From e5b9b80008a2fd71b441ef39fe620ed47dad82e5 Mon Sep 17 00:00:00 2001 From: Dapeng Gao <31944689+dpgao@users.noreply.github.com> Date: Tue, 5 Oct 2021 19:54:53 +0800 Subject: [PATCH] fix(gpg-agent): correctly overwrite `$SSH_AUTH_SOCK` and other improvements (#7059) --- plugins/gpg-agent/README.md | 2 +- plugins/gpg-agent/gpg-agent.plugin.zsh | 25 +++++++++++++------------ 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/plugins/gpg-agent/README.md b/plugins/gpg-agent/README.md index 9c1e6d2c..8eeb94f9 100644 --- a/plugins/gpg-agent/README.md +++ b/plugins/gpg-agent/README.md @@ -2,7 +2,7 @@ Enables [GPG's gpg-agent](https://www.gnupg.org/documentation/manuals/gnupg/) if it is not running. -To use it, add gpg-agent to the plugins array of your zshrc file: +To use it, add `gpg-agent` to the plugins array of your zshrc file: ```zsh plugins=(... gpg-agent) diff --git a/plugins/gpg-agent/gpg-agent.plugin.zsh b/plugins/gpg-agent/gpg-agent.plugin.zsh index 3e24c252..0adc8de5 100644 --- a/plugins/gpg-agent/gpg-agent.plugin.zsh +++ b/plugins/gpg-agent/gpg-agent.plugin.zsh @@ -1,16 +1,17 @@ -# Enable gpg-agent if it is not running- -# --use-standard-socket will work from version 2 upwards - -AGENT_SOCK=$(gpgconf --list-dirs | grep agent-socket | cut -d : -f 2) - -if [[ ! -S $AGENT_SOCK ]]; then - gpg-agent --daemon --use-standard-socket &>/dev/null -fi export GPG_TTY=$TTY -# Set SSH to use gpg-agent if it's enabled -GNUPGCONFIG="${GNUPGHOME:-"$HOME/.gnupg"}/gpg-agent.conf" -if [[ -r $GNUPGCONFIG ]] && command grep -q enable-ssh-support "$GNUPGCONFIG"; then - export SSH_AUTH_SOCK="$AGENT_SOCK.ssh" +# Fix for passphrase prompt on the correct tty +# See https://www.gnupg.org/documentation/manuals/gnupg/Agent-Options.html#option-_002d_002denable_002dssh_002dsupport +function _gpg-agent_update-tty_preexec { + gpg-connect-agent updatestartuptty /bye &>/dev/null +} +autoload -U add-zsh-hook +add-zsh-hook preexec _gpg-agent_update-tty_preexec + +# If enable-ssh-support is set, fix ssh agent integration +if [[ $(gpgconf --list-options gpg-agent | awk -F: '$1=="enable-ssh-support" {print $10}') = 1 ]]; then unset SSH_AGENT_PID + if [[ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]]; then + export SSH_AUTH_SOCK="$(gpgconf --list-dirs agent-ssh-socket)" + fi fi