Index: stand/geli/geliboot.c =================================================================== --- stand/geli/geliboot.c +++ stand/geli/geliboot.c @@ -222,7 +222,7 @@ */ static int geli_attach(struct geli_entry *ge, struct dsk *dskp, const char *passphrase, - const u_char *mkeyp) + u_char *mkeyp) { u_char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN], *mkp; u_int keynum; @@ -248,7 +248,7 @@ } else if (geli_e->md.md_iterations == 0) { g_eli_crypto_hmac_update(&ctx, geli_e->md.md_salt, sizeof(geli_e->md.md_salt)); - g_eli_crypto_hmac_update(&ctx, passphrase, + g_eli_crypto_hmac_update(&ctx, (const uint8_t *)passphrase, strlen(passphrase)); } else if (geli_e->md.md_iterations > 0) { printf("Calculating GELI Decryption Key disk%dp%d @ %d" @@ -294,7 +294,7 @@ /* * The encryption key is: ekey = HMAC_SHA512(Data-Key, 0x10) */ - g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, "\x10", 1, + g_eli_crypto_hmac(mkp, G_ELI_MAXKEYLEN, (const uint8_t *)"\x10", 1, geli_e->sc.sc_ekey, 0); } explicit_bzero(mkey, sizeof(mkey)); Index: stand/i386/gptboot/gptboot.c =================================================================== --- stand/i386/gptboot/gptboot.c +++ stand/i386/gptboot/gptboot.c @@ -32,6 +32,10 @@ #include +/* Forward declared to avoid warnings -- these shouldn't be needed */ +int strcasecmp(const char *s1, const char *s2); +void explicit_bzero(void *b, size_t len); + #include "bootargs.h" #include "lib.h" #include "rbx.h" @@ -254,7 +258,7 @@ #ifdef LOADER_GELI_SUPPORT if (geli_taste(vdev_read, &dsk, (gpttable[curent].ent_lba_end - gpttable[curent].ent_lba_start)) == 0) { - if (geli_havekey(&dsk) != 0 && geli_passphrase(&gelipw, + if (geli_havekey(&dsk) != 0 && geli_passphrase(gelipw, dsk.unit, 'p', curent + 1, &dsk) != 0) { printf("%s: unable to decrypt GELI key\n", BOOTPROG); return (-1); @@ -266,6 +270,8 @@ return (0); } +int main(void); + int main(void) { Index: stand/i386/libi386/biosdisk.c =================================================================== --- stand/i386/libi386/biosdisk.c +++ stand/i386/libi386/biosdisk.c @@ -482,10 +482,10 @@ /* Use the cached passphrase */ bcopy(passphrase, &gelipw, GELI_PW_MAXLEN); } - if (geli_passphrase(&gelipw, dskp.unit, 'p', + if (geli_passphrase(gelipw, dskp.unit, 'p', (dskp.slice > 0 ? dskp.slice : dskp.part), &dskp) == 0) { - setenv("kern.geom.eli.passphrase", &gelipw, 1); + setenv("kern.geom.eli.passphrase", gelipw, 1); bzero(gelipw, sizeof(gelipw)); geli_status[dev->d_unit][dskp.slice] = ISGELI_YES; geli_part++; @@ -882,7 +882,7 @@ /* GELI needs the offset relative to the partition start */ p_off = alignlba - dskp.start; - err = geli_read(&dskp, p_off * BD(dev).bd_sectorsize, tmpbuf, + err = geli_read(&dskp, p_off * BD(dev).bd_sectorsize, (u_char *)tmpbuf, alignblks * BD(dev).bd_sectorsize); if (err) return (err); Index: stand/i386/zfsboot/zfsboot.c =================================================================== --- stand/i386/zfsboot/zfsboot.c +++ stand/i386/zfsboot/zfsboot.c @@ -36,6 +36,10 @@ #include +/* Forward declared to avoid warnings -- these shouldn't be needed */ +int strcasecmp(const char *s1, const char *s2); +void explicit_bzero(void *b, size_t len); + #include "lib.h" #include "rbx.h" #include "drv.h" @@ -572,7 +576,7 @@ elba--; } if (geli_taste(vdev_read, dsk, elba) == 0) { - if (geli_havekey(dsk) == 0 || geli_passphrase(&gelipw, dsk->unit, + if (geli_havekey(dsk) == 0 || geli_passphrase(gelipw, dsk->unit, ':', 0, dsk) == 0) { if (vdev_probe(vdev_read, dsk, NULL) == 0) { return; @@ -631,7 +635,7 @@ #ifdef LOADER_GELI_SUPPORT else if (geli_taste(vdev_read, dsk, ent->ent_lba_end - ent->ent_lba_start) == 0) { - if (geli_havekey(dsk) == 0 || geli_passphrase(&gelipw, + if (geli_havekey(dsk) == 0 || geli_passphrase(gelipw, dsk->unit, 'p', dsk->slice, dsk) == 0) { /* * This slice has GELI, check it for ZFS. @@ -671,7 +675,7 @@ #ifdef LOADER_GELI_SUPPORT else if (geli_taste(vdev_read, dsk, dp[i].dp_size - dp[i].dp_start) == 0) { - if (geli_havekey(dsk) == 0 || geli_passphrase(&gelipw, dsk->unit, + if (geli_havekey(dsk) == 0 || geli_passphrase(gelipw, dsk->unit, 's', i, dsk) == 0) { /* * This slice has GELI, check it for ZFS.