From 344099cc7d27856f14d34fb4127ff2da82e9342b Mon Sep 17 00:00:00 2001
From: Sebastian L <sl@momou.ch>
Date: Tue, 10 Nov 2020 22:18:57 +0100
Subject: [PATCH] Fix openssl warning

---
 README.mdown                           | 2 +-
 src/lib/cryptsetup/scripts/wget_or_ask | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.mdown b/README.mdown
index 8c54c92..3d168f2 100644
--- a/README.mdown
+++ b/README.mdown
@@ -18,7 +18,7 @@ It is intended to protect against information disclosure in the event of acciden
 
 ```
 dd if=/dev/random bs=1c count=256 | base64 > unencrypted_keyfile
-cat unencrypted_keyfile | openssl enc -base64 -aes-256-cbc -md sha256 -e -salt -out encrypted_keyfile -k somepassphrase
+cat unencrypted_keyfile | openssl enc -base64 -aes-256-cbc -md sha256 -e -salt -pbkdf2 -out encrypted_keyfile -k somepassphrase
 rm unencrypted_keyfile
 ```
 
diff --git a/src/lib/cryptsetup/scripts/wget_or_ask b/src/lib/cryptsetup/scripts/wget_or_ask
index 186a422..87093f9 100755
--- a/src/lib/cryptsetup/scripts/wget_or_ask
+++ b/src/lib/cryptsetup/scripts/wget_or_ask
@@ -152,7 +152,7 @@ https_try_fetch ()
   encrypted_keyfile=$($wget_path --secure-protocol=PFS -q -O - "$url")
 
   if [ $? -eq 0 ]; then
-    decrypted_keyfile=$(echo "$encrypted_keyfile" | openssl enc -base64 -aes-256-cbc -md sha256 -d -salt -k "$openssl_passphrase")
+    decrypted_keyfile=$(echo "$encrypted_keyfile" | openssl enc -base64 -aes-256-cbc -md sha256 -d -salt -pbkdf2 -k "$openssl_passphrase")
     if [ $? -eq 0 ]; then
       keyctl_store
       printf '%s\n' "$decrypted_keyfile"