bareos2015: bareos-13.2 c4daee29
| Author | Committer | Branch | Timestamp | Parent | |
|---|---|---|---|---|---|
| mvwieringen | mvwieringen | bareos-13.2 | 2013-05-04 23:02 | bareos-13.2 9355be42 | Pending |
| Changeset | Add ability to dump the content of the cryptocache. For tape encryption the storage daemon keeps a cache of recently used data it needs when loading a crypto enabled volume and it doesn't have a connection to the director (e.g. when starting the SD). The bscrypto tool already had support for populating the cache with data which is used when a Disaster Recovery is needed but it would be nice if you could also dump the content of the cache using the bscrypto tool. There is no real security risk as you still need read access to the cache file and the data dumped is the wrapped/encrypted version of the key for which you need the KeyEncryptionKey to be able to translate it to the actual key loaded into the drive. |
||||
| mod - src/lib/crypto_cache.c | Diff File | ||||
| mod - src/lib/crypto_cache.h | Diff File | ||||
| mod - src/tools/bscrypto.c | Diff File | ||||
