The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=88d13bf33754bd4b0c5df92eef83d6fadb9b4944
commit 88d13bf33754bd4b0c5df92eef83d6fadb9b4944 Author: Arjan de Vet <[email protected]> AuthorDate: 2023-08-28 14:54:18 +0000 Commit: Mark Johnston <[email protected]> CommitDate: 2023-08-28 15:03:55 +0000 geli: Fix geli setkey -J for detached providers Clear cached_passphrase before generating a new key, otherwise the operation nonsensically tries to reuse the old passphrase. PR: 254966 Pull Request: https://github.com/freebsd/freebsd-src/pull/780 MFC after: 1 week --- lib/geom/eli/geom_eli.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/geom/eli/geom_eli.c b/lib/geom/eli/geom_eli.c index 6cbb23230fa5..1efb760830c4 100644 --- a/lib/geom/eli/geom_eli.c +++ b/lib/geom/eli/geom_eli.c @@ -1421,6 +1421,12 @@ eli_setkey_detached(struct gctl_req *req, const char *prov, bcopy(mkey, mkeydst, sizeof(mkey)); explicit_bzero(mkey, sizeof(mkey)); + /* + * The previous eli_genkey() set cached_passphrase, we do not want to + * use that for the new passphrase so always prompt for it + */ + explicit_bzero(cached_passphrase, sizeof(cached_passphrase)); + /* Generate key for Master Key encryption. */ if (eli_genkey_single(req, md, key, true) == NULL) { explicit_bzero(key, sizeof(key));
