| Commit message (Collapse) | Author | Files | Lines |
|---|
|
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag
"auto-key-retrieve".
* src/context.h (gpgme_context): New field auto_key_retrieve.
* src/engine-backend.h (struct engine_ops): Add arg auto_key_retrieve
to field 'decrypt'.
* src/engine-gpg.c (gpg_decrypt): Add arg auto_key_retrieve and pass
option --auto-key-retrieve to gpg. Adjust all callers.
(gpg_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Add dummy arg auto_key_retrieve.
* src/engine-uiserver.c (uiserver_decrypt): Ditto.
* tests/run-verify.c (main): Add option --auto-key-retrieve.
--
This makes the --auto-key-retrieve option available in the GPGME API.
Test plan:
Run
GPGME_DEBUG=9:out tests/run-verify SIGNEDFILE
with and without its new option --auto-key-retrieve and check in the
trace stored in "out" whether --auto-key-retrieve was passed to gpg.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-assuan.c (_gpgme_engine_ops_assuan): Add conf_dir.
* src/engine-g13.c (_gpgme_engine_ops_g13): Likewise.
* src/engine-gpg.c (_gpgme_engine_ops_gpg): Likewise.
* src/engine-gpgsm.c (_gpgme_engine_ops_gpgsm): Likewise.
* src/engine-spawn.c (_gpgme_engine_ops_spawn): Likewise.
* src/engine-uiserver.c (_gpgme_engine_ops_uiserver): Likewise.
* src/engine-backend.h (struct engine_ops): Likewise.
* src/engine-gpgconf.c (gpgconf_config_dir_cb, gpgconf_conf_dir):
New functions.
(struct engine_ops): Add gpgconf_conf_dir.
* src/engine.c (_gpgme_engine_op_conf_dir): New function.
* src/engine.h (_gpgme_engine_op_conf_dir): New prototype.
* src/gpgconf.c (gpgme_op_conf_dir): New function.
* src/gpgme.def (gpgme_op_conf_save): New symbol.
* src/gpgme.h.in (gpgme_op_conf_dir): New prototype.
* src/libgpgme.vers (gpgme_op_conf_dir): New symbol.
* tests/gpg/t-gpgconf.c (main): Test gpgme_op_conf_dir.
Signed-off-by: Marcus Brinkmann <[email protected]>
GnuPG-bug-id: 3018
|
|
* NEWS: Document new interfaces.
* doc/gpgme.texi: Document new interfaces.
* src/gpgme.h.in (GPGME_DELETE_ALLOW_SECRET, GPGME_DELETE_FORCE,
gpgme_op_delete_ext_start, gpgme_op_delete_ext): New.
* src/delete.c (delete_start): Change allow_secret argument to flags.
(gpgme_op_delete_ext, gpgme_op_delete_ext_start): New functions.
* src/engine-backend.h (delete): Change allow_secret argument to flags.
* src/engine.c (_gpgme_engine_op_delete): Likewise.
* src/engine.h (_gpgme_engine_op_delete): Likewise (for prototype).
* src/engine-gpgsm.c (gpgsm_delete): Likewise.
* src/engine-gpg.c (gpg_delete): Likewise. Implement GPGME_DELETE_FORCE.
* src/gpgme.def (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.
* src/libgpgme.vers (gpgme_op_delete_ext, gpgme_op_delete_ext_start): New.
Signed-off-by: Marcus Brinkmann <[email protected]>
GnuPG-bug-id: 2916
|
|
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS. Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this. Add arg FLAGS. Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'. Add FLAGS to 'decrypt'. Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this. Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.
* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--
Manual testing of that wrap/unwrap feature can be done this way:
./run-encrypt --verbose --key Alice /etc/motd > x
./run-decrypt --verbose --unwrap x > y
./run-encrypt --verbose --key Bob --wrap y > z
1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob
This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption. Requires GnuPG 2.1.12.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in: New API gpgme_op_keylist_from_data_start.
* src/libgpgme.vers, src/gpgme.def: Add it.
* src/keylist.c (gpgme_op_keylist_from_data_start): New.
* src/engine-backend.h (engine_ops): Add field 'keylist_data'. Change
all engines to pass NULL for it.
* src/engine.c (_gpgme_engine_op_keylist_data): New.
* src/engine-gpg.c (gpg_keylist_data): New.
(_gpgme_engine_ops_gpg): Register gpg_keylist_data.
* tests/run-keylist.c (main): New option --from-file.
--
Co-authored-by: Werner Koch <[email protected]>
GnuPG-bug-id: 2819
|
|
* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Make sure CB_ERR
is returned.
* src/import.c (parse_import_res): Do not return an error for the last
field.
(import_status_handler): Actually return the error from
parse_import_res.
Signed-off-by: Werner Koch <[email protected]>
|
|
* configure.ac (vasprintf): Remove check.
* src/vasprintf.c: Remove file.
* src/util.h (vasprintf, asprintf): Remove prototypes. Replace all
calls to vasprintf and asprintf by gpgrt_vasprintf or gpgrt_asprintf.
Also take care to use gpgrt_free on the returned value.
* src/w32-util.c (_gpgme_get_gpgconf_path): Replace a gpgrt_asprintf
by _gpgme_strconcat.
(snprintf): New macro to use gpgrt_snprintf instead of the system's
standard snprintf.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.
* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.
--
To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.
The patch also implements the --override-session-key feature.
GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.
--
gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case. However, session key export is also
useful in other use cases. Two examples from MUA development (where
this functionality would be specifically useful to me right now):
* If the MUA stores a local copy of the session key upon decrypting
the message, it can re-decrypt the message without expensive
asymmetric operations. When rendering a thread with dozens of
encrypted messages, this can represent a significant speedup.
* A user may have expired encryption-capable secret key material,
along with many messages encrypted to that material. If she stores
the session keys for those messages she wants to keep, she can
destroy her secret key material and make any messages she has
deleted completely unrecoverable, even to an attacker who gets her
remaining secret keys in the future.
This patchset makes a two specific implementation decisions that could
have gone in different ways. I welcome feedback on preferred outcomes.
0) session key representation: we currently represent the session key
as an opaque textual string, rather than trying to provide any
sort of in-memory structure. While it wouldn't be hard to parse
the data produced by gpg's --export-session-key, I chose to use
the opaque string rather than lock in a particular data format.
1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This
has the potential to cause an out-of-bound memory access if
someone uses code compiled against the newer verision, but linked
at runtime against an older version. I've attempted to limit that
risk by documenting that users must verify
gpgme_get_export_session_keys() before accessing this new struct
member -- this means that code expecting this capability will
require the symbol at link-time, and will refuse to link against
older versions.
Another approach to solving this problem would be to avoid
modifying gpgme_op_decrypt_result_t, and to introduce instead a
new function gpgme_op_session_key(), which could be called in the
same places as gpgme_op_decrypt_result(). Depending on the
representation of the session key, this might introduce new
memory-management burdens on the user of the library, and the
session key is certainly part of a decryption result, so it seemed
simpler to go with what i have here.
If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.
Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/
If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.
Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user. Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API. Unless someone tinkers with
the build system, this should never happen. We have added new fields
to result structure may times and I can't remember any problems.
- wk
|
|
* src/gpgme.h.in (gpgme_query_swdb_result_t): New.
(gpgme_op_query_swdb): New.
(gpgme_op_query_swdb_result): New.
* src/libgpgme.vers, src/gpgme.def: Add the two new functions.
* src/queryswdb.c: New.
* src/Makefile.am (main_sources): Add new file.
* src/context.h (OPDATA_QUERY_SWDB): New.
* src/engine-backend.h (struct engine_ops): Add field 'query_swdb'.
Adjust all initializer.
* src/engine.c (_gpgme_engine_op_query_swdb): New.
* src/engine-gpgconf.c (parse_swdb_line): New.
(gpgconf_query_swdb): New.
(_gpgme_engine_ops_gpgconf): Register that function.
* src/util.h (GPG_ERR_TOO_OLD): Define for older libgpg-error.
(GPG_ERR_ENGINE_TOO_OLD): Ditto.
* tests/run-swdb.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add new debug tool.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX. Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.
* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-assuan.c (llass_new): Update --ttyname from GPG_TTY.
* src/engine-g13.c (g13_new): Ditto.
* src/engine-gpg.c (gpg_new): Ditto.
* src/engine-uiserver.c (uiserver_new): Ditto.
* src/engine-gpgsm.c (gpgsm_new): Ditto.
--
Useful when no DISPLAY is set and there is no attached terminal to the
current process.
Signed-off-by: Ben Kibbey <[email protected]>
|
|
* src/edit.c (command_handler): Handle special error code.
* src/engine-gpg.c (read_status): Ditto.
* src/engine-gpgsm.c (status_handler): Ditto.
* src/engine-uiserver.c (status_handler): Ditto.
* src/util.h (GPG_ERR_FALSE): Define for older libgpg-error versions.
--
An edit callback may now simply return GPG_ERR_FALSE to indicate that
it did not handled the status code. GPGME will the do the appropriate
action, which is to send an empty line.
Note that it is highly unlikely that GPG_ERR_FALSE has ever been used
by an application as return value from an edit interactor.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_tofu_policy_start): New function.
(gpgme_op_tofu_policy): New function.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/tofupolicy.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_TOFU_POLICY.
* src/engine.c (_gpgme_engine_op_tofu_policy): New.
* src/engine-backend.h (engine_ops): Add funcptr 'tofu_policy'.
Adjust all engine initializations.
* src/engine-gpg.c (gpg_tofu_policy): New.
(_gpgme_engine_ops_gpg): Register this function.
* tests/run-tofu.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (gpgme_op_keysign_start, gpgme_op_keysign): New.
(GPGME_KEYSIGN_LOCAL): New.
(GPGME_KEYSIGN_LFSEP): New.
(GPGME_KEYSIGN_NOEXPIRE): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_KEYSIGN.
* src/keysign.c: New.
* src/Makefile.am (main_sources): Add keysig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_keysign_start.
* src/engine.c (_gpgme_engine_op_keysign): New.
* src/engine-backend.h (engine_ops): Add 'keysign' and adjust all
engine initializers.
* src/engine-gpg.c (_add_arg): Add args PREFIX and ARGLEN and change
callers to set them.
(add_arg_pfx): New.
(add_arg_len): New.
(gpg_keysign): New.
(_gpgme_engine_ops_gpg): Set keysign to gpg_keysign.
* tests/run-keysign.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add run-keysign.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine.h (GENKEY_EXTRAFLAG_ARMOR): New.
* src/engine-backend.h (engine_ops): Rename USE_ARMOR in genkey to
EXTRAFLAGS.
* src/engine.c (_gpgme_engine_op_genkey): Ditto.
* src/engine-gpg.c (gpg_createkey_from_param): Ditto and test the
flags.
(gpg_createkey_legacy): Ditto.
(gpg_createkey): Ditto.
(gpg_addkey): Ditto.
(gpg_genkey): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
|
Signed-off-by: Werner Koch <[email protected]>
|
|
Signed-off-by: Werner Koch <[email protected]>
|
|
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-backend.h (engine_ops): Change prototype of genkey.
* src/engine-gpgsm.c (gpgsm_genkey): Change accordingly.
* src/engine-gpg.c (gpg_genkey): Change it to a dispatcher.
(gpg_createkey_from_param): New for the old functionality.
(gpg_createkey_legacy): New. Stub for now.
(gpg_createkey): New.
(gpg_addkey): New. Stub for now.
(gpg_adduid): New. Stub for now.
* src/engine.c (_gpgme_engine_op_genkey): Add new args.
* src/genkey.c (op_data_t): Add field ERROR_CODE.
(parse_error): New.
(genkey_status_handler): Parse ERROR status line.
(genkey_start): Use NULL/0 for the new args.
(createkey_start): New.
(gpgme_op_createkey_start, gpgme_op_createkey): New.
* src/gpgme.def, src/libgpgme.vers: Add gpgme_op_createkey_start and
gpgme_op_createkey.
* src/gpgme.h.in (_gpgme_op_genkey_result): Add fields PUBKEY and
SECKEY.
(GPGME_CREATE_SIGN): New.
(GPGME_CREATE_ENCR): New.
(GPGME_CREATE_CERT): New.
(GPGME_CREATE_AUTH): New.
(GPGME_CREATE_NOPASSWD): New.
(GPGME_CREATE_SELFSIGNED): New.
(GPGME_CREATE_NOSTORE): New.
(GPGME_CREATE_WANTPUB): New.
(GPGME_CREATE_WANTSEC): New.
(GPGME_CREATE_FORCE): New.
* tests/run-genkey.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
--
This function uses the new --quick-gen-key API of gpg. A limited
compatibility mode to use older gpg versions and gpgsm will eventually
be provided. Not all flags are currently implemented.
./run-genkey --unprotected --force [email protected]
Create a new standard key with the given user id. --force is used to
allow creating more than one key with that user id in the keyring.
./run-genkey --unprotected --force \
[email protected] default default 2145826800
Creates a new standard key with an expiration date of 2037-12-31.
./run-genkey --unprotected --force \
[email protected] future-default default 2145826800
Create a standard key using the fugure default algorithms.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-backend.h (engine_ops): Add arg 'version' to NEW.
* src/engine-assuan.c (llass_new): Add dummy arg 'version'.
* src/engine-g13.c (g13_new): Ditto.
* src/engine-gpgconf.c (gpgconf_new): Ditto.
* src/engine-gpgsm.c (gpgsm_new): Ditto.
* src/engine-spawn.c (engspawn_new): Ditto.
* src/engine-uiserver.c (uiserver_new): Ditto.
* src/engine.c (_gpgme_engine_new): Pass version string to the new
function.
* src/engine-gpg.c (struct engine_gpg): Add field 'version'.
(gpg_new): Add arg 'version'.
(gpg_release): Free VERSION.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.
* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.
* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers. Call the monitor callback.
* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers. Call the monitor callback.
* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--
This new feature is mainly intended for bug tracking. Having access
to the raw status lines might also be useful for applications, though.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-assuan.c (llass_new): Don't treat ttyname_r error as
fatal.
* src/engine-g13.c (g13_new): Likewise.
* src/engine-gpg.c (gpg_new): Likewise.
* src/engine-gpgsm.c (gpgsm_new): Likewise.
* src/engine-uiserver.c (uiserver_new): Likewise.
--
Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g.,
when /dev/pts is not accessible under chroot. Since all our uses of
ttyname_r() require that the function works, we can treat the failure as
if isatty() fails.
Signed-off-by: Daiki Ueno <[email protected]>
|
|
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET): New.
(GPGME_EXPORT_MODE_RAW): New.
(GPGME_EXPORT_MODE_PKCS12): New.
* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.
* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.
--
Note that exporting secret X.509 keys requires GnuPG 2.1.8.
Signed-off-by: Werner Koch <[email protected]>
|
|
* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
(_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
(gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
(gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.
--
The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to
collect.
Signed-off-by: Andre Heinecke <[email protected]>
|
|
* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Do not terminate
on a status lines.
--
This bug has been with us since the support for gpgsm: If there is no
status line handler but a status line is received anyway the command
handling loop terminates and thus the command/answer order gets out of
sync. In the case of the bug report this is triggered by sending an
option which starts the agent and that starting emits a "PROGRESS"
status line.
The solution is not to stop reading after a status line but record a
possible error code and return that only after OK or ERR.
GnuPG-bug-id: 1795
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):
--
After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded. Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order. This is not easy exploitable because libassuan constructs the
line. However a crash has been reported and thus it might be possible
to constructs an exploit.
CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
|
|
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_SECRET): New.
* src/engine-gpg.c (gpg_keylist_build_options): Handle new mode.
* src/engine-gpgsm.c (gpgsm_keylist, gpgsm_keylist_ext): Ditto.
* src/keylist.c (parse_sec_field15): Add arg key and take care of
--with-secret output.
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Add
"with_secret". Print card info and and secret flag for subkeys.
--
Note: This mode may only be used with GnuPG >= 2.1.
|
|
* src/gpgme.h.in (GPGME_PROTOCOL_SPAWN): New.
(GPGME_SPAWN_DETACHED, GPGME_SPAWN_ALLOW_SET_FG): New.
* src/gpgme.c (gpgme_set_protocol): Add new protocol.
(gpgme_get_protocol_name): Ditto.
* src/spawn.c: New.
* src/libgpgme.vers, src/gpgme.def: Add new public functions.
* src/engine-spawn.c: New.
* src/Makefile.am: Add new files.
* src/engine-backend.h (struct engine_ops): Add OPSPAWN.
* src/engine.c (engine_ops): Add _gpgme_engine_ops_spawn.
(gpgme_get_engine_info): Add Spawn to the list of protocols.
(_gpgme_engine_op_spawn): New.
* src/gpgme-tool.c (gt_protocol_from_name): Add new protocol.
(gt_spawn, cmd_spawn): New.
|
|
* src/dirinfo.c (WANT_GPG_ONE_MODE): New.
(struct dirinfo): Add field "gpg_one_mode".
(get_gpgconf_item): Set that field and return it if requested.
(_gpgme_in_gpg_one_mode): New.
* src/engine-gpg.c (build_argv): Check GPG_AGENT_INFO only in gpg-1
mode.
* src/dirinfo.c (_gpgme_get_basename): New.
* src/engine-g13.c (g13_new): Take argv[0] from the pgmname.
* src/engine-gpgsm.c (gpgsm_new): Ditto.
* src/engine-gpg.c (build_argv): Ditto. Add arg PGMNAME.
(start): Pass PGMNAME to buildargv.
|
|
* configure.ac (NEED_GPG_VERSION, NEED_GPGSM_VERSION)
(NEED_G13_VERSION, NEED_GPGCONF_VERSION): Remove vars and all related
checks. Do not check for any engine version.
(HAVE_ASSUAN): Remove AM conditional.
* src/Makefile.am: Remove separate component vars and always build all
engines but uiserver.
* src/dirinfo.c (WANT_GPGCONF_NAME): New.
(struct dirinfo): Add field gpgconf_name.
(_gpgme_get_default_gpgconf_name): Use WANT_GPGCONF_NAME.
(get_gpgconf_item): Set gpgconf name and adjust for _gpgme_get_*_path
now returning a malloced string.
* src/engine.c (engine_ops): Always init all engines except for
uiserver.
* src/posix-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path):
Remove unused functions.
(walk_path): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path ): Re-implement using
walk_path.
* src/w32-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path): Remove
unused functions.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Return a malloced
string.
* src/engine-g13.c (g13_get_req_version): Use a hardwired string with
the required version. This info belongs into this file.
* src/engine-gpg.c (gpg_get_req_version): Ditto.
* src/engine-gpgconf.c (gpgconf_get_req_version): Ditto.
* src/engine-gpgsm.c (gpgsm_get_req_version): Ditto.
* tests/t-engine-info.c: Replace now useless test by an info output.
* tests/gpg/Makefile.am (GPG, GPG_AGENT): Hardwire gpg and gpg-agent.
* tests/gpgsm/Makefile.am (GPGSM): Hardwire gpgsm.
Signed-off-by: Werner Koch <[email protected]>
|
|
* src/util.h: Move some prototypes to ...
* src/sys-util.h: New.
* src/Makefile.am (main_sources): Add sys-util.h.
* configure.ac (AH_VERBATIM): Add DIRSEP_C and DIRSEP_S.
* src/dirinfo.c: Include sys-util.h.
(WANT_GPG_NAME, WANT_GPGSM_NAME, WANT_G13_NAME)
(WANT_UISRV_SOCKET): New.
(dirinfo): Add corresponding fields.
(parse_output): Add arg COMPONENTS and set new fields.
(read_gpgconf_dirs): Add arg components and act upon it.
(get_gpgconf_item): Call read_gpgconf_dirs two times. Add debug
output.
(_gpgme_get_default_gpg_name): New.
(_gpgme_get_default_gpgsm_name): New.
(_gpgme_get_default_g13_name): New.
(_gpgme_get_default_gpgconf_name): New.
(_gpgme_get_default_uisrv_socket): New.
* src/engine-gpg.c, src/engine-g13.c, src/engine-gpgconf.c
* src/engine-gpgsm.c, src/engine-uiserver.c: Change to use
_gpgme_get_default_ instead of those from sys-util.h.
* src/posix-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
* src/w32-util.c (_gpgme_get_gpg_path): Include sys-util.h.
(_gpgme_get_uiserver_socket_path): Remove.
--
The default engines names are now taken from the output of gpgconf.
If gpgconf is not installed gpg 1 is assumed and locate the same was
as gpgconf.
|
|
* configure.ac (NEED__FILE_OFFSET_BITS): Change to define gpgme_off_t
and gpgme_ssize_t.
(API__OFF_T, API__SSIZE_T): New ac_subst.
* src/gpgme.h.in: Replace all ssize_t and off_t by ac_subst macros.
* src/assuan-support.c, src/ath-pthread.c, src/ath.c, src/ath.h
* src/data-compat.c, src/data-fd.c, src/data-mem.c, src/data-stream.c
* src/data-user.c, src/data.c, src/data.h, src/engine-gpgsm.c
* src/engine-uiserver.c, src/gpgme-tool.c, src/gpgme.c: Replace off_t
by gpgme_off_t and sszie_t by gpgme_ssize_t.
* src/ath-pthread.c, src/ath.h: Include gpgme.h.
--
For a detailed description, see the gpgme.texi diff.
|
|
* src/gpgme.c (gpgme_set_pinentry_mode): New.
* src/gpgme.h.in (gpgme_pinentry_t): New.
(gpgme_set_pinentry_mode): New.
* src/context.h (struct gpgme_context): Add field pinentry_mode.
* src/engine-backend.h (struct engine_ops): Add field
set_pinentry_mode.
* src/engine-gpg.c (struct engine_gpg): Add field pinentry_mode.
(build_argv): Implement pinentry_mode.
(gpg_set_pinentry_mode): New.
(_gpgme_engine_ops_gpg): Register gpg_set_pinentry_mode.
--
Note that this new fucntion may only be used with gpg 2.1.
|
|
--
Also fixed a couple of minor thing; e.g. save the error before calling
cleanup functions. Do not save the errno if only free is called
in between.
|
|
* src/engine-gpgsm.c (gpgsm_set_fd): Do not set DIR if not needed.
|
|
--
Command used: sed -i 's,[ \t]*$,,' FILE
|
|
* src/Makefile.am (EXTRA_DIST): Remove mkstatus.
(BUILT_SOURCE, MOSTLYCLEANFILES): Remove.
(main_sources): Remove status-table.h, extra-stati.h.
Add status-table.c.
(status-table.h): Remove rules for built source.
* src/decrypt.c: Don't include extra-stati.h.
* src/engine-gpg.c: Don't include status-table.h.
(status_cmp): Remove function.
(read_status): Use _gpgme_parse_status.
* src/engine-gpgsm.c: Don't include status-table.h.
(status_cmp, parse_status): Remove function.
(gpgsm_assuan_simple_command, status_handler): Use _gpgme_parse_status.
* src/engine-uiserver.c: Don't include status-table.h.
(status_cmp, parse_status): Remove function.
(uiserver_assuan_simple_command, status_handler): Use
_gpgme_parse_status.
* src/gpgme.h.in (gpgme_status_code_t): Add
GPGME_STATUS_DECRYPTION_INFO.
* src/util.h (_gpgme_status_init,_gpgme_parse_status): New declaration.
* src/status-table.c: New file.
* src/extra-stati.h, src/mkstatus: Files removed.
* version.c (do_subsystem_inits): Call _gpgme_status_init.
|
|
Provide access for Wince.
Install dummy sehmap.h
|
|
Fixed regression in plain W32 build.
|
|
* engine-gpgsm.c (gpgsm_new): Translate returned achild_fds back
to child_fds.
|
|
* engine-g13.c, gpgme.c, engine-gpgsm.c, engine-gpg.c,
op-support.c, engine-assuan.c, gpgme-tool.c: Include <locale.h>
only if available with HAVE_LOCALE_H and conditionalize use of
LC_CTYPE on its definition.
* engine-gpgconf.c: Do not include <locale.h>.
|
|
* engine-gpgsm.c (gpgsm_new, start): Cast between int and
assuan_fd_t.
* assuan-support.c (my_pipe, my_close, my_read, my_write): Likewise.
* gpgme-tool.c (server_data_obj, server_reset_fds, gpgme_server),
(my_recvmsg, my_sendmsg, my_spawn): Likewise.
* engine-assuan.c (start): Likewise.
* engine-g13.c (start): Likewise.
|
|
* configure.ac: Require libgpg-error 1.8.
src/
2010-05-06 Marcus Brinkmann <[email protected]>
* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
gpg_error_from_syserror instead gpg_error_from_errno, and use
gpg_err_set_errno to set error number.
* setenv.c: Include <gpg-error.h> and define __set_errno to use
gpg_err_set_errno.
* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
mapped in Windows CE) instead of E2BIG (which is not).
(gt_import_keys): Initialize err.
|
|
|
|
|
|
GPGSM. Requires GnuPG 2.1
|
|
|
|
* configure.ac: Activate UIServer if FD passing is enabled and
Assuan is available.
m4/
2009-11-10 Marcus Brinkmann <[email protected]>
* libassuan.m4: Fix LIBASSUAN_VERSION.
src/
2009-11-10 Marcus Brinkmann <[email protected]>
* Makefile.am (uiserver_components): New variable.
(main_sources): Add it.
* ops.h, key.c (_gpgme_key_append_name): Take CONVERT argument,
implement it. Adjust callers.
(gpgme_key_from_uid): New function.
* gpgme.h.in (gpgme_protocol_t): Add GPGME_PROTOCOL_DEFAULT.
(gpgme_encrypt_flags_t): Add GPGME_ENCRYPT_PREPARE,
GPGME_ENCRYPT_EXPECT_SIGN.
(gpgme_set_sub_protocol, gpgme_key_from_uid): New functions.
* libgpgme.vers, gpgme.def: Add new functions.
* gpgme.c (gpgme_set_protocol): Add UIServer protocol.
(gpgme_set_sub_protocol): New function.
(gpgme_get_protocol_name): Add UIServer and default protocol.
* assuan-support.c: Return correct error values, implement
socketpair for POSIX.
* priv-io.h, posix-io.c, w32-io.c, w32-glib-io.c,
w32-qt-io.cpp (_gpgme_io_spawn): Add ATFORK and ATFORKVALUE
arguments. Implement it for POSIX. Adjust all callers.
* engine.h, engine-backend.h (_gpgme_engine_set_protocol)
(_gpgme_engine_op_decrypt_verify): New prototypes. Adjust all
users.
* engine.c (engine_ops, gpgme_get_engine_info): Add UIServer
engine.
(_gpgme_engine_set_protocol, _gpgme_engine_op_decrypt_verify): New
function.
* decrypt-verify.c (decrypt_verify_start): Call
_gpgme_engine_op_decrypt_verify.
* util.h, posix-util.c,
w32-util.c (_gpgme_get_uiserver_socket_path): New function.
* engine-gpgsm.c (gpgsm_set_fd): Fix _gpgme_io_pipe invocation.
* gpgme-tool.c: Some support for UIServer protocol.
* engine-uiserver.c: New file.
|
|
|
