--
This functionality got dropped somewhere after 1.12, as part of the
cleanup of the `Context.decrypt` call signature. Reintroduce it again,
now using an explicit keyword argument `filter_signatures` (which
defaults to hiding signatures by unknown keys).
GnuPG-bug-id: 5292
* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Only set non-empty
base DN as URL query.
--
This makes it possible to differentiate an unset query from an empty
query.
GnuPG-bug-id: 5465
* lang/qt/src/dataprovider.cpp (QIODeviceDataProvider::write): Call
waitForBytesWritten.
--
The problem here is that QProcess writes into an internal buffer
which is written to stdin of the process triggered by a
signal/slot connection. That connection is broken when we move
the QProcess into our GPGME thread and only restablished when
our Job is finished. This caused Kleopatra to basically keep
everything when decrypting a large archive in memory and
only write it out to the unpack process once the decryption
was finished.
GnuPG-Bug-Id: T5475
* lang/qt/src/qgpgme_debug.h: Make include guard match file name.
* lang/qt/src/qgpgme_debug.h, lang/qt/src/qgpgme_debug.cpp
(QGPGME_CONFIG_LOADING_LOG): New.
* lang/qt/src/qgpgmenewcryptoconfig.cpp
(QGpgMENewCryptoConfig::reloadConfiguration): Use new logging category.
--
Use a separate logging category for the extremely noisy logging of
the result of config loading to make debug logging more useful.
GnuPG-bug-id: 5217
* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Handle extended
LDAP server option syntax.
(portToString): New.
(splitURL): Append flags to LDAP server option.
--
This adds support for the extended syntax of LDAP server options
introduced in gpg 2.2.18/2.3. The flags are stored as fragment of a
QUrl.
GnuPG-bug-id: 5217
* lang/cpp/src/editinteractor.cpp (EditInteractor::Private): Initialize
members 'state' and 'debug' in-class. Add member 'debugNeedsClosing'.
(EditInteractor::Private::Private): Remove members initializers.
Remember if 'debug' needs to be closed.
(EditInteractor::Private::~Private): Only close 'debug' if it needs to
be closed.
--
This fixes the problem that after destroying an edit interactor all
debug output went to /dev/null instead of stderr (or stdout) if one
enabled debugging of the edit interactors with GPGMEPP_INTERACTOR_DEBUG
set to stderr (or stdout).
* lang/qt/src/qgpgmesignkeyjob.h: Remove unneeded includes. Include
<memory>.
(QGpgMESignKeyJob): Remove all member variables. Add pimpl pointer.
* lang/qt/src/qgpgmesignkeyjob.cpp: Include <QString>. Don't include
<memory>.
(QGpgMESignKeyJob::Private): New.
(QGpgMESignKeyJob::QGpgMESignKeyJob): Remove initialization of removed
members. Initialize d.
(QGpgMESignKeyJob::start, QGpgMESignKeyJob::setUserIDsToSign,
QGpgMESignKeyJob::setCheckLevel, QGpgMESignKeyJob::setExportable,
QGpgMESignKeyJob::setSigningKey, QGpgMESignKeyJob::setNonRevocable,
QGpgMESignKeyJob::setRemark, QGpgMESignKeyJob::setDupeOk): Adapt to move
of member variables to pimpl.
--
GnuPG-bug-id: 5245, 5421
* lang/qt/src/cryptoconfig.h, lang/qt/src/cryptoconfig.cpp
(CryptoConfig::entry): Move implementation to cpp. Add overload not
requiring a group name.
--
The group name is not needed for identifying a config entry because the
groups only provide a logical grouping of config entry for user
interfaces. To improve usability entries are sometimes moved to a
different group, but this shouldn't break existing applications trying
to access those entries. The new group-agnostic overload makes
applications robust against regrouping of config entries.
GnuPG-bug-id: 5217
* lang/qt/src/encryptjob.h, lang/qt/src/signjob.h (start):
Undeprecate QByteArray based functions.
--
While the QIODevice access might avoid a copy it is more
difficult to manage the data and lifetime of the
QIODevices in calling code. The QByteArray calls are
convienient for small data objects like mails where
an in memory copy is not really expensive anymore.
This reverts commit 88294023c1.
--
This commit was too early and i needed to test more
this is breaking more then it helps so for now
revert it before we can do a proper solution.
* configure.ac: Configure cpp data.h.in
* lang/cpp/src/Makefile.am: Generate data.h
* lang/cpp/src/data.cpp, lang/cpp/src/data.h: Use portable
types.
* lang/qt/src/Makefile.am: Include build dir.
* lang/qt/tests/makefile.am: Include build dir.
--
These kind of patches have been around for a while, IMO this
should not create an ABI incompatbility for cases where
it already works because the types should be the same
so I think this is not an interface break.
GnuPG-Bug-Id: T3996
* lang/qt/src/qgpgmesignkeyjob.cpp (sign_key): Check remark for being
an empty string instead of a null QString.
--
GnuPG-bug-id: 5142
Co-authored-by: Daniel Kahn Gillmor
* lang/python/tests/t-quick-subkey-creation.py: Specify RSA.
--
Using GnuPG 2.3, a key with default (ed25519/cv25519) cannot have some
combination of capabilities (e.g., "encr auth").
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* lang/qt/src/debug.h: Add export macro.
--
This is public API so it should be exported. This did not
resolve a link issue for Windows that I've experienced
when building. But this might be to some uncleanlyness
in my build environment.
lang/qt/src/quickjob.h (QuickJob::result): Make parameters
auditLogAsHtml and audigLogError optional.
--
This aligns the signature of QuickJob's result signal with the result
signals of the other Job subclasses.
GnuPG-bug-id: 5094
lang/cpp/src/key.h, lang/cpp/src/key.cpp (UserID::Signature::operator<):
New.
lang/cpp/src/key.cpp (signature_index): New.
--
operator< defines a canonical sort order for signatures belonging to
the same user ID. It is based on the sort order defined by
cmp_signodes() in g10/keylist.c of gnupg. In particular, the ordering
of signatures made with the same key by creation time allows to see
easily whether the most recent signature is a certification or a
revocation.
GnuPG-bug-id: 5094
recent
* lang/qt/src/qgpgmequickjob.h: (GpgME::Key, QDateTime, QString):
Remove superfluous forward declarations.
(QGpgMEQuickJob): Remove superfluous second template argument. It is
identical to the default.
(QGpgMEQuickJob::result): Remove. It is already defined in the base
class.
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::revokeSignature, Context::startRevokeSignature): New.
* lang/cpp/src/context.cpp
(getLFSeparatedListOfStrings, getLFSeparatedListOfUserIds): New.
(getLFSeparatedListOfFingerprintsFromSubkeys): Extracted second part
of function to getLFSeparatedListOfStrings.
--
GnuPG-bug-id: 5094
* lang/cpp/src/context.cpp, lang/cpp/context.h
(Context::cancelPendingOperationImmediately): New.
* NEWS: Mention added API
--
This allows immediate canceling of running operations, e.g. when a
thread with a long running operation (like SCD DEVINFO --watch) is
going to be terminated (on application shutdown).
GnuPG-bug-id: 5066
* lang/cpp/src/Makefile.am: Add new files.
* lang/cpp/src/interfaces/statusconsumer.h,
lang/cpp/src/statusconsumerassuantransaction.cpp,
lang/cpp/src/statusconsumerassuantransaction.h: New.
* NEWS: Mention new API.
--
This Assuan transaction is useful for long running Assuan commands.
Classes implementing the StatusConsumer interface can process received
status lines while the Assuan command is still running.
GnuPG-bug-id: 5066
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/debug.h, lang/qt/src/debug.cpp: New.
* NEWS: Mention it.
--
This was previously implemented in Kleopatra, but it makes sense for
all users of qgpgme.
* lang/cpp/src/engineinfo.h
(EngineInfo::Version::operator>(const Version &)): Fix logic.
(EngineInfo::Version::operator>(const char *)): Use Version-overload of
operator>.
* lang/qt/tests/t-various.cpp: Add test.
--
This fixes a logic error that 2.0.0 > 2.0.0 would return true.
* lang/cpp/src/key.cpp (Key::update): Call Context::key() only once
with KeyListMode::WithSecret.
--
With gpg >= 2.1, get the key with --with-secret instead of first trying
to get the secret key and, if that fails, getting the public key.
GnuPG-bug-id: 4794
* lang/qt/src/qgpgmelistallkeysjob.cpp
(do_list_keys): Rename to do_list_keys_legacy and put into unnamed
namespace.
(merge_keys): Put into unnamed namespace.
(list_keys): Rename to list_keys_legacy and put into unnamed namespace.
(do_list_keys, list_keys): New.
* lang/qt/tests/t-keylist.cpp (testListAllKeysSync): New.
--
With gpg >= 2.1, list keys once with --with-secret instead of listing
public keys and secret keys and then merging (part of) the information
about the keys.
GnuPG-bug-id: 4794
* lang/cpp/src/util.h
(add_to_gpgme_keylist_mode_t): Sort modes as in enum definition and
add missing modes to check.
(convert_from_gpgme_keylist_mode_t): Add missing handling of
GPGME_KEYLIST_MODE_WITH_TOFU and GPGME_KEYLIST_MODE_WITH_KEYGRIP.
* lang/cpp/src/key.cpp (Key::mergeWith): Also merge secret flag and
keygrip
--
The keygrip was lost if the result of a public key listing was merged
with the result of a secret key listing as done by QGpgMEListAllKeysJob.
GnuPG-bug-id: 4794
* lang/qt/src/dn.cpp (parse_dn_part): Fix parser.
--
This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory. However, it is harmless because the rfc2253
strings have been received from GnuPG which is expected to emit
correct syntax.
GnuPG-bug-id: 5037
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.
* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--
Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.
GnuPG-bug-id: 4395
* lang/qt/src/changeexpiryjob.h (ChangeExpiryJob::start): New overload
that accepts subkeys (with empty implementation).
* lang/qt/src/qgpgmechangeexpiryjob.h,
lang/qt/src/qgpgmechangeexpiryjob.cpp (QGpgMEChangeExpiryJob::start):
New overload that accepts subkeys.
--
This adds the possibility to change the expiry of subkeys.
GnuPG-bug-id: 4717
* lang/cpp/src/context.h, lang/cpp/src/context.cpp
(Context::getLFSeparatedListOfFingerprintsFromSubkeys): Remove
from Context; make it a static function instead
--
GnuPG-bug-id: 5003
* lang/qt/src/qgpgmechangeexpiryjob.cpp (change_expiry): Use new
setExpire() instead of edit() with GpgSetExpiryTimeEditInteractor
--
Using the new setExpire() (which uses --quick-set-expire) is a lot less
complex than using gpg's edit interface. It also feels faster. Next,
I'll add support for changing the expiration time of subkeys.
GnuPG-bug-id: 5003
* lang/cpp/src/key.cpp (Subkey): Add ostream operator.
* lang/cpp/src/key.h: Update accordingly.
--
This is helpful for debugging / showing the state of a subkey.
* lang/cpp/context.cpp, lang/cpp/context.h
(Context::startPublicKeyExport, Context::exportPublicKeys): Extend
with flags paramenter.
(Context::ExportMode): New.
* lang/qt/src/exportjob.h (ExportJob::setExportMode): New.
* lang/qt/src/qgpgmeexportjob.cpp, lang/qt/src/qgpgmeexportjob.h:
Update accordingly.
--
This adds the C++ and Qt API for export modes.
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
* lang/qt/src/*: Change logging category to macro to QGPGME_LOG.
--
The old logging category macro had a typo and this way we
are more consistent with other logging rules. For example
you could write gpg.* in the logging conf.
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/job.cpp (GpgCardJob): Add impl stuff.
* lang/qt/src/protocol.h (gpgCardJob): Get one.
* lang/qt/src/qgpgmebackend.cpp,
lang/qt/src/qgpgmebackend.h: Add helpers to get the job.
* lang/qt/src/qgpgmegpgcardjob.cpp,
lang/qt/src/gpgcardjob.h,
lang/qt/src/qgpgmegpgcardjob.h: New.
--
This is annoyingly complex to add a simple new job.
In the future we should implement something like this
without the threadedjobmixin stuff. But the idea was
to follow the usual job pattern.
GnuPG-Bug-Id: T4794
* lang/cpp/src/gpgsignkeyeditinteractor.cpp (action):
Use uidhash instead of number.
(GpgSignKeyEditInteractor::setKey): New.
* lang/cpp/src/gpgsignkeyeditinteractor.h: Update accordingly.
* lang/cpp/src/key.h, lang/cpp/src/key.cpp: Wrap uidhash.
* lang/qt/src/qgpgmesignkeyjob.cpp: Set the key.
--
Using the uidhash avoids problems when the user ids
on --edit-key are different ones then the uids
captured by gpgme when listing keys. Or if
they are in a different order. This can happen
with cached keys or keys with user attributes.
* lang/qt/tests/t-remarks.cpp (initTestCase): Supply
allow-weak-key-signatures flag for GnuPG 2.3, which
normally rejects use of SHA1 digest.
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
* lang/qt/tests/t-encrypt.cpp (decryptSupported): Moved to
t-support as loopbackSupported.
* lang/qt/tests/t-remarks.cpp: Check for loopbackSupported.
* lang/qt/tests/t-support.cpp, lang/qt/tests/t-support.h
(loopbackSupported): New.
--
This ensures that the tests do not fail with GnuPG 2.0.x
* lang/qt/test/t-remarks.cpp (testRemarkReplaceSingleUIDExportable):
Use QVERIFY instead of assert.
--
An assert causes the temp directory not to be cleaned up. I
use this to analyze test failures.
If you want to see the tests home directory after a failure you
can just change a failing verify to an assert.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h (UserID::remarks): New.
* NEWS: Mention this.
--
This can be useful if we want to show remarks made by others, too.
For:
GnuPG-Bug-Id: T4734
* lang/qt/tests/t-various.cpp (testRemarks): Move out.
* lang/qt/tests/t-remarks.cpp: New.
* lang/qt/tests/Makefile.am: Update accordingly.
--
While t-various is nice to add a quick test for more
extensive stuff it is better to move it in its own test.
This also tests with a key that has only a single uid.
* lang/cpp/src/key.cpp (UserID::remark): Use C-API.
--
The other parts of that function already use the C API
so we can also avoid function calls for the keyListMode.
* lang/cpp/src/gpgsignkeyeditinteractor.cpp: Add another
state DUPE_OK2 to allow gpg looping over all uids.
--
When duplicated signatures should be added to multiple
user ids GnuPG will ask for each uid so we have to
add a transition for that.
GnuPG-Bug-Id: T4734
* lang/cpp/src/editinteractor.cpp (EditInteractor::Private::Private):
Read "GPGMEPP_INTERACTOR_DEBUG" env var.
(EditInteractor::Private::~Private): Close debug file.
--
While it was possible for the application to control the
debug through setDebugChannel it is often times helpful
to just debug without changing the application using
GPGME
* lang/qt/src/qgpgmesignkeyjob.cpp: Handle remarks and
dupeOK.
* lang/qt/src/signkeyjob.h (SignKeyJob::setDupeOk),
(SignKeyJob::setRemark): New.
--
This API makes it easy for Kleopatra to add remarks for:
GnuPG-Bug-Id: T4734
* lang/cpp/src/gpgsignkeyeditinteractor.cpp
(GpgSignKeyEditInteractor::setDupeOk): New.
(makeTable): Add new tansitions.
(SignKeyState): Add DUPE_OK Status.
(GpgSignKeyEditInteractor::action): Handle DUPE_OK.
(GpgSignKeyEditInteractor::Private::Private): Carry flag.
--
When extended-edit is enabled this can be used to answer
the "dupe_ok" query from the edit-key with yes.
This is for:
GnuPG-Bug-Id: T4734
* lang/cpp/src/key.h, lang/cpp/src/key.cpp (UserID::remark): New.
--
A remark made by one key on another is a signature notation on
a user id certification signature with the name "rem@gnupg.org".
This helps with:
GnuPG-Bug-Id: T4734
* lang/python/doc/Makefile.am (EXTRA_DIST): Remove files not
distributed like files under meta.
* Add rules to generate .rst and .texi files.
* lang/python/doc/rst: Remove .rst files to be generated.
* lang/python/doc/texinfo: Remove .texi files to be generated.
GnuPG-bug-id: 4275
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
--
* Connection.js: In some cases, the browser disconnect does not
happen inmediately (e.g. wrong extension for the app). I added a
delay of 25 ms to see if the connection was closed by the browser.
Also, I tried to make the checkConnection more readable.
--
* Connection.js
- Add some meaningful nativeMessaging feedback for failing
communication due to misconfiguration or other browser-originated
fails
- add an "isDisconnected" property
- "isNativeHostUnknown" tries to match browser's feedback string if
the browser does not find gpgme-json
* init.js
- initialization will now reject with a more meaningful error if the
configuration is not set up or other browser-based errors
(chrome.runtime.lastError) are present. This should speed up
the normal initialization (not having to waiting for a timeout
any more in case of improper setup)
* errors.js
- CONN_NATIVEMESSAGE: New error that passes the browser's
nativeMessaging error
- CONN_NO_CONFIG: native messaging error indicating that the
nativeMessaging host was not set up properly
* unittests.js:
- added the "isDisconnected" property to the startup tests
- added tests for proper behavior of connection checks
* lang/python/tests/Makefile.am (gpg.conf): Set a default key.
--
It seems we need to set a default key because at least t-sign.py does
not specify the key to use and we do not want to rely on the order of
keys in the keyring.
Also
Fixes-commit: f3ca2c9ce9
gpg 2.0 is end-of-life and we don't need these extra options anymore.
In fact they for the use of some gpg version and don't use the version
gpgconf knows about. This also aligns the python tests to what we use
for the C test suite.
Signed-off-by: Werner Koch <wk@gnupg.org>
* configure.ac: Configure new Makefiles.
* lang/python/Makefile.am: Remove dirs from extra dist and use
subdirs.
* lang/python/examples/Makefile.am, lang/python/src/Makefile.am,
lang/python/doc/Makefile.am: New. Files that list EXTRA_DIST files.
--
This is similar to what lang/js does by explicitly listing the
files. This ensures that we have clean distribution tarballs
without accidentall additions that just lay in the directory.
GnuPG-Bug-Id: T4481
* src/core.py (decrypt): filter out signatures with errors from the
returned verify_result, but avoid raising BadSignatures
* tests/t-decrypt-verify.py: ensure that only a single signature is
returned when evaluating cipher-3.asc, since the other signature is
unknown.
--
This change preserves the invariant that decrypt() only ever returns
valid signatures in the verify_result, but it avoids unnecessary
errors in the face of the presence of an additional bad signature.
GnuPG-bug-id: 4276
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/tests/t-decrypt.py: test decryption of cipher-3.asc and
cipher-no-sig.asc
* lang/python/tests/t-decrypt-verify.py: test decryption and
verification of cipher-3.asc and cipher-no-sig.asc
--
note that this introduces a failed test -- decrypt-verify.py
misbehaves on cipher-3.asc by throwing a BadSignature even though
GnuPG-bug-id: 4276
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/tests/Makefile.am: prefer py_tests from the environment
if present.
--
I'm trying to make it nicer/quicker to hack on the testsuite for
python bindings. With this change, if you're improving the python
bindings test suite, you can selectively run only a few specific tests
like so:
lang/python$ make check py_tests='t-decrypt.py t-decrypt-verify.py'
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* NEWS: Mention interface change.
* lang/cpp/src/gpggencardkeyinteractor.cpp
(GpgGenCardKeyInteractor::setAlgo): New.
(GpgGenCardKeyInteractor::action),
(GpgGenCardKeyInteractor::nextState: Handle new interface.
--
Tested that this workes with the old interface of GnuPG 2.2.5
and the new interface since GnuPG 2.2.6
GnuPG-Bug-Id: T4428
* lang/cpp/src/context.cpp (Error::hasSystemError): Invert logic to
do what it says.
--
This is safe because according to codesearch it is only used
in QGpgME
* lang/cpp/src/data.cpp (GpgME::Data::toKeys): Rewind afterards.
--
This fixes unexpected behavior that the seek pointer is changed
after calling the const toKeys.
* A rather obvious variant of the existing key import examples, except
directed at Mailvelope's keyserver.
* Yeah, Werner, I know ... but it exists because I used it and there's
no harm in sharing.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Version bump in preparation for whenever GPGME 1.13.0 happens.
* Ran the post_installer.py for docs preparation again.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Removed auto-generated .texi files from doc/src/ so only the
corrected versions are left.
* Which means now it is complete, but with the initial work to expand
it with info file generation later.
* Moved post_installer.py into the examples/howto/ directory.
* Added instructions for its use to the Python Bindings HOWTO.
* Ran it as intended from the lang/python/ directory in order to both
prove it works and quickly and easily get the updated howto
replicated. Also to fix all those .texi files.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed inter-edit.py so it will actually work now.
* made 3 others executable.
* Fixed the semantics of assuan.py's instructions.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added some EPUB specific config options to the Sphinx config file
which might help reduce some of Sphinx's more stupid default errors
with EPUB validation.
* Added lang/python/post_installer.py script for automating the
generation of .texi and .rst "source" files from the real source
files written in Org mode. Includes recreating the Sphinx Makefile
which is excluded due to the m4 toolchain in parent directories, it
also handles the rewriting of the reST index file properly and
rewrites the .texi files so they don't impale themselves on Unicode.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Found a bug in org-mode's export to texinfo function which will
require either manual modification of each file or a customs sed run
over the generated files for all updates.
* Manually updated the current files for now, but will need to add
some post-install processing scripts for future use (I already have
some of these for my specific setup, they just need to be made a
little more generic and platform independent for here).
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Dropped the ASCII copyright line, since even MS have conceded their
battle against Unicode enough to load UTF-8.
* Fixed the drafts section since there will be less need of multiple
output format testing from next year.
* Tightening up both the documentation and some of the example code.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed a bug in the ProtonMail importers (pmkey-*.py) where multiple
keys found for a username would always result in the last email
address checked being returned in the printed output for all located
keys.
* Though Keybase really should not be encouraged due to
disengenuosness and FUD emanating from that souce, this new script
will obtain a key hosted on that site and import it when supplied
with the keybase username.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added small requirements.txt file for additional modules not in the
standard python library and not including the bindings themselves
and not including Cython, which is for more advanced examples.
* Tweaked it slightly to avoid repetition of key searches when there
is only one search pattern to check (i.e. usually a single key ID or
fingerprint).
* Tweaked the code again so that it can also handle the cases where
someone has included a hexadecimal string in their user ID.
* Updated the HOWTO to match.
* Exported to .rst and .texi.
* Fixed the logic used to search for any given pattern.
* Added a sensible method of checking whether a pattern is a key ID or
fingerprint.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Multiple updates, expanding on the Windows installation issues.
* Also adding to the new maintenance mode reference document.
* Includes content relating to the resolution of T4271 and T4191.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/src/core.py (Context.decrypt): simplify and clarify the
logic behind handling verify=False.
* lang/python/tests/t-decrypt.py: ensure that we test verify=False
--
The function-internal variables were pretty unclear to the reader, and
the logic caused pretty nasty breakage when verify=False.
GnuPG-Bug-Id: 4271
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/src/core.py (Context.decrypt): document odd
error-handling behavior as a potential problem to be addressed.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* lang/python/src/core.py (Context.decrypt): docstring clarification
of what it means to pass an empty list to the verify argument.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Both of these function-internal variables are never used for anything
other than a binary state. Implement them as the booleans they are.
Otherwise, casual readers of the code might think that they're
supposed to represent something other than a flag (e.g. "verify_sigs"
could mean "the signatures to verify", and "sink_result" could mean
"the place where we sink the result").
Signed-Off-By: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
It's easy to miss that verify can take a list of keys. Make it more
obvious to the average python dev who reads docstrings.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
In the course of trying to address https://dev.gnupg.org/T4271, i
discovered that gpg.Context.decrypt() has a bit of superfluous code.
This changeset is intended to simplify the code without making any
functional changes.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* added warning that he Windows C runtime issues will also affect use
with Cython and that relying on binary installers would remove that
possible use case.
* The make.bat file incorrectly triggers the trailing whitespace check
in the git repo (it doesn't actually have any trailing whitespace,
but triggers the error on every line).
* Will need to add a script to handle future org-mode conversions of
the index page anyway, so will get that script to deal with this
problem too by generating the make.bat file if the platform is
detected as Windows.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added framework from sphinx-quickstart to lang/python/doc/rst/ so
that Python developers already using Sphinx can use the generated
reST files with existing documentation systems.
* Note that when generating source files from Org-mode, the index page
will require manual intervention to match the Sphinx requirements.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Expanded the section on issues with Windows installations, with
greater detail of which versions of Visual Studio are needed
depending on which version of CPython is to be used.
* Included a recommendation which is a bit harsh without being totally
prickish.
* Updated all files to not link to author's key or related data in
order to make them all consistent with the changes in commit
649b196881.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/cpp/src/Makefile.am, lang/qt/src/Makefile.am (AM_CPPFLAGS):
Add suggest-override and zero-as-null-pointer-constant warnings.
* lang/cpp/src/*, lang/qt/src/*: Consistenly use nullptr and override.
--
This was especially important for the headers so that downstream
users of GpgME++ or QGpgME do not get flooded by warnings if
they have these warnings enabled.
It also improves compiler errors/warnings in case of accidental
mistakes.
* Added long description to setup.py.in.
* Added maintenance mode details with clarification for what type of
things would be a bug as far as MM is concerned and what wouldn't
be.
** Includes a not too subtle hint directed towards the donations page.
* Miscellaneous tightening of documentation.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added instructions for checking key certifications or key
signatures (depending on preferred terminology).
* Added pendulum module to recommended installations, but not to
requirements.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added documentation for the new methods added to gpgme.version.
* Removed the Flask based advanced use case from the what-is-new
section as that type of code will not be added here.
* lang/python/version.py.in: added gpg.version.versionintlist
* If gpg.version.versionintlist[2] ever returns -1 then there's a
serious problem with the build and it should be lodged as a bug if
it's repeatable. Seeing this should never happen, but checking for
it is better than not doing so.
* Fixed bug T4242 and tested that dropping "Import" in favour of
"import_type" does indeed work just fine.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/src/constants/__init__.py: dropped use of Import
capitalisation and renamed lang/python/src/constants/import.py to
lang/python/src/constants/import_type.py to address bug T4242.
* lang/python/doc/src/gpgme-python-howto: minor docs updates.
* Continued restructuring as part of moving beyond mere;y the HOWTO
file.
* Generated the alternative source files for reST and Texinfo.
* Fixed some errors and updated links after moving the what's new
section to two new files (yes, two).
* lang/cpp/tests/run-verify.cpp: New.
* lang/cpp/tests/Makefile.am: Update accordingly.
--
Add another test runner which helps to find problems on windows.
* lang/cpp/src/context.cpp (Context::create): New.
* lang/cpp/src/context.h: Update accordingly.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h:
(Key::isBad, Subkey::isBad, UserID::isBad)
(UserID::Signature::isBad): Add shorthand for the isX checks.
* NEWS: Mention it.
--
I don't know how often I wrote:
if (key.isNull() || key.isExpired() || key.isRevoked() ...
And for the context it is good practice to use a unique ptr
so the API should make it easy.
* Fixed a minor error in how the reST version of the HOWTO is
generated.
* Updated the help() in __init__.py with a little more detail as to
why not to use the lower level functions.
* lang/python/tests/t-callbacks.py: Updated test logic to try
generating a key which expires in 2099 and if that fails then
fallback to an expiration in 2037 in an attempt to catch the 32-bit
systems.
* lang/python/gpgme.i: ignore HAVE_CXX11 in SWIG interface
--
If there are two distinct builds (a) and (b) of gpgme which both build
python bindings, and build (a) also happens to build the C++ bindings,
then the generated gpg/gpgme.py file from build (a) will not be usable
with the .so generated in build (b), despite them being exactly the
same, and having nothing to do with C++.
In particular, it will fail with:
-----------
File "…/gpg/__init__.py", line 99, in <module>
from . import core
File "…/gpg/core.py", line 10, in <module>
from . import gpgme
File "…/gpg/gpgme.py", line 152, in <module>
HAVE_CXX11 = _gpgme.HAVE_CXX11
AttributeError: module 'gpg._gpgme' has no attribute 'HAVE_CXX11'
-----------
By asking SWIG to ignore this definition, we stabilize the generated
.py and the .so, ensuring that they are more cleanly interoperable.
--
* Use wrapper types calling translation functions instead of
TRANSLATE-{FROM,TO}-FOREIGN methods as they seem not to be
called in some cases.
* Use the (:STRUCT SOME-C-STRUCT) notation instead of the
deprecated direct reference to SOME-C-STRUCT.
* Add missing values in enums and bit fields.
* Use cffi-grovel to define system types (SIZE-T, OFF-T, etc).
* Wrap GPGME-DATA-T in a class (like contexts).
* Use the FINALIZE function from trivial-garbage to free the
C objects for contexts, keys and data automatically.
* Make DATA-READ-CB and DATA-WRITE-CB run faster.
* Update the README file.
Signed-off-by: Guillaume LE VAILLANT <glv@posteo.net>
* lang/cpp/Makefile.am: Add tests subdir.
* lang/cpp/tests/Makefile.am: New.
* lang/cpp/tests/README,
lang/cpp/tests/run-getkey.cpp,
lang/cpp/tests/run-keylist.cpp: New.
* configure.ac: Configure tests makefile.
--
The autotests for c++ live in lang/qt/tests these
tests are more for manual experiments to validate some
functionality.
* lang/cpp/src/context.cpp (Context::startKeyListing),
(Context::keyListResult, Context::signingKeys): Initialize key.
--
"Should" not be neccessary but it's cleaner and would have
covered the case of the previous commit.
* configure.ac: Bump core LT version to C32/A21/R0. Bump C++ LT
version to C14/A8/R0.
* lang/qt/tests/Makefile.am (CLEANFILES): Add reader status files.
* Makefile.am (EXTRA_DIST): Add conf/whatisthis.
Signed-off-by: Werner Koch <wk@gnupg.org>
* conf/: New dir.
* configure.ac (AC_CONFIG_HEADER): Move header to conf dir.
* doc/Makefile.am (mkdefsinc): Adjust rule.
* lang/python/Makefile.am (copystamp): Ditto.
--
C++ uses those stupid files without a suffix and thus the new standard
header <version> as included by newer other libc++ versions may
conflict with the VERSION file in out top directory. This change
should solve the problem.
GnuPG-bug-id: 4168
Signed-off-by: Werner Koch <wk@gnupg.org>
* lang/python/doc/meta/TODO.org: Added the two major documentation
build system tasks to the TODO list.
* Added an index page in preparation for sorting out the second of
those TODO lists (Docutils is a lot easier to handle than Texinfo).
* Meanwhile, have confirmed that it all builds just fine under
GNU/Linux, OS X and FreeBSD while retaining the documentation, so
that's a nice improvement from 1.11.1.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* doc/Makefile.am: Removed a bit I forgot about.
* Renamed lang/python/docs to lang/python/doc bvecause apparently
automake cares about that too.
* Decided to be extra explicit in the manifest because if I don't then
all sorts of things get deleted ... like lang/python
* Tested on an external linux system just in case my osx workstation
introduces too much weirdness.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/Makefile.am: Attempting to remove the docs/meta
directory did a lot worse than I thought it was doing, so better to
just be sure the documentation is available than destroy the entire
bindings directory.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/Makefile.am: Now that gpg2 has been renamed back to gpg
and gpg1 is semi-deprecated, we should check what the actual gpg
binary is with gpgconf and use that rather than make assumptions per
system.
* Also, it means less worry if gpg3 is ever a thing. (Trust me, I
remember the Python 1 to 2 transition as well as the current 2 to 3
transition). ;)
Signed-off-by: Ben McGinnes <ben@adversary.org>
* More updates to the docs themselves and the versions to be available
with the next release.
* .texi and .rst copies of the HOWTO and the short history of (this
part) of the project.
* Restructured the docs directory to account for the GNU preferred
source doc format (.texi) and the Python preferred source doc
format (.rst) and the real source doc format (.org).
* Both the perceived source formats will need to be generated from the
.org files and included at this stage. Unfortunately there is not
yet a native org-to-rst transformation method in the org-mode
software in Emacs nor is there a a direct means of going from reST
to Org-mode from Docutils. There's only third party packages like
Pandoc and, while very good, there is no guarantee of consistency;
so we can't entirely automate this bit (yet).
* doc/Makefile.am: removed the python howto from this file, restoring
it to just the main project and the newer .js files.
* deleted: doc/gpgme-python-howto.texi
* renamed the Short_History.org file to short-history.org to keep the
naming conventions similar.
* All the Python files can (and should) live together.
* Changed the order of python versions the configure/make process
checks for, placing Python 3.7 ahead of 3.6.
* Updated the HOWTO documentation to reflect this change.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Tightened up the docs a little bit, updated the "what's new"
section, dropped the "-draft" version in preparation for GPGME
1.12.0's release.
* Exported another .texi version (and updated the draft copies to this
commit (which ought to be 1.11.1-beta313).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/src/core.py: First restoring the exception to the being
just that.
* The means to manipulate the error output is temporarily in commented
out code, but ought to be added to a proper test later.
* In the mean time the original test, with a very slight change, works
again.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/src/core.py: Fixed methods of detecting whether verify
is a boolean variable or a list.
* Added methods of catching the missing keys exceptions.
* Still retained PEP8 compliance (which might have been where one or
two problems crept in).
* Though this is essentially the correct behaviour, it still does not
quite fit the otiginal test; so that will also require some adjustment.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/examples/howto/local-sign-group.py: added the bit where
specifying the signing key is actually used for signing rather than
just pruning the list of keys to certify.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* lang/python/examples/howto/local-sign-group.py: locally sign every
key in a group line except one's own keys. Intended to address the
sort of thing one might see on lists like PGPNET or other closed
groups amongst activists, journalists, etc. where everyone encrypts
to all recipients, but may not sign everyone's keys publicly..
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed the final assertion to look for what will actually be reported
in that case instead of something else (i.e. it looks for an
IMPORT_ERROR status code).
* Sometimes you really do need or want punctuation in a heading, but
ideally without something else generating whitespace and other
annoyances to go with it.
* Trying a real decimal point instead.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Woumd up the "what's new" section.
* Added an example for sending a key to the keyservers via hkp4py.
* Updated the export key code to use a more complete check for the
$GNUPGHOME location.
* Expanded on the installation and reinstallation troubleshooting
section.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added a What's New section to summarise changes since the last
release. There have been quite a few and some attention does need
to be drawn to some of them.
* Confirming certain issues with some platform builds, especially
BSD/OSX vs. Linux issues which will need to update the installation
troubleshooting guides.
* Added more comprehensive examples using hkp4py and added a couple
more example scripts for protonmail.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Mostly tightening up the details on the hkp4py example script.
* Also fixed a typo in the LGPL boiler plate text included in all the
other example scripts for the HOWTO.
* added a new example script to search the keyservers and import the
results, this time using Marcel Fest's hkp4py module.
* Updated the key importing section to match this addition.
* Tested with the current version of hkp4py from github.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Confirmed that updates to the tests have significant'y improved that
output.
* Updated some of the additional notes for the section on hkp4py.
** This is in anticipation adding at least import examples using that
module as well. It may also include adding examples of exporting a
key and uploading it to the keyservers.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* src/gpgme.h.in: Obsolete "class" also for Python.
* lang/python/gpgme.i: Silenece a swig warning. Silence a gcc
warning.
Signed-off-by: Werner Koch <wk@gnupg.org>
* Added some material on using the new-ish hkp4py module with GPGME.
* Example code will be added later once a couple of little issues are
addressed.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* src/gpgme-json.c (op_createkey): Remove subkey-algo param.
(GPG_AGENT_ALLOWS_KEYGEN_TRHOUGH_BROWSER): Fix typo.
* lang/js/src/Keyring.js: Remove subkey-algo support.
* lang/js/src/permittedOperations.js: Ditto.
--
We do not want to expose details of the protocol's key generation and
thus the subkey-algo does not make sense. Right now we support only
the default and future-default algorithms. A user can configure them
anyway using new-default-key-algo in gpg.conf. Eventually we may
officially support a more flexible way of creating special structured
OpenPGP keys but right now that is not part of the API.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
* src/index.js: Added an optional configuration object for the startup.
* configuration: timeout - the initial check for a connection ran into
timeouts on slower testing machines. 500ms for initial startup is
not sufficient everywhere. The default timeout was raised to 1000ms,
and as an option this timeout can be increased even further.
* BrowsertestExtension: Set the initial connection timeouts to 2
seconds, to be able to test on slower machines.
* Sanitized the shell command examples of extraneous whitespace.
* Removed keycount.c as sanitising it is pointless and it will be
generated by Cython when the example is followed.
* Regenerated the .texi version.
* Added new advanced section with an example of using the Python
bindings with CPython code compiled back to C code using Cython.
* Though it may seem a bit counter-intuitive to use the bindings just
to go back to C via a different route, this is not actually stupid.
* Added examples/howto/advanced/cython/ directory.
* Added keycount.pyx, setup.py and the keycount.c file which the first
two generated with Cython. Not including the .so and .o files from
the build.
* Exported the .texi version of the howto for the main docs.
* lang/python/docs/gpgme-python-howto.org: more tweaks and edits,
along with another build of output formats.
* doc/gpgme-python-howto.texi: updated texinfo version for parent docs.
* lang/python/docs/gpgme-python-howto.org: Identified and fixed the
headings which kept generating lines with trailing whitespace when
exporting to Texinfo format and adjusted them to prevent that.
* lang/python/docs/gpgme-python-howto.org: Renamed file to better fit
the rest of the project's docs.
* Added a section on the very unofficial drafts I periodically post
links to since they're often the easiest way to get a web version in
front of someone in a hurry.
* lang/python/docs/GPGMEpythonHOWTOen.org: Added corresponding GPGME
version number to table at the start and cut the shortcut from the
groups.py example.
* doc/gpgme-python-howto.texi: New export of Texinfo file for docs
build.
* lang/python/docs/GPGMEpythonHOWTOen.org: Fixed a few errors in the
newer sections.
* Updated code in the examples using secret key exporting and group
lines to reflect the Python 2.7 compatibility fixes added.
* lang/python/examples/howto/export-secret-keys.py and groups.py:
Updated the backwards compatibility adjustments to account for
unicode differences between python 2 and 3.
* lang/python/examples/howto/groups.py: subprocess update
* lang/python/examples/howto/export-secret-keys.py: subprocess update
Both of these try the nice and easy method of getting the subprocess
output available in Python 3, but will fall back to the older Popen
method if it doesn't work. Essentially this is to be a little nicer
to Python 2.7.15 (even though the examples are filled with warnings
that py2 support is not guaranteed with the examples).
--
* src/Helpers.js: GPGME_Keys were not parsed as valid, as their
fingerprint getter is not a fingerprint 'property'.
* BrowserTestExtension: fixed a dsplay typo in counting of tests.
--
* BrowsertestExtension/tests/decryptTest.js: There were cases in which
file names returned in a wrong encoding from decryption. The test
cases here are a 'Hello World' in a text file with different names,
then being encrypted with cli gnupg.
--
* src/Helpers.js: This additional escape should 'repair' special
characters like spaces in filenames. In the strange world of
encoding there is little hope that this captures all cases, or
that it will never fail to return some value, let alone meaningful.
In my test cases it worked.
--
* BrowserTestExtension/tests:
- decryptTest.js: Check Decryption and return values of binary data
- encryptTest.js: Return data type of armored/non-armored encryption
- added a small encoded input png for testing
* DemoExtension/maindemo.js: Fixed unexpected usage of the Demo encrypt
(non-armored)
--
* src/gpgme.js: In case the encryption was done unarmored, the result
is binary data. Added an option to either return the binary data as
base64-encoded string or as Uint8Array, similar to return values of
decrypt
--
* src/Connection.js; src/permittedOperations.js: To avoid further
encoding problems, data sent by gpgme is now sorted as either
'payload' or 'info'. Payload data may come in any encoding, and here
the 'expected' and 'format' options are used, 'info' data may
contain text created by gnupg which may need re-encoding, but this
should not be affected by 'expected' and 'format'
* lang/python/src/core.py: Adjusted new_from_estream function to alias
new_from_stream instead of fd.
* fixed the _gpgme import errors introduced in commit
08cd34afb7 by changing the exported
functions/types to match the inner module where all the work is
done, rather than the outer one(s).
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
--
* src/gpgmejs.js/encrypt: the encrypted data were converted back to a
(incorrect) string, whereas they should be data with no encoding
specified. Returning base64 data is the expected way.
* DemoExtension: caught yet another usage of old syntax.
* lang/python/docs/GPGMEpythonHOWTOen.org: Updated links to the
ProtonMail keyserver import scripts and added a warning regarding
being unable to update third party keys.
* lang/python/examples/howto/pmkey-import-alt.py: added usage.
* lang/python/examples/howto/pmkey-import.py: added usage.
--
* src/Helpers.js: As non-payload data might come in different
encodings, a conversion has been introduced that worked in most
cases. Data like the userid might come in different encodings,
which we don't know of. For now, a try..catch returns the data
as they are if the utf-8 decoding fails. Sometimes this yields the
correct result, sometimes it may not work, but it won't stop the
whole operation anymore.
--
* destructuring just takes the input argument and treats it as object.
In cases like in src/Keyring/generateKey, where I forgot to change
the old syntax, the fingerprint as string was destructured into an
object without "pattern", which caused all Keys to be retrieved.
So, methods with a destructuring now check if the first argument is
an object and get a default empty object if no parameter is
submitted. This allows the further use of destructured parameters,
while still ensuring nothing vastly incorrect is used.
* src/Kering.js, unittsets.js: fixed old syntax in method usage
--
* src/Connection.js: resulting data, if not pure ascii, is base64
encoded in the result message. A further decoding attempt into
javascript 'string' will be attempted by default, unless specified
at the decrypt() method. The return value 'format' now shows which
of the possibilities has been applied. The old boolean 'base64'
now turns into format:'base64' if the returned payload is a base64
string after decryption.
--
* reflecting the new optional strings accepted by the backend.
'file_name' and 'sender' can be used via the 'additional'
parameter in encrypt operations