Fix create command to properly handle keyfile size.

- for keyfile reset hash, it make no sense (see man page)
- use activate_by_keyfile to make code more readable
(it still does the stem thing)

- if keyfile specified, read only key and do not do exhausted
read (regression from 1.1.3)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@399 36d66b0a-2a48-0410-832c-cd162a569da5

diff --git a/ChangeLog b/ChangeLog
index 5bdfdff..3629931 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 2010-11-25  Milan Broz  <mbroz@redhat.com>
        * Fix crypt_activate_by_keyfile() to work with PLAIN devices.
+       * Fix create command to properly handle keyfile size.
 
 2010-11-16  Milan Broz  <mbroz@redhat.com>
        * Version 1.2.0-rc1.

diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 170d176..562b57b 100644 (file)
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -198,11 +198,15 @@ static int action_create(int arg)
        };
        char *password = NULL;
        unsigned int passwordLen;
+       unsigned int key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
        int r;
 
        if (params.hash && !strcmp(params.hash, "plain"))
                params.hash = NULL;
 
+       if (opt_key_file)
+               params.hash = NULL;
+
        r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(PLAIN),
                                      cipher, cipher_mode);
        if (r < 0) {
@@ -219,20 +223,28 @@ static int action_create(int arg)
        r = crypt_format(cd, CRYPT_PLAIN,
                         cipher, cipher_mode,
                         NULL, NULL,
-                        (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8,
+                        key_size,
                         &params);
        if (r < 0)
                goto out;
 
-       r = crypt_get_key(_("Enter passphrase: "), &password, &passwordLen,
-                         opt_keyfile_size, opt_key_file, opt_timeout,
-                         opt_batch_mode ? 0 : opt_verify_passphrase, cd);
-       if (r < 0)
-               goto out;
+       if (opt_key_file)
+               r = crypt_activate_by_keyfile(cd, action_argv[0],
+                       CRYPT_ANY_SLOT, opt_key_file, key_size,
+                       opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+       else {
+               r = crypt_get_key(_("Enter passphrase: "),
+                                 &password, &passwordLen, 0, NULL,
+                                 opt_timeout,
+                                 opt_batch_mode ? 0 : opt_verify_passphrase,
+                                 cd);
+               if (r < 0)
+                       goto out;
 
-       r = crypt_activate_by_passphrase(cd, action_argv[0], CRYPT_ANY_SLOT,
-                                        password, passwordLen,
-                                        opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+               r = crypt_activate_by_passphrase(cd, action_argv[0],
+                       CRYPT_ANY_SLOT, password, passwordLen,
+                        opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+       }
 out:
        crypt_free(cd);
        crypt_safe_free(password);

diff --git a/tests/compat-test b/tests/compat-test
index af7ae21..e12d813 100755 (executable)
--- a/tests/compat-test
+++ b/tests/compat-test
@@ -255,6 +255,8 @@ $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 || fail
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 2>/dev/null && fail
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d blah 2>/dev/null && fail
 $CRYPTSETUP -q remove  $DEV_NAME || fail
+$CRYPTSETUP create $DEV_NAME $LOOPDEV -d /dev/urandom || fail
+$CRYPTSETUP -q remove  $DEV_NAME || fail
 
 prepare "[20] Disallow open/create if already mapped." wipe
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 || fail