aboutsummaryrefslogtreecommitdiff
path: root/sys/dev/safe/safe.c
diff options
context:
space:
mode:
authorPawel Jakub Dawidek <pjd@FreeBSD.org>2006-04-10 18:49:46 +0000
committerPawel Jakub Dawidek <pjd@FreeBSD.org>2006-04-10 18:49:46 +0000
commit2c87962602b1a4c83be8407d370a03cbbd75142f (patch)
tree040336c9c18ed45d6321dd983d065edd9a5b09a8 /sys/dev/safe/safe.c
parent483194fb9a1b16cc38630c0a22073d10207f3f23 (diff)
downloadsrc-2c87962602b1a4c83be8407d370a03cbbd75142f.tar.gz
src-2c87962602b1a4c83be8407d370a03cbbd75142f.zip
safe(4) doesn't support explicitly provided keys. Return an error instead
of encrypting/decrypting data with a wrong key.
Notes
Notes: svn path=/head/; revision=157641
Diffstat (limited to 'sys/dev/safe/safe.c')
-rw-r--r--sys/dev/safe/safe.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c
index 9d012f172de9..6dde6ad4e082 100644
--- a/sys/dev/safe/safe.c
+++ b/sys/dev/safe/safe.c
@@ -904,6 +904,13 @@ safe_process(void *arg, struct cryptop *crp, int hint)
}
crd2 = crd1->crd_next;
+ if ((crd1->crd_flags & CRD_F_KEY_EXPLICIT) ||
+ (crd2 != NULL && (crd2->crd_flags & CRD_F_KEY_EXPLICIT))) {
+ safestats.st_badflags++;
+ err = EINVAL;
+ goto errout;
+ }
+
cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */
cmd1 = 0;
if (crd2 == NULL) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-22 01:46:57 +0000