mirror of
git://git.gnupg.org/gnupg.git
synced 2025-01-02 12:01:32 +01:00
* gpg-agent.c: Remove help texts for options lile --lc-ctype.
(main): New option --allow-mark-trusted. * trustlist.c (agent_marktrusted): Use it here. * gpg-agent.texi (Agent Options): Add --allow-mark-trusted. * gpgconf-comp.c: Add --allow-mark-trusted for the gpg-agent.
This commit is contained in:
Werner Koch
parent
339f0840e1
commit
30bbef1a28
@ -1,3 +1,9 @@
|
|||||||
|
2004-05-03 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* gpg-agent.c: Remove help texts for options lile --lc-ctype.
|
||||||
|
(main): New option --allow-mark-trusted.
|
||||||
|
* trustlist.c (agent_marktrusted): Use it here.
|
||||||
|
|
||||||
2004-04-30 Werner Koch <wk@gnupg.org>
|
2004-04-30 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* protect-tool.c: New option --enable-status-msg.
|
* protect-tool.c: New option --enable-status-msg.
|
||||||
|
|||||||
@ -58,6 +58,7 @@ struct {
|
|||||||
int running_detached; /* we are running detached from the tty. */
|
int running_detached; /* we are running detached from the tty. */
|
||||||
|
|
||||||
int ignore_cache_for_signing;
|
int ignore_cache_for_signing;
|
||||||
|
int allow_mark_trusted;
|
||||||
int keep_tty; /* don't switch the TTY (for pinentry) on request */
|
int keep_tty; /* don't switch the TTY (for pinentry) on request */
|
||||||
int keep_display; /* don't switch the DISPLAY (for pinentry) on request */
|
int keep_display; /* don't switch the DISPLAY (for pinentry) on request */
|
||||||
} opt;
|
} opt;
|
||||||
|
|||||||
@ -80,6 +80,7 @@ enum cmd_and_opt_values
|
|||||||
oDisablePth,
|
oDisablePth,
|
||||||
|
|
||||||
oIgnoreCacheForSigning,
|
oIgnoreCacheForSigning,
|
||||||
|
oAllowMarkTrusted,
|
||||||
oKeepTTY,
|
oKeepTTY,
|
||||||
oKeepDISPLAY,
|
oKeepDISPLAY,
|
||||||
|
|
||||||
@ -109,21 +110,26 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
|
{ oLogFile, "log-file" ,2, N_("use a log file for the server")},
|
||||||
{ oDisablePth, "disable-pth", 0, N_("do not allow multiple connections")},
|
{ oDisablePth, "disable-pth", 0, N_("do not allow multiple connections")},
|
||||||
|
|
||||||
{ oPinentryProgram, "pinentry-program", 2 , "path to PIN Entry program" },
|
{ oPinentryProgram, "pinentry-program", 2 ,
|
||||||
{ oDisplay, "display", 2, "set the display" },
|
N_("|PGM|use PGM as the PIN-Entry program") },
|
||||||
{ oTTYname, "ttyname", 2, "set the tty terminal node name" },
|
{ oScdaemonProgram, "scdaemon-program", 2 ,
|
||||||
{ oTTYtype, "ttytype", 2, "set the tty terminal type" },
|
N_("|PGM|use PGM as the SCdaemon program") },
|
||||||
{ oLCctype, "lc-ctype", 2, "set the tty LC_CTYPE value" },
|
|
||||||
{ oLCmessages, "lc-messages", 2, "set the tty LC_MESSAGES value" },
|
|
||||||
|
|
||||||
{ oScdaemonProgram, "scdaemon-program", 2 , "path to SCdaemon program" },
|
{ oDisplay, "display", 2, "@" },
|
||||||
{ oDefCacheTTL, "default-cache-ttl", 4,
|
{ oTTYname, "ttyname", 2, "@" },
|
||||||
"|N|expire cached PINs after N seconds"},
|
{ oTTYtype, "ttytype", 2, "@" },
|
||||||
{ oIgnoreCacheForSigning, "ignore-cache-for-signing", 0,
|
{ oLCctype, "lc-ctype", 2, "@" },
|
||||||
"do not use the PIN cache when signing"},
|
{ oLCmessages, "lc-messages", 2, "@" },
|
||||||
{ oKeepTTY, "keep-tty", 0, N_("ignore requests to change the TTY")},
|
{ oKeepTTY, "keep-tty", 0, N_("ignore requests to change the TTY")},
|
||||||
{ oKeepDISPLAY, "keep-display",
|
{ oKeepDISPLAY, "keep-display",
|
||||||
0, N_("ignore requests to change the X display")},
|
0, N_("ignore requests to change the X display")},
|
||||||
|
|
||||||
|
{ oDefCacheTTL, "default-cache-ttl", 4,
|
||||||
|
N_("|N|expire cached PINs after N seconds")},
|
||||||
|
{ oIgnoreCacheForSigning, "ignore-cache-for-signing", 0,
|
||||||
|
N_("do not use the PIN cache when signing")},
|
||||||
|
{ oAllowMarkTrusted, "allow-mark-trusted", 0,
|
||||||
|
N_("allow clients to mark keys as \"trusted\"")},
|
||||||
{0}
|
{0}
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -336,6 +342,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
|
|||||||
opt.scdaemon_program = NULL;
|
opt.scdaemon_program = NULL;
|
||||||
opt.def_cache_ttl = DEFAULT_CACHE_TTL;
|
opt.def_cache_ttl = DEFAULT_CACHE_TTL;
|
||||||
opt.ignore_cache_for_signing = 0;
|
opt.ignore_cache_for_signing = 0;
|
||||||
|
opt.allow_mark_trusted = 0;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -367,6 +374,8 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
|
|||||||
|
|
||||||
case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;
|
case oIgnoreCacheForSigning: opt.ignore_cache_for_signing = 1; break;
|
||||||
|
|
||||||
|
case oAllowMarkTrusted: opt.allow_mark_trusted = 1; break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return 0; /* not handled */
|
return 0; /* not handled */
|
||||||
}
|
}
|
||||||
@ -648,6 +657,8 @@ main (int argc, char **argv )
|
|||||||
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
|
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
|
||||||
printf ("ignore-cache-for-signing:%lu:\n",
|
printf ("ignore-cache-for-signing:%lu:\n",
|
||||||
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
|
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
|
||||||
|
printf ("allow-mark-trusted:%lu:\n",
|
||||||
|
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
|
||||||
|
|
||||||
agent_exit (0);
|
agent_exit (0);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -224,7 +224,7 @@ agent_listtrusted (void *assuan_context)
|
|||||||
|
|
||||||
/* Insert the given fpr into our trustdb. We expect FPR to be an all
|
/* Insert the given fpr into our trustdb. We expect FPR to be an all
|
||||||
uppercase hexstring of 40 characters. FLAG is either 'P' or 'C'.
|
uppercase hexstring of 40 characters. FLAG is either 'P' or 'C'.
|
||||||
This function does first check whether that key has alreay ben put
|
This function does first check whether that key has alreay been put
|
||||||
into the trustdb and returns success in this case. Before a FPR
|
into the trustdb and returns success in this case. Before a FPR
|
||||||
actually gets inserted, the user is asked by means of the pin-entry
|
actually gets inserted, the user is asked by means of the pin-entry
|
||||||
whether this is actual wants he want to do.
|
whether this is actual wants he want to do.
|
||||||
@ -265,6 +265,10 @@ agent_marktrusted (CTRL ctrl, const char *name, const char *fpr, int flag)
|
|||||||
if (rc != -1)
|
if (rc != -1)
|
||||||
return rc; /* error in the trustdb */
|
return rc; /* error in the trustdb */
|
||||||
|
|
||||||
|
/* This feature must explicitly been enabled. */
|
||||||
|
if (!opt.allow_mark_trusted)
|
||||||
|
return gpg_error (GPG_ERR_NOT_SUPPORTED);
|
||||||
|
|
||||||
/* insert a new one */
|
/* insert a new one */
|
||||||
if (asprintf (&desc,
|
if (asprintf (&desc,
|
||||||
"Please verify that the certificate identified as:%%0A"
|
"Please verify that the certificate identified as:%%0A"
|
||||||
|
|||||||
@ -1,3 +1,7 @@
|
|||||||
|
2004-05-03 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* gpg-agent.texi (Agent Options): Add --allow-mark-trusted.
|
||||||
|
|
||||||
2004-02-03 Werner Koch <wk@gnupg.org>
|
2004-02-03 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* contrib.texi (Contributors): Updated from the gpg 1.2.3 thanks
|
* contrib.texi (Contributors): Updated from the gpg 1.2.3 thanks
|
||||||
|
|||||||
@ -238,6 +238,12 @@ seeing what the agent actually does.
|
|||||||
Don't allow multiple connections. This option is in general not very
|
Don't allow multiple connections. This option is in general not very
|
||||||
useful.
|
useful.
|
||||||
|
|
||||||
|
@item --allow-mark-trusted
|
||||||
|
@opindex allow-mark-trusted
|
||||||
|
Allow clients to mark keys as trusted, i.e. put them into the
|
||||||
|
@code{trustlist.txt} file. This is by default not allowed to make it
|
||||||
|
harder for users to inadvertly accept Root-CA keys.
|
||||||
|
|
||||||
@item --ignore-cache-for-signing
|
@item --ignore-cache-for-signing
|
||||||
@opindex ignore-cache-for-signing
|
@opindex ignore-cache-for-signing
|
||||||
This option will let gpg-agent bypass the passphrase cache for all
|
This option will let gpg-agent bypass the passphrase cache for all
|
||||||
|
|||||||
@ -1,3 +1,7 @@
|
|||||||
|
2004-05-03 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
|
* gpgconf-comp.c: Add --allow-mark-trusted for the gpg-agent.
|
||||||
|
|
||||||
2004-04-30 Werner Koch <wk@gnupg.org>
|
2004-04-30 Werner Koch <wk@gnupg.org>
|
||||||
|
|
||||||
* gpgconf-comp.c: Added more runtime flags for the gpg-agent
|
* gpgconf-comp.c: Added more runtime flags for the gpg-agent
|
||||||
|
|||||||
@ -469,6 +469,9 @@ static gc_option_t gc_options_gpg_agent[] =
|
|||||||
{ "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
|
{ "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME, GC_LEVEL_BASIC,
|
||||||
"gnupg", "do not use the PIN cache when signing",
|
"gnupg", "do not use the PIN cache when signing",
|
||||||
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||||
|
{ "allow-mark-trusted", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED,
|
||||||
|
"gnupg", "allow clients to mark keys as \"trusted\"",
|
||||||
|
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||||
{ "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT,
|
{ "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT,
|
||||||
"gnupg", "do not grab keyboard and mouse",
|
"gnupg", "do not grab keyboard and mouse",
|
||||||
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user