| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/gpgsignkeyeditinteractor.cpp (makeTable): Remove two
transitions. Add one transition.
* lang/cpp/src/gpgsignkeyeditinteractor.cpp (makeTable)
<sign_uid.dupe_okay>: Add one more transition.
--
This adds a missing transition for the CONFIRM2 state which ensures
that the certification is properly completed in case two confirmations
were requested. And it removes two useless (and wrong) transitions
which are overwritten by two later correct transitions in the map.
GnuPG-bug-id: 7600
This is gpgmepp commit 5b77f4072d03342b8719bbe93fc77641fffb476a
The second patch fixed a bug seen before we could test Ingo's
patch. - wk
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/gpgsignkeyeditinteractor.cpp (makeTable): Assert that
all transitions go from one state to a different state.
--
The state machine gets stuck if a transition doesn't change the state.
Make sure that this cannot happen again by mistake.
GnuPG-bug-id: 7600
Taken from gpgmepp commit 6f2e91d4d25afa6934ceaf1563a4d826a904d644
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgsignkeyeditinteractor.cpp (makeTable): Replace transitions from
CONFIRM to CONFIRM with transitions from CONFIRM to CONFIRM2 and vice
versa. Add transitions from CONFIRM2 to some other state for all
transitions from CONFIRM to some other state.
--
The state machine gets stuck if a transition doesn't change the state
but an action is required. To avoid this situation the CONFIRM2 state
was introduced, but it was not used correctly.
GnuPG-bug-id: 7600
Taken from gpgmepp commit aee2b30482406e677dbddf1a68b2a11a5dc70adf
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
| |
* src/gpgme.c (gpgme_pubkey_algo_string): Consider all RSA variants.
--
Fixes-commit: 62b6c1f16ae0ed7b0eb1b095ee383aa0910314bb
GnuPG-bug-id: 7508
|
| |
|
|
|
|
|
|
|
| |
* Makefile.am (gen-ChangeLog): Use test -e instead of test -d to check
for git working trees.
--
In secondary working trees (created with `git worktree add ...`) .git
is a file referencing the original .git directory.
|
| |
|
|
|
|
|
|
|
|
| |
* configure.ac (GPG_ERR_ENABLE_ERRNO_MACROS): Remove.
--
It was for Windows CE.
Signed-off-by: NIIBE Yutaka <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tests/json/key-with-revokers.asc: Replace with new public key.
* tests/json/t-keylist-revokers.out.json: Update to new public key.
--
The old test key expired on 2027-05-15 which would break the tests after
this date. Replace it with a new test key which doesn't expire. The new
key was generated with
gpg --faked-system-time 1715782979 \
--add-desig-revoker sensitive:A0FF4590BB6122EDEF6E3C542D727CC768697734 \
--add-desig-revoker 23FD347A419429BACCD5E72D6BC4778054ACD246 \
--quick-gen-key [email protected] default default never
and exported with
gpg --export --armor --export-options export-sensitive-revkeys \
[email protected]
GnuPG-bug-id: 7471
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/python/Makefile.am (uninstall-local): Get platlib path relative
to data path.
--
For unknown reasons (at least on my system) Python 3.1x's sysconfig
returns a platlib (== directory for site-specific, platform-specific
files) starting with /usr/local although the prefix config variable is
/usr. This broke uninstallation because a wrong folder was (tried to)
remove. Python 2.7 and 3.9 return a platlib starting with just /usr. In
order to always get the correct relative path we use the data path
instead of the prefix config variable as anchor directory.
|
| |
|
|
|
|
|
| |
* configure.ac: Look for Python 3.13. Don't look for Python 3.8 anymore.
* lang/python/setup.py.in: Update Python versions in classifiers.
* m4/python.m4: Add python3.13 as valid interpreter. Remove python3.8.
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
| |
--
Although the GPGME_PK_KYBER is technically an API change we ignore it
because this is just another enum value which does not change the ABI
and no software uses it yet. Kleopatra is the first to use this and
it already has a test for gpgme 1.24.1.
GnuPG-bug-id: 7440
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (HAVE_GETTID,HAVE_SYS_GETTID): New test.
* src/debug.c: Include syscall.h if needed.
(tid_log_callback) [HAVE_SYS_GETTID]: Use SYS_gettid
--
Linux introduced the gettid syscall with 2.4.11 but glibc only with
its version 2.30. This patch allows building on older platforms.
Co-authored-by: lgh1
|
| |
|
|
|
|
|
|
| |
* lang/cpp/src/key.h (enum Subkey::PubkeyAlgo): Add AlgoKyber with
same value as GPGME_PK_KYBER.
--
GnuPG-bug-id: 7397
|
| |
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_PK_KYBER): New.
* src/conversion.c (_gpgme_map_pk_algo): Handle Kyber.
* src/gpgme.c (gpgme_pubkey_algo_string): Support Kyber.
(gpgme_pubkey_algo_name): Add Kyber.
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
|
|
| |
* autogen.sh: Update to version 2024-07-04 from libgpg-error.
* configure.ac (BUILD_COMMITID): New. Append to VERSION file.
* src/version.c (cright_blurb): Use BUILD_COMMITID here.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.c (gpgme_set_ctx_flag): Add "known-notations".
(gpgme_get_ctx_flag): Ditto.
(gpgme_release): Free variable.
* src/context.h (struct gpgme_context): Add "known_notations".
* src/engine-gpg.c (struct engine_gpg): Add "known_notations".
(gpg_release): Free variable.
(gpg_set_engine_flags): Set variable.
(add_known_notations): New.
(gpg_decrypt, gpg_verify): Call function.
* tests/run-decrypt.c (main): Add option --known-notations.
* tests/run-verify.c (main): Ditto.
--
GnuPG-bug-id: 4060
|
| |
|
|
|
|
|
|
|
| |
* src/conversion.c (spacep): New.
(_gpgme_strtokenize): New.
--
Function taken from GnuPG and license changed to LGPL 2.1. The
version in GnuPG was entirely written by the author.
|
| |
|
|
|
| |
* lang/qt/src/Makefile.am (camelcase_headers): Fix typo in header name.
--
|
| |
|
|
|
|
| |
* lang/qt/src/downloadjob.h (DownloadJob::start): Move QGPGME_DEPRECATED
before the whole function declaration.
--
|
| |
|
|
|
|
|
| |
* lang/cpp/src/key.h (UserID::Signature::Notation): Move
GPGMEPP_DEPRECATED before the whole typedef declaration.
* lang/cpp/src/verificationresult.h (Signature::Notation): Ditto.
--
|
| |
|
|
|
|
|
| |
* lang/cpp/src/gpgaddexistingsubkeyeditinteractor.h,
lang/cpp/src/gpgrevokekeyeditinteractor.h: Include <string>.
* lang/cpp/src/key.h: Include <ctime> instead of <sys/time.h>.
--
|
| |
|
|
| |
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/decryptionresult.cpp, lang/cpp/src/decryptionresult.h
(class DecryptionResult): Add method isBetaCompliance.
* lang/cpp/src/decryptionresult.cpp (operator<<): Add new flag.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h (class Key): Add method
isBetaCompliance.
(class Subkey): Add method isBetaCompliance.
* lang/cpp/src/key.cpp:
(Key::isDeVs): Remove duplicate check of is_de_vs of first subkey.
(operator<<): Add new flag.
* lang/cpp/src/verificationresult.cpp, lang/cpp/src/verificationresult.h
(class Signature): Add method isBetaCompliance.
* lang/cpp/src/verificationresult.cpp (operator<<): Add new flag.
--
GnuPG-bug-id: 7346
|
| |
|
|
|
|
| |
--
Nowadays, VS-NfD requires RSA 3072. And the documentation of
gpgme_signature_t was missing the compliance flags.
|
| |
|
|
|
|
|
|
| |
* src/engine-gpg.c: Pass --gpg-args before passing --proc-all-sigs
if using gpgtar
--
GnuPG-Bug-ID: 7320
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_subkey): Add field beta_compliance.
(struct _gpgme_op_decrypt_result): Ditto.
(struct _gpgme_signature): Ditto.
* src/util.h (PARSE_COMPLIANCE_FLAGS): Handle the new 2023 value.
* tests/run-decrypt.c: Append a "(beta)" to the vs-de compliance.
* tests/run-keylist.c: Ditto.
* tests/run-verify.c: Ditto.
--
See GnuPG commit b287fb577587655559fefb90f7ed90c9a15dc6a3
|
| |
|
|
| |
* src/engine-gpg.c (gpg_addadsk): Extend the version check.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/encrypt-sign.c (encrypt_sym_status_handler): Add call of
_gpgme_encrypt_status_handler.
(encrypt_sign_start): Call _gpgme_op_encrypt_init_result with
success_required=1 if archive is created. Always call
_gpgme_op_sign_init_result with success_required=0 because the encrypt
status handler already checks for SUCCESS.
src/encrypt.c (op_data_t): Add success_seen flag.
(_gpgme_encrypt_status_handler): Return error if we didn't see a
required SUCCESS on GPGME_STATUS_EOF. Set success_seen flag on
GPGME_STATUS_SUCCESS.
(encrypt_sym_status_handler): Add call of _gpgme_encrypt_status_handler.
(_gpgme_op_encrypt_init_result): Add argument success_required. Set
success_seen flag if SUCCESS is not required.
(encrypt_start): Call _gpgme_op_encrypt_init_result with
success_required=1 if archive is created.
src/ops.h (_gpgme_op_sign_init_result, _gpgme_op_encrypt_init_result):
Add argument success_required to prototypes.
src/sign.c (op_data_t): Add success_seen flag.
(_gpgme_sign_status_handler): Return error if we didn't see a
required SUCCESS on GPGME_STATUS_EOF. Set success_seen flag on
GPGME_STATUS_SUCCESS.
(sign_init_result): Add argument success_required. Set success_seen
flag if SUCCESS is not required.
(_gpgme_op_sign_init_result): Add argument success_required and
forward it to sign_init_result.
(sign_start): Call sign_init_result with success_required=1 if archive
is created.
--
gpgtar emits a SUCCESS status just before successful termination. If the
process terminates unexpectedly (e.g. because it's killed) then gpgme
now reports GPG_ERR_EOF. The SUCCESS status is only required if a
signed and/or encrypted archive is created which is only supported for
OpenPGP. The other engines reject the GPGME_ENCRYPT_ARCHIVE flag so that
we don't need to check the protocol in the generic code.
This change also adds handling of invalid recipients in case symmetric
encryption is used which makes sense because one can combine symmetric
and public key encryption.
GnuPG-bug-id: 6554
|
| |
|
|
|
|
|
|
| |
* configure.ac: Look for yat2m first in $prefix/bin and then in $PATH.
--
This makes sure that yat2m is found in case libgpg-error and gpgme are
installed in the same prefix.
|
| |
|
|
|
|
|
|
| |
* configure.ac: Add hint for YAT2M variable. Set HAVE_YAT2M if yat2m was
found.
* doc/Makefile.am (myman_pages): Set to empty string if yat2m isn't
available
--
|
| |
|
|
|
|
|
|
|
|
| |
* doc/gpgme-json.texi: New.
* configure.ac: Check for yat2m.
* doc/Makefile.am (YAT2M_OPTIONS): New. Also add all the other man
page stuff similar to what is used in gnupg.
--
ChangeLog entries by wk.
|
| |
|
|
|
| |
--
Fixes-commit: 7e7eaf43424556c3c25edc7b67e760ab60de55ce
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_ENCRYPT_ADD_RECP, GPGME_ENCRYPT_CHG_RECP):
New flag values.
* src/engine-gpg.c (have_cmd_modify_recipients): New.
(gpg_encrypt): Check availability of the feature and prepare command.
* tests/run-encrypt.c (main): New options --add-recipients
and --change-recipients.
--
GnuPG-bug-id: 1825
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/key.c (_gpgme_key_append_name): Support email-only user IDs with
upper case letters.
* tests/gpg/t-keylist.c (struct key_info_s): Add algo, length, sec_algo,
sec_length.
(keys): Add expected algo and length for primary and secondary subkeys.
(main): Factor out code for checking a key and the code for the keylist
test. Call the factored out test function and a new test function.
(check_key, test_keylist, key_with_email_only_user_id,
key_info_email_only_user_id,
test_email_only_user_id_with_upper_case_letters): New.
--
Email-only user IDs with upper case letters are now also parsed as a
user ID with empty name and the complete user ID as email.
GnuPG-bug-id: 7280
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/python/setup.py.in (BuildExtFirstHack.run): Extend members of the
extension instead of lists that were passed to the extension.
--
setuptools 72.2.0 integrated changes in distutils which included
"Support for Pathlike objects in data files and extensions". With this
change the extensions now take a copy of the sources list passed to the
constructor instead of keeping a reference to the passed list. Hence,
modifying the sources list that was passed to the extension didn't
change the sources list of the extension anymore. This is fixed by
modifying the sources list of the extension directly. For consistency
we do the same for the swig_opts list.
GnuPG-bug-id: 7281
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Add substitutions GPGMEPP_PKGCONFIG_LIBS,
GPGMEPP_PKGCONFIG_CFLAGS, GPGMEPP_PKGCONFIG_HOST. Apply them. Configure
gpgmepp.pc file.
* lang/cpp/src/Makefile.am (pkgconfigdir, pkgconfig_DATA): New.
(EXTRA_DIST): Add gpgmepp.pc.in.
* lang/cpp/src/gpgmepp.pc.in: New.
--
This pkgconfig file will be used, at least temporarily, by qgpgme
to find gpgmepp, but it's also useful in general for projects that
don't use cmake.
GnuPG-bug-id: 7262
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/editinteractor.cpp (edit_interactor_callback_impl):
Send empty string to edit interface if General Error occurred.
--
A General Error is usually returned by the nextState function of the
concrete EditInteractor subclasses if gpg asks an unexpected question
which isn't handled by the edit interactor's state machine. In this
case, it's usually safe to go with the default answer. This makes the
edit interactors much more robust.
GnuPG-bug-id: 7274
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/decryptverifyarchivejob.cpp,
lang/qt/src/decryptverifyarchivejob.h (DecryptVerifyArchiveJob): Add
member functions setProcessAllSignatures, processAllSignatures.
* lang/qt/src/decryptverifyarchivejob_p.h
(DecryptVerifyArchiveJobPrivate): Add member m_processAllSignatures.
* lang/qt/src/decryptverifyjob.cpp, lang/qt/src/decryptverifyjob.h
(DecryptVerifyJob): Add member functions setProcessAllSignatures,
processAllSignatures.
* lang/qt/src/decryptverifyjob_p.h (DecryptVerifyJobPrivate): Add member
m_processAllSignatures.
* lang/qt/src/qgpgmedecryptverifyarchivejob.cpp
(decrypt_verify_from_file_name): Add argument "processAllSignatures".
Set context flag "proc-all-sigs" if requested.
(QGpgMEDecryptVerifyArchiveJob::start): Set context flag "proc-all-sigs"
if requested.
(QGpgMEDecryptVerifyArchiveJobPrivate::startIt): Pass
m_processAllSignatures to decrypt_verify_from_file_name.
* lang/qt/src/qgpgmedecryptverifyjob.cpp
(decrypt_verify_from_filename): Add argument "processAllSignatures".
Set context flag "proc-all-sigs" if requested.
(QGpgMEDecryptVerifyJob::start, QGpgMEDecryptVerifyJob::exec): Set
context flag "proc-all-sigs" if requested.
(QGpgMEDecryptVerifyJobPrivate::startIt): Pass
m_processAllSignatures to decrypt_verify_from_filename.
* lang/qt/src/qgpgmeverifydetachedjob.cpp (verify_from_filename): Add
argument "processAllSignatures". Set context flag "proc-all-sigs" if
requested.
(QGpgMEVerifyDetachedJob::start, QGpgMEVerifyDetachedJob::exec): Set
context flag "proc-all-sigs" if requested.
(QGpgMEVerifyDetachedJobPrivate::startIt): Pass
m_processAllSignatures to decrypt_verify_from_filename.
* lang/qt/src/qgpgmeverifyopaquejob.cpp (verify_from_filename): Add
argument "processAllSignatures". Set context flag "proc-all-sigs" if
requested.
(QGpgMEVerifyOpaqueJob::start, QGpgMEVerifyOpaqueJob::exec): Set
context flag "proc-all-sigs" if requested.
(QGpgMEVerifyOpaqueJobPrivate::startIt): Pass
m_processAllSignatures to decrypt_verify_from_filename.
* lang/qt/src/verifydetachedjob.cpp, lang/qt/src/verifydetachedjob.h
(VerifyDetachedJob): Add member functions setProcessAllSignatures,
processAllSignatures.
* lang/qt/src/verifydetachedjob_p.h (VerifyDetachedJobPrivate): Add
member m_processAllSignatures.
* lang/qt/src/verifyopaquejob.cpp, lang/qt/src/verifyopaquejob.h
(VerifyOpaqueJob): Add member functions setProcessAllSignatures,
processAllSignatures.
* lang/qt/src/verifyopaquejob_p.h (VerifyOpaqueJobPrivate): Add
member m_processAllSignatures.
* lang/qt/tests/run-decryptverifyarchivejob.cpp,
lang/qt/tests/run-decryptverifyjob.cpp,
lang/qt/tests/run-verifydetachedjob.cpp,
lang/qt/tests/run-verifyopaquejob.cpp (struct CommandLineOptions): Add
member processAllSignatures.
(parseCommandLine): Add command line option --process-all-signatures.
(main): Pass new option to the job.
--
The new option processAllSignatures is added to all jobs that verify
data signatures. By enabling this option, one can tell gpg not to stop
checking signatures after the first bad signature.
GnuPG-bug-id: 6870
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/context.h (struct gpgme_context): Add proc_all_sigs.
* src/gpgme.c (gpgme_set_ctx_flag): Add flag "proc-all-sigs".
(gpgme_get_ctx_flag): Ditto.
* src/engine-gpg.c (engine.gpg): Add flags.proc_all_sigs.
(have_option_proc_all_sigs): New.
(gpg_set_engine_flags): Set flag from context.
(build_argv): Add --proc-all-sigs if requested and supported.
--
GnuPG-bug-id: 7261
|
| |
|
|
|
|
|
|
|
|
| |
* lang/qt/tests/Makefile.am (clean-keyring): New target.
--
Many tests operate on the keyring in the build directory. If a test
fails then the keyring might be in an unclean state causing subsequent
tests to fail. The new make target allows cleaning the keyring without
resorting to brute force with "make clean".
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/qgpgmechangeownertrustjob.cpp (set_owner_trust): New.
(QGpgMEChangeOwnerTrustJob::start): Use set_owner_trust if gpg is new
enough.
* lang/qt/tests/t-ownertrust.cpp
(ChangeOwnerTrustTest::testChangeOwnerTrust): Log unexpected error.
--
Using the --quick-set-ownertrust command to set the owner trust is much
more robust than using the edit interface. Prefer the former if gpg
supports it.
GnuPG-bug-id: 7239
|
| |
|
|
|
|
|
|
|
|
| |
* tests/json/t-json.c (parse_version_number, parse_version_string,
compare_versions, check_gpg_version): Remove.
(main): Use have_gpg_version from t-support.h.
--
In the meantime gpgrt provides API for comparing versions (which is
used by have_gpg_version in t-support.h).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lang/qt/src/Makefile.am: Add new files.
* lang/qt/src/job.cpp (QuickJob): Move definition of constructor and
destructor and inclusion of the moc file to quickjob.cpp.
* lang/qt/src/qgpgmequickjob.cpp (class QGpgMEQuickJobPrivate): New.
(QGpgMEQuickJob::QGpgMEQuickJob): Instantiate private job class.
(set_key_enabled): New.
* lang/qt/src/quickjob.cpp: New.
* lang/qt/src/quickjob.h (class QuickJob): Add member function
startSetKeyEnabled.
* lang/qt/src/quickjob_p.h: New.
* lang/qt/tests/Makefile.am: Add new test for Qt 5 and Qt 6.
* lang/qt/tests/t-disablekey.cpp: New.
--
GnuPG-bug-id: 7239
|
| |
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/context.cpp, lang/cpp/src/context.h (class Context): Add
member functions setOwnerTrust, startSetOwnerTrust, setKeyEnabled,
startSetKeyEnabled.
* lang/cpp/src/context.cpp (owner_trust_to_string): New.
--
GnuPG-bug-id: 7239
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/Makefile.am (main_sources): Add new file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_SETOWNERTRUST.
* src/engine.c, src/engine.h (_gpgme_engine_op_setownertrust): New.
* src/engine-backend.h (engine_ops): Add 'setownertrust' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setownertrust): New.
(_gpgme_engine_ops_gpg): Set setownertrust to gpg_setownertrust.
* src/gpgme.h.in (gpgme_op_setownertrust_start, gpgme_op_setownertrust):
New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/setownertrust.c: New.
* doc/gpgme.texi: Document new functions.
* tests/Makefile.am (noinst_PROGRAMS): Add new test program.
* tests/run-setownertrust.c: New.
* tests/gpg/Makefile.am (c_tests): Add new file. (LDADD): Add
@GPG_ERROR_LIBS@.
* tests/gpg/t-setownertrust.c: New.
* tests/gpg/t-support.h (have_gpg_version): New.
--
This extends GPGME to support the --quick-set-ownertrust command added
by GnuPG 2.4.6. This allows changing the owner trust of keys and
enabling/disabling keys without using the editinteractor interface.
GnuPG-bug-id: 7239
|
