From 2719ab3ee310a59ea64629852b507d63e3dbf0e5 Mon Sep 17 00:00:00 2001 From: Vojtech Trefny Date: Wed, 19 Dec 2018 11:04:51 +0100 Subject: [PATCH] crypto: Do not try to use keyring on systems without keyring support Older kernels doesn't support storing keys in keyring. Fortunately we can use 'crypt_active_device' to check if keyring is supported. --- src/plugins/crypto.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c index 6b5be9d0..963ab457 100644 --- a/src/plugins/crypto.c +++ b/src/plugins/crypto.c @@ -1444,6 +1444,7 @@ gboolean bd_crypto_luks_change_key (const gchar *device, const gchar *pass, cons static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint8 *pass_data, gsize data_len, const gchar *key_file, GError **error) { struct crypt_device *cd = NULL; + struct crypt_active_device cad; gint ret = 0; guint64 progress_id = 0; gchar *msg = NULL; @@ -1463,6 +1464,16 @@ static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint return FALSE; } + ret = crypt_get_active_device (cd, luks_device, &cad); + if (ret != 0) { + g_set_error (error, BD_CRYPTO_ERROR, BD_CRYPTO_ERROR_DEVICE, + "Failed to get information about '%s': %s", + luks_device, strerror_l(-ret, c_locale)); + crypt_free (cd); + bd_utils_report_finished (progress_id, (*error)->message); + return FALSE; + } + if (pass_data || key_file) { if (key_file) { success = g_file_get_contents (key_file, &key_buffer, &buf_len, error); @@ -1478,7 +1489,7 @@ static gboolean luks_resize (const gchar *luks_device, guint64 size, const guint #ifdef LIBCRYPTSETUP_2 ret = crypt_activate_by_passphrase (cd, NULL, CRYPT_ANY_SLOT, key_buffer ? key_buffer : (char*) pass_data, - buf_len, CRYPT_ACTIVATE_KEYRING_KEY); + buf_len, cad.flags & CRYPT_ACTIVATE_KEYRING_KEY); #else ret = crypt_activate_by_passphrase (cd, NULL, CRYPT_ANY_SLOT, key_buffer ? key_buffer : (char*) pass_data,