diff options
author | Ludwig Nussel | 2012-09-11 10:46:11 +0200 |
---|---|---|
committer | Karel Zak | 2012-09-11 10:46:11 +0200 |
commit | 5cf05c71472bf7230075cbdcd5cd6eb12b1d3654 (patch) | |
tree | 17ee914da867ce1765102b1dbbf0d6ffefab1ff6 /sys-utils/losetup.c | |
parent | build-sys: remove static from config-gen.d/{devel,all}.conf (diff) | |
download | kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.tar.gz kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.tar.xz kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.zip |
mount: losetup: remove obsolete encryption support
kernel cryptoloop is deprecated since ages and support for cryptoloop
in util-linux is incomplete/broken.
- no password hashing
- last 8 bit of key are always set to zero
- no binary keys possible (stops reading key at \n and \0)
In the past some Distros added the above features with patches. So
remove cryptoloop support from util-linux completely to make sure
people won't try using it.
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'sys-utils/losetup.c')
-rw-r--r-- | sys-utils/losetup.c | 30 |
1 files changed, 7 insertions, 23 deletions
diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c index 9aeb9ec8a..38ccc7d08 100644 --- a/sys-utils/losetup.c +++ b/sys-utils/losetup.c @@ -18,7 +18,6 @@ #include "nls.h" #include "strutils.h" #include "loopdev.h" -#include "xgetpass.h" #include "closestream.h" #include "optutils.h" @@ -166,10 +165,8 @@ static void usage(FILE *out) " -j, --associated <file> list all devices associated with <file>\n"), out); fputs(USAGE_SEPARATOR, out); - fputs(_(" -e, --encryption <type> enable encryption with specified <name/num>\n" - " -o, --offset <num> start at offset <num> into file\n" + fputs(_(" -o, --offset <num> start at offset <num> into file\n" " --sizelimit <num> device limited to <num> bytes of the file\n" - " -p, --pass-fd <num> read passphrase from file descriptor <num>\n" " -P, --partscan create partitioned loop device\n" " -r, --read-only setup read-only loop device\n" " --show print device name after setup (with -f)\n" @@ -207,8 +204,8 @@ static void warn_size(const char *filename, uint64_t size) int main(int argc, char **argv) { struct loopdev_cxt lc; - int act = 0, flags = 0, passfd = -1, c; - char *file = NULL, *encryption = NULL; + int act = 0, flags = 0, c; + char *file = NULL; uint64_t offset = 0, sizelimit = 0; int res = 0, showdev = 0, lo_flags = 0; @@ -281,7 +278,7 @@ int main(int argc, char **argv) break; case 'E': case 'e': - encryption = optarg; + errx(EXIT_FAILURE, _("encryption not supported, use cryptsetup(8) instead")); break; case 'f': act = A_FIND_FREE; @@ -298,8 +295,7 @@ int main(int argc, char **argv) flags |= LOOPDEV_FL_OFFSET; break; case 'p': - passfd = strtou32_or_err(optarg, - _("invalid passphrase file descriptor")); + warn(_("--pass-fd is no longer supported")); break; case 'P': lo_flags |= LO_FLAGS_PARTSCAN; @@ -361,10 +357,10 @@ int main(int argc, char **argv) } if (act != A_CREATE && - (encryption || sizelimit || passfd != -1 || lo_flags || showdev)) + (sizelimit || lo_flags || showdev)) errx(EXIT_FAILURE, _("the options %s are allowed to loop device setup only"), - "--{encryption,sizelimit,pass-fd,read-only,show}"); + "--{sizelimit,read-only,show}"); if ((flags & LOOPDEV_FL_OFFSET) && act != A_CREATE && (act != A_SHOW || !file)) @@ -373,16 +369,8 @@ int main(int argc, char **argv) switch (act) { case A_CREATE: { - char *pass = NULL; int hasdev = loopcxt_has_device(&lc); - if (encryption) { -#ifdef MCL_FUTURE - if(mlockall(MCL_CURRENT | MCL_FUTURE)) - err(EXIT_FAILURE, _("couldn't lock into memory")); -#endif - pass = xgetpass(passfd, _("Password: ")); - } do { /* Note that loopcxt_{find_unused,set_device}() resets * loopcxt struct. @@ -391,8 +379,6 @@ int main(int argc, char **argv) warnx(_("not found unused device")); break; } - if (encryption && pass) - loopcxt_set_encryption(&lc, encryption, pass); if (flags & LOOPDEV_FL_OFFSET) loopcxt_set_offset(&lc, offset); if (flags & LOOPDEV_FL_SIZELIMIT) @@ -415,8 +401,6 @@ int main(int argc, char **argv) } } while (hasdev == 0); - free(pass); - if (res == 0) { if (showdev) printf("%s\n", loopcxt_get_device(&lc)); |