diff options
| author | Joey Hess <joey@kitenet.net> | 2014-07-15 17:16:32 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2014-07-15 17:16:32 -0400 |
| commit | 5dcc77f507d497fe4023e94a47b6a7a1f1146bce (patch) | |
| tree | 06bebf1b614dea06f77e31a7d61380f6ee47dfad | |
| parent | 0ce768c4ddc4f28d18f0b00dd6798f19fd1f7f8e (diff) | |
| download | git-remote-gcrypt-5dcc77f507d497fe4023e94a47b6a7a1f1146bce.zip git-remote-gcrypt-5dcc77f507d497fe4023e94a47b6a7a1f1146bce.tar.gz git-remote-gcrypt-5dcc77f507d497fe4023e94a47b6a7a1f1146bce.tar.bz2 | |
added gcrypt.publish-participants configuration
Fixes https://github.com/blake2-ppc/git-remote-gcrypt/issues/9
| -rw-r--r-- | README.rst | 12 | ||||
| -rwxr-xr-x | git-remote-gcrypt | 10 |
2 files changed, 21 insertions, 1 deletions
@@ -60,6 +60,17 @@ The following ``git-config(1)`` variables are supported: The ``gcrypt-participants`` setting on the remote takes precedence over the repository variable ``gcrypt.participants``. +``remote.<name>.gcrypt-publish-participants`` + .. +``gcrypt.publish-participants`` + By default, the gpg key ids of the participants are obscured by + encrypting using `gpg -R`. Setting this option to `true` disables + that security measure. + + The problem with using `gpg -R` is that to decrypt, gpg tries each + available secret key in turn until it finds a usable key. + This can result in unncessary passphrase prompts. + ``remote.<name>.gcrypt-signingkey`` .. ``user.signingkey`` @@ -68,6 +79,7 @@ The following ``git-config(1)`` variables are supported: part of the participant list. You may use the per-remote version to sign different remotes using different keys. + Environment Variables ===================== diff --git a/git-remote-gcrypt b/git-remote-gcrypt index 2295111..8d68669 100755 --- a/git-remote-gcrypt +++ b/git-remote-gcrypt @@ -406,6 +406,8 @@ read_config() git config --path user.signingkey || :) conf_part=$(git config --get "remote.$NAME.gcrypt-participants" '.+' || git config --get gcrypt.participants '.+' || :) + Conf_pubish_participants=$(git config --get --bool "remote.$NAME.gcrypt-publish-participants" '.+' || + git config --get --bool gcrypt.publish-participants || :) # Figure out which keys we should encrypt to or accept signatures from if isnull "$conf_part" || iseq "$conf_part" simple @@ -440,7 +442,13 @@ read_config() } # Check 'E'ncrypt capability cap_=$(xfeed "$r_keyinfo" cut -f 12 -d :) - iseq "${cap_#*E}" "$cap_" || Recipients="$Recipients -R $keyid_" + if ! iseq "${cap_#*E}" "$cap_"; then + if [ "$Conf_pubish_participants" = true ]; then + Recipients="$Recipients -r $keyid_" + else + Recipients="$Recipients -R $keyid_" + fi + fi done if isnull "$Recipients" |