diff options
| author | Ludwig Nussel | 2012-09-11 10:46:11 +0200 |
|---|---|---|
| committer | Karel Zak | 2012-09-11 10:46:11 +0200 |
| commit | 5cf05c71472bf7230075cbdcd5cd6eb12b1d3654 (patch) | |
| tree | 17ee914da867ce1765102b1dbbf0d6ffefab1ff6 /sys-utils/mount.c | |
| parent | build-sys: remove static from config-gen.d/{devel,all}.conf (diff) | |
| download | kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.tar.gz kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.tar.xz kernel-qcow2-util-linux-5cf05c71472bf7230075cbdcd5cd6eb12b1d3654.zip | |
mount: losetup: remove obsolete encryption support
kernel cryptoloop is deprecated since ages and support for cryptoloop
in util-linux is incomplete/broken.
- no password hashing
- last 8 bit of key are always set to zero
- no binary keys possible (stops reading key at \n and \0)
In the past some Distros added the above features with patches. So
remove cryptoloop support from util-linux completely to make sure
people won't try using it.
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'sys-utils/mount.c')
| -rw-r--r-- | sys-utils/mount.c | 42 |
1 files changed, 2 insertions, 40 deletions
diff --git a/sys-utils/mount.c b/sys-utils/mount.c index 2d1d2cd41..0ac3d9083 100644 --- a/sys-utils/mount.c +++ b/sys-utils/mount.c @@ -36,7 +36,6 @@ #include "c.h" #include "env.h" #include "strutils.h" -#include "xgetpass.h" #include "exitcodes.h" #include "xalloc.h" #include "closestream.h" @@ -51,7 +50,6 @@ * --options-source-force MNT_OMODE_FORCE */ -static int passfd = -1; static int readwrite; static int mk_exit_code(struct libmnt_context *cxt, int rc); @@ -105,32 +103,6 @@ static int table_parser_errcb(struct libmnt_table *tb __attribute__((__unused__) return 0; } -static char *encrypt_pass_get(struct libmnt_context *cxt) -{ - if (!cxt) - return 0; - -#ifdef MCL_FUTURE - if (mlockall(MCL_CURRENT | MCL_FUTURE)) { - warn(_("couldn't lock into memory")); - return NULL; - } -#endif - return xgetpass(passfd, _("Password: ")); -} - -static void encrypt_pass_release(struct libmnt_context *cxt - __attribute__((__unused__)), char *pwd) -{ - char *p = pwd; - - while (p && *p) - *p++ = '\0'; - - free(pwd); - munlockall(); -} - /* * Replace control chars with '?' to be compatible with coreutils. For more * robust solution use findmnt(1) where we use \x?? hex encoding. @@ -404,13 +376,7 @@ try_readonly: warnx(_("failed to parse mount options")); return MOUNT_EX_USAGE; case -MNT_ERR_LOOPDEV: - if (errno == ENOENT - && (uflags & MNT_MS_ENCRYPTION) - && src && stat(src, &st) == 0) - warnx(_("%s: failed to setup loop device " - "(probably unknown encryption type)"), src); - else - warn(_("%s: failed to setup loop device"), src); + warn(_("%s: failed to setup loop device"), src); return MOUNT_EX_FAIL; default: return handle_generic_errors(rc, _("%s: mount failed"), @@ -641,7 +607,6 @@ static void __attribute__((__noreturn__)) usage(FILE *out) fprintf(out, _( " -o, --options <list> comma-separated list of mount options\n" " -O, --test-opts <list> limit the set of filesystems (use with -a)\n" - " -p, --pass-fd <num> read the passphrase from file descriptor\n" " -r, --read-only mount the filesystem read-only (same as -o ro)\n" " -t, --types <list> limit the set of filesystem types\n")); fprintf(out, _( @@ -835,8 +800,7 @@ int main(int argc, char **argv) err(MOUNT_EX_SYSERR, _("failed to set options pattern")); break; case 'p': - passfd = strtou32_or_err(optarg, - _("invalid passphrase file descriptor")); + warnx(_("--pass-fd is no longer supported")); break; case 'L': xasprintf(&srcbuf, "LABEL=\"%s\"", optarg); @@ -931,8 +895,6 @@ int main(int argc, char **argv) else if (types) mnt_context_set_fstype(cxt, types); - mnt_context_set_passwd_cb(cxt, encrypt_pass_get, encrypt_pass_release); - if (all) { /* * A) Mount all |