From 391abf9b9395ebe0b143b52b2ebc773a02f44849 Mon Sep 17 00:00:00 2001
From: root <devnull@localhost>
Date: Thu, 22 Feb 1996 01:35:00 +0000
Subject: [PATCH] check for bad pass phrases

CVS patchset: 388
CVS date: 1996/02/22 01:35:00
---
 lib/signature.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)

diff --git a/lib/signature.c b/lib/signature.c
index 2f7ec5e..15f7b78 100644
--- a/lib/signature.c
+++ b/lib/signature.c
@@ -22,6 +22,7 @@
 
 static int makePGPSignature(char *file, int ofd, char *passPhrase);
 static int verifyPGPSignature(int fd, void *sig, char *result);
+static int checkPassPhrase(char *passPhrase);
 
 int readSignature(int fd, short sig_type, void **sig)
 {
@@ -85,9 +86,64 @@ char *getPassPhrase(char *prompt)
         pass = getpass("");
     }
 
+    if (checkPassPhrase(pass)) {
+	return NULL;
+    }
+
     return pass;
 }
 
+static int checkPassPhrase(char *passPhrase)
+{
+    char secring[1024];
+    char pubring[1024];
+    char name[1024];
+    int passPhrasePipe[2];
+    FILE *fpipe;
+    int pid, status;
+    int fd;
+
+    sprintf(name, "+myname=\"%s\"", getVar(RPMVAR_PGP_NAME));
+    sprintf(secring, "+secring=\"%s\"", getVar(RPMVAR_PGP_SECRING));
+    sprintf(pubring, "+pubring=\"%s\"", getVar(RPMVAR_PGP_PUBRING));
+
+    pipe(passPhrasePipe);
+    if (!(pid = fork())) {
+	close(0);
+	close(1);
+	close(2);
+	if ((fd = open("/dev/null", O_RDONLY)) != 0) {
+	    dup2(fd, 0);
+	}
+	if ((fd = open("/dev/null", O_WRONLY)) != 1) {
+	    dup2(fd, 1);
+	}
+	dup2(passPhrasePipe[0], 3);
+	setenv("PGPPASSFD", "3", 1);
+	setenv("PGPPATH", getVar(RPMVAR_PGP_PATH), 1);
+	execlp("pgp", "pgp",
+	       "+batchmode=on", "+verbose=0",
+	       name, secring, pubring,
+	       "-sf",
+	       NULL);
+	error(RPMERR_EXEC, "Couldn't exec pgp");
+	exit(RPMERR_EXEC);
+    }
+
+    fpipe = fdopen(passPhrasePipe[1], "w");
+    close(passPhrasePipe[0]);
+    fprintf(fpipe, "%s\n", passPhrase);
+    fclose(fpipe);
+
+    waitpid(pid, &status, 0);
+    if (!WIFEXITED(status) || WEXITSTATUS(status)) {
+	return 1;
+    }
+
+    /* passPhrase is good */
+    return 0;
+}
+
 static int makePGPSignature(char *file, int ofd, char *passPhrase)
 {
     char secring[1024];
-- 
2.7.4