[pkg-cryptsetup-devel] Bug#715054: cryptsetup: --verify-passphrase w/ luksAddKey is also applied to the unlocking passphrase

Frédéric Brière fbriere at fbriere.net
Sat Jul 6 01:18:25 UTC 2013


Package: cryptsetup
Version: 2:1.6.1-1
Severity: normal

When providing the --verify-passphrase to luksAddKey, this option will
not only be applied to the new passphrase, but also to the existing
passphrase, obviously needlessly.  (See #570418 for a similar issue from
the past.)

  # cryptsetup --verify-passphrase luksAddKey /dev/...
  Enter any existing passphrase: 
  Verify passphrase: 
  Enter new passphrase for key slot: 
  Verify passphrase: 

(To my untrained eye, the first condition of _verify_passphrase() in
src/cryptsetup.c appears to be wrong.)


-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/vmlinuz-3.8-2-amd64 root=/dev/mapper/root ro

-- /etc/crypttab
# <target name>	<source device>		<key file>	<options>
root      /dev/mapper/vg0-root      none                           luks
pbuilder  /dev/mapper/vg0-pbuilder  /etc/security/pbuilder.passwd  luks

-- /etc/fstab
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
tmpfs		/tmp		tmpfs	defaults	0	0

/dev/md0       /boot           ext3    defaults,relatime        0       2

/dev/mapper/root /               ext3    errors=remount-ro,relatime 0       1
/dev/mapper/pbuilder /var/cache/pbuilder ext3    defaults,relatime  0       2

/dev/dvd        /media/cdrom    udf,iso9660 user,noauto     0       0

-- lsmod
Module                  Size  Used by
isofs                  35129  0 
udf                    68162  0 
bnep                   17574  0 
rfcomm                 33696  0 
btusb                  17553  0 
bluetooth             160688  5 bnep,btusb,rfcomm
rfkill                 19166  1 bluetooth
crc16                  12343  1 bluetooth
ext2                   59600  1 
nls_utf8               12456  0 
nls_cp437              16553  0 
vfat                   17365  0 
fat                    46039  1 vfat
act_police             12725  1 
sch_ingress            12744  1 
cls_u32                13111  6 
sch_sfq                17467  3 
sch_cbq                22569  1 
ipt_REJECT             12502  1 
pppoe                  17512  2 
pppox                  12594  1 pppoe
xt_multiport           12548  2 
iptable_filter         12536  1 
ip_tables              21997  1 iptable_filter
x_tables               19041  4 ip_tables,xt_multiport,iptable_filter,ipt_REJECT
pci_stub               12429  1 
vboxpci                19094  0 
vboxnetadp             25443  0 
vboxnetflt             23648  0 
vboxdrv               217306  3 vboxnetadp,vboxnetflt,vboxpci
binfmt_misc            12957  1 
ppp_generic            26827  6 pppoe,pppox
slhc                   12674  1 ppp_generic
it87                   30261  0 
hwmon_vid              12430  1 it87
loop                   22908  0 
fuse                   62705  1 
snd_usb_audio         105996  1 
snd_usbmidi_lib        23337  1 snd_usb_audio
snd_hda_codec_hdmi     31479  1 
tuner_simple           17171  1 
tuner_types            16409  1 tuner_simple
tuner                  21635  1 
tvaudio                26716  0 
tda7432                12671  0 
msp3400                30326  0 
bttv                  106542  0 
parport_pc             22409  0 
parport                31901  1 parport_pc
k10temp                12664  0 
snd_hda_codec_realtek    55535  1 
radeon                760247  3 
snd_hda_intel          31301  9 
snd_bt87x              13446  1 
snd_hda_codec          88454  3 snd_hda_codec_realtek,snd_hda_codec_hdmi,snd_hda_intel
btcx_risc              12555  1 bttv
tveeprom               20593  1 bttv
videobuf_dma_sg        13234  1 bttv
rc_core                18382  1 bttv
v4l2_common            13355  5 bttv,tuner,tda7432,msp3400,tvaudio
snd_hwdep              13189  2 snd_usb_audio,snd_hda_codec
snd_pcm_oss            37079  0 
snd_mixer_oss          18035  1 snd_pcm_oss
snd_pcm                68523  8 snd_pcm_oss,snd_usb_audio,snd_bt87x,snd_hda_codec_hdmi,snd_hda_codec,snd_hda_intel
videodev               88021  6 bttv,tuner,tda7432,msp3400,tvaudio,v4l2_common
media                  18184  1 videodev
videobuf_core          17872  2 bttv,videobuf_dma_sg
snd_page_alloc         13018  3 snd_bt87x,snd_pcm,snd_hda_intel
snd_seq_midi           12848  0 
snd_seq_midi_event     13316  1 snd_seq_midi
snd_rawmidi            23034  2 snd_usbmidi_lib,snd_seq_midi
sp5100_tco             12864  0 
acpi_cpufreq           13354  0 
mperf                  12453  1 acpi_cpufreq
ttm                    58389  1 radeon
drm_kms_helper         31890  1 radeon
drm                   202241  5 ttm,drm_kms_helper,radeon
i2c_algo_bit           12841  2 bttv,radeon
snd_seq                45225  2 snd_seq_midi_event,snd_seq_midi
i2c_piix4              12660  0 
i2c_core               19945  14 drm,bttv,tuner,i2c_piix4,drm_kms_helper,tda7432,i2c_algo_bit,msp3400,tvaudio,v4l2_common,tveeprom,radeon,tuner_simple,videodev
evdev                  17650  6 
serio_raw              12940  0 
pcspkr                 12632  0 
processor              28362  1 acpi_cpufreq
thermal_sys            22833  1 processor
snd_seq_device         13176  3 snd_seq,snd_rawmidi,snd_seq_midi
snd_timer              22812  4 snd_pcm,snd_seq
snd                    53077  33 snd_hda_codec_realtek,snd_pcm_oss,snd_usb_audio,snd_bt87x,snd_hwdep,snd_timer,snd_hda_codec_hdmi,snd_pcm,snd_seq,snd_rawmidi,snd_usbmidi_lib,snd_hda_codec,snd_hda_intel,snd_seq_device,snd_mixer_oss
soundcore              13026  1 snd
shpchp                 31346  0 
wmi                    13243  0 
kvm_amd                47398  0 
button                 12944  0 
kvm                   314909  1 kvm_amd
edac_mce_amd           16963  0 
edac_core              43453  0 
ext3                  162558  8 
mbcache                13114  2 ext2,ext3
jbd                    57997  1 ext3
sha256_generic         16797  16 
cbc                    12696  8 
dm_crypt               18372  8 
dm_mod                 64083  45 dm_crypt
raid1                  30921  3 
md_mod                 88552  4 raid1
hid_generic            12385  0 
hid_logitech_dj        17354  0 
usbhid                 40792  2 hid_logitech_dj
hid                    81770  3 hid_generic,usbhid,hid_logitech_dj
sr_mod                 21945  0 
cdrom                  35212  1 sr_mod
sg                     26095  0 
sd_mod                 40549  12 
crc_t10dif             12348  1 sd_mod
usb_storage            48069  0 
firewire_ohci          31931  0 
aic7xxx               108433  0 
scsi_transport_spi     23826  1 aic7xxx
firewire_core          49141  1 firewire_ohci
ata_generic            12490  0 
crc_itu_t              12347  2 udf,firewire_core
microcode              30456  0 
pata_jmicron           12483  0 
ehci_pci               12472  0 
xhci_hcd               78158  0 
ohci_hcd               26678  0 
ehci_hcd               40464  1 ehci_pci
usbcore               130195  10 btusb,snd_usb_audio,usb_storage,ohci_hcd,snd_usbmidi_lib,ehci_hcd,ehci_pci,usbhid,xhci_hcd
usb_common             12354  1 usbcore
ahci                   25060  9 
libahci                22918  1 ahci
r8169                  52743  0 
libata                141722  4 ahci,libahci,ata_generic,pata_jmicron
mii                    12675  1 r8169
scsi_mod              158376  7 sg,scsi_transport_spi,usb_storage,libata,aic7xxx,sd_mod,sr_mod


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.8-2-amd64 (SMP w/3 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages cryptsetup depends on:
ii  cryptsetup-bin         2:1.6.1-1
ii  debconf [debconf-2.0]  1.5.50
ii  dmsetup                2:1.02.77-3
ii  libc6                  2.17-7
ii  sysv-rc                2.88dsf-41

Versions of packages cryptsetup recommends:
ii  busybox                                 1:1.20.0-8.1
ii  console-setup                           1.93
ii  initramfs-tools [linux-initramfs-tool]  0.113
ii  kbd                                     1.15.5-1

Versions of packages cryptsetup suggests:
ii  dosfstools              3.0.16-2
ii  liblocale-gettext-perl  1.05-7+b1

-- debconf information excluded



More information about the pkg-cryptsetup-devel mailing list