From 04d58ff8475575f22a5ee1fb8c4f2c2dca0b5522 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor via Gnupg-devel <gnupg-devel@gnupg.org>
Date: Fri, 31 Jan 2025 12:37:18 -0500
Subject: [PATCH] gpg: --compliance={pgp7, pgp8} also now restore default
 options

* g10/gpg.c (set_compliance_option): oPGP7 and oPGP8 both restore
policy-relevant default options before setting the compliance flag.

--

With this change, any ordering of --compliance options will always
result in the options selected from the last option given.

GnuPG-bug-id: 7501
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
---
 g10/gpg.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/g10/gpg.c b/g10/gpg.c
index 3442afd00..70e1a7b3c 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2317,8 +2317,14 @@ set_compliance_option (enum cmd_and_opt_values option)
       opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
       opt.flags.allow_old_cipher_algos = 1;
       break;
-    case oPGP7:  opt.compliance = CO_PGP7;  break;
-    case oPGP8:  opt.compliance = CO_PGP8;  break;
+    case oPGP7:
+      set_compliance_option (oGnuPG);
+      opt.compliance = CO_PGP7;
+      break;
+    case oPGP8:
+      set_compliance_option (oGnuPG);
+      opt.compliance = CO_PGP8;
+      break;
     case oGnuPG:
       /* set up default options affected by policy compliance: */
       opt.compliance = CO_GNUPG;