X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcryptsetup%2Fcryptsetup.c;h=94570eb82d07ac9b836907d86b8cadfb34305176;hb=875c2e220e2611165e09051c4747971811f1de58;hp=9b9074c52ad0c49af3aa3adfd1cb68caf6c314a7;hpb=ac1a87b9f2d085ef1f976a79042fe8797da9b329;p=elogind.git diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 9b9074c52..94570eb82 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -88,6 +88,13 @@ static int parse_one_option(const char *option) { return 0; } + if (arg_key_size % 8) { + log_error("size= not a multiple of 8, ignoring."); + return 0; + } + + arg_key_size /= 8; + } else if (startswith(option, "key-slot=")) { arg_type = CRYPT_LUKS1; @@ -168,16 +175,16 @@ static int parse_one_option(const char *option) { } static int parse_options(const char *options) { - char *state, *w; + const char *word, *state; size_t l; int r; assert(options); - FOREACH_WORD_SEPARATOR(w, l, options, ",", state) { + FOREACH_WORD_SEPARATOR(word, l, options, ",", state) { _cleanup_free_ char *o; - o = strndup(w, l); + o = strndup(word, l); if (!o) return -ENOMEM; r = parse_one_option(o); @@ -257,6 +264,8 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char int r; char **p; _cleanup_free_ char *text = NULL; + _cleanup_free_ char *escaped_name = NULL; + char *id; assert(name); assert(passwords); @@ -264,7 +273,13 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char if (asprintf(&text, "Please enter passphrase for disk %s!", name) < 0) return log_oom(); - r = ask_password_auto(text, "drive-harddisk", until, accept_cached, passwords); + escaped_name = cescape(name); + if (!escaped_name) + return log_oom(); + + id = strappenda("cryptsetup:", escaped_name); + + r = ask_password_auto(text, "drive-harddisk", id, until, accept_cached, passwords); if (r < 0) { log_error("Failed to query password: %s", strerror(-r)); return r; @@ -278,7 +293,9 @@ static int get_password(const char *name, usec_t until, bool accept_cached, char if (asprintf(&text, "Please enter passphrase for disk %s! (verification)", name) < 0) return log_oom(); - r = ask_password_auto(text, "drive-harddisk", until, false, &passwords2); + id = strappenda("cryptsetup-verification:", escaped_name); + + r = ask_password_auto(text, "drive-harddisk", id, until, false, &passwords2); if (r < 0) { log_error("Failed to query verification password: %s", strerror(-r)); return r; @@ -327,7 +344,7 @@ static int attach_tcrypt(struct crypt_device *cd, assert(cd); assert(name); - assert(key_file || passwords); + assert(key_file || (passwords && passwords[0])); if (arg_tcrypt_hidden) params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER; @@ -404,7 +421,7 @@ static int attach_luks_or_plain(struct crypt_device *cd, /* for CRYPT_PLAIN limit reads * from keyfile to key length, and * ignore keyfile-size */ - arg_keyfile_size = arg_key_size / 8; + arg_keyfile_size = arg_key_size; /* In contrast to what the name * crypt_setup() might suggest this @@ -532,13 +549,18 @@ int main(int argc, char *argv[]) { description = NULL; } + k = 0; if (mount_point && description) - asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point); + k = asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point); else if (mount_point) - asprintf(&name_buffer, "%s on %s", argv[2], mount_point); + k = asprintf(&name_buffer, "%s on %s", argv[2], mount_point); else if (description) - asprintf(&name_buffer, "%s (%s)", description, argv[2]); + k = asprintf(&name_buffer, "%s (%s)", description, argv[2]); + if (k < 0) { + log_oom(); + goto finish; + } name = name_buffer ? name_buffer : argv[2]; k = crypt_init(&cd, argv[3]); @@ -567,7 +589,7 @@ int main(int argc, char *argv[]) { else until = 0; - arg_key_size = (arg_key_size > 0 ? arg_key_size : 256); + arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8)); if (key_file) { struct stat st;