gpg: Add option '--disable-dirmngr'.

* doc/gpg.texi: Document new option. * g10/call-dirmngr.c (create_context): Fail if option is given. * g10/gpg.c (cmd_and_opt_values): New value. (opts): New option. (gpgconf_list): Add new option. (main): Handle new option. * g10/options.h (struct opt): New field 'disable_dirmngr'. * tools/gpgconf-comp.c (gc_options_gpg): New option. GnuPG-bug-id: 3334 Signed-off-by: Justus Winter <justus@g10code.com>
2017-08-08 11:43:22 +02:00 · 2017-08-08 11:43:22 +02:00 · c4506f624e
parent 81074c3b02
commit c4506f624e
5 changed files with 15 additions and 0 deletions
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@ -1976,6 +1976,9 @@ file name.
 Specify a dirmngr program to be used for keyserver access.  The
 default value is @file{@value{BINDIR}/dirmngr}.

+@item --disable-dirmngr
+Entirely disable the use of the Dirmngr.
+
@item --no-autostart
@opindex no-autostart
 Do not start the gpg-agent or the dirmngr if it has not yet been
--- a/g10/call-dirmngr.c
+++ b/g10/call-dirmngr.c
@ -184,6 +184,10 @@ create_context (ctrl_t ctrl, assuan_context_t *r_ctx)
  assuan_context_t ctx;

  *r_ctx = NULL;
+
+  if (opt.disable_dirmngr)
+    return gpg_error (GPG_ERR_NO_DIRMNGR);
+
  err = start_new_dirmngr (&ctx,
                           GPG_ERR_SOURCE_DEFAULT,
                           opt.dirmngr_program,
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -374,6 +374,7 @@ enum cmd_and_opt_values
    oPersonalCompressPreferences,
    oAgentProgram,
    oDirmngrProgram,
+    oDisableDirmngr,
    oDisplay,
    oTTYname,
    oTTYtype,
@ -837,6 +838,7 @@ static ARGPARSE_OPTS opts[] = {

  ARGPARSE_s_s (oAgentProgram, "agent-program", "@"),
  ARGPARSE_s_s (oDirmngrProgram, "dirmngr-program", "@"),
+  ARGPARSE_s_n (oDisableDirmngr, "disable-dirmngr", "@"),
  ARGPARSE_s_s (oDisplay,    "display",    "@"),
  ARGPARSE_s_s (oTTYname,    "ttyname",    "@"),
  ARGPARSE_s_s (oTTYtype,    "ttytype",    "@"),
@ -1857,6 +1859,7 @@ gpgconf_list (const char *configfile)
  es_printf ("compliance:%lu:\"%s:\n", GC_OPT_FLAG_DEFAULT, "gnupg");
  es_printf ("default-new-key-algo:%lu:\n", GC_OPT_FLAG_NONE);
  es_printf ("trust-model:%lu:\n", GC_OPT_FLAG_NONE);
+  es_printf ("disable-dirmngr:%lu:\n", GC_OPT_FLAG_NONE);

  /* The next one is an info only item and should match the macros at
     the top of keygen.c  */
@ -3388,6 +3391,7 @@ main (int argc, char **argv)
 	    break;
          case oAgentProgram: opt.agent_program = pargs.r.ret_str;  break;
          case oDirmngrProgram: opt.dirmngr_program = pargs.r.ret_str; break;
+	  case oDisableDirmngr: opt.disable_dirmngr = 1;  break;
          case oWeakDigest:
 	    additional_weak_digest(pargs.r.ret_str);
 	    break;
--- a/g10/options.h
+++ b/g10/options.h
@ -121,6 +121,7 @@ struct
  int max_cert_depth;
  const char *agent_program;
  const char *dirmngr_program;
+  int disable_dirmngr;

  const char *def_new_key_algo;

--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@ -759,6 +759,9 @@ static gc_option_t gc_options_gpg[] =
     NULL, NULL, GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
   { "no-auto-key-retrieve", GC_OPT_FLAG_NONE, GC_LEVEL_ADVANCED,
     NULL, NULL, GC_ARG_TYPE_NONE, GC_BACKEND_GPG },
+   { "disable-dirmngr", GC_OPT_FLAG_NONE, GC_LEVEL_EXPERT,
+     "gnupg", N_("disable all access to the dirmngr"),
+     GC_ARG_TYPE_NONE, GC_BACKEND_GPG },


   GC_OPTION_NULL