eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-17 05:40:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add verbose messages explaining token errors.

Browse Source
This commit is contained in:
Ondrej Kozina
2021-07-29 15:07:10 +02:00
committed by Milan Broz
parent cab332c367
commit 3b826d0fa3
3 changed files with 34 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/cryptsetup.c
View File

@@ -212,6 +212,7 @@ static int _try_token_pin_unlock(struct crypt_device *cd,
crypt_safe_free(pin); crypt_safe_free(pin);
pin = NULL; pin = NULL;
tools_keyslot_msg(r, UNLOCKED); tools_keyslot_msg(r, UNLOCKED);
tools_token_error_msg(r, ARG_STR(OPT_TOKEN_TYPE_ID), ARG_INT32(OPT_TOKEN_ID_ID), true);
check_signal(&r); check_signal(&r);
} while (r == -ENOANO && (--tries > 0)); } while (r == -ENOANO && (--tries > 0));
@@ -796,6 +797,7 @@ static int action_resize(void)
ARG_INT32(OPT_TOKEN_ID_ID), NULL, 0, NULL, ARG_INT32(OPT_TOKEN_ID_ID), NULL, 0, NULL,
CRYPT_ACTIVATE_KEYRING_KEY); CRYPT_ACTIVATE_KEYRING_KEY);
tools_keyslot_msg(r, UNLOCKED); tools_keyslot_msg(r, UNLOCKED);
tools_token_error_msg(r, ARG_STR(OPT_TOKEN_TYPE_ID), ARG_INT32(OPT_TOKEN_ID_ID), false);
/* Token requires PIN, but ask only if there is no password query later */ /* Token requires PIN, but ask only if there is no password query later */
if (ARG_SET(OPT_TOKEN_ONLY_ID) && r == -ENOANO) if (ARG_SET(OPT_TOKEN_ONLY_ID) && r == -ENOANO)
@@ -1580,6 +1582,7 @@ static int action_open_luks(void)
r = crypt_activate_by_token_pin(cd, activated_name, ARG_STR(OPT_TOKEN_TYPE_ID), r = crypt_activate_by_token_pin(cd, activated_name, ARG_STR(OPT_TOKEN_TYPE_ID),
ARG_INT32(OPT_TOKEN_ID_ID), NULL, 0, NULL, activate_flags); ARG_INT32(OPT_TOKEN_ID_ID), NULL, 0, NULL, activate_flags);
tools_keyslot_msg(r, UNLOCKED); tools_keyslot_msg(r, UNLOCKED);
tools_token_error_msg(r, ARG_STR(OPT_TOKEN_TYPE_ID), ARG_INT32(OPT_TOKEN_ID_ID), false);
/* Token requires PIN, but ask only if there is no password query later */ /* Token requires PIN, but ask only if there is no password query later */
if (ARG_SET(OPT_TOKEN_ONLY_ID) && r == -ENOANO) if (ARG_SET(OPT_TOKEN_ONLY_ID) && r == -ENOANO)

1
src/cryptsetup.h
View File

@@ -72,6 +72,7 @@ int translate_errno(int r);
typedef enum { CREATED, UNLOCKED, REMOVED } crypt_object_op; typedef enum { CREATED, UNLOCKED, REMOVED } crypt_object_op;
void tools_keyslot_msg(int keyslot, crypt_object_op op); void tools_keyslot_msg(int keyslot, crypt_object_op op);
void tools_token_msg(int token, crypt_object_op op); void tools_token_msg(int token, crypt_object_op op);
void tools_token_error_msg(int error, const char *type, int token, bool pin_provided);
extern volatile int quit; extern volatile int quit;
void set_int_block(int block); void set_int_block(int block);

30
src/utils_tools.c
View File

@@ -271,6 +271,36 @@ void tools_token_msg(int token, crypt_object_op op)
log_verbose(_("Token %i removed."), token); log_verbose(_("Token %i removed."), token);
} }
void tools_token_error_msg(int error, const char *type, int token, bool pin_provided)
{
if (error >= 0)
return;
if (error == -ENOANO) {
if (pin_provided)
log_verbose(_("No token could be unlocked with this PIN."));
else if (token != CRYPT_ANY_TOKEN)
log_verbose(_("Token %i requires PIN."), token);
else if (type)
log_verbose(_("Token (type %s) requires PIN."), type);
} else if (error == -EPERM) {
if (token != CRYPT_ANY_TOKEN)
log_verbose(_("Token %i cannot unlock assigned keyslot(s) (wrong keyslot passphrase)."), token);
else if (type)
log_verbose(_("Token (type %s) cannot unlock assigned keyslot(s) (wrong keyslot passphrase)."), type);
} if (error == -EAGAIN) {
if (token != CRYPT_ANY_TOKEN)
log_verbose(_("Token %i requires additional missing resource."), token);
else if (type)
log_verbose(_("Token (type %s) requires additional missing resource."), type);
} if (error == -ENOENT) {
if (type)
log_verbose(_("No usable token (type %s) is available."), type);
else
log_verbose(_("No usable token is available."));
}
}
/* /*
* Device size string parsing, suffixes: * Device size string parsing, suffixes:
* s|S - 512 bytes sectors * s|S - 512 bytes sectors