chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
log: also set errno to the passed error code before processing format string in log_s...
[elogind.git]
/
src
/
cryptsetup
/
cryptsetup.c
diff --git
a/src/cryptsetup/cryptsetup.c
b/src/cryptsetup/cryptsetup.c
index a647a94e6e52ffa47d8d0147bff80477a4ad05de..b9e67fa63ba8e2b4e12d5dc4a44e9a24a958ca94 100644
(file)
--- a/
src/cryptsetup/cryptsetup.c
+++ b/
src/cryptsetup/cryptsetup.c
@@
-88,6
+88,13
@@
static int parse_one_option(const char *option) {
return 0;
}
return 0;
}
+ if (arg_key_size % 8) {
+ log_error("size= not a multiple of 8, ignoring.");
+ return 0;
+ }
+
+ arg_key_size /= 8;
+
} else if (startswith(option, "key-slot=")) {
arg_type = CRYPT_LUKS1;
} else if (startswith(option, "key-slot=")) {
arg_type = CRYPT_LUKS1;
@@
-168,16
+175,16
@@
static int parse_one_option(const char *option) {
}
static int parse_options(const char *options) {
}
static int parse_options(const char *options) {
- c
har *state, *w
;
+ c
onst char *word, *state
;
size_t l;
int r;
assert(options);
size_t l;
int r;
assert(options);
- FOREACH_WORD_SEPARATOR(w, l, options, ",", state) {
+ FOREACH_WORD_SEPARATOR(w
ord
, l, options, ",", state) {
_cleanup_free_ char *o;
_cleanup_free_ char *o;
- o = strndup(w, l);
+ o = strndup(w
ord
, l);
if (!o)
return -ENOMEM;
r = parse_one_option(o);
if (!o)
return -ENOMEM;
r = parse_one_option(o);
@@
-337,7
+344,7
@@
static int attach_tcrypt(struct crypt_device *cd,
assert(cd);
assert(name);
assert(cd);
assert(name);
- assert(key_file ||
passwords
);
+ assert(key_file ||
(passwords && passwords[0])
);
if (arg_tcrypt_hidden)
params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
if (arg_tcrypt_hidden)
params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
@@
-393,7
+400,9
@@
static int attach_luks_or_plain(struct crypt_device *cd,
/* plain isn't a real hash type. it just means "use no hash" */
if (!streq(arg_hash, "plain"))
params.hash = arg_hash;
/* plain isn't a real hash type. it just means "use no hash" */
if (!streq(arg_hash, "plain"))
params.hash = arg_hash;
- } else
+ } else if (!key_file)
+ /* for CRYPT_PLAIN, the behaviour of cryptsetup
+ * package is to not hash when a key file is provided */
params.hash = "ripemd160";
if (arg_cipher) {
params.hash = "ripemd160";
if (arg_cipher) {
@@
-414,7
+423,7
@@
static int attach_luks_or_plain(struct crypt_device *cd,
/* for CRYPT_PLAIN limit reads
* from keyfile to key length, and
* ignore keyfile-size */
/* for CRYPT_PLAIN limit reads
* from keyfile to key length, and
* ignore keyfile-size */
- arg_keyfile_size = arg_key_size
/ 8
;
+ arg_keyfile_size = arg_key_size;
/* In contrast to what the name
* crypt_setup() might suggest this
/* In contrast to what the name
* crypt_setup() might suggest this
@@
-542,13
+551,18
@@
int main(int argc, char *argv[]) {
description = NULL;
}
description = NULL;
}
+ k = 0;
if (mount_point && description)
if (mount_point && description)
- asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
+
k =
asprintf(&name_buffer, "%s (%s) on %s", description, argv[2], mount_point);
else if (mount_point)
else if (mount_point)
- asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
+
k =
asprintf(&name_buffer, "%s on %s", argv[2], mount_point);
else if (description)
else if (description)
- asprintf(&name_buffer, "%s (%s)", description, argv[2]);
+
k =
asprintf(&name_buffer, "%s (%s)", description, argv[2]);
+ if (k < 0) {
+ log_oom();
+ goto finish;
+ }
name = name_buffer ? name_buffer : argv[2];
k = crypt_init(&cd, argv[3]);
name = name_buffer ? name_buffer : argv[2];
k = crypt_init(&cd, argv[3]);
@@
-577,7
+591,7
@@
int main(int argc, char *argv[]) {
else
until = 0;
else
until = 0;
- arg_key_size = (arg_key_size > 0 ? arg_key_size :
256
);
+ arg_key_size = (arg_key_size > 0 ? arg_key_size :
(256 / 8)
);
if (key_file) {
struct stat st;
if (key_file) {
struct stat st;