From 5cf05c71472bf7230075cbdcd5cd6eb12b1d3654 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel Date: Tue, 11 Sep 2012 10:46:11 +0200 Subject: mount: losetup: remove obsolete encryption support kernel cryptoloop is deprecated since ages and support for cryptoloop in util-linux is incomplete/broken. - no password hashing - last 8 bit of key are always set to zero - no binary keys possible (stops reading key at \n and \0) In the past some Distros added the above features with patches. So remove cryptoloop support from util-linux completely to make sure people won't try using it. Signed-off-by: Ludwig Nussel Signed-off-by: Karel Zak --- sys-utils/losetup.c | 30 +++++++----------------------- 1 file changed, 7 insertions(+), 23 deletions(-) (limited to 'sys-utils/losetup.c') diff --git a/sys-utils/losetup.c b/sys-utils/losetup.c index 9aeb9ec8a..38ccc7d08 100644 --- a/sys-utils/losetup.c +++ b/sys-utils/losetup.c @@ -18,7 +18,6 @@ #include "nls.h" #include "strutils.h" #include "loopdev.h" -#include "xgetpass.h" #include "closestream.h" #include "optutils.h" @@ -166,10 +165,8 @@ static void usage(FILE *out) " -j, --associated list all devices associated with \n"), out); fputs(USAGE_SEPARATOR, out); - fputs(_(" -e, --encryption enable encryption with specified \n" - " -o, --offset start at offset into file\n" + fputs(_(" -o, --offset start at offset into file\n" " --sizelimit device limited to bytes of the file\n" - " -p, --pass-fd read passphrase from file descriptor \n" " -P, --partscan create partitioned loop device\n" " -r, --read-only setup read-only loop device\n" " --show print device name after setup (with -f)\n" @@ -207,8 +204,8 @@ static void warn_size(const char *filename, uint64_t size) int main(int argc, char **argv) { struct loopdev_cxt lc; - int act = 0, flags = 0, passfd = -1, c; - char *file = NULL, *encryption = NULL; + int act = 0, flags = 0, c; + char *file = NULL; uint64_t offset = 0, sizelimit = 0; int res = 0, showdev = 0, lo_flags = 0; @@ -281,7 +278,7 @@ int main(int argc, char **argv) break; case 'E': case 'e': - encryption = optarg; + errx(EXIT_FAILURE, _("encryption not supported, use cryptsetup(8) instead")); break; case 'f': act = A_FIND_FREE; @@ -298,8 +295,7 @@ int main(int argc, char **argv) flags |= LOOPDEV_FL_OFFSET; break; case 'p': - passfd = strtou32_or_err(optarg, - _("invalid passphrase file descriptor")); + warn(_("--pass-fd is no longer supported")); break; case 'P': lo_flags |= LO_FLAGS_PARTSCAN; @@ -361,10 +357,10 @@ int main(int argc, char **argv) } if (act != A_CREATE && - (encryption || sizelimit || passfd != -1 || lo_flags || showdev)) + (sizelimit || lo_flags || showdev)) errx(EXIT_FAILURE, _("the options %s are allowed to loop device setup only"), - "--{encryption,sizelimit,pass-fd,read-only,show}"); + "--{sizelimit,read-only,show}"); if ((flags & LOOPDEV_FL_OFFSET) && act != A_CREATE && (act != A_SHOW || !file)) @@ -373,16 +369,8 @@ int main(int argc, char **argv) switch (act) { case A_CREATE: { - char *pass = NULL; int hasdev = loopcxt_has_device(&lc); - if (encryption) { -#ifdef MCL_FUTURE - if(mlockall(MCL_CURRENT | MCL_FUTURE)) - err(EXIT_FAILURE, _("couldn't lock into memory")); -#endif - pass = xgetpass(passfd, _("Password: ")); - } do { /* Note that loopcxt_{find_unused,set_device}() resets * loopcxt struct. @@ -391,8 +379,6 @@ int main(int argc, char **argv) warnx(_("not found unused device")); break; } - if (encryption && pass) - loopcxt_set_encryption(&lc, encryption, pass); if (flags & LOOPDEV_FL_OFFSET) loopcxt_set_offset(&lc, offset); if (flags & LOOPDEV_FL_SIZELIMIT) @@ -415,8 +401,6 @@ int main(int argc, char **argv) } } while (hasdev == 0); - free(pass); - if (res == 0) { if (showdev) printf("%s\n", loopcxt_get_device(&lc)); -- cgit v1.2.3-55-g7522