Remove password callback interface.

This was a design mistake and should not be handled inside libcryptsetup code.
2025-12-13 03:40:05 +01:00 · 2015-08-20 10:38:28 +02:00
parent 5293f5aae1
commit 4aea3b81ee
8 changed files with 14 additions and 251 deletions
--- a/lib/libcryptsetup.h
+++ b/lib/libcryptsetup.h
@@ -155,61 +155,6 @@ void crypt_set_confirm_callback(struct crypt_device *cd,
 	int (*confirm)(const char *msg, void *usrptr),
 	void *usrptr);
 /**
 * Set password query callback. DEPRECATED
 *
 * If code need @e _interactive_ query for password, this callback is called.
 * If not defined, compiled-in default is called (uses terminal input).
 *
 * Callback should return length of password in buffer
 * or negative errno value in case of error.
 *
 * @param cd crypt device handle
 * @param password user defined password callback reference
 * @param usrptr provided identification in callback
 * @param msg Message for user
 * @param buf buffer for password
 * @param length size of buffer
 *
 * @note Note that if this function is defined, verify option is ignored
 *   (caller which provided callback is responsible for password verification)
 * @note Only zero terminated passwords can be entered this way, for complex
 *   use API functions directly.
 * @note Maximal length of password is limited to @e length @e - @e 1 (minimal 511 chars)
 * @note This function is DEPRECATED and will be removed in future versions.
 *
 * @see Callback function is used in these call provided, that certain conditions are met:
 * @li crypt_keyslot_add_by_passphrase
 * @li crypt_activate_by_passphrase
 * @li crypt_resume_by_passphrase
 * @li crypt_resume_by_keyfile
 * @li crypt_keyslot_add_by_keyfile
 * @li crypt_keyslot_add_by_volume_key
 *
 */
 void crypt_set_password_callback(struct crypt_device *cd,
 	int (*password)(const char *msg, char *buf, size_t length, void *usrptr),
 	void *usrptr);
 /**
 * Set timeout for interactive password entry using default
 * password callback. DEPRECATED
 *
 * @param cd crypt device handle
 * @param timeout_sec timeout in seconds
 */
 void crypt_set_timeout(struct crypt_device *cd, uint64_t timeout_sec);
 /**
 * Set number of retries in case password input has been incorrect. DEPRECATED.
 *
 * @param cd crypt device handle
 * @param tries the number
 *
 * @note This function is DEPRECATED and will be removed in future versions.
 */
 void crypt_set_password_retry(struct crypt_device *cd, int tries);
 /**
 * Set how long should cryptsetup iterate in PBKDF2 function.
 * Default value heads towards the iterations which takes around 1 second.
@@ -218,19 +163,6 @@ void crypt_set_password_retry(struct crypt_device *cd, int tries);
 * @param iteration_time_ms the time in ms
 */
 void crypt_set_iteration_time(struct crypt_device *cd, uint64_t iteration_time_ms);
 /* Don't ask :-) */
 void crypt_set_iterarion_time(struct crypt_device *cd, uint64_t iteration_time_ms);
 /**
 * Set whether passphrase will be verified on input
 * (user has to input same passphrase twice). DEPRECATED
 *
 * @param cd crypt device handle
 * @param password_verify @e 0 = false, @e !0 true
 *
 * @note This function is DEPRECATED and will be removed in future versions.
 */
 void crypt_set_password_verify(struct crypt_device *cd, int password_verify);
 /**
 * Set data device
@@ -540,8 +472,6 @@ int crypt_suspend(struct crypt_device *cd,
 * @return unlocked key slot number or negative errno otherwise.
 *
 * @note Only LUKS device type is supported
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_resume_by_passphrase(struct crypt_device *cd,
 	const char *name,
@@ -560,9 +490,6 @@ int crypt_resume_by_passphrase(struct crypt_device *cd,
 * @param keyfile_offset number of bytes to skip at start of keyfile
 *
 * @return unlocked key slot number or negative errno otherwise.
 *
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_resume_by_keyfile_offset(struct crypt_device *cd,
 	const char *name,
@@ -609,9 +536,6 @@ void crypt_free(struct crypt_device *cd);
 * @param new_passphrase_size size of @e new_passphrase (binary data)
 *
 * @return allocated key slot number or negative errno otherwise.
 *
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_keyslot_add_by_passphrase(struct crypt_device *cd,
 	int keyslot,
@@ -638,9 +562,6 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd,
 * @note This function is just internal implementation of luksChange
 * command to avoid reading of volume key outside libcryptsetup boundary
 * in FIPS mode.
 *
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_keyslot_change_by_passphrase(struct crypt_device *cd,
 	int keyslot_old,
@@ -665,9 +586,6 @@ int crypt_keyslot_change_by_passphrase(struct crypt_device *cd,
 * @param new_keyfile_offset number of bytes to skip at start of new_keyfile
 *
 * @return allocated key slot number or negative errno otherwise.
 *
 * @note Note that @e keyfile can be "-" for STDIN. This special handling is DEPRECATED
 * and will be removed in next version.
 */
 int crypt_keyslot_add_by_keyfile_offset(struct crypt_device *cd,
 	int keyslot,
@@ -700,9 +618,6 @@ int crypt_keyslot_add_by_keyfile(struct crypt_device *cd,
 * @param passphrase_size size of passphrase
 *
 * @return allocated key slot number or negative errno otherwise.
 *
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_keyslot_add_by_volume_key(struct crypt_device *cd,
 	int keyslot,
@@ -791,9 +706,6 @@ int crypt_get_active_device(struct crypt_device *cd,
 * @param flags activation flags
 *
 * @return unlocked key slot number or negative errno otherwise.
 *
 * @note If passphrase is @e NULL always use crypt_set_password_callback.
 * Internal terminal password query is DEPRECATED and will be removed in next version.
 */
 int crypt_activate_by_passphrase(struct crypt_device *cd,
 	const char *name,
--- a/lib/libcryptsetup.sym
+++ b/lib/libcryptsetup.sym
@@ -5,12 +5,7 @@ CRYPTSETUP_1.0 {
 		crypt_init_by_name_and_header;
 		crypt_set_log_callback;
 		crypt_set_confirm_callback;
 		crypt_set_password_callback;
 		crypt_set_timeout;
 		crypt_set_password_retry;
 		crypt_set_iterarion_time;
 		crypt_set_iteration_time;
 		crypt_set_password_verify;
 		crypt_set_uuid;
 		crypt_set_data_device;
--- a/lib/setup.c
+++ b/lib/setup.c
@@ -43,10 +43,7 @@ struct crypt_device {
 	struct device *metadata_device;
 	struct volume_key *volume_key;
 	uint64_t timeout;
 	uint64_t iteration_time;
 	int tries;
 	int password_verify;
 	int rng_type;
 	// FIXME: private binary headers and access it properly
@@ -93,8 +90,6 @@ struct crypt_device {
 	void *log_usrptr;
 	int (*confirm)(const char *msg, void *usrptr);
 	void *confirm_usrptr;
 	int (*password)(const char *msg, char *buf, size_t length, void *usrptr);
 	void *password_usrptr;
 	/* last error message */
 	char error[MAX_ERROR_LENGTH];
@@ -476,14 +471,6 @@ void crypt_set_confirm_callback(struct crypt_device *cd,
 	cd->confirm_usrptr = usrptr;
 }
 void crypt_set_password_callback(struct crypt_device *cd,
 	int (*password)(const char *msg, char *buf, size_t length, void *usrptr),
 	void *usrptr)
 {
 	cd->password = password;
 	cd->password_usrptr = usrptr;
 }
 static void _get_error(char *error, char *buf, size_t size)
 {
 	if (!buf || size < 1)
@@ -535,8 +522,6 @@ int crypt_init(struct crypt_device **cd, const char *device)
 	dm_backend_init();
 	h->iteration_time = 1000;
 	h->password_verify = 0;
 	h->tries = 3;
 	h->rng_type = crypt_random_default_key_rng();
 	*cd = h;
 	return 0;
@@ -2212,33 +2197,11 @@ int crypt_volume_key_verify(struct crypt_device *cd,
 	return r;
 }
 void crypt_set_timeout(struct crypt_device *cd, uint64_t timeout_sec)
 {
 	log_dbg("Timeout set to %" PRIu64 " miliseconds.", timeout_sec);
 	cd->timeout = timeout_sec;
 }
 void crypt_set_password_retry(struct crypt_device *cd, int tries)
 {
 	log_dbg("Password retry count set to %d.", tries);
 	cd->tries = tries;
 }
 void crypt_set_iteration_time(struct crypt_device *cd, uint64_t iteration_time_ms)
 {
 	log_dbg("Iteration time set to %" PRIu64 " miliseconds.", iteration_time_ms);
 	cd->iteration_time = iteration_time_ms;
 }
 void crypt_set_iterarion_time(struct crypt_device *cd, uint64_t iteration_time_ms)
 {
 	crypt_set_iteration_time(cd, iteration_time_ms);
 }
 void crypt_set_password_verify(struct crypt_device *cd, int password_verify)
 {
 	log_dbg("Password verification %s.", password_verify ? "enabled" : "disabled");
 	cd->password_verify = password_verify ? 1 : 0;
 }
 void crypt_set_rng_type(struct crypt_device *cd, int rng_type)
 {
--- a/python/pycryptsetup-test.py
+++ b/python/pycryptsetup-test.py
@@ -40,9 +40,6 @@ def askyes(txt):
    print("Question:", txt)
    return 1
 def askpassword(txt):
    return PASSWORD
 def print_status(c):
    r = c.status()
    print("status  :",end="")
@@ -64,8 +61,7 @@ c = pycryptsetup.CryptSetup(
        device = IMG,
        name = DEVICE,
        yesDialog = askyes,
-        logFunc = log,
+        logFunc = log)
        passwordDialog = askpassword)
 #c.debugLevel(pycryptsetup.CRYPT_DEBUG_ALL);
 c.debugLevel(pycryptsetup.CRYPT_DEBUG_NONE);
@@ -108,16 +104,14 @@ c = pycryptsetup.CryptSetup(
        device = IMG,
        name = DEVICE,
        yesDialog = askyes,
-        logFunc = log,
+        logFunc = log)
        passwordDialog = askpassword)
 print("activate:", c.activate(name = DEVICE, passphrase = PASSWORD))
 c2 = pycryptsetup.CryptSetup(
        name = DEVICE,
        yesDialog = askyes,
-        logFunc = log,
+        logFunc = log)
        passwordDialog = askpassword)
 info = c2.info()
 print("cipher  :", info["cipher"])
--- a/python/pycryptsetup.c
+++ b/python/pycryptsetup.c
@@ -58,7 +58,6 @@ typedef struct {
 	/* Callbacks */
 	PyObject *yesDialogCB;
 	PyObject *cmdLineLogCB;
 	PyObject *passwordDialogCB;
 } CryptSetupObject;
 static int yesDialog(const char *msg, void *this)
@@ -88,41 +87,6 @@ static int yesDialog(const char *msg, void *this)
 	return 1;
 }
 static int passwordDialog(const char *msg, char *buf, size_t length, void *this)
 {
 	CryptSetupObject *self = this;
 	PyObject *result, *arglist;
 	size_t len;
 	char *res = NULL;
 	if(self->passwordDialogCB){
 		arglist = Py_BuildValue("(s)", msg);
 		if (!arglist)
 			return -ENOMEM;
 		result = PyEval_CallObject(self->passwordDialogCB, arglist);
 		Py_DECREF(arglist);
 		if (!result)
 			return -EINVAL;
 		if (!PyArg_Parse(result, "z", &res)) {
 			Py_DECREF(result);
 			return -EINVAL;
 		}
 		strncpy(buf, res, length - 1);
 		len = strlen(res);
 		memset(res, 0, len);
 		Py_DECREF(result);
 		return (int)len;
 	}
 	return -EINVAL;
 }
 static void cmdLineLog(int cls, const char *msg, void *this)
 {
 	CryptSetupObject *self = this;
@@ -144,7 +108,6 @@ static void CryptSetup_dealloc(CryptSetupObject* self)
 	/* free the callbacks */
 	Py_XDECREF(self->yesDialogCB);
 	Py_XDECREF(self->cmdLineLogCB);
 	Py_XDECREF(self->passwordDialogCB);
 	free(self->activated_as);
@@ -160,7 +123,6 @@ static PyObject *CryptSetup_new(PyTypeObject *type, PyObject *args, PyObject *kw
 	if (self) {
 		self->yesDialogCB = NULL;
 		self->passwordDialogCB = NULL;
 		self->cmdLineLogCB = NULL;
 		self->activated_as = NULL;
 	}
@@ -181,8 +143,8 @@ static PyObject *PyObjectResult(int is)
 static char
 CryptSetup_HELP[] =
 "CryptSetup object\n\n\
-constructor takes one to five arguments:\n\
+constructor takes one to four arguments:\n\
-  __init__(device, name, yesDialog, passwordDialog, logFunc)\n\n\
+  __init__(device, name, yesDialog, logFunc)\n\n\
  yesDialog - python function with func(text) signature, \n\
              which asks the user question text and returns 1\n\
              of the answer was positive or 0 if not\n\
@@ -190,16 +152,15 @@ constructor takes one to five arguments:\n\
 static int CryptSetup_init(CryptSetupObject* self, PyObject *args, PyObject *kwds)
 {
-	static const char *kwlist[] = {"device", "name", "yesDialog", "passwordDialog", "logFunc", NULL};
+	static const char *kwlist[] = {"device", "name", "yesDialog", "logFunc", NULL};
 	PyObject *yesDialogCB = NULL,
 		 *passwordDialogCB = NULL,
 		 *cmdLineLogCB = NULL,
 		 *tmp = NULL;
 	char *device = NULL, *deviceName = NULL;
 	int r;
-	if (!PyArg_ParseTupleAndKeywords(args, kwds, "|zzOOO", CONST_CAST(char**)kwlist, &device, &deviceName,
+	if (!PyArg_ParseTupleAndKeywords(args, kwds, "|zzOO", CONST_CAST(char**)kwlist, &device, &deviceName,
-					 &yesDialogCB, &passwordDialogCB, &cmdLineLogCB))
+					 &yesDialogCB, &cmdLineLogCB))
 		return -1;
 	if (device) {
@@ -235,14 +196,6 @@ static int CryptSetup_init(CryptSetupObject* self, PyObject *args, PyObject *kwd
 		crypt_set_confirm_callback(self->device, yesDialog, self);
 	}
 	if (passwordDialogCB) {
 		tmp = self->passwordDialogCB;
 		Py_INCREF(passwordDialogCB);
 		self->passwordDialogCB = passwordDialogCB;
 		Py_XDECREF(tmp);
 		crypt_set_password_callback(self->device, passwordDialog, self);
 	}
 	if (cmdLineLogCB) {
 		tmp = self->cmdLineLogCB;
 		Py_INCREF(cmdLineLogCB);
@@ -658,7 +611,6 @@ static PyObject *CryptSetup_iterationTime(CryptSetupObject* self, PyObject *args
 static PyMemberDef CryptSetup_members[] = {
 	{CONST_CAST(char*)"yesDialogCB", T_OBJECT_EX, offsetof(CryptSetupObject, yesDialogCB), 0, CONST_CAST(char*)"confirmation dialog callback"},
 	{CONST_CAST(char*)"cmdLineLogCB", T_OBJECT_EX, offsetof(CryptSetupObject, cmdLineLogCB), 0, CONST_CAST(char*)"logging callback"},
 	{CONST_CAST(char*)"passwordDialogCB", T_OBJECT_EX, offsetof(CryptSetupObject, passwordDialogCB), 0, CONST_CAST(char*)"password dialog callback"},
 	{NULL}
 };
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -151,9 +151,6 @@ static int action_open_plain(void)
 	if ((r = crypt_init(&cd, action_argv[0])))
 		goto out;
 	crypt_set_timeout(cd, opt_timeout);
 	crypt_set_password_retry(cd, opt_tries);
 	r = crypt_format(cd, CRYPT_PLAIN,
 			 cipher, cipher_mode,
 			 NULL, NULL,
@@ -720,7 +717,6 @@ static int action_luksFormat(void)
 	keysize = (opt_key_size ?: DEFAULT_LUKS1_KEYBITS) / 8;
 	crypt_set_timeout(cd, opt_timeout);
 	if (opt_iteration_time)
 		crypt_set_iteration_time(cd, opt_iteration_time);
@@ -786,10 +782,6 @@ static int action_open_luks(void)
 		goto out;
 	}
 	crypt_set_timeout(cd, opt_timeout);
 	crypt_set_password_retry(cd, opt_tries);
 	crypt_set_password_verify(cd, _verify_passphrase(0));
 	if (opt_iteration_time)
 		crypt_set_iteration_time(cd, opt_iteration_time);
@@ -803,7 +795,6 @@ static int action_open_luks(void)
 		r = crypt_activate_by_volume_key(cd, activated_name,
 						 key, keysize, activate_flags);
 	} else if (opt_key_file) {
 		crypt_set_password_retry(cd, 1);
 		r = crypt_activate_by_keyfile_offset(cd, activated_name,
 			opt_key_slot, opt_key_file, opt_keyfile_size,
 			opt_keyfile_offset, activate_flags);
@@ -870,7 +861,6 @@ static int action_luksKillSlot(void)
 		goto out;
 	crypt_set_confirm_callback(cd, yesDialog, NULL);
 	crypt_set_timeout(cd, opt_timeout);
 	if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
 		goto out;
@@ -913,7 +903,6 @@ static int action_luksRemoveKey(void)
 		goto out;
 	crypt_set_confirm_callback(cd, yesDialog, NULL);
 	crypt_set_timeout(cd, opt_timeout);
 	if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
 		goto out;
@@ -973,9 +962,6 @@ static int action_luksAddKey(void)
 		opt_force_password = 1;
 	keysize = crypt_get_volume_key_size(cd);
 	/* FIXME: lib cannot properly set verification for new/old passphrase */
 	crypt_set_password_verify(cd, _verify_passphrase(0));
 	crypt_set_timeout(cd, opt_timeout);
 	if (opt_iteration_time)
 		crypt_set_iteration_time(cd, opt_iteration_time);
@@ -1233,10 +1219,6 @@ static int action_luksResume(void)
 	if ((r = crypt_init_by_name_and_header(&cd, action_argv[0], uuid_or_device(opt_header_device))))
 		goto out;
 	crypt_set_timeout(cd, opt_timeout);
 	crypt_set_password_retry(cd, opt_tries);
 	crypt_set_password_verify(cd, _verify_passphrase(0));
 	if (opt_key_file)
 		r = crypt_resume_by_keyfile_offset(cd, action_argv[0], CRYPT_ANY_SLOT,
 			opt_key_file, opt_keyfile_size, opt_keyfile_offset);
--- a/src/cryptsetup_reencrypt.c
+++ b/src/cryptsetup_reencrypt.c
@@ -499,7 +499,6 @@ static int backup_luks_headers(struct reenc_ctx *rc)
 	    (r = crypt_load(cd, CRYPT_LUKS1, NULL)))
 		goto out;
 	crypt_set_confirm_callback(cd, NULL, NULL);
 	if ((r = crypt_header_backup(cd, CRYPT_LUKS1, rc->header_file_org)))
 		goto out;
 	log_verbose(_("LUKS header backup of device %s created.\n"), rc->device);
@@ -646,7 +645,6 @@ static int restore_luks_header(struct reenc_ctx *rc)
 	r = crypt_init(&cd, rc->device);
 	if (r == 0) {
 		crypt_set_confirm_callback(cd, NULL, NULL);
 		r = crypt_header_restore(cd, CRYPT_LUKS1, rc->header_file_new);
 	}
--- a/tests/api-test.c
+++ b/tests/api-test.c
@@ -850,27 +850,6 @@ static void AddDevicePlain(void)
 	crypt_free(cd);
 }
 #define CALLBACK_ERROR "calback_error xyz"
 static int pass_callback_err(const char *msg, char *buf, size_t length, void *usrptr)
 {
 	struct crypt_device *cd = usrptr;
 	assert(cd);
 	assert(length);
 	assert(msg);
 	crypt_log(cd, CRYPT_LOG_ERROR, CALLBACK_ERROR);
 	return -EINVAL;
 }
 static int pass_callback_ok(const char *msg, char *buf, size_t length, void *usrptr)
 {
 	assert(length);
 	assert(msg);
 	strcpy(buf, PASSPHRASE);
 	return strlen(buf);
 }
 static void CallbacksTest(void)
 {
 	struct crypt_device *cd;
@@ -897,25 +876,13 @@ static void CallbacksTest(void)
 	OK_(crypt_deactivate(cd, CDEVICE_1));
 	reset_log();
 	crypt_set_password_callback(cd, pass_callback_err, cd);
 	FAIL_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, NULL, 0, 0), "callback fails");
 	EQ_(strncmp(global_log, CALLBACK_ERROR, strlen(CALLBACK_ERROR)), 0);
 	crypt_set_password_callback(cd, pass_callback_ok, NULL);
 	OK_(crypt_activate_by_passphrase(cd, CDEVICE_1, CRYPT_ANY_SLOT, NULL, 0, 0));
 	EQ_(crypt_status(cd, CDEVICE_1), CRYPT_ACTIVE);
 	OK_(crypt_deactivate(cd, CDEVICE_1));
 	// Check error reporting.
 	// This must fail and create error message
 	crypt_deactivate(cd, CDEVICE_1);
 	// Here context must be the same
-	crypt_get_error(buf1, sizeof(buf1));
+	//FIXME: password callback test was here
-	crypt_last_error(cd, buf2, sizeof(buf2));
+	//crypt_get_error(buf1, sizeof(buf1));
-	OK_(!*buf1);
+	//crypt_last_error(cd, buf2, sizeof(buf2));
-	OK_(!*buf2);
+	//OK_(!*buf1);
-	OK_(strcmp(buf1, buf2));
+	//OK_(!*buf2);
 	//OK_(strcmp(buf1, buf2));
 	crypt_get_error(buf1, sizeof(buf1));
 	crypt_last_error(cd, buf2, sizeof(buf2));