1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 10:51:20 +03:00

cryptsetup: default to no hash when keyfile is specified

For plain dm-crypt devices, the behavior of cryptsetup package is to
ignore the hash algorithm when a key file is provided. It seems wrong
to ignore a hash when it is explicitly specified, but we should default
to no hash if the keyfile is specified.

https://bugs.freedesktop.org/show_bug.cgi?id=52630
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2014-11-24 09:11:12 -05:00
parent 056edeb910
commit 8a52210c93

View File

@ -400,7 +400,9 @@ static int attach_luks_or_plain(struct crypt_device *cd,
/* plain isn't a real hash type. it just means "use no hash" */
if (!streq(arg_hash, "plain"))
params.hash = arg_hash;
} else
} else if (!key_file)
/* for CRYPT_PLAIN, the behaviour of cryptsetup
* package is to not hash when a key file is provided */
params.hash = "ripemd160";
if (arg_cipher) {