| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/json-common.h (GPGME_JSON_COMMON_H): Fix guard.
--
Reported-by: Collin Funk <[email protected]>
Fixes-commit: d7267db472a4e4f65c8139f68d9d976c64b79636
|
|
* src/json-core.c (json_core_process_request): Fix leak and worng
formatting in interactive mode in case of an error.
|
|
* src/gpgme-json.c: Factor large chunks of code out to ...
* src/json-core.c: new file and ...
* src/json-util.c: new file and ...
* src/json-common.h: new file.
* src/Makefile.am (gpgme_json_SOURCES): Add new files.
|
|
* src/engine-gpg.c (gpg_add_algo_usage_expire): Add "default" as
algorithm argument if algo is NULL or an empty string.
--
|
|
* src/engine-gpg.c (gpg_add_algo_usage_expire): Check flags for
GPGME_CREATE_GROUP flag.
--
With this change a cert-only group-owned key will be created if only the
group flag is set.
|
|
* src/gpgme.h.in (GPGME_CREATE_GROUP): New.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Pass to engine.
* tests/run-genkey.c (parse_usage_string): Support here too.
|
|
* src/gpgme.h.in (struct _gpgme_subkey): Chnage timestamp and expires.
(struct _gpgme_key_sig): Ditto.
(struct _gpgme_new_signature): Ditto.
--
Note that unsigned long has always been used for gpgme_signature_t.
A change to time_t would be a real ABI change and require may users of
gpgme to adjust their code. The signed/unsigned change is sufficient
and mostly invisible.
|
|
* src/engine-gpg.c (append_args_from_signers): Detect exactly
specified keys and apped the '!' suffix.
--
Due to the ABI break which removed long long deprecated functions we
can also risk to introduce a slight semantic change in the way signer
keys are specified. The change is that iff a subkey-fingerprint with
the '!' suffix was used to lookup a signer's key we now use this
specific subkey and not any key gpg considers to be a good signing
subkey. Most people would have considered the old behaviour anyway as
a bug because it differs from what gpg uses at the command line.
GnuPG-bug-id: 3325
Suggested-by: Benjamin Kibbey
|
|
* src/gpgme.h.in (struct _gpgme_subkey): New flag subkey_match.
* src/keylist.c (spacep): New.
(op_data_t): Add field requested_subkey.
(release_op_data): Free it.
(exact_match_pattern): New.
(maybe_setup_for_requested_subkey): New.
(gpgme_op_keylist_start): Call it here.
(gpgme_op_keylist_ext_start): Call it for each pattern until one
found.
(gpgme_op_keylist_next): Set the subkey_match field.
---
This is needed for
GnuPG-bug-id: 3325
|
|
* src/gpgme.h.in (GPGME_DECRYPT_LISTONLY): New.
* src/decrypt.c (op_data_t): Add member list_only.
(_gpgme_decrypt_status_handler): Do not return NO_DATA in list_only
mode.
(_gpgme_op_decrypt_init_result): Add arg flags and set the list_only
flag.
(_gpgme_decrypt_start): Pss flags to the init function.
* src/decrypt-verify.c (decrypt_verify_start): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add --list-only if flag is set.
* tests/run-decrypt.c (main): Add option --list-only.
|
|
* src/genrandom.c (getrandom_size_t): New.
(gpgme_op_random_value): New.
* src/gpgme.def: Add new function.
* src/libgpgme.vers: Ditto.
* src/gpgme.h.in: Add prototype.
* tests/run-genrandom.c: Add an option to use the new function.
--
The implementation is not optimized but sufficient for our use case.
Possible improvements for this and gpgme_op_random_bytes are a cache
for random bytes in the context so that we do not need to get out to
gpgme for just a few random bytes.
GnuPG-bug-id: 6694
|
|
* src/genrandom.c: New.
* src/Makefile.am: Add new file.
* src/engine-backend.h (struct engine_ops): Add func ptr getdirect.
Adjust all engine_ops.
* src/engine-gpg.c (gpg_getdirect): New.
(_gpgme_engine_ops_gpg): Connect new handler.
* src/gpgme.h.in (gpgme_random_mode_t): New.
(GPGME_RANDOM_MODE_NORMAL): New.
(GPGME_RANDOM_MODE_ZBASE32): New.
(gpgme_op_random_bytes): New public function
* src/libgpgme.vers: Add function.
* src/gpgme.def: Add function.
* tests/run-genrandom.c: New.
* tests/Makefile.am: Add new file.
--
This is a first take on this the mode parameter allows to extend the
function if ever needed. Due to the gpg calling and fd setup overhead
this function is not yet very fast but its purpose is to get
"approved" random bytes. We might eventually extend it to keep a
small internal cache of random numbers and get for example 128 random
bytes directly from gpg and deliver only the few required.
GnuPG-bug-id: 6694
|
|
* src/engine.c (_gpgme_engine_op_trustlist): Remove.
* src/libgpgme.vers (gpgme_op_trustlist_end)
(gpgme_op_trustlist_next)
(gpgme_op_trustlist_start): Remove.
* src/gpgme.def: Ditto.
* src/key.c (otrust_to_string)
(validity_to_string)
(capabilities_to_string)
(get_keysig): Remove
|
|
* src/trust-item.c: Remove file.
* src/trustlist.c: Remove file.
* src/Makefile.am (main_sources): Remove those files.
* src/gpgme.h.in (GPGME_EVENT_NEXT_TRUSTITEM): Remove.
(gpgme_trust_item_t, GpgmeTrustItem): Remove.
(gpgme_op_trustlist_start): Remove.
(gpgme_op_trustlist_next): Remove.
(gpgme_op_trustlist_end): Remove.
(gpgme_trust_item_ref): Remove.
(gpgme_trust_item_unref, gpgme_trust_item_release): Remove.
* src/gpgme.def: Remove removed functions.
* src/libgpgme.vers: Ditto.
--
The GPGME_ATTR_foo based functions are deprecated since 2003 and it is
time to remove them now.
The trustlist functions never worked:
This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme in 2003. It was anyway marked as experimental.
They even returned GPG_ERR_NOT_IMPLEMENTED since gpgme 1.14.0 (summer
2000) instead of failing with a incomprehensible error code.
GnuPG-bug-id: 4834
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_NOUID): Remove. This was a
left-over from an experiment.
(gpgme_attr_t,_gpgme_attr_t) Remove. Deprecated sinze 2003.
(gpgme_get_sig_ulong_attr): Ditto.
(gpgme_get_sig_string_attr): Ditto.
(gpgme_key_get_string_attr): Ditto.
(gpgme_key_get_ulong_attr): Ditto.
(gpgme_key_sig_get_string_attr): Ditto.
(gpgme_key_sig_get_ulong_attr): Ditto.
(gpgme_trust_item_get_string_attr): Ditto.
(gpgme_trust_item_get_int_attr): Ditto.
* src/gpgme.def: Remove them here too.
* src/libgpgme.vers: Ditto.
* src/trust-item.c: Remove corresponding implementations.
* src/verify.c: Ditto.
* src/key.c: Ditto.
|
|
--
|
|
* src/gpgme.c (gpgme_pubkey_algo_string): Consider all RSA variants.
--
Fixes-commit: 62b6c1f16ae0ed7b0eb1b095ee383aa0910314bb
GnuPG-bug-id: 7508
|
|
* configure.ac (HAVE_GETTID,HAVE_SYS_GETTID): New test.
* src/debug.c: Include syscall.h if needed.
(tid_log_callback) [HAVE_SYS_GETTID]: Use SYS_gettid
--
Linux introduced the gettid syscall with 2.4.11 but glibc only with
its version 2.30. This patch allows building on older platforms.
Co-authored-by: lgh1
|
|
* src/gpgme.h.in (GPGME_PK_KYBER): New.
* src/conversion.c (_gpgme_map_pk_algo): Handle Kyber.
* src/gpgme.c (gpgme_pubkey_algo_string): Support Kyber.
(gpgme_pubkey_algo_name): Add Kyber.
|
|
|
|
* autogen.sh: Update to version 2024-07-04 from libgpg-error.
* configure.ac (BUILD_COMMITID): New. Append to VERSION file.
* src/version.c (cright_blurb): Use BUILD_COMMITID here.
|
|
* src/gpgme.c (gpgme_set_ctx_flag): Add "known-notations".
(gpgme_get_ctx_flag): Ditto.
(gpgme_release): Free variable.
* src/context.h (struct gpgme_context): Add "known_notations".
* src/engine-gpg.c (struct engine_gpg): Add "known_notations".
(gpg_release): Free variable.
(gpg_set_engine_flags): Set variable.
(add_known_notations): New.
(gpg_decrypt, gpg_verify): Call function.
* tests/run-decrypt.c (main): Add option --known-notations.
* tests/run-verify.c (main): Ditto.
--
GnuPG-bug-id: 4060
|
|
* src/conversion.c (spacep): New.
(_gpgme_strtokenize): New.
--
Function taken from GnuPG and license changed to LGPL 2.1. The
version in GnuPG was entirely written by the author.
|
|
* src/engine-gpg.c: Pass --gpg-args before passing --proc-all-sigs
if using gpgtar
--
GnuPG-Bug-ID: 7320
|
|
* src/gpgme.h.in (struct _gpgme_subkey): Add field beta_compliance.
(struct _gpgme_op_decrypt_result): Ditto.
(struct _gpgme_signature): Ditto.
* src/util.h (PARSE_COMPLIANCE_FLAGS): Handle the new 2023 value.
* tests/run-decrypt.c: Append a "(beta)" to the vs-de compliance.
* tests/run-keylist.c: Ditto.
* tests/run-verify.c: Ditto.
--
See GnuPG commit b287fb577587655559fefb90f7ed90c9a15dc6a3
|
|
* src/engine-gpg.c (gpg_addadsk): Extend the version check.
|
|
src/encrypt-sign.c (encrypt_sym_status_handler): Add call of
_gpgme_encrypt_status_handler.
(encrypt_sign_start): Call _gpgme_op_encrypt_init_result with
success_required=1 if archive is created. Always call
_gpgme_op_sign_init_result with success_required=0 because the encrypt
status handler already checks for SUCCESS.
src/encrypt.c (op_data_t): Add success_seen flag.
(_gpgme_encrypt_status_handler): Return error if we didn't see a
required SUCCESS on GPGME_STATUS_EOF. Set success_seen flag on
GPGME_STATUS_SUCCESS.
(encrypt_sym_status_handler): Add call of _gpgme_encrypt_status_handler.
(_gpgme_op_encrypt_init_result): Add argument success_required. Set
success_seen flag if SUCCESS is not required.
(encrypt_start): Call _gpgme_op_encrypt_init_result with
success_required=1 if archive is created.
src/ops.h (_gpgme_op_sign_init_result, _gpgme_op_encrypt_init_result):
Add argument success_required to prototypes.
src/sign.c (op_data_t): Add success_seen flag.
(_gpgme_sign_status_handler): Return error if we didn't see a
required SUCCESS on GPGME_STATUS_EOF. Set success_seen flag on
GPGME_STATUS_SUCCESS.
(sign_init_result): Add argument success_required. Set success_seen
flag if SUCCESS is not required.
(_gpgme_op_sign_init_result): Add argument success_required and
forward it to sign_init_result.
(sign_start): Call sign_init_result with success_required=1 if archive
is created.
--
gpgtar emits a SUCCESS status just before successful termination. If the
process terminates unexpectedly (e.g. because it's killed) then gpgme
now reports GPG_ERR_EOF. The SUCCESS status is only required if a
signed and/or encrypted archive is created which is only supported for
OpenPGP. The other engines reject the GPGME_ENCRYPT_ARCHIVE flag so that
we don't need to check the protocol in the generic code.
This change also adds handling of invalid recipients in case symmetric
encryption is used which makes sense because one can combine symmetric
and public key encryption.
GnuPG-bug-id: 6554
|
|
* src/gpgme.h.in (GPGME_ENCRYPT_ADD_RECP, GPGME_ENCRYPT_CHG_RECP):
New flag values.
* src/engine-gpg.c (have_cmd_modify_recipients): New.
(gpg_encrypt): Check availability of the feature and prepare command.
* tests/run-encrypt.c (main): New options --add-recipients
and --change-recipients.
--
GnuPG-bug-id: 1825
|
|
* src/key.c (_gpgme_key_append_name): Support email-only user IDs with
upper case letters.
* tests/gpg/t-keylist.c (struct key_info_s): Add algo, length, sec_algo,
sec_length.
(keys): Add expected algo and length for primary and secondary subkeys.
(main): Factor out code for checking a key and the code for the keylist
test. Call the factored out test function and a new test function.
(check_key, test_keylist, key_with_email_only_user_id,
key_info_email_only_user_id,
test_email_only_user_id_with_upper_case_letters): New.
--
Email-only user IDs with upper case letters are now also parsed as a
user ID with empty name and the complete user ID as email.
GnuPG-bug-id: 7280
|
|
* src/context.h (struct gpgme_context): Add proc_all_sigs.
* src/gpgme.c (gpgme_set_ctx_flag): Add flag "proc-all-sigs".
(gpgme_get_ctx_flag): Ditto.
* src/engine-gpg.c (engine.gpg): Add flags.proc_all_sigs.
(have_option_proc_all_sigs): New.
(gpg_set_engine_flags): Set flag from context.
(build_argv): Add --proc-all-sigs if requested and supported.
--
GnuPG-bug-id: 7261
|
|
* src/Makefile.am (main_sources): Add new file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETOWNERTRUST.
* src/engine.c, src/engine.h (_gpgme_engine_op_setownertrust): New.
* src/engine-backend.h (engine_ops): Add 'setownertrust' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setownertrust): New.
(_gpgme_engine_ops_gpg): Set setownertrust to gpg_setownertrust.
* src/gpgme.h.in (gpgme_op_setownertrust_start, gpgme_op_setownertrust):
New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/setownertrust.c: New.
* doc/gpgme.texi: Document new functions.
* tests/Makefile.am (noinst_PROGRAMS): Add new test program.
* tests/run-setownertrust.c: New.
* tests/gpg/Makefile.am (c_tests): Add new file. (LDADD): Add
@GPG_ERROR_LIBS@.
* tests/gpg/t-setownertrust.c: New.
* tests/gpg/t-support.h (have_gpg_version): New.
--
This extends GPGME to support the --quick-set-ownertrust command added
by GnuPG 2.4.6. This allows changing the owner trust of keys and
enabling/disabling keys without using the editinteractor interface.
GnuPG-bug-id: 7239
|
|
* src/version.c (do_subsystem_inits) [W32]: Switch gettext to UTF-8
for current thread and all new threads.
--
We did already enable UTF-8, but it was only effective for the main
thread. Now we enable it also for all new threads (if supported by
libgpg-error). This way debug output in background threads now also
uses UTF-8.
GnuPG-bug-id: 7188
|
|
* src/isascii.c, src/putc_unlocked.c: Remove.
--
I noticed those files when I compared the content of the dist tarball
with the repo.
|
|
* src/gpgme-tool.c (gt_get_keylist_mode): Increase NR_KEYLIST_MODES to
number of keylist modes. Add support for GPGME_KEYLIST_MODE_WITH_TOFU,
GPGME_KEYLIST_MODE_WITH_KEYGRIP, GPGME_KEYLIST_MODE_WITH_V5FPR. Write
all modes.
(hlp_keylist_mode): List all supported keylist modes.
(cmd_keylist_mode): Add support for GPGME_KEYLIST_MODE_WITH_TOFU,
GPGME_KEYLIST_MODE_WITH_KEYGRIP, GPGME_KEYLIST_MODE_WITH_V5FPR.
--
This fixes the possible overrun reported by Michal Hlavinka and adds
support for all keylist modes.
|
|
* src/w32-util.c (_gpgme_w32_cancel_synchronous_io): Use HANDLE.
--
GnuPG-bug-id: 6634
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/debug.h (_trace_sysres_off_t): Use 'z' length specifier.
* src/w32-io.c (_gpgme_io_read): Likewise.
(writer, _gpgme_io_write): Likewise.
--
GnuPG-bug-id: 7187
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/Makefile.am (system_components): We don't use ath.h any more.
(main_sources): Remove ath.h and ath.c.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/debug.c [HAVE_W32_SYSTEM or __linux] (tid_log_callback): Use
native thread ID call for Windows and Linux, ifdef-out-ed.
(debug_init): Only call gpgrt_log_set_pid_suffix_cb for relevant
systems.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/b64dec.c: Remove.
* src/Makefile.am (main_sources): Remove b64dec.c.
* src/data-identify.c (pgp_binary_detection): Use gpgrt_b64dec in
libgpg-error.
--
gpgrt_b64dec is available in libgpg-error 1.27 and it is already in
use by JSON support.
GnuPG-bug-id: 7180
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
gpgm4.m4 (_AM_PATH_GPGRT_CONFIG): Don't set GPG_ERROR_CONFIG and
gpg_error_config_version.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/context.h (struct gpgme_context): New field import_options.
* src/engine-backend.h (struct engine_ops): Add arg import_options to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_options and pass option
--import-options with argument value to gpg.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_options.
* src/engine.c (_gpgme_engine_op_import): Add arg import_options and
pass option to import function of engine.
* src/engine.h (_gpgme_engine_op_import): Add arg import_options.
* src/gpgme.c (gpgme_release): Free 'import_options'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-options".
* src/import.c (_gpgme_op_import_start, _gpgme_op_import_keys_start,
_gpgme_op_receive_keys_start): Pass import options stored in context to
_gpgme_engine_op_import.
* tests/run-import.c (show_usage, main): Add option --import-options.
--
This makes the --import-options option available in the GPGME API for
key imports.
GnuPG-bug-id: 7152
|
|
src/conversion.c, src/util.h (_gpgme_replace_backslashes): New.
src/engine-gpg.c (_add_arg): Add argument file_name. On Windows, replace
backslashes in file name arguments with forward slashes.
(add_arg_ext, add_arg_with_locp, add_arg, add_arg_pfx, add_gpg_arg,
add_gpg_arg_with_value, add_arg_len): Adjust call of _add_arg.
(add_file_name_arg, add_file_name_arg_len, add_gpg_arg_with_file_name):
New.
(add_file_name_arg_or_data): Call add_file_name_arg for file name.
(gpg_new): Call add_gpg_arg_with_file_name for home directory.
(gpg_decrypt): Call add_file_name_arg for output directory and output
file name.
(append_args_from_recipients_string): Call add_file_name_arg_len for
recipients file name.
(gpg_encrypt): Call add_file_name_arg for output file name, base
directory and input file name. Call add_gpg_arg_with_file_name to set
file name stored in message.
(gpg_encrypt_sign): Call add_file_name_arg for output file name, base
directory and input file name. Call add_gpg_arg_with_file_name to set
file name stored in message.
(gpg_sign): Call add_file_name_arg for output file name, base directory
and input file name. Call add_gpg_arg_with_file_name to set file name
stored in message.
(gpg_verify): Call add_file_name_arg for output directory and output
file name.
--
By passing all file names with forward slashes to gpg and gpgtar we
avoid problems caused by the quoting of backslashes.
GnuPG-bug-id: 7141
|
|
* src/engine-gpg.c: Add and use function for adding ADSKs.
* src/genkey.c: Prevent error due to no status line.
* src/gpgme.h.in: Add flag GPGME_CREATE_ADSK
* doc/gpgme.texi: Add documentation for ADSKs
* tests/run-genkey.c: Add test for adding ADSKs
--
This adds the ability to add ADSKs through
the gpgme_createsubkey interface.
The function must be called with NULL userid,
the ADSK fingerprint in algo
and the GPGME_CREATE_ADSK flag.
|
|
* src/gpgme-json.c (revocation_key_to_json): New.
(key_to_json): Add list of revocation keys.
* tests/json/Makefile.am (pubring-stamp): Import new pub key.
* tests/json/key-with-revokers.asc: New.
* tests/json/t-json.c (tests): Add "t-keylist-revokers".
* tests/json/t-keylist-revokers.in.json,
tests/json/t-keylist-revokers.in.json: New.
--
GnuPG-bug-id: 7118
|
|
* src/gpgme.h.in (struct _gpgme_revocation_key,
gpgme_revocation_key_t): New.
(struct _gpgme_key): Add fields 'revkeys', '_last_revkey'.
* src/key.c (_gpgme_key_add_rev_key): New.
(gpgme_key_unref): Free revkeys.
* src/keylist.c (keylist_colon_handler): Parse rvk lines.
* src/ops.h (_gpgme_key_add_rev_key): New.
* tests/run-keylist.c (main): Print revocation key info.
--
GnuPG-bug-id: 7118
|
|
* src/engine.c (_gpgme_set_engine_info): Change engine_get_version.
--
GnuPG-bug-id: 6369
|
|
* src/gpgme.m4 (AM_PATH_GPGME): Add AC_CANONICAL_HOST.
--
GnuPG-bug-id: 7114
Reported-by: Andreas Metzler
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/gpgme.m4 (_AM_PATH_GPGRT_CONFIG): Update.
--
Signed-off-by: NIIBE Yutaka <[email protected]>
|
|
* src/import.c (op_data_t): Add failure_code.
(_gpgme_import_status_handler): Set it. Return it on EOF.
--
GnuPG-bug-id: 7036
|
|
* src/engine-gpg.c (gpg_verify): Add "--verify" to command line.
--
Since GnuPG 2.1.16 --verify writes the signed data to the file specified
by --output. Explicitly telling gpg that we want to verify signed data
frees gpg from guessing what we want and avoids the corresponding
warning "no command supplied. Trying to guess what you mean ..."
GnuPG-bug-id: 6907
|
