diff options
| author | Thomas Mühlbacher <tmuehlbacher@posteo.net> | 2024-05-09 23:52:47 +0200 |
|---|---|---|
| committer | Kent Overstreet <kent.overstreet@linux.dev> | 2024-05-26 13:32:56 -0400 |
| commit | 5b216318b887283d1b22fda055bb7cf381e6ae10 (patch) | |
| tree | 942dcf54ac0696839642602ef2c10b82d347de41 /src | |
| parent | 6ba303e8bff73db9eda94541d1a2497f7035c9be (diff) | |
`check_for_key` before `ask_for_passphrase`
let's always first check if there is already a key in the keyring
available before we try to get the key from some more involved means.
Fixes: #261
Signed-off-by: Thomas Mühlbacher <tmuehlbacher@posteo.net>
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>
Diffstat (limited to 'src')
| -rw-r--r-- | src/commands/mount.rs | 13 | ||||
| -rw-r--r-- | src/key.rs | 4 |
2 files changed, 14 insertions, 3 deletions
diff --git a/src/commands/mount.rs b/src/commands/mount.rs index 05c586a8..79667cca 100644 --- a/src/commands/mount.rs +++ b/src/commands/mount.rs @@ -345,8 +345,17 @@ fn cmd_mount_inner(opt: Cli) -> anyhow::Result<()> { if block_devices_to_mount.is_empty() { Err(anyhow::anyhow!("No device found from specified parameters"))?; } - // Check if the filesystem's master key is encrypted - if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } { + + let key_name = CString::new(format!( + "bcachefs:{}", + block_devices_to_mount[0].sb().uuid() + )) + .unwrap(); + + // Check if the filesystem's master key is encrypted and we don't have a key + if unsafe { bcachefs::bch2_sb_is_encrypted_and_locked(block_devices_to_mount[0].sb) } + && !key::check_for_key(&key_name)? + { // First by password_file, if available let fallback_to_unlock_policy = if let Some(passphrase_file) = &opt.passphrase_file { match key::read_from_passphrase_file(&block_devices_to_mount[0], passphrase_file.as_path()) { @@ -58,7 +58,7 @@ impl fmt::Display for UnlockPolicy { } } -fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { +pub fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> { use bch_bindgen::keyutils::{self, keyctl_search}; let key_name = key_name.to_bytes_with_nul().as_ptr() as *const _; let key_type = c_str!("user"); @@ -86,10 +86,12 @@ fn wait_for_unlock(uuid: &uuid::Uuid) -> anyhow::Result<()> { } } +// blocks indefinitely if no input is available on stdin fn ask_for_passphrase(sb: &bch_sb_handle) -> anyhow::Result<()> { let passphrase = if stdin().is_terminal() { rpassword::prompt_password("Enter passphrase: ")? } else { + info!("Trying to read passphrase from stdin..."); let mut line = String::new(); stdin().read_line(&mut line)?; line |