picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cryptsetup: give command line parameters proper names 

It's highly confusing to reference the command line parameters via
argv[] indexes. Let's clean this up, and introduce properly named local
variables that make this easier to follow.

No actualy code changes, just some renaming of variables.
This commit is contained in:
Lennart Poettering 2020-11-25 11:42:09 +01:00
parent fea909c1b9
commit da2268f9d7
1 changed files with 45 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
src/cryptsetup/cryptsetup.c
View File

@ -855,6 +855,7 @@ static void remove_and_erasep(const char **p) {
static int run(int argc, char *argv[]) { static int run(int argc, char *argv[]) {
_cleanup_(crypt_freep) struct crypt_device *cd = NULL; _cleanup_(crypt_freep) struct crypt_device *cd = NULL;
const char *verb;
int r; int r;
if (argc <= 1) if (argc <= 1)
@ -870,39 +871,44 @@ static int run(int argc, char *argv[]) {
umask(0022); umask(0022);
if (streq(argv[1], "attach")) { verb = argv[1];
if (streq(verb, "attach")) {
_cleanup_(remove_and_erasep) const char *destroy_key_file = NULL;
_cleanup_(erase_and_freep) void *key_data = NULL;
const char *volume, *source, *key_file, *options;
crypt_status_info status;
size_t key_data_size = 0;
uint32_t flags = 0; uint32_t flags = 0;
unsigned tries; unsigned tries;
usec_t until; usec_t until;
crypt_status_info status;
_cleanup_(remove_and_erasep) const char *destroy_key_file = NULL;
const char *key_file = NULL;
_cleanup_(erase_and_freep) void *key_data = NULL;
size_t key_data_size = 0;
/* Arguments: systemd-cryptsetup attach VOLUME SOURCE-DEVICE [PASSWORD] [OPTIONS] */ /* Arguments: systemd-cryptsetup attach VOLUME SOURCE-DEVICE [PASSWORD] [OPTIONS] */
if (argc < 4) if (argc < 4)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "attach requires at least two arguments."); return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "attach requires at least two arguments.");
if (!filename_is_valid(argv[2])) volume = argv[2];
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", argv[2]); source = argv[3];
key_file = argc >= 5 && !STR_IN_SET(argv[4], "", "-", "none") ? argv[4] : NULL;
options = argc >= 6 && !STR_IN_SET(argv[5], "", "-", "none") ? argv[5] : NULL;
if (argc >= 5 && !STR_IN_SET(argv[4], "", "-", "none")) { if (!filename_is_valid(volume))
if (path_is_absolute(argv[4])) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
key_file = argv[4];
else if (key_file && !path_is_absolute(key_file)) {
log_warning("Password file path '%s' is not absolute. Ignoring.", argv[4]); log_warning("Password file path '%s' is not absolute. Ignoring.", key_file);
key_file = NULL;
} }
if (argc >= 6 && !STR_IN_SET(argv[5], "", "-", "none")) { if (options) {
r = parse_options(argv[5]); r = parse_options(options);
if (r < 0) if (r < 0)
return r; return r;
} }
log_debug("%s %s ← %s type=%s cipher=%s", __func__, log_debug("%s %s ← %s type=%s cipher=%s", __func__,
argv[2], argv[3], strempty(arg_type), strempty(arg_cipher)); volume, source, strempty(arg_type), strempty(arg_cipher));
/* A delicious drop of snake oil */ /* A delicious drop of snake oil */
(void) mlockall(MCL_FUTURE); (void) mlockall(MCL_FUTURE);
@ -911,14 +917,14 @@ static int run(int argc, char *argv[]) {
_cleanup_free_ char *bindname = NULL; _cleanup_free_ char *bindname = NULL;
const char *fn; const char *fn;
bindname = make_bindname(argv[2]); bindname = make_bindname(volume);
if (!bindname) if (!bindname)
return log_oom(); return log_oom();
/* If a key file is not explicitly specified, search for a key in a well defined /* If a key file is not explicitly specified, search for a key in a well defined
* search path, and load it. */ * search path, and load it. */
fn = strjoina(argv[2], ".key"); fn = strjoina(volume, ".key");
r = find_key_file( r = find_key_file(
fn, fn,
STRV_MAKE("/etc/cryptsetup-keys.d", "/run/cryptsetup-keys.d"), STRV_MAKE("/etc/cryptsetup-keys.d", "/run/cryptsetup-keys.d"),
@ -927,7 +933,7 @@ static int run(int argc, char *argv[]) {
if (r < 0) if (r < 0)
return r; return r;
if (r > 0) if (r > 0)
log_debug("Automatically discovered key for volume '%s'.", argv[2]); log_debug("Automatically discovered key for volume '%s'.", volume);
} else if (arg_keyfile_erase) } else if (arg_keyfile_erase)
destroy_key_file = key_file; /* let's get this baby erased when we leave */ destroy_key_file = key_file; /* let's get this baby erased when we leave */
@ -935,15 +941,15 @@ static int run(int argc, char *argv[]) {
log_debug("LUKS header: %s", arg_header); log_debug("LUKS header: %s", arg_header);
r = crypt_init(&cd, arg_header); r = crypt_init(&cd, arg_header);
} else } else
r = crypt_init(&cd, argv[3]); r = crypt_init(&cd, source);
if (r < 0) if (r < 0)
return log_error_errno(r, "crypt_init() failed: %m"); return log_error_errno(r, "crypt_init() failed: %m");
cryptsetup_enable_logging(cd); cryptsetup_enable_logging(cd);
status = crypt_status(cd, argv[2]); status = crypt_status(cd, volume);
if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) { if (IN_SET(status, CRYPT_ACTIVE, CRYPT_BUSY)) {
log_info("Volume %s already active.", argv[2]); log_info("Volume %s already active.", volume);
return 0; return 0;
} }
@ -971,16 +977,16 @@ static int run(int argc, char *argv[]) {
return log_error_errno(r, "Failed to load LUKS superblock on device %s: %m", crypt_get_device_name(cd)); return log_error_errno(r, "Failed to load LUKS superblock on device %s: %m", crypt_get_device_name(cd));
if (arg_header) { if (arg_header) {
r = crypt_set_data_device(cd, argv[3]); r = crypt_set_data_device(cd, source);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to set LUKS data device %s: %m", argv[3]); return log_error_errno(r, "Failed to set LUKS data device %s: %m", source);
} }
/* Tokens are available in LUKS2 only, but it is ok to call (and fail) with LUKS1. */ /* Tokens are available in LUKS2 only, but it is ok to call (and fail) with LUKS1. */
if (!key_file && !key_data) { if (!key_file && !key_data) {
r = crypt_activate_by_token(cd, argv[2], CRYPT_ANY_TOKEN, NULL, flags); r = crypt_activate_by_token(cd, volume, CRYPT_ANY_TOKEN, NULL, flags);
if (r >= 0) { if (r >= 0) {
log_debug("Volume %s activated with LUKS token id %i.", argv[2], r); log_debug("Volume %s activated with LUKS token id %i.", volume, r);
return 0; return 0;
} }
@ -1024,7 +1030,7 @@ static int run(int argc, char *argv[]) {
/* Ask the user for a passphrase only as last resort, if we have /* Ask the user for a passphrase only as last resort, if we have
* nothing else to check for */ * nothing else to check for */
r = get_password(argv[2], argv[3], until, tries == 0 && !arg_verify, &passwords); r = get_password(volume, source, until, tries == 0 && !arg_verify, &passwords);
if (r == -EAGAIN) if (r == -EAGAIN)
continue; continue;
if (r < 0) if (r < 0)
@ -1033,9 +1039,9 @@ static int run(int argc, char *argv[]) {
} }
if (streq_ptr(arg_type, CRYPT_TCRYPT)) if (streq_ptr(arg_type, CRYPT_TCRYPT))
r = attach_tcrypt(cd, argv[2], key_file, key_data, key_data_size, passwords, flags); r = attach_tcrypt(cd, volume, key_file, key_data, key_data_size, passwords, flags);
else else
r = attach_luks_or_plain_or_bitlk(cd, argv[2], key_file, key_data, key_data_size, passwords, flags, until); r = attach_luks_or_plain_or_bitlk(cd, volume, key_file, key_data, key_data_size, passwords, flags, until);
if (r >= 0) if (r >= 0)
break; break;
if (r != -EAGAIN) if (r != -EAGAIN)
@ -1052,14 +1058,17 @@ static int run(int argc, char *argv[]) {
if (arg_tries != 0 && tries >= arg_tries) if (arg_tries != 0 && tries >= arg_tries)
return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Too many attempts to activate; giving up."); return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Too many attempts to activate; giving up.");
} else if (streq(argv[1], "detach")) { } else if (streq(verb, "detach")) {
const char *volume;
if (!filename_is_valid(argv[2])) volume = argv[2];
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", argv[2]);
r = crypt_init_by_name(&cd, argv[2]); if (!filename_is_valid(volume))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Volume name '%s' is not valid.", volume);
r = crypt_init_by_name(&cd, volume);
if (r == -ENODEV) { if (r == -ENODEV) {
log_info("Volume %s already inactive.", argv[2]); log_info("Volume %s already inactive.", volume);
return 0; return 0;
} }
if (r < 0) if (r < 0)
@ -1067,12 +1076,12 @@ static int run(int argc, char *argv[]) {
cryptsetup_enable_logging(cd); cryptsetup_enable_logging(cd);
r = crypt_deactivate(cd, argv[2]); r = crypt_deactivate(cd, volume);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to deactivate: %m"); return log_error_errno(r, "Failed to deactivate: %m");
} else } else
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown verb %s.", argv[1]); return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Unknown verb %s.", verb);
return 0; return 0;
} }