diff options
| author | Werner Koch <wk@gnupg.org> | 2016-05-10 11:01:42 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2016-05-10 11:01:42 +0200 |
| commit | ac9ff644b12c4dfa55d466af8ae6af54d1646893 (patch) | |
| tree | 53c7e2f423de931b5f87bedc9850de115fa5bc8e /g10/delkey.c | |
| parent | gpg: Fix buglet in the check_all_keysigs function. (diff) | |
| download | gnupg2-ac9ff644b12c4dfa55d466af8ae6af54d1646893.tar.xz gnupg2-ac9ff644b12c4dfa55d466af8ae6af54d1646893.zip | |
gpg: Allow unattended deletion of secret keys.
* agent/command.c (cmd_delete_key): Make the --force option depend on
--disallow-loopback-passphrase.
* g10/call-agent.c (agent_delete_key): Add arg FORCE.
* g10/delkey.c (do_delete_key): Pass opt.answer_yes to
agent_delete_key.
--
Unless the agent has been configured with
--disallow-loopback-passpharse an unattended deletion of a secret key
is now possible with gpg by using --batch _and_ --yes.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'g10/delkey.c')
| -rw-r--r-- | g10/delkey.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/g10/delkey.c b/g10/delkey.c index f76277c5a..966c5712f 100644 --- a/g10/delkey.c +++ b/g10/delkey.c @@ -184,8 +184,14 @@ do_delete_key( const char *username, int secret, int force, int *r_sec_avail ) prompt = gpg_format_keydesc (node->pkt->pkt.public_key, FORMAT_KEYDESC_DELKEY, 1); err = hexkeygrip_from_pk (node->pkt->pkt.public_key, &hexgrip); + /* NB: We require --yes to advise the agent not to + * request a confirmation. The rationale for this extra + * pre-caution is that since 2.1 the secret key may also + * be used for other protocols and thus deleting it from + * the gpg would also delete the key for other tools. */ if (!err) - err = agent_delete_key (NULL, hexgrip, prompt); + err = agent_delete_key (NULL, hexgrip, prompt, + opt.answer_yes); xfree (prompt); xfree (hexgrip); if (err) |