Added new GMIME_DECRYPT_NO_VERIFY flag that disables signature verification

Thanks to Daniel Kahn Gillmor for this feature suggestion.

2 files changed, 3 insertions, 1 deletions

diff --git a/gmime/gmime-crypto-context.h b/gmime/gmime-crypto-context.h
index 5089aeaf..998436b5 100644
--- a/gmime/gmime-crypto-context.h
+++ b/gmime/gmime-crypto-context.h
@@ -80,6 +80,7 @@ typedef GMimeCryptoContext * (* GMimeCryptoContextNewFunc) (void);
  * GMimeDecryptFlags:
  * @GMIME_DECRYPT_NONE: No flags specified.
  * @GMIME_DECRYPT_EXPORT_SESSION_KEY: Export the decryption session-key.
+ * @GMIME_DECRYPT_NO_VERIFY: Disable signature verification.
  * @GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS: Enable OpenPGP keyserver lookups.
  * @GMIME_DECRYPT_ENABLE_ONLINE_CERTIFICATE_CHECKS: Enable CRL and OCSP checks that require network lookups.
  *
@@ -88,6 +89,7 @@ typedef GMimeCryptoContext * (* GMimeCryptoContextNewFunc) (void);
 typedef enum {
 	GMIME_DECRYPT_NONE                             = 0,
 	GMIME_DECRYPT_EXPORT_SESSION_KEY               = 1 << 0,
+	GMIME_DECRYPT_NO_VERIFY                        = 1 << 1,
 
 	/* Note: these values must stay in sync with GMimeVerifyFlags */
 	GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS         = 1 << 15,
diff --git a/gmime/gmime-gpgme-utils.c b/gmime/gmime-gpgme-utils.c
index 6d8ce135..a5b59846 100644
--- a/gmime/gmime-gpgme-utils.c
+++ b/gmime/gmime-gpgme-utils.c
@@ -602,7 +602,7 @@ g_mime_gpgme_decrypt (gpgme_ctx_t ctx, GMimeDecryptFlags flags, const char *sess
 #endif
 	
 	/* decrypt the input stream */
-	if (gpgme_get_protocol (ctx) == GPGME_PROTOCOL_OpenPGP) {
+	if (gpgme_get_protocol (ctx) == GPGME_PROTOCOL_OpenPGP && (flags & GMIME_DECRYPT_NO_VERIFY) == 0) {
 		gpgme_set_offline (ctx, (flags & GMIME_DECRYPT_ENABLE_KEYSERVER_LOOKUPS) == 0);
 		
 		error = gpgme_op_decrypt_verify (ctx, input, output);