diff options
author | Jeffrey Stedfast <jestedfa@microsoft.com> | 2019-10-01 08:35:20 -0400 |
---|---|---|
committer | Jeffrey Stedfast <jestedfa@microsoft.com> | 2019-10-01 08:35:20 -0400 |
commit | 931dbeb6605ccb8352fc3ed8e81904637ec43935 (patch) | |
tree | 68492adfde3afce5f0a91670a6efe7a984c5f03e | |
parent | 8b63870d1c5e646d96c957d150f7f3270ac85e3a (diff) | |
download | gmime-931dbeb6605ccb8352fc3ed8e81904637ec43935.tar.gz |
Added new GMIME_DECRYPT_NO_VERIFY flag that disables signature verification
Thanks to Daniel Kahn Gillmor for this feature suggestion.
-rw-r--r-- | gmime/gmime-crypto-context.h | 2 | ||||
-rw-r--r-- | gmime/gmime-gpgme-utils.c | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/gmime/gmime-crypto-context.h b/gmime/gmime-crypto-context.h index 5089aeaf..998436b5 100644 --- a/gmime/gmime-crypto-context.h +++ b/gmime/gmime-crypto-context.h @@ -80,6 +80,7 @@ typedef GMimeCryptoContext * (* GMimeCryptoContextNewFunc) (void); * GMimeDecryptFlags: * @GMIME_DECRYPT_NONE: No flags specified. * @GMIME_DECRYPT_EXPORT_SESSION_KEY: Export the decryption session-key. + * @GMIME_DECRYPT_NO_VERIFY: Disable signature verification. * @GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS: Enable OpenPGP keyserver lookups. * @GMIME_DECRYPT_ENABLE_ONLINE_CERTIFICATE_CHECKS: Enable CRL and OCSP checks that require network lookups. * @@ -88,6 +89,7 @@ typedef GMimeCryptoContext * (* GMimeCryptoContextNewFunc) (void); typedef enum { GMIME_DECRYPT_NONE = 0, GMIME_DECRYPT_EXPORT_SESSION_KEY = 1 << 0, + GMIME_DECRYPT_NO_VERIFY = 1 << 1, /* Note: these values must stay in sync with GMimeVerifyFlags */ GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS = 1 << 15, diff --git a/gmime/gmime-gpgme-utils.c b/gmime/gmime-gpgme-utils.c index 6d8ce135..a5b59846 100644 --- a/gmime/gmime-gpgme-utils.c +++ b/gmime/gmime-gpgme-utils.c @@ -602,7 +602,7 @@ g_mime_gpgme_decrypt (gpgme_ctx_t ctx, GMimeDecryptFlags flags, const char *sess #endif /* decrypt the input stream */ - if (gpgme_get_protocol (ctx) == GPGME_PROTOCOL_OpenPGP) { + if (gpgme_get_protocol (ctx) == GPGME_PROTOCOL_OpenPGP && (flags & GMIME_DECRYPT_NO_VERIFY) == 0) { gpgme_set_offline (ctx, (flags & GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS) == 0); error = gpgme_op_decrypt_verify (ctx, input, output); |