diff options
author | Thomas Bächler <thomas@archlinux.org> | 2013-08-18 18:24:13 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2013-09-11 17:44:33 +0200 |
commit | 404dac4d96f4aaf66026e8b412c4b67e8773cffa (patch) | |
tree | c3e457040055971994d16881be8cec1ee1a9d79c | |
parent | 64347fc2b983f33e7efb0fd2bb44e133fb9f30f4 (diff) |
cryptsetup: Retry indefinitely if tries=0 option has been set.
When running from initrd, entering a wrong passphrase usually means that
you cannot boot. Therefore, we allow trying indefinitely.
-rw-r--r-- | man/crypttab.xml | 4 | ||||
-rw-r--r-- | src/cryptsetup/cryptsetup.c | 7 |
2 files changed, 6 insertions, 5 deletions
diff --git a/man/crypttab.xml b/man/crypttab.xml index 15c86d3897..90d8ce95fe 100644 --- a/man/crypttab.xml +++ b/man/crypttab.xml @@ -330,7 +330,9 @@ <term><varname>tries=</varname></term> <listitem><para>Specifies the maximum number of - times the user is queried for a password.</para></listitem> + times the user is queried for a password. + The default is 3. If set to 0, the user is + queried for a password indefinitely.</para></listitem> </varlistentry> <varlistentry> diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index ba0fdbc8e8..22b5eead72 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -41,7 +41,7 @@ static unsigned opt_key_size = 0; static unsigned opt_keyfile_size = 0; static unsigned opt_keyfile_offset = 0; static char *opt_hash = NULL; -static unsigned opt_tries = 0; +static unsigned opt_tries = 3; static bool opt_readonly = false; static bool opt_verify = false; static bool opt_discards = false; @@ -576,7 +576,6 @@ int main(int argc, char *argv[]) { else until = 0; - opt_tries = opt_tries > 0 ? opt_tries : 3; opt_key_size = (opt_key_size > 0 ? opt_key_size : 256); if (key_file) { @@ -588,7 +587,7 @@ int main(int argc, char *argv[]) { log_warning("Key file %s is world-readable. This is not a good idea!", key_file); } - for (tries = 0; tries < opt_tries; tries++) { + for (tries = 0; opt_tries == 0 || tries < opt_tries; tries++) { _cleanup_strv_free_ char **passwords = NULL; if (!key_file) { @@ -616,7 +615,7 @@ int main(int argc, char *argv[]) { log_warning("Invalid passphrase."); } - if (tries >= opt_tries) { + if (opt_tries != 0 && tries >= opt_tries) { log_error("Too many attempts; giving up."); r = EXIT_FAILURE; goto finish; |