[Gpa-commits] r949 - trunk/src

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Feb 12 18:17:40 CET 2009 

Author: werner
Date: 2009-02-12 18:17:38 +0100 (Thu, 12 Feb 2009)
New Revision: 949

Modified:
   trunk/src/ChangeLog
   trunk/src/cardman.c
   trunk/src/keygendlg.c
Log:
Check for deny-admin before key generation.


Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog	2009-02-12 16:26:24 UTC (rev 948)
+++ trunk/src/ChangeLog	2009-02-12 17:17:38 UTC (rev 949)
@@ -1,8 +1,11 @@
 2009-02-12  Werner Koch  <wk at g10code.com>
 
+	* keygendlg.c (response_cb): Take care of unused password entries.
+
 	* cardman.c (card_genkey): Enable with commented checks.
 	(card_genkey_action): New.
 	(card_reload_idle_cb, card_genkey_completed): New.
+	(card_genkey): Check for deny_admin.
 
 	* gpgmeedit.c (_unexpected_state,unexpected_state): New.
 	(edit_expire_fnc_action, edit_trust_fnc_action)

Modified: trunk/src/cardman.c
===================================================================
--- trunk/src/cardman.c	2009-02-12 16:26:24 UTC (rev 948)
+++ trunk/src/cardman.c	2009-02-12 17:17:38 UTC (rev 949)
@@ -341,30 +341,31 @@
 card_genkey (GpaCardManager *cardman)
 {
   GpaGenKeyCardOperation *op;
+  gpg_error_t err;
 
   if (cardman->cardtype != GPA_CM_OPENPGP_TYPE)
     return;  /* Not possible.  */
+  if (!cardman->gpgagent)
+    {
+      g_debug ("Ooops: no assuan context");
+      return;
+    }
 
-  /* FIXME: I don't th8ink that the deny-admin check is really needed.
-     if at all we should implement a test via assuan to see whether it
-     is actually working - that is far easier than the checking the
-     configuration which might in some cases not reflect the scdaemon
-     currently in use. */
-/*   if (check_conf_boolean ("scdaemon", "deny-admin") == TRUE) */
-/*     { */
-/*       GtkWidget *dialog; */
+  /* Note: This test works only with GnuPG > 2.0.10 but that version
+     is anyway required for the card manager to work correctly.  */
+  err = gpgme_op_assuan_transact (cardman->gpgagent,
+                                  "SCD GETINFO deny_admin",
+                                  NULL, NULL, NULL, NULL, NULL, NULL);
+  if (!err)
+    err = gpgme_op_assuan_result (cardman->gpgagent);
+  if (!err)
+    {
+      gpa_window_error ("Admin commands are disabled in scdamon.\n"
+                        "Key generation is not possible.", NULL); 
+      return;
+    }
 
-/*       dialog = gtk_message_dialog_new (GTK_WINDOW (cardman->window), */
-/* 				       GTK_DIALOG_MODAL, */
-/* 				       GTK_MESSAGE_ERROR, */
-/* 				       GTK_BUTTONS_OK, */
-/* 				       "Admin commands not allowed. Key generation disabled."); */
-/*       gtk_dialog_run (GTK_DIALOG (dialog)); */
-/*       gtk_widget_destroy (dialog); */
-/*       return; */
-/*     } */
 
-
 /* FIXME: Instead of doing this test on our own, I believe it belongs
    into the edit interactor: gpg knows bets whether keys already
    exists and we only need to process the corresponding prompt.  */
@@ -393,7 +394,6 @@
 /*     } */
 
   op = gpa_gen_key_card_operation_new (GTK_WIDGET (cardman));
-  g_debug ("card_genkey_completed connected (%p)", cardman);
   g_signal_connect_swapped (G_OBJECT (op), "completed",
                             G_CALLBACK (card_genkey_completed), cardman);
   g_signal_connect (G_OBJECT (op), "completed",

Modified: trunk/src/keygendlg.c
===================================================================
--- trunk/src/keygendlg.c	2009-02-12 16:26:24 UTC (rev 948)
+++ trunk/src/keygendlg.c	2009-02-12 17:17:38 UTC (rev 949)
@@ -53,15 +53,24 @@
 {
   GPAKeyGenDialog *dialog = param;
   gchar *expiry_error;
-  const gchar *userid = gtk_entry_get_text (GTK_ENTRY (dialog->entryUserID));
-  const gchar *passwd = gtk_entry_get_text (GTK_ENTRY (dialog->entryPasswd));
-  const gchar *repeat = gtk_entry_get_text (GTK_ENTRY (dialog->entryRepeat));
-  const gchar *keysize
-    = gtk_combo_box_get_active_text (GTK_COMBO_BOX (dialog->comboKeysize));
+  const gchar *userid;
+  const gchar *passwd;
+  const gchar *repeat;
+  const gchar *keysize;
 
   if (response != GTK_RESPONSE_OK)
     return;
 
+  userid = gtk_entry_get_text (GTK_ENTRY (dialog->entryUserID));
+  passwd = (dialog->entryPasswd
+            ? gtk_entry_get_text (GTK_ENTRY (dialog->entryPasswd)) 
+            : NULL);
+  repeat = (dialog->entryRepeat
+            ? gtk_entry_get_text (GTK_ENTRY (dialog->entryRepeat))
+            : NULL);
+  keysize = gtk_combo_box_get_active_text (GTK_COMBO_BOX 
+                                           (dialog->comboKeysize));
+
   if (keysize == NULL || *keysize == '\0')
     {
       /* FIXME: We should check it is a valid number.  */

More information about the Gpa-commits mailing list