Commit Graph

750 Commits

Author SHA1 Message Date
Werner Koch
e36b2d1bce
New mode to list a v5 fingerprint for v4 packets.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_V5FPR): New.
(struct _gpgme_subkey): Add field v5fpr.
* src/engine-gpg.c (gpg_keylist_build_options): Pass new option to
gpg.
* src/key.c (gpgme_key_unref): Free new field.
* src/keylist.c (op_data_t): Parse and add "fp2" line.

* tests/run-keylist.c (show_usage): Add option --v5fpr.

* src/keylist.c (op_data_t): Add field failure_code.
(keylist_status_handler): Handle special value.
(gpgme_op_keylist_end): Return an error if a FAILURE line has been
seen.
--

Note that the failure code part has been added to better diagnose
problems if a wrong gpg version is used.  If verything works right we
should not get this because we check that the gnupg version sis either
>= 2.4.4 or less than 2.3 and >= 2.2.42.

Note further that the v5fpr field may also be used to get the SHA-256
fingerprint of X.509 certificates (even without passing the new mode
flag).

GnuPG-bug-id: 6705
2023-09-04 17:03:52 +02:00
Werner Koch
d75b2a9151
Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME.
* src/engine-gpgsm.c (gpgsm_encrypt): Send the always-trust options.

* tests/run-encrypt.c: Add option --always-trust.
--

Note that the run-encrypt test tool used to assume always-trust for
OpenPGP since 1.7.0 This bug has also been fixed by introducing the
explicit option.

GnuPG-bug-id: 6559
2023-08-31 12:02:02 +02:00
Ingo Klöcker
bc98f01c85
core: Use offline mode for all operations of gpgsm engine
* src/engine-backend.h (keylist, keylist_ext): Remove engine_flags.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
(_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): Remove.
* src/engine-gpgsm.c (struct engine_gpgsm): New field flags with offline
flag.
(have_gpgsm_version): New.
(gpg_set_engine_flags): Set the offline flag.
(start): Send OPTION "offline".
(gpgsm_keylist, gpgsm_keylist_ext): Remove engine_flags.  Remove
sending of OPTION "offline".
* src/keylist.c (gpgme_op_keylist_start, gpgme_op_keylist_ext_start):
Remove setting of offline flag.
--

GnuPG-bug-id: 6648
2023-08-14 12:24:00 +02:00
Ingo Klöcker
d72811a2c0
core: Store engine's version string in gpgsm engine
* src/engine-gpgsm.c (struct engine_gpgsm): Add field 'version'.
(gpgsm_new): Copy version string.
(gpgsm_release): Free VERSION.
--

GnuPG-bug-id: 6648
2023-08-14 12:23:55 +02:00
Ingo Klöcker
a9b28c79e9
core: Prevent wrong plaintext when verifying clearsigned signature
* src/engine-gpg.c (gpg_verify): Use a separate pipe instead of stdout
for reading the plaintext.

* tests/gpg/t-support.h (PGM): Define if undefined.
(print_data): Undefine BUF_SIZE.
(check_data): New.
* tests/gpg/t-verify.c (clearsigned_plus_key_block): New.
(main): Add test.
--

Reading the plaintext from stdout is a bad idea because gpg can also
print other stuff on stdout, e.g. the keys contained in a public key
block. This is fixed by reading the plaintext via a special pipe.

GnuPG-bug-id: 6622
2023-07-28 16:15:12 +02:00
Ingo Klöcker
777cf7f2d1
core: Return bad data error instead of general error on unexpected data
* src/verify.c (_gpgme_verify_status_handler): Return GPG_ERR_BAD_DATA
instead of GPG_ERR_GENERAL.
--

This gives users trying to decrypt and/or verify for example a public
key block a more useful error.

GnuPG-bug-id: 6617
2023-07-28 14:18:21 +02:00
Ingo Klöcker
1a9f192ab4
core: Support reading the archive to decrypt/verify directly from a file
* src/engine-gpg.c (add_file_name_arg_or_data): New.
(gpg_decrypt): Use add_file_name_arg_or_data instead of add_data for the
ciphertext.
(gpg_verify): Use add_file_name_arg_or_data instead of add_data for the
signature and the signed text.

* tests/run-decrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
file, create simple data object instead of data object from stream and
set input file name on input data.
* tests/run-verify.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
files, create simple data objects instead of data objects from stream
and set input file names on input data objects.
--

This change makes it possible to tell gpg (and gpgtar) to read the
input (i.e. the signed/encrypted data or the signature or the created
archive) directly from the files with given file names instead of from
streams piped through GpgME's Data IO.

GnuPG-bug-id: 6530
2023-06-21 14:38:50 +02:00
Ingo Klöcker
c38b620039
core: Support writing the sign/encrypt output directly to a file
* src/engine-gpg.c (gpg_encrypt): Pass output file name to gpg if output
has file name set.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.

* tests/run-encrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-sign.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
--

This change makes it possible to tell gpg (and gpgtar) to write the
output (i.e. the signed/encrypted data or the signature or the created
archive) directly to a file with given file name instead of piping
the output back to gpgme.

GnuPG-bug-id: 6530
2023-06-19 18:08:47 +02:00
Werner Koch
91bbb1e482
core: Send a input-size-hint for gpgsm.
* src/engine-gpgsm.c (send_input_size_hint): New.
(gpgsm_decrypt): Send hint.
(gpgsm_encrypt): Send hint.
(gpgsm_sign): Send hint.
(gpgsm_verify): Send hint.
--
GnuPG-bug-id: 6534
2023-06-15 13:00:01 +02:00
Werner Koch
eb68948c43
core: Use 64 bit instead of gpgme_off_t for some internal functions.
* src/conversion.c (_gpgme_string_to_off): Return an u64 value.
* src/data.c (_gpgme_data_get_size_hint): Ditto.
(gpgme_data_set_flag): Use u64 for io-buffer-size due to string_to_off
change.
* src/data.h (struct gpgme_data): Change size_hint to u64.
* src/engine-gpg.c (add_input_size_hint): Replace gpgme_off_t by u64.
--

GnuPG-bug-id: 6534
2023-06-15 11:01:46 +02:00
Werner Koch
fbc3963d62
core: For key signing and uid revoking allow an empty user id.
* src/engine-gpg.c (gpg_keysign): Required USERID to be non-empty.
--

For some language bindings it is easier if the engine considers an
empty user id to be equivalent to NULL.
2023-05-30 11:20:34 +02:00
Werner Koch
7351ef32ce
core: Support the new macOS Homebrew location.
* src/posix-util.c (find_executable): Extend the path.
--

GnuPG-bug-id: 6440
2023-04-20 13:35:50 +02:00
Werner Koch
7d1159c1e9
core: Avoid printf format warnings due to gpgme_ssize_t.
* src/debug.h (_trace_sysres_ssize_t): Cast arg.
2023-04-17 15:05:22 +02:00
Werner Koch
0c29119e06
core,w32: Fix invocation of gpgtar
* src/dirinfo.c (EXEEXT_S): New.
(get_gpgconf_item): Append ".exe" to gpg-wks-client and gpgtar.

* src/gpgme-w32spawn.c (mystderr): Add code to ease debugging.
2023-04-17 14:05:35 +02:00
Ingo Klöcker
d256ba7cc5
w32: Always use UTF-8 for localized texts
* configure.ac: Define GPG_ERR_ENABLE_GETTEXT_MACROS.
* src/version.c (do_subsystem_inits) [W32]: Switch gettext to UTF-8.
--

On Windows, applications using GpgME can now rely on localized texts
returned by GpgME, e.g. the texts for error codes, to be UTF-8 encoded.
In particular, this saves a useless and possibly lossy conversion to
native encoding and back to UTF-8. On other OSes, where we use the
system provided gettext, we assume that UTF-8 is used nowadays.

GnuPG-bug-id: 5960
2023-04-04 12:11:15 +02:00
Werner Koch
34cc7daba1
core: Minor code cleanup.
* src/engine-gpg.c (build_argv): Remove superfluous tes.
--

gpg_error_from_syserror is guaranteed not to return 0 even if errno is
not set.
2023-03-27 16:56:29 +02:00
Ingo Klöcker
b608c084b9
core: Initialize error variable
* src/engine-gpg.c (build_argv): Initialize err.
--

Fixes-commit: fbce7deb3b
2023-03-27 16:49:24 +02:00
Werner Koch
6d21256c92
core,cpp: Add new key flags to gpgme_subkey_t
* src/gpgme.h.in (struct _gpgme_subkey): Add bit flags can_renc,
can_timestamp, adn is_group_owned. Reduce size of _unused.
* src/keylist.c (set_subkey_capability): Set them.
* tests/run-keylist.c (main): Print them.

* lang/cpp/src/key.h (Subkey::canRenc): New.
(Subkey::canTimestamp): New.
(Subkey::isGroupOwned): New.
* lang/cpp/src/key.cpp: Implement new methods.
(Subkey::isQualified): Print them.
(std::ostream &operator<<): Print them.
--

GnuPG-bug-id: 6395
2023-03-21 08:37:47 +01:00
Werner Koch
c1f6535f14
core: Also detect legacy X.509 v0 certificates.
* src/data-identify.c (basic_detection): Loose the detection of X.509
certs.
2023-03-08 15:54:54 +01:00
Werner Koch
9c5506fde7
core: Switch to logging via gpgrt
* src/debug.c (errfp): Remove.
(debug_init): Factor some code out to ...
(safe_to_use_debug_file): new.
(tid_log_callback): New.
(debug_init): Rewrite to make use of gpgrt logging.
(_gpgme_debug): Ditto.
(_gpgme_debug_end): Remove extra LF testing code.
* src/dirinfo.c (get_gpgconf_item): Remove now unneeded LFs.  Realign
output.
2023-02-10 11:12:52 +01:00
Werner Koch
c0da6f77c6
core: Update copyright notices
--
2023-02-10 11:12:52 +01:00
Ingo Klöcker
41dc3bd22a
core: Allow finalization of signature verification of unencrypted data
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.

* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--

This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.

GnuPG-bug-id: 6368
2023-02-10 09:54:03 +01:00
Ingo Klöcker
7ad717f6ba
core: Make usage of input size hint compatible with gpgtar
* src/engine-gpg.c (add_input_size_hint): Use add_gpg_arg_with_value
to add the --input-size-hint option.
--

GnuPG-bug-id: 6342
2023-02-02 09:59:01 +01:00
Ingo Klöcker
7f541547fc
core: Allow usage of gpgtar also for new enough gpg 2.2
* src/engine-gpg.c (have_usable_gpgtar): New.
(start): Always pass --status-fd to the called process.
(gpg_decrypt, gpg_encrypt, gpg_encrypt_sign, gpg_sign, gpg_verify):
Use have_usable_gpgtar() to check for suitable gpg.
--

The version check in start() is not needed because versions of gpg
that are unsuitable for the usage of gpgtar are rejected already by
the callers.

GnuPG-bug-id: 6342
2023-02-02 09:47:10 +01:00
Werner Koch
5ab9c234d6
core,w32: More robust detection of GnuPG Desktop dir layout
* src/w32-util.c (INST_TYPE_GPG4WIN, INST_TYPE_GPGDESK): New to
replace the numeric constants.
(find_version_file): New.
(_gpgme_get_gpgconf_path): Guess a default for inst_type.
--

GnuPG-bug-id: 6362
2023-02-01 17:29:24 +01:00
Werner Koch
359378c5b3
json: New operation "identify" and convenience option --identify.
* src/gpgme-json.c (data_type_to_string): New.
(op_identify): New.
(process_request): Add to command list.
(cmd_identify): New.
(main): Add option --identify.
--
2023-01-31 09:52:04 +01:00
Ingo Klöcker
48b11f5762
core: Use signature modes as flags
* src/engine-backend.h (engine_ops.sign): Rename argument mode to
flags.
* src/engine-gpg.c (gpg_sign): Rename argument mode to flags. Check
for invalid combination of flags.
* src/engine-gpgsm.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine-uiserver.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_sign): Rename argument
mode to flags.
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): Change value to 4.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
* src/sign.c (sign_start): Rename argument mode to flags. Adjust
check for invalid flags.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
--

Using the signature mode constants as flags is more natural, even if
currently all flags are mutually exclusive, because archives are
signed with a normal signature.

GnuPG-bug-id: 6342
2023-01-30 12:49:11 +01:00
Ingo Klöcker
3580bb139b
core: Update required GnuPG version for new archive features
* src/engine-gpg.c (gpg_decrypt, gpg_encrypt, gpg_encrypt_sign,
gpg_sign, gpg_verify): Require gpg 2.4.1.

--

To work properly the archive feature needs a fix added in GnuPG 2.4.1.

GnuPG-bug-id: 6342
2023-01-26 09:52:11 +01:00
Ingo Klöcker
5b79b32397
core: Support usage of gpgtar for verifying a signed archive
* src/gpgme.h.in (gpgme_verify_flags_t): New enum.
(GPGME_VERIFY_ARCHIVE): New const.
(gpgme_op_verify_ext_start): New func.
(gpgme_op_verify_ext): New func.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/verify.c (gpgme_op_verify_ext_start): New.
(gpgme_op_verify_ext): New.
(verify_start): Add arg FLAGS.  Pass the flags to
_gpgme_engine_op_verify.
(gpgme_op_verify_start): Call gpgme_op_verify_ext_start with 0 for
FLAGS.
(gpgme_op_verify): Call gpgme_op_verify_ext with 0 for FLAGS.
* src/engine.c, src/engine.h (_gpgme_engine_op_verify): Add arg FLAGS.
* src/engine-backend.h (struct engine_ops): Add FLAGS to 'verify'.
* src/engine-gpg.c (gpg_verify): Add arg FLAGS. Set use_gpgtar engine
flag if GPGME_VERIFY_ARCHIVE flag is set. Check for new enough gpg. Use
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_verify): Add arg FLAGS. Return error if
GPGME_VERIFY_ARCHIVE flag is set.
* src/engine-uiserver.c (uiserver_verify): Ditto.

* tests/run-verify.c (show_usage): New options --archive, --directory,
and --diagnostics.
(main): Parse new options. Verify and extract with gpgtar if --archive
is given. Set file name of output data to value of --directory option.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

GnuPG-bug-id: 6342
2023-01-25 11:26:34 +01:00
Ingo Klöcker
95ea3bf831
core: Support usage of gpgtar for decrypting an encrypted archive
* src/gpgme.h.in (GPGME_DECRYPT_ARCHIVE): New decryption flag.
* src/engine-gpg.c (gpg_decrypt): Set use_gpgtar engine flag if
GPGME_DECRYPT_ARCHIVE flag is set. Check for new enough gpg and
incompatible flags. Use add_gpg_arg_with_value for gpg-only options
with a value and add_gpg_arg for gpg-only options without a value.
Set extra options for gpgtar and pass input data to stdin when using
gpgtar.

* tests/run-decrypt.c (show_usage): New options --archive and
--directory.
(main): Parse new options. Decrypt with gpgtar if --archive is given.
Set file name of output data to value of --directory option.
--

GnuPG-bug-id: 6342
2023-01-24 12:32:23 +01:00
Ingo Klöcker
419adf41af
core: Allow setting the base directory when creating an archive
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign, gpg_sign): Pass
file name set in data with --directory option to gpgtar.

* tests/run-encrypt.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
* tests/run-sign.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
--

GnuPG-bug-id: 6342
2023-01-23 12:17:22 +01:00
Ingo Klöcker
29cfcd316d
core: Support usage of gpgtar for creating an encrypted signed archive
* src/engine-gpg.c (gpg_encrypt_sign): Set use_gpgtar engine flag if
GPGME_ENCRYPT_ARCHIVE mode is set. Check for new enough gpg. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.

* tests/run-encrypt.c (print_result): Rename to print_encrypt_result.
Print header.
(print_sign_result): New.
(show_usage): New option --sign.
(main): Parse new option. Sign and encrypt --sign is given.
Print results of signing additionally to results of encryption.
--

With this change the gpgme_op_encrypt_sign* functions get support for
creating an encrypted and signed archive from files and/or directories
passed as NUL-separated list in the "plain" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-19 11:08:42 +01:00
Ingo Klöcker
0ca45e48b4
core: Support usage of gpgtar for creating a signed archive
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): New signature mode.
* src/engine-gpg.c (append_args_from_sender,
append_args_from_sig_notations): Use add_gpg_arg_with_value
for gpg-only options with a value.
(gpg_sign): Set use_gpgtar engine flag if GPGME_SIG_MODE_ARCHIVE mode
is set. Check for new enough gpg. Use add_gpg_arg_with_value for
gpg-only options with a value and add_gpg_arg for gpg-only options
without a value. Set extra options for gpgtar and pass input data to
stdin when using gpgtar.
* src/sign.c (sign_start): Add GPGME_SIG_MODE_ARCHIVE as valid mode.

* tests/run-sign.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Sign with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

With this change the gpgme_op_sign* functions get support for
creating a signed archive from files and/or directories passed as
NUL-separated list in the "in" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-19 10:45:04 +01:00
Ingo Klöcker
aa201b0bb6
core: Fix --set-filename argument
* src/engine-gpg.c (gpg_encrypt): Append equal sign to argument name.
--

GnuPG-bug-id: 6342
2023-01-19 10:29:56 +01:00
Ingo Klöcker
5d8316da1d
core: Support usage of gpgtar for encryption
* src/gpgme.h.in (GPGME_ENCRYPT_ARCHIVE): New encryption flag.
* src/engine-gpg.c (arg_and_data_s): New field gpg_arg.
(engine_gpg): New flag use_gpgtar.
(_add_arg): Add argument gpg_arg and set it.
(add_arg_ext, add_arg_with_locp, add_arg, add_arg_pfx, add_arg_len):
Adjust call of _add_arg.
(add_arg_with_locp): Add argument front.
(add_gpg_arg, add_gpg_arg_with_value): New.
(gpg_new): Use add_gpg_arg_with_value for gpg-only options with a value
and add_gpg_arg for gpg-only options without.
(build_argv): Consider usage of gpgtar when counting arguments to pass
to gpg/gpgtar. Prepend "--gpg-args" to all gpg-only arguments if gpgtar
is used.
(start): Set program to use. Read diagnostics output from stderr when
using gpgtar. Do not pass --status-fd to gpgtar for gpg < 2.4.1. Use
add_gpg_arg_with_value for --lc-ctype and --lc-messages.
(gpg_encrypt): Set use_gpgtar engine flag if GPGME_ENCRYPT_ARCHIVE flag
is set. Check for new enough gpg and incompatible flags. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options
for gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.

* tests/run-encrypt.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Encrypt with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

With this change the gpgme_op_encrypt* functions get support for
encrypting a list of files and/or directories passed as NUL-separated
list in "plain" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-18 11:48:02 +01:00
Ingo Klöcker
d56b3bc1cf
core: Defer adding --status-fd and --logger-fd to argument list
* src/engine-gpg.c (_append_to_arglist, _prepend_to_arglist): New.
(_add_arg): Use _append_to_arglist and _prepend_to_arglist.
(add_data_ext): New. Extends add_data.
(add_data): Uses add_data_ext.
(gpg_new): Do not add --status-fd and --logger-fd to argument list.
(start): Prepend --logger-fd and --status-fd to the argument list.
--

This change makes it possible to handle those two arguments differently
if gpgtar is used instead of gpg.

GnuPG-bug-id: 6342
2023-01-18 10:54:39 +01:00
Ingo Klöcker
12e490d97f
core: Extend gpgme_get_dirinfo to return the gpgtar name
* src/dirinfo.c (WANT_GPGTAR_NAME): New.
(dirinfo): Add field gpgtar_name.
(get_gpgconf_item): Build gpgtar_name on demand and return it.
(_gpgme_get_default_gpgtar_name) : New.
(gpgme_get_dirinfo): New value "gpgtar-name" for WHAT.
* src/util.h (_gpgme_get_default_gpgtar_name): New.

* tests/t-engine-info.c (main): Add gpgtar-name to the output.

GnuPG-bug-id: 6342
2023-01-18 10:30:17 +01:00
Ingo Klöcker
fbce7deb3b
core: Use "goto leave" pattern to clean up resources
* src/engine-gpg.c (build_argv): Initialize fd_data_map and argv. Goto
leave on error. Free fd_data_map and argv on error.
--

This will make it easier to add an additional "--with-gpg-args" option
where needed.

GnuPG-bug-id: 6342
2023-01-17 09:31:38 +01:00
Ingo Klöcker
984ff7e3a2
core: Do not add obsolete --no-sk-comments to command line
* src/engine-gpg.c (build_argv): Don't add "--no-sk-comments" to argv.
--

This option is a no-op since 1.4.3 and 1.4.23 is the latest 1.4 release.

GnuPG-bug-id: 6342
2023-01-16 12:28:13 +01:00
NIIBE Yutaka
f9cbf2c8a8
gpgme.m4: Fix AM_PATH_GPGME_PTHREAD.
* src/gpgme.m4 (AM_PATH_GPGME_PTHREAD): It's deprecated, since gpgme
supports threads and GNU C library has integrated pthread features.

--

GnuPG-bug-id: 6285
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-25 15:37:23 +09:00
Ingo Klöcker
5903fa454a
core: Allow nullptr for key on card-edit
* src/edit.c (interact_start, edit_start): Return error if key is null
on edit-key.
--

In case of card-edit, key is typically null.
2022-11-15 10:03:23 +01:00
NIIBE Yutaka
abd51848bd
gpgme.m4: Include _AM_PATH_GPGRT_CONFIG implementation.
* src/gpgme.m4 (_AM_PATH_GPGRT_CONFIG): New.
(_AM_PATH_GPGME_CONFIG): Require _AM_PATH_GPGRT_CONFIG.

--

GnuPG-bug-id: 6273
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-15 13:40:57 +09:00
Ingo Klöcker
6bcfbb3498
core: Check for nullptr
* src/edit.c (interact_start, edit_start): Return error if key is null.
--

This prevents a crash further down the road.
2022-11-11 11:46:11 +01:00
Ingo Klöcker
4f874ea431
core: New context flag "no-auto-check-trustdb"
* src/context.h (gpgme_context): Add field no_auto_check_trustdb.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add flag
"no-auto-check-trustdb".
* src/engine-gpg.c (engine_gpg): Add flags.no_auto_check_trustdb.
(gpg_set_engine_flags): Set the flag.
(build_argv): Pass option to gpg.

* tests/run-keylist.c (show_usage, main): Add option --no-trust-check.
--

This makes the --no-auto-check-trustdb option available in the GPGME API
to disable the potentially expensive automatic trust database check.

GnuPG-bug-id: 6261
2022-11-04 10:38:41 +01:00
NIIBE Yutaka
9f55dceca0
build: Prefer gpgrt-config when available.
* src/gpgme.m4: Overriding the decision by --with-gpgme-prefix,
use gpgrt-config gpgme when gpgrt-config is available.

--

This may offer better migration.

GnuPG-bug-id: 5034
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-11-02 10:12:46 +09:00
Werner Koch
1c9694f8d5
core: New global flags "inst-type".
* src/gpgme.c (gpgme_set_global_flag): Add flag "inst-type".
* src/w32-util.c (_gpgme_set_get_inst_type): New.
(INST_TYPE_GPG4WIN_DIR): New.
(INST_TYPE_GPGDESK_DIR): New.
(_gpgme_get_gpgconf_path): Implement this flag.  Replace fixed strings
by the macros.
* src/posix-util.c (_gpgme_set_get_inst_type): New dummy.
--

This is intended for use by Kleopatra to reliable find the expected
GnuPG installation.
2022-10-26 12:10:57 +02:00
Werner Koch
830e017e5d
core: Protect against a theoretical integer overflow in parsetlv.c
* src/parsetlv.c (_gpgme_parse_tlv): Detect integer overflow.
--

Although there is no concrete case where we use for example
(to.nhdr+ti.length), it feels safer to protect against this anyway.
2022-10-24 13:50:41 +02:00
Werner Koch
b1e5f3b183
core: Fix SIG_CREATED status parsing for 0x1F sigs
* src/sign.c (parse_sig_created): Special case the rfc4880 "1F" status.
--

This has always been wrong but we can't simply force strtol to assume
hex.  Patch compiles but has received no specific test.  For details
see
GnuPG-bug-id: 6223
2022-09-29 09:59:27 +02:00
NIIBE Yutaka
fbd9407646
Fix for modern compiler.
* src/argparse.c (show_version): It's no args.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-15 13:45:35 +09:00
NIIBE Yutaka
80670f60ba Fix parsing import status for invalid fingerprint.
* src/import.c (parse_import): Handle invalid fingerprint case.

--

GnuPG-bug-id: 6187
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2022-09-07 11:27:32 +09:00