From 4083bb2c0f01f783cd362cf784da35e4349aac7d Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Mon, 5 Sep 2016 14:42:39 +0200 Subject: [PATCH] Verify passphrase in cryptsetup-reencrypt when encrypting new drive. --- src/cryptsetup_reencrypt.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/cryptsetup_reencrypt.c b/src/cryptsetup_reencrypt.c index 9a748953..198acd7d 100644 --- a/src/cryptsetup_reencrypt.c +++ b/src/cryptsetup_reencrypt.c @@ -994,7 +994,7 @@ static int initialize_uuid(struct reenc_ctx *rc) } static int init_passphrase1(struct reenc_ctx *rc, struct crypt_device *cd, - const char *msg, int slot_to_check, int check) + const char *msg, int slot_to_check, int check, int verify) { char *password; int r = -EINVAL, retry_count; @@ -1003,7 +1003,7 @@ static int init_passphrase1(struct reenc_ctx *rc, struct crypt_device *cd, retry_count = opt_tries ?: 1; while (retry_count--) { r = tools_get_key(msg, &password, &passwordLen, 0, 0, - NULL /*opt_key_file*/, 0, 0, 0 /*pwquality*/, cd); + NULL /*opt_key_file*/, 0, verify, 0 /*pwquality*/, cd); if (r < 0) return r; if (quit) { @@ -1092,7 +1092,7 @@ static int initialize_passphrase(struct reenc_ctx *rc, const char *device) log_dbg("Passhrases initialization."); if (rc->reencrypt_mode == ENCRYPT && !rc->in_progress) { - r = init_passphrase1(rc, cd, _("Enter new passphrase: "), opt_key_slot, 0); + r = init_passphrase1(rc, cd, _("Enter new passphrase: "), opt_key_slot, 0, 1); return r > 0 ? 0 : r; } @@ -1114,14 +1114,14 @@ static int initialize_passphrase(struct reenc_ctx *rc, const char *device) } else if (rc->in_progress || opt_key_slot != CRYPT_ANY_SLOT || rc->reencrypt_mode == DECRYPT) { - r = init_passphrase1(rc, cd, msg, opt_key_slot, 1); + r = init_passphrase1(rc, cd, msg, opt_key_slot, 1, 0); } else for (i = 0; i < MAX_SLOT; i++) { ki = crypt_keyslot_status(cd, i); if (ki != CRYPT_SLOT_ACTIVE && ki != CRYPT_SLOT_ACTIVE_LAST) continue; snprintf(msg, sizeof(msg), _("Enter passphrase for key slot %u: "), i); - r = init_passphrase1(rc, cd, msg, i, 1); + r = init_passphrase1(rc, cd, msg, i, 1, 0); if (r < 0) break; }