eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 21:29:59 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow checking token arguments in dry run.

Browse Source
This commit is contained in:
Ondrej Kozina
2020-11-23 11:24:29 +01:00
parent 90c1873134
commit 88a95c7f03
1 changed files with 27 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/cryptsetup.c
View File

@@ -2633,32 +2633,6 @@ static int action_token(void)
{ {
int r; int r;
struct crypt_device *cd = NULL; struct crypt_device *cd = NULL;
enum { ADD = 0, REMOVE, IMPORT, EXPORT } action;
if (!strcmp(action_argv[0], "add")) {
if (!ARG_SET(OPT_KEY_DESCRIPTION_ID)) {
log_err(_("--key-description parameter is mandatory for token add action."));
return -EINVAL;
}
action = ADD;
} else if (!strcmp(action_argv[0], "remove")) {
if (ARG_INT32(OPT_TOKEN_ID_ID) == CRYPT_ANY_TOKEN) {
log_err(_("Action requires specific token. Use --token-id parameter."));
return -EINVAL;
}
action = REMOVE;
} else if (!strcmp(action_argv[0], "import")) {
action = IMPORT;
} else if (!strcmp(action_argv[0], "export")) {
if (ARG_INT32(OPT_TOKEN_ID_ID)== CRYPT_ANY_TOKEN) {
log_err(_("Action requires specific token. Use --token-id parameter."));
return -EINVAL;
}
action = EXPORT;
} else {
log_err(_("Invalid token operation %s."), action_argv[0]);
return -EINVAL;
}
if ((r = crypt_init(&cd, uuid_or_device(ARG_STR(OPT_HEADER_ID) ?: action_argv[1])))) if ((r = crypt_init(&cd, uuid_or_device(ARG_STR(OPT_HEADER_ID) ?: action_argv[1]))))
return r; return r;
@@ -2670,18 +2644,16 @@ static int action_token(void)
return r; return r;
} }
if (action == ADD) r = -EINVAL;
if (!strcmp(action_argv[0], "add"))
r = _token_add(cd); /* adds only luks2-keyring type */ r = _token_add(cd); /* adds only luks2-keyring type */
else if (action == REMOVE) else if (!strcmp(action_argv[0], "remove"))
r = _token_remove(cd); r = _token_remove(cd);
else if (action == IMPORT) else if (!strcmp(action_argv[0], "import"))
r = _token_import(cd); r = _token_import(cd);
else if (action == EXPORT) else if (!strcmp(action_argv[0], "export"))
r = _token_export(cd); r = _token_export(cd);
else {
log_dbg("Internal token action error.");
r = -EINVAL;
}
crypt_free(cd); crypt_free(cd);
@@ -3943,6 +3915,27 @@ int main(int argc, const char **argv)
return 0; return 0;
} }
/* token action specific check */
if (!strcmp(aname, TOKEN_ACTION)) {
if (strcmp(action_argv[0], "add") &&
strcmp(action_argv[0], "remove") &&
strcmp(action_argv[0], "import") &&
strcmp(action_argv[0], "export"))
usage(popt_context, EXIT_FAILURE, _("Invalid token action."),
poptGetInvocationName(popt_context));
if (!ARG_SET(OPT_KEY_DESCRIPTION_ID) && !strcmp(action_argv[0], "add"))
usage(popt_context, EXIT_FAILURE,
_("--key-description parameter is mandatory for token add action."),
poptGetInvocationName(popt_context));
if (ARG_INT32(OPT_TOKEN_ID_ID) == CRYPT_ANY_TOKEN &&
(!strcmp(action_argv[0], "remove") || !strcmp(action_argv[0], "export")))
usage(popt_context, EXIT_FAILURE,
_("Action requires specific token. Use --token-id parameter."),
poptGetInvocationName(popt_context));
}
if (ARG_SET(OPT_DISABLE_KEYRING_ID)) if (ARG_SET(OPT_DISABLE_KEYRING_ID))
(void) crypt_volume_key_keyring(NULL, 0); (void) crypt_volume_key_keyring(NULL, 0);