Commit Graph

3626 Commits

Author SHA1 Message Date
Ingo Klöcker
81a33ea5e1 core: Fix use-after-free issue in test
* tests/gpg/t-edit-sign.c (sign_key, verify_key_signature): New.
(main): Factored out signing and verifying the result.
--

Factoring the two steps of the test into different functions fixes the
use-after-free issue that was caused by accidentaly using a variable
of the first step in the second step.

GnuPG-bug-id: 5509
2021-06-26 18:03:37 +02:00
Werner Koch
e8e055e682
Post release updates
--
2021-06-24 19:36:47 +02:00
Werner Koch
1021c86455
Release 1.16.0 2021-06-24 19:03:35 +02:00
Werner Koch
768b7892e3
python: Do not include the full file names in the docs.
--

GnuPG-bug-id: 5299
2021-06-24 18:13:00 +02:00
Jasper Spaans
14b148b7d3
python: Allow returning signatures made by unknown keys in decrypt
--
This functionality got dropped somewhere after 1.12, as part of the
cleanup of the `Context.decrypt` call signature. Reintroduce it again,
now using an explicit keyword argument `filter_signatures` (which
defaults to hiding signatures by unknown keys).

GnuPG-bug-id: 5292
2021-06-24 18:09:55 +02:00
Ingo Klöcker
ac4536990a qt: Extend SignKeyJob to create signatures with expiration date
* lang/qt/src/signkeyjob.h (SignKeyJob::setExpirationDate): New.
* lang/qt/src/qgpgmesignkeyjob.h, lang/qt/src/qgpgmesignkeyjob.cpp
(QGpgMESignKeyJob::setExpirationDate): New.
* lang/qt/src/qgpgmesignkeyjob.cpp (QGpgMESignKeyJob::Private): Add
member m_expiration.
(sign_key): Handle expiration date.
(QGpgMESignKeyJob::start): Pass expiration date to sign_key.

* lang/qt/tests/t-various.cpp
(TestVarious::testSignKeyWithoutExpiration,
TestVarious::testSignKeyWithExpiration): New.
(TestVarious::initTestCase): Add "allow-weak-key-signatures" to
gpg.conf.
--

This allows Kleopatra (and other users of QGpgme) to create key
signatures with expiration date.

GnuPG-bug-id: 5336, 5506
2021-06-22 18:49:45 +02:00
Ingo Klöcker
34d9defc42 core: Allow specifying an expiration date for key signatures
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".

* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--

The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.

GnuPG-bug-id: 5336, 5505
2021-06-22 16:35:03 +02:00
Ingo Klöcker
ab1d4ef580 Update NEWS.
* NEWS: Add news for recent changes
--

GnuPG-bug-id: 5421, 5217
2021-06-21 10:48:06 +02:00
Ingo Klöcker
5340bb7ccf qt: Add missing }
* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Add missing }.
--

Fixes-commit: 1dca8c2b3c
GnuPG-bug-id: 5465
2021-06-18 12:33:06 +02:00
Ingo Klöcker
72de06417e qt: Add some error logging
* lang/qt/src/qgpgmenewcryptoconfig.cpp (setURLValueList): Log error
if setting config value failed.
--

GnuPG-bug-id: 5465
2021-06-17 09:41:22 +02:00
Ingo Klöcker
1dca8c2b3c qt: Do not set empty base DN as query of keyserver URL
* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Only set non-empty
base DN as URL query.
--

This makes it possible to differentiate an unset query from an empty
query.

GnuPG-bug-id: 5465
2021-06-17 09:38:33 +02:00
Ingo Klöcker
0d03f31e07 qt: Fix API documentation
* lang/qt/src/signkeyjob.h (SignKeyJob::start,
SignKeyJob::setUserIDsToSign, SignKeyJob::setCheckLevel): Fix
documentation of parameters.
--

GnuPG-bug-id: 5245
2021-06-17 09:13:59 +02:00
Werner Koch
fde20940b5
core: New data flags "io-buffer-size" and "sensitive".
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.

* src/conversion.c (_gpgme_wipememory): New.  Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.

* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--

GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 19:51:28 +02:00
Werner Koch
ea290108e4
core: Also detect AuthEnvelopedData (AEAD for CMS)
* src/data-identify.c (basic_detection): Add OID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 17:10:49 +02:00
Andre Heinecke
b3b75c37e2
qt: Flush output after write for QProcess output
* lang/qt/src/dataprovider.cpp (QIODeviceDataProvider::write): Call
waitForBytesWritten.

--
The problem here is that QProcess writes into an internal buffer
which is written to stdin of the process triggered by a
signal/slot connection. That connection is broken when we move
the QProcess into our GPGME thread and only restablished when
our Job is finished. This caused Kleopatra to basically keep
everything when decrypting a large archive in memory and
only write it out to the unpack process once the decryption
was finished.

GnuPG-Bug-Id: T5475
2021-06-10 15:36:26 +02:00
Andre Heinecke
ceb8387460
core,w32: Increase BUFFER_SIZE to 4096
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.

--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.

GnuPG-Bug-Id: T5478
2021-06-10 15:33:51 +02:00
Andre Heinecke
e6095e5471
qt: Explicitly link libgpg-error
* lang/qt/src/Makefile.am (libqgpgme_la_LIBADD): Explicitly link
gpg-error.

--
Previously this was implicit from the libassuan flags.
2021-06-09 10:53:28 +02:00
Andre Heinecke
4041e2c62a
core: Explicitly add GPG_ERROR_CFLAGS
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS

--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
2021-06-09 10:47:05 +02:00
Ingo Klöcker
5bc4e23a57 qt: Add separate logging category for result of config loading
* lang/qt/src/qgpgme_debug.h: Make include guard match file name.
* lang/qt/src/qgpgme_debug.h, lang/qt/src/qgpgme_debug.cpp
(QGPGME_CONFIG_LOADING_LOG): New.
* lang/qt/src/qgpgmenewcryptoconfig.cpp
(QGpgMENewCryptoConfig::reloadConfiguration): Use new logging category.
--

Use a separate logging category for the extremely noisy logging of
the result of config loading to make debug logging more useful.

GnuPG-bug-id: 5217
2021-06-02 10:56:52 +02:00
Ingo Klöcker
5512133de4 core: Fix a few checks for number of fields in keylist result parser.
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--

This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
2021-06-02 10:20:26 +02:00
Ingo Klöcker
27aa7c4a0f qt: Add support for flags in LDAP server options
* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Handle extended
LDAP server option syntax.
(portToString): New.
(splitURL): Append flags to LDAP server option.
--

This adds support for the extended syntax of LDAP server options
introduced in gpg 2.2.18/2.3. The flags are stored as fragment of a
QUrl.

GnuPG-bug-id: 5217
2021-06-01 15:29:03 +02:00
Werner Koch
31eb45f016
tests: Improve the output of the run-keylist helper.
* tests/run-keylist.c (main): Print all infos from the primary key.
--

The test tool printed only the computed infos for the key and not the
detailed one fro the primary key.  The new output better reflects the
data structure.

Related to
GnuPG-bug-id: 5454
2021-05-28 18:31:43 +02:00
NIIBE Yutaka
367b9e7488 build: _DARWIN_C_SOURCE should be 1.
* configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.

--

GnuPG-bug-id: 5440
Reported-by: Jay Freeman
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-05-27 13:36:29 +09:00
NIIBE Yutaka
792a7e7f04 build: Update gpg-error.m4
* m4/gpg-error.m4: Update from libgpg-error.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-05-27 13:35:38 +09:00
Werner Koch
aa98081356
core: Allow for older compilers.
* tests/run-verify.c (main): Remove C99-only syntax.
* tests/run-threaded.c (start_keylistings): Ditto.
--

Older gcc's do not grok this and there is no real need for it.

  run-verify.c:324: error: ‘for’ loop initial declarations are only
  allowed in C99 mode
  run-verify.c:324: note: use option -std=c99 or -std=gnu99 to compile
  your code

Reported-by: Lars Hecking
2021-05-12 08:50:04 +02:00
Werner Koch
88db69e1a9
core: Make sure to stay ABI compatible.
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--

Fixes-commit: 276187f6b6

Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
2021-05-12 08:48:26 +02:00
Ingo Klöcker
58a217b108 cpp: Do not close stdout/stderr when destroying EditInteractor
* lang/cpp/src/editinteractor.cpp (EditInteractor::Private): Initialize
members 'state' and 'debug' in-class. Add member 'debugNeedsClosing'.
(EditInteractor::Private::Private): Remove members initializers.
Remember if 'debug' needs to be closed.
(EditInteractor::Private::~Private): Only close 'debug' if it needs to
be closed.
--

This fixes the problem that after destroying an edit interactor all
debug output went to /dev/null instead of stderr (or stdout) if one
enabled debugging of the edit interactors with GPGMEPP_INTERACTOR_DEBUG
set to stderr (or stdout).
2021-05-06 10:14:44 +02:00
Ingo Klöcker
f0858e45b0 qt: Extend SignKeyJob to create trust signatures
* lang/qt/src/signkeyjob.h (SignKeyJob::setTrustSignature): New.
* lang/qt/src/qgpgmesignkeyjob.h, lang/qt/src/qgpgmesignkeyjob.cpp
(QGpgMESignKeyJob::setTrustSignature): New.
* lang/qt/src/qgpgmesignkeyjob.cpp (sign_key): Handle trust signatures.
(QGpgMESignKeyJob::start): Pass trust signature attributes to sign_key.
(QGpgMESignKeyJob::setTrustSignature): New.
--

This allows Kleopatra to create trust signatures for trusted
introducers.

GnuPG-bug-id: 5245, 5421
2021-05-05 19:26:33 +02:00
Ingo Klöcker
dae01f8185 qt: Pimpl QGpgMESignKeyJob
* lang/qt/src/qgpgmesignkeyjob.h: Remove unneeded includes. Include
<memory>.
(QGpgMESignKeyJob): Remove all member variables. Add pimpl pointer.
* lang/qt/src/qgpgmesignkeyjob.cpp: Include <QString>. Don't include
<memory>.
(QGpgMESignKeyJob::Private): New.
(QGpgMESignKeyJob::QGpgMESignKeyJob): Remove initialization of removed
members. Initialize d.
(QGpgMESignKeyJob::start, QGpgMESignKeyJob::setUserIDsToSign,
QGpgMESignKeyJob::setCheckLevel, QGpgMESignKeyJob::setExportable,
QGpgMESignKeyJob::setSigningKey, QGpgMESignKeyJob::setNonRevocable,
QGpgMESignKeyJob::setRemark, QGpgMESignKeyJob::setDupeOk): Adapt to move
of member variables to pimpl.
--

GnuPG-bug-id: 5245, 5421
2021-05-05 19:26:19 +02:00
Ingo Klöcker
a8d7b9d167 cpp: Add support for trust signatures to sign key edit interactor
* lang/cpp/src/gpgsignkeyeditinteractor.h,
lang/cpp/src/gpgsignkeyeditinteractor.cpp
(GpgSignKeyEditInteractor::setTrustSignatureTrust): New.
(GpgSignKeyEditInteractor::setTrustSignatureDepth): New.
(GpgSignKeyEditInteractor::setTrustSignatureScope): New.
* lang/cpp/src/gpgsignkeyeditinteractor.cpp
(GpgSignKeyEditInteractor::Private::Private): Initialize new member.
(makeTable): Add new transition. Fix typos in existing transitions.
(GpgSignKeyEditInteractor::action): Handle SET_TRUST_VALUE,
SET_TRUST_DEPTH, and SET_TRUST_REGEXP.
--

GnuPG-bug-id: 5245, 5421
2021-05-05 19:26:03 +02:00
Ingo Klöcker
e391a08c6f cpp: Add getters for the attributes of a trust signature
* lang/cpp/src/key.h (TrustSignatureTrust): New enum.
* lang/cpp/src/key.h, lang/cpp/src/key.cpp
(UserID::Signature::isTrustSignature): New.
(UserID::Signature::trustValue): New.
(UserID::Signature::trustDepth): New.
(UserID::Signature::trustScope): New.
--

GnuPG-bug-id: 5245, 5420
2021-05-05 19:25:48 +02:00
Ingo Klöcker
276187f6b6 core: Extend gpgme_key_sig_t with trust signature members.
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419
2021-05-05 19:23:48 +02:00
Werner Koch
3ffd7bd403
doc: Add MIT license notice.
* LICENSES: New.
--

Suggested-by: Jiri Kucera <sanczes@gmail.com>
2021-03-11 13:49:31 +01:00
Werner Koch
0821e2b149
core: New flag GPGME_KEYSIGN_FORCE.
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.

* tests/run-keysign.c (show_usage): Add option --force
--

GnuPG-bug-id: 4584
2021-03-11 11:49:07 +01:00
Ingo Klöcker
fe900a41bf qt: Add method for getting config entries for components by entry name
* lang/qt/src/cryptoconfig.h, lang/qt/src/cryptoconfig.cpp
(CryptoConfig::entry): Move implementation to cpp. Add overload not
requiring a group name.
--

The group name is not needed for identifying a config entry because the
groups only provide a logical grouping of config entry for user
interfaces. To improve usability entries are sometimes moved to a
different group, but this shouldn't break existing applications trying
to access those entries. The new group-agnostic overload makes
applications robust against regrouping of config entries.

GnuPG-bug-id: 5217
2021-03-05 09:24:01 +01:00
Werner Koch
c8fd8870b3
core: Remove experimental feature GPGME_EXPORT_MODE_NOUID.
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--

Note that this constant was never announed and used only for internal
tests.  It made it into some release only by accident.

The constants is kept in gpgme.h to not break any code but it is
non-fucntionals.  We do not consider this an ABI break.

GnuPG-bug-id: 5284
2021-02-01 16:48:30 +01:00
Werner Koch
13221933ed
Post release updates
--
2021-01-08 19:01:50 +01:00
Werner Koch
bb9880778f
Release 1.15.1 2021-01-08 18:14:33 +01:00
Werner Koch
133050b3fa
Make distcheck make target a bit more reliable.
* Makefile.am (release): Do not pass --parallel
2021-01-08 18:12:59 +01:00
Ingo Klöcker
5137d7fc21 core: Make listing of signatures work if only secret keys are listed
* src/engine-gpg.c (gpg_keylist_build_options): Add "--with-sig-check"
argument if signatures shall be listed.
* tests/gpg/t-keylist-secret-sig.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
--

GnuPG-bug-id: 3580
2021-01-05 17:44:16 +01:00
Ingo Klöcker
a6220adf30 cpp: Add const-overload of UserID::Signature::operator<
lang/cpp/src/key.h, lang/cpp/src/key.cpp (UserID::Signature::operator<):
Add const-overload. Deprecate non-const overload.

--

This fixes compilation on FreeBSD with clang 10.
2021-01-04 16:30:41 +01:00
Andre Heinecke
543e210638
Qt: Undeprecate QByteArray based start functs
* lang/qt/src/encryptjob.h, lang/qt/src/signjob.h (start):
Undeprecate QByteArray based functions.

--
While the QIODevice access might avoid a copy it is more
difficult to manage the data and lifetime of the
QIODevices in calling code. The QByteArray calls are
convienient for small data objects like mails where
an in memory copy is not really expensive anymore.
2021-01-04 13:35:24 +01:00
NIIBE Yutaka
7a4fe82a01 python: Fix key_export*.
* lang/python/src/core.py (key_export): Just raise an error.
(key_export_minimal, key_export_secret): Ditto.

--

GnuPG-bug-id: 5149
Fixes-commit: 7faef33d13
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-12-03 11:35:24 +09:00
NIIBE Yutaka
53ac732bae core: Call _gpgme_passphrase_status_handler when exporting keys.
* src/export.c (export_status_handler): Call the handler.

--

Fixes-commit: 3382ecb17e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-24 15:00:27 +09:00
Andre Heinecke
a5c4b03025
Revert "cpp: Use portable off_t size_t"
This reverts commit 88294023c1.

--
This commit was too early and i needed to test more
this is breaking more then it helps so for now
revert it before we can do a proper solution.
2020-11-20 10:10:32 +01:00
NIIBE Yutaka
4c6fd36159 m4: Update with newer autoconf constructs.
* src/gpgme.m4: Replace AC_HELP_STRING to AS_HELP_STRING.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-20 12:07:33 +09:00
Andre Heinecke
88294023c1
cpp: Use portable off_t size_t
* configure.ac: Configure cpp data.h.in
* lang/cpp/src/Makefile.am: Generate data.h
* lang/cpp/src/data.cpp, lang/cpp/src/data.h: Use portable
types.
* lang/qt/src/Makefile.am: Include build dir.
* lang/qt/tests/makefile.am: Include build dir.

--
These kind of patches have been around for a while, IMO this
should not create an ABI incompatbility for cases where
it already works because the types should be the same
so I think this is not an interface break.

GnuPG-Bug-Id: T3996
2020-11-18 15:14:56 +01:00
Ingo Klöcker
3c185c2159 qt: Avoid empty "rem@gnupg.org" signature notations
* lang/qt/src/qgpgmesignkeyjob.cpp (sign_key): Check remark for being
an empty string instead of a null QString.
--

GnuPG-bug-id: 5142
Co-authored-by: Daniel Kahn Gillmor
2020-11-18 12:43:45 +01:00
NIIBE Yutaka
223779dfde build: Update with newer autoconf constructs.
* configure.ac: Use AC_USE_SYSTEM_EXTENSIONS instead of AC_GNU_SOURCE.
Use AS_HELP_STRING instead of AC_HELP_STRING.
* m4/libtool.m4: Update from libgpg-error.
* m4/gpg-error.m4: Update from libgpg-error.
* m4/libassuan.m4: Update from libassuan.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-18 14:34:52 +09:00
Andre Heinecke
df5a89e692
qt: Fix export of qDebug GpgME::Error overload
* lang/qt/src/debug.cpp: Include debug.h to get the export decl.
2020-11-12 16:07:14 +01:00