[systemd-devel] [PATCH 1/3] Add more password agent information

Lennart Poettering lennart at poettering.net
Mon Mar 24 17:03:48 PDT 2014


On Wed, 12.02.14 23:55, David Härdeman (david at hardeman.nu) wrote:

Sorry for the late review!

> Add an (optional) "Id" key in the password agent .ask files. The Id is
> supposed to be a simple string in "<subsystem>:<target>" form which
> is used to provide more information on what the requested passphrase
> is to be used for (which e.g. allows an agent to only react to cryptsetup
> requests).

I wonder if this is related to the "keyhandler" stuff Benjamin Sans has
asked for.

http://lists.freedesktop.org/archives/systemd-devel/2014-March/017869.html

Benjamin, can you comment?

> -        r = ask_password_auto(text, "drive-harddisk", until, accept_cached, passwords);
> +	if (asprintf(&id, "cryptsetup:%s", name) < 0)
> +		return log_oom();
> +
> +        r = ask_password_auto(text, "drive-harddisk", id, until,
> accept_cached, passwords);

Hmm, no tabs please...

Also, please use strappend() for cases like this, where we just want to
concatenate two strings.

That said, I wodner, if we should escape the second part of the string,
just to be sure. Using cescape() here would suffice?

>          if (r < 0) {
>                  log_error("Failed to query password: %s", strerror(-r));
>                  return r;
> @@ -281,7 +285,10 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char
>                  if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0)
>                          return log_oom();
>  
> -                r = ask_password_auto(text, "drive-harddisk", until, false, &passwords2);
> +		if (asprintf(&id, "cryptsetup-verification:%s", name) < 0)
> +			return log_oom();
> +

Similar here.

Otherwise this looks good to go, but I'd like to see a comment by
Benjamin, to see if this would work for him, too!

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list