diff options
author | Pawel Jakub Dawidek <pjd@FreeBSD.org> | 2006-04-10 18:49:46 +0000 |
---|---|---|
committer | Pawel Jakub Dawidek <pjd@FreeBSD.org> | 2006-04-10 18:49:46 +0000 |
commit | 2c87962602b1a4c83be8407d370a03cbbd75142f (patch) | |
tree | 040336c9c18ed45d6321dd983d065edd9a5b09a8 /sys/dev/safe/safe.c | |
parent | 483194fb9a1b16cc38630c0a22073d10207f3f23 (diff) | |
download | src-2c87962602b1a4c83be8407d370a03cbbd75142f.tar.gz src-2c87962602b1a4c83be8407d370a03cbbd75142f.zip |
safe(4) doesn't support explicitly provided keys. Return an error instead
of encrypting/decrypting data with a wrong key.
Notes
Notes:
svn path=/head/; revision=157641
Diffstat (limited to 'sys/dev/safe/safe.c')
-rw-r--r-- | sys/dev/safe/safe.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/sys/dev/safe/safe.c b/sys/dev/safe/safe.c index 9d012f172de9..6dde6ad4e082 100644 --- a/sys/dev/safe/safe.c +++ b/sys/dev/safe/safe.c @@ -904,6 +904,13 @@ safe_process(void *arg, struct cryptop *crp, int hint) } crd2 = crd1->crd_next; + if ((crd1->crd_flags & CRD_F_KEY_EXPLICIT) || + (crd2 != NULL && (crd2->crd_flags & CRD_F_KEY_EXPLICIT))) { + safestats.st_badflags++; + err = EINVAL; + goto errout; + } + cmd0 = SAFE_SA_CMD0_BASIC; /* basic group operation */ cmd1 = 0; if (crd2 == NULL) { |