agent: New option --change-std-env-name.

* common/session-env.c (stdenvnames): Add field "disabled". (INITIAL_ARRAYSIZE): Increase size a bit. (session_env_mod_stdenvnames): New. (session_env_list_stdenvnames): Handle the disabled flag. * agent/gpg-agent.c (oChangeStdEnvName): New. (opts): Add --change-std-env-name. (main): Implement option. -- GnuPG-bug-id: 7522
2025-02-21 19:48:05 +01:00 · 2025-02-12 11:15:21 +01:00 · 2025-02-12 11:15:21 +01:00 · 7a47252516
commit 7a47252516
parent 8c753cb7c9
4 changed files with 60 additions and 7 deletions
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -146,6 +146,7 @@ enum cmd_and_opt_values
  oAutoExpandSecmem,
  oListenBacklog,
  oInactivityTimeout,
+  oChangeStdEnvName,

  oWriteEnvFile,

@ -239,7 +240,7 @@ static gpgrt_opt_t opts[] = {
  ARGPARSE_s_i (oListenBacklog, "listen-backlog", "@"),
  ARGPARSE_op_u (oAutoExpandSecmem, "auto-expand-secmem", "@"),
  ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"),
-
+  ARGPARSE_s_s (oChangeStdEnvName, "change-std-env-name", "@"),

  ARGPARSE_header ("Security", N_("Options controlling the security")),

@ -1299,6 +1300,10 @@ main (int argc, char **argv)
        case oKeepTTY: opt.keep_tty = 1; break;
        case oKeepDISPLAY: opt.keep_display = 1; break;

+        case oChangeStdEnvName:
+          session_env_mod_stdenvnames (pargs.r.ret_str);
+          break;
+
 	case oSSHSupport:
          ssh_support = 1;
          break;
--- a/common/session-env.c
+++ b/common/session-env.c
@ -63,6 +63,7 @@ static struct
 {
  const char *name;
  const char *assname;  /* Name used by Assuan or NULL.  */
+  unsigned int disabled;/* The entry is not valid        */
 } stdenvnames[] = {
  { "GPG_TTY", "ttyname" },      /* GnuPG specific envvar.  */
  { "TERM",    "ttytype" },      /* Used to set ttytype. */
@ -97,11 +98,41 @@ static struct
   allocation.  Note that this is not reentrant if used with a
   preemptive thread model.  */
 static size_t lastallocatedarraysize;
-#define INITIAL_ARRAYSIZE 8  /* Let's use the number of stdenvnames.  */
-#define CHUNK_ARRAYSIZE 10
+#define INITIAL_ARRAYSIZE 14  /* Let's use the number of stdenvnames.  */
+#define CHUNK_ARRAYSIZE 16
 #define MAXDEFAULT_ARRAYSIZE (INITIAL_ARRAYSIZE + CHUNK_ARRAYSIZE * 5)


+/* Modify the list of environment names which are known to gpg-agent.
+ * This function must be called before the session names are used and
+ * should not be changed later.  The syntax for NAME is:
+ *
+ *    -FOO        := Remove the environment variable FOO from the list
+ *    [+]FOO      := Add the environment variable FOO to the list
+ *    [+]FOO:bar  := Ditto, but also add "bar" as Assuan alias.
+ *
+ * Note that adding environment variables is not yet supported and
+ * silently ignored.
+ */
+void
+session_env_mod_stdenvnames (const char *name)
+{
+  int idx;
+
+  if (*name != '-')
+    return;
+  name++;
+  if (!*name)
+    return;
+
+  for (idx = 0; idx < DIM (stdenvnames); idx++)
+    {
+      if (!strcmp (stdenvnames[idx].name, name))
+        stdenvnames[idx].disabled = 1;
+    }
+}
+
+
 /* Return the names of standard environment variables one after the
   other.  The caller needs to set the value at the address of
   ITERATOR initially to 0 and then call this function until it
@ -133,6 +164,8 @@ session_env_list_stdenvnames (int *iterator, const char **r_assname)
          p = commastring;
          for (idx = 0; idx < DIM (stdenvnames); idx++)
            {
+              if (stdenvnames[idx].disabled)
+                continue;
              if (idx)
                *p++ = ',';
              p = stpcpy (p, stdenvnames[idx].name);
@ -142,10 +175,14 @@ session_env_list_stdenvnames (int *iterator, const char **r_assname)
      return commastring;
    }

-  idx = *iterator;
-  if (idx < 0 || idx >= DIM (stdenvnames))
-    return NULL;
-  *iterator = idx + 1;
+  do
+    {
+      idx = *iterator;
+      if (idx < 0 || idx >= DIM (stdenvnames))
+        return NULL;
+      *iterator = idx + 1;
+    }
+  while (stdenvnames[idx].disabled);
  if (r_assname)
    *r_assname = stdenvnames[idx].assname;
  return stdenvnames[idx].name;
--- a/common/session-env.h
+++ b/common/session-env.h
@ -33,6 +33,7 @@
 struct session_environment_s;
 typedef struct session_environment_s *session_env_t;

+void session_env_mod_stdenvnames (const char *name);
 const char *session_env_list_stdenvnames (int *iterator,
                                          const char **r_assname);

--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -588,6 +588,16 @@ Ignore requests to change the current @code{tty} or X window system's
@code{DISPLAY} variable respectively.  This is useful to lock the
 pinentry to pop up at the @code{tty} or display you started the agent.

+@item --change-std-env-name -@var{name}
+@opindex change-std-env-name
+The agent uses a fixed list of environment variables which are passed
+on to the Pinentry.  This option allows to remove variables from that
+list.  For example:
+@smallexample
+  change-std-env-name -DBUS_SESSION_BUS_ADDRESS
+@end smallexample
+
+
@item --listen-backlog @var{n}
@opindex listen-backlog
 Set the size of the queue for pending connections.  The default is 64.