Commit Graph

3539 Commits

Author SHA1 Message Date
Werner Koch
f0ccce855b
gpgme-tool: Switch to argparse.c for option parsing.
* src/argparse.c, src/argparse.h: New. Taken from current gnupg.
* src/Makefile.am (gpgme_tool_SOURCES): New.
* src/gpgme-tool.c: Remove all argp.h stuff.
(my_strusage): New.
(main): Change to use argparse.
--

As a GnuPG related tool the user should get the same experience in
option parsing as with gpg et al.  Thus we use the same parser.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-31 20:34:00 +02:00
Werner Koch
c4b6b35bfa
Add gpgme_pubkey_algo_string
* src/gpgme.h.in (GPGME_PK_EDDSA): New.
(gpgme_pubkey_algo_string): New.
* src/conversion.c (_gpgme_map_pk_algo): Add new algo.
* src/gpgme.c (gpgme_pubkey_algo_string): New.
(gpgme_pubkey_algo_name): Reformat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-30 19:04:44 +02:00
Werner Koch
c8e7870281
Post release updates
--
2015-08-26 10:16:39 +02:00
Werner Koch
107bff70ed
Release 1.6.0
* configure.ac: Set LT version to C25/A14/R0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-26 10:06:00 +02:00
Werner Koch
c4f4b5c0a6
Make use of GPGRT macros is available.
* src/gpgme.h.in (_GPGME_INLINE): Define using GPGRT_INLINE if
possible.  Fix problem with -Wundef by adding an extra "defined()".
(_GPGME_GCC_VERSION): Define using GPGRT_ macro if possible.
2015-08-26 09:16:36 +02:00
Werner Koch
3f53d3d5d9
Avoid -Wundef warnings if gpgme.h is used by g++.
* src/gpgme.h.in (_GPGME_INLINE): Move definition into the
extern-C-scope.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 21:04:15 +02:00
Werner Koch
ff91e699f7
Add configure option --enable-build-timestamp.
* configure.ac (BUILD_TIMESTAMP): Set to "<none>" by default.
--

This is based on
libgpg-error commit d620005fd1a655d591fccb44639e22ea445e4554
but changed to be disbaled by default.  Check there for some
background.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 20:40:06 +02:00
Daiki Ueno
028a0ef333
Relax ttyname_r error checks
* src/engine-assuan.c (llass_new): Don't treat ttyname_r error as
fatal.
* src/engine-g13.c (g13_new): Likewise.
* src/engine-gpg.c (gpg_new): Likewise.
* src/engine-gpgsm.c (gpgsm_new): Likewise.
* src/engine-uiserver.c (uiserver_new): Likewise.

--
Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g.,
when /dev/pts is not accessible under chroot.  Since all our uses of
ttyname_r() require that the function works, we can treat the failure as
if isatty() fails.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
2015-08-25 19:11:30 +02:00
Werner Koch
97f1f3e883
Cleanup layout of gpgme.h
* src/gpgme.h.in: Reorder prototypes.  Chnage some comments.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 18:10:14 +02:00
Werner Koch
8ddc5801ad
Improve error return by checking the FAILURE status.
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.

* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.

--

This requires GnuPG 2.1.8 to actually make a difference.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-25 13:23:51 +02:00
Werner Koch
208f029746
tests: Build test programs in tests/ without wrappers.
--
2015-08-25 10:37:02 +02:00
Werner Koch
491fcd91b8
tests: Allow using run-sign to test loopback pinentry problems.
* tests/run-sign.c: Add options --status and --loopback.
2015-08-25 09:05:33 +02:00
Werner Koch
ad46f4f655
Call status_cb for an ERROR status seen in the passphrase handler.
* src/passphrase.c (_gpgme_passphrase_status_handler): Call status_cb.
--

Frankly, we should have a more generic way of feeding the status_cb
handler than our current ad-hoc method.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 21:17:21 +02:00
Werner Koch
a7dbab23ea
w32: Look for gpgconf in the new GnuPG 2.1 install dir.
* src/w32-util.c (_gpgme_get_gpgconf_path): Try another location of
gpgconf.exe.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 19:59:43 +02:00
Werner Koch
06d6fd8ca0
w32: Expect gpgme-w32spawn.exe only in the gpgme installation dir.
* src/w32-util.c (find_program_at_standard_place): Remove.
(_gpgme_get_gpg_path): Make the search order more explicit.
(_gpgme_get_gpgconf_path): Ditto.
(_gpgme_get_w32spawn_path): Search only in the inst_dir.
--

This tries to avoid possible unclear bug reports by removing the
fallback to the current gpg4win installation directory for the gpgme
helper.  It is expected that users of gpgme installing their own gpgme
version also install the matching helper.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 16:34:29 +02:00
Werner Koch
df098d6a43
w32: Print the installation directory in debug mode.
* src/debug.c (debug_init) [W32]: Show libgpgme installation dir.
--

I expect that gpgme will be distributed by applications and thus it
will be helpful to see in the debug log which gpgme is actually used.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 15:03:20 +02:00
Werner Koch
2b632bbb78
Add an export secret key feature.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET): New.
(GPGME_EXPORT_MODE_RAW): New.
(GPGME_EXPORT_MODE_PKCS12): New.
* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.

* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.
--

Note that exporting secret X.509 keys requires GnuPG 2.1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 12:41:24 +02:00
Ben Kibbey
ccbaccbf2e Parse INQUIRE_MAXLEN in the passphrase callback.
* src/passphrase.c (_gpgme_passphrase_status_handler): Parse
GPGME_STATUS_INQUIRE_MAXLEN.
* src/passphrase.c (_gpgme_passphrase_command_handler): Send the
INQUIRE_MAXLEN status message.

--
Fixes passing this status message along when decrypting symmetric data
from gpg.
2015-08-16 12:54:50 -04:00
Ben Kibbey
70b3e5964e Fix gpgme_{get,set}_status_cb to match documentation.
* doc/gpgme.texi: Minor fixes.
* src/gpgme.c (gpgme_get_status_cb): Set return variables to NULL and
check for a valid ctx pointer.
2015-08-15 18:19:27 -04:00
Ben Kibbey
6dd24c3c61 Parse the INQUIRE_MAXLEN status message.
* src/gpgme.h.in: (gpgme_status_code_t): Add INQUIRE_MAXLEN.
* src/status-table.c (status_table_s): Ditto.
* src/genkey.c (genkey_status_handler): Parse INQUIRE_MAXLEN.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

This status message informs the client of the maximum length of an
inquired line. It is sent from gpg and forwarded to the client via
gpgme_status_cb_t.
2015-08-15 18:19:27 -04:00
Ben Kibbey
4fadcf06ec Add gpgme_set/get_status_cb().
* src/gpgme.h.in (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
(gpgme_status_cb_t): New.
* src/gpgme.c (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
* src/context.h (status_cb): New.
(status_cb_value): New.
* src/gpgme.def: Export new symbols.
* src/libgpgme.vers: Ditto.
* doc/gpgme.texi: Document these new functions.

--
This callback function is used to forward status messages from gpg back
to the client.
2015-08-15 18:19:27 -04:00
Ben Kibbey
2b6ae3dadf Make use of user passphrase handler during genkey.
* src/genkey.c (genkey_start): set engine passphrase command handler.

--
This allows for inquiring a new passphrase during key generation rather
than requiring a pinentry. Needs a patch to gnupg to make use of
--command-fd with --gen-key.
2015-08-15 18:17:06 -04:00
Ben Kibbey
e07d38f5f9 Also check the return code in gpg_sign().
* src/engine-gpg.c (gpg_sign): Check return value from start().
2015-08-12 06:46:43 -04:00
Ben Kibbey
8f28e3caf9 Check the return value when starting gpg.
* src/engine-gpg.c (gpg_decrypt, gpg_delete, gpg_passwd): Check return
value of start().
2015-08-10 21:23:02 -04:00
Ben McGinnes
a7fbd5293e More GTK2 removal
* Missed a couple of files, these 2 go for the same reason as the
  previous 3.
2015-08-02 11:06:14 +10:00
Ben McGinnes
1cd0aef0af Removed GUI examples
* GUI examples written with pygtk, which has not been ported to Python
  3 and won't be as it is for GTK2 and GNOME is moving to GTK3.
* New GUI examples may be required in future using any of several GUI
  frameworks (e.g. wxPython, PyQt, PySide, PyGObject, etc.).
2015-08-02 11:01:02 +10:00
Andre Heinecke
08086dd690
Add offline mode support for CMS keylisting
* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
  (_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
  (gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
  (gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.

--
The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to
collect.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2015-07-31 15:18:27 +02:00
Peter Wu
157c8be183
build: ignore scissor line for the commit-msg hook
* build-aux/git-hooks/commit-msg: Stop processing more lines when the
  scissor line is encountered.
--
This allows the command `git commit -v` to work even if the code is
longer than 72 characters. Note that comments are already ignored by the
previous line.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2015-07-23 15:05:52 +02:00
Werner Koch
c23f889710
Add option --lib-version to gpgme-tool.
* src/gpgme-tool.c (options, parse_options):  Add --lib-version
(CMD_LIBVERSION): New.
(main): Implement.
2015-07-23 11:40:09 +02:00
Werner Koch
a5d9e018b8
Post release updates
--
2015-06-08 15:18:56 +02:00
Werner Koch
052a9e3c56
Release 1.5.5 2015-06-08 15:03:18 +02:00
Werner Koch
ddbd54ef88
Fix regression with gpgsm 2.0 due to "OPTION with-secret".
* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Do not terminate
on a status lines.
--

This bug has been with us since the support for gpgsm: If there is no
status line handler but a status line is received anyway the command
handling loop terminates and thus the command/answer order gets out of
sync.  In the case of the bug report this is triggered by sending an
option which starts the agent and that starting emits a "PROGRESS"
status line.

The solution is not to stop reading after a status line but record a
possible error code and return that only after OK or ERR.

GnuPG-bug-id: 1795
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-08 12:34:49 +02:00
Werner Koch
7addffc082
tests: Add option --secret to run-keylist.
Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-08 12:30:11 +02:00
Werner Koch
8b9f84828c
Fix compiler warnings about unused value in TRACE macros.
* src/debug.h: Change macros to not have a literal 0 as last
expression of the comma operator.
* src/debug.c (_gpgme_debug_frame_end): Return 0.
(_gpgme_debug): Return 0.
--

Instead of using
   foo(), 0
for the trace macros we let foo() return 0 instead.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-08 11:08:08 +02:00
Werner Koch
a5b040cc57
Fix test suite for GnuPG 2.1 which uses pubring.kbx.
* tests/gpgsm/final.test: New.
* tests/gpgsm/initial.test: New.
* tests/gpg/start-stop-agent: Move to ../.
* tests/gpgsm/Makefile.am (TESTS_ENVIRONMENT): Export top_srcdir.
(TESTS): Add intial.test and final.test.
(AM_LDFLAGS): Add -no-install.
(clean-local): Use start-stop-agent
(initial.test): Add dependency.
* tests/gpg/Makefile.am (top_srcdir): Export top_srcdir.
(AM_LDFLAGS): Add -no-install.
(check-local): Depend on pubring-stamp instead of pubring.gpg.
(initial.test): Depend on check-local.
(./pubring-gpg): Replace by rule for ./pubring-stamp.
--

There are also a couple of other changes which should make the tests a
bit more robust and the gpg and gpgsm tests more similar.

The -no-install avoids creating wrappers for test programs, which make
debugging easier.

The dependency on check-local guarantees that its rules are run before
the first test.  This is important because conf files are setup by
this rule.  Earlier automake versions seem to have run check-local
always before the tests but today the order of execution is not
defined.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-08 10:43:29 +02:00
Matthew Barnes
87d713ff41
Set GPGME_SIGSUM_KEY_REVOKED also for gpg.
* src/verify.c (calc_sig_summary): Handle GPG_ERR_CERT_REVOKED.

--

parse_new_sig() handles a revoked key by setting sig->status to
GPG_ERR_CERT_REVOKED, but then later calc_sig_summary() expects that
code in sig->validity_reason.

Additional comments added by wk.
2015-06-05 14:58:06 +02:00
Werner Koch
0d28a69616
Fix segv for userids with a backslash.
* src/engine-gpg.c (gpg_keylist_preprocess): Increment SRC for a
backslash.
--

This bug is not exploitable because this bug fills up .data with
backslashes and thus causes the segv.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-05 14:25:59 +02:00
Ben McGinnes
90405ac84b
Python 3 port of PyME
* Port of PyME 0.9.0 for Python 2 to Python 3 along with most of the
  example scripts.
* Intended to be developed in parallel with the original Python 2
  version until such time as a rewrite of GPGME leads to developing an
  IO API in Python 3 from scratch.
* Python 3 PyME and API maintainer has entered, stage left with current
  GPG key ID 0x321E4E2373590E5D, primary fingerprint is "DB47 24E6 FA42
  86C9 2B4E  55C4 321E 4E23 7359 0E5D" and signing subkey fingerprint is
  "B7F0 FE75 9387 430D D0C5  8BDB 7FF2 D371 35C7 553C" for future
  reference with git commit signatures.
2015-05-17 05:31:35 +10:00
Ben McGinnes
29887c9b28 Explaining why not all scripts work
* Some of them cannot be properly tested on OS X, especially with GTK in
  the mix (it works on OS X, but is unlikely to be as easily accessible
  as Cocoa or Qt).
* Most major functions are showcased and do work, albeit sometimes with
  false positives of error messages, at least on OS X.
2015-05-17 05:14:47 +10:00
Ben McGinnes
c39cea7a07 Byte encoding
* More string updates.
* verifydetails.py still fails, but as Bernhard is still contactable, it
  might be worth him checking on it instead.
2015-05-17 05:07:12 +10:00
Ben McGinnes
0e6e6689ef No change, note added to explain why. 2015-05-17 04:57:26 +10:00
Ben McGinnes
40290507bc Strings vs. Bytes
* CLI input must be byte encoded.
2015-05-17 04:43:53 +10:00
Ben McGinnes
325b0ca341 More byte changes and passphrase changes
* exportimport works, but will still segfault for an as yet unknown
  reason.
* genkey produces a traceback error, but does create the key as
  intended.
* matched passphrase in signverify.
2015-05-17 04:22:53 +10:00
Ben McGinnes
ba3c9f2617 More bytes good
* Another string to byte change.
2015-05-17 04:09:38 +10:00
Ben McGinnes
1c87ecb86a Updated encrypt-to-all
* Changed plaintext string to byte literal.
* Nested key selection in a try/except statement in case of
  UnicodeEncodeError instances.
* Tested successfully on over 9,000 keys.
2015-05-17 04:03:49 +10:00
Ben McGinnes
24c738f5bb Passphrase update
* Changed example passphrase to something that meets the current minimum
  requirements.
2015-05-17 02:38:32 +10:00
Ben McGinnes
8345bf6f43 example email
* changed joe@foo.bar to joe@example.org as it is only a matter of time
  before ICANN actually creates bar as a gTLD, if they haven't already.
2015-05-17 02:35:24 +10:00
Ben McGinnes
4fc1239815 Updated string and key data
* Text changed to byte literals.
* Changed key type to RSA/RSA.
* Changed expiry to the future (2020).
2015-05-17 02:30:13 +10:00
Ben McGinnes
90079786c5 String type
* the plain text string must be bytes and not unicode.
* Expect most of the example code to have similar issues at present.
2015-05-09 04:53:46 +10:00
Ben McGinnes
ebd8734ad7 Python 3 port of PyME
* The entirety of the Python 3 port of PyME up to commit
  2145348ec54c6027f2ea20f695de0277e2871405
* The old commit log has been saved as
  lang/py3-pyme/docs/old-commits.log
* Can be viewed as a normal (separate) git repository at
  https://github.com/adversary-org/pyme3
* Utilising the submodule feature of git was deliberately skipped on
  humanitarian grounds (in order to prevent pain and suffering on the
  part of anyone having to manage this repository).
2015-05-06 03:09:44 +10:00