From 1a5e9cfb1ef0191e4b0f48599a39f01244b692e4 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Mon, 25 Jun 2018 22:38:27 +0200
Subject: trezor: reject password change on Trezor-enabled fs

This is not supported (yet? does it make sense?).
---
 main.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/main.go b/main.go
index 404a95b..4989370 100644
--- a/main.go
+++ b/main.go
@@ -70,8 +70,18 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
 // changePassword - change the password of config file "filename"
 // Does not return (calls os.Exit both on success and on error).
 func changePassword(args *argContainer) {
+	// Parse the config file, but do not unlock the master key. We only want to
+	// know if the Trezor flag is set.
+	_, cf1, err := configfile.Load(args.config, nil)
+	if err != nil {
+		tlog.Fatal.Printf("Cannot open config file: %v", err)
+		os.Exit(exitcodes.LoadConf)
+	}
+	if cf1.IsFeatureFlagSet(configfile.FlagTrezor) {
+		tlog.Fatal.Printf("Password change is not supported on Trezor-enabled filesystems.")
+		os.Exit(exitcodes.Usage)
+	}
 	var confFile *configfile.ConfFile
-	var err error
 	{
 		var masterkey []byte
 		masterkey, confFile, err = loadConfig(args)
-- 
cgit v1.2.3