apache
diff --git a/‎pom.xml
+49 b/‎pom.xml
+49
diff --git a/‎src/it/sign-release-without-passphrase/invoker.properties
+18 b/‎src/it/sign-release-without-passphrase/invoker.properties
+18
diff --git a/‎src/it/sign-release-without-passphrase/pom.xml
+100 b/‎src/it/sign-release-without-passphrase/pom.xml
+100
diff --git a/‎src/it/sign-release-without-passphrase/verify.bsh
+38 b/‎src/it/sign-release-without-passphrase/verify.bsh
+38
diff --git a/‎src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
+28-8 b/‎src/main/java/org/apache/maven/plugins/gpg/GpgSigner.java
+28-8
diff --git a/‎src/test/java/org/apache/maven/plugins/gpg/it/BuildResult.java
+48 b/‎src/test/java/org/apache/maven/plugins/gpg/it/BuildResult.java
+48
@@ -65,6 +65,7 @@ under the License.
     <mavenVersion>3.0</mavenVersion>
     <javaVersion>7</javaVersion>
     <project.build.outputTimestamp>2020-04-12T12:45:04Z</project.build.outputTimestamp>
+    <resource.delimiter>@</resource.delimiter>
   </properties>
 
   <dependencies>
@@ -145,9 +146,33 @@ under the License.
       <version>2.2</version>
       <scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>org.apache.maven.shared</groupId>
+      <artifactId>maven-invoker</artifactId>
+      <version>3.1.0</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 
   <build>
+    <testResources>
+      <testResource>
+        <directory>${basedir}/src/test/resources</directory>
+        <filtering>true</filtering>
+        <includes>
+          <include>**/pom.xml</include>
+          <include>**/settings.xml</include>
+        </includes>
+      </testResource>
+      <testResource>
+        <directory>${basedir}/src/test/resources</directory>
+        <excludes>
+          <exclude>**/pom.xml</exclude>
+          <exclude>**/settings.xml</exclude>
+        </excludes>
+      </testResource>
+    </testResources>
+
     <pluginManagement>
       <plugins>
         <plugin>
@@ -205,6 +230,30 @@ under the License.
       <id>run-its</id>
       <build>
         <plugins>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-failsafe-plugin</artifactId>
+            <executions>
+              <execution>
+                <goals>
+                  <goal>integration-test</goal>
+                  <goal>verify</goal>
+                </goals>
+              </execution>
+            </executions>
+            <configuration>
+              <environmentVariables>
+                <JENKINS_MAVEN_AGENT_DISABLED>true</JENKINS_MAVEN_AGENT_DISABLED>
+              </environmentVariables>
+              <systemPropertyVariables>
+                <maven.home>${maven.home}</maven.home>
+                <https.protocols>${https.protocols}</https.protocols>
+                <gpg.homedir>${project.build.testOutputDirectory}/gnupg</gpg.homedir>
+                <localRepositoryPath>${project.build.directory}/local-repo</localRepositoryPath>
+                <settingsFile>/it/settings.xml</settingsFile>
+              </systemPropertyVariables>
+            </configuration>
+          </plugin>
           <plugin>
             <groupId>org.apache.maven.plugins</groupId>
             <artifactId>maven-invoker-plugin</artifactId>
 
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+invoker.buildResult = failure
@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>org.apache.maven.its.gpg.srwop</groupId>
+  <artifactId>test</artifactId>
+  <version>1.0</version>
+  <packaging>jar</packaging>
+
+  <description>
+    Tests that signing with a missing passphrase in Maven batch mode (non-interactive mode) does not hang.
+  </description>
+
+  <properties>
+    <maven.test.skip>true</maven.test.skip>
+  </properties>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>2.0.2</version>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-gpg-plugin</artifactId>
+        <version>@project.version@</version>
+        <configuration>
+          <passphraseServerId>non-existent</passphraseServerId>
+        </configuration>
+        <executions>
+          <execution>
+            <id>sign-artifacts</id>
+            <goals>
+              <goal>sign</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-install-plugin</artifactId>
+        <version>2.2</version>
+        <configuration>
+          <updateReleaseInfo>true</updateReleaseInfo>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-jar-plugin</artifactId>
+        <version>2.1</version>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-resources-plugin</artifactId>
+        <version>2.2</version>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-source-plugin</artifactId>
+        <version>2.0.4</version>
+        <executions>
+          <execution>
+            <id>attach-sources</id>
+            <goals>
+              <goal>jar</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <version>2.3.1</version>
+      </plugin>
+    </plugins>
+  </build>
+
+</project>
@@ -0,0 +1,38 @@
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.*;
+import org.codehaus.plexus.util.FileUtils;
+
+File buildLog = new File( basedir, "build.log" );
+String logContent = FileUtils.fileRead(buildLog);
+
+// assert that the Maven build properly failed and did not time out
+if ( !logContent.contains( "Total time: " ) || !logContent.contains( "Finished at: " ) )
+{
+	throw new Exception( "Maven build did not fail, but timed out" );
+}
+
+// assert that the Maven build failed, because pinentry is not allowed in non-interactive mode
+if ( !logContent.contains( "[GNUPG:] FAILURE sign 67108949" ) )
+{
+	throw new Exception( "Maven build did not fail in consequence of pinentry not being available to GPG" );
+}
+
@@ -97,20 +97,25 @@ protected void generateSignatureForFile( File file, File signature )
                 cmd.createArg().setValue( "--no-use-agent" );
             }
         }
-        else
-        {
-            cmd.createArg().setValue( "--pinentry-mode" );
-            cmd.createArg().setValue( "loopback" );
-        }
 
         InputStream in = null;
         if ( null != passphrase )
         {
-            // make --passphrase-fd effective in gpg2
-            cmd.createArg().setValue( "--batch" );
+            if ( gpgVersion.isAtLeast( GpgVersion.parse( "2.0" ) ) )
+            {
+                // required for option --passphrase-fd since GPG 2.0
+                cmd.createArg().setValue( "--batch" );
+            }
 
-            cmd.createArg().setValue( "--passphrase-fd" );
+            if ( gpgVersion.isAtLeast( GpgVersion.parse( "2.1" ) ) )
+            {
+                // required for option --passphrase-fd since GPG 2.1
+                cmd.createArg().setValue( "--pinentry-mode" );
+                cmd.createArg().setValue( "loopback" );
+            }
 
+            // make --passphrase-fd effective in gpg2
+            cmd.createArg().setValue( "--passphrase-fd" );
             cmd.createArg().setValue( "0" );
 
             // Prepare the input stream which will be used to pass the passphrase to the executable
@@ -128,9 +133,24 @@ protected void generateSignatureForFile( File file, File signature )
 
         cmd.createArg().setValue( "--detach-sign" );
 
+        if ( getLog().isDebugEnabled() )
+        {
+            // instruct GPG to write status information to stdout
+            cmd.createArg().setValue( "--status-fd" );
+            cmd.createArg().setValue( "1" );
+        }
+
         if ( !isInteractive )
         {
+            cmd.createArg().setValue( "--batch" );
             cmd.createArg().setValue( "--no-tty" );
+
+            if ( null == passphrase && gpgVersion.isAtLeast( GpgVersion.parse( "2.1" ) ) )
+            {
+                // prevent GPG from spawning input prompts in Maven non-interactive mode
+                cmd.createArg().setValue( "--pinentry-mode" );
+                cmd.createArg().setValue( "error" );
+            }
         }
 
         if ( !defaultKeyring )
 
@@ -0,0 +1,48 @@
+package org.apache.maven.plugins.gpg.it;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.File;
+
+import org.apache.maven.shared.invoker.InvocationResult;
+
+public class BuildResult
+{
+
+    private final File buildLog;
+    private final InvocationResult invocationResult;
+
+    public BuildResult( final File buildLog, final InvocationResult invocationResult )
+    {
+        this.buildLog = buildLog;
+        this.invocationResult = invocationResult;
+    }
+
+    public File getBuildLog()
+    {
+        return buildLog;
+    }
+
+    public InvocationResult getInvocationResult()
+    {
+        return invocationResult;
+    }
+
+}