summaryrefslogtreecommitdiffstats
path: root/agent/genkey.c
diff options
context:
space:
mode:
authorWerner Koch <wk@gnupg.org>2021-08-18 19:21:22 +0200
committerWerner Koch <wk@gnupg.org>2021-08-18 19:21:22 +0200
commit661c2ae96699e135294cfd98e1fbc385d35f5f0e (patch)
tree8d4db025156d4c1b1e3891edd03e697e43db42f8 /agent/genkey.c
parentagent: Ignore passphrase constraints for a generated passphrase. (diff)
downloadgnupg2-661c2ae96699e135294cfd98e1fbc385d35f5f0e.tar.xz
gnupg2-661c2ae96699e135294cfd98e1fbc385d35f5f0e.zip
agent: Use the sysconfdir for a pattern file.
* agent/genkey.c (do_check_passphrase_pattern): Use make_filename.
Diffstat (limited to 'agent/genkey.c')
-rw-r--r--agent/genkey.c29
1 files changed, 28 insertions, 1 deletions
diff --git a/agent/genkey.c b/agent/genkey.c
index 3ed63f663..0c91ab41a 100644
--- a/agent/genkey.c
+++ b/agent/genkey.c
@@ -102,6 +102,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
pid_t pid;
int result, i;
const char *pattern;
+ char *patternfname;
(void)ctrl;
@@ -112,11 +113,34 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
if (!pattern)
return 1; /* Oops - Assume password should not be used */
+ if (strchr (pattern, '/') || strchr (pattern, '\\')
+ || (*pattern == '~' && pattern[1] == '/'))
+ patternfname = make_absfilename_try (pattern, NULL);
+ else
+ patternfname = make_filename_try (gnupg_sysconfdir (), pattern, NULL);
+ if (!patternfname)
+ {
+ log_error ("error making filename from '%s': %s\n",
+ pattern, gpg_strerror (gpg_error_from_syserror ()));
+ return 1; /* Do not pass the check. */
+ }
+
+ /* Make debugging a broken config easier by printing a useful error
+ * message. */
+ if (gnupg_access (patternfname, F_OK))
+ {
+ log_error ("error accessing '%s': %s\n",
+ patternfname, gpg_strerror (gpg_error_from_syserror ()));
+ xfree (patternfname);
+ return 1; /* Do not pass the check. */
+ }
+
infp = gnupg_tmpfile ();
if (!infp)
{
err = gpg_error_from_syserror ();
log_error (_("error creating temporary file: %s\n"), gpg_strerror (err));
+ xfree (patternfname);
return 1; /* Error - assume password should not be used. */
}
@@ -126,6 +150,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
log_error (_("error writing to temporary file: %s\n"),
gpg_strerror (err));
fclose (infp);
+ xfree (patternfname);
return 1; /* Error - assume password should not be used. */
}
fseek (infp, 0, SEEK_SET);
@@ -134,7 +159,7 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
i = 0;
argv[i++] = "--null";
argv[i++] = "--",
- argv[i++] = pattern,
+ argv[i++] = patternfname,
argv[i] = NULL;
log_assert (i < sizeof argv);
@@ -153,6 +178,8 @@ do_check_passphrase_pattern (ctrl_t ctrl, const char *pw, unsigned int flags)
putc ('\xff', infp);
fflush (infp);
fclose (infp);
+
+ xfree (patternfname);
return result;
}