diff options
| author | Werner Koch <[email protected]> | 2013-05-21 11:10:00 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2013-05-22 07:56:05 +0000 |
| commit | f2d8a14e1b12534eba69d595a62c78f92331e11b (patch) | |
| tree | 1c955d8bc17426f4e058b709805a439ed5f2bdea | |
| parent | w32: Add icons and version information. (diff) | |
| download | gnupg-f2d8a14e1b12534eba69d595a62c78f92331e11b.tar.gz gnupg-f2d8a14e1b12534eba69d595a62c78f92331e11b.zip | |
agent: New option --disable-check-own-socket.
* agent/gpg-agent.c (oDisableCheckOwnSocket): New.
(disable_check_own_socket): New.
(parse_rereadable_options): Set new option.
(check_own_socket): Implement new option.
Signed-off-by: Werner Koch <[email protected]>
| -rw-r--r-- | agent/gpg-agent.c | 10 | ||||
| -rw-r--r-- | doc/gpg-agent.texi | 28 |
2 files changed, 30 insertions, 8 deletions
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index 469011493..ff129f980 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -112,6 +112,7 @@ enum cmd_and_opt_values oKeepDISPLAY, oSSHSupport, oDisableScdaemon, + oDisableCheckOwnSocket, oWriteEnvFile }; @@ -148,6 +149,7 @@ static ARGPARSE_OPTS opts[] = { { oScdaemonProgram, "scdaemon-program", 2 , N_("|PGM|use PGM as the SCdaemon program") }, { oDisableScdaemon, "disable-scdaemon", 0, N_("do not use the SCdaemon") }, + { oDisableCheckOwnSocket, "disable-check-own-socket", 0, "@" }, { oFakedSystemTime, "faked-system-time", 2, "@" }, /* (epoch time) */ { oBatch, "batch", 0, "@" }, @@ -232,6 +234,9 @@ static int shutdown_pending; /* Counter for the currently running own socket checks. */ static int check_own_socket_running; +/* Flags to indicate that check_own_socket shall not be called. */ +static int disable_check_own_socket; + /* It is possible that we are currently running under setuid permissions */ static int maybe_setuid = 1; @@ -491,6 +496,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) opt.ignore_cache_for_signing = 0; opt.allow_mark_trusted = 0; opt.disable_scdaemon = 0; + disable_check_own_socket = 0; return 1; } @@ -521,6 +527,7 @@ parse_rereadable_options (ARGPARSE_ARGS *pargs, int reread) case oPinentryTouchFile: opt.pinentry_touch_file = pargs->r.ret_str; break; case oScdaemonProgram: opt.scdaemon_program = pargs->r.ret_str; break; case oDisableScdaemon: opt.disable_scdaemon = 1; break; + case oDisableCheckOwnSocket: disable_check_own_socket = 1; break; case oDefCacheTTL: opt.def_cache_ttl = pargs->r.ret_ulong; break; case oDefCacheTTLSSH: opt.def_cache_ttl_ssh = pargs->r.ret_ulong; break; @@ -2174,6 +2181,9 @@ check_own_socket (void) npth_attr_t tattr; int err; + if (disable_check_own_socket) + return; + if (!opt.use_standard_socket) return; /* This check makes only sense in standard socket mode. */ diff --git a/doc/gpg-agent.texi b/doc/gpg-agent.texi index dcd96fb33..f832b8ebd 100644 --- a/doc/gpg-agent.texi +++ b/doc/gpg-agent.texi @@ -449,6 +449,16 @@ Do not make use of the scdaemon tool. This option has the effect of disabling the ability to do smartcard operations. Note, that enabling this option at runtime does not kill an already forked scdaemon. +@ifset gpgtwoone +@item --disable-check-own-socket +@opindex disable-check-own-socket +@command{gpg-agent} employs a periodic self-test to detect a stolen +socket. This usually means a second instance of @command{gpg-agent} +has taken over the socket and @command{gpg-agent} will then terminate +itself. This option may be used to disable this self-test for +debugging purposes. +@end ifset + @item --use-standard-socket @itemx --no-use-standard-socket @opindex use-standard-socket @@ -695,14 +705,16 @@ Here is a list of supported signals: @item SIGHUP @cpindex SIGHUP This signal flushes all cached passphrases and if the program has been -started with a configuration file, the configuration file is read again. -Only certain options are honored: @code{quiet}, @code{verbose}, -@code{debug}, @code{debug-all}, @code{debug-level}, @code{no-grab}, -@code{pinentry-program}, @code{default-cache-ttl}, @code{max-cache-ttl}, -@code{ignore-cache-for-signing}, @code{allow-mark-trusted} and -@code{disable-scdaemon}. @code{scdaemon-program} is also supported but -due to the current implementation, which calls the scdaemon only once, -it is not of much use unless you manually kill the scdaemon. +started with a configuration file, the configuration file is read +again. Only certain options are honored: @code{quiet}, +@code{verbose}, @code{debug}, @code{debug-all}, @code{debug-level}, +@code{no-grab}, @code{pinentry-program}, @code{default-cache-ttl}, +@code{max-cache-ttl}, @code{ignore-cache-for-signing}, +@code{allow-mark-trusted}, @code{disable-scdaemon}, and +@code{disable-check-own-socket}. @code{scdaemon-program} is also +supported but due to the current implementation, which calls the +scdaemon only once, it is not of much use unless you manually kill the +scdaemon. @item SIGTERM |