30cdf13284
2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.texi (Verify): Rewritten to take into account new and deprecated functions and data types. gpgme/ 2003-04-28 Marcus Brinkmann <marcus@g10code.de> * gpgme.h (struct _gpgme_sig_notation): New structure. (GpgmeSigNotation): New type. (struct _gpgme_signature): New structure. (GpgmeSignature): New type. (struct _gpgme_op_verify_result): New structure. (GpgmeVerifyResult): New type. (gpgme_op_verify_result): New prototype. (gpgme_get_notation): Remove prototype. * ops.h (_gpgme_op_verify_init_result): New prototype. (_gpgme_verify_status_handler): Change first argument to void *. * util.h (_gpgme_decode_percent_string, _gpgme_map_gnupg_error): New prototypes. * conversion.c (_gpgme_decode_percent_string): New function. (gnupg_errors): New static global. (_gpgme_map_gnupg_error): New function. * gpgme.c (gpgme_release): Don't release CTX->notation. (gpgme_get_notation): Remove function. * decrypt-verify.c (_gpgme_op_decrypt_verify_start): Call _gpgme_op_verify_init_result. * verify.c: Do not include <stdio.h>, <assert.h> and "key.h", but do include "gpgme.h". (struct verify_result): Replace with ... (op_data_t): ... this type. (release_verify_result): Remove function. (release_op_data): New function. (is_token): Remove function. (skip_token): Remove function. (copy_token): Remove function. (gpgme_op_verify_result): New function. (calc_sig_summary): Rewritten. (finish_sig): Remove function. (parse_new_sig): New function. (parse_valid_sig): New function. (parse_notation): New function. (parse_trust): New function. (parse_error): New function. (_gpgme_verify_status_handler): Rewritten. Change first argument to void *. (_gpgme_op_verify_start): Rework error handling. Call _gpgme_op_verify_init_result. (gpgme_op_verify): Do not release or clear CTX->notation. (gpgme_get_sig_status): Rewritten. (gpgme_get_sig_string_attr): Likewise. (gpgme_get_sig_ulong_attr): Likewise. (gpgme_get_sig_key): Likewise.
108 lines
4.5 KiB
Plaintext
108 lines
4.5 KiB
Plaintext
Hey Emacs, this is -*- outline -*- mode!
|
|
|
|
* ABI's to break:
|
|
** All result returns will be done as structs, not as XML. !!!
|
|
** Make sure that all results can be gotten in asynchronous mode (ie, avoid
|
|
returning information in the blocking version as function arguments).
|
|
** Drop the support for finding out if an operation is pending. After all, one
|
|
or two more ways for a user to shoot themselves in the foot don't matter.
|
|
** Compatibility interfaces that can be removed in future versions:
|
|
*** gpgme_data_new_from_filepart
|
|
*** gpgme_data_new_from_file
|
|
*** gpgme_data_new_with_read_cb
|
|
*** gpgme_data_rewind
|
|
*** GPGME_Busy, GPGME_No_Request
|
|
*** GPGME_No_Passphrase
|
|
*** GPGME_Invalid_Recipient, GPGME_No_Recipients
|
|
*** GPGME_No_Passphrase
|
|
*** gpgme_op_import_ext
|
|
*** gpgme_get_sig_key
|
|
*** gpgme_get_sig_ulong_attr
|
|
*** gpgme_get_sig_string_attr
|
|
*** GPGME_SIG_STAT_*
|
|
*** gpgme_get_sig_status
|
|
|
|
* Thread support:
|
|
** Build thread modules for static linking (which just suck in the
|
|
desired symbols the hard way). !!
|
|
|
|
* New features:
|
|
** notification system
|
|
We need a simple notification system, probably a simple callback
|
|
with a string and some optional arguments. This is for example
|
|
required to notify an application of a changed smartcard, The
|
|
application can then do whatever is required. There are other
|
|
usages too. This notfication system should be independent of any
|
|
contextes of course.
|
|
** --learn-code support
|
|
This might be integrated with import. we still need to work out how
|
|
to learn a card when gpg and gpgsm have support for smartcards.
|
|
** set_locale for thread safe and env independent locale selection.
|
|
|
|
* Documentation
|
|
** Add note about GPGME clearing out pointer return values.
|
|
** validity/trust
|
|
|
|
* Engines
|
|
** Do not create/destroy engines, but create engine and then reset it.
|
|
Internally the reset operation still spawns a new engine process,
|
|
but this can be replaced with a reset later. Also, be very sure to
|
|
release everything properly at a reset and at an error.
|
|
Think hard about where to guarantee what (ie, what happens if start fails,
|
|
are the fds unregistered immediately - i think so?)
|
|
** Optimize the case where a data object has an underlying fd we can pass
|
|
directly to the engine.
|
|
** Move code common to all engines up from gpg to engine.
|
|
** engine operations can return General Error on unknown protocol
|
|
(it's an internal error, as select_protocol checks already).
|
|
** When server mode is implemented properly, more care has to be taken to
|
|
release all resources on error (for example to free assuan_cmd).
|
|
|
|
* Operations
|
|
** Passphrase callback should not copy password. !!!
|
|
*** If no passphrase cb is installed, status handler is not run even if
|
|
password is required by crypto engine. !!
|
|
** Export status handler need much more work. !!!
|
|
** Import should return a useful error when one happened.
|
|
*** Import does not take notice of NODATA status report.
|
|
*** When GPGSM does issue IMPORT_OK status reports, make sure to check for them
|
|
in tests/gpgs m/t-import.c.
|
|
** Genkey should return something more useful than General_Error.
|
|
** Factor out common code in _op_*_start functions.
|
|
** Add ATTR to return the number of subkeys or uids.
|
|
** Optimize the file descriptor list, so the number of open fds is
|
|
always known easily. This could replace the pending bit, too, with
|
|
the exception of keylisting operations maybe.
|
|
|
|
* Error Values
|
|
** Map ASSUAN/GpgSM ERR error values in a better way than is done now. !!
|
|
** Verify (and document) if Read_Error, Write_Error, Pipe_Error set errno.
|
|
|
|
* Tests
|
|
** Write a fake gpg-agent so that we can supply known passphrases to
|
|
gpgsm and setup the configuration files to use the agent. Without
|
|
this we are testing a currently running gpg-agent which is not a
|
|
clever idea. !
|
|
** t-data
|
|
*** Test gpgme_data_release_and_get_mem.
|
|
*** Test gpgme_data_rewind for invalid types.
|
|
*** Test gpgme_data_read's readable feature.
|
|
|
|
* Debug
|
|
** Handle malloc and vasprintf errors. But decide first if they should be
|
|
ignored (and logged with 255?!), or really be assertions. !
|
|
|
|
* Build suite
|
|
** Make sure everything is cleaned correctly (esp. test area).
|
|
|
|
Bugs reported by Stephane Corthesy:
|
|
> In GpgmeRecipients, would it be possible to provide a function which
|
|
> would return the validity assigned to a name contained in the
|
|
> GpgmeRecipients instance?
|
|
|
|
> passphrase callback. If I use the same GpgmeContext as the one which
|
|
> is currently asking for a passphrase, my app crashes: the r_hd in
|
|
> the
|
|
> callback has become invalid; if I use a brand new one, the callback
|
|
> is called recursively, when I ask to enumerate keys.
|