=== modified file 'TODO'
--- TODO	2011-08-08 21:12:37 +0000
+++ TODO	2011-08-17 22:27:13 +0000
@@ -9,6 +9,7 @@
 ** TODO [#B] Use struct sockaddr_storage instead of a union
 ** TODO [#B] Use getaddrinfo(hints=AI_NUMERICHOST) instead of inet_pton()
 ** TODO [#B] Use getnameinfo(serv=NULL, NI_NUMERICHOST) instead of inet_ntop()
+** TODO [#B] Prefer /run/tmp over /tmp, if it exists
 
 * splashy
 ** TODO [#B] use scandir(3) instead of readdir(3)
@@ -58,18 +59,8 @@
 ** TODO [#B] Fix problem with fsck taking a really long time
    Whenever a client successfully gets a secret it could get a
    one-time timeout boost to allow for an fsck-incurred delay
-** TODO [#A] Delay before client receives key
-   This would give an operator opportunity to cancel the request if
-   desired.
-** TODO [#A] Client manual approval mode
-   A client needs manual approval on the server before it gets the
-   secret
 ** TODO [#B] Support RFC 3339 time duration syntax
 ** More D-Bus methods
-*** NeedsApproval(50, True) -> timeout, default approve
-    Default approval is configurable, but True by default
-    + Approve(True) -> approve sending saved
-    + Approve(False) -> Close client connection immediately
 *** NeedsPassword(50) - Timeout, default disapprove
     + SetPass(u"gazonk", True) -> Approval, persistent
     + Approve(False) -> Close client connection immediately
@@ -106,7 +97,6 @@
 ** Show timeout countdown for approval
 
 * mandos-keygen
-** TODO Loop until passwords match when run interactively
 ** TODO "--secfile" option
    Using the "secfile" option instead of "secret"
 ** TODO [#B] "--test" option

=== modified file 'mandos-keygen'
--- mandos-keygen	2011-07-27 17:58:27 +0000
+++ mandos-keygen	2011-08-17 22:27:13 +0000
@@ -192,7 +192,7 @@
 shred --remove \"$RINGDIR\"/sec*;
 test -n \"$BATCHFILE\" && rm --force \"$BATCHFILE\"; \
 rm --recursive --force \"$RINGDIR\";
-stty echo; \
+tty --quiet && stty echo; \
 " EXIT
 
 set -e
@@ -289,31 +289,37 @@
     
     FILECOMMENT="Encrypted password for a Mandos client"
     
-    if [ -n "$PASSFILE" ]; then
-	cat "$PASSFILE"
-    else
-	stty -echo
-	echo -n "Enter passphrase: " >&2
-	first="$(head --lines=1 | tr --delete '\n')"
-	echo >&2
-	echo -n "Repeat passphrase: " >&2
-	second="$(head --lines=1 | tr --delete '\n')"
-	echo >&2
-	stty echo
-	if [ "$first" != "$second" ]; then
-	    echo "Passphrase mismatch" >&2
-	    touch "$RINGDIR"/mismatch
+    while [ ! -s "$SECFILE" ]; do
+	if [ -n "$PASSFILE" ]; then
+	    cat "$PASSFILE"
 	else
-	    echo -n "$first"
+	    tty --quiet && stty -echo
+	    read -p "Enter passphrase: " first
+	    tty --quiet && echo >&2
+	    read -p "Repeat passphrase: " second
+	    if tty --quiet; then
+		echo >&2
+		stty echo
+	    fi
+	    if [ "$first" != "$second" ]; then
+		echo "Passphrase mismatch" >&2
+		touch "$RINGDIR"/mismatch
+	    else
+		echo -n "$first"
+	    fi
+	fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
+	    --homedir "$RINGDIR" --trust-model always --armor \
+	    --encrypt --sign --recipient "$FINGERPRINT" --comment \
+	    "$FILECOMMENT" > "$SECFILE"
+	if [ -e "$RINGDIR"/mismatch ]; then
+	    rm --force "$RINGDIR"/mismatch
+	    if tty --quiet; then
+		> "$SECFILE"
+	    else
+		exit 1
+	    fi
 	fi
-    fi | gpg --quiet --batch --no-tty --no-options --enable-dsa2 \
-	--homedir "$RINGDIR" --trust-model always --armor --encrypt \
-	--sign --recipient "$FINGERPRINT" --comment "$FILECOMMENT" \
-	> "$SECFILE"
-    if [ -e "$RINGDIR"/mismatch ]; then
-	rm --force "$RINGDIR"/mismatch
-	exit 1
-    fi
+    done
     
     cat <<-EOF
 	[$KEYNAME]