Commit Graph

3470 Commits

Author SHA1 Message Date
NIIBE Yutaka
276f3390e1 qt: Allow build with older GnuPG (< 2.2.18).
* lang/qt/tests/t-remarks.cpp (initTestCase): Check gpg for
allow-weak-key-signatures option.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-11 11:58:28 +09:00
Werner Koch
eb99e8c483
Require at least libgpg-error 1.36
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--

Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion.  This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 11:50:46 +01:00
Ben Kibbey
35ca460019 Parse STATUS_CANCELED_BY_USER.
* src/gpgme.h.in (GPGME_STATUS_CANCELED_BY_USER): New.
* src/status-table.c (status_table_s): Add "CANCELED_BY_USER".
* src/passphrase.c (_gpgme_passphrase_status_handler): Return
GPG_ERR_CANCELED during GPGME_STATUS_CANCELED_BY_USER.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2020-11-03 17:47:44 -08:00
Ingo Klöcker
0fee135997 qt: Make audit parameters of result signal optional
lang/qt/src/quickjob.h (QuickJob::result): Make parameters
auditLogAsHtml and audigLogError optional.
--

This aligns the signature of QuickJob's result signal with the result
signals of the other Job subclasses.

GnuPG-bug-id: 5094
2020-11-03 13:50:53 +01:00
Ingo Klöcker
b41f5fec1c cpp: Mark helper functions as static
lang/cpp/src/key.cpp (find_subkey, verify_subkey, find_uid, verify_uid,
find_signature, verify_signature): Mark as static.
2020-11-03 09:01:32 +01:00
Ingo Klöcker
6a6d2a2764 cpp: Make signatures belonging to the same user ID sortable
lang/cpp/src/key.h, lang/cpp/src/key.cpp (UserID::Signature::operator<):
New.
lang/cpp/src/key.cpp (signature_index): New.
--

operator< defines a canonical sort order for signatures belonging to
the same user ID. It is based on the sort order defined by
cmp_signodes() in g10/keylist.c of gnupg. In particular, the ordering
of signatures made with the same key by creation time allows to see
easily whether the most recent signature is a certification or a
revocation.

GnuPG-bug-id: 5094
recent
2020-11-03 08:59:54 +01:00
Ingo Klöcker
f042739d3a qt: Add support for revoke signature quick command
* lang/qt/src/quickjob.h (QuickJob::startRevokeSignature): New.
* lang/qt/src/qgpgmequickjob.h, lang/qt/src/qgpgmequickjob.cpp
(QGpgMEQuickJob::startRevokeSignature): New.
* lang/qt/src/qgpgmequickjob.cpp (revokeSignatureWorker): New.
--

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
Ingo Klöcker
60328c4690 qt: Some minor cleanups
* lang/qt/src/qgpgmequickjob.h: (GpgME::Key, QDateTime, QString):
Remove superfluous forward declarations.
(QGpgMEQuickJob): Remove superfluous second template argument. It is
identical to the default.
(QGpgMEQuickJob::result): Remove. It is already defined in the base
class.
2020-10-29 12:57:10 +01:00
Ingo Klöcker
4166d263e4 cpp: Add support for gpgme_op_revsig
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::revokeSignature, Context::startRevokeSignature): New.
* lang/cpp/src/context.cpp
(getLFSeparatedListOfStrings, getLFSeparatedListOfUserIds): New.
(getLFSeparatedListOfFingerprintsFromSubkeys): Extracted second part
of function to getLFSeparatedListOfStrings.
--

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
Ingo Klöcker
f3407d0ee4 core: New function gpgme_op_revsig.
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--

This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
NIIBE Yutaka
089164a0c0 python: Handle the when case __doc__ is None.
* lang/python/src/core.py (GpgmeWrapper): Check if None.

--

GnuPG-bug-id: 5075
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-28 08:49:33 +09:00
Ingo Klöcker
74c8131d80 cpp: Add support for gpgme_cancel
* lang/cpp/src/context.cpp, lang/cpp/context.h
(Context::cancelPendingOperationImmediately): New.
* NEWS: Mention added API
--

This allows immediate canceling of running operations, e.g. when a
thread with a long running operation (like SCD DEVINFO --watch) is
going to be terminated (on application shutdown).

GnuPG-bug-id: 5066
2020-10-23 13:50:16 +02:00
Ingo Klöcker
ff23e24063 Add Assuan transaction that forwards status lines to another object
* lang/cpp/src/Makefile.am: Add new files.
* lang/cpp/src/interfaces/statusconsumer.h,
lang/cpp/src/statusconsumerassuantransaction.cpp,
lang/cpp/src/statusconsumerassuantransaction.h: New.
* NEWS: Mention new API.
--

This Assuan transaction is useful for long running Assuan commands.
Classes implementing the StatusConsumer interface can process received
status lines while the Assuan command is still running.

GnuPG-bug-id: 5066
2020-10-23 13:50:16 +02:00
Ingo Klöcker
b21cabb311 qt: Add QDebug stream operator for GpgME::Error
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/debug.h, lang/qt/src/debug.cpp: New.
* NEWS: Mention it.
--

This was previously implemented in Kleopatra, but it makes sense for
all users of qgpgme.
2020-10-23 13:50:16 +02:00
Ingo Klöcker
c3406462d1 cpp, qt: Add missing comparison operators for version info comparison
* lang/cpp/src/engineinfo.h (EngineInfo::Version::operator<=,
EngineInfo::Version::operator>=, EngineInfo::Version::operator!=):
New.
* lang/qt/tests/t-various.cpp (TestVarious::testVersion): Add tests for
new comparison operators.
* NEWS: Mention added API
2020-10-23 13:50:16 +02:00
Ingo Klöcker
2f53a2f4be cpp, qt: Fix version info comparison
* lang/cpp/src/engineinfo.h
(EngineInfo::Version::operator>(const Version &)): Fix logic.
(EngineInfo::Version::operator>(const char *)): Use Version-overload of
operator>.

* lang/qt/tests/t-various.cpp: Add test.
--

This fixes a logic error that 2.0.0 > 2.0.0 would return true.
2020-10-23 13:50:16 +02:00
Werner Koch
25e2d717f4
tests: Fix gcc incompatibility
* tests/json/t-json.c: Remove var definitions inside a for statement.
--

This useful C99 feature seems to work only in recent gcc versions.  We
can't use it; see gnupg/doc/HACKING.

GnuPG-bug-id: 5088
2020-10-03 19:54:00 +02:00
NIIBE Yutaka
fd904f87f8 gpgsm: Fix leaked fd.
* src/engine-gpgsm.c (gpgsm_new): Close gpgsm->diag_cb.server_fd.

--

GnuPG-bug-id: 5074
Reported by: VladislavGrudinin
Fixes-commit: dd21ec997c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-01 11:18:50 +09:00
Werner Koch
e4ee706e27
core: Fully implement the inquire callback for assuan_transact
* src/engine-assuan.c (inquire_cb): Implement returning data.

* tests/opassuan/t-command.c (inq_cb): Send some test data.
--

The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be

 ./t-command 'scd setattr --inquire PRIVATE-DO-1'

and then reading the data back using

  gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-09 12:13:20 +02:00
Ingo Klöcker
973c8116c8 qt: Update the documentation of ListAllKeysJob
* lang/qt/src/listallkeysjob.h (ListAllKeysJob::start): Document that
the mergeKeys argument is ignored with gpg >= 2.1.
--

GnuPG-bug-id: 4794
2020-09-08 15:38:00 +02:00
Ingo Klöcker
3dd7377e12 cpp: Update key with --with-secret instead of updating it twice
* lang/cpp/src/key.cpp (Key::update): Call Context::key() only once
with KeyListMode::WithSecret.
--

With gpg >= 2.1, get the key with --with-secret instead of first trying
to get the secret key and, if that fails, getting the public key.

GnuPG-bug-id: 4794
2020-09-08 14:55:20 +02:00
Ingo Klöcker
13bcc6680a qt: List keys once with --with-secret instead of twice
* lang/qt/src/qgpgmelistallkeysjob.cpp
(do_list_keys): Rename to do_list_keys_legacy and put into unnamed
namespace.
(merge_keys): Put into unnamed namespace.
(list_keys): Rename to list_keys_legacy and put into unnamed namespace.
(do_list_keys, list_keys): New.
* lang/qt/tests/t-keylist.cpp (testListAllKeysSync): New.
--

With gpg >= 2.1, list keys once with --with-secret instead of listing
public keys and secret keys and then merging (part of) the information
about the keys.

GnuPG-bug-id: 4794
2020-09-07 12:02:29 +02:00
Ingo Klöcker
188cc9e9b5 cpp: Add keylist mode WithSecret
* lang/cpp/src/global.h (WithSecret): New.
* lang/cpp/src/context.cpp (operator<<): Handle WithSecret.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t,
convert_from_gpgme_keylist_mode_t): Ditto.
--

GnuPG-bug-id: 4794
2020-09-07 11:55:07 +02:00
Ingo Klöcker
b714a6bbc8 cpp: Add missing keylist modes
* lang/cpp/src/util.h
(add_to_gpgme_keylist_mode_t): Sort modes as in enum definition and
add missing modes to check.
(convert_from_gpgme_keylist_mode_t): Add missing handling of
GPGME_KEYLIST_MODE_WITH_TOFU and GPGME_KEYLIST_MODE_WITH_KEYGRIP.
2020-09-07 11:36:11 +02:00
Ingo Klöcker
4d87ea2851 cpp: Copy some more subkey properties when merging keys
* lang/cpp/src/key.cpp (Key::mergeWith): Also merge secret flag and
keygrip
--

The keygrip was lost if the result of a public key listing was merged
with the result of a secret key listing as done by QGpgMEListAllKeysJob.

GnuPG-bug-id: 4794
2020-09-03 12:24:21 +02:00
Werner Koch
b088d81cef
qt: Fix an rfc2253 parser flaw
* lang/qt/src/dn.cpp (parse_dn_part): Fix parser.

--

This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory.  However, it is harmless because the rfc2253
strings have been received from GnuPG which is expected to emit
correct syntax.

GnuPG-bug-id: 5037
2020-08-28 09:13:35 +02:00
Ingo Klöcker
f66f856c89 core: Add error handling to setexpire
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.

* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--

Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.

GnuPG-bug-id: 4395
2020-08-14 11:11:23 +02:00
Ingo Klöcker
4f2cd3a0c6 qt: Support changing expiry of subkeys
* lang/qt/src/changeexpiryjob.h (ChangeExpiryJob::start): New overload
that accepts subkeys (with empty implementation).
* lang/qt/src/qgpgmechangeexpiryjob.h,
lang/qt/src/qgpgmechangeexpiryjob.cpp (QGpgMEChangeExpiryJob::start):
New overload that accepts subkeys.
--

This adds the possibility to change the expiry of subkeys.

GnuPG-bug-id: 4717
2020-08-11 17:02:25 +02:00
Ingo Klöcker
c813734c9c cpp: Make private helper a file static
* lang/cpp/src/context.h, lang/cpp/src/context.cpp
(Context::getLFSeparatedListOfFingerprintsFromSubkeys): Remove
from Context; make it a static function instead
--

GnuPG-bug-id: 5003
2020-08-10 11:06:13 +02:00
Andre Heinecke
0676d41ef5
cpp: Use cstdlib getenv for portability
* lang/cpp/src/editinteractor.cpp (EditInteractor::Private::Private):
Use std::getenv.

--
This should fix compiling on MacOS X

GnuPG-Bug-Id: T5013
2020-08-06 09:50:16 +02:00
Ingo Klöcker
8950150913 qt: Port to new setExpire()
* lang/qt/src/qgpgmechangeexpiryjob.cpp (change_expiry): Use new
setExpire() instead of edit() with GpgSetExpiryTimeEditInteractor
--

Using the new setExpire() (which uses --quick-set-expire) is a lot less
complex than using gpg's edit interface. It also feels faster. Next,
I'll add support for changing the expiration time of subkeys.

GnuPG-bug-id: 5003
2020-08-05 16:49:18 +02:00
Ingo Klöcker
84c6b6e2fe qt: Add test for setExpire
* lang/qt/tests/t-various.cpp (TestVarious::testSetExpire): New.
--

GnuPG-bug-id: 5003
2020-08-04 16:53:57 +02:00
Ingo Klöcker
aa03205fe5 cpp: Add support for gpgme_op_setexpire
* lang/cpp/src/context.cpp
(Context::setExpire, Context::startSetExpire): New.
(Context::getLFSeparatedListOfFingerprintsFromSubkeys):
New helper.
* lang/cpp/src/context.h
(Context::SetExpireFlags): New enum.
(Context::setExpire, Context::startSetExpire): Add
prototypes.
(Context::getLFSeparatedListOfFingerprintsFromSubkeys):
Add as private helper.
--

GnuPG-bug-id: 5003
2020-08-04 16:53:29 +02:00
Ingo Klöcker
197ba151e7 cpp: Add ostream operator for subkey
* lang/cpp/src/key.cpp (Subkey): Add ostream operator.
* lang/cpp/src/key.h: Update accordingly.
--

This is helpful for debugging / showing the state of a subkey.
2020-08-04 16:53:28 +02:00
Ingo Klöcker
db82e99a8a core: New function gpgme_op_setexpire.
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--

This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.

Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
2020-08-04 16:51:56 +02:00
Werner Koch
81db412245
Post release updates
--
2020-07-16 17:33:34 +02:00
Werner Koch
6d7bf78ca5
Release 1.14.0
* configure.ac: Bump LT versions to c=C34/A23/R0 cpp=C17/A11/R0
qt=C11/A4/R0.
--
GnuPG-bug-id: 4996
2020-07-16 17:17:34 +02:00
Andre Heinecke
690d967196
qt, cpp: Support export modes
* lang/cpp/context.cpp, lang/cpp/context.h
(Context::startPublicKeyExport, Context::exportPublicKeys): Extend
with flags paramenter.
(Context::ExportMode): New.
* lang/qt/src/exportjob.h (ExportJob::setExportMode): New.
* lang/qt/src/qgpgmeexportjob.cpp, lang/qt/src/qgpgmeexportjob.h:
Update accordingly.

--
This adds the C++ and Qt API for export modes.
2020-07-16 17:00:28 +02:00
Werner Koch
dfeedcc28d
core: Also allow GPGME_EXPORT_MODE_SSH for gpgme_op_export.
* src/export.c (export_start): Allow that mode.
--

The test tools uses gpgme_op-export_ext and thus did not caught it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 16:47:31 +02:00
Werner Koch
7f9e0ca57b
core: New export mode to export as OpenSSH public key.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--

GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 12:00:46 +02:00
Werner Koch
8589091682
core: Deprecate the non-working trustlist functions.
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member.  Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--

This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago.  It was anyway marked as
experimental.  We keep the API and ABI, though.

GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 16:34:24 +02:00
Werner Koch
c8048bf8eb
core: New keylist mode GPGME_KEYLIST_MODE_WITH_KEYGRIP.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.

* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--

GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 14:11:17 +02:00
Werner Koch
32b80cf3c7
python: Workaround for a regression in GnuPG 2.2.21
* lang/python/tests/support.py (is_gpg_version): New.
* lang/python/tests/t-encrypt-sym.py: Add workaround.
--

GnuPG-bug-id: 4991
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-14 14:48:01 +02:00
Andre Heinecke
88f3202521
doc: Explain verify_result_t.status == 0 more
* doc/gpgme.texi (gpgme_verify_result_t): Explain
GPGME_STATUS_NO_ERROR more clearly.

--
This might help to avoid misunderstandings how the
status can be interpreted and explains why a verify
of unsigned PGP Data returns no error.

As a reaction to CVE-2020-10759 discovered by Justin Steven.
2020-06-09 10:22:27 +02:00
Werner Koch
728ead8ebd
core: Fix setting of the chain_model signature result.
* src/verify.c (parse_trust): Fix detection of "chain" keyword.
--

Fixes-commit: da6f3dc0c5
from 2007 shortly after introducing this.  I doubt that this info has
ever been used (it is for qualified signatures, which are only
supported using the legacy German RegTP rules for them which were soon
overturned by the commercial CAs).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-05 14:46:56 +02:00
NIIBE Yutaka
0cc040e82f tests: Remove/change tests for GnuPG 2.3 with no gpg.keyserver.
* lang/qt/tests/t-config.cpp (testKeyserver): Remove.
* tests/gpg/t-gpgconf.c (main): Test with dirmngr.keyserver.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-05-11 14:20:48 +09:00
Andre Heinecke
52f930c1ed
w32: Explicitly link ws2_32
* src/Makefile.am (gpgme_w32_extra_libs): New.
(libgpgme_la_LIBADD, libgpgme_glib_la_LIBADD): Use it.

--
Since w32-io.c directly uses functions from ws2_32 it should
not rely on libgpg-error to pull in this dependency.
2020-05-08 16:38:19 +02:00
dupgit
49c13854f3
GPGME_CREATE_NOEXPIRE is only available since 1.9.0
* doc/gpgme.texi: Fixes version number from 1.8.0 to
   1.9.0 for GPGME_CREATE_NOEXPIRE.

GnuPG-Bug-Id: T4922
Signed-off-by: dupgit <olivier.delhomme@free.fr>
2020-05-08 12:34:20 +02:00
Werner Koch
004fdf61c8
core: Make sure the keygrip is available in WITH_SECRET mode.
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--

Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing.  Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.

GnuPG-bug-id: 4820
2020-05-08 11:18:42 +02:00
Andre Heinecke
5c0d1c7f76
tests, json: Do not check for keygrip of pubkeys
* tests/json/t-keylist-secret.out.json: Do not check for keygrip
of bravo key.

--
Since GnuPG 2.2.19 the keygrip is not emitted for public keys
in a keylisting --with-secret.

As the GPGME test suite should pass with several versions
the json test cannot test this as the suite does not allow
version checks for different output.

What the intended behavior is might still be up for discussion,
always adding --with-keygip is not a good solution because
it slows down keylistings for large keyrings.

GnuPG-Bug-Id: T4820
2020-05-08 10:30:53 +02:00