[git] GPGME - branch, master, updated. gpgme-1.12.0-5-g85627e5
by Andre Heinecke
cvs at cvs.gnupg.org
Tue Oct 9 10:49:42 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via 85627e58184529e982369cfc00ed7865244c13d6 (commit)
via 7a1e6dbfb16f71f692a53f7e0955bde86dbb7fee (commit)
via ecfa88e65fda9c9766ad526d57e2fc8b2884f634 (commit)
via bf4aae45129c1093ee7712bdbcdfe1c8f2ca7c0f (commit)
from 1c7f93fbc8d337f6c7e4ce7b30bf0a452ce5a931 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 85627e58184529e982369cfc00ed7865244c13d6
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Wed Sep 12 09:42:09 2018 +0200
core: Add trust-model flag
* src/context.h (gpgme_context): Extend with trust_model.
* src/engine-gpg.c (engine_gpg): Extend with trust_model.
(gpg_set_engine_flags): Take trust_model from context.
(build_argv): Handle trust_model.
(gpg_release): Free trust_model.
* src/gpgme.c (gpgme_set_ctx_flag): Handle trust-model flag.
(gpgme_release): Release trust-model.
* doc/gpgme.texi: Document new flag for gpgme_set_ctx_flag.
(Context Flags): New subsection for the context flags.
* tests/run-keylist.c (show_usage, main): Add new --trust-model
parameter.
--
This gives a GPGME user fine grained control over the
trust-model.
Changing the trust model for only a single application depends
on:
GnuPG-Bug-Id: T4134
Maniphest Tasks: T4134
Differential Revision: https://dev.gnupg.org/D466
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index d99e9bb..fc4840e 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -2444,6 +2444,7 @@ started. In fact, these references are accessed through the
* Passphrase Callback:: Getting the passphrase from the user.
* Progress Meter Callback:: Being informed about the progress.
* Status Message Callback:: Status messages received from gpg.
+* Context Flags:: Additional flags for a context.
* Locale:: Setting the locale of a context.
* Additional Logs:: Additional logs of a context.
@end menu
@@ -3030,6 +3031,10 @@ or @var{ctx} is not a valid pointer, @code{NULL} is returned in both
variables.
@end deftypefun
+ at node Context Flags
+ at subsection Context Flags
+ at cindex flags, of a context
+
@deftypefun {gpgme_error_t} gpgme_set_ctx_flag @
(@w{gpgme_ctx_t @var{ctx}}, @
@w{const char *@var{name}}, @
@@ -3131,6 +3136,20 @@ Requires at least GnuPG 2.1.18.
Note: Keys retrieved through @code{auto-key-locate} are automatically
imported in the keyring.
+ at item trust-model
+ at since{1.11.2}
+
+Change the trust-model for all GnuPG engine operations. An empty
+string sets the trust-model back to the users default. If the
+trust-model is not supported by GnuPG the behavior is undefined
+and will likely cause all operations to fail. Example: "tofu+pgp".
+
+This options should be used carefully with a strict version
+requirement. In some versions of GnuPG setting the
+trust-model changes the default trust-model for future operations.
+A change in the trust-model also can have unintended side effects, like
+rebuilding the trust-db.
+
@end table
This function returns @code{0} on success.
diff --git a/src/context.h b/src/context.h
index 1c9379b..d65bf9b 100644
--- a/src/context.h
+++ b/src/context.h
@@ -162,6 +162,9 @@ struct gpgme_context
char *lc_ctype;
char *lc_messages;
+ /* The optional trust-model override. */
+ char *trust_model;
+
/* The operation data hooked into the context. */
ctx_op_data_t op_data;
diff --git a/src/engine-gpg.c b/src/engine-gpg.c
index 2833374..aed933e 100644
--- a/src/engine-gpg.c
+++ b/src/engine-gpg.c
@@ -141,6 +141,7 @@ struct engine_gpg
gpgme_pinentry_mode_t pinentry_mode;
char request_origin[10];
char *auto_key_locate;
+ char *trust_model;
struct {
unsigned int no_symkey_cache : 1;
@@ -455,6 +456,7 @@ gpg_release (void *engine)
if (gpg->cmd.keyword)
free (gpg->cmd.keyword);
free (gpg->auto_key_locate);
+ free (gpg->trust_model);
gpgme_data_release (gpg->override_session_key);
gpgme_data_release (gpg->diagnostics);
@@ -669,6 +671,14 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx)
ctx->auto_key_locate, NULL);
}
+ if (ctx->trust_model && strlen (ctx->trust_model))
+ {
+ if (gpg->trust_model)
+ free (gpg->trust_model);
+ gpg->trust_model = _gpgme_strconcat ("--trust-model=",
+ ctx->trust_model, NULL);
+ }
+
gpg->flags.no_symkey_cache = (ctx->no_symkey_cache
&& have_gpg_version (gpg, "2.2.7"));
gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23"));
@@ -981,6 +991,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname)
argc++;
}
+ if (gpg->trust_model)
+ {
+ argv[argc] = strdup (gpg->trust_model);
+ if (!argv[argc])
+ {
+ int saved_err = gpg_error_from_syserror ();
+ free (fd_data_map);
+ free_argv (argv);
+ return saved_err;
+ }
+ argc++;
+ }
+
if (gpg->flags.no_symkey_cache)
{
argv[argc] = strdup ("--no-symkey-cache");
diff --git a/src/gpgme.c b/src/gpgme.c
index 2d829d9..3d72f69 100644
--- a/src/gpgme.c
+++ b/src/gpgme.c
@@ -250,6 +250,7 @@ gpgme_release (gpgme_ctx_t ctx)
free (ctx->override_session_key);
free (ctx->request_origin);
free (ctx->auto_key_locate);
+ free (ctx->trust_model);
_gpgme_engine_info_release (ctx->engine_info);
ctx->engine_info = NULL;
DESTROY_LOCK (ctx->lock);
@@ -554,6 +555,13 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value)
if (!ctx->auto_key_locate)
err = gpg_error_from_syserror ();
}
+ else if (!strcmp (name, "trust-model"))
+ {
+ free (ctx->trust_model);
+ ctx->trust_model = strdup (value);
+ if (!ctx->trust_model)
+ err = gpg_error_from_syserror ();
+ }
else
err = gpg_error (GPG_ERR_UNKNOWN_NAME);
diff --git a/tests/run-keylist.c b/tests/run-keylist.c
index 9206b50..08b671d 100644
--- a/tests/run-keylist.c
+++ b/tests/run-keylist.c
@@ -60,6 +60,7 @@ show_usage (int ex)
" --from-file list all keys in the given file\n"
" --from-wkd list key from a web key directory\n"
" --require-gnupg required at least the given GnuPG version\n"
+ " --trust-model use the specified trust-model\n"
, stderr);
exit (ex);
}
@@ -104,6 +105,7 @@ main (int argc, char **argv)
int from_file = 0;
int from_wkd = 0;
gpgme_data_t data = NULL;
+ char *trust_model = NULL;
if (argc)
@@ -208,6 +210,14 @@ main (int argc, char **argv)
mode |= GPGME_KEYLIST_MODE_LOCATE;
from_wkd = 1;
}
+ else if (!strcmp (*argv, "--trust-model"))
+ {
+ argc--; argv++;
+ if (!argc)
+ show_usage (1);
+ trust_model = strdup (*argv);
+ argc--; argv++;
+ }
else if (!strncmp (*argv, "--", 2))
show_usage (1);
}
@@ -227,6 +237,12 @@ main (int argc, char **argv)
gpgme_set_offline (ctx, offline);
+ if (trust_model)
+ {
+ err = gpgme_set_ctx_flag (ctx, "trust-model", trust_model);
+ fail_if_err (err);
+ }
+
if (from_wkd)
{
err = gpgme_set_ctx_flag (ctx, "auto-key-locate",
@@ -401,6 +417,8 @@ main (int argc, char **argv)
for (keyidx=0; keyarray[keyidx]; keyidx++)
gpgme_key_unref (keyarray[keyidx]);
+ free (trust_model);
+
gpgme_release (ctx);
return 0;
}
commit 7a1e6dbfb16f71f692a53f7e0955bde86dbb7fee
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Tue Oct 9 10:47:16 2018 +0200
cpp: Initialize all gpgme_key_t's in context
* lang/cpp/src/context.cpp (Context::startKeyListing),
(Context::keyListResult, Context::signingKeys): Initialize key.
--
"Should" not be neccessary but it's cleaner and would have
covered the case of the previous commit.
diff --git a/lang/cpp/src/context.cpp b/lang/cpp/src/context.cpp
index 1e4e549..2892d8b 100644
--- a/lang/cpp/src/context.cpp
+++ b/lang/cpp/src/context.cpp
@@ -509,7 +509,7 @@ Error Context::startKeyListing(const char *patterns[], bool secretOnly)
Key Context::nextKey(GpgME::Error &e)
{
d->lastop = Private::KeyList;
- gpgme_key_t key;
+ gpgme_key_t key = nullptr;
e = Error(d->lasterr = gpgme_op_keylist_next(d->ctx, &key));
return Key(key, false);
}
@@ -528,7 +528,7 @@ KeyListResult Context::keyListResult() const
Key Context::key(const char *fingerprint, GpgME::Error &e , bool secret /*, bool forceUpdate*/)
{
d->lastop = Private::KeyList;
- gpgme_key_t key;
+ gpgme_key_t key = nullptr;
e = Error(d->lasterr = gpgme_get_key(d->ctx, fingerprint, &key, int(secret)/*, int( forceUpdate )*/));
return Key(key, false);
}
@@ -1067,7 +1067,7 @@ Key Context::signingKey(unsigned int idx) const
std::vector<Key> Context::signingKeys() const
{
std::vector<Key> result;
- gpgme_key_t key;
+ gpgme_key_t key = nullptr;
for (unsigned int i = 0 ; (key = gpgme_signers_enum(d->ctx, i)) ; ++i) {
result.push_back(Key(key, false));
}
commit ecfa88e65fda9c9766ad526d57e2fc8b2884f634
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Tue Oct 9 10:45:12 2018 +0200
core: Ensure r_key init in gpgme_get_key
* src/keylist.c (gpgme_get_key): Move r_key init above
the first invalid value check.
--
This fixes the case where someone passes an unitialized
r_key and no fingerprint.
diff --git a/src/keylist.c b/src/keylist.c
index 9c5bd4e..6fe256c 100644
--- a/src/keylist.c
+++ b/src/keylist.c
@@ -1266,11 +1266,12 @@ gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key,
TRACE_BEG2 (DEBUG_CTX, "gpgme_get_key", ctx,
"fpr=%s, secret=%i", fpr, secret);
+ if (r_key)
+ *r_key = NULL;
+
if (!ctx || !r_key || !fpr)
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
- *r_key = NULL;
-
if (strlen (fpr) < 8) /* We have at least a key ID. */
return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE));
commit bf4aae45129c1093ee7712bdbcdfe1c8f2ca7c0f
Author: Andre Heinecke <aheinecke at intevation.de>
Date: Tue Oct 9 09:37:28 2018 +0200
qt, tests: Add test for single get key
* lang/qt/tests/t-keylist.cpp (testGetKey): New.
--
Added this to check if there was a memleak in that function.
diff --git a/lang/qt/tests/t-keylist.cpp b/lang/qt/tests/t-keylist.cpp
index bf57ba7..21349c1 100644
--- a/lang/qt/tests/t-keylist.cpp
+++ b/lang/qt/tests/t-keylist.cpp
@@ -42,6 +42,10 @@
#include "qgpgmebackend.h"
#include "keylistresult.h"
+#include "context.h"
+
+#include <memory>
+
#include "t-support.h"
using namespace QGpgME;
@@ -72,6 +76,35 @@ private Q_SLOTS:
QVERIFY (keys[0].subkeys()[1].publicKeyAlgorithm() == Subkey::AlgoELG_E);
}
+ // This test can help with valgrind to check for memleaks when handling
+ // keys
+ void testGetKey()
+ {
+ GpgME::Key key;
+ {
+ auto ctx = std::unique_ptr<GpgME::Context> (GpgME::Context::createForProtocol(GpgME::OpenPGP));
+ ctx->setKeyListMode (GpgME::KeyListMode::Local |
+ GpgME::KeyListMode::Signatures |
+ GpgME::KeyListMode::Validate |
+ GpgME::KeyListMode::WithTofu);
+ GpgME::Error err;
+ key = ctx->key ("A0FF4590BB6122EDEF6E3C542D727CC768697734", err, false);
+ }
+ QVERIFY(key.primaryFingerprint());
+ QVERIFY(!strcmp(key.primaryFingerprint(), "A0FF4590BB6122EDEF6E3C542D727CC768697734"));
+ {
+ auto ctx = std::unique_ptr<GpgME::Context> (GpgME::Context::createForProtocol(GpgME::OpenPGP));
+ ctx->setKeyListMode (GpgME::KeyListMode::Local |
+ GpgME::KeyListMode::Signatures |
+ GpgME::KeyListMode::Validate |
+ GpgME::KeyListMode::WithTofu);
+ GpgME::Error err;
+ key = ctx->key ("A0FF4590BB6122EDEF6E3C542D727CC768697734", err, false);
+ }
+ QVERIFY(key.primaryFingerprint());
+ QVERIFY(!strcmp(key.primaryFingerprint(), "A0FF4590BB6122EDEF6E3C542D727CC768697734"));
+ }
+
void testPubkeyAlgoAsString()
{
static const QMap<Subkey::PubkeyAlgo, QString> expected {
-----------------------------------------------------------------------
Summary of changes:
doc/gpgme.texi | 19 +++++++++++++++++++
lang/cpp/src/context.cpp | 6 +++---
lang/qt/tests/t-keylist.cpp | 33 +++++++++++++++++++++++++++++++++
src/context.h | 3 +++
src/engine-gpg.c | 23 +++++++++++++++++++++++
src/gpgme.c | 8 ++++++++
src/keylist.c | 5 +++--
tests/run-keylist.c | 18 ++++++++++++++++++
8 files changed, 110 insertions(+), 5 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
More information about the Gnupg-commits
mailing list