Properly close files opened by es_fopen.

Allow setting of an empty passphrase.
Assorted W32 changes.

agent/ChangeLog

@@ -1,3 +1,10 @@
+2007-07-13  Werner Koch  <wk@g10code.com>
+
+	* genkey.c (check_passphrase_constraints): Require a confirmation
+	for an empty passphrase.
+	(agent_genkey, agent_protect_and_store): No need to repeat an
+	empty passphrase.
+
 2007-07-05  Werner Koch  <wk@g10code.com>
 
 	* call-scd.c (struct inq_needpin_s): New.
@@ -89,7 +96,7 @@
 
 	* protect-tool.c (main) [W32]: Call pth_init.
 
-	* preset-passphrase.c (main) [W32]: Repalce the explicit Winsocket
+	* preset-passphrase.c (main) [W32]: Replace the explicit Winsocket
 	init by a call to pth_init.
 
 	* trustlist.c (initialize_module_trustlist): New.

agent/call-pinentry.c

@@ -207,11 +207,21 @@ start_pinentry (ctrl_t ctrl)
   if (opt.verbose)
     log_info ("starting a new PIN Entry\n");
 
+#ifdef HAVE_W32_SYSTEM      
+  fflush (stdout);
+  fflush (stderr);
+#endif
   if (fflush (NULL))
     {
       gpg_error_t tmperr = gpg_error (gpg_err_code_from_errno (errno));
       log_error ("error flushing pending output: %s\n", strerror (errno));
+      /* At least Windows XP fails here with EBADF.  According to docs
+         and Wine an fflush(NULL) is the same as _flushall.  However
+         the Wime implementaion does not flush stdin,stdout and stderr
+         - see above.  Lets try to ignore the error. */
+#ifndef HAVE_W32_SYSTEM
       return unlock_pinentry (tmperr);
+#endif
     }
 
   if (!opt.pinentry_program || !*opt.pinentry_program)

agent/genkey.c

@@ -1,5 +1,5 @@
 /* pksign.c - Generate a keypair
- *	Copyright (C) 2002, 2003, 2004 Free Software Foundation, Inc.
+ *	Copyright (C) 2002, 2003, 2004, 2007 Free Software Foundation, Inc.
  *
  * This file is part of GnuPG.
  *
@@ -102,6 +102,20 @@ check_passphrase_constraints (ctrl_t ctrl, const char *pw)
         return err;
     }
 
+  if (!*pw)
+    {
+      const char *desc = _("You have not entered a passphrase - "
+                           "this is in general a bad idea!%0A"
+                           "Please confirm that you do not want to "
+                           "have any protection on your key.");
+      
+      err = agent_get_confirmation (ctrl, desc,
+                                    _("Yes, protection is not needed"),
+                                    _("Enter new passphrase"));
+      if (err)
+        return err;
+    }
+
   return 0;
 }
 
@@ -166,12 +180,15 @@ agent_genkey (ctrl_t ctrl, const char *keyparam, size_t keyparamlen,
             pi2->failed_tries = 0;
             goto next_try;
           }
-        rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
+        if (pi->pin && *pi->pin)
-        if (rc == -1)
+          {
-          { /* The re-entered one did not match and the user did not
+            rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
-               hit cancel. */
+            if (rc == -1)
-            initial_errtext = _("does not match - try again");
+              { /* The re-entered one did not match and the user did not
-            goto next_try;
+                   hit cancel. */
+                initial_errtext = _("does not match - try again");
+                goto next_try;
+              }
           }
       }
     if (rc)
@@ -284,12 +301,16 @@ agent_protect_and_store (ctrl_t ctrl, gcry_sexp_t s_skey)
             pi2->failed_tries = 0;
             goto next_try;
           }
-        rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
+        /* Unless the passphrase is empty, ask to confirm it.  */
-        if (rc == -1)
+        if (pi->pin && *pi->pin)
-          { /* The re-entered one did not match and the user did not
+          {
-               hit cancel. */
+            rc = agent_askpin (ctrl, text2, NULL, NULL, pi2);
-            initial_errtext = _("does not match - try again");
+            if (rc == -1)
-            goto next_try;
+              { /* The re-entered one did not match and the user did not
+                   hit cancel. */
+                initial_errtext = _("does not match - try again");
+                goto next_try;
+              }
           }
       }
     if (rc)

common/ChangeLog

@@ -1,3 +1,7 @@
+2007-07-16  Werner Koch  <wk@g10code.com>
+
+	* estream.c (es_func_file_create): Clear NO_CLOSE flag.
+
 2007-07-12  Werner Koch  <wk@g10code.com>
 
 	* sysutils.h (gnupg_fd_t): New.

common/estream.c

@@ -861,6 +861,7 @@ es_func_file_create (void **cookie, int *filedes,
 #endif
 
   file_cookie->fd = fd;
+  file_cookie->no_close = 0;
   *cookie = file_cookie;
   *filedes = fd;
 

common/exechelp.c

@@ -358,10 +358,7 @@ gnupg_spawn_process (const char *pgmname, const char *argv[],
     if (x == -1)
       log_error ("failed to translate osfhandle %p\n", (void*)rp[0] );
     else 
-      {
+      *statusfile = fdopen (x, "r");
-        log_debug ("_open_osfhandle %p yields %d\n", (void*)fd, x );
-        *statusfile = fdopen (x, "r");
-      }
   }
   if (!*statusfile)
     {

common/simple-pwquery.c

@@ -327,9 +327,6 @@ agent_open (int *rfd)
     {
 #ifdef SPWQ_USE_LOGGING
       log_error ( _("malformed GPG_AGENT_INFO environment variable\n"));
-      log_debug ( "a='%s'\n", infostr);
-      log_debug ( "a='%s'\n", strchr ( infostr, PATHSEP_C));
-      log_debug ( "a=%td\n", (p-infostr));
 #endif
       return SPWQ_NO_AGENT;
     }

sm/ChangeLog

@@ -1,3 +1,8 @@
+2007-07-16  Werner Koch  <wk@g10code.com>
+
+	* server.c (cmd_message): Use gnupg_fd_t to avoid dependecy on
+	newer assuan versions.
+
 2007-07-12  Werner Koch  <wk@g10code.com>
 
 	* gpgsm.c (check_special_filename): Use translate_sys2libc_fd_int

sm/server.c

@@ -734,7 +734,7 @@ static int
 cmd_message (assuan_context_t ctx, char *line)
 {
   int rc;
-  assuan_fd_t sysfd;
+  gnupg_fd_t sysfd;
   int fd;
   ctrl_t ctrl = assuan_get_pointer (ctx);