|
Lines 1083-1089
g_eli_taste(struct g_class *mp, struct g_provider *pp, int flags __unused)
Link Here
|
| 1083 |
tries = g_eli_tries; |
1083 |
tries = g_eli_tries; |
| 1084 |
} |
1084 |
} |
| 1085 |
|
1085 |
|
|
|
1086 |
/* |
| 1087 |
* CyberLeo: Attempt to decrypt the provider using only the keys, to avoid kern/193624 |
| 1088 |
*/ |
| 1089 |
g_eli_crypto_hmac_init(&ctx, NULL, 0); |
| 1090 |
if (0 < g_eli_keyfiles_load(&ctx, pp->name)) { |
| 1091 |
g_eli_crypto_hmac_final(&ctx, key, 0); |
| 1092 |
error = g_eli_mkey_decrypt(&md, key, mkey, &nkey); |
| 1093 |
bzero(key, sizeof(key)); |
| 1094 |
if (error == -1) { |
| 1095 |
G_ELI_DEBUG(0, |
| 1096 |
"Wrong key for %s.", |
| 1097 |
pp->name); |
| 1098 |
} else if (error > 0) { |
| 1099 |
G_ELI_DEBUG(0, |
| 1100 |
"Cannot decrypt Master Key for %s (error=%d).", |
| 1101 |
pp->name, error); |
| 1102 |
g_eli_keyfiles_clear(pp->name); |
| 1103 |
return (NULL); |
| 1104 |
} else { |
| 1105 |
G_ELI_DEBUG(0, |
| 1106 |
"Decrypted master key for %s without passphrase.", |
| 1107 |
pp->name); |
| 1108 |
tries = 0; |
| 1109 |
} |
| 1110 |
} else { |
| 1111 |
/* Cleanup */ |
| 1112 |
g_eli_crypto_hmac_final(&ctx, key, 0); |
| 1113 |
bzero(key, sizeof(key)); |
| 1114 |
} |
| 1115 |
|
| 1086 |
for (i = 0; i <= tries; i++) { |
1116 |
for (i = 0; i <= tries; i++) { |
|
|
1117 |
/* Avoid running loop at all if there are no tries */ |
| 1118 |
if (tries < 1) |
| 1119 |
break; |
| 1120 |
|
| 1087 |
g_eli_crypto_hmac_init(&ctx, NULL, 0); |
1121 |
g_eli_crypto_hmac_init(&ctx, NULL, 0); |
| 1088 |
|
1122 |
|
| 1089 |
/* |
1123 |
/* |
| 1090 |
- |
|
|