diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2019-05-20 19:06:57 +0000 |
|---|---|---|
| committer | Daniel Kahn Gillmor <[email protected]> | 2019-05-20 21:38:12 +0000 |
| commit | bf2724880fe54d0dbf34bfa9fef2f31fa6809f55 (patch) | |
| tree | 3d27cd1600f19ac9ee72cdb948aa9eaf85093728 /dirmngr | |
| parent | gpg: Do not delete any keys if --dry-run is passed. (diff) | |
| download | gnupg-dkg/fix-T4522.tar.gz gnupg-dkg/fix-T4522.zip | |
gpg-agent: add new CACHE_MODE_EXPORTdkg/fix-T4522
* agent/agent.h: define CACHE_MODE_EXPORT
* agent/call-pinentry.c (agent_askpin, agent_get_passphrase): use "e/"
as the prefix for SETKEYINFO when in CACHE_MODE_EXPORT.
(agent_clear_passphrase): allow clearing the export cache.
* agent/command.c (cmd_clear_passphrase): add --mode=export.
(cmd_export_key): use CACHE_MODE_EXPORT.
* tests/openpgp/export.scm: no need to feed passphrases during export,
already cached.
----
We don't want secret keys to be able to be exported automatically
based on the same system passphrase cache used by standard decryption
or signing operations.
So we introduce a "export" cache mode which can be used by EXPORT_KEY.
I confess i don't fully understand the changes made to
tests/openpgp/export.scm -- i'm not sure why the passphrase is already
supplied in this case.
Gnupg-Bug-Id: 4522
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
Diffstat (limited to 'dirmngr')
0 files changed, 0 insertions, 0 deletions