Date: Sat, 26 Mar 2016 15:39:48 +0000 (UTC) From: Allan Jude <allanjude@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r297293 - head/sys/boot/geli Message-ID: <201603261539.u2QFdmY9035757@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: allanjude Date: Sat Mar 26 15:39:48 2016 New Revision: 297293 URL: https://svnweb.freebsd.org/changeset/base/297293 Log: Do not prompt for GELI passphrase is encrypted with keys only PR: 208251 Submitted by: Fabian Keil <fk@fabiankeil.de> Sponsored by: ScaleEngine Inc. Modified: head/sys/boot/geli/geliboot.c Modified: head/sys/boot/geli/geliboot.c ============================================================================== --- head/sys/boot/geli/geliboot.c Sat Mar 26 12:19:27 2016 (r297292) +++ head/sys/boot/geli/geliboot.c Sat Mar 26 15:39:48 2016 (r297293) @@ -94,6 +94,11 @@ geli_taste(int read_func(void *vdev, voi /* Disk is not GELI boot device, skip it */ return (1); } + if (md.md_iterations < 0) { + /* XXX TODO: Support loading key files */ + /* Disk does not have a passphrase, skip it */ + return (1); + } geli_e = malloc(sizeof(struct geli_entry)); if (geli_e == NULL) return (2); @@ -137,7 +142,10 @@ geli_attach(struct dsk *dskp, const char /* * Prepare Derived-Key from the user passphrase. */ - if (geli_e->md.md_iterations == 0) { + if (geli_e->md.md_iterations < 0) { + /* XXX TODO: Support loading key files */ + return (1); + } else if (geli_e->md.md_iterations == 0) { g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt, sizeof(geli_e->md.md_salt)); g_eli_crypto_hmac_update(&ctx, passphrase,
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201603261539.u2QFdmY9035757>