Browse Source

We shouldn't do a password check if the user didn't give us one.

tags/v0.1^2
Ben Kurtovic 12 years ago
parent
commit
fc060da51b
1 changed files with 3 additions and 3 deletions
  1. +3
    -3
      earwigbot/config.py

+ 3
- 3
earwigbot/config.py View File

@@ -283,9 +283,9 @@ class BotConfig(object):
if not self._decryption_cipher:
key = getpass("Enter key to decrypt bot passwords: ")
self._decryption_cipher = Blowfish.new(sha256(key).digest())
signature = self.metadata["signature"]
if bcrypt.hashpw(key, signature) != signature:
raise RuntimeError("Incorrect password.")
signature = self.metadata["signature"]
if bcrypt.hashpw(key, signature) != signature:
raise RuntimeError("Incorrect password.")
for node, nodes in self._decryptable_nodes:
self._decrypt(node, nodes)



Loading…
Cancel
Save