From a331be73bf6ad53214facd054db4edd991e18c8e Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 24 Apr 2015 15:58:12 +0100
Subject: [PATCH] Fix encrypted password comparision.

---
 src/controller.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/controller.c b/src/controller.c
index c7a6d4055d..c207e6615d 100644
--- a/src/controller.c
+++ b/src/controller.c
@@ -199,7 +199,10 @@ rspamd_is_encrypted_password (const gchar *password,
 
 			if ((endptr == NULL || *endptr == *end) && id == RSPAMD_PBKDF_ID_V1) {
 				ret = TRUE;
-				*pbkdf = &pbkdf_list[0];
+
+				if (pbkdf != NULL) {
+					*pbkdf = &pbkdf_list[0];
+				}
 			}
 		}
 	}
@@ -261,7 +264,7 @@ static gboolean rspamd_check_encrypted_password (const gchar * password,
 			return FALSE;
 		}
 
-		key_decoded = rspamd_decode_base32 (hash, 0, &key_len);
+		key_decoded = rspamd_decode_base32 (hash, key_len, &key_len);
 
 		if (key_decoded == NULL || key_len != pbkdf->key_len) {
 			/* We have some unknown salt here */
@@ -271,7 +274,8 @@ static gboolean rspamd_check_encrypted_password (const gchar * password,
 		}
 
 		local_key = g_alloca (pbkdf->key_len);
-		rspamd_cryptobox_pbkdf (password, strlen (password), salt, salt_len,
+		rspamd_cryptobox_pbkdf (password, strlen (password),
+				salt_decoded, salt_len,
 				local_key, pbkdf->key_len, pbkdf->rounds);
 
 		if (!rspamd_constant_memcmp (key_decoded, local_key, pbkdf->key_len)) {
-- 
2.47.3