[PATCH] Integrate the python-cryptsetup package

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---
 anaconda.spec                |    2 +
 storage/devicelibs/crypto.py |  158 +++++++++--------------------------------
 2 files changed, 37 insertions(+), 123 deletions(-)

diff --git a/anaconda.spec b/anaconda.spec
index 6de4f6b..8fc41a9 100644
--- a/anaconda.spec
+++ b/anaconda.spec
@@ -40,6 +40,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 %define createrepover 0.4.7
 %define yumutilsver 1.1.11-3
 %define iscsiver 6.2.0.870-3
+%define pythoncryptsetupver 0.0.4
 
 BuildRequires: audit-libs-devel
 BuildRequires: booty
@@ -109,6 +110,7 @@ Requires: authconfig
 Requires: gnome-python2-gtkhtml2
 Requires: system-config-firewall
 Requires: cryptsetup-luks
+Requires: python-cryptsetup >= %{pythoncryptsetupver}
 Requires: mdadm
 Requires: lvm2
 Requires: util-linux-ng
diff --git a/storage/devicelibs/crypto.py b/storage/devicelibs/crypto.py
index d69e7d3..e16bbe4 100644
--- a/storage/devicelibs/crypto.py
+++ b/storage/devicelibs/crypto.py
@@ -17,9 +17,11 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #
 # Author(s): Dave Lehman <dlehman@xxxxxxxxxx>
+#            Martin Sivak <msivak@xxxxxxxxxx>
 #
 
 import os
+from pycryptsetup import CryptSetup
 
 import iutil
 from ..errors import *
@@ -27,169 +29,79 @@ from ..errors import *
 import gettext
 _ = lambda x: gettext.ldgettext("anaconda", x)
 
+def askyes(question):
+    return True
+
+def dolog(priority, text):
+    pass
+
 def is_luks(device):
-    rc = iutil.execWithRedirect("cryptsetup",
-                                ["isLuks", device],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-    if rc:
-        return False
-    else:
-        return True
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    return cs.isLuks(device)
 
 def luks_uuid(device):
-    uuid = iutil.execWithCapture("cryptsetup",
-                                 ["luksUUID", device],
-                                 stderr="/dev/tty5")
-    return uuid.strip()
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    return cs.luksUUID(device).strip()
 
 def luks_status(name):
-    """0 means active, 1 means inactive (or non-existent)"""
-    rc = iutil.execWithRedirect("cryptsetup",
-                                ["status", name],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-    return rc
+    """True means active, False means inactive (or non-existent)"""
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    return (cs.luksStatus(device)!=None)
 
 def luks_format(device,
                 passphrase=None, key_file=None,
                 cipher=None, key_size=None):
-    p = os.pipe()
-    argv = ["-q"]
-    os.close(p[1])
-
-    if cipher:
-        argv.extend(["--cipher", cipher])
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    key_file_unlink = False
 
-    if key_size:
-        argv.append("--key-size=%d" % key_size)
-
-    argv.extend(["luksFormat", device])
-        
     if passphrase:
-        os.write(p[1], "%s\n" % passphrase)
+        key_file = cs.prepare_passphrase_file(passphrase)
+        key_file_unlink = True
     elif key_file and os.path.isfile(key_file):
         argv.append(key_file)
     else:
         raise ValueError("luks_format requires either a passphrase or a key file")
 
-    rc = iutil.execWithRedirect("cryptsetup",
-                                argv,
-                                stdin = p[0],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
+    rc = cs.luksFormat(device = device, cipher = cipher, keysize = key_size, keyfile = key_file)
+    if key_file_unlink: os.unlink(key_file)
 
-    os.close(p[0])
     if rc:
         raise CryptoError("luks_format failed for '%s'" % device)
 
 def luks_open(device, name, passphrase=None, key_file=None):
-    p = os.pipe()
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    key_file_unlink = False
+
     if passphrase:
-        os.write(p[1], "%s\n" % passphrase)
-        argv = ["luksOpen", device, name]
+        key_file = cs.prepare_passphrase_file(passphrase)
+        key_file_unlink = True
     elif key_file and os.path.isfile(key_file):
-        argv = ["luksOpen", "--key-file", key_file, device, name]
+        pass
     else:
         raise ValueError("luks_open requires either a passphrase or a key file")
 
-    os.close(p[1])
-    rc = iutil.execWithRedirect("cryptsetup",
-                                argv,
-                                stdin = p[0],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-
-    os.close(p[0])
+    rc = cs.luksOpen(device = device, name = name, keyfile = key_file)
+    if key_file_unlink: os.unlink(key_file)
     if rc:
         raise CryptoError("luks_open failed for %s (%s)" % (device, name))
 
 def luks_close(name):
-    rc = iutil.execWithRedirect("cryptsetup",
-                                ["luksClose", name],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    rc = cs.luksClose(name)
     if rc:
         raise CryptoError("luks_close failed for %s" % name)
 
 def luks_add_key(device,
                  new_passphrase=None, new_key_file=None,
                  passphrase=None, key_file=None):
-    p = os.pipe()
-    if passphrase:
-        os.write(p[1], "%s\n" % passphrase)
-        key_spec = ""
-    elif key_file and os.path.isfile(key_file):
-        key_spec = "--key-file %s" % key_file
-    else:
-        raise ValueError("luks_add_key requires either a passphrase or a key file")
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    return cs.addKey(device, new_passphrase, new_key_file, passphrase, key_file)
 
-    if new_passphrase:
-        os.write(p[1], "%s\n" % new_passphrase)
-        new_key_spec = ""
-    elif new_key_file and os.path.isfile(new_key_file):
-        new_key_spec = "%s" % new_key_file
-    else:
-        raise ValueError("luks_add_key requires either a passphrase or a key file to add")
-
-    os.close(p[1])
-
-    rc = iutil.execWithRedirect("cryptsetup",
-                                ["-q",
-                                 key_spec,
-                                 "luksAddKey",
-                                 device,
-                                 new_key_spec],
-                                stdin = p[0],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-
-    os.close(p[0])
-    if rc:
-        raise CryptoError("luks add key failed")
 
 def luks_remove_key(device,
                     del_passphrase=None, del_key_file=None,
                     passphrase=None, key_file=None):
-    p = os.pipe()
-    if passphrase:
-        os.write(p[1], "%s\n" % passphrase)
-        key_spec = ""
-    elif key_file and os.path.isfile(key_file):
-        key_spec = "--key-file %s" % key_file
-    else:
-        raise ValueError("luks_remove_key requires either a passphrase or a key file")
-
-    if del_passphrase:
-        os.write(p[1], "%s\n" % del_passphrase)
-        del_key_spec = ""
-    elif del_key_file and os.path.isfile(del_key_file):
-        del_key_spec = "%s" % del_key_file
-    else:
-        raise ValueError("luks_remove_key requires either a passphrase or a key file to remove")
-
-    os.close(p[1])
-
-    rc = iutil.execWithRedirect("cryptsetup",
-                                ["-q",
-                                 key_spec,
-                                 "luksRemoveKey",
-                                 device,
-                                 del_key_spec],
-                                stdin = p[0],
-                                stdout = "/dev/tty5",
-                                stderr = "/dev/tty5",
-                                searchPath = 1)
-
-    os.close(p[0])
-    if rc:
-        raise CryptoError("luks_remove_key failed")
+    cs = CryptSetup(yesDialog = askyes, logFunc = dolog)
+    return cs.removeKey(device, del_passphrase, del_key_file, passphrase, key_file)
 
 
-- 
1.5.4.3

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list

[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux