Commit Graph

751 Commits

Author SHA1 Message Date
NIIBE Yutaka
80670f60ba Fix parsing import status for invalid fingerprint.
* src/import.c (parse_import): Handle invalid fingerprint case.

--

GnuPG-bug-id: 6187
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-07 11:27:32 +09:00
Ingo Klöcker
1522813888 build: Omit -I... and -L... for standard paths in pkgconfig file
* configure.ac (GPGME_CONFIG_CFLAGS): Prefix with -I${includedir} for
non-standard include paths.
(GPGME_CONFIG_LIBS): Prefix with -L${libdir} for non-standard library
paths.
* src/gpgme.pc.in (Cflags): Remove hard-coded -I${includedir}.
(Libs): Remove hard-coded -L${libdir}.
--

This helps prevent problems when building/linking something that depends
on gpgme (installed in standard path) and some other library (installed
in a standard path and a custom path).

See T6136 for related changes in libgpg-error.
2022-08-22 19:09:54 +02:00
Andre Heinecke
5f51a9b458
w32: Add another fallback to look for gpgconf.exe
* src/w32-util.c (_gpgme_get_gpgconf_path): Add fallback for
GnuPG VS-Desktop install scheme.

--
GnuPG VS-Desktop has the install layout:

%PROGRAMFILES%\GnuPG VS-Desktop\bin\libgpgme.dll
%PROGRAMFILES%\GnuPG VS-Desktop\GnuPG\bin\gpgconf.exe

This fallback is of course only required if the registry
string pointing to the correct install directory is
broken.

GnuPG-Bug-Id: T6131
2022-08-12 15:16:36 +02:00
NIIBE Yutaka
02a2f35035 build: When no gpg-error-config, not install gpgme-config.
* configure.ac (USE_GPGRT_CONFIG): New.
* src/Makefile.am [USE_GPGRT_CONFIG]: Conditionalize the install
of gpgme-config.

--

When system will migrate use of gpgrt-config and removal of
gpg-error-config, gpgme-config will not be installed (but use gpgme.pc
by gpgrt-config).

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-06-28 11:28:12 +09:00
Ingo Klöcker
5d19eb4ad5 core: Handle import status lines during keylist operation
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_op_import_init_result.
--

This fixes a crash when importing keys from data. Initializing the
import result was missing for this keylist operation.

Fixes-commit: f3ca57dfd7
GnuPG-bug-id: 5951
2022-06-09 15:30:14 +02:00
Ingo Klöcker
f72cf726ca core: Set SECRET flag of subkeys stored on smart cards
* src/keylist.c (parse_sec_field15): Set SECRET flag.
--

Explicitly setting the SECRET flag for subkeys stored on smart cards
makes sure that the flag is also set if GPGME_KEYLIST_MODE_WITH_SECRET
is used when listing OpenPGP keys (as documented in the API
documentation). If secret keys are listed, then the flag is already set
when the packet type is parsed.

GnuPG-bug-id: 5965
2022-05-06 09:34:18 +02:00
Ingo Klöcker
f3ca57dfd7 core: Handle import status lines during keylist operation
* src/import.c (import_status_handler): Rename to ...
(_gpgme_import_status_handler): this. Make non-static.
(_gpgme_op_import_init_result): New.
(_gpgme_op_import_start, _gpgme_op_import_keys_start,
_gpgme_op_receive_keys_start): Call _gpgme_op_import_init_result.
* src/keylist.c (keylist_status_handler): Call
_gpgme_import_status_handler to handle import status lines.
(gpgme_op_keylist_start, gpgme_op_keylist_ext_start): Call
_gpgme_op_import_init_result.
* src/ops.h (_gpgme_op_import_init_result,
_gpgme_import_status_handler): New prototypes.
--

If a keylist operation with keylist mode GPGME_KEYLIST_MODE_LOCATE is
run, then gpg emits import status lines. Handling those status lines
allows users to retrieve the result of a --locate-(external)-keys
command.

GnuPG-bug-id: 5951
2022-05-04 14:23:42 +02:00
Ingo Klöcker
aff9aaac68 core: Support --locate-external-keys command of gpg
* src/gpgme.h.in (GPGME_KEYLIST_MODE_FORCE_EXTERN): New.
(GPGME_KEYLIST_MODE_LOCATE_EXTERNAL): New.
* src/gpgme.c (gpgme_set_keylist_mode): Check for invalid mode.
* src/engine-gpg.c (gpg_keylist_build_options): Use
"--locate-external-keys" instead of "--locate-keys" if flag is set.
* src/gpgme-json.c (op_keylist): New flag "force-extern".
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Handle
new mode.
--

GnuPG-bug-id: 5951
2022-04-27 16:57:17 +02:00
Ingo Klöcker
e21c3b559d core: Return BAD_PASSPHRASE error code on symmetric decryption.
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--

Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.

GnuPG-bug-id: 5939
2022-04-25 12:14:42 +02:00
NIIBE Yutaka
a36d71a8e3 core: Don't use internal __assuan functions.
* configure.ac (nanosleep): Detect.
* src/assuan-support.c: Don't use __assuan_usleep.
(my_socketpair): Don't use __assuan_socketpair.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-05 14:42:59 +09:00
NIIBE Yutaka
110a375401 core: Don't keep using deprecated ath_ API.
* src/posix-io.c: Don't include ath.h.
(_gpgme_io_read): Call read directly.
(_gpgme_io_write): Call write directly.
(_gpgme_io_waitpid): Call waitpid directly.
(_gpgme_io_select_select): Call select directly.
(_gpgme_io_recvmsg): Call recvmsg directly.
(_gpgme_io_sendmsg): Call sendmsg directly.
(_gpgme_io_connect): Call connect directly.
* src/assuan-support.c: Don't include ath.h.
(my_waitpid): Call waitpid directly.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-04-05 14:25:00 +09:00
NIIBE Yutaka
b2a2158384 core: Support keylist mode for op_keylist_from_data.
* src/engine-backend.h (keylist_data): Add MODE argument.
* src/engine-gpg.c (gpg_keylist_data): Add MODE argument.
* src/engine.c (_gpgme_engine_op_keylist_data): Likewise.
* src/engine.h (_gpgme_engine_op_keylist_data): Declaration.
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_engine_op_keylist_data with ctx->keylist_mode.

--

GnuPG-bug-id: 5438
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-03-16 16:19:50 +09:00
Ingo Klöcker
3c2cff74b5 core: New function gpgme_op_receive_keys
* src/gpgme.h.in (gpgme_op_receive_keys_start, gpgme_op_receive_keys):
New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-backend.h (struct engine_ops): Add arg keyids to field
'import'.
* src/engine.h, src/engine.c (_gpgme_engine_op_import): Add arg keyids.
* src/engine.c (_gpgme_engine_op_import): Forward new arg keyids.
* src/import.c: (_gpgme_op_import_start, _gpgme_op_import_keys_start):
Pass NULL to new arg of _gpgme_op_import_start.
(_gpgme_op_receive_keys_start, gpgme_op_receive_keys_start,
gpgme_op_receive_keys): New.
* src/engine-gpg.c (gpg_import): Add arg keyids. Extend check for
valid arguments. Build command line if keyids are given.
* src/engine-gpgsm.c (gpgsm_import): Add arg keyids. Return error if
keyids is not NULL.

tests/run-receive-keys.c: New.
tests/Makefile.am (noinst_PROGRAMS): Add new test runner.
--

The new function allows importing keys given by their key ids or
fingerprints from a keyserver (like gpg's --recv-keys command).

GnuPG-bug-id: 5808
2022-02-03 15:56:30 +01:00
Ingo Klöcker
a527bd7cf5 core: Return an error for secret key export operations
src/export.c (export_status_handler): Handle "export_keys.secret".
--

This allows callers of the synchronous export operations to react
properly to errors (e.g. wrong passphrase) during the export of secret
keys.

GnuPG-bug-id: 5766
2022-01-10 12:34:49 +01:00
Ingo Klöcker
2752e81f89 core: Add new option --secret-subkey to help texts.
* src/gpgme-tool.c (hlp_export): Add new option.
* tests/run-export.c (show_usage): Print new option.
--

GnuPG-bug-id: 5757
2022-01-04 12:30:22 +01:00
Ingo Klöcker
0e19c48791 core: New export mode to export secret subkeys.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New.
* src/export.c (check_mode): Allow new mode and check for invalid
combinations.
(export_keys_start): Return error if new mode flag is set.
* src/engine-gpg.c (export_common): Implement.
* src/gpgme-tool.c (cmd_export): New option --secret-subkey.
* tests/run-export.c (main): New option --secret-subkey.
--

This adds support for exporting secret subkeys (via gpg's
--export-secret-subkeys) to gpgme_op_export[_ext][_start].
The flag is not supported by gpgme_op_export_keys[_start] because
there is no way to specify which subkey(s) to export with these
functions.

GnuPG-bug-id: 5757
2022-01-04 09:23:40 +01:00
Ingo Klöcker
c710af223c core: Check for unsupported export mode flags
src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Return error if an
unsupported mode flag is set.
--

The minimal mode flag has no effect for X.509 certificates, but we still
treat it as supported (as documented in the API documentation).

GnuPG-bug-id: 5757
2022-01-04 09:22:46 +01:00
Ingo Klöcker
c0581adabe core: Check for combination of ssh mode with other mode flags
* src/export.c (check_mode): Return error if ssh mode is combined with
another mode flag.
--

The SSH mode flag cannot be used in combination with other flags.

GnuPG-bug-id: 5757
2022-01-04 09:22:25 +01:00
Ingo Klöcker
3268575115 core: Factor out the check for valid export mode flags.
* src/export.c (check_mode): New.
(export_start, export_ext_start): Call check_mode.
--

GnuPG-bug-id: 5757
2022-01-04 09:21:37 +01:00
Ingo Klöcker
305d8668ca core: Detect bad passphrase error on certificate import
* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.

* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.

* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--

When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.

GnuPG-bug-id: 5713
2021-12-22 15:25:42 +01:00
Ingo Klöcker
d35d44efaf core: Allow setting import filters when importing keys
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".

* tests/run-import.c (main): Add option --import-filter.
--

This makes the --import-filter option available in the GPGME API for
key imports.

GnuPG-bug-id: 5739
2021-12-14 15:44:37 +01:00
Ingo Klöcker
fd680254da core: Set --key-origin option only if supported by gpg
* src/engine-gpg.c (gpg_import): Do not pass --key-origin option to
gpg if gpg is too old.
--

GnuPG-bug-id: 5733
2021-12-14 14:41:23 +01:00
Ingo Klöcker
60880adafa core: Allow specifiying a key origin when importing keys
* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".

* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--

This makes the --key-origin option available in the GPGME API for
key imports.

GnuPG-bug-id: 5733
2021-12-13 16:52:23 +01:00
Ingo Klöcker
0ac3679a74 core: Support all components with dirinfo()
* src/dirinfo.c (WANT_KEYBOXD_NAME, WANT_AGENT_NAME, WANT_SCDAEMON_NAME,
WANT_DIRMNGR_NAME, WANT_PINENTRY_NAME): New.
(dirinfo): Add fields keyboxd_name, agent_name, scdaemon_name,
dirmngr_name, pinentry_name.
(parse_output): Support "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry".
(get_gpgconf_item): Return new components.

tests/t-engine-info.c (main): Add new components to the output.
--

GnuPG-bug-id: 5727
2021-12-10 12:04:05 +01:00
Werner Koch
b8b49c11e9
core: Make the gpgconf option parsing of string types more robust
* src/engine-gpgconf.c (gpgconf_parse_option): Skip the string
indicator if it is not the empty string.
--

Some versions of GnuPG (~2.2.28 to 2.2.33) returned a compliance
indicator which should be an int but actually used string as type.
Simply skipping the indicator without checking that this is the
indicator does not allow to work around this type mismatch by the
gpgme users.
2021-11-25 11:48:11 +01:00
Werner Koch
eb37d6469e
core: Support dirinfo("socketdir")
* src/dirinfo.c (WANT_SOCKETDIR): New.
(dirinfo): Add field socketdir.
(parse_output): Support "socketdir".
(get_gpgconf_item): Return socketdir.

* tests/t-engine-info.c (main): Add socketdir to the output.

* src/w32-util.c (_gpgme_create_process_utf8): Fix indentation.
--

GnuPG-bug-id: 5613

This is not strictly necessary because we could deduce this from one
of the other socket info items but it is more clean to have a
dedicated info item.  The socketdir item is available for 5 years now
(GnuPG commit 8e3fa5a4b205c534de2142e5d071712f957cf06a)
2021-11-25 11:40:59 +01:00
NIIBE Yutaka
8148237cb4 posix: Use poll instead, when available, removing use of select.
* configure.ac (HAVE_POLL_H): Add the check.
* src/ath.c [!HAVE_POLL_H] (ath_select): Enable conditionally.
* src/posix-io.c [HAVE_POLL_H] (_gpgme_io_select_poll): Use poll.
* tests/gpg/t-cancel.c [HAVE_POLL_H] (do_select): Use poll.
* tests/gpg/t-eventloop.c [HAVE_POLL_H] (do_select): Use poll.

--

GnuPG-bug-id: 2385
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-25 11:13:17 +09:00
NIIBE Yutaka
4583ab77e5 gpgme.pc: Fix library dependency and use of includedir, libdir.
* src/gpgme.pc.in (Require): Move gpg-error, libassuan to...
(Requires.private): ... here.
(Cflags): Add -I${includedir}.
(Libs): Add -L${libdir}.

--

This will result better library dependency for applications using
gpgme.  It will break build of an application which directly uses
gpg-error or libassuan without specifying them (which means, depending
on redundant/wrong gpgme.pc).

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-11-12 11:05:53 +09:00
NIIBE Yutaka
3c1c98a434 core: Use flexible array member if compiler has support.
* configure.ac (AC_C_FLEXIBLE_ARRAY_MEMBER): Add.
* src/engine-gpg.c (struct arg_and_data_s): Use FLEXIBLE_ARRAY_MEMBER.
(_add_arg): Use offsetof instead of sizeof.
(add_data): Likewise.

--

Before this fix, GCC 11 warns (with its bound checking feature).

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2021-08-13 14:52:03 +09:00
Ingo Klöcker
7cfc93193d core: Fix results returned by gpgme_data_* functions
src/debug.h (TRACE_SYSRES_OFF_T, _trace_sysres_off_t,
TRACE_SYSRES_SSIZE_T, _trace_sysres_ssize_t): New.
src/data.c (gpgme_data_read, gpgme_data_write, gpgme_data_seek): Use
appropriate new tracing macros instead of casting the results to int.
--

This change adds tracing macros for results of system functions of
type __off_t and __ssize_t.

GnuPG-bug-id: 5481
2021-08-03 12:13:27 +02:00
Jiri Kucera
4b64774b6d
core: Support closefrom also for glibc.
* src/posix-io.c (_gpgme_io_spawn): Use glibc's closefrom.
--

Since 2.34, glibc introduces closefrom (the implementation
follows *BSD standard).

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-07-27 10:52:13 +02:00
Ingo Klöcker
34d9defc42 core: Allow specifying an expiration date for key signatures
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".

* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--

The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.

GnuPG-bug-id: 5336, 5505
2021-06-22 16:35:03 +02:00
Werner Koch
fde20940b5
core: New data flags "io-buffer-size" and "sensitive".
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.

* src/conversion.c (_gpgme_wipememory): New.  Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.

* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--

GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 19:51:28 +02:00
Werner Koch
ea290108e4
core: Also detect AuthEnvelopedData (AEAD for CMS)
* src/data-identify.c (basic_detection): Add OID.

Signed-off-by: Werner Koch <wk@gnupg.org>
2021-06-14 17:10:49 +02:00
Andre Heinecke
ceb8387460
core,w32: Increase BUFFER_SIZE to 4096
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.

--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.

GnuPG-Bug-Id: T5478
2021-06-10 15:33:51 +02:00
Andre Heinecke
4041e2c62a
core: Explicitly add GPG_ERROR_CFLAGS
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS

--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
2021-06-09 10:47:05 +02:00
Ingo Klöcker
5512133de4 core: Fix a few checks for number of fields in keylist result parser.
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--

This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
2021-06-02 10:20:26 +02:00
Werner Koch
88db69e1a9
core: Make sure to stay ABI compatible.
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--

Fixes-commit: 276187f6b6

Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
2021-05-12 08:48:26 +02:00
Ingo Klöcker
276187f6b6 core: Extend gpgme_key_sig_t with trust signature members.
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419
2021-05-05 19:23:48 +02:00
Werner Koch
0821e2b149
core: New flag GPGME_KEYSIGN_FORCE.
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.

* tests/run-keysign.c (show_usage): Add option --force
--

GnuPG-bug-id: 4584
2021-03-11 11:49:07 +01:00
Werner Koch
c8fd8870b3
core: Remove experimental feature GPGME_EXPORT_MODE_NOUID.
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--

Note that this constant was never announed and used only for internal
tests.  It made it into some release only by accident.

The constants is kept in gpgme.h to not break any code but it is
non-fucntionals.  We do not consider this an ABI break.

GnuPG-bug-id: 5284
2021-02-01 16:48:30 +01:00
Werner Koch
bb9880778f
Release 1.15.1 2021-01-08 18:14:33 +01:00
Ingo Klöcker
5137d7fc21 core: Make listing of signatures work if only secret keys are listed
* src/engine-gpg.c (gpg_keylist_build_options): Add "--with-sig-check"
argument if signatures shall be listed.
* tests/gpg/t-keylist-secret-sig.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
--

GnuPG-bug-id: 3580
2021-01-05 17:44:16 +01:00
NIIBE Yutaka
53ac732bae core: Call _gpgme_passphrase_status_handler when exporting keys.
* src/export.c (export_status_handler): Call the handler.

--

Fixes-commit: 3382ecb17e
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-24 15:00:27 +09:00
NIIBE Yutaka
4c6fd36159 m4: Update with newer autoconf constructs.
* src/gpgme.m4: Replace AC_HELP_STRING to AS_HELP_STRING.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-20 12:07:33 +09:00
Werner Koch
feea38c89d
Release 1.15.0
* configure.ac: Bump LT versions to c=C35/A24/R0, cpp=C18/A13/R0,
qt=C12/A5/R0.
--

GnuPG-bug-id: 5131
2020-11-12 10:24:22 +01:00
NIIBE Yutaka
3382ecb17e core: Support exporting secret keys.
* src/export.c (export_start): Set command handler for passphrase
interaction for the case when it's secret keys.
(export_ext_start): Likewise.

--

GnuPG-bug-id: 5046
Co-authored-by: Louis Dupré Bertoni
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-11-12 13:11:08 +09:00
Werner Koch
eb99e8c483
Require at least libgpg-error 1.36
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--

Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion.  This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-11-09 11:50:46 +01:00
Ben Kibbey
35ca460019 Parse STATUS_CANCELED_BY_USER.
* src/gpgme.h.in (GPGME_STATUS_CANCELED_BY_USER): New.
* src/status-table.c (status_table_s): Add "CANCELED_BY_USER".
* src/passphrase.c (_gpgme_passphrase_status_handler): Return
GPG_ERR_CANCELED during GPGME_STATUS_CANCELED_BY_USER.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2020-11-03 17:47:44 -08:00
Ingo Klöcker
f3407d0ee4 core: New function gpgme_op_revsig.
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--

This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
NIIBE Yutaka
fd904f87f8 gpgsm: Fix leaked fd.
* src/engine-gpgsm.c (gpgsm_new): Close gpgsm->diag_cb.server_fd.

--

GnuPG-bug-id: 5074
Reported by: VladislavGrudinin
Fixes-commit: dd21ec997c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-10-01 11:18:50 +09:00
Werner Koch
e4ee706e27
core: Fully implement the inquire callback for assuan_transact
* src/engine-assuan.c (inquire_cb): Implement returning data.

* tests/opassuan/t-command.c (inq_cb): Send some test data.
--

The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be

 ./t-command 'scd setattr --inquire PRIVATE-DO-1'

and then reading the data back using

  gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-09-09 12:13:20 +02:00
Ingo Klöcker
f66f856c89 core: Add error handling to setexpire
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.

* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--

Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.

GnuPG-bug-id: 4395
2020-08-14 11:11:23 +02:00
Ingo Klöcker
db82e99a8a core: New function gpgme_op_setexpire.
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--

This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.

Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
2020-08-04 16:51:56 +02:00
Werner Koch
dfeedcc28d
core: Also allow GPGME_EXPORT_MODE_SSH for gpgme_op_export.
* src/export.c (export_start): Allow that mode.
--

The test tools uses gpgme_op-export_ext and thus did not caught it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 16:47:31 +02:00
Werner Koch
7f9e0ca57b
core: New export mode to export as OpenSSH public key.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--

GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 12:00:46 +02:00
Werner Koch
8589091682
core: Deprecate the non-working trustlist functions.
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member.  Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--

This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago.  It was anyway marked as
experimental.  We keep the API and ABI, though.

GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 16:34:24 +02:00
Werner Koch
c8048bf8eb
core: New keylist mode GPGME_KEYLIST_MODE_WITH_KEYGRIP.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.

* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--

GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 14:11:17 +02:00
Werner Koch
728ead8ebd
core: Fix setting of the chain_model signature result.
* src/verify.c (parse_trust): Fix detection of "chain" keyword.
--

Fixes-commit: da6f3dc0c5
from 2007 shortly after introducing this.  I doubt that this info has
ever been used (it is for qualified signatures, which are only
supported using the legacy German RegTP rules for them which were soon
overturned by the commercial CAs).

Signed-off-by: Werner Koch <wk@gnupg.org>
2020-06-05 14:46:56 +02:00
Andre Heinecke
52f930c1ed
w32: Explicitly link ws2_32
* src/Makefile.am (gpgme_w32_extra_libs): New.
(libgpgme_la_LIBADD, libgpgme_glib_la_LIBADD): Use it.

--
Since w32-io.c directly uses functions from ws2_32 it should
not rely on libgpg-error to pull in this dependency.
2020-05-08 16:38:19 +02:00
Werner Koch
004fdf61c8
core: Make sure the keygrip is available in WITH_SECRET mode.
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--

Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing.  Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.

GnuPG-bug-id: 4820
2020-05-08 11:18:42 +02:00
NIIBE Yutaka
71ef398bfd build: Fix library dependency.
* src/Makefile.am (gpgme_tool_LDADD): Add @GPG_ERROR_LIBS@.

--

Since gpgme-tool uses gpg_strerror, it should be linked
to -lgpg-error.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2020-03-27 16:24:13 +09:00
Werner Koch
3afa534645
core: New context flags "include-key-block" and "auto-key-import".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "include-key-block" and
"auto-key-import".
(gpgme_get_ctx_flag): Ditto.
* src/context.h (struct gpgme_context): Add flags include_key_block
and auto_key_import.
* src/engine-gpg.c (struct engine_gpg): Likewise.
(gpg_set_engine_flags): Set the flags for gpg versions >= 2.2.20.
(gpg_decrypt): Set option according to the new flags.
(gpg_encrypt): Ditto.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.
(gpg_verify): Ditto.

tests/run-verify: Add option --auto-key-import.
tests/run-sign: add option --include-key-block.
--

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-17 17:24:21 +01:00
Andre Heinecke
39052913f2
core: Add MacOS fallbacks to look for binaries
* src/posix-util.c (find_executable): New.
(walk_path_str): Factored out from walk_path.
(walk_path): Replaced by find_executable.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Use find_executable.

--
This should help to locate GnuPG on MacOS systems where
it is not part of the PATH environment variable and
should reduce the need to have fixed path known
at GPGME compile time.

mailvelope/issue699
2020-01-17 12:42:56 +01:00
Werner Koch
5eeae535ee
core: Extend gpgme_user_id_t with uidhash member.
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--

The uidhash value is part of gpg's output since the year 2005.  This
now adds support to gpgme.  The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-13 15:11:00 +01:00
Daniel Kahn Gillmor
ae4d7761a1 gpg: Avoid error diagnostics with --override-session-key when verifying
* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are
not verifying.

--

Without this change, the signature verification would fail.  This
problem was introduced in bded8ebc59 in
an attempt to avoid an error when *not* verifying.  Clearly more test
suite coverage is needed to avoid introducing this sort of problem in
the future.

GnuPG-bug-id: 3464
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-12-06 10:41:44 +09:00
Daniel Kahn Gillmor
c0c97dbbe6 gpgme-tool: Fix help text for INCLUDE_CERTS.
* src/gpgme-tool.c (hlp_include_certs): added missing newline.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2019-12-03 18:42:07 -05:00
Werner Koch
d480a3c8f3
core,w32: Silence compiler warnings.
* src/w32-util.c (_gpgme_w32_cancel_synchronous_io): Add some casts.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-11-27 20:40:39 +01:00
Andre Heinecke
1242c6c93a
core: Fix parsing of userid sigs after a subpkg
* src/keylist.c (keylist_colon_handler): Do not clear
out the tmp_uid when a subpacket line is encountered.

--
When the uid is cleared no more signatures following
the subpacket are parsed, so we now no longer clear
it when a subpacket is encountered.
2019-10-29 16:43:37 +01:00
Andre Heinecke
0224408c63
core: Add cert-notation support and extended-edit
* src/context.h (gpgme_context): Add new flag for extended-edit.
* src/engine-gpg.c (append_args_from_sig_notations): Add flags to
control the kind of notations.
(gpg_edit): Respect extended-edit and notations.
(gpg_encrypt_sign, gpg_sign): Update call to
append_args_from_sig_notations.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Support
extended-edit.
* NEWS, doc/gpgme.texi: Mention extended-edit.

--
This provides a way to get the extended key-edit interface without
breaking bad state machines that rely on the current command flow.

A use case for this is to enable multiple local signatures, which
can be used together with annotations for:

GnuPG-Bug-Id: T4734
2019-10-29 16:11:54 +01:00
Andre Heinecke
fe2892618c
core,w32: Initialize dbg_help for socket debugging
* src/w32-io.c (_gpgme_io_select): Initialize dbg_help.

--
This fixes a crash on Windows because dbg_help might
be used unitialized.
2019-10-28 16:02:22 +01:00
Andre Heinecke
6f4a886b30
core: Fix arg counting in enginge-gpg
* src/engine-gpg.c (build_argv): Properly check for all
arguments and allocate memory for them.

--
This fixes a potential buffer overflow which could be created
by using unusual and partially contradictory options.
Like offline and auto-key-locate together while
using ignore-mdc-error.
As the list of arguments should not be user controlled the
impact of this is very low.

To ensure that this does not happen in the future an
assert is also added with this patch.
2019-07-16 11:39:29 +02:00
Werner Koch
4f11210b21
core: At debug levels up to 9 print only an ascii dump.
* src/debug.c (_gpgme_debug_buffer): Switch between two output
formats.
--

The new format is much more practical than the bunch of hex digits
followed by just 16 ascii chars.  To get the old behaviour use a debug
level of 10.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-13 08:46:16 +02:00
Werner Koch
f84abcad25
core: Add commented debug helper to posix-io.c.
* src/posix-io.c (_gpgme_is_fd_valid): New out-commented function.
--

This code is sometimes useful to track down invalid file descriptors.
We keep it commented in the code.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-06 18:57:28 +02:00
Werner Koch
6b9ff1ba39
core: Fix error return value of _gpgme_run_io_cb.
* src/wait.c (_gpgme_run_io_cb): Fix return code.
--

The function needs to return an gpg_error_t and not ERRNO.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-06 18:57:28 +02:00
Werner Koch
0f68c9f16b
core: Prettify _gpgme_io_select debug output again and fix TRACE_SYSRES.
* src/debug.c (_gpgme_debug): Take better care of NULL userinfo.
(_gpgme_debug_end): Rework.
(_trace_sysres): Print ERRNO and not the supplied RES.
--

The TRACE_SYSRES patch fixes
Regression-due-to: 7a1e7006d0

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-05 16:48:47 +02:00
Werner Koch
8f9f3224aa
core: Improve the debug messages even more.
* src/debug.c (_gpgme_debug): Add arg LINE.  Chnage all callers.
(_gpgme_debug_begin): Remove.
* src/debug.h (TRACE_SEQ): Use the LINE arg of _gpgme_debug.
--

This includes chnages to always print fds in decimal as weel as
tweaking the TARCE_SEQ function to make use of the new machinery.

The standard 'tag' can now always be NULL and no tag information will
be printed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-05 15:54:55 +02:00
Werner Koch
856d2e8d64
core: Avoid explicit locks in the debug code.
* src/debug.c (debug_lock): Remove.  Also remove all users.
(_gpgme_debug): Use gpgrt_bsprintf to prepare the output and finally
print using standard fprintf.  Reformat to prefix to be narrower.
--

Note that the locks are now implicitly done using the systems stdio.

The threadid is now printed with 4 digits in hex and thus without the
angle brackets and the 0x.  However it is still a hex number even if it
may look like an octal number.  The hex letters are uppercase to make
searching in locks easier iff the threadid happens to have a letter in
it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-05 13:11:16 +02:00
Werner Koch
f56c996318
json: Print "nan", "-inf", "inf" if needed.
* src/cJSON.c (print_number): Print NaN and INF.
--

GnuPG-bug-id: 4328
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 10:56:48 +02:00
Werner Koch
fabe96126b
json: Improve handling of large exponents in the JSON parsor.
* src/cJSON.c: Include stdint.h.
(parse_number): Avoid overflob in SUBSCALE and cap integer values.
--

GnuPG-bug-id: 4330
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 10:42:40 +02:00
Werner Koch
1024884e07
core: Implement recpstring option parsing for gpgsm.
* src/engine-gpg.c (append_args_from_recipients_string): Detect bad
options.
* src/engine-gpgsm.c (set_recipients_from_string): Implement option
parsing.
--

The only option we actually implement is "--" but the code layout is
now very simlar to engine-gpg and can easily be extended if ever
needed.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 09:29:09 +02:00
Werner Koch
e9ca36f876
core: Make gpgme_op_encrypt_ext work for CMS.
* src/engine-gpgsm.c (gpgsm_encrypt): Fix argument check.
--

It is pretty obvious thar the string based new encrypt function has
never been tested for S/MIME.  The fix was easy.  A followup patch
will extend it to allow for keywords in the future.

GnuPG-bug-id: 4556
Fixes-commit: a1f76b3b54
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-06-04 08:27:49 +02:00
NIIBE Yutaka
7673ef7953 core: Fix duplication of close_notify_handler for gpgsm.
* src/engine-gpgsm.c [!USE_DESCRIPTOR_PASSING] (gpgsm_new): Remove
last call to _gpgme_io_set_close_notify.

--

It is called just after the code in question for all cases.

GnuPG-bug-id: 4456
Fixes-commit: dd21ec997c
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-19 14:54:52 +09:00
NIIBE Yutaka
814f6c8de8 core: Fix error return.
* src/engine.c (_gpgme_set_engine_info): Add error return.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2019-04-19 11:34:12 +09:00
Andre Heinecke
140d694e1f
core,w32: Fix minor potential memleak
* src/w32-util.c (_gpgme_create_process_utf8): Free converted
startup info strings.
2019-04-09 14:24:17 +02:00
Andre Heinecke
ecbba12b86
core,w32: Fix new w32-util functions
* src/w32-util.c (_gpgme_access): Respect mode parameter.
(_gpgme_create_process_utf8): Convert startupinfo, too.

--
This both did not show up in testing as we only use
mode F_OK and STARTUPINFOA is basically the same as
STARTUPINFOW.

Fixes commit: a82e3a0ae5

GnuPG-Bug-Id: T4453
2019-04-09 14:11:21 +02:00
Andre Heinecke
a82e3a0ae5
core,w32: Improve handling of Unicode paths
* src/dirinfo.c (get_gpgconf_item): Use _gpgme_access.
* src/posix-util.c (_gpgme_access): Add forward to normal access.
* src/sys-util.h (_gpgme_access): New for posix and w32.
* src/w32-io.c (_gpgme_io_spawn): Use _gpgme_crate_process_utf8.
* src/w32-util.c (utf8_to_wchar, utf8_to_wchar0): The usual w32 conv.
(find_program_in_dir): Use _gpgme_access.
(find_program_at_standard_place): Use wchar API and convert to UTF-8.
(_gpgme_access): Convert UTF-8 to wchar and use wchar API.
(_gpgme_create_process_utf8): Convert UTF-8 to wchar and use wchar API.

--
While we should not say that we have full support for unicode path
installations of GnuPG, this ensures that GPGME works if GPGME
itself is installed in a unicode path. e.g.: Libreoffice supports
this.

GnuPG-Bug-Id: T4453

Based on a patch provided by Egor Pugin. Thanks.
2019-04-09 13:42:58 +02:00
Andre Heinecke
937adfdcbb
core,w32: Show w32-spawn warning only once
* src/w32-io.c (_gpgme_io_spawn): Show MessageBox only once.

--
This prevents multiple message boxes from showing when
the GPGME installation is unworkable.

GnuPG-Bug-Id: T4453
2019-04-09 13:25:08 +02:00
Andre Heinecke
4a4680f890
core, w32: Fix format string errors on windows
* src/debug.c (_gpgme_debug): Use gpgrt_vasprintf instead of
vfprintf to have a more portable format.

--
This fixes crashes on Windows because "%zu" is used which
is not natively supported on Windows but which gpgrt supports.
2019-03-27 17:47:41 +01:00
Andre Heinecke
19a4c4daa2
core: Fix assuan logger-fd hack for windows
* src/assuan-support.c (my_spawn): Zero is a perfectly fine fd.
2019-03-27 16:12:38 +01:00
Andre Heinecke
213c4bc1eb
core,w32,glib: Fix build of w32-glib-io.c
* src/w32-glib-io.c (_gpgme_io_pipe, _gpgme_io_connect): Do not
use TRACE_SUC in a return statement.
2019-03-26 19:22:44 +01:00
Andre Heinecke
10576dc427
core: Fix a strtoul to strtol
* src/assuan-support.c (my_spawn): Fix using strtoul for
a long.

--
This was commented on in129def87b262 and is correct.
It is signed here to better handle cases where an
invalid handle value (-1) would be passed.
2019-03-26 16:35:13 +01:00
Andre Heinecke
129def87b2
core, w32: Add hack to translate diag logger-fd
* src/assuan-support.c (my_spawn): Add hack to
mark the logger fd for w32spawn translation.

--
The w32 spawn code needs to modify argv with
an updated fd that matches the real id
in the spawned process.

It uses spawn_fd_item_s.arg_loc for that.
We hack it here so that the arg_loc is set
for gpgsm's logger-fd without changing
the assuan API.

GnuPG-Bug-Id: T4426
2019-03-25 14:56:37 +01:00
Werner Koch
dd21ec997c
core: Support GPGME_AUDITLOG_DIAG for gpgsm.
* src/engine-gpgsm.c (struct engine_gpgsm): Add fields diag_cb and
diagnostics.
(close_notify_handler): Close the diag fd on status fd close.
Handle diag close.
(gpgsm_cancel): Handle diag.
(gpgsm_release): Free DIAGNOSTICS.
(gpgsm_new): Support the diag feature.
(start): Set a handler for the diag fd.
(gpgsm_getauditlog): Support GPGME_AUDITLOG_DIAG.
--

Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-03-19 19:53:22 +01:00
Werner Koch
1bdab961c5
json: Fix cosmetic error in the repl.
* src/gpgme-json.c (native_messaging_repl): Use correct var with sizeof.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-28 14:05:06 +01:00
Andre Heinecke
4a117859e7
json: Limit recursion depth
* src/cJSON.c (MAX_DEPTH): New. Maximum recursion depth.
(parse_value, parse_array, parse_object): Carry and check
depth argument.
(cJSON_ParseWithOpts): Initialize depth.

--
This fixes a stack overflow if we get weird recursive
json data.

GnuPG-Bug-Id: T4331
2019-02-27 14:27:47 +01:00
Werner Koch
4c49417cc0
core,w32: Fix missing sentinel in dir name builder.
* src/w32-util.c (_gpgme_get_gpgconf_path): Add NULL top strconcat.
--

Fortunately this is called early and the stack like cleared out so
that we have not seen wrong behaviour until now.  We should really fix
all these annoying HANDLE/int cast warnings and alike so that real
bugs are not drowned by them.

GnuPG-bug-id: 4369
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-02-19 12:11:22 +01:00
Werner Koch
ed81892917
json: Better use gpgme_free
* src/gpgme-json.c (subkey_to_json): here
--

Avoid Windows ugliness of allowing different CRTs in the same
process.

Fixes-commit: 7f24233719
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-25 15:20:26 +01:00
Werner Koch
7f24233719
json: Fix minor memory leaks.
* src/gpgme-json.c (interactive_repl): Fix memleak.
(subkey_to_json): Ditto
(op_config): Delay init of j_comps to avoid a leak on error.
--

GnuPG-bug-id: 4341, 4342, 4343
Signed-off-by: Werner Koch <wk@gnupg.org>
2019-01-25 13:45:47 +01:00
Werner Koch
8b41fb08f0
core: Silence newer compiler warnings.
* configure.ac: Add -Wno-format-truncation and
  -Wno-sizeof-pointer-div.
* src/b64dec.c (_gpgme_b64dec_proc): Add fallthrough annotation.
* src/cJSON.c (parse_string): Ditto.
* src/gpgme-json.c (main): Ditto.
--

gcc 8 enables a couple of new warnings.  Some of them are useless for
us.  In particular:

  util.h:42:26: warning: division 'sizeof (char *) / sizeof (char)'
  does not compute the number of array elements [-Wsizeof-pointer-div]
  #define DIM(v) (sizeof(v)/sizeof((v)[0])) ^

  trustlist.c:101:22: note:
  in expansion of macro 'DIM' if (strlen (p) == DIM(item->keyid) - 1)

Which is a real standard way to use DIM, here the right hand side is
equivalent to sizeof but nevertheless it is correct.  Yes sir, we know
C.

The format string warnings I have seen were assuming that the time
structure returns valued out of scope - but if the system is that
broken, the s_n_printf catches this.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-17 16:47:27 +01:00