From 1f9e0d9533e970a79bb9a525b5e407bf80f6fc5b Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Mon, 6 Jul 2020 08:53:58 -0300
Subject: [PATCH] luks: fix handling of devices in clevis-luks-askpass to
 handle

---
 src/luks/systemd/clevis-luks-askpass | 23 ++++++++++++++++++++---
 1 file changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/luks/systemd/clevis-luks-askpass b/src/luks/systemd/clevis-luks-askpass
index feebb1a..5719ab6 100755
--- a/src/luks/systemd/clevis-luks-askpass
+++ b/src/luks/systemd/clevis-luks-askpass
@@ -23,6 +23,12 @@ UUID=cb6e8904-81ff-40da-a84a-07ab9ab5715e
 
 shopt -s nullglob
 
+clevis_is_luks_device_by_uuid_open() {
+    local LUKS_UUID="${1}"
+    [ -z "${LUKS_UUID}" ] && return 1
+    test -b /dev/disk/by-id/dm-uuid-*"${LUKS_UUID//-/}"*
+}
+
 path=/run/systemd/ask-password
 while getopts ":lpu:" o; do
     case "$o" in
@@ -49,9 +55,13 @@ while true; do
             esac
         done < "$question"
 
-        [ -z "$d" -o -z "$s" ] && continue
-        [[ -n "${device_uuid}" ]] && [[ "${d}" != *"${device_uuid}"* ]] \
-            && continue
+        [ -b "${d}" ] || continue
+        [ -S "${s}" ] || continue
+
+        if [ -n "${device_uuid}" ]; then
+            uuid="$(cryptsetup luksUUID "${d}")"
+            [ "${uuid}" != "${device_uuid}" ] && todo=1 && continue
+        fi
 
         if cryptsetup isLuks --type luks1 "$d"; then
             # If the device is not initialized, sliently skip it.
@@ -89,6 +99,13 @@ while true; do
         todo=$((todo + 1))
     done
 
+    if [ -n "${device_uuid}" ]; then
+        [ ! -b /dev/disk/by-uuid/"${device_uuid}" ] && break
+        if clevis_is_luks_device_by_uuid_open "${device_uuid}"; then
+            break
+        fi
+    fi
+
     if [ $todo -eq 0 ] || [ "$loop" != "true" ]; then
         break;
     fi
-- 
2.18.4