X-Git-Url: http://git.vrable.net/?a=blobdiff_plain;f=bluesky%2Fcloudlog.c;h=44799e3dfc366d8c7159d2d6342a398eb6f81d37;hb=75aed7ed122b11bbbe3814b6cc9bbacbf5d791c1;hp=64183b718aa2d74dc713743aac6c143b15387a81;hpb=1dc8b4fc9e5d7e2b2ed51ce16da67f3d5e16d240;p=bluesky.git diff --git a/bluesky/cloudlog.c b/bluesky/cloudlog.c index 64183b7..44799e3 100644 --- a/bluesky/cloudlog.c +++ b/bluesky/cloudlog.c @@ -389,6 +389,7 @@ BlueSkyCloudPointer bluesky_cloudlog_serialize(BlueSkyCloudLog *log, bluesky_cloudlog_serialize(ref, fs); } + /* FIXME: Ought lock to be taken earlier? */ g_mutex_lock(log->lock); bluesky_cloudlog_fetch(log); g_assert(log->data != NULL); @@ -558,10 +559,16 @@ void bluesky_cloudlog_encrypt(GString *segment, BlueSkyCryptKeys *keys) /* Make an decryption pass over a cloud log segment to decrypt items which were * encrypted. Also computes a list of all offsets which at which valid - * cloud log items are found and adds those offsets to items (if non-NULL). */ + * cloud log items are found and adds those offsets to items (if non-NULL). + * + * If allow_unauth is set to true, then allow a limited set of unauthenticated + * items that may have been rewritten by a file system cleaner. These include + * the checkpoint and inode map records only; other items must still pass + * authentication. */ void bluesky_cloudlog_decrypt(char *segment, size_t len, BlueSkyCryptKeys *keys, - BlueSkyRangeset *items) + BlueSkyRangeset *items, + gboolean allow_unauth) { char *data = segment; size_t remaining_size = len; @@ -575,7 +582,7 @@ void bluesky_cloudlog_decrypt(char *segment, size_t len, + GUINT32_FROM_LE(header->size3); if (item_size > remaining_size) break; - if (bluesky_crypt_block_decrypt(data, item_size, keys)) { + if (bluesky_crypt_block_decrypt(data, item_size, keys, allow_unauth)) { if (items != NULL) { if (bluesky_verbose) g_print(" data item at %zx\n", offset);