From f8f6c6c7616662a6748d0a9cc19532d48e502d62 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Fri, 4 Oct 2024 12:03:11 +0200 Subject: [PATCH] gpgsm: Add compatibility flag no-keyinfo-cache * sm/gpgsm.c (compatibility_flags): Add flag. * sm/gpgsm.h (COMPAT_NO_KEYINFO_CACHE): New. * sm/call-agent.c (gpgsm_agent_istrusted): Act upon it. (gpgsm_agent_keyinfo): Ditto. --- sm/call-agent.c | 6 ++++++ sm/gpgsm.c | 1 + sm/gpgsm.h | 2 ++ 3 files changed, 9 insertions(+) diff --git a/sm/call-agent.c b/sm/call-agent.c index a0211fc41..dfaeee61a 100644 --- a/sm/call-agent.c +++ b/sm/call-agent.c @@ -1028,6 +1028,9 @@ gpgsm_agent_istrusted (ctrl_t ctrl, ksba_cert_t cert, const char *hexfpr, } /* First try to get the info from the cache. */ + if ((opt.compat_flags & COMPAT_NO_KEYINFO_CACHE)) + istrusted_cache_disabled = 1; + if (!istrusted_cache_disabled && !istrusted_cache_valid) { /* Cache is empty - fill it. */ @@ -1462,6 +1465,9 @@ gpgsm_agent_keyinfo (ctrl_t ctrl, const char *hexkeygrip, char **r_serialno) return gpg_error (GPG_ERR_INV_VALUE); /* First try to fill the cache. */ + if ((opt.compat_flags & COMPAT_NO_KEYINFO_CACHE)) + keyinfo_cache_disabled = 1; + if (!keyinfo_cache_disabled && !ctrl->keyinfo_cache_valid) { parm.fill_mode = 1; diff --git a/sm/gpgsm.c b/sm/gpgsm.c index c108da58c..26b05773c 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -501,6 +501,7 @@ static struct compatibility_flags_s compatibility_flags [] = { { COMPAT_ALLOW_KA_TO_ENCR, "allow-ka-to-encr" }, { COMPAT_NO_CHAIN_CACHE, "no-chain-cache" }, + { COMPAT_NO_KEYINFO_CACHE, "no-keyinfo-cache" }, { 0, NULL } }; diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 142e7bb94..916d0235c 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -223,6 +223,8 @@ struct /* Not actually a compatibiliy flag but useful to limit the * required memory for a validated key listing. */ #define COMPAT_NO_CHAIN_CACHE 2 +/* Ditto. But here to disable the keyinfo and istrusted cache. */ +#define COMPAT_NO_KEYINFO_CACHE 4 /* Forward declaration for an object defined in server.c */ struct server_local_s;