From c81544fffd2f89cb3cf1b791fe7adf21c75200ad Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Sun, 26 Nov 2017 21:20:46 +0900
Subject: [PATCH] Fix long-standing bug of admin-less mode.  GnuPG should be
 fixed.

---
 ChangeLog     | 5 +++++
 src/openpgp.c | 6 +++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 957376e..29b1d83 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2017-11-26  NIIBE Yutaka  <gniibe@fsij.org>
+
+	* src/openpgp.c (cmd_change_password): Bug fix for admin-less
+	mode.
+
 2017-11-26  NIIBE Yutaka  <gniibe@fsij.org>
 
 	* VERSION: 1.2.7.
diff --git a/src/openpgp.c b/src/openpgp.c
index 9ceed84..af79904 100644
--- a/src/openpgp.c
+++ b/src/openpgp.c
@@ -429,7 +429,11 @@ cmd_change_password (void)
       gpg_do_write_simple (NR_DO_KEYSTRING_PW1, new_ks0, KS_META_SIZE);
       ac_reset_pso_cds ();
       ac_reset_other ();
-      if (admin_authorized == BY_USER)
+      /* When it was already admin-less mode, admin_authorized is
+       * BY_USER.  If no PW3 keystring, it's becoming admin-less mode,
+       * now.  For these two cases, we need to reset admin
+       * authorization status.  */
+      if (admin_authorized == BY_USER || ks_pw3 == NULL)
 	ac_reset_admin ();
       DEBUG_INFO ("Changed length of DO_KEYSTRING_PW1.\r\n");
       GPG_SUCCESS ();