Commit 231ab016 authored by Milan Broz's avatar Milan Broz

Fix luksFormat/luksOpen reading passphrase from stdin and "-" keyfile.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@237 36d66b0a-2a48-0410-832c-cd162a569da5
parent 205d62af
2010-05-27 Milan Broz <mbroz@redhat.com>
* Fix luksFormat/luksOpen reading passphrase from stdin and "-" keyfile.
2010-05-23 Milan Broz <mbroz@redhat.com>
* Fix luksClose operation for stacked DM devices.
* Version 1.1.1.
......
......@@ -824,7 +824,7 @@ int crypt_luksOpen(struct crypt_options *options)
if (options->flags & CRYPT_FLAG_NON_EXCLUSIVE_ACCESS)
flags |= CRYPT_ACTIVATE_NO_UUID;
if (options->key_file && strcmp(options->key_file, "-"))
if (options->key_file)
r = crypt_activate_by_keyfile(cd, options->name,
CRYPT_ANY_SLOT, options->key_file, options->key_size,
flags);
......
......@@ -299,7 +299,7 @@ static int _action_luksFormat_generateMK()
.device = action_argv[0],
.cipher = opt_cipher ?: DEFAULT_CIPHER(LUKS1),
.hash = opt_hash ?: DEFAULT_LUKS1_HASH,
.new_key_file = action_argc > 1 ? action_argv[1] : NULL,
.new_key_file = opt_key_file ?: (action_argc > 1 ? action_argv[1] : NULL),
.flags = opt_verify_passphrase ? CRYPT_FLAG_VERIFY : (!opt_batch_mode?CRYPT_FLAG_VERIFY_IF_POSSIBLE : 0),
.iteration_time = opt_iteration_time,
.timeout = opt_timeout,
......@@ -387,6 +387,9 @@ static int action_luksFormat(int arg)
return -EINVAL;
}
if (action_argc > 1 && opt_key_file)
log_err(_("Option --key-file takes precedence over specified key file argument.\n"));
if(asprintf(&msg, _("This will overwrite data on %s irrevocably."), action_argv[0]) == -1) {
log_err(_("memory allocation error in action_luksFormat"));
return -ENOMEM;
......
......@@ -145,5 +145,20 @@ echo "key0" | $CRYPTSETUP -q luksOpen /dev/mapper/$DEV_NAME $DEV_NAME2 || fail
$CRYPTSETUP -q luksClose $DEV_NAME2 || fail
$CRYPTSETUP -q luksClose $DEV_NAME || fail
prepare "[14] format/open - passphrase on stdin & new line"
# stdin defined by "-" must take even newline
echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV - || fail
echo -n $'foo\nbar' | $CRYPTSETUP -q --key-file=- luksOpen $LOOPDEV $DEV_NAME || fail
$CRYPTSETUP -q luksClose $DEV_NAME || fail
echo -n $'foo\nbar' | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME && fail
# now also try --key-file
echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV --key-file=- || fail
echo -n $'foo\nbar' | $CRYPTSETUP -q --key-file=- luksOpen $LOOPDEV $DEV_NAME || fail
$CRYPTSETUP -q luksClose $DEV_NAME || fail
# process newline if from stdin
echo -n $'foo\nbar' | $CRYPTSETUP -q luksFormat $LOOPDEV || fail
echo 'foo' | $CRYPTSETUP -q luksOpen $LOOPDEV $DEV_NAME || fail
$CRYPTSETUP -q luksClose $DEV_NAME || fail
remove_mapping
exit 0
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment