security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-03 12:11:33 +01:00
Code Activity

Added option --inquire to PRESET_PASSPHRASE. Note that the inquired passphrase will be truncated to the first encountered null byte.

Browse Source
This commit is contained in:
Ben Kibbey 2011-03-03 22:20:08 -05:00 committed by Werner Koch
parent b786f0e12b
commit 3582e2efa4
2 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
agent/ChangeLog
View File

@ -1,3 +1,7 @@
2011-03-03 Ben Kibbey <bjk@luxsci.net>
* command.c (cmd_preset_passphrase): Add option --inquire.
2011-03-03 Werner Koch <wk@g10code.com> 2011-03-03 Werner Koch <wk@g10code.com>
* gpg-agent.c: Add option --allow-loopback-pinentry. * gpg-agent.c: Add option --allow-loopback-pinentry.

28
agent/command.c
View File

@ -1528,25 +1528,29 @@ cmd_passwd (assuan_context_t ctx, char *line)
static const char hlp_preset_passphrase[] = static const char hlp_preset_passphrase[] =
"PRESET_PASSPHRASE <string_or_keygrip> <timeout> <hexstring>\n" "PRESET_PASSPHRASE [--inquire] <string_or_keygrip> <timeout> [<hexstring>]\n"
"\n" "\n"
"Set the cached passphrase/PIN for the key identified by the keygrip\n" "Set the cached passphrase/PIN for the key identified by the keygrip\n"
"to passwd for the given time, where -1 means infinite and 0 means\n" "to passwd for the given time, where -1 means infinite and 0 means\n"
"the default (currently only a timeout of -1 is allowed, which means\n" "the default (currently only a timeout of -1 is allowed, which means\n"
"to never expire it). If passwd is not provided, ask for it via the\n" "to never expire it). If passwd is not provided, ask for it via the\n"
"pinentry module."; "pinentry module unless --inquire is passed in which case the passphrase\n"
"is retrieved from the client via a server inquire.\n";
static gpg_error_t static gpg_error_t
cmd_preset_passphrase (assuan_context_t ctx, char *line) cmd_preset_passphrase (assuan_context_t ctx, char *line)
{ {
int rc; int rc;
char *grip_clear = NULL; char *grip_clear = NULL;
char *passphrase = NULL; unsigned char *passphrase = NULL;
int ttl; int ttl;
size_t len; size_t len;
int opt_inquire;
if (!opt.allow_preset_passphrase) if (!opt.allow_preset_passphrase)
return set_error (GPG_ERR_NOT_SUPPORTED, "no --allow-preset-passphrase"); return set_error (GPG_ERR_NOT_SUPPORTED, "no --allow-preset-passphrase");
opt_inquire = has_option (line, "--inquire");
line = skip_options (line);
grip_clear = line; grip_clear = line;
while (*line && (*line != ' ' && *line != '\t')) while (*line && (*line != ' ' && *line != '\t'))
line++; line++;
@ -1577,17 +1581,35 @@ cmd_preset_passphrase (assuan_context_t ctx, char *line)
required. */ required. */
if (*line) if (*line)
{ {
if (opt_inquire)
{
rc = set_error (GPG_ERR_ASS_PARAMETER,
"both --inquire and passphrase specified");
goto leave;
}
/* Do in-place conversion. */ /* Do in-place conversion. */
passphrase = line; passphrase = line;
if (!hex2str (passphrase, passphrase, strlen (passphrase)+1, NULL)) if (!hex2str (passphrase, passphrase, strlen (passphrase)+1, NULL))
rc = set_error (GPG_ERR_ASS_PARAMETER, "invalid hexstring"); rc = set_error (GPG_ERR_ASS_PARAMETER, "invalid hexstring");
} }
else if (opt_inquire)
{
/* Note that the passphrase will be truncated at any null byte and the
* limit is 480 characters. */
rc = assuan_inquire (ctx, "PASSPHRASE", &passphrase, &len, 480);
}
else else
rc = set_error (GPG_ERR_NOT_IMPLEMENTED, "passphrase is required"); rc = set_error (GPG_ERR_NOT_IMPLEMENTED, "passphrase is required");
if (!rc) if (!rc)
{
rc = agent_put_cache (grip_clear, CACHE_MODE_ANY, passphrase, ttl); rc = agent_put_cache (grip_clear, CACHE_MODE_ANY, passphrase, ttl);
if (opt_inquire)
xfree (passphrase);
}
leave:
return leave_cmd (ctx, rc); return leave_cmd (ctx, rc);
} }