diff options
| -rw-r--r-- | agent/gpg-agent.c | 12 | ||||
| -rw-r--r-- | doc/gpg-agent.texi | 10 | ||||
| -rw-r--r-- | tools/gpgconf-comp.c | 4 |
3 files changed, 16 insertions, 10 deletions
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index a87052a92..a9505307f 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -122,6 +122,7 @@ enum cmd_and_opt_values oNoAllowMarkTrusted, oAllowPresetPassphrase, oAllowLoopbackPinentry, + oNoAllowLoopbackPinentry, oNoAllowExternalCache, oAllowEmacsPinentry, oKeepTTY, @@ -220,8 +221,9 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMarkTrusted, "allow-mark-trusted", "@"), ARGPARSE_s_n (oAllowPresetPassphrase, "allow-preset-passphrase", /* */ N_("allow presetting passphrase")), - ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry", - N_("allow caller to override the pinentry")), + ARGPARSE_s_n (oNoAllowLoopbackPinentry, "no-allow-loopback-pinentry", + N_("disallow caller to override the pinentry")), + ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry", "@"), ARGPARSE_s_n (oAllowEmacsPinentry, "allow-emacs-pinentry", /* */ N_("allow passphrase to be prompted through Emacs")), @@ -626,6 +628,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) opt.ignore_cache_for_signing = 0; opt.allow_mark_trusted = 1; opt.allow_external_cache = 1; + opt.allow_loopback_pinentry = 1; opt.allow_emacs_pinentry = 0; opt.disable_scdaemon = 0; disable_check_own_socket = 0; @@ -699,6 +702,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) case oAllowPresetPassphrase: opt.allow_preset_passphrase = 1; break; case oAllowLoopbackPinentry: opt.allow_loopback_pinentry = 1; break; + case oNoAllowLoopbackPinentry: opt.allow_loopback_pinentry = 0; break; case oNoAllowExternalCache: opt.allow_external_cache = 0; break; @@ -1154,8 +1158,8 @@ main (int argc, char **argv ) #ifdef HAVE_W32_SYSTEM es_printf ("enable-putty-support:%lu:\n", GC_OPT_FLAG_NONE); #endif - es_printf ("allow-loopback-pinentry:%lu:\n", - GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME); + es_printf ("no-allow-loopback-pinentry:%lu:\n", + GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME); es_printf ("allow-emacs-pinentry:%lu:\n", GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME); es_printf ("pinentry-timeout:%lu:0:\n", diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index d89003625..2989d3b52 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -329,11 +329,13 @@ accept Root-CA keys. This option allows the use of @command{gpg-preset-passphrase} to seed the internal cache of @command{gpg-agent} with passphrases. -@anchor{option --allow-loopback-pinentry} +@anchor{option --no-allow-loopback-pinentry} +@item --no-allow-loopback-pinentry @item --allow-loopback-pinentry +@opindex no-allow-loopback-pinentry @opindex allow-loopback-pinentry -Allow clients to use the loopback pinentry features; see the option -@option{pinentry-mode} for details. +Disallow or allow clients to use the loopback pinentry features; see +the option @option{pinentry-mode} for details. Allow is the default. @item --no-allow-external-cache @opindex no-allow-external-cache @@ -1455,7 +1457,7 @@ following values are defined: Use a loopback pinentry. This fakes a pinentry by using inquiries back to the caller to ask for a passphrase. This option may only be set if the agent has been configured for that. - Use the @xref{option --allow-loopback-pinentry}. + To disable this feature use @xref{option --no-allow-loopback-pinentry}. @end table diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c index 45e5c90ea..4dd10a4c9 100644 --- a/tools/gpgconf-comp.c +++ b/tools/gpgconf-comp.c @@ -548,8 +548,8 @@ static gc_option_t gc_options_gpg_agent[] = { "no-allow-mark-trusted", GC_OPT_FLAG_RUNTIME, GC_LEVEL_ADVANCED, "gnupg", "disallow clients to mark keys as \"trusted\"", GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT }, - { "allow-loopback-pinentry", GC_OPT_FLAG_RUNTIME, - GC_LEVEL_EXPERT, "gnupg", "allow caller to override the pinentry", + { "no-allow-loopback-pinentry", GC_OPT_FLAG_RUNTIME, + GC_LEVEL_EXPERT, "gnupg", "disallow caller to override the pinentry", GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT }, { "no-grab", GC_OPT_FLAG_RUNTIME, GC_LEVEL_EXPERT, "gnupg", "do not grab keyboard and mouse", |