agent: New option --pinentry-timeout

* agent/gpg-agent.c (oPinentryTimeout): New. (opts): Add new option. (parse_rereadable_options): PArse that option. (main): Tell gpgconf about this option. * agent/call-pinentry.c (start_pinentry): Send option to Pinentry. * tools/gpgconf-comp.c (gc_options_gpg_agent): Add Option. -- GnuPG-bug-id: 2222 Signed-off-by: Werner Koch <wk@gnupg.org>
2016-01-20 11:22:44 +01:00 · 2016-01-20 11:22:44 +01:00 · 499743387f
parent c26d299ef6
commit 499743387f
5 changed files with 34 additions and 0 deletions
--- a/agent/agent.h
+++ b/agent/agent.h
@ -94,6 +94,11 @@ struct
     custom invisible character.  */
  char *pinentry_invisible_char;

+  /* The timeout value for the Pinentry in seconds.  This is passed to
+     the pinentry if it is not 0.  It is up to the pinentry to act
+     upon this timeout value.  */
+  unsigned long pinentry_timeout;
+
  /* The default and maximum TTL of cache entries. */
  unsigned long def_cache_ttl;     /* Default. */
  unsigned long def_cache_ttl_ssh; /* for SSH. */
--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@ -491,6 +491,18 @@ start_pinentry (ctrl_t ctrl)
        }
    }

+  if (opt.pinentry_timeout)
+    {
+      char *optstr;
+      if ((optstr = xtryasprintf ("SETTIMEOUT %lu", opt.pinentry_timeout)))
+        {
+          assuan_transact (entry_ctx, optstr, NULL, NULL, NULL, NULL, NULL,
+                           NULL);
+          /* We ignore errors because this is just a fancy thing.  */
+          xfree (optstr);
+        }
+    }
+
  /* Tell the pinentry the name of a file it shall touch after having
     messed with the tty.  This is optional and only supported by
     newer pinentries and thus we do no error checking. */
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -93,6 +93,7 @@ enum cmd_and_opt_values
  oPinentryProgram,
  oPinentryTouchFile,
  oPinentryInvisibleChar,
+  oPinentryTimeout,
  oDisplay,
  oTTYname,
  oTTYtype,
@ -168,6 +169,7 @@ static ARGPARSE_OPTS opts[] = {
                /* */             N_("|PGM|use PGM as the PIN-Entry program")),
  ARGPARSE_s_s (oPinentryTouchFile, "pinentry-touch-file", "@"),
  ARGPARSE_s_s (oPinentryInvisibleChar, "pinentry-invisible-char", "@"),
+  ARGPARSE_s_u (oPinentryTimeout, "pinentry-timeout", "@"),
  ARGPARSE_s_s (oScdaemonProgram, "scdaemon-program",
                /* */             N_("|PGM|use PGM as the SCdaemon program") ),
  ARGPARSE_s_n (oDisableScdaemon, "disable-scdaemon",
@ -580,6 +582,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
      opt.pinentry_touch_file = NULL;
      xfree (opt.pinentry_invisible_char);
      opt.pinentry_invisible_char = NULL;
+      opt.pinentry_timeout = 0;
      opt.scdaemon_program = NULL;
      opt.def_cache_ttl = DEFAULT_CACHE_TTL;
      opt.def_cache_ttl_ssh = DEFAULT_CACHE_TTL_SSH;
@ -632,6 +635,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
      xfree (opt.pinentry_invisible_char);
      opt.pinentry_invisible_char = xtrystrdup (pargs->r.ret_str); break;
      break;
+    case oPinentryTimeout: opt.pinentry_timeout = pargs->r.ret_ulong; break;
    case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break;
    case oDisableScdaemon: opt.disable_scdaemon = 1; break;
    case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;
@ -1124,6 +1128,8 @@ main (int argc, char **argv )
                 GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
      es_printf ("allow-emacs-pinentry:%lu:\n",
                 GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
+      es_printf ("pinentry-timeout:%lu:0:\n",
+                 GC_OPT_FLAG_DEFAULT|GC_OPT_FLAG_RUNTIME);

      agent_exit (0);
    }
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -402,6 +402,13 @@ This option asks the Pinentry to use @var{char} for displaying hidden
 characters.  @var{char} must be one character UTF-8 string.  A
 Pinentry may or may not honor this request.

+@item --pinentry-timeout @var{n}
+@opindex pinentry-timeout
+This option asks the Pinentry to timeout after @var{n} seconds with no
+user input.  The default value of 0 does not ask the pinentry to
+timeout, however a Pinentry may use its own default timeout value in
+this case.  A Pinentry may or may not honor this request.
+
@item --pinentry-program @var{filename}
@opindex pinentry-program
 Use program @var{filename} as the PIN entry.  The default is
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@ -582,6 +582,10 @@ static gc_option_t gc_options_gpg_agent[] =
     GC_LEVEL_EXPERT, "gnupg",
     N_("do not allow the reuse of old passphrases"),
     GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
+   { "pinentry-timeout", GC_OPT_FLAG_RUNTIME,
+     GC_LEVEL_ADVANCED, "gnupg",
+     N_("|N|set the Pinentry timeout to N seconds"),
+     GC_ARG_TYPE_UINT32, GC_BACKEND_GPG_AGENT },

   GC_OPTION_NULL
 };