agent: Add option --allow-emacs-pinentry

* agent/agent.h (opt): Add field allow_emacs_pinentry. * agent/call-pinentry.c (start_pinentry): Act upon new var. * agent/gpg-agent.c (oAllowEmacsPinentry): New. (opts): Add option --allow-emacs-pinentry. (parse_rereadable_options): Set this option. * tools/gpgconf-comp.c (gc_options_gpg_agent): Add new option. -- gpgconf-comp and manual entry added by wk. Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-09 21:07:00 +09:00 · 2015-06-09 21:07:00 +09:00 · 691dae270b
parent 25331bba55
commit 691dae270b
5 changed files with 34 additions and 1 deletions
--- a/agent/agent.h
+++ b/agent/agent.h
@ -133,6 +133,10 @@ struct
     to allow it to enable such a cache.  */
  int allow_external_cache;

+  /* If this global option is true, the Assuan option of Pinentry
+     allow-emacs-prompt is allowed.  */
+  int allow_emacs_pinentry;
+
  int keep_tty;      /* Don't switch the TTY (for pinentry) on request */
  int keep_display;  /* Don't switch the DISPLAY (for pinentry) on request */

--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@ -423,6 +423,16 @@ start_pinentry (ctrl_t ctrl)
        return unlock_pinentry (rc);
    }

+  if (opt.allow_emacs_pinentry)
+    {
+      /* Indicate to the pinentry that it may read passphrase through
+	 Emacs minibuffer, if possible.  */
+      rc = assuan_transact (entry_ctx, "OPTION allow-emacs-prompt",
+                            NULL, NULL, NULL, NULL, NULL, NULL);
+      if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
+        return unlock_pinentry (rc);
+    }
+

  {
    /* Provide a few default strings for use by the pinentries.  This
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -120,6 +120,7 @@ enum cmd_and_opt_values
  oAllowPresetPassphrase,
  oAllowLoopbackPinentry,
  oNoAllowExternalCache,
+  oAllowEmacsPinentry,
  oKeepTTY,
  oKeepDISPLAY,
  oSSHSupport,
@ -214,6 +215,8 @@ static ARGPARSE_OPTS opts[] = {
                /* */                    N_("allow presetting passphrase")),
  ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry",
                                   N_("allow caller to override the pinentry")),
+  ARGPARSE_s_n (oAllowEmacsPinentry,  "allow-emacs-pinentry",
+                /* */    N_("allow passphrase to be prompted through Emacs")),

  ARGPARSE_s_n (oSSHSupport,   "enable-ssh-support", N_("enable ssh support")),
  ARGPARSE_s_n (oPuttySupport, "enable-putty-support",
@ -565,6 +568,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
      opt.ignore_cache_for_signing = 0;
      opt.allow_mark_trusted = 1;
      opt.allow_external_cache = 1;
+      opt.allow_emacs_pinentry = 0;
      opt.disable_scdaemon = 0;
      disable_check_own_socket = 0;
      return 1;
@ -634,6 +638,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
    case oNoAllowExternalCache: opt.allow_external_cache = 0;
      break;

+    case oAllowEmacsPinentry: opt.allow_emacs_pinentry = 1;
+      break;
+
    default:
      return 0; /* not handled */
    }
@ -1080,6 +1087,8 @@ main (int argc, char **argv )
 #endif
      es_printf ("allow-loopback-pinentry:%lu:\n",
                 GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
+      es_printf ("allow-emacs-pinentry:%lu:\n",
+                 GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);

      agent_exit (0);
    }
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -314,6 +314,12 @@ which employs an additional external cache to implement such a policy.
 By using this option the Pinentry is advised not to make use of such a
 cache and instead always ask the user for the requested passphrase.

+@item --allow-emacs-pinentry
+@opindex allow-emacs-pinentry
+Tell Pinentry to allow features to divert the passphrase entry to a
+running Emacs instance.  How this is exactly handled depends on the
+version of the used Pinentry.
+
@item --ignore-cache-for-signing
@opindex ignore-cache-for-signing
 This option will let @command{gpg-agent} bypass the passphrase cache for all
@ -676,7 +682,7 @@ again.  Only certain options are honored: @code{quiet},
@code{debug-pinentry},
@code{no-grab}, @code{pinentry-program}, @code{default-cache-ttl},
@code{max-cache-ttl}, @code{ignore-cache-for-signing},
-@code{no-allow-external-cache},
+@code{no-allow-external-cache}, @code{allow-emacs-pinentry},
@code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
@code{disable-check-own-socket}.  @code{scdaemon-program} is also
 supported but due to the current implementation, which calls the
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@ -538,6 +538,10 @@ static gc_option_t gc_options_gpg_agent[] =
   { "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
     GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
     GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
+   { "allow-emacs-pinentry", GC_OPT_FLAG_RUNTIME,
+     GC_LEVEL_ADVANCED,
+     "gnupg", "allow passphrase to be prompted through Emacs",
+     GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
   { "no-allow-external-cache", GC_OPT_FLAG_RUNTIME,
     GC_LEVEL_BASIC, "gnupg", "disallow the use of an external password cache",
     GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },