if the key file doesn't exist (anymore), but the storage.cfg references
one, die on commands that should use encryption instead of falling back
to plain-text operations.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Tested-by: Stoiko Ivanov <s.ivanov@proxmox.com>
my $keyfd;
if (!open($keyfd, '<', $encryption_key_file)) {
- return undef if $! == ENOENT;
+ if ($! == ENOENT) {
+ my $encryption_fp = $scfg->{'encryption-key'};
+ die "encryption configured ('$encryption_fp') but no encryption key file found!\n"
+ if $encryption_fp;
+ return undef;
+ }
die "failed to open encryption key: $encryption_key_file: $!\n";
}