* src/engine-gpg.c (gpg_keysign): Required USERID to be non-empty.
--
For some language bindings it is easier if the engine considers an
empty user id to be equivalent to NULL.
* configure.ac: Define GPG_ERR_ENABLE_GETTEXT_MACROS.
* src/version.c (do_subsystem_inits) [W32]: Switch gettext to UTF-8.
--
On Windows, applications using GpgME can now rely on localized texts
returned by GpgME, e.g. the texts for error codes, to be UTF-8 encoded.
In particular, this saves a useless and possibly lossy conversion to
native encoding and back to UTF-8. On other OSes, where we use the
system provided gettext, we assume that UTF-8 is used nowadays.
GnuPG-bug-id: 5960
* src/debug.c (errfp): Remove.
(debug_init): Factor some code out to ...
(safe_to_use_debug_file): new.
(tid_log_callback): New.
(debug_init): Rewrite to make use of gpgrt logging.
(_gpgme_debug): Ditto.
(_gpgme_debug_end): Remove extra LF testing code.
* src/dirinfo.c (get_gpgconf_item): Remove now unneeded LFs. Realign
output.
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.
* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--
This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.
GnuPG-bug-id: 6368
* src/engine-gpg.c (have_usable_gpgtar): New.
(start): Always pass --status-fd to the called process.
(gpg_decrypt, gpg_encrypt, gpg_encrypt_sign, gpg_sign, gpg_verify):
Use have_usable_gpgtar() to check for suitable gpg.
--
The version check in start() is not needed because versions of gpg
that are unsuitable for the usage of gpgtar are rejected already by
the callers.
GnuPG-bug-id: 6342
* src/w32-util.c (INST_TYPE_GPG4WIN, INST_TYPE_GPGDESK): New to
replace the numeric constants.
(find_version_file): New.
(_gpgme_get_gpgconf_path): Guess a default for inst_type.
--
GnuPG-bug-id: 6362
* src/engine-backend.h (engine_ops.sign): Rename argument mode to
flags.
* src/engine-gpg.c (gpg_sign): Rename argument mode to flags. Check
for invalid combination of flags.
* src/engine-gpgsm.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine-uiserver.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_sign): Rename argument
mode to flags.
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): Change value to 4.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
* src/sign.c (sign_start): Rename argument mode to flags. Adjust
check for invalid flags.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
--
Using the signature mode constants as flags is more natural, even if
currently all flags are mutually exclusive, because archives are
signed with a normal signature.
GnuPG-bug-id: 6342
* src/gpgme.h.in (gpgme_verify_flags_t): New enum.
(GPGME_VERIFY_ARCHIVE): New const.
(gpgme_op_verify_ext_start): New func.
(gpgme_op_verify_ext): New func.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/verify.c (gpgme_op_verify_ext_start): New.
(gpgme_op_verify_ext): New.
(verify_start): Add arg FLAGS. Pass the flags to
_gpgme_engine_op_verify.
(gpgme_op_verify_start): Call gpgme_op_verify_ext_start with 0 for
FLAGS.
(gpgme_op_verify): Call gpgme_op_verify_ext with 0 for FLAGS.
* src/engine.c, src/engine.h (_gpgme_engine_op_verify): Add arg FLAGS.
* src/engine-backend.h (struct engine_ops): Add FLAGS to 'verify'.
* src/engine-gpg.c (gpg_verify): Add arg FLAGS. Set use_gpgtar engine
flag if GPGME_VERIFY_ARCHIVE flag is set. Check for new enough gpg. Use
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_verify): Add arg FLAGS. Return error if
GPGME_VERIFY_ARCHIVE flag is set.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* tests/run-verify.c (show_usage): New options --archive, --directory,
and --diagnostics.
(main): Parse new options. Verify and extract with gpgtar if --archive
is given. Set file name of output data to value of --directory option.
Print stderr of gpg/gpgtar if --diagnostics is given.
--
GnuPG-bug-id: 6342
* src/gpgme.h.in (GPGME_DECRYPT_ARCHIVE): New decryption flag.
* src/engine-gpg.c (gpg_decrypt): Set use_gpgtar engine flag if
GPGME_DECRYPT_ARCHIVE flag is set. Check for new enough gpg and
incompatible flags. Use add_gpg_arg_with_value for gpg-only options
with a value and add_gpg_arg for gpg-only options without a value.
Set extra options for gpgtar and pass input data to stdin when using
gpgtar.
* tests/run-decrypt.c (show_usage): New options --archive and
--directory.
(main): Parse new options. Decrypt with gpgtar if --archive is given.
Set file name of output data to value of --directory option.
--
GnuPG-bug-id: 6342
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign, gpg_sign): Pass
file name set in data with --directory option to gpgtar.
* tests/run-encrypt.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
* tests/run-sign.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
--
GnuPG-bug-id: 6342
* src/engine-gpg.c (gpg_encrypt_sign): Set use_gpgtar engine flag if
GPGME_ENCRYPT_ARCHIVE mode is set. Check for new enough gpg. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.
* tests/run-encrypt.c (print_result): Rename to print_encrypt_result.
Print header.
(print_sign_result): New.
(show_usage): New option --sign.
(main): Parse new option. Sign and encrypt --sign is given.
Print results of signing additionally to results of encryption.
--
With this change the gpgme_op_encrypt_sign* functions get support for
creating an encrypted and signed archive from files and/or directories
passed as NUL-separated list in the "plain" data with gpgtar.
GnuPG-bug-id: 6342
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): New signature mode.
* src/engine-gpg.c (append_args_from_sender,
append_args_from_sig_notations): Use add_gpg_arg_with_value
for gpg-only options with a value.
(gpg_sign): Set use_gpgtar engine flag if GPGME_SIG_MODE_ARCHIVE mode
is set. Check for new enough gpg. Use add_gpg_arg_with_value for
gpg-only options with a value and add_gpg_arg for gpg-only options
without a value. Set extra options for gpgtar and pass input data to
stdin when using gpgtar.
* src/sign.c (sign_start): Add GPGME_SIG_MODE_ARCHIVE as valid mode.
* tests/run-sign.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Sign with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--
With this change the gpgme_op_sign* functions get support for
creating a signed archive from files and/or directories passed as
NUL-separated list in the "in" data with gpgtar.
GnuPG-bug-id: 6342
* src/gpgme.h.in (GPGME_ENCRYPT_ARCHIVE): New encryption flag.
* src/engine-gpg.c (arg_and_data_s): New field gpg_arg.
(engine_gpg): New flag use_gpgtar.
(_add_arg): Add argument gpg_arg and set it.
(add_arg_ext, add_arg_with_locp, add_arg, add_arg_pfx, add_arg_len):
Adjust call of _add_arg.
(add_arg_with_locp): Add argument front.
(add_gpg_arg, add_gpg_arg_with_value): New.
(gpg_new): Use add_gpg_arg_with_value for gpg-only options with a value
and add_gpg_arg for gpg-only options without.
(build_argv): Consider usage of gpgtar when counting arguments to pass
to gpg/gpgtar. Prepend "--gpg-args" to all gpg-only arguments if gpgtar
is used.
(start): Set program to use. Read diagnostics output from stderr when
using gpgtar. Do not pass --status-fd to gpgtar for gpg < 2.4.1. Use
add_gpg_arg_with_value for --lc-ctype and --lc-messages.
(gpg_encrypt): Set use_gpgtar engine flag if GPGME_ENCRYPT_ARCHIVE flag
is set. Check for new enough gpg and incompatible flags. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options
for gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.
* tests/run-encrypt.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Encrypt with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--
With this change the gpgme_op_encrypt* functions get support for
encrypting a list of files and/or directories passed as NUL-separated
list in "plain" data with gpgtar.
GnuPG-bug-id: 6342
* src/engine-gpg.c (_append_to_arglist, _prepend_to_arglist): New.
(_add_arg): Use _append_to_arglist and _prepend_to_arglist.
(add_data_ext): New. Extends add_data.
(add_data): Uses add_data_ext.
(gpg_new): Do not add --status-fd and --logger-fd to argument list.
(start): Prepend --logger-fd and --status-fd to the argument list.
--
This change makes it possible to handle those two arguments differently
if gpgtar is used instead of gpg.
GnuPG-bug-id: 6342
* src/dirinfo.c (WANT_GPGTAR_NAME): New.
(dirinfo): Add field gpgtar_name.
(get_gpgconf_item): Build gpgtar_name on demand and return it.
(_gpgme_get_default_gpgtar_name) : New.
(gpgme_get_dirinfo): New value "gpgtar-name" for WHAT.
* src/util.h (_gpgme_get_default_gpgtar_name): New.
* tests/t-engine-info.c (main): Add gpgtar-name to the output.
GnuPG-bug-id: 6342
* src/engine-gpg.c (build_argv): Initialize fd_data_map and argv. Goto
leave on error. Free fd_data_map and argv on error.
--
This will make it easier to add an additional "--with-gpg-args" option
where needed.
GnuPG-bug-id: 6342
* src/engine-gpg.c (build_argv): Don't add "--no-sk-comments" to argv.
--
This option is a no-op since 1.4.3 and 1.4.23 is the latest 1.4 release.
GnuPG-bug-id: 6342
* src/gpgme.m4 (AM_PATH_GPGME_PTHREAD): It's deprecated, since gpgme
supports threads and GNU C library has integrated pthread features.
--
GnuPG-bug-id: 6285
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* src/context.h (gpgme_context): Add field no_auto_check_trustdb.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add flag
"no-auto-check-trustdb".
* src/engine-gpg.c (engine_gpg): Add flags.no_auto_check_trustdb.
(gpg_set_engine_flags): Set the flag.
(build_argv): Pass option to gpg.
* tests/run-keylist.c (show_usage, main): Add option --no-trust-check.
--
This makes the --no-auto-check-trustdb option available in the GPGME API
to disable the potentially expensive automatic trust database check.
GnuPG-bug-id: 6261
* src/gpgme.m4: Overriding the decision by --with-gpgme-prefix,
use gpgrt-config gpgme when gpgrt-config is available.
--
This may offer better migration.
GnuPG-bug-id: 5034
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* src/gpgme.c (gpgme_set_global_flag): Add flag "inst-type".
* src/w32-util.c (_gpgme_set_get_inst_type): New.
(INST_TYPE_GPG4WIN_DIR): New.
(INST_TYPE_GPGDESK_DIR): New.
(_gpgme_get_gpgconf_path): Implement this flag. Replace fixed strings
by the macros.
* src/posix-util.c (_gpgme_set_get_inst_type): New dummy.
--
This is intended for use by Kleopatra to reliable find the expected
GnuPG installation.
* src/parsetlv.c (_gpgme_parse_tlv): Detect integer overflow.
--
Although there is no concrete case where we use for example
(to.nhdr+ti.length), it feels safer to protect against this anyway.
* src/sign.c (parse_sig_created): Special case the rfc4880 "1F" status.
--
This has always been wrong but we can't simply force strtol to assume
hex. Patch compiles but has received no specific test. For details
see
GnuPG-bug-id: 6223
* configure.ac (GPGME_CONFIG_CFLAGS): Prefix with -I${includedir} for
non-standard include paths.
(GPGME_CONFIG_LIBS): Prefix with -L${libdir} for non-standard library
paths.
* src/gpgme.pc.in (Cflags): Remove hard-coded -I${includedir}.
(Libs): Remove hard-coded -L${libdir}.
--
This helps prevent problems when building/linking something that depends
on gpgme (installed in standard path) and some other library (installed
in a standard path and a custom path).
See T6136 for related changes in libgpg-error.
* src/w32-util.c (_gpgme_get_gpgconf_path): Add fallback for
GnuPG VS-Desktop install scheme.
--
GnuPG VS-Desktop has the install layout:
%PROGRAMFILES%\GnuPG VS-Desktop\bin\libgpgme.dll
%PROGRAMFILES%\GnuPG VS-Desktop\GnuPG\bin\gpgconf.exe
This fallback is of course only required if the registry
string pointing to the correct install directory is
broken.
GnuPG-Bug-Id: T6131
* configure.ac (USE_GPGRT_CONFIG): New.
* src/Makefile.am [USE_GPGRT_CONFIG]: Conditionalize the install
of gpgme-config.
--
When system will migrate use of gpgrt-config and removal of
gpg-error-config, gpgme-config will not be installed (but use gpgme.pc
by gpgrt-config).
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_op_import_init_result.
--
This fixes a crash when importing keys from data. Initializing the
import result was missing for this keylist operation.
Fixes-commit: f3ca57dfd7
GnuPG-bug-id: 5951
* src/keylist.c (parse_sec_field15): Set SECRET flag.
--
Explicitly setting the SECRET flag for subkeys stored on smart cards
makes sure that the flag is also set if GPGME_KEYLIST_MODE_WITH_SECRET
is used when listing OpenPGP keys (as documented in the API
documentation). If secret keys are listed, then the flag is already set
when the packet type is parsed.
GnuPG-bug-id: 5965
* src/import.c (import_status_handler): Rename to ...
(_gpgme_import_status_handler): this. Make non-static.
(_gpgme_op_import_init_result): New.
(_gpgme_op_import_start, _gpgme_op_import_keys_start,
_gpgme_op_receive_keys_start): Call _gpgme_op_import_init_result.
* src/keylist.c (keylist_status_handler): Call
_gpgme_import_status_handler to handle import status lines.
(gpgme_op_keylist_start, gpgme_op_keylist_ext_start): Call
_gpgme_op_import_init_result.
* src/ops.h (_gpgme_op_import_init_result,
_gpgme_import_status_handler): New prototypes.
--
If a keylist operation with keylist mode GPGME_KEYLIST_MODE_LOCATE is
run, then gpg emits import status lines. Handling those status lines
allows users to retrieve the result of a --locate-(external)-keys
command.
GnuPG-bug-id: 5951
* src/gpgme.h.in (GPGME_KEYLIST_MODE_FORCE_EXTERN): New.
(GPGME_KEYLIST_MODE_LOCATE_EXTERNAL): New.
* src/gpgme.c (gpgme_set_keylist_mode): Check for invalid mode.
* src/engine-gpg.c (gpg_keylist_build_options): Use
"--locate-external-keys" instead of "--locate-keys" if flag is set.
* src/gpgme-json.c (op_keylist): New flag "force-extern".
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Handle
new mode.
--
GnuPG-bug-id: 5951
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--
Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.
GnuPG-bug-id: 5939