mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
agent: New OPTION pretend-request-origin
* common/shareddefs.h (request_origin_t): New. * common/agent-opt.c (parse_request_origin): New. (str_request_origin): New. * agent/command.c (option_handler): Implement new option. -- This allows to pretend that a request originated from the extra or browser socket. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
5400a5bb77
commit
05c55ee260
@ -3101,6 +3101,21 @@ option_handler (assuan_context_t ctx, const char *key, const char *value)
|
||||
ctrl->s2k_count = 0;
|
||||
}
|
||||
}
|
||||
else if (!strcmp (key, "pretend-request-origin"))
|
||||
{
|
||||
log_assert (!ctrl->restricted);
|
||||
switch (parse_request_origin (value))
|
||||
{
|
||||
case REQUEST_ORIGIN_LOCAL: ctrl->restricted = 0; break;
|
||||
case REQUEST_ORIGIN_REMOTE: ctrl->restricted = 1; break;
|
||||
case REQUEST_ORIGIN_BROWSER: ctrl->restricted = 2; break;
|
||||
default:
|
||||
err = gpg_error (GPG_ERR_INV_VALUE);
|
||||
/* Better pretend to be remote in case of a bad value. */
|
||||
ctrl->restricted = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
else
|
||||
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
|
||||
|
||||
|
@ -69,3 +69,38 @@ str_pinentry_mode (pinentry_mode_t mode)
|
||||
}
|
||||
return "?";
|
||||
}
|
||||
|
||||
|
||||
/* Parse VALUE and return an integer representing a request_origin_t.
|
||||
* (-1) is returned for an invalid VALUE. */
|
||||
int
|
||||
parse_request_origin (const char *value)
|
||||
{
|
||||
int result;
|
||||
|
||||
if (!strcmp (value, "none") || !strcmp (value, "local"))
|
||||
result = REQUEST_ORIGIN_LOCAL;
|
||||
else if (!strcmp (value, "remote"))
|
||||
result = REQUEST_ORIGIN_REMOTE;
|
||||
else if (!strcmp (value, "browser"))
|
||||
result = REQUEST_ORIGIN_BROWSER;
|
||||
else
|
||||
result = -1;
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
|
||||
/* Return the string representation for the request origin. Returns
|
||||
* "?" for an invalid mode. */
|
||||
const char *
|
||||
str_request_origin (request_origin_t mode)
|
||||
{
|
||||
switch (mode)
|
||||
{
|
||||
case REQUEST_ORIGIN_LOCAL: return "local";
|
||||
case REQUEST_ORIGIN_REMOTE: return "remote";
|
||||
case REQUEST_ORIGIN_BROWSER: return "browser";
|
||||
}
|
||||
return "?";
|
||||
}
|
||||
|
@ -39,10 +39,23 @@ typedef enum
|
||||
pinentry_mode_t;
|
||||
|
||||
|
||||
/* Values for the request origin. */
|
||||
typedef enum
|
||||
{
|
||||
REQUEST_ORIGIN_LOCAL = 0,
|
||||
REQUEST_ORIGIN_REMOTE,
|
||||
REQUEST_ORIGIN_BROWSER
|
||||
}
|
||||
request_origin_t;
|
||||
|
||||
|
||||
/*-- agent-opt.c --*/
|
||||
int parse_pinentry_mode (const char *value);
|
||||
const char *str_pinentry_mode (pinentry_mode_t mode);
|
||||
|
||||
int parse_request_origin (const char *value);
|
||||
const char *str_request_origin (request_origin_t mode);
|
||||
|
||||
|
||||
|
||||
#endif /*GNUPG_COMMON_SHAREDDEFS_H*/
|
||||
|
@ -1581,6 +1581,27 @@ option is valid for the entire session or until reset to 0. This
|
||||
option is useful if the key is later used on boxes which are either
|
||||
much slower or faster than the actual box.
|
||||
|
||||
@item pretend-request-origin
|
||||
This option switches the connection into a restricted mode which
|
||||
handles all further commands in the same way as they would be handled
|
||||
when originating from the extra or browser socket. Note that this
|
||||
option is not available in the restricted mode. Valid values for this
|
||||
option are:
|
||||
|
||||
@table @code
|
||||
@item none
|
||||
@itemx local
|
||||
This is a NOP and leaves the connection in the standard way.
|
||||
|
||||
@item remote
|
||||
Pretend to come from a remote origin in the same way as connections
|
||||
from the @option{--extra-socket}.
|
||||
|
||||
@item browser
|
||||
Pretend to come from a local web browser in the same way as connections
|
||||
from the @option{--browser-socket}.
|
||||
@end table
|
||||
|
||||
@end table
|
||||
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user