gpg-agent retains YubiKey entries after card removal but resets the comment to "(none)". Treating those as valid keys causes auth to succeed against a ghost identity — skip them so the caller gets None and the missing-card error path fires correctly.
This commit is contained in:
@@ -103,6 +103,8 @@ def agent_find_key(selector: str | None = None) -> AgentKey | None:
|
|||||||
except Exception:
|
except Exception:
|
||||||
return None
|
return None
|
||||||
for key in keys:
|
for key in keys:
|
||||||
|
if key.comment == "(none)":
|
||||||
|
continue
|
||||||
if selector is None or selector in key.comment:
|
if selector is None or selector in key.comment:
|
||||||
return key
|
return key
|
||||||
return None
|
return None
|
||||||
|
|||||||
Reference in New Issue
Block a user