From 4dae26be1c18fbaab59487036b239ecd47b40237 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Wed, 7 Jan 2009 18:11:10 +0000
Subject: --key and --salt have now higher priority than a passphrase

---
 src/key_derivation.c | 26 ++++++++++++--------------
 1 file changed, 12 insertions(+), 14 deletions(-)

(limited to 'src/key_derivation.c')

diff --git a/src/key_derivation.c b/src/key_derivation.c
index f2094e0..d78a493 100644
--- a/src/key_derivation.c
+++ b/src/key_derivation.c
@@ -127,6 +127,12 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
   if(!kd || !passphrase)
     return -1;
 
+  if(kd->master_key_.buf_) {
+    log_printf(ERR, "master key and passphrase provided, ignoring passphrase");
+    return 0;
+  }    
+  log_printf(NOTICE, "using passphrase to generate master key");
+
   if(!key_length || (key_length % 8)) {
     log_printf(ERR, "bad master key length");
     return -1;
@@ -141,13 +147,6 @@ int key_derivation_generate_master_key(key_derivation_t* kd, const char* passphr
     return -1;
   }
 
-  if(kd->master_key_.buf_) {
-    log_printf(ERR, "master key and passphrase provided, overwriting given master key");
-    free(kd->master_key_.buf_);
-    kd->master_key_.buf_ = NULL;
-    kd->master_key_.length_ = 0;
-  }    
-
   buffer_t digest;
 #ifndef USE_SSL_CRYPTO
   digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA256);
@@ -184,6 +183,12 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
   if(!kd || !passphrase)
     return -1;
 
+  if(kd->master_salt_.buf_) {
+    log_printf(ERR, "master salt and passphrase provided, ignoring passphrase");
+    return 0;
+  }    
+  log_printf(NOTICE, "using passphrase to generate master salt");
+
   if(!salt_length || (salt_length % 8)) {
     log_printf(ERR, "bad master salt length");
     return -1;
@@ -198,13 +203,6 @@ int key_derivation_generate_master_salt(key_derivation_t* kd, const char* passph
     return -1;
   }
 
-  if(kd->master_salt_.buf_) {
-    log_printf(ERR, "master salt and passphrase provided, overwriting given master salt");
-    free(kd->master_salt_.buf_);
-    kd->master_salt_.buf_ = NULL;
-    kd->master_salt_.length_ = 0;
-  }    
-
   buffer_t digest;
 #ifndef USE_SSL_CRYPTO
   digest.length_ = gcry_md_get_algo_dlen(GCRY_MD_SHA1);
-- 
cgit v1.2.3