Update to upstream version '1.16.0'
with Debian dir 2aa0334741bba9fb89e451289d21b62450067e08

--

GnuPG-bug-id: 5299

--
This functionality got dropped somewhere after 1.12, as part of the
cleanup of the `Context.decrypt` call signature. Reintroduce it again,
now using an explicit keyword argument `filter_signatures` (which
defaults to hiding signatures by unknown keys).

GnuPG-bug-id: 5292

* lang/qt/src/signkeyjob.h (SignKeyJob::setExpirationDate): New.
* lang/qt/src/qgpgmesignkeyjob.h, lang/qt/src/qgpgmesignkeyjob.cpp
(QGpgMESignKeyJob::setExpirationDate): New.
* lang/qt/src/qgpgmesignkeyjob.cpp (QGpgMESignKeyJob::Private): Add
member m_expiration.
(sign_key): Handle expiration date.
(QGpgMESignKeyJob::start): Pass expiration date to sign_key.

* lang/qt/tests/t-various.cpp
(TestVarious::testSignKeyWithoutExpiration,
TestVarious::testSignKeyWithExpiration): New.
(TestVarious::initTestCase): Add "allow-weak-key-signatures" to
gpg.conf.
--

This allows Kleopatra (and other users of QGpgme) to create key
signatures with expiration date.

GnuPG-bug-id: 5336, 5506

* src/context.h (struct gpgme_context): Add 'cert_expire'.
* src/engine-gpg.c (append_args_from_cert_expire): New.
(gpg_edit): Set option according to the new flag.
* src/gpgme.c (gpgme_release): Free 'cert_expire'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "cert-expire".

* tests/gpg/Makefile.am (c_tests): Add new test.
(gpg.conf): Write "allow-weak-key-signatures" to gpg.conf.
* tests/gpg/t-edit-sign.c: New.
--

The new context flag "cert-expire" allows setting the expiration date
for key signatures created with gpgme_op_interact.

GnuPG-bug-id: 5336, 5505

* NEWS: Add news for recent changes
--

GnuPG-bug-id: 5421, 5217

* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Add missing }.
--

Fixes-commit: 1dca8c2b
GnuPG-bug-id: 5465

* lang/qt/src/qgpgmenewcryptoconfig.cpp (setURLValueList): Log error
if setting config value failed.
--

GnuPG-bug-id: 5465

* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Only set non-empty
base DN as URL query.
--

This makes it possible to differentiate an unset query from an empty
query.

GnuPG-bug-id: 5465

* lang/qt/src/signkeyjob.h (SignKeyJob::start,
SignKeyJob::setUserIDsToSign, SignKeyJob::setCheckLevel): Fix
documentation of parameters.
--

GnuPG-bug-id: 5245

* src/data.c (_gpgme_data_release): Free buffers.
(gpgme_data_seek): Adjust from renamed fields.
(gpgme_data_set_flag): Implement new flags.
(_gpgme_data_inbound_handler): Allow the use of a malloced buffer.
(_gpgme_data_outbound_handler): Ditto.
* src/data.h (BUFFER_SIZE): Move out of the struct definition.
(struct gpgme_data): Remove pending filed and introduce inbound and
outbound fields.

* src/conversion.c (_gpgme_wipememory): New.  Taken from GnuPG.
* src/cJSON.c (wipememory): Use this here too.

* tests/run-decrypt.c (main): Add options "--large-buffers" and
"--sensitive".
--

GnuPG-bug-id: 5478
Signed-off-by: Werner Koch <wk@gnupg.org>

* src/data-identify.c (basic_detection): Add OID.

Signed-off-by: Werner Koch <wk@gnupg.org>

* lang/qt/src/dataprovider.cpp (QIODeviceDataProvider::write): Call
waitForBytesWritten.

--
The problem here is that QProcess writes into an internal buffer
which is written to stdin of the process triggered by a
signal/slot connection. That connection is broken when we move
the QProcess into our GPGME thread and only restablished when
our Job is finished. This caused Kleopatra to basically keep
everything when decrypting a large archive in memory and
only write it out to the unpack process once the decryption
was finished.

GnuPG-Bug-Id: T5475

* src/data.h (BUFFER_SIZE): Increase to 4096 for Windows.

--
This brings it in line to the PIPE_BUF size on desktop Linux
systems. This should increase performance when working with
large files on Windows a bit.

GnuPG-Bug-Id: T5478

* lang/qt/src/Makefile.am (libqgpgme_la_LIBADD): Explicitly link
gpg-error.

--
Previously this was implicit from the libassuan flags.

* src/Makefile.am (AM_CFLAGS): Add GPG_ERROR_CFLAGS

--
This fixes the include directory for libgpg error if
it is installed in a different prefix then libassuan. Previously
libassuan provided the include directory also implicitly.

* lang/qt/src/qgpgme_debug.h: Make include guard match file name.
* lang/qt/src/qgpgme_debug.h, lang/qt/src/qgpgme_debug.cpp
(QGPGME_CONFIG_LOADING_LOG): New.
* lang/qt/src/qgpgmenewcryptoconfig.cpp
(QGpgMENewCryptoConfig::reloadConfiguration): Use new logging category.
--

Use a separate logging category for the extremely noisy logging of
the result of config loading to make debug logging more useful.

GnuPG-bug-id: 5217

* src/keylist.c (keylist_colon_handler): Check for correct number of
fields.
--

This prevents NULL pointer dereferencing with older versions of gpg
that may output less fields.

* lang/qt/src/qgpgmenewcryptoconfig.cpp (parseURL): Handle extended
LDAP server option syntax.
(portToString): New.
(splitURL): Append flags to LDAP server option.
--

This adds support for the extended syntax of LDAP server options
introduced in gpg 2.2.18/2.3. The flags are stored as fragment of a
QUrl.

GnuPG-bug-id: 5217

* tests/run-keylist.c (main): Print all infos from the primary key.
--

The test tool printed only the computed infos for the key and not the
detailed one fro the primary key.  The new output better reflects the
data structure.

Related to
GnuPG-bug-id: 5454

* configure.ac (*-apple-darwin*): Set _DARWIN_C_SOURCE 1.

--

GnuPG-bug-id: 5440
Reported-by: Jay Freeman
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* m4/gpg-error.m4: Update from libgpg-error.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* tests/run-verify.c (main): Remove C99-only syntax.
* tests/run-threaded.c (start_keylistings): Ditto.
--

Older gcc's do not grok this and there is no real need for it.

  run-verify.c:324: error: ‘for’ loop initial declarations are only
  allowed in C99 mode
  run-verify.c:324: note: use option -std=c99 or -std=gnu99 to compile
  your code

Reported-by: Lars Hecking

* src/gpgme.h.in (struct _gpgme_key_sig): Move trust_scope to the end
of the struct.
--

Fixes-commit: 276187f6

Note that we assume that splitting a reserved 28 bit field into 3
fields does not change the ABI.

* lang/cpp/src/editinteractor.cpp (EditInteractor::Private): Initialize
members 'state' and 'debug' in-class. Add member 'debugNeedsClosing'.
(EditInteractor::Private::Private): Remove members initializers.
Remember if 'debug' needs to be closed.
(EditInteractor::Private::~Private): Only close 'debug' if it needs to
be closed.
--

This fixes the problem that after destroying an edit interactor all
debug output went to /dev/null instead of stderr (or stdout) if one
enabled debugging of the edit interactors with GPGMEPP_INTERACTOR_DEBUG
set to stderr (or stdout).

* lang/qt/src/signkeyjob.h (SignKeyJob::setTrustSignature): New.
* lang/qt/src/qgpgmesignkeyjob.h, lang/qt/src/qgpgmesignkeyjob.cpp
(QGpgMESignKeyJob::setTrustSignature): New.
* lang/qt/src/qgpgmesignkeyjob.cpp (sign_key): Handle trust signatures.
(QGpgMESignKeyJob::start): Pass trust signature attributes to sign_key.
(QGpgMESignKeyJob::setTrustSignature): New.
--

This allows Kleopatra to create trust signatures for trusted
introducers.

GnuPG-bug-id: 5245, 5421

* lang/qt/src/qgpgmesignkeyjob.h: Remove unneeded includes. Include
<memory>.
(QGpgMESignKeyJob): Remove all member variables. Add pimpl pointer.
* lang/qt/src/qgpgmesignkeyjob.cpp: Include <QString>. Don't include
<memory>.
(QGpgMESignKeyJob::Private): New.
(QGpgMESignKeyJob::QGpgMESignKeyJob): Remove initialization of removed
members. Initialize d.
(QGpgMESignKeyJob::start, QGpgMESignKeyJob::setUserIDsToSign,
QGpgMESignKeyJob::setCheckLevel, QGpgMESignKeyJob::setExportable,
QGpgMESignKeyJob::setSigningKey, QGpgMESignKeyJob::setNonRevocable,
QGpgMESignKeyJob::setRemark, QGpgMESignKeyJob::setDupeOk): Adapt to move
of member variables to pimpl.
--

GnuPG-bug-id: 5245, 5421

* lang/cpp/src/gpgsignkeyeditinteractor.h,
lang/cpp/src/gpgsignkeyeditinteractor.cpp
(GpgSignKeyEditInteractor::setTrustSignatureTrust): New.
(GpgSignKeyEditInteractor::setTrustSignatureDepth): New.
(GpgSignKeyEditInteractor::setTrustSignatureScope): New.
* lang/cpp/src/gpgsignkeyeditinteractor.cpp
(GpgSignKeyEditInteractor::Private::Private): Initialize new member.
(makeTable): Add new transition. Fix typos in existing transitions.
(GpgSignKeyEditInteractor::action): Handle SET_TRUST_VALUE,
SET_TRUST_DEPTH, and SET_TRUST_REGEXP.
--

GnuPG-bug-id: 5245, 5421

* lang/cpp/src/key.h (TrustSignatureTrust): New enum.
* lang/cpp/src/key.h, lang/cpp/src/key.cpp
(UserID::Signature::isTrustSignature): New.
(UserID::Signature::trustValue): New.
(UserID::Signature::trustDepth): New.
(UserID::Signature::trustScope): New.
--

GnuPG-bug-id: 5245, 5420

* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419