diff options
| author | Werner Koch <[email protected]> | 2022-06-14 12:25:21 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2022-06-14 12:25:21 +0000 |
| commit | 1530d04725d475bf29328eab40b42f72ff8aa06b (patch) | |
| tree | 238cce7b7458be38246758911e84e9506e296e0a /agent/gpg-agent.c | |
| parent | g10: Fix garbled status messages in NOTATION_DATA (diff) | |
| download | gnupg-1530d04725d475bf29328eab40b42f72ff8aa06b.tar.gz gnupg-1530d04725d475bf29328eab40b42f72ff8aa06b.zip | |
agent: New option --no-user-trustlist and --sys-trustlist-name.
* agent/gpg-agent.c (oNoUserTrustlist,oSysTrustlistName): New.
(opts): Add new option names.
(parse_rereadable_options): Parse options.
(finalize_rereadable_options): Reset allow-mark-trusted for the new
option.
* agent/agent.h (opt): Add fields no_user_trustlist and
sys_trustlist_name.
* agent/trustlist.c (make_sys_trustlist_name): New.
(read_one_trustfile): Use here.
(read_trustfiles): Use here. Implement --no-user-trustlist.
--
With the global options we can now avoid that a user changes the
Root-CA trust by editing the trustlist.txt. However, to implement
this we need a new option so that we don't need to rely on some magic
like --no-allow-mark-trusted has been put into a force section.
The second option makes system administration easier as it allows to
keep the trustlist in a non-distributed file.
GnuPG-bug-id: 5990
Diffstat (limited to 'agent/gpg-agent.c')
| -rw-r--r-- | agent/gpg-agent.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 468427933..7194e020a 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -128,6 +128,8 @@ enum cmd_and_opt_values oIgnoreCacheForSigning, oAllowMarkTrusted, oNoAllowMarkTrusted, + oNoUserTrustlist, + oSysTrustlistName, oAllowPresetPassphrase, oAllowLoopbackPinentry, oNoAllowLoopbackPinentry, @@ -251,6 +253,8 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_n (oNoAllowMarkTrusted, "no-allow-mark-trusted", /* */ N_("disallow clients to mark keys as \"trusted\"")), ARGPARSE_s_n (oAllowMarkTrusted, "allow-mark-trusted", "@"), + ARGPARSE_s_n (oNoUserTrustlist, "no-user-trustlist", "@"), + ARGPARSE_s_s (oSysTrustlistName, "sys-trustlist-name", "@"), ARGPARSE_s_n (oAllowPresetPassphrase, "allow-preset-passphrase", /* */ N_("allow presetting passphrase")), ARGPARSE_s_u (oS2KCount, "s2k-count", "@"), @@ -871,6 +875,7 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread) opt.enable_extended_key_format = 1; opt.ignore_cache_for_signing = 0; opt.allow_mark_trusted = 1; + opt.sys_trustlist_name = NULL; opt.allow_external_cache = 1; opt.allow_loopback_pinentry = 1; opt.allow_emacs_pinentry = 0; @@ -968,6 +973,8 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread) case oAllowMarkTrusted: opt.allow_mark_trusted = 1; break; case oNoAllowMarkTrusted: opt.allow_mark_trusted = 0; break; + case oNoUserTrustlist: opt.no_user_trustlist = 1; break; + case oSysTrustlistName: opt.sys_trustlist_name = pargs->r.ret_str; break; case oAllowPresetPassphrase: opt.allow_preset_passphrase = 1; break; @@ -1013,6 +1020,11 @@ finalize_rereadable_options (void) /* Hack to allow --grab to override --no-grab. */ if ((opt.no_grab & 2)) opt.no_grab = 0; + + /* With --no-user-trustlist it does not make sense to allow the mark + * trusted feature. */ + if (opt.no_user_trustlist) + opt.allow_mark_trusted = 0; } |