1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-12 21:58:50 +01:00
gnupg/g10
Daniel Kahn Gillmor 07c19981da gpg: add --passphrase-env VARNAME to read passphrase from environment
* g10/keydb.h: declare set_passphrase_from_environment_variable()
* g10/passphrase.c: set_passphrase_from_environment_variable() new
function
* g10/gpg.c: add new --passphrase-env argument, handle it.

--

There are problems or difficulties (to varying degrees) with all of
the techniques available for sending a passphrase directly to the
GnuPG process when --pinentry-mode=loopback:

 * Passphrases on the command line often leak into the process table.

 * Passphrases in a file often leak into the disk.

 * Using an extra file descriptor to send a passphrase works well on
   platforms that make it easy to allocate and use extra file
   descriptors, but is pretty awkward on platforms that don't
   facilitate this.

So this patch adds a new form of passphrase-passing, using an
environment variable.  In POSIX shell, this looks like (for example):

    mypass="IUuKctdEhH8' gpg --batch --pinentry-mode=loopback\
      --passphrase-env=mypass --decrypt < message.txt

Hopefully, this is easier to use than --passphrase-fd on platforms or
language toolkits that don't facilitate file descriptor manipulation.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-09-23 14:25:01 -04:00
..
all-tests.scm tests: Make it possible to run all tests using our infrastructure. 2017-05-11 18:12:37 +02:00
armor.c g10, sm, dirmngr, common: Add comment for fall through. 2017-05-10 11:13:12 +09:00
build-packet.c Fix use of strncpy, which is actually good to use memcpy. 2018-09-06 11:41:13 +09:00
call-agent.c gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
call-agent.h gpg: Prepare for longer card fingerprints. 2018-08-27 16:57:04 +02:00
call-dirmngr.c dirmngr: Emit SOURCE status also on NO_DATA. 2018-09-07 11:48:18 +02:00
call-dirmngr.h gpg: Store key origin info for new DANE and WKD retrieved keys. 2017-07-24 20:09:52 +02:00
card-util.c g10: Fix memory leak for --card-status. 2018-09-18 09:34:00 +09:00
ChangeLog-2011 Spelling: correct spelling of "passphrase". 2016-11-02 12:53:58 +01:00
cipher-aead.c gpg: Avoid writing a zero length last chunk in AEAD mode. 2018-02-28 09:39:57 +01:00
cipher-cfb.c gpg: Remove MDC options 2018-05-29 12:42:52 +02:00
compress-bz2.c g10,tools: Fix bzlib.h include order. 2017-04-11 13:52:19 +09:00
compress.c gpg: Fix minor memory leak in the compress filter. 2018-05-02 20:15:10 +02:00
cpr.c gpg: Emit FAILURE stati now in almost all cases. 2018-04-06 17:32:25 +02:00
dearmor.c Revert "g10: Always save standard revocation certificate in file." 2017-08-01 19:08:16 +02:00
decrypt-data.c gpg: Avoid writing a zero length last chunk in AEAD mode. 2018-02-28 09:39:57 +01:00
decrypt.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
dek.h gpg: First take on PKT_ENCRYPTED_AEAD. 2018-01-21 16:30:53 +01:00
delkey.c gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
distsigkey.gpg build: Update distsigkey.gpg 2017-11-22 20:54:47 +01:00
ecdh.c Use the gpgrt log functions if possible. 2017-11-27 15:00:25 +01:00
encrypt.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
exec.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
exec.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
export.c gpg: Let export-clean remove expired subkeys. 2018-07-09 09:49:21 +02:00
filter.h Merge branch 'STABLE-BRANCH-2-2' into master 2018-05-13 13:29:40 +02:00
free-packet.c gpg: Fix possible double free of the card serialno. 2017-07-21 17:49:10 +02:00
getkey.c gpg: Remove unused function get_pubkeys. 2018-08-29 11:53:59 +02:00
gpg-w32info.rc w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpg.c gpg: add --passphrase-env VARNAME to read passphrase from environment 2018-09-23 14:25:01 -04:00
gpg.h Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
gpg.w32-manifest.in w32: Add manifest to gpg. 2015-02-04 09:15:34 +01:00
gpgcompose.c g10: Fix memory leak for PKT_signature. 2018-07-03 09:07:03 +09:00
gpgsql.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
gpgsql.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
gpgv.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
helptext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
import.c g10: Fix memory leak. 2018-09-07 13:01:52 +09:00
kbnode.c gpg: Add option and preference framework for AEAD. 2018-01-10 11:51:03 +01:00
key-check.c gpg: Improve import's repair-key duplicate signature detection. 2018-06-07 18:41:17 +02:00
key-check.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
key-clean.c gpg: Remove multiple subkey bindings during export-clean. 2018-07-09 12:01:02 +02:00
key-clean.h gpg: Let export-clean remove expired subkeys. 2018-07-09 09:49:21 +02:00
keydb.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keydb.h gpg: add --passphrase-env VARNAME to read passphrase from environment 2018-09-23 14:25:01 -04:00
keyedit.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
keyedit.h gpg: Avoid output to the tty during import. 2017-07-27 11:38:57 +02:00
keygen.c gpg: Explain error message in key generation with --batch 2018-08-29 15:14:29 +02:00
keyid.c Merge branch 'STABLE-BRANCH-2-2' into master 2017-12-18 16:42:59 +01:00
keylist.c gpg: Remove unused arg from a function. 2018-08-28 15:16:19 +02:00
keyring.c gpg: Don't let gpg return failure on an invalid packet in a keyblock. 2018-02-22 14:23:01 +01:00
keyring.h gpg: Pass CTRL to many more functions. 2017-03-31 20:07:20 +02:00
keyserver-internal.h gpg: Pass key origin values to import functions. 2017-07-13 18:29:01 +02:00
keyserver.c gpg: Extend --key-origin to take an optional URL arg. 2017-07-24 21:10:58 +02:00
main.h gpg: Print revocation reason for "rev" records. 2018-06-21 20:28:51 +02:00
mainproc.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
Makefile.am gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
mdfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
migrate.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
misc.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
openfile.c gpg: Rename a misnomed arg in open_outfile. 2018-01-28 18:59:18 +01:00
options.h gpg: Ignore the multiple message override options. 2018-05-30 22:05:57 +02:00
packet.h gpg: New option --known-notation. 2018-08-29 09:36:09 +02:00
parse-packet.c gpg: New option --known-notation. 2018-08-29 09:36:09 +02:00
passphrase.c gpg: add --passphrase-env VARNAME to read passphrase from environment 2018-09-23 14:25:01 -04:00
photoid.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
photoid.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
pkclist.c gpg: Remove unused arg from a function. 2018-08-28 15:16:19 +02:00
pkglue.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pkglue.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
plaintext.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
progress.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
pubkey-enc.c g10: Enumerated keys for decryption should be unique. 2018-08-27 16:24:00 +09:00
pubring.asc Update copyright notices for 2017. 2017-01-23 19:16:55 +01:00
revoke.c gpg: Remove PGP6 compliance mode. 2018-05-29 13:01:12 +02:00
rmd160.c Clean up word replication. 2017-02-21 13:11:46 -05:00
rmd160.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
seckey-cert.c More change for common. 2017-03-07 20:32:09 +09:00
server.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
seskey.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
sig-check.c gpg: Prepare for signatures with ISSUER_FPR but without ISSUER. 2018-07-05 20:55:32 +02:00
sign.c g10: Fix memory leak for PKT_signature. 2018-07-03 09:07:03 +09:00
skclist.c g10: Fix another memory leak. 2018-09-14 08:11:45 +09:00
t-keydb-get-keyblock.c gpg: Fix actual leak and possible leaks in the packet parser. 2017-03-30 16:01:52 +02:00
t-keydb-get-keyblock.gpg gpg: Correctly handle keyblocks followed by legacy keys. 2015-11-17 14:53:03 +01:00
t-keydb-keyring.kbx g10: Add test for keydb as well as new testing infrastructure. 2015-09-02 15:08:57 +02:00
t-keydb.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-rmd160.c Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
t-stutter-data.asc gpg: Add a new test. 2016-03-08 14:08:49 +01:00
t-stutter.c g10: Stop compiler warning for t-stutter. 2017-05-10 11:13:03 +09:00
tdbdump.c Merge branch 'STABLE-BRANCH-2-2' into master 2018-03-27 08:48:00 +02:00
tdbio.c gpg: Auto-fix a broken trustdb with just the version record. 2018-03-26 18:20:16 +02:00
tdbio.h gpg: Pass CTRL arg to get_trusthashrec. 2018-03-26 18:06:43 +02:00
test-stubs.c g10: Change decryption key selection for public key encryption. 2018-08-27 13:12:31 +09:00
test.c tests: Locate resources and scripts relative to top source dir. 2017-04-24 14:14:05 +02:00
textfilter.c Remove -I option to common. 2017-03-07 20:25:54 +09:00
tofu.c Merge branch 'STABLE-BRANCH-2-2' into master 2017-12-18 16:42:59 +01:00
tofu.h g10: Remove dead code. 2016-12-06 12:16:56 +01:00
trust.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.c gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
trustdb.h gpg: Move key cleaning functions to a separate file. 2018-07-06 11:40:16 +02:00
verify.c Spelling fixes in docs and comments. 2017-04-28 10:06:33 +09:00
zlib-riscos.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00