diff --git a/ChangeLog b/ChangeLog index 927bdfc5..4d612c2d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,7 @@ * Replace global options struct with separate parameters in helper functions. * Add new libcryptsetup API (documented in libcryptsetup.h). * Implement old API calls using new functions. + * Remove old API code helper functions. 2009-08-17 Milan Broz * Fix PBKDF2 speed calculation for large passhrases. diff --git a/lib/setup.c b/lib/setup.c index 8ae41660..408e47fa 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -182,43 +182,6 @@ static int keyslot_verify_or_find_empty(struct crypt_device *cd, int *keyslot) return 0; } -static int keyslot_is_valid(struct crypt_device *cd, int keySlotIndex) -{ - if(keySlotIndex >= LUKS_NUMKEYS || keySlotIndex < 0) { - log_err(cd, _("Key slot %d is invalid, please select between 0 and %d.\n"), - keySlotIndex, LUKS_NUMKEYS - 1); - return 0; - } - - return 1; -} - -/* Select free keyslot or verifies that the one specified is empty */ -static int keyslot_from_option(struct crypt_device *cd, int keySlotOption, struct luks_phdr *hdr) { - if(keySlotOption >= 0) { - if(!keyslot_is_valid(cd, keySlotOption)) - return -EINVAL; - else if(hdr->keyblock[keySlotOption].active != LUKS_KEY_DISABLED) { - log_err(cd, _("Key slot %d is full, please select another one.\n"), - keySlotOption); - return -EINVAL; - } else { - return keySlotOption; - } - } else { - int i; - /* Find empty key slot */ - for(i=0; ikeyblock[i].active == LUKS_KEY_DISABLED) break; - } - if(i==LUKS_NUMKEYS) { - log_err(cd, _("All key slots full.\n")); - return -EINVAL; - } - return i; - } -} - static int verify_other_keyslot(struct crypt_device *cd, const char *key_file, unsigned int flags, @@ -307,149 +270,6 @@ static int device_check_and_adjust(struct crypt_device *cd, return 0; } -static int create_device_helper_old(int reload, struct crypt_options *options) -{ - struct crypt_device *cd = NULL; - char *key = NULL; - unsigned int keyLen; - char *processed_key = NULL; - int read_only; - int r; - - r = dm_status_device(options->name); - if (reload) { - if (r < 0) - return r; - } else { - if (r >= 0) { - log_err(cd, _("Device %s already exists.\n"), options->name); - return -EEXIST; - } - if (r != -ENODEV) - return r; - } - - if (options->key_size < 0 || options->key_size > 1024) { - log_err(cd, _("Invalid key size %d.\n"), options->key_size); - return -EINVAL; - } - - read_only = (options->flags & CRYPT_FLAG_READONLY); - r = device_check_and_adjust(cd, options->device, &options->size, &options->offset, &read_only); - if (r) - return r; - - get_key("Enter passphrase: ", &key, &keyLen, options->key_size, - options->key_file, options->timeout, options->flags, NULL); - if (!key) { - log_err(cd, "Key reading error"); - return -ENOENT; - } - - processed_key = process_key(cd, options->hash, options->key_file, options->key_size, key, keyLen); - safe_free(key); - - if (!processed_key) - return -ENOENT; - - r = dm_create_device(options->name, options->device, options->cipher, - NULL, options->size, options->skip, options->offset, - options->key_size, processed_key, - read_only, reload); - - safe_free(processed_key); - - return r; -} - -static int luks_remove_helper_old(struct crypt_device *cd, - struct crypt_options *options, int supply_it) -{ - struct luks_masterkey *mk; - struct luks_phdr hdr; - char *password=NULL; - unsigned int passwordLen; - const char *device = options->device; - int keyIndex; - int openedIndex; - int r, last_slot; - - r = LUKS_read_phdr(options->device, &hdr, 1, cd); - if(r < 0) - return r; - - if(supply_it) { - get_key("Enter LUKS passphrase to be deleted: ",&password,&passwordLen, 0, options->new_key_file, - options->timeout, options->flags, cd); - if(!password) { - r = -EINVAL; goto out; - } - - keyIndex = LUKS_open_key_with_hdr(device, CRYPT_ANY_SLOT, password, passwordLen, &hdr, &mk, cd); - if(keyIndex < 0) { - log_err(cd, "No remaining key available with this passphrase.\n"); - r = -EPERM; goto out; - } else - log_std(cd ,"key slot %d selected for deletion.\n", keyIndex); - - safe_free(password); - password = NULL; - } else { - keyIndex = options->key_slot; - if (!keyslot_is_valid(cd, keyIndex)) { - r = -EINVAL; goto out; - } - } - - if (LUKS_keyslot_info(&hdr, keyIndex) == SLOT_INACTIVE) { - log_err(cd, _("Key %d not active. Can't wipe.\n"), keyIndex); - r = -EINVAL; - goto out; - } - - last_slot = (LUKS_keyslot_info(&hdr, keyIndex) == SLOT_ACTIVE_LAST); - if(last_slot && !(options->icb->yesDialog(_("This is the last keyslot. Device will become unusable after purging this key.")))) { - r = -EINVAL; goto out; - } - - if(options->flags & CRYPT_FLAG_VERIFY_ON_DELKEY) { - options->flags &= ~CRYPT_FLAG_VERIFY_ON_DELKEY; - get_key("Enter any remaining LUKS passphrase: ",&password,&passwordLen, 0, options->key_file, - options->timeout, options->flags, cd); - if(!password) { - r = -EINVAL; goto out; - } - - r = LUKS_read_phdr(device, &hdr, 1, cd); - if(r < 0) { - options->icb->log(CRYPT_LOG_ERROR,"Failed to access device.\n"); - r = -EIO; goto out; - } - - if(!last_slot) - hdr.keyblock[keyIndex].active = LUKS_KEY_DISABLED; - - openedIndex = LUKS_open_key_with_hdr(device, CRYPT_ANY_SLOT, password, passwordLen, &hdr, &mk, cd); - /* Clean up */ - if (openedIndex >= 0) { - LUKS_dealloc_masterkey(mk); - mk = NULL; - } - if(openedIndex < 0) { - log_err(cd, "No remaining key available with this passphrase.\n"); - r = -EPERM; goto out; - } else - log_std(cd, "key slot %d verified.\n", openedIndex); - } - r = LUKS_del_key(device, keyIndex, cd); - if(r < 0) goto out; - - r = 0; -out: - safe_free(password); - return r; -} - static int luks_remove_helper(struct crypt_device *cd, int key_slot, const char *other_key_file,