X-Git-Url: http://git.vrable.net/?a=blobdiff_plain;f=bluesky%2Fcloudlog.c;h=0570c5db0d4a60bd8a3b017c575615390280e352;hb=e692553e85c46324aaeb36c6e737339ddae115a0;hp=64183b718aa2d74dc713743aac6c143b15387a81;hpb=afc95f0ab2900a311802028f1b811867fa3c0c31;p=bluesky.git

diff --git a/bluesky/cloudlog.c b/bluesky/cloudlog.c
index 64183b7..0570c5d 100644
--- a/bluesky/cloudlog.c
+++ b/bluesky/cloudlog.c
@@ -558,10 +558,16 @@ void bluesky_cloudlog_encrypt(GString *segment, BlueSkyCryptKeys *keys)
 
 /* Make an decryption pass over a cloud log segment to decrypt items which were
  * encrypted.  Also computes a list of all offsets which at which valid
- * cloud log items are found and adds those offsets to items (if non-NULL). */
+ * cloud log items are found and adds those offsets to items (if non-NULL).
+ *
+ * If allow_unauth is set to true, then allow a limited set of unauthenticated
+ * items that may have been rewritten by a file system cleaner.  These include
+ * the checkpoint and inode map records only; other items must still pass
+ * authentication. */
 void bluesky_cloudlog_decrypt(char *segment, size_t len,
                               BlueSkyCryptKeys *keys,
-                              BlueSkyRangeset *items)
+                              BlueSkyRangeset *items,
+                              gboolean allow_unauth)
 {
     char *data = segment;
     size_t remaining_size = len;
@@ -575,7 +581,7 @@ void bluesky_cloudlog_decrypt(char *segment, size_t len,
                            + GUINT32_FROM_LE(header->size3);
         if (item_size > remaining_size)
             break;
-        if (bluesky_crypt_block_decrypt(data, item_size, keys)) {
+        if (bluesky_crypt_block_decrypt(data, item_size, keys, allow_unauth)) {
             if (items != NULL) {
                 if (bluesky_verbose)
                     g_print("  data item at %zx\n", offset);