Commit Graph

2293 Commits

Author SHA1 Message Date
Werner Koch
813ae5fa2d
core: Prepare for new key listing data send by gpg.
* src/gpgme.h.in (gpgme_user_id_t): New fields 'origin' and
'last_update'.
(gpgme_key_t): New fields 'origin' and 'last_update'.
* src/conversion.c (_gpgme_parse_timestamp_ul): New.
* src/keylist.c (keylist_colon_handler): Parse fields 19 and 20.

* tests/run-keylist.c (main): Print new fields.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-28 11:41:30 +02:00
Andre Heinecke
57d60b20f1
qt: Disable testEncryptDecryptNowrap
* lang/qt/tests/t-encrypt.cpp (EncryptTest::testEncryptDecryptNowrap):
Disable test.

--
This test produces failures under CI/ASAN conditions as the
verify after the unwrap returns an error. As we currently
don't have time to look into this more it's disabled for now.
Similar to the testMixedEncryptDecrypt.
2017-03-27 18:11:02 +02:00
Justus Winter
348da58fe0
python: Skip tests if running with GnuPG < 2.1.12.
* lang/python/tests/support.py (assert_gpg_version): Fix error
message.  Skip all tests when we use GnuPG older than 2.1.12.

GnuPG-bug-id: 3008
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-27 11:11:47 +02:00
Andre Heinecke
b6d5449950
Mention new cpp changes in the NEWS
--
Somone that calls a function startCombinedDecryptionAndVerification
should be required to always type it without autocompletion.
2017-03-24 17:25:26 +01:00
Andre Heinecke
18b7906078
cpp: Respect decrypt flags in new functions
* lang/cpp/src/context.cpp: Respect directly provided flags
in the new decrypt functions.

--
Overlooked in the initial commit. Also fixed the according
unused variable warnings.
2017-03-24 17:24:04 +01:00
Andre Heinecke
5493164f86
qt: Add unittest for decrypt unwrap
* lang/qt/tests/t-encrypt.cpp
(EncryptTest::testEncryptDecryptNowrap): New.
2017-03-24 16:58:58 +01:00
Andre Heinecke
8ad37ecc29
cpp: Use gpgme_op_decrypt_ex and add new flags.
* lang/cpp/src/context.cpp: New decrypt and decryptVerify functions
that take flags as arguments. Use new variants in old functions.
(Context::setDecryptionFlags): New helper.
(Context::Private::Private): Initialize new member.
* lang/cpp/src/context_p.h (Context::Private::decryptFlags): New.
* lang/cpp/src/context.h (Context::DecryptFlags): New enum.
(Context::EncryptionFlags): Extend for EncryptWrap.

--
The setDecryptionFlags provides a generic way to set decryption
flags for the whole context. This allows existing code to just
keep using the old functions and modify the decryption behavior
in a central place.
2017-03-24 16:51:26 +01:00
Werner Koch
6ac1f2cded
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP.
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS.  Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this.  Add arg FLAGS.  Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'.  Add FLAGS to 'decrypt'.  Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this.  Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.

* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--

Manual testing of that wrap/unwrap feature can be done this way:

 ./run-encrypt --verbose --key Alice /etc/motd > x
 ./run-decrypt --verbose --unwrap x > y
 ./run-encrypt --verbose --key Bob --wrap y > z

1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob

This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption.  Requires GnuPG 2.1.12.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 15:17:23 +01:00
Andre Heinecke
66c334650b
qt: Add test for Data::toKeys
* lang/qt/tests/t-various.cpp (TestVarious::testKeyFromFile): New.
2017-03-22 16:43:33 +01:00
Andre Heinecke
8ddb42ada4
cpp: Wrap keylist_from_data
* lang/cpp/data.h, lang/cpp/data.cpp (GpgME::Data::toKeys): New.

--
Doing this in data instead of Context is a bit more idiomatic. But
this could also be added to Context.
2017-03-22 16:43:33 +01:00
Andre Heinecke
121873b821
qt: Initialize library first in tests
* lang/qt/tests/t-support.cpp (QGpgMETest::initTestCase): Initialize
library.
2017-03-22 16:43:33 +01:00
Justus Winter
104635eb50
python: Improve Python detection.
* m4/python.m4 (_AM_PYTHON_INTERPRETER_LIST): Prefer the generic
'pythonX' over 'pythonX.Y'.  This way we select the users preferred
version for both flavors.  Prefer 'python' over 'python3' but not over
'python2' so that the algorithm still finds a 'python2' even if
'python' is a Python3.

Fixes-commit: 5189c08af9
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-22 15:33:06 +01:00
Werner Koch
421ddd1e67
core: New API gpgme_op_set_uid_flag.
* src/gpgme.h.in (gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag_start): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/genkey.c (addrevuid_start): Change arg revoke to a flag.
(gpgme_op_revuid_start): Pass GENKEY_EXTRAFLAG_REVOKE for the fomer
revoke parameter.
(gpgme_op_revuid): Ditto.
(set_uid_flag): New.
(gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag): New.
* src/engine.h (GENKEY_EXTRAFLAG_SETPRIMARY): new.
* src/engine-gpg.c (gpg_adduid): Implement that flag.

* tests/run-genkey.c (main): New command --set-primary.
--

GnuPG-bug-id: 2931
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 19:03:58 +01:00
Justus Winter
f3e8d8a451
python: Wrap 'gpgme_op_keylist_from_data_start'.
* NEWS: Update.
* lang/python/gpg/core.py (Context.keylist): New keyword argument
'source'.  If given, list keys from 'source'.
* lang/python/gpgme.i: Wrap the argument to
'gpgme_op_keylist_from_data_start'.
* lang/python/tests/Makefile.am (py_tests): Add new test.
* lang/python/tests/support.py (EphemeralContext): Do not throw an
error if no agent has been started in the context.
* lang/python/tests/t-keylist-from-data.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-21 12:55:33 +01:00
Werner Koch
55ac5eed9f
core: Extend gpgme_get_dirinfo to return the gpg-wks-client name.
* src/dirinfo.c (WANT_GPG_WKS_CLIENT_NAME): New const.
(struct dirinfo): New field 'gpg_wks_client_name'.
(get_gpgconf_item): Build it on demand.
(gpgme_get_dirinfo): New value "gpg-wks-client-name" for WHAT.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 11:16:16 +01:00
Werner Koch
fab8b1a166
core: New encryption flag GPGME_ENCRYPT_THROW_KEYIDS.
* src/gpgme.h.in (GPGME_ENCRYPT_THROW_KEYIDS): New flag.
* src/engine-gpg.c (gpg_encrypt): Implement flag
(gpg_encrypt_sign): Implement flag.

* tests/run-encrypt.c (main): New option --throw-keyids.
--

It would be nice to also selectively hide recipients (that is gpg
--hidden-recipient) but our API does not ye allow this because it is
based on key objects.  A possible way to implement that would be a API
to set processing flags into a key but this is complicated due to the
reference counting and thus the possibility that a key object is used
by different context.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 10:39:33 +01:00
Andre Heinecke
35023f3136
core: New public API gpgme_op_keylist_from_data_start.
* src/gpgme.h.in: New API gpgme_op_keylist_from_data_start.
* src/libgpgme.vers, src/gpgme.def: Add it.
* src/keylist.c (gpgme_op_keylist_from_data_start): New.
* src/engine-backend.h (engine_ops): Add field 'keylist_data'.  Change
all engines to pass NULL for it.
* src/engine.c (_gpgme_engine_op_keylist_data): New.
* src/engine-gpg.c (gpg_keylist_data): New.
(_gpgme_engine_ops_gpg): Register gpg_keylist_data.

* tests/run-keylist.c (main): New option --from-file.
--

Co-authored-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 2819
2017-03-21 09:50:23 +01:00
Werner Koch
ea9686ec71
core,cpp: New key flag 'is_de_vs'.
* src/gpgme.h.in (_gpgme_subkey): New flag is_de_vs.
* tests/run-keylist.c (main): Print that flag.
* src/keylist.c (parse_pub_field18): New.
(keylist_colon_handler): Parse compliance flags.
* lang/cpp/src/key.cpp (Key::isDeVs): New.
(Subkey::isDeVs): New.

* lang/cpp/src/key.h (class Key): New method isDeVs.
(class Subkey): New method isDeVs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-20 20:05:16 +01:00
Justus Winter
392e51dd11
tests: Fix distcheck.
* tests/start-stop-agent: Do not create 'gpg-agent.conf' if it does
not exist.

Fixes-commit: 16b202d999
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-20 17:07:31 +01:00
Justus Winter
57e64d019d
python: Fix version check.
* lang/python/tests/support.py (assert_gpg_version): Cope with
non-released versions.

Fixes-commit: e1cf8bab31
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-20 16:53:29 +01:00
Justus Winter
16b202d999
tests: Use 'gpg-agent --allow-loopback-pinentry' if applicable.
* lang/python/tests/Makefile.am (gpg-agent.conf): Do not hard-code the
option.  This breaks gpg-agent from GnuPG 2.0.
* tests/start-stop-agent: Rather, check if the option is supported and
add it to the configuration if it is.

GnuPG-bug-id: 3008
Fixes-commit: bbf19124bb
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-20 16:41:43 +01:00
Justus Winter
e1cf8bab31
python: Skip tests if GnuPG is too old.
* lang/python/tests/support.py (assert_gpg_version): New function.
* lang/python/tests/t-callbacks.py: Use the new function to skip the
test if GnuPG is too old.
* lang/python/tests/t-edit.py: Likewise.
* lang/python/tests/t-encrypt-sym.py: Likewise.
* lang/python/tests/t-quick-key-creation.py: Likewise.
* lang/python/tests/t-quick-key-manipulation.py: Likewise.
* lang/python/tests/t-quick-key-signing.py: Likewise.

GnuPG-bug-id: 3008
Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-20 16:20:02 +01:00
Justus Winter
4572e8d2ac
python: Remove superfluous initialization.
* lang/python/tests/support.py (init_gpgme): Remove.  This is an
remnant from the c tests.  Nowadays, the Python bindings initialize
GPGME automagically.
* lang/python/tests/initial.py: Remove call to 'support.init_gpgme'.
* lang/python/tests/t-callbacks.py: Likewise.
* lang/python/tests/t-decrypt-verify.py: Likewise.
* lang/python/tests/t-decrypt.py: Likewise.
* lang/python/tests/t-edit.py: Likewise.
* lang/python/tests/t-encrypt-large.py: Likewise.
* lang/python/tests/t-encrypt-sign.py: Likewise.
* lang/python/tests/t-encrypt-sym.py: Likewise.
* lang/python/tests/t-encrypt.py: Likewise.
* lang/python/tests/t-export.py: Likewise.
* lang/python/tests/t-file-name.py: Likewise.
* lang/python/tests/t-idiomatic.py: Likewise.
* lang/python/tests/t-import.py: Likewise.
* lang/python/tests/t-keylist.py: Likewise.
* lang/python/tests/t-sig-notation.py: Likewise.
* lang/python/tests/t-sign.py: Likewise.
* lang/python/tests/t-signers.py: Likewise.
* lang/python/tests/t-trustlist.py: Likewise.
* lang/python/tests/t-verify.py: Likewise.
* lang/python/tests/t-wait.py: Likewise.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-20 16:07:07 +01:00
Justus Winter
9d6825be09
python: Make error message more helpful.
* lang/python/tests/run-tests.py: Make the error message shown when we
cannot locate the python module in the build tree more helpful.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:20:25 +01:00
Justus Winter
ac48499538
python: Make tests more robust.
* lang/python/tests/support.py (TemporaryDirectory): Always use our
own version even if 'tempfile.TemporaryDirectory' is provided, because
we need to use 'shutil.rmtree(..., ignore_errors=True)' to avoid it
tripping over gpg-agent deleting its own sockets.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:20:24 +01:00
Justus Winter
a4201035fd
python: Improve build system integration.
* lang/python/Makefile.am: Use 'set -e' when chaining shell commands
together in rules.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:20:21 +01:00
Justus Winter
6a37166388
build: Improve Python detection.
* configure.ac: Do not error out too early if we don't find a matching
Python version.  We handle this case later.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:20:19 +01:00
Justus Winter
5189c08af9
build: Tune M4 macros for our needs.
* m4/ax_python_devel.m4: Do not emit 'HAVE_PYTHON'.
* m4/python.m4 (_AM_PYTHON_INTERPRETER_LIST): Add newer Python
versions, drop older ones.  Also, sort the list with older versions at
the front, newer and generic versions towards the end.  This makes the
algorithm pick the lowest version that meets the version requirement.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:20:18 +01:00
Justus Winter
067da472f9
build: Add M4 macros for python.
* m4/python.m4: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-14 12:01:19 +01:00
Andre Heinecke
43aa3eed15
qt: Add test for DN parser
* qt/tests/t-various.cpp (testDN): New.

--
A simple test for the DN parser that would have caught
the new / free mismatch fixed in 9d5048d4.
2017-03-13 11:18:00 +01:00
Andre Heinecke
9d5048d474
qt: Use gpgrt_asprintf instead of qstrdup
* lang/qt/src/dn.cpp (parse_dn_part): Use gpgrt_asprintf instead
of qstrdup.

--
This fixes a new / free mismatch because qstrdup uses new and
the allocated parts are freed with free. Similar to: a09ed3f2
2017-03-13 11:17:47 +01:00
Werner Koch
d2240a2a18
core: Fix status error return for gpgsm.
* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Make sure CB_ERR
is returned.
* src/import.c (parse_import_res): Do not return an error for the last
field.
(import_status_handler): Actually return the error from
parse_import_res.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-09 11:45:00 +01:00
Justus Winter
41398779ab
python: Print path of the Python module used during tests.
* lang/python/tests/initial.py: Print path of the Python module used
during tests.  Useful to detect if by any mistake the wrong module is
picked up.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-03-02 16:06:29 +01:00
Werner Koch
ef035f079f
core: Fix minor code style thing.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Use double parenthesis
for bit tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-02 14:52:52 +01:00
Werner Koch
2486d0073b
Revert "core: Fix error types."
--
This reverts commit 6df6e01ed5.

gpgme_error_t et al are from a time where we had no hard dependency on
libgpg-error.  Now libgpg-error is a required and thus it does not
make sense to have these surrogates.  In fact we should ventually
completely remove them.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-02 14:47:51 +01:00
Andre Heinecke
8071a6b2ca
cpp: Add subkey keygrip to API
* lang/cpp/src/key.cpp (Subkey::keyGrip): New.
* lang/cpp/src/key.h: Update accordingly.
2017-03-02 09:38:31 +01:00
Andre Heinecke
d63258066d
cpp: Add interactor to generate keys on smartcard
* lang/cpp/src/editinteractor.cpp (EditInteractor::needsNoResponse):
Handle new states.
* lang/cpp/src/gpggencardkeyinteractor.cpp,
lang/cpp/src/gpggencardkeyinteractor.h: New.
* lang/cpp/src/Makefile.am: Update accordingly.
2017-03-01 11:20:21 +01:00
Andre Heinecke
fbafb5474d
qt: Allow creation of default keys without name
* lang/qt/src/defaultkeygenerationjob.cpp
(DefaultKeyGenerationJob::start): Handle empty name and email.
2017-03-01 11:14:07 +01:00
Daniel Kahn Gillmor
5b49095b89 doc: Correct documentation for recp arg of gpgme_op_encrypt_sign_start
* doc/gpgme.texi (gpgme_op_encrypt_sign_start): recp is an array of
gpgme_key_t, not a single element.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-25 22:43:38 -08:00
Justus Winter
a7c6353eda
python: Fix test.
* lang/python/tests/t-quick-key-manipulation.py: Modify the
configuration file in the ephemeral home directory, not the one used
by all the tests.

Fixes-commit: 15fbac9e72
Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-20 10:23:41 +01:00
Justus Winter
15fbac9e72
python: Support manipulating the TOFU policy.
* NEWS: Update.
* doc/gpgme.texi: Fix typos.
* lang/python/gpg/constants/__init__.py: Import new files.
* lang/python/gpg/constants/tofu/__init__.py: New file.
* lang/python/gpg/constants/tofu/policy.py: New file.
* lang/python/gpg/core.py (Context.key_tofu_policy): New function.
* lang/python/gpgme.i: Nice reprs for gpgme_tofu_info_t.
* lang/python/setup.py.in: Install new package.
* lang/python/tests/t-quick-key-manipulation.py: Extend test.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 17:08:03 +01:00
Justus Winter
48634e651f
python: Support quick key signing.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_keysign): Fix the description of the
'expire' argument.
* lang/python/gpg/constants/__init__.py: Import new file.
* lang/python/gpg/constants/keysign.py: New file.
* lang/python/gpg/core.py (Context.key_sign): New function.
* lang/python/tests/Makefile.am (py_tests): Add new test.
* lang/python/tests/t-quick-key-signing.py: New test.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 16:28:00 +01:00
Justus Winter
de8494b16b
python: Fix teardown of ephemeral contexts.
* lang/python/tests/support.py (EphemeralContext): New function.
* lang/python/tests/t-quick-key-creation.py: Use the new function to
manage ephemeral contexts.
* lang/python/tests/t-quick-key-manipulation.py: Likewise.
* lang/python/tests/t-quick-subkey-creation.py: Likewise.
--

Previously, there was a problem with cleaning up ephemeral home
directories.  shutil.rmtree deleted the agents main socket, gpg-agent
detected that, and deleted the other sockets as well, racing
shutil.rmtree which did not cope will with that.

Fix this by asking the agent nicely to shut down.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 12:18:56 +01:00
Justus Winter
9350168a1e
python: Fix using strings as commands in the assuan protocol.
* lang/python/gpg/core.py (Context.assuan_transact): Fix testing
whether the command is a string on Python2.
* lang/python/tests/t-protocol-assuan.py: Improve the test to detect
this problem.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 12:10:34 +01:00
Justus Winter
7641b7b5f2
python: Support adding and revoking UIDs.
* NEWS: Update.
* lang/python/gpg/core.py (Context.key_add_uid): New function.
(Context.key_revoke_uid): Likewise.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/t-quick-key-manipulation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 17:55:16 +01:00
Justus Winter
13bace25e3
python: Support quick subkey creation.
* NEWS: Update.
* lang/python/gpg/core.py (Context.create_subkey): New function.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/t-quick-subkey-creation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 16:45:25 +01:00
Justus Winter
476b97822b
python: Support quick key creation.
* NEWS: Update.
* lang/python/gpg/constants/__init__.py: Import new file.
* lang/python/gpg/constants/create.py: New file.
* lang/python/gpg/core.py (Context.create_key): New function.
* lang/python/tests/Makefile.am (XTESTS): Add new test.
* lang/python/tests/support.py (TemporaryDirectory): New class.
* lang/python/tests/t-quick-key-creation.py: New file.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 16:43:10 +01:00
Justus Winter
3bdce4aa3d
python: Fix passphrase callback wrapping.
* lang/python/helpers.c (pyPassphraseCb): Cope with 'passphrase_info'
being NULL.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 14:49:27 +01:00
Justus Winter
048c5f74b6
python: Fix error handling.
* lang/python/gpgme.i (typemap gpgme_key_t[]): Set an error if a
non-key element is discovered.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-16 14:42:17 +01:00
Justus Winter
de708e5934
core: Fix expiration time handling when creating keys.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
'expire' parameter.
(GPGME_CREATE_NOEXPIRE): Document new flag.
(gpgme_op_createsubkey): Clarify the meaning of the 'expire'
parameter.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
expiration time.
* src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
--

Previously, the documentation stated that the expiration time was an
absolute timestamp.  However, this value was passed using the
'seconds=N' syntax to GnuPG which specifies the expiration time in
seconds relative to the creation time.  Fix the documentation.

Furthermore, the documentation stated that using 0 results in keys
that do not expire.  This was communicated to GnuPG by using the
implicit default.  However, as of GnuPG 2.1.17, the default was
changed to create keys that expire within a reasonable timespan.

Fix this discrepancy by aligning the behavior with recent GnuPG
versions: 0 means use a reasonable default, and introduce a flag that
can be used to create keys that do not expire.  Communicate this
explicitly to GnuPG.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:45:45 +01:00