mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-11 23:59:50 +02:00
1530d04725
* agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New. (opts): Add new option names. (parse_rereadable_options): Parse options. (finalize_rereadable_options): Reset allow-mark-trusted for the new option. * agent/agent.h (opt): Add fields no_user_trustlist and sys_trustlist_name. * agent/trustlist.c (make_sys_trustlist_name): New. (read_one_trustfile): Use here. (read_trustfiles): Use here. Implement --no-user-trustlist. -- With the global options we can now avoid that a user changes the Root-CA trust by editing the trustlist.txt. However, to implement this we need a new option so that we don't need to rely on some magic like --no-allow-mark-trusted has been put into a force section. The second option makes system administration easier as it allows to keep the trustlist in a non-distributed file. GnuPG-bug-id: 5990 |
||
---|---|---|
.. | ||
agent.h | ||
all-tests.scm | ||
cache.c | ||
call-daemon.c | ||
call-pinentry.c | ||
call-scd.c | ||
call-tpm2d.c | ||
ChangeLog-2011 | ||
command-ssh.c | ||
command.c | ||
cvt-openpgp.c | ||
cvt-openpgp.h | ||
divert-scd.c | ||
divert-tpm2.c | ||
findkey.c | ||
genkey.c | ||
gpg-agent-w32info.rc | ||
gpg-agent.c | ||
keyformat.txt | ||
learncard.c | ||
Makefile.am | ||
pkdecrypt.c | ||
pksign.c | ||
preset-passphrase.c | ||
protect-tool.c | ||
protect.c | ||
sexp-secret.c | ||
t-protect.c | ||
trans.c | ||
trustlist.c | ||
w32main.c | ||
w32main.h |