From 79d37870accc7a08129404f101b0e0462b85720f Mon Sep 17 00:00:00 2001
From: Chris Cummer <chriscummer@me.com>
Date: Sat, 2 May 2020 15:44:44 -0700
Subject: [PATCH] * Fix secrets config mapping for HIBP * Prevent nil pointer
 dereference in ConfigureSecret()

Signed-off-by: Chris Cummer <chriscummer@me.com>
---
 cfg/secrets.go           | 6 +++++-
 modules/hibp/settings.go | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/cfg/secrets.go b/cfg/secrets.go
index 9d45dcf7f4..914408b0c1 100644
--- a/cfg/secrets.go
+++ b/cfg/secrets.go
@@ -42,7 +42,11 @@ func ConfigureSecret(
 	secret *string, // unfortunate order dependency...
 ) {
 	notWanted := func(out *string) bool {
-		return out == nil && *out != ""
+		if out == nil {
+			return false
+		}
+
+		return *out != ""
 	}
 
 	// Don't try to fetch from cred store if nothing is wanted.
diff --git a/modules/hibp/settings.go b/modules/hibp/settings.go
index cfb8e76a29..e4f2dfb5ed 100644
--- a/modules/hibp/settings.go
+++ b/modules/hibp/settings.go
@@ -44,9 +44,10 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co
 		globalConfig,
 		"https://haveibeenpwned.com/api",
 		"",
-		&settings.apiKey,
 		nil,
+		&settings.apiKey,
 	)
+
 	settings.colors.ok = ymlConfig.UString("colors.ok", "white")
 	settings.colors.pwned = ymlConfig.UString("colors.pwned", "red")