Blame SOURCES/volume_key-0.3.9-dont-use-crypt_get_error.patch

1f1adc
From ecef526a51c5a276681472fd6df239570c9ce518 Mon Sep 17 00:00:00 2001
1f1adc
From: Miloslav Trmač <mitr@redhat.com>
1f1adc
Date: Nov 07 2017 15:55:55 +0000
1f1adc
Subject: Stop using crypt_get_error
1f1adc
1f1adc
1f1adc
Instead of crypt_get_error, which has been removed in cryptsetup 2.0,
1f1adc
set up a log callback, which is available in both older and newer
1f1adc
versions.
1f1adc
1f1adc
Fixes #13.
1f1adc
1f1adc
---
1f1adc
1f1adc
diff --git a/lib/volume_luks.c b/lib/volume_luks.c
1f1adc
index 14794d7..f4bf2c8 100644
1f1adc
--- a/lib/volume_luks.c
1f1adc
+++ b/lib/volume_luks.c
1f1adc
@@ -61,17 +61,13 @@ my_strerror (int err_no)
1f1adc
 }
1f1adc
 
1f1adc
 /* Set ERROR based on libcryptsetup error state after returning RES.
1f1adc
-   Use CODE. */
1f1adc
+   Use CODE and LAST_LOG_ENTRY. */
1f1adc
 static void
1f1adc
-error_from_cryptsetup (GError **error, LIBVKError code, int res)
1f1adc
+error_from_cryptsetup (GError **error, LIBVKError code, int res,
1f1adc
+		       char *last_log_entry)
1f1adc
 {
1f1adc
-  /* It's not possible to get the error message length from libcryptsetup, just
1f1adc
-     guess. */
1f1adc
-  char crypt_msg[4096];
1f1adc
-
1f1adc
-  crypt_get_error (crypt_msg, sizeof (crypt_msg));
1f1adc
-  if (crypt_msg[0] != '\0')
1f1adc
-    g_set_error (error, LIBVK_ERROR, code, "%s", crypt_msg);
1f1adc
+  if (last_log_entry != NULL && last_log_entry[0] != '\0')
1f1adc
+    g_set_error (error, LIBVK_ERROR, code, "%s", last_log_entry);
1f1adc
   else
1f1adc
     {
1f1adc
       char *s;
1f1adc
@@ -82,17 +78,33 @@ error_from_cryptsetup (GError **error, LIBVKError code, int res)
1f1adc
     }
1f1adc
 }
1f1adc
 
1f1adc
+static void
1f1adc
+record_cryptsetup_log_entry (int level, const char *msg, void *usrptr)
1f1adc
+{
1f1adc
+  char **last_log_entry = usrptr;
1f1adc
+
1f1adc
+  if (level == CRYPT_LOG_ERROR)
1f1adc
+    {
1f1adc
+      g_free (*last_log_entry);
1f1adc
+      *last_log_entry = g_strdup (msg);
1f1adc
+    }
1f1adc
+}
1f1adc
+
1f1adc
 /* Open volume PATH and load its header.
1f1adc
+   Set up *LAST_LOG_ENTRY to be updated to the last logged message for the
1f1adc
+   device.  The caller must g_free(*LAST_LOG_ENTRY) after closing the device.
1f1adc
    Return the volume, or NULL on error. */
1f1adc
 static struct crypt_device *
1f1adc
-open_crypt_device (const char *path, GError **error)
1f1adc
+open_crypt_device (const char *path, char **last_log_entry, GError **error)
1f1adc
 {
1f1adc
   struct crypt_device *cd;
1f1adc
   int r;
1f1adc
 
1f1adc
+  *last_log_entry = NULL;
1f1adc
   r = crypt_init (&cd, path);
1f1adc
   if (r < 0)
1f1adc
     goto err;
1f1adc
+  crypt_set_log_callback(cd, record_cryptsetup_log_entry, last_log_entry);
1f1adc
   r = crypt_load (cd, CRYPT_LUKS1, NULL);
1f1adc
   if (r < 0)
1f1adc
     goto err_cd;
1f1adc
@@ -101,9 +113,12 @@ open_crypt_device (const char *path, GError **error)
1f1adc
  err_cd:
1f1adc
   crypt_free (cd);
1f1adc
  err:
1f1adc
-  error_from_cryptsetup (error, LIBVK_ERROR_VOLUME_UNKNOWN_FORMAT, r);
1f1adc
+  error_from_cryptsetup (error, LIBVK_ERROR_VOLUME_UNKNOWN_FORMAT, r,
1f1adc
+			 *last_log_entry);
1f1adc
   g_prefix_error (error, _("Error getting information about volume `%s': "),
1f1adc
 		  path);
1f1adc
+  g_free (*last_log_entry);
1f1adc
+  *last_log_entry = NULL;
1f1adc
   return NULL;
1f1adc
 }
1f1adc
 
1f1adc
@@ -173,10 +188,11 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
1f1adc
 {
1f1adc
   struct luks_volume *luks;
1f1adc
   struct crypt_device *cd;
1f1adc
+  char *last_log_entry;
1f1adc
   const char *uuid;
1f1adc
 
1f1adc
   (void)vol;
1f1adc
-  cd = open_crypt_device (path, error);
1f1adc
+  cd = open_crypt_device (path, &last_log_entry, error);
1f1adc
   if (cd == NULL)
1f1adc
     return NULL;
1f1adc
   /* A bit of paranoia */
1f1adc
@@ -187,6 +203,7 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
1f1adc
 		   _("UUID mismatch between libblkid and libcryptsetup: `%s' "
1f1adc
 		     "vs. `%s'"), vol->uuid, uuid);
1f1adc
       crypt_free (cd);
1f1adc
+      g_free (last_log_entry);
1f1adc
       return NULL;
1f1adc
     }
1f1adc
 
1f1adc
@@ -195,6 +212,7 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
1f1adc
   luks->cipher_mode = g_strdup (crypt_get_cipher_mode (cd));
1f1adc
   luks->key_bytes = crypt_get_volume_key_size (cd);
1f1adc
   crypt_free (cd);
1f1adc
+  g_free (last_log_entry);
1f1adc
 
1f1adc
   luks->key = NULL;
1f1adc
   luks->passphrase = NULL;
1f1adc
@@ -256,7 +274,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
 		 const struct libvk_ui *ui, GError **error)
1f1adc
 {
1f1adc
   struct crypt_device *cd;
1f1adc
-  char *passphrase;
1f1adc
+  char *last_log_entry, *passphrase;
1f1adc
   void *key;
1f1adc
   size_t key_length;
1f1adc
   int slot;
1f1adc
@@ -276,7 +294,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
 		   _("Encryption information type unsupported in LUKS"));
1f1adc
       goto err;
1f1adc
     }
1f1adc
-  cd = open_crypt_device (vol->path, error);
1f1adc
+  cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
   if (cd == NULL)
1f1adc
     goto err;
1f1adc
   key_length = crypt_get_volume_key_size (cd);
1f1adc
@@ -303,7 +321,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
       g_free_passphrase (passphrase);
1f1adc
       if (r != -EPERM)
1f1adc
 	{
1f1adc
-	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
1f1adc
+	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
1f1adc
 	  g_prefix_error (error, _("Error getting LUKS data encryption key: "));
1f1adc
 	  goto err_prompt;
1f1adc
 	}
1f1adc
@@ -322,12 +340,14 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
   vol->v.luks->passphrase_slot = slot;
1f1adc
   g_free (prompt);
1f1adc
   crypt_free (cd);
1f1adc
+  g_free (last_log_entry);
1f1adc
   return 0;
1f1adc
 
1f1adc
  err_prompt:
1f1adc
   g_free (prompt);
1f1adc
   g_free_key (key, key_length);
1f1adc
   crypt_free (cd);
1f1adc
+  g_free (last_log_entry);
1f1adc
  err:
1f1adc
   return -1;
1f1adc
 }
1f1adc
@@ -383,11 +403,12 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
   if (packet->v.luks->key != NULL)
1f1adc
     {
1f1adc
       struct crypt_device *cd;
1f1adc
+      char *last_log_entry;
1f1adc
       int r;
1f1adc
 
1f1adc
       g_return_val_if_fail (vol->v.luks->key_bytes == packet->v.luks->key_bytes,
1f1adc
 			    -1);
1f1adc
-      cd = open_crypt_device (vol->path, error);
1f1adc
+      cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
       if (cd == NULL)
1f1adc
 	return -1;
1f1adc
       r = crypt_volume_key_verify (cd, packet->v.luks->key,
1f1adc
@@ -395,21 +416,25 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
       crypt_free (cd);
1f1adc
       if (r < 0)
1f1adc
 	{
1f1adc
-	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r);
1f1adc
+	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r,
1f1adc
+				 last_log_entry);
1f1adc
 	  g_prefix_error (error, _("LUKS data encryption key in packet is "
1f1adc
 				   "invalid: "));
1f1adc
+	  g_free (last_log_entry);
1f1adc
 	  return -1;
1f1adc
 	}
1f1adc
+      g_free (last_log_entry);
1f1adc
       luks_replace_key (vol, packet->v.luks->key);
1f1adc
     }
1f1adc
   if (packet->v.luks->passphrase != NULL)
1f1adc
     {
1f1adc
       struct crypt_device *cd;
1f1adc
+      char *last_log_entry;
1f1adc
       void *key;
1f1adc
       size_t key_size;
1f1adc
       int r;
1f1adc
 
1f1adc
-      cd = open_crypt_device (vol->path, error);
1f1adc
+      cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
       if (cd == NULL)
1f1adc
 	return -1;
1f1adc
       key_size = crypt_get_volume_key_size (cd);
1f1adc
@@ -420,10 +445,13 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
       crypt_free (cd);
1f1adc
       if (r < 0)
1f1adc
 	{
1f1adc
-	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r);
1f1adc
+	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r,
1f1adc
+				 last_log_entry);
1f1adc
 	  g_prefix_error (error, _("LUKS passphrase in packet is invalid: "));
1f1adc
+	  g_free (last_log_entry);
1f1adc
 	  return -1;
1f1adc
 	}
1f1adc
+      g_free (last_log_entry);
1f1adc
       luks_replace_passphrase (vol, packet->v.luks->passphrase);
1f1adc
       vol->v.luks->passphrase_slot = r;
1f1adc
       if (packet->v.luks->key == NULL)
1f1adc
@@ -446,7 +474,7 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
 		   GError **error)
1f1adc
 {
1f1adc
   struct crypt_device *cd;
1f1adc
-  char *prompt, *prompt2, *error_prompt, *passphrase;
1f1adc
+  char *last_log_entry, *prompt, *prompt2, *error_prompt, *passphrase;
1f1adc
   unsigned failed;
1f1adc
   int res;
1f1adc
 
1f1adc
@@ -498,7 +526,7 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
   goto err_prompts;
1f1adc
 
1f1adc
  got_passphrase:
1f1adc
-  cd = open_crypt_device (vol->path, error);
1f1adc
+  cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
   if (cd == NULL)
1f1adc
     goto err_passphrase;
1f1adc
   res = crypt_keyslot_add_by_volume_key (cd, CRYPT_ANY_SLOT,
1f1adc
@@ -508,10 +536,12 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
1f1adc
   crypt_free (cd);
1f1adc
   if (res < 0)
1f1adc
     {
1f1adc
-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res);
1f1adc
+      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res, last_log_entry);
1f1adc
       g_prefix_error (error, _("Error adding a LUKS passphrase"));
1f1adc
+      g_free (last_log_entry);
1f1adc
       goto err_passphrase;
1f1adc
     }
1f1adc
+  g_free (last_log_entry);
1f1adc
 
1f1adc
   g_return_val_if_fail (vol->v.luks->key_bytes == packet->v.luks->key_bytes,
1f1adc
 			-1);
1f1adc
@@ -542,6 +572,7 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
 		 const void *secret, size_t size, GError **error)
1f1adc
 {
1f1adc
   struct crypt_device *cd;
1f1adc
+  char *last_log_entry;
1f1adc
   int res;
1f1adc
 
1f1adc
   if (secret_type != LIBVK_SECRET_PASSPHRASE)
1f1adc
@@ -562,7 +593,7 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
 		   _("The passphrase must be a string"));
1f1adc
       return -1;
1f1adc
     }
1f1adc
-  cd = open_crypt_device (vol->path, error);
1f1adc
+  cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
   if (cd == NULL)
1f1adc
     return -1;
1f1adc
   res = crypt_keyslot_add_by_volume_key (cd, CRYPT_ANY_SLOT, vol->v.luks->key,
1f1adc
@@ -570,10 +601,12 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
1f1adc
   crypt_free (cd);
1f1adc
   if (res < 0)
1f1adc
     {
1f1adc
-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res);
1f1adc
+      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res, last_log_entry);
1f1adc
       g_prefix_error (error, _("Error adding a LUKS passphrase"));
1f1adc
+      g_free (last_log_entry);
1f1adc
       return -1;
1f1adc
     }
1f1adc
+  g_free (last_log_entry);
1f1adc
 
1f1adc
   luks_replace_passphrase (vol, secret);
1f1adc
   vol->v.luks->passphrase_slot = res;
1f1adc
@@ -823,12 +856,13 @@ luks_open_with_packet (struct libvk_volume *vol,
1f1adc
 		       GError **error)
1f1adc
 {
1f1adc
   struct crypt_device *cd;
1f1adc
+  char *last_log_entry;
1f1adc
   void *to_free;
1f1adc
   const void *key;
1f1adc
   int r;
1f1adc
   size_t key_size;
1f1adc
 
1f1adc
-  cd = open_crypt_device (vol->path, error);
1f1adc
+  cd = open_crypt_device (vol->path, &last_log_entry, error);
1f1adc
   if (cd == NULL)
1f1adc
     goto err;
1f1adc
   if (packet->v.luks->key != NULL)
1f1adc
@@ -846,7 +880,7 @@ luks_open_with_packet (struct libvk_volume *vol,
1f1adc
 				strlen (packet->v.luks->passphrase));
1f1adc
       if (r < 0)
1f1adc
 	{
1f1adc
-	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
1f1adc
+	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
1f1adc
 	  g_prefix_error (error, _("Error getting LUKS data encryption key: "));
1f1adc
 	  goto err_to_free;
1f1adc
 	}
1f1adc
@@ -862,7 +896,7 @@ luks_open_with_packet (struct libvk_volume *vol,
1f1adc
   r = crypt_activate_by_volume_key (cd, name, key, key_size, 0);
1f1adc
   if (r < 0)
1f1adc
     {
1f1adc
-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
1f1adc
+      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
1f1adc
       g_prefix_error (error, _("Error opening LUKS volume: "));
1f1adc
       goto err_to_free;
1f1adc
     }
1f1adc
@@ -870,6 +904,7 @@ luks_open_with_packet (struct libvk_volume *vol,
1f1adc
   if (to_free != NULL)
1f1adc
     g_free_key (to_free, key_size);
1f1adc
   crypt_free (cd);
1f1adc
+  g_free (last_log_entry);
1f1adc
   return 0;
1f1adc
 
1f1adc
  err_to_free:
1f1adc
@@ -877,6 +912,7 @@ luks_open_with_packet (struct libvk_volume *vol,
1f1adc
     g_free_key (to_free, key_size);
1f1adc
  err_cd:
1f1adc
   crypt_free (cd);
1f1adc
+  g_free (last_log_entry);
1f1adc
  err:
1f1adc
   return -1;
1f1adc
 }
1f1adc