* lang/python/tests/Makefile.am,
lang/qt/tests/Makefile.am,
tests/Makefile.am,
tests/gpg/Makefile.am,
tests/gpgsm/Makefile.am,
tests/opassuan/Makefile.am (GNUPGHOME): Make variable explict.
--
If the build directory has too long path, gpgme could fail.
This is similar to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847206
In order to fix that, this patch extracts the GNUPGHOME variable
to be presented directly in the Makefile and thus overridable by
command line option.
A build system can then create a symlink to the GNUPGHOME directory
in /tmp and use that symlink as the GNUPGHOME directory
thus making the path very short.
GnuPG-Bug-Id: T4091
Patch provided by vlmarek
* lang/cpp/src/key.cpp (Key::update): Check that the key is
not NULL.
* lang/cpp/src/verificationresult.cpp (GpgME::Signature::key):
Check for fingerprint.
* Fixed and tested the changes necessary for org-mode to correctly
parse pythonic (Python 3) indentation.
* Updated the source blocks to recommended upper case for BEGIN_SRC
and END_SRC.
* Tested and confirmed XHTML output matches correct examples.
* Tested against pseudo-control output via exporting from org-mode to
org-mode and then exporting that to XHTML. Remaining differences
appear to be discarding the custom tags used to provide X[HT]ML id
elements to each section which does not appear to offer any benefit.
* Exporting directly to XHTML or other HTML output should no longer
cause problems, but if there are any then the first step should be
exporting from org-to-org and then exporting that to XHTML.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Another retrofitting of the HOWTO Python example code, this time
following adjustments to python-mode configuration and having
trawled through the org-mode mailing lists for clues.
* src/data.c (PROPERTY_TABLE_ALLOCATION_CHUNK): New.
(insert_into_property_table): Use it here. Clear all flags.
--
Fixes-commit: 085cdeddef
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/data.h (data_prop_t): New enum.
(struct gpgme_data): Add field propidx.
* src/data.c (property_t): New.
(property_table, property_table_size, property_table_lock): New.
(insert_into_property_table): New.
(remove_from_property_table): New.
(_gpgme_data_get_dserial): New.
(_gpgme_data_set_prop): New.
(_gpgme_data_get_prop): New.
(_gpgme_data_new): Connect new object to property_table.
(_gpgme_data_release): Remove from property_table.
(gpgme_data_read): With DATA_PROP_BLANKOUT set don't fill the buffer.
* src/data-mem.c (gpgme_data_release_and_get_mem): Likewise.
* src/decrypt.c (struct op_data): Add field plaintext_dserial.
(_gpgme_op_decrypt_init_result): Add arg plaintext and init new field.
(_gpgme_decrypt_status_handler): Set DATA_PROP_BLANKOUT on decryption
failure.
(_gpgme_decrypt_start): Pass PLAIN to the init function.
* src/decrypt-verify.c (decrypt_verify_start): Ditto.
* configure.ac: Check for stdint.h and bail out if uint64_t is not
available.
--
This is a best effort feature to not output plaintext after a
decryption failure (e.g. due to no or broken authenticated
encryption). It always work when using a memory object and reading it
after the decryption but it can't work reliable when the user is
reading from the data object while the decryption process is still
running.
This is quite a large change because the data objects and the context
objects are allowed to be owned by different threads. Thus a
synchronization is needed and we do this with a global table of all
data objects to which the context objects can do soft-linking via a
unique data object serial number.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (create_keylist_patterns): Use CNT as first arg for
xcalloc.
(process_request): s/strdup/xtrystrdup/.
--
calloc takes two arguments so to be able to detect integer overflow.
Thus if we switch from malloc to calloc we should utilize that.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme.h.in (gpgme_data_new_from_estream): New.
* src/data-estream.c: New.
* src/data.h (gpgme_data): New union member e_stream.
--
The estream functions (gpgrt_fopen et al.) are any waypart of the
required libgpg-error library and thus it makes sense to provide this
convenience interface.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (native_messaging_repl): Free request and
response after each loop.
--
If we only accept once request we should not loop. If we loop
we should do it properly.
* src/gpgme-json.c (native_messaging_repl): Ensure that the
request is NULL terminated.
--
This avoids potential memory leaks and access to unmapped memory
in case the request was not terminated.
Other request functions use es_read_line which gurantees NULL
termination.
* src/gpgme-json.c (encode_and_chunk): Try to always
return at least an error.
(process_request): Double check that it does not return NULL.
--
If process_request returns NULL the following strlen on it
would crash.
* src/gpgme-json.c (create_keylist_patterns): Reserve two
pointers more then linefeeds.
(create_keylist_patterns): Fix loop to count linebreaks.
(create_keylist_patterns): Use calloc for good measure.
--
This fixes crashes and memory corruption as cnt did not
match i.
* lang/qt/src/threadedjobmixin.cpp (fromEncoding)
(stringFromGpgOutput): New helpers.
(markupDiagnostics): Use it.
--
The Problem is that on my western windows system GnuPG
gets CP 437 as GetConsoleOutputCP and prints in that codepage.
In a W32 GUI Application we get 0 as GetConsoleOutputCP and 1252
with GetACP.
The only thing that seemed to somehow match was GetOEMCP but
that might just be luck and it might still be broken in
other windows languages.
This code is also used in Kleopatra so it might make sense
to make it public once it is demonstrated that it works on
most systems.
* src/gpgme-json.c (process_request): Init res. Check for
json object before encode and chunk.
--
If json is invalid we can't read chunksize and would crash
in encode and chunk.
* src/cJSON.c: Add comments on the origin of the code.
(parse_string): Allocate an extra byte for safeness.
(cJSON_AddItemToArray): Allo ARRAY to be NULL.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/cJSON.c (parse_string): Correctly detect bad hex.
--
The call to parse_hex4 checks that only hex digits follow and in the
error case returns 0. However, by the time of the combined check for
an invalid value and the error PTR has already been set to the last
hex character and thus if the end-of-string or a quote character was
one of the bad hex digits the loop will miss the end of the string
which does not match with the simple buffer length allocation test at
the begin of the function.
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme-json.c (add_secret_fprs): New helper.
(op_export, hlp_export): Extend for with-sec fprs.
--
This is a request from Mailvelope, to import an export
they need the information for which keys from the export
a secret key is also available. For simplicity it is
much preferred to get this information in a single call
without the need to do and parse a keylisting additionally
in a second native-messaging call.
So we make it optional to include that info in the export.
* Complete typographic overhaul.
* Removed all section level indentation since it does not affect
output formatting, but might affect source code examples.
* In text-mode stripped out all tabs which had crept in and replaced
them with four spaces.
* Updated all code examples (again) to conform with Python-mode.
* Bumped version number in preparation for next release of GPG 2.2.9
and corresponding GPGME release.
* doc/gpgme.texi (GPGME_KEYLIST_MODE_EXTERN),
(GPGME_KEYLIST_MODE_LOCATE, GPGME_KEYLIST_MODE_LOCAL): Mention
command line flags for CMS and OpenPGP Protocol.
--
This might help new users coming to gnupg to understand what
the flags do.
* src/engine-gpg.c (engine_gpg): Add diagnostics member.
(gpg_release): Release diagnostics data.
(gpg_new): Set up logger-fd and diagnostics.
(gpg_getauditlog): New. Copy diagnostics to a user data.
(engine_ops): Add getauditlog.
* src/engine-gpgsm.c (gpgsm_getauditlog): Return not implemented
for GPGME_AUDITLOG_DIAG.
* src/getauditlog.c (getauditlog_start): Don't reset engine
for diagnostics.
* src/gpgme.h.in (GPGME_AUDITLOG_DIAG): New.
(GPGME_AUDITLOG_DEFAULT): New alias to 0.
* tests/run-decrypt.c (show_usage, main): Add --diagnostics.
* doc/gpgme.texi(Additional Logs): Document getauditlog.
--
This enables users of GPGME to get more verbose information
from gpg which can assist users in figuring out a problem
that was before hidden behind a generalized error like
"Decryption Failed".
For GPGSM it is not yet available as it is problematic to
get it properly in server mode and GPGSM already had the
original audit log mechanism in place.
GPGME_AUDITLOG_DEFAULT was added for a more explicit
documentation.
* src/gpgme-json.c (op_keylist, hlp_keylist): Add locate.
--
The same rationale for the KEYLIST_MODE_LOCATE in GPGME
also applies here. It makes the API a little less magic.
* Apparently I am wrong and Scheme is the new Python after all.
* Non-import related PEP8 compliance must wait for another day, though
the other PEP8 fixes remain.
* Changed id/else statements to a more pythonic form from scheme
masquerading as python - sorry Justus, it had to go ;).
* With the added bonus of enabling PEP8 compliance in those sections.
* Fixed remaining PEP8 compliance issues with the exception of the
imports at the beginning of the file (changing those will break the
entire module, so we'll cope with it as it is).
* Bindings confirmed to work with the newly released 3.7.0.
* Updated M4 file to reflect this change and correct the Python binary
search order (3.7 is not yet given priority, but will still be found
first via the more generic python3 executable).
* Updated setup.py.in, bindings documentation and README to reflect this.
* Added a secret key export variant which saves output as both GPG
binary and ASCII armoured, plus saves in $GNUPGHOME and uses
multiple methods of determining what that location is.
* Example of default exporting keys.
* Example of exporting minimised keys.
* Example of exporting secret keys to a file with correct permissions.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* The holy grail: a function to export secret keys.
* GPGME will still invoke pinentry and gpg-agent as usual to authorise
the export.
* Mostly similar to the two previous export functions for public keys
except that it will return None if the result had a length of zero
bytes. Meaning that the difference between the specified pattern
(if any) not matching available keys and an incorrect passphrase is
not able to be determined from this function (or the underlying one
for that matter).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Updated key_export and key_export_minimal to return None where a
pattern matched no keys in a manner simnilar to the possible result
of key_export_secret.
* Added functions for exporting public keys to gpg.core in both
complete form and in minimised form.
* Rather than letting people need to worry about the export modes we
are simply separating the functions as people would be more familiar
with from the command line usage anyway.
* Functions added for Context are: ctx.key_export_minimal and
ctx.key_export as the default or full export.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* src/gpgme-json.c (main): Add possibilty to set log file.
--
This is similar to how GPGME_DEBUG works. It takes ; on
Windows as seperator and : on linux. Followed by a file name.
For Linux it might make sense to use a different seperator
to allow setting a socket explicitly. But this is better
in line with the current GPGME_DEBUG behavior.
The change helps on Windows where we don't have a
log socket.
* Fixed most of the PEP8 errors in core.py
* Those remaining may need more than little edits and are a bit
strange (too clearly the result of a programmer who has spent far
too much time dealing with Lisp so that for Python it looks
... strange).
* Wrapped the key import function in the try/exception statements
needed to catch at least the most likely unsuccessful import attempt
errors.
* Mostly draws on the file error and no data import statuses for
errors, with a couple of exceptions.
Signed-off-by: Ben McGinnes <ben@adversary.org>