diff --git a/g10/ChangeLog b/g10/ChangeLog index 4f0ca21ed..0c25ea443 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,11 @@ +2002-01-26 Werner Koch + + * g10.c, options.h: New option --gpg-agent-info + * passphrase.c (agent_open): Let it override the environment info. + * seckey-cert.c (check_secret_key): Always try 3 times when the + agent is enabled. + * options.skel: Describe --use-agent. + 2002-01-24 David Shaw * pubkey-enc.c (is_algo_in_prefs, get_it): Only check preferences diff --git a/g10/g10.c b/g10/g10.c index d2c010db3..47f07325c 100644 --- a/g10/g10.c +++ b/g10/g10.c @@ -247,6 +247,7 @@ enum cmd_and_opt_values { aNull = 0, oAutoKeyRetrieve, oNoAutoKeyRetrieve, oUseAgent, + oGpgAgentInfo, oMergeOnly, oTryAllSecrets, oTrustedKey, @@ -358,6 +359,7 @@ static ARGPARSE_OPTS opts[] = { { oDryRun, "dry-run", 0, N_("do not make any changes") }, /*{ oInteractive, "interactive", 0, N_("prompt before overwriting") }, */ { oUseAgent, "use-agent",0, N_("use the gpg-agent")}, + { oGpgAgentInfo, "gpg-agent-info",2, "@"}, { oBatch, "batch", 0, N_("batch mode: never ask")}, { oAnswerYes, "yes", 0, N_("assume yes on most questions")}, { oAnswerNo, "no", 0, N_("assume no on most questions")}, @@ -952,6 +954,7 @@ main( int argc, char **argv ) not_implemented("use-agent"); #endif /* __riscos__ */ break; + case oGpgAgentInfo: opt.gpg_agent_info = pargs.r.ret_str; break; case oAnswerYes: opt.answer_yes = 1; break; case oAnswerNo: opt.answer_no = 1; break; case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break; diff --git a/g10/options.h b/g10/options.h index 820cf280d..59d3928bc 100644 --- a/g10/options.h +++ b/g10/options.h @@ -133,6 +133,7 @@ struct { const char *override_session_key; int show_session_key; int use_agent; + const char *gpg_agent_info; int merge_only; int try_all_secrets; int no_expensive_trust_checks; diff --git a/g10/options.skel b/g10/options.skel index 79410d85b..4fac1df4c 100644 --- a/g10/options.skel +++ b/g10/options.skel @@ -180,3 +180,27 @@ lock-once # # Use your MIME handler to view photos: # photo-viewer "metamail -q -d -b -c image/jpeg -s 'KeyID 0x%k' -f GnuPG" + + +# Passphrase agent +# +# We support the old experimental passphrase agent protocol as well +# as the new Assuan based one (currently available in the "newpg" package +# at ftp.gnupg.org/gcrypt/alpha/aegypten/). To make use of the agent, you have +# to run an agent as daemon and use the option +# +# use-agent +# +# which tries to use the agent but will fallback to the regular mode +# if there is a problem connecting to the agent. The normal way to +# locate the agent is by looking at the environment variable +# GPG_AGENT_INFO which should have been set during gpg-agent startup. +# In certain situations the use of this variable is not possible, thus +# the option +# +# --gpg-agent-info=::1 +# +# may be used to override it. +# + + diff --git a/g10/passphrase.c b/g10/passphrase.c index 64a43d4eb..38629e758 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -368,13 +368,19 @@ agent_open (int *ret_prot) size_t len; int prot; - infostr = getenv ( "GPG_AGENT_INFO" ); - if ( !infostr ) { - log_error (_("gpg-agent is not available in this session\n")); - opt.use_agent = 0; - return -1; - } - infostr = m_strdup ( infostr ); + if (opt.gpg_agent_info) + infostr = m_strdup (opt.gpg_agent_info); + else + { + infostr = getenv ( "GPG_AGENT_INFO" ); + if ( !infostr ) { + log_error (_("gpg-agent is not available in this session\n")); + opt.use_agent = 0; + return -1; + } + infostr = m_strdup ( infostr ); + } + if ( !(p = strchr ( infostr, ':')) || p == infostr || (p-infostr)+1 >= sizeof client_addr.sun_path ) { log_error( _("malformed GPG_AGENT_INFO environment variable\n")); diff --git a/g10/seckey-cert.c b/g10/seckey-cert.c index b1780b1f9..aeb67d85a 100644 --- a/g10/seckey-cert.c +++ b/g10/seckey-cert.c @@ -178,7 +178,7 @@ check_secret_key( PKT_secret_key *sk, int n ) int i; if( n < 1 ) - n = opt.batch? 1 : 3; /* use the default value */ + n = (opt.batch && !opt.use_agent)? 1 : 3; /* use the default value */ for(i=0; i < n && rc == G10ERR_BAD_PASS; i++ ) { const char *tryagain = NULL;