agent: Allow GET_PASSPHRASE in restricted mode.

* agent/command.c (cmd_get_passphrase): Allow use in restricted mode
but ignore the cacheid.
--

The use case is symmetric encryption via the extra-socket.  To avoid
that the gpg running on the server has access to the cache we set the
cache id to NULL so that the cache is not used at all.

1 files changed, 4 insertions, 5 deletions

diff --git a/agent/command.c b/agent/command.c
index 20ae08e9f..575456cc5 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1988,9 +1988,6 @@ cmd_get_passphrase (assuan_context_t ctx, char *line)
   struct pin_entry_info_s *pi2 = NULL;
   int is_generated;
 
-  if (ctrl->restricted)
-    return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
-
   opt_data = has_option (line, "--data");
   opt_check = has_option (line, "--check");
   opt_no_ask = has_option (line, "--no-ask");
@@ -2039,7 +2036,9 @@ cmd_get_passphrase (assuan_context_t ctx, char *line)
   if (!desc)
     return set_error (GPG_ERR_ASS_PARAMETER, "no description given");
 
-  if (!strcmp (cacheid, "X"))
+  /* The only limitation in restricted mode is that we don't consider
+   * the cache.  */
+  if (ctrl->restricted || !strcmp (cacheid, "X"))
     cacheid = NULL;
   if (!strcmp (errtext, "X"))
     errtext = NULL;
@@ -2121,7 +2120,7 @@ cmd_get_passphrase (assuan_context_t ctx, char *line)
           entry_errtext = NULL;
           is_generated = !!(pi->status & PINENTRY_STATUS_PASSWORD_GENERATED);
 
-          /* We don't allow an empty passpharse in this mode.  */
+          /* We don't allow an empty passphrase in this mode.  */
           if (!is_generated
               && check_passphrase_constraints (ctrl, pi->pin,
                                                pi->constraints_flags,