summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMilan Broz <mbroz@redhat.com>2011-04-26 00:15:15 +0200
committerLennart Poettering <lennart@poettering.net>2011-04-26 21:50:15 +0200
commit2d745456b2852d102e6f27f685c97118f2190669 (patch)
treebed2ca2f4fbd833c2b008f449589ba30ba149a6e
parent641e01dcdcc810026ee4156d1694d97e10a1ba07 (diff)
cryptsetup: fix keyfile size option processing
/etc/crypttab uses "size" argument only for plain crypt mapping (and input is limited to volume key size) For LUKS it always read whole keyfile (no arguments except "luks" should be in crypttab). Because of bug in cryptsetup 1.2.0 (fixed in 1.3.0) library did not enforced keyfile size argument, so this bug was hidden for some time. Patch also converts size in bits to bytes like excepted by libcryptsetup api. Fixes https://bugs.freedesktop.org/show_bug.cgi?id=36264
-rw-r--r--src/cryptsetup.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 4ef9606d39..c0caf9a930 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -225,6 +225,7 @@ int main(int argc, char *argv[]) {
char **passwords = NULL, *truncated_cipher = NULL;
const char *cipher = NULL, *cipher_mode = NULL, *hash = NULL, *name = NULL;
char *description = NULL, *name_buffer = NULL, *mount_point = NULL;
+ unsigned keyfile_size = 0;
if (argc <= 1) {
help();
@@ -433,6 +434,10 @@ int main(int argc, char *argv[]) {
&params);
pass_volume_key = streq(hash, "plain");
+
+ /* for CRYPT_PLAIN limit reads
+ * from keyfile to key length */
+ keyfile_size = opt_key_size / 8;
}
if (k < 0) {
@@ -447,7 +452,7 @@ int main(int argc, char *argv[]) {
argv[3]);
if (key_file)
- k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_key_size, flags);
+ k = crypt_activate_by_keyfile(cd, argv[2], CRYPT_ANY_SLOT, key_file, keyfile_size, flags);
else {
char **p;