core: Add trust-model flag

* src/context.h (gpgme_context): Extend with trust_model.
* src/engine-gpg.c (engine_gpg): Extend with trust_model.
(gpg_set_engine_flags): Take trust_model from context.
(build_argv): Handle trust_model.
(gpg_release): Free trust_model.
* src/gpgme.c (gpgme_set_ctx_flag): Handle trust-model flag.
(gpgme_release): Release trust-model.
* doc/gpgme.texi: Document new flag for gpgme_set_ctx_flag.
(Context Flags): New subsection for the context flags.
* tests/run-keylist.c (show_usage, main): Add new --trust-model
parameter.

--
This gives a GPGME user fine grained control over the
trust-model.

Changing the trust model for only a single application depends
on:
GnuPG-Bug-Id: T4134
Maniphest Tasks: T4134
Differential Revision: https://dev.gnupg.org/D466

3 files changed, 34 insertions, 0 deletions

diff --git a/src/context.h b/src/context.h
index 1c9379b8..d65bf9b5 100644
--- a/src/context.h
+++ b/src/context.h
@@ -162,6 +162,9 @@ struct gpgme_context
   char *lc_ctype;
   char *lc_messages;
 
+  /* The optional trust-model override.  */
+  char *trust_model;
+
   /* The operation data hooked into the context.  */
   ctx_op_data_t op_data;
 
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 28333742..aed933e1 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -141,6 +141,7 @@ struct engine_gpg
   gpgme_pinentry_mode_t pinentry_mode;
   char request_origin[10];
   char *auto_key_locate;
+  char *trust_model;
 
   struct {
     unsigned int no_symkey_cache : 1;
@@ -455,6 +456,7 @@ gpg_release (void *engine)
   if (gpg->cmd.keyword)
     free (gpg->cmd.keyword);
   free (gpg->auto_key_locate);
+  free (gpg->trust_model);
 
   gpgme_data_release (gpg->override_session_key);
   gpgme_data_release (gpg->diagnostics);
@@ -669,6 +671,14 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx)
                                                ctx->auto_key_locate, NULL);
     }
 
+  if (ctx->trust_model && strlen (ctx->trust_model))
+    {
+      if (gpg->trust_model)
+        free (gpg->trust_model);
+      gpg->trust_model = _gpgme_strconcat ("--trust-model=",
+                                           ctx->trust_model, NULL);
+    }
+
   gpg->flags.no_symkey_cache = (ctx->no_symkey_cache
                                 && have_gpg_version (gpg, "2.2.7"));
   gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23"));
@@ -981,6 +991,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname)
       argc++;
     }
 
+  if (gpg->trust_model)
+    {
+      argv[argc] = strdup (gpg->trust_model);
+      if (!argv[argc])
+        {
+          int saved_err = gpg_error_from_syserror ();
+          free (fd_data_map);
+          free_argv (argv);
+          return saved_err;
+        }
+      argc++;
+    }
+
   if (gpg->flags.no_symkey_cache)
     {
       argv[argc] = strdup ("--no-symkey-cache");
diff --git a/src/gpgme.c b/src/gpgme.c
index 2d829d9b..3d72f695 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -250,6 +250,7 @@ gpgme_release (gpgme_ctx_t ctx)
   free (ctx->override_session_key);
   free (ctx->request_origin);
   free (ctx->auto_key_locate);
+  free (ctx->trust_model);
   _gpgme_engine_info_release (ctx->engine_info);
   ctx->engine_info = NULL;
   DESTROY_LOCK (ctx->lock);
@@ -554,6 +555,13 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
       if (!ctx->auto_key_locate)
         err = gpg_error_from_syserror ();
     }
+  else if (!strcmp (name, "trust-model"))
+    {
+      free (ctx->trust_model);
+      ctx->trust_model = strdup (value);
+      if (!ctx->trust_model)
+        err = gpg_error_from_syserror ();
+    }
   else
     err = gpg_error (GPG_ERR_UNKNOWN_NAME);