# check for a forwarded socket
if [[ -v SSH_CLIENT ]] {
+ # find newest socket owned by us
+ # XXX: race condition
s=($_GNUPG_SOCK_DEST_BASE*(N=u[$LOGNAME]oc[1]))
if [[ -n $s ]] {
# create new forward dir
export GPG_TTY=$(tty)
if [[ ( -v DISPLAY || -v WAYLAND_DISPLAY ) &&
${PINENTRY_USER_DATA/USE_TTY=0} == $PINENTRY_USER_DATA ]]
- export PINENTRY_USER_DATA=USE_TTY=0
- # XXX: we are assuming this is our pinentry from .local/bin
- sed -Ei 's\1f^([[:space:]]*pinentry-program[[:space:]]).*$\1f\1'$HOME'/.local/bin/pinentry\1f' \
+ export PINENTRY_USER_DATA=${(*)${:-${(*)PINENTRY_USER_DATA//USE_TTY=[01] #} USE_TTY=0}/# ##}
+ sed -Ei 's\1f^([[:space:]]*pinentry-program[[:space:]]).*/\.local/bin/pinentry$\1f\1'$HOME'/.local/bin/pinentry\1f' \
${GNUPGHOME:-~/.gnupg}/gpg-agent.conf 2>/dev/null
- # XXX: could check for changes before doing this to save perf
gpg-connect-agent RELOADAGENT UPDATESTARTUPTTY /bye >/dev/null 2>&1
if {$p} {
gpg-connect-agent /subst /serverpid \
if [[ -f $e ]] {
IFS=$'\0' read -r sock pid <$e
}
- if [[ -S $sock && $pid > 0 ]] && kill -0 $pid >/dev/null 2>&1; then
+ if {[[ -S $sock && $pid > 0 ]] && kill -0 $pid >/dev/null 2>&1} {
[[ -o interactive ]] && print -P "Reusing agent PID $pid%f"
export SSH_AUTH_SOCK=$sock
export SSH_AGENT_PID=$pid
- else
+ } else {
+ # remove stale socket and dir
+ if [[ -v $sock ]] {
+ [[ -e $sock ]] && rm $sock 2>/dev/null
+ [[ -d ${sock:h} ]] && rmdir ${sock:h} 2>/dev/null
+ }
# TODO: ensure ssh-agent path looks legit to avoid unsafe eval?
# XXX: doesn't appear to be any other way to handle redirection.
- # because eval needs to write to current scope environment
+ # because eval needs to write to current environment,
# subshells can't be used to capture output and print.
c='TMPDIR=$_sev_tmp ${okc}ssh-agent'
if [[ -o interactive ]] {
}
echo -En - $SSH_AUTH_SOCK$'\0'$SSH_AGENT_PID >!$e
unset c
- fi
+ }
unset okc e sock pid
} elif [[ ! -v SSH_AUTH_SOCK && -v commands[gpg] ]] {
# since gpg should have been started above, just export and notify