Author: fehr
Date: Tue Dec 22 17:57:36 2009
New Revision: 60185
URL: http://svn.opensuse.org/viewcvs/yast?rev=60185&view=rev
Log:
backported crypt related fixes from HEAD
Modified:
branches/SuSE-Code-11-SP1-Branch/storage/VERSION
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Container.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/DmCo.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Loop.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageInterface.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageTmpl.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.h
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/fstab1.cc
branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/single.out/fstab1.out
branches/SuSE-Code-11-SP1-Branch/storage/package/yast2-storage.changes
branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/custom_part_lib.ycp
branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/do_proposal_flexible.ycp
branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/ep-dialogs.ycp
branches/SuSE-Code-11-SP1-Branch/storage/storage/src/modules/Storage.ycp
Modified: branches/SuSE-Code-11-SP1-Branch/storage/VERSION
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/VERSION?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/VERSION (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/VERSION Tue Dec 22 17:57:36 2009
@@ -1 +1 @@
-2.17.86
+2.17.87
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Container.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Container.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Container.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Container.cc Tue Dec 22 17:57:36 2009
@@ -162,11 +162,13 @@
ret = doCreate( vol );
else if( vol->needExtend() )
ret = doResize( vol );
- if (vol->needCrsetup())
+ if (vol->needCrsetup(false))
ret = vol->doCrsetup();
break;
case FORMAT:
+ if (vol->needCrsetup(true))
+ ret = vol->doCrsetup();
if( ret==0 && vol->getFormat() )
ret = vol->doFormat();
if( ret==0 && vol->needLabel() )
@@ -175,7 +177,11 @@
case MOUNT:
if( vol->needRemount() )
+ {
+ if (vol->needCrsetup(true))
+ vol->doCrsetup();
ret = vol->doMount();
+ }
if( ret==0 && vol->needFstabUpdate() )
{
ret = vol->doFstabUpdate();
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/DmCo.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/DmCo.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/DmCo.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/DmCo.cc Tue Dec 22 17:57:36 2009
@@ -122,7 +122,7 @@
keysize = extractNthWord( 1, line );
}
- if( cipher == "aes-cbc-essiv:sha256" )
+ if( cipher == "aes-cbc-essiv:sha256" || cipher == "aes-cbc-plain")
ret = ENC_LUKS;
else if( cipher == "twofish-cbc-plain" )
ret = ENC_TWOFISH;
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.cc Tue Dec 22 17:57:36 2009
@@ -24,7 +24,6 @@
Textdomain "storage"
*/
-
#include <fstream>
#include <algorithm>
@@ -94,6 +93,8 @@
if( i!=l.end() )
*i++ >> p->old.passno;
p->old.calcDependent();
+ if( checkNormalFile(p->old.device) )
+ p->old.loop = true;
p->nnew = p->old;
co.push_back( *p );
delete p;
@@ -494,14 +495,15 @@
{
ls.push_back( e.loop_dev );
}
- ls.push_back( e.dentry );
+ if( e.dmcrypt && e.optUser() )
+ ls.push_back( e.device );
+ else
+ ls.push_back( e.dentry );
ls.push_back( e.mount );
- if( e.dmcrypt && e.noauto )
+ if( e.dmcrypt && e.optUser() )
ls.push_back( "crypt" );
else
- {
ls.push_back( (e.fs!="ntfs")?e.fs:"ntfs-3g" );
- }
if( e.cryptotab )
{
ls.push_back( Volume::encTypeString(e.encr) );
@@ -545,8 +547,7 @@
string EtcFstab::createTabLine( const FstabEntry& e ) const
{
- y2mil("dentry:" << e.dentry << " mount:" << e.mount << "device:" << e.device);
- y2mil( "entry:" << e );
+ y2mil("dentry:" << e.dentry << " mount:" << e.mount << " device:" << e.device);
const list<string> ls = makeStringList(e);
y2mil( "list:" << ls );
unsigned max_fields = e.cryptotab ? lengthof(cryptotabFields)
@@ -759,6 +760,15 @@
i->old = i->nnew;
i->op = Entry::NONE;
}
+ else if( findCrtab( i->nnew, crypttab, lineno ))
+ {
+ string line = createTabLine( i->nnew );
+ if (!i->nnew.mount.empty())
+ fstab->append( line );
+ if( i->old.crypttab > i->nnew.crypttab &&
+ findCrtab( i->old, crypttab, lineno ))
+ crypttab.remove( lineno, 1 );
+ }
else
ret = FSTAB_UPDATE_ENTRY_NOT_FOUND;
break;
@@ -896,7 +906,11 @@
return( txt );
}
-
+bool
+FstabEntry::optUser() const
+ {
+ return find( opts.begin(), opts.end(), "user" ) != opts.end();
+ }
unsigned EtcFstab::fstabFields[] = { 20, 20, 10, 21, 1, 1 };
unsigned EtcFstab::cryptotabFields[] = { 11, 15, 20, 10, 10, 1 };
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/EtcFstab.h Tue Dec 22 17:57:36 2009
@@ -65,6 +65,7 @@
storage::MountByType mount_by;
void calcDependent();
+ bool optUser() const;
};
inline std::ostream& operator<< (std::ostream& s, const FstabEntry &v )
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Loop.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Loop.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Loop.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Loop.cc Tue Dec 22 17:57:36 2009
@@ -74,7 +74,7 @@
else
{
numeric = false;
- setEncryption( ENC_LUKS );
+ initEncryption( ENC_LUKS );
if( !dm_dev.empty() )
{
setDmcryptDev( dm_dev );
@@ -123,7 +123,7 @@
else
{
numeric = false;
- setEncryption( ENC_LUKS );
+ initEncryption( ENC_LUKS );
if( dmcrypt_dev.empty() )
dmcrypt_dev = getDmcryptName();
setDmcryptDev( dmcrypt_dev, false );
@@ -143,13 +143,15 @@
void
Loop::init()
{
- reuseFile = delFile = false;
+ delFile = false;
+ reuseFile = true;
}
void
Loop::setDmcryptDev( const string& dm_dev, bool active )
{
dev = dm_dev;
+ y2mil( "dm_dev:" << dm_dev << " active:" << active );
nm = dm_dev.substr( dm_dev.find_last_of( '/' )+1);
if( active )
{
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.cc Tue Dec 22 17:57:36 2009
@@ -601,6 +601,13 @@
return( ret );
}
+string Md::mdDevice( unsigned num )
+ {
+ string dev( "/dev/md" );
+ dev += decString(num);
+ return( dev );
+ }
+
void Md::setPersonality( MdType val )
{
md_type=val;
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Md.h Tue Dec 22 17:57:36 2009
@@ -65,6 +65,8 @@
static const string& pName( storage::MdType t ) { return md_names[t]; }
static bool mdStringNum( const string& name, unsigned& num );
+ static string mdDevice( unsigned num );
+
friend std::ostream& operator<< (std::ostream& s, const Md& m );
virtual void print( std::ostream& s ) const { s << *this; }
string removeText( bool doing ) const;
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.cc Tue Dec 22 17:57:36 2009
@@ -1138,6 +1138,8 @@
else
{
ret = i->createPartition( type, start, size, device, true );
+ if( ret==0 )
+ checkPwdBuf( device );
}
}
}
@@ -1152,6 +1154,8 @@
else
{
ret = i->createPartition( type, start, size, device, true );
+ if( ret==0 )
+ checkPwdBuf( device );
}
}
}
@@ -2306,6 +2310,40 @@
}
int
+Storage::verifyCryptFilePassword( const string& file, const string& pwd )
+ {
+ int ret = VOLUME_CRYPT_NOT_DETECTED;
+ assertInit();
+ y2mil("file:" << file << " l:" << pwd.length());
+#ifdef DEBUG_LOOP_CRYPT_PASSWORD
+ y2mil("password:" << pwd);
+#endif
+
+ VolIterator vol;
+ if (readonly())
+ {
+ ret = STORAGE_CHANGE_READONLY;
+ }
+ else
+ {
+ ProcPart ppart;
+ LoopCo* co = new LoopCo(this, false, ppart);
+ if( co )
+ {
+ Loop* loop = new Loop( *co, file, true, 0, true );
+ if( loop && loop->setCryptPwd( pwd )==0 &&
+ loop->detectEncryption()!=ENC_UNKNOWN )
+ ret = 0;
+ if( loop )
+ delete loop;
+ delete co;
+ }
+ }
+ y2mil("ret:" << ret);
+ return( ret );
+ }
+
+int
Storage::changeMkfsOptVolume( const string& device, const string& opts )
{
int ret = 0;
@@ -2637,6 +2675,8 @@
{
ret = STORAGE_VOLUME_NOT_FOUND;
}
+ if( !val )
+ pwdBuf.erase(device);
if( ret==0 )
{
ret = checkCache();
@@ -2666,7 +2706,7 @@
}
int
-Storage::setCryptPassword( const string& device, const string& pwd )
+Storage::verifyCryptPassword( const string& device, const string& pwd )
{
int ret = 0;
assertInit();
@@ -2683,10 +2723,43 @@
else if( findVolume( device, vol ) )
{
ret = vol->setCryptPwd( pwd );
+ if( ret==0 && vol->detectEncryption()==ENC_UNKNOWN )
+ ret = VOLUME_CRYPT_NOT_DETECTED;
+ vol->clearCryptPwd();
}
else
{
- ret = STORAGE_VOLUME_NOT_FOUND;
+ ret = verifyCryptFilePassword( device, pwd );
+ }
+ y2mil("ret:" << ret);
+ return( ret );
+ }
+
+int
+Storage::setCryptPassword( const string& device, const string& pwd )
+ {
+ int ret = 0;
+ assertInit();
+ y2mil("device:" << device << " l:" << pwd.length());
+#ifdef DEBUG_LOOP_CRYPT_PASSWORD
+ y2mil("password:" << pwd);
+#endif
+
+ VolIterator vol;
+ map::iterator i = pwdBuf.find(device);
+ if (readonly())
+ {
+ ret = STORAGE_CHANGE_READONLY;
+ }
+ else if( findVolume( device, vol ) )
+ {
+ ret = vol->setCryptPwd( pwd );
+ if( i!=pwdBuf.end() )
+ pwdBuf.erase(i);
+ }
+ else
+ {
+ mapInsertOrReplace( pwdBuf, device, pwd );
}
if( ret==0 )
{
@@ -2714,11 +2787,45 @@
}
else
{
- ret = STORAGE_VOLUME_NOT_FOUND;
+ map::iterator i = pwdBuf.find(device);
+ if( i!=pwdBuf.end() )
+ pwdBuf.erase(i);
+ else
+ ret = STORAGE_VOLUME_NOT_FOUND;
}
- if( ret==0 )
+ y2mil("ret:" << ret);
+ return( ret );
+ }
+
+bool
+Storage::needCryptPassword( const string& device )
+ {
+ bool ret = true;
+ bool volFound = false;
+ assertInit();
+ y2mil("device:" << device);
+
+ VolIterator vol;
+ if( checkNormalFile(device) )
{
- ret = checkCache();
+ ConstLoopPair p = loopPair(Loop::notDeleted);
+ ConstLoopIterator i = p.begin();
+ while( i != p.end() && i->loopFile()!=device )
+ ++i;
+ if( i != p.end() )
+ {
+ ret = i->needCryptPwd();
+ volFound = true;
+ }
+ }
+ else if( findVolume( device, vol ) )
+ {
+ ret = vol->needCryptPwd();
+ volFound = true;
+ }
+ if( !volFound )
+ {
+ ret = pwdBuf.find( device )==pwdBuf.end();
}
y2mil("ret:" << ret);
return( ret );
@@ -2739,11 +2846,11 @@
}
else
{
- ret = STORAGE_VOLUME_NOT_FOUND;
- }
- if( ret==0 )
- {
- ret = checkCache();
+ map::const_iterator i = pwdBuf.find(device);
+ if( i!=pwdBuf.end() )
+ pwd = i->second;
+ else
+ ret = STORAGE_VOLUME_NOT_FOUND;
}
#ifdef DEBUG_LOOP_CRYPT_PASSWORD
y2milestone( "password:%s", pwd.c_str() );
@@ -3066,6 +3173,8 @@
else if( i != lvgEnd() )
{
ret = i->createLv( name, sizeM*1024, stripe, device );
+ if( ret==0 )
+ checkPwdBuf( device );
}
else
{
@@ -3309,6 +3418,8 @@
list<string> d;
d.insert( d.end(), devs.begin(), devs.end() );
ret = md->createMd( num, rtype, d );
+ if( ret==0 )
+ checkPwdBuf( Md::mdDevice(num) );
}
if( !have_md )
{
@@ -3353,6 +3464,8 @@
list<string> d;
d.insert( d.end(), devs.begin(), devs.end() );
ret = md->createMd( num, rtype, d );
+ if( ret==0 )
+ checkPwdBuf( Md::mdDevice(num) );
}
if( !have_md )
{
@@ -6414,6 +6527,20 @@
}
}
+void Storage::checkPwdBuf( const string& device )
+ {
+ if( !pwdBuf.empty() )
+ {
+ map::iterator i=pwdBuf.find(device);
+ if( i!=pwdBuf.end() )
+ {
+ VolIterator vol;
+ if( findVolume( device, vol ) )
+ vol->setCryptPwd( i->second );
+ pwdBuf.erase(i);
+ }
+ }
+ }
int
Storage::zeroDevice(const string& device, unsigned long long sizeK, bool random,
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Storage.h Tue Dec 22 17:57:36 2009
@@ -382,6 +382,9 @@
int addFstabOptions( const string&, const string& options );
int removeFstabOptions( const string&, const string& options );
int setCryptPassword( const string& device, const string& pwd );
+ int verifyCryptPassword( const string& device, const string& pwd );
+ int verifyCryptFilePassword( const string& file, const string& pwd );
+ bool needCryptPassword( const string& device );
int forgetCryptPassword( const string& device );
int getCryptPassword( const string& device, string& pwd );
int setCrypt( const string& device, bool val );
@@ -1875,6 +1878,7 @@
bool also_del=false );
bool findContainer( const string& device, ContIterator& c );
+ void checkPwdBuf( const string& device );
bool haveMd( MdCo*& md );
bool haveDm(DmCo*& dm);
bool haveNfs( NfsCo*& co );
@@ -1935,6 +1939,7 @@
string extendedError;
std::map backups;
std::map freeInfo;
+ std::map pwdBuf;
std::list > infoPopupTxts;
};
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageInterface.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageInterface.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageInterface.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageInterface.h Tue Dec 22 17:57:36 2009
@@ -1396,6 +1396,22 @@
virtual int getCryptPassword( const string& device, string& pwd ) = 0;
/**
+ * Verify password of a volume
+ *
+ * @param device name of volume, e.g. /dev/hda1
+ * @param pwd crypt password for this volume
+ * @return zero if password is ok, a negative number to indicate an error
+ */
+ virtual int verifyCryptPassword( const string& device, const string& pwd ) = 0;
+ /**
+ * Check if crypt password is required
+ *
+ * @param device name of volume, e.g. /dev/hda1
+ * @return true if password is required, false otherwise
+ */
+ virtual bool needCryptPassword( const string& device ) = 0;
+
+ /**
* Set encryption state of a volume
*
* @param device name of volume, e.g. /dev/hda1
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageTmpl.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageTmpl.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageTmpl.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/StorageTmpl.h Tue Dec 22 17:57:36 2009
@@ -144,6 +144,16 @@
l.insert( i, e );
}
+template
+typename Map::iterator mapInsertOrReplace(Map& m, const Key& k, const Value& v)
+ {
+ typename Map::iterator pos = m.lower_bound(k);
+ if (pos != m.end() && !typename Map::key_compare()(k, pos->first))
+ pos->second = v;
+ else
+ pos = m.insert(pos, typename Map::value_type(k, v));
+ return pos;
+ }
template<class Num> string decString(Num number)
{
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.cc Tue Dec 22 17:57:36 2009
@@ -308,7 +308,7 @@
classic(file);
file.read( buf, sizeof(buf) );
if( file.good() && strncmp( buf, "LUKS", 4 )==0 )
- setEncryption( ENC_LUKS );
+ initEncryption( ENC_LUKS );
file.close();
}
}
@@ -1006,6 +1006,8 @@
int Volume::cryptUnsetup( bool force )
{
int ret=0;
+ y2mil( "force:" << force << " active:" << dmcrypt_active <<
+ " table:" << dmcrypt_dev );
if( dmcrypt_active || force )
{
string table = dmcrypt_dev;
@@ -1342,13 +1344,22 @@
{
is_loop = false;
encryption = ENC_NONE;
- dmcrypt_dev.clear();
crypt_pwd.erase();
+ orig_crypt_pwd.erase();
}
else
{
- if( !loop_active && !isTmpCryptMp(mp) && crypt_pwd.empty() )
- ret = VOLUME_CRYPT_NO_PWD;
+ if( !isTmpCryptMp(mp) )
+ {
+ if( !dmcrypt_active && crypt_pwd.empty() )
+ ret = VOLUME_CRYPT_NO_PWD;
+ if( ret==0 && !dmcrypt_active &&
+ !pwdLengthOk(typ,crypt_pwd,format) )
+ {
+ ret = VOLUME_CRYPT_PWD_TOO_SHORT;
+ clearCryptPwd();
+ }
+ }
if( ret == 0 && cType()==NFSC )
ret = VOLUME_CRYPT_NFS_IMPOSSIBLE;
if (ret == 0 && (create || format || loop_active || mp.empty()))
@@ -1607,6 +1618,26 @@
return( cmd );
}
+bool Volume::pwdLengthOk( storage::EncryptType typ, const string& val,
+ bool fmt ) const
+ {
+ bool ret = true;
+ if( fmt )
+ {
+ ret = val.size()>=8;
+ }
+ else
+ {
+ if( typ==ENC_TWOFISH_OLD )
+ ret = val.size()>=5;
+ else if( typ==ENC_TWOFISH || typ==ENC_TWOFISH256_OLD )
+ ret = val.size()>=8;
+ else
+ ret = val.size()>=1;
+ }
+ return( ret );
+ }
+
int
Volume::setCryptPwd( const string& val )
{
@@ -1615,18 +1646,12 @@
#endif
int ret = 0;
- if( ((encryption==ENC_UNKNOWN||encryption==ENC_TWOFISH_OLD||
- encryption==ENC_NONE) && val.size()<5) ||
- ((encryption==ENC_TWOFISH||encryption==ENC_TWOFISH256_OLD) &&
- val.size()<8) ||
- (encryption==ENC_LUKS && val.size()<1))
- {
- if( !isTmpCryptMp(mp) )
- ret = VOLUME_CRYPT_PWD_TOO_SHORT;
- }
+ if( !pwdLengthOk(encryption,val,format) && !isTmpCryptMp(mp) )
+ ret = VOLUME_CRYPT_PWD_TOO_SHORT;
else
{
- crypt_pwd=val;
+ orig_crypt_pwd = crypt_pwd;
+ crypt_pwd = val;
if( encryption==ENC_UNKNOWN )
detectEncryption();
}
@@ -1634,25 +1659,47 @@
return( ret );
}
-bool Volume::needLosetup() const
+bool
+Volume::needCryptPwd() const
{
- return( (is_loop!=loop_active) &&
- (encryption==ENC_NONE || !crypt_pwd.empty() ||
- (dmcrypt()&&cont->type()==LOOP)) );
+ bool ret = crypt_pwd.empty();
+ if( ret && is_loop )
+ ret = ret && !loop_active;
+ if( ret && dmcrypt() )
+ ret = ret && !dmcrypt_active;
+ y2mil("ret:" << ret);
+ return( ret );
}
-bool Volume::needCryptsetup() const
+bool Volume::needLosetup( bool urgent ) const
{
- if (dmcrypt() && encryption != orig_encryption)
- return true;
+ bool ret = (is_loop!=loop_active) &&
+ (encryption==ENC_NONE || !crypt_pwd.empty() ||
+ (dmcrypt() && cType() == LOOP));
+ if( !urgent && loop_dev.empty() )
+ ret = false;
+ if( is_loop && encryption!=ENC_NONE &&
+ !crypt_pwd.empty() && crypt_pwd!=orig_crypt_pwd )
+ ret = true;
+ return( ret );
+ }
- return( dmcrypt()!=dmcrypt_active &&
- (encryption==ENC_NONE || !crypt_pwd.empty() || isTmpCryptMp(mp)));
+bool Volume::needCryptsetup() const
+ {
+ bool ret = (dmcrypt()!=dmcrypt_active) &&
+ (encryption==ENC_NONE || encryption!=orig_encryption ||
+ !crypt_pwd.empty() || isTmpCryptMp(mp));
+ if( dmcrypt() && encryption!=ENC_NONE &&
+ !crypt_pwd.empty() && crypt_pwd!=orig_crypt_pwd )
+ ret = true;
+ y2mil( "vol:" << *this );
+ y2mil( "ret:" << ret );
+ return( ret );
}
-bool Volume::needCrsetup() const
+bool Volume::needCrsetup( bool urgent ) const
{
- return( needLosetup()||needCryptsetup() );
+ return( needLosetup(urgent)||needCryptsetup() );
}
bool Volume::needFstabUpdate() const
@@ -1758,12 +1805,15 @@
{
is_loop = cont->type()==LOOP;
ret = encryption = orig_encryption = try_order[pos];
+ orig_crypt_pwd = crypt_pwd;
}
else
{
is_loop = false;
dmcrypt_dev.erase();
loop_dev.erase();
+ crypt_pwd.erase();
+ orig_crypt_pwd.erase();
ret = encryption = orig_encryption = ENC_UNKNOWN;
}
unlink( fname.c_str() );
@@ -1807,6 +1857,8 @@
SystemCmd c( getLosetupCmd( encryption, fname ));
if( c.retcode()!=0 )
ret = VOLUME_LOSETUP_FAILED;
+ else
+ orig_crypt_pwd = crypt_pwd;
if( !fname.empty() )
{
unlink( fname.c_str() );
@@ -1934,6 +1986,8 @@
ret = VOLUME_CRYPTSETUP_FAILED;
}
}
+ if( ret==0 )
+ orig_crypt_pwd = crypt_pwd;
unlink( fname.c_str() );
rmdir( cont->getStorage()->tmpDir().c_str() );
cont->getStorage()->waitForDevice( dmcrypt_dev );
@@ -1973,7 +2027,7 @@
{
int ret = 0;
bool losetup_done = false;
- if( needLosetup() )
+ if( needLosetup(true) )
{
ret = doLosetup();
losetup_done = ret==0;
@@ -2300,7 +2354,7 @@
l.push_back( new commitAction( FORMAT, cont->type(),
formatText(false), this, true ));
}
- else if ( encryption != ENC_NONE )
+ else if ( needCrsetup(false) )
{
l.push_back(new commitAction(mp.empty()?INCREASE:FORMAT, cont->type(),
crsetupText(false), this, mp.empty()));
@@ -2486,7 +2540,7 @@
changed = true;
che.dentry = de;
}
- if( fs != detected_fs )
+ if( fs != detected_fs || che.fs!=fs_names[fs] )
{
changed = true;
che.fs = fs_names[fs];
@@ -2806,6 +2860,9 @@
#ifdef DEBUG_LOOP_CRYPT_PASSWORD
if( is_loop && encryption!=ENC_NONE && !crypt_pwd.empty() )
file << " pwd:" << crypt_pwd;
+ if( is_loop && encryption!=ENC_NONE && !orig_crypt_pwd.empty() &&
+ orig_crypt_pwd!=crypt_pwd )
+ file << " orig_pwd:" << orig_crypt_pwd;
#endif
file << endl;
return( file );
@@ -2847,7 +2904,7 @@
encryption = orig_encryption = toEncType(i->second);
i = m.find( "pwd" );
if( i!=m.end() )
- crypt_pwd = i->second;
+ orig_crypt_pwd = crypt_pwd = i->second;
}
namespace storage
@@ -2944,6 +3001,8 @@
s << " orig_encr:" << v.enc_names[v.orig_encryption];
#ifdef DEBUG_LOOP_CRYPT_PASSWORD
s << " pwd:" << v.crypt_pwd;
+ if( v.orig_crypt_pwd.empty() && v.crypt_pwd!=v.orig_crypt_pwd )
+ s << " orig_pwd:" << v.orig_crypt_pwd;
#endif
}
if( !v.dmcrypt_dev.empty() )
@@ -3145,6 +3204,7 @@
loop_dev = rhs.loop_dev;
fstab_loop_dev = rhs.fstab_loop_dev;
crypt_pwd = rhs.crypt_pwd;
+ orig_crypt_pwd = rhs.orig_crypt_pwd;
uby = rhs.uby;
alt_names = rhs.alt_names;
return( *this );
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.h
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.h?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.h (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/src/Volume.h Tue Dec 22 17:57:36 2009
@@ -92,19 +92,20 @@
bool dmcrypt() const { return encryption != ENC_NONE && encryption != ENC_UNKNOWN; }
bool loopActive() const { return( is_loop&&loop_active ); }
bool dmcryptActive() const { return( dmcrypt()&&dmcrypt_active ); }
- bool needCrsetup() const;
+ bool needCrsetup( bool urgent=true ) const;
const string& getUuid() const { return uuid; }
const string& getLabel() const { return label; }
int setLabel( const string& val );
int eraseLabel() { label.erase(); orig_label.erase(); return 0; }
bool needLabel() const { return( label!=orig_label ); }
storage::EncryptType getEncryption() const { return encryption; }
- void setEncryption( storage::EncryptType val=storage::ENC_LUKS )
+ void initEncryption( storage::EncryptType val=storage::ENC_LUKS )
{ encryption=orig_encryption=val; }
virtual int setEncryption(bool val, storage::EncryptType typ = storage::ENC_LUKS );
const string& getCryptPwd() const { return crypt_pwd; }
int setCryptPwd( const string& val );
- void clearCryptPwd() { crypt_pwd.erase(); }
+ void clearCryptPwd() { crypt_pwd.erase(); orig_crypt_pwd.erase(); }
+ bool needCryptPwd() const;
const string& getMount() const { return mp; }
bool hasOrigMount() const { return !orig_mp.empty(); }
bool needRemount() const;
@@ -244,12 +245,14 @@
bool getLoopFile( string& fname ) const;
void setExtError( const SystemCmd& cmd, bool serr=true );
string getDmcryptName();
- bool needLosetup() const;
+ bool needLosetup( bool urgent ) const;
bool needCryptsetup() const;
int doLosetup();
int doCryptsetup();
int loUnsetup( bool force=false );
int cryptUnsetup( bool force=false );
+ bool pwdLengthOk( storage::EncryptType typ, const string& val,
+ bool format ) const;
std::ostream& logVolume( std::ostream& file ) const;
string getLosetupCmd( storage::EncryptType, const string& pwdfile ) const;
@@ -292,6 +295,7 @@
string dmcrypt_dev;
string fstab_loop_dev;
string crypt_pwd;
+ string orig_crypt_pwd;
string nm;
std::list<string> alt_names;
unsigned num;
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/fstab1.cc
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/fstab1.cc?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/fstab1.cc (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/fstab1.cc Tue Dec 22 17:57:36 2009
@@ -105,10 +105,15 @@
bool val = false;
+ cout << s->changeFormatVolume("/dev/hda1", true, EXT3 ) << '\n';
cout << s->setCryptPassword ("/dev/hda1", "test") << '\n'; // FAILS
-
cout << s->setCrypt ("/dev/hda1", true) << '\n'; // FAILS
+ cout << s->changeFormatVolume("/dev/hda1", false, EXT3 ) << '\n';
+ cout << s->setCryptPassword("/dev/hda1", "test") << '\n';
+ cout << s->setCrypt("/dev/hda1", true) << '\n';
+
+ cout << s->changeFormatVolume("/dev/hda1", true, EXT3 ) << '\n';
cout << s->setCryptPassword ("/dev/hda1", "hello-world") << '\n';
cout << s->setCrypt ("/dev/hda1", true) << '\n';
Modified: branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/single.out/fstab1.out
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/single.out/fstab1.out?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/single.out/fstab1.out (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/libstorage/testsuite/single.out/fstab1.out Tue Dec 22 17:57:36 2009
@@ -35,11 +35,16 @@
0
user_xattr,noauto
crypt1
+0
-3015
-3014
0
0
0
+0
+0
+0
+0
1
0
0
Modified: branches/SuSE-Code-11-SP1-Branch/storage/package/yast2-storage.changes
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/package/yast2-storage.changes?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/package/yast2-storage.changes (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/package/yast2-storage.changes Tue Dec 22 17:57:36 2009
@@ -1,4 +1,20 @@
-------------------------------------------------------------------
+Mon Dec 21 13:03:03 CET 2009 - fehr@suse.de
+
+- backported crypt related fixes from HEAD
+ fix detection of encrypted swap and temp filesystems (bnc#435337)
+ fix various bugs handling encrypted devices
+ fix handling of inactive swap file entry in fstab (bnc#504497)
+ do some changes in handling of encrypted passwords (bnc#466196, bnc#480739)
+ use "crypt" fstab entry when "user" is set, not any more when "noauto" set
+ add capability to verify passwords of file based loop devices (bnc#467987)
+ check crypt password different depending on format flag
+ fix detection of existing file based loop devices
+ fix edit mode for existing file based loop devices (bnc#480736)
+ get rid of ClassifiedSettings in Storage.ycp
+ make removal of loop based files work again (bnc#480738)
+
+-------------------------------------------------------------------
Thu Dec 17 10:48:33 CET 2009 - aschnell@suse.de
- fixed BIOS ID for MDs (bnc #565222)
@@ -11,14 +27,14 @@
-------------------------------------------------------------------
Thu Dec 10 17:58:03 CET 2009 - aschnell@suse.de
-- run swapon with --fixpgsz (see bnc #433028) (requires util-linux
+- run swapon with --fixpgsz (see bnc#433028) (requires util-linux
2.16)
-------------------------------------------------------------------
Thu Dec 03 10:38:39 CET 2009 - fehr@suse.de
- avoid data loss on encrypted partitions using non-LUKS encryption
- when integrating them into system (#557607)
+ when integrating them into system (bnc #557607)
- 2.17.86
-------------------------------------------------------------------
Modified: branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/custom_part_lib.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/custom_part_lib.ycp?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/custom_part_lib.ycp (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/custom_part_lib.ycp Tue Dec 22 17:57:36 2009
@@ -626,8 +626,6 @@
ret["ok"] = Storage::SetCryptPwd( dev, fs_passwd ) &&
(new["format"]:false ||
Storage::SetCrypt( dev, true, new["format"]:false ));
- if( ret["ok"]:false && new["type"]:`unknown == `loop )
- Storage::UpdateClassified( new["fpath"]:"", fs_passwd );
if( popup )
UI::CloseDialog();
}
Modified: branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/do_proposal_flexible.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/do_proposal_flexible.ycp?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/do_proposal_flexible.ycp (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/do_proposal_flexible.ycp Tue Dec 22 17:57:36 2009
@@ -183,7 +183,7 @@
if (contains(devices, part_device))
{
partition["enc_type"] = `luks;
- Storage::UpdateClassified(part_device, Storage::ProposalPassword());
+ Storage::SetCryptPwd(part_device, Storage::ProposalPassword());
}
return partition;
});
Modified: branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/ep-dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/ep-dialogs.ycp?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/ep-dialogs.ycp (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/storage/src/include/ep-dialogs.ycp Tue Dec 22 17:57:36 2009
@@ -71,15 +71,13 @@
boolean AskPassword()
{
- if (!NeedPassword())
- return false;
-
- // TODO: this is ugly
- string key = (data["type"]:`unknown != `loop) ? (data["device"]:"error") : (data["fpath"]:"error");
- if (Storage::HasClassified(key))
- return false;
-
- return true;
+ boolean ret = NeedPassword();
+ if( ret && !do_format && size(data["mount"]:"")>0 )
+ {
+ string key = (data["type"]:`unknown != `loop) ? (data["device"]:"error") : (data["fpath"]:"error");
+ ret = Storage::NeedCryptPwd(key);
+ }
+ return ret;
}
@@ -488,6 +486,8 @@
UI::ChangeWidget(`id(`pw1), `Value, "");
UI::ChangeWidget(`id(`pw2), `Value, "");
+ string dev = (data["type"]:`unknown != `loop) ? data["device"]:""
+ : data["fpath"]:"";
repeat
{
widget = MiniWorkflow::UserInput();
@@ -496,8 +496,11 @@
{
password = (string) UI::QueryWidget(`id(`pw1), `Value);
string tmp = (string) UI::QueryWidget(`id(`pw2), `Value);
+ boolean need_verify = !data["format"]:false &&
+ size(data["mount"]:"")>0;
- if (!Storage::CheckEncryptionPasswords(password, tmp, min_pw_len, empty_pw_allowed))
+ if (!Storage::CheckEncryptionPasswords(password, tmp, min_pw_len, empty_pw_allowed) ||
+ (need_verify && !Storage::CheckCryptOk(dev, password)) )
{
UI::SetFocus(`id(`pw1) );
widget = `again;
@@ -508,10 +511,7 @@
if (widget == `next)
{
- if (data["type"]:`unknown != `loop)
- Storage::UpdateClassified(data["device"]:"", password);
- else
- Storage::UpdateClassified(data["fpath"]:"", password);
+ Storage::SetCryptPwd(dev, password);
widget = `finish;
}
Modified: branches/SuSE-Code-11-SP1-Branch/storage/storage/src/modules/Storage.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-SP1-Branch/storage/storage/src/modules/Storage.ycp?rev=60185&r1=60184&r2=60185&view=diff
==============================================================================
--- branches/SuSE-Code-11-SP1-Branch/storage/storage/src/modules/Storage.ycp (original)
+++ branches/SuSE-Code-11-SP1-Branch/storage/storage/src/modules/Storage.ycp Tue Dec 22 17:57:36 2009
@@ -72,9 +72,6 @@
import "LibStorage::Environment";
-global void UpdateClassified(string key, string pwd);
-
-
map conv_ctype =
$[ "def_sym" : `CT_UNKNOWN,
"def_int" : LibStorage::CUNKNOWN(),
@@ -169,7 +166,6 @@
map DiskMapVersion = $[];
map DiskMap = $[];
-map ClassifiedSettings = $[];
map type_order = $[ `CT_DISK : 0, `CT_MD : 1, `CT_MDPART : 2, `CT_DMRAID : 3,
`CT_DMMULTIPATH : 4, `CT_LOOP : 5, `CT_DM : 6, `CT_LVM : 7,
`CT_NFS : 8 ];
@@ -753,6 +749,12 @@
``(p["device"]:""==device ));
pa = part[0]:$[];
}
+ if( size(pa)==0 && search(device, "/dev/mapper/")==0 )
+ {
+ part = filter( map p, tg["/dev/loop","partitions"]:[],
+ ``(p["device"]:""==device ));
+ pa = part[0]:$[];
+ }
if( size(pa)>0 )
ret = add( ret, pa );
});
@@ -2716,21 +2718,6 @@
else
y2milestone( "ChangeVolumeProperties sint ret:%1", ret );
}
- if( ret==0 &&
- part["enc_type"]:`none != `none && haskey( ClassifiedSettings, dev ) )
- {
- changed = true;
- if( size(ClassifiedSettings[dev]:"")>0 )
- {
- string pwd = ClassifiedSettings[dev]:"";
- ret = LibStorage::StorageInterface::setCryptPassword( sint, dev,
- pwd );
- if( ret<0 )
- y2error( "ChangeVolumeProperties sint ret:%1", ret );
- else
- y2milestone( "ChangeVolumeProperties sint ret:%1", ret );
- }
- }
if( ret==0 && part["enc_type"]:`none != curr["enc_type"]:`none )
{
changed = true;
@@ -3075,23 +3062,52 @@
return ret;
}
+global string GetCryptPwd( string device )
+ {
+ string pwd="";
+ y2milestone( "GetCryptPwd device:%1", device );
+ integer ret = 0;
+ ret = LibStorage::StorageInterface::getCryptPassword( sint, device, pwd );
+ if( ret<0 )
+ y2error( "GetCryptPwd sint ret:%1", ret );
+ else
+ y2milestone( "GetCryptPwd empty:%1", size(pwd)==0 );
+ return( pwd );
+ }
+
+global boolean SetCryptPwd( string device, string pwd )
+ {
+ y2milestone( "SetCryptPwd device:%1", device );
+ integer ret = 0;
+ ret = LibStorage::StorageInterface::setCryptPassword( sint, device, pwd );
+ if( ret<0 )
+ y2error( "SetCryptPwd sint ret:%1", ret );
+ else
+ y2milestone( "SetCryptPwd sint ret:%1", ret );
+ return( ret==0 );
+ }
+
+global boolean NeedCryptPwd( string device )
+ {
+ boolean ret = false;
+ ret = LibStorage::StorageInterface::needCryptPassword( sint, device );
+ y2milestone( "NeedCryptPwd device:%1 ret:%2", device, ret );
+ return( ret );
+ }
+
global string CreateLoop( string file, boolean create, integer sizeK,
string mp )
{
y2milestone( "CreateLoop file:%1 create:%2 sizeK:%3 mp:%4", file, create,
sizeK, mp );
string dev = "";
- integer ret = -9999;
- if( haskey( ClassifiedSettings, file ))
- {
- string pwd = ClassifiedSettings[file]:"";
- ret = LibStorage::StorageInterface::createFileLoop( sint, file, !create,
- sizeK, mp, pwd,
- dev );
- UpdateClassified(dev, pwd);
- }
+ integer ret = 0;
+ string pwd = GetCryptPwd( file );
+ ret = LibStorage::StorageInterface::createFileLoop( sint, file, !create,
+ sizeK, mp, pwd, dev );
if( ret<0 )
y2error( "CreateLoop sint ret:%1", ret );
+ LibStorage::StorageInterface::forgetCryptPassword( sint, file );
UpdateTargetMapDisk( "/dev/loop" );
y2milestone( "CreateLoop dev:%1", dev );
return( dev );
@@ -3121,17 +3137,9 @@
global void UpdateClassified( string key, string pwd )
{
- ClassifiedSettings[key] = pwd;
- //y2milestone( "ClassifiedSettings %1", ClassifiedSettings );
+ LibStorage::StorageInterface::setCryptPassword( sint, key, pwd );
}
-
-global boolean HasClassified(string key)
-{
- return haskey(ClassifiedSettings, key);
-}
-
-
define void HandleModulesOnBoot( map targetMap );
global boolean UpdateLoop( string dev, string file, boolean create,
@@ -3161,43 +3169,6 @@
return( ret==0 );
}
-global string GetCryptPwd( string device )
- {
- string pwd="";
- y2milestone( "GetCryptPwd device:%1", device );
- if( size(ClassifiedSettings[device]:"")>0 )
- pwd = ClassifiedSettings[device]:"";
- else
- {
- integer ret = 0;
- ret = LibStorage::StorageInterface::getCryptPassword( sint, device,
- pwd );
- if( ret<0 )
- y2error( "GetCryptPwd sint ret:%1", ret );
- }
- y2milestone( "GetCryptPwd empty:%1", size(pwd)==0 );
- return( pwd );
- }
-
-global boolean SetCryptPwd( string device, string pwd )
- {
- y2milestone( "SetCryptPwd device:%1", device );
- integer ret = LibStorage::StorageInterface::setCryptPassword( sint, device,
- pwd );
- y2milestone( "SetCryptPwd sint ret:%1", ret );
- map p = GetPartition( GetTargetMap(), device );
- if( ret==LibStorage::STORAGE_VOLUME_NOT_FOUND() || p["create"]:false )
- {
- ClassifiedSettings[device] = pwd;
- y2milestone( "setting classified %1 pwd size %2", device, size(pwd) );
- ret = 0;
- }
- else if( ret<0 )
- y2error( "SetCryptPwd sint ret:%1", ret );
- return( ret==0 );
- }
-
-
global string DefaultDiskLabel(integer size_k)
{
y2milestone("DefaultDiskLabel size_k:%1", size_k );
@@ -3814,7 +3785,6 @@
integer ret = LibStorage::StorageInterface::commit( sint );
if( ret<0 )
y2error( "CommitChanges sint ret:%1", ret );
- ClassifiedSettings = $[];
return( ret );
}
@@ -6733,5 +6703,20 @@
return true;
}
+global boolean CheckCryptOk( string dev, string fs_passwd )
+ {
+ integer i = LibStorage::StorageInterface::verifyCryptPassword( sint, dev, fs_passwd );
+ if( i!=0 )
+ Popup::Error( sformat(_("Could not set encryption.
+System error code is %1.
+
+The crypt password provided could be incorrect.
+"), i ));
+ y2milestone( "CheckCryptOk dev:%1 pwlen:%2 ret:%3",
+ dev, size(fs_passwd), i==0 );
+ return( i==0 );
+ }
+
}
+
--
To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org
For additional commands, e-mail: yast-commit+help@opensuse.org