jigen/git-remote-gcrypt
1
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity

Fix to work when there is no controlling terminal, but GPG_AGENT_INFO is set. Pass --no-tty to gpg in this situation. This is needed to interoperate with the git-annex assistant, which often runs without a controlling terminal, and will in a new version always do so.

Browse source 
Conflicts:
	debian/changelog
This commit is contained in:
Joey Hess 2014-05-15 14:27:56 -04:00
parent c826c39208
commit 8b619df24a
1 changed files with 19 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
git-remote-gcrypt
View file

@ -18,7 +18,6 @@
# See README.rst for usage instructions # See README.rst for usage instructions
set -e # errexit set -e # errexit
set -u # nounset
set -f # noglob set -f # noglob
set -C # noclobber set -C # noclobber
@ -313,14 +312,14 @@ CLEAN_FINAL()
ENCRYPT() ENCRYPT()
{ {
gpg --batch --force-mdc --compress-algo none --trust-model=always --passphrase-fd 3 -c 3<<EOF rungpg --batch --force-mdc --compress-algo none --trust-model=always --passphrase-fd 3 -c 3<<EOF
$1 $1
EOF EOF
} }
DECRYPT() DECRYPT()
{ {
gpg -q --batch --no-default-keyring --secret-keyring /dev/null \ rungpg -q --batch --no-default-keyring --secret-keyring /dev/null \
--keyring /dev/null --passphrase-fd 3 -d 3<<EOF --keyring /dev/null --passphrase-fd 3 -d 3<<EOF
$1 $1
EOF EOF
@ -333,7 +332,7 @@ PRIVENCRYPT()
if isnonnull "$Conf_signkey"; then if isnonnull "$Conf_signkey"; then
set -- "$@" -u "$Conf_signkey" set -- "$@" -u "$Conf_signkey"
fi fi
gpg --compress-algo none --trust-model=always -se "$@" rungpg --compress-algo none --trust-model=always -se "$@"
} }
# $1 is the match for good signature, $2 is the textual signers list # $1 is the match for good signature, $2 is the textual signers list
@ -341,7 +340,7 @@ PRIVDECRYPT()
{ {
local status_= local status_=
exec 4>&1 && exec 4>&1 &&
status_=$(gpg --status-fd 3 -q -d 3>&1 1>&4) && status_=$(rungpg --status-fd 3 -q -d 3>&1 1>&4) &&
xfeed "$status_" grep "^\[GNUPG:\] ENC_TO " >/dev/null && xfeed "$status_" grep "^\[GNUPG:\] ENC_TO " >/dev/null &&
(xfeed "$status_" grep -e "$1" >/dev/null || { (xfeed "$status_" grep -e "$1" >/dev/null || {
echo_info "Failed to verify manifest signature!" && echo_info "Failed to verify manifest signature!" &&
@ -353,17 +352,29 @@ PRIVDECRYPT()
# Generate $1 random bytes # Generate $1 random bytes
genkey() genkey()
{ {
gpg --armor --gen-rand 1 "$1" rungpg --armor --gen-rand 1 "$1"
} }
gpg_hash() gpg_hash()
{ {
local hash_= local hash_=
hash_=$(gpg --with-colons --print-md "$1" | tr A-F a-f) hash_=$(rungpg --with-colons --print-md "$1" | tr A-F a-f)
hash_=${hash_#:*:} hash_=${hash_#:*:}
xecho "${hash_%:}" xecho "${hash_%:}"
} }
rungpg()
{
# gpg will fail to run when there is no controlling tty,
# due to trying to print messages to it, even if a gpg agent is set
# up. --no-tty fixes this.
if [ "x$GPG_AGENT_INFO" != "x" ]; then
gpg --no-tty "$@"
else
gpg "$@"
fi
}
# Pass the branch/ref by pipe to git # Pass the branch/ref by pipe to git
safe_git_rev_parse() safe_git_rev_parse()
{ {
@ -407,7 +418,7 @@ read_config()
for recp_ in $conf_part for recp_ in $conf_part
do do
gpg_list=$(gpg --with-colons --fingerprint -k "$recp_") gpg_list=$(rungpg --with-colons --fingerprint -k "$recp_")
filter_to @r_keyinfo "pub*" "$gpg_list" filter_to @r_keyinfo "pub*" "$gpg_list"
filter_to @r_keyfpr "fpr*" "$gpg_list" filter_to @r_keyfpr "fpr*" "$gpg_list"
isnull "$r_keyinfo" || isnonnull "${r_keyinfo##*"$Newline"*}" || isnull "$r_keyinfo" || isnonnull "${r_keyinfo##*"$Newline"*}" ||