subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Reser <...@reser.org>
Subject Re: Improving gpg-agent support
Date Thu, 05 Jun 2014 22:47:06 GMT
On 6/2/14, 6:59 PM, Ben Reser wrote:
> The failure to cache on the first connection to the realm issue is a little bit
> harder to solve.  There is actually a PRESET_PASSPHARSE call in gpg-agent's
> API.  But it only works when gpg-agent is started with
> --allow-preset-passphrase.  I think we should make the save function of the
> gpg-agent provider implement the PRESET_PASSPHRASE call.  We can document to
> users they will have a better experience if they provide the
> --allow-preset-passphrase option to gpg-agent when they start it.  We can
> ignore errors if it doesn't.
> 
> There is another option and that is to use gpg-agent as a dumb store like we do
> other caches by combining PRESET_PASSPHRASE in the save function and
> GET_PASSPHARSE --no-ask in the first function.  This would allow us to retain
> the behavior that the svn client asks for the password and thus not have to
> jump through hoops to support the cache system being responsible for the UI to
> request the password.  Doing this of course would rquire that
> --allow-preset-passphrase be passed.  So I think it'd probably be best to have
> a setting in our Subversion config that enables this mode but that then fails
> if --allow-preset-passphrase is not enabled on gpg-agent.  This behavior would
> give the best experience to our users, but since it's intrusive on gpg-agent's
> configuration I don't think it should be default.

Neither of these two ideas can actually be done.  Or at least I don't think
it's a good idea to implement them.  When I wrote this email I'd seen this in
the help output from gpg-connect-agent:
# PRESET_PASSPHRASE <string_or_keygrip> <timeout> <hexstring>

So I went looking to find out what value to set the timeout to to say use
whatever the configured timeout is.  Turns out that there is a much longer help
output for the specific commands and it returns:
# Set the cached passphrase/PIN for the key identified by the keygrip
# to passwd for the given time, where -1 means infinite and 0 means
# the default (currently only a timeout of -1 is allowed, which means
# to never expire it).  If passwd is not provided, ask for it via the
# pinentry module.

As you can see only an infinite timeout is supported, which is not what I
believe people want with this support.

So I believe what I committed in r1600781 will be the final improvement we can
make.  Without some additional improvements on the gpg-agent side.


Mime
View raw message