1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Werner Koch d0bd91ba73
agent: New option --no-user-trustlist and --sys-trustlist-name.
* agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New.
(opts): Add new option names.
(parse_rereadable_options): Parse options.
(finalize_rereadable_options): Reset allow-mark-trusted for the new
option.
* agent/agent.h (opt): Add fields no_user_trustlist and
sys_trustlist_name.
* agent/trustlist.c (make_sys_trustlist_name): New.
(read_one_trustfile): Use here.
(read_trustfiles): Use here.  Implement --no-user-trustlist.  Also
repalce "allow_include" by "systrust" and adjust callers.
--

With the global options we can now avoid that a user changes the
Root-CA trust by editing the trustlist.txt.  However, to implement
this we need a new option so that we don't need to rely on some magic
like --no-allow-mark-trusted has been put into a force section.

The second option makes system administration easier as it allows to
keep the trustlist in a non-distributed file.

GnuPG-bug-id: 5990
Backported-from-master: 1530d04725d475bf29328eab40b42f72ff8aa06b
2022-07-27 17:02:29 +02:00
..
2014-12-14 12:15:21 +01:00
sm/
2006-11-14 10:23:21 +00:00
2016-09-20 09:32:25 +09:00
DCO
2013-04-17 11:26:27 +02:00
2021-11-05 09:00:19 +01:00
2003-01-09 13:24:01 +00:00
2016-09-20 09:56:22 +09:00
2010-06-10 10:39:44 +00:00
2007-07-04 19:49:40 +00:00
2007-03-08 18:31:56 +00:00
2014-07-03 11:03:22 +02:00
2022-03-08 18:19:38 +01:00
2017-12-08 07:40:06 +01:00
2007-05-08 13:59:41 +00:00
2006-08-21 20:20:23 +00:00
2021-08-16 11:59:29 +02:00
2016-09-17 16:00:37 +09:00
2016-09-20 09:56:22 +09:00
2008-06-25 11:14:48 +00:00
2012-11-30 12:47:49 -05:00
2011-08-12 14:40:47 +02:00
2022-03-22 10:21:12 +01:00
2017-02-21 13:11:46 -05:00
2006-12-06 16:38:34 +00:00
2017-08-28 11:18:26 +02:00