diff options
author | drebs <drebs@leap.se> | 2017-02-25 18:17:18 -0300 |
---|---|---|
committer | drebs <drebs@leap.se> | 2017-02-25 18:17:18 -0300 |
commit | a96801e7f3f4e6aeeb08355f7bac4f47b2454dac (patch) | |
tree | a334a6ddbf3ad5346bf2dffe85afaf00d9a1e475 | |
parent | 87b65c731bb32bb9f0953d23b750ac8e8fda9eab (diff) |
[bug] save client secret downloaded from remote storage
After refactor, the client secret bootstrap logic was flawed, and remote
secret was not being saved properly. This commit fixed that and tries to
improve the bootstrap code to make it more clear.
-rw-r--r-- | client/src/leap/soledad/client/_secrets/__init__.py | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/client/src/leap/soledad/client/_secrets/__init__.py b/client/src/leap/soledad/client/_secrets/__init__.py index bb8e9086..b6c81cda 100644 --- a/client/src/leap/soledad/client/_secrets/__init__.py +++ b/client/src/leap/soledad/client/_secrets/__init__.py @@ -48,29 +48,29 @@ class Secrets(UserDataMixin): # def _bootstrap(self): + # attempt to load secrets from local storage encrypted = self.storage.load_local() - - if not encrypted: - # we have not found a secret stored locally, so this is a first run - # of soledad for this user in this device. It is mandatory that we - # check if there's a secret stored in server. - encrypted = self.storage.load_remote() - if encrypted: - # we found a secret either in local or in remote storage, so we - # have to decrypt it. self._secrets = self.crypto.decrypt(encrypted) + # maybe update the format of storage of local secret. if encrypted['version'] < self.crypto.VERSION: - # there is a format version for secret storage that is newer - # than the one we found (either in local or remote storage), so - # we re-encrypt and store with the newest version. self.store_secrets() - else: - # we have *not* found a secret neither in local nor in remote - # storage, so we have to generate a new one, and store it. - self._secrets = self._generate() + return + + # no secret was found in local storage, so this is a first run of + # soledad for this user in this device. It is mandatory that we check + # if there's a secret stored in server. + encrypted = self.storage.load_remote() + if encrypted: + self._secrets = self.crypto.decrypt(encrypted) self.store_secrets() + return + + # we have *not* found a secret neither in local nor in remote storage, + # so we have to generate a new one, and then store it. + self._secrets = self._generate() + self.store_secrets() # # generation |