From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/53777 Path: main.gmane.org!not-for-mail From: =?iso-8859-1?q?Michael_Teichgr=E4ber?= Newsgroups: gmane.emacs.gnus.general Subject: Re: pgg*.el and passphrase caching Date: Wed, 20 Aug 2003 07:57:59 +0200 Sender: ding-owner@lists.math.uh.edu Message-ID: <87k798oopk.fsf@wmipf.in-berlin.de> References: <871xvhxzvo.fsf@pooh.honeypot.net> NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: sea.gmane.org 1061361279 7909 80.91.224.253 (20 Aug 2003 06:34:39 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 20 Aug 2003 06:34:39 +0000 (UTC) Cc: ding@gnus.org Original-X-From: ding-owner+M2318@lists.math.uh.edu Wed Aug 20 08:34:38 2003 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 19pMYH-0001Ci-00 for ; Wed, 20 Aug 2003 08:34:37 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19pMTl-00071N-00; Wed, 20 Aug 2003 01:29:57 -0500 Original-Received: from sclp3.sclp.com ([64.157.176.121]) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 19pMTb-00071F-00 for ding@lists.math.uh.edu; Wed, 20 Aug 2003 01:29:47 -0500 Original-Received: (qmail 70908 invoked by alias); 20 Aug 2003 06:29:47 -0000 Original-Received: (qmail 70903 invoked from network); 20 Aug 2003 06:29:47 -0000 Original-Received: from mail.s.netic.de (212.9.160.11) by sclp3.sclp.com with SMTP; 20 Aug 2003 06:29:47 -0000 Original-Received: from host-212-9-162-247.dial.netic.de ([212.9.162.247] helo=iridium.renata.de) by mail.s.netic.de with esmtp (Exim 4.10) id 19pMTW-000JWn-00; Wed, 20 Aug 2003 08:29:42 +0200 Original-Received: from micha by iridium.renata.de with local (masqmail 0.2.20) id 19pMRL-4Ql-00; Wed, 20 Aug 2003 08:27:27 +0200 Mail-Reply-To: "Michael =?iso-8859-1?q?Teichgr=E4ber=22?= Original-To: Kirk Strauser X-Wo-Ist-Die-ISS: http://wmipf.in-berlin.de/sat/curpos.html X-Betriebssystem: Debian GNU/Linux X-Request-PGP: http://wmipf.in-berlin.de/mtgpg.asc X-PGP-Key: 5656 F203 8343 0A2E 8259 6102 3F0D B4F4 1182 8000 In-Reply-To: <871xvhxzvo.fsf@pooh.honeypot.net> (Kirk Strauser's message of "Tue, 19 Aug 2003 13:31:55 -0500") User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.2 (gnu/linux) Precedence: bulk Xref: main.gmane.org gmane.emacs.gnus.general:53777 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:53777 --=-=-= Content-Transfer-Encoding: quoted-printable Kirk Strauser writes: > I use gpg-agent. How can I prevent Gnus from prompting for my > passphrase so that the agent always handles the entry? For a while I have been using the appended patch. It introduces a defcustom of type boolean `pgg-gpg-use-agent-if-available', and a defconst `pgg-gpg-agent-available' that is t if GPG_AGENT_INFO is set. A function pgg-gpg-use-agent then is used at various places to avoid the passphrase being read by Gnus. --=20 Michael Index: pgg-gpg.el =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/local/cvsroot/gnus/lisp/pgg-gpg.el,v retrieving revision 6.13 diff -u -p -r6.13 pgg-gpg.el --- pgg-gpg.el 6 Apr 2003 00:18:33 -0000 6.13 +++ pgg-gpg.el 17 Apr 2003 12:14:01 -0000 @@ -36,6 +36,14 @@ :group 'pgg-gpg :type 'string) =20 +(defcustom pgg-gpg-use-agent-if-available nil=20 + "Whether to use gpg-agent if it can be located via environment." + :group 'pgg-gpg + :type 'boolean) + +(defconst pgg-gpg-agent-available (if (getenv "GPG_AGENT_INFO") t) + "If gpg-agent can be located, this constant is t.") + (defcustom pgg-gpg-extra-args nil "Extra arguments for every GnuPG invocation." :group 'pgg-gpg @@ -46,6 +54,13 @@ (defvar pgg-gpg-user-id nil "GnuPG ID of your default identity.") =20 +(defun pgg-gpg-use-agent () + "If it returns t, gpg will be told to use gpg-agent for secret key +management, otherwise PGG will ask you for passphrase(s). Depends on +the value of `pgg-gpg-use-agent-if-available', and whether the agent +can be located." + (and pgg-gpg-agent-available pgg-gpg-use-agent-if-available)) + (defun pgg-gpg-process-region (start end passphrase program args) (let* ((output-file-name (expand-file-name (make-temp-name "pgg-output")=20 @@ -53,7 +68,8 @@ (args `("--status-fd" "2" ,@(if passphrase '("--passphrase-fd" "0")) + ,@(if (pgg-gpg-use-agent) '("--use-agent")) "--yes" ; overwrite "--output" ,output-file-name ,@pgg-gpg-extra-args ,@args)) (output-buffer pgg-output-buffer) @@ -96,8 +112,8 @@ (re-search-forward "^\\[GNUPG:] GOOD_PASSPHRASE\\>" nil t))) (pgg-add-passphrase-cache (progn - (goto-char (point-min)) - (if (re-search-forward + (goto-char (point-max)) + (if (re-search-backward "^\\[GNUPG:] NEED_PASSPHRASE \\w+ ?\\w*" nil t) (substring (match-string 0) -8))) passphrase))) @@ -123,9 +139,10 @@ If optional argument SIGN is non-nil, do (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase (when sign - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))))) (args (append (list "--batch" "--armor" "--always-trust" "--encrypt") @@ -148,9 +165,10 @@ If optional argument SIGN is non-nil, do "Decrypt the current region between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'encrypt)))) (args '("--batch" "--decrypt"))) (pgg-gpg-process-region start end passphrase pgg-gpg-program args) (with-current-buffer pgg-errors-buffer @@ -162,9 +180,10 @@ If optional argument SIGN is non-nil, do "Make detached signature from text between START and END." (let* ((pgg-gpg-user-id (or pgg-gpg-user-id pgg-default-user-id)) (passphrase - (pgg-read-passphrase - (format "GnuPG passphrase for %s: " pgg-gpg-user-id) - (pgg-gpg-lookup-key pgg-gpg-user-id 'sign))) + (unless (pgg-gpg-use-agent) + (pgg-read-passphrase + (format "GnuPG passphrase for %s: " pgg-gpg-user-id) + (pgg-gpg-lookup-key pgg-gpg-user-id 'sign)))) (args (list (if cleartext "--clearsign" "--detach-sign") "--armor" "--batch" "--verbose" --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA/Qw3xPw209BGCgAARAp5iAJ9eMBf3P+YUFsPQGuK/ulm7P2/MqwCgrKpl LLpIxoLU2bGaOy2jdI+XNn8= =NUUn -----END PGP SIGNATURE----- --=-=-=--