X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fcryptsetup.c;h=09d7510680aeb9b6ae3512839970364f481f4181;hb=fb3b62ca02013b8526fc0e73bc5c19f737be27fa;hp=a56fb28991df46c6f0480c0a3b2ad0f79794083a;hpb=bd047d03ef28080b701707475e9f8aa81e25c874;p=platform%2Fupstream%2Fcryptsetup.git diff --git a/src/cryptsetup.c b/src/cryptsetup.c index a56fb28..09d7510 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -3,7 +3,7 @@ * * Copyright (C) 2004, Christophe Saout * Copyright (C) 2004-2007, Clemens Fruhwirth - * Copyright (C) 2009-2011, Red Hat, Inc. All rights reserved. + * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -32,7 +32,6 @@ #include #include #include -#include #include #include "cryptsetup.h" @@ -69,6 +68,7 @@ static int opt_urandom = 0; static int opt_dump_master_key = 0; static int opt_shared = 0; static int opt_allow_discards = 0; +static int opt_test_passphrase = 0; static const char **action_argv; static int action_argc; @@ -490,6 +490,8 @@ static int action_status(int arg __attribute__((unused))) } out: crypt_free(cd); + if (r == -ENOTSUP) + r = 0; return r; } @@ -627,7 +629,7 @@ out: static int action_luksOpen(int arg __attribute__((unused))) { struct crypt_device *cd = NULL; - const char *data_device, *header_device; + const char *data_device, *header_device, *activated_name; char *key = NULL; uint32_t flags = 0; int r, keysize; @@ -640,6 +642,8 @@ static int action_luksOpen(int arg __attribute__((unused))) data_device = NULL; } + activated_name = opt_test_passphrase ? NULL : action_argv[1]; + if ((r = crypt_init(&cd, header_device))) goto out; @@ -674,15 +678,15 @@ static int action_luksOpen(int arg __attribute__((unused))) r = _read_mk(opt_master_key_file, &key, keysize); if (r < 0) goto out; - r = crypt_activate_by_volume_key(cd, action_argv[1], + r = crypt_activate_by_volume_key(cd, activated_name, key, keysize, flags); } else if (opt_key_file) { crypt_set_password_retry(cd, 1); - r = crypt_activate_by_keyfile_offset(cd, action_argv[1], + r = crypt_activate_by_keyfile_offset(cd, activated_name, opt_key_slot, opt_key_file, opt_keyfile_size, opt_keyfile_offset, flags); } else - r = crypt_activate_by_passphrase(cd, action_argv[1], + r = crypt_activate_by_passphrase(cd, activated_name, opt_key_slot, NULL, 0, flags); out: crypt_safe_free(key); @@ -1303,6 +1307,7 @@ int main(int argc, const char **argv) { "uuid", '\0', POPT_ARG_STRING, &opt_uuid, 0, N_("UUID for device to use."), NULL }, { "allow-discards", '\0', POPT_ARG_NONE, &opt_allow_discards, 0, N_("Allow discards (aka TRIM) requests for device."), NULL }, { "header", '\0', POPT_ARG_STRING, &opt_header_device, 0, N_("Device or file with separated LUKS header."), NULL }, + { "test-passphrase", '\0', POPT_ARG_NONE, &opt_test_passphrase, 0, N_("Do not activate device, just check passphrase."), NULL }, POPT_TABLEEND }; poptContext popt_context; @@ -1317,9 +1322,11 @@ int main(int argc, const char **argv) bindtextdomain(PACKAGE, LOCALEDIR); textdomain(PACKAGE); + crypt_fips_self_check(NULL); + popt_context = poptGetContext(PACKAGE, argc, argv, popt_options, 0); poptSetOtherOptionHelp(popt_context, - N_("[OPTION...] ]")); + N_("[OPTION...] ")); while((r = poptGetNextOpt(popt_context)) > 0) { unsigned long long ull_value; @@ -1387,30 +1394,33 @@ int main(int argc, const char **argv) /* FIXME: rewrite this from scratch */ - if (opt_shared && strcmp(aname, "create")) { + if (opt_shared && strcmp(aname, "create")) usage(popt_context, EXIT_FAILURE, _("Option --shared is allowed only for create operation.\n"), poptGetInvocationName(popt_context)); - } if (opt_allow_discards && strcmp(aname, "luksOpen") && strcmp(aname, "create") && - strcmp(aname, "loopaesOpen")) { + strcmp(aname, "loopaesOpen")) usage(popt_context, EXIT_FAILURE, _("Option --allow-discards is allowed only for luksOpen, loopaesOpen and create operation.\n"), poptGetInvocationName(popt_context)); - } if (opt_key_size && strcmp(aname, "luksFormat") && strcmp(aname, "create") && - strcmp(aname, "loopaesOpen")) { + strcmp(aname, "loopaesOpen")) usage(popt_context, EXIT_FAILURE, _("Option --key-size is allowed only for luksFormat, create and loopaesOpen.\n" "To limit read from keyfile use --keyfile-size=(bytes)."), poptGetInvocationName(popt_context)); - } + + if (opt_test_passphrase && + strcmp(aname, "luksOpen")) + usage(popt_context, EXIT_FAILURE, + _("Option --test-passphrase is allowed only for luksOpen.\n"), + poptGetInvocationName(popt_context)); if (opt_key_size % 8) usage(popt_context, EXIT_FAILURE, @@ -1434,15 +1444,15 @@ int main(int argc, const char **argv) } if (opt_keyfile_size < 0 || opt_new_keyfile_size < 0 || opt_key_size < 0 || - opt_keyfile_offset < 0 || opt_new_keyfile_offset < 0) { + opt_keyfile_offset < 0 || opt_new_keyfile_offset < 0) usage(popt_context, EXIT_FAILURE, _("Negative number for option not permitted."), poptGetInvocationName(popt_context)); - } if (opt_random && opt_urandom) usage(popt_context, EXIT_FAILURE, _("Only one of --use-[u]random options is allowed."), poptGetInvocationName(popt_context)); + if ((opt_random || opt_urandom) && strcmp(aname, "luksFormat")) usage(popt_context, EXIT_FAILURE, _("Option --use-[u]random is allowed only for luksFormat."), poptGetInvocationName(popt_context)); @@ -1451,6 +1461,10 @@ int main(int argc, const char **argv) usage(popt_context, EXIT_FAILURE, _("Option --uuid is allowed only for luksFormat and luksUUID."), poptGetInvocationName(popt_context)); + if (opt_align_payload && strcmp(aname, "luksFormat")) + usage(popt_context, EXIT_FAILURE, _("Option --align-payload is allowed only for luksFormat."), + poptGetInvocationName(popt_context)); + if (opt_skip && strcmp(aname, "create") && strcmp(aname, "loopaesOpen")) usage(popt_context, EXIT_FAILURE, _("Option --skip is supported only for create and loopaesOpen commands.\n"),