50fe3717a6
If GELI provider was created on FreeBSD HEAD r238116 or later (but before this change), it is using very weak keys and the data is not protected. The bug was introduced on 4th July 2012. One can verify if its provider was created with weak keys by running: # geli dump <provider> | grep version If the version is 7 and the system didn't include this fix when provider was initialized, then the data has to be backed up, underlying provider overwritten with random data, system upgraded and provider recreated. Reported by: Fabian Keil <fk@fabiankeil.de> Tested by: Fabian Keil <fk@fabiankeil.de> Discussed with: so MFC after: 3 days |
||
---|---|---|
.. | ||
g_eli_crypto.c | ||
g_eli_ctl.c | ||
g_eli_integrity.c | ||
g_eli_key_cache.c | ||
g_eli_key.c | ||
g_eli_privacy.c | ||
g_eli.c | ||
g_eli.h | ||
pkcs5v2.c | ||
pkcs5v2.h |