Kirk Strauser writes: > I use gpg-agent. How can I prevent Gnus from prompting for my > passphrase so that the agent always handles the entry? For a while I have been using the appended patch. It introduces a defcustom of type boolean `pgg-gpg-use-agent-if-available', and a defconst `pgg-gpg-agent-available' that is t if GPG_AGENT_INFO is set. A function pgg-gpg-use-agent then is used at various places to avoid the passphrase being read by Gnus. -- Michael Index: pgg-gpg.el =================================================================== RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v retrieving revision 6.13 diff -u -p -r6.13 pgg-gpg.el --- pgg-gpg.el 6 Apr 2003 00:18:33 -0000 6.13 +++ pgg-gpg.el 17 Apr 2003 12:14:01 -0000 @@ -36,6 +36,14 @@ :group 'pgg-gpg :type 'string) +(defcustom pgg-gpg-use-agent-if-available nil + "Whether to use gpg-agent if it can be located via environment." + :group 'pgg-gpg + :type 'boolean) + +(defconst pgg-gpg-agent-available (if (getenv "GPG_AGENT_INFO") t) + "If gpg-agent can be located, this constant is t.") + (defcustom pgg-gpg-extra-args nil "Extra arguments for every GnuPG invocation." :group 'pgg-gpg @@ -46,6 +54,13 @@ (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") +(defun pgg-gpg-use-agent () + "If it returns t, gpg will be told to use gpg-agent for secret key +management, otherwise PGG will ask you for passphrase(s). Depends on +the value of `pgg-gpg-use-agent-if-available', and whether the agent +can be located." + (and pgg-gpg-agent-available pgg-gpg-use-agent-if-available)) + (defun pgg-gpg-process-region (start end passphrase program args) (let* ((output-file-name (expand-file-name (make-temp-name "pgg-output") @@ -53,7 +68,8 @@ (args `("--status-fd" "2" ,@(if passphrase '("--passphrase-fd" "0")) + ,@(if (pgg-gpg-use-agent) '("--use-agent")) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) (output-buffer pgg-output-buffer) @@ -96,8 +112,8 @@ (re-search-forward "^\\[GNUPG:] GOOD_PASSPHRASE\\>" nil t))) (pgg-add-passphrase-cache (progn - (goto-char (point-min)) - (if (re-search-forward + (goto-char (point-max)) + (if (re-search-backward "^\\[GNUPG:] NEED_PASSPHRASE \\w+ ?\\w*" nil t) (substring (match-string 0) -8))) passphrase))) @@ -123,9 +139,10 @@ If optional argument SIGN is non-nil, do (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))))) (args (append (list "--batch" "--armor" "--always-trust" "--encrypt") @@ -148,9 +165,10 @@ If optional argument SIGN is non-nil, do "Decrypt the current region between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -162,9 +180,10 @@ If optional argument SIGN is non-nil, do "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'sign))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'sign)))) (args (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--batch" "--verbose"