Fix create command to properly handle keyfile size.

- for keyfile reset hash, it make no sense (see man page) - use activate_by_keyfile to make code more readable (it still does the stem thing) - if keyfile specified, read only key and do not do exhausted read (regression from 1.1.3) git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@399 36d66b0a-2a48-0410-832c-cd162a569da5
2025-12-16 05:10:03 +01:00 · 2010-12-09 17:58:50 +00:00
parent 6cae0b0efb
commit 68c2ac1087
3 changed files with 24 additions and 9 deletions
--- a/1
+++ b/1
@@ -1,5 +1,6 @@
 2010-11-25  Milan Broz  <mbroz@redhat.com>
 	* Fix crypt_activate_by_keyfile() to work with PLAIN devices.
+	* Fix create command to properly handle keyfile size.

 2010-11-16  Milan Broz  <mbroz@redhat.com>
 	* Version 1.2.0-rc1.
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -198,11 +198,15 @@ static int action_create(int arg)
 	};
 	char *password = NULL;
 	unsigned int passwordLen;
+	unsigned int key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
 	int r;

 	if (params.hash && !strcmp(params.hash, "plain"))
 		params.hash = NULL;

+	if (opt_key_file)
+		params.hash = NULL;
+
 	r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(PLAIN),
 				      cipher, cipher_mode);
 	if (r < 0) {
@@ -219,20 +223,28 @@ static int action_create(int arg)
 	r = crypt_format(cd, CRYPT_PLAIN,
 			 cipher, cipher_mode,
 			 NULL, NULL,
-			 (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8,
+			 key_size,
 			 &params);
 	if (r < 0)
 		goto out;

-	r = crypt_get_key(_("Enter passphrase: "), &password, &passwordLen,
-			  opt_keyfile_size, opt_key_file, opt_timeout,
-			  opt_batch_mode ? 0 : opt_verify_passphrase, cd);
-	if (r < 0)
-		goto out;
+	if (opt_key_file)
+		r = crypt_activate_by_keyfile(cd, action_argv[0],
+			CRYPT_ANY_SLOT, opt_key_file, key_size,
+			opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+	else {
+		r = crypt_get_key(_("Enter passphrase: "),
+				  &password, &passwordLen, 0, NULL,
+				  opt_timeout,
+				  opt_batch_mode ? 0 : opt_verify_passphrase,
+				  cd);
+		if (r < 0)
+			goto out;

-	r = crypt_activate_by_passphrase(cd, action_argv[0], CRYPT_ANY_SLOT,
-					 password, passwordLen,
-					 opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+		r = crypt_activate_by_passphrase(cd, action_argv[0],
+			CRYPT_ANY_SLOT, password, passwordLen,
+			 opt_readonly ?  CRYPT_ACTIVATE_READONLY : 0);
+	}
 out:
 	crypt_free(cd);
 	crypt_safe_free(password);
--- a/tests/compat-test
+++ b/tests/compat-test
@@ -255,6 +255,8 @@ $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 || fail
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 2>/dev/null && fail
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d blah 2>/dev/null && fail
 $CRYPTSETUP -q remove  $DEV_NAME || fail
+$CRYPTSETUP create $DEV_NAME $LOOPDEV -d /dev/urandom || fail
+$CRYPTSETUP -q remove  $DEV_NAME || fail

 prepare "[20] Disallow open/create if already mapped." wipe
 $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 || fail