eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 21:29:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add token handler version function prototype.

Browse Source 
Dynamicaly loaded token handlers should provide
version string for debug purposes.
This commit is contained in:
Ondrej Kozina
2021-01-26 12:37:31 +01:00
parent 10e4d8fbac
commit 6df3488654
3 changed files with 38 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lib/libcryptsetup.h
View File

@@ -2205,6 +2205,16 @@ typedef int (*crypt_token_validate_func) (struct crypt_device *cd, const char *j
*/ */
typedef void (*crypt_token_dump_func) (struct crypt_device *cd, const char *json); typedef void (*crypt_token_dump_func) (struct crypt_device *cd, const char *json);
/**
* Token handler version function prototype.
* This function is supposed to return pointer to version string information.
*
* @note The returned string is advised to contain only version.
* For example '1.0.0' or 'v1.2.3.4'.
*
*/
typedef const char * (*crypt_token_version_func) (void);
/** /**
* Token handler * Token handler
*/ */
@@ -2234,6 +2244,7 @@ int crypt_token_register(const crypt_token_handler *handler);
#define CRYPT_TOKEN_ABI_BUFFER_FREE "cryptsetup_token_buffer_free" #define CRYPT_TOKEN_ABI_BUFFER_FREE "cryptsetup_token_buffer_free"
#define CRYPT_TOKEN_ABI_VALIDATE "cryptsetup_token_validate" #define CRYPT_TOKEN_ABI_VALIDATE "cryptsetup_token_validate"
#define CRYPT_TOKEN_ABI_DUMP "cryptsetup_token_dump" #define CRYPT_TOKEN_ABI_DUMP "cryptsetup_token_dump"
#define CRYPT_TOKEN_ABI_VERSION "cryptsetup_token_version"
/** /**
* Activate device or check key using a token. * Activate device or check key using a token.

1
lib/luks2/luks2_internal.h
View File

@@ -184,6 +184,7 @@ struct crypt_token_handler_v2 {
/* here ends v1. Do not touch anything above */ /* here ends v1. Do not touch anything above */
crypt_token_open_pin_func open_pin; crypt_token_open_pin_func open_pin;
crypt_token_version_func version;
void *dlhandle; void *dlhandle;
}; };

27
lib/luks2/luks2_token.c
View File

@@ -77,6 +77,24 @@ static bool token_validate_v1(struct crypt_device *cd, const crypt_token_handler
return true; return true;
} }
#if USE_EXTERNAL_TOKENS
static bool token_validate_v2(struct crypt_device *cd, const struct crypt_token_handler_internal *h)
{
if (!h)
return false;
if (!token_validate_v1(cd, &h->u.v1))
return false;
if (!h->u.v2.version) {
log_dbg(cd, "Token handler does not provide " CRYPT_TOKEN_ABI_VERSION " function.");
return false;
}
return true;
}
#endif
static int static int
crypt_token_load_external(struct crypt_device *cd, const char *name, struct crypt_token_handler_internal *ret) crypt_token_load_external(struct crypt_device *cd, const char *name, struct crypt_token_handler_internal *ret)
{ {
@@ -114,12 +132,19 @@ crypt_token_load_external(struct crypt_device *cd, const char *name, struct cryp
token->validate = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_VALIDATE, CRYPT_TOKEN_ABI_VERSION1); token->validate = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_VALIDATE, CRYPT_TOKEN_ABI_VERSION1);
token->dump = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_DUMP, CRYPT_TOKEN_ABI_VERSION1); token->dump = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_DUMP, CRYPT_TOKEN_ABI_VERSION1);
token->open_pin = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_OPEN_PIN, CRYPT_TOKEN_ABI_VERSION1); token->open_pin = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_OPEN_PIN, CRYPT_TOKEN_ABI_VERSION1);
token->version = token_dlvsym(cd, h, CRYPT_TOKEN_ABI_VERSION, CRYPT_TOKEN_ABI_VERSION1);
if (!token_validate_v1(cd, &ret->u.v1)) { if (!token_validate_v2(cd, ret)) {
r = -EINVAL; r = -EINVAL;
goto err; goto err;
} }
r = snprintf(buf, sizeof(buf), "%s", token->version() ?: "");
if (r < 0 || (size_t)r >= sizeof(buf))
*buf = '\0';
log_dbg(cd, "Token handler %s-%s loaded sucessfuly.", token->name, buf);
token->dlhandle = h; token->dlhandle = h;
ret->version = 2; ret->version = 2;