agent: New option --disable-check-own-socket.

* agent/gpg-agent.c (oDisableCheckOwnSocket): New. (disable_check_own_socket): New. (parse_rereadable_options): Set new option. (check_own_socket): Implement new option. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-01-03 12:11:33 +01:00 · 2013-05-21 12:10:00 +01:00 · 2013-05-21 12:10:00 +01:00 · f2d8a14e1b
commit f2d8a14e1b
parent 88e24341e5
2 changed files with 30 additions and 8 deletions
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -112,6 +112,7 @@ enum cmd_and_opt_values
  oKeepDISPLAY,
  oSSHSupport,
  oDisableScdaemon,
+  oDisableCheckOwnSocket,
  oWriteEnvFile
 };

@ -148,6 +149,7 @@ static ARGPARSE_OPTS opts[] = {
  { oScdaemonProgram, "scdaemon-program", 2 ,
                               N_("|PGM|use PGM as the SCdaemon program") },
  { oDisableScdaemon, "disable-scdaemon", 0, N_("do not use the SCdaemon") },
+  { oDisableCheckOwnSocket, "disable-check-own-socket", 0, "@" },
  { oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */

  { oBatch,      "batch",       0, "@" },
@ -232,6 +234,9 @@ static int shutdown_pending;
 /* Counter for the currently running own socket checks.  */
 static int check_own_socket_running;

+/* Flags to indicate that check_own_socket shall not be called.  */
+static int disable_check_own_socket;
+
 /* It is possible that we are currently running under setuid permissions */
 static int maybe_setuid = 1;

@ -491,6 +496,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
      opt.ignore_cache_for_signing = 0;
      opt.allow_mark_trusted = 0;
      opt.disable_scdaemon = 0;
+      disable_check_own_socket = 0;
      return 1;
    }

@ -521,6 +527,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
    case oPinentryTouchFile: opt.pinentry_touch_file = pargs->r.ret_str; break;
    case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break;
    case oDisableScdaemon: opt.disable_scdaemon = 1; break;
+    case oDisableCheckOwnSocket: disable_check_own_socket = 1; break;

    case oDefCacheTTL: opt.def_cache_ttl = pargs->r.ret_ulong; break;
    case oDefCacheTTLSSH: opt.def_cache_ttl_ssh = pargs->r.ret_ulong; break;
@ -2174,6 +2181,9 @@ check_own_socket (void)
  npth_attr_t tattr;
  int err;

+  if (disable_check_own_socket)
+    return;
+
  if (!opt.use_standard_socket)
    return; /* This check makes only sense in standard socket mode.  */

--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@ -449,6 +449,16 @@ Do not make use of the scdaemon tool.  This option has the effect of
 disabling the ability to do smartcard operations.  Note, that enabling
 this option at runtime does not kill an already forked scdaemon.

+@ifset gpgtwoone
+@item --disable-check-own-socket
+@opindex disable-check-own-socket
+@command{gpg-agent} employs a periodic self-test to detect a stolen
+socket.  This usually means a second instance of @command{gpg-agent}
+has taken over the socket and @command{gpg-agent} will then terminate
+itself.  This option may be used to disable this self-test for
+debugging purposes.
+@end ifset
+
@item --use-standard-socket
@itemx --no-use-standard-socket
@opindex use-standard-socket
@ -695,14 +705,16 @@ Here is a list of supported signals:
@item SIGHUP
@cpindex SIGHUP
 This signal flushes all cached passphrases and if the program has been
-started with a configuration file, the configuration file is read again.
-Only certain options are honored: @code{quiet}, @code{verbose},
-@code{debug}, @code{debug-all}, @code{debug-level}, @code{no-grab},
-@code{pinentry-program}, @code{default-cache-ttl}, @code{max-cache-ttl},
-@code{ignore-cache-for-signing}, @code{allow-mark-trusted} and
-@code{disable-scdaemon}.  @code{scdaemon-program} is also supported but
-due to the current implementation, which calls the scdaemon only once,
-it is not of much use unless you manually kill the scdaemon.
+started with a configuration file, the configuration file is read
+again.  Only certain options are honored: @code{quiet},
+@code{verbose}, @code{debug}, @code{debug-all}, @code{debug-level},
+@code{no-grab}, @code{pinentry-program}, @code{default-cache-ttl},
+@code{max-cache-ttl}, @code{ignore-cache-for-signing},
+@code{allow-mark-trusted}, @code{disable-scdaemon}, and
+@code{disable-check-own-socket}.  @code{scdaemon-program} is also
+supported but due to the current implementation, which calls the
+scdaemon only once, it is not of much use unless you manually kill the
+scdaemon.


@item SIGTERM