diff --git a/pinentry-auto b/pinentry-auto new file mode 100755 index 0000000..c587ca0 --- /dev/null +++ b/pinentry-auto @@ -0,0 +1,38 @@ +#!/bin/sh +# Choose between pinentry-tty and pinentry-x11 based on whether +# $PINENTRY_USER_DATA contains USE_TTY=1 +# +# Based on: +# https://kevinlocke.name/bits/2019/07/31/prefer-terminal-for-gpg-pinentry +# +# Note: Environment detection is difficult. +# - stdin is Assuan pipe, preventing tty checking +# - configuration info (e.g. ttyname) is passed via Assuan pipe, preventing +# parsing or fallback without implementing Assuan protocol. +# - environment is sanitized by atfork_cb in call-pinentry.c (removing $GPG_TTY) +# +# $PINENTRY_USER_DATA is preserved since 2.08 https://dev.gnupg.org/T799 +# +# Format of $PINENTRY_USER_DATA not specified (that I can find), pinentry-mac +# assumes comma-separated sequence of NAME=VALUE with no escaping mechanism +# https://github.com/GPGTools/pinentry-mac/blob/v0.9.4/Source/AppDelegate.m#L78 +# and recognizes USE_CURSES=1 for curses fallback +# https://github.com/GPGTools/pinentry-mac/pull/2 +# +# To the extent possible under law, Kevin Locke has +# waived all copyright and related or neighboring rights to this work +# under the terms of CC0: https://creativecommons.org/publicdomain/zero/1.0/ + +set -xCeu + +# Use pinentry-tty if $PINENTRY_USER_DATA contains USE_TTY=1 +case "${PINENTRY_USER_DATA-}" in +*USE_TTY=1*) + # Note: Change to pinentry-curses if a Curses UI is preferred. + exec pinentry-tty "$@" + ;; +esac + +# Otherwise, use any X11 UI (configured by Debian Alternatives System) +# Note: Will fall back to curses if $DISPLAY is not available. +exec pinentry-qt5 "$@"