}
}
# reset GNUPGHOME if we removed our own dir
- if [[ $GNUPGHOME =~ '/.ssh_forward/\d+/*$' && ! -e $GNUPGHOME ]] {
- x=$GNUPGHOME
- [[ -o GLOB_ASSIGN ]]; y=$?
- setopt GLOB_ASSIGN
- GNUPGHOME=$GNUPGHOME/../..(:a)
- (( y != 0 )) && unsetopt GLOB_ASSIGN
- }
+ if [[ $GNUPGHOME =~ '/.ssh_forward/\d+/*$' && ! -e $GNUPGHOME ]]
+ GNUPGHOME=${GNUPGHOME%$MATCH}
}
## tmp
h=$_sev_gpg_forward_dir/$$
mkdir -pm700 $h
# XXX: is it safe to link scdaemon socket? can its name be changed?
- for x (S.scdaemon gpg.conf gpg-agent.conf sshcontrol
- pubring.kbx trustdb.gpg private-keys-v1.d crls.d) {
+ for x (S.scdaemon gpg.conf gpg-agent.conf sshcontrol random_seed
+ pubring.kbx{,~} trustdb.gpg private-keys-v1.d crls.d) {
ln -s ${GNUPGHOME:-~/.gnupg}/$x $h
}
export GNUPGHOME=$h
if {$p} {
print -nP '%F{blue}>>>%f GPG: '
if [[ -v _sev_setup_gpg_forward ]] {
- a=agent
- print -nP '%F{yellow}Forwarded%f '
- } else { a=Agent }
- print -nP '%F{green}'
+ print -nP '%F{yellow}Forwarded agent '
+ } else {
+ print -nP '%F{green}Agent '
+ }
}
gpg-connect-agent /bye >/dev/null 2>&1
if [[ $? -ne 0 ]] {
- $p && print -P '%F{red}$a communication error'
+ $p && print -P '%F{red}communication error'
} else {
- if [[ ${+GPG_TTY} -eq 0 && -o interactive ]]
- export GPG_TTY=$(tty)
- if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
- ${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
- export PINENTRY_USER_DATA=USE_TTY=$((
- ${+DISPLAY} + ${+WAYLAND_DISPLAY} == 0))
- # XXX: don't know if gpg-agent supports comments after directives
- # XXX: path could have #
- sed -Ei 's#^([[:space:]]*pinentry-program[[:space:]]).*$#\1'${commands[pinentry]:-/dev/null}'#' \
- ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf
- # XXX: could probably check for changes before doing this to save perf
- gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
- $p && gpg-connect-agent /subst /serverpid \
- "/echo $a pid \${get serverpid} on $GPG_TTY" /bye
+ if [[ ! -v _sev_setup_gpg_forward ]] {
+ if [[ ${+GPG_TTY} -eq 0 && -o interactive ]]
+ export GPG_TTY=$(tty)
+ if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
+ ${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
+ export PINENTRY_USER_DATA=USE_TTY=$((
+ ${+DISPLAY} + ${+WAYLAND_DISPLAY} == 0))
+ # XXX: don't know if gpg-agent supports comments after directives
+ # XXX: path could have #
+ sed -Ei 's#^([[:space:]]*pinentry-program[[:space:]]).*$#\1'${commands[pinentry]:-/dev/null}'#' \
+ ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf
+ # XXX: could check for changes before doing this to save perf
+ gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
+ if {$p} {
+ gpg-connect-agent /subst /serverpid \
+ "/echo pid \${get serverpid} on $GPG_TTY" /bye 2>/dev/null
+ print -nP '%f'
+ }
+ } elif {$p} {
+ print -P '%f'
+ }
export _sev_setup_gpgagent=
}
- $p && print -nP '%f'
- unset p a
+ unset p
}
### ssh agent
projects / sev's projects / dotfiles.git / blobdiff