mirror of
https://github.com/systemd/systemd.git
synced 2024-10-27 10:25:37 +03:00
cryptsetup: fix keyfile size option processing
/etc/crypttab uses "size" argument only for plain crypt mapping (and input is limited to volume key size) For LUKS it always read whole keyfile (no arguments except "luks" should be in crypttab). Because of bug in cryptsetup 1.2.0 (fixed in 1.3.0) library did not enforced keyfile size argument, so this bug was hidden for some time. Patch also converts size in bits to bytes like excepted by libcryptsetup api. Fixes https://bugs.freedesktop.org/show_bug.cgi?id=36264
This commit is contained in:
parent
641e01dcdc
commit
2d745456b2
@ -225,6 +225,7 @@ int main(int argc, char *argv[]) {
|
||||
char **passwords = NULL, *truncated_cipher = NULL;
|
||||
const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
|
||||
char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
|
||||
unsigned keyfile_size = 0;
|
||||
|
||||
if (argc <= 1) {
|
||||
help();
|
||||
@ -433,6 +434,10 @@ int main(int argc, char *argv[]) {
|
||||
¶ms);
|
||||
|
||||
pass_volume_key = streq(hash, "plain");
|
||||
|
||||
/* for CRYPT_PLAIN limit reads
|
||||
* from keyfile to key length */
|
||||
keyfile_size = opt_key_size / 8;
|
||||
}
|
||||
|
||||
if (k < 0) {
|
||||
@ -447,7 +452,7 @@ int main(int argc, char *argv[]) {
|
||||
argv[3]);
|
||||
|
||||
if (key_file)
|
||||
k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_key_size, flags);
|
||||
k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, keyfile_size, flags);
|
||||
else {
|
||||
char **p;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user