From 65343c749441322d1e65e8bb5d433b6fee8c28bf Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Tue, 6 Nov 2012 09:49:27 -0500 Subject: [PATCH] cryptsetup: hash=plain means don't use a hash "plain" is a semantic value that cryptsetup(8) uses to describe a plain dm-crypt volume that does not use a hash. Catch this value earlier and ensure that a NULL params.hash is passed to crypt_format to avoid passing an invalid hash type to the libcryptsetup backend. FDO bug #56593. --- src/cryptsetup/cryptsetup.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index 916509a..e8ba3f0 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -342,7 +342,12 @@ int main(int argc, char *argv[]) { opt_tries = opt_tries > 0 ? opt_tries : 3; opt_key_size = (opt_key_size > 0 ? opt_key_size : 256); - hash = opt_hash ? opt_hash : "ripemd160"; + if (opt_hash) { + /* plain isn't a real hash type. it just means "use no hash" */ + if (!streq(opt_hash, "plain")) + hash = opt_hash; + } else + hash = "ripemd160"; if (opt_cipher) { size_t l; @@ -463,7 +468,7 @@ int main(int argc, char *argv[]) { opt_keyfile_size, ¶ms); - pass_volume_key = streq(hash, "plain"); + pass_volume_key = !!hash; } if (k < 0) { -- 1.7.10.4 From 8db9d8c2a4ef9806c286e258f9932a0972dc2375 Mon Sep 17 00:00:00 2001 From: Dave Reisner Date: Tue, 6 Nov 2012 10:17:18 -0500 Subject: [PATCH] cryptsetup: fix inverted comparison in pass_volume_key --- src/cryptsetup/cryptsetup.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index e8ba3f0..56a3b50 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -468,7 +468,8 @@ int main(int argc, char *argv[]) { opt_keyfile_size, ¶ms); - pass_volume_key = !!hash; + /* hash == NULL implies the user passed "plain" */ + pass_volume_key = (hash == NULL); } if (k < 0) { -- 1.7.10.4