From 13c023ab9ecfae147d40025849a6657e7eaa9634 Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Tue, 11 Dec 2012 21:44:33 -0500 Subject: [PATCH] Update to use "OPTION disable-pinentry". pwmc: make the ".set keyfile" and ".set new-keyfile" command require the data filename as well as the key filename in the argument list. This is needed to determine whether the data file requires gpg-agent or not. gpg-agent uses a loopback mode when using key files, but when no gpg-agent is used this option is needed for the OPEN command (chicken-and-egg-thingy). --- src/libpwmd.c | 10 ++++++++-- src/pwmc.c | 34 ++++++++++++++++++++++++++++++---- 2 files changed, 38 insertions(+), 6 deletions(-) diff --git a/src/libpwmd.c b/src/libpwmd.c index 59aab887..4d5e8dc3 100644 --- a/src/libpwmd.c +++ b/src/libpwmd.c @@ -1031,6 +1031,10 @@ static gpg_error_t send_pinentry_options(pwm_t *pwm) { gpg_error_t rc; + rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION disable-pinentry=0"); + if (rc) + return rc; + if (pwm->pinentry_tty) { rc = pwmd_command(pwm, NULL, NULL, NULL, NULL, "OPTION TTYNAME=%s", pwm->pinentry_tty); if (rc) @@ -1128,6 +1132,8 @@ gpg_error_t pwmd_open(pwm_t *pwm, const char *filename, pwmd_inquire_cb_t cb, if (!no_pinentry) rc = send_pinentry_options(pwm); + else + rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "OPTION disable-pinentry"); if (!rc) { pwm->pinentry_try = 0; @@ -1135,9 +1141,9 @@ gpg_error_t pwmd_open(pwm_t *pwm, const char *filename, pwmd_inquire_cb_t cb, pwm->filename = pwmd_strdup(filename); do { - rc = pwmd_command(pwm, NULL, NULL, cb, data, "OPEN %s%s%s", + rc = pwmd_command(pwm, NULL, NULL, cb, data, "OPEN %s%s", (pwm->opts & OPT_LOCK_ON_OPEN) ? "--lock " : "", - no_pinentry ? "--no-pinentry " : "", filename); + filename); } while (gpg_err_code(rc) == GPG_ERR_BAD_PASSPHRASE && no_pinentry && ++pwm->pinentry_try < pwm->pinentry_tries); diff --git a/src/pwmc.c b/src/pwmc.c index 6a2bd36d..24fa5487 100644 --- a/src/pwmc.c +++ b/src/pwmc.c @@ -960,6 +960,8 @@ static gpg_error_t set_command(const char *line) if (!strcmp(name, "keyfile") || !strcmp(name, "new-keyfile")) { int is_newkeyfile = 1; + int is_pkcs = 1; + char datafile[256]; if (!strcmp(name, "keyfile")) is_newkeyfile = 0; @@ -973,13 +975,37 @@ static gpg_error_t set_command(const char *line) keyfile = NULL; } - if (*valuep) { + p += strlen (valuep); + while (p && *p && isspace(*p)) + p++; + + valuep = (char *)p; + if (*valuep) + { + memcpy (datafile, value, sizeof(datafile)); + valuep = parse_arg (p, value, sizeof(value)); + rc = pwmd_command (pwm, NULL, NULL, NULL, NULL, "KEYGRIP %s", datafile); + if (gpg_err_code (rc) == GPG_ERR_NOT_SUPPORTED) + { + rc = 0; + is_pkcs = 0; + } + else if (!rc) + is_pkcs = 1; + } + + if (!rc && *valuep) { if (is_newkeyfile) new_keyfile = pwmd_strdup(value); else keyfile = pwmd_strdup(value); - rc = pwmd_command(pwm, NULL, NULL, NULL, NULL, "AGENT option pinentry-mode=loopback"); + if (!is_pkcs) + rc = 0; + else + rc = pwmd_command(pwm, NULL, NULL, NULL, NULL, + "AGENT option pinentry-mode=loopback"); + if (!rc) { rc = pwmd_setopt(pwm, PWMD_OPTION_NO_PINENTRY, 1); rc = pwmd_setopt(pwm, PWMD_OPTION_OVERRIDE_INQUIRE, 1); @@ -999,10 +1025,10 @@ static gpg_error_t set_command(const char *line) fprintf(stderr, N_( "Set a libpwmd or pwmc option. The option name and optional value is space\n" "delimited. When no value is specified the option is unset.\n\n" - "keyfile []\n" + "keyfile []\n" " set or unset the keyfile to be used when a passphrase is required\n" "\n" - "new-keyfile []\n" + "new-keyfile []\n" " set or unset the keyfile to be used when a new passphrase is required\n" )); } -- 2.11.4.GIT