agent: Add option --allow-emacs-pinentry

* agent/agent.h (opt): Add field allow_emacs_pinentry.
* agent/call-pinentry.c (start_pinentry): Act upon new var.
* agent/gpg-agent.c (oAllowEmacsPinentry): New.
(opts): Add option --allow-emacs-pinentry.
(parse_rereadable_options): Set this option.
* tools/gpgconf-comp.c (gc_options_gpg_agent): Add new option.
--

gpgconf-comp and manual entry added by wk.

Signed-off-by: Werner Koch <[email protected]>

5 files changed, 34 insertions, 1 deletions

diff --git a/agent/agent.h b/agent/agent.h
index dbbf68922..ab8dc9f22 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -133,6 +133,10 @@ struct
      to allow it to enable such a cache.  */
   int allow_external_cache;
 
+  /* If this global option is true, the Assuan option of Pinentry
+     allow-emacs-prompt is allowed.  */
+  int allow_emacs_pinentry;
+
   int keep_tty;      /* Don't switch the TTY (for pinentry) on request */
   int keep_display;  /* Don't switch the DISPLAY (for pinentry) on request */
 
diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
index 018a609a3..ba40f4dc1 100644
--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@@ -423,6 +423,16 @@ start_pinentry (ctrl_t ctrl)
         return unlock_pinentry (rc);
     }
 
+  if (opt.allow_emacs_pinentry)
+    {
+      /* Indicate to the pinentry that it may read passphrase through
+	 Emacs minibuffer, if possible.  */
+      rc = assuan_transact (entry_ctx, "OPTION allow-emacs-prompt",
+                            NULL, NULL, NULL, NULL, NULL, NULL);
+      if (rc && gpg_err_code (rc) != GPG_ERR_UNKNOWN_OPTION)
+        return unlock_pinentry (rc);
+    }
+
 
   {
     /* Provide a few default strings for use by the pinentries.  This
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c
index 659aa2c29..2acb65063 100644
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@@ -120,6 +120,7 @@ enum cmd_and_opt_values
   oAllowPresetPassphrase,
   oAllowLoopbackPinentry,
   oNoAllowExternalCache,
+  oAllowEmacsPinentry,
   oKeepTTY,
   oKeepDISPLAY,
   oSSHSupport,
@@ -214,6 +215,8 @@ static ARGPARSE_OPTS opts[] = {
                 /* */                    N_("allow presetting passphrase")),
   ARGPARSE_s_n (oAllowLoopbackPinentry, "allow-loopback-pinentry",
                                    N_("allow caller to override the pinentry")),
+  ARGPARSE_s_n (oAllowEmacsPinentry,  "allow-emacs-pinentry",
+                /* */    N_("allow passphrase to be prompted through Emacs")),
 
   ARGPARSE_s_n (oSSHSupport,   "enable-ssh-support", N_("enable ssh support")),
   ARGPARSE_s_n (oPuttySupport, "enable-putty-support",
@@ -565,6 +568,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
       opt.ignore_cache_for_signing = 0;
       opt.allow_mark_trusted = 1;
       opt.allow_external_cache = 1;
+      opt.allow_emacs_pinentry = 0;
       opt.disable_scdaemon = 0;
       disable_check_own_socket = 0;
       return 1;
@@ -634,6 +638,9 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread)
     case oNoAllowExternalCache: opt.allow_external_cache = 0;
       break;
 
+    case oAllowEmacsPinentry: opt.allow_emacs_pinentry = 1;
+      break;
+
     default:
       return 0; /* not handled */
     }
@@ -1080,6 +1087,8 @@ main (int argc, char **argv )
 #endif
       es_printf ("allow-loopback-pinentry:%lu:\n",
                  GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
+      es_printf ("allow-emacs-pinentry:%lu:\n",
+                 GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
 
       agent_exit (0);
     }
diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi
index e5701441f..737b51bc0 100644
--- a/doc/gpg-agent.texi
+++ b/doc/gpg-agent.texi
@@ -314,6 +314,12 @@ which employs an additional external cache to implement such a policy.
 By using this option the Pinentry is advised not to make use of such a
 cache and instead always ask the user for the requested passphrase.
 
+@item --allow-emacs-pinentry
+@opindex allow-emacs-pinentry
+Tell Pinentry to allow features to divert the passphrase entry to a
+running Emacs instance.  How this is exactly handled depends on the
+version of the used Pinentry.
+
 @item --ignore-cache-for-signing
 @opindex ignore-cache-for-signing
 This option will let @command{gpg-agent} bypass the passphrase cache for all
@@ -676,7 +682,7 @@ again.  Only certain options are honored: @code{quiet},
 @code{debug-pinentry},
 @code{no-grab}, @code{pinentry-program}, @code{default-cache-ttl},
 @code{max-cache-ttl}, @code{ignore-cache-for-signing},
-@code{no-allow-external-cache},
+@code{no-allow-external-cache}, @code{allow-emacs-pinentry},
 @code{no-allow-mark-trusted}, @code{disable-scdaemon}, and
 @code{disable-check-own-socket}.  @code{scdaemon-program} is also
 supported but due to the current implementation, which calls the
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index cf2d18845..cb8308861 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -538,6 +538,10 @@ static gc_option_t gc_options_gpg_agent[] =
    { "ignore-cache-for-signing", GC_OPT_FLAG_RUNTIME,
      GC_LEVEL_BASIC, "gnupg", "do not use the PIN cache when signing",
      GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
+   { "allow-emacs-pinentry", GC_OPT_FLAG_RUNTIME,
+     GC_LEVEL_ADVANCED,
+     "gnupg", "allow passphrase to be prompted through Emacs",
+     GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },
    { "no-allow-external-cache", GC_OPT_FLAG_RUNTIME,
      GC_LEVEL_BASIC, "gnupg", "disallow the use of an external password cache",
      GC_ARG_TYPE_NONE, GC_BACKEND_GPG_AGENT },