Bug 412569 - Extended handling related to password confirmation omission
Summary: Extended handling related to password confirmation omission
Status: REPORTED
Alias: None
Product: kleopatra
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Fedora RPMs Linux
: NOR wishlist
Target Milestone: ---
Assignee: Andre Heinecke
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-10-03 16:45 UTC by Ricky Tigg
Modified: 2019-10-07 10:40 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments
Illustrations of extended process. (290.00 KB, application/x-tar)
2019-10-03 16:45 UTC, Ricky Tigg
Details
Windows 10 – illustration of pientry-qt – Finnish language (21.26 KB, image/png)
2019-10-07 08:27 UTC, Ricky Tigg
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Ricky Tigg 2019-10-03 16:45:14 UTC
Created attachment 122996 [details]
Illustrations of extended process.

ENHANCEMENT REQUEST
Omission of password confirmations leads to a failed process.

OBSERVED RESULT
By reflex i may omit often the confirmation of a password in the field dedicated to that purpose, and validate the process as such, which is as illustrated in kleopatra_3.1.4_failed_password_setting_1.png, handled as a definitive failure. Is then a failure state needed in such situation since as illustrated in kleopatra_3.1.4_failed_password_setting_2.png, a message will anyway come and offer to relaunch current wizard keeping in the process set parameters. Handling an omission as a failure, makes that last window production to be interpreted as an extension for the only purpose to be extension.

EXPECTED RESULT
An error message alone related to an omission of confirmation would have been appropriate as well to cover as a whole that handling of omission and therefore integrated to the windows in which passwords are handled.

SOFTWARE/OS VERSIONS
v.3.1.4 
Linux/KDE Plasma: Linux (x86_64) release 5.3.1-300.fc31.x86_64
KDE Frameworks 5.61.0
Qt 5.12.4 (built against 5.12.4)
The wayland windowing system
Comment 1 Andre Heinecke 2019-10-04 07:49:27 UTC
Hi,

thank you for your detailed report. I do not understand the problem correctly.

By password confirmation you mean the "Repeat" field.

If you omit the repeat field it still lets you advance with OK ?
Or is the order somehow messed up for you so if you hit enter then it cancels ?

I just tested with both pinentry-gnome3 (which you are using) and while it does not grey out the OK button it does not let you advance with it.

Pinentry-qt (The "KDE'ish" pinentry which I maintain) greys out the OK button if there is something wrong and Cancel comes last in the tab order.
Comment 2 Ricky Tigg 2019-10-04 10:27:34 UTC
Hey. You all interpreted correctly. I used Fedora, Gnone.

Once entering a password in only one field, be it the first or second, invoking OK starts an endless process. At this state, 
1. Attempting to enter into the confirmation field a password won't be operational;
2. OK button wss greyed out, while Cancel button alone was available.

Some observations:
– OK button has been in my tests available for being invoked right from the beginning of the apparition of window illustrated by kleopatra_3.1.4_failed_password_setting_1.png while no passwords had yet been entered into any fields.

– The second field –the one aimed for password confirmation– was opened to receive some content even while the first field –the one aimed to enter a reference password– had been left blank. Yet during that operation, OK button remained available.

Those reflections came to me:
– OK button could be greyed out right from the beginning until both fuels have been supplied with some content which then make it at last available for beeing invoked.

– The second field could be closed, eventually adding a greyed-out background to it in order to make its state explicit, until a password has been entered into the first field and user has switched to the second field.

– Once both fields have been supplied with content, invoking OK button would process informations contained within these fields then check that they match each other. In case they don't, a typical message related to the situation would be exhibited, such as "Passwords do not match each other.", but without the need to lead to a failure.
Comment 3 Andre Heinecke 2019-10-04 11:12:25 UTC
Ok this is definetly bad behavior of pinentry-gnome.

But I don't know pinentry-gnome enough to can say if it is with the GCR System Prompter or if it is with the version of pinentry-gnome used. I tested with the latest version of pinentry-gnome with the GCR System Prompter from debian buster and for me the behavior differs a lot. And it is hard to explain why from the changes to pinentry-gnome in the last years.

Yes the OK button is visible from the start, but when you click it you get the error message saying that passwords dont match. When they match I can move on and it works. I could not reproduce the operation canceld issue you see except by clicking on cancel. 

What does "pinentry-gnome3 --version" yield for you?

This will give me a better idea who to forward this issue to.
Comment 4 Ricky Tigg 2019-10-04 12:13:35 UTC
$ pinentry-gnome3 --version
pinentry-gnome3 (pinentry) 1.1.0
Copyright (C) 2016 g10 Code GmbH
License GPLv2+: GNU GPL version 2 or later <https://www.gnu.org/licenses/>
This is free software: you [...]

On my system it is recent.

$ LANG=C rpm -qi pinentry-gnome3 | sed -n '11p;15,16p'
Build Date  : Fri Jul 26 21:44:20 2019
URL         : http://www.gnupg.org/aegypten/
Bug URL     : https://bugz.fedoraproject.org/pinentry
Comment 5 Ricky Tigg 2019-10-07 08:27:18 UTC
Created attachment 123077 [details]
Windows 10 – illustration of pientry-qt – Finnish language

Testing the behaviour on Windows 10's for comparison purpose with Linux using Gnome, the following observations emerge:

On Linux's side using Gnome
– The interface language is a mix of default language –traditionally USA English– and Finnish.
– Section covering password quality check is not exhibited. Entropy may not be involved in that process.

On Windows 10's side
– The interface language of the section illustrated by windows-10_kleopatra_pinentry-qt.PNG, is not according to the system language which is Finnish but entirely in default language. Elsewhere most of the application's interfaces' language is in Finnish.

I was to propose translating for both OSs though as noticeable translations form USA English into Finnish are assigned to Mikko Piippo, Kim Enkovaara and Tommi Nieminen.
Comment 6 Andre Heinecke 2019-10-07 08:59:04 UTC
You can get the windows pinentry on Linux by installing pinentry-qt or setting it to default through something like "update-alternatives" on debian (not sure how it is called on fedora).

As for the translations: They do not come from Kleopatra they come from GnuPG and indeed they are incomplete. Patches welcome of course :-)

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=po/fi.po

I think it would be best to report your issue with pinentry-gnome to fedora. As none of the GnuPG core developers has fedora and for us under debian it looks different and works.
Comment 7 Ricky Tigg 2019-10-07 10:40:19 UTC
Issue reported at https://bugzilla.redhat.com/show_bug.cgi?id=1759066.