From ac9ff644b12c4dfa55d466af8ae6af54d1646893 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Tue, 10 May 2016 11:01:42 +0200 Subject: gpg: Allow unattended deletion of secret keys. * agent/command.c (cmd_delete_key): Make the --force option depend on --disallow-loopback-passphrase. * g10/call-agent.c (agent_delete_key): Add arg FORCE. * g10/delkey.c (do_delete_key): Pass opt.answer_yes to agent_delete_key. -- Unless the agent has been configured with --disallow-loopback-passpharse an unattended deletion of a secret key is now possible with gpg by using --batch _and_ --yes. Signed-off-by: Werner Koch --- agent/command.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'agent') diff --git a/agent/command.c b/agent/command.c index c94fdd37a..dfbb83194 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2333,8 +2333,9 @@ cmd_export_key (assuan_context_t ctx, char *line) static const char hlp_delete_key[] = "DELETE_KEY [--force] \n" "\n" - "Delete a secret key from the key store.\n" - "Unless --force is used the agent asks the user for confirmation.\n"; + "Delete a secret key from the key store. If --force is used\n" + "and a loopback pinentry is allowed, the agent will not ask\n" + "the user for confirmation."; static gpg_error_t cmd_delete_key (assuan_context_t ctx, char *line) { @@ -2349,6 +2350,11 @@ cmd_delete_key (assuan_context_t ctx, char *line) force = has_option (line, "--force"); line = skip_options (line); + /* If the use of a loopback pinentry has been disabled, we assume + * that a silent deletion of keys shall also not be allowed. */ + if (!opt.allow_loopback_pinentry) + force = 0; + err = parse_keygrip (ctx, line, grip); if (err) goto leave; -- cgit v1.2.3