From b7992726e6dee04e75d0255cf941126c48f447c1 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Sat, 25 Jan 2025 08:53:38 +0100 Subject: [PATCH 1/3] cli/agent: make configuration available for pinentry The pinentry module doesn't have access to the client configuration, and until now it didn't actually need it. We're about to introduce a new config option though that makes the pinentry binary configurable via the config file, which requires us to plumb through the configuration. Unfortunately, we cannot pass through the `config.Config` directly due to an import cycle between the "pinentry" and the "config" modules. The latter implements logic to unlock the vault, which uses pinentry under the hood to obtain the password. Work around this issue by introducing a `PinentryConfig` interface. For now this interface is still empty, but we'll enrich it in a subsequent commit so that it allows us to retrieve the pinentry binary name. This is split up into two steps so that we can separate the plumbing, namely passing the new argument at all callsites, from the actual changes. Signed-off-by: Patrick Steinhardt --- cli/agent/actions/browserbiometrics.go | 4 ++-- cli/agent/actions/getclicredentials.go | 2 +- cli/agent/actions/logins.go | 2 +- cli/agent/actions/vault.go | 4 ++-- cli/agent/bitwarden/auth.go | 4 ++-- cli/agent/bitwarden/twofactor/fido2twofactor.go | 2 +- cli/agent/bitwarden/twofactor/twofactor.go | 4 ++-- cli/agent/bitwarden/websocket.go | 2 +- cli/agent/config/config.go | 2 +- cli/agent/ssh/ssh.go | 2 +- cli/agent/systemauth/pinentry/pinentry.go | 7 +++++-- cli/agent/systemauth/systemauth.go | 6 +++--- 12 files changed, 22 insertions(+), 19 deletions(-) diff --git a/cli/agent/actions/browserbiometrics.go b/cli/agent/actions/browserbiometrics.go index 4b910b9..4b39c8c 100644 --- a/cli/agent/actions/browserbiometrics.go +++ b/cli/agent/actions/browserbiometrics.go @@ -40,7 +40,7 @@ func handleGetBiometricsKey(request messages.IPCMessage, cfg *config.Config, vau if !authenticated { // todo, skip when explicitly denied instead of error actionsLog.Info("Browser Biometrics: Biometrics not approved, asking for pin...") - pin, err := pinentry.GetPassword("Goldwarden", "Enter your pin to unlock your vault") + pin, err := pinentry.GetPassword(cfg, "Goldwarden", "Enter your pin to unlock your vault") if err == nil { authenticated = cfg.VerifyPin(pin) if !authenticated { @@ -66,7 +66,7 @@ func handleGetBiometricsKey(request messages.IPCMessage, cfg *config.Config, vau } actionsLog.Info("Browser Biometrics: Biometrics verified, asking for approval...") - if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access your vault encryption key for browser biometric unlock.", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName)); err != nil || !approved { + if approved, err := pinentry.GetApproval(cfg, "Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access your vault encryption key for browser biometric unlock.", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName)); err != nil || !approved { response, err = messages.IPCMessageFromPayload(messages.ActionResponse{ Success: false, Message: "not approved", diff --git a/cli/agent/actions/getclicredentials.go b/cli/agent/actions/getclicredentials.go index 01ce3d9..40b0a14 100644 --- a/cli/agent/actions/getclicredentials.go +++ b/cli/agent/actions/getclicredentials.go @@ -14,7 +14,7 @@ import ( func handleGetCliCredentials(request messages.IPCMessage, cfg *config.Config, vault *vault.Vault, ctx *sockets.CallingContext) (response messages.IPCMessage, err error) { req := messages.ParsePayload(request).(messages.GetCLICredentialsRequest) - if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access credentials for %s", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName, req.ApplicationName)); err != nil || !approved { + if approved, err := pinentry.GetApproval(cfg, "Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access credentials for %s", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName, req.ApplicationName)); err != nil || !approved { response, err = messages.IPCMessageFromPayload(messages.ActionResponse{ Success: false, Message: "not approved", diff --git a/cli/agent/actions/logins.go b/cli/agent/actions/logins.go index 4c7da83..217541b 100644 --- a/cli/agent/actions/logins.go +++ b/cli/agent/actions/logins.go @@ -75,7 +75,7 @@ func handleGetLoginCipher(request messages.IPCMessage, cfg *config.Config, vault } } - if approved, err := pinentry.GetApproval("Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access credentials for user %s on entry %s", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName, decryptedLogin.Username, decryptedLogin.Name)); err != nil || !approved { + if approved, err := pinentry.GetApproval(cfg, "Approve Credential Access", fmt.Sprintf("%s on %s>%s>%s is trying to access credentials for user %s on entry %s", ctx.UserName, ctx.GrandParentProcessName, ctx.ParentProcessName, ctx.ProcessName, decryptedLogin.Username, decryptedLogin.Name)); err != nil || !approved { response, err = messages.IPCMessageFromPayload(messages.ActionResponse{ Success: false, Message: "not approved", diff --git a/cli/agent/actions/vault.go b/cli/agent/actions/vault.go index a52db59..5fc6433 100644 --- a/cli/agent/actions/vault.go +++ b/cli/agent/actions/vault.go @@ -186,7 +186,7 @@ func handleUpdateVaultPin(request messages.IPCMessage, cfg *config.Config, vault if !authenticated { // todo, skip when explicitly denied instead of error actionsLog.Info("Browser Biometrics: Biometrics not approved, asking for pin...") - pin, err := pinentry.GetPassword("Goldwarden", "Enter your pin to unlock your vault") + pin, err := pinentry.GetPassword(cfg, "Goldwarden", "Enter your pin to unlock your vault") if err == nil { authenticated = cfg.VerifyPin(pin) if !authenticated { @@ -213,7 +213,7 @@ func handleUpdateVaultPin(request messages.IPCMessage, cfg *config.Config, vault } } - pin, err := pinentry.GetPassword("Pin Change", "Enter your desired pin") + pin, err := pinentry.GetPassword(cfg, "Pin Change", "Enter your desired pin") if err != nil { response, err = messages.IPCMessageFromPayload(messages.ActionResponse{ Success: false, diff --git a/cli/agent/bitwarden/auth.go b/cli/agent/bitwarden/auth.go index a7668a7..f13aba3 100644 --- a/cli/agent/bitwarden/auth.go +++ b/cli/agent/bitwarden/auth.go @@ -97,7 +97,7 @@ func LoginWithApiKey(ctx context.Context, email string, cfg *config.Config, vaul return LoginResponseToken{}, crypto.MasterKey{}, "", fmt.Errorf("could not login via API key: %v", err) } - password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password") + password, err := pinentry.GetPassword(cfg, "Bitwarden Password", "Enter your Bitwarden password") if err != nil { notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {}) return LoginResponseToken{}, crypto.MasterKey{}, "", err @@ -129,7 +129,7 @@ func LoginWithMasterpassword(ctx context.Context, email string, cfg *config.Conf var hashedPassword string fmt.Println("Getting password") - password, err := pinentry.GetPassword("Bitwarden Password", "Enter your Bitwarden password") + password, err := pinentry.GetPassword(cfg, "Bitwarden Password", "Enter your Bitwarden password") if err != nil { notify.Notify("Goldwarden", fmt.Sprintf("Could not get password: %v", err), "", 0, func() {}) return LoginResponseToken{}, crypto.MasterKey{}, "", err diff --git a/cli/agent/bitwarden/twofactor/fido2twofactor.go b/cli/agent/bitwarden/twofactor/fido2twofactor.go index b381c3c..c89efdd 100644 --- a/cli/agent/bitwarden/twofactor/fido2twofactor.go +++ b/cli/agent/bitwarden/twofactor/fido2twofactor.go @@ -77,7 +77,7 @@ func Fido2TwoFactor(challengeB64 string, credentials []string, config *config.Co var assertion *libfido2.Assertion if hasPin { - pin, err := pinentry.GetPassword("Fido2 PIN", "Enter your token's PIN") + pin, err := pinentry.GetPassword(config, "Fido2 PIN", "Enter your token's PIN") if err != nil { return "", err } diff --git a/cli/agent/bitwarden/twofactor/twofactor.go b/cli/agent/bitwarden/twofactor/twofactor.go index 37f971e..3836b8d 100644 --- a/cli/agent/bitwarden/twofactor/twofactor.go +++ b/cli/agent/bitwarden/twofactor/twofactor.go @@ -35,7 +35,7 @@ func PerformSecondFactor(resp *TwoFactorResponse, cfg *config.Config) (TwoFactor } } if _, isInMap := resp.TwoFactorProviders2[Authenticator]; isInMap { - token, err := pinentry.GetPassword("Authenticator Second Factor", "Enter your two-factor auth code") + token, err := pinentry.GetPassword(cfg, "Authenticator Second Factor", "Enter your two-factor auth code") if err != nil { twofactorLog.Error("Error during authenticator two-factor authentication: %s", err) } else { @@ -43,7 +43,7 @@ func PerformSecondFactor(resp *TwoFactorResponse, cfg *config.Config) (TwoFactor } } if _, isInMap := resp.TwoFactorProviders2[Email]; isInMap { - token, err := pinentry.GetPassword("Email Second Factor", "Enter your two-factor auth code") + token, err := pinentry.GetPassword(cfg, "Email Second Factor", "Enter your two-factor auth code") if err == nil { return Email, []byte(token), err } diff --git a/cli/agent/bitwarden/websocket.go b/cli/agent/bitwarden/websocket.go index f151c69..d28fa08 100644 --- a/cli/agent/bitwarden/websocket.go +++ b/cli/agent/bitwarden/websocket.go @@ -203,7 +203,7 @@ func connectToWebsocket(ctx context.Context, vault *vault.Vault, cfg *config.Con notify.Notify("Passwordless Login Request", authRequest.RequestIpAddress+" - "+authRequest.RequestDeviceType, "", 0, func() { var message = "Do you want to allow " + authRequest.RequestIpAddress + " (" + authRequest.RequestDeviceType + ") to login to your account?" - if approved, err := pinentry.GetApproval("Paswordless Login Request", message); err != nil || !approved { + if approved, err := pinentry.GetApproval(cfg, "Paswordless Login Request", message); err != nil || !approved { websocketLog.Info("AuthRequest denied") return } diff --git a/cli/agent/config/config.go b/cli/agent/config/config.go index 8eb3fce..bc244a2 100644 --- a/cli/agent/config/config.go +++ b/cli/agent/config/config.go @@ -577,7 +577,7 @@ func (cfg *Config) TryUnlock(vault *vault.Vault) error { pin = string(pinBytes) } else { var err error - pin, err = pinentry.GetPassword("Unlock Goldwarden", "Enter the vault PIN") + pin, err = pinentry.GetPassword(cfg, "Unlock Goldwarden", "Enter the vault PIN") if err != nil { return err } diff --git a/cli/agent/ssh/ssh.go b/cli/agent/ssh/ssh.go index e600186..6751364 100644 --- a/cli/agent/ssh/ssh.go +++ b/cli/agent/ssh/ssh.go @@ -140,7 +140,7 @@ func (vaultAgent vaultAgent) SignWithFlags(key ssh.PublicKey, data []byte, flags // todo refactor if !systemauth.GetSSHSession(vaultAgent.context) { - if approved, err := pinentry.GetApproval("SSH Key Signing Request", message); err != nil || !approved { + if approved, err := pinentry.GetApproval(vaultAgent.config, "SSH Key Signing Request", message); err != nil || !approved { log.Info("Sign Request for key: %s denied", sshKey.Name) return nil, errors.New("Approval not given") } diff --git a/cli/agent/systemauth/pinentry/pinentry.go b/cli/agent/systemauth/pinentry/pinentry.go index a2e0fa5..26df13e 100644 --- a/cli/agent/systemauth/pinentry/pinentry.go +++ b/cli/agent/systemauth/pinentry/pinentry.go @@ -15,6 +15,9 @@ type Pinentry struct { GetApproval func(title string, description string) (bool, error) } +type PinentryConfig interface { +} + var externalPinentry Pinentry = Pinentry{} func init() { @@ -32,7 +35,7 @@ func SetExternalPinentry(pinentry Pinentry) error { return nil } -func GetPassword(title string, description string) (string, error) { +func GetPassword(cfg PinentryConfig, title string, description string) (string, error) { password, err := getPassword(title, description) if err == nil { return password, nil @@ -45,7 +48,7 @@ func GetPassword(title string, description string) (string, error) { return password, err } -func GetApproval(title string, description string) (bool, error) { +func GetApproval(cfg PinentryConfig, title string, description string) (bool, error) { approval, err := getApproval(title, description) if err == nil { return approval, nil diff --git a/cli/agent/systemauth/systemauth.go b/cli/agent/systemauth/systemauth.go index 0f2964e..eea0dbd 100644 --- a/cli/agent/systemauth/systemauth.go +++ b/cli/agent/systemauth/systemauth.go @@ -97,7 +97,7 @@ func GetPermission(sessionType SessionType, ctx sockets.CallingContext, config * } } else { log.Warn("Biometrics is not available, asking for pin") - pin, err := pinentry.GetPassword("Enter PIN", "Biometrics is not available. Enter your pin to authorize this action. "+message) + pin, err := pinentry.GetPassword(config, "Enter PIN", "Biometrics is not available. Enter your pin to authorize this action. "+message) if err != nil { return false, err } @@ -119,14 +119,14 @@ func GetPermission(sessionType SessionType, ctx sockets.CallingContext, config * } // no session -func CheckBiometrics(callingContext *sockets.CallingContext, approvalType biometrics.Approval) bool { +func CheckBiometrics(callingContext *sockets.CallingContext, approvalType biometrics.Approval, cfg *config.Config) bool { var message = fmt.Sprintf("Do you want to grant %s>%s>%s one-time access your vault?", callingContext.GrandParentProcessName, callingContext.ParentProcessName, callingContext.ProcessName) var bioApproval = biometrics.CheckBiometrics(approvalType) if !bioApproval { return false } - approval, err := pinentry.GetApproval("Goldwarden authorization", message) + approval, err := pinentry.GetApproval(cfg, "Goldwarden authorization", message) if err != nil { log.Error(err.Error()) } From 40961a77035ec30eafb9dfa3b1837fa3e0a28522 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Sat, 25 Jan 2025 09:03:36 +0100 Subject: [PATCH 2/3] cli/agent: allow configuring pinentry binary The pinentry binary can currently only be configured via the GnuPG configuration. On the one hand this is quite awkward on systems where GnuPG isn't used at all, as the user is now asked to create a file that shouldn't have anything to do with Goldwarden in order to configure it. And on the other hand this isn't really discoverable and doesn't exactly follow the principle of least surprise. While it's nice that we try to honor a user's preexisting configuration, we should also provide a way to explicitly set the pinentry binary used by Goldwarden. This improves discoverability and also gives users more flexibility in case they want to use a different pinentry implementation for Goldwarden than for GnuPG, due to whatever reason. Implement a new "PinentryBinary" configuration key. If set, it takes precedence over the value derived from the GnuPG configuration and over the platform-specific "pinentry-mac" default that is used on Darwin. Signed-off-by: Patrick Steinhardt --- cli/agent/config/config.go | 5 +++++ cli/agent/systemauth/pinentry/go-pinentry.go | 14 ++++++++------ cli/agent/systemauth/pinentry/pinentry.go | 5 +++-- cli/agent/systemauth/pinentry/unimplemented.go | 4 ++-- 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/cli/agent/config/config.go b/cli/agent/config/config.go index bc244a2..3404551 100644 --- a/cli/agent/config/config.go +++ b/cli/agent/config/config.go @@ -62,6 +62,7 @@ type ConfigFile struct { EncryptedUserSymmetricKey string EncryptedMasterPasswordHash string EncryptedMasterKey string + PinentryBinary string RuntimeConfig RuntimeConfig `json:"-"` } @@ -116,6 +117,10 @@ func (c *Config) IsLoggedIn() bool { return c.ConfigFile.EncryptedMasterPasswordHash != "" } +func (c *Config) GetPinentryBinary() string { + return c.ConfigFile.PinentryBinary +} + func (c *Config) Unlock(password string) bool { c.mu.Lock() defer c.mu.Unlock() diff --git a/cli/agent/systemauth/pinentry/go-pinentry.go b/cli/agent/systemauth/pinentry/go-pinentry.go index 67b4d99..ccc6bf7 100644 --- a/cli/agent/systemauth/pinentry/go-pinentry.go +++ b/cli/agent/systemauth/pinentry/go-pinentry.go @@ -9,16 +9,18 @@ import ( "github.com/twpayne/go-pinentry" ) -func getBinaryClientOption() (clientOption pinentry.ClientOption) { +func getBinaryClientOption(cfg PinentryConfig) (clientOption pinentry.ClientOption) { binaryClientOption := pinentry.WithBinaryNameFromGnuPGAgentConf() - if runtime.GOOS == "darwin" { + if cfg.GetPinentryBinary() != "" { + binaryClientOption = pinentry.WithBinaryName(cfg.GetPinentryBinary()) + } else if runtime.GOOS == "darwin" { binaryClientOption = pinentry.WithBinaryName("pinentry-mac") } return binaryClientOption } -func getPassword(title string, description string) (string, error) { - binaryClientOption := getBinaryClientOption() +func getPassword(cfg PinentryConfig, title string, description string) (string, error) { + binaryClientOption := getBinaryClientOption(cfg) client, err := pinentry.NewClient( binaryClientOption, @@ -49,12 +51,12 @@ func getPassword(title string, description string) (string, error) { } } -func getApproval(title string, description string) (bool, error) { +func getApproval(cfg PinentryConfig, title string, description string) (bool, error) { if systemAuthDisabled { return true, nil } - binaryClientOption := getBinaryClientOption() + binaryClientOption := getBinaryClientOption(cfg) client, err := pinentry.NewClient( binaryClientOption, diff --git a/cli/agent/systemauth/pinentry/pinentry.go b/cli/agent/systemauth/pinentry/pinentry.go index 26df13e..80b1fbd 100644 --- a/cli/agent/systemauth/pinentry/pinentry.go +++ b/cli/agent/systemauth/pinentry/pinentry.go @@ -16,6 +16,7 @@ type Pinentry struct { } type PinentryConfig interface { + GetPinentryBinary() string } var externalPinentry Pinentry = Pinentry{} @@ -36,7 +37,7 @@ func SetExternalPinentry(pinentry Pinentry) error { } func GetPassword(cfg PinentryConfig, title string, description string) (string, error) { - password, err := getPassword(title, description) + password, err := getPassword(cfg, title, description) if err == nil { return password, nil } @@ -49,7 +50,7 @@ func GetPassword(cfg PinentryConfig, title string, description string) (string, } func GetApproval(cfg PinentryConfig, title string, description string) (bool, error) { - approval, err := getApproval(title, description) + approval, err := getApproval(cfg, title, description) if err == nil { return approval, nil } diff --git a/cli/agent/systemauth/pinentry/unimplemented.go b/cli/agent/systemauth/pinentry/unimplemented.go index a54a7fa..8604a15 100644 --- a/cli/agent/systemauth/pinentry/unimplemented.go +++ b/cli/agent/systemauth/pinentry/unimplemented.go @@ -4,12 +4,12 @@ package pinentry import "errors" -func getPassword(title string, description string) (string, error) { +func getPassword(cfg PinentryConfig, title string, description string) (string, error) { log.Info("Asking for password is not implemented on this platform") return "", errors.New("Not implemented") } -func getApproval(title string, description string) (bool, error) { +func getApproval(cfg PinentryConfig, title string, description string) (bool, error) { log.Info("Asking for approval is not implemented on this platform") return true, errors.New("Not implemented") } From 8ac0c4f59fc1fbe9fe816d2d21a92d842d23d5a7 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Sat, 25 Jan 2025 09:08:09 +0100 Subject: [PATCH 3/3] cli/cmd: add command to configure the pinentry binary Add a command to configure the pinentry binary via the IPC interface. Signed-off-by: Patrick Steinhardt --- cli/agent/actions/config.go | 18 ++++++++++++++++++ cli/cmd/config.go | 34 ++++++++++++++++++++++++++++++++++ cli/ipc/messages/config.go | 13 +++++++++++++ 3 files changed, 65 insertions(+) diff --git a/cli/agent/actions/config.go b/cli/agent/actions/config.go index 5a662f1..82b2aa3 100644 --- a/cli/agent/actions/config.go +++ b/cli/agent/actions/config.go @@ -75,6 +75,23 @@ func handleSetVaultURL(request messages.IPCMessage, cfg *config.Config, vault *v }) } +func handleSetPinentryBinary(request messages.IPCMessage, cfg *config.Config, vault *vault.Vault, ctx *sockets.CallingContext) (response messages.IPCMessage, err error) { + binary := messages.ParsePayload(request).(messages.SetPinentryBinaryRequest).Value + cfg.ConfigFile.PinentryBinary = binary + err = cfg.WriteConfig() + if err != nil { + return messages.IPCMessageFromPayload(messages.ActionResponse{ + Success: false, + Message: err.Error(), + }) + } + + return messages.IPCMessageFromPayload(messages.ActionResponse{ + Success: true, + }) +} + + type ConfigResponse struct { Version string `json:"version"` GitHash string `json:"gitHash"` @@ -201,6 +218,7 @@ func init() { AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.SetApiURLRequest{}), handleSetApiURL) AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.SetNotificationsURLRequest{}), handleSetNotifications) AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.SetVaultURLRequest{}), handleSetVaultURL) + AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.SetPinentryBinaryRequest{}), handleSetPinentryBinary) AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.SetURLsAutomaticallyRequest{}), handleSetURLsAutomatically) AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.GetConfigEnvironmentRequest{}), handleGetConfigEnvironment) AgentActionsRegistry.Register(messages.MessageTypeForEmptyPayload(messages.GetRuntimeConfigRequest{}), handleGetRuntimeConfig) diff --git a/cli/cmd/config.go b/cli/cmd/config.go index 13a07ef..e4db8dc 100644 --- a/cli/cmd/config.go +++ b/cli/cmd/config.go @@ -276,6 +276,39 @@ var setApiSecretCmd = &cobra.Command{ }, } +var setPinentryBinaryCmd = &cobra.Command{ + Use: "set-pinentry-binary", + Short: "Set the pinentry binary", + Long: `Set the pinentry binary.`, + Run: func(cmd *cobra.Command, args []string) { + if len(args) == 0 { + return + } + + binary := args[0] + request := messages.SetPinentryBinaryRequest{} + request.Value = binary + + result, err := commandClient.SendToAgent(request) + if err != nil { + handleSendToAgentError(err) + return + } + + switch result.(type) { + case messages.ActionResponse: + if result.(messages.ActionResponse).Success { + fmt.Println("Done") + } else { + fmt.Println("Setting vault url failed: " + result.(messages.ActionResponse).Message) + } + default: + fmt.Println("Wrong IPC response type") + } + + }, +} + var getRuntimeConfigCmd = &cobra.Command{ Use: "get-runtime-config", Short: "Get the runtime config", @@ -315,6 +348,7 @@ func init() { configCmd.AddCommand(setIdentityURLCmd) configCmd.AddCommand(setNotificationsURLCmd) configCmd.AddCommand(setVaultURLCmd) + configCmd.AddCommand(setPinentryBinaryCmd) configCmd.AddCommand(setURLsAutomaticallyCmd) configCmd.AddCommand(getEnvironmentCmd) configCmd.AddCommand(getRuntimeConfigCmd) diff --git a/cli/ipc/messages/config.go b/cli/ipc/messages/config.go index f4a1ab6..9a3aab9 100644 --- a/cli/ipc/messages/config.go +++ b/cli/ipc/messages/config.go @@ -22,6 +22,10 @@ type SetURLsAutomaticallyRequest struct { Value string } +type SetPinentryBinaryRequest struct { + Value string +} + type GetConfigEnvironmentRequest struct { } @@ -121,6 +125,15 @@ func init() { return req, nil }, SetVaultURLRequest{}) + registerPayloadParser(func(payload []byte) (interface{}, error) { + var req SetPinentryBinaryRequest + err := json.Unmarshal(payload, &req) + if err != nil { + panic("Unmarshal: " + err.Error()) + } + return req, nil + }, SetPinentryBinaryRequest{}) + registerPayloadParser(func(payload []byte) (interface{}, error) { var req SetURLsAutomaticallyRequest err := json.Unmarshal(payload, &req)