From 56e81f7ca8276e40f8c88c4c30713a5b54009613 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 16 Aug 2012 21:00:34 +0200 Subject: [PATCH] journalctl: immeidately terminate on invalid seed --- src/journal/journal-verify.c | 2 +- src/journal/journalctl.c | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c index f6cec1eb5..687143340 100644 --- a/src/journal/journal-verify.c +++ b/src/journal/journal-verify.c @@ -667,7 +667,7 @@ int journal_file_verify(JournalFile *f, const char *seed) { r = journal_file_parse_seed(f, seed); if (r < 0) { log_error("Failed to parse seed."); - goto fail; + return r; } } diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c index 3d274c8eb..25e441b02 100644 --- a/src/journal/journalctl.c +++ b/src/journal/journalctl.c @@ -601,13 +601,18 @@ static int verify(sd_journal *j) { HASHMAP_FOREACH(f, j->files, i) { int k; +#ifdef HAVE_GCRYPT if (!arg_verify_seed && journal_file_fsprg_enabled(f)) log_warning("Journal file %s has authentication enabled but verification seed has not been passed using --verify-seed=.", f->path); +#endif k = journal_file_verify(f, arg_verify_seed); - if (k < 0) { + if (k == -EINVAL) { + /* If the seed was invalid give up right-away. */ + return k; + } else if (k < 0) { log_warning("FAIL: %s (%s)", f->path, strerror(-k)); - r = -r; + r = k; } else log_info("PASS: %s", f->path); } -- 2.30.2