mirror of git://git.gnupg.org/gnupg.git
gpg: Do not show an useless passphrase prompt in batch mode.
* g10/keygen.c: Remove unused PASSPHRASE related code. (proc_parameter_file): Remove useless asking for a passphrase in batch mode. -- Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
Werner Koch
parent
794a687be0
commit
a929f36693
|
|
@ -3312,12 +3312,18 @@ control statements must be given. For GnuPG 2.1 and later
|
|||
|
||||
@item %ask-passphrase
|
||||
@itemx %no-ask-passphrase
|
||||
@ifclear gpgtwoone
|
||||
Enable (or disable) a mode where the command @option{passphrase} is
|
||||
ignored and instead the usual passphrase dialog is used. This does
|
||||
not make sense for batch key generation; however the unattended key
|
||||
generation feature is also used by GUIs and this feature relinquishes
|
||||
the GUI from implementing its own passphrase entry code. These are
|
||||
global control statements and affect all future key genrations.
|
||||
@end ifclear
|
||||
@ifset gpgtwoone
|
||||
This option is a no-op for GnuPG 2.1 and later.
|
||||
@end ifset
|
||||
|
||||
|
||||
@item %no-protection
|
||||
Since GnuPG version 2.1 it is not anymore possible to specify a
|
||||
|
|
|
|||
82
g10/keygen.c
82
g10/keygen.c
|
|
@ -83,8 +83,6 @@ enum para_name {
|
|||
pKEYEXPIRE, /* in n seconds */
|
||||
pSUBKEYEXPIRE, /* in n seconds */
|
||||
pPASSPHRASE,
|
||||
pPASSPHRASE_DEK,
|
||||
pPASSPHRASE_S2K,
|
||||
pSERIALNO,
|
||||
pCARDBACKUPKEY,
|
||||
pHANDLE,
|
||||
|
|
@ -96,8 +94,6 @@ struct para_data_s {
|
|||
int lnr;
|
||||
enum para_name key;
|
||||
union {
|
||||
DEK *dek;
|
||||
STRING2KEY *s2k;
|
||||
u32 expire;
|
||||
u32 creation;
|
||||
unsigned int usage;
|
||||
|
|
@ -110,7 +106,6 @@ struct output_control_s
|
|||
{
|
||||
int lnr;
|
||||
int dryrun;
|
||||
int ask_passphrase;
|
||||
unsigned int keygen_flags;
|
||||
int use_files;
|
||||
struct {
|
||||
|
|
@ -2676,6 +2671,7 @@ ask_user_id (int mode, int full, KBNODE keyblock)
|
|||
|
||||
/* MODE 0 - standard
|
||||
1 - Ask for passphrase of the card backup key. */
|
||||
#if 0
|
||||
static DEK *
|
||||
do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled)
|
||||
{
|
||||
|
|
@ -2720,6 +2716,7 @@ do_ask_passphrase (STRING2KEY **ret_s2k, int mode, int *r_canceled)
|
|||
*ret_s2k = s2k;
|
||||
return dek;
|
||||
}
|
||||
#endif /* 0 */
|
||||
|
||||
|
||||
/* Basic key generation. Here we divert to the actual generation
|
||||
|
|
@ -2795,11 +2792,6 @@ release_parameter_list (struct para_data_s *r)
|
|||
for (; r ; r = r2)
|
||||
{
|
||||
r2 = r->next;
|
||||
if (r->key == pPASSPHRASE_DEK)
|
||||
xfree (r->u.dek);
|
||||
else if (r->key == pPASSPHRASE_S2K )
|
||||
xfree (r->u.s2k);
|
||||
|
||||
xfree (r);
|
||||
}
|
||||
}
|
||||
|
|
@ -3123,72 +3115,6 @@ proc_parameter_file( struct para_data_s *para, const char *fname,
|
|||
if (parse_revocation_key (fname, para, pREVOKER))
|
||||
return -1;
|
||||
|
||||
/* Make DEK and S2K from the Passphrase. */
|
||||
if (outctrl->ask_passphrase)
|
||||
{
|
||||
/* %ask-passphrase is active - ignore pPASSPRASE and ask. This
|
||||
feature is required so that GUIs are able to do a key
|
||||
creation but have gpg-agent ask for the passphrase. */
|
||||
int canceled = 0;
|
||||
STRING2KEY *s2k;
|
||||
DEK *dek;
|
||||
|
||||
dek = do_ask_passphrase (&s2k, 0, &canceled);
|
||||
if (dek)
|
||||
{
|
||||
r = xmalloc_clear( sizeof *r );
|
||||
r->key = pPASSPHRASE_DEK;
|
||||
r->u.dek = dek;
|
||||
append_to_parameter (para, r);
|
||||
r = xmalloc_clear( sizeof *r );
|
||||
r->key = pPASSPHRASE_S2K;
|
||||
r->u.s2k = s2k;
|
||||
append_to_parameter (para, r);
|
||||
}
|
||||
|
||||
if (canceled)
|
||||
{
|
||||
log_error ("%s:%d: key generation canceled\n", fname, r->lnr );
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
r = get_parameter( para, pPASSPHRASE );
|
||||
if ( r && *r->u.value )
|
||||
{
|
||||
/* We have a plain text passphrase - create a DEK from it.
|
||||
* It is a little bit ridiculous to keep it in secure memory
|
||||
* but because we do this always, why not here. */
|
||||
STRING2KEY *s2k;
|
||||
DEK *dek;
|
||||
|
||||
s2k = xmalloc ( sizeof *s2k );
|
||||
s2k->mode = opt.s2k_mode;
|
||||
s2k->hash_algo = S2K_DIGEST_ALGO;
|
||||
set_next_passphrase ( r->u.value );
|
||||
dek = passphrase_to_dek (NULL, 0, opt.s2k_cipher_algo, s2k, 2,
|
||||
NULL, NULL);
|
||||
if (!dek)
|
||||
{
|
||||
log_error ("%s:%d: error post processing the passphrase\n",
|
||||
fname, r->lnr );
|
||||
xfree (s2k);
|
||||
return -1;
|
||||
}
|
||||
set_next_passphrase (NULL);
|
||||
memset (r->u.value, 0, strlen(r->u.value));
|
||||
|
||||
r = xmalloc_clear (sizeof *r);
|
||||
r->key = pPASSPHRASE_S2K;
|
||||
r->u.s2k = s2k;
|
||||
append_to_parameter (para, r);
|
||||
r = xmalloc_clear (sizeof *r);
|
||||
r->key = pPASSPHRASE_DEK;
|
||||
r->u.dek = dek;
|
||||
append_to_parameter (para, r);
|
||||
}
|
||||
}
|
||||
|
||||
/* Make KEYCREATIONDATE from Creation-Date. */
|
||||
r = get_parameter (para, pCREATIONDATE);
|
||||
|
|
@ -3324,9 +3250,9 @@ read_parameter_file( const char *fname )
|
|||
else if( !ascii_strcasecmp( keyword, "%dry-run" ) )
|
||||
outctrl.dryrun = 1;
|
||||
else if( !ascii_strcasecmp( keyword, "%ask-passphrase" ) )
|
||||
outctrl.ask_passphrase = 1;
|
||||
; /* Dummy for backward compatibility. */
|
||||
else if( !ascii_strcasecmp( keyword, "%no-ask-passphrase" ) )
|
||||
outctrl.ask_passphrase = 0;
|
||||
; /* Dummy for backward compatibility. */
|
||||
else if( !ascii_strcasecmp( keyword, "%no-protection" ) )
|
||||
outctrl.keygen_flags |= KEYGEN_FLAG_NO_PROTECTION;
|
||||
else if( !ascii_strcasecmp( keyword, "%transient-key" ) )
|
||||
|
|
|
|||
Loading…
Reference in New Issue