[MERGE] proper gpg-agent support
John Arbash Meinel
john at arbash-meinel.com
Sun Aug 13 16:05:27 BST 2006
A while ago I wrote a plugin to spawn gpg in a different way, so that it
could connect to pinentry-curses properly. (Basically, gpg has an issue
if stdin is not a tty, which is weird, because it works just fine for
standard password prompting).
Anyway, James Westby pointed me to this debian bug:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322932
It seems that the easy fix is to just set 'GPG_TTY=$TTY'. I did some
testing on the command line, and that does seem to work.
# fails
echo 'foo' | gpg --cl
# succeeds
echo 'foo' | GPG_TTY=$TTY gpg --cl
So the attached patch basically just does this step. I want to include a
NEWS entry about closing bug:
https://launchpad.net/products/bzr/+bug/54468
There is also this bug:
https://launchpad.net/products/bzr/+bug/44755
(gpg agent is not available, so gpg returns an exit code of '2' but
technically the request was properly signed because the user supplied
their passphrase).
Though I think that bug would have to wait until we get gpgme
integration. And we may not be able to fix it even then, since we want a
configurable gpg command (so that people can use custom agents). And I
don't know that gpgme works with generic gpg agent wrappers.
This fix does require users 'export TTY' in their shell startup scripts,
since that doesn't seem to be inherited by default.
John
=:->
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gpg-agent.patch
Type: text/x-patch
Size: 3916 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060813/d8b67870/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20060813/d8b67870/attachment.pgp
More information about the bazaar
mailing list