mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-15 21:05:08 +00:00
geli: Fix geli setkey -J for detached providers
Clear cached_passphrase before generating a new key, otherwise the operation nonsensically tries to reuse the old passphrase. PR: 254966 Pull Request: https://github.com/freebsd/freebsd-src/pull/780 MFC after: 1 week
This commit is contained in:
parent
f006023b22
commit
88d13bf337
|
@ -1421,6 +1421,12 @@ eli_setkey_detached(struct gctl_req *req, const char *prov,
|
||||||
bcopy(mkey, mkeydst, sizeof(mkey));
|
bcopy(mkey, mkeydst, sizeof(mkey));
|
||||||
explicit_bzero(mkey, sizeof(mkey));
|
explicit_bzero(mkey, sizeof(mkey));
|
||||||
|
|
||||||
|
/*
|
||||||
|
* The previous eli_genkey() set cached_passphrase, we do not want to
|
||||||
|
* use that for the new passphrase so always prompt for it
|
||||||
|
*/
|
||||||
|
explicit_bzero(cached_passphrase, sizeof(cached_passphrase));
|
||||||
|
|
||||||
/* Generate key for Master Key encryption. */
|
/* Generate key for Master Key encryption. */
|
||||||
if (eli_genkey_single(req, md, key, true) == NULL) {
|
if (eli_genkey_single(req, md, key, true) == NULL) {
|
||||||
explicit_bzero(key, sizeof(key));
|
explicit_bzero(key, sizeof(key));
|
||||||
|
|
Loading…
Reference in a new issue