Commit d75f2d39 authored by Peter Pentchev's avatar Peter Pentchev

New upstream version 2.8.4

parent d774eefe
/keychain /keychain.1.orig
/keychain.1 .idea/
/keychain.spec keychain.iml
/keychain.txt
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# #
# Copyright 2002-2006 Gentoo Foundation http://www.gentoo.org/ # Copyright 2002-2006 Gentoo Foundation http://www.gentoo.org/
# Copyright 2007 Aron Griffis <agriffis@n01se.net> # Copyright 2007 Aron Griffis <agriffis@n01se.net>
# Copyright 2009-2015 Funtoo Solutions, Inc. # Copyright 2009-2017 Funtoo Solutions, Inc.
# lockfile() Copyright 2009 Parallels, Inc. # lockfile() Copyright 2009 Parallels, Inc.
# Distributed under the GNU General Public License version 2 # Distributed under the GNU General Public License version 2
...@@ -10,7 +10,16 @@ ...@@ -10,7 +10,16 @@
# Originally authored by Daniel Robbins <drobbins@gentoo.org> # Originally authored by Daniel Robbins <drobbins@gentoo.org>
# Maintained August 2002 - April 2003 by Seth Chandler <sethbc@gentoo.org> # Maintained August 2002 - April 2003 by Seth Chandler <sethbc@gentoo.org>
# Maintained and rewritten April 2004 - July 2007 by Aron Griffis <agriffis@n01se.net> # Maintained and rewritten April 2004 - July 2007 by Aron Griffis <agriffis@n01se.net>
# Maintained July 2009 - present by Daniel Robbins <drobbins@funtoo.org> # Maintained July 2009 - September 2017 by Daniel Robbins <drobbins@funtoo.org>
# Maintained September 2017 - present by Ryan Harris <x48rph@gmail.com>
* keychain 2.8.4 (19 Oct 2017)
Summary: Support to GPG2 (Ryan Harris)
Support busybox ps (Alastair Hughes)
Various optimizations
* keychain 2.8.3 (24 Jun 2016) * keychain 2.8.3 (24 Jun 2016)
...@@ -122,7 +131,7 @@ ...@@ -122,7 +131,7 @@
29 Sep 2009; Daniel Robbins <drobbins@funtoo.org>: disable "Identity added" 29 Sep 2009; Daniel Robbins <drobbins@funtoo.org>: disable "Identity added"
messages when --quiet is specified (Gentoo bug #250328, thanks to Richard messages when --quiet is specified (Gentoo bug #250328, thanks to Richard
Laager,) --help will print output to stdout (Gentoo bug #196060, thanks to Laager,) --help will print output to stdout (Gentoo bug #196060, thanks to
Elan Ruusamäe,) output cleanup and colorization changes - moving away from Elan Ruusame,) output cleanup and colorization changes - moving away from
blue and over to cyan as it displays better terminals with black background. blue and over to cyan as it displays better terminals with black background.
Also some additional colorization. Version bump to 2.6.10. Also some additional colorization. Version bump to 2.6.10.
......
Introduction to Keychain IMPORTANT - GitHub Contributors
===============================
Please apply your patches to `keychain.sh`, *not* the generated `keychain`
script, which we are now including in the git repo to facilitate the
distribution of release archives direct from GitHub. The file `keychain` and
related generated file (man pages, spec file) may be out-of-date during active
development. We will regenerate them for official release archives only (those
tagged with the release version.) Thanks!
Please submit Introduction to Keychain
======================== ========================
**Official documentation for Keychain can be found on [the official Keychain **Official documentation for Keychain can be found on [the official Keychain
...@@ -15,3 +25,4 @@ time your local machine is rebooted. `Keychain` also makes it easy for remote ...@@ -15,3 +25,4 @@ time your local machine is rebooted. `Keychain` also makes it easy for remote
cron jobs to securely "hook in" to a long running `ssh-agent` process, cron jobs to securely "hook in" to a long running `ssh-agent` process,
allowing your scripts to take advantage of key-based logins. allowing your scripts to take advantage of key-based logins.
This diff is collapsed.
This diff is collapsed.
...@@ -4,7 +4,7 @@ keychain - re-use ssh-agent and/or gpg-agent between logins ...@@ -4,7 +4,7 @@ keychain - re-use ssh-agent and/or gpg-agent between logins
=head1 SYNOPSIS =head1 SYNOPSIS
S<keychain [ -hklQqV ] [ --clear --confhost --help --ignore-missing --list --noask> S<keychain [ -hklQqV ] [ --clear --confhost --gpg2 --help --ignore-missing --list --noask>
S<--nocolor --nogui --nolock --quick --quiet --version ]> S<--nocolor --nogui --nolock --quick --quiet --version ]>
S<[ --agents I<list> ] [ --attempts I<num> ] [ --dir I<dirname> ]> S<[ --agents I<list> ] [ --attempts I<num> ] [ --dir I<dirname> ]>
S<[ --host I<name> ] [ --lockwait I<seconds> ]> S<[ --host I<name> ] [ --lockwait I<seconds> ]>
...@@ -118,6 +118,11 @@ alternatively ~/.keychain/env. The purpose of this file is to ...@@ -118,6 +118,11 @@ alternatively ~/.keychain/env. The purpose of this file is to
override settings such as PATH, in case ssh is stored in override settings such as PATH, in case ssh is stored in
a non-standard place. a non-standard place.
=item B<--gpg2>
This option changes the default gpg calls to use gpg2 instead to support
distributions such as Ubuntu which has both gpg and gpg2
=item B<-h --help> =item B<-h --help>
Show help that looks remarkably like this man-page. As of 2.6.10, Show help that looks remarkably like this man-page. As of 2.6.10,
...@@ -171,6 +176,10 @@ want the older behavior. ...@@ -171,6 +176,10 @@ want the older behavior.
List signatures of all active SSH keys, and exit, similar to "ssh-add -l". List signatures of all active SSH keys, and exit, similar to "ssh-add -l".
=item B<-L --list-fp>
List fingerprints of all active SSH keys, and exit, similar to "ssh-add -L".
=item B<--lockwait> I<seconds> =item B<--lockwait> I<seconds>
How long to wait for the lock to become available. Defaults to 5 How long to wait for the lock to become available. Defaults to 5
......
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
# Copyright 1999-2005 Gentoo Foundation # Copyright 1999-2005 Gentoo Foundation
# Copyright 2007 Aron Griffis <agriffis@n01se.net> # Copyright 2007 Aron Griffis <agriffis@n01se.net>
# Copyright 2009-2016 Funtoo Solutions, Inc. # Copyright 2009-2017 Funtoo Solutions, Inc.
# lockfile() Copyright 2009 Parallels, Inc. # lockfile() Copyright 2009 Parallels, Inc.
# Distributed under the terms of the GNU General Public License v2 # Distributed under the terms of the GNU General Public License v2
...@@ -10,13 +10,14 @@ ...@@ -10,13 +10,14 @@
# Originally authored by Daniel Robbins <drobbins@gentoo.org> # Originally authored by Daniel Robbins <drobbins@gentoo.org>
# Maintained August 2002 - April 2003 by Seth Chandler <sethbc@gentoo.org> # Maintained August 2002 - April 2003 by Seth Chandler <sethbc@gentoo.org>
# Maintained and rewritten April 2004 - July 2007 by Aron Griffis <agriffis@n01se.net> # Maintained and rewritten April 2004 - July 2007 by Aron Griffis <agriffis@n01se.net>
# Maintained July 2009 - present by Daniel Robbins <drobbins@funtoo.org> # Maintained July 2009 - Sept 2017 by Daniel Robbins <drobbins@funtoo.org>
# Maintained September 2017 - present by Ryan Harris <x48rph@gmail.com>
version=##VERSION## version=##VERSION##
PATH="${PATH:-/usr/bin:/bin:/sbin:/usr/sbin:/usr/ucb}" PATH="${PATH:-/usr/bin:/bin:/sbin:/usr/sbin:/usr/ucb}"
maintainer="drobbins@funtoo.org" maintainer="x48rph@gmail.com"
unset mesglog unset mesglog
unset myaction unset myaction
unset agentsopt unset agentsopt
...@@ -53,6 +54,7 @@ absoluteopt=false ...@@ -53,6 +54,7 @@ absoluteopt=false
systemdopt=false systemdopt=false
unset ssh_confirm unset ssh_confirm
unset GREP_OPTIONS unset GREP_OPTIONS
gpg_prog_name="gpg"
BLUE="" BLUE=""
CYAN="" CYAN=""
...@@ -111,7 +113,7 @@ versinfo() { ...@@ -111,7 +113,7 @@ versinfo() {
qprint qprint
qprint " Copyright ${CYANN}2002-2006${OFF} Gentoo Foundation;" qprint " Copyright ${CYANN}2002-2006${OFF} Gentoo Foundation;"
qprint " Copyright ${CYANN}2007${OFF} Aron Griffis;" qprint " Copyright ${CYANN}2007${OFF} Aron Griffis;"
qprint " Copyright ${CYANN}2009-2015${OFF} Funtoo Solutions, Inc;" qprint " Copyright ${CYANN}2009-2017${OFF} Funtoo Solutions, Inc;"
qprint " lockfile() Copyright ${CYANN}2009${OFF} Parallels, Inc." qprint " lockfile() Copyright ${CYANN}2009${OFF} Parallels, Inc."
qprint qprint
qprint " Keychain is free software: you can redistribute it and/or modify" qprint " Keychain is free software: you can redistribute it and/or modify"
...@@ -145,8 +147,8 @@ testssh() { ...@@ -145,8 +147,8 @@ testssh() {
# synopsis: getuser # synopsis: getuser
# Set the global string $me # Set the global string $me
getuser() { getuser() {
# whoami gives euid, which might be different from USER or LOGNAME # id -un gives euid, which might be different from USER or LOGNAME
me=$(whoami) || die "Who are you? whoami doesn't know..." me=$(id -un) || die "Who are you? id -un doesn't know..."
} }
# synopsis: getos # synopsis: getos
...@@ -256,6 +258,7 @@ findpids() { ...@@ -256,6 +258,7 @@ findpids() {
if [ -z "$fp_psout" ]; then if [ -z "$fp_psout" ]; then
fp_psout=$(UNIX95=1 ps -u $me -o pid,comm 2>/dev/null | grep '^ *[0-9]') fp_psout=$(UNIX95=1 ps -u $me -o pid,comm 2>/dev/null | grep '^ *[0-9]')
[ -z "$fp_psout" ] && fp_psout=$(ps x 2>/dev/null) [ -z "$fp_psout" ] && fp_psout=$(ps x 2>/dev/null)
[ -z "$fp_psout" ] && fp_psout=$(ps w 2>/dev/null) # Busybox syntax
fi fi
# Return the list of pids; ignore case for Cygwin. # Return the list of pids; ignore case for Cygwin.
...@@ -374,7 +377,7 @@ inheritagents() { ...@@ -374,7 +377,7 @@ inheritagents() {
inherit_gpg_agent_pid=$(echo "$GPG_AGENT_INFO" | cut -f2 -d:) inherit_gpg_agent_pid=$(echo "$GPG_AGENT_INFO" | cut -f2 -d:)
# GnuPG v.2.1+ removes $GPG_AGENT_INFO # GnuPG v.2.1+ removes $GPG_AGENT_INFO
elif [ -S "${GNUPGHOME:=$HOME/.gnupg}/S.gpg-agent" ]; then elif [ -S "${GNUPGHOME:=$HOME/.gnupg}/S.gpg-agent" ]; then
inherit_gpg_agent_pid=$(findpids gpg) inherit_gpg_agent_pid=$(findpids "${gpg_prog_name}")
inherit_gpg_agent_info="$GNUPGHOME/S.gpg-agent:${inherit_gpg_agent_pid}:1" inherit_gpg_agent_info="$GNUPGHOME/S.gpg-agent:${inherit_gpg_agent_pid}:1"
fi fi
fi fi
...@@ -602,7 +605,8 @@ startagent() { ...@@ -602,7 +605,8 @@ startagent() {
start_out=$(ssh-agent ${ssh_timeout}) start_out=$(ssh-agent ${ssh_timeout})
elif [ "$start_prog" = gpg ]; then elif [ "$start_prog" = gpg ]; then
if [ -n "${timeout}" ]; then if [ -n "${timeout}" ]; then
start_gpg_timeout="--default-cache-ttl $(expr $timeout \* 60)" gpg_cache_ttl="$(expr $timeout \* 60)"
start_gpg_timeout="--default-cache-ttl $gpg_cache_ttl --max-cache-ttl $gpg_cache_ttl"
else else
unset start_gpg_timeout unset start_gpg_timeout
fi fi
...@@ -632,7 +636,7 @@ SSH2_AGENT_PID=$inherit_ssh2_agent_pid; export SSH2_AGENT_PID;" ...@@ -632,7 +636,7 @@ SSH2_AGENT_PID=$inherit_ssh2_agent_pid; export SSH2_AGENT_PID;"
SSH2_AGENT_PID=$inherit_ssh2_agent_pid; export SSH2_AGENT_PID;" SSH2_AGENT_PID=$inherit_ssh2_agent_pid; export SSH2_AGENT_PID;"
fi fi
elif [ "$start_prog" = gpg -a -n "$inherit_gpg_agent_info" ]; then elif [ "$start_prog" = "${gpg_prog_name}" -a -n "$inherit_gpg_agent_info" ]; then
start_out="GPG_AGENT_INFO=$inherit_gpg_agent_info; export GPG_AGENT_INFO;" start_out="GPG_AGENT_INFO=$inherit_gpg_agent_info; export GPG_AGENT_INFO;"
else else
...@@ -775,8 +779,9 @@ ssh_f() { ...@@ -775,8 +779,9 @@ ssh_f() {
fi fi
lsf_filename=$(echo "$sf_filename" | sed 's/\.[^\.]*$//').pub lsf_filename=$(echo "$sf_filename" | sed 's/\.[^\.]*$//').pub
if [ ! -f "$lsf_filename" ]; then if [ ! -f "$lsf_filename" ]; then
warn "Cannot find public key for $1." warn "Cannot find public key for $sf_filename."
return 1 basename "$sf_filename"
return 0
fi fi
fi fi
sf_fing=$(ssh-keygen -l -f "$lsf_filename") || return 1 sf_fing=$(ssh-keygen -l -f "$lsf_filename") || return 1
...@@ -808,7 +813,7 @@ gpg_listmissing() { ...@@ -808,7 +813,7 @@ gpg_listmissing() {
for glm_k in "$@"; do for glm_k in "$@"; do
# Check if this key is known to the agent. Don't know another way... # Check if this key is known to the agent. Don't know another way...
if echo | env -i GPG_TTY="$GPG_TTY" PATH="$PATH" GPG_AGENT_INFO="$GPG_AGENT_INFO" \ if echo | env -i GPG_TTY="$GPG_TTY" PATH="$PATH" GPG_AGENT_INFO="$GPG_AGENT_INFO" \
gpg --no-options --use-agent --no-tty --sign --local-user "$glm_k" -o- >/dev/null 2>&1; then "${gpg_prog_name}" --no-options --use-agent --no-tty --sign --local-user "$glm_k" -o- >/dev/null 2>&1; then
# already know about this key # already know about this key
mesg "Known gpg key: ${CYANN}${glm_k}${OFF}" mesg "Known gpg key: ${CYANN}${glm_k}${OFF}"
continue continue
...@@ -911,7 +916,7 @@ parse_mykeys() { ...@@ -911,7 +916,7 @@ parse_mykeys() {
# Check for gpg # Check for gpg
if wantagent gpg; then if wantagent gpg; then
gpg --list-secret-keys "$pm_k" >/dev/null 2>&1 "${gpg_prog_name}" --list-secret-keys "$pm_k" >/dev/null 2>&1
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
add_gpgkey "$pm_k" ; continue add_gpgkey "$pm_k" ; continue
fi fi
...@@ -1067,7 +1072,11 @@ while [ -n "$1" ]; do ...@@ -1067,7 +1072,11 @@ while [ -n "$1" ]; do
evalopt=true evalopt=true
;; ;;
--list|-l) --list|-l)
setaction list ssh-add -l
quietopt=true
;;
--list-fp|-L)
ssh-add -L
quietopt=true quietopt=true
;; ;;
--query) --query)
...@@ -1140,6 +1149,9 @@ while [ -n "$1" ]; do ...@@ -1140,6 +1149,9 @@ while [ -n "$1" ]; do
--systemd) --systemd)
systemdopt=true systemdopt=true
;; ;;
--gpg2)
gpg_prog_name="gpg2"
;;
--) --)
shift shift
IFS=" IFS="
...@@ -1266,7 +1278,7 @@ if $quickopt; then ...@@ -1266,7 +1278,7 @@ if $quickopt; then
elif [ $a = gpg ]; then elif [ $a = gpg ]; then
# not much way to be quick on this # not much way to be quick on this
if [ -n "$gpg_agent_pid" ]; then if [ -n "$gpg_agent_pid" ]; then
case " $(findpids gpg) " in case " $(findpids "${gpg_prog_name}") " in
*" $gpg_agent_pid "*) *" $gpg_agent_pid "*)
mesg "Found existing gpg-agent: ${CYANN}$gpg_agent_pid${OFF}" mesg "Found existing gpg-agent: ${CYANN}$gpg_agent_pid${OFF}"
needstart=false ;; needstart=false ;;
...@@ -1459,7 +1471,7 @@ if wantagent gpg; then ...@@ -1459,7 +1471,7 @@ if wantagent gpg; then
for k in "$@"; do for k in "$@"; do
echo | env LC_ALL="$pinentry_lc_all" \ echo | env LC_ALL="$pinentry_lc_all" \
gpg --no-options --use-agent --no-tty --sign --local-user "$k" -o- >/dev/null 2>&1 "${gpg_prog_name}" --no-options --use-agent --no-tty --sign --local-user "$k" -o- >/dev/null 2>&1
[ $? != 0 ] && tryagain=true [ $? != 0 ] && tryagain=true
done done
$tryagain || break $tryagain || break
......
Name: keychain
Version: 2.8.4
Release: 1
Summary: agent manager for OpenSSH, ssh.com, Sun SSH, and GnuPG
Packager: Daniel Robbins <drobbins@funtoo.org>
URL: http://www.funtoo.org
Source0: %{name}-%{version}.tar.bz2
License: GPL v2
Group: Applications/Internet
BuildArch: noarch
Requires: /bin/sh sh-utils
Prefix: /usr/bin
BuildRoot: %{_tmppath}/%{name}-root
%description
Keychain is a manager for OpenSSH, ssh.com, Sun SSH and GnuPG agents.
It acts as a front-end to the agents, allowing you to easily have one
long-running agent process per system, rather than per login session.
This reduces the number of times you need to enter your passphrase
from once per new login session to once every time your local machine
is rebooted.
%prep
%setup -q
%build
%install
[ $RPM_BUILD_ROOT != / ] && rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/%{_bindir} $RPM_BUILD_ROOT/%{_mandir}/man1
install -m0755 keychain $RPM_BUILD_ROOT/%{_bindir}/keychain
install -m0644 keychain.1 $RPM_BUILD_ROOT/%{_mandir}/man1
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%{_bindir}/*
%doc %{_mandir}/*/*
%doc ChangeLog COPYING.txt keychain.pod README.md
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment