[PATCH GnuPG 3/4] gpg: --compliance={pgp7, pgp8} also now restore default options
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Jan 31 18:37:18 CET 2025
* g10/gpg.c (set_compliance_option): oPGP7 and oPGP8 both restore
policy-relevant default options before setting the compliance flag.
--
With this change, any ordering of --compliance options will always
result in the options selected from the last option given.
GnuPG-bug-id: 7501
Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
g10/gpg.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/g10/gpg.c b/g10/gpg.c
index 3442afd00..70e1a7b3c 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -2317,8 +2317,14 @@ set_compliance_option (enum cmd_and_opt_values option)
opt.s2k_cipher_algo = CIPHER_ALGO_3DES;
opt.flags.allow_old_cipher_algos = 1;
break;
- case oPGP7: opt.compliance = CO_PGP7; break;
- case oPGP8: opt.compliance = CO_PGP8; break;
+ case oPGP7:
+ set_compliance_option (oGnuPG);
+ opt.compliance = CO_PGP7;
+ break;
+ case oPGP8:
+ set_compliance_option (oGnuPG);
+ opt.compliance = CO_PGP8;
+ break;
case oGnuPG:
/* set up default options affected by policy compliance: */
opt.compliance = CO_GNUPG;
--
2.47.2
More information about the Gnupg-devel
mailing list