Added annex.gnupg-decrypt-options and remote.<name>.annex-gnupg-decrypt-options, which are passed to gpg when it's decrypting data.

The naming is unofrtunately not consistent, but the gnupg-options
were only used for encrypting, and it's too late to change that.

It would be nice to have a third setting that is always passed to gnupg,
but ~/.gnupg/options can be used to specify such global options when really
needed.
This commit is contained in:
Joey Hess 2016-05-10 13:03:56 -04:00
parent 5f1c316b0c
commit 3f1aaa84c5
Failed to extract signature
8 changed files with 61 additions and 20 deletions

View file

@ -78,3 +78,4 @@ gpg: cannot open `/dev/tty': Device not configured
### Have you had any luck using git-annex before? (Sometimes we get tired of reading bug reports all day and a lil' positive end note does wonders)
> added annex.gnupg-decrypt-options; [[done]] --[[Joey]]

View file

@ -0,0 +1,19 @@
[[!comment format=mdwn
username="joey"
subject="""comment 1"""
date="2016-05-10T16:30:04Z"
content="""
annex.gnupg-options is only used when encrypting content, not when
decrypting. And it has to decrypt the shared encryption key first,
so that's why the error shows it was running gpg with --decrypt.
Probable, even if you were able to make it always run gpg with
--no-tty, it wouldn't help, because gpg needs to prompt for a passphrase.
There should be a way to get gnupg to use gpg-agent, which would let it
prompt for your password with a dialog box, rather than trying to prompt on
the terminal. That would work better with the webapp.
I do think there ought to be a config setting that allows passing options
to gpg when it's decrypting things, and so I'll add something.
"""]]