Allow toggling SSH Agent integration without restart

- use Q_GLOBAL_STATIC for singleton - move all configuration to SSHAgent class - various cleanups to agent code Fixes #1196
2025-07-23 06:50:58 -04:00 · 2020-01-28 20:46:23 +02:00 · 2020-01-28 20:46:23 +02:00 · 40ad211f3e
commit 40ad211f3e
parent cb6b0dde27
9 changed files with 127 additions and 75 deletions
--- a/src/sshagent/AgentSettingsWidget.cpp
+++ b/src/sshagent/AgentSettingsWidget.cpp
@ -33,8 +33,7 @@ AgentSettingsWidget::AgentSettingsWidget(QWidget* parent)
 #else
    m_ui->sshAuthSockWidget->setVisible(false);
 #endif
-    auto sshAgentEnabled = config()->get("SSHAgent", false).toBool();
-    m_ui->sshAuthSockMessageWidget->setVisible(sshAgentEnabled);
+    m_ui->sshAuthSockMessageWidget->setVisible(sshAgent()->isEnabled());
    m_ui->sshAuthSockMessageWidget->setCloseButtonVisible(false);
    m_ui->sshAuthSockMessageWidget->setAutoHideTimeout(-1);
 }
@ -45,20 +44,21 @@ AgentSettingsWidget::~AgentSettingsWidget()

 void AgentSettingsWidget::loadSettings()
 {
-    auto sshAgentEnabled = config()->get("SSHAgent", false).toBool();
+    auto sshAgentEnabled = sshAgent()->isEnabled();
+
    m_ui->enableSSHAgentCheckBox->setChecked(sshAgentEnabled);
 #ifdef Q_OS_WIN
-    m_ui->useOpenSSHCheckBox->setChecked(config()->get("SSHAgentOpenSSH", false).toBool());
+    m_ui->useOpenSSHCheckBox->setChecked(sshAgent()->useOpenSSH());
 #else
-    auto sshAuthSock = QProcessEnvironment::systemEnvironment().value("SSH_AUTH_SOCK");
-    auto sshAuthSockOverride = config()->get("SSHAuthSockOverride", "").toString();
+    auto sshAuthSock = sshAgent()->socketPath(false);
+    auto sshAuthSockOverride = sshAgent()->authSockOverride();
    m_ui->sshAuthSockLabel->setText(sshAuthSock.isEmpty() ? tr("(empty)") : sshAuthSock);
    m_ui->sshAuthSockOverrideEdit->setText(sshAuthSockOverride);
 #endif

-    if (sshAgentEnabled) {
-        m_ui->sshAuthSockMessageWidget->setVisible(true);
+    m_ui->sshAuthSockMessageWidget->setVisible(sshAgentEnabled);

+    if (sshAgentEnabled) {
 #ifndef Q_OS_WIN
        if (sshAuthSock.isEmpty() && sshAuthSockOverride.isEmpty()) {
            m_ui->sshAuthSockMessageWidget->showMessage(
@ -68,20 +68,21 @@ void AgentSettingsWidget::loadSettings()
            return;
        }
 #endif
-        if (SSHAgent::instance()->testConnection()) {
+        if (sshAgent()->testConnection()) {
            m_ui->sshAuthSockMessageWidget->showMessage(tr("SSH Agent connection is working!"),
                                                        MessageWidget::Positive);
        } else {
-            m_ui->sshAuthSockMessageWidget->showMessage(SSHAgent::instance()->errorString(), MessageWidget::Error);
+            m_ui->sshAuthSockMessageWidget->showMessage(sshAgent()->errorString(), MessageWidget::Error);
        }
    }
 }

 void AgentSettingsWidget::saveSettings()
 {
-    config()->set("SSHAgent", m_ui->enableSSHAgentCheckBox->isChecked());
-    config()->set("SSHAuthSockOverride", m_ui->sshAuthSockOverrideEdit->text());
+    auto sshAuthSockOverride = m_ui->sshAuthSockOverrideEdit->text();
+    sshAgent()->setAuthSockOverride(sshAuthSockOverride);
 #ifdef Q_OS_WIN
-    config()->set("SSHAgentOpenSSH", m_ui->useOpenSSHCheckBox->isChecked());
+    sshAgent()->setUseOpenSSH(m_ui->useOpenSSHCheckBox->isChecked());
 #endif
+    sshAgent()->setEnabled(m_ui->enableSSHAgentCheckBox->isChecked());
 }
--- a/src/sshagent/AgentSettingsWidget.ui
+++ b/src/sshagent/AgentSettingsWidget.ui
@ -26,7 +26,7 @@
   <item>
    <widget class="QCheckBox" name="enableSSHAgentCheckBox">
     <property name="text">
-      <string>Enable SSH Agent (requires restart)</string>
+      <string>Enable SSH Agent integration</string>
     </property>
    </widget>
   </item>
--- a/src/sshagent/SSHAgent.cpp
+++ b/src/sshagent/SSHAgent.cpp
@ -29,46 +29,72 @@
 #include <windows.h>
 #endif

-SSHAgent* SSHAgent::m_instance;
-
-SSHAgent::SSHAgent(QObject* parent)
-    : QObject(parent)
-{
-#ifndef Q_OS_WIN
-    m_socketPath = config()->get("SSHAuthSockOverride", "").toString();
-    if (m_socketPath.isEmpty()) {
-        m_socketPath = QProcessEnvironment::systemEnvironment().value("SSH_AUTH_SOCK");
-    }
-#else
-    m_socketPath = "\\\\.\\pipe\\openssh-ssh-agent";
-#endif
-}
+Q_GLOBAL_STATIC(SSHAgent, s_sshAgent);

 SSHAgent::~SSHAgent()
 {
-    auto it = m_addedKeys.begin();
-    while (it != m_addedKeys.end()) {
-        // Remove key if requested to remove on lock
-        if (it.value()) {
-            OpenSSHKey key = it.key();
-            removeIdentity(key);
-        }
-        it = m_addedKeys.erase(it);
-    }
+    removeAllIdentities();
 }

 SSHAgent* SSHAgent::instance()
 {
-    if (!m_instance) {
-        qFatal("Race condition: instance wanted before it was initialized, this is a bug.");
-    }
-
-    return m_instance;
+    return s_sshAgent;
 }

-void SSHAgent::init(QObject* parent)
+bool SSHAgent::isEnabled() const
 {
-    m_instance = new SSHAgent(parent);
+    return config()->get("SSHAgent").toBool();
+}
+
+void SSHAgent::setEnabled(bool enabled)
+{
+    if (isEnabled() && !enabled) {
+        removeAllIdentities();
+    }
+
+    config()->set("SSHAgent", enabled);
+}
+
+QString SSHAgent::authSockOverride() const
+{
+    return config()->get("SSHAuthSockOverride").toString();
+}
+
+void SSHAgent::setAuthSockOverride(QString& authSockOverride)
+{
+    config()->set("SSHAuthSockOverride", authSockOverride);
+}
+
+#ifdef Q_OS_WIN
+bool SSHAgent::useOpenSSH() const
+{
+    return config()->get("SSHAgentOpenSSH").toBool();
+}
+
+void SSHAgent::setUseOpenSSH(bool useOpenSSH)
+{
+    config()->set("SSHAgentOpenSSH", useOpenSSH);
+}
+#endif
+
+QString SSHAgent::socketPath(bool allowOverride = true) const
+{
+    QString socketPath;
+
+#ifndef Q_OS_WIN
+    if (allowOverride) {
+        socketPath = authSockOverride();
+    }
+
+    // if the overridden path is empty (no override set), default to environment
+    if (socketPath.isEmpty()) {
+        socketPath = QProcessEnvironment::systemEnvironment().value("SSH_AUTH_SOCK");
+    }
+#else
+    socketPath = "\\\\.\\pipe\\openssh-ssh-agent";
+#endif
+
+    return socketPath;
 }

 const QString SSHAgent::errorString() const
@ -79,12 +105,13 @@ const QString SSHAgent::errorString() const
 bool SSHAgent::isAgentRunning() const
 {
 #ifndef Q_OS_WIN
-    return !m_socketPath.isEmpty();
+    QFileInfo socketFileInfo(socketPath());
+    return !socketFileInfo.path().isEmpty() && socketFileInfo.exists();
 #else
-    if (!config()->get("SSHAgentOpenSSH").toBool()) {
+    if (!useOpenSSH()) {
        return (FindWindowA("Pageant", "Pageant") != nullptr);
    } else {
-        return WaitNamedPipe(m_socketPath.toLatin1().data(), 100);
+        return WaitNamedPipe(socketPath().toLatin1().data(), 100);
    }
 #endif
 }
@ -92,7 +119,7 @@ bool SSHAgent::isAgentRunning() const
 bool SSHAgent::sendMessage(const QByteArray& in, QByteArray& out)
 {
 #ifdef Q_OS_WIN
-    if (!config()->get("SSHAgentOpenSSH").toBool()) {
+    if (!useOpenSSH()) {
        return sendMessagePageant(in, out);
    }
 #endif
@ -100,7 +127,7 @@ bool SSHAgent::sendMessage(const QByteArray& in, QByteArray& out)
    QLocalSocket socket;
    BinaryStream stream(&socket);

-    socket.connectToServer(m_socketPath);
+    socket.connectToServer(socketPath());
    if (!socket.waitForConnected(500)) {
        m_error = tr("Agent connection failed.");
        return false;
@ -300,6 +327,22 @@ bool SSHAgent::removeIdentity(OpenSSHKey& key)
    return sendMessage(requestData, responseData);
 }

+/**
+ * Remove all identities known to this instance
+ */
+void SSHAgent::removeAllIdentities()
+{
+    auto it = m_addedKeys.begin();
+    while (it != m_addedKeys.end()) {
+        // Remove key if requested to remove on lock
+        if (it.value()) {
+            OpenSSHKey key = it.key();
+            removeIdentity(key);
+        }
+        it = m_addedKeys.erase(it);
+    }
+}
+
 /**
 * Change "remove identity on lock" setting for a key already added to the agent.
 * Will to nothing if the key has not been added to the agent.
--- a/src/sshagent/SSHAgent.h
+++ b/src/sshagent/SSHAgent.h
@ -32,14 +32,25 @@ class SSHAgent : public QObject
    Q_OBJECT

 public:
+    ~SSHAgent() override;
    static SSHAgent* instance();
-    static void init(QObject* parent);
+
+    bool isEnabled() const;
+    void setEnabled(bool enabled);
+    QString socketPath(bool allowOverride) const;
+    QString authSockOverride() const;
+    void setAuthSockOverride(QString& authSockOverride);
+#ifdef Q_OS_WIN
+    bool useOpenSSH() const;
+    void setUseOpenSSH(bool useOpenSSH);
+#endif

    const QString errorString() const;
    bool isAgentRunning() const;
    bool testConnection();
    bool addIdentity(OpenSSHKey& key, KeeAgentSettings& settings);
    bool removeIdentity(OpenSSHKey& key);
+    void removeAllIdentities();
    void setAutoRemoveOnLock(const OpenSSHKey& key, bool autoRemove);

 signals:
@ -60,18 +71,10 @@ private:
    const quint8 SSH_AGENT_CONSTRAIN_LIFETIME = 1;
    const quint8 SSH_AGENT_CONSTRAIN_CONFIRM = 2;

-    explicit SSHAgent(QObject* parent = nullptr);
-    ~SSHAgent();
-
    bool sendMessage(const QByteArray& in, QByteArray& out);
 #ifdef Q_OS_WIN
    bool sendMessagePageant(const QByteArray& in, QByteArray& out);
-#endif

-    static SSHAgent* m_instance;
-
-    QString m_socketPath;
-#ifdef Q_OS_WIN
    const quint32 AGENT_MAX_MSGLEN = 8192;
    const quint32 AGENT_COPYDATA_ID = 0x804e50ba;
 #endif
@ -80,4 +83,9 @@ private:
    QString m_error;
 };

+static inline SSHAgent* sshAgent()
+{
+    return SSHAgent::instance();
+}
+
 #endif // KEEPASSXC_SSHAGENT_H