Update gnupg, gcrypt and gpgme
authorAndre Heinecke <aheinecke@intevation.de>
Tue, 8 Sep 2015 15:18:58 +0000 (17:18 +0200)
committerAndre Heinecke <aheinecke@intevation.de>
Tue, 8 Sep 2015 15:18:58 +0000 (17:18 +0200)
* packages/packages.current (gnupg, gpgpme, libgcrypt): Updated.
* patches/gnupg2-2.0.28: Moved to gnupg2-2.0.29
* patches/gnupg2-2.0.28/
0007-sm-Revert-to-use-SHA-1-for-CSR-generation.patch: Removed.
* patches/gpgme-1.5.5/
0001-Add-offline-mode-support-for-CMS-keylisting.patch: Removed.
* Makefile.am (EXTRA_DIST): Update accordingly.
* NEWS: Update GnuPG Version.

Makefile.am
NEWS
packages/packages.current
patches/gnupg2-2.0.28/0007-sm-Revert-to-use-SHA-1-for-CSR-generation.patch [deleted file]
patches/gnupg2-2.0.29/0001-Enable-wildcard-expansion-with-mingw-w64.patch [moved from patches/gnupg2-2.0.28/0001-Enable-wildcard-expansion-with-mingw-w64.patch with 100% similarity]
patches/gnupg2-2.0.29/0002-Let-wchar_to_native-convert-to-console-codepage.patch [moved from patches/gnupg2-2.0.28/0002-Let-wchar_to_native-convert-to-console-codepage.patch with 100% similarity]
patches/gnupg2-2.0.29/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch [moved from patches/gnupg2-2.0.28/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch with 100% similarity]
patches/gnupg2-2.0.29/0006-gpgsm-Add-command-option-offline.patch [moved from patches/gnupg2-2.0.28/0006-gpgsm-Add-command-option-offline.patch with 100% similarity]
patches/gpgme-1.5.5/0001-Add-offline-mode-support-for-CMS-keylisting.patch [deleted file]

index b6ccd0b..fe9e5d5 100644 (file)
@@ -29,12 +29,10 @@ EXTRA_DIST = autogen.sh README.GIT ONEWS \
         build-aux/git-log-footer build-aux/git-log-fix \
         patches/dirmngr-1.1.1/dirmngr-pth.patch \
         patches/glib-2.41.5/01-socket.patch \
-        patches/gpgme-1.5.5/0001-Add-offline-mode-support-for-CMS-keylisting.patch \
-        patches/gnupg2-2.0.28/0001-Enable-wildcard-expansion-with-mingw-w64.patch \
-        patches/gnupg2-2.0.28/0002-Let-wchar_to_native-convert-to-console-codepage.patch \
-        patches/gnupg2-2.0.28/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch \
-        patches/gnupg2-2.0.28/0006-gpgsm-Add-command-option-offline.patch \
-        patches/gnupg2-2.0.28/0007-sm-Revert-to-use-SHA-1-for-CSR-generation.patch \
+        patches/gnupg2-2.0.29/0001-Enable-wildcard-expansion-with-mingw-w64.patch \
+        patches/gnupg2-2.0.29/0002-Let-wchar_to_native-convert-to-console-codepage.patch \
+        patches/gnupg2-2.0.29/0005-Fix-gpgtar-8-bit-encoding-handling-on-Win32.patch \
+        patches/gnupg2-2.0.29/0006-gpgsm-Add-command-option-offline.patch \
         patches/gnupg2/01-version.patch \
         patches/gnupg2/01-version.patch.in \
         patches/gnutls-2.12.23/01-openssl-wincrypt.patch \
diff --git a/NEWS b/NEWS
index 28554a8..f63d1c6 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -16,6 +16,10 @@ Noteworthy changes in version 2.2.6 (unreleased)
          http://www.claws-mail.org/win32/
      verf├╝gbar.
 
+(en) GnuPG has been updated to Version 2.0.29.
+
+(de) GnuPG wurde auf Version 2.0.29 aktualisiert.
+
 (en) X509 Certificate requests can now again generated with
      default options.
 
@@ -23,7 +27,7 @@ Noteworthy changes in version 2.2.6 (unreleased)
      Standartoptionen generiert werden.
 
 ~~~~~~~~~~~~~~~
-GnuPG:          2.0.28
+GnuPG:          2.0.29
 Kleopatra:      2.2.0-gitcf609810
 GPA:            0.9.7
 GpgOL:          1.2.1
index 39b548d..572f362 100644 (file)
@@ -313,10 +313,10 @@ server ftp://ftp.gnupg.org/gcrypt
 file libgpg-error/libgpg-error-1.19.tar.bz2
 chk  4997951ab058788de48b989013668eb3df1e6939
 
-# last changed: 2015-03-09
+# last changed: 2015-09-08
 # by: ah
-file libgcrypt/libgcrypt-1.6.3.tar.bz2
-chk  9456e7b64db9df8360a1407a38c8c958da80bbf1
+file libgcrypt/libgcrypt-1.6.4.tar.bz2
+chk  ed52add1ce635deeb2f5c6650e52667debd4ec70
 
 # last-changed: 2015-06-05
 # by: ah
@@ -328,10 +328,10 @@ chk  86fe0436f3c8c394d32e142ee410a9f9560173fb
 file libassuan/libassuan-2.2.1.tar.bz2
 chk  c21b86482f6a3624c2b46b91e20f8415f244233a
 
-# last changed: 2015-06-05
+# last changed: 2015-09-08
 # by: ah
-name gnupg2-2.0.28.tar.bz2
-file gnupg/gnupg-2.0.28.tar.bz2
+name gnupg2-2.0.29.tar.bz2
+file gnupg/gnupg-2.0.29.tar.bz2
 chk  9a1050f72b6c9afe2b4a0a3f2e9dca2abba8e4ef
 
 # checked: 2014-07-16 ah
@@ -347,10 +347,10 @@ chk  0c47f0ddea4631bcba01ebbeca8bffe0bf43e440
 file scute/scute-1.4.0.tar.bz2
 chk  e28141d2b03612c09512651795976c58ed3f8035
 
-# last changed: 2015-06-23
+# last changed: 2015-09-08
 # by: ah
-file gpgme/gpgme-1.5.5.tar.bz2
-chk  88476d72cb099e179de4040760502886f7a54926
+file gpgme/gpgme-1.6.0.tar.bz2
+chk  21510323495f6220f8f67610c3c27a23d761d43d
 
 # last changed: 2015-03-09
 # by: ah
diff --git a/patches/gnupg2-2.0.28/0007-sm-Revert-to-use-SHA-1-for-CSR-generation.patch b/patches/gnupg2-2.0.28/0007-sm-Revert-to-use-SHA-1-for-CSR-generation.patch
deleted file mode 100755 (executable)
index b42a7c6..0000000
+++ /dev/null
@@ -1,85 +0,0 @@
-#! /bin/sh
-patch -p1 -l -f $* < $0
-exit $?
-
-From 35d3ced4fda90a5410a579850ca92ea6a356b402 Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Mon, 27 Jul 2015 11:28:31 +0200
-Subject: [PATCH] sm: Revert to use SHA-1 for CSR generation.
-
-* sm/certreqgen.c (create_request): Revert to use SHA-1 but change to
-set it only at one place.
---
-
-Regression-due-to: bdf439035d123e4751e133ad42982673b0c86b75
-Signed-off-by: Werner Koch <wk@gnupg.org>
----
- sm/certreqgen.c | 25 ++++++++++++++++---------
- 1 file changed, 16 insertions(+), 9 deletions(-)
-
-diff --git a/sm/certreqgen.c b/sm/certreqgen.c
-index ab8fbc8..a1e9bf8 100644
---- a/sm/certreqgen.c
-+++ b/sm/certreqgen.c
-@@ -587,7 +587,13 @@ proc_parameters (ctrl_t ctrl,
-
-
- /* Parameters are checked, the key pair has been created.  Now
--   generate the request and write it out */
-+   generate the request and write it out.
-+
-+   Note: We use SHA-1 here because Libksba hash a shortcut to use
-+   assume that if SIG_VAL uses as algo the string "rsa".  To fix that
-+   we would need to replace that string by an appropriate OID.  We
-+   leave this change for 2.1.
-+ */
- static int
- create_request (ctrl_t ctrl,
-                 struct para_data_s *para,
-@@ -597,6 +603,7 @@ create_request (ctrl_t ctrl,
- {
-   ksba_certreq_t cr;
-   gpg_error_t err;
-+  int hashalgo = GCRY_MD_SHA1;
-   gcry_md_hd_t md;
-   ksba_stop_reason_t stopreason;
-   int rc = 0;
-@@ -611,7 +618,7 @@ create_request (ctrl_t ctrl,
-   if (err)
-     return err;
-
--  rc = gcry_md_open (&md, GCRY_MD_SHA256, 0);
-+  rc = gcry_md_open (&md, hashalgo, 0);
-   if (rc)
-     {
-       log_error ("md_open failed: %s\n", gpg_strerror (rc));
-@@ -792,10 +799,10 @@ create_request (ctrl_t ctrl,
-
-           if (carddirect)
-             rc = gpgsm_scd_pksign (ctrl, carddirect, NULL,
--                                     gcry_md_read(md, GCRY_MD_SHA1),
--                                     gcry_md_get_algo_dlen (GCRY_MD_SHA1),
--                                     GCRY_MD_SHA1,
--                                     &sigval, &siglen);
-+                                   gcry_md_read (md, hashalgo),
-+                                   gcry_md_get_algo_dlen (hashalgo),
-+                                   hashalgo,
-+                                   &sigval, &siglen);
-           else
-             {
-               char *orig_codeset;
-@@ -808,9 +815,9 @@ create_request (ctrl_t ctrl,
-                    " more.\n"));
-               i18n_switchback (orig_codeset);
-               rc = gpgsm_agent_pksign (ctrl, hexgrip, desc,
--                                       gcry_md_read(md, GCRY_MD_SHA1),
--                                       gcry_md_get_algo_dlen (GCRY_MD_SHA1),
--                                       GCRY_MD_SHA1,
-+                                       gcry_md_read(md, hashalgo),
-+                                       gcry_md_get_algo_dlen (hashalgo),
-+                                       hashalgo,
-                                        &sigval, &siglen);
-               xfree (desc);
-             }
---
-1.9.1
diff --git a/patches/gpgme-1.5.5/0001-Add-offline-mode-support-for-CMS-keylisting.patch b/patches/gpgme-1.5.5/0001-Add-offline-mode-support-for-CMS-keylisting.patch
deleted file mode 100755 (executable)
index bc78a9b..0000000
+++ /dev/null
@@ -1,450 +0,0 @@
-#! /bin/sh
-patch -p1 -l -f $* < $0
-exit $?
-
-From c6744a9ecbbc9628ad0f9fe5893bb54154b31373 Mon Sep 17 00:00:00 2001
-From: Andre Heinecke <aheinecke@intevation.de>
-Date: Thu, 2 Jul 2015 10:19:04 +0200
-Subject: [PATCH] Add offline mode support for CMS keylisting
-
-* doc/gpgme.texi: Document offline mode.
-* src/context.h (gpgme_context): Add offline.
-* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
-* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
-  (_gpgme_engine_op_keylist_ext): Ditto.
-* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
-* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
-* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
-  (gpgsm_keylist_ext): Ditto.
-* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
-* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
-* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
-* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
-* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
-  (gpgme_op_keylist_ext_start): Ditto.
-* tests/run-keylist.c (show_usage, main): Add offline argument.
-
---
-The offline engine option was introduced with gpgsm 2.1.6
-it is mainly useful for a full keylisting that includes
-the certificate validation but does not depend on external
-information that could take an indefinite amount of time to
-collect.
-
-Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
----
- doc/gpgme.texi       | 33 +++++++++++++++++++++++++++++++++
- src/context.h        |  3 +++
- src/engine-backend.h |  6 ++++--
- src/engine-gpg.c     |  4 ++--
- src/engine-gpgsm.c   | 15 ++++++++++++---
- src/engine.c         | 10 ++++++----
- src/engine.h         |  9 +++++++--
- src/gpgme.c          | 24 ++++++++++++++++++++++++
- src/gpgme.def        |  3 +++
- src/gpgme.h.in       |  6 ++++++
- src/keylist.c        | 13 +++++++++++--
- src/libgpgme.vers    |  3 +++
- tests/run-keylist.c  |  9 +++++++++
- 13 files changed, 123 insertions(+), 15 deletions(-)
-
-diff --git a/doc/gpgme.texi b/doc/gpgme.texi
-index 45c359d..ef4936d 100644
---- a/doc/gpgme.texi
-+++ b/doc/gpgme.texi
-@@ -189,6 +189,7 @@ Context Attributes
- * Crypto Engine::                 Configuring the crypto engine.
- * ASCII Armor::                   Requesting @acronym{ASCII} armored output.
- * Text Mode::                     Choosing canonical text mode.
-+* Offline Mode::                  Choosing offline mode.
- * Included Certificates::         Including a number of certificates.
- * Key Listing Mode::              Selecting key listing mode.
- * Passphrase Callback::           Getting the passphrase from the user.
-@@ -2285,6 +2286,7 @@ started.  In fact, these references are accessed through the
- * Crypto Engine::                 Configuring the crypto engine.
- * ASCII Armor::                   Requesting @acronym{ASCII} armored output.
- * Text Mode::                     Choosing canonical text mode.
-+* Offline Mode::                  Choosing offline mode.
- * Included Certificates::         Including a number of certificates.
- * Key Listing Mode::              Selecting key listing mode.
- * Passphrase Callback::           Getting the passphrase from the user.
-@@ -2413,6 +2415,37 @@ valid pointer.
- @end deftypefun
-
-
-+@node Offline Mode
-+@subsection Offline Mode
-+@cindex context, offline mode
-+@cindex offline mode
-+
-+@deftypefun void gpgme_set_offline (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}})
-+The function @code{gpgme_set_offline} specifies if offline mode
-+should be used.  By default, offline mode is not used.
-+
-+The offline mode specifies if dirmngr should be used to do additional
-+validation that might require connections to external services.
-+(e.g. CRL / OCSP checks).
-+
-+Offline mode only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}
-+and is only relevant to the CMS crypto engine. Offline mode
-+is ignored otherwise.
-+
-+This option may be extended in the future to completely disable
-+the use of dirmngr for any engine.
-+
-+Offline mode is disabled if @var{yes} is zero, and enabled
-+otherwise.
-+@end deftypefun
-+
-+@deftypefun int gpgme_get_offline (@w{gpgme_ctx_t @var{ctx}})
-+The function @code{gpgme_get_offline} returns 1 if offline
-+mode is enabled, and @code{0} if it is not, or if @var{ctx} is not a
-+valid pointer.
-+@end deftypefun
-+
-+
- @node Included Certificates
- @subsection Included Certificates
- @cindex certificates, included
-diff --git a/src/context.h b/src/context.h
-index 745ffa8..8cd86e9 100644
---- a/src/context.h
-+++ b/src/context.h
-@@ -98,6 +98,9 @@ struct gpgme_context
-   /* True if text mode should be used.  */
-   unsigned int use_textmode : 1;
-
-+  /* True if offline mode should be used.  */
-+  unsigned int offline : 1;
-+
-   /* Flags for keylist mode.  */
-   gpgme_keylist_mode_t keylist_mode;
-
-diff --git a/src/engine-backend.h b/src/engine-backend.h
-index b3cc412..4f4519c 100644
---- a/src/engine-backend.h
-+++ b/src/engine-backend.h
-@@ -85,10 +85,12 @@ struct engine_ops
-   gpgme_error_t (*import) (void *engine, gpgme_data_t keydata,
-                            gpgme_key_t *keyarray);
-   gpgme_error_t (*keylist) (void *engine, const char *pattern,
--                          int secret_only, gpgme_keylist_mode_t mode);
-+                          int secret_only, gpgme_keylist_mode_t mode,
-+                          int engine_flags);
-   gpgme_error_t (*keylist_ext) (void *engine, const char *pattern[],
-                               int secret_only, int reserved,
--                              gpgme_keylist_mode_t mode);
-+                              gpgme_keylist_mode_t mode,
-+                              int engine_flags);
-   gpgme_error_t (*sign) (void *engine, gpgme_data_t in, gpgme_data_t out,
-                        gpgme_sig_mode_t mode, int use_armor,
-                        int use_textmode, int include_certs,
-diff --git a/src/engine-gpg.c b/src/engine-gpg.c
-index e14fd8d..510dfd9 100644
---- a/src/engine-gpg.c
-+++ b/src/engine-gpg.c
-@@ -2279,7 +2279,7 @@ gpg_keylist_build_options (engine_gpg_t gpg, int secret_only,
-
- static gpgme_error_t
- gpg_keylist (void *engine, const char *pattern, int secret_only,
--           gpgme_keylist_mode_t mode)
-+           gpgme_keylist_mode_t mode, int engine_flags)
- {
-   engine_gpg_t gpg = engine;
-   gpgme_error_t err;
-@@ -2298,7 +2298,7 @@ gpg_keylist (void *engine, const char *pattern, int secret_only,
-
- static gpgme_error_t
- gpg_keylist_ext (void *engine, const char *pattern[], int secret_only,
--               int reserved, gpgme_keylist_mode_t mode)
-+               int reserved, gpgme_keylist_mode_t mode, int engine_flags)
- {
-   engine_gpg_t gpg = engine;
-   gpgme_error_t err;
-diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c
-index ac6c5fc..3771157 100644
---- a/src/engine-gpgsm.c
-+++ b/src/engine-gpgsm.c
-@@ -1542,7 +1542,7 @@ gpgsm_import (void *engine, gpgme_data_t keydata, gpgme_key_t *keyarray)
-
- static gpgme_error_t
- gpgsm_keylist (void *engine, const char *pattern, int secret_only,
--             gpgme_keylist_mode_t mode)
-+             gpgme_keylist_mode_t mode, int engine_flags)
- {
-   engine_gpgsm_t gpgsm = engine;
-   char *line;
-@@ -1599,6 +1599,11 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only,
-                                "OPTION with-secret=1":
-                                "OPTION with-secret=0" ,
-                                NULL, NULL);
-+  gpgsm_assuan_simple_command (gpgsm->assuan_ctx,
-+                               (engine_flags & GPGME_ENGINE_FLAG_OFFLINE)?
-+                               "OPTION offline=1":
-+                               "OPTION offline=0" ,
-+                               NULL, NULL);
-
-
-   /* Length is "LISTSECRETKEYS " + p + '\0'.  */
-@@ -1629,7 +1634,7 @@ gpgsm_keylist (void *engine, const char *pattern, int secret_only,
-
- static gpgme_error_t
- gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
--                 int reserved, gpgme_keylist_mode_t mode)
-+                 int reserved, gpgme_keylist_mode_t mode, int engine_flags)
- {
-   engine_gpgsm_t gpgsm = engine;
-   char *line;
-@@ -1669,7 +1674,11 @@ gpgsm_keylist_ext (void *engine, const char *pattern[], int secret_only,
-                                "OPTION with-secret=1":
-                                "OPTION with-secret=0" ,
-                                NULL, NULL);
--
-+  gpgsm_assuan_simple_command (gpgsm->assuan_ctx,
-+                               (engine_flags & GPGME_ENGINE_FLAG_OFFLINE)?
-+                               "OPTION offline=1":
-+                               "OPTION offline=0" ,
-+                               NULL, NULL);
-
-   if (pattern && *pattern)
-     {
-diff --git a/src/engine.c b/src/engine.c
-index ff015c0..8e84da9 100644
---- a/src/engine.c
-+++ b/src/engine.c
-@@ -726,7 +726,8 @@ _gpgme_engine_op_import (engine_t engine, gpgme_data_t keydata,
-
- gpgme_error_t
- _gpgme_engine_op_keylist (engine_t engine, const char *pattern,
--                        int secret_only, gpgme_keylist_mode_t mode)
-+                        int secret_only, gpgme_keylist_mode_t mode,
-+                        int engine_flags)
- {
-   if (!engine)
-     return gpg_error (GPG_ERR_INV_VALUE);
-@@ -734,14 +735,15 @@ _gpgme_engine_op_keylist (engine_t engine, const char *pattern,
-   if (!engine->ops->keylist)
-     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-
--  return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode);
-+  return (*engine->ops->keylist) (engine->engine, pattern, secret_only, mode,
-+                                  engine_flags);
- }
-
-
- gpgme_error_t
- _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
-                             int secret_only, int reserved,
--                            gpgme_keylist_mode_t mode)
-+                            gpgme_keylist_mode_t mode, int engine_flags)
- {
-   if (!engine)
-     return gpg_error (GPG_ERR_INV_VALUE);
-@@ -750,7 +752,7 @@ _gpgme_engine_op_keylist_ext (engine_t engine, const char *pattern[],
-     return gpg_error (GPG_ERR_NOT_IMPLEMENTED);
-
-   return (*engine->ops->keylist_ext) (engine->engine, pattern, secret_only,
--                                    reserved, mode);
-+                                    reserved, mode, engine_flags);
- }
-
-
-diff --git a/src/engine.h b/src/engine.h
-index bbf009d..56fcc42 100644
---- a/src/engine.h
-+++ b/src/engine.h
-@@ -113,12 +113,14 @@ gpgme_error_t _gpgme_engine_op_import (engine_t engine,
- gpgme_error_t _gpgme_engine_op_keylist (engine_t engine,
-                                       const char *pattern,
-                                       int secret_only,
--                                      gpgme_keylist_mode_t mode);
-+                                      gpgme_keylist_mode_t mode,
-+                                      int engine_flags);
- gpgme_error_t _gpgme_engine_op_keylist_ext (engine_t engine,
-                                           const char *pattern[],
-                                           int secret_only,
-                                           int reserved,
--                                          gpgme_keylist_mode_t mode);
-+                                          gpgme_keylist_mode_t mode,
-+                                          int engine_flags);
- gpgme_error_t _gpgme_engine_op_sign (engine_t engine, gpgme_data_t in,
-                                    gpgme_data_t out, gpgme_sig_mode_t mode,
-                                    int use_armor, int use_textmode,
-@@ -170,5 +172,8 @@ gpgme_error_t _gpgme_engine_op_spawn (engine_t engine,
-                                       gpgme_data_t dataerr,
-                                       unsigned int flags);
-
-+/* The available engine option flags.  */
-+#define GPGME_ENGINE_FLAG_OFFLINE        1
-+
-
- #endif /* ENGINE_H */
-diff --git a/src/gpgme.c b/src/gpgme.c
-index 628cdae..c24b620 100644
---- a/src/gpgme.c
-+++ b/src/gpgme.c
-@@ -472,6 +472,30 @@ gpgme_get_textmode (gpgme_ctx_t ctx)
- }
-
-
-+/* Enable offline mode for this context. In offline mode dirmngr
-+  will be disabled. */
-+void
-+gpgme_set_offline (gpgme_ctx_t ctx, int offline)
-+{
-+  TRACE2 (DEBUG_CTX, "gpgme_set_offline", ctx, "offline=%i (%s)",
-+          offline, offline ? "yes" : "no");
-+
-+  if (!ctx)
-+    return;
-+
-+  ctx->offline = offline;
-+}
-+
-+/* Return the state of the offline flag.  */
-+int
-+gpgme_get_offline (gpgme_ctx_t ctx)
-+{
-+  TRACE2 (DEBUG_CTX, "gpgme_get_offline", ctx, "ctx->offline=%i (%s)",
-+          ctx->offline, ctx->offline ? "yes" : "no");
-+  return ctx->offline;
-+}
-+
-+
- /* Set the number of certifications to include in an S/MIME message.
-    The default is GPGME_INCLUDE_CERTS_DEFAULT.  -1 means all certs,
-    and -2 means all certs except the root cert.  */
-diff --git a/src/gpgme.def b/src/gpgme.def
-index dc18948..cf167b4 100644
---- a/src/gpgme.def
-+++ b/src/gpgme.def
-@@ -217,5 +217,8 @@ EXPORTS
-
-     gpgme_op_spawn_start                  @163
-     gpgme_op_spawn                        @164
-+
-+    gpgme_set_offline                     @165
-+    gpgme_get_offline                     @166
- ; END
-
-diff --git a/src/gpgme.h.in b/src/gpgme.h.in
-index 15ed803..099cc8a 100644
---- a/src/gpgme.h.in
-+++ b/src/gpgme.h.in
-@@ -887,6 +887,12 @@ void gpgme_set_textmode (gpgme_ctx_t ctx, int yes);
- /* Return non-zero if text mode is set in CTX.  */
- int gpgme_get_textmode (gpgme_ctx_t ctx);
-
-+/* If YES is non-zero, enable offline mode in CTX, disable it otherwise.  */
-+void gpgme_set_offline (gpgme_ctx_t ctx, int yes);
-+
-+/* Return non-zero if offline mode is set in CTX.  */
-+int gpgme_get_offline (gpgme_ctx_t ctx);
-+
- /* Use whatever the default of the backend crypto engine is.  */
- #define GPGME_INCLUDE_CERTS_DEFAULT   -256
-
-diff --git a/src/keylist.c b/src/keylist.c
-index 36ee3ea..fcf574f 100644
---- a/src/keylist.c
-+++ b/src/keylist.c
-@@ -889,6 +889,7 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only)
-   gpgme_error_t err;
-   void *hook;
-   op_data_t opd;
-+  int flags = 0;
-
-   TRACE_BEG2 (DEBUG_CTX, "gpgme_op_keylist_start", ctx,
-             "pattern=%s, secret_only=%i", pattern, secret_only);
-@@ -913,8 +914,11 @@ gpgme_op_keylist_start (gpgme_ctx_t ctx, const char *pattern, int secret_only)
-   if (err)
-     return TRACE_ERR (err);
-
-+  if (ctx->offline)
-+    flags |= GPGME_ENGINE_FLAG_OFFLINE;
-+
-   err = _gpgme_engine_op_keylist (ctx->engine, pattern, secret_only,
--                                ctx->keylist_mode);
-+                                ctx->keylist_mode, flags);
-   return TRACE_ERR (err);
- }
-
-@@ -929,6 +933,7 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[],
-   gpgme_error_t err;
-   void *hook;
-   op_data_t opd;
-+  int flags = 0;
-
-   TRACE_BEG2 (DEBUG_CTX, "gpgme_op_keylist_ext_start", ctx,
-             "secret_only=%i, reserved=0x%x", secret_only, reserved);
-@@ -952,8 +957,12 @@ gpgme_op_keylist_ext_start (gpgme_ctx_t ctx, const char *pattern[],
-   if (err)
-     return TRACE_ERR (err);
-
-+  if (ctx->offline)
-+    flags |= GPGME_ENGINE_FLAG_OFFLINE;
-+
-   err = _gpgme_engine_op_keylist_ext (ctx->engine, pattern, secret_only,
--                                    reserved, ctx->keylist_mode);
-+                                    reserved, ctx->keylist_mode,
-+                                    flags);
-   return TRACE_ERR (err);
- }
-
-diff --git a/src/libgpgme.vers b/src/libgpgme.vers
-index 39663c1..fc2920f 100644
---- a/src/libgpgme.vers
-+++ b/src/libgpgme.vers
-@@ -92,6 +92,9 @@ GPGME_1.1 {
-
-     gpgme_op_spawn_start;
-     gpgme_op_spawn;
-+
-+    gpgme_set_offline;
-+    gpgme_get_offline;
- };
-
-
-diff --git a/tests/run-keylist.c b/tests/run-keylist.c
-index 07c6fa1..8abdf43 100644
---- a/tests/run-keylist.c
-+++ b/tests/run-keylist.c
-@@ -53,6 +53,7 @@ show_usage (int ex)
-          "  --ephemeral      use GPGME_KEYLIST_MODE_EPHEMERAL\n"
-          "  --validate       use GPGME_KEYLIST_MODE_VALIDATE\n"
-          "  --import         import all keys\n"
-+         "  --offline        use offline mode\n"
-          , stderr);
-   exit (ex);
- }
-@@ -72,6 +73,7 @@ main (int argc, char **argv)
-   int keyidx = 0;
-   gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP;
-   int only_secret = 0;
-+  int offline = 0;
-
-   if (argc)
-     { argc--; argv++; }
-@@ -141,6 +143,11 @@ main (int argc, char **argv)
-           import = 1;
-           argc--; argv++;
-         }
-+      else if (!strcmp (*argv, "--offline"))
-+        {
-+          offline = 1;
-+          argc--; argv++;
-+        }
-       else if (!strncmp (*argv, "--", 2))
-         show_usage (1);
-
-@@ -157,6 +164,8 @@ main (int argc, char **argv)
-
-   gpgme_set_keylist_mode (ctx, mode);
-
-+  gpgme_set_offline (ctx, offline);
-+
-   err = gpgme_op_keylist_start (ctx, argc? argv[0]:NULL, only_secret);
-   fail_if_err (err);
-
---
-1.9.1