Fix to work when there is no controlling terminal, but GPG_AGENT_INFO is set. Pass --no-tty to gpg in this situation. This is needed to interoperate with the git-annex assistant, which often runs without a controlling terminal, and will in a new version always do so.
Conflicts: debian/changelog
This commit is contained in:
Joey Hess
parent
c826c39208
commit
8b619df24a
1 changed files with 19 additions and 8 deletions
|
|
@ -18,7 +18,6 @@
|
|||
# See README.rst for usage instructions
|
||||
|
||||
set -e # errexit
|
||||
set -u # nounset
|
||||
set -f # noglob
|
||||
set -C # noclobber
|
||||
|
||||
|
|
@ -313,14 +312,14 @@ CLEAN_FINAL()
|
|||
|
||||
ENCRYPT()
|
||||
{
|
||||
gpg --batch --force-mdc --compress-algo none --trust-model=always --passphrase-fd 3 -c 3<<EOF
|
||||
rungpg --batch --force-mdc --compress-algo none --trust-model=always --passphrase-fd 3 -c 3<<EOF
|
||||
$1
|
||||
EOF
|
||||
}
|
||||
|
||||
DECRYPT()
|
||||
{
|
||||
gpg -q --batch --no-default-keyring --secret-keyring /dev/null \
|
||||
rungpg -q --batch --no-default-keyring --secret-keyring /dev/null \
|
||||
--keyring /dev/null --passphrase-fd 3 -d 3<<EOF
|
||||
$1
|
||||
EOF
|
||||
|
|
@ -333,7 +332,7 @@ PRIVENCRYPT()
|
|||
if isnonnull "$Conf_signkey"; then
|
||||
set -- "$@" -u "$Conf_signkey"
|
||||
fi
|
||||
gpg --compress-algo none --trust-model=always -se "$@"
|
||||
rungpg --compress-algo none --trust-model=always -se "$@"
|
||||
}
|
||||
|
||||
# $1 is the match for good signature, $2 is the textual signers list
|
||||
|
|
@ -341,7 +340,7 @@ PRIVDECRYPT()
|
|||
{
|
||||
local status_=
|
||||
exec 4>&1 &&
|
||||
status_=$(gpg --status-fd 3 -q -d 3>&1 1>&4) &&
|
||||
status_=$(rungpg --status-fd 3 -q -d 3>&1 1>&4) &&
|
||||
xfeed "$status_" grep "^\[GNUPG:\] ENC_TO " >/dev/null &&
|
||||
(xfeed "$status_" grep -e "$1" >/dev/null || {
|
||||
echo_info "Failed to verify manifest signature!" &&
|
||||
|
|
@ -353,17 +352,29 @@ PRIVDECRYPT()
|
|||
# Generate $1 random bytes
|
||||
genkey()
|
||||
{
|
||||
gpg --armor --gen-rand 1 "$1"
|
||||
rungpg --armor --gen-rand 1 "$1"
|
||||
}
|
||||
|
||||
gpg_hash()
|
||||
{
|
||||
local hash_=
|
||||
hash_=$(gpg --with-colons --print-md "$1" | tr A-F a-f)
|
||||
hash_=$(rungpg --with-colons --print-md "$1" | tr A-F a-f)
|
||||
hash_=${hash_#:*:}
|
||||
xecho "${hash_%:}"
|
||||
}
|
||||
|
||||
rungpg()
|
||||
{
|
||||
# gpg will fail to run when there is no controlling tty,
|
||||
# due to trying to print messages to it, even if a gpg agent is set
|
||||
# up. --no-tty fixes this.
|
||||
if [ "x$GPG_AGENT_INFO" != "x" ]; then
|
||||
gpg --no-tty "$@"
|
||||
else
|
||||
gpg "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
# Pass the branch/ref by pipe to git
|
||||
safe_git_rev_parse()
|
||||
{
|
||||
|
|
@ -407,7 +418,7 @@ read_config()
|
|||
|
||||
for recp_ in $conf_part
|
||||
do
|
||||
gpg_list=$(gpg --with-colons --fingerprint -k "$recp_")
|
||||
gpg_list=$(rungpg --with-colons --fingerprint -k "$recp_")
|
||||
filter_to @r_keyinfo "pub*" "$gpg_list"
|
||||
filter_to @r_keyfpr "fpr*" "$gpg_list"
|
||||
isnull "$r_keyinfo" || isnonnull "${r_keyinfo##*"$Newline"*}" ||
|
||||
|
|
|
|||
Loading…
Reference in a new issue