb8387460
core,w32: Increase BUFFER_SIZE to 4096
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.

--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.

GnuPG-Bug-Id: T5478
2021-06-10 15:33:51 +02:00
Andre Heinecke
4041e2c62a
core: Explicitly add GPG_ERROR_CFLAGS
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS

--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
2021-06-09 10:47:05 +02:00
Ingo Klöcker
5512133de4 core: Fix a few checks for number of fields in keylist result parser.
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--

This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
2021-06-02 10:20:26 +02:00
Werner Koch
88db69e1a9
core: Make sure to stay ABI compatible.
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--

Fixes-commit: 276187f6b6

Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
2021-05-12 08:48:26 +02:00
Ingo Klöcker
276187f6b6 core: Extend gpgme_key_sig_t with trust signature members.
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419
2021-05-05 19:23:48 +02:00
Werner Koch
0821e2b149
core: New flag GPGME_KEYSIGN_FORCE.
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.

* tests/run-keysign.c (show_usage): Add option --force
--

GnuPG-bug-id: 4584
2021-03-11 11:49:07 +01:00
Werner Koch
c8fd8870b3
core: Remove experimental feature GPGME_EXPORT_MODE_NOUID.
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--

Note that this constant was never announed and used only for internal
tests.  It made it into some release only by accident.

The constants is kept in gpgme.h to not break any code but it is
non-fucntionals.  We do not consider this an ABI break.

GnuPG-bug-id: 5284
2021-02-01 16:48:30 +01:00
Werner Koch
bb9880778f
Release 1.15.1 2021-01-08 18:14:33 +01:00
Ingo Klöcker
5137d7fc21 core: Make listing of signatures work if only secret keys are listed
* src/engine-gpg.c (gpg_keylist_build_options): Add "--with-sig-check"
argument if signatures shall be listed.
* tests/gpg/t-keylist-secret-sig.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
--

GnuPG-bug-id: 3580
2021-01-05 17:44:16 +01:00
NIIBE Yutaka
53ac732bae core: Call _gpgme_passphrase_status_handler when exporting keys.
* src/export.c (export_status_handler): Call the handler.

--

Fixes-commit: 3382ecb17e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-24 15:00:27 +09:00
NIIBE Yutaka
4c6fd36159 m4: Update with newer autoconf constructs.
* src/gpgme.m4: Replace AC_HELP_STRING to AS_HELP_STRING.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-20 12:07:33 +09:00
Werner Koch
feea38c89d
Release 1.15.0
* configure.ac: Bump LT versions to c=C35/A24/R0, cpp=C18/A13/R0,
qt=C12/A5/R0.
--

GnuPG-bug-id: 5131
2020-11-12 10:24:22 +01:00
NIIBE Yutaka
3382ecb17e core: Support exporting secret keys.
* src/export.c (export_start): Set command handler for passphrase
interaction for the case when it's secret keys.
(export_ext_start): Likewise.

--

GnuPG-bug-id: 5046
Co-authored-by: Louis Dupré Bertoni
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-12 13:11:08 +09:00
Werner Koch
eb99e8c483
Require at least libgpg-error 1.36
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--

Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion.  This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 11:50:46 +01:00
Ben Kibbey
35ca460019 Parse STATUS_CANCELED_BY_USER.
* src/gpgme.h.in (GPGME_STATUS_CANCELED_BY_USER): New.
* src/status-table.c (status_table_s): Add "CANCELED_BY_USER".
* src/passphrase.c (_gpgme_passphrase_status_handler): Return
GPG_ERR_CANCELED during GPGME_STATUS_CANCELED_BY_USER.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2020-11-03 17:47:44 -08:00
Ingo Klöcker
f3407d0ee4 core: New function gpgme_op_revsig.
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--

This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
NIIBE Yutaka
fd904f87f8 gpgsm: Fix leaked fd.
* src/engine-gpgsm.c (gpgsm_new): Close gpgsm->diag_cb.server_fd.

--

GnuPG-bug-id: 5074
Reported by: VladislavGrudinin
Fixes-commit: dd21ec997c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-01 11:18:50 +09:00
Werner Koch
e4ee706e27
core: Fully implement the inquire callback for assuan_transact
* src/engine-assuan.c (inquire_cb): Implement returning data.

* tests/opassuan/t-command.c (inq_cb): Send some test data.
--

The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be

 ./t-command 'scd setattr --inquire PRIVATE-DO-1'

and then reading the data back using

  gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-09 12:13:20 +02:00
Ingo Klöcker
f66f856c89 core: Add error handling to setexpire
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.

* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--

Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.

GnuPG-bug-id: 4395
2020-08-14 11:11:23 +02:00
Ingo Klöcker
db82e99a8a core: New function gpgme_op_setexpire.
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--

This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.

Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
2020-08-04 16:51:56 +02:00
Werner Koch
dfeedcc28d
core: Also allow GPGME_EXPORT_MODE_SSH for gpgme_op_export.
* src/export.c (export_start): Allow that mode.
--

The test tools uses gpgme_op-export_ext and thus did not caught it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 16:47:31 +02:00
Werner Koch
7f9e0ca57b
core: New export mode to export as OpenSSH public key.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--

GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 12:00:46 +02:00
Werner Koch
8589091682
core: Deprecate the non-working trustlist functions.
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member.  Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--

This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago.  It was anyway marked as
experimental.  We keep the API and ABI, though.

GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 16:34:24 +02:00
Werner Koch
c8048bf8eb
core: New keylist mode GPGME_KEYLIST_MODE_WITH_KEYGRIP.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.

* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--

GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 14:11:17 +02:00
Werner Koch
728ead8ebd
core: Fix setting of the chain_model signature result.
* src/verify.c (parse_trust): Fix detection of "chain" keyword.
--

Fixes-commit: da6f3dc0c5
from 2007 shortly after introducing this.  I doubt that this info has
ever been used (it is for qualified signatures, which are only
supported using the legacy German RegTP rules for them which were soon
overturned by the commercial CAs).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-05 14:46:56 +02:00