summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
641e01d)
/etc/crypttab uses "size" argument only for plain crypt mapping
(and input is limited to volume key size)
For LUKS it always read whole keyfile (no arguments except "luks"
should be in crypttab).
Because of bug in cryptsetup 1.2.0 (fixed in 1.3.0) library
did not enforced keyfile size argument, so this bug was
hidden for some time.
Patch also converts size in bits to bytes like excepted
by libcryptsetup api.
Fixes https://bugs.freedesktop.org/show_bug.cgi?id=36264
char **passwords = NULL, *truncated_cipher = NULL;
const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
char **passwords = NULL, *truncated_cipher = NULL;
const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
+ unsigned keyfile_size = 0;
¶ms);
pass_volume_key = streq(hash, "plain");
¶ms);
pass_volume_key = streq(hash, "plain");
+
+ /* for CRYPT_PLAIN limit reads
+ * from keyfile to key length */
+ keyfile_size = opt_key_size / 8;
- k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_key_size, flags);
+ k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, keyfile_size, flags);