diff options
Diffstat (limited to 'pkgs/tools/security/gnupg/socket-activate-2.1.1.patch')
-rw-r--r-- | pkgs/tools/security/gnupg/socket-activate-2.1.1.patch | 170 |
1 files changed, 170 insertions, 0 deletions
diff --git a/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch b/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch new file mode 100644 index 00000000000..2c2d7b54250 --- /dev/null +++ b/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch @@ -0,0 +1,170 @@ +Port Shea Levy's socket activation patch to version 2.1.1. + +diff -Naur gnupg-2.1.1-upstream/agent/gpg-agent.c gnupg-2.1.1/agent/gpg-agent.c +--- gnupg-2.1.1-upstream/agent/gpg-agent.c 2014-12-01 05:04:57.000000000 -0430 ++++ gnupg-2.1.1/agent/gpg-agent.c 2014-12-23 17:13:48.029286035 -0430 +@@ -125,7 +125,9 @@ + oPuttySupport, + oDisableScdaemon, + oDisableCheckOwnSocket, +- oWriteEnvFile ++ oWriteEnvFile, ++ oAgentFD, ++ oSSHAgentFD + }; + + +@@ -143,6 +145,8 @@ + ARGPARSE_group (301, N_("@Options:\n ")), + + ARGPARSE_s_n (oDaemon, "daemon", N_("run in daemon mode (background)")), ++ ARGPARSE_s_i (oAgentFD, "agent-fd", "@"), ++ ARGPARSE_s_i (oSSHAgentFD, "ssh-agent-fd", "@"), + ARGPARSE_s_n (oServer, "server", N_("run in server mode (foreground)")), + ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")), + ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")), +@@ -627,6 +631,31 @@ + return 1; /* handled */ + } + ++/* Handle agent socket(s) */ ++static void ++handle_agent_socks(int fd, int fd_extra, int fd_ssh) ++{ ++#ifndef HAVE_W32_SYSTEM ++ if (chdir("/")) ++ { ++ log_error ("chdir to / failed: %s\n", strerror (errno)); ++ exit (1); ++ } ++ ++ { ++ struct sigaction sa; ++ ++ sa.sa_handler = SIG_IGN; ++ sigemptyset (&sa.sa_mask); ++ sa.sa_flags = 0; ++ sigaction (SIGPIPE, &sa, NULL); ++ } ++#endif /*!HAVE_W32_SYSTEM*/ ++ ++ log_info ("%s %s started\n", strusage(11), strusage(13) ); ++ handle_connections (fd, fd_extra, fd_ssh); ++ assuan_sock_close (fd); ++} + + /* The main entry point. */ + int +@@ -643,6 +672,8 @@ + int default_config =1; + int pipe_server = 0; + int is_daemon = 0; ++ int fd_agent = GNUPG_INVALID_FD; ++ int fd_ssh_agent = GNUPG_INVALID_FD; + int nodetach = 0; + int csh_style = 0; + char *logfile = NULL; +@@ -850,6 +881,8 @@ + case oSh: csh_style = 0; break; + case oServer: pipe_server = 1; break; + case oDaemon: is_daemon = 1; break; ++ case oAgentFD: fd_agent = pargs.r.ret_int; break; ++ case oSSHAgentFD: fd_ssh_agent = pargs.r.ret_int; break; + + case oDisplay: default_display = xstrdup (pargs.r.ret_str); break; + case oTTYname: default_ttyname = xstrdup (pargs.r.ret_str); break; +@@ -940,7 +973,8 @@ + bind_textdomain_codeset (PACKAGE_GT, "UTF-8"); + #endif + +- if (!pipe_server && !is_daemon && !gpgconf_list) ++ if (!pipe_server && !is_daemon && !gpgconf_list && ++ fd_agent == GNUPG_INVALID_FD) + { + /* We have been called without any options and thus we merely + check whether an agent is already running. We do this right +@@ -1090,6 +1124,10 @@ + agent_deinit_default_ctrl (ctrl); + xfree (ctrl); + } ++ else if (fd_agent != GNUPG_INVALID_FD) ++ { ++ handle_agent_socks(fd_agent, GNUPG_INVALID_FD, fd_ssh_agent); ++ } + else if (!is_daemon) + ; /* NOTREACHED */ + else +@@ -1287,26 +1325,8 @@ + log_set_prefix (NULL, oldflags | JNLIB_LOG_RUN_DETACHED); + opt.running_detached = 1; + } +- +- if (chdir("/")) +- { +- log_error ("chdir to / failed: %s\n", strerror (errno)); +- exit (1); +- } +- +- { +- struct sigaction sa; +- +- sa.sa_handler = SIG_IGN; +- sigemptyset (&sa.sa_mask); +- sa.sa_flags = 0; +- sigaction (SIGPIPE, &sa, NULL); +- } +-#endif /*!HAVE_W32_SYSTEM*/ +- +- log_info ("%s %s started\n", strusage(11), strusage(13) ); +- handle_connections (fd, fd_extra, fd_ssh); +- assuan_sock_close (fd); ++#endif /*!HAVE_W32_SYSTEM*/ ++ handle_agent_socks(fd, fd_extra, fd_ssh); + } + + return 0; +diff -Naur gnupg-2.1.1-upstream/doc/gpg-agent.texi gnupg-2.1.1/doc/gpg-agent.texi +--- gnupg-2.1.1-upstream/doc/gpg-agent.texi 2014-12-05 09:56:37.000000000 -0430 ++++ gnupg-2.1.1/doc/gpg-agent.texi 2014-12-23 16:26:38.366391186 -0430 +@@ -43,7 +43,15 @@ + .IR file ] + .RI [ options ] + .B \-\-daemon +-.RI [ command_line ] ++.br ++.B gpg-agent ++.RB [ \-\-homedir ++.IR dir ] ++.RB [ \-\-options ++.IR file ] ++.RI [ options ] ++.B \-\-agent-fd ++.IR fd + @end ifset + + @mansect description +@@ -186,6 +194,11 @@ + a new process as a child of gpg-agent: @code{gpg-agent --daemon + /bin/sh}. This way you get a new shell with the environment setup + properly; if you exit from this shell, gpg-agent terminates as well. ++ ++@item --agent-fd @var{fd} ++@opindex agent-fd ++Start the gpg-agent using @var{fd} as the listening socket. This is useful for ++socket activation a la systemd and launchd. + @end table + + @mansect options +@@ -545,6 +558,12 @@ + remote machine. + + ++@item --ssh-agent-fd @var{fd} ++@opindex ssh-agent-fd ++ ++When starting the agent with @option{--agent-fd}, use this to pass in a socket ++to be used for the OpenSSH agent protocol. ++ + @anchor{option --enable-ssh-support} + @item --enable-ssh-support + @opindex enable-ssh-support |