kde-plasma/plasma-workspace: improve agent support in startup/shutdown scripts

This adds support for newer versions of GnuPG as well as using gpg-agent as the
ssh agent.

Big thanks to Kristian Fiskerstrand for detailing GnuPG's workings and review.

Gentoo-bug: 547544

Package-Manager: portage-2.3.0_rc1

2 files changed, 42 insertions, 13 deletions

diff --git a/kde-plasma/plasma-workspace/files/10-agent-shutdown.sh b/kde-plasma/plasma-workspace/files/10-agent-shutdown.sh
index fff8056df2..4bafd2e61c 100644
--- a/kde-plasma/plasma-workspace/files/10-agent-shutdown.sh
+++ b/kde-plasma/plasma-workspace/files/10-agent-shutdown.sh
@@ -1,13 +1,17 @@
 #!/bin/sh
 #
-# This file is executed at plasma shutdown.
+# This file is executed at Plasma shutdown.
 # Uncomment the following lines to kill the agents
 # that were started at session startup.
 
+# gnupg 2.0.x
 #if [ -n "${GPG_AGENT_INFO}" ]; then
-#  kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
+#	kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1
 #fi
 
+# gnupg 2.1.x
+#gpgconf --kill gpg-agent >/dev/null 2>&1
+
 #if [ -n "${SSH_AGENT_PID}" ]; then
-#  eval "$(ssh-agent -s -k)"
+#	eval "$(ssh-agent -s -k)"
 #fi
diff --git a/kde-plasma/plasma-workspace/files/10-agent-startup.sh b/kde-plasma/plasma-workspace/files/10-agent-startup.sh
index 03e017ac4e..e2c5018836 100644
--- a/kde-plasma/plasma-workspace/files/10-agent-startup.sh
+++ b/kde-plasma/plasma-workspace/files/10-agent-startup.sh
@@ -1,25 +1,50 @@
 # Agents startup file
 #
-# This file is sourced at plasma startup, so that
+# This file is sourced at Plasma startup, so that
 # the environment variables set here are available
 # throughout the session.
-
+#
 # Uncomment the following lines to start gpg-agent
-# and/or ssh-agent at plasma startup.
+# and/or ssh-agent at Plasma startup.
 # If you do so, do not forget to uncomment the respective
 # lines in PLASMADIR/shutdown/agent-shutdown.sh to
 # properly kill the agents when the session ends.
+#
+# If using gpg-agent for ssh instead of ssh-agent, a GUI pinentry program
+# must be selected either with eselect pinentry or adding an entry to
+# $HOME/.gnupg/gpg-agent.conf such as "pinentry-program /usr/bin/pinentry-qt4".
+#
+# pinentry-curses or pinentry-tty will not work because the agent started here
+# is in a different tty than where it is used, so the agent does not know where
+# to request the passphrase and fails.
 
-#if [ -x /usr/bin/gpg-agent ]; then
-#  eval "$(/usr/bin/gpg-agent --daemon)"
-#fi 
+#GPG_AGENT=true
+#SSH_AGENT=true
+#SSH_AGENT=gpg # use gpg-agent for ssh instead of ssh-agent
 
-#if [ -x /usr/bin/ssh-agent ]; then
-#  eval "$(/usr/bin/ssh-agent -s)"
-#fi
+if [ "${GPG_AGENT}" = true ]; then
+	if [ -x /usr/bin/gpgconf ]; then
+		gpgconf --launch gpg-agent >/dev/null 2>&1
+		if [ $? = 2 ]; then
+			eval "$(/usr/bin/gpg-agent --enable-ssh-support --daemon)"
+		fi
+	fi
+fi
+
+if [ "${SSH_AGENT}" = true ]; then
+	if [ -x /usr/bin/ssh-agent ]; then
+		eval "$(/usr/bin/ssh-agent -s)"
+	fi
+elif [ "${SSH_AGENT}" = gpg ] && [ "${GPG_AGENT}" = true ]; then
+	if [ -e /run/user/$(id -ru)/gnupg/S.gpg-agent.ssh ]; then
+		export SSH_AUTH_SOCK=/run/user/$(id -ru)/gnupg/S.gpg-agent.ssh
+	elif [ -e "${HOME}/.gnupg/S.gpg-agent.ssh" ]; then
+		export SSH_AUTH_SOCK=${HOME}/.gnupg/S.gpg-agent.ssh
+	fi
+fi
 
 # Uncomment the following lines to start rxvt-unicode which has the ability to
-# run multiple terminals in one single process, thus starting up faster and 
+# run multiple terminals in one single process, thus starting up faster and
 # saving resources.
 # The --opendisplay ensures that the daemon quits when the X server terminates,
 # therefore we don't need matching lines in agent-shutdown.sh.