3
0
forked from pool/util-linux
util-linux/util-linux-2.12-suse-compatibility.diff

150 lines
4.5 KiB
Diff

--- util-linux-2.12q/mount/lomount.c
+++ util-linux-2.12q/mount/lomount.c
@@ -52,6 +52,24 @@
extern void show_all_loops(void);
extern int read_options_from_fstab(char *, char **);
+int passphrase_timeout=0;
+struct sigaction alrmact;
+
+static void
+alrmhandler() {
+ /* let the SIGINT handler do the work: */
+ kill(getpid(),SIGINT);
+ usleep(1000000);
+ kill(getpid(),SIGTERM);
+ usleep(1000000);
+ /* stubborn... */
+ exit(0);
+}
+
+
+
+
+
#if !defined(LOOP_PASSWORD_MIN_LENGTH)
# define LOOP_PASSWORD_MIN_LENGTH 20
#endif
@@ -460,6 +478,15 @@
int i, ask2;
if(!passFDnumber) {
+
+ if(passphrase_timeout) {
+ alrmact.sa_handler = &alrmhandler;
+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask));
+ alrmact.sa_flags = 0;
+ sigaction(SIGALRM, &alrmact, NULL);
+ alarm(passphrase_timeout);
+ }
+
p = getpass(_("Password: "));
ask2 = passAskTwice ? 1 : 0;
} else {
@@ -493,6 +520,15 @@
s = malloc(i + 1);
if(!s) goto nomem;
strcpy(s, p);
+
+ if(passphrase_timeout) {
+ alrmact.sa_handler = &alrmhandler;
+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask));
+ alrmact.sa_flags = 0;
+ sigaction(SIGALRM, &alrmact, NULL);
+ alarm(passphrase_timeout);
+ }
+
p = getpass(_("Retype password: "));
if(!p) goto nomem;
if(strcmp(s, p)) goto compareErr;
@@ -524,6 +560,15 @@
strcpy(s, p);
memset(p, 0, i);
if(ask2) {
+
+ if(passphrase_timeout) {
+ alrmact.sa_handler = &alrmhandler;
+ memset(&alrmact.sa_mask, 0, sizeof(alrmact.sa_mask));
+ alrmact.sa_flags = 0;
+ sigaction(SIGALRM, &alrmact, NULL);
+ alarm(passphrase_timeout);
+ }
+
p = getpass(_("Retype password: "));
if(!p) goto nomem;
if(strcmp(s, p)) {
@@ -738,7 +783,7 @@
struct loop_info64 loopinfo;
int fd, ffd, mode, i;
char *pass, *apiName = NULL;
- void (*hashFunc)(unsigned char *, int, unsigned char *, int);
+ void (*hashFunc)(unsigned char *, int, unsigned char *, int) = NULL;
unsigned char multiKeyBits[65][32];
int minPassLen = LOOP_PASSWORD_MIN_LENGTH;
int run_mkfs_command = 0;
@@ -762,8 +807,23 @@
memset (&loopinfo, 0, sizeof (loopinfo));
xstrncpy (loopinfo.lo_file_name, file, LO_NAME_SIZE);
- if (loopEncryptionType)
+ if (loopEncryptionType) {
+ if (strcasecmp(loopEncryptionType,"twofish")==0
+ && !passHashFuncName) {
+ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/
+ loopinfo.lo_encrypt_key_size = 20;
+ passHashFuncName = strdup("rmd160");
+ fprintf(stderr,"Switching to old S.u.S.E. loop_fish2 compatibility mode.\n");
+ } else if (strcasecmp(loopEncryptionType,"twofishSL92")==0
+ && !passHashFuncName) {
+ loopinfo.lo_encrypt_type = 3; /*LO_CRYPT_FISH*/
+ loopinfo.lo_encrypt_key_size = 32;
+ passHashFuncName = strdup("sha512");
+ fprintf(stderr,"Switching to SuSE 9.2 loop_fish2 compatibility mode.\n");
+ } else {
loopinfo.lo_encrypt_type = loop_crypt_type (loopEncryptionType, &loopinfo.lo_encrypt_key_size, &apiName);
+ }
+ }
if (loopOffsetBytes)
loopinfo.lo_offset = mystrtoull(loopOffsetBytes, 1);
if (loopSizeBytes)
@@ -995,7 +1055,7 @@
%s loop_device # give info\n\
%s -a # give info of all loops\n\
%s -d loop_device # delete\n\
-options: -o offset -s sizelimit -p passwdfd -S pseed -H phash\n\
+options: -o offset -s sizelimit -p passwdfd -S pseed -H phash -t timeout\n\
-I loinit -T -K gpgkey -G gpghome -C itercountk -v -r\n"),
progname, progname, progname, progname, progname);
exit(1);
@@ -1139,7 +1199,7 @@
delete = 0;
progname = argv[0];
- while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:Tv")) != -1) {
+ while ((c = getopt(argc,argv,"aC:de:FG:H:I:K:o:p:rs:S:t:Tv")) != -1) {
switch (c) {
case 'a': /* show status of all loops */
option_a = 1;
@@ -1183,6 +1243,9 @@
case 'S': /* optional seed for passphrase */
passSeedString = optarg;
break;
+ case 't':
+ passphrase_timeout = atoi(optarg);
+ break;
case 'T': /* ask passphrase _twice_ */
passAskTwice = "T";
break;
--- util-linux-2.12q/mount/losetup.8
+++ util-linux-2.12q/mount/losetup.8
@@ -128,6 +128,9 @@
password before hashing. Using different seeds for different partitions
makes dictionary attacks slower but does not prevent them if user supplied
password is guessable. Seed is not used in multi-key mode.
+.IP "\fB\-t \fItimeout\fP"
+make the password prompt time out after \fItimeout\fP seconds have
+passed by.
.IP "\fB\-T\fP"
Asks password twice.
.IP "\fB\-v\fP"