The loopback pinentry

Werner Koch wk at
Thu Apr 21 12:52:30 CEST 2016

On Thu, 21 Apr 2016 01:25, gniibe at said:

> Are there any things (options and the protocol) for gpg-agent to
> control/record the use of loopback mode for forwarded requests?

Forward mode (cia --extra-socket or --web-socket) do not allow the
loopback mode or any other pinentry mode.  The mode is selection using
an Assuan OPTION command and the handler starts this way:

  if (!strcmp (key, "agent-awareness"))
      /* The value is a version string telling us of which agent
         version the caller is aware of.  */
      ctrl->server_local->allow_fully_canceled =
        gnupg_compare_version (value, "2.1.0");
  else if (ctrl->restricted)
      err = gpg_error (GPG_ERR_FORBIDDEN);
  /* All options below are not allowed in restricted mode.  */

(RESTRICTED indicates a forwarded connection)

> If so, I think that change of the default would be OK.

Well, it is fortunately not applicable.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-devel mailing list