* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".
* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--
This makes the --key-origin option available in the GPGME API for
key imports.
GnuPG-bug-id: 5733
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".
* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--
The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.
GnuPG-bug-id: 5336, 5505
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.
* src/conversion.c (_gpgme_wipememory): New. Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.
* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--
GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--
The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.
GnuPG-bug-id: 5245, 5419
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--
This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.
Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpgme.texi (gpgme_verify_result_t): Explain
GPGME_STATUS_NO_ERROR more clearly.
--
This might help to avoid misunderstandings how the
status can be interpreted and explains why a verify
of unsigned PGP Data returns no error.
As a reaction to CVE-2020-10759 discovered by Justin Steven.
* doc/gpgme.texi: Fixes version number from 1.8.0 to
1.9.0 for GPGME_CREATE_NOEXPIRE.
GnuPG-Bug-Id: T4922
Signed-off-by: dupgit <olivier.delhomme@free.fr>
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--
Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing. Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.
GnuPG-bug-id: 4820
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--
The uidhash value is part of gpg's output since the year 2005. This
now adds support to gpgme. The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/Makefile.am: Remove uiserver.texi
* doc/gpgme.texi: Remove UI-Server mentions.
* doc/uiserver.texi: Removed.
--
This prepares the removal of UI Server from implementing
applications like Kleopatra.
The only user of the UI Server is GpgEX and even that
does not need it at all and is better served with process
calls.
GnuPG-Bug-Id: T4030
* src/context.h (gpgme_context): Add new flag for extended-edit.
* src/engine-gpg.c (append_args_from_sig_notations): Add flags to
control the kind of notations.
(gpg_edit): Respect extended-edit and notations.
(gpg_encrypt_sign, gpg_sign): Update call to
append_args_from_sig_notations.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Support
extended-edit.
* NEWS, doc/gpgme.texi: Mention extended-edit.
--
This provides a way to get the extended key-edit interface without
breaking bad state machines that rely on the current command flow.
A use case for this is to enable multiple local signatures, which
can be used together with annotations for:
GnuPG-Bug-Id: T4734
* src/context.h (gpgme_context): Extend with trust_model.
* src/engine-gpg.c (engine_gpg): Extend with trust_model.
(gpg_set_engine_flags): Take trust_model from context.
(build_argv): Handle trust_model.
(gpg_release): Free trust_model.
* src/gpgme.c (gpgme_set_ctx_flag): Handle trust-model flag.
(gpgme_release): Release trust-model.
* doc/gpgme.texi: Document new flag for gpgme_set_ctx_flag.
(Context Flags): New subsection for the context flags.
* tests/run-keylist.c (show_usage, main): Add new --trust-model
parameter.
--
This gives a GPGME user fine grained control over the
trust-model.
Changing the trust model for only a single application depends
on:
GnuPG-Bug-Id: T4134
Maniphest Tasks: T4134
Differential Revision: https://dev.gnupg.org/D466
* conf/: New dir.
* configure.ac (AC_CONFIG_HEADER): Move header to conf dir.
* doc/Makefile.am (mkdefsinc): Adjust rule.
* lang/python/Makefile.am (copystamp): Ditto.
--
C++ uses those stupid files without a suffix and thus the new standard
header <version> as included by newer other libc++ versions may
conflict with the VERSION file in out top directory. This change
should solve the problem.
GnuPG-bug-id: 4168
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/Makefile.am: Removed a bit I forgot about.
* Renamed lang/python/docs to lang/python/doc bvecause apparently
automake cares about that too.
* Decided to be extra explicit in the manifest because if I don't then
all sorts of things get deleted ... like lang/python
* Tested on an external linux system just in case my osx workstation
introduces too much weirdness.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* doc/Makefile.am: removed the python howto from this file, restoring
it to just the main project and the newer .js files.
* deleted: doc/gpgme-python-howto.texi
* renamed the Short_History.org file to short-history.org to keep the
naming conventions similar.
* All the Python files can (and should) live together.
* Changed the order of python versions the configure/make process
checks for, placing Python 3.7 ahead of 3.6.
* Updated the HOWTO documentation to reflect this change.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Tightened up the docs a little bit, updated the "what's new"
section, dropped the "-draft" version in preparation for GPGME
1.12.0's release.
* Exported another .texi version (and updated the draft copies to this
commit (which ought to be 1.11.1-beta313).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Sometimes you really do need or want punctuation in a heading, but
ideally without something else generating whitespace and other
annoyances to go with it.
* Trying a real decimal point instead.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Woumd up the "what's new" section.
* Added an example for sending a key to the keyservers via hkp4py.
* Updated the export key code to use a more complete check for the
$GNUPGHOME location.
* Expanded on the installation and reinstallation troubleshooting
section.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added a What's New section to summarise changes since the last
release. There have been quite a few and some attention does need
to be drawn to some of them.
* Confirming certain issues with some platform builds, especially
BSD/OSX vs. Linux issues which will need to update the installation
troubleshooting guides.
* Added more comprehensive examples using hkp4py and added a couple
more example scripts for protonmail.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Mostly tightening up the details on the hkp4py example script.
* Also fixed a typo in the LGPL boiler plate text included in all the
other example scripts for the HOWTO.
* added a new example script to search the keyservers and import the
results, this time using Marcel Fest's hkp4py module.
* Updated the key importing section to match this addition.
* Tested with the current version of hkp4py from github.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Confirmed that updates to the tests have significant'y improved that
output.
* Updated some of the additional notes for the section on hkp4py.
** This is in anticipation adding at least import examples using that
module as well. It may also include adding examples of exporting a
key and uploading it to the keyservers.
Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Added some material on using the new-ish hkp4py module with GPGME.
* Example code will be added later once a couple of little issues are
addressed.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Sanitized the shell command examples of extraneous whitespace.
* Removed keycount.c as sanitising it is pointless and it will be
generated by Cython when the example is followed.
* Regenerated the .texi version.
* Added new advanced section with an example of using the Python
bindings with CPython code compiled back to C code using Cython.
* Though it may seem a bit counter-intuitive to use the bindings just
to go back to C via a different route, this is not actually stupid.
* Added examples/howto/advanced/cython/ directory.
* Added keycount.pyx, setup.py and the keycount.c file which the first
two generated with Cython. Not including the .so and .o files from
the build.
* Exported the .texi version of the howto for the main docs.
* lang/python/docs/gpgme-python-howto.org: more tweaks and edits,
along with another build of output formats.
* doc/gpgme-python-howto.texi: updated texinfo version for parent docs.
* lang/python/docs/GPGMEpythonHOWTOen.org: Added corresponding GPGME
version number to table at the start and cut the shortcut from the
groups.py example.
* doc/gpgme-python-howto.texi: New export of Texinfo file for docs
build.
* gpgme.spec.in: Added gpgme-python-howto.info build on the grounds
that it now deals with certain possible installation issues and end
users encountering them would want the docs to hand.
* doc/gpgme.texi: updated the copyright year to this year.