Properly close files opened by es_fopen.

Allow setting of an empty passphrase. Assorted W32 changes.
author: Werner Koch <wk@gnupg.org> 2007-07-16 11:53:47 +0200
committer: Werner Koch <wk@gnupg.org> 2007-07-16 11:53:47 +0200
commit: bce4ea798a87ee7f8f9ea3a930c3e53a321a8622 (patch)
tree: 0bc6721aca978df8abb44686daa5c81b98f6d69c /agent
parent: Translate all file descriptors received from assuan. (diff)
download: gnupg2-bce4ea798a87ee7f8f9ea3a930c3e53a321a8622.tar.xz
gnupg2-bce4ea798a87ee7f8f9ea3a930c3e53a321a8622.zip
3 files changed, 53 insertions, 15 deletions
diff --git a/agent/ChangeLog b/agent/ChangeLog
index e6f83eebd..ebac90850 100644
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@@ -1,3 +1,10 @@
+2007-07-13  Werner Koch  <wk@g10code.com>
+
+	* genkey.c (check_passphrase_constraints): Require a confirmation
+	for an empty passphrase.
+	(agent_genkey, agent_protect_and_store): No need to repeat an
+	empty passphrase.
+
 2007-07-05  Werner Koch  <wk@g10code.com>
 
 	* call-scd.c (struct inq_needpin_s): New.
@@ -89,7 +96,7 @@
 
 	* protect-tool.c (main) [W32]: Call pth_init.
 
-	* preset-passphrase.c (main) [W32]: Repalce the explicit Winsocket
+	* preset-passphrase.c (main) [W32]: Replace the explicit Winsocket
 	init by a call to pth_init.
 
 	* trustlist.c (initialize_module_trustlist): New.
diff --git a/agent/call-pinentry.c b/agent/call-pinentry.c
index 6d577ba02..ee01b4e15 100644
--- a/agent/call-pinentry.c
+++ b/agent/call-pinentry.c
@@ -206,12 +206,22 @@ start_pinentry (ctrl_t ctrl)
 
   if (opt.verbose)
     log_info ("starting a new PIN Entry\n");
-      
+
+#ifdef HAVE_W32_SYSTEM      
+  fflush (stdout);
+  fflush (stderr);
+#endif
   if (fflush (NULL))
     {
       gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
       log_error ("error flushing pending output: %s\n", strerror (errno));
+      /* At least Windows XP fails here with EBADF.  According to docs
+         and Wine an fflush(NULL) is the same as _flushall.  However
+         the Wime implementaion does not flush stdin,stdout and stderr
+         - see above.  Lets try to ignore the error. */
+#ifndef HAVE_W32_SYSTEM
       return unlock_pinentry (tmperr);
+#endif
     }
 
   if (!opt.pinentry_program || !*opt.pinentry_program)
diff --git a/agent/genkey.c b/agent/genkey.c
index 012675a7c..e160f453f 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -1,5 +1,5 @@
 /* pksign.c - Generate a keypair
- *	Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc.
+ *	Copyright (C) 2002, 2003, 2004, 2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -102,6 +102,20 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw)
         return err;
     }
 
+  if (!*pw)
+    {
+      const char *desc = _("You have not entered a passphrase - "
+                           "this is in general a bad idea!%0A"
+                           "Please confirm that you do not want to "
+                           "have any protection on your key.");
+      
+      err = agent_get_confirmation (ctrl, desc,
+                                    _("Yes, protection is not needed"),
+                                    _("Enter new passphrase"));
+      if (err)
+        return err;
+    }
+
   return 0;
 }
 
@@ -166,12 +180,15 @@ agent_genkey (ctrl_t ctrl, const char *keyparam, size_t keyparamlen,
             pi2->failed_tries = 0;
             goto next_try;
           }
-        rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
-        if (rc == -1)
-          { /* The re-entered one did not match and the user did not
-               hit cancel. */
-            initial_errtext = _("does not match - try again");
-            goto next_try;
+        if (pi->pin && *pi->pin)
+          {
+            rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
+            if (rc == -1)
+              { /* The re-entered one did not match and the user did not
+                   hit cancel. */
+                initial_errtext = _("does not match - try again");
+                goto next_try;
+              }
           }
       }
     if (rc)
@@ -284,12 +301,16 @@ agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey)
             pi2->failed_tries = 0;
             goto next_try;
           }
-        rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
-        if (rc == -1)
-          { /* The re-entered one did not match and the user did not
-               hit cancel. */
-            initial_errtext = _("does not match - try again");
-            goto next_try;
+        /* Unless the passphrase is empty, ask to confirm it.  */
+        if (pi->pin && *pi->pin)
+          {
+            rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
+            if (rc == -1)
+              { /* The re-entered one did not match and the user did not
+                   hit cancel. */
+                initial_errtext = _("does not match - try again");
+                goto next_try;
+              }
           }
       }
     if (rc)
author	Werner Koch <wk@gnupg.org>	2007-07-16 11:53:47 +0200
committer	Werner Koch <wk@gnupg.org>	2007-07-16 11:53:47 +0200
commit	bce4ea798a87ee7f8f9ea3a930c3e53a321a8622 (patch)
tree	0bc6721aca978df8abb44686daa5c81b98f6d69c /agent
parent	Translate all file descriptors received from assuan. (diff)
download	gnupg2-bce4ea798a87ee7f8f9ea3a930c3e53a321a8622.tar.xz gnupg2-bce4ea798a87ee7f8f9ea3a930c3e53a321a8622.zip