chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
binfmt: move sources to subdirectory
[elogind.git] / src / cryptsetup.c
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index d7c458ad8c823b50a7705c8a14b8c8eb3c3badc0..ac7b6d6c38440838dbf8db643fd096fd65773152 100644 (file)
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -110,7 +110,7 @@ static int parse_one_option(const char *option) {
                         return 0;
                 }
 
-        } else
+        } else if (!streq(option, "none"))
                 log_error("Encountered unknown /etc/crypttab option '%s', ignoring.", option);
 
         return 0;
@@ -225,6 +225,7 @@ int main(int argc, char *argv[]) {
         char **passwords = NULL, *truncated_cipher = NULL;
         const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
         char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
+        unsigned keyfile_size = 0;
 
         if (argc <= 1) {
                 help();
@@ -240,6 +241,8 @@ int main(int argc, char *argv[]) {
         log_parse_environment();
         log_open();
 
+        umask(0022);
+
         if (streq(argv[1], "attach")) {
                 uint32_t flags = 0;
                 int k;
@@ -433,6 +436,10 @@ int main(int argc, char *argv[]) {
                                                  &params);
 
                                 pass_volume_key = streq(hash, "plain");
+
+                               /* for CRYPT_PLAIN limit reads
+                                * from keyfile to key length */
+                                keyfile_size = opt_key_size / 8;
                         }
 
                         if (k < 0) {
@@ -447,7 +454,7 @@ int main(int argc, char *argv[]) {
                                  argv[3]);
 
                         if (key_file)
-                                k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, 0, flags);
+                                k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, keyfile_size, flags);
                         else {
                                 char **p;
 
Unnamed repository; edit this file 'description' to name the repository.