mkinitfs: nlplug-findfs incorrect handling of LUKS keyslots other than 0
If using a LUKS passphrase in a slot other than 0, nlplug-findfs returns the error “no key available for this passphrase”, but after an allowed number of retries continues boot if the passphrase is correct.
Probably caused by nlplug-findfs function cryptsetup_thread. According to its documentation, crypt_activate_by_passphrase returns activated key slot number or negative error number otherwise; this code only accepts slot 0.
r = crypt_activate_by_passphrase(cd, c->crypt.name,
CRYPT_ANY_SLOT,
pass, strlen(pass), 0);
pthread_mutex_unlock(&c->cryptsetup_mutex);
if (r == 0)
break;
printf(“No key available with this passphrase.\n”);
—-
Affects probably versions other than the one specified; this code remains in mkinitfs most recent master.
(from redmine: issue id 6473, created on 2016-11-21, closed on 2017-05-22)
- Changesets:
- Revision 386aab2a by Timo Teräs on 2016-11-24T12:07:52Z:
main/mkinitfs: upgrade to 3.0.6
fixes #6217
fixes #6469
fixes #6473