3 years agoRelease 1.6.0 gpgme-1.6.0
Werner Koch [Wed, 26 Aug 2015 07:28:32 +0000 (09:28 +0200)]
Release 1.6.0

* Set LT version to C25/A14/R0.

Signed-off-by: Werner Koch <>
3 years agoMake use of GPGRT macros is available.
Werner Koch [Wed, 26 Aug 2015 07:16:36 +0000 (09:16 +0200)]
Make use of GPGRT macros is available.

* src/ (_GPGME_INLINE): Define using GPGRT_INLINE if
possible.  Fix problem with -Wundef by adding an extra "defined()".
(_GPGME_GCC_VERSION): Define using GPGRT_ macro if possible.

3 years agoAvoid -Wundef warnings if gpgme.h is used by g++.
Werner Koch [Tue, 25 Aug 2015 19:04:15 +0000 (21:04 +0200)]
Avoid -Wundef warnings if gpgme.h is used by g++.

* src/ (_GPGME_INLINE): Move definition into the

Signed-off-by: Werner Koch <>
3 years agoAdd configure option --enable-build-timestamp.
Werner Koch [Tue, 25 Aug 2015 18:40:06 +0000 (20:40 +0200)]
Add configure option --enable-build-timestamp.

* (BUILD_TIMESTAMP): Set to "<none>" by default.

This is based on
libgpg-error commit d620005fd1a655d591fccb44639e22ea445e4554
but changed to be disbaled by default.  Check there for some

Signed-off-by: Werner Koch <>
3 years agoRelax ttyname_r error checks
Daiki Ueno [Mon, 27 Jul 2015 07:19:52 +0000 (16:19 +0900)]
Relax ttyname_r error checks

* src/engine-assuan.c (llass_new): Don't treat ttyname_r error as
* src/engine-g13.c (g13_new): Likewise.
* src/engine-gpg.c (gpg_new): Likewise.
* src/engine-gpgsm.c (gpgsm_new): Likewise.
* src/engine-uiserver.c (uiserver_new): Likewise.

Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g.,
when /dev/pts is not accessible under chroot.  Since all our uses of
ttyname_r() require that the function works, we can treat the failure as
if isatty() fails.

Signed-off-by: Daiki Ueno <>
3 years agoCleanup layout of gpgme.h
Werner Koch [Tue, 25 Aug 2015 16:06:24 +0000 (18:06 +0200)]
Cleanup layout of gpgme.h

* src/ Reorder prototypes.  Chnage some comments.

Signed-off-by: Werner Koch <>
3 years agoImprove error return by checking the FAILURE status.
Werner Koch [Tue, 25 Aug 2015 11:22:43 +0000 (13:22 +0200)]
Improve error return by checking the FAILURE status.

* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.

* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.


This requires GnuPG 2.1.8 to actually make a difference.

Signed-off-by: Werner Koch <>
3 years agotests: Build test programs in tests/ without wrappers.
Werner Koch [Tue, 25 Aug 2015 08:37:02 +0000 (10:37 +0200)]
tests: Build test programs in tests/ without wrappers.


3 years agotests: Allow using run-sign to test loopback pinentry problems.
Werner Koch [Tue, 25 Aug 2015 07:05:27 +0000 (09:05 +0200)]
tests: Allow using run-sign to test loopback pinentry problems.

* tests/run-sign.c: Add options --status and --loopback.

3 years agoCall status_cb for an ERROR status seen in the passphrase handler.
Werner Koch [Mon, 24 Aug 2015 19:17:21 +0000 (21:17 +0200)]
Call status_cb for an ERROR status seen in the passphrase handler.

* src/passphrase.c (_gpgme_passphrase_status_handler): Call status_cb.

Frankly, we should have a more generic way of feeding the status_cb
handler than our current ad-hoc method.

Signed-off-by: Werner Koch <>
3 years agow32: Look for gpgconf in the new GnuPG 2.1 install dir.
Werner Koch [Mon, 24 Aug 2015 17:59:43 +0000 (19:59 +0200)]
w32: Look for gpgconf in the new GnuPG 2.1 install dir.

* src/w32-util.c (_gpgme_get_gpgconf_path): Try another location of

Signed-off-by: Werner Koch <>
3 years agow32: Expect gpgme-w32spawn.exe only in the gpgme installation dir.
Werner Koch [Mon, 24 Aug 2015 14:34:29 +0000 (16:34 +0200)]
w32: Expect gpgme-w32spawn.exe only in the gpgme installation dir.

* src/w32-util.c (find_program_at_standard_place): Remove.
(_gpgme_get_gpg_path): Make the search order more explicit.
(_gpgme_get_gpgconf_path): Ditto.
(_gpgme_get_w32spawn_path): Search only in the inst_dir.

This tries to avoid possible unclear bug reports by removing the
fallback to the current gpg4win installation directory for the gpgme
helper.  It is expected that users of gpgme installing their own gpgme
version also install the matching helper.

Signed-off-by: Werner Koch <>
3 years agow32: Print the installation directory in debug mode.
Werner Koch [Mon, 24 Aug 2015 13:03:20 +0000 (15:03 +0200)]
w32: Print the installation directory in debug mode.

* src/debug.c (debug_init) [W32]: Show libgpgme installation dir.

I expect that gpgme will be distributed by applications and thus it
will be helpful to see in the debug log which gpgme is actually used.

Signed-off-by: Werner Koch <>
3 years agoAdd an export secret key feature.
Werner Koch [Mon, 24 Aug 2015 10:41:24 +0000 (12:41 +0200)]
Add an export secret key feature.

* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.

* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.

Note that exporting secret X.509 keys requires GnuPG 2.1.8.

Signed-off-by: Werner Koch <>
3 years agoParse INQUIRE_MAXLEN in the passphrase callback.
Ben Kibbey [Sun, 16 Aug 2015 16:29:41 +0000 (12:29 -0400)]
Parse INQUIRE_MAXLEN in the passphrase callback.

* src/passphrase.c (_gpgme_passphrase_status_handler): Parse
* src/passphrase.c (_gpgme_passphrase_command_handler): Send the
INQUIRE_MAXLEN status message.

Fixes passing this status message along when decrypting symmetric data
from gpg.

3 years agoFix gpgme_{get,set}_status_cb to match documentation.
Ben Kibbey [Sat, 15 Aug 2015 20:58:04 +0000 (16:58 -0400)]
Fix gpgme_{get,set}_status_cb to match documentation.

* doc/gpgme.texi: Minor fixes.
* src/gpgme.c (gpgme_get_status_cb): Set return variables to NULL and
check for a valid ctx pointer.

3 years agoParse the INQUIRE_MAXLEN status message.
Ben Kibbey [Fri, 17 Apr 2015 01:05:01 +0000 (21:05 -0400)]
Parse the INQUIRE_MAXLEN status message.

* src/ (gpgme_status_code_t): Add INQUIRE_MAXLEN.
* src/status-table.c (status_table_s): Ditto.
* src/genkey.c (genkey_status_handler): Parse INQUIRE_MAXLEN.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

This status message informs the client of the maximum length of an
inquired line. It is sent from gpg and forwarded to the client via

3 years agoAdd gpgme_set/get_status_cb().
Ben Kibbey [Fri, 17 Apr 2015 00:23:38 +0000 (20:23 -0400)]
Add gpgme_set/get_status_cb().

* src/ (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
(gpgme_status_cb_t): New.
* src/gpgme.c (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
* src/context.h (status_cb): New.
(status_cb_value): New.
* src/gpgme.def: Export new symbols.
* src/libgpgme.vers: Ditto.
* doc/gpgme.texi: Document these new functions.

This callback function is used to forward status messages from gpg back
to the client.

3 years agoMake use of user passphrase handler during genkey.
Ben Kibbey [Tue, 14 Apr 2015 22:39:26 +0000 (18:39 -0400)]
Make use of user passphrase handler during genkey.

* src/genkey.c (genkey_start): set engine passphrase command handler.

This allows for inquiring a new passphrase during key generation rather
than requiring a pinentry. Needs a patch to gnupg to make use of
--command-fd with --gen-key.

3 years agoAlso check the return code in gpg_sign().
Ben Kibbey [Wed, 12 Aug 2015 10:46:43 +0000 (06:46 -0400)]
Also check the return code in gpg_sign().

* src/engine-gpg.c (gpg_sign): Check return value from start().

3 years agoCheck the return value when starting gpg.
Ben Kibbey [Tue, 11 Aug 2015 01:23:02 +0000 (21:23 -0400)]
Check the return value when starting gpg.

* src/engine-gpg.c (gpg_decrypt, gpg_delete, gpg_passwd): Check return
value of start().

3 years agoAdd offline mode support for CMS keylisting
Andre Heinecke [Thu, 2 Jul 2015 08:19:04 +0000 (10:19 +0200)]
Add offline mode support for CMS keylisting

* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
  (_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
  (gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/ (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
  (gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.

The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to

Signed-off-by: Andre Heinecke <>
3 years agobuild: ignore scissor line for the commit-msg hook
Peter Wu [Thu, 9 Jul 2015 15:11:33 +0000 (17:11 +0200)]
build: ignore scissor line for the commit-msg hook

* build-aux/git-hooks/commit-msg: Stop processing more lines when the
  scissor line is encountered.
This allows the command `git commit -v` to work even if the code is
longer than 72 characters. Note that comments are already ignored by the
previous line.

Signed-off-by: Peter Wu <>
3 years agoAdd option --lib-version to gpgme-tool.
Werner Koch [Thu, 23 Jul 2015 09:40:09 +0000 (11:40 +0200)]
Add option --lib-version to gpgme-tool.

* src/gpgme-tool.c (options, parse_options):  Add --lib-version
(main): Implement.

3 years agoPost release updates
Werner Koch [Mon, 8 Jun 2015 13:18:56 +0000 (15:18 +0200)]
Post release updates


3 years agoRelease 1.5.5 gpgme-1.5.5
Werner Koch [Mon, 8 Jun 2015 12:58:44 +0000 (14:58 +0200)]
Release 1.5.5

3 years agoFix regression with gpgsm 2.0 due to "OPTION with-secret".
Werner Koch [Mon, 8 Jun 2015 10:34:49 +0000 (12:34 +0200)]
Fix regression with gpgsm 2.0 due to "OPTION with-secret".

* src/engine-gpgsm.c (gpgsm_assuan_simple_command): Do not terminate
on a status lines.

This bug has been with us since the support for gpgsm: If there is no
status line handler but a status line is received anyway the command
handling loop terminates and thus the command/answer order gets out of
sync.  In the case of the bug report this is triggered by sending an
option which starts the agent and that starting emits a "PROGRESS"
status line.

The solution is not to stop reading after a status line but record a
possible error code and return that only after OK or ERR.

GnuPG-bug-id: 1795
Signed-off-by: Werner Koch <>
3 years agotests: Add option --secret to run-keylist.
Werner Koch [Mon, 8 Jun 2015 10:30:11 +0000 (12:30 +0200)]
tests: Add option --secret to run-keylist.

Signed-off-by: Werner Koch <>
3 years agoFix compiler warnings about unused value in TRACE macros.
Werner Koch [Mon, 8 Jun 2015 09:08:08 +0000 (11:08 +0200)]
Fix compiler warnings about unused value in TRACE macros.

* src/debug.h: Change macros to not have a literal 0 as last
expression of the comma operator.
* src/debug.c (_gpgme_debug_frame_end): Return 0.
(_gpgme_debug): Return 0.

Instead of using
   foo(), 0
for the trace macros we let foo() return 0 instead.

Signed-off-by: Werner Koch <>
3 years agoFix test suite for GnuPG 2.1 which uses pubring.kbx.
Werner Koch [Mon, 8 Jun 2015 08:43:29 +0000 (10:43 +0200)]
Fix test suite for GnuPG 2.1 which uses pubring.kbx.

* tests/gpgsm/final.test: New.
* tests/gpgsm/initial.test: New.
* tests/gpg/start-stop-agent: Move to ../.
* tests/gpgsm/ (TESTS_ENVIRONMENT): Export top_srcdir.
(TESTS): Add intial.test and final.test.
(AM_LDFLAGS): Add -no-install.
(clean-local): Use start-stop-agent
(initial.test): Add dependency.
* tests/gpg/ (top_srcdir): Export top_srcdir.
(AM_LDFLAGS): Add -no-install.
(check-local): Depend on pubring-stamp instead of pubring.gpg.
(initial.test): Depend on check-local.
(./pubring-gpg): Replace by rule for ./pubring-stamp.

There are also a couple of other changes which should make the tests a
bit more robust and the gpg and gpgsm tests more similar.

The -no-install avoids creating wrappers for test programs, which make
debugging easier.

The dependency on check-local guarantees that its rules are run before
the first test.  This is important because conf files are setup by
this rule.  Earlier automake versions seem to have run check-local
always before the tests but today the order of execution is not

Signed-off-by: Werner Koch <>
3 years agoSet GPGME_SIGSUM_KEY_REVOKED also for gpg.
Matthew Barnes [Wed, 18 Mar 2015 21:20:55 +0000 (17:20 -0400)]

* src/verify.c (calc_sig_summary): Handle GPG_ERR_CERT_REVOKED.


parse_new_sig() handles a revoked key by setting sig->status to
GPG_ERR_CERT_REVOKED, but then later calc_sig_summary() expects that
code in sig->validity_reason.

Additional comments added by wk.

3 years agoFix segv for userids with a backslash.
Werner Koch [Fri, 5 Jun 2015 12:25:59 +0000 (14:25 +0200)]
Fix segv for userids with a backslash.

* src/engine-gpg.c (gpg_keylist_preprocess): Increment SRC for a

This bug is not exploitable because this bug fills up .data with
backslashes and thus causes the segv.

Signed-off-by: Werner Koch <>
3 years agoPost release updates.
Werner Koch [Mon, 13 Apr 2015 13:50:59 +0000 (15:50 +0200)]
Post release updates.


3 years agoRelease 1.5.4. gpgme-1.5.4
Werner Koch [Mon, 13 Apr 2015 13:43:13 +0000 (15:43 +0200)]
Release 1.5.4.

3 years agow32: Use -static-libgcc to avoid linking to libgcc_s_sjlj-1.dll.
Werner Koch [Mon, 13 Apr 2015 13:35:06 +0000 (15:35 +0200)]
w32: Use -static-libgcc to avoid linking to libgcc_s_sjlj-1.dll.

* src/ (extra_ltoptions): New.
(libgpgme_la_LDFLAGS): Use it.
(libgpgme_pthread_la_LDFLAGS): Ditto.
(libgpgme_glib_la_LDFLAGS): Ditto.

Since gcc 4.8 there is a regression in Mingw64 in that plain C
programs may link to libgcc_s.a which has a dependency on
libgcc_s_sjlj.dll.  This is for example triggered by using long long
arithmetic on a 32 bit Windows (e.g symbol __udivdi3).

Note that we don't use this patch for the Qt version which, as C++
programs, actually requires that DLL,

Signed-off-by: Werner Koch <>
3 years agoFix potential crash in trace macro.
Werner Koch [Mon, 16 Mar 2015 12:40:34 +0000 (13:40 +0100)]
Fix potential crash in trace macro.

* src/signers.c (gpgme_signers_add): Avoid deref of a NULL KEY in the
trace macro.
* src/engine-spawn.c (engspawn_release): Remove always true condition.
* src/engine-gpg.c (gpg_release): Ditto.

Signed-off-by: Werner Koch <>
3 years agoFix one byte too short malloc.
Werner Koch [Mon, 16 Mar 2015 12:38:10 +0000 (13:38 +0100)]
Fix one byte too short malloc.

* src/engine-spawn.c (add_data): Fix malloc

Bummer.  Why did I subtracted one from the size?  Did I assume a
dynamically allocated structure with a string field which was not
going to be used?  Very strange.

Not a real problem though because malloc will anyway round up the
allocation to at least the next word size.

Detected by Stack 0.3.

3 years agoSwitch to automake 1.14 and update build-aux files.
Werner Koch [Fri, 30 Jan 2015 09:45:20 +0000 (10:45 +0100)]
Switch to automake 1.14 and update  build-aux files.

Signed-off-by: Werner Koch <>
3 years agodoc: Update gpl.texi to match version from gnupg
Daniel Kahn Gillmor [Sat, 6 Sep 2014 05:04:07 +0000 (01:04 -0400)]
doc: Update gpl.texi to match version from gnupg


Somehow the doc/gpl.texi from gpgme and gnupg drifted out of sync.
This patch to gpgme's file brings it in line with gnupg's master
branch, and avoids the following errors during make:

./gpl.texi:667: @section seen before @end enumerate
./gpl.texi:724: unmatched `@end enumerate'
./gpl.texi:1: warning: node next `Copying' in menu `Concept Index'
   and in sectioning `Function and Data Index' differ

4 years agoPost release updates.
Werner Koch [Thu, 11 Dec 2014 11:53:28 +0000 (12:53 +0100)]
Post release updates.


4 years agoRelease 1.5.3. gpgme-1.5.3
Werner Koch [Thu, 11 Dec 2014 11:07:49 +0000 (12:07 +0100)]
Release 1.5.3.

* Set LT version to C24/A13/R2.

4 years agoReturn an error for some export key operations.
Werner Koch [Mon, 8 Dec 2014 10:19:16 +0000 (11:19 +0100)]
Return an error for some export key operations.

* src/context.h (OPDATA_EXPORT): New.
* src/export.c (op_data_t): New.
(release_op_data): New.
(parse_error): New.
(export_status_handler): New.
(export_start, export_ext_start): Prepare op_data.
(gpgme_op_export_ext, gpgme_op_export_keys): Return an error from the
status handler.

To support an error return also for the async functions we need to
extend the API.  Until we have done that this new features helps at
least in some cases; in particular for --send-keys.

4 years agoPost release updates
Werner Koch [Fri, 21 Nov 2014 20:29:11 +0000 (21:29 +0100)]
Post release updates


4 years agoRelease 1.5.2. gpgme-1.5.2
Werner Koch [Fri, 21 Nov 2014 20:19:26 +0000 (21:19 +0100)]
Release 1.5.2.

* Set LT version to C24/A13/R1.

4 years agoUpdate the previous commit
Werner Koch [Wed, 19 Nov 2014 09:34:32 +0000 (10:34 +0100)]
Update the previous commit

* src/sign.c (gpgme_op_sign_result): Reformat and take care of failed

Although _gpgme_debug_trace() is current always true, the code should
be run always and not just in trace mode.  Also added error checking
to malloc and strdup.  And while at replace some while by for loop for
easier readability.

4 years agoFix returning new signatures when there are none.
Ben Kibbey [Sun, 9 Nov 2014 21:42:54 +0000 (16:42 -0500)]
Fix returning new signatures when there are none.

* src/sign.c (gpgme_op_sign_result): Test that invalid and valid
signatures add up to gpgme_signers_count().

When invalid and valid signatures do not equal gpgme_signers_count() it
means that there was a bad passphrase during signing after the first
signer. This leaves the result.signatures from previous signers intact
which isn't correct since gpg will report:

gpg: number of one-pass packets does not match number of signature
gpg: can't handle this ambiguous signature data

during verify. So when this happens append the valid signatures to the
.invalid_signers list with .reason set to GPG_ERR_GENERAL.

4 years agodoc: Clarify the FILE command.
Werner Koch [Wed, 19 Nov 2014 09:34:32 +0000 (10:34 +0100)]
doc: Clarify the FILE command.


4 years agoImprove the debug output a bit.
Werner Koch [Thu, 6 Nov 2014 14:59:06 +0000 (15:59 +0100)]
Improve the debug output a bit.

* src/debug.h (TRACE_ERR): Include the line number in the output.

4 years agobuild: Implement SYSROOT feature. origin/bjk/master
Werner Koch [Thu, 2 Oct 2014 13:48:53 +0000 (15:48 +0200)]
build: Implement SYSROOT feature.

* Document SYSROOT.
* m4/gpg-error.m4: Update from libgpg-error master.
* src/gpgme.m4: Implement SYSROOT stuff.

4 years agoUse --no-sk-comments, not --no-sk-comment.
Daniel Kahn Gillmor [Mon, 29 Sep 2014 21:48:39 +0000 (17:48 -0400)]
Use --no-sk-comments, not --no-sk-comment.

The --no-sk-comments flag is (or should be) a no-op in modern versions
of gnupg, but gpgme should still use its full form rather than the
(slightly) abbreviated --no-sk-comment

4 years agoRegister DCO for Daniel Kahn Gillmor.
Werner Koch [Wed, 24 Sep 2014 13:24:05 +0000 (15:24 +0200)]
Register DCO for Daniel Kahn Gillmor.


4 years agoAdd ftp and git URLs to AUTHORS.
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
Add ftp and git URLs to AUTHORS.


4 years agotests: Delay some test file extraction until "make check".
Werner Koch [Thu, 18 Sep 2014 14:00:34 +0000 (16:00 +0200)]
tests: Delay some test file extraction until "make check".

* tests/gpg/ (all-local): Change to check-local.
* tests/gpgsm/ (all-local): Ditto.

4 years agoClean up gpgme's tests/gpg when gpg2.1 is available
Daniel Kahn Gillmor [Tue, 23 Sep 2014 16:46:00 +0000 (12:46 -0400)]
Clean up gpgme's tests/gpg when gpg2.1 is available

* tests/gpg/ Clean up .gpg-v21-migrated

We also need to gitignore this file.

4 years agogpgme-tool: Print fingerprint and keyid with keyservers.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
gpgme-tool: Print fingerprint and keyid with keyservers.

* src/gpgme-tool.c (cmd_keylist): Print keyid.  Print FPR only if

4 years agoHandle modern keyserver output which may emit the fingerprint.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
Handle modern keyserver output which may emit the fingerprint.

* src/engine-gpg.c (read_colon_line): Split preprocessed lines.
(gpg_keylist_preprocess): Limit keyid field and print fingerprint.

4 years agogpgme-tool: Install gpgme-tool.
Werner Koch [Tue, 12 Aug 2014 08:36:30 +0000 (10:36 +0200)]
gpgme-tool: Install gpgme-tool.

* src/ (bin_PROGRAMS): New.  Add gpgme-tools.
(noinst_PROGRAMS): Remove.

4 years agogpgme-tool: Fix segv for external key listing.
Werner Koch [Tue, 12 Aug 2014 15:42:08 +0000 (17:42 +0200)]
gpgme-tool: Fix segv for external key listing.

* src/gpgme-tool.c (result_xml_escape): Allow for DATA being NULL.

4 years agoPost release updates.
Werner Koch [Wed, 30 Jul 2014 10:03:47 +0000 (12:03 +0200)]
Post release updates.


4 years agoRelease 1.5.1 gpgme-1.5.1
Werner Koch [Wed, 30 Jul 2014 09:47:31 +0000 (11:47 +0200)]
Release 1.5.1

* Change LT version to C24/A13/R0.

4 years agoFix possible realloc overflow for gpgsm and uiserver engines.
Werner Koch [Wed, 30 Jul 2014 09:04:55 +0000 (11:04 +0200)]
Fix possible realloc overflow for gpgsm and uiserver engines.

* src/engine-gpgsm.c (status_handler):
* src/engine-uiserver.c (status_handler):

After a realloc (realloc is also used for initial alloc) the allocated
size if the buffer is not correctly recorded.  Thus an overflow can be
introduced by receiving data with different line lengths in a specific
order.  This is not easy exploitable because libassuan constructs the
line.  However a crash has been reported and thus it might be possible
to constructs an exploit.

CVE-id: CVE-2014-3564
Reported-by: Tomáš Trnka
4 years agow32: Get IOSPAWN flag back in sync with spawn helper.
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
w32: Get IOSPAWN flag back in sync with spawn helper.

* src/gpgme-w32spawn.c: Include priv-io.h.

4 years agow32: Add comment about a compiler warning
Werner Koch [Wed, 25 Jun 2014 18:25:28 +0000 (20:25 +0200)]
w32: Add comment about a compiler warning


4 years agoAdd new reason codes to the INV_RECP status code.
Werner Koch [Tue, 10 Jun 2014 12:52:06 +0000 (14:52 +0200)]
Add new reason codes to the INV_RECP status code.

* src/op-support.c (_gpgme_parse_inv_recp): Add codes 13 and 14.

4 years agoAdd new keylist mode GPGME_KEYLIST_MODE_WITH_SECRET.
Werner Koch [Wed, 4 Jun 2014 07:57:54 +0000 (09:57 +0200)]

* src/engine-gpg.c (gpg_keylist_build_options): Handle new mode.
* src/engine-gpgsm.c (gpgsm_keylist, gpgsm_keylist_ext): Ditto.
* src/keylist.c (parse_sec_field15): Add arg key and take care of
--with-secret output.

* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Add
"with_secret".  Print card info and and secret flag for subkeys.

Note: This mode may only be used with GnuPG >= 2.1.

4 years agoPost release updates
Werner Koch [Wed, 21 May 2014 07:43:53 +0000 (09:43 +0200)]
Post release updates


4 years agoRelease 1.5.0. gpgme-1.5.0
Werner Koch [Wed, 21 May 2014 07:08:42 +0000 (09:08 +0200)]
Release 1.5.0.

* Change LT version to C22/A11/R0.

4 years agoAdd 6 new GPGME_STATUS_ codes.
Werner Koch [Tue, 13 May 2014 13:44:52 +0000 (15:44 +0200)]
Add 6 new GPGME_STATUS_ codes.

* src/status-table.c: Also add missing DECRYPTION_INFO entry.

4 years agoAdd field CURVE to the key info.
Werner Koch [Thu, 8 May 2014 18:39:15 +0000 (20:39 +0200)]
Add field CURVE to the key info.

* src/ (struct _gpgme_subkey): Add field CURVE.
* src/key.c (gpgme_key_unref): Free CURVE.
* src/keylist.c (keylist_colon_handler): Set CURVE.

* src/gpgme.c (gpgme_release): For failsafe reasons reset engine and
engine info after freeing.

The engine hack is useful in case the other release functions
accidently call engine release.

4 years agoFix a memory access and a double slash bug.
Werner Koch [Thu, 8 May 2014 18:35:57 +0000 (20:35 +0200)]
Fix a memory access and a double slash bug.

* src/engine-spawn.c (engspawn_start): Allocate space for list
* src/posix-util.c (walk_path): Fix trailing slash detection.

Kudos to Valgrind for pointing out these two problems.

The first is a plain allocation bug in a code pattern I have written
thousands of times - this time it went wrong.  The allocation is not
user controlled thus not directly exploitable.

The second is missed to do what it intended to do.  Found due to the
access of malloced but not initialized memory.  Not using calloc
again proved to be helpful to detect logical error.

4 years agoMap public key algos returned by gpg to gpgme values.
Werner Koch [Thu, 8 May 2014 12:03:14 +0000 (14:03 +0200)]
Map public key algos returned by gpg to gpgme values.

* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.

* src/ (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.

This affects only the not yet released ECC code of GnuPG 2.1.

4 years agoAdd GPGME_ENCRYPT_NO_COMPRESS flag.
Werner Koch [Thu, 8 May 2014 09:31:30 +0000 (11:31 +0200)]

* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Implement it.
* src/gpgme-tool.c (_cmd_sign_encrypt): Add option --no-compress.

4 years agow32: Fix another memleak on error.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
w32: Fix another memleak on error.

* src/w32-io.c (create_reader): free CTX.

Found by Hans-Christoph Steiner with cppcheck.

4 years agow32: Fix memleak in an error code paths.
Werner Koch [Tue, 15 Apr 2014 14:40:48 +0000 (16:40 +0200)]
w32: Fix memleak in an error code paths.

* src/w32-io.c (create_writer): Free CTX in cased of bad FD.
* src/w32-util.c (_gpgme_mkstemp): Free TMPNAME in case of a failed

Found by Hans-Christoph Steiner with cppcheck.

4 years agoFix possible zombie processes.
Werner Koch [Tue, 15 Apr 2014 10:25:45 +0000 (12:25 +0200)]
Fix possible zombie processes.

* src/posix-io.c (_gpgme_io_waitpid): Protect waitpid agains EINTR.
(_gpgme_io_dup): Likewise.
(_gpgme_io_connect): Likewise.

GnuPG-bug-id: 1630

4 years agoActually implement flags for gpgme_op_spawn.
Werner Koch [Thu, 10 Apr 2014 12:17:19 +0000 (14:17 +0200)]
Actually implement flags for gpgme_op_spawn.

* src/spawn.c (gpgme_op_spawn_start, gpgme_op_spawn): Pass FLAGS dow
to spawn_start and add FLAGS args along the call path.
* src/engine-spawn.c (engspawn_start): Hack to automagically provide

4 years agoAdd GPGME_PROTOCOL_SPAWN and gpgme_op_spawn.
Werner Koch [Thu, 10 Apr 2014 11:01:00 +0000 (13:01 +0200)]
Add GPGME_PROTOCOL_SPAWN and gpgme_op_spawn.

* src/gpgme.c (gpgme_set_protocol): Add new protocol.
(gpgme_get_protocol_name): Ditto.
* src/spawn.c: New.
* src/libgpgme.vers, src/gpgme.def: Add new public functions.
* src/engine-spawn.c: New.
* src/ Add new files.
* src/engine-backend.h (struct engine_ops): Add OPSPAWN.
* src/engine.c (engine_ops): Add _gpgme_engine_ops_spawn.
(gpgme_get_engine_info): Add Spawn to the list of protocols.
(_gpgme_engine_op_spawn): New.

* src/gpgme-tool.c (gt_protocol_from_name): Add new protocol.
(gt_spawn, cmd_spawn): New.

4 years agoAdd gpgme_get_dirinfo.
Werner Koch [Thu, 10 Apr 2014 09:47:19 +0000 (11:47 +0200)]
Add gpgme_get_dirinfo.

* src/dirinfo.c (gpgme_get_dirinfo): New.
* tests/t-engine-info.c (main): Print results from that function.

4 years agoRemove compiler warning from test
Werner Koch [Thu, 10 Apr 2014 09:42:39 +0000 (11:42 +0200)]
Remove compiler warning from test


4 years agoMake use of internal iospawn flags more flexible.
Werner Koch [Thu, 10 Apr 2014 09:39:14 +0000 (11:39 +0200)]
Make use of internal iospawn flags more flexible.

* src/priv-io.h (IOSPAWN_FLAG_DETACHED): New. Renumber the others.
* src/w32-io.c (_gpgme_io_spawn): Use DETACHED_PROCESS process only if
* src/w32-qt-io.cpp (_gpgme_io_spawn): Ditto.
* src/w32-glib-io.c (_gpgme_io_spawn): Ditto.
* src/assuan-support.c (my_spawn): Pass IOSPAWN_FLAG_DETACHED flags.
* src/dirinfo.c (read_gpgconf_dirs): Ditto.
* src/engine-gpg.c (start): Ditto.
* src/engine-gpgconf.c (gpgconf_read, gpgconf_write): Ditto.
* src/version.c (_gpgme_get_program_version): Ditto.

4 years agoMake sure a spawned process has all standard fds connected.
Werner Koch [Thu, 10 Apr 2014 09:15:40 +0000 (11:15 +0200)]
Make sure a spawned process has all standard fds connected.

* src/posix-io.c (_gpgme_io_spawn): dup /dev/null also to unsued

Better be sure that stdout of a spawned process is connected to stdout
so that the process does not run into a write error if it writes to
stdout.  AFAICS we always use a connected stdout; thus this is only
for correctness.

4 years agoAdd configure option --enable-fixed-path.
Werner Koch [Thu, 13 Mar 2014 13:24:14 +0000 (14:24 +0100)]
Add configure option --enable-fixed-path.

* Add option --enable-fixed-path.
(FIXED_SEARCH_PATH): New ac_define.
* src/posix-util.c (walk_path): Make use of the option.  Remove
current directory from fallback PATH.

Note that using this option PATH is entirely ignored by GPGME and only
the given value is used instead to locate the GnuPG binaries.

On Android the use of PATH is not desirable.  Instead the GnuPG tools
are expected in a fixed directory.  By using

  ./configure --enable-fixed-path="/foo/bar"

gpg et al are expected to be installed as /foo/bar/gpg.  With

  ./configure --enable-fixed-path="/foo/bar:/bin"

gpg is expected as /foo/bar/gpg or /bin/gpg.

4 years agoAvoid pointer arithmetic on void pointer.
Werner Koch [Tue, 11 Mar 2014 12:58:38 +0000 (13:58 +0100)]
Avoid pointer arithmetic on void pointer.

* src/gpgme.c (gpgme_io_writen): Use new var buffer.

Reported-by: Albert Chin
4 years agoChange implementation return type to match the definition.
Werner Koch [Tue, 11 Mar 2014 12:54:21 +0000 (13:54 +0100)]
Change implementation return type to match the definition.

* src/gpgme.c (gpgme_get_sub_protocol): Change return type to

Yet another enum/int mismatch.

Reported-by: Albert Chin.
4 years agodoc: Fix documentation of struct data types
Daiki Ueno [Wed, 5 Mar 2014 05:52:49 +0000 (14:52 +0900)]
doc: Fix documentation of struct data types

* gpgme.texi (Key Management): Document is_cardkey and card_number
members of gpgme_subkey_t.
(Decrypt): Remove description of the non-existent wrong_key_usage
member of gpgme_recipient_t.
(Verify): Document pka_address member of gpgme_signature_t.
(Creating a Signature): Add missing member names in
(Registering I/O Callbacks): Fix reference of gpgme_io_cbs struct.

4 years agoAlways pass correct name to argv[0]. Ignore GPG_AGENT_INFO for gpg2.
Werner Koch [Fri, 21 Feb 2014 10:22:45 +0000 (11:22 +0100)]
Always pass correct name to argv[0].  Ignore GPG_AGENT_INFO for gpg2.

* src/dirinfo.c (WANT_GPG_ONE_MODE): New.
(struct dirinfo): Add field "gpg_one_mode".
(get_gpgconf_item): Set that field and return it if requested.
(_gpgme_in_gpg_one_mode): New.
* src/engine-gpg.c (build_argv): Check GPG_AGENT_INFO only in gpg-1

* src/dirinfo.c (_gpgme_get_basename): New.
* src/engine-g13.c (g13_new): Take argv[0] from the pgmname.
* src/engine-gpgsm.c (gpgsm_new): Ditto.
* src/engine-gpg.c (build_argv): Ditto. Add arg PGMNAME.
(start): Pass PGMNAME to buildargv.

4 years agoFix type inconsistency between gpgme.h and gpgme.c.
Werner Koch [Wed, 12 Feb 2014 19:36:08 +0000 (20:36 +0100)]
Fix type inconsistency between gpgme.h and gpgme.c.

* src/gpgme.c (gpgme_set_pinentry_mode): Fix type of MODE.

GnuPG-bug-id: 1617

4 years agoUse the generic script.
Werner Koch [Thu, 9 Jan 2014 18:14:09 +0000 (19:14 +0100)]
Use the generic script.

* autogen.rc: New.
* (EXTRA_DIST): Add it.
* Update from GnuPG.


4 years agoSet next version to 1.5.0
Werner Koch [Tue, 7 Jan 2014 17:08:41 +0000 (18:08 +0100)]
Set next version to 1.5.0


4 years agoMake gpgconf engine work again - fixes 02ba35c1.
Werner Koch [Tue, 7 Jan 2014 16:59:59 +0000 (17:59 +0100)]
Make gpgconf engine work again - fixes 02ba35c1.

* src/gpgconf.c: Remove ENABLE_GPGCONF and move prototypes to ...
* src/engine-backend.h: ... here.

gpgconf is a required part for gpgme.

4 years agoMake gpgme_new return a proper error if no engines are installed.
Werner Koch [Tue, 7 Jan 2014 12:32:08 +0000 (13:32 +0100)]
Make gpgme_new return a proper error if no engines are installed.

* src/engine.c (gpgme_get_engine_info): Improve error handling.
(_gpgme_engine_info_copy): Ditto.
* src/gpgme.c (gpgme_new): Return error GPG_ERR_NO_ENGINE.

4 years agoPrint the full PATH in the log if gpg was not found.
Werner Koch [Tue, 7 Jan 2014 11:44:55 +0000 (12:44 +0100)]
Print the full PATH in the log if gpg was not found.

* src/posix-util.c (walk_path): Keep a copy of PATH.

4 years agoAdd global flags disable-gpgconf, gpgconf-name, and gpg-name.
Werner Koch [Mon, 6 Jan 2014 16:16:52 +0000 (17:16 +0100)]
Add global flags disable-gpgconf, gpgconf-name, and gpg-name.

* src/gpgme.c (gpgme_set_global_flag): Add names "disable-gpgconf",
"gpgconf-name", and "gpg-name".
* src/dirinfo.c (_gpgme_dirinfo_disable_gpgconf): New.
(get_gpgconf_item): Minor debug info change.
* src/posix-util.c (default_gpg_name, default_gpgconf_name): Add vars.
(_gpgme_set_default_gpg_name): New.
(_gpgme_set_default_gpgconf_name): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Use new vars.
(walk_path): Add debug output on failure.
* src/w32-util.c (default_gpg_name, default_gpgconf_name): Add vars.
(replace_slashes): New.
(get_basename): New.
(_gpgme_set_default_gpg_name): New.
(_gpgme_set_default_gpgconf_name): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Use new vars.

* tests/t-engine-info.c (main): Add --verbose and --set-global-flag

Note that the Windows part has not been tested.

4 years agoLocate engine names only at runtime and prefer GnuPG-2.
Werner Koch [Fri, 27 Dec 2013 15:08:20 +0000 (16:08 +0100)]
Locate engine names only at runtime and prefer GnuPG-2.

(NEED_G13_VERSION, NEED_GPGCONF_VERSION): Remove vars and all related
checks.  Do not check for any engine version.
(HAVE_ASSUAN): Remove AM conditional.
* src/ Remove separate component vars and always build all
engines but uiserver.
* src/dirinfo.c (WANT_GPGCONF_NAME): New.
(struct dirinfo): Add field gpgconf_name.
(_gpgme_get_default_gpgconf_name): Use WANT_GPGCONF_NAME.
(get_gpgconf_item): Set gpgconf name and adjust for _gpgme_get_*_path
now returning a malloced string.
* src/engine.c (engine_ops): Always init all engines except for
* src/posix-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path):
Remove unused functions.
(walk_path): New.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path ): Re-implement using
* src/w32-util.c (_gpgme_get_gpgsm_path, _gpgme_get_g13_path): Remove
unused functions.
(_gpgme_get_gpg_path, _gpgme_get_gpgconf_path): Return a malloced
* src/engine-g13.c (g13_get_req_version): Use a hardwired string with
the required version.  This info belongs into this file.
* src/engine-gpg.c (gpg_get_req_version): Ditto.
* src/engine-gpgconf.c (gpgconf_get_req_version): Ditto.
* src/engine-gpgsm.c (gpgsm_get_req_version): Ditto.
* tests/t-engine-info.c: Replace now useless test by an info output.
* tests/gpg/ (GPG, GPG_AGENT): Hardwire gpg and gpg-agent.
* tests/gpgsm/ (GPGSM): Hardwire gpgsm.

Signed-off-by: Werner Koch <>
5 years agoDocument API change for GPGME_EVENT_DONE from 2009.
Werner Koch [Mon, 19 Aug 2013 18:43:19 +0000 (20:43 +0200)]
Document API change for GPGME_EVENT_DONE from 2009.

* doc/gpgme.texi (I/O Callback Interface): Fix description for the
event arg.

With commit c8e934b2 (2009-10-26) gpgme_io_event_done_data_t was
introduced to replace the use of gpg_error_t with GPGME_EVENT_DONE.
Unfortunately this was not documented.  Maybe at that time the event
code was considered internal and its use in GPA was not known.  Too

5 years agoFix possible segv in the gpgme_op_card_edit.
Werner Koch [Mon, 19 Aug 2013 18:40:10 +0000 (20:40 +0200)]
Fix possible segv in the gpgme_op_card_edit.

* src/edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start): Do not
deref a NULL KEY in TRACE_BEG.

5 years agotests: Fix NULL ptr deref in gpgsm/t-verify.
Werner Koch [Mon, 19 Aug 2013 18:38:36 +0000 (20:38 +0200)]
tests: Fix NULL ptr deref in gpgsm/t-verify.

* tests/gpgsm/t-verify.c (check_result): Do not dereference a sig or
sig->fpr if NULL.

5 years agoRelease 1.4.3. gpgme-1.4.3
Werner Koch [Mon, 12 Aug 2013 12:33:49 +0000 (14:33 +0200)]
Release 1.4.3.

* Change LT version to C22/A11/R0.

5 years agoMake test suite workable with GnuPG 2.1.
Werner Koch [Mon, 12 Aug 2013 12:32:21 +0000 (14:32 +0200)]
Make test suite workable with GnuPG 2.1.

* tests/gpg/start-stop-agent: New.
* tests/gpg/initial.test: New.
* tests/gpg/final.test: New.
* tests/gpg/ (c_tests): New.
(TESTS): Move all to c_tests.  Add initial.test, final.test, and
(private_keys): New.
(EXTRA_DIST): Add new files.
(./private-keys-v1.d/gpg-sample.stamp): Copy private keys.
(all-local): Depend on gpg-sample.stamp.
* tests/gpg/13CBE3758AFE42B5E5E2AE4CED27AFA455E3F87F: New.
* tests/gpg/13CD0F3BDF24BE53FE192D62F18737256FF6E4FD: New.
* tests/gpg/76F7E2B35832976B50A27A282D9B87E44577EB66: New.
* tests/gpg/7A030357C0F253A5BBCD282FFC4E521B37558F5C: New.
* tests/gpg/A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD: New.

GnuPG 2.1 requires that the agent knows the private keys.  Thus we
need to install them.  The code should still work with GnuPG < 2.1.

To make the whole testing using a agent more robust, the way to start
the agent has also be changed.

5 years agoImprove detection of default gpg by configure.
Werner Koch [Mon, 12 Aug 2013 12:24:34 +0000 (14:24 +0200)]
Improve detection of default gpg by configure.

* Move test for gpgconf before test for gpg.
(GPG, GPGSM, G13): Use gpgconf instead of AC_PATH_PROG if possible.

This change is required so that the t-engine-info test does not
fail.  In any case, it is a good idea to use gpgconf for these test
because this is how it works at runtime.