Commit Graph

3500 Commits

Author SHA1 Message Date
Andre Heinecke
0adaf7bafd
cpp: Add origin and last_update
* NEWS: mention interface change.
* lang/cpp/src/key.cpp (Key::origin, Key::lastUpdate): New.
* lang/cpp/src/key.h (Key::Origin): New enum.
2018-04-19 10:46:34 +02:00
Werner Koch
b52a91f5a6
core: Remove leftover debug output.
* src/verify.c (_gpgme_verify_status_handler): Remove debug output.
--

Actually this is a real bug because it uses a debug function available
only in the new libgpg-error versions.  Time to call Jenkins back from
vacation; there are rumors that he has been seen in the city looking
for a new Ryzen tail coat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-19 10:34:32 +02:00
Werner Koch
3d8e5c0751
tests: Fix t-verify test for GnuPG < 2.2.7.
* tests/gpg/t-verify.c (check_result): Tweak for gnupg < 2.2.7.
--

The not yet releases 2.2.7-beta may print a full fingerprint in the
ERRSIG status.  This is compliant with the dscription but the new
t-verify test case did not took in account that older GnuPG versions
print only a keyid.

Fixes-commit: b99502274a
GnUPG-bug-id: 3920
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-19 10:29:30 +02:00
Werner Koch
d98f08fa63
Post release updates
--
2018-04-18 20:27:14 +02:00
Werner Koch
3f55c52b9a
Release 1.11.0
* configure.ac: Bump LT version to C31/A20/R0.  For cpp to C12/A6/R0.
For qt to: C10/A3/R1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 20:11:52 +02:00
Werner Koch
8e34a14fe6
json: Add stpcpy replacement.
* src/gpgme-json.c [!HAVE_STPCPY](_my_stpcpy): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 20:11:50 +02:00
Werner Koch
67b4dafb6d
doc: Update copyright years and change two URLs.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 19:30:50 +02:00
Werner Koch
1ae83de262
doc: Unify comment style in gpgme.h
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 19:28:51 +02:00
Werner Koch
55e9a94680
core: New convenience constant GPGME_KEYLIST_MODE_LOCATE.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_LOCATE): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 17:59:29 +02:00
Werner Koch
e5273fc443
json: Add command "decrypt" to gpgme-json.
* src/gpgme-json.c (make_data_object): Enable auto-detection of
base-64.
(op_encrypt): Support a 'mime' flag.
(op_decrypt): New.
(process_request): Add command "encrypt".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:24:42 +02:00
Werner Koch
65479fe7b8
core: Add 'is_mime' flags to the verify and decrypt results.
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'.  Shrink '_unused'.

* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--

Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis.  To use it you currently need to add
"rfc4880bis" to the the gpg.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:20:35 +02:00
Werner Koch
23177e4410
core: Fix possible compliance mode detection error.
* src/verify.c (_gpgme_verify_status_handler): Insert missing break.
--

Before the insertion of the compliance status checking the break in
the default clause was used by the STATUS_PLAINTEXT code.  That got
lost.  I don't see any actual harm due to different values currently
in use for the compliance status.

Fixes-commit: 05fa2a9c77
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 14:41:50 +02:00
Werner Koch
49a617f8bb
json: Improve help meta command in gpgme-json.
* src/gpgme-json.c (process_meta_commands): Add ",help CMD".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:34:16 +02:00
Werner Koch
ed1052842d
json: Add command "getmore" to gpgme-json.
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const.
(DEF_REPLY_CHUNK_SIZE): New const.
(MAX_REPLY_CHUNK_SIZE): New const.
(pending_data): New var.
(add_base64_to_object): Chnage to take a plain data pointer.
(get_chunksize): New.
(make_data_object): New.
(op_encrypt): Get chunksize and use make_data_object.
(op_getmore): New.
(process_request): Release pending data for all commands but "getmore"
and "help".
--

Native messaging has a limit on the data it may receive in one
request.  Thus the caller needs to watch for the "more" flag and
request the remaining data using "getmore" in a loop.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:12:46 +02:00
Werner Koch
e69b175e8e
json: Add meta command ,read to gpgme-json.
* src/gpgme-json.c: Include stat.h.
(get_file): New.
(process_meta_commands): Implement ",read".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 09:26:33 +02:00
Werner Koch
01435da498
core: Extend decryption result with symkey_algo.
* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 13:48:56 +02:00
Werner Koch
3589da0500
core: New keyword --file for OpenPGP recpstring.
* src/engine-gpg.c (append_args_from_recipients_string): Add new
flags.
--

Now you can use gpgme to encrypt without first importing a key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 12:40:30 +02:00
Werner Koch
c143ab692c
core: For OpenPGP let offline mode disable dirmngr.
* src/engine-gpg.c (struct engine_gpg): New flag.offline.
(gpg_set_engine_flags): Set it.  Also fix setting of no_symkey_cache.
(build_argv): Pass --disable-dirmngr in offline mode.
--

GnuPG-bug-id: 3831
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 11:06:27 +02:00
Tobias Mueller
bbfa7c4233
python: Fix crash by leaving struct members intact
* lang/python/setup.py.in: Copy gpgme.h instead of parsing it.
--
The python bindings tried to parse deprecated functions
out of gpgme.h. This fails for the current gpgme.h in
that it removes an entire field in the key sig struct (_obsolete_class).
Hence, the fields were off by an int and the bindings accessed struct
members via the wrong offset. That caused python program to crash.
At least on 32bit platforms, the crash can be easily triggered by
accessing key.uids[0].signatures. On 64bit platforms the compiler
probably aligns the struct so that the missing 4 bytes are not noticed.

With this change, the python bindings will expose all functions
that gpgme exposes, including the deprecated ones.

Credits go to Justus Winter for debugging and identying the issue.

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
GnuPG-bug-id: 3892
2018-04-17 10:20:12 +02:00
Werner Koch
4bba3b8e2c
core: Allow for --hidden keyword in OpenPGP recpstrings.
* src/engine-gpg.c (append_args_from_recipients_string): Add special
keywords.
--

GnuPG-bug-id: 3775
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 10:04:20 +02:00
Werner Koch
86efba2be2
core: New encryption flag GPGME_ENCRYPT_WANT_ADDRESS.
* src/gpgme.h.in (GPGME_ENCRYPT_WANT_ADDRESS): New flag.
* src/engine-gpg.c (add_arg_recipient): New.
(add_arg_recipient_string): New.
(append_args_from_recipients): Call new helper function.
(append_args_from_recipients_string): Ditto.
* src/gpgme-json.c (op_encrypt): Add flag "want-address".
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 09:40:27 +02:00
Werner Koch
a1f76b3b54
core: Add extended versions of the encrypt functions.
* src/gpgme.h.in (gpgme_op_encrypt_ext_start) New.
(gpgme_op_encrypt_ext): New.
(gpgme_op_encrypt_sign_ext_start): New.
(gpgme_op_encrypt_sign_ext): New.
* src/libgpgme.vers, tests/run-encrypt.c: Add them.

* src/encrypt.c (encrypt_start): Add arg recpstring.
(gpgme_op_encrypt): Factor code out to ...
(gpgme_op_encrypt_ext): new function with new arg recpstring.
(gpgme_op_encrypt_start): Factor code out to ...
(gpgme_op_encrypt_ext_start): new function with new arg recpstring.
* src/encrypt-sign.c (encrypt_sign_start): Add arg recpstring.
(gpgme_op_encrypt_sign): Factor code out to ...
(gpgme_op_encrypt_sign_ext): new function with new arg recpstring.
(gpgme_op_encrypt_sign_start): Factor code out to ...
(gpgme_op_encrypt_sign_ext_start): new function with new arg
recpstring.

* src/engine-backend.h (struct engine_ops): Change fields encrypt and
encrypt_sign.
* src/engine.c (_gpgme_engine_op_encrypt): Add arg recpstring and pass
to engine.
(_gpgme_engine_op_encrypt_sign): Ditto.
* src/engine-gpg.c (append_args_from_recipients_string): New.
(gpg_encrypt): Add arg recpstring and call new function as needed.
(gpg_encrypt_sign): Ditto.
* src/engine-gpgsm.c (set_recipients_from_string): New.
(gpgsm_encrypt): Add arg recpstring and call new function as needed.
* src/engine-uiserver.c (set_recipients_from_string): New.
(uiserver_encrypt): Add arg recpstring and call new function as
needed.

* tests/run-encrypt.c (xstrdup): New.
(main): Add option --keystring.

* src/gpgme-json.c (get_keys): Simplify.
(op_encrypt): Modify to make use of the extended encrypt function.

--

This new feature can be used to avoid the need for a key lookup and
thus several extra calls to the backend.

Note that run-test uses a semicolon as delimiter because that make
testing the feature on the command line much easier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 08:45:00 +02:00
Werner Koch
b99502274a
core: Tweak STATUS_FAILURE handling.
* src/op-support.c (_gpgme_parse_failure): Ignore failures with
location "gpg-exit".
* tests/gpg/t-verify.c (main): Adjust for the now working checking of
the second key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 20:36:30 +02:00
Werner Koch
478d1650bb
core: For a failed verification return the sig's fingerprint.
* src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
--

This works only when the signatures features an ISSUER_FPR sub-packet
and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
the FPR field.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 20:26:00 +02:00
Werner Koch
ee8fad3ea0
tests: Avoid segv in run-verify due to Policy URLs
* tests/run-verify.c (print_result): Take care of Policy URLs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 15:59:22 +02:00
Werner Koch
bdf7cd2e28
tests: Add another check to gpg/t-verify.
* tests/gpg/t-verify.c (PGM): New.  Use it instead of __FILE__.
(test_sig1_plus_unknown_key): New test signature.
(check_result): Allow checking of several signatures.
(main): Check a signature with a know and an unknown key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 15:39:20 +02:00
Werner Koch
f7700a0169
core: Add new context flag "no-symkey-cache".
* src/gpgme.c (gpgme_set_ctx_flag): Set flag.
(gpgme_get_ctx_flag): Get flag.
* src/context.h (struct gpgme_context): Add field no_symkey_cache.
* src/engine-gpg.c (struct engine_gpg): Ditto.
(gpg_set_engine_flags): Set flag.
(build_argv): Pass option --no-symkey-cache to gpg.

* tests/run-decrypt.c (print_result): Fix segv for symmetric messages.
(main): New option --no-symkey-cache.
* tests/run-encrypt.c (main): New option --no-symkey-cache.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 09:17:27 +02:00
raimund.renkert@intevation.de
eef3a509fa
js: Initial commit for JavaScript Native Messaging API
--

Note this code misses all the legal boilerplate; please add this as
soon as possible and provide a DCO so we can merge it into master.

I also removed the dist/ directory because that was not source code.
2018-04-10 18:47:59 +02:00
Andre Heinecke
5eb261d602
qt: Add test for resetting config value
* lang/qt/tests/t-config.cpp (CryptoConfigTest::testDefault): New.

--
There is a bug around here somewhere. This test does not show
it :-(
2018-04-04 11:21:53 +02:00
Ben McGinnes
fed024eff1 Merge branch 'master' of ssh+git://playfair.gnupg.org/git/gpgme
* Also fixed a small grammatical error highlighted by a merge conflict
  (in the python bindings howto).
2018-03-30 10:38:31 +11:00
Werner Koch
60d7a1e8f6
json: Build only a dummy if libgpg-error is < 1.28
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-29 15:06:54 +02:00
Ben McGinnes
75a1a1c33e Merge branch 'ben/howto-update-02' of ssh+git://playfair.gnupg.org/git/gpgme 2018-03-29 10:27:41 +11:00
Ben McGinnes
3b91f6af37 example: revoke UID
* Script to revoke a UID on an existing key.
2018-03-29 10:21:52 +11:00
Ben McGinnes
d65864989c docs: python bindings howto
* Added section on revoking UIDs.
2018-03-29 10:16:07 +11:00
Ben McGinnes
56bbfd39ac example: key signing
* Added script for signing or certifying keys.
2018-03-29 09:49:08 +11:00
Ben McGinnes
5a553f5a31 doc: python bindings howto
* Fixed a typo.
2018-03-29 09:22:17 +11:00
Ben McGinnes
2f507b0459 docs python bindings howto
* PEP8 compliance: a collection of minor edits across multiple example
  code snippets.
2018-03-29 07:22:37 +11:00
Ben McGinnes
5cd4193418 example: add user ID
* Added script to add a UID to an existing key.
2018-03-29 06:36:14 +11:00
Werner Koch
3345a17dda
json: Remove the "message" object thingy again.
* src/gpgme-json.c (process_request): Remove 'nm_mode'.
--

This was an error in the javascript testing code.  Thus the Mozilla
specs are correct that the request is send verbatim.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-28 21:21:18 +02:00
Werner Koch
4b2fa657d1
json: Make native messaging work.
* src/gpgme-json.c (opt_debug): New.
(process_request): Add optional arg nm_mode.  In this mode take the
request from a "message" object.
(native_messaging_repl): Add debug output and call process_request
in NM_MODE.
(main): Add option --debug.  Parse envvar GPGME_JSON_DEBUG as an
alternative way to enable this.  Use a default log file.
--

Note that the default log file is ~/.gnupg/S.gpgme-json.log .
Thus to debug a javascript application you should start

  watchgnupg --time-only --force ~/.gnupg/S.gpgme-json.log

in a separate tty and then use

 GPGME_JSON_DEBUG=1 firefox &

to run firefox.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-28 20:53:21 +02:00
Andre Heinecke
7c220e387d
core: Initialize key return value in gpgme_get_key
* src/keylist.c (gpgme_get_key): Set r_key to NULL.

--
The c++ bindings and others assumed that r_key is set to NULL
on error. This is the behavior gpgme_op_keylist_next also
has. Even if it is not specified what happens to r_key on
error setting it to NULL should not hurt and is more
expected behavior.

This directly fixes an uninitialized memory access error
in the c++ bindings / Kleopatra:
GnuPG-Bug-Id: T3865

And will fix some additional random crashes in Kleopatra and GpgOL.
2018-03-27 11:24:55 +02:00
Ben McGinnes
a2eedef630 doc: python bindings howto
* Fixed some minor PEP8 compliance issues in the key creation examples.
2018-03-27 12:42:06 +11:00
Ben McGinnes
f9159b1d75 example: key creation
* Script to generate a new key with encryption subkey taking input
  from interactive prompts.
* Will also take a passphrase via pinentry and uses passphrase caching
  of five minutes when used in conjunction with the temp homedir
  script.
2018-03-27 12:29:08 +11:00
Ben McGinnes
1b5da37a47 script: temp homedir config
* added passphrase caching of 5 minutes.
2018-03-27 12:16:29 +11:00
Ben McGinnes
5b32efbaf3 doc: python bindings howto
* Testing the addition of a HTML header set in org-mode in order to
  had RSS update links for files.
* This should work with any [X]HTML export from current versions of
  Org-Mode, but if it also works on website generated pages then it'll
  tick off one of the wishlist itmes.
2018-03-25 22:25:52 +11:00
Ben McGinnes
40a9dea5d5 script: temp homedir
* Fixed whitespace.
2018-03-25 11:54:05 +11:00
Ben McGinnes
3b724aae42 doc: python bindings howto
* Added a reference to new script which will setup a temporary homedir
  for a user.
2018-03-25 11:35:11 +11:00
Ben McGinnes
dde1aae312 script: temporary homedir creation
* Script to create a temporary gnupg homedir in the user's directory
  for testing or scripting purposes.
* Creates a hidden directory on POSIX systems with the correct
  permissions (700).
* Creates a gpg.conf in that directory containing the same
  configuration options as used in the "Danger Mouse" example in the
  HOWTO with the correct permissions (600).
2018-03-25 11:26:26 +11:00
Ben McGinnes
22247f658c doc: python bindings howto
* Fixed the plaintext, result and verify_result references in the
  decryption section.
2018-03-25 10:01:14 +11:00
Ben McGinnes
d0bb4ec4ec Merge branch 'master' of ssh+git://playfair.gnupg.org/git/gpgme 2018-03-25 09:44:51 +11:00