Report the 1-based key numbers rather than the 0-based ones to be consistent.

Fix documentation for destroy command.  Not sure how the wrong explanation
happened.

Spotted by:	mwlucas

diff --git a/sbin/gbde/gbde.8 b/sbin/gbde/gbde.8
index 71937679edfc4c9a28b0cddeae6e3c3327cf21ee..0578287f0256f7dca4c06d4df4b588bd0733a276 100644 (file)
--- a/sbin/gbde/gbde.8
+++ b/sbin/gbde/gbde.8
@@ -233,9 +233,23 @@ pass-phrase:
 .Pp
 .Dl "gbde setkey ada0s1f -n 2 -P foo -L key2.lockfile"
 .Pp
-To destroy all copies of the masterkey:
+To invalidate your own masterkey:
+.Pp
+.Dl "gbde nuke ada0s1f"
+.Pp
+This will overwrite your masterkey sector with zeros, and results in
+a diagnostic if you try to use the key again.
+You can also destroy the other three copies of the masterkey with the
+-n argument.
+.Pp
+You can also invalidate your masterkey without leaving a tell-tale sector
+full of zeros:
 .Pp
 .Dl "gbde destroy ada0s1f"
+.Pp
+This will overwrite the information fields in your masterkey sector,
+encrypt it and write it back.
+You get a (different) diagnostic if you try to use it.
 .Sh SEE ALSO
 .Xr gbde 4 ,
 .Xr geom 4

diff --git a/sbin/gbde/gbde.c b/sbin/gbde/gbde.c
index b6baa95ab8c8bcf86df6403c53536a93e2a173ac..3dca2126a7ab2bd6bc541226fa11bd729ff273f1 100644 (file)
--- a/sbin/gbde/gbde.c
+++ b/sbin/gbde/gbde.c
@@ -300,7 +300,6 @@ cmd_attach(const struct g_bde_softc *sc, const char *dest, const char *lfile)
                gctl_ro_param(r, "key", 16, buf);
                close(ffd);
        }
-       /* gctl_dump(r, stdout); */
        errstr = gctl_issue(r);
        if (errstr != NULL)
                errx(1, "Attach to %s failed: %s", dest, errstr);
@@ -371,7 +370,7 @@ cmd_open(struct g_bde_softc *sc, int dfd , const char *l_opt, u_int *nkey)
        if (error != 0)
                errx(1, "Error %d decrypting lock", error);
        if (nkey)
-               printf("Opened with key %u\n", *nkey);
+               printf("Opened with key %u\n", 1 + *nkey);
        return;
 }
 
@@ -392,7 +391,7 @@ cmd_nuke(struct g_bde_key *gl, int dfd , int key)
        free(sbuf);
        if (i != (int)gl->sectorsize)
                err(1, "write");
-       printf("Nuked key %d\n", key);
+       printf("Nuked key %d\n", 1 + key);
 }
 
 static void
@@ -493,7 +492,7 @@ cmd_destroy(struct g_bde_key *gl, int nkey)
        bzero(&gl->sector0, sizeof gl->sector0);
        bzero(&gl->sectorN, sizeof gl->sectorN);
        bzero(&gl->keyoffset, sizeof gl->keyoffset);
-       bzero(&gl->flags, sizeof gl->flags);
+       gl->flags &= GBDE_F_SECT0;
        bzero(gl->mkey, sizeof gl->mkey);
        for (i = 0; i < G_BDE_MAXKEYS; i++)
                if (i != nkey)