diff options
| author | Werner Koch <wk@gnupg.org> | 2015-06-29 11:03:58 +0200 |
|---|---|---|
| committer | Werner Koch <wk@gnupg.org> | 2015-06-29 11:06:41 +0200 |
| commit | 2c9c46e2a2b8f9a1bdc1ef46a135b5fc7d1a8073 (patch) | |
| tree | e37f62f94baf893e462490dd9c874179c1ded14e /sm | |
| parent | scd: Support button flag and AES key data for OpenPGPcard v3.0. (diff) | |
| download | gnupg2-2c9c46e2a2b8f9a1bdc1ef46a135b5fc7d1a8073.tar.xz gnupg2-2c9c46e2a2b8f9a1bdc1ef46a135b5fc7d1a8073.zip | |
gpgsm: Add command option "offline".
* sm/server.c (option_handler): Add "offline".
(cmd_getinfo): Ditto.
* sm/certchain.c (is_cert_still_valid):
(do_validate_chain):
* sm/gpgsm.c (gpgsm_init_default_ctrl): Default "offline" to the value
of --disable-dirmngr.
* sm/call-dirmngr.c (start_dirmngr_ext): Better also check for
ctrl->offline.
--
Adding this option makes it easier to implement the corresponding
feature in gpgme.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'sm')
| -rw-r--r-- | sm/call-dirmngr.c | 2 | ||||
| -rw-r--r-- | sm/certchain.c | 6 | ||||
| -rw-r--r-- | sm/gpgsm.c | 1 | ||||
| -rw-r--r-- | sm/gpgsm.h | 1 | ||||
| -rw-r--r-- | sm/server.c | 19 |
5 files changed, 23 insertions, 6 deletions
diff --git a/sm/call-dirmngr.c b/sm/call-dirmngr.c index 8e4841bf9..bfb80fb85 100644 --- a/sm/call-dirmngr.c +++ b/sm/call-dirmngr.c @@ -198,7 +198,7 @@ start_dirmngr_ext (ctrl_t ctrl, assuan_context_t *ctx_r) gpg_error_t err; assuan_context_t ctx; - if (opt.disable_dirmngr) + if (opt.disable_dirmngr || ctrl->offline) return gpg_error (GPG_ERR_NO_DIRMNGR); if (*ctx_r) diff --git a/sm/certchain.c b/sm/certchain.c index 5e7121caa..579ca9e74 100644 --- a/sm/certchain.c +++ b/sm/certchain.c @@ -957,7 +957,7 @@ is_cert_still_valid (ctrl_t ctrl, int force_ocsp, int lm, estream_t fp, { gpg_error_t err; - if (opt.no_crl_check && !ctrl->use_ocsp) + if (ctrl->offline || (opt.no_crl_check && !ctrl->use_ocsp)) { audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK, gpg_error (GPG_ERR_NOT_ENABLED)); @@ -1749,9 +1749,9 @@ do_validate_chain (ctrl_t ctrl, ksba_cert_t cert, ksba_isotime_t checktime_arg, if (opt.no_policy_check) log_info ("policies not checked due to %s option\n", "--disable-policy-checks"); - if (opt.no_crl_check && !ctrl->use_ocsp) + if (ctrl->offline || (opt.no_crl_check && !ctrl->use_ocsp)) log_info ("CRLs not checked due to %s option\n", - "--disable-crl-checks"); + ctrl->offline ? "offline" : "--disable-crl-checks"); } if (!rc) diff --git a/sm/gpgsm.c b/sm/gpgsm.c index 39c3c403b..977494ce4 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -2067,6 +2067,7 @@ gpgsm_init_default_ctrl (struct server_control_s *ctrl) ctrl->include_certs = default_include_certs; ctrl->use_ocsp = opt.enable_ocsp; ctrl->validation_model = default_validation_model; + ctrl->offline = opt.disable_dirmngr; } diff --git a/sm/gpgsm.h b/sm/gpgsm.h index 187ed8368..9fc74c3d6 100644 --- a/sm/gpgsm.h +++ b/sm/gpgsm.h @@ -201,6 +201,7 @@ struct server_control_s int validation_model; /* 0 := standard model (shell), 1 := chain model, 2 := STEED model. */ + int offline; /* If true gpgsm won't do any network access. */ }; diff --git a/sm/server.c b/sm/server.c index 0bee5b205..571b0794b 100644 --- a/sm/server.c +++ b/sm/server.c @@ -309,6 +309,16 @@ option_handler (assuan_context_t ctx, const char *key, const char *value) { ctrl->server_local->no_encrypt_to = 1; } + else if (!strcmp (key, "offline")) + { + /* We ignore this option if gpgsm has been started with + --disable-dirmngr (which also sets offline). */ + if (!opt.disable_dirmngr) + { + int i = *value? !!atoi (value) : 1; + ctrl->offline = i; + } + } else err = gpg_error (GPG_ERR_UNKNOWN_OPTION); @@ -1093,10 +1103,12 @@ static const char hlp_getinfo[] = " pid - Return the process id of the server.\n" " agent-check - Return success if the agent is running.\n" " cmd_has_option CMD OPT\n" - " - Returns OK if the command CMD implements the option OPT."; + " - Returns OK if the command CMD implements the option OPT.\n" + " offline - Returns OK if the conenction is in offline mode."; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) { + ctrl_t ctrl = assuan_get_pointer (ctx); int rc = 0; if (!strcmp (line, "version")) @@ -1113,7 +1125,6 @@ cmd_getinfo (assuan_context_t ctx, char *line) } else if (!strcmp (line, "agent-check")) { - ctrl_t ctrl = assuan_get_pointer (ctx); rc = gpgsm_agent_send_nop (ctrl); } else if (!strncmp (line, "cmd_has_option", 14) @@ -1148,6 +1159,10 @@ cmd_getinfo (assuan_context_t ctx, char *line) } } } + else if (!strcmp (line, "offline")) + { + rc = ctrl->offline? 0 : gpg_error (GPG_ERR_GENERAL); + } else rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); |