@@ 40,7 40,6 @@
#include <libkmod.h>
#include <blkid.h>
#include <libcryptsetup.h>
-#include <keyutils.h>
#define MAX_EVENT_TIMEOUT 5000
#define DEFAULT_EVENT_TIMEOUT 250
@@ 60,8 59,6 @@ static char *default_envp[2];
char *argv0;
static int use_mdadm, use_lvm, use_zpool;
-static long keyid;
-
#if defined(DEBUG)
#include <stdarg.h>
static void dbg(const char *fmt, ...)
@@ 313,6 310,7 @@ struct cryptdev {
char *device;
char *name;
char *key;
+ char *prompt;
char devnode[256];
};
@@ 608,6 606,48 @@ static void *cryptsetup_thread(void *data)
goto free_out;
}
+ if (!stat(c->crypt.data.prompt, &st)) {
+ int fd[2];
+ pid_t pid;
+ char pass[1024];
+
+ if (pipe(fd) == -1) {
+ warn("pipe");
+ goto free_out;
+ }
+
+ pid = fork();
+ if (pid < 0) {
+ warn("fork");
+ goto free_out;
+ }
+
+ if (pid == 0) {
+ close(fd[0]);
+ dup2(fd[1], 3);
+ close(fd[1]);
+ execlp(c->crypt.data.prompt, c->crypt.data.prompt, NULL);
+ warn("executing prompt %s", c->crypt.data.prompt);
+ }
+
+ close(fd[1]);
+ read(fd[0], pass, sizeof(pass));
+
+ wait(NULL);
+ close(fd[0]);
+
+ pthread_mutex_lock(&c->crypt.mutex);
+ r = crypt_activate_by_passphrase(cd, c->crypt.data.name,
+ CRYPT_ANY_SLOT,
+ pass, strlen(pass),
+ c->crypt.flags);
+ pthread_mutex_unlock(&c->crypt.mutex);
+ memset(pass, 0, sizeof(pass)); /* wipe pass after use */
+
+ if (r >= 0)
+ goto free_out;
+ }
+
while (passwd_tries > 0) {
char pass[1024];
@@ 624,18 664,11 @@ static void *cryptsetup_thread(void *data)
pass, strlen(pass),
c->crypt.flags);
pthread_mutex_unlock(&c->crypt.mutex);
+ memset(pass, 0, sizeof(pass)); /* wipe pass after use */
- if (r >= 0) {
- printf("The keyid for hackweek is %ld\n", keyid);
- if (keyctl_update(keyid, pass, strlen(pass)) < 0) {
- printf("error updating keyring\n");
- }
-
- memset(pass, 0, sizeof(pass)); /* wipe pass after use */
+ if (r >= 0)
goto free_out;
- }
- memset(pass, 0, sizeof(pass)); /* wipe pass after use */
printf("No key available with this passphrase.\n");
}
printf("Mounting %s failed, amount of tries exhausted.\n", c->crypt.data.devnode);
@@ 1286,6 1319,7 @@ int main(int argc, char *argv[])
{ "crypt-header", required_argument, NULL, 'H'},
{ "crypt-key", required_argument, NULL, 'k'},
{ "crypt-name", required_argument, NULL, 'm'},
+ { "crypt-prompt", required_argument, NULL, 'P'},
{ "allow-not-found", required_argument, NULL, 'n'},
{ "crypt-offset", required_argument, NULL, 'o'},
{ "crypt-discards", no_argument, NULL, 'D'},
@@ 1296,7 1330,7 @@ int main(int argc, char *argv[])
{ "uevent-buffer-size", required_argument, NULL, 'U'},
};
- int c = getopt_long(argc, argv, "a:b:c:hH:k:m:no:Ddf:p:t:U:i:", options, NULL);
+ int c = getopt_long(argc, argv, "a:b:c:hH:k:m:no:Ddf:p:t:U:P:", options, NULL);
if (c == -1)
break;
@@ 1322,15 1356,14 @@ int main(int argc, char *argv[])
case 'h':
usage(0);
break;
- case 'i':
- keyid = atoi(optarg);
- break;
case 'k':
conf.crypt.data.key = optarg;
break;
case 'm':
conf.crypt.data.name = optarg;
break;
+ case 'P':
+ conf.crypt.data.prompt = optarg;
case 'n':
not_found_is_ok = 1;
break;