| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".
* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--
The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.
GnuPG-bug-id: 5336, 5505
|
|
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.
* src/conversion.c (_gpgme_wipememory): New. Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.
* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--
GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data-identify.c (basic_detection): Add OID.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.
--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.
GnuPG-Bug-Id: T5478
|
|
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS
--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
|
|
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--
This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--
Fixes-commit: 276187f6b62a73e92b1c20f589510f80ab9e88d2
Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--
The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.
GnuPG-bug-id: 5245, 5419
|
|
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.
* tests/run-keysign.c (show_usage): Add option --force
--
GnuPG-bug-id: 4584
|
|
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--
Note that this constant was never announed and used only for internal
tests. It made it into some release only by accident.
The constants is kept in gpgme.h to not break any code but it is
non-fucntionals. We do not consider this an ABI break.
GnuPG-bug-id: 5284
|
|
|
|
* src/engine-gpg.c (gpg_keylist_build_options): Add "--with-sig-check"
argument if signatures shall be listed.
* tests/gpg/t-keylist-secret-sig.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
--
GnuPG-bug-id: 3580
|
|
* src/export.c (export_status_handler): Call the handler.
--
Fixes-commit: 3382ecb17eb5d2a373cf2eccb301854fff42f6aa
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.m4: Replace AC_HELP_STRING to AS_HELP_STRING.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac: Bump LT versions to c=C35/A24/R0, cpp=C18/A13/R0,
qt=C12/A5/R0.
--
GnuPG-bug-id: 5131
|
|
* src/export.c (export_start): Set command handler for passphrase
interaction for the case when it's secret keys.
(export_ext_start): Likewise.
--
GnuPG-bug-id: 5046
Co-authored-by: Louis Dupré Bertoni
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--
Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion. This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_STATUS_CANCELED_BY_USER): New.
* src/status-table.c (status_table_s): Add "CANCELED_BY_USER".
* src/passphrase.c (_gpgme_passphrase_status_handler): Return
GPG_ERR_CANCELED during GPGME_STATUS_CANCELED_BY_USER.
Signed-off-by: Ben Kibbey <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--
This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.
GnuPG-bug-id: 5094
|
|
* src/engine-gpgsm.c (gpgsm_new): Close gpgsm->diag_cb.server_fd.
--
GnuPG-bug-id: 5074
Reported by: VladislavGrudinin
Fixes-commit: dd21ec997cf4b6ba18538c63c728478110ad1f60
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/engine-assuan.c (inquire_cb): Implement returning data.
* tests/opassuan/t-command.c (inq_cb): Send some test data.
--
The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be
./t-command 'scd setattr --inquire PRIVATE-DO-1'
and then reading the data back using
gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.
* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--
Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.
GnuPG-bug-id: 4395
|
|
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--
This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.
Co-authored-by: Andre Heinecke <[email protected]>
GnuPG-bug-id: 4999
|
|
* src/export.c (export_start): Allow that mode.
--
The test tools uses gpgme_op-export_ext and thus did not caught it.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--
GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.
* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--
GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/verify.c (parse_trust): Fix detection of "chain" keyword.
--
Fixes-commit: da6f3dc0c53f11f7432b3c258702db07d6c37f9a
from 2007 shortly after introducing this. I doubt that this info has
ever been used (it is for qualified signatures, which are only
supported using the legacy German RegTP rules for them which were soon
overturned by the commercial CAs).
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/Makefile.am (gpgme_w32_extra_libs): New.
(libgpgme_la_LIBADD, libgpgme_glib_la_LIBADD): Use it.
--
Since w32-io.c directly uses functions from ws2_32 it should
not rely on libgpg-error to pull in this dependency.
|
|
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--
Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing. Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.
GnuPG-bug-id: 4820
|
|
* src/Makefile.am (gpgme_tool_LDADD): Add @GPG_ERROR_LIBS@.
--
Since gpgme-tool uses gpg_strerror, it should be linked
to -lgpg-error.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "include-key-block" and
"auto-key-import".
(gpgme_get_ctx_flag): Ditto.
* src/context.h (struct gpgme_context): Add flags include_key_block
and auto_key_import.
* src/engine-gpg.c (struct engine_gpg): Likewise.
(gpg_set_engine_flags): Set the flags for gpg versions >= 2.2.20.
(gpg_decrypt): Set option according to the new flags.
(gpg_encrypt): Ditto.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.
(gpg_verify): Ditto.
tests/run-verify: Add option --auto-key-import.
tests/run-sign: add option --include-key-block.
--
GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/posix-util.c (find_executable): New.
(walk_path_str): Factored out from walk_path.
(walk_path): Replaced by find_executable.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Use find_executable.
--
This should help to locate GnuPG on MacOS systems where
it is not part of the PATH environment variable and
should reduce the need to have fixed path known
at GPGME compile time.
mailvelope/issue699
|
|
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--
The uidhash value is part of gpg's output since the year 2005. This
now adds support to gpgme. The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-gpg.c (gpg_decrypt): only send --no-keyring when we are
not verifying.
--
Without this change, the signature verification would fail. This
problem was introduced in bded8ebc59c7fdad2617f4c9232a58047656834c in
an attempt to avoid an error when *not* verifying. Clearly more test
suite coverage is needed to avoid introducing this sort of problem in
the future.
GnuPG-bug-id: 3464
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
* src/gpgme-tool.c (hlp_include_certs): added missing newline.
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
|
|
* src/w32-util.c (_gpgme_w32_cancel_synchronous_io): Add some casts.
--
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/keylist.c (keylist_colon_handler): Do not clear
out the tmp_uid when a subpacket line is encountered.
--
When the uid is cleared no more signatures following
the subpacket are parsed, so we now no longer clear
it when a subpacket is encountered.
|
|
* src/context.h (gpgme_context): Add new flag for extended-edit.
* src/engine-gpg.c (append_args_from_sig_notations): Add flags to
control the kind of notations.
(gpg_edit): Respect extended-edit and notations.
(gpg_encrypt_sign, gpg_sign): Update call to
append_args_from_sig_notations.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Support
extended-edit.
* NEWS, doc/gpgme.texi: Mention extended-edit.
--
This provides a way to get the extended key-edit interface without
breaking bad state machines that rely on the current command flow.
A use case for this is to enable multiple local signatures, which
can be used together with annotations for:
GnuPG-Bug-Id: T4734
|
|
* src/w32-io.c (_gpgme_io_select): Initialize dbg_help.
--
This fixes a crash on Windows because dbg_help might
be used unitialized.
|
|
* src/engine-gpg.c (build_argv): Properly check for all
arguments and allocate memory for them.
--
This fixes a potential buffer overflow which could be created
by using unusual and partially contradictory options.
Like offline and auto-key-locate together while
using ignore-mdc-error.
As the list of arguments should not be user controlled the
impact of this is very low.
To ensure that this does not happen in the future an
assert is also added with this patch.
|
|
* src/debug.c (_gpgme_debug_buffer): Switch between two output
formats.
--
The new format is much more practical than the bunch of hex digits
followed by just 16 ascii chars. To get the old behaviour use a debug
level of 10.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/posix-io.c (_gpgme_is_fd_valid): New out-commented function.
--
This code is sometimes useful to track down invalid file descriptors.
We keep it commented in the code.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/wait.c (_gpgme_run_io_cb): Fix return code.
--
The function needs to return an gpg_error_t and not ERRNO.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/debug.c (_gpgme_debug): Take better care of NULL userinfo.
(_gpgme_debug_end): Rework.
(_trace_sysres): Print ERRNO and not the supplied RES.
--
The TRACE_SYSRES patch fixes
Regression-due-to: 7a1e7006d06fdbab86ea79a197c316744b09d933
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/debug.c (_gpgme_debug): Add arg LINE. Chnage all callers.
(_gpgme_debug_begin): Remove.
* src/debug.h (TRACE_SEQ): Use the LINE arg of _gpgme_debug.
--
This includes chnages to always print fds in decimal as weel as
tweaking the TARCE_SEQ function to make use of the new machinery.
The standard 'tag' can now always be NULL and no tag information will
be printed.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/debug.c (debug_lock): Remove. Also remove all users.
(_gpgme_debug): Use gpgrt_bsprintf to prepare the output and finally
print using standard fprintf. Reformat to prefix to be narrower.
--
Note that the locks are now implicitly done using the systems stdio.
The threadid is now printed with 4 digits in hex and thus without the
angle brackets and the 0x. However it is still a hex number even if it
may look like an octal number. The hex letters are uppercase to make
searching in locks easier iff the threadid happens to have a letter in
it.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/cJSON.c (print_number): Print NaN and INF.
--
GnuPG-bug-id: 4328
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/cJSON.c: Include stdint.h.
(parse_number): Avoid overflob in SUBSCALE and cap integer values.
--
GnuPG-bug-id: 4330
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-gpg.c (append_args_from_recipients_string): Detect bad
options.
* src/engine-gpgsm.c (set_recipients_from_string): Implement option
parsing.
--
The only option we actually implement is "--" but the code layout is
now very simlar to engine-gpg and can easily be extended if ever
needed.
Signed-off-by: Werner Koch <[email protected]>
|
