From 86f3bb144ad75461eb9b7ac1e59046ac75efccac Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Sat, 13 Feb 2016 17:30:14 +0100
Subject: g13: Require a confirmation before g13 is used for DM-Crypt.

* g13/g13-syshelp.c (g13_syshelp_i_know_what_i_am_doing):
* g13/sh-dmcrypt.c (sh_dmcrypt_create_container): Call it.
(sh_dmcrypt_mount_container): Call it.

Signed-off-by: Werner Koch <wk@gnupg.org>
---
 g13/g13-syshelp.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'g13/g13-syshelp.c')

diff --git a/g13/g13-syshelp.c b/g13/g13-syshelp.c
index cbb5f8dbf..b31964e6e 100644
--- a/g13/g13-syshelp.c
+++ b/g13/g13-syshelp.c
@@ -577,6 +577,27 @@ release_tab_items (tab_item_t tab)
 }
 
 
+void
+g13_syshelp_i_know_what_i_am_doing (void)
+{
+  const char * const yesfile = "Yes-g13-I-know-what-I-am-doing";
+  char *fname;
+
+  fname = make_filename (gnupg_sysconfdir (), yesfile, NULL);
+  if (access (fname, F_OK))
+    {
+      log_info ("*******************************************************\n");
+      log_info ("* The G13 support for DM-Crypt is new and not matured.\n");
+      log_info ("* Bugs or improper use may delete all your disks!\n");
+      log_info ("* To confirm that you are ware of this risk, create\n");
+      log_info ("* the file '%s'.\n", fname);
+      log_info ("*******************************************************\n");
+      exit (1);
+    }
+  xfree (fname);
+}
+
+
 /* Parse the /etc/gnupg/g13tab for user USERNAME.  Return a table for
    the user on success.  Return NULL on error and print
    diagnostics. */
-- 
cgit v1.2.3