From 85627e58184529e982369cfc00ed7865244c13d6 Mon Sep 17 00:00:00 2001 From: Andre Heinecke Date: Wed, 12 Sep 2018 09:42:09 +0200 Subject: core: Add trust-model flag * src/context.h (gpgme_context): Extend with trust_model. * src/engine-gpg.c (engine_gpg): Extend with trust_model. (gpg_set_engine_flags): Take trust_model from context. (build_argv): Handle trust_model. (gpg_release): Free trust_model. * src/gpgme.c (gpgme_set_ctx_flag): Handle trust-model flag. (gpgme_release): Release trust-model. * doc/gpgme.texi: Document new flag for gpgme_set_ctx_flag. (Context Flags): New subsection for the context flags. * tests/run-keylist.c (show_usage, main): Add new --trust-model parameter. -- This gives a GPGME user fine grained control over the trust-model. Changing the trust model for only a single application depends on: GnuPG-Bug-Id: T4134 Maniphest Tasks: T4134 Differential Revision: https://dev.gnupg.org/D466 --- src/context.h | 3 +++ src/engine-gpg.c | 23 +++++++++++++++++++++++ src/gpgme.c | 8 ++++++++ 3 files changed, 34 insertions(+) (limited to 'src') diff --git a/src/context.h b/src/context.h index 1c9379b8..d65bf9b5 100644 --- a/src/context.h +++ b/src/context.h @@ -162,6 +162,9 @@ struct gpgme_context char *lc_ctype; char *lc_messages; + /* The optional trust-model override. */ + char *trust_model; + /* The operation data hooked into the context. */ ctx_op_data_t op_data; diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 28333742..aed933e1 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -141,6 +141,7 @@ struct engine_gpg gpgme_pinentry_mode_t pinentry_mode; char request_origin[10]; char *auto_key_locate; + char *trust_model; struct { unsigned int no_symkey_cache : 1; @@ -455,6 +456,7 @@ gpg_release (void *engine) if (gpg->cmd.keyword) free (gpg->cmd.keyword); free (gpg->auto_key_locate); + free (gpg->trust_model); gpgme_data_release (gpg->override_session_key); gpgme_data_release (gpg->diagnostics); @@ -669,6 +671,14 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx) ctx->auto_key_locate, NULL); } + if (ctx->trust_model && strlen (ctx->trust_model)) + { + if (gpg->trust_model) + free (gpg->trust_model); + gpg->trust_model = _gpgme_strconcat ("--trust-model=", + ctx->trust_model, NULL); + } + gpg->flags.no_symkey_cache = (ctx->no_symkey_cache && have_gpg_version (gpg, "2.2.7")); gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23")); @@ -981,6 +991,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname) argc++; } + if (gpg->trust_model) + { + argv[argc] = strdup (gpg->trust_model); + if (!argv[argc]) + { + int saved_err = gpg_error_from_syserror (); + free (fd_data_map); + free_argv (argv); + return saved_err; + } + argc++; + } + if (gpg->flags.no_symkey_cache) { argv[argc] = strdup ("--no-symkey-cache"); diff --git a/src/gpgme.c b/src/gpgme.c index 2d829d9b..3d72f695 100644 --- a/src/gpgme.c +++ b/src/gpgme.c @@ -250,6 +250,7 @@ gpgme_release (gpgme_ctx_t ctx) free (ctx->override_session_key); free (ctx->request_origin); free (ctx->auto_key_locate); + free (ctx->trust_model); _gpgme_engine_info_release (ctx->engine_info); ctx->engine_info = NULL; DESTROY_LOCK (ctx->lock); @@ -554,6 +555,13 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value) if (!ctx->auto_key_locate) err = gpg_error_from_syserror (); } + else if (!strcmp (name, "trust-model")) + { + free (ctx->trust_model); + ctx->trust_model = strdup (value); + if (!ctx->trust_model) + err = gpg_error_from_syserror (); + } else err = gpg_error (GPG_ERR_UNKNOWN_NAME); -- cgit v1.2.3