| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/edit.c (interact_start, edit_start): Return error if key is null
on edit-key.
--
In case of card-edit, key is typically null.
|
|
* src/gpgme.m4 (_AM_PATH_GPGRT_CONFIG): New.
(_AM_PATH_GPGME_CONFIG): Require _AM_PATH_GPGRT_CONFIG.
--
GnuPG-bug-id: 6273
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/edit.c (interact_start, edit_start): Return error if key is null.
--
This prevents a crash further down the road.
|
|
* src/context.h (gpgme_context): Add field no_auto_check_trustdb.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add flag
"no-auto-check-trustdb".
* src/engine-gpg.c (engine_gpg): Add flags.no_auto_check_trustdb.
(gpg_set_engine_flags): Set the flag.
(build_argv): Pass option to gpg.
* tests/run-keylist.c (show_usage, main): Add option --no-trust-check.
--
This makes the --no-auto-check-trustdb option available in the GPGME API
to disable the potentially expensive automatic trust database check.
GnuPG-bug-id: 6261
|
|
* src/gpgme.m4: Overriding the decision by --with-gpgme-prefix,
use gpgrt-config gpgme when gpgrt-config is available.
--
This may offer better migration.
GnuPG-bug-id: 5034
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.c (gpgme_set_global_flag): Add flag "inst-type".
* src/w32-util.c (_gpgme_set_get_inst_type): New.
(INST_TYPE_GPG4WIN_DIR): New.
(INST_TYPE_GPGDESK_DIR): New.
(_gpgme_get_gpgconf_path): Implement this flag. Replace fixed strings
by the macros.
* src/posix-util.c (_gpgme_set_get_inst_type): New dummy.
--
This is intended for use by Kleopatra to reliable find the expected
GnuPG installation.
|
|
* src/parsetlv.c (_gpgme_parse_tlv): Detect integer overflow.
--
Although there is no concrete case where we use for example
(to.nhdr+ti.length), it feels safer to protect against this anyway.
|
|
* src/sign.c (parse_sig_created): Special case the rfc4880 "1F" status.
--
This has always been wrong but we can't simply force strtol to assume
hex. Patch compiles but has received no specific test. For details
see
GnuPG-bug-id: 6223
|
|
* src/argparse.c (show_version): It's no args.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/import.c (parse_import): Handle invalid fingerprint case.
--
GnuPG-bug-id: 6187
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac (GPGME_CONFIG_CFLAGS): Prefix with -I${includedir} for
non-standard include paths.
(GPGME_CONFIG_LIBS): Prefix with -L${libdir} for non-standard library
paths.
* src/gpgme.pc.in (Cflags): Remove hard-coded -I${includedir}.
(Libs): Remove hard-coded -L${libdir}.
--
This helps prevent problems when building/linking something that depends
on gpgme (installed in standard path) and some other library (installed
in a standard path and a custom path).
See T6136 for related changes in libgpg-error.
|
|
* src/w32-util.c (_gpgme_get_gpgconf_path): Add fallback for
GnuPG VS-Desktop install scheme.
--
GnuPG VS-Desktop has the install layout:
%PROGRAMFILES%\GnuPG VS-Desktop\bin\libgpgme.dll
%PROGRAMFILES%\GnuPG VS-Desktop\GnuPG\bin\gpgconf.exe
This fallback is of course only required if the registry
string pointing to the correct install directory is
broken.
GnuPG-Bug-Id: T6131
|
|
* configure.ac (USE_GPGRT_CONFIG): New.
* src/Makefile.am [USE_GPGRT_CONFIG]: Conditionalize the install
of gpgme-config.
--
When system will migrate use of gpgrt-config and removal of
gpg-error-config, gpgme-config will not be installed (but use gpgme.pc
by gpgrt-config).
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_op_import_init_result.
--
This fixes a crash when importing keys from data. Initializing the
import result was missing for this keylist operation.
Fixes-commit: f3ca57dfd7af19f9b2fd01616a81dc889707a4d3
GnuPG-bug-id: 5951
|
|
* src/keylist.c (parse_sec_field15): Set SECRET flag.
--
Explicitly setting the SECRET flag for subkeys stored on smart cards
makes sure that the flag is also set if GPGME_KEYLIST_MODE_WITH_SECRET
is used when listing OpenPGP keys (as documented in the API
documentation). If secret keys are listed, then the flag is already set
when the packet type is parsed.
GnuPG-bug-id: 5965
|
|
* src/import.c (import_status_handler): Rename to ...
(_gpgme_import_status_handler): this. Make non-static.
(_gpgme_op_import_init_result): New.
(_gpgme_op_import_start, _gpgme_op_import_keys_start,
_gpgme_op_receive_keys_start): Call _gpgme_op_import_init_result.
* src/keylist.c (keylist_status_handler): Call
_gpgme_import_status_handler to handle import status lines.
(gpgme_op_keylist_start, gpgme_op_keylist_ext_start): Call
_gpgme_op_import_init_result.
* src/ops.h (_gpgme_op_import_init_result,
_gpgme_import_status_handler): New prototypes.
--
If a keylist operation with keylist mode GPGME_KEYLIST_MODE_LOCATE is
run, then gpg emits import status lines. Handling those status lines
allows users to retrieve the result of a --locate-(external)-keys
command.
GnuPG-bug-id: 5951
|
|
* src/gpgme.h.in (GPGME_KEYLIST_MODE_FORCE_EXTERN): New.
(GPGME_KEYLIST_MODE_LOCATE_EXTERNAL): New.
* src/gpgme.c (gpgme_set_keylist_mode): Check for invalid mode.
* src/engine-gpg.c (gpg_keylist_build_options): Use
"--locate-external-keys" instead of "--locate-keys" if flag is set.
* src/gpgme-json.c (op_keylist): New flag "force-extern".
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Handle
new mode.
--
GnuPG-bug-id: 5951
|
|
* src/decrypt.c (op_data_t): Add field symdecrypt_failed.
(parse_status_error): Handle BAD_PASSPHRASE error code.
(_gpgme_decrypt_status_handler): Consult new field.
--
Return a bad passphrase error if the failure during symmetric decryption
is likely caused by the user entering a wrong passphrase. The special
error code of a failed public key decryption takes precedence.
GnuPG-bug-id: 5939
|
|
* configure.ac (nanosleep): Detect.
* src/assuan-support.c: Don't use __assuan_usleep.
(my_socketpair): Don't use __assuan_socketpair.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/posix-io.c: Don't include ath.h.
(_gpgme_io_read): Call read directly.
(_gpgme_io_write): Call write directly.
(_gpgme_io_waitpid): Call waitpid directly.
(_gpgme_io_select_select): Call select directly.
(_gpgme_io_recvmsg): Call recvmsg directly.
(_gpgme_io_sendmsg): Call sendmsg directly.
(_gpgme_io_connect): Call connect directly.
* src/assuan-support.c: Don't include ath.h.
(my_waitpid): Call waitpid directly.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/engine-backend.h (keylist_data): Add MODE argument.
* src/engine-gpg.c (gpg_keylist_data): Add MODE argument.
* src/engine.c (_gpgme_engine_op_keylist_data): Likewise.
* src/engine.h (_gpgme_engine_op_keylist_data): Declaration.
* src/keylist.c (gpgme_op_keylist_from_data_start): Call
_gpgme_engine_op_keylist_data with ctx->keylist_mode.
--
GnuPG-bug-id: 5438
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_receive_keys_start, gpgme_op_receive_keys):
New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-backend.h (struct engine_ops): Add arg keyids to field
'import'.
* src/engine.h, src/engine.c (_gpgme_engine_op_import): Add arg keyids.
* src/engine.c (_gpgme_engine_op_import): Forward new arg keyids.
* src/import.c: (_gpgme_op_import_start, _gpgme_op_import_keys_start):
Pass NULL to new arg of _gpgme_op_import_start.
(_gpgme_op_receive_keys_start, gpgme_op_receive_keys_start,
gpgme_op_receive_keys): New.
* src/engine-gpg.c (gpg_import): Add arg keyids. Extend check for
valid arguments. Build command line if keyids are given.
* src/engine-gpgsm.c (gpgsm_import): Add arg keyids. Return error if
keyids is not NULL.
tests/run-receive-keys.c: New.
tests/Makefile.am (noinst_PROGRAMS): Add new test runner.
--
The new function allows importing keys given by their key ids or
fingerprints from a keyserver (like gpg's --recv-keys command).
GnuPG-bug-id: 5808
|
|
src/export.c (export_status_handler): Handle "export_keys.secret".
--
This allows callers of the synchronous export operations to react
properly to errors (e.g. wrong passphrase) during the export of secret
keys.
GnuPG-bug-id: 5766
|
|
* src/gpgme-tool.c (hlp_export): Add new option.
* tests/run-export.c (show_usage): Print new option.
--
GnuPG-bug-id: 5757
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New.
* src/export.c (check_mode): Allow new mode and check for invalid
combinations.
(export_keys_start): Return error if new mode flag is set.
* src/engine-gpg.c (export_common): Implement.
* src/gpgme-tool.c (cmd_export): New option --secret-subkey.
* tests/run-export.c (main): New option --secret-subkey.
--
This adds support for exporting secret subkeys (via gpg's
--export-secret-subkeys) to gpgme_op_export[_ext][_start].
The flag is not supported by gpgme_op_export_keys[_start] because
there is no way to specify which subkey(s) to export with these
functions.
GnuPG-bug-id: 5757
|
|
src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Return error if an
unsupported mode flag is set.
--
The minimal mode flag has no effect for X.509 certificates, but we still
treat it as supported (as documented in the API documentation).
GnuPG-bug-id: 5757
|
|
* src/export.c (check_mode): Return error if ssh mode is combined with
another mode flag.
--
The SSH mode flag cannot be used in combination with other flags.
GnuPG-bug-id: 5757
|
|
* src/export.c (check_mode): New.
(export_start, export_ext_start): Call check_mode.
--
GnuPG-bug-id: 5757
|
|
* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.
* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.
* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--
When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.
GnuPG-bug-id: 5713
|
|
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".
* tests/run-import.c (main): Add option --import-filter.
--
This makes the --import-filter option available in the GPGME API for
key imports.
GnuPG-bug-id: 5739
|
|
* src/engine-gpg.c (gpg_import): Do not pass --key-origin option to
gpg if gpg is too old.
--
GnuPG-bug-id: 5733
|
|
* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".
* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--
This makes the --key-origin option available in the GPGME API for
key imports.
GnuPG-bug-id: 5733
|
|
* src/dirinfo.c (WANT_KEYBOXD_NAME, WANT_AGENT_NAME, WANT_SCDAEMON_NAME,
WANT_DIRMNGR_NAME, WANT_PINENTRY_NAME): New.
(dirinfo): Add fields keyboxd_name, agent_name, scdaemon_name,
dirmngr_name, pinentry_name.
(parse_output): Support "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry".
(get_gpgconf_item): Return new components.
tests/t-engine-info.c (main): Add new components to the output.
--
GnuPG-bug-id: 5727
|
|
* src/engine-gpgconf.c (gpgconf_parse_option): Skip the string
indicator if it is not the empty string.
--
Some versions of GnuPG (~2.2.28 to 2.2.33) returned a compliance
indicator which should be an int but actually used string as type.
Simply skipping the indicator without checking that this is the
indicator does not allow to work around this type mismatch by the
gpgme users.
|
|
* src/dirinfo.c (WANT_SOCKETDIR): New.
(dirinfo): Add field socketdir.
(parse_output): Support "socketdir".
(get_gpgconf_item): Return socketdir.
* tests/t-engine-info.c (main): Add socketdir to the output.
* src/w32-util.c (_gpgme_create_process_utf8): Fix indentation.
--
GnuPG-bug-id: 5613
This is not strictly necessary because we could deduce this from one
of the other socket info items but it is more clean to have a
dedicated info item. The socketdir item is available for 5 years now
(GnuPG commit 8e3fa5a4b205c534de2142e5d071712f957cf06a)
|
|
* configure.ac (HAVE_POLL_H): Add the check.
* src/ath.c [!HAVE_POLL_H] (ath_select): Enable conditionally.
* src/posix-io.c [HAVE_POLL_H] (_gpgme_io_select_poll): Use poll.
* tests/gpg/t-cancel.c [HAVE_POLL_H] (do_select): Use poll.
* tests/gpg/t-eventloop.c [HAVE_POLL_H] (do_select): Use poll.
--
GnuPG-bug-id: 2385
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.pc.in (Require): Move gpg-error, libassuan to...
(Requires.private): ... here.
(Cflags): Add -I${includedir}.
(Libs): Add -L${libdir}.
--
This will result better library dependency for applications using
gpgme. It will break build of an application which directly uses
gpg-error or libassuan without specifying them (which means, depending
on redundant/wrong gpgme.pc).
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* configure.ac (AC_C_FLEXIBLE_ARRAY_MEMBER): Add.
* src/engine-gpg.c (struct arg_and_data_s): Use FLEXIBLE_ARRAY_MEMBER.
(_add_arg): Use offsetof instead of sizeof.
(add_data): Likewise.
--
Before this fix, GCC 11 warns (with its bound checking feature).
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
src/debug.h (TRACE_SYSRES_OFF_T, _trace_sysres_off_t,
TRACE_SYSRES_SSIZE_T, _trace_sysres_ssize_t): New.
src/data.c (gpgme_data_read, gpgme_data_write, gpgme_data_seek): Use
appropriate new tracing macros instead of casting the results to int.
--
This change adds tracing macros for results of system functions of
type __off_t and __ssize_t.
GnuPG-bug-id: 5481
|
|
* src/posix-io.c (_gpgme_io_spawn): Use glibc's closefrom.
--
Since 2.34, glibc introduces closefrom (the implementation
follows *BSD standard).
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".
* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--
The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.
GnuPG-bug-id: 5336, 5505
|
|
* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.
* src/conversion.c (_gpgme_wipememory): New. Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.
* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--
GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data-identify.c (basic_detection): Add OID.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.
--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.
GnuPG-Bug-Id: T5478
|
|
* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS
--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.
|
|
* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--
This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--
Fixes-commit: 276187f6b62a73e92b1c20f589510f80ab9e88d2
Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.
|
|
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--
The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.
GnuPG-bug-id: 5245, 5419
|
|
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.
* tests/run-keysign.c (show_usage): Add option --force
--
GnuPG-bug-id: 4584
|
|
* src/export.c (export_start): Remove GPGME_EXPORT_MODE_NOUID check.
* src/engine-gpg.c (export_common): Ditto.
--
Note that this constant was never announed and used only for internal
tests. It made it into some release only by accident.
The constants is kept in gpgme.h to not break any code but it is
non-fucntionals. We do not consider this an ABI break.
GnuPG-bug-id: 5284
|
