mirror of git://git.gnupg.org/gnupg.git
3ef0938cfd
* agent/gpg-agent.c (oNoAllowLoopbackPinentry): New. (opts): Add --no-allow-loopback-pinentry. Hide description of --allow-loopback-pinentry. (parse_rereadable_options): Set opt.allow_loopback_pinentry by default. (main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry in the gpgconf list. * tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto. -- Given that a user can anyway change that options in the gpg-agent.conf file and that gpg needs to be invoked with --pinentry-mode=loopback the former default does not make much sense - in that option is useful at all. There was a discussion of this topic on gnupg-devel in April without a clear result. So we try this new default and just in case real problems are found for the majority of installations, we can revert that. The new default is also aligned with GnuPG's policy to make its use easier and only require users with very high security standards to tweak certain options (those users have anyway modeled their threat model and configured their software according to this). Signed-off-by: Werner Koch <wk@gnupg.org> |
||
|---|---|---|
| .. | ||
| ChangeLog-2011 | ||
| Makefile.am | ||
| agent.h | ||
| cache.c | ||
| call-pinentry.c | ||
| call-scd.c | ||
| command-ssh.c | ||
| command.c | ||
| cvt-openpgp.c | ||
| cvt-openpgp.h | ||
| divert-scd.c | ||
| findkey.c | ||
| genkey.c | ||
| gpg-agent-w32info.rc | ||
| gpg-agent.c | ||
| keyformat.txt | ||
| learncard.c | ||
| pkdecrypt.c | ||
| pksign.c | ||
| preset-passphrase.c | ||
| protect-tool.c | ||
| protect.c | ||
| t-protect.c | ||
| trans.c | ||
| trustlist.c | ||
| w32main.c | ||
| w32main.h | ||