From 345794cfe671c66f32fb63bb37bd41b19517359f Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 4 Mar 2024 14:56:16 +0100
Subject: gpg: Fix mixed invocation with --trusted-keys and --no-options.

* g10/trustdb.c: Move a function and some definitions around.
(user_utk_list): Rename to trusted_key_list.  Change all users.
(any_trusted_key_seen): New.
(tdb_register_trusted_key): Set it here.  Handle the new value "none".
(verify_own_keys): Do not delete a trusted key from the trustdb if a
trusted-key option was not used.
--

GnuPG-bug-id: 7025
---
 doc/gpg.texi | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'doc')

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 26e0ebdcd..1d1c38cd9 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1776,7 +1776,9 @@ useful if you don't want to keep your secret keys (or one of them)
 online but still want to be able to check the validity of a given
 recipient's or signator's key.  If the given key is not locally
 available but an LDAP keyserver is configured the missing key is
-imported from that server.
+imported from that server.  The value "none" is explicitly allowed to
+distinguish between the use of any trusted-key option and no use of
+this option at all (e.g. due to the @option{--no-options} option).
 
 @item --add-desig-revoker [sensitive:]@var{fingerprint}
 @opindex add-desig-revoker
-- 
cgit v1.2.3