diff options
| author | Werner Koch <[email protected]> | 2014-12-19 12:07:09 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-12-19 12:07:09 +0000 |
| commit | 14601eacb51f6c8a60d3d57aee1be11debd94c68 (patch) | |
| tree | 7c483a13e8cc474f21ef90f6d3c86220887c6fe8 /agent/gpg-agent.c | |
| parent | agent: Fix string prepended to remotely initiated prompts. (diff) | |
| download | gnupg-14601eacb51f6c8a60d3d57aee1be11debd94c68.tar.gz gnupg-14601eacb51f6c8a60d3d57aee1be11debd94c68.zip | |
agent: Keep the session environment for restricted connections.
* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function. Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--
A remote connection is and should not be able to setup the local
session environment. However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used. The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'agent/gpg-agent.c')
| -rw-r--r-- | agent/gpg-agent.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/agent/gpg-agent.c b/agent/gpg-agent.c index de40e3b4e..b053fc59f 100644 --- a/agent/gpg-agent.c +++ b/agent/gpg-agent.c @@ -1386,6 +1386,39 @@ agent_deinit_default_ctrl (ctrl_t ctrl) } +/* Because the ssh protocol does not send us information about the + current TTY setting, we use this function to use those from startup + or those explictly set. This is also used for the restricted mode + where we ignore requests to change the environment. */ +gpg_error_t +agent_copy_startup_env (ctrl_t ctrl) +{ + static const char *names[] = + {"GPG_TTY", "DISPLAY", "TERM", "XAUTHORITY", "PINENTRY_USER_DATA", NULL}; + gpg_error_t err = 0; + int idx; + const char *value; + + for (idx=0; !err && names[idx]; idx++) + if ((value = session_env_getenv (opt.startup_env, names[idx]))) + err = session_env_setenv (ctrl->session_env, names[idx], value); + + if (!err && !ctrl->lc_ctype && opt.startup_lc_ctype) + if (!(ctrl->lc_ctype = xtrystrdup (opt.startup_lc_ctype))) + err = gpg_error_from_syserror (); + + if (!err && !ctrl->lc_messages && opt.startup_lc_messages) + if (!(ctrl->lc_messages = xtrystrdup (opt.startup_lc_messages))) + err = gpg_error_from_syserror (); + + if (err) + log_error ("error setting default session environment: %s\n", + gpg_strerror (err)); + + return err; +} + + /* Reread parts of the configuration. Note, that this function is obviously not thread-safe and should only be called from the PTH signal handler. |