[gmime] Don't set the passphrase cb until we need it
- From: Jeffrey Stedfast <fejj src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gmime] Don't set the passphrase cb until we need it
- Date: Tue, 14 Mar 2017 23:59:01 +0000 (UTC)
commit 6e1c4ba037371c1aec6c6683cc295978aa8d5309
Author: Jeffrey Stedfast <jestedfa microsoft com>
Date: Tue Mar 14 18:37:24 2017 -0400
Don't set the passphrase cb until we need it
This also means that we won't accidentally trick gpgme
into calling our passphrase callback if the user-supplied
callback is NULL.
gmime/gmime-gpg-context.c | 41 ++++++++++++++++++++++++++++++++++-------
gmime/gmime-gpgme-utils.c | 12 ++++--------
gmime/gmime-pkcs7-context.c | 28 ++++++++++++++++++++++------
3 files changed, 60 insertions(+), 21 deletions(-)
---
diff --git a/gmime/gmime-gpg-context.c b/gmime/gmime-gpg-context.c
index d534561..f75f519 100644
--- a/gmime/gmime-gpg-context.c
+++ b/gmime/gmime-gpg-context.c
@@ -263,6 +263,17 @@ gpg_get_key_exchange_protocol (GMimeCryptoContext *ctx)
return "application/pgp-keys";
}
+static void
+set_passphrase_callback (GMimeCryptoContext *context)
+{
+ GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+
+ if (context->request_passwd)
+ gpgme_set_passphrase_cb (gpg->ctx, g_mime_gpgme_passphrase_callback, gpg);
+ else
+ gpgme_set_passphrase_cb (gpg->ctx, NULL, NULL);
+}
+
static int
gpg_sign (GMimeCryptoContext *context, gboolean detach, const char *userid,
GMimeStream *istream, GMimeStream *ostream, GError **err)
@@ -271,11 +282,14 @@ gpg_sign (GMimeCryptoContext *context, gboolean detach, const char *userid,
gpgme_sig_mode_t mode = detach ? GPGME_SIG_MODE_DETACH : GPGME_SIG_MODE_CLEAR;
GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+ set_passphrase_callback (context);
+
gpgme_set_textmode (gpg->ctx, !detach);
return g_mime_gpgme_sign (gpg->ctx, mode, userid, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -290,7 +304,8 @@ gpg_verify (GMimeCryptoContext *context, GMimeVerifyFlags flags, GMimeStream *is
return g_mime_gpgme_verify (gpg->ctx, flags, istream, sigstream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return NULL;
#endif /* ENABLE_CRYPTO */
@@ -303,9 +318,13 @@ gpg_encrypt (GMimeCryptoContext *context, gboolean sign, const char *userid, GMi
#ifdef ENABLE_CRYPTO
GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+ if (sign)
+ set_passphrase_callback (context);
+
return g_mime_gpgme_encrypt (gpg->ctx, sign, userid, flags, recipients, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -318,9 +337,12 @@ gpg_decrypt (GMimeCryptoContext *context, GMimeDecryptFlags flags, const char *s
#ifdef ENABLE_CRYPTO
GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_decrypt (gpg->ctx, flags, session_key, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return NULL;
#endif /* ENABLE_CRYPTO */
@@ -332,9 +354,12 @@ gpg_import_keys (GMimeCryptoContext *context, GMimeStream *istream, GError **err
#ifdef ENABLE_CRYPTO
GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_import (gpg->ctx, istream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -346,9 +371,12 @@ gpg_export_keys (GMimeCryptoContext *context, const char *keys[], GMimeStream *o
#ifdef ENABLE_CRYPTO
GMimeGpgContext *gpg = (GMimeGpgContext *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_export (gpg->ctx, keys, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("PGP support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("PGP support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -378,7 +406,6 @@ g_mime_gpg_context_new (void)
return NULL;
gpg = g_object_newv (GMIME_TYPE_GPG_CONTEXT, 0, NULL);
- gpgme_set_passphrase_cb (ctx, g_mime_gpgme_passphrase_callback, gpg);
gpgme_set_protocol (ctx, GPGME_PROTOCOL_OpenPGP);
gpgme_set_armor (ctx, TRUE);
gpg->ctx = ctx;
diff --git a/gmime/gmime-gpgme-utils.c b/gmime/gmime-gpgme-utils.c
index a325019..bf03bb8 100644
--- a/gmime/gmime-gpgme-utils.c
+++ b/gmime/gmime-gpgme-utils.c
@@ -81,14 +81,10 @@ g_mime_gpgme_passphrase_callback (void *hook, const char *uid_hint, const char *
GError *err = NULL;
gboolean rv;
- if (context->request_passwd) {
- stream = g_mime_stream_pipe_new (fd);
- g_mime_stream_pipe_set_owner ((GMimeStreamPipe *) stream, FALSE);
- rv = context->request_passwd (context, uid_hint, passphrase_info, prev_was_bad, stream, &err);
- g_object_unref (stream);
- } else {
- return GPG_ERR_GENERAL;
- }
+ stream = g_mime_stream_pipe_new (fd);
+ g_mime_stream_pipe_set_owner ((GMimeStreamPipe *) stream, FALSE);
+ rv = context->request_passwd (context, uid_hint, passphrase_info, prev_was_bad, stream, &err);
+ g_object_unref (stream);
if (!rv) {
error = GPG_ERR_CANCELED;
diff --git a/gmime/gmime-pkcs7-context.c b/gmime/gmime-pkcs7-context.c
index 80b6b30..15b6292 100644
--- a/gmime/gmime-pkcs7-context.c
+++ b/gmime/gmime-pkcs7-context.c
@@ -259,6 +259,8 @@ pkcs7_get_key_exchange_protocol (GMimeCryptoContext *ctx)
return "application/pkcs7-keys";
}
+#define set_passphrase_callback(context)
+
static int
pkcs7_sign (GMimeCryptoContext *context, gboolean detach, const char *userid,
GMimeStream *istream, GMimeStream *ostream, GError **err)
@@ -267,9 +269,12 @@ pkcs7_sign (GMimeCryptoContext *context, gboolean detach, const char *userid,
gpgme_sig_mode_t mode = detach ? GPGME_SIG_MODE_DETACH : GPGME_SIG_MODE_NORMAL;
GMimePkcs7Context *pkcs7 = (GMimePkcs7Context *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_sign (pkcs7->ctx, mode, userid, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -284,7 +289,8 @@ pkcs7_verify (GMimeCryptoContext *context, GMimeVerifyFlags flags, GMimeStream *
return g_mime_gpgme_verify (pkcs7->ctx, flags, istream, sigstream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return NULL;
#endif /* ENABLE_CRYPTO */
@@ -305,7 +311,8 @@ pkcs7_encrypt (GMimeCryptoContext *context, gboolean sign, const char *userid, G
return g_mime_gpgme_encrypt (pkcs7->ctx, sign, userid, flags, recipients, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -318,9 +325,12 @@ pkcs7_decrypt (GMimeCryptoContext *context, GMimeDecryptFlags flags, const char
#ifdef ENABLE_CRYPTO
GMimePkcs7Context *pkcs7 = (GMimePkcs7Context *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_decrypt (pkcs7->ctx, flags, session_key, istream, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return NULL;
#endif /* ENABLE_CRYPTO */
@@ -332,9 +342,12 @@ pkcs7_import_keys (GMimeCryptoContext *context, GMimeStream *istream, GError **e
#ifdef ENABLE_CRYPTO
GMimePkcs7Context *pkcs7 = (GMimePkcs7Context *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_import (pkcs7->ctx, istream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
@@ -346,9 +359,12 @@ pkcs7_export_keys (GMimeCryptoContext *context, const char *keys[], GMimeStream
#ifdef ENABLE_CRYPTO
GMimePkcs7Context *pkcs7 = (GMimePkcs7Context *) context;
+ set_passphrase_callback (context);
+
return g_mime_gpgme_export (pkcs7->ctx, keys, ostream, err);
#else
- g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED, _("S/MIME support is not enabled in
this build"));
+ g_set_error_literal (err, GMIME_ERROR, GMIME_ERROR_NOT_SUPPORTED,
+ _("S/MIME support is not enabled in this build"));
return -1;
#endif /* ENABLE_CRYPTO */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
