eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-20 07:10:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not fallback to pasphrase based activation when device exists.

Browse Source 
If token based device activation activation fails with -EEXIST
report proper error and do not fallback to passphrase based
activation in cli.
This commit is contained in:
Ondrej Kozina
2021-07-29 15:11:15 +02:00
committed by Milan Broz
parent 3b826d0fa3
commit f364990b9b
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/setup.c
View File

@@ -5690,6 +5690,10 @@ int crypt_activate_by_token_pin(struct crypt_device *cd, const char *name,
if ((flags & CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY) && name)
return -EINVAL;
r = _activate_check_status(cd, name, flags & CRYPT_ACTIVATE_REFRESH);
if (r < 0)
return r;
return LUKS2_token_open_and_activate(cd, &cd->u.luks2.hdr, token, name, type, pin, pin_size, flags, usrptr);
}

2
src/cryptsetup.c
View File

@@ -1588,7 +1588,7 @@ static int action_open_luks(void)
if (ARG_SET(OPT_TOKEN_ONLY_ID) && r == -ENOANO)
r = _try_token_pin_unlock(cd, ARG_INT32(OPT_TOKEN_ID_ID), activated_name, ARG_STR(OPT_TOKEN_TYPE_ID), activate_flags, _set_tries_tty());
if (r >= 0 || ARG_SET(OPT_TOKEN_ONLY_ID))
if (r >= 0 || r == -EEXIST || ARG_SET(OPT_TOKEN_ONLY_ID))
goto out;
tries = _set_tries_tty();