Commit 53ec9327 authored by segfault's avatar segfault

Make sure that the password does not get hashed twice (refs: #17135)

parent e841ac26
......@@ -41,11 +41,14 @@ class AdminSetting(object):
if os.path.exists(self.settings_file):
raise
def load(self) -> {str, None}:
def load(self) -> {True, None}:
try:
settings = read_settings(self.settings_file)
except FileNotFoundError:
logging.debug("No persistent admin settings file found (path: %s)", self.settings_file)
return None
return settings.get('TAILS_USER_PASSWORD')
# We don't actually return the stored value, because the UI can't do
# anything with it since it's hashed. Instead, we just return whether
# a value is stored or not.
return bool(settings.get('TAILS_USER_PASSWORD'))
......@@ -116,18 +116,23 @@ class AdminSettingUI(AdditionalSetting):
return password == self.password_verify_entry.get_text()
def apply(self):
# This writes the password to a file from which it will be set
# as the amnesia password when the greeter is closed.
if self.password:
if self.password is True:
# This should only be the case if the persistent storage was
# unlocked and a persistent password settings file was found.
# In that case, we just want to keep the existing settings file.
pass
elif self.password:
# Write the password to a file from which it will be set
# as the amnesia password when the greeter is closed.
self._admin_setting.save(self.password)
else:
self._admin_setting.delete()
super().apply()
def load(self) -> bool:
password = self._admin_setting.load()
if password:
self.password = password
loaded = self._admin_setting.load()
if loaded:
self.password = True
return True
return False
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment