geli: Fix geli setkey -J for detached providers

Clear cached_passphrase before generating a new key, otherwise the operation nonsensically tries to reuse the old passphrase. PR: 254966 Pull Request: https://github.com/freebsd/freebsd-src/pull/780 MFC after: 1 week
2024-07-22 18:56:38 +00:00 · 2023-08-28 10:54:18 -04:00 · 2023-08-28 10:54:18 -04:00 · 88d13bf337
parent f006023b22
commit 88d13bf337
1 changed files with 6 additions and 0 deletions
--- a/lib/geom/eli/geom_eli.c
+++ b/lib/geom/eli/geom_eli.c
@ -1421,6 +1421,12 @@ eli_setkey_detached(struct gctl_req *req, const char *prov,
 	bcopy(mkey, mkeydst, sizeof(mkey));
 	explicit_bzero(mkey, sizeof(mkey));

+	/*
+	 * The previous eli_genkey() set cached_passphrase, we do not want to
+	 * use that for the new passphrase so always prompt for it
+	 */
+	explicit_bzero(cached_passphrase, sizeof(cached_passphrase));
+
 	/* Generate key for Master Key encryption. */
 	if (eli_genkey_single(req, md, key, true) == NULL) {
 		explicit_bzero(key, sizeof(key));