* lang/cpp/src/context.h (enum EncryptionFlags): Add constant
EncryptFile.
* lang/cpp/src/global.h (enum SignatureMode): Add constant SignFile.
* lang/cpp/src/context.cpp (sigflags2sigflags): Handle new flag
SignFile.
(encryptflags2encryptflags): Handle new flag EncryptFile.
(operator<<): Add new flags to the corresponding debug streams.
* lang/cpp/src/signingresult.cpp (CreatedSignature::mode): Handle
new flag SignFile (even if it cannot occur).
--
GnuPG-bug-id: 6550
* src/engine-gpg.c (gpg_decrypt): Pass output file name to gpg if output
has file name set.
(gpg_verify): Ditto.
* tests/run-decrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-verify.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
--
This change makes it possible to tell gpg to write the output (i.e. the
decrypted/verified data) directly to a file with given file name instead
of piping the output back to gpgme.
GnuPG-bug-id: 6550
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.
* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--
With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.
GnuPG-bug-id: 6550
* src/gpgme.h.in (GPGME_ENCRYPT_FILE): New encryption flag.
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Check for
incompatible flags. Pass filename instead of fd to gpg when new flag is
set.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.
* tests/run-encrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. Make gpg read the input file itself if the
option is given.
--
With this change the gpgme_op_encrypt* and gpgme_op_encrypt_sign*
functions gain the possibility to make gpg read the data to (sign and)
encrypt directly from a file instead of from an input FD to which it is
written by gpgme.
GnuPG-bug-id: 6550
* lang/qt/src/defaultkeygenerationjob.h, lang/qt/src/qgpgmebackend.h,
lang/qt/src/quickjob.h, lang/qt/src/threadedjobmixin.h: Replace all
occurrences of Q_NULLPTR with nullptr.
--
* src/op-support.c (_gpgme_parse_plaintext): Decode filename
as percent string.
--
From gnupg/doc/DETAILS:
If a filename is available it gets printed as the third
argument, percent-escaped as usual.
so we can use the usual percent decode function here.
GnuPG-Bug-Id: T6852
* lang/qt/src/qgpgmewkdlookupjob.cpp (startDirmngr): Use "gpgconf
--launch dirmngr" to start dirmngr.
--
Using gpgconf to start dirmngr prevents multiple instances to be started
by the concurrently running keyserver lookup and WKD lookup.
GnuPG-bug-id: 6833
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/cleaner.cpp, lang/qt/src/cleaner.h: New.
* lang/qt/src/util.cpp (PartialFileGuard::~PartialFileGuard): Call
Cleaner::removeFile instead of removeFile.
* lang/qt/src/util.cpp, lang/qt/src/util.h (removeFile): Remove.
--
If the initial attempt to remove the file fails then a Cleaner is
created that tries to remove the file at regular intervals (10 s)
and on destruction (which happens on application shutdown).
GnuPG-bug-id: 6584
* src/decrypt.c (_gpgme_decrypt_status_handler): Ignore received failure
code if we already have a specific failure code.
* src/encrypt.c (_gpgme_encrypt_status_handler): Ditto.
* src/export.c (export_status_handler): Ditto.
* src/genkey.c (genkey_status_handler): Ditto.
* src/keylist.c (keylist_status_handler): Ditto.
* src/keysign.c (keysign_status_handler): Ditto.
* src/passwd.c (passwd_status_handler): Ditto.
* src/revsig.c (revsig_status_handler): Ditto.
* src/setexpire.c (setexpire_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
* src/tofupolicy.c (tofu_policy_status_handler): Ditto.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
--
Usually, a process emits at most one failure code. But some operations
like the creation of an encrypted archive involve multiple chained
processes, so that multiple failure codes can be received. We want to
keep the first specific failure code we received. Further failure codes
are only parsed if we received just an unspecific "general error" so
far.
GnuPG-bug-id: 6575
* lang/qt/src/defaultkeygenerationjob.h (class DefaultKeyGenerationJob):
Deprecate.
--
GnuPG generates Ed25519 keys by default and has switched to 3072 bits as
default for RSA keys. DefaultKeyGenerationJob always generates RSA 2048
keys and uses the old parameter file API of GnuPG. It shouldn't be used
anymore.
GnuPG-bug-id: 6805
* configure.ac: Add option to enable building the Qt 6 binding with
-fPIC. Fix typo and mention default for --enable-no-direct-extern-access
option.
* m4/qt6.m4: Add -fPIC to GPGME_QT6_CFLAGS if requested or if Qt 6 was
built with reduce_relocations.
--
GnuPG-bug-id: 6781
* lang/qt/src/util.h, lang/qt/src/util.cpp (class PartialFileGuard):
New.
* lang/qt/src/util.cpp (getRandomCharacters, createPartFileName): New.
* lang/qt/src/qgpgmeencryptarchivejob.cpp (encrypt_to_filename): Use
PartialFileGuard.
* lang/qt/src/qgpgmesignarchivejob.cpp (sign_to_filename): Ditto.
* lang/qt/src/qgpgmesignencryptarchivejob.cpp
(sign_encrypt_to_filename): Ditto.
--
When creating signed and/or encrypted archives, gpgtar now writes the
result to a temporary file name. On success, the archive is renamed to
the final file name. Otherwise, the (partially written) temporary file
is removed (if possible).
GnuPG-bug-id: 6721
* lang/qt/src/util.h, lang/qt/src/util.cpp (removeFile): New.
* lang/qt/src/qgpgmeencryptarchivejob.cpp (encrypt): Move removal of
output file from here
(encrypt_to_filename): ... to here and use new function.
* lang/qt/src/qgpgmesignarchivejob.cpp (sign): Move removal of output
file from here
(sign_to_filename): ... to here and use new function.
* lang/qt/src/qgpgmesignencryptarchivejob.cpp (sign_encrypt): Move
removal of output file from here
(sign_encrypt_to_filename): ... to here and use new function.
--
GnuPG-bug-id: 6721
* src/Makefile.am (gpgme_w32spawn_CFLAGS): Add -municode.
* src/gpgme-w32-spawn.c (build_commandline, my_spawn)
(translate_handles): Convert to wchar_t API.
(main): Use wmain instead.
--
Some time ago we introduced an inconsistency that w32-util called
gpgme-w32-spawn through CreateProcessW but since gpgme-w32-spawn
internally worked with 8 bit the chars were mangled and the
arguments not passed correctly through the CreateProcessA of the
child process. Since the GnuPG processes use GetCommandLineW
this is the proper way to pass on Unicode command line arguments.
Please note that we did not pass UTF-8 before this patch but
rather some broken native encoding where Windows replaces
unicode characters with question marks etc.
GnuPG-Bug-Id: T6728
* src/export.c (op_data_t): Add failure_code.
(export_status_handler): Set it.
(gpgme_op_export_ext, gpgme_op_export_keys): Also check the failure
code.
--
That is just in case we missed an error code. For example with older
gpg versions (e.g. 2.3.8) and exporting to a keyserver.
* lang/qt/src/qgpgmedecryptverifyarchivejob.cpp
(decrypt_verify_from_file_name): On Windows, convert Unicode file name
to UTF-8.
* lang/qt/src/qgpgmeencryptarchivejob.cpp (encrypt,
encrypt_to_filename): On Windows, convert Unicode file name from/to
UTF-8.
* lang/qt/src/qgpgmesignarchivejob.cpp (sign, sign_to_filename): Ditto.
* lang/qt/src/qgpgmesignencryptarchivejob.cpp (sign_encrypt,
sign_encrypt_to_filename): Ditto.
--
On Windows, GnuPG expects file names to be UTF-8-encoded. This fixes
encrypting and decrypting folders with umlauts in the folder name and
in the file name of the archive. Encrypting and decrypting folders
with kanji still fails.
GnuPG-bug-id: 6728
* m4/qt6.m4: Check the build configuration of Qt 6 for
no_direct_extern_access.
--
If building with -mno-direct-extern-access has been neither enabled nor
disabled explicitly, then check whether Qt 6 was built with this flag.
The check is skipped, if we build for Windows.
GnuPG-bug-id: 6696
* configure.ac: Check if C++ compiler supports
-mno-direct-extern-access. Add option to enable building with
-mno-direct-extern-access.
* m4/ax_check_compile_flag.m4: New.
* m4/qt6.m4: Add -mno-direct-extern-access to GPGME_QT6_CFLAGS if
supported and requested.
--
This adds the possibility to build the Qt 6 bindings with the
-mno-direct-extern-access flag. This is required if Qt 6 was built with
this flag. This is a workaround for the lack of Qt 6's pkgconfig files
providing this flag if needed.
GnuPG-bug-id: 6696
* m4/qt6.m4: Remove attempt to build a Qt program with -fPIC.
--
libtool already takes care of adding -fPIC. Moreover, building without
-fPIC succeeded even if Qt was built with -fPIC, i.e. the check didn't
work as intended.
GnuPG-bug-id: 6696
* tests/run-keylist.c (main): Handle option --with-secret again.
--
Re-add handling of --with-secret option that was accidentally removed
with the previous commit.
GnuPG-bug-id: 6705
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_V5FPR): New.
(struct _gpgme_subkey): Add field v5fpr.
* src/engine-gpg.c (gpg_keylist_build_options): Pass new option to
gpg.
* src/key.c (gpgme_key_unref): Free new field.
* src/keylist.c (op_data_t): Parse and add "fp2" line.
* tests/run-keylist.c (show_usage): Add option --v5fpr.
* src/keylist.c (op_data_t): Add field failure_code.
(keylist_status_handler): Handle special value.
(gpgme_op_keylist_end): Return an error if a FAILURE line has been
seen.
--
Note that the failure code part has been added to better diagnose
problems if a wrong gpg version is used. If verything works right we
should not get this because we check that the gnupg version sis either
>= 2.4.4 or less than 2.3 and >= 2.2.42.
Note further that the v5fpr field may also be used to get the SHA-256
fingerprint of X.509 certificates (even without passing the new mode
flag).
GnuPG-bug-id: 6705
* src/engine-gpgsm.c (gpgsm_encrypt): Send the always-trust options.
* tests/run-encrypt.c: Add option --always-trust.
--
Note that the run-encrypt test tool used to assume always-trust for
OpenPGP since 1.7.0 This bug has also been fixed by introducing the
explicit option.
GnuPG-bug-id: 6559
* lang/qt/src/wkdrefreshjob.h, lang/qt/src/wkdrefreshjob.cpp
(WKDRefreshJob::start): New overload.
* lang/qt/src/wkdrefreshjob_p.h (WKDRefreshJobPrivate): Add field
m_userIds.
* lang/qt/src/qgpgmewkdrefreshjob.cpp (toEmailAddresses): New.
(locate_external_keys): Change return type and arguments.
(refresh_keys): Remove.
(QGpgMEWKDRefreshJobPrivate::startIt): Get emails from keys or user IDs.
Remove duplicates. Call locate_external_keys instead of refresh_keys.
* lang/qt/tests/run-wkdrefreshjob.cpp (CommandLineOptions,
parseCommandLine): New.
(main): Support new option --all-userids.
--
The new start() overload allows to specify the user IDs to use for the
WKD lookup explicitly. This allows updating user IDs via WKD which were
originally not retrieved via WKD.
GnuPG-bug-id: 6672
* lang/qt/tests/Makefile.am (AM_CPPFLAGS): Include Qt binding sources
before C++ binding sources and C sources.
--
This fixes the problem that the debug.h in the C sources was found
before the one in the Qt bindings.
Commit d23528cadf fixed it for Qt5, we
need Qt6 as well.
GnuPG-bug-id: 6673
* autogen.rc (final_info): Suggest to run configure from a build
subdirectory.
--
We recommend out-of-source builds. The suggestion what to do next shown
by autogen.sh should reflect this.
GnuPG-bug-id: 6673
* lang/qt/tests/Makefile.am (AM_CPPFLAGS): Include Qt binding sources
before C++ binding sources and C sources.
--
This fixes the problem that the debug.h in the C sources was found
before the one in the Qt bindings.
GnuPG-bug-id: 6673
* lang/qt/src/wkdrefreshjob.cpp, lang/qt/src/wkdrefreshjob.h,
lang/qt/src/wkdrefreshjob_p.h, lang/qt/src/qgpgmewkdrefreshjob.cpp,
lang/qt/src/qgpgmewkdrefreshjob.h: New.
* lang/qt/src/protocol.h (class Protocol): Add pure virtual member
function wkdRefreshJob
* lang/qt/src/protocol_p.h (Protocol::wkdRefreshJob): ... and
implement it.
* lang/qt/src/Makefile.am: Update accordingly.
* lang/qt/tests/run-wkdrefreshjob.cpp: New.
* lang/qt/tests/Makefile.am: Add new test runner.
--
This job allows updating keys via WKD. Only user IDs that were
originally retrieved via WKD (i.e. which have origin WKD) are
considered.
GnuPG-bug-id: 6672