neil / rpms / libblockdev

Forked from rpms/libblockdev a year ago
Clone
Source Code
GIT

Blame SOURCES/0001-Do-not-try-to-use-keyring-on-systems-without-keyring-support.patch

c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale-spin c9 c9-beta c9s-sig-hyperscale-spin
  1.   c7-beta
  2.   SOURCES
  3.   0001-Do-not-try-to-use-keyring-on-systems-without-keyring-support.patch
Blob History Raw
17f14c 
From 2719ab3ee310a59ea64629852b507d63e3dbf0e5 Mon Sep 17 00:00:00 2001
17f14c 
From: Vojtech Trefny <vtrefny@redhat.com>
17f14c 
Date: Wed, 19 Dec 2018 11:04:51 +0100
17f14c 
Subject: [PATCH] crypto: Do not try to use keyring on systems without keyring
17f14c 
 support
17f14c
17f14c 
Older kernels doesn't support storing keys in keyring. Fortunately
17f14c 
we can use 'crypt_active_device' to check if keyring is supported.
17f14c 
---
17f14c 
 src/plugins/crypto.c | 13 ++++++++++++-
17f14c 
 1 file changed, 12 insertions(+), 1 deletion(-)
17f14c
17f14c 
diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c
17f14c 
index 6b5be9d0..963ab457 100644
17f14c 
--- a/src/plugins/crypto.c
17f14c 
+++ b/src/plugins/crypto.c
17f14c 
@@ -1444,6 +1444,7 @@ gboolean bd_crypto_luks_change_key (const gchar *device, const gchar *pass, cons
17f14c
17f14c 
 static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint8 *pass_data, gsize data_len, const gchar *key_file, GError **error) {
17f14c 
     struct crypt_device *cd = NULL;
17f14c 
+    struct crypt_active_device cad;
17f14c 
     gint ret = 0;
17f14c 
     guint64 progress_id = 0;
17f14c 
     gchar *msg = NULL;
17f14c 
@@ -1463,6 +1464,16 @@ static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint
17f14c 
         return FALSE;
17f14c 
     }
17f14c
17f14c 
+    ret = crypt_get_active_device (cd, luks_device, &cad;;
17f14c 
+    if (ret != 0) {
17f14c 
+        g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE,
17f14c 
+                     "Failed to get information about '%s': %s",
17f14c 
+                     luks_device, strerror_l(-ret, c_locale));
17f14c 
+        crypt_free (cd);
17f14c 
+        bd_utils_report_finished (progress_id, (*error)->message);
17f14c 
+        return FALSE;
17f14c 
+    }
17f14c 
+
17f14c 
     if (pass_data || key_file) {
17f14c 
         if (key_file) {
17f14c 
             success = g_file_get_contents (key_file, &key_buffer, &buf_len, error);
17f14c 
@@ -1478,7 +1489,7 @@ static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint
17f14c 
 #ifdef LIBCRYPTSETUP_2
17f14c 
         ret = crypt_activate_by_passphrase (cd, NULL, CRYPT_ANY_SLOT,
17f14c 
                                             key_buffer ? key_buffer : (char*) pass_data,
17f14c 
-                                            buf_len, CRYPT_ACTIVATE_KEYRING_KEY);
17f14c 
+                                            buf_len, cad.flags & CRYPT_ACTIVATE_KEYRING_KEY);
17f14c 
 #else
17f14c 
         ret = crypt_activate_by_passphrase (cd, NULL, CRYPT_ANY_SLOT,
17f14c 
                                             key_buffer ? key_buffer : (char*) pass_data,

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation