-
Notifications
You must be signed in to change notification settings - Fork 152
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow the user to configure a pinentry #202
Closed
Closed
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit
Hold shift + click to select a range
a67701e
Allow the user to configure a pinentry
rendaw 6a0e1cf
Fixed config consistency
rendaw bb9ec4d
Lint fixes
rendaw c7cb578
Refactor config parsing
rendaw ef8e77e
Use config in ssh verbosity; lint fixes
rendaw 23d9e8d
Merge remote-tracking branch 'upstream/master' into configure-pinentry
rendaw 5f6aae8
Also remove pylint warnings
rendaw fa8b71b
Make pin/passentry options long-form only
rendaw 8da63a1
Redo pin/passentry config for SSH using config argparse
rendaw 1e61b62
Forgot to add pin/passentry args to ssh agent
rendaw 0247c3d
Log when pin/passentry not found
rendaw da59ba4
Fix lint
rendaw 8d121dd
Merge remote-tracking branch 'upstream/master' into configure-pinentry
rendaw 316e407
Add documentation for PIN entry
rendaw File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -33,7 +33,12 @@ def export_public_key(device_type, args): | |
log.warning('NOTE: in order to re-generate the exact same GPG key later, ' | ||
'run this command with "--time=%d" commandline flag (to set ' | ||
'the timestamp of the GPG key manually).', args.time) | ||
c = client.Client(device=device_type()) | ||
config = {} | ||
if args.pinentry: | ||
config['pinentry-program'] = args.pinentry | ||
if args.passentry: | ||
config['passphrase-program'] = args.passentry | ||
c = client.Client(device=device_type(config=config)) | ||
identity = client.create_identity(user_id=args.user_id, | ||
curve_name=args.ecdsa_curve) | ||
verifying_key = c.pubkey(identity=identity, ecdh=False) | ||
|
@@ -151,10 +156,15 @@ def run_init(device_type, args): | |
|
||
# Prepare GPG agent configuration file | ||
with open(os.path.join(homedir, 'gpg-agent.conf'), 'w') as f: | ||
f.write("""# Hardware-based GPG agent emulator | ||
lines = """# Hardware-based GPG agent emulator | ||
log-file {0}/gpg-agent.log | ||
verbosity 2 | ||
""".format(homedir)) | ||
""".format(homedir) | ||
if args.pinentry: | ||
lines += 'pinentry-program {}\n'.format(args.pinentry) | ||
if args.passentry: | ||
lines += 'passentry-program {}\n'.format(args.passentry) | ||
f.write(lines) | ||
|
||
# Prepare a helper script for setting up the new identity | ||
with open(os.path.join(homedir, 'env'), 'w') as f: | ||
|
@@ -219,7 +229,8 @@ def run_agent(device_type): | |
env = {'GNUPGHOME': args.homedir} | ||
sock_path = keyring.get_agent_sock_path(env=env) | ||
pubkey_bytes = keyring.export_public_keys(env=env) | ||
handler = agent.Handler(device=device_type(), pubkey_bytes=pubkey_bytes) | ||
handler = agent.Handler(device=device_type(config=config), | ||
pubkey_bytes=pubkey_bytes) | ||
with server.unix_domain_socket_server(sock_path) as sock: | ||
for conn in agent.yield_connections(sock): | ||
with contextlib.closing(conn): | ||
|
@@ -255,6 +266,8 @@ def main(device_type): | |
p.add_argument('-t', '--time', type=int, default=int(time.time())) | ||
p.add_argument('-v', '--verbose', default=0, action='count') | ||
p.add_argument('-s', '--subkey', default=False, action='store_true') | ||
p.add_argument('-p', '--pinentry') | ||
p.add_argument('-pa', '--passentry') | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Maybe these would be better as long options only. |
||
p.set_defaults(func=run_init) | ||
|
||
p = subparsers.add_parser('unlock', help='unlock the hardware device') | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is Py2 specific. How would you handle compatibility in this case? Catch both? Wrap subprocess?