d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not prompt for GELI passphrase is encrypted with keys only

Browse Source 
PR:		208251
Submitted by:	Fabian Keil <fk@fabiankeil.de>
Sponsored by:	ScaleEngine Inc.
This commit is contained in:
Allan Jude 2016-03-26 15:39:48 +00:00
parent 8cc018c369
commit 7156379416
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/boot/geli/geliboot.c
View File

@ -94,6 +94,11 @@ geli_taste(int read_func(void *vdev, void *priv, off_t off, void *buf,
/* Disk is not GELI boot device, skip it */ /* Disk is not GELI boot device, skip it */
return (1); return (1);
} }
if (md.md_iterations < 0) {
/* XXX TODO: Support loading key files */
/* Disk does not have a passphrase, skip it */
return (1);
}
geli_e = malloc(sizeof(struct geli_entry)); geli_e = malloc(sizeof(struct geli_entry));
if (geli_e == NULL) if (geli_e == NULL)
return (2); return (2);
@ -137,7 +142,10 @@ geli_attach(struct dsk *dskp, const char *passphrase)
/* /*
* Prepare Derived-Key from the user passphrase. * Prepare Derived-Key from the user passphrase.
*/ */
if (geli_e->md.md_iterations == 0) { if (geli_e->md.md_iterations < 0) {
/* XXX TODO: Support loading key files */
return (1);
} else if (geli_e->md.md_iterations == 0) {
g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt, g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt,
sizeof(geli_e->md.md_salt)); sizeof(geli_e->md.md_salt));
g_eli_crypto_hmac_update(&ctx, passphrase, g_eli_crypto_hmac_update(&ctx, passphrase,