agent: New option --restricted for PRESET_PASSPHRASE.

* agent/command.c (cmd_preset_passphrase): Add option.

* agent/preset-passphrase.c (oRestricted): New.
(opts): Add option --restricted.
(main): Set option.
(preset_passphrase): Use option.
--

We use a different cache for connections from the extra-socket.
However, with gpg-preset-passphrase is only able to preset a
passphrase into the regular cache.  Further, a restricted connection
may not use PRESET_PASSPHRASE.  To solve this we add an new option to
preset the passphrase into the "restricted" cache.  For the
gpg-preset-passphrase tool we also add the option --restricted.

Note that this does not yet work with gpg-preset-passphrase --forget.

1 files changed, 8 insertions, 1 deletions

diff --git a/agent/preset-passphrase.c b/agent/preset-passphrase.c
index df6da00e3..4cf624462 100644
--- a/agent/preset-passphrase.c
+++ b/agent/preset-passphrase.c
@@ -63,11 +63,13 @@ enum cmd_and_opt_values
   oNoVerbose = 500,
 
   oHomedir,
+  oRestricted,
 
 aTest };
 
 
 static const char *opt_passphrase;
+static int opt_restricted;
 
 static gpgrt_opt_t opts[] = {
 
@@ -79,6 +81,7 @@ static gpgrt_opt_t opts[] = {
   { oForget,  "forget",  256, "forget passphrase"},
 
   { oHomedir, "homedir", 2, "@" },
+  { oRestricted,  "restricted", 0, "put into the restricted cache"},
 
   ARGPARSE_end ()
 };
@@ -156,7 +159,9 @@ preset_passphrase (const char *keygrip)
       return;
     }
 
-  rc = asprintf (&line, "PRESET_PASSPHRASE %s -1 %s\n", keygrip,
+  rc = asprintf (&line, "PRESET_PASSPHRASE %s%s -1 %s\n",
+                 opt_restricted? "--restricted ":"",
+                 keygrip,
 		 passphrase_esc);
   wipememory (passphrase_esc, strlen (passphrase_esc));
   xfree (passphrase_esc);
@@ -232,6 +237,8 @@ main (int argc, char **argv)
         case oForget: cmd = oForget; break;
         case oPassphrase: opt_passphrase = pargs.r.ret_str; break;
 
+        case oRestricted: opt_restricted = 1; break;
+
         default : pargs.err = 2; break;
 	}
     }