Hi,
I tested your patch and actually it doesn't solve the bug.
For example, if "hash=sha512" is provided in /etc/crypttab, the first >
if (!streq(arg_hash, "plain"))
is true, and the
> + } else if (!key_file)
is not reached.
So I suggest rewriting the patch, or applying my original patch, that is
maybe less elegant, but has both advantages to work and be easily readable.
Best regards,
Quentin
On 24/11/2014 15:14, Zbigniew Jędrzejewski-Szmek wrote :
src/cryptsetup/cryptsetup.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit 8a52210c9392887a31fdb2845f65b4c5869e8e66
Author: Zbigniew Jędrzejewski-Szmek <zbys...@in.waw.pl>
Date: Mon Nov 24 09:11:12 2014 -0500
cryptsetup: default to no hash when keyfile is specified
For plain dm-crypt devices, the behavior of cryptsetup package is to
ignore the hash algorithm when a key file is provided. It seems wrong
to ignore a hash when it is explicitly specified, but we should default
to no hash if the keyfile is specified.
https://bugs.freedesktop.org/show_bug.cgi?id=52630
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 94570eb..b9e67fa 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -400,7 +400,9 @@ static int attach_luks_or_plain(struct crypt_device *cd,
/* plain isn't a real hash type. it just means "use no
hash" */
if (!streq(arg_hash, "plain"))
params.hash = arg_hash;
- } else
+ } else if (!key_file)
+ /* for CRYPT_PLAIN, the behaviour of cryptsetup
+ * package is to not hash when a key file is provided
*/
params.hash = "ripemd160";
if (arg_cipher) {
_______________________________________________
systemd-commits mailing list
systemd-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-commits
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
