Handle signals in tool context.

2025-12-16 21:29:59 +01:00 · 2012-12-11 19:01:46 +01:00
parent 710aad20d3
commit 32c578729c
4 changed files with 93 additions and 27 deletions
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -126,6 +126,7 @@ static int action_open_plain(void)
 			 NULL, NULL,
 			 key_size,
 			 &params);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -145,7 +146,7 @@ static int action_open_plain(void)
 			params.hash ? 0 : key_size, 0,
 			activate_flags);
 	else {
-		r = crypt_get_key(_("Enter passphrase: "),
+		r = tools_get_key(_("Enter passphrase: "),
 				  &password, &passwordLen,
 				  opt_keyfile_offset, opt_keyfile_size,
 				  NULL, opt_timeout,
@@ -192,6 +193,7 @@ static int action_open_loopaes(void)
 	r = crypt_format(cd, CRYPT_LOOPAES, opt_cipher ?: DEFAULT_LOOPAES_CIPHER,
 			 NULL, NULL, NULL, key_size, &params);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -222,7 +224,7 @@ static int action_open_tcrypt(void)
 		goto out;
 	/* TCRYPT header is encrypted, get passphrase now */
-	r = crypt_get_key(_("Enter passphrase: "),
+	r = tools_get_key(_("Enter passphrase: "),
 			  CONST_CAST(char**)&params.passphrase,
 			  &params.passphrase_size, 0, 0, NULL, opt_timeout,
 			  _verify_passphrase(0), cd);
@@ -233,6 +235,7 @@ static int action_open_tcrypt(void)
 		params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
 	r = crypt_load(cd, CRYPT_TCRYPT, &params);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -303,7 +306,7 @@ static int action_tcryptDump(void)
 		goto out;
 	/* TCRYPT header is encrypted, get passphrase now */
-	r = crypt_get_key(_("Enter passphrase: "),
+	r = tools_get_key(_("Enter passphrase: "),
 			  CONST_CAST(char**)&params.passphrase,
 			  &params.passphrase_size, 0, 0, NULL, opt_timeout,
 			  _verify_passphrase(0), cd);
@@ -314,6 +317,7 @@ static int action_tcryptDump(void)
 		params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
 	r = crypt_load(cd, CRYPT_TCRYPT, &params);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -460,6 +464,9 @@ static int action_benchmark(void)
 		{ "twofish", "xts", 64, 16 },
 		{  NULL, NULL, 0, 0 }
 	};
 	static char *bkdfs[] = {
 		"sha1", "sha256", "sha512", "ripemd160", "whirlpool", NULL
 	};
 	char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
 	double enc_mbr = 0, dec_mbr = 0;
 	int key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS);
@@ -496,16 +503,18 @@ static int action_benchmark(void)
 		} else if (r == -ENOENT)
 			log_err(_("Cipher %s is not available.\n"), opt_cipher);
 	} else {
-		action_benchmark_kdf("sha1");
+		for (i = 0; bkdfs[i]; i++) {
-		action_benchmark_kdf("sha256");
+			r = action_benchmark_kdf(bkdfs[i]);
-		action_benchmark_kdf("sha512");
+			check_signal(&r);
-		action_benchmark_kdf("ripemd160");
+			if (r == -EINTR)
-		action_benchmark_kdf("whirlpool");
+				break;
 		}
 		for (i = 0; bciphers[i].cipher; i++) {
 			r = crypt_benchmark(NULL, bciphers[i].cipher, bciphers[i].mode,
 					    bciphers[i].key_size, bciphers[i].iv_size,
 					    buffer_size, &enc_mbr, &dec_mbr);
-			if (r == -ENOTSUP)
+			check_signal(&r);
 			if (r == -ENOTSUP || r == -EINTR)
 				break;
 			if (r == -ENOENT)
 				skipped++;
@@ -634,7 +643,7 @@ static int action_luksFormat(void)
 	else if (opt_urandom)
 		crypt_set_rng_type(cd, CRYPT_RNG_URANDOM);
-	r = crypt_get_key(_("Enter LUKS passphrase: "), &password, &passwordLen,
+	r = tools_get_key(_("Enter LUKS passphrase: "), &password, &passwordLen,
 			  opt_keyfile_offset, opt_keyfile_size, opt_key_file,
 			  opt_timeout, _verify_passphrase(1), cd);
 	if (r < 0)
@@ -648,6 +657,7 @@ static int action_luksFormat(void)
 	r = crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode,
 			 opt_uuid, key, keysize, &params);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -744,7 +754,7 @@ static int verify_keyslot(struct crypt_device *cd, int key_slot,
 	if (ki == CRYPT_SLOT_ACTIVE_LAST && msg_last && !yesDialog(msg_last, NULL))
 		return -EPERM;
-	r = crypt_get_key(msg_pass, &password, &passwordLen,
+	r = tools_get_key(msg_pass, &password, &passwordLen,
 			  keyfile_offset, keyfile_size, key_file, opt_timeout,
 			  _verify_passphrase(0), cd);
 	if(r < 0)
@@ -832,7 +842,7 @@ static int action_luksRemoveKey(void)
 	if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
 		goto out;
-	r = crypt_get_key(_("Enter LUKS passphrase to be deleted: "),
+	r = tools_get_key(_("Enter LUKS passphrase to be deleted: "),
 		      &password, &passwordLen,
 		      opt_keyfile_offset, opt_keyfile_size, opt_key_file,
 		      opt_timeout,
@@ -843,6 +853,7 @@ static int action_luksRemoveKey(void)
 	r = crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT,
 					 password, passwordLen, 0);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -924,7 +935,7 @@ static int action_luksChangeKey(void)
 	if (opt_iteration_time)
 		crypt_set_iteration_time(cd, opt_iteration_time);
-	r = crypt_get_key(_("Enter LUKS passphrase to be changed: "),
+	r = tools_get_key(_("Enter LUKS passphrase to be changed: "),
 		      &password, &password_size,
 		      opt_keyfile_offset, opt_keyfile_size, opt_key_file,
 		      opt_timeout, _verify_passphrase(0), cd);
@@ -934,10 +945,11 @@ static int action_luksChangeKey(void)
 	/* Check password before asking for new one */
 	r = crypt_activate_by_passphrase(cd, NULL, opt_key_slot,
 					 password, password_size, 0);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
-	r = crypt_get_key(_("Enter new LUKS passphrase: "),
+	r = tools_get_key(_("Enter new LUKS passphrase: "),
 			  &password_new, &password_new_size,
 			  opt_new_keyfile_offset, opt_new_keyfile_size,
 			  opt_new_key_file,
@@ -1016,7 +1028,7 @@ static int luksDump_with_volume_key(struct crypt_device *cd)
 	if (!vk)
 		return -ENOMEM;
-	r = crypt_get_key(_("Enter LUKS passphrase: "), &password, &passwordLen,
+	r = tools_get_key(_("Enter LUKS passphrase: "), &password, &passwordLen,
 			  opt_keyfile_offset, opt_keyfile_size, opt_key_file,
 			  opt_timeout, 0, cd);
 	if (r < 0)
@@ -1024,6 +1036,7 @@ static int luksDump_with_volume_key(struct crypt_device *cd)
 	r = crypt_volume_key_get(cd, CRYPT_ANY_SLOT, vk, &vk_size,
 				 password, passwordLen);
 	check_signal(&r);
 	if (r < 0)
 		goto out;
@@ -1272,6 +1285,7 @@ static int run_action(struct action_type *action)
 	if (action->required_memlock)
 		crypt_memory_lock(NULL, 1);
 	set_int_handler(0);
 	r = action->handler();
 	if (action->required_memlock)
@@ -1280,6 +1294,7 @@ static int run_action(struct action_type *action)
 	/* Some functions returns keyslot # */
 	if (r > 0)
 		r = 0;
 	check_signal(&r);
 	show_status(r);
 	return translate_errno(r);
--- a/src/cryptsetup.h
+++ b/src/cryptsetup.h
@@ -72,7 +72,15 @@ int translate_errno(int r);
 extern volatile int quit;
 void set_int_block(int block);
-void set_int_handler(void);
+void set_int_handler(int block);
 void check_signal(int *r);
 int tools_get_key(const char *prompt,
 		  char **key, size_t *key_size,
 		  size_t keyfile_offset, size_t keyfile_size_max,
 		  const char *key_file,
 		  int timeout, int verify,
 		  struct crypt_device *cd);
 /* Log */
 #define log_dbg(x...) clogger(NULL, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x)
--- a/src/cryptsetup_reencrypt.c
+++ b/src/cryptsetup_reencrypt.c
@@ -795,7 +795,7 @@ static int copy_data(struct reenc_ctx *rc)
 		goto out;
 	}
-	set_int_handler();
+	set_int_handler(0);
 	gettimeofday(&rc->start_time, NULL);
 	if (rc->reencrypt_direction == FORWARD)
@@ -857,7 +857,7 @@ static int init_passphrase1(struct reenc_ctx *rc, struct crypt_device *cd,
 	retry_count = opt_tries ?: 1;
 	while (retry_count--) {
-		set_int_handler();
+		set_int_handler(0);
 		r = crypt_get_key(msg, &rc->p[slot].password,
 			&rc->p[slot].passwordLen,
 			0, 0, NULL /*opt_key_file*/,
--- a/src/utils_tools.c
+++ b/src/utils_tools.c
@@ -28,6 +28,7 @@ int opt_batch_mode = 0;
 /* interrupt handling */
 volatile int quit = 0;
 static int signals_blocked = 0;
 static void int_handler(int sig __attribute__((__unused__)))
 {
@@ -38,21 +39,54 @@ void set_int_block(int block)
 {
 	sigset_t signals_open;
 	log_dbg("%slocking interruption on signal.", block ? "B" : "Unb");
 	sigemptyset(&signals_open);
 	sigaddset(&signals_open, SIGINT);
 	sigaddset(&signals_open, SIGTERM);
 	sigprocmask(block ? SIG_SETMASK : SIG_UNBLOCK, &signals_open, NULL);
 	signals_blocked = block;
 	quit = 0;
 }
-void set_int_handler(void)
+void set_int_handler(int block)
 {
 	struct sigaction sigaction_open;
 	log_dbg("Installing SIGINT/SIGTERM handler.");
 	memset(&sigaction_open, 0, sizeof(struct sigaction));
 	sigaction_open.sa_handler = int_handler;
 	sigaction(SIGINT, &sigaction_open, 0);
 	sigaction(SIGTERM, &sigaction_open, 0);
 	set_int_block(block);
 }
 void check_signal(int *r)
 {
 	if (quit && !*r)
 		*r = -EINTR;
 }
 /* crypt_get_key() with signal handler */
 int tools_get_key(const char *prompt,
 		  char **key, size_t *key_size,
 		  size_t keyfile_offset, size_t keyfile_size_max,
 		  const char *key_file,
 		  int timeout, int verify,
 		  struct crypt_device *cd)
 {
 	int r, block;
 	block = signals_blocked;
 	if (block)
 		set_int_block(0);
 	r = crypt_get_key(prompt, key, key_size, keyfile_offset,
 			  keyfile_size_max, key_file, timeout, verify, cd);
 	if (block && !quit)
 		set_int_block(1);
 	return r;
 }
 __attribute__((format(printf, 5, 6)))
@@ -115,21 +149,30 @@ int yesDialog(const char *msg, void *usrptr __attribute__((unused)))
 {
 	char *answer = NULL;
 	size_t size = 0;
-	int r = 1;
+	int r = 1, block;
 	block = signals_blocked;
 	if (block)
 		set_int_block(0);
 	if(isatty(STDIN_FILENO) && !opt_batch_mode) {
 		log_std("\nWARNING!\n========\n");
 		log_std("%s\n\nAre you sure? (Type uppercase yes): ", msg);
 		if(getline(&answer, &size, stdin) == -1) {
 			perror("getline");
 			free(answer);
 			return 0;
 		}
 		if(strcmp(answer, "YES\n"))
 			r = 0;
-		free(answer);
+			/* Aborted by signal */
 			if (!quit)
 				log_err(_("Error reading response from terminal.\n"));
 			else
 				log_dbg("Query interrupted on signal.");
 		} else if(strcmp(answer, "YES\n"))
 			r = 0;
 	}
 	if (block && !quit)
 		set_int_block(1);
 	free(answer);
 	return r;
 }