mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
journalctl: reshuffle console message about fss keys
We talked about the verification key, then about sealing keys, and then about the verification key again. Let's shorten things a bit, and divide the output in three paragraphs: one about the machine, one about the sealing keys, and one about verification keys and the qr code with them.
This commit is contained in:
parent
1efe30ded3
commit
da012db02d
@ -46,7 +46,7 @@ int print_qr_code(
|
||||
_cleanup_(dlclosep) void *dl = NULL;
|
||||
_cleanup_free_ char *url = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
size_t url_size = 0, i;
|
||||
size_t url_size = 0;
|
||||
unsigned x, y;
|
||||
QRcode* qr;
|
||||
int r;
|
||||
@ -79,7 +79,7 @@ int print_qr_code(
|
||||
|
||||
fputs("fss://", f);
|
||||
|
||||
for (i = 0; i < seed_size; i++) {
|
||||
for (size_t i = 0; i < seed_size; i++) {
|
||||
if (i > 0 && i % 3 == 0)
|
||||
fputc('-', f);
|
||||
fprintf(f, "%02x", ((uint8_t*) seed)[i]);
|
||||
|
@ -1778,7 +1778,7 @@ static int add_syslog_identifier(sd_journal *j) {
|
||||
|
||||
static int setup_keys(void) {
|
||||
#if HAVE_GCRYPT
|
||||
size_t mpk_size, seed_size, state_size, i;
|
||||
size_t mpk_size, seed_size, state_size;
|
||||
_cleanup_(unlink_and_freep) char *k = NULL;
|
||||
_cleanup_free_ char *p = NULL;
|
||||
uint8_t *mpk, *seed, *state;
|
||||
@ -1890,52 +1890,49 @@ static int setup_keys(void) {
|
||||
|
||||
k = mfree(k);
|
||||
|
||||
_cleanup_free_ char *hn = NULL;
|
||||
|
||||
if (on_tty()) {
|
||||
hn = gethostname_malloc();
|
||||
if (hn)
|
||||
hostname_cleanup(hn);
|
||||
|
||||
char tsb[FORMAT_TIMESPAN_MAX];
|
||||
fprintf(stderr,
|
||||
"\nNew keys have been generated for host %s%s" SD_ID128_FORMAT_STR ".\n"
|
||||
"\n"
|
||||
"The new key pair has been generated. The %ssecret sealing key%s has been written to\n"
|
||||
"the following local file. This key file is automatically updated when the\n"
|
||||
"sealing key is advanced. It should not be used on multiple hosts.\n"
|
||||
"The %ssecret sealing key%s has been written to the following local file.\n"
|
||||
"This key file is automatically updated when the sealing key is advanced.\n"
|
||||
"It should not be used on multiple hosts.\n"
|
||||
"\n"
|
||||
"\t%s\n"
|
||||
"\n"
|
||||
"The sealing key is automatically changed every %s.\n"
|
||||
"\n"
|
||||
"Please write down the following %ssecret verification key%s. It should be stored\n"
|
||||
"at a safe location and should not be saved locally on disk.\n"
|
||||
"in a safe location and should not be saved locally on disk.\n"
|
||||
"\n\t%s",
|
||||
hn ?: "", hn ? "/" : "", SD_ID128_FORMAT_VAL(machine),
|
||||
ansi_highlight(), ansi_normal(),
|
||||
p,
|
||||
format_timespan(tsb, sizeof(tsb), arg_interval, 0),
|
||||
ansi_highlight(), ansi_normal(),
|
||||
ansi_highlight_red());
|
||||
fflush(stderr);
|
||||
}
|
||||
for (i = 0; i < seed_size; i++) {
|
||||
|
||||
for (size_t i = 0; i < seed_size; i++) {
|
||||
if (i > 0 && i % 3 == 0)
|
||||
putchar('-');
|
||||
printf("%02x", ((uint8_t*) seed)[i]);
|
||||
}
|
||||
|
||||
printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
|
||||
|
||||
if (on_tty()) {
|
||||
_cleanup_free_ char *hn = NULL;
|
||||
char tsb[FORMAT_TIMESPAN_MAX];
|
||||
|
||||
fprintf(stderr,
|
||||
"%s\n"
|
||||
"The sealing key is automatically changed every %s.\n",
|
||||
ansi_normal(),
|
||||
format_timespan(tsb, sizeof(tsb), arg_interval, 0));
|
||||
|
||||
hn = gethostname_malloc();
|
||||
if (hn) {
|
||||
hostname_cleanup(hn);
|
||||
fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
|
||||
} else
|
||||
fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
|
||||
|
||||
fprintf(stderr, "%s", ansi_normal());
|
||||
#if HAVE_QRENCODE
|
||||
(void) print_qr_code(stderr,
|
||||
"\nTo transfer the verification key to your phone please scan the QR code below:\n\n",
|
||||
"\nTo transfer the verification key to your phone scan the QR code below:\n",
|
||||
seed, seed_size,
|
||||
n, arg_interval,
|
||||
hn, machine);
|
||||
|
Loading…
Reference in New Issue
Block a user