hello,
the cryptsetup debian package currently has four patches applied against
the upstream tarball. you're already aware of the first patch, which
fixes the terminal status after a timeout.
you suggested to build the debian package with the patch and report back
whether it works, as you found it to intrusive for applying it to
upstream right now. at least for me the patch works well, but we might
wait for more testers.
the second patch is a small one, adding the --tries option to the
manpage.
the third one fixes standard input to allow more than 32 characters. up
to now, passphrases given via stdin where truncated to 32 characters.
and the forth patch fixes the exit status of 'cryptsetup status'.
authors of the patches are:
Andres Salomon <dilinger@xxxxxxxxxx> 01_terminal_timeout.patch
Jonas Meurer <mejo@xxxxxxxxxx> 02_docs_tries.patch
David Härdeman <david@xxxxxxxx> 03_stdin_input.patch
David Härdeman <david@xxxxxxxx> 04_status_exit_codes.patch
the attached patches are all against the upstream tarball, not
depending upon each other. this means, that after applying
01_terminal_timeout.patch, 03_stdin_input.patch will not work any more.
all_patches.patch merges all four patches to one.
maybe you would like to add some/all of them to upstream.
...
jonas
diff -rNu cryptsetup-luks-1.0.3.orig/lib/setup.c cryptsetup-luks-1.0.3/lib/setup.c
--- cryptsetup-luks-1.0.3.orig/lib/setup.c 2006-04-02 10:58:18.000000000 +0200
+++ cryptsetup-luks-1.0.3/lib/setup.c 2006-05-18 15:24:32.000000000 +0200
@@ -7,6 +7,7 @@
#include <sys/mman.h>
#include <fcntl.h>
#include <unistd.h>
+#include <termios.h>
#include <errno.h>
#include <signal.h>
#include <assert.h>
@@ -24,12 +25,6 @@
static int memory_unsafe = 0;
static char *default_backend = NULL;
-static void catch_alarm(int sig_num)
-{
- fprintf(stderr, "Operation timed out. Exiting.\n");
- exit(0);
-}
-
static int setup_enter(struct setup_backend *backend)
{
int r;
@@ -72,6 +67,66 @@
return 0;
}
+static int untimed_read(int fd, char *pass, size_t maxlen)
+{
+ ssize_t i;
+
+ i = read(fd, pass, maxlen);
+ if (i > 0) {
+ pass[i-1] = '\0';
+ i = 0;
+ }
+ return i;
+}
+
+static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
+{
+ struct timeval t;
+ fd_set fds;
+ int failed = -1;
+
+ FD_ZERO(&fds);
+ FD_SET(fd, &fds);
+ t.tv_sec = timeout;
+ t.tv_usec = 0;
+
+ if (select(fd+1, &fds, NULL, NULL, &t) > 0)
+ failed = untimed_read(fd, pass, maxlen);
+ else
+ fprintf(stderr, "Operation timed out.\n");
+ return failed;
+}
+
+static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
+ long timeout)
+{
+ struct termios orig, tmp;
+ int failed = -1;
+
+ if (maxlen < 1)
+ goto out_err;
+
+ if (tcgetattr(STDIN_FILENO, &orig)) {
+ set_error("Unable to get terminal");
+ goto out_err;
+ }
+ memcpy(&tmp, &orig, sizeof(tmp));
+ tmp.c_lflag &= ~ECHO;
+
+ write(STDOUT_FILENO, prompt, strlen(prompt));
+ tcsetattr(STDIN_FILENO, TCSAFLUSH, &tmp);
+ if (timeout)
+ failed = timed_read(STDIN_FILENO, pass, maxlen, timeout);
+ else
+ failed = untimed_read(STDIN_FILENO, pass, maxlen);
+ tcsetattr(STDIN_FILENO, TCSAFLUSH, &orig);
+
+out_err:
+ if (!failed)
+ write(STDOUT_FILENO, "\n", 1);
+ return failed;
+}
+
/*
* Password reading behaviour matrix of get_key
*
@@ -109,32 +164,23 @@
newline_stop = 1;
}
- signal(SIGALRM, catch_alarm);
- if(options->timeout) {
- alarm(options->timeout);
- } else {
- alarm(0);
- }
-
/* Interactive case */
if(isatty(fd)) {
- char *pass2;
-
- pass2 = getpass(prompt);
- if (!pass2) {
+ int i;
+
+ pass = safe_alloc(512);
+ if (!pass || (i = interactive_pass(prompt, pass, 512, options->timeout))) {
set_error("Error reading passphrase");
goto out_err;
}
- pass = safe_strdup(pass2);
- memset(pass2, 0, strlen(pass2));
-
if (verify || verify_if_possible) {
- char *pass_verify = getpass("Verify passphrase: ");
- if (!pass_verify || strcmp(pass, pass_verify) != 0) {
+ char pass_verify[512];
+ i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), options->timeout);
+ if (i || strcmp(pass, pass_verify) != 0) {
set_error("Passphrases do not match");
goto out_err;
}
- memset(pass_verify, 0, strlen(pass_verify));
+ memset(pass_verify, 0, sizeof(pass_verify));
}
*passLen = strlen(pass);
*key = pass;
@@ -187,7 +233,6 @@
pass[i] = 0;
*key = pass;
*passLen = i;
- alarm(0);
}
return isatty(fd); /* Return true, when password reading can be tried on interactive fds */
diff -rNu cryptsetup-luks-1.0.3.orig/man/cryptsetup.8 cryptsetup-luks-1.0.3/man/cryptsetup.8
--- cryptsetup-luks-1.0.3.orig/man/cryptsetup.8 2006-03-30 15:23:56.000000000 +0200
+++ cryptsetup-luks-1.0.3/man/cryptsetup.8 2006-05-18 15:28:16.000000000 +0200
@@ -79,7 +79,7 @@
.SH OPTIONS
.TP
.B "\-\-hash, \-h"
-specifies hash to use for password hashing. This option is only relevant for the "create" action. The hash string is passed to libgcrypt, so all hashes accepted by gcrypt are supported.
+specifies hash to use for password hashing. This option is only relevant for the "create" action. The hash string is passed to libgcrypt, so all hashes accepted by gcrypt are supported. Default is "ripemd160".
.TP
.B "\-\-cipher, \-c"
set cipher specification string. Usually, this is "aes-cbc-plain". For pre-2.6.10 kernels, use "aes-plain" as they don't understand the new cipher spec strings. To use ESSIV, use "aes-cbc-essiv:sha256".
@@ -91,7 +91,7 @@
use file as key material. With LUKS, key material supplied in key files via \-d are always used for existing passphrases. If you want to set a new key via a key file, you have to use a positional arg to \fIluksFormat\fR or \fIluksAddKey\fR.
.TP
.B "\-\-key-size, \-s"
-set key size in bits. Usually, this is 128, 192 or 256. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will ignore this flag, as the key-size is specified by the partition header.
+set key size in bits. Usually, this is 128, 192 or 256. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will ignore this flag, as the key-size is specified by the partition header. Default is 0.
.TP
.B "\-\-size, \-b"
force the size of the underlaying device in sectors.
@@ -114,6 +114,9 @@
.B "\-\-timeout, \-t"
The number of seconds to wait before timeout. This option is relevant evertime a password is asked, like \fIcreate\fR, \fIluksOpen\fR, \fIluksFormat\fR or \fIluksAddKey\fR.
.TP
+.B "\-\-tries, \-T"
+How often the input of the passphrase shall be retried. This option is relevant evertime a password is asked, like \fIcreate\fR, \fIluksOpen\fR, \fIluksFormat\fR or \fIluksAddKey\fR. The default is 3 tries.
+.TP
.B "\-\-align-payload=\fIvalue\fR"
Align payload at a boundary of \fIvalue\fR 512-byte sectors. This option is relevant for \fIluksFormat\fR. If your block device lives on a RAID it is
useful to align the filesystem at full stripe boundaries so it can take advantage of the RAID's geometry. See for instance the sunit and swidth options
diff -rNu cryptsetup-luks-1.0.3.orig/lib/setup.c cryptsetup-luks-1.0.3/lib/setup.c
--- cryptsetup-luks-1.0.3.orig/lib/setup.c 2006-04-02 10:58:18.000000000 +0200
+++ cryptsetup-luks-1.0.3/lib/setup.c 2006-05-18 15:32:48.000000000 +0200
@@ -75,13 +75,13 @@
/*
* Password reading behaviour matrix of get_key
*
- * p v n
- * -----------------+---+---+----
- * interactive | Y | Y | Y
- * from fd | N | N | Y
- * from binary file | N | N | N
+ * p v n h
+ * -----------------+---+---+---+---
+ * interactive | Y | Y | Y | Inf
+ * from fd | N | N | Y | Inf
+ * from binary file | N | N | N | Inf or options->key_size
*
- * Legend: p..prompt, v..can verify, n..newline-stop
+ * Legend: p..prompt, v..can verify, n..newline-stop, h..read horizon
*
* Returns true when more keys are available (that is when password
* reading can be retried as for interactive terminals).
@@ -94,6 +94,7 @@
const int verify_if_possible = options->flags & CRYPT_FLAG_VERIFY_IF_POSSIBLE;
char *pass = NULL;
int newline_stop;
+ int read_horizon;
if(options->key_file) {
fd = open(options->key_file, O_RDONLY);
@@ -104,9 +105,14 @@
goto out_err;
}
newline_stop = 0;
+
+ /* This can either be 0 (LUKS) or the actually number
+ * of key bytes (default or passed by -s) */
+ read_horizon = options->key_size;
} else {
fd = options->passphrase_fd;
newline_stop = 1;
+ read_horizon = 0; /* Infinite, if read from terminal or fd */
}
signal(SIGALRM, catch_alarm);
@@ -156,7 +162,7 @@
* such as /dev/random, because in this case, the loop
* will read forever.
*/
- if(options->key_file && options->key_size == 0) {
+ if(options->key_file && read_horizon == 0) {
struct stat st;
if(stat(options->key_file, &st) < 0) {
set_error("Can't stat key file");
@@ -169,7 +175,7 @@
}
}
buflen = 0;
- for(i = 0; options->key_size == 0 || i < options->key_size; i++) {
+ for(i = 0; read_horizon == 0 || i < read_horizon; i++) {
if(i >= buflen - 1) {
buflen += 128;
pass = safe_realloc(pass, buflen);
diff -rNu cryptsetup-luks-1.0.3.orig/src/cryptsetup.c cryptsetup-luks-1.0.3/src/cryptsetup.c
--- cryptsetup-luks-1.0.3.orig/src/cryptsetup.c 2006-04-02 10:18:42.000000000 +0200
+++ cryptsetup-luks-1.0.3/src/cryptsetup.c 2006-05-18 15:29:22.000000000 +0200
@@ -165,27 +165,29 @@
int r;
r = crypt_query_device(&options);
+
if (r < 0) {
+ /* error */
show_status(-r);
- return r;
- }
- if (r == 0) {
+ } else if (r == 0) {
+ /* inactive */
printf("%s/%s is inactive.\n", crypt_get_dir(), options.name);
- return r;
+ r = 1;
+ } else {
+ /* active */
+ printf("%s/%s is active:\n", crypt_get_dir(), options.name);
+ printf(" cipher: %s\n", options.cipher);
+ printf(" keysize: %d bits\n", options.key_size * 8);
+ printf(" device: %s\n", options.device);
+ printf(" offset: %" PRIu64 " sectors\n", options.offset);
+ printf(" size: %" PRIu64 " sectors\n", options.size);
+ if (options.skip)
+ printf(" skipped: %" PRIu64 " sectors\n", options.skip);
+ printf(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
+ ? "readonly" : "read/write");
+ crypt_put_options(&options);
+ r = 0;
}
-
- printf("%s/%s is active:\n", crypt_get_dir(), options.name);
- printf(" cipher: %s\n", options.cipher);
- printf(" keysize: %d bits\n", options.key_size * 8);
- printf(" device: %s\n", options.device);
- printf(" offset: %" PRIu64 " sectors\n", options.offset);
- printf(" size: %" PRIu64 " sectors\n", options.size);
- if (options.skip)
- printf(" skipped: %" PRIu64 " sectors\n", options.skip);
- printf(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
- ? "readonly" : "read/write");
-
- crypt_put_options(&options);
return r;
}
diff -rNu cryptsetup-luks-1.0.3.orig/lib/setup.c cryptsetup-luks-1.0.3/lib/setup.c
--- cryptsetup-luks-1.0.3.orig/lib/setup.c 2006-04-02 10:58:18.000000000 +0200
+++ cryptsetup-luks-1.0.3/lib/setup.c 2006-05-18 15:27:33.000000000 +0200
@@ -7,6 +7,7 @@
#include <sys/mman.h>
#include <fcntl.h>
#include <unistd.h>
+#include <termios.h>
#include <errno.h>
#include <signal.h>
#include <assert.h>
@@ -24,12 +25,6 @@
static int memory_unsafe = 0;
static char *default_backend = NULL;
-static void catch_alarm(int sig_num)
-{
- fprintf(stderr, "Operation timed out. Exiting.\n");
- exit(0);
-}
-
static int setup_enter(struct setup_backend *backend)
{
int r;
@@ -72,16 +67,76 @@
return 0;
}
+static int untimed_read(int fd, char *pass, size_t maxlen)
+{
+ ssize_t i;
+
+ i = read(fd, pass, maxlen);
+ if (i > 0) {
+ pass[i-1] = '\0';
+ i = 0;
+ }
+ return i;
+}
+
+static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
+{
+ struct timeval t;
+ fd_set fds;
+ int failed = -1;
+
+ FD_ZERO(&fds);
+ FD_SET(fd, &fds);
+ t.tv_sec = timeout;
+ t.tv_usec = 0;
+
+ if (select(fd+1, &fds, NULL, NULL, &t) > 0)
+ failed = untimed_read(fd, pass, maxlen);
+ else
+ fprintf(stderr, "Operation timed out.\n");
+ return failed;
+}
+
+static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
+ long timeout)
+{
+ struct termios orig, tmp;
+ int failed = -1;
+
+ if (maxlen < 1)
+ goto out_err;
+
+ if (tcgetattr(STDIN_FILENO, &orig)) {
+ set_error("Unable to get terminal");
+ goto out_err;
+ }
+ memcpy(&tmp, &orig, sizeof(tmp));
+ tmp.c_lflag &= ~ECHO;
+
+ write(STDOUT_FILENO, prompt, strlen(prompt));
+ tcsetattr(STDIN_FILENO, TCSAFLUSH, &tmp);
+ if (timeout)
+ failed = timed_read(STDIN_FILENO, pass, maxlen, timeout);
+ else
+ failed = untimed_read(STDIN_FILENO, pass, maxlen);
+ tcsetattr(STDIN_FILENO, TCSAFLUSH, &orig);
+
+out_err:
+ if (!failed)
+ write(STDOUT_FILENO, "\n", 1);
+ return failed;
+}
+
/*
* Password reading behaviour matrix of get_key
*
- * p v n
- * -----------------+---+---+----
- * interactive | Y | Y | Y
- * from fd | N | N | Y
- * from binary file | N | N | N
+ * p v n h
+ * -----------------+---+---+---+---
+ * interactive | Y | Y | Y | Inf
+ * from fd | N | N | Y | Inf
+ * from binary file | N | N | N | Inf or options->key_size
*
- * Legend: p..prompt, v..can verify, n..newline-stop
+ * Legend: p..prompt, v..can verify, n..newline-stop, h..read horizon
*
* Returns true when more keys are available (that is when password
* reading can be retried as for interactive terminals).
@@ -94,6 +149,7 @@
const int verify_if_possible = options->flags & CRYPT_FLAG_VERIFY_IF_POSSIBLE;
char *pass = NULL;
int newline_stop;
+ int read_horizon;
if(options->key_file) {
fd = open(options->key_file, O_RDONLY);
@@ -104,37 +160,33 @@
goto out_err;
}
newline_stop = 0;
+
+ /* This can either be 0 (LUKS) or the actually number
+ * of key bytes (default or passed by -s) */
+ read_horizon = options->key_size;
} else {
fd = options->passphrase_fd;
newline_stop = 1;
+ read_horizon = 0; /* Infinite, if read from terminal or fd */
}
- signal(SIGALRM, catch_alarm);
- if(options->timeout) {
- alarm(options->timeout);
- } else {
- alarm(0);
- }
-
/* Interactive case */
if(isatty(fd)) {
- char *pass2;
-
- pass2 = getpass(prompt);
- if (!pass2) {
+ int i;
+
+ pass = safe_alloc(512);
+ if (!pass || (i = interactive_pass(prompt, pass, 512, options->timeout))) {
set_error("Error reading passphrase");
goto out_err;
}
- pass = safe_strdup(pass2);
- memset(pass2, 0, strlen(pass2));
-
if (verify || verify_if_possible) {
- char *pass_verify = getpass("Verify passphrase: ");
- if (!pass_verify || strcmp(pass, pass_verify) != 0) {
+ char pass_verify[512];
+ i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), options->timeout);
+ if (i || strcmp(pass, pass_verify) != 0) {
set_error("Passphrases do not match");
goto out_err;
}
- memset(pass_verify, 0, strlen(pass_verify));
+ memset(pass_verify, 0, sizeof(pass_verify));
}
*passLen = strlen(pass);
*key = pass;
@@ -156,7 +208,7 @@
* such as /dev/random, because in this case, the loop
* will read forever.
*/
- if(options->key_file && options->key_size == 0) {
+ if(options->key_file && read_horizon == 0) {
struct stat st;
if(stat(options->key_file, &st) < 0) {
set_error("Can't stat key file");
@@ -169,7 +221,7 @@
}
}
buflen = 0;
- for(i = 0; options->key_size == 0 || i < options->key_size; i++) {
+ for(i = 0; read_horizon == 0 || i < read_horizon; i++) {
if(i >= buflen - 1) {
buflen += 128;
pass = safe_realloc(pass, buflen);
@@ -187,7 +239,6 @@
pass[i] = 0;
*key = pass;
*passLen = i;
- alarm(0);
}
return isatty(fd); /* Return true, when password reading can be tried on interactive fds */
diff -rNu cryptsetup-luks-1.0.3.orig/man/cryptsetup.8 cryptsetup-luks-1.0.3/man/cryptsetup.8
--- cryptsetup-luks-1.0.3.orig/man/cryptsetup.8 2006-03-30 15:23:56.000000000 +0200
+++ cryptsetup-luks-1.0.3/man/cryptsetup.8 2006-05-18 15:27:28.000000000 +0200
@@ -79,7 +79,7 @@
.SH OPTIONS
.TP
.B "\-\-hash, \-h"
-specifies hash to use for password hashing. This option is only relevant for the "create" action. The hash string is passed to libgcrypt, so all hashes accepted by gcrypt are supported.
+specifies hash to use for password hashing. This option is only relevant for the "create" action. The hash string is passed to libgcrypt, so all hashes accepted by gcrypt are supported. Default is "ripemd160".
.TP
.B "\-\-cipher, \-c"
set cipher specification string. Usually, this is "aes-cbc-plain". For pre-2.6.10 kernels, use "aes-plain" as they don't understand the new cipher spec strings. To use ESSIV, use "aes-cbc-essiv:sha256".
@@ -91,7 +91,7 @@
use file as key material. With LUKS, key material supplied in key files via \-d are always used for existing passphrases. If you want to set a new key via a key file, you have to use a positional arg to \fIluksFormat\fR or \fIluksAddKey\fR.
.TP
.B "\-\-key-size, \-s"
-set key size in bits. Usually, this is 128, 192 or 256. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will ignore this flag, as the key-size is specified by the partition header.
+set key size in bits. Usually, this is 128, 192 or 256. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will ignore this flag, as the key-size is specified by the partition header. Default is 0.
.TP
.B "\-\-size, \-b"
force the size of the underlaying device in sectors.
@@ -114,6 +114,9 @@
.B "\-\-timeout, \-t"
The number of seconds to wait before timeout. This option is relevant evertime a password is asked, like \fIcreate\fR, \fIluksOpen\fR, \fIluksFormat\fR or \fIluksAddKey\fR.
.TP
+.B "\-\-tries, \-T"
+How often the input of the passphrase shall be retried. This option is relevant evertime a password is asked, like \fIcreate\fR, \fIluksOpen\fR, \fIluksFormat\fR or \fIluksAddKey\fR. The default is 3 tries.
+.TP
.B "\-\-align-payload=\fIvalue\fR"
Align payload at a boundary of \fIvalue\fR 512-byte sectors. This option is relevant for \fIluksFormat\fR. If your block device lives on a RAID it is
useful to align the filesystem at full stripe boundaries so it can take advantage of the RAID's geometry. See for instance the sunit and swidth options
diff -rNu cryptsetup-luks-1.0.3.orig/src/cryptsetup.c cryptsetup-luks-1.0.3/src/cryptsetup.c
--- cryptsetup-luks-1.0.3.orig/src/cryptsetup.c 2006-04-02 10:18:42.000000000 +0200
+++ cryptsetup-luks-1.0.3/src/cryptsetup.c 2006-05-18 15:27:38.000000000 +0200
@@ -165,27 +165,29 @@
int r;
r = crypt_query_device(&options);
+
if (r < 0) {
+ /* error */
show_status(-r);
- return r;
- }
- if (r == 0) {
+ } else if (r == 0) {
+ /* inactive */
printf("%s/%s is inactive.\n", crypt_get_dir(), options.name);
- return r;
+ r = 1;
+ } else {
+ /* active */
+ printf("%s/%s is active:\n", crypt_get_dir(), options.name);
+ printf(" cipher: %s\n", options.cipher);
+ printf(" keysize: %d bits\n", options.key_size * 8);
+ printf(" device: %s\n", options.device);
+ printf(" offset: %" PRIu64 " sectors\n", options.offset);
+ printf(" size: %" PRIu64 " sectors\n", options.size);
+ if (options.skip)
+ printf(" skipped: %" PRIu64 " sectors\n", options.skip);
+ printf(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
+ ? "readonly" : "read/write");
+ crypt_put_options(&options);
+ r = 0;
}
-
- printf("%s/%s is active:\n", crypt_get_dir(), options.name);
- printf(" cipher: %s\n", options.cipher);
- printf(" keysize: %d bits\n", options.key_size * 8);
- printf(" device: %s\n", options.device);
- printf(" offset: %" PRIu64 " sectors\n", options.offset);
- printf(" size: %" PRIu64 " sectors\n", options.size);
- if (options.skip)
- printf(" skipped: %" PRIu64 " sectors\n", options.skip);
- printf(" mode: %s\n", (options.flags & CRYPT_FLAG_READONLY)
- ? "readonly" : "read/write");
-
- crypt_put_options(&options);
return r;
}
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
