agent: Make the request origin a part of the cache items.

* agent/cache.c (agent_put_cache): Add arg 'ctrl' and change all callers to pass it. (agent_get_cache): Ditto. * agent/cache.c (struct cache_items_s): Add field 'restricted'. (housekeeping): Adjust debug output. (agent_flush_cache): Ditto. (agent_put_cache): Ditto. Take RESTRICTED into account. (agent_get_cache): Ditto. -- If requests are coming from different sources they should not share the same cache. This way we make sure that a Pinentry pops up for a remote request to a key we have already used locally. GnuPG-bug-id: 3858 Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2018-03-27 08:40:58 +02:00 · 2018-03-27 08:40:58 +02:00 · 02dce8c0cc
commit 02dce8c0cc
parent eb68c2d3d1
8 changed files with 51 additions and 43 deletions
--- a/agent/genkey.c
+++ b/agent/genkey.c
@ -468,7 +468,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
    passphrase = NULL;
  else
    {
-      passphrase_buffer = agent_get_cache (cache_nonce, CACHE_MODE_NONCE);
+      passphrase_buffer = agent_get_cache (ctrl, cache_nonce, CACHE_MODE_NONCE);
      passphrase = passphrase_buffer;
    }

@ -528,7 +528,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
        }
      if (cache_nonce
          && !no_protection
-          && !agent_put_cache (cache_nonce, CACHE_MODE_NONCE,
+          && !agent_put_cache (ctrl, cache_nonce, CACHE_MODE_NONCE,
                               passphrase, ctrl->cache_ttl_opt_preset))
        agent_write_status (ctrl, "CACHE_NONCE", cache_nonce, NULL);
      if (preset && !no_protection)
@ -538,7 +538,7 @@ agent_genkey (ctrl_t ctrl, const char *cache_nonce,
 	  if (gcry_pk_get_keygrip (s_private, grip))
 	    {
 	      bin2hex(grip, 20, hexgrip);
-	      rc = agent_put_cache (hexgrip, CACHE_MODE_ANY, passphrase,
+	      rc = agent_put_cache (ctrl, hexgrip, CACHE_MODE_ANY, passphrase,
                                    ctrl->cache_ttl_opt_preset);
 	    }
 	}