From 82df712d3c6cf643ca8ea02ab6e2cc8c576369f1 Mon Sep 17 00:00:00 2001 From: Toby Vincent Date: Mon, 18 Jul 2022 19:18:11 -0500 Subject: feat(wsl): further improve gpg ssh pageant --- wsl/.local/bin/socket-relay.sh | 36 +++++- wsl/.local/share/zsh-wsl/zsh-wsl.plugin.zsh | 167 +++++++++++----------------- 2 files changed, 99 insertions(+), 104 deletions(-) (limited to 'wsl') diff --git a/wsl/.local/bin/socket-relay.sh b/wsl/.local/bin/socket-relay.sh index 4859b37..dc6e177 100755 --- a/wsl/.local/bin/socket-relay.sh +++ b/wsl/.local/bin/socket-relay.sh @@ -1,12 +1,13 @@ #!/usr/bin/env sh set -e -OPTS=$(getopt -o hvs:a:x: --long help,verbose,sock:,args:,exec:,ssh,gpg,gpg-extra,discord -n 'javawrap' -- "$@") +OPTS=$(getopt -o hvs:a:x: --long help,verbose,sock:,args:,exec:,ssh,gpg,gpg-extra,gpg-ssh,gpg-browser,discord -n 'javawrap' -- "$@") eval set -- "$OPTS" -SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-$HOME/.ssh/agent.sock}" GPG_AGENT_SOCK="${GPG_AGENT_SOCK:-$HOME/.gnupg/S.gpg-agent}" +# SSH_AUTH_SOCK="${SSH_AUTH_SOCK:-$HOME/.ssh/agent.sock}" +SSH_AUTH_SOCK="$GPG_AGENT_SOCK.ssh" DISCORD_IPC_SOCK="${DISCORD_IPC_SOCK:-/var/run/discord-ipc-0}" PAGEANT="$HOME/.ssh/wsl2-ssh-pageant.exe" NPIPE="$(command -v npiperelay.exe)" @@ -132,8 +133,10 @@ verbose=false sock="" exec="" gpg=false +gpg_extra=false +gpg_ssh=false +gpg_browser=false ssh=false -extra=false discord=false v_stdout=/dev/null v_stderr=/dev/null @@ -178,7 +181,17 @@ while test $# -gt 0; do ;; --gpg-extra) gpg=true - extra=true + gpg_extra=true + shift + ;; + --gpg-ssh) + gpg=true + gpg_ssh=true + shift + ;; + --gpg-browser) + gpg=true + gpg_browser=true shift ;; --discord) @@ -210,7 +223,20 @@ elif $gpg; then need "gpg-connect-agent.exe" config_path="C\:/Users/$USER/AppData/Local/gnupg" - sock="${gpg_sock:-$GPG_AGENT_SOCK}$(if $extra; then echo ".extra"; fi)" + case ${1:-'start'} in + "$gpg_extra") + sock="${gpg_sock:-$GPG_AGENT_SOCK}.extra" + ;; + "$gpg_ssh") + sock="${gpg_sock:-$GPG_AGENT_SOCK}.ssh" + ;; + "$gpg_browser") + sock="${gpg_sock:-$GPG_AGENT_SOCK}.browser" + ;; + *) + sock="${gpg_sock:-$GPG_AGENT_SOCK}" + ;; + esac args="${gpg_args:-fork}" exec="${gpg_exec:-$PAGEANT --gpgConfigBasepath ${config_path} --gpg $(basename "$sock")}" elif $discord; then diff --git a/wsl/.local/share/zsh-wsl/zsh-wsl.plugin.zsh b/wsl/.local/share/zsh-wsl/zsh-wsl.plugin.zsh index a139535..e46fe67 100644 --- a/wsl/.local/share/zsh-wsl/zsh-wsl.plugin.zsh +++ b/wsl/.local/share/zsh-wsl/zsh-wsl.plugin.zsh @@ -1,17 +1,19 @@ -#!/usr/bin/env zsh +#!/bin/sh +# shellcheck disable=2155 # [ -n "${WSL_DISTRO_NAME+1}" ] || return 0 WINHOME="/mnt/c/Users/$USER" +# shellcheck disable=2164 [ "$PWD" = "$WINHOME" ] && cd mkdir -p /tmp/xdg -export DISPLAY=$(grep -m 1 nameserver /etc/resolv.conf | awk '{print $2}'):0 +export DISPLAY="$(grep -m 1 nameserver /etc/resolv.conf | awk '{print $2}')":0 export BROWSER=wslview export XDG_RUNTIME_DIR=/tmp/xdg -export SSH_AUTH_SOCK="$HOME/.ssh/agent.sock" export GPG_AGENT_SOCK="$HOME/.gnupg/S.gpg-agent" +export SSH_AUTH_SOCK="$GPG_AGENT_SOCK.ssh" export GPG_TTY="$(tty)" alias wsl=wsl.exe @@ -23,117 +25,84 @@ alias pip3.10="DISPLAY= pip3.10" alias pip="DISPLAY= pip3" wt() { - powershell.exe -NoProfile -c "wt $*" + powershell.exe -NoProfile -c "wt $*" } wsl_cmd_proxy() { - exe="$1" - shift # past exe - - cmd=" ${1}" - shift # past cmd - - args="" - while [[ $# -gt 0 ]]; do - case "$1" in - -*) - args+="${1} '${2}' " - shift - shift - ;; - *) - args+="'${1}'" - shift - ;; - esac - args+=" " - done - - powershell.exe -NoProfile -c 'cd $HOME;' "$exe" "$cmd" "$args" + exe="$1" + shift # past exe + + cmd=" ${1}" + shift # past cmd + + args="" + while [ $# -gt 0 ]; do + case "$1" in + -*) + args="$args${1} '${2}' " + shift + shift + ;; + *) + args="$args'${1}'" + shift + ;; + esac + args="$args " + done + + # shellcheck disable=2016 + powershell.exe -NoProfile -c 'cd $HOME;' "$exe" "$cmd" "$args" } winget() { wsl_cmd_proxy "winget.exe" "$@"; } scoop() { wsl_cmd_proxy "scoop" "$@"; } alacritty() { wsl_cmd_proxy "alacritty.exe" "$@"; } -pwsh() { alacritty --working-directory "c:\\Users\\${USER}" -e "pwsh.exe $@"; } - -gpg-init() ( - if ! ss -a | grep -q "$SSH_AUTH_SOCK"; then - rm -f "$SSH_AUTH_SOCK" - wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe" - if test -x "$wsl2_ssh_pageant_bin"; then - (setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin" >/dev/null 2>&1 &) - else - echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable." - fi - unset wsl2_ssh_pageant_bin - fi - - if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then - rm -rf "$GPG_AGENT_SOCK" - wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe" - config_path="C\:/Users/$USER/AppData/Local/gnupg" - if test -x "$wsl2_ssh_pageant_bin"; then - (setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin --gpgConfigBasepath ${config_path} --gpg S.gpg-agent" >/dev/null 2>&1 &) - else - echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable." - fi - unset wsl2_ssh_pageant_bin - fi - - if ! ss -a | grep -q "${GPG_AGENT_SOCK}.extra"; then - rm -rf "${GPG_AGENT_SOCK}.extra" - wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe" - config_path="C\:/Users/$USER/AppData/Local/gnupg" - if test -x "$wsl2_ssh_pageant_bin"; then - (setsid nohup socat UNIX-LISTEN:"${GPG_AGENT_SOCK}.extra,fork" EXEC:"$wsl2_ssh_pageant_bin --gpgConfigBasepath ${config_path} --gpg S.gpg-agent.extra" >/dev/null 2>&1 &) - else - echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable." - fi - unset wsl2_ssh_pageant_bin - fi +# pwsh() { alacritty --working-directory "c:\\Users\\${USER}" -e "pwsh.exe $@"; } + +gpg_init() ( + wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe" + config_path="C\:/Users/$USER/AppData/Local/gnupg" + + if ! test -x "$wsl2_ssh_pageant_bin"; then + echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable." + else + gpg-connect-agent.exe /bye >/dev/null 2>&1 + + if ! ss -a | grep -q "$SSH_AUTH_SOCK"; then + rm -f "$SSH_AUTH_SOCK" + (setsid nohup socat UNIX-LISTEN:"$SSH_AUTH_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin --gpgConfigBasepath ${config_path} -gpg S.gpg-agent.ssh" >/dev/null 2>&1 &) + fi + + if ! ss -a | grep -q "$GPG_AGENT_SOCK"; then + rm -rf "$GPG_AGENT_SOCK" + (setsid nohup socat UNIX-LISTEN:"$GPG_AGENT_SOCK,fork" EXEC:"$wsl2_ssh_pageant_bin -gpgConfigBasepath ${config_path} -gpg S.gpg-agent" >/dev/null 2>&1 &) + fi + + if ! ss -a | grep -q "${GPG_AGENT_SOCK}.extra"; then + rm -rf "${GPG_AGENT_SOCK}.extra" + (setsid nohup socat UNIX-LISTEN:"${GPG_AGENT_SOCK}.extra,fork" EXEC:"$wsl2_ssh_pageant_bin -gpgConfigBasepath ${config_path} -gpg S.gpg-agent.extra" >/dev/null 2>&1 &) + fi + fi + unset wsl2_ssh_pageant_bin ) -_start-pageant() { - # TODO: WIP - if ! ss -a | grep -q "${GPG_AGENT_SOCK}.extra"; then - rm -rf "${GPG_AGENT_SOCK}.extra" - wsl2_ssh_pageant_bin="$HOME/.ssh/wsl2-ssh-pageant.exe" - if test -x "$wsl2_ssh_pageant_bin"; then - (setsid nohup socat UNIX-LISTEN:"${GPG_AGENT_SOCK}.extra,fork" EXEC:"$wsl2_ssh_pageant_bin --gpg S.gpg-agent.extra" >/dev/null 2>&1 &) - else - echo >&2 "WARNING: $wsl2_ssh_pageant_bin is not executable." - fi - unset wsl2_ssh_pageant_bin - fi -} - # Reload -gpg-reset() { - # gpg-connect-agent.exe KILLAGENT /bye &>/dev/null - # - # rm -rf "$GPG_AGENT_SOCK" - # rm -rf "$GPG_AGENT_SOCK".extra - # pkill -f 'socat.*wsl2-ssh-pageant.exe' - # gpg-connect-agent.exe /bye &>/dev/null - # gpg-init - - socket-relay.sh stop --ssh - socket-relay.sh restart --gpg - socket-relay.sh --gpg-extra - socket-relay.sh --ssh +gpg_reset() { + gpg-connect-agent.exe KILLAGENT /bye >/dev/null 2>&1 + + rm -rfv "$GPG_AGENT_SOCK" + rm -rfv "$GPG_AGENT_SOCK.extra" + pkill -f 'socat.*wsl2-ssh-pageant.exe' + gpg-connect-agent.exe /bye >/dev/null 2>&1 + gpg_init } # Relearn card serial number -gpg-learn() { - gpg-connect-agent.exe "scd serialno" "learn --force" /bye +gpg_learn() { + gpg-connect-agent.exe "scd serialno" "learn --force" /bye } -# gpg-reset - -# socket-relay.sh stop --gpg -socket-relay.sh --gpg -socket-relay.sh --gpg-extra -socket-relay.sh --ssh +gpg_init unset -f _start-pageant -- cgit v1.2.3-70-g09d2