diff options
| author | pjd <pjd@FreeBSD.org> | 2006-06-06 22:06:24 +0000 |
|---|---|---|
| committer | pjd <pjd@FreeBSD.org> | 2006-06-06 22:06:24 +0000 |
| commit | ec70ef58cb0b1e1ae85196811da2e42d64dac5a0 (patch) | |
| tree | 2a855b24d212057fbebbf49f60b05e7ab78a75c5 /sbin | |
| parent | 88f89f303f98a490372396329e6e2b207a3a08d3 (diff) | |
| download | FreeBSD-src-ec70ef58cb0b1e1ae85196811da2e42d64dac5a0.zip FreeBSD-src-ec70ef58cb0b1e1ae85196811da2e42d64dac5a0.tar.gz | |
Allow to use the old -a option to specify an encryption algorithm to use
(for backward compatibility), but print a warning to inform about the
change.
Diffstat (limited to 'sbin')
| -rw-r--r-- | sbin/geom/class/eli/geom_eli.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/sbin/geom/class/eli/geom_eli.c b/sbin/geom/class/eli/geom_eli.c index 90df179..eac6a80 100644 --- a/sbin/geom/class/eli/geom_eli.c +++ b/sbin/geom/class/eli/geom_eli.c @@ -527,22 +527,40 @@ eli_init(struct gctl_req *req) md.md_flags = 0; if (gctl_get_int(req, "boot")) md.md_flags |= G_ELI_FLAG_BOOT; + md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1; str = gctl_get_ascii(req, "aalgo"); if (strcmp(str, "none") != 0) { md.md_aalgo = g_eli_str2aalgo(str); - if (md.md_aalgo < CRYPTO_ALGORITHM_MIN || - md.md_aalgo > CRYPTO_ALGORITHM_MAX) { - gctl_error(req, "Invalid authentication algorithm."); - return; + if (md.md_aalgo >= CRYPTO_ALGORITHM_MIN && + md.md_aalgo <= CRYPTO_ALGORITHM_MAX) { + md.md_flags |= G_ELI_FLAG_AUTH; + } else { + /* + * For backward compatibility, check if the -a option + * was used to provide encryption algorithm. + */ + md.md_ealgo = g_eli_str2ealgo(str); + if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || + md.md_ealgo > CRYPTO_ALGORITHM_MAX) { + gctl_error(req, + "Invalid authentication algorithm."); + return; + } else { + fprintf(stderr, "warning: The -e option, not " + "the -a option is now used to specify " + "encryption algorithm to use.\n"); + } } - md.md_flags |= G_ELI_FLAG_AUTH; } - str = gctl_get_ascii(req, "ealgo"); - md.md_ealgo = g_eli_str2ealgo(str); if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || md.md_ealgo > CRYPTO_ALGORITHM_MAX) { - gctl_error(req, "Invalid encryption algorithm."); - return; + str = gctl_get_ascii(req, "ealgo"); + md.md_ealgo = g_eli_str2ealgo(str); + if (md.md_ealgo < CRYPTO_ALGORITHM_MIN || + md.md_ealgo > CRYPTO_ALGORITHM_MAX) { + gctl_error(req, "Invalid encryption algorithm."); + return; + } } val = gctl_get_intmax(req, "keylen"); md.md_keylen = val; |
