eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 06:40:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix --test-passphrase when device in reencryption.

Browse Source 
Commit 0113ac2d broke test passphrase mode when
device was in LUKS2 reencryption.

Previously --test-passphrase parameter automatically raised
CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY flag. It did not make sense
when users mostly want to test whether device can be activated by
provided passphrase or not. Raise the aforementioned flag only
if user requested it either by --unbound parameter or when
specific keyslot was selected.

Reported in: https://bugzilla.redhat.com/show_bug.cgi?id=2056439

Fixes: #716.
This commit is contained in:
Ondrej Kozina
2022-02-23 12:18:35 +01:00
parent 6b774e617b
commit 0a9f14c658
5 changed files with 18 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/utils_luks.c
View File

@@ -99,7 +99,8 @@ void set_activation_flags(uint32_t *flags)
*flags |= CRYPT_ACTIVATE_IGNORE_PERSISTENT;
/* Only for LUKS2 but ignored elsewhere */
if (ARG_SET(OPT_TEST_PASSPHRASE_ID))
if (ARG_SET(OPT_TEST_PASSPHRASE_ID) &&
(ARG_SET(OPT_KEY_SLOT_ID) || ARG_SET(OPT_UNBOUND_ID)))
*flags |= CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY;
if (ARG_SET(OPT_SERIALIZE_MEMORY_HARD_PBKDF_ID))