Commit 38c694a1 authored by Milan Broz's avatar Milan Broz

Fix crypt_activate_by_keyfile() to work with PLAIN devices.

(allows systemd swap with /dev/urandom activation)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@385 36d66b0a-2a48-0410-832c-cd162a569da5
parent 685f1300
2010-11-25 Milan Broz <mbroz@redhat.com>
* Fix crypt_activate_by_keyfile() to work with PLAIN devices.
2010-11-16 Milan Broz <mbroz@redhat.com>
* Version 1.2.0-rc1.
......
......@@ -1849,11 +1849,6 @@ int crypt_activate_by_keyfile(struct crypt_device *cd,
log_dbg("Activating volume %s [keyslot %d] using keyfile %s.",
name ?: "", keyslot, keyfile ?: "[none]");
if (!isLUKS(cd->type)) {
log_err(cd, _("This operation is supported only for LUKS device.\n"));
return -EINVAL;
}
if (name) {
ci = crypt_status(NULL, name);
if (ci == CRYPT_INVALID)
......@@ -1872,14 +1867,28 @@ int crypt_activate_by_keyfile(struct crypt_device *cd,
if (r < 0)
goto out;
r = LUKS_open_key_with_hdr(cd->device, keyslot, passphrase_read,
passphrase_size_read, &cd->hdr, &vk, cd);
if (r < 0)
goto out;
if (isPLAIN(cd->type)) {
r = create_device_helper(cd, name, cd->plain_hdr.hash,
cd->plain_cipher, cd->plain_cipher_mode,
NULL, passphrase_read, passphrase_size_read,
cd->volume_key->keylength, 0,
cd->plain_hdr.skip, cd->plain_hdr.offset,
cd->plain_uuid,
flags & CRYPT_ACTIVATE_READONLY, 0, 0);
keyslot = 0;
} else if (isLUKS(cd->type)) {
r = LUKS_open_key_with_hdr(cd->device, keyslot, passphrase_read,
passphrase_size_read, &cd->hdr, &vk, cd);
if (r < 0)
goto out;
keyslot = r;
if (name)
r = open_from_hdr_and_vk(cd, vk, name, flags);
} else
r = -EINVAL;
keyslot = r;
if (name)
r = open_from_hdr_and_vk(cd, vk, name, flags);
out:
crypt_safe_free(passphrase_read);
crypt_free_volume_key(vk);
......
......@@ -601,6 +601,15 @@ static void AddDevicePlain(void)
EQ_(key_size, crypt_get_volume_key_size(cd));
EQ_(0, crypt_get_data_offset(cd));
OK_(crypt_deactivate(cd, CDEVICE_1));
// now with keyfile
OK_(_prepare_keyfile(KEYFILE1, KEY1));
FAIL_(crypt_activate_by_keyfile(cd, NULL, CRYPT_ANY_SLOT, KEYFILE1, 0, 0), "cannot verify key with plain");
EQ_(0, crypt_activate_by_keyfile(cd, CDEVICE_1, CRYPT_ANY_SLOT, KEYFILE1, 0, 0));
EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
OK_(crypt_deactivate(cd, CDEVICE_1));
_remove_keyfiles();
crypt_free(cd);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment