From: Andrej Kacian <ticho@claws-mail.org>
Date: Sun, 7 Feb 2016 18:51:20 +0000 (+0100)
Subject: Forget entered master password before trying to change it.
X-Git-Tag: 3.14.0~189
X-Git-Url: http://git.claws-mail.org/?p=claws.git;a=commitdiff_plain;h=fb564a461e8d8f343ed7e4eb1f8bcaa1cd1f48e3;ds=sidebyside

Forget entered master password before trying to change it.

This makes sure the user always has to input current master
password before he is allowed to change it.
---

diff --git a/src/password.c b/src/password.c
index 180f6f4ec..69d8c01ea 100644
--- a/src/password.c
+++ b/src/password.c
@@ -117,6 +117,17 @@ const gboolean master_password_is_correct(const gchar *input)
 	return FALSE;
 }
 
+void master_password_forget()
+{
+	/* If master password is currently in memory (entered by user),
+	 * get rid of it. User will have to enter the new one again. */
+	if (_master_password != NULL) {
+		memset(_master_password, 0, strlen(_master_password));
+		g_free(_master_password);
+	}
+	_master_password = NULL;
+}
+
 void master_password_change(const gchar *newp)
 {
 	gchar *pwd, *newpwd;
@@ -124,6 +135,10 @@ void master_password_change(const gchar *newp)
 	GList *cur;
 	PrefsAccount *acc;
 
+	/* Make sure the user has to enter the master password before
+	 * being able to change it. */
+	master_password_forget();
+
 	oldp = master_password();
 	g_return_if_fail(oldp != NULL);
 
@@ -190,13 +205,7 @@ void master_password_change(const gchar *newp)
 		}
 	}
 
-	/* If master password is currently in memory (entered by user),
-	 * get rid of it. User will have to enter the new one again. */
-	if (_master_password != NULL) {
-		memset(_master_password, 0, strlen(_master_password));
-		g_free(_master_password);
-	}
-	_master_password = NULL;
+	master_password_forget();
 }
 #endif
 
diff --git a/src/password.h b/src/password.h
index df18e34ec..e0126ff0f 100644
--- a/src/password.h
+++ b/src/password.h
@@ -29,6 +29,7 @@
 #ifndef PASSWORD_CRYPTO_OLD
 const gboolean master_password_is_set();
 const gboolean master_password_is_correct(const gchar *input);
+void master_password_forget();
 void master_password_change(const gchar *newp);
 #endif