From 14601eacb51f6c8a60d3d57aee1be11debd94c68 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 19 Dec 2014 13:07:09 +0100
Subject: agent: Keep the session environment for restricted connections.

* agent/command-ssh.c (setup_ssh_env): Move code to ...
* agent/gpg-agent.c (agent_copy_startup_env): .. new function.  Change
calllers.
* agent/command.c (start_command_handler): Call that fucntion for
restricted connections.
--

A remote connection is and should not be able to setup the local
session environment.  However, unless --keep-display is used we would
be left without an environment and thus pinentry can't be used.  The
fix is the same as used for ssh-agent connection: We use the default
environment as used at the startup of the agent.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 agent/command.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'agent/command.c')

diff --git a/agent/command.c b/agent/command.c
index eba766bc4..da7e50857 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -3113,6 +3113,12 @@ start_command_handler (ctrl_t ctrl, gnupg_fd_t listen_fd, gnupg_fd_t fd)
   int rc;
   assuan_context_t ctx = NULL;
 
+  if (ctrl->restricted)
+    {
+      if (agent_copy_startup_env (ctrl))
+        return;
+    }
+
   rc = assuan_new (&ctx);
   if (rc)
     {
-- 
cgit v1.2.3