mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-22 10:19:57 +01:00
agent: Add option --force to the DELETE_KEY command.
* agent/findkey.c (agent_delete_key): Add arg "force". * agent/command.c (cmd_delete_key): Add option --force. Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
9f31ab3d21
commit
a68c5c5c7f
@ -386,7 +386,7 @@ gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
|
|||||||
int *r_keytype,
|
int *r_keytype,
|
||||||
unsigned char **r_shadow_info);
|
unsigned char **r_shadow_info);
|
||||||
gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text,
|
gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text,
|
||||||
const unsigned char *grip);
|
const unsigned char *grip, int force);
|
||||||
|
|
||||||
/*-- call-pinentry.c --*/
|
/*-- call-pinentry.c --*/
|
||||||
void initialize_module_call_pinentry (void);
|
void initialize_module_call_pinentry (void);
|
||||||
|
@ -2388,27 +2388,29 @@ cmd_export_key (assuan_context_t ctx, char *line)
|
|||||||
|
|
||||||
|
|
||||||
static const char hlp_delete_key[] =
|
static const char hlp_delete_key[] =
|
||||||
"DELETE_KEY <hexstring_with_keygrip>\n"
|
"DELETE_KEY [--force] <hexstring_with_keygrip>\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Delete a secret key from the key store.\n"
|
"Delete a secret key from the key store.\n"
|
||||||
"As safeguard the agent asks the user for confirmation.\n";
|
"Unless --force is used the agent asks the user for confirmation.\n";
|
||||||
static gpg_error_t
|
static gpg_error_t
|
||||||
cmd_delete_key (assuan_context_t ctx, char *line)
|
cmd_delete_key (assuan_context_t ctx, char *line)
|
||||||
{
|
{
|
||||||
ctrl_t ctrl = assuan_get_pointer (ctx);
|
ctrl_t ctrl = assuan_get_pointer (ctx);
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
|
int force;
|
||||||
unsigned char grip[20];
|
unsigned char grip[20];
|
||||||
|
|
||||||
if (ctrl->restricted)
|
if (ctrl->restricted)
|
||||||
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
|
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
|
||||||
|
|
||||||
|
force = has_option (line, "--force");
|
||||||
line = skip_options (line);
|
line = skip_options (line);
|
||||||
|
|
||||||
err = parse_keygrip (ctx, line, grip);
|
err = parse_keygrip (ctx, line, grip);
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
err = agent_delete_key (ctrl, ctrl->server_local->keydesc, grip);
|
err = agent_delete_key (ctrl, ctrl->server_local->keydesc, grip, force );
|
||||||
if (err)
|
if (err)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
|
100
agent/findkey.c
100
agent/findkey.c
@ -1219,14 +1219,18 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
|
|||||||
|
|
||||||
|
|
||||||
/* Delete the key with GRIP from the disk after having asked for
|
/* Delete the key with GRIP from the disk after having asked for
|
||||||
confirmation using DESC_TEXT. Common error codes are:
|
confirmation using DESC_TEXT. If FORCE is set the fucntion won't
|
||||||
|
require a confirmation via Pinentry or warns if the key is also
|
||||||
|
used by ssh.
|
||||||
|
|
||||||
|
Common error codes are:
|
||||||
GPG_ERR_NO_SECKEY
|
GPG_ERR_NO_SECKEY
|
||||||
GPG_ERR_KEY_ON_CARD
|
GPG_ERR_KEY_ON_CARD
|
||||||
GPG_ERR_NOT_CONFIRMED
|
GPG_ERR_NOT_CONFIRMED
|
||||||
*/
|
*/
|
||||||
gpg_error_t
|
gpg_error_t
|
||||||
agent_delete_key (ctrl_t ctrl, const char *desc_text,
|
agent_delete_key (ctrl_t ctrl, const char *desc_text,
|
||||||
const unsigned char *grip)
|
const unsigned char *grip, int force)
|
||||||
{
|
{
|
||||||
gpg_error_t err;
|
gpg_error_t err;
|
||||||
gcry_sexp_t s_skey = NULL;
|
gcry_sexp_t s_skey = NULL;
|
||||||
@ -1253,57 +1257,57 @@ agent_delete_key (ctrl_t ctrl, const char *desc_text,
|
|||||||
case PRIVATE_KEY_CLEAR:
|
case PRIVATE_KEY_CLEAR:
|
||||||
case PRIVATE_KEY_OPENPGP_NONE:
|
case PRIVATE_KEY_OPENPGP_NONE:
|
||||||
case PRIVATE_KEY_PROTECTED:
|
case PRIVATE_KEY_PROTECTED:
|
||||||
{
|
bin2hex (grip, 20, hexgrip);
|
||||||
bin2hex (grip, 20, hexgrip);
|
if (!force)
|
||||||
if (!desc_text)
|
|
||||||
{
|
|
||||||
default_desc = xtryasprintf
|
|
||||||
(L_("Do you really want to delete the key identified by keygrip%%0A"
|
|
||||||
" %s%%0A %%C%%0A?"), hexgrip);
|
|
||||||
desc_text = default_desc;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Note, that we will take the comment as a C string for
|
|
||||||
display purposes; i.e. all stuff beyond a Nul character is
|
|
||||||
ignored. */
|
|
||||||
{
|
{
|
||||||
gcry_sexp_t comment_sexp;
|
if (!desc_text)
|
||||||
|
{
|
||||||
|
default_desc = xtryasprintf
|
||||||
|
(L_("Do you really want to delete the key identified by keygrip%%0A"
|
||||||
|
" %s%%0A %%C%%0A?"), hexgrip);
|
||||||
|
desc_text = default_desc;
|
||||||
|
}
|
||||||
|
|
||||||
comment_sexp = gcry_sexp_find_token (s_skey, "comment", 0);
|
/* Note, that we will take the comment as a C string for
|
||||||
if (comment_sexp)
|
display purposes; i.e. all stuff beyond a Nul character is
|
||||||
comment = gcry_sexp_nth_string (comment_sexp, 1);
|
ignored. */
|
||||||
gcry_sexp_release (comment_sexp);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (desc_text)
|
|
||||||
err = modify_description (desc_text, comment? comment:"", s_skey,
|
|
||||||
&desc_text_final);
|
|
||||||
if (err)
|
|
||||||
goto leave;
|
|
||||||
|
|
||||||
err = agent_get_confirmation (ctrl, desc_text_final,
|
|
||||||
L_("Delete key"), L_("No"), 0);
|
|
||||||
if (err)
|
|
||||||
goto leave;
|
|
||||||
|
|
||||||
cf = ssh_open_control_file ();
|
|
||||||
if (cf)
|
|
||||||
{
|
{
|
||||||
if (!ssh_search_control_file (cf, hexgrip, NULL, NULL, NULL))
|
gcry_sexp_t comment_sexp;
|
||||||
{
|
|
||||||
err = agent_get_confirmation
|
comment_sexp = gcry_sexp_find_token (s_skey, "comment", 0);
|
||||||
(ctrl,
|
if (comment_sexp)
|
||||||
L_("Warning: This key is also listed for use with SSH!\n"
|
comment = gcry_sexp_nth_string (comment_sexp, 1);
|
||||||
"Deleting the key might remove your ability to "
|
gcry_sexp_release (comment_sexp);
|
||||||
"access remote machines."),
|
|
||||||
L_("Delete key"), L_("No"), 0);
|
|
||||||
if (err)
|
|
||||||
goto leave;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
err = remove_key_file (grip);
|
if (desc_text)
|
||||||
}
|
err = modify_description (desc_text, comment? comment:"", s_skey,
|
||||||
|
&desc_text_final);
|
||||||
|
if (err)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
err = agent_get_confirmation (ctrl, desc_text_final,
|
||||||
|
L_("Delete key"), L_("No"), 0);
|
||||||
|
if (err)
|
||||||
|
goto leave;
|
||||||
|
|
||||||
|
cf = ssh_open_control_file ();
|
||||||
|
if (cf)
|
||||||
|
{
|
||||||
|
if (!ssh_search_control_file (cf, hexgrip, NULL, NULL, NULL))
|
||||||
|
{
|
||||||
|
err = agent_get_confirmation
|
||||||
|
(ctrl,
|
||||||
|
L_("Warning: This key is also listed for use with SSH!\n"
|
||||||
|
"Deleting the key might remove your ability to "
|
||||||
|
"access remote machines."),
|
||||||
|
L_("Delete key"), L_("No"), 0);
|
||||||
|
if (err)
|
||||||
|
goto leave;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
err = remove_key_file (grip);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case PRIVATE_KEY_SHADOWED:
|
case PRIVATE_KEY_SHADOWED:
|
||||||
|
Loading…
x
Reference in New Issue
Block a user