security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-04-17 15:44:34 +02:00
Code Activity

agent: Only one confirmation prompt for an empty passphrase.

Browse Source 
* agent/genkey.c (check_passphrase_constraints): Moev empty passphrase
check to the front.
This commit is contained in:
Werner Koch 2014-07-23 19:16:51 +02:00
parent ea186540db
commit a24510d53b
1 changed files with 19 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
agent/genkey.c
View File

@ -186,6 +186,24 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
if (!pw) if (!pw)
pw = ""; pw = "";
/* The first check is to warn about an empty passphrase. */
if (!*pw)
{
const char *desc = (opt.enforce_passphrase_constraints?
_("You have not entered a passphrase!%0A"
"An empty passphrase is not allowed.") :
_("You have not entered a passphrase - "
"this is in general a bad idea!%0A"
"Please confirm that you do not want to "
"have any protection on your key."));
if (silent)
return gpg_error (GPG_ERR_INV_PASSPHRASE);
return take_this_one_anyway2 (ctrl, desc,
_("Yes, protection is not needed"));
}
if (utf8_charcount (pw) < minlen ) if (utf8_charcount (pw) < minlen )
{ {
char *desc; char *desc;
@ -230,7 +248,7 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
return err; return err;
} }
/* If configured check the passphrase against a list of know words /* If configured check the passphrase against a list of known words
and pattern. The actual test is done by an external program. and pattern. The actual test is done by an external program.
The warning message is generic to give the user no hint on how to The warning message is generic to give the user no hint on how to
circumvent this list. */ circumvent this list. */
@ -250,26 +268,6 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
return err; return err;
} }
/* The final check is to warn about an empty passphrase. */
if (!*pw)
{
const char *desc = (opt.enforce_passphrase_constraints?
_("You have not entered a passphrase!%0A"
"An empty passphrase is not allowed.") :
_("You have not entered a passphrase - "
"this is in general a bad idea!%0A"
"Please confirm that you do not want to "
"have any protection on your key."));
if (silent)
return gpg_error (GPG_ERR_INV_PASSPHRASE);
err = take_this_one_anyway2 (ctrl, desc,
_("Yes, protection is not needed"));
if (err)
return err;
}
return 0; return 0;
} }