Commit bf7819cc authored by Milan Broz's avatar Milan Broz

* Add log macros and make logging modre consitent.

* Move command successful messages to verbose level.
* Introduce --debug parameter.
Signed-off-by: Milan Broz's avatarMilan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@92 36d66b0a-2a48-0410-832c-cd162a569da5
parent 4e471a9b
......@@ -2,6 +2,9 @@
* Require device device-mapper to build and do not use backend wrapper for dm calls.
* Move memory locking and dm initialization to command layer.
* Increase priority of process if memory is locked.
* Add log macros and make logging modre consitent.
* Move command successful messages to verbose level.
* Introduce --debug parameter.
2009-08-17 Milan Broz <mbroz@redhat.com>
* Fix PBKDF2 speed calculation for large passhrases.
......
......@@ -17,6 +17,8 @@
#define SECTOR_SIZE (1 << SECTOR_SHIFT)
#define DEFAULT_ALIGNMENT 4096
#define MAX_TTY_PASSWORD_LEN 512
/* private struct crypt_options flags */
#define CRYPT_FLAG_FREE_DEVICE (1 << 24)
......@@ -46,6 +48,7 @@ void *safe_alloc(size_t size);
void safe_free(void *data);
void *safe_realloc(void *data, size_t size);
char *safe_strdup(const char *s);
void set_debug_level(int level);
struct hash_backend *get_hash_backend(const char *name);
void put_hash_backend(struct hash_backend *backend);
......@@ -82,7 +85,15 @@ ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offse
int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
const char *key_file, int passphrase_fd, int timeout, int how2verify);
const char *key_file, int passphrase_fd, int timeout, int how2verify, struct crypt_device *cd);
void set_default_log(void (*log)(int class, char *msg));
void logger(struct crypt_device *cd, int class, const char *file, int line, const char *format, ...);
#define log_dbg(x...) logger(NULL, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x)
#define log_std(c, x...) logger(c, CRYPT_LOG_NORMAL, __FILE__, __LINE__, x)
#define log_err(c, x...) do { \
logger(c, CRYPT_LOG_ERROR, __FILE__, __LINE__, x); \
set_error(x); } while(0)
int memlock_inc(struct crypt_device *ctx);
int memlock_dec(struct crypt_device *ctx);
......
......@@ -9,6 +9,7 @@ extern "C" {
#define CRYPT_LOG_NORMAL 0
#define CRYPT_LOG_ERROR 1
#define CRYPT_LOG_DEBUG -1 /* always on stdout */
struct interface_callbacks {
int (*yesDialog)(char *msg);
......
......@@ -21,13 +21,18 @@ static struct crypt_device *_context = NULL;
static void set_dm_error(int level, const char *file, int line,
const char *f, ...)
{
char *msg = NULL;
va_list va;
if (level > 3)
return;
va_start(va, f);
set_error_va(f, va);
if (vasprintf(&msg, f, va) > 0) {
if (level < 4) {
log_err(_context, msg);
log_err(_context, "\n");
} else
log_dbg(msg);
}
free(msg);
va_end(va);
}
......@@ -36,6 +41,8 @@ static int _dm_simple(int task, const char *name);
int dm_init(struct crypt_device *context, int check_kernel)
{
if (!_dm_use_count++) {
log_dbg("Initialising device-mapper backend%s.",
check_kernel ? "" : " (NO kernel check requested)");
if (check_kernel && !_dm_simple(DM_DEVICE_LIST_VERSIONS, NULL))
return -1;
dm_log_init(set_dm_error);
......@@ -51,6 +58,7 @@ int dm_init(struct crypt_device *context, int check_kernel)
void dm_exit(void)
{
if (_dm_use_count && (!--_dm_use_count)) {
log_dbg("Releasing device-mapper backend.");
dm_log_init_verbose(0);
dm_log_init(NULL);
dm_lib_release();
......@@ -239,6 +247,8 @@ int dm_remove_device(const char *name, int force, uint64_t size)
do {
r = _dm_simple(DM_DEVICE_REMOVE, name) ? 0 : -EINVAL;
if (--retries && r) {
log_dbg("WARNING: other process locked internal device %s, %s.",
name, retries ? "retrying remove" : "giving up");
sleep(1);
}
} while (r == -EINVAL && retries);
......
This diff is collapsed.
......@@ -18,7 +18,6 @@
#include "libcryptsetup.h"
#include "internal.h"
struct safe_allocation {
size_t size;
char data[1];
......@@ -28,18 +27,24 @@ static char *error=NULL;
void set_error_va(const char *fmt, va_list va)
{
int r;
if(error) {
free(error);
error=NULL;
free(error);
error = NULL;
}
if(!fmt) return;
if (vasprintf(&error, fmt, va) < 0) {
r = vasprintf(&error, fmt, va);
if (r < 0) {
free(error);
error = NULL;
return;
}
if (r && error[r - 1] == '\n')
error[r - 1] = '\0';
}
void set_error(const char *fmt, ...)
......@@ -239,10 +244,8 @@ ssize_t read_blockwise(int fd, void *orig_buf, size_t count) {
buf = orig_buf;
r = read(fd, buf, solid);
if(r < 0 || r != solid) {
set_error("read failed in read_blockwise.\n");
if(r < 0 || r != solid)
goto out;
}
if (hangover) {
hangover_buf = aligned_malloc(&hangover_buf_base, bsize, alignment);
......@@ -331,8 +334,7 @@ static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
if (select(fd+1, &fds, NULL, NULL, &t) > 0)
failed = untimed_read(fd, pass, maxlen);
else
set_error("Operation timed out");
return failed;
}
......@@ -352,10 +354,9 @@ static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
outfd = STDERR_FILENO;
}
if (tcgetattr(infd, &orig)) {
set_error("Unable to get terminal");
if (tcgetattr(infd, &orig))
goto out_err;
}
memcpy(&tmp, &orig, sizeof(tmp));
tmp.c_lflag &= ~ECHO;
......@@ -395,7 +396,7 @@ out_err:
*/
int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
const char *key_file, int passphrase_fd, int timeout, int how2verify)
const char *key_file, int passphrase_fd, int timeout, int how2verify, struct crypt_device *cd)
{
int fd;
const int verify = how2verify & CRYPT_FLAG_VERIFY;
......@@ -412,9 +413,7 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
} else if (key_file) {
fd = open(key_file, O_RDONLY);
if (fd < 0) {
char buf[128];
set_error("Error opening key file: %s",
strerror_r(errno, buf, 128));
log_err(cd, "Failed to open key file %s.\n", key_file);
goto out_err;
}
newline_stop = 0;
......@@ -423,7 +422,7 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
* of key bytes (default or passed by -s) */
read_horizon = key_size;
} else {
fd = passphrase_fd;
fd = STDIN_FILENO;
newline_stop = 1;
read_horizon = 0; /* Infinite, if read from terminal or fd */
}
......@@ -432,16 +431,16 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
if(isatty(fd)) {
int i;
pass = safe_alloc(512);
if (!pass || (i = interactive_pass(prompt, pass, 512, timeout))) {
set_error("Error reading passphrase");
pass = safe_alloc(MAX_TTY_PASSWORD_LEN);
if (!pass || (i = interactive_pass(prompt, pass, MAX_TTY_PASSWORD_LEN, timeout))) {
log_err(cd, "Error reading passphrase from terminal.\n");
goto out_err;
}
if (verify || verify_if_possible) {
char pass_verify[512];
char pass_verify[MAX_TTY_PASSWORD_LEN];
i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), timeout);
if (i || strcmp(pass, pass_verify) != 0) {
set_error("Passphrases do not match");
log_err(cd, "Passphrases do not match.\n");
goto out_err;
}
memset(pass_verify, 0, sizeof(pass_verify));
......@@ -456,7 +455,7 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
int buflen, i;
if(verify) {
set_error("Can't do passphrase verification on non-tty inputs");
log_err(cd, "Can't do passphrase verification on non-tty inputs.\n");
goto out_err;
}
/* The following for control loop does an exhausting
......@@ -469,13 +468,13 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
if(key_file && strcmp(key_file, "-") && read_horizon == 0) {
struct stat st;
if(stat(key_file, &st) < 0) {
set_error("Can't stat key file");
log_err(cd, "Failed to stat key file %s.\n", key_file);
goto out_err;
}
if(!S_ISREG(st.st_mode)) {
// set_error("Can't do exhausting read on non regular files");
// goto out_err;
fprintf(stderr,"Warning: exhausting read requested, but key file is not a regular file, function might never return.\n");
log_err(cd, "Warning: exhausting read requested, but key file %s"
" is not a regular file, function might never return.\n",
key_file);
}
}
buflen = 0;
......@@ -484,8 +483,7 @@ int get_key(char *prompt, char **key, unsigned int *passLen, int key_size,
buflen += 128;
pass = safe_realloc(pass, buflen);
if (!pass) {
set_error("Not enough memory while "
"reading passphrase");
log_err(cd, "Out of memory while reading passphrase.\n");
goto out_err;
}
}
......@@ -519,17 +517,18 @@ static int _memlock_count = 0;
int memlock_inc(struct crypt_device *ctx)
{
if (!_memlock_count++) {
log_dbg("Locking memory.");
if (mlockall(MCL_CURRENT | MCL_FUTURE)) {
set_error(_("WARNING!!! Possibly insecure memory. Are you root?\n"));
log_err(ctx, _("WARNING!!! Possibly insecure memory. Are you root?\n"));
_memlock_count--;
return 0;
}
errno = 0;
if (((_priority = getpriority(PRIO_PROCESS, 0)) == -1) && errno)
set_error(_("Cannot get process priority.\n"));
log_err(ctx, _("Cannot get process priority.\n"));
else
if (setpriority(PRIO_PROCESS, 0, DEFAULT_PROCESS_PRIORITY))
set_error(_("setpriority %u failed: %s"),
log_err(ctx, _("setpriority %u failed: %s"),
DEFAULT_PROCESS_PRIORITY, strerror(errno));
}
return _memlock_count ? 1 : 0;
......@@ -538,10 +537,11 @@ int memlock_inc(struct crypt_device *ctx)
int memlock_dec(struct crypt_device *ctx)
{
if (_memlock_count && (!--_memlock_count)) {
log_dbg("Unlocking memory.");
if (munlockall())
set_error(_("Cannot unlock memory."));
log_err(ctx, _("Cannot unlock memory."));
if (setpriority(PRIO_PROCESS, 0, _priority))
set_error(_("setpriority %u failed: %s"), _priority, strerror(errno));
log_err(ctx, _("setpriority %u failed: %s"), _priority, strerror(errno));
}
return _memlock_count ? 1 : 0;
}
......@@ -55,7 +55,7 @@ static int setup_mapping(const char *cipher, const char *name,
const char *device, unsigned int payloadOffset,
const char *key, size_t keyLength,
unsigned int sector, size_t srcLength,
int mode)
int mode, struct crypt_device *ctx)
{
int device_sector_size = sector_size_for_device(device);
uint64_t size;
......@@ -65,10 +65,9 @@ static int setup_mapping(const char *cipher, const char *name,
* device's sector size, otherwise the mapping will be refused.
*/
if(device_sector_size < 0) {
set_error(_("Unable to obtain sector size for %s"),device);
log_err(ctx, _("Unable to obtain sector size for %s"), device);
return -EINVAL;
}
set_error(NULL);
size = round_up_modulo(srcLength,device_sector_size)/SECTOR_SIZE;
cleaner_size = size;
......@@ -125,7 +124,8 @@ static int LUKS_endec_template(char *src, size_t srcLength,
const char *device,
unsigned int sector,
ssize_t (*func)(int, void *, size_t),
int mode)
int mode,
struct crypt_device *ctx)
{
char *name = NULL;
char *fullpath = NULL;
......@@ -134,7 +134,7 @@ static int LUKS_endec_template(char *src, size_t srcLength,
int r = -1;
if(dmDir == NULL) {
fputs(_("Failed to obtain device mapper directory."), stderr);
log_err(ctx, _("Failed to obtain device mapper directory."));
return -1;
}
if(asprintf(&name,"temporary-cryptsetup-%d",getpid()) == -1 ||
......@@ -143,29 +143,31 @@ static int LUKS_endec_template(char *src, size_t srcLength,
r = -ENOMEM;
goto out1;
}
signal(SIGINT, sigint_handler);
cleaner_name = name;
r = setup_mapping(dmCipherSpec, name, device, hdr->payloadOffset,
key, keyLength, sector, srcLength, mode);
key, keyLength, sector, srcLength, mode, ctx);
if(r < 0) {
set_error("Failed to setup dm-crypt key mapping for device %s.\n"
"Check that kernel supports %s cipher (check syslog for more info).\n%s",
device, dmCipherSpec,
_error_hint(hdr->cipherName, hdr->cipherMode, keyLength * 8));
log_err(ctx, _("Failed to setup dm-crypt key mapping for device %s.\n"
"Check that kernel supports %s cipher (check syslog for more info).\n%s"),
device, dmCipherSpec,
_error_hint(hdr->cipherName, hdr->cipherMode, keyLength * 8));
r = -EIO;
goto out1;
}
devfd = open(fullpath, mode | O_DIRECT | O_SYNC); /* devfd is a global var */
if(devfd == -1) {
log_err(ctx, _("Failed to open temporary keystore device.\n"));
r = -EIO;
goto out2;
}
r = func(devfd,src,srcLength);
if(r < 0) {
log_err(ctx, _("Failed to access temporary keystore device.\n"));
r = -EIO;
goto out3;
}
......@@ -190,19 +192,21 @@ int LUKS_encrypt_to_storage(char *src, size_t srcLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector)
unsigned int sector,
struct crypt_device *ctx)
{
return LUKS_endec_template(src,srcLength,hdr,key,keyLength, device, sector,
(ssize_t (*)(int, void *, size_t)) write_blockwise,
O_RDWR);
O_RDWR, ctx);
}
int LUKS_decrypt_from_storage(char *dst, size_t dstLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector)
unsigned int sector,
struct crypt_device *ctx)
{
return LUKS_endec_template(dst,dstLength,hdr,key,keyLength, device,
sector, read_blockwise, O_RDONLY);
sector, read_blockwise, O_RDONLY, ctx);
}
This diff is collapsed.
......@@ -84,57 +84,82 @@ void LUKS_dealloc_masterkey(struct luks_masterkey *mk);
struct luks_masterkey *LUKS_generate_masterkey(int keylength);
int LUKS_generate_phdr(struct luks_phdr *header,
const struct luks_masterkey *mk,
const char *cipherName, const char *cipherMode, const char *hashSpec,
unsigned int stripes,
unsigned int alignPayload);
int LUKS_read_phdr(const char *device, struct luks_phdr *hdr);
int LUKS_write_phdr(const char *device, struct luks_phdr *hdr);
int LUKS_set_key(const char *device,
unsigned int keyIndex,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey *mk);
int LUKS_open_key(const char *device,
unsigned int keyIndex,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey *mk);
int LUKS_open_any_key(const char *device,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey **mk);
int LUKS_open_any_key_with_hdr(const char *device,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey **mk);
int LUKS_del_key(const char *device, unsigned int keyIndex);
int LUKS_generate_phdr(
struct luks_phdr *header,
const struct luks_masterkey *mk,
const char *cipherName, const char *cipherMode, const char *hashSpec,
unsigned int stripes,
unsigned int alignPayload,
struct crypt_device *ctx);
int LUKS_read_phdr(
const char *device,
struct luks_phdr *hdr,
int require_luks_device,
struct crypt_device *ctx);
int LUKS_write_phdr(
const char *device,
struct luks_phdr *hdr,
struct crypt_device *ctx);
int LUKS_set_key(
const char *device,
unsigned int keyIndex,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey *mk,
struct crypt_device *ctx);
int LUKS_open_key(
const char *device,
unsigned int keyIndex,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey *mk,
struct crypt_device *ctx);
int LUKS_open_any_key(
const char *device,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey **mk,
struct crypt_device *ctx);
int LUKS_open_any_key_with_hdr(
const char *device,
const char *password,
size_t passwordLen,
struct luks_phdr *hdr,
struct luks_masterkey **mk,
struct crypt_device *ctx);
int LUKS_del_key(
const char *device,
unsigned int keyIndex,
struct crypt_device *ctx);
int LUKS_is_last_keyslot(const char *device, unsigned int keyIndex);
int LUKS_benchmarkt_iterations(const char *hash, unsigned int *count);
int LUKS_encrypt_to_storage(char *src, size_t srcLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector);
int LUKS_decrypt_from_storage(char *dst, size_t dstLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector);
int LUKS_encrypt_to_storage(
char *src, size_t srcLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector,
struct crypt_device *ctx);
int LUKS_decrypt_from_storage(
char *dst, size_t dstLength,
struct luks_phdr *hdr,
char *key, size_t keyLength,
const char *device,
unsigned int sector,
struct crypt_device *ctx);
int LUKS_device_ready(const char *device, int mode);
#endif
......@@ -15,7 +15,8 @@
#include "cryptsetup.h"
static int opt_verbose = 1;
static int opt_verbose = 0;
static int opt_debug = 0;
static char *opt_cipher = NULL;
static char *opt_hash = NULL;
static int opt_verify_passphrase = 0;
......@@ -88,8 +89,8 @@ static int yesDialog(char *msg)
int r = 1;
if(isatty(0) && !opt_batch_mode) {
fprintf(stderr, "\nWARNING!\n========\n");
fprintf(stderr, "%s\n\nAre you sure? (Type uppercase yes): ", msg);
log_std("\nWARNING!\n========\n");
log_std("%s\n\nAre you sure? (Type uppercase yes): ", msg);
if(getline(&answer, &size, stdin) == -1) {
perror("getline");
free(answer);
......@@ -129,12 +130,13 @@ static void show_status(int errcode)
{
char error[256];
if(!errcode) {
fprintf(stderr, _("Command successful.\n"));
return;
if(!errcode && opt_verbose) {
log_std(_("Command successful.\n"));
return;
}
crypt_get_error(error, sizeof(error));
if (!opt_verbose) {
char *error_ = strerror_r(errcode, error, sizeof(error));
if (error_ != error) {
......@@ -143,11 +145,11 @@ static void show_status(int errcode)
}
}
fprintf(stderr, _("Command failed"));
log_err(_("Command failed"));
if (*error)
fprintf(stderr, ": %s\n", error);
log_err(": %s\n", error);
else
fputs(".\n", stderr);
log_err(".\n");
return;
}
......@@ -173,7 +175,7 @@ static int action_create(int reload)
int r;
if(reload)
fprintf(stderr, _("The reload action is deprecated. Please use \"dmsetup reload\" in case you really need this functionality.\nWARNING: do not use reload to touch LUKS devices. If that is the case, hit Ctrl-C now.\n"));
log_err(_("The reload action is deprecated. Please use \"dmsetup reload\" in case you really need this functionality.\nWARNING: do not use reload to touch LUKS devices. If that is the case, hit Ctrl-C now.\n"));
if (options.hash && strcmp(options.hash, "plain") == 0)
options.hash = NULL;
......@@ -225,19 +227,19 @@ static int action_status(int arg)
if (r == 0) {
/* inactive */
printf("%s/%s is inactive.\n", crypt_get_dir(), options.name);
log_std("%s/%s is inactive.\n", crypt_get_dir(), options.name);
r = 1;
} else {
/* active */
printf("%s/%s is active:\n", crypt_get_dir(), options.name);
printf(" cipher: %s\n", options.cipher);
printf(" keysize: %d bits\n", options.key_size * 8);
printf(" device: %s\n", options.device);
printf(" offset: %" PRIu64 " sectors\n", options.offset);
printf(" size: %" PRIu64 " sectors\n", options.size);
log_std("%s/%s is active:\n", crypt_get_dir(), options.name);
log_std(" cipher: %s\n", options.cipher);
log_std(" keysize: %d bits\n", options.key_size * 8);
log_std(" device: %s\n", options.device);
log_std(" offset: %" PRIu64 " sectors\n", options.offset);
log_std(" size: %" PRIu64 " sectors\n", options.size);
if (options.skip)
printf(" skipped: %" PRIu64 " sectors\n", options.skip);
printf(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
log_std(" skipped: %" PRIu64 " sectors\n", options.skip);
log_std(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
? "readonly" : "read/write");
crypt_put_options(&options);
r = 0;
......@@ -385,7 +387,7 @@ static void usage(poptContext popt_context, int exitcode,
{
poptPrintUsage(popt_context, stderr, 0);
if (error)
fprintf(stderr, "%s: %s\n", more, error);
log_err("%s: %s\n", more, error);
exit(exitcode);
}
......@@ -395,17 +397,17 @@ static void help(poptContext popt_context, enum poptCallbackReason reason,
if (key->shortName == '?') {
struct action_type *action;
fprintf(stdout, "%s\n",PACKAGE_STRING);
log_std("%s\n",PACKAGE_STRING);
poptPrintHelp(popt_context, stdout, 0);
printf(_("\n"
log_std(_("\n"
"<action> is one of:\n"));
for(action = action_types; action->type; action++)
printf("\t%s %s - %s\n", action->type, _(action->arg_desc), _(action->desc));
printf(_("\n"
log_std("\t%s %s - %s\n", action->type, _(action->arg_desc), _(action->desc));
log_std(_("\n"
"<name> is the device to create under %s\n"
"<device> is the encrypted device\n"
"<key slot> is the LUKS key slot number to modify\n"
......@@ -416,12 +418,27 @@ static void help(poptContext popt_context, enum poptCallbackReason reason,
usage(popt_context, 0, NULL, NULL);
}
void set_debug_level(int level);
static void _dbg_version_and_cmd(int argc, char **argv)
{
int i;
log_std("# %s %s processing \"", PACKAGE_NAME, PACKAGE_VERSION);
for (i = 0; i < argc; i++) {
if (i)
log_std(" ");
log_std(argv[i]);
}
log_std("\"\n");
}
static int run_action(struct action_type *action)
{
int r;
if (dm_init(NULL, action->required_dm_backend) < 1) {
fprintf(stderr,_("Cannot communicate with device-mapper. Is dm_mod kernel module loaded?\n"));
log_err("Cannot communicate with device-mapper. Is dm_mod kernel module loaded?\n");
return -ENOSYS;
}
......@@ -454,6 +471,7 @@ int main(int argc, char **argv)
static struct poptOption popt_options[] = {
{ NULL, '\0', POPT_ARG_INCLUDE_TABLE, popt_help_options, 0, N_("Help options:"), NULL },
{ "verbose", 'v', POPT_ARG_NONE, &opt_verbose, 0, N_("Shows more detailed error messages"), NULL },
{ "debug", '\0', POPT_ARG_NONE, &opt_debug, 0, N_("Show debug messsgages"), NULL },
{ "cipher", 'c', POPT_ARG_STRING | POPT_ARGFLAG_SHOW_DEFAULT, &opt_cipher, 0, N_("The cipher used to encrypt the disk (see /proc/crypto)"), NULL },
{ "hash", 'h', POPT_ARG_STRING | POPT_ARGFLAG_SHOW_DEFAULT, &opt_hash, 0, N_("The hash used to create the encryption key from the passphrase"), NULL },
{ "verify-passphrase", 'y', POPT_ARG_NONE, &opt_verify_passphrase, 0, N_("Verifies the passphrase by asking for it twice"), NULL },
......@@ -468,10 +486,10 @@ int main(int argc, char **argv)
N_("msecs") },
{ "batch-mode", 'q', POPT_ARG_NONE, &opt_batch_mode, 0, N_("Do not ask for confirmation"), NULL },
{ "version", '\0', POPT_ARG_NONE, &opt_version_mode, 0, N_("Print package version"), NULL },
{ "timeout", 't', POPT_ARG_INT, &opt_timeout, 0, N_("Timeout for interactive passphrase prompt (in seconds)"), N_("secs") },
{ "tries", 'T', POPT_ARG_INT, &opt_tries, 0, N_("How often the input of the passphrase can be retried"), NULL },
{ "align-payload", '\0', POPT_ARG_INT, &opt_align_payload, 0, N_("Align payload at <n> sector boundaries - for luksFormat"), N_("SECTORS") },
{ "non-exclusive", '\0', POPT_ARG_NONE, &opt_non_exclusive, 0, N_("Allows non-exclusive access for luksOpen, WARNING see manpage."), NULL },
{ "timeout", 't', POPT_ARG_INT, &opt_timeout, 0, N_("Timeout for interactive passphrase prompt (in seconds)"), N_("secs") },
{ "tries", 'T', POPT_ARG_INT, &opt_tries, 0, N_("How often the input of the passphrase canbe retried"), NULL },
{ "align-payload", '\0', POPT_ARG_INT, &opt_align_payload, 0, N_("Align payload at <n> sector boundaries - for luksFormat"), N_("SECTORS") },
{ "non-exclusive", '\0', POPT_ARG_NONE, &opt_non_exclusive, 0, N_("Allows non-exclusive access for luksOpen, WARNING see manpage."), NULL },
POPT_TABLEEND
};
poptContext popt_context;
......@@ -480,6 +498,8 @@ int main(int argc, char **argv)
int r;
const char *null_action_argv[] = {NULL};
set_default_log(cmdLineLog);
setlocale(LC_ALL, "");
bindtextdomain(PACKAGE, LOCALEDIR);
textdomain(PACKAGE);
......@@ -517,15 +537,15 @@ int main(int argc, char **argv)
usage(popt_context, 1, poptStrerror(r),
poptBadOption(popt_context, POPT_BADOPTION_NOALIAS));
if (opt_version_mode) {
printf("%s %s\n", PACKAGE_NAME, PACKAGE_VERSION);
log_std("%s %s\n", PACKAGE_NAME, PACKAGE_VERSION);
exit(0);
}
if (opt_key_size % 8)
usage(popt_context, 1,
_("Key size must be a multiple of 8 bits"),
poptGetInvocationName(popt_context));
if (!(aname = (char *)poptGetArg(popt_context)))
usage(popt_context, 1, _("Argument <action> missing."),
poptGetInvocationName(popt_context));
......@@ -541,7 +561,7 @@ int main(int argc, char **argv)
/* Make return values of poptGetArgs more consistent in case of remaining argc = 0 */
if(!action_argv)
action_argv = null_action_argv;
/* Count args, somewhat unnice, change