From 4e0230bdbc9cf893099919170a10e44f84422747 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Mon, 27 Jan 2020 20:16:35 -0800
Subject: actions/recovery: revert protector if it can't be added to policy

Ensure that a failed AddRecoveryPassphrase() doesn't leave around an
unneeded protector file.
---
 actions/recovery.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/actions/recovery.go b/actions/recovery.go
index 32d0030..1c55ec5 100644
--- a/actions/recovery.go
+++ b/actions/recovery.go
@@ -78,6 +78,7 @@ func AddRecoveryPassphrase(policy *Policy, dirname string) (*crypto.Key, *Protec
 		seq++
 	}
 	if err := policy.AddProtector(recoveryProtector); err != nil {
+		recoveryProtector.Revert()
 		return nil, nil, err
 	}
 	return passphrase, recoveryProtector, nil
-- 
cgit v1.2.3