agent: Only one confirmation prompt for an empty passphrase.

* agent/genkey.c (check_passphrase_constraints): Moev empty passphrase check to the front.
2014-07-23 19:16:51 +02:00 · 2014-07-23 19:16:51 +02:00 · a24510d53b
parent ea186540db
commit a24510d53b
1 changed files with 19 additions and 21 deletions
--- a/agent/genkey.c
+++ b/agent/genkey.c
@ -186,6 +186,24 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
  if (!pw)
    pw = "";

+  /* The first check is to warn about an empty passphrase. */
+  if (!*pw)
+    {
+      const char *desc = (opt.enforce_passphrase_constraints?
+                          _("You have not entered a passphrase!%0A"
+                            "An empty passphrase is not allowed.") :
+                          _("You have not entered a passphrase - "
+                            "this is in general a bad idea!%0A"
+                            "Please confirm that you do not want to "
+                            "have any protection on your key."));
+
+      if (silent)
+        return gpg_error (GPG_ERR_INV_PASSPHRASE);
+
+      return take_this_one_anyway2 (ctrl, desc,
+                                   _("Yes, protection is not needed"));
+    }
+
  if (utf8_charcount (pw) < minlen )
    {
      char *desc;
@ -230,7 +248,7 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
        return err;
    }

-  /* If configured check the passphrase against a list of know words
+  /* If configured check the passphrase against a list of known words
     and pattern.  The actual test is done by an external program.
     The warning message is generic to give the user no hint on how to
     circumvent this list.  */
@ -250,26 +268,6 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
        return err;
    }

-  /* The final check is to warn about an empty passphrase. */
-  if (!*pw)
-    {
-      const char *desc = (opt.enforce_passphrase_constraints?
-                          _("You have not entered a passphrase!%0A"
-                            "An empty passphrase is not allowed.") :
-                          _("You have not entered a passphrase - "
-                            "this is in general a bad idea!%0A"
-                            "Please confirm that you do not want to "
-                            "have any protection on your key."));
-
-      if (silent)
-        return gpg_error (GPG_ERR_INV_PASSPHRASE);
-
-      err = take_this_one_anyway2 (ctrl, desc,
-                                   _("Yes, protection is not needed"));
-      if (err)
-        return err;
-    }
-
  return 0;
 }