[systemd-commits] src/cryptsetup.c
Lennart Poettering
lennart at kemper.freedesktop.org
Tue Apr 26 12:50:49 PDT 2011
src/cryptsetup.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
New commits:
commit 2d745456b2852d102e6f27f685c97118f2190669
Author: Milan Broz <mbroz at redhat.com>
Date: Tue Apr 26 00:15:15 2011 +0200
cryptsetup: fix keyfile size option processing
/etc/crypttab uses "size" argument only for plain crypt mapping
(and input is limited to volume key size)
For LUKS it always read whole keyfile (no arguments except "luks"
should be in crypttab).
Because of bug in cryptsetup 1.2.0 (fixed in 1.3.0) library
did not enforced keyfile size argument, so this bug was
hidden for some time.
Patch also converts size in bits to bytes like excepted
by libcryptsetup api.
Fixes https://bugs.freedesktop.org/show_bug.cgi?id=36264
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 4ef9606..c0caf9a 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -225,6 +225,7 @@ int main(int argc, char *argv[]) {
char **passwords = NULL, *truncated_cipher = NULL;
const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
+ unsigned keyfile_size = 0;
if (argc <= 1) {
help();
@@ -433,6 +434,10 @@ int main(int argc, char *argv[]) {
¶ms);
pass_volume_key = streq(hash, "plain");
+
+ /* for CRYPT_PLAIN limit reads
+ * from keyfile to key length */
+ keyfile_size = opt_key_size / 8;
}
if (k < 0) {
@@ -447,7 +452,7 @@ int main(int argc, char *argv[]) {
argv[3]);
if (key_file)
- k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_key_size, flags);
+ k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, keyfile_size, flags);
else {
char **p;
More information about the systemd-commits
mailing list