mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-16 13:20:11 +01:00
Support UUID=<LUKS_UUID> format for device specification.
This commit is contained in:
Milan Broz
@@ -2,6 +2,7 @@
|
||||
* Unify password verification option.
|
||||
* Support password verification with quiet flag if possible. (1.2.0)
|
||||
* Fix retry if entered passphrases (with verify option) do not match.
|
||||
* Support UUID=<LUKS_UUID> format for device specification.
|
||||
|
||||
2012-02-11 Milan Broz <mbroz@redhat.com>
|
||||
* Add --master-key-file option to luksOpen (open using volume key).
|
||||
|
||||
@@ -59,6 +59,9 @@ opens the LUKS partition <device> and sets up a mapping <name> after
|
||||
successful verification of the supplied key material
|
||||
(either via key file by \-\-key-file, or via prompting).
|
||||
|
||||
Device parameter can be also specified by LUKS UUID in the format UUID=<uuid>
|
||||
(then cryptsetup will use /dev/disk/by-uuid symlinks).
|
||||
|
||||
\fB<options>\fR can be [\-\-key-file, \-\-keyfile-size, \-\-readonly, \-\-allow-discards,
|
||||
\-\-header, \-\-key-slot, \-\-master-key-file].
|
||||
.PP
|
||||
|
||||
@@ -27,6 +27,7 @@
|
||||
#include <inttypes.h>
|
||||
#include <errno.h>
|
||||
#include <unistd.h>
|
||||
#include <ctype.h>
|
||||
#include <sys/stat.h>
|
||||
#include <fcntl.h>
|
||||
#include <assert.h>
|
||||
@@ -246,6 +247,31 @@ static void show_status(int errcode)
|
||||
log_err(".\n");
|
||||
}
|
||||
|
||||
static const char *uuid_or_device(const char *spec)
|
||||
{
|
||||
static char device[PATH_MAX];
|
||||
char s, *ptr;
|
||||
int i = 0, uuid_len = 5;
|
||||
|
||||
/* Check if it is correct UUID=<LUKS_UUID> format */
|
||||
if (spec && !strncmp(spec, "UUID=", uuid_len)) {
|
||||
strcpy(device, "/dev/disk/by-uuid/");
|
||||
ptr = &device[strlen(device)];
|
||||
i = uuid_len;
|
||||
while ((s = spec[i++]) && i < PATH_MAX) {
|
||||
if (!isxdigit(s) && s != '-')
|
||||
return spec; /* Bail it out */
|
||||
if (isalpha(s))
|
||||
s = tolower(s);
|
||||
*ptr++ = s;
|
||||
}
|
||||
*ptr = '\0';
|
||||
return device;
|
||||
}
|
||||
|
||||
return spec;
|
||||
}
|
||||
|
||||
static int action_create(int arg __attribute__((unused)))
|
||||
{
|
||||
struct crypt_device *cd = NULL;
|
||||
@@ -574,10 +600,10 @@ static int action_luksOpen(int arg __attribute__((unused)))
|
||||
int r, keysize;
|
||||
|
||||
if (opt_header_device) {
|
||||
header_device = opt_header_device;
|
||||
header_device = uuid_or_device(opt_header_device);
|
||||
data_device = action_argv[0];
|
||||
} else {
|
||||
header_device = action_argv[0];
|
||||
header_device = uuid_or_device(action_argv[0]);
|
||||
data_device = NULL;
|
||||
}
|
||||
|
||||
@@ -680,7 +706,7 @@ static int action_luksKillSlot(int arg __attribute__((unused)))
|
||||
struct crypt_device *cd = NULL;
|
||||
int r;
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||
@@ -723,7 +749,7 @@ static int action_luksRemoveKey(int arg __attribute__((unused)))
|
||||
size_t passwordLen;
|
||||
int r;
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||
@@ -771,7 +797,7 @@ static int action_luksAddKey(int arg __attribute__((unused)))
|
||||
const char *opt_new_key_file = (action_argc > 1 ? action_argv[1] : NULL);
|
||||
struct crypt_device *cd = NULL;
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||
@@ -826,7 +852,7 @@ static int action_luksChangeKey(int arg __attribute__((unused)))
|
||||
size_t vk_size;
|
||||
int new_key_slot, old_key_slot, r;
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
||||
@@ -1002,7 +1028,7 @@ static int action_luksDump(int arg __attribute__((unused)))
|
||||
struct crypt_device *cd = NULL;
|
||||
int r;
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
if ((r = crypt_load(cd, CRYPT_LUKS1, NULL)))
|
||||
@@ -1063,7 +1089,7 @@ static int action_luksBackup(int arg __attribute__((unused)))
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
if ((r = crypt_init(&cd, action_argv[0])))
|
||||
if ((r = crypt_init(&cd, uuid_or_device(action_argv[0]))))
|
||||
goto out;
|
||||
|
||||
crypt_set_confirm_callback(cd, _yesDialog, NULL);
|
||||
|
||||
@@ -242,6 +242,10 @@ echo "key0" | $CRYPTSETUP -q luksFormat --master-key-file /dev/urandom $LOOPDEV
|
||||
$CRYPTSETUP -q luksFormat --master-key-file /dev/urandom -s 256 --uuid $TEST_UUID $LOOPDEV $KEY1 || fail
|
||||
$CRYPTSETUP luksOpen -d $KEY1 $LOOPDEV $DEV_NAME || fail
|
||||
$CRYPTSETUP -q luksClose $DEV_NAME || fail
|
||||
# open by UUID
|
||||
$CRYPTSETUP luksOpen -d $KEY1 UUID=X$TEST_UUID $DEV_NAME 2>/dev/null && fail
|
||||
$CRYPTSETUP luksOpen -d $KEY1 UUID=$TEST_UUID $DEV_NAME || fail
|
||||
$CRYPTSETUP -q luksClose $DEV_NAME || fail
|
||||
# empty keyfile
|
||||
$CRYPTSETUP -q luksFormat $LOOPDEV $KEYE || fail
|
||||
$CRYPTSETUP luksOpen -d $KEYE $LOOPDEV $DEV_NAME || fail
|
||||
|
||||
Reference in New Issue
Block a user