Commit Graph

578 Commits

Author SHA1 Message Date
Werner Koch
e5273fc443
json: Add command "decrypt" to gpgme-json.
* src/gpgme-json.c (make_data_object): Enable auto-detection of
base-64.
(op_encrypt): Support a 'mime' flag.
(op_decrypt): New.
(process_request): Add command "encrypt".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:24:42 +02:00
Werner Koch
65479fe7b8
core: Add 'is_mime' flags to the verify and decrypt results.
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'.  Shrink '_unused'.

* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--

Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis.  To use it you currently need to add
"rfc4880bis" to the the gpg.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:20:35 +02:00
Werner Koch
23177e4410
core: Fix possible compliance mode detection error.
* src/verify.c (_gpgme_verify_status_handler): Insert missing break.
--

Before the insertion of the compliance status checking the break in
the default clause was used by the STATUS_PLAINTEXT code.  That got
lost.  I don't see any actual harm due to different values currently
in use for the compliance status.

Fixes-commit: 05fa2a9c77
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 14:41:50 +02:00
Werner Koch
49a617f8bb
json: Improve help meta command in gpgme-json.
* src/gpgme-json.c (process_meta_commands): Add ",help CMD".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:34:16 +02:00
Werner Koch
ed1052842d
json: Add command "getmore" to gpgme-json.
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const.
(DEF_REPLY_CHUNK_SIZE): New const.
(MAX_REPLY_CHUNK_SIZE): New const.
(pending_data): New var.
(add_base64_to_object): Chnage to take a plain data pointer.
(get_chunksize): New.
(make_data_object): New.
(op_encrypt): Get chunksize and use make_data_object.
(op_getmore): New.
(process_request): Release pending data for all commands but "getmore"
and "help".
--

Native messaging has a limit on the data it may receive in one
request.  Thus the caller needs to watch for the "more" flag and
request the remaining data using "getmore" in a loop.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:12:46 +02:00
Werner Koch
e69b175e8e
json: Add meta command ,read to gpgme-json.
* src/gpgme-json.c: Include stat.h.
(get_file): New.
(process_meta_commands): Implement ",read".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 09:26:33 +02:00
Werner Koch
01435da498
core: Extend decryption result with symkey_algo.
* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 13:48:56 +02:00
Werner Koch
3589da0500
core: New keyword --file for OpenPGP recpstring.
* src/engine-gpg.c (append_args_from_recipients_string): Add new
flags.
--

Now you can use gpgme to encrypt without first importing a key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 12:40:30 +02:00
Werner Koch
c143ab692c
core: For OpenPGP let offline mode disable dirmngr.
* src/engine-gpg.c (struct engine_gpg): New flag.offline.
(gpg_set_engine_flags): Set it.  Also fix setting of no_symkey_cache.
(build_argv): Pass --disable-dirmngr in offline mode.
--

GnuPG-bug-id: 3831
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 11:06:27 +02:00
Werner Koch
4bba3b8e2c
core: Allow for --hidden keyword in OpenPGP recpstrings.
* src/engine-gpg.c (append_args_from_recipients_string): Add special
keywords.
--

GnuPG-bug-id: 3775
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 10:04:20 +02:00
Werner Koch
86efba2be2
core: New encryption flag GPGME_ENCRYPT_WANT_ADDRESS.
* src/gpgme.h.in (GPGME_ENCRYPT_WANT_ADDRESS): New flag.
* src/engine-gpg.c (add_arg_recipient): New.
(add_arg_recipient_string): New.
(append_args_from_recipients): Call new helper function.
(append_args_from_recipients_string): Ditto.
* src/gpgme-json.c (op_encrypt): Add flag "want-address".
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 09:40:27 +02:00
Werner Koch
a1f76b3b54
core: Add extended versions of the encrypt functions.
* src/gpgme.h.in (gpgme_op_encrypt_ext_start) New.
(gpgme_op_encrypt_ext): New.
(gpgme_op_encrypt_sign_ext_start): New.
(gpgme_op_encrypt_sign_ext): New.
* src/libgpgme.vers, tests/run-encrypt.c: Add them.

* src/encrypt.c (encrypt_start): Add arg recpstring.
(gpgme_op_encrypt): Factor code out to ...
(gpgme_op_encrypt_ext): new function with new arg recpstring.
(gpgme_op_encrypt_start): Factor code out to ...
(gpgme_op_encrypt_ext_start): new function with new arg recpstring.
* src/encrypt-sign.c (encrypt_sign_start): Add arg recpstring.
(gpgme_op_encrypt_sign): Factor code out to ...
(gpgme_op_encrypt_sign_ext): new function with new arg recpstring.
(gpgme_op_encrypt_sign_start): Factor code out to ...
(gpgme_op_encrypt_sign_ext_start): new function with new arg
recpstring.

* src/engine-backend.h (struct engine_ops): Change fields encrypt and
encrypt_sign.
* src/engine.c (_gpgme_engine_op_encrypt): Add arg recpstring and pass
to engine.
(_gpgme_engine_op_encrypt_sign): Ditto.
* src/engine-gpg.c (append_args_from_recipients_string): New.
(gpg_encrypt): Add arg recpstring and call new function as needed.
(gpg_encrypt_sign): Ditto.
* src/engine-gpgsm.c (set_recipients_from_string): New.
(gpgsm_encrypt): Add arg recpstring and call new function as needed.
* src/engine-uiserver.c (set_recipients_from_string): New.
(uiserver_encrypt): Add arg recpstring and call new function as
needed.

* tests/run-encrypt.c (xstrdup): New.
(main): Add option --keystring.

* src/gpgme-json.c (get_keys): Simplify.
(op_encrypt): Modify to make use of the extended encrypt function.

--

This new feature can be used to avoid the need for a key lookup and
thus several extra calls to the backend.

Note that run-test uses a semicolon as delimiter because that make
testing the feature on the command line much easier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 08:45:00 +02:00
Werner Koch
b99502274a
core: Tweak STATUS_FAILURE handling.
* src/op-support.c (_gpgme_parse_failure): Ignore failures with
location "gpg-exit".
* tests/gpg/t-verify.c (main): Adjust for the now working checking of
the second key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 20:36:30 +02:00
Werner Koch
478d1650bb
core: For a failed verification return the sig's fingerprint.
* src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
--

This works only when the signatures features an ISSUER_FPR sub-packet
and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
the FPR field.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 20:26:00 +02:00
Werner Koch
f7700a0169
core: Add new context flag "no-symkey-cache".
* src/gpgme.c (gpgme_set_ctx_flag): Set flag.
(gpgme_get_ctx_flag): Get flag.
* src/context.h (struct gpgme_context): Add field no_symkey_cache.
* src/engine-gpg.c (struct engine_gpg): Ditto.
(gpg_set_engine_flags): Set flag.
(build_argv): Pass option --no-symkey-cache to gpg.

* tests/run-decrypt.c (print_result): Fix segv for symmetric messages.
(main): New option --no-symkey-cache.
* tests/run-encrypt.c (main): New option --no-symkey-cache.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 09:17:27 +02:00
Werner Koch
60d7a1e8f6
json: Build only a dummy if libgpg-error is < 1.28
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-29 15:06:54 +02:00
Werner Koch
3345a17dda
json: Remove the "message" object thingy again.
* src/gpgme-json.c (process_request): Remove 'nm_mode'.
--

This was an error in the javascript testing code.  Thus the Mozilla
specs are correct that the request is send verbatim.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-28 21:21:18 +02:00
Werner Koch
4b2fa657d1
json: Make native messaging work.
* src/gpgme-json.c (opt_debug): New.
(process_request): Add optional arg nm_mode.  In this mode take the
request from a "message" object.
(native_messaging_repl): Add debug output and call process_request
in NM_MODE.
(main): Add option --debug.  Parse envvar GPGME_JSON_DEBUG as an
alternative way to enable this.  Use a default log file.
--

Note that the default log file is ~/.gnupg/S.gpgme-json.log .
Thus to debug a javascript application you should start

  watchgnupg --time-only --force ~/.gnupg/S.gpgme-json.log

in a separate tty and then use

 GPGME_JSON_DEBUG=1 firefox &

to run firefox.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-28 20:53:21 +02:00
Andre Heinecke
7c220e387d
core: Initialize key return value in gpgme_get_key
* src/keylist.c (gpgme_get_key): Set r_key to NULL.

--
The c++ bindings and others assumed that r_key is set to NULL
on error. This is the behavior gpgme_op_keylist_next also
has. Even if it is not specified what happens to r_key on
error setting it to NULL should not hurt and is more
expected behavior.

This directly fixes an uninitialized memory access error
in the c++ bindings / Kleopatra:
GnuPG-Bug-Id: T3865

And will fix some additional random crashes in Kleopatra and GpgOL.
2018-03-27 11:24:55 +02:00
Werner Koch
4763974ef6
core: Need to increase an array in the gpg engine.
* src/engine-gpg.c (build_argv): Allcate one slot more for ARGV.
--

Fixes-commit: b9000bc293
2018-03-23 15:46:18 +01:00
Werner Koch
e5abf4827a
json: Use a request origin of "browser".
* src/gpgme-json.c (_create_new_context): Set flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 15:32:06 +01:00
Werner Koch
b9000bc293
core: New gpgme_set_ctx_flag "request-origin".
* src/context.h (gpgme_context): Add 'request_origin'.
* src/gpgme.c (gpgme_release): Free that field.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "request-origin".
* src/engine-backend.h (engine_ops): Add 'set_engine_ops' func ptr and
adjust all users.
* src/engine.c (_gpgme_engine_set_engine_flags): New.
* src/op-support.c (_gpgme_op_reset): Call that func.
* src/engine-gpg.c (struct engine_gpg): Add 'request_origin'.
(gpg_set_engine_flags): New.
(_gpgme_engine_ops_gpg): Hook it.
(build_argv): Use command line option --request-origin.
* src/engine-gpgsm.c (struct engine_gpgsm): Add 'request_origin'.
(gpgsm_set_engine_flags): New.
(_gpgme_engine_ops_gpgsm): Hook it.
(start): Send OPTION "request-origin".
* src/engine-assuan.c (struct engine_llass): Add 'request_origin'.
(gpgsm_set_engine_flags): New.
(_gpgme_engine_ops_assuan): Hook it.
(start): Send OPTION "pretend-request-origin".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 15:27:32 +01:00
Werner Koch
eee68c1b13
build: Allow building with released libgpg-error.
* src/gpgme-json.c (add_base64_to_object): Return an error if building
with an older libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 12:36:19 +01:00
Werner Koch
c7bb12da52
Merge branch 'json-tool' 2018-03-23 11:31:20 +01:00
Werner Koch
d83482a1d7
json: Finish op:encrypt.
* src/gpgme-json.c (add_base64_to_object): New.
(data_from_base64_string): New.
(op_encrypt): Employ them.
(process_request): Print unformated json.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 11:27:59 +01:00
Werner Koch
6525d78d0a
json: Add a new function to cJSON.
* src/cJSON.c (cJSON_CreateStringConvey): New.
2018-03-23 11:26:36 +01:00
Ben McGinnes
76055dd5c7 Merge branch 'ben/docs/2018-03' of ssh+git://playfair.gnupg.org/git/gpgme into ben/docs/2018-03 2018-03-22 06:33:16 +11:00
Werner Koch
e14f1f687f
json: Use gpgrt_argparse instead of argsparse.c
* src/gpgme-json.c: Remove header argparse.h.  Define
GPGRT_ENABLE_ARGPARSE_MACROS.
(interactive_repl): Replace strusage by gpgrt_strusage.
(my_strusage): Add SPDX level.
(main): Switch to gpgrt_argparse stuff but keep very limited
functionality when building with an older libgpg-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-21 19:26:03 +01:00
Werner Koch
6073789a6d
json: Implement op:encrypt
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-20 11:14:26 +01:00
Werner Koch
44f9e80ea9
Merge branch 'master' into json-tool 2018-03-20 11:13:14 +01:00
Werner Koch
343d3e2232
core: Do not clobber R_KEY in gpgme_get_key on error.
* src/keylist.c (gpgme_get_key): Assign a value to the return
parameter only on success.
--

This problem could be triggered by an ambiguous key.  The problem is
that the key returned in that case is for one not expected and worse
it has not been ref-ed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-20 10:41:18 +01:00
Werner Koch
9e1e655483
core: Fix ABI regression in recent commit.
* src/gpgme.h.in (_gpgme_op_import_result): Move new field
'skipped_v3_keys' to the end.
--

The ABI break has not made it into a release.

Also document the new field.

Fixes-commit: a630a1e3e7
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-20 10:38:36 +01:00
Werner Koch
d2b31d8c10
json: Add framework for the gpgme-json tool
* src/gpgme-json.c: New.
* src/Makefile.am (bin_PROGRAMS): Add gpgme-json.
(gpgme_json_SOURCES, gpgme_json_LDADD): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-16 13:55:48 +01:00
Werner Koch
81c90d0cd0
core: Adjust cJSON code for use in GPGME.
* src/cJSON.c: Remove util.h.  Use gpgrt alloc functions.
(cJSON_Delete): Do not clobber ERRNO.
(cJSON_AddItemToObject): Return OBJECT or NULL.
(cJSON_AddNullToObject): New.
(cJSON_AddTrueToObject): New.
(cJSON_AddFalseToObject): New.
(cJSON_AddBoolToObject): New.
(cJSON_AddNumberToObject): New.
(cJSON_AddStringToObject): New.
* src/cJSON.h (cJSON__h): Replace macro by cJSON_h for C compliance.
(cJSON_AddNullToObject): Remove macro.
(cJSON_AddTrueToObject): Remove macro.
(cJSON_AddFalseToObject): Remove macro.
(cJSON_AddBoolToObject): Remove macro.
(cJSON_AddNumberToObject): Remove macro.
(cJSON_AddStringToObject): Remove macro.
--

The gpgrt malloc functions are used so that we can easily mix memory
returned by gpgrt (e.g. es_read_line) with memory returned from the
JSON function.  In general that is not needed but on Windows it makes
a difference if the gpgme DLL is linked to a different C runtime
than the application.

The macros have been replaced to allow error checking (i.e out of
core) for these functions.  More error checking should be implemented
instead of silently creating objects which are not as requested.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-16 13:36:04 +01:00
Andre Heinecke
a630a1e3e7
core: Parse skipped_v3_keys
* src/gpgme.h.in (gpgme_import_result_t): Extend with skipped_v3_keys.
* src/import.c (gpgme_op_import_result): Extend debug with new field.
(parse_import_res): Parse skipped_v3_keys.
* tests/gpg/t-support.h, tests/run-support.h (print_import_result):
Print skipped_v3_keys.

--
This makes it possible to handle this in a GUI in a future
version.

GnuPG-Bug-Id: T3776
2018-03-15 16:23:18 +01:00
Werner Koch
8eb08b3189
core: Import cJSON code from the payproc project.
* src/cJSON.c: New.
* src/cJSON.h: New.
* src/cJSON.readme: New.
--

This is a copy of the code from the payproc commit
af5d6b4f820ee19e246a2cab6f56465fe91f1233.  The code was originally
added to payproc with the commit below.

Signed-off-by: Werner Koch <wk@gnupg.org>

===============================================
commit 7ae7ef29bc5ec19e005e6a5a739233d655f3f05f
Author:     Werner Koch <wk@gnupg.org>
AuthorDate: Wed Apr 2 09:01:42 2014 +0200
Commit:     Werner Koch <wk@gnupg.org>
CommitDate: Wed Apr 2 09:12:02 2014 +0200

Simplify cJSON and add new macros.

* src/cJSON.h: Re-indented.
(cjson_t): New.
(cjson_is_): New macros.
* src/cJSON.c: Re-indented.  Include errno.h and our util.h.
(ep): Remove global var.
(cJSON_GetErrorPtr): Remove.
(cJSON_strcasecmp): Cast args for use with tolower.
(cJSON_malloc, cJSON_free): Remove.  Change callers to use xtrymalloc
and xfree.
(cJSON_InitHooks): Remove.
(cJSON_strdup): Remove.  Change callers to use xtrystrdup.
(cJSON_New_Item): Simplify.
(cJSON_ParseWithOpts, cJSON_Parse): Add arg R_ERROFF.
(parse_string, parse_value, parse_array, parse_object): Add arg EP.
--

cJSON has been taken from cjson-code-58.zip.  The README file has been
renamed to cJSON.readme and the files have been changed to GNU coding
standards.  Because that parser is small enough to be source copied it
does not make sense to treat it as a library and I changed the memory
allocation functions to the usual xmalloc ones. The only external
dependency now is out util.h which declares those functions.

The lowercase cjson_t better fits into our coding style as well as the
new macros.  Thanks to Dave Gamble for this nice parser.
===============================================
2018-03-14 11:10:12 +01:00
Ben McGinnes
f61d4f585f IDENTIFY
* Fixed sp error in docstring.
2018-03-05 09:40:41 +11:00
NIIBE Yutaka
59fe3f26c1 core: Support non-thread-safe getenv.
* src/get-env.c (_gpgme_getenv): Use gpgrt_lock_lock
and gpgrt_lock_unlock to protect call of getnev.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-02-27 18:43:40 +09:00
Andre Heinecke
201db83a7f
core, w32: Enable spawning GUI applications
* src/engine-spawn.c (engspawn_start): Translate spawn flag
to IOSPAWN flag.
* src/gpgme-w32spawn.c (my_spawn): Handle the new flag.
* src/gpgme.h.in (GPGME_SPAWN_SHOW_WINDOW): New.
* src/priv-io.h (IOSPAWN_FLAG_SHOW_WINDOW): New.

--
Used by GpgOL
2018-02-09 16:11:32 +01:00
Andre Heinecke
f10605ffb5
core, w32: Fix flags passing to gpgme-w32-spawn
* src/w32-io.c (_gpgme_io_spawn): Don't hardcode flags value.

--
IOSPAWN_FLAG_ALLOW_SET_FG is 2 and was translated to 1.

This might fix the pinentry foreground handling pass through.
2018-02-09 16:11:03 +01:00
NIIBE Yutaka
bbb5e70e7e Fix compile error message.
* src/get-env.c (_gpgme_getenv): Fix error message.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-01-29 19:38:49 +09:00
NIIBE Yutaka
37d62e9d0f core: Implement _gpgme_getenv for NetBSD.
* src/get-env.c [HAVE_GETENV_R] (_gpgme_getenv): New.

--

GnuPG-bug-id: 3056
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2018-01-29 11:45:33 +09:00
Werner Koch
d4d04d6c04
Require libgpg-error 1.24 and libassuan 2.4.2
* src/util.h (GPG_ERR_FALSE): Remove due to newer libgpg-error.
--

We require these over one year old versions to better allign with
GnuPG's demand.  Note that the required libassuan is acgtually 2 years
old.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-12 12:12:47 +01:00
Werner Koch
0a567a94d9
core,w32: Fix popping up of console windows due to gpgconf.
* src/gpgme-w32spawn.c (my_spawn): Create w/o DETACHED_PROCESS.
--

The spawn helper is actually called with DETACHED_PROCESS and should
not need to do a DETACHED_PROCESS of its own.  Interestingly this
patch removes the popups.

See Andre's report
GnuPG-bug-id: 3515

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-11 13:54:40 +01:00
Andre Heinecke
7b5182f288
Spelling fixes for comments and doc
--
Patch provided by ka7 in dev.gnupg.org

Differential D423
2017-12-08 05:59:11 +01:00
Werner Koch
0c1244a2b7
core: Also check for a failed selftest in gpgm_data_new.
* src/data.c (_gpgme_data_new): Check for failed selftest.
* tests/run-support.h (make_filename): Print a message on mallooc
failure.
(init_gpgme_basic): New.
* tests/run-identify.c (main): Call init_gpgme_basic becuase we do not
need to setup a protocol.
* tests/t-data.c: Define PGM and include run-support.h.
(make_filename): Remove.
(main): Call init_gpgme_basic.
--

Note: This patch may break applications which used gpgme_data but no
gpgme_new without having called the required gpgme_check_version.

GPGME can be used without a protocol for example to work with the data
object abstraction.  Thus a call to gpgme_data_new also needs to check
the result of the core selftests - including on whether
gpgme_check_version has been called.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-12-04 12:08:31 +01:00
Andre Heinecke
651b3d8207
Fix uid parsing for ldap keyserver
* src/engine-gpg.c (gpg_keylist_preprocess): Check field count
for uid and add fallback.

--
This fixes accessing unintialized memory and resulting
crashes in gpgrt_asprintf.

GnuPG-Bug-Id: T3550
2017-12-01 09:52:16 +01:00
Daniel Kahn Gillmor
00daac1553
core: use getdents64 syscall on linux instead of getdents.
* src/posix-io.c (get_max_fds): use getdents64 instead of getdents.
--

getdents64 was introduced in linux 2.4, so it should be widely
available.  some Linux architectures which post-date 2.4 (e.g. arm64)
appear to not have getdents at all, so it's probably better to use the
more modern interface.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-10-12 09:00:09 +02:00
Werner Koch
4632adf403
core: Allow disabling the use of SYS_getdents for Linux.
* configure.ac (USE_LINUX_GETDENTS): New ac_define.  Add option
--disable-linux-getdents.
* src/posix-io.c: Make use of USE_LINUX_GETDENTS.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-10-04 18:03:54 +02:00
Colin Watson
b5b996b1a1
core: Restore get_max_fds optimization on Linux
* src/posix-io.c (get_max_fds): Restore Linux optimization, this time
using open/getdents/close rather than opendir/readdir/closedir.
--

opendir/readdir/closedir may allocate/free memory, and aren't required
to do so in an async-signal-safe way.  On the other hand, opening
/proc/self/fd directly and iterating over it using getdents is safe.

(getdents is not strictly speaking documented to be async-signal-safe
because it's not in POSIX.  However, the Linux implementation is
essentially just a souped-up read.  Python >= 3.2.3 makes the same
assumption.)

Signed-off-by: Colin Watson <cjwatson@debian.org>
2017-10-04 17:26:39 +02:00
Werner Koch
47f61df070
core: New context flag "auto-key-retrieve"
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag
"auto-key-retrieve".
* src/context.h (gpgme_context): New field auto_key_retrieve.
* src/engine-backend.h (struct engine_ops): Add arg auto_key_retrieve
to field 'decrypt'.
* src/engine-gpg.c (gpg_decrypt): Add arg auto_key_retrieve and pass
option --auto-key-retrieve to gpg.  Adjust all callers.
(gpg_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Add dummy arg auto_key_retrieve.
* src/engine-uiserver.c (uiserver_decrypt): Ditto.
* tests/run-verify.c (main): Add option --auto-key-retrieve.
--

This makes the --auto-key-retrieve option available in the GPGME API.

Test plan:
Run

  GPGME_DEBUG=9:out tests/run-verify SIGNEDFILE

with and without its new option --auto-key-retrieve and check in the
trace stored in "out" whether --auto-key-retrieve was passed to gpg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-24 17:17:11 +02:00
Werner Koch
6745eb69e2
Set next version to 1.10.0
--
2017-08-24 16:20:51 +02:00
Werner Koch
9bde9144f0
core: New public enum gpgme_keyorg_t.
* src/gpgme.h.in (gpgme_keyorg_t): New.
* src/keylist.c (parse_keyorg): New.
(keylist_colon_handler): Set key->ORIGIN.
--

This finally set the key origin value form data supplied by recent gpg
versions.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-08-24 16:20:51 +02:00
Marcus Brinkmann
91e47d7165 gpgconf: Add more comments.
* src/engine-gpgconf.c (gpgconf_config_dir_cb, gpgconf_conf_dir):
Add comments.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3018
2017-08-24 15:51:41 +02:00
Marcus Brinkmann
bfb3a01a0c Fix a couple of bugs pointed out by clang compiler warnings.
* src/engine-gpgconf.c (gpgconf_config_dir_cb): Fix cast.
* src/key.c (_gpgme_key_add_sig): Fix pointer reference.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
2017-08-23 15:38:11 +02:00
Marcus Brinkmann
3244d4daff gpgconf: Fix some warnings.
* tests/gpg/t-gpgconf.c (main): Fix warnings.
* src/engine-gpgconf.c (struct gpgconf_config_dir_s): New struct.
(gpgconf_config_dir_cb, gpgconf_conf_dir) Use it to fix warning.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
2017-08-16 01:50:00 +02:00
Marcus Brinkmann
97a1abe72e gpgconf: Fix symbol export.
* gpgme.def: Fix last change.
(gpgme_op_conf_save): Replace duplicate from c&p ...
(gpgme_op_conf_dir): ... with this.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
Fixes-commit: 9cd2b58dfb
2017-08-16 00:59:35 +02:00
Marcus Brinkmann
9f24e6c901 gpgconf: Add access to --list-dirs for non-default engine.
* src/engine-assuan.c (_gpgme_engine_ops_assuan): Add conf_dir.
* src/engine-g13.c (_gpgme_engine_ops_g13): Likewise.
* src/engine-gpg.c (_gpgme_engine_ops_gpg): Likewise.
* src/engine-gpgsm.c (_gpgme_engine_ops_gpgsm): Likewise.
* src/engine-spawn.c (_gpgme_engine_ops_spawn): Likewise.
* src/engine-uiserver.c (_gpgme_engine_ops_uiserver): Likewise.
* src/engine-backend.h (struct engine_ops): Likewise.
* src/engine-gpgconf.c (gpgconf_config_dir_cb, gpgconf_conf_dir):
New functions.
(struct engine_ops): Add gpgconf_conf_dir.
* src/engine.c (_gpgme_engine_op_conf_dir): New function.
* src/engine.h (_gpgme_engine_op_conf_dir): New prototype.
* src/gpgconf.c (gpgme_op_conf_dir): New function.
* src/gpgme.def (gpgme_op_conf_save): New symbol.
* src/gpgme.h.in (gpgme_op_conf_dir): New prototype.
* src/libgpgme.vers (gpgme_op_conf_dir): New symbol.
* tests/gpg/t-gpgconf.c (main): Test gpgme_op_conf_dir.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3018
2017-08-15 19:52:29 +02:00
Marcus Brinkmann
a0cc6e01a8 g10: Add new delete operations that allow more flags.
* NEWS: Document new interfaces.
* doc/gpgme.texi: Document new interfaces.
* src/gpgme.h.in (GPGME_DELETE_ALLOW_SECRET, GPGME_DELETE_FORCE,
gpgme_op_delete_ext_start, gpgme_op_delete_ext): New.
* src/delete.c (delete_start): Change allow_secret argument to flags.
(gpgme_op_delete_ext, gpgme_op_delete_ext_start): New functions.
* src/engine-backend.h (delete): Change allow_secret argument to flags.
* src/engine.c (_gpgme_engine_op_delete): Likewise.
* src/engine.h (_gpgme_engine_op_delete): Likewise (for prototype).
* src/engine-gpgsm.c (gpgsm_delete): Likewise.
* src/engine-gpg.c (gpg_delete): Likewise.  Implement GPGME_DELETE_FORCE.
* src/gpgme.def (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.
* src/libgpgme.vers (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 2916
2017-08-11 19:13:44 +02:00
Marcus Brinkmann
dfb3ca8568 doc: Clarify import keys operation.
* doc/gpgme.texi (gpgme_op_import_start): Fix grammar.
(gpgme_op_import_keys): Clarify some wording and fix result.
* src/import.c (gpgme_op_import_keys): Clarify comment.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3215
2017-08-10 16:50:11 +02:00
Andre Heinecke
d3796e4504
core: Fix status parsing for decrypt + verify
* src/decrypt.c (parse_status_error): Don't modify args.

--
Otherwise chained status handlers will not see the full args
which resulted in a parse error in the verify status handler.

GnuPG-Bug-Id: T3310
2017-07-27 14:23:25 +02:00
Werner Koch
ad0c5ab4cd
core: Return NO_SECKEY error code on decryption
* src/decrypt.c (op_data_t): Add flag any_no_seckey.
(_gpgme_decrypt_status_handler): Consult that flag.
(_gpgme_decrypt_status_handler): Set that flag.
--

The NO_SECKEY is emitted instead of an "S ERROR pkdecrypt_failed" if
gpg knowns that a key has been encrypted to that key (cf. "S ENC_TO").
it is not fool proffof but in the majority of cases we can provide a
better error message than just DECRYPTION_FAILED.

GnuPG-bug-id: 3270
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 18:30:49 +02:00
Werner Koch
d37bc7e025
core: Return CANCELED and BAD_PASSPHRASE error code on decryption.
* src/decrypt.c (op_data_t): Add field pkdecrypt_failed.
(_gpgme_decrypt_status_handler): Consult new field.
(parse_status_error): Handle some error codes.
--

The idea is to return only a limited set of error codes because a user
won't be able to understand the more esoteric codes.

GnuPG-bug-id: 3270
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 17:55:43 +02:00
Werner Koch
87703dbb86
core: Simplify parsing of STATUS_ERROR in decrypt.c
* src/decrypt.c (_gpgme_decrypt_status_handler): Factor some code out
to ...
(parse_status_error): new.  Modernize parsing.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-07-12 15:59:12 +02:00
Justus Winter
05fa2a9c77
Add flag 'is_de_vs' to decryption results and signatures.
* NEWS: Update.
* lang/cpp/src/decryptionresult.cpp (DecryptionResult::isDeVs): New
function.
* lang/cpp/src/decryptionresult.h (DecryptionResult::isDeVs): New
prototype.
* lang/cpp/src/verificationresult.cpp (Signature::isDeVs): New
function.
* lang/cpp/src/verificationresult.h (Signature::isDeVs): New
prototype.
* lang/python/src/results.py (DecryptResult): Turn field 'is_de_vs'
into a boolean.
(Signature): Likewise.
* src/decrypt.c (_gpgme_decrypt_status_handler): Handle the new
compliance status line.
* src/verify.c (_gpgme_verify_status_handler): Likewise.
* src/gpgme.h.in (gpgme_status_code_t): Add new status codes for the
new status lines.
* src/keylist.c (parse_pub_field18): Move function to 'util.h'.
(keylist_colon_handler): Adapt callsites.
* src/status-table.c (status_table): Add new status lines.
* src/util.h (PARSE_COMPLIANCE_FLAGS): New macro.  This used to be
'parse_pub_field18', but turned into a macro to make it polymorphic.
--

When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD.  This information can the be presented to the user.

GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <justus@g10code.com>
2017-06-01 14:16:11 +02:00
Justus Winter
92574406fb
core: Sort the status table.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2017-05-30 14:38:29 +02:00
Andre Heinecke
df4eb611e3
core: Don't split gpgconf strings on comma
* src/engine-gpgconf.c (gpgconf_parse_option): Don't split
strings on comma.

--
This only affects values where the main type is string. Values
with the alt_type string but another main type are still split
to keep lists (e.g. groups) working.
2017-05-03 10:14:05 +02:00
Pietro Cerutti
50565982cd
FreeBSD's closefrom(2) does not return errors 2017-04-03 12:25:57 +02:00
Werner Koch
aa0390ec3b
Release 1.9.0
* configure.ac <c>: Bump LT version to C29/A18/R0.
<cpp>: Bump LT version to C10/A4/R0.
<qt>: Bump LT version to C9/A2/R0.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-28 16:21:37 +02:00
Werner Koch
813ae5fa2d
core: Prepare for new key listing data send by gpg.
* src/gpgme.h.in (gpgme_user_id_t): New fields 'origin' and
'last_update'.
(gpgme_key_t): New fields 'origin' and 'last_update'.
* src/conversion.c (_gpgme_parse_timestamp_ul): New.
* src/keylist.c (keylist_colon_handler): Parse fields 19 and 20.

* tests/run-keylist.c (main): Print new fields.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-28 11:41:30 +02:00
Werner Koch
6ac1f2cded
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP.
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS.  Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this.  Add arg FLAGS.  Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'.  Add FLAGS to 'decrypt'.  Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this.  Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.

* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--

Manual testing of that wrap/unwrap feature can be done this way:

 ./run-encrypt --verbose --key Alice /etc/motd > x
 ./run-decrypt --verbose --unwrap x > y
 ./run-encrypt --verbose --key Bob --wrap y > z

1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob

This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption.  Requires GnuPG 2.1.12.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 15:17:23 +01:00
Werner Koch
421ddd1e67
core: New API gpgme_op_set_uid_flag.
* src/gpgme.h.in (gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag_start): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/genkey.c (addrevuid_start): Change arg revoke to a flag.
(gpgme_op_revuid_start): Pass GENKEY_EXTRAFLAG_REVOKE for the fomer
revoke parameter.
(gpgme_op_revuid): Ditto.
(set_uid_flag): New.
(gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag): New.
* src/engine.h (GENKEY_EXTRAFLAG_SETPRIMARY): new.
* src/engine-gpg.c (gpg_adduid): Implement that flag.

* tests/run-genkey.c (main): New command --set-primary.
--

GnuPG-bug-id: 2931
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 19:03:58 +01:00
Werner Koch
55ac5eed9f
core: Extend gpgme_get_dirinfo to return the gpg-wks-client name.
* src/dirinfo.c (WANT_GPG_WKS_CLIENT_NAME): New const.
(struct dirinfo): New field 'gpg_wks_client_name'.
(get_gpgconf_item): Build it on demand.
(gpgme_get_dirinfo): New value "gpg-wks-client-name" for WHAT.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 11:16:16 +01:00
Werner Koch
fab8b1a166
core: New encryption flag GPGME_ENCRYPT_THROW_KEYIDS.
* src/gpgme.h.in (GPGME_ENCRYPT_THROW_KEYIDS): New flag.
* src/engine-gpg.c (gpg_encrypt): Implement flag
(gpg_encrypt_sign): Implement flag.

* tests/run-encrypt.c (main): New option --throw-keyids.
--

It would be nice to also selectively hide recipients (that is gpg
--hidden-recipient) but our API does not ye allow this because it is
based on key objects.  A possible way to implement that would be a API
to set processing flags into a key but this is complicated due to the
reference counting and thus the possibility that a key object is used
by different context.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 10:39:33 +01:00
Andre Heinecke
35023f3136
core: New public API gpgme_op_keylist_from_data_start.
* src/gpgme.h.in: New API gpgme_op_keylist_from_data_start.
* src/libgpgme.vers, src/gpgme.def: Add it.
* src/keylist.c (gpgme_op_keylist_from_data_start): New.
* src/engine-backend.h (engine_ops): Add field 'keylist_data'.  Change
all engines to pass NULL for it.
* src/engine.c (_gpgme_engine_op_keylist_data): New.
* src/engine-gpg.c (gpg_keylist_data): New.
(_gpgme_engine_ops_gpg): Register gpg_keylist_data.

* tests/run-keylist.c (main): New option --from-file.
--

Co-authored-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 2819
2017-03-21 09:50:23 +01:00
Werner Koch
ea9686ec71
core,cpp: New key flag 'is_de_vs'.
* src/gpgme.h.in (_gpgme_subkey): New flag is_de_vs.
* tests/run-keylist.c (main): Print that flag.
* src/keylist.c (parse_pub_field18): New.
(keylist_colon_handler): Parse compliance flags.
* lang/cpp/src/key.cpp (Key::isDeVs): New.
(Subkey::isDeVs): New.

* lang/cpp/src/key.h (class Key): New method isDeVs.
(class Subkey): New method isDeVs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-20 20:05:16 +01:00
Werner Koch
d2240a2a18
core: Fix status error return for gpgsm.
* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Make sure CB_ERR
is returned.
* src/import.c (parse_import_res): Do not return an error for the last
field.
(import_status_handler): Actually return the error from
parse_import_res.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-09 11:45:00 +01:00
Werner Koch
ef035f079f
core: Fix minor code style thing.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Use double parenthesis
for bit tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-02 14:52:52 +01:00
Werner Koch
2486d0073b
Revert "core: Fix error types."
--
This reverts commit 6df6e01ed5.

gpgme_error_t et al are from a time where we had no hard dependency on
libgpg-error.  Now libgpg-error is a required and thus it does not
make sense to have these surrogates.  In fact we should ventually
completely remove them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-02 14:47:51 +01:00
Justus Winter
de708e5934
core: Fix expiration time handling when creating keys.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
'expire' parameter.
(GPGME_CREATE_NOEXPIRE): Document new flag.
(gpgme_op_createsubkey): Clarify the meaning of the 'expire'
parameter.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
expiration time.
* src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
--

Previously, the documentation stated that the expiration time was an
absolute timestamp.  However, this value was passed using the
'seconds=N' syntax to GnuPG which specifies the expiration time in
seconds relative to the creation time.  Fix the documentation.

Furthermore, the documentation stated that using 0 results in keys
that do not expire.  This was communicated to GnuPG by using the
implicit default.  However, as of GnuPG 2.1.17, the default was
changed to create keys that expire within a reasonable timespan.

Fix this discrepancy by aligning the behavior with recent GnuPG
versions: 0 means use a reasonable default, and introduce a flag that
can be used to create keys that do not expire.  Communicate this
explicitly to GnuPG.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:45:45 +01:00
Justus Winter
6df6e01ed5
core: Fix error types.
* NEWS: Update.
* src/data.c (gpgme_data_set_flag): Return a 'gpgme_error_t'.
* src/error.c (gpgme_strerror_r): Fix type of first argument.
* src/gpgme.h.in (gpgme_strerror_r): Adapt.
(gpgme_data_set_flag): Likewise.
--
Fix for consistency.  This should not pose problems, because typedef
gpg_error_t gpgme_error_t.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:34:37 +01:00
Werner Koch
51bd69f216
core: Optimize fork/exec for *BSD and Solaris.
* configure.ac (closefrom): Add to ac_check_funcs.
* src/posix-io.c (_gpgme_io_spawn): Use closefrom.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:56:23 +01:00
Werner Koch
93a59070c6
core: Fix possible deadlock due to get_max_fds.
* src/posix-io.c (get_max_fds): Do not use the Linux optimization.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:13:22 +01:00
Werner Koch
afc308598d
core: Minor cleanup of commit 195c735
* src/verify.c (parse_tofu_user): For cleanness use gpg_error ...
(_gpgme_verify_status_handler): ... and gpg_err_code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-03 13:08:39 +01:00
Andre Heinecke
195c735892 core: Handle multiple TOFU_USER lines in verify
* src/verify.c (op_data_t): Add conflict_user_seen.
(parse_tofu_user): Return ERR_DUP_VALUE for mutltiple TOFU_USERS.
(_gpgme_verify_status_handler): Handle ERR_DUP_VALUE from
parse_tofu_user to ignore the next TOFU_STATS.

--
This fixes TOFU Conflict verification with GnuPG-2.1.17 and 2.1.18

GnuPG-Bug-Id: 2914
2017-02-02 14:06:52 +01:00
Werner Koch
15050ce5fc
core: Replace all calls to *sprintf by gpgrt_*sprintf.
* configure.ac (vasprintf): Remove check.
* src/vasprintf.c: Remove file.
* src/util.h (vasprintf, asprintf): Remove prototypes.  Replace all
calls to vasprintf and asprintf by gpgrt_vasprintf or gpgrt_asprintf.
Also take care to use gpgrt_free on the returned value.
* src/w32-util.c (_gpgme_get_gpgconf_path): Replace a gpgrt_asprintf
by _gpgme_strconcat.
(snprintf): New macro to use gpgrt_snprintf instead of the system's
standard snprintf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 12:35:59 +01:00
Werner Koch
563420a88f
core: Remove unused check for funopen/fopencookie.
* configure.ac (funopen): Remove check.
* src/funopen.c: Remove file.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 12:28:39 +01:00
Werner Koch
0ceeb2948c
core: Explain in gpgme.h that most stucts are read-only.
--

It is common that developers look up only the header file and do not
read the manual.  These comments should make it clear that most
structures in gpgme.h are read-only and may only be allocated by
gpgme.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 10:13:50 +01:00
Werner Koch
d19bea52af
core: Un-deprecate gpgme_data_rewind.
* src/gpgme.h.in (gpgme_data_rewind): Un-deprecate.
* src/data-compat.c (gpgme_data_rewind): Move to ...
* src/data.c (gpgme_data_rewind): here.
--

That function is very convenient because it is required a lot with
memory streams.  It also documents the intention of the caller better
than gpgme_data_seek with its addition parameters and the need to map
system errors.  Thus it does not make sense to make it a first class
citizen again.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 09:53:48 +01:00
Werner Koch
9b7d81998b
core: Move all deprecated stuff to the end of gpgme.h.
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 09:53:48 +01:00
Andre Heinecke
8ede86795a core: Cleanup gpgme_key_unref frees
* src/key.c (gpgme_key_unref): Nowadays we assume free(NULL) is ok.
2017-02-01 18:06:54 +01:00
Andre Heinecke
b5075030be core: Fix leakage of address for mail only uids
* src/key.c (gpgme_key_unref): Always free address if set.
(_gpgme_key_append_name): Remove memory optimization for address.

--
The check if address is not allocated would now be more complicated
then just comparing it to email because email is set to address
also when an email was not parsed from the user id.
2017-02-01 18:06:22 +01:00
Andre Heinecke
a28d31fdb6 core: Improve mailbox only uid handling
* src/key.c (_gpgme_key_append_name): Set email and remove name
for uid only keys.

--
If we have a name and no email but the name can be parsed as
an address we now treat the address as email and remove the name.

This fixes downstream users that rely on email to show email
addresses and don't expilicity handle this case.

E.g. A userid foo@example.com was:
uid->name = "foo@example.com"
uid->email = ""
uid->address = "foo@example.com"

It is now:
uid->name = ""
uid->email = "foo@example.com"
uid->address = "foo@example.com"
2017-02-01 16:17:07 +01:00
Werner Koch
752d3597ef
core: Add new context flag "redraw".
* src/context.h (struct gpgme_context): New field 'redraw_suggested'.
* src/op-support.c (_gpgme_op_reset): Clear REDRAW_SUGGESTED.
* src/progress.c (_gpgme_progress_status_handler): Set REDRAW_SUGGESTED.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "redraw".
* tests/run-sign.c (main): Use it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-31 09:44:29 +01:00
Justus Winter
6f02133bb0 w32: Fix closing file descriptors.
* src/w32-io.c (writer): Only stop once the buffer is drained.
(destroy_writer): Wait for the writers buffer to be drained.  This
aligns '_gpgme_io_close's behavior with close(2) and fclose(3).

GnuPG-bug-id: 2881
Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-23 15:08:23 +01:00
Justus Winter
0e242278df Fix changing options with gpgconf.
* src/engine-gpgconf.c (gpgconf_write): Connect a pipe to the child's
stderr, and wait for it to be closed as an indication that gpgconf has
exited.  Also improve error handling.

GnuPG-bug-id: 2881
Signed-off-by: Justus Winter <justus@g10code.com>
2017-01-16 12:48:56 +01:00
Andre Heinecke
7103315829 core: Always use runtime for gpgconf changes
* src/engine-gpgconf.c (gpgconf_write): Add --runtime.
* src/gpgme.h.in (gpgme_conf_opt_change): Document this
behavior.

--
If a tool uses GPGME for changing configuration values it
needs a way to ensure that these changes take effect. Otherwise
users may change and see config values and do not understand
why they are not working.
2017-01-02 14:05:06 +01:00
Ben Kibbey
a4b9f1a2b4 Fix gpg_addkey() to work with GPGME_CREATE_NOPASSWD as well.
* src/engine-gpg.c (gpg_addkey): Pass --batch to gpg when
GPGME_CREATE_NOPASSWD is set to fix pinentry without loopback mode.

--
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-12-31 18:09:49 -05:00
Ben Kibbey
d83b8f0dc8 Fix GPGME_CREATE_NOPASSWD without pinentry loopback.
* src/engine-gpg.c(gpg_createkey): Pass --batch to gpg when
GPGME_CREATE_NOPASSWD is set.

--
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-12-26 19:57:22 -05:00
Werner Koch
7f5f26fd66
doc: Replace http: by https: in core source files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 13:27:00 +01:00
Werner Koch
9fc92a15bd
core: Do not leak the override session key to ps(1).
* src/engine-gpg.c (struct engine_gpg): New field
override_session_key.
(gpg_release): Free that field.
(gpg_decrypt): With gnupg 2.1.16 use --override-session-key-fd.

* tests/run-decrypt.c (main): Fix setting over the override key.
--

Note that this works only with gnupg 2.1.16 and later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Werner Koch
7659d42468
core: Implement context flag "override-session-key".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.

* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.

--

To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.

The patch also implements the --override-session-key feature.

GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 10:34:13 +01:00
Werner Koch
3234b1bf1d
core: Add public function gpgme_get_ctx_flag.
* src/gpgme.h.in (gpgme_get_ctx_flag): New.
* src/gpgme.c (gpgme_set_ctx_flag): Move down the file and add a trace
statement.
(gpgme_get_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 09:24:17 +01:00
Daniel Kahn Gillmor
cad1210fb8
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.

--

gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case.  However, session key export is also
useful in other use cases.  Two examples from MUA development (where
this functionality would be specifically useful to me right now):

 * If the MUA stores a local copy of the session key upon decrypting
   the message, it can re-decrypt the message without expensive
   asymmetric operations.  When rendering a thread with dozens of
   encrypted messages, this can represent a significant speedup.

 * A user may have expired encryption-capable secret key material,
   along with many messages encrypted to that material.  If she stores
   the session keys for those messages she wants to keep, she can
   destroy her secret key material and make any messages she has
   deleted completely unrecoverable, even to an attacker who gets her
   remaining secret keys in the future.

This patchset makes a two specific implementation decisions that could
have gone in different ways.  I welcome feedback on preferred outcomes.

 0) session key representation: we currently represent the session key
    as an opaque textual string, rather than trying to provide any
    sort of in-memory structure.  While it wouldn't be hard to parse
    the data produced by gpg's --export-session-key, I chose to use
    the opaque string rather than lock in a particular data format.

 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t.  This
    has the potential to cause an out-of-bound memory access if
    someone uses code compiled against the newer verision, but linked
    at runtime against an older version.  I've attempted to limit that
    risk by documenting that users must verify
    gpgme_get_export_session_keys() before accessing this new struct
    member -- this means that code expecting this capability will
    require the symbol at link-time, and will refuse to link against
    older versions.

    Another approach to solving this problem would be to avoid
    modifying gpgme_op_decrypt_result_t, and to introduce instead a
    new function gpgme_op_session_key(), which could be called in the
    same places as gpgme_op_decrypt_result().  Depending on the
    representation of the session key, this might introduce new
    memory-management burdens on the user of the library, and the
    session key is certainly part of a decryption result, so it seemed
    simpler to go with what i have here.

If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.

Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/

If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.

Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user.  Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API.  Unless someone tinkers with
the build system, this should never happen.  We have added new fields
to result structure may times and I can't remember any problems.

 - wk
2016-11-15 08:52:06 +01:00
Andre Heinecke
b91c383386 w32: Fix build of w32-glib
* src/Makefile.am (main_sources): Remove system_components_not_extra.
(libgpgme_la_SOURCES): Add system_components_not_extra.
(libgpgme_glib_la_SOURCES): Remove duplicated ath files.
2016-11-14 17:38:01 +01:00
Daniel Kahn Gillmor
da035768bd
core: Non-zero values should set _armor, _textmode, and _online.
* src/gpgme.c (gpgme_set_armor, gpgme_set_textmode,
gpgme_set_offline): Ensure that non-zero values actually set the
appropriate internal bit.

--

The documentation for these functions says things like "disabled if
YES is zero, and enabled otherwise", where YES is an integer.
However, if you pass an even integer, it will be aliased back to 0
because the context member variables are declared as single bits.

This should make the implementation match the documentation.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-11-11 15:14:32 +01:00
Werner Koch
6e57379c8e
core: Use better error code when using select with a too high fd.
* src/posix-io.c (_gpgme_io_select): Return EMFILE instead of EBADF.
--

Also EBADF seem more correct, EMFILE (Too man open files) gives
a clearer message to the user that there are somehow too many files
open.  The problem can be exhibited by running lots of threads,

We should eventually move to poll but that would be a large change and
so we better fix it with the planned migration of the I/O subsystem to
libgpgrt (currently known as libgpg-error).

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-10 19:49:58 +01:00
Werner Koch
2a39bd6c30
core: Detect unreadable keyrings.
* src/keylist.c (op_data_t): Add field keydb_search_err.
(keylist_status_handler): Parse STATUS_ERROR into that var.
(gpgme_op_keylist_next): Use that err instead of GPG_ERR_EOF.
--

With a recent GnuPG version this allows to detect a keyring with wrong
permissions (i.e. no read access).  GPG_ERR_OPEN_KEYRING will be
returned instead of GPG_ERR_EOF.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-10 17:13:34 +01:00
Andre Heinecke
09b6455432 core: Use gpgrt locking for thread safeness
* configure.ac: Require libgpg-error 1.17. No longer
check for pthread.
* doc/gpgme.texi: Document removed neccessity for thread
safe gpgme flavours.
* src/sema.h (DEFINE_GLOBAL_LOCK),
(DEFINE_STATIC_LOCK, INIT_LOCK, DECLARE_LOCK)
(DESTROY_LOCK, LOCK, UNLOCK): Change to gpgrt equivalents.
* src/posix-sema.c, src/w32-sema.c: Removed.
* src/Makefile.am: Remove libpthread and
Update accordingly.
* src/ath.c, src/ath.h (ath_mutex_init)
(ath_mutex_destroy, ath_mutex_lock, ath_mutex_unlock): Removed.
* src/ath.h (ATH_MUTEX_INITIALIZER): Removed.
* src/version.c (do_subsystem_inits): sema_subsystem_init is
no longer required.
* tests/gpg/Makefile.am: Add new threading tests.
(t_thread1_LDADD, t_cancel_LDADD):
Use just gpgme.
* tests/gpg/t-thread-keylist-verify.c,
tests/gpg/t-thread-keylist.c: New.
* src/gpgme-config.in: Use -lgpgme for thread-model pthread.

--
Using gpgrt locks instead of pthread locks removes
the neccessity to link pthread directly to gpgme and
have a different, thread safe flavor of gpgme. Now
gpgme is thread-safe if the conditions mentioned
in the doc are met.

As the cpp bindings linked against libgpgme
and not libgpgme-pthread this fixes threading problems
with them.

libgpgme-pthread is removed but gpgme-config still supports
--thread=pthread for compatibility with find scripts.
2016-11-10 13:33:13 +01:00
Werner Koch
10f2e1c30b
w32: Better protect the IO-system's fd_table
* src/w32-io.c (fd_table_lock): New.
(new_fd): Lock allocation of a new slot.
(release_fd): Lock deallocation of a slot.
--

Note that we lock only the allocation but not the sanitiy checks we do
further down in the code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-09 08:34:15 +01:00
Werner Koch
df08a0ca3f
w32: Fix locating gpgconf on 64 bit systems.
* src/w32-util.c (find_program_at_standard_place): Use access to check
whether the binary is at CSIDL_PROGRAM_FILES before testing
CSIDL_PROGRAM_FILESX86.
--

Suggested-by: ticho
Fixes-commit: a82e9b182f
GnuPG-bug-id: 2814
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-04 08:12:44 +01:00
Werner Koch
aad94cb7c3
core: Add gpgme_op_query_swdb and helper.
* src/gpgme.h.in (gpgme_query_swdb_result_t): New.
(gpgme_op_query_swdb): New.
(gpgme_op_query_swdb_result): New.
* src/libgpgme.vers, src/gpgme.def: Add the two new functions.
* src/queryswdb.c: New.
* src/Makefile.am (main_sources): Add new file.
* src/context.h (OPDATA_QUERY_SWDB): New.
* src/engine-backend.h (struct engine_ops): Add field 'query_swdb'.
Adjust all initializer.
* src/engine.c (_gpgme_engine_op_query_swdb): New.
* src/engine-gpgconf.c (parse_swdb_line): New.
(gpgconf_query_swdb): New.
(_gpgme_engine_ops_gpgconf): Register that function.

* src/util.h (GPG_ERR_TOO_OLD): Define for older libgpg-error.
(GPG_ERR_ENGINE_TOO_OLD): Ditto.

* tests/run-swdb.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add new debug tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-03 17:32:30 +01:00
Werner Koch
0c2038c004
core: Make use of --homedir in gpgconf.
* src/engine-gpgconf.c (struct engine_gpgconf): Add field 'version'.
(have_gpgconf_version): New.
(gpgconf_release): Free VERSION.
(gpgconf_new): Set VERSION.
(gpgconf_read, gpgconf_write): Use --homedir with recent gnupg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-03 09:31:30 +01:00
Werner Koch
b8159eadb5
core: New API functions gpgme_set_sender, gpgme_get_sender.
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.

* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX.  Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.

* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-25 17:28:01 +02:00
Andre Heinecke
098a2da15b core: Fix w32 crash in find_program_in_dir
* src/w32-util.c (find_program_in_dir): Fix call to _gpgme_strconcat.

--
This fixes a crash introduced by dc39552d0 because it tried
to concat a strlen.
2016-10-10 12:19:48 +02:00
Werner Koch
0ea2ff6790
core: New helper function gpgme_addrspec_from_uid.
* src/gpgme.h.in: Add gpgme_addrspec_from_uid.
* src/gpgme.def, src/libgpgme.vers: Ditto.
* src/mbox-util.c (gpgme_addrspec_from_uid): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-08 21:17:48 +02:00
Daniel Kahn Gillmor
145392f07f Clarify licensing
* src/b64dec.c, src/mbox-util.c, src/mbox-util.h: These three files
  are explicitly licensed under LGPL, but their comments suggest that
  details about the warranty can be found in the GPL.  Adjust comments
  to refer to the correct license.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-27 12:41:38 +02:00
Daniel Kahn Gillmor
95f38652f6 Fix spelling
* lang/cpp/src/context.h, lang/qt/src/protocol.h,
   lang/qt/src/wkspublishjob.h, src/data-identify.c, src/engine-gpg.c:
   minor spelling cleanup.
--

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-23 16:09:27 +02:00
Werner Koch
583aafdd68
w32: Silence some warnings about unused parameters.
* src/assuan-support.c (my_recvmsg, my_sendmsg, my_waitpid)
(my_socketpair) [W32]: Mark unused parameters.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-22 12:58:23 +02:00
Werner Koch
c447b64d59
core: Fix error checking in _gpgme_mkstemp.
* src/w32-util.c (_gpgme_mkstemp): Fix error checking.
(dlopen): Mark FLAGS as unused.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-22 12:46:06 +02:00
Werner Koch
dc39552d01
core: New helper function _gpgme_strconcat.
* src/conversion.c: Include stdarg.h.
(do_strconcat): New.
(_gpgme_strconcat): New.
* src/util.h: Provide fallback for GPGRT_ATTR_SENTINEL.
(_gpgme_strconcat): New with sentinel.

* src/w32-util.c (find_program_in_dir): Replace malloc and stpcpy by
_gpgme_strconcat.
(find_program_at_standard_place): Ditto.
(_gpgme_set_default_gpg_name): Ditto.
(_gpgme_set_default_gpgconf_name): Ditto.
(_gpgme_mkstemp): Ditto.
(_gpgme_set_override_inst_dir): Repalce malloc and strcpy by strdup.
--

The function has been taken from gnupg/common/stringhelp.c and license
changed to LPGLv2.1+.  I am the original author of that code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-22 12:42:10 +02:00
Daiki Ueno
dee56820ca
gpg: Add option --exit-on-status-write-error
* src/engine-gpg.c (gpg_new): Add --exit-on-status-write-error if the
engine version is latest enough to expect progress output from gpg.

--
GnuPG-bug-id: 1415
Signed-off-by: Daiki Ueno <ueno@gnu.org>

Changed the version test from the patch to use the newer
have_gpg_version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-22 09:12:43 +02:00
Werner Koch
e7ab75379f
Release 1.7.0
* configure.ac: Bump LT vesion to C26/A15/R0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-21 09:18:01 +02:00
Andre Heinecke
e3c35147d6 core: Remove moc artifact
* src/moc_kdpipeiodevice.cpp: Removed.
* src/Makefile.am (EXTRA_DIST): Remove moc_kdpipeiodevice.cpp.

--
This file was overlooked in 58ed9c17 which removed the unused
and obsolete w32-qt code. See lang/qt QIODeviceDataProvider which
replaced kdpipeiodevice.
2016-09-19 14:29:03 +02:00
Ben Kibbey
9d62bacac7
core: Check for GPG_TTY as well as DISPLAY.
* src/engine-assuan.c (llass_new): Update --ttyname from GPG_TTY.
* src/engine-g13.c (g13_new): Ditto.
* src/engine-gpg.c (gpg_new): Ditto.
* src/engine-uiserver.c (uiserver_new): Ditto.
* src/engine-gpgsm.c (gpgsm_new): Ditto.

--
Useful when no DISPLAY is set and there is no attached terminal to the
current process.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-09-19 08:35:20 +02:00
Werner Koch
b615316168
core: Document the version a function has been deprecated.
* src/gpgme.h.in (_GPGME_DEPRECATED): Change to take versio numbers
for documentation.  Change all places.
(_GPGME_DEPRECATED_OUTSIDE_GPGME): Ditto.
* lang/python/gpgme-h-clean.py: Adjust RE.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 16:00:27 +02:00
Werner Koch
3d6340e8c5
core: Map GPGME_STATUS_EOF to the empty string.
* src/status-table.c (_gpgme_status_to_string): Return "" for EOF.
* src/engine-gpg.c (read_status): Ditto.  The old code accidently used
GPGME_STATUS_EOF which is the integer 0 and neiteyr NULL nor a string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 16:00:27 +02:00
Justus Winter
5259f9de46 core: Fix typos.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-09-16 13:02:55 +02:00
Werner Koch
268e251b80
core: Remove stub to try implementing gpg < 2.1 support for createkey.
* src/engine-gpg.c (gpg_createkey_legacy): Remove.
(gpg_genkey): Remove call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 11:45:36 +02:00
Werner Koch
1f9641dd0f
core: Fix setting og the verification result.
* src/verify.c (parse_new_sig): Proberly handle the RC in an ERRSIG
status.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 11:43:32 +02:00
Werner Koch
ed1f2700a7
core: New function gpgme_op_interact, deprecate gpgme_op_edit.
* src/gpgme.h.in (gpgme_interact_cb_t): New.
(GPGME_INTERACT_CARD): New.
(gpgme_op_interact_start, gpgme_op_interact): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/edit.c (op_data_t): Rename fnc to fnc_old and change users.  Add
fnc.
(edit_status_handler): Call old or new callback.
(command_handler): Ditto.
(interact_start): New.
(gpgme_op_interact_start, gpgme_op_interact_start): New.
* src/status-table.c (_gpgme_status_to_string): New.

* tests/gpg/t-edit.c (edit_fnc): Rename to interact_fnc and change
type of STATUS.  Use gpgme_io_writen.
(main): s/gpgme_op_edit/gpgme_op_interact/.
--

This change will eventually allow us to remove all those status codes
from gpgme.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-15 11:39:43 +02:00
Werner Koch
d2b72d3cc1
core: Minor change of the gpgme_op_edit semantics.
* src/edit.c (command_handler): Handle special error code.
* src/engine-gpg.c (read_status): Ditto.
* src/engine-gpgsm.c (status_handler): Ditto.
* src/engine-uiserver.c (status_handler): Ditto.
* src/util.h (GPG_ERR_FALSE): Define for older libgpg-error versions.
--

An edit callback may now simply return GPG_ERR_FALSE to indicate that
it did not handled the status code.  GPGME will the do the appropriate
action, which is to send an empty line.

Note that it is highly unlikely that GPG_ERR_FALSE has ever been used
by an application as return value from an edit interactor.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-15 09:24:29 +02:00
Werner Koch
7c37719d79
core: New function gpgme_op_tofu_policy
* src/gpgme.h.in (gpgme_op_tofu_policy_start): New function.
(gpgme_op_tofu_policy): New function.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/tofupolicy.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_TOFU_POLICY.
* src/engine.c (_gpgme_engine_op_tofu_policy): New.
* src/engine-backend.h (engine_ops): Add funcptr 'tofu_policy'.
Adjust all engine initializations.
* src/engine-gpg.c (gpg_tofu_policy): New.
(_gpgme_engine_ops_gpg): Register this function.

* tests/run-tofu.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 20:21:19 +02:00
Werner Koch
d79dcb78d8
core: Defer implementation of gpgme_op_createkey with gpg < 2.1
* src/engine-gpg.c (gpg_createkey_legacy): Mark unused variables.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 19:02:40 +02:00
Werner Koch
bfd2bd0ccc
core: New function gpgme_op_keysign.
* src/gpgme.h.in (gpgme_op_keysign_start, gpgme_op_keysign): New.
(GPGME_KEYSIGN_LOCAL): New.
(GPGME_KEYSIGN_LFSEP): New.
(GPGME_KEYSIGN_NOEXPIRE): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_KEYSIGN.
* src/keysign.c: New.
* src/Makefile.am (main_sources): Add keysig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_keysign_start.
* src/engine.c (_gpgme_engine_op_keysign): New.
* src/engine-backend.h (engine_ops): Add 'keysign' and adjust all
engine initializers.
* src/engine-gpg.c (_add_arg): Add args PREFIX and ARGLEN and change
callers to set them.
(add_arg_pfx): New.
(add_arg_len): New.
(gpg_keysign): New.
(_gpgme_engine_ops_gpg): Set keysign to gpg_keysign.
* tests/run-keysign.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add run-keysign.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 18:59:55 +02:00
Werner Koch
c943380b7a
core: New function gpgme_op_revuid.
* src/engine.h (GENKEY_EXTRAFLAG_REVOKE): New.
* src/genkey.c (adduid_start): Rename to addrevuid_start.  Add arg
REVOKE and pass it as extraflags.  Remove useless ARMOR extraflag.
Adjust callers.
(gpgme_op_revuid_start, gpgme_op_revuid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.

* tests/run-genkey.c: Add option --revuid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 12:42:12 +02:00
Werner Koch
c22f5884c5
core: Change a parameter for the engine's genkey function.
* src/engine.h (GENKEY_EXTRAFLAG_ARMOR): New.
* src/engine-backend.h (engine_ops): Rename USE_ARMOR in genkey to
EXTRAFLAGS.
* src/engine.c (_gpgme_engine_op_genkey): Ditto.
* src/engine-gpg.c (gpg_createkey_from_param): Ditto and test the
flags.
(gpg_createkey_legacy): Ditto.
(gpg_createkey): Ditto.
(gpg_addkey): Ditto.
(gpg_genkey): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 12:42:12 +02:00
Werner Koch
3210f3e472
core: New function gpgme_op_adduid.
* src/genkey.c: Replace most error codes GPG_ERR_INV_VALUE by
GPG_ERR_INV_ARG.
(struct op_data_t): Add field UIDMODE.
(genkey_status_handler): Use UIDMODE.
(adduid_start): New.
(gpgme_op_adduid_start, gpgme_op_adduid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* tests/run-genkey.c: Add option --adduid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 11:40:34 +02:00
Werner Koch
cc353701b0
core: New function gpgme_op_createsubkey.
* src/genkey.c (createsubkey_start): New.
(gpgme_op_createsubkey_start, gpgme_op_createsubkey): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-gpg.c (gpg_createkey): Factor some code out to ...
(gpg_add_algo_usage_expire): new.
(gpg_addkey): Implement.
* tests/run-genkey.c: Add option --addkey.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 09:51:16 +02:00
Werner Koch
51f9acbca9
core: Use const char * where appropriate.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:59:07 +02:00
Werner Koch
686a065f63
core: Cast away the common const problem with spawn and argv.
* src/dirinfo.c (read_gpgconf_dirs): Use a cast to assignd to ARGV.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:57:15 +02:00
Werner Koch
3009e6162e
core: Fix condition-always-true warning in trace macro.
* src/data-compat.c (old_user_read): Cast AMT.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:54:55 +02:00
Werner Koch
4a200146b6
core: Mark unused function args.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:53:49 +02:00
Werner Koch
3972f476e0
core: Do not pass const char* to functions taking a char*.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:44:59 +02:00
Werner Koch
00c501d296
core: New function gpgme_op_create_key.
* src/engine-backend.h (engine_ops): Change prototype of genkey.
* src/engine-gpgsm.c (gpgsm_genkey): Change accordingly.
* src/engine-gpg.c (gpg_genkey): Change it to a dispatcher.
(gpg_createkey_from_param): New for the old functionality.
(gpg_createkey_legacy): New.  Stub for now.
(gpg_createkey): New.
(gpg_addkey): New.  Stub for now.
(gpg_adduid): New.  Stub for now.
* src/engine.c (_gpgme_engine_op_genkey): Add new args.
* src/genkey.c (op_data_t): Add field ERROR_CODE.
(parse_error): New.
(genkey_status_handler): Parse ERROR status line.
(genkey_start): Use NULL/0 for the new args.
(createkey_start): New.
(gpgme_op_createkey_start, gpgme_op_createkey): New.
* src/gpgme.def, src/libgpgme.vers: Add gpgme_op_createkey_start and
gpgme_op_createkey.
* src/gpgme.h.in (_gpgme_op_genkey_result): Add fields PUBKEY and
SECKEY.
(GPGME_CREATE_SIGN): New.
(GPGME_CREATE_ENCR): New.
(GPGME_CREATE_CERT): New.
(GPGME_CREATE_AUTH): New.
(GPGME_CREATE_NOPASSWD): New.
(GPGME_CREATE_SELFSIGNED): New.
(GPGME_CREATE_NOSTORE): New.
(GPGME_CREATE_WANTPUB): New.
(GPGME_CREATE_WANTSEC): New.
(GPGME_CREATE_FORCE): New.

* tests/run-genkey.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
--

This function uses the new --quick-gen-key API of gpg.  A limited
compatibility mode to use older gpg versions and gpgsm will eventually
be provided.  Not all flags are currently implemented.

 ./run-genkey --unprotected --force test@example.com

Create a new standard key with the given user id.  --force is used to
allow creating more than one key with that user id in the keyring.

 ./run-genkey --unprotected --force \
      test@example.com default default 2145826800

Creates a new standard key with an expiration date of 2037-12-31.

 ./run-genkey --unprotected --force \
      test@example.com future-default default 2145826800

Create a standard key using the fugure default algorithms.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 18:59:10 +02:00
Werner Koch
120b14783c
core,cpp: Extend the TOFU information.
* src/gpgme.h.in (struct _gpeme_tofu_info): Rename FIRSTSEEN to
SIGNFIRST and LASTSEEN to SIGNLAST.  Add ENCRFIST and ENCRLAST.
* src/keylist.c (parse_tfs_record): Parse to ENCRFIRST and ENCRLAST.
* src/verify.c (parse_tofu_stats): Ditto.
* tests/run-keylist.c (main): Adjust and print encrypt stats.
* tests/run-verify.c (print_result): Ditto.

* lang/cpp/src/tofuinfo.h (TofuInfo): Rename firstSeen to signFirst
and lastSeen to signLast.  Add encrCount, encrFirst and encrLast.
* lang/cpp/src/tofuinfo.cpp (encrCount, encrFirst, encrLast): New.
--

The latest GnuPG commits have the needed changes but we also allow the
use of currently released GnuPG version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-07 09:26:11 +02:00
Andre Heinecke
e8cb143c83 core: Check for gpg version for loopback mode
* src/engine-gpg.c (build_argv): Check for version 2.1.0
before adding pinentry-mode.

--
This is a compatibility fix for older versions that don't support
this flag which would otherwise result in an invalid argument
error.
2016-09-06 16:30:24 +02:00
Andre Heinecke
efe7e11dfa core: Fix passphrase cb for mixed sym encrypt
* src/encrypt.c (encrypt_start): Handle SYMMETRIC flag.
* src/encrypt-sign.c (encrypt_sign_start): Ditto.

--
This causes the passphrace command handler to be properly
registered which in turn will result in the passphrase
callback beeing called.
2016-09-06 16:28:45 +02:00
Werner Koch
9ee103957e
core: Add GPGME_KEYLIST_MODE_WITH_TOFU.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_TOFU): New.
* src/engine-gpg.c (gpg_keylist_build_options): Use that.
* src/keylist.c: Include limits.h.
(parse_tfs_record): New.
(keylist_colon_handler): Support TFS record.
* tests/run-keylist.c: Include time.h.
(isotimestr): New.
(main): Add option --tofu.  Print TOFU info.
* tests/run-verify.c: Include time.h.
(isotimestr): New.
(print_result): Use isotimestr for TOFU dates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 11:38:03 +02:00
Werner Koch
38798fee5b
core: Adjust for TOFU_STATS change in gnupg 2.1.16.
* src/gpgme.h.in (_gpgme_tofu_info): Change 'firstseen' and 'lastseen'
to a timestamp value.
* src/verify.c (parse_tofu_stats): Do not cap these values at UINT_MAX.
--

Using an unsigned long here is okay: We will never get an error and
even on machines where unsigned long is 32 bit (e.g. Windows64) this
allows us to operate until 2106.  By then Windows will be a footnote
in history or Windows128 has changed that type to something larger
than 32 bit ;-)

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-24 20:10:54 +02:00