* agent/agent.h (opt): New field 'ssh_fingerprint_digest'.
* agent/command-ssh.c (data_sign, ssh_identity_register): Honor the
option for strings used to communicate with the user.
* agent/findkey.c (agent_modify_description): Likewise.
* agent/gpg-agent.c (cmd_and_opt_values): New value.
(opts): New option '--ssh-fingerprint-digest'.
(parse_rereadable_options): Set the default to MD5 for now.
(main): Handle the new option.
* doc/gpg-agent.texi: Document the new option.
--
OpenSSH has transitioned from using MD5 to compute key fingerprints to
SHA256. This patch makes the digest used when communicating key
fingerprints to the user (e.g. in pinentry dialogs) configurable.
For now this patch conservatively defaults to MD5.
GnuPG-bug-id: 2106
Signed-off-by: Justus Winter <justus@g10code.com>
* agent/protect.c (PROT_DEFAULT_TO_OCB): Remove macro.
(agent_protect): Make the default protection mode depend on the extend
key format option.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpg-agent.texi: document "gpgconf --kill gpg-agent" for manual
agent termination.
This was requested in a side-comment in https://bugs.debian.org/840669
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* agent/gpg-agent.c (get_socket_path): Rename to ...
(get_socket_name): this. This is to comply with the GNU coding guide.
Use xtrymalloc instead of malloc. Do not build for W32.
(map_supervised_sockets): Use strtokenize and set the the socket names
here.
(main): Adjust for above change. Do not close the socket.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (get_socket_path): New function for POSIX systems
to return the path for a provided unix-domain socket.
(map_supervised_sockets): New function to inspect $LISTEN_FDS and
$LISTEN_FDNAMES and map them to the specific functionality offered by
the agent.
(main): Add --supervised command. When used, listen on already-open
file descriptors instead of opening our own.
* doc/gpg-agent.texi: Document --supervised option.
--
"gpg-agent --supervised" is a way to invoke gpg-agent such that a
system supervisor like systemd can provide socket-activated startup,
log management, and scheduled shutdown.
When running in this mode, gpg-agent:
* Does not open its own listening socket; rather, it expects to be
given a listening socket on incoming file descriptors.
* Does not detach from the invoking process, staying in the
foreground instead. Unless otherwise specified, logs are sent to
stderr.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
* agent/gpg-agent.c (main): Provide defaults for 'extra-socket' and
'browser-socket', enable ssh socket by default, but do not emit the
'SSH_AUTH_SOCK' variable unless it has been explicitly requested.
* configure.ac (GPG_AGENT_{EXTRA,BROWSER}_SOCK_NAME): New definitions.
* doc/gpg-agent.texi: Update documentation.
--
This change enables the restricted, browser, and ssh socket by
default. Note that in all cases, the user has to do some additional
configuration to her setup to make use of these features. Therefore,
this should not break any existing setups, but makes it simpler to
discover and use these features.
Signed-off-by: Justus Winter <justus@g10code.com>
--
The commands --help, --version, --dump-options are special in that
they can't be abbreciated on the command line. This is to avoid
problems with regular options with the same prefix.
Fixes-commit: 0a27d8a57c4c990fcada4278a1ce2e6fc9043e9
Signed-off-by: Werner Koch <wk@gnupg.org>
* tools/gpgconf.c (main) <aListDir>: Factor code out to ...
(list_dirs): new. Rewrite to use a table. Allow selection of a
items. Add "agent-ssh-socket".
--
This change makes the use of gpgconf in scripts easier. For example,
to set the envvar with the name of the socket used by ssh, it is now
possible to do this:
SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)"
which guarantees that the right name is used.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/command.c (cmd_delete_key): Make the --force option depend on
--disallow-loopback-passphrase.
* g10/call-agent.c (agent_delete_key): Add arg FORCE.
* g10/delkey.c (do_delete_key): Pass opt.answer_yes to
agent_delete_key.
--
Unless the agent has been configured with
--disallow-loopback-passpharse an unattended deletion of a secret key
is now possible with gpg by using --batch _and_ --yes.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oNoAllowLoopbackPinentry): New.
(opts): Add --no-allow-loopback-pinentry. Hide
description of --allow-loopback-pinentry.
(parse_rereadable_options): Set opt.allow_loopback_pinentry by
default.
(main): Replace allow-loopback-pinentry by no-allow-loopback-pinentry
in the gpgconf list.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Ditto.
--
Given that a user can anyway change that options in the gpg-agent.conf
file and that gpg needs to be invoked with --pinentry-mode=loopback
the former default does not make much sense - in that option is useful
at all. There was a discussion of this topic on gnupg-devel in April
without a clear result. So we try this new default and just in case
real problems are found for the majority of installations, we can
revert that. The new default is also aligned with GnuPG's policy to
make its use easier and only require users with very high security
standards to tweak certain options (those users have anyway modeled
their threat model and configured their software according to this).
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/gpg-agent.texi (Agent Options): Add comment to the description
of --debug-quick-random that rngd can also be used to quickly generate
key.
--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
* agent/agent.h (opt): Remove field ssh_support.
* agent/gpg-agent.c (ssh_support): New. Replace all opt.ssh_support
by this.
(main): Do not set ssh_support along with setting putty_support.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (opt): Add field allow_emacs_pinentry.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oAllowEmacsPinentry): New.
(opts): Add option --allow-emacs-pinentry.
(parse_rereadable_options): Set this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add new option.
--
gpgconf-comp and manual entry added by wk.
Signed-off-by: Werner Koch <wk@gnupg.org>
* doc/mkdefsinc.c: New.
* doc/Makefile.am: Include cmacros.am.
(EXTRA_DIST): Add mkdefsinc.c defsincdate.
(BUILT_SOURCES): Add defsincdate
(CLEANFILES): Add mkdefsinc and defs.inc.
(mkdefsinc): New rule.
(yat2m-stamp): Depend on defs.inc.
($(myman_pages) gnupg.7): Ditto.
(gnupg.texi): Remove rule to touch itself.
(dist-hook): New.
(defsincdate): New.
(defs.inc): New.
* doc/gnupg.texi: Remove inclusion of version.texi. Include defs.inc.
Also include defs.inc in all files used to build man files. Change
fixed directory names to those from defs.inc.
--
GnuPG-bug-id: 1661
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/agent.h (opt): Add field allow_external_cache.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oNoAllowExternalCache): New.
(opts): Add option --no-allow-external-cache.
(parse_rereadable_options): Set this option.
--
Pinentry 0.9.2 may be build with libsecret support and thus an extra
checkbox is displayed to allow the user to get passwords out of an
libsecret maintained cache. Security aware user may want to avoid
this feature and may do this at runtime by enabling this option.
Signed-off-by: Werner Koch <wk@gnupg.org>
* agent/gpg-agent.c (oDebugPinentry): New.
(opts): Add --debug-pinentry.
(parse_rereadable_options): Set that option.
* agent/call-pinentry.c (start_pinentry): Pass option to
assuan_set_flag.
--
This option is quite useful to see the IPC between gpg-agent and
Pinentry. Note that "debug 1024" is also required.
Signed-off-by: Werner Koch <wk@gnupg.org>
* common/homedir.c (get_default_pinentry_name): New.
(gnupg_module_name): Use that for the default pinentry.
(gnupg_module_name_flush_some): New.
* agent/gpg-agent.c (agent_sighup_action): Flush some module names.
* agent/call-pinentry.c (start_pinentry): Do not modify
opt.pinentry_program.
--
The idea with this change is that under Windows we can install a
simple native Windows pinentry as "pinentry-basic" and a full GUI
version may then later install pinentry-gtk etc which would then
automatically be used.
Unfortunately installing another pinentry from a different package
would clobber the GnuPG core directory which is not nice. To fix that
we would need to agree on standard installation directories for GUIs
to also look there.
Signed-off-by: Werner Koch <wk@gnupg.org>
--
GnuPG-bug-id: 1602
I added options shown with --help but missing in the man page.
However, --help won't show everything listed in the man age and
frankly there are even more options not listed anywhere (to see them
use --dump-options).
doc: Document no-allow-mark-trusted for gpg-agent
* doc/gpg-agent.texi: Change allow-mark-trusted doc to
no-allow-mark-trusted.
--
Since rev. 78a56b14 allow-mark-trusted is the default option
and was replaced by no-allow-mark-trusted to disable the
interactive prompt.
Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
* agent/agent.h (opt): Add field extra_socket.
(server_control_s): Add field restricted.
* agent/command.c: Check restricted flag on many commands.
* agent/gpg-agent.c (oExtraSocket): New.
(opts): Add option --extra-socket.
(socket_name_extra): New.
(cleanup): Cleanup that socket name.
(main): Implement oExtraSocket.
(create_socket_name): Add arg homedir and change all callers.
(create_server_socket): Rename arg is_ssh to primary and change
callers.
(start_connection_thread): Take ctrl as arg.
(start_connection_thread_std): New.
(start_connection_thread_extra): New.
(handle_connections): Add arg listen_fd_extra and replace the
connection starting code by parameterized loop.
* common/asshelp.c (start_new_gpg_agent): Detect the use of the
restricted mode and don't fail on sending the pinentry environment.
* common/util.h (GPG_ERR_FORBIDDEN): New.
* agent/gpg-agent.c (oDebugQuickRandom): New.
(opts): New option --debug-quick-random.
(main): Use new option.
* common/asshelp.c (start_new_gpg_agent): Add hack to pass an
additional argument for the agent name.
* tests/openpgp/defs.inc: Pass --debug-quick-random to the gpg-agent
starting parameters.
* tests/openpgp/version.test: Ditto.
Signed-off-by: Werner Koch <wk@gnupg.org>