From c2371f95c6fecc35df53e32825023f7f3060f1d0 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Fri, 26 Jun 2020 14:12:13 +0200
Subject: [PATCH] Move decision on forcing weak password to tool directly.

---
 src/cryptsetup.c     | 10 +++++-----
 src/cryptsetup.h     |  1 -
 src/utils_password.c |  4 +---
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 1c810924..2ce6d047 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -1271,7 +1271,7 @@ static int _luksFormat(struct crypt_device **r_cd, char **r_password, size_t *r_
 
 	r = tools_get_key(NULL, &password, &passwordLen,
 			  ARG_UINT64(OPT_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID),
-			  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), 1, cd);
+			  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), !ARG_SET(OPT_FORCE_PASSWORD_ID), cd);
 	if (r < 0)
 		goto out;
 
@@ -1647,7 +1647,7 @@ static int luksAddUnboundKey(void)
 			  &password_new, &password_new_size,
 			  ARG_UINT64(OPT_NEW_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_NEW_KEYFILE_SIZE_ID),
 			  new_key_file, ARG_UINT32(OPT_TIMEOUT_ID),
-			  _verify_passphrase(1), 1, cd);
+			  _verify_passphrase(1), !ARG_SET(OPT_FORCE_PASSWORD_ID), cd);
 	if (r < 0)
 		goto out;
 
@@ -1721,7 +1721,7 @@ static int action_luksAddKey(void)
 				  &password_new, &password_new_size,
 				  ARG_UINT64(OPT_NEW_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_NEW_KEYFILE_SIZE_ID),
 				  new_key_file, ARG_UINT32(OPT_TIMEOUT_ID),
-				  _verify_passphrase(1), 1, cd);
+				  _verify_passphrase(1), !ARG_SET(OPT_FORCE_PASSWORD_ID), cd);
 		if (r < 0)
 			goto out;
 
@@ -1754,7 +1754,7 @@ static int action_luksAddKey(void)
 		r = tools_get_key(_("Enter new passphrase for key slot: "),
 				  &password_new, &password_new_size,
 				  ARG_UINT64(OPT_NEW_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_NEW_KEYFILE_SIZE_ID), new_key_file,
-				  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), 1, cd);
+				  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), !ARG_SET(OPT_FORCE_PASSWORD_ID), cd);
 		if (r < 0)
 			goto out;
 
@@ -1822,7 +1822,7 @@ static int action_luksChangeKey(void)
 			  &password_new, &password_new_size,
 			  ARG_UINT64(OPT_NEW_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_NEW_KEYFILE_SIZE_ID),
 			  new_key_file,
-			  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), 1, cd);
+			  ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(1), !ARG_SET(OPT_FORCE_PASSWORD_ID), cd);
 	if (r < 0)
 		goto out;
 
diff --git a/src/cryptsetup.h b/src/cryptsetup.h
index 7c6cf5a0..7f17e189 100644
--- a/src/cryptsetup.h
+++ b/src/cryptsetup.h
@@ -66,7 +66,6 @@ extern int opt_debug;
 extern int opt_debug_json;
 extern int opt_verbose;
 extern int opt_batch_mode;
-extern int opt_force_password;
 extern int opt_progress_frequency;
 
 /* Common tools */
diff --git a/src/utils_password.c b/src/utils_password.c
index 55c1343f..138c8ee5 100644
--- a/src/utils_password.c
+++ b/src/utils_password.c
@@ -22,8 +22,6 @@
 #include "cryptsetup.h"
 #include <termios.h>
 
-int opt_force_password = 0;
-
 #if defined ENABLE_PWQUALITY
 #include <pwquality.h>
 
@@ -275,7 +273,7 @@ int tools_get_key(const char *prompt,
 		set_int_block(1);
 
 	/* Check pwquality for password (not keyfile) */
-	if (pwquality && !opt_force_password && !key_file && !r)
+	if (pwquality && !key_file && !r)
 		r = tools_check_pwquality(*key);
 
 	return r;