eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 14:50:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clear goto use in tools.

Browse Source 
Allow only one pattern for goto - one place for releasing resources.

Avoid all other use of the goto pattern.
This commit is contained in:
Milan Broz
2021-02-12 10:41:30 +01:00
parent b1558ec973
commit 28baeca882
2 changed files with 59 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
src/cryptsetup.c
View File

@@ -743,9 +743,7 @@ static int action_resize(void)
CRYPT_ACTIVATE_KEYRING_KEY); CRYPT_ACTIVATE_KEYRING_KEY);
tools_keyslot_msg(r, UNLOCKED); tools_keyslot_msg(r, UNLOCKED);
if (r >= 0) if (r >= 0 || ARG_SET(OPT_TOKEN_ONLY_ID))
goto resize;
else if (ARG_SET(OPT_TOKEN_ONLY_ID))
goto out; goto out;
r = tools_get_key(NULL, &password, &passwordLen, r = tools_get_key(NULL, &password, &passwordLen,
@@ -759,13 +757,13 @@ static int action_resize(void)
CRYPT_ACTIVATE_KEYRING_KEY); CRYPT_ACTIVATE_KEYRING_KEY);
tools_passphrase_msg(r); tools_passphrase_msg(r);
tools_keyslot_msg(r, UNLOCKED); tools_keyslot_msg(r, UNLOCKED);
crypt_safe_free(password);
} }
resize: out:
if (r >= 0) if (r >= 0)
r = crypt_resize(cd, action_argv[0], dev_size); r = crypt_resize(cd, action_argv[0], dev_size);
out:
crypt_safe_free(password);
crypt_free(cd); crypt_free(cd);
return r; return r;
} }
@@ -1177,7 +1175,7 @@ static int action_luksRepair(void)
crypt_set_log_callback(cd, tool_log, &log_parms); crypt_set_log_callback(cd, tool_log, &log_parms);
if (r == 0) { if (r == 0) {
log_verbose(_("No known problems detected for LUKS header.")); log_verbose(_("No known problems detected for LUKS header."));
goto skip_repair; goto out;
} }
r = tools_detect_signatures(action_argv[0], 1, NULL, ARG_SET(OPT_BATCH_MODE_ID)); r = tools_detect_signatures(action_argv[0], 1, NULL, ARG_SET(OPT_BATCH_MODE_ID));
@@ -1190,10 +1188,11 @@ static int action_luksRepair(void)
r = -EINVAL; r = -EINVAL;
else else
r = crypt_repair(cd, luksType(device_type), NULL); r = crypt_repair(cd, luksType(device_type), NULL);
skip_repair: out:
/* Header is ok, check if possible interrupted reencryption need repairs. */
if (!r && crypt_get_type(cd) && !strcmp(crypt_get_type(cd), CRYPT_LUKS2)) if (!r && crypt_get_type(cd) && !strcmp(crypt_get_type(cd), CRYPT_LUKS2))
r = _do_luks2_reencrypt_recovery(cd); r = _do_luks2_reencrypt_recovery(cd);
out:
crypt_free(cd); crypt_free(cd);
return r; return r;
} }
@@ -2334,6 +2333,8 @@ static const char *_get_device_type(void)
static int action_open(void) static int action_open(void)
{ {
int r = -EINVAL;
if (ARG_SET(OPT_REFRESH_ID) && !device_type) if (ARG_SET(OPT_REFRESH_ID) && !device_type)
/* read device type from active mapping */ /* read device type from active mapping */
device_type = _get_device_type(); device_type = _get_device_type();
@@ -2345,31 +2346,33 @@ static int action_open(void)
!strcmp(device_type, "luks1") || !strcmp(device_type, "luks1") ||
!strcmp(device_type, "luks2")) { !strcmp(device_type, "luks2")) {
if (action_argc < 2 && (!ARG_SET(OPT_TEST_PASSPHRASE_ID) && !ARG_SET(OPT_REFRESH_ID))) if (action_argc < 2 && (!ARG_SET(OPT_TEST_PASSPHRASE_ID) && !ARG_SET(OPT_REFRESH_ID)))
goto args; goto out;
return action_open_luks(); return action_open_luks();
} else if (!strcmp(device_type, "plain")) { } else if (!strcmp(device_type, "plain")) {
if (action_argc < 2 && !ARG_SET(OPT_REFRESH_ID)) if (action_argc < 2 && !ARG_SET(OPT_REFRESH_ID))
goto args; goto out;
return action_open_plain(); return action_open_plain();
} else if (!strcmp(device_type, "loopaes")) { } else if (!strcmp(device_type, "loopaes")) {
if (action_argc < 2 && !ARG_SET(OPT_REFRESH_ID)) if (action_argc < 2 && !ARG_SET(OPT_REFRESH_ID))
goto args; goto out;
return action_open_loopaes(); return action_open_loopaes();
} else if (!strcmp(device_type, "tcrypt")) { } else if (!strcmp(device_type, "tcrypt")) {
if (action_argc < 2 && !ARG_SET(OPT_TEST_PASSPHRASE_ID)) if (action_argc < 2 && !ARG_SET(OPT_TEST_PASSPHRASE_ID))
goto args; goto out;
return action_open_tcrypt(); return action_open_tcrypt();
} else if (!strcmp(device_type, "bitlk")) { } else if (!strcmp(device_type, "bitlk")) {
if (action_argc < 2 && !ARG_SET(OPT_TEST_PASSPHRASE_ID)) if (action_argc < 2 && !ARG_SET(OPT_TEST_PASSPHRASE_ID))
goto args; goto out;
return action_open_bitlk(); return action_open_bitlk();
} } else
r = -ENOENT;
out:
if (r == -ENOENT)
log_err(_("Unrecognized metadata device type %s."), device_type); log_err(_("Unrecognized metadata device type %s."), device_type);
return -EINVAL; else
args:
log_err(_("Command requires device and mapped name as arguments.")); log_err(_("Command requires device and mapped name as arguments."));
return -EINVAL;
return r;
} }
static int action_luksErase(void) static int action_luksErase(void)
@@ -2855,12 +2858,12 @@ static int action_encrypt_luks2(struct crypt_device **cd)
if (r) { if (r) {
log_err(_("Cannot create temporary header file %s."), header_file); log_err(_("Cannot create temporary header file %s."), header_file);
r = -EINVAL; r = -EINVAL;
goto err; goto out;
} }
if (!(tmp = strdup(header_file))) { if (!(tmp = strdup(header_file))) {
r = -ENOMEM; r = -ENOMEM;
goto err; goto out;
} }
ARG_SET_STR(OPT_HEADER_ID, tmp); ARG_SET_STR(OPT_HEADER_ID, tmp);
@@ -2885,7 +2888,7 @@ static int action_encrypt_luks2(struct crypt_device **cd)
r = _luksFormat(cd, &password, &passwordLen); r = _luksFormat(cd, &password, &passwordLen);
if (r < 0) if (r < 0)
goto err; goto out;
if (data_shift) { if (data_shift) {
params.data_shift = imaxabs(data_shift) / SECTOR_SIZE, params.data_shift = imaxabs(data_shift) / SECTOR_SIZE,
@@ -2897,7 +2900,7 @@ static int action_encrypt_luks2(struct crypt_device **cd)
crypt_get_cipher_mode(*cd), &params); crypt_get_cipher_mode(*cd), &params);
if (r < 0) { if (r < 0) {
crypt_keyslot_destroy(*cd, keyslot); crypt_keyslot_destroy(*cd, keyslot);
goto err; goto out;
} }
/* Restore temporary header in head of data device */ /* Restore temporary header in head of data device */
@@ -2911,7 +2914,7 @@ static int action_encrypt_luks2(struct crypt_device **cd)
if (r) { if (r) {
log_err("Failed to place new header at head of device %s.", action_argv[0]); log_err("Failed to place new header at head of device %s.", action_argv[0]);
goto err; goto out;
} }
} }
@@ -2925,7 +2928,7 @@ static int action_encrypt_luks2(struct crypt_device **cd)
} }
if (r < 0) if (r < 0)
goto err; goto out;
/* just load reencryption context to continue reencryption */ /* just load reencryption context to continue reencryption */
if (!ARG_SET(OPT_INIT_ONLY_ID)) { if (!ARG_SET(OPT_INIT_ONLY_ID)) {
@@ -2933,7 +2936,7 @@ static int action_encrypt_luks2(struct crypt_device **cd)
r = crypt_reencrypt_init_by_passphrase(*cd, activated_name, password, passwordLen, r = crypt_reencrypt_init_by_passphrase(*cd, activated_name, password, passwordLen,
CRYPT_ANY_SLOT, keyslot, NULL, NULL, &params); CRYPT_ANY_SLOT, keyslot, NULL, NULL, &params);
} }
err: out:
crypt_safe_free(password); crypt_safe_free(password);
if (*header_file) if (*header_file)
unlink(header_file); unlink(header_file);
@@ -2974,7 +2977,7 @@ static int action_decrypt_luks2(struct crypt_device *cd)
if (r > 0) if (r > 0)
active_name = dm_name; active_name = dm_name;
if (r < 0) if (r < 0)
goto err; goto out;
} else } else
active_name = ARG_STR(OPT_ACTIVE_NAME_ID); active_name = ARG_STR(OPT_ACTIVE_NAME_ID);
@@ -2983,7 +2986,7 @@ static int action_decrypt_luks2(struct crypt_device *cd)
r = crypt_reencrypt_init_by_passphrase(cd, active_name, password, r = crypt_reencrypt_init_by_passphrase(cd, active_name, password,
passwordLen, ARG_INT32(OPT_KEY_SLOT_ID), CRYPT_ANY_SLOT, NULL, NULL, &params); passwordLen, ARG_INT32(OPT_KEY_SLOT_ID), CRYPT_ANY_SLOT, NULL, NULL, &params);
err: out:
crypt_safe_free(password); crypt_safe_free(password);
return r; return r;
} }
@@ -3220,12 +3223,12 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
r = fill_keyslot_passwords(cd, kp, kp_size); r = fill_keyslot_passwords(cd, kp, kp_size);
if (r) if (r)
goto err; goto out;
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) { if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &vk, key_size); r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &vk, key_size);
if (r < 0) if (r < 0)
goto err; goto out;
} }
r = -ENOENT; r = -ENOENT;
@@ -3275,14 +3278,14 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
} }
if (r < 0) if (r < 0)
goto err; goto out;
if (!ARG_SET(OPT_ACTIVE_NAME_ID) && !ARG_SET(OPT_INIT_ONLY_ID)) { if (!ARG_SET(OPT_ACTIVE_NAME_ID) && !ARG_SET(OPT_INIT_ONLY_ID)) {
r = _get_device_active_name(cd, action_argv[0], dm_name, sizeof(dm_name)); r = _get_device_active_name(cd, action_argv[0], dm_name, sizeof(dm_name));
if (r > 0) if (r > 0)
active_name = dm_name; active_name = dm_name;
if (r < 0) if (r < 0)
goto err; goto out;
} else if (ARG_SET(OPT_ACTIVE_NAME_ID)) } else if (ARG_SET(OPT_ACTIVE_NAME_ID))
active_name = ARG_STR(OPT_ACTIVE_NAME_ID); active_name = ARG_STR(OPT_ACTIVE_NAME_ID);
@@ -3292,7 +3295,7 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
r = crypt_reencrypt_init_by_passphrase(cd, active_name, kp[keyslot_old].password, r = crypt_reencrypt_init_by_passphrase(cd, active_name, kp[keyslot_old].password,
kp[keyslot_old].passwordLen, keyslot_old, kp[keyslot_old].new, kp[keyslot_old].passwordLen, keyslot_old, kp[keyslot_old].new,
cipher, mode, &params); cipher, mode, &params);
err: out:
crypt_safe_free(vk); crypt_safe_free(vk);
for (i = 0; i < kp_size; i++) { for (i = 0; i < kp_size; i++) {
crypt_safe_free(kp[i].password); crypt_safe_free(kp[i].password);

35
src/utils_password.c
View File

@@ -151,13 +151,13 @@ static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
outfd = infd; outfd = infd;
if (tcgetattr(infd, &orig)) if (tcgetattr(infd, &orig))
goto out_err; goto out;
memcpy(&tmp, &orig, sizeof(tmp)); memcpy(&tmp, &orig, sizeof(tmp));
tmp.c_lflag &= ~ECHO; tmp.c_lflag &= ~ECHO;
if (prompt && write(outfd, prompt, strlen(prompt)) < 0) if (prompt && write(outfd, prompt, strlen(prompt)) < 0)
goto out_err; goto out;
tcsetattr(infd, TCSAFLUSH, &tmp); tcsetattr(infd, TCSAFLUSH, &tmp);
if (timeout) if (timeout)
@@ -165,8 +165,7 @@ static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
else else
failed = untimed_read(infd, pass, maxlen); failed = untimed_read(infd, pass, maxlen);
tcsetattr(infd, TCSAFLUSH, &orig); tcsetattr(infd, TCSAFLUSH, &orig);
out:
out_err:
if (!failed && write(outfd, "\n", 1)) {}; if (!failed && write(outfd, "\n", 1)) {};
if (infd != STDIN_FILENO) if (infd != STDIN_FILENO)
@@ -195,7 +194,7 @@ static int crypt_get_key_tty(const char *prompt,
if (interactive_pass(prompt, pass, key_size_max, timeout)) { if (interactive_pass(prompt, pass, key_size_max, timeout)) {
log_err(_("Error reading passphrase from terminal.")); log_err(_("Error reading passphrase from terminal."));
goto out_err; goto out;
} }
pass[key_size_max] = '\0'; pass[key_size_max] = '\0';
@@ -204,26 +203,26 @@ static int crypt_get_key_tty(const char *prompt,
if (!pass_verify) { if (!pass_verify) {
log_err(_("Out of memory while reading passphrase.")); log_err(_("Out of memory while reading passphrase."));
r = -ENOMEM; r = -ENOMEM;
goto out_err; goto out;
} }
if (interactive_pass(_("Verify passphrase: "), if (interactive_pass(_("Verify passphrase: "),
pass_verify, key_size_max, timeout)) { pass_verify, key_size_max, timeout)) {
log_err(_("Error reading passphrase from terminal.")); log_err(_("Error reading passphrase from terminal."));
goto out_err; goto out;
} }
if (strncmp(pass, pass_verify, key_size_max)) { if (strncmp(pass, pass_verify, key_size_max)) {
log_err(_("Passphrases do not match.")); log_err(_("Passphrases do not match."));
r = -EPERM; r = -EPERM;
goto out_err; goto out;
} }
} }
*key = pass; *key = pass;
*key_size = strlen(pass); *key_size = strlen(pass);
r = 0; r = 0;
out_err: out:
crypt_safe_free(pass_verify); crypt_safe_free(pass_verify);
if (r) if (r)
crypt_safe_free(pass); crypt_safe_free(pass);
@@ -295,7 +294,7 @@ void tools_passphrase_msg(int r)
int tools_read_mk(const char *file, char **key, int keysize) int tools_read_mk(const char *file, char **key, int keysize)
{ {
int fd; int fd = -1, r = -EINVAL;
if (keysize <= 0 || !key) if (keysize <= 0 || !key)
return -EINVAL; return -EINVAL;
@@ -307,20 +306,24 @@ int tools_read_mk(const char *file, char **key, int keysize)
fd = open(file, O_RDONLY); fd = open(file, O_RDONLY);
if (fd == -1) { if (fd == -1) {
log_err(_("Cannot read keyfile %s."), file); log_err(_("Cannot read keyfile %s."), file);
goto fail; goto out;
} }
if (read_buffer(fd, *key, keysize) != keysize) { if (read_buffer(fd, *key, keysize) != keysize) {
log_err(_("Cannot read %d bytes from keyfile %s."), keysize, file); log_err(_("Cannot read %d bytes from keyfile %s."), keysize, file);
close(fd); goto out;
goto fail;
} }
r = 0;
out:
if (fd != -1)
close(fd); close(fd);
return 0;
fail: if (r) {
crypt_safe_free(*key); crypt_safe_free(*key);
*key = NULL; *key = NULL;
return -EINVAL; }
return r;
} }
int tools_write_mk(const char *file, const char *key, int keysize) int tools_write_mk(const char *file, const char *key, int keysize)