Attached is a patch which ports the socket activation patch for gnupg to the
version 2.1.1
>From c72228743a3bb56ebe33f6613493fee27c835756 Mon Sep 17 00:00:00 2001
From: Karn Kallio <[email protected]>
Date: Tue, 23 Dec 2014 21:50:04 -0430
Subject: [PATCH] gnupg: Port socket activation patch to version 2.1.1.
---
pkgs/tools/security/gnupg/21.nix | 2 +-
.../security/gnupg/socket-activate-2.1.1.patch | 170 +++++++++++++++++++++
2 files changed, 171 insertions(+), 1 deletion(-)
create mode 100644 pkgs/tools/security/gnupg/socket-activate-2.1.1.patch
diff --git a/pkgs/tools/security/gnupg/21.nix b/pkgs/tools/security/gnupg/21.nix
index d6fe93b..75510c9 100644
--- a/pkgs/tools/security/gnupg/21.nix
+++ b/pkgs/tools/security/gnupg/21.nix
@@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
sha256 = "0jffj23a02gw7gmrh9j9ynp50bvl2pc2y74i9ii65nvm50fx1v3h";
};
- patches = [ ./socket-activate.patch ];
+ patches = [ ./socket-activate-2.1.1.patch ];
buildInputs = [
pkgconfig libgcrypt libassuan libksba npth
diff --git a/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch b/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch
new file mode 100644
index 0000000..2c2d7b5
--- /dev/null
+++ b/pkgs/tools/security/gnupg/socket-activate-2.1.1.patch
@@ -0,0 +1,170 @@
+Port Shea Levy's socket activation patch to version 2.1.1.
+
+diff -Naur gnupg-2.1.1-upstream/agent/gpg-agent.c gnupg-2.1.1/agent/gpg-agent.c
+--- gnupg-2.1.1-upstream/agent/gpg-agent.c 2014-12-01 05:04:57.000000000 -0430
++++ gnupg-2.1.1/agent/gpg-agent.c 2014-12-23 17:13:48.029286035 -0430
+@@ -125,7 +125,9 @@
+ oPuttySupport,
+ oDisableScdaemon,
+ oDisableCheckOwnSocket,
+- oWriteEnvFile
++ oWriteEnvFile,
++ oAgentFD,
++ oSSHAgentFD
+ };
+
+
+@@ -143,6 +145,8 @@
+ ARGPARSE_group (301, N_("@Options:\n ")),
+
+ ARGPARSE_s_n (oDaemon, "daemon", N_("run in daemon mode (background)")),
++ ARGPARSE_s_i (oAgentFD, "agent-fd", "@"),
++ ARGPARSE_s_i (oSSHAgentFD, "ssh-agent-fd", "@"),
+ ARGPARSE_s_n (oServer, "server", N_("run in server mode (foreground)")),
+ ARGPARSE_s_n (oVerbose, "verbose", N_("verbose")),
+ ARGPARSE_s_n (oQuiet, "quiet", N_("be somewhat more quiet")),
+@@ -627,6 +631,31 @@
+ return 1; /* handled */
+ }
+
++/* Handle agent socket(s) */
++static void
++handle_agent_socks(int fd, int fd_extra, int fd_ssh)
++{
++#ifndef HAVE_W32_SYSTEM
++ if (chdir("/"))
++ {
++ log_error ("chdir to / failed: %s\n", strerror (errno));
++ exit (1);
++ }
++
++ {
++ struct sigaction sa;
++
++ sa.sa_handler = SIG_IGN;
++ sigemptyset (&sa.sa_mask);
++ sa.sa_flags = 0;
++ sigaction (SIGPIPE, &sa, NULL);
++ }
++#endif /*!HAVE_W32_SYSTEM*/
++
++ log_info ("%s %s started\n", strusage(11), strusage(13) );
++ handle_connections (fd, fd_extra, fd_ssh);
++ assuan_sock_close (fd);
++}
+
+ /* The main entry point. */
+ int
+@@ -643,6 +672,8 @@
+ int default_config =1;
+ int pipe_server = 0;
+ int is_daemon = 0;
++ int fd_agent = GNUPG_INVALID_FD;
++ int fd_ssh_agent = GNUPG_INVALID_FD;
+ int nodetach = 0;
+ int csh_style = 0;
+ char *logfile = NULL;
+@@ -850,6 +881,8 @@
+ case oSh: csh_style = 0; break;
+ case oServer: pipe_server = 1; break;
+ case oDaemon: is_daemon = 1; break;
++ case oAgentFD: fd_agent = pargs.r.ret_int; break;
++ case oSSHAgentFD: fd_ssh_agent = pargs.r.ret_int; break;
+
+ case oDisplay: default_display = xstrdup (pargs.r.ret_str); break;
+ case oTTYname: default_ttyname = xstrdup (pargs.r.ret_str); break;
+@@ -940,7 +973,8 @@
+ bind_textdomain_codeset (PACKAGE_GT, "UTF-8");
+ #endif
+
+- if (!pipe_server && !is_daemon && !gpgconf_list)
++ if (!pipe_server && !is_daemon && !gpgconf_list &&
++ fd_agent == GNUPG_INVALID_FD)
+ {
+ /* We have been called without any options and thus we merely
+ check whether an agent is already running. We do this right
+@@ -1090,6 +1124,10 @@
+ agent_deinit_default_ctrl (ctrl);
+ xfree (ctrl);
+ }
++ else if (fd_agent != GNUPG_INVALID_FD)
++ {
++ handle_agent_socks(fd_agent, GNUPG_INVALID_FD, fd_ssh_agent);
++ }
+ else if (!is_daemon)
+ ; /* NOTREACHED */
+ else
+@@ -1287,26 +1325,8 @@
+ log_set_prefix (NULL, oldflags | JNLIB_LOG_RUN_DETACHED);
+ opt.running_detached = 1;
+ }
+-
+- if (chdir("/"))
+- {
+- log_error ("chdir to / failed: %s\n", strerror (errno));
+- exit (1);
+- }
+-
+- {
+- struct sigaction sa;
+-
+- sa.sa_handler = SIG_IGN;
+- sigemptyset (&sa.sa_mask);
+- sa.sa_flags = 0;
+- sigaction (SIGPIPE, &sa, NULL);
+- }
+-#endif /*!HAVE_W32_SYSTEM*/
+-
+- log_info ("%s %s started\n", strusage(11), strusage(13) );
+- handle_connections (fd, fd_extra, fd_ssh);
+- assuan_sock_close (fd);
++#endif /*!HAVE_W32_SYSTEM*/
++ handle_agent_socks(fd, fd_extra, fd_ssh);
+ }
+
+ return 0;
+diff -Naur gnupg-2.1.1-upstream/doc/gpg-agent.texi gnupg-2.1.1/doc/gpg-agent.texi
+--- gnupg-2.1.1-upstream/doc/gpg-agent.texi 2014-12-05 09:56:37.000000000 -0430
++++ gnupg-2.1.1/doc/gpg-agent.texi 2014-12-23 16:26:38.366391186 -0430
+@@ -43,7 +43,15 @@
+ .IR file ]
+ .RI [ options ]
+ .B \-\-daemon
+-.RI [ command_line ]
++.br
++.B gpg-agent
++.RB [ \-\-homedir
++.IR dir ]
++.RB [ \-\-options
++.IR file ]
++.RI [ options ]
++.B \-\-agent-fd
++.IR fd
+ @end ifset
+
+ @mansect description
+@@ -186,6 +194,11 @@
+ a new process as a child of gpg-agent: @code{gpg-agent --daemon
+ /bin/sh}. This way you get a new shell with the environment setup
+ properly; if you exit from this shell, gpg-agent terminates as well.
++
++@item --agent-fd @var{fd}
++@opindex agent-fd
++Start the gpg-agent using @var{fd} as the listening socket. This is useful for
++socket activation a la systemd and launchd.
+ @end table
+
+ @mansect options
+@@ -545,6 +558,12 @@
+ remote machine.
+
+
++@item --ssh-agent-fd @var{fd}
++@opindex ssh-agent-fd
++
++When starting the agent with @option{--agent-fd}, use this to pass in a socket
++to be used for the OpenSSH agent protocol.
++
+ @anchor{option --enable-ssh-support}
+ @item --enable-ssh-support
+ @opindex enable-ssh-support
--
2.1.4
_______________________________________________
nix-dev mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-dev
