1 Star 0 Fork 48

Zhao Hang/systemd

forked from src-anolis-os/systemd 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
0206-cryptsetup-Add-LUKS2-token-support.patch 1.98 KB
一键复制 编辑 原始数据 按行查看 历史
张彬琛 提交于 2021-01-20 13:59 . import systemd-239-29.el8.src.rpm
From 7a597a091de83a861d81166b0e863bf2977c829c Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Mon, 27 May 2019 09:44:14 +0200
Subject: [PATCH] cryptsetup: Add LUKS2 token support.
LUKS2 supports so-called tokens. The libcryptsetup internally
support keyring token (it tries to open device using specified
keyring entry).
Only if all token fails (or are not available), it uses a passphrase.
This patch aligns the functionality with the cryptsetup utility
(cryptsetup luksOpen tries tokens first) but does not replace
the systemd native ask-password function (can be used the same in
combination with this patch).
(cherry picked from commit 894bb3ca4c730cc9e9d46ef5004ba4ca5e201d8d)
Resolves: #1719153
---
src/cryptsetup/cryptsetup.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index a0bd80ea65..4e1b3eff19 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -682,6 +682,18 @@ int main(int argc, char *argv[]) {
if (r < 0)
return log_error_errno(r, "Failed to set LUKS data device %s: %m", argv[3]);
}
+#ifdef CRYPT_ANY_TOKEN
+ /* Tokens are available in LUKS2 only, but it is ok to call (and fail) with LUKS1. */
+ if (!key_file) {
+ r = crypt_activate_by_token(cd, argv[2], CRYPT_ANY_TOKEN, NULL, flags);
+ if (r >= 0) {
+ log_debug("Volume %s activated with LUKS token id %i.", argv[2], r);
+ return 0;
+ }
+
+ log_debug_errno(r, "Token activation unsuccessful for device %s: %m", crypt_get_device_name(cd));
+ }
+#endif
}
for (tries = 0; arg_tries == 0 || tries < arg_tries; tries++) {
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/zhaohang_mskdxl/systemd.git
git@gitee.com:zhaohang_mskdxl/systemd.git
zhaohang_mskdxl
systemd
systemd
a8

搜索帮助