| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--
Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.
GnuPG-bug-id: 5939
|
|
* configure.ac (nanosleep): Detect.
* src/assuan-support.c: Don't use __assuan_usleep.
(my_socketpair): Don't use __assuan_socketpair.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/posix-io.c: Don't include ath.h.
(_gpgme_io_read): Call read directly.
(_gpgme_io_write): Call write directly.
(_gpgme_io_waitpid): Call waitpid directly.
(_gpgme_io_select_select): Call select directly.
(_gpgme_io_recvmsg): Call recvmsg directly.
(_gpgme_io_sendmsg): Call sendmsg directly.
(_gpgme_io_connect): Call connect directly.
* src/assuan-support.c: Don't include ath.h.
(my_waitpid): Call waitpid directly.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/engine-backend.h (keylist_data): Add MODE argument.
* src/engine-gpg.c (gpg_keylist_data): Add MODE argument.
* src/engine.c (_gpgme_engine_op_keylist_data): Likewise.
* src/engine.h (_gpgme_engine_op_keylist_data): Declaration.
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_engine_op_keylist_data with ctx->keylist_mode.
--
GnuPG-bug-id: 5438
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_receive_keys_start, gpgme_op_receive_keys):
New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-backend.h (struct engine_ops): Add arg keyids to field
'import'.
* src/engine.h, src/engine.c (_gpgme_engine_op_import): Add arg keyids.
* src/engine.c (_gpgme_engine_op_import): Forward new arg keyids.
* src/import.c: (_gpgme_op_import_start, _gpgme_op_import_keys_start):
Pass NULL to new arg of _gpgme_op_import_start.
(_gpgme_op_receive_keys_start, gpgme_op_receive_keys_start,
gpgme_op_receive_keys): New.
* src/engine-gpg.c (gpg_import): Add arg keyids. Extend check for
valid arguments. Build command line if keyids are given.
* src/engine-gpgsm.c (gpgsm_import): Add arg keyids. Return error if
keyids is not NULL.
tests/run-receive-keys.c: New.
tests/Makefile.am (noinst_PROGRAMS): Add new test runner.
--
The new function allows importing keys given by their key ids or
fingerprints from a keyserver (like gpg's --recv-keys command).
GnuPG-bug-id: 5808
|
|
src/export.c (export_status_handler): Handle "export_keys.secret".
--
This allows callers of the synchronous export operations to react
properly to errors (e.g. wrong passphrase) during the export of secret
keys.
GnuPG-bug-id: 5766
|
|
* src/gpgme-tool.c (hlp_export): Add new option.
* tests/run-export.c (show_usage): Print new option.
--
GnuPG-bug-id: 5757
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New.
* src/export.c (check_mode): Allow new mode and check for invalid
combinations.
(export_keys_start): Return error if new mode flag is set.
* src/engine-gpg.c (export_common): Implement.
* src/gpgme-tool.c (cmd_export): New option --secret-subkey.
* tests/run-export.c (main): New option --secret-subkey.
--
This adds support for exporting secret subkeys (via gpg's
--export-secret-subkeys) to gpgme_op_export[_ext][_start].
The flag is not supported by gpgme_op_export_keys[_start] because
there is no way to specify which subkey(s) to export with these
functions.
GnuPG-bug-id: 5757
|
|
src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Return error if an
unsupported mode flag is set.
--
The minimal mode flag has no effect for X.509 certificates, but we still
treat it as supported (as documented in the API documentation).
GnuPG-bug-id: 5757
|
|
* src/export.c (check_mode): Return error if ssh mode is combined with
another mode flag.
--
The SSH mode flag cannot be used in combination with other flags.
GnuPG-bug-id: 5757
|
|
* src/export.c (check_mode): New.
(export_start, export_ext_start): Call check_mode.
--
GnuPG-bug-id: 5757
|
|
* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.
* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.
* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--
When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.
GnuPG-bug-id: 5713
|
|
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".
* tests/run-import.c (main): Add option --import-filter.
--
This makes the --import-filter option available in the GPGME API for
key imports.
GnuPG-bug-id: 5739
|
|
* src/engine-gpg.c (gpg_import): Do not pass --key-origin option to
gpg if gpg is too old.
--
GnuPG-bug-id: 5733
|
|
* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".
* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--
This makes the --key-origin option available in the GPGME API for
key imports.
GnuPG-bug-id: 5733
|
|
* src/dirinfo.c (WANT_KEYBOXD_NAME, WANT_AGENT_NAME, WANT_SCDAEMON_NAME,
WANT_DIRMNGR_NAME, WANT_PINENTRY_NAME): New.
(dirinfo): Add fields keyboxd_name, agent_name, scdaemon_name,
dirmngr_name, pinentry_name.
(parse_output): Support "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry".
(get_gpgconf_item): Return new components.
tests/t-engine-info.c (main): Add new components to the output.
--
GnuPG-bug-id: 5727
|
|
* src/engine-gpgconf.c (gpgconf_parse_option): Skip the string
indicator if it is not the empty string.
--
Some versions of GnuPG (~2.2.28 to 2.2.33) returned a compliance
indicator which should be an int but actually used string as type.
Simply skipping the indicator without checking that this is the
indicator does not allow to work around this type mismatch by the
gpgme users.
|
|
* src/dirinfo.c (WANT_SOCKETDIR): New.
(dirinfo): Add field socketdir.
(parse_output): Support "socketdir".
(get_gpgconf_item): Return socketdir.
* tests/t-engine-info.c (main): Add socketdir to the output.
* src/w32-util.c (_gpgme_create_process_utf8): Fix indentation.
--
GnuPG-bug-id: 5613
This is not strictly necessary because we could deduce this from one
of the other socket info items but it is more clean to have a
dedicated info item. The socketdir item is available for 5 years now
(GnuPG commit 8e3fa5a4b205c534de2142e5d071712f957cf06a)
|
|
* configure.ac (HAVE_POLL_H): Add the check.
* src/ath.c [!HAVE_POLL_H] (ath_select): Enable conditionally.
* src/posix-io.c [HAVE_POLL_H] (_gpgme_io_select_poll): Use poll.
* tests/gpg/t-cancel.c [HAVE_POLL_H] (do_select): Use poll.
* tests/gpg/t-eventloop.c [HAVE_POLL_H] (do_select): Use poll.
--
GnuPG-bug-id: 2385
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.pc.in (Require): Move gpg-error, libassuan to...
(Requires.private): ... here.
(Cflags): Add -I${includedir}.
(Libs): Add -L${libdir}.
--
This will result better library dependency for applications using
gpgme. It will break build of an application which directly uses
gpg-error or libassuan without specifying them (which means, depending
on redundant/wrong gpgme.pc).
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac (AC_C_FLEXIBLE_ARRAY_MEMBER): Add.
* src/engine-gpg.c (struct arg_and_data_s): Use FLEXIBLE_ARRAY_MEMBER.
(_add_arg): Use offsetof instead of sizeof.
(add_data): Likewise.
--
Before this fix, GCC 11 warns (with its bound checking feature).
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
src/debug.h (TRACE_SYSRES_OFF_T, _trace_sysres_off_t,
TRACE_SYSRES_SSIZE_T, _trace_sysres_ssize_t): New.
src/data.c (gpgme_data_read, gpgme_data_write, gpgme_data_seek): Use
appropriate new tracing macros instead of casting the results to int.
--
This change adds tracing macros for results of system functions of
type __off_t and __ssize_t.
GnuPG-bug-id: 5481
|
|
* src/posix-io.c (_gpgme_io_spawn): Use glibc's closefrom.
--
Since 2.34, glibc introduces closefrom (the implementation
follows *BSD standard).
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".
* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--
The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.
GnuPG-bug-id: 5336, 5505
|
|
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.
* src/conversion.c (_gpgme_wipememory): New. Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.
* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--
GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data-identify.c (basic_detection): Add OID.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.
--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.
GnuPG-Bug-Id: T5478
|
|
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS
--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
|
|
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--
This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--
Fixes-commit: 276187f6b62a73e92b1c20f589510f80ab9e88d2
Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--
The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.
GnuPG-bug-id: 5245, 5419
|
|
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.
* tests/run-keysign.c (show_usage): Add option --force
--
GnuPG-bug-id: 4584
|
|
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--
Note that this constant was never announed and used only for internal
tests. It made it into some release only by accident.
The constants is kept in gpgme.h to not break any code but it is
non-fucntionals. We do not consider this an ABI break.
GnuPG-bug-id: 5284
|
|
|
|
* src/engine-gpg.c (gpg_keylist_build_options): Add "--with-sig-check"
argument if signatures shall be listed.
* tests/gpg/t-keylist-secret-sig.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
--
GnuPG-bug-id: 3580
|
|
* src/export.c (export_status_handler): Call the handler.
--
Fixes-commit: 3382ecb17eb5d2a373cf2eccb301854fff42f6aa
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.m4: Replace AC_HELP_STRING to AS_HELP_STRING.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac: Bump LT versions to c=C35/A24/R0, cpp=C18/A13/R0,
qt=C12/A5/R0.
--
GnuPG-bug-id: 5131
|
|
* src/export.c (export_start): Set command handler for passphrase
interaction for the case when it's secret keys.
(export_ext_start): Likewise.
--
GnuPG-bug-id: 5046
Co-authored-by: Louis Dupré Bertoni
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac (NEED_GPG_ERROR_VERSION): Require 1.36.
* src/cJSON.c: Remove code for older version.
* src/engine.c (gpgme_get_engine_info): Ditto.
* src/gpgme-json.c: Ditto.
* src/op-support.c: Ditto.
* src/util.h: Ditto.
--
Libgpg-error 1.36 has been released more than 18 months ago so it is
time to avoid hacks and require this verion. This will for example
help Kleopatra to support PIV cards and improves the gpgme-json.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_STATUS_CANCELED_BY_USER): New.
* src/status-table.c (status_table_s): Add "CANCELED_BY_USER".
* src/passphrase.c (_gpgme_passphrase_status_handler): Return
GPG_ERR_CANCELED during GPGME_STATUS_CANCELED_BY_USER.
Signed-off-by: Ben Kibbey <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--
This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.
GnuPG-bug-id: 5094
|
|
* src/engine-gpgsm.c (gpgsm_new): Close gpgsm->diag_cb.server_fd.
--
GnuPG-bug-id: 5074
Reported by: VladislavGrudinin
Fixes-commit: dd21ec997cf4b6ba18538c63c728478110ad1f60
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/engine-assuan.c (inquire_cb): Implement returning data.
* tests/opassuan/t-command.c (inq_cb): Send some test data.
--
The old code only allowed to send an empty response which was good
enough for scdaemon's KNOWNCARDP inquire but not to send actual data.
A quick test using a test smartcard might be
./t-command 'scd setattr --inquire PRIVATE-DO-1'
and then reading the data back using
gpg-connect-agent 'scd getattr PRIVATE-DO-1' /bye
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/genkey.c (setexpire, gpgme_op_setexpire_start,
gpgme_op_setexpire): Move to ...
* src/setexpire.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETEXPIRE.
* lang/qt/tests/t-various.cpp (testSetExpire): Test error handling.
--
Errors (and failures) emitted via status-fd need to be handled
explicitly, i.e. we need to provide an appropriate status handler with
corresponding op_data_t. Additionally, we need to set a passphrase
command handler if a passphrase callback is set in the context, e.g.
during tests.
GnuPG-bug-id: 4395
|
|
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--
This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.
Co-authored-by: Andre Heinecke <[email protected]>
GnuPG-bug-id: 4999
|
|
* src/export.c (export_start): Allow that mode.
--
The test tools uses gpgme_op-export_ext and thus did not caught it.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--
GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member. Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago. It was anyway marked as
experimental. We keep the API and ABI, though.
GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.
* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--
GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <[email protected]>
|
