chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
cryptsetup: ask for password, if key file cannot be accessed
[elogind.git] / src / cryptsetup / cryptsetup.c
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index d5dc2335c8994e8d9b62c7fc5c5cd6f18691923e..a24e61a0358e2a7a1f947f939ddba4b4046d321f 100644 (file)
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -44,7 +44,7 @@ static unsigned opt_tries = 0;
 static bool opt_readonly = false;
 static bool opt_verify = false;
 static bool opt_discards = false;
-static usec_t opt_timeout = DEFAULT_TIMEOUT_USEC;
+static usec_t opt_timeout = 0;
 
 /* Options Debian's crypttab knows we don't:
 
@@ -127,7 +127,7 @@ static int parse_one_option(const char *option) {
                 opt_type = CRYPT_PLAIN;
         else if (startswith(option, "timeout=")) {
 
-                if (parse_usec(option+8, &opt_timeout) < 0) {
+                if (parse_sec(option+8, &opt_timeout) < 0) {
                         log_error("timeout= parse failure, ignoring.");
                         return 0;
                 }
@@ -461,10 +461,7 @@ int main(int argc, char *argv[]) {
                                 k = crypt_load(cd, CRYPT_LUKS1, NULL);
 
                         if ((!opt_type && k < 0) || streq_ptr(opt_type, CRYPT_PLAIN)) {
-                                struct crypt_params_plain params;
-
-                                zero(params);
-                                params.hash = hash;
+                                struct crypt_params_plain params = { .hash = hash };
 
                                 /* for CRYPT_PLAIN limit reads
                                 * from keyfile to key length, and
@@ -503,6 +500,11 @@ int main(int argc, char *argv[]) {
                         if (key_file)
                                 k = crypt_activate_by_keyfile_offset(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_keyfile_size,
                                             opt_keyfile_offset, flags);
+                                if (k < 0) {
+                                        log_error("Failed to activate with key file '%s': %s", key_file, strerror(-k));
+                                        key_file = NULL;
+                                        continue;
+                                }
                         else {
                                 char **p;
 
Unnamed repository; edit this file 'description' to name the repository.