shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 10:51:20 +03:00
Code

cryptsetup: default to no hash when keyfile is specified

Browse Source 
For plain dm-crypt devices, the behavior of cryptsetup package is to
ignore the hash algorithm when a key file is provided. It seems wrong
to ignore a hash when it is explicitly specified, but we should default
to no hash if the keyfile is specified.

https://bugs.freedesktop.org/show_bug.cgi?id=52630
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2014-11-24 09:11:12 -05:00
parent 056edeb910
commit 8a52210c93
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/cryptsetup/cryptsetup.c
View File

@ -400,7 +400,9 @@ static int attach_luks_or_plain(struct crypt_device *cd,
/* plain isn't a real hash type. it just means "use no hash" */ /* plain isn't a real hash type. it just means "use no hash" */
if (!streq(arg_hash, "plain")) if (!streq(arg_hash, "plain"))
params.hash = arg_hash; params.hash = arg_hash;
} else } else if (!key_file)
/* for CRYPT_PLAIN, the behaviour of cryptsetup
* package is to not hash when a key file is provided */
params.hash = "ripemd160"; params.hash = "ripemd160";
if (arg_cipher) { if (arg_cipher) {