From ff04b1d83ab120197add2fe4d6f6d3ff7a34f1ff Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher <jakobunt@gmail.com>
Date: Sat, 9 May 2020 16:32:11 +0200
Subject: [PATCH] main: untangle `-masterkey` handling and config loading

This was handled both in getMasterKey(). Split it apart.
---
 main.go      |  9 +++++----
 masterkey.go | 35 +++++++++++------------------------
 mount.go     | 18 ++++++++++++++++--
 3 files changed, 32 insertions(+), 30 deletions(-)

diff --git a/main.go b/main.go
index 3ec2f31..f81174b 100644
--- a/main.go
+++ b/main.go
@@ -32,7 +32,8 @@ var BuildDate = "0000-00-00"
 // raceDetector is set to true by race.go if we are compiled with "go build -race"
 var raceDetector bool
 
-// loadConfig loads the config file "args.config", prompting the user for the password
+// loadConfig loads the config file `args.config` and decrypts the masterkey,
+// or gets via the `-masterkey` or `-zerokey` command line options, if specified.
 func loadConfig(args *argContainer) (masterkey []byte, cf *configfile.ConfFile, err error) {
 	// First check if the file can be read at all.
 	cf, err = configfile.Load(args.config)
@@ -40,10 +41,10 @@ func loadConfig(args *argContainer) (masterkey []byte, cf *configfile.ConfFile,
 		tlog.Fatal.Printf("Cannot open config file: %v", err)
 		return nil, nil, err
 	}
-	// The user has passed the master key on the command line (probably because
+	// The user may have passed the master key on the command line (probably because
 	// he forgot the password).
-	if args.masterkey != "" {
-		masterkey = unhexMasterKey(args.masterkey, false)
+	masterkey = handleArgsMasterkey(args)
+	if masterkey != nil {
 		return masterkey, cf, nil
 	}
 	pw := readpassword.Once([]string(args.extpass), args.passfile, "")
diff --git a/masterkey.go b/masterkey.go
index 3d3b951..7b6779d 100644
--- a/masterkey.go
+++ b/masterkey.go
@@ -5,7 +5,6 @@ import (
 	"os"
 	"strings"
 
-	"github.com/rfjakob/gocryptfs/internal/configfile"
 	"github.com/rfjakob/gocryptfs/internal/cryptocore"
 	"github.com/rfjakob/gocryptfs/internal/exitcodes"
 	"github.com/rfjakob/gocryptfs/internal/readpassword"
@@ -34,21 +33,18 @@ func unhexMasterKey(masterkey string, fromStdin bool) []byte {
 	return key
 }
 
-// getMasterKey looks at "args" to determine where the master key should come
-// from (-masterkey=a-b-c-d or stdin or from the config file).
-// If it comes from the config file, the user is prompted for the password
-// and a ConfFile instance is returned.
-// Calls os.Exit on failure.
-func getMasterKey(args *argContainer) (masterkey []byte, confFile *configfile.ConfFile) {
-	masterkeyFromStdin := false
+// handleArgsMasterkey looks at `args.masterkey` and `args.zerokey`, gets the
+// masterkey from the source the user wanted (string on the command line, stdin, all-zero),
+// and returns it in binary. Returns nil if no masterkey source was specified.
+func handleArgsMasterkey(args *argContainer) (masterkey []byte) {
 	// "-masterkey=stdin"
 	if args.masterkey == "stdin" {
-		args.masterkey = string(readpassword.Once(nil, "", "Masterkey"))
-		masterkeyFromStdin = true
+		in := string(readpassword.Once(nil, "", "Masterkey"))
+		return unhexMasterKey(in, true)
 	}
 	// "-masterkey=941a6029-3adc6a1c-..."
 	if args.masterkey != "" {
-		return unhexMasterKey(args.masterkey, masterkeyFromStdin), nil
+		return unhexMasterKey(args.masterkey, false)
 	}
 	// "-zerokey"
 	if args.zerokey {
@@ -56,18 +52,9 @@ func getMasterKey(args *argContainer) (masterkey []byte, confFile *configfile.Co
 		tlog.Info.Printf(tlog.ColorYellow +
 			"ZEROKEY MODE PROVIDES NO SECURITY AT ALL AND SHOULD ONLY BE USED FOR TESTING." +
 			tlog.ColorReset)
-		return make([]byte, cryptocore.KeyLen), nil
+		return make([]byte, cryptocore.KeyLen)
 	}
-	var err error
-	// Load master key from config file (normal operation).
-	// Prompts the user for the password.
-	masterkey, confFile, err = loadConfig(args)
-	if err != nil {
-		if args._ctlsockFd != nil {
-			// Close the socket file (which also deletes it)
-			args._ctlsockFd.Close()
-		}
-		exitcodes.Exit(err)
-	}
-	return masterkey, confFile
+	// No master key source specified on the command line. Caller must parse
+	// the config file.
+	return nil
 }
diff --git a/mount.go b/mount.go
index 6d9dd8f..c0ef190 100644
--- a/mount.go
+++ b/mount.go
@@ -232,8 +232,22 @@ type ctlsockFs interface {
 // initFuseFrontend - initialize gocryptfs/fusefrontend
 // Calls os.Exit on errors
 func initFuseFrontend(args *argContainer) (pfs pathfs.FileSystem, wipeKeys func()) {
-	// Get master key (may prompt for the password) and read config file
-	masterkey, confFile := getMasterKey(args)
+	var err error
+	var confFile *configfile.ConfFile
+	// Get the masterkey from the command line if it was specified
+	masterkey := handleArgsMasterkey(args)
+	// Otherwise, load masterkey from config file (normal operation).
+	// Prompts the user for the password.
+	if masterkey == nil {
+		masterkey, confFile, err = loadConfig(args)
+		if err != nil {
+			if args._ctlsockFd != nil {
+				// Close the socket file (which also deletes it)
+				args._ctlsockFd.Close()
+			}
+			exitcodes.Exit(err)
+		}
+	}
 	// Reconciliate CLI and config file arguments into a fusefrontend.Args struct
 	// that is passed to the filesystem implementation
 	cryptoBackend := cryptocore.BackendGoGCM