📄 util-linux-2.12r.diff
字号:
+#if !defined(AES_BLOCK_SIZE) || (AES_BLOCK_SIZE == 32)+#define AES_KS_LENGTH 120+#define AES_RC_LENGTH 29+#else+#define AES_KS_LENGTH 4 * AES_BLOCK_SIZE+#define AES_RC_LENGTH (9 * AES_BLOCK_SIZE) / 8 - 8+#endif++typedef struct+{+ u_int32_t aes_Nkey; // the number of words in the key input block+ u_int32_t aes_Nrnd; // the number of cipher rounds+ u_int32_t aes_e_key[AES_KS_LENGTH]; // the encryption key schedule+ u_int32_t aes_d_key[AES_KS_LENGTH]; // the decryption key schedule+#if !defined(AES_BLOCK_SIZE)+ u_int32_t aes_Ncol; // the number of columns in the cipher state+#endif+} aes_context;++// THE CIPHER INTERFACE++#if !defined(AES_BLOCK_SIZE)+extern void aes_set_blk(aes_context *, const int);+#endif+extern void aes_set_key(aes_context *, const unsigned char [], const int, const int);+extern void aes_encrypt(const aes_context *, const unsigned char [], unsigned char []);+extern void aes_decrypt(const aes_context *, const unsigned char [], unsigned char []);++// The block length inputs to aes_set_block and aes_set_key are in numbers+// of bytes or bits. The calls to subroutines must be made in the above+// order but multiple calls can be made without repeating earlier calls+// if their parameters have not changed.++#endif // _AES_Hdiff -urN util-linux-2.12r/mount/lomount.c util-linux-2.12r-AES/mount/lomount.c--- util-linux-2.12r/mount/lomount.c 2004-12-21 00:11:04.000000000 +0200+++ util-linux-2.12r-AES/mount/lomount.c 2007-10-16 18:51:47.000000000 +0300@@ -1,4 +1,15 @@-/* Originally from Ted's losetup.c */+/* Taken from Ted's losetup.c - Mitch <m.dsouza@mrc-apu.cam.ac.uk> */+/* Added vfs mount options - aeb - 960223 */+/* Removed lomount - aeb - 960224 */++/*+ * 1999-02-22 Arkadiusz Mi秌iewicz <misiek@pld.ORG.PL>+ * - added Native Language Support+ * 1999-03-21 Arnaldo Carvalho de Melo <acme@conectiva.com.br>+ * - fixed strerr(errno) in gettext calls+ * 2001-04-11 Jari Ruusu+ * - added AES support+ */ #define LOOPMAJOR 7 @@ -13,60 +24,81 @@ #include <errno.h> #include <stdlib.h> #include <unistd.h>+#include <pwd.h>+#include <sys/types.h> #include <sys/ioctl.h> #include <sys/stat.h> #include <sys/mman.h> #include <sys/sysmacros.h>+#include <sys/wait.h>+#include <limits.h>+#include <fcntl.h>+#include <mntent.h>+#include <locale.h>+#include <sys/time.h>+#include <sys/utsname.h>+#include <signal.h> #include "loop.h" #include "lomount.h" #include "xstrncpy.h" #include "nls.h"+#include "sha512.h"+#include "rmd160.h"+#include "aes.h"++#if !defined(BLKGETSIZE64)+# define BLKGETSIZE64 _IOR(0x12,114,size_t)+#endif extern int verbose;-extern char *progname; extern char *xstrdup (const char *s); /* not: #include "sundries.h" */ extern void error (const char *fmt, ...); /* idem */+extern void show_all_loops(void);+extern int read_options_from_fstab(char *, char **);+extern int recompute_loop_dev_size(char *); -#ifdef LOOP_SET_FD--static int-loop_info64_to_old(const struct loop_info64 *info64, struct loop_info *info)-{- memset(info, 0, sizeof(*info));- info->lo_number = info64->lo_number;- info->lo_device = info64->lo_device;- info->lo_inode = info64->lo_inode;- info->lo_rdevice = info64->lo_rdevice;- info->lo_offset = info64->lo_offset;- info->lo_encrypt_type = info64->lo_encrypt_type;- info->lo_encrypt_key_size = info64->lo_encrypt_key_size;- info->lo_flags = info64->lo_flags;- info->lo_init[0] = info64->lo_init[0];- info->lo_init[1] = info64->lo_init[1];- if (info->lo_encrypt_type == LO_CRYPT_CRYPTOAPI)- memcpy(info->lo_name, info64->lo_crypt_name, LO_NAME_SIZE);- else- memcpy(info->lo_name, info64->lo_file_name, LO_NAME_SIZE);- memcpy(info->lo_encrypt_key, info64->lo_encrypt_key, LO_KEY_SIZE);-- /* error in case values were truncated */- if (info->lo_device != info64->lo_device ||- info->lo_rdevice != info64->lo_rdevice ||- info->lo_inode != info64->lo_inode ||- info->lo_offset != info64->lo_offset)- return -EOVERFLOW;+#if !defined(LOOP_PASSWORD_MIN_LENGTH)+# define LOOP_PASSWORD_MIN_LENGTH 20+#endif - return 0;-}+char *passFDnumber = (char *)0;+char *passAskTwice = (char *)0;+char *passSeedString = (char *)0;+char *passHashFuncName = (char *)0;+char *passIterThousands = (char *)0;+char *loInitValue = (char *)0;+char *gpgKeyFile = (char *)0;+char *gpgHomeDir = (char *)0;+char *clearTextKeyFile = (char *)0;+char *loopOffsetBytes = (char *)0;+char *loopSizeBytes = (char *)0;+char *loopEncryptionType = (char *)0;++static int multiKeyMode = 0; /* 0=single-key 64=multi-key-v2 65=multi-key-v3 1000=any */+static char *multiKeyPass[66];+static char *loopFileName; #ifdef MAIN+static char *+crypt_name (int id, int *flags) {+ int i;++ for (i = 0; loop_crypt_type_tbl[i].id != -1; i++)+ if(id == loop_crypt_type_tbl[i].id) {+ *flags = loop_crypt_type_tbl[i].flags;+ return loop_crypt_type_tbl[i].name;+ }+ *flags = 0;+ if(id == 18)+ return "CryptoAPI";+ return "undefined";+} static int show_loop(char *device) {- struct loop_info loopinfo;- struct loop_info64 loopinfo64;- int fd, errsv;+ struct loop_info64 loopinfo;+ int fd; if ((fd = open(device, O_RDONLY)) < 0) { int errsv = errno;@@ -74,73 +106,64 @@ device, strerror (errsv)); return 2; }-- if (ioctl(fd, LOOP_GET_STATUS64, &loopinfo64) == 0) {-- loopinfo64.lo_file_name[LO_NAME_SIZE-2] = '*';- loopinfo64.lo_file_name[LO_NAME_SIZE-1] = 0;- loopinfo64.lo_crypt_name[LO_NAME_SIZE-1] = 0;-- printf("%s: [%04llx]:%llu (%s)",- device, loopinfo64.lo_device, loopinfo64.lo_inode,- loopinfo64.lo_file_name);-- if (loopinfo64.lo_offset)- printf(_(", offset %lld"), loopinfo64.lo_offset);-- if (loopinfo64.lo_sizelimit)- printf(_(", sizelimit %lld"), loopinfo64.lo_sizelimit);-- if (loopinfo64.lo_encrypt_type ||- loopinfo64.lo_crypt_name[0]) {- char *e = loopinfo64.lo_crypt_name;-- if (*e == 0 && loopinfo64.lo_encrypt_type == 1)- e = "XOR";- printf(_(", encryption %s (type %d)"),- e, loopinfo64.lo_encrypt_type);- }- printf("\n");+ if (loop_get_status64_ioctl(fd, &loopinfo) < 0) {+ int errsv = errno;+ fprintf(stderr, _("loop: can't get info on device %s: %s\n"),+ device, strerror (errsv)); close (fd);- return 0;+ return 1; }-- if (ioctl(fd, LOOP_GET_STATUS, &loopinfo) == 0) {- printf ("%s: [%04x]:%ld (%s)",- device, loopinfo.lo_device, loopinfo.lo_inode,- loopinfo.lo_name);-- if (loopinfo.lo_offset)- printf(_(", offset %d"), loopinfo.lo_offset);-- if (loopinfo.lo_encrypt_type)- printf(_(", encryption type %d\n"),- loopinfo.lo_encrypt_type);-- printf("\n");- close (fd);- return 0;+ loopinfo.lo_file_name[LO_NAME_SIZE-1] = 0;+ loopinfo.lo_crypt_name[LO_NAME_SIZE-1] = 0;+ printf("%s: [%04llx]:%llu (%s)", device, (unsigned long long)loopinfo.lo_device,+ (unsigned long long)loopinfo.lo_inode, loopinfo.lo_file_name);+ if (loopinfo.lo_offset) {+ if ((long long)loopinfo.lo_offset < 0) {+ printf(_(" offset=@%llu"), -((unsigned long long)loopinfo.lo_offset));+ } else {+ printf(_(" offset=%llu"), (unsigned long long)loopinfo.lo_offset);+ } }-- errsv = errno;- fprintf(stderr, _("loop: can't get info on device %s: %s\n"),- device, strerror (errsv));+ if (loopinfo.lo_sizelimit)+ printf(_(" sizelimit=%llu"), (unsigned long long)loopinfo.lo_sizelimit);+ if (loopinfo.lo_encrypt_type) {+ int flags;+ char *s = crypt_name (loopinfo.lo_encrypt_type, &flags);++ printf(_(" encryption=%s"), s);+ /* type 18 == LO_CRYPT_CRYPTOAPI */+ if (loopinfo.lo_encrypt_type == 18) {+ printf("/%s", loopinfo.lo_crypt_name);+ } else {+ if(flags & 2)+ printf("-");+ if(flags & 1)+ printf("%u", (unsigned int)loopinfo.lo_encrypt_key_size << 3);+ }+ }+ switch(loopinfo.lo_flags & 0x180000) {+ case 0x180000:+ printf(_(" multi-key-v3"));+ break;+ case 0x100000:+ printf(_(" multi-key-v2"));+ break;+ }+ /* type 2 == LO_CRYPT_DES */+ if (loopinfo.lo_init[0] && (loopinfo.lo_encrypt_type != 2))+ printf(_(" loinit=%llu"), (unsigned long long)loopinfo.lo_init[0]);+ if (loopinfo.lo_flags & 0x200000)+ printf(_(" read-only"));+ printf("\n"); close (fd);- return 1;-}-#endif -int-is_loop_device (const char *device) {- struct stat statbuf;-- return (stat(device, &statbuf) == 0 &&- S_ISBLK(statbuf.st_mode) &&- major(statbuf.st_rdev) == LOOPMAJOR);+ return 0; }+#endif #define SIZE(a) (sizeof(a)/sizeof(a[0])) +#if !defined(MAIN) char * find_unused_loop_device (void) { /* Just creating a device, say in /tmp, is probably a bad idea -@@ -148,9 +171,8 @@ So, we just try /dev/loop[0-7]. */ char dev[20]; char *loop_formats[] = { "/dev/loop%d", "/dev/loop/%d" };- int i, j, fd, somedev = 0, someloop = 0, permission = 0;+ int i, j, fd, somedev = 0, someloop = 0; struct stat statbuf;- struct loop_info loopinfo; for (j = 0; j < SIZE(loop_formats); j++) { for(i = 0; i < 256; i++) {@@ -159,16 +181,14 @@ somedev++; fd = open (dev, O_RDONLY); if (fd >= 0) {- if(ioctl (fd, LOOP_GET_STATUS, &loopinfo) == 0)+ if (is_unused_loop_device(fd) == 0) someloop++; /* in use */ else if (errno == ENXIO) { close (fd); return xstrdup(dev);/* probably free */ } close (fd);- } else if (errno == EACCES)- permission++;-+ } continue;/* continue trying as long as devices exist */ } break;@@ -176,75 +196,626 @@ } if (!somedev)- error(_("%s: could not find any device /dev/loop#"), progname);- else if (!someloop && permission)- error(_("%s: no permission to look at /dev/loop#"), progname);+ error(_("mount: could not find any device /dev/loop#")); else if (!someloop)- error(_(- "%s: Could not find any loop device. Maybe this kernel "- "does not know\n"- " about the loop device? (If so, recompile or "- "`modprobe loop'.)"), progname);+ error(_("mount: Could not find any loop device. Maybe this kernel does not know\n"+ " about the loop device? (If so, recompile or `modprobe loop'.)")); else- error(_("%s: could not find any free loop device"), progname);+ error(_("mount: could not find any free loop device")); return 0; } -/*- * A function to read the passphrase either from the terminal or from- * an open file descriptor.- */-static char *-xgetpass(int pfd, const char *prompt) {- char *pass;- int buflen, i;-- if (pfd < 0) /* terminal */- return getpass(prompt);-- pass = NULL;- buflen = 0;- for (i=0; ; i++) {- if (i >= buflen-1) {- /* we're running out of space in the buffer.- * Make it bigger: */- char *tmppass = pass;- buflen += 128;- pass = realloc(tmppass, buflen);- if (pass == NULL) {- /* realloc failed. Stop reading. */- error("Out of memory while reading passphrase");- pass = tmppass; /* the old buffer hasn't changed */- break;- }- }- if (read(pfd, pass+i, 1) != 1 ||- pass[i] == '\n' || pass[i] == 0)+int is_loop_active(const char *dev, const char *backdev)+{+ int fd;+ int ret = 0;+ struct stat statbuf;+ struct loop_info64 loopinfo;+ if (stat (dev, &statbuf) == 0 && S_ISBLK(statbuf.st_mode)) {+ fd = open (dev, O_RDONLY);+ if (fd < 0)+ return 0;+ if ((loop_get_status64_ioctl(fd, &loopinfo) == 0)+ && (stat (backdev, &statbuf) == 0)+ && (statbuf.st_dev == loopinfo.lo_device)+ && (statbuf.st_ino == loopinfo.lo_inode))+ ret = 1; /* backing device matches */+ memset(&loopinfo, 0, sizeof(loopinfo));+ close(fd);+ }+ return ret;+}+#endif++static int rd_wr_retry(int fd, char *buf, int cnt, int w)+{+ int x, y, z;++ x = 0;+ while(x < cnt) {+ y = cnt - x;+ if(w) {+ z = write(fd, buf + x, y);+ } else {+ z = read(fd, buf + x, y);+ if (!z) return x;+ }+ if(z < 0) {+ if ((errno == EAGAIN) || (errno == ENOMEM) || (errno == ERESTART) || (errno == EINTR)) {+ continue;+ }+ return x;+ }+ x += z;+ }+ return x;+}++static char *get_FD_pass(int fd)+{+ char *p = NULL, *n;+ int x = 0, y = 0;++ do {+ if(y >= (x - 1)) {+ x += 128;+ /* Must enforce some max limit here -- this code */+ /* runs as part of mount, and mount is setuid root */+ /* and has used mlockall(MCL_CURRENT | MCL_FUTURE) */+ if(x > (4*1024)) return(NULL);+ n = malloc(x);+ if(!n) return(NULL);+ if(p) {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -