From 6163bbe87c489ac58c9c53d4b6c8df442b5c567b Mon Sep 17 00:00:00 2001
From: Richard Russon <rich@flatcap.org>
Date: Thu, 8 Jun 2017 22:29:30 +0100
Subject: [PATCH] Revert "Move setting of GPG_TTY to mutt_init(). (see #3948)"

This reverts commit 89ddfa61c180de00769f6e1798579ec80349a4eb.

This commit was created by upstream and then reverted citing possible
security problems leaking the GPG_TTY env var.
---
 init.c       | 15 ---------------
 ncrypt/pgp.c | 19 ++++++++++++++-----
 2 files changed, 14 insertions(+), 20 deletions(-)

diff --git a/init.c b/init.c
index 63226e696..3efebab3c 100644
--- a/init.c
+++ b/init.c
@@ -3924,7 +3924,6 @@ void mutt_init(int skip_sys_rc, struct List *commands)
   char *p, buffer[STRING];
   int need_pause = 0;
   struct Buffer err;
-  char *tty;
 
   mutt_buffer_init(&err);
   err.dsize = STRING;
@@ -4143,20 +4142,6 @@ void mutt_init(int skip_sys_rc, struct List *commands)
     unset_option(OPTSUSPEND);
 #endif
 
-  /* GPG_TTY is used by the ncurses pinentry program for GPG.  GPG is
-   * sometimes also used to decrypt passwords in programs launched by
-   * mutt, such as using msmtp as $sendmail, so we set it here as
-   * opposed to inside pgp.c
-   *
-   * We also call setenv() because send_msg() is not converted to use
-   * the mutt envlist.
-   */
-  if ((tty = ttyname(0)))
-  {
-    setenv("GPG_TTY", tty, 0);
-    mutt_envlist_set("GPG_TTY", tty, 0);
-  }
-
   mutt_init_history();
 
   /* RFC2368, "4. Unsafe headers"
diff --git a/ncrypt/pgp.c b/ncrypt/pgp.c
index 483702558..db85640fe 100644
--- a/ncrypt/pgp.c
+++ b/ncrypt/pgp.c
@@ -31,6 +31,7 @@
 #include <regex.h>
 #include <stdbool.h>
 #include <stdio.h>
+#include <stdlib.h>
 #include <string.h>
 #include <sys/stat.h>
 #include <time.h>
@@ -96,13 +97,21 @@ int pgp_valid_passphrase(void)
   return 0;
 }
 
-/* This function used to do more: check GPG_AGENT_INFO,
- * set GPG_TTY.  GPG_AGENT_INFO is no longer exported, and GPG_TTY
- * is now set in mutt_init().
- */
 bool pgp_use_gpg_agent(void)
 {
-  return option (OPTUSEGPGAGENT);
+  char *tty = NULL;
+
+  /* GnuPG 2.1 no longer exports GPG_AGENT_INFO */
+  if (!option(OPTUSEGPGAGENT))
+    return false;
+
+  if ((tty = ttyname(0)))
+  {
+    setenv("GPG_TTY", tty, 0);
+    mutt_envlist_set("GPG_TTY", tty, false);
+  }
+
+  return true;
 }
 
 static struct PgpKeyInfo *_pgp_parent(struct PgpKeyInfo *k)
-- 
2.40.0