summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJaromil <jaromil@dyne.org>2014-12-21 21:58:38 (GMT)
committer Jaromil <jaromil@dyne.org>2014-12-21 21:58:38 (GMT)
commit5bcf5c2c4405c5c9a763f506e2628c00395857df (patch)
treedeed831ebc2dfc493ce3277dacd50331fc531205
parentd88fd5c9cba41f0e52ab960677c81ff409043a70 (diff)
detect .gpg file extension and avoid handling password (delagates gnupg) hypotesis for issue #179gnupg-delegation
-rwxr-xr-xtomb17
1 files changed, 16 insertions, 1 deletions
diff --git a/tomb b/tomb
index 54cda6e..0113a52 100755
--- a/tomb
+++ b/tomb
@@ -846,6 +846,17 @@ _load_key() {
TOMBKEYFILE=cleartext
TOMBKEY=cleartext
TOMBSECRET=$(cat)
+
+
+ elif [[ ${keyfile#*\.} =~ 'gpg$' ]]; then
+ # if the last file extension is '.gpg' then don't handle password
+ _verbose "load_key delegating password handling to GnuPG"
+ _message "Waiting for GnuPG to handle password authentication... "
+ TOMBKEYFILE=$keyfile
+ TOMBKEY="${mapfile[$TOMBKEYFILE]}"
+ # signal to ask_key_password to let GnuPG handle it
+ TOMBSECRET="GNUPG"
+
else
_verbose "load_key argument: ::1 key file::" $keyfile
[[ -r $keyfile ]] || _failure "Key not found, specify one using -k."
@@ -885,7 +896,6 @@ gpg_decrypt() {
} || { # using status-file in gpg != 1.4.11
- # TODO: use mkfifo
TOMBSECRET=`print - "$gpgpass" | \
gpg --batch --passphrase-fd 0 --no-tty --no-options \
--status-fd 2 --no-mdc-warning --no-permission-warning \
@@ -963,6 +973,11 @@ ask_key_password() {
_verbose "no password needed, using secret bytes from stdin"
return 0 }
+ # if GnuPG handles it just pass it without asking for pass
+ [[ "$TOMBKEYFILE" = "GNUPG" ]] && {
+ get_lukskey "gnupg"
+ return $? }
+
_message "A password is required to use key ::1 key::" $TOMBKEYFILE
passok=0
tombpass=""