Fix admin-less mode -> admin-full mode change.
authorNIIBE Yutaka <gniibe@fsij.org>
Thu, 5 Apr 2018 03:13:45 +0000 (12:13 +0900)
committerNIIBE Yutaka <gniibe@fsij.org>
Thu, 5 Apr 2018 03:13:45 +0000 (12:13 +0900)
ChangeLog
src/openpgp.c

index 8e381e1..b6af5ba 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2018-04-05  NIIBE Yutaka  <gniibe@fsij.org>
+
+       * src/openpgp.c (cmd_change_password): Care admin-less mode.
+
 2018-04-04  NIIBE Yutaka  <gniibe@fsij.org>
 
        * tests: Add more tests, key generation and KDF support.
index f097287..134a8d2 100644 (file)
@@ -366,8 +366,24 @@ cmd_change_password (void)
 
       if (ks_pw3 == NULL)
        {
-         salt = NULL;
-         salt_len = 0;
+         if (admin_authorized == BY_USER)
+           {
+             const uint8_t *ks_pw1 = gpg_do_read_simple (NR_DO_KEYSTRING_PW1);
+
+             if (ks_pw1 == NULL)
+               {
+                 GPG_SECURITY_FAILURE ();
+                 return;
+               }
+
+             salt = KS_GET_SALT (ks_pw1);
+             salt_len = SALT_SIZE;
+           }
+         else
+           {
+             salt = NULL;
+             salt_len = 0;
+           }
        }
       else
        {