]> git.sev.monster Git - dotfiles.git/blobdiff - etc/zsh/.zprofile
projects / sev's projects / dotfiles.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
zprofile: update ssh & gpg socket handling
[dotfiles.git] / etc / zsh / .zprofile
diff --git a/etc/zsh/.zprofile b/etc/zsh/.zprofile
index c66bfb567044654cffa0659689d241e69f43f011..3aedb8c80f194258c480cc106f0a27a65969c9b1 100644 (file)
--- a/etc/zsh/.zprofile
+++ b/etc/zsh/.zprofile
@@ -83,6 +83,8 @@ if [[ ! -v _sev_setup_gpg_forward && -v commands[gpg] ]] {
 
     # check for a forwarded socket
     if [[ -v SSH_CLIENT ]] {
 
     # check for a forwarded socket
     if [[ -v SSH_CLIENT ]] {
+        # find newest socket owned by us
+        # XXX: race condition
         s=($_GNUPG_SOCK_DEST_BASE*(N=u[$LOGNAME]oc[1]))
         if [[ -n $s ]] {
             # create new forward dir
         s=($_GNUPG_SOCK_DEST_BASE*(N=u[$LOGNAME]oc[1]))
         if [[ -n $s ]] {
             # create new forward dir
@@ -145,11 +147,9 @@ if [[ -v commands[gpg-connect-agent] &&
                 export GPG_TTY=$(tty)
             if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
                   ${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
                 export GPG_TTY=$(tty)
             if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
                   ${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
-                export PINENTRY_USER_DATA=USE_TTY=0
-            # XXX: we are assuming this is our pinentry from .local/bin
-            sed -Ei 's\1f^([[:space:]]*pinentry-program[[:space:]]).*$\1f\1'$HOME'/.local/bin/pinentry\1f' \
+                export PINENTRY_USER_DATA=${${:-${PINENTRY_USER_DATA//USE_TTY=[01] #/} USE_TTY=0}/# ##/}
+            sed -Ei 's\1f^([[:space:]]*pinentry-program[[:space:]]).*/\.local/bin/pinentry$\1f\1'$HOME'/.local/bin/pinentry\1f' \
               ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf 2>/dev/null
               ${GNUPGHOME:-~/.gnupg}/gpg-agent.conf 2>/dev/null
-            # XXX: could check for changes before doing this to save perf
             gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
             if {$p} {
                 gpg-connect-agent /subst /serverpid \
             gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
             if {$p} {
                 gpg-connect-agent /subst /serverpid \
@@ -179,14 +179,19 @@ if [[ ! -v _sev_setup_ssh ]] {
         if [[ -f $e ]] {
             IFS=$'\0' read -r sock pid <$e
         }
         if [[ -f $e ]] {
             IFS=$'\0' read -r sock pid <$e
         }
-        if [[ -S $sock && $pid > 0 ]] && kill -0 $pid >/dev/null 2>&1; then
+        if ([[ -S $sock && $pid > 0 ]] && kill -0 $pid >/dev/null 2>&1) {
             [[ -o interactive ]] && print -P "Reusing agent PID $pid%f"
             export SSH_AUTH_SOCK=$sock
             export SSH_AGENT_PID=$pid
             [[ -o interactive ]] && print -P "Reusing agent PID $pid%f"
             export SSH_AUTH_SOCK=$sock
             export SSH_AGENT_PID=$pid
-        else
+        } else {
+            # remove stale socket and dir
+            if [[ -v $sock ]] {
+                [[ -e $sock ]] && rm $sock 2>/dev/null
+                [[ -d ${sock:h} ]] && rmdir ${sock:h} 2>/dev/null
+            }
             # TODO: ensure ssh-agent path looks legit to avoid unsafe eval?
             # XXX: doesn't appear to be any other way to handle redirection.
             # TODO: ensure ssh-agent path looks legit to avoid unsafe eval?
             # XXX: doesn't appear to be any other way to handle redirection.
-            #      because eval needs to write to current scope environment
+            #      because eval needs to write to current environment,
             #      subshells can't be used to capture output and print.
             c='TMPDIR=$_sev_tmp ${okc}ssh-agent'
             if [[ -o interactive ]] {
             #      subshells can't be used to capture output and print.
             c='TMPDIR=$_sev_tmp ${okc}ssh-agent'
             if [[ -o interactive ]] {
@@ -198,7 +203,7 @@ if [[ ! -v _sev_setup_ssh ]] {
             }
             echo -En - $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$e
             unset c
             }
             echo -En - $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$e
             unset c
-        fi
+        }
         unset okc e sock pid
     } elif [[ ! -v SSH_AUTH_SOCK && -v commands[gpg] ]] {
         # since gpg should have been started above, just export and notify
         unset okc e sock pid
     } elif [[ ! -v SSH_AUTH_SOCK && -v commands[gpg] ]] {
         # since gpg should have been started above, just export and notify
sev's dotfiles
This page took 0.043707 seconds and 4 git commands to generate.