More comments about when to use IDEA in keygen.c

When key signing with multiple keys at the same time, make sure each key
gets the sigclass prompt
Close the iobuf and FILE before trying to reap the child process to
encourage the child to exit
Disable cache-on-close of the fd iobuf (shouldn't all fd iobufs not be
cached?)

4 files changed, 31 insertions, 8 deletions

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 0c25ea443..ebb4d474a 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,18 @@
+2002-01-27  David Shaw  <[email protected]>
+
+	* keygen.c (keygen_set_std_prefs): Comment
+
+	* keyedit.c (sign_uids): Bug fix - when signing with multiple
+	secret keys at the same time, make sure each key gets the sigclass
+	prompt.
+
+	* exec.c (exec_finish): Close the iobuf and FILE before trying to
+	waitpid, so the remote process will get a SIGPIPE and exit.  This
+	is only a factor when using a pipe to communicate.
+
+	* exec.c (exec_write): Disable cache-on-close of the fd iobuf (is
+	this right?  Why is a fd iobuf cached at all?)
+
 2002-01-26  Werner Koch  <[email protected]>
 
 	* g10.c, options.h: New option --gpg-agent-info
diff --git a/g10/exec.c b/g10/exec.c
index 9299d5b3f..910413339 100644
--- a/g10/exec.c
+++ b/g10/exec.c
@@ -357,6 +357,9 @@ int exec_write(struct exec_info **info,const char *program,
 	  goto fail;
 	}
 
+      /* fd iobufs are cached?! */
+      iobuf_ioctl((*info)->fromchild,3,1,NULL);
+
       return 0;
     }
 #endif /* !EXEC_TEMPFILE_ONLY */
@@ -442,6 +445,12 @@ int exec_finish(struct exec_info *info)
 {
   int ret=info->progreturn;
 
+  if(info->fromchild)
+    iobuf_close(info->fromchild);
+
+  if(info->tochild)
+    fclose(info->tochild);
+
 #ifndef EXEC_TEMPFILE_ONLY
   if(info->child>0)
     {
@@ -453,12 +462,6 @@ int exec_finish(struct exec_info *info)
     }
 #endif
 
-  if(info->fromchild)
-    iobuf_close(info->fromchild);
-
-  if(info->tochild)
-    fclose(info->tochild);
-    
   if(info->madedir && !info->keep_temp_files)
     {
       if(info->tempfile_in)
diff --git a/g10/keyedit.c b/g10/keyedit.c
index f74a2fc84..4018bce30 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -267,7 +267,6 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 	   int local , int nonrevocable )
 {
     int rc = 0;
-    int class=0;
     SK_LIST sk_list = NULL;
     SK_LIST sk_rover = NULL;
     PKT_secret_key *sk = NULL;
@@ -295,6 +294,7 @@ sign_uids( KBNODE keyblock, STRLIST locusr, int *ret_modified,
 	u32 sk_keyid[2];
 	size_t n;
 	char *p;
+	int class=0;
 	u32 duration=0,timestamp=0;
 
 	/* we have to use a copy of the sk, because make_keysig_packet
diff --git a/g10/keygen.c b/g10/keygen.c
index 8f878449f..eb35b8eab 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -224,7 +224,12 @@ keygen_set_std_prefs (const char *string)
         string = "S7 S10 S3 S4 S2 H3 H2 Z2 Z1";
 
       /* If we have it, IDEA goes *after* 3DES so it won't be used
-         unless we're encrypting along with a V3 key. */
+         unless we're encrypting along with a V3 key.  Ideally, we
+         would only put the S1 preference in if the key was RSA and
+         <=2048 bits, as that is what won't break PGP2, but that is
+         difficult with the current code, and not really worth
+         checking as a non-RSA <=2048 bit key wouldn't be usable by
+         PGP2 anyway -dms */
     }
     else if (!ascii_strcasecmp (string, "none"))
         string = "";