mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-16 13:20:11 +01:00
Support UUID=<LUKS_UUID> format for device specification.
This commit is contained in:
Milan Broz
@@ -2,6 +2,7 @@
|
|||||||
* Unify password verification option.
|
* Unify password verification option.
|
||||||
* Support password verification with quiet flag if possible. (1.2.0)
|
* Support password verification with quiet flag if possible. (1.2.0)
|
||||||
* Fix retry if entered passphrases (with verify option) do not match.
|
* Fix retry if entered passphrases (with verify option) do not match.
|
||||||
|
* Support UUID=<LUKS_UUID> format for device specification.
|
||||||
|
|
||||||
2012-02-11 Milan Broz <mbroz@redhat.com>
|
2012-02-11 Milan Broz <mbroz@redhat.com>
|
||||||
* Add --master-key-file option to luksOpen (open using volume key).
|
* Add --master-key-file option to luksOpen (open using volume key).
|
||||||
|
|||||||
@@ -59,6 +59,9 @@ opens the LUKS partition <device> and sets up a mapping <name> after
|
|||||||
successful verification of the supplied key material
|
successful verification of the supplied key material
|
||||||
(either via key file by \-\-key-file, or via prompting).
|
(either via key file by \-\-key-file, or via prompting).
|
||||||
|
|
||||||
|
Device parameter can be also specified by LUKS UUID in the format UUID=<uuid>
|
||||||
|
(then cryptsetup will use /dev/disk/by-uuid symlinks).
|
||||||
|
|
||||||
\fB<options>\fR can be [\-\-key-file, \-\-keyfile-size, \-\-readonly, \-\-allow-discards,
|
\fB<options>\fR can be [\-\-key-file, \-\-keyfile-size, \-\-readonly, \-\-allow-discards,
|
||||||
\-\-header, \-\-key-slot, \-\-master-key-file].
|
\-\-header, \-\-key-slot, \-\-master-key-file].
|
||||||
.PP
|
.PP
|
||||||
|
|||||||
@@ -27,6 +27,7 @@
|
|||||||
#include <inttypes.h>
|
#include <inttypes.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
#include <ctype.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
@@ -246,6 +247,31 @@ static void show_status(int errcode)
|
|||||||
log_err(".\n");
|
log_err(".\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static const char *uuid_or_device(const char *spec)
|
||||||
|
{
|
||||||
|
static char device[PATH_MAX];
|
||||||
|
char s, *ptr;
|
||||||
|
int i = 0, uuid_len = 5;
|
||||||
|
|
||||||
|
/* Check if it is correct UUID=<LUKS_UUID> format */
|
||||||
|
if (spec && !strncmp(spec, "UUID=", uuid_len)) {
|
||||||
|
strcpy(device, "/dev/disk/by-uuid/");
|
||||||
|
ptr = &device[strlen(device)];
|
||||||
|
i = uuid_len;
|
||||||
|
while ((s = spec[i++]) && i < PATH_MAX) {
|
||||||
|
if (!isxdigit(s) && s != '-')
|
||||||
|
return spec; /* Bail it out */
|
||||||
|
if (isalpha(s))
|
||||||
|
s = tolower(s);
|
||||||
|
*ptr++ = s;
|
||||||
|
}
|
||||||
|
*ptr = '\0';
|
||||||
|
return device;
|
||||||
|
}
|
||||||
|
|
||||||
|
return spec;
|
||||||
|
}
|
||||||
|
|
||||||
static int action_create(int arg __attribute__((unused)))
|
static int action_create(int arg __attribute__((unused)))
|
||||||
{
|
{
|
||||||
struct crypt_device *cd = NULL;
|
struct crypt_device *cd = NULL;
|
||||||
@@ -574,10 +600,10 @@ static int action_luksOpen(int arg __attribute__((unused)))
|
|||||||
int r, keysize;
|
int r, keysize;
|
||||||
|
|
||||||
if (opt_header_device) {
|
if (opt_header_device) {
|
||||||
header_device = opt_header_device;
|
header_device = uuid_or_device(opt_header_device);
|
||||||
data_device = action_argv[0];
|
data_device = action_argv[0];
|
||||||
} else {
|
} else {
|
||||||
header_device = action_argv[0];
|
header_device = uuid_or_device(action_argv[0]);
|
||||||
data_device = NULL;
|
data_device = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -680,7 +706,7 @@ static int action_luksKillSlot(int arg __attribute__((unused)))
|
|||||||
struct crypt_device *cd = NULL;
|
struct crypt_device *cd = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||||
@@ -723,7 +749,7 @@ static int action_luksRemoveKey(int arg __attribute__((unused)))
|
|||||||
size_t passwordLen;
|
size_t passwordLen;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||||
@@ -771,7 +797,7 @@ static int action_luksAddKey(int arg __attribute__((unused)))
|
|||||||
const char *opt_new_key_file = (action_argc > 1 ? action_argv[1] : NULL);
|
const char *opt_new_key_file = (action_argc > 1 ? action_argv[1] : NULL);
|
||||||
struct crypt_device *cd = NULL;
|
struct crypt_device *cd = NULL;
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||||
@@ -826,7 +852,7 @@ static int action_luksChangeKey(int arg __attribute__((unused)))
|
|||||||
size_t vk_size;
|
size_t vk_size;
|
||||||
int new_key_slot, old_key_slot, r;
|
int new_key_slot, old_key_slot, r;
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
||||||
@@ -1002,7 +1028,7 @@ static int action_luksDump(int arg __attribute__((unused)))
|
|||||||
struct crypt_device *cd = NULL;
|
struct crypt_device *cd = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
||||||
@@ -1063,7 +1089,7 @@ static int action_luksBackup(int arg __attribute__((unused)))
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = crypt_init(&cd, action_argv[0])))
|
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||||
|
|||||||
@@ -242,6 +242,10 @@ echo "key0" | $CRYPTSETUP -q luksFormat --master-key-file /dev/urandom $LOOPDEV
|
|||||||
$CRYPTSETUP -q luksFormat --master-key-file /dev/urandom -s 256 --uuid $TEST_UUID $LOOPDEV $KEY1 || fail
|
$CRYPTSETUP -q luksFormat --master-key-file /dev/urandom -s 256 --uuid $TEST_UUID $LOOPDEV $KEY1 || fail
|
||||||
$CRYPTSETUP luksOpen -d $KEY1 $LOOPDEV $DEV_NAME || fail
|
$CRYPTSETUP luksOpen -d $KEY1 $LOOPDEV $DEV_NAME || fail
|
||||||
$CRYPTSETUP -q luksClose $DEV_NAME || fail
|
$CRYPTSETUP -q luksClose $DEV_NAME || fail
|
||||||
|
# open by UUID
|
||||||
|
$CRYPTSETUP luksOpen -d $KEY1 UUID=X$TEST_UUID $DEV_NAME 2>/dev/null && fail
|
||||||
|
$CRYPTSETUP luksOpen -d $KEY1 UUID=$TEST_UUID $DEV_NAME || fail
|
||||||
|
$CRYPTSETUP -q luksClose $DEV_NAME || fail
|
||||||
# empty keyfile
|
# empty keyfile
|
||||||
$CRYPTSETUP -q luksFormat $LOOPDEV $KEYE || fail
|
$CRYPTSETUP -q luksFormat $LOOPDEV $KEYE || fail
|
||||||
$CRYPTSETUP luksOpen -d $KEYE $LOOPDEV $DEV_NAME || fail
|
$CRYPTSETUP luksOpen -d $KEYE $LOOPDEV $DEV_NAME || fail
|
||||||
|
|||||||
Reference in New Issue
Block a user