| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-assuan.c (inquire_cb): Implement returning data.
* tests/opassuan/t-command.c (inq_cb): Send some test data.
--
The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be
./t-command 'scd setattr --inquire PRIVATE-DO-1'
and then reading the data back using
gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* lang/qt/src/listallkeysjob.h (ListAllKeysJob::start): Document that
the mergeKeys argument is ignored with gpg >= 2.1.
--
GnuPG-bug-id: 4794
|
| |
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/key.cpp (Key::update): Call Context::key() only once
with KeyListMode::WithSecret.
--
With gpg >= 2.1, get the key with --with-secret instead of first trying
to get the secret key and, if that fails, getting the public key.
GnuPG-bug-id: 4794
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/qgpgmelistallkeysjob.cpp
(do_list_keys): Rename to do_list_keys_legacy and put into unnamed
namespace.
(merge_keys): Put into unnamed namespace.
(list_keys): Rename to list_keys_legacy and put into unnamed namespace.
(do_list_keys, list_keys): New.
* lang/qt/tests/t-keylist.cpp (testListAllKeysSync): New.
--
With gpg >= 2.1, list keys once with --with-secret instead of listing
public keys and secret keys and then merging (part of) the information
about the keys.
GnuPG-bug-id: 4794
|
| |
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/global.h (WithSecret): New.
* lang/cpp/src/context.cpp (operator<<): Handle WithSecret.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t,
convert_from_gpgme_keylist_mode_t): Ditto.
--
GnuPG-bug-id: 4794
|
| |
|
|
|
|
|
|
| |
* lang/cpp/src/util.h
(add_to_gpgme_keylist_mode_t): Sort modes as in enum definition and
add missing modes to check.
(convert_from_gpgme_keylist_mode_t): Add missing handling of
GPGME_KEYLIST_MODE_WITH_TOFU and GPGME_KEYLIST_MODE_WITH_KEYGRIP.
|
| |
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/key.cpp (Key::mergeWith): Also merge secret flag and
keygrip
--
The keygrip was lost if the result of a public key listing was merged
with the result of a secret key listing as done by QGpgMEListAllKeysJob.
GnuPG-bug-id: 4794
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/dn.cpp (parse_dn_part): Fix parser.
--
This could in theory result in reading bytes after a after Nul in a
string and thus possible segv on unallocated memory or reading other
parts of the memory. However, it is harmless because the rfc2253
strings have been received from GnuPG which is expected to emit
correct syntax.
GnuPG-bug-id: 5037
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.
* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--
Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.
GnuPG-bug-id: 4395
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/changeexpiryjob.h (ChangeExpiryJob::start): New overload
that accepts subkeys (with empty implementation).
* lang/qt/src/qgpgmechangeexpiryjob.h,
lang/qt/src/qgpgmechangeexpiryjob.cpp (QGpgMEChangeExpiryJob::start):
New overload that accepts subkeys.
--
This adds the possibility to change the expiry of subkeys.
GnuPG-bug-id: 4717
|
| |
|
|
|
|
|
|
|
| |
* lang/cpp/src/context.h, lang/cpp/src/context.cpp
(Context::getLFSeparatedListOfFingerprintsFromSubkeys): Remove
from Context; make it a static function instead
--
GnuPG-bug-id: 5003
|
| |
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/editinteractor.cpp (EditInteractor::Private::Private):
Use std::getenv.
--
This should fix compiling on MacOS X
GnuPG-Bug-Id: T5013
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/qgpgmechangeexpiryjob.cpp (change_expiry): Use new
setExpire() instead of edit() with GpgSetExpiryTimeEditInteractor
--
Using the new setExpire() (which uses --quick-set-expire) is a lot less
complex than using gpg's edit interface. It also feels faster. Next,
I'll add support for changing the expiration time of subkeys.
GnuPG-bug-id: 5003
|
| |
|
|
|
|
|
| |
* lang/qt/tests/t-various.cpp (TestVarious::testSetExpire): New.
--
GnuPG-bug-id: 5003
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/context.cpp
(Context::setExpire, Context::startSetExpire): New.
(Context::getLFSeparatedListOfFingerprintsFromSubkeys):
New helper.
* lang/cpp/src/context.h
(Context::SetExpireFlags): New enum.
(Context::setExpire, Context::startSetExpire): Add
prototypes.
(Context::getLFSeparatedListOfFingerprintsFromSubkeys):
Add as private helper.
--
GnuPG-bug-id: 5003
|
| |
|
|
|
|
|
|
| |
* lang/cpp/src/key.cpp (Subkey): Add ostream operator.
* lang/cpp/src/key.h: Update accordingly.
--
This is helpful for debugging / showing the state of a subkey.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--
This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.
Co-authored-by: Andre Heinecke <[email protected]>
GnuPG-bug-id: 4999
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
| |
* configure.ac: Bump LT versions to c=C34/A23/R0 cpp=C17/A11/R0
qt=C11/A4/R0.
--
GnuPG-bug-id: 4996
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/context.cpp, lang/cpp/context.h
(Context::startPublicKeyExport, Context::exportPublicKeys): Extend
with flags paramenter.
(Context::ExportMode): New.
* lang/qt/src/exportjob.h (ExportJob::setExportMode): New.
* lang/qt/src/qgpgmeexportjob.cpp, lang/qt/src/qgpgmeexportjob.h:
Update accordingly.
--
This adds the C++ and Qt API for export modes.
|
| |
|
|
|
|
|
|
|
| |
* src/export.c (export_start): Allow that mode.
--
The test tools uses gpgme_op-export_ext and thus did not caught it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--
GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.
* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--
GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* lang/python/tests/support.py (is_gpg_version): New.
* lang/python/tests/t-encrypt-sym.py: Add workaround.
--
GnuPG-bug-id: 4991
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* doc/gpgme.texi (gpgme_verify_result_t): Explain
GPGME_STATUS_NO_ERROR more clearly.
--
This might help to avoid misunderstandings how the
status can be interpreted and explains why a verify
of unsigned PGP Data returns no error.
As a reaction to CVE-2020-10759 discovered by Justin Steven.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/verify.c (parse_trust): Fix detection of "chain" keyword.
--
Fixes-commit: da6f3dc0c53f11f7432b3c258702db07d6c37f9a
from 2007 shortly after introducing this. I doubt that this info has
ever been used (it is for qualified signatures, which are only
supported using the legacy German RegTP rules for them which were soon
overturned by the commercial CAs).
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* lang/qt/tests/t-config.cpp (testKeyserver): Remove.
* tests/gpg/t-gpgconf.c (main): Test with dirmngr.keyserver.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* src/Makefile.am (gpgme_w32_extra_libs): New.
(libgpgme_la_LIBADD, libgpgme_glib_la_LIBADD): Use it.
--
Since w32-io.c directly uses functions from ws2_32 it should
not rely on libgpg-error to pull in this dependency.
|
| |
|
|
|
|
|
|
| |
* doc/gpgme.texi: Fixes version number from 1.8.0 to
1.9.0 for GPGME_CREATE_NOEXPIRE.
GnuPG-Bug-Id: T4922
Signed-off-by: dupgit <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--
Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing. Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.
GnuPG-bug-id: 4820
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/json/t-keylist-secret.out.json: Do not check for keygrip
of bravo key.
--
Since GnuPG 2.2.19 the keygrip is not emitted for public keys
in a keylisting --with-secret.
As the GPGME test suite should pass with several versions
the json test cannot test this as the suite does not allow
version checks for different output.
What the intended behavior is might still be up for discussion,
always adding --with-keygip is not a good solution because
it slows down keylistings for large keyrings.
GnuPG-Bug-Id: T4820
|
| |
|
|
|
|
| |
* tests/gpgsm/t-genkey.c (check_result): New.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/Makefile.am (gpgme_tool_LDADD): Add @GPG_ERROR_LIBS@.
--
Since gpgme-tool uses gpg_strerror, it should be linked
to -lgpg-error.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "include-key-block" and
"auto-key-import".
(gpgme_get_ctx_flag): Ditto.
* src/context.h (struct gpgme_context): Add flags include_key_block
and auto_key_import.
* src/engine-gpg.c (struct engine_gpg): Likewise.
(gpg_set_engine_flags): Set the flags for gpg versions >= 2.2.20.
(gpg_decrypt): Set option according to the new flags.
(gpg_encrypt): Ditto.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.
(gpg_verify): Ditto.
tests/run-verify: Add option --auto-key-import.
tests/run-sign: add option --include-key-block.
--
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <[email protected]>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* lang/qt/src/*: Change logging category to macro to QGPGME_LOG.
--
The old logging category macro had a typo and this way we
are more consistent with other logging rules. For example
you could write gpg.* in the logging conf.
|
| |
|
|
| |
* lang/qt/src/qgpgmegpgcardjob.cpp (do_work): Log call.
|
| |
|
|
|
|
| |
--
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* lang/qt/qgpgmegpgcardjob.cpp (QGpgMEGpgCardJob): Add context.
--
Otherwise it fails with an assert.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/job.cpp (GpgCardJob): Add impl stuff.
* lang/qt/src/protocol.h (gpgCardJob): Get one.
* lang/qt/src/qgpgmebackend.cpp,
lang/qt/src/qgpgmebackend.h: Add helpers to get the job.
* lang/qt/src/qgpgmegpgcardjob.cpp,
lang/qt/src/gpgcardjob.h,
lang/qt/src/qgpgmegpgcardjob.h: New.
--
This is annoyingly complex to add a simple new job.
In the future we should implement something like this
without the threadedjobmixin stuff. But the idea was
to follow the usual job pattern.
GnuPG-Bug-Id: T4794
|
| |
|
|
|
|
|
|
|
|
|
| |
* tests/json/t-keylist-secret.out.json
--
Since at least 2.2.19 GnuPG no longer emits secret = true
for keys where it does not have a secret. To avoid
failures with older versions we remove the check altogether.
GnuPG-Bug-Id: T4820
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* m4/python.m4: Scan for python 3.8 as well.
--
It's not clear to me why python3.8 should be commented out of the
python path search. This change simplifies and normalizes the search
for modern versions of python 3.
Signed-Off-By: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/posix-util.c (find_executable): New.
(walk_path_str): Factored out from walk_path.
(walk_path): Replaced by find_executable.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Use find_executable.
--
This should help to locate GnuPG on MacOS systems where
it is not part of the PATH environment variable and
should reduce the need to have fixed path known
at GPGME compile time.
mailvelope/issue699
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/gpgsignkeyeditinteractor.cpp (action):
Use uidhash instead of number.
(GpgSignKeyEditInteractor::setKey): New.
* lang/cpp/src/gpgsignkeyeditinteractor.h: Update accordingly.
* lang/cpp/src/key.h, lang/cpp/src/key.cpp: Wrap uidhash.
* lang/qt/src/qgpgmesignkeyjob.cpp: Set the key.
--
Using the uidhash avoids problems when the user ids
on --edit-key are different ones then the uids
captured by gpgme when listing keys. Or if
they are in a different order. This can happen
with cached keys or keys with user attributes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--
The uidhash value is part of gpg's output since the year 2005. This
now adds support to gpgme. The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
This reverts commit 1b2ad3b73c37d0583b8e438b4707dca60e26ae7e.
--
Just removing the documentation was not the right way as
this is still in use.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are
not verifying.
--
Without this change, the signature verification would fail. This
problem was introduced in bded8ebc59c7fdad2617f4c9232a58047656834c in
an attempt to avoid an error when *not* verifying. Clearly more test
suite coverage is needed to avoid introducing this sort of problem in
the future.
GnuPG-bug-id: 3464
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
| |
* src/gpgme-tool.c (hlp_include_certs): added missing newline.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
| |
|
|
|
|
|
| |
* src/w32-util.c (_gpgme_w32_cancel_synchronous_io): Add some casts.
--
Signed-off-by: Werner Koch <[email protected]>
|
