static int _open_plain( const char * device,const char * mapper,const char * mode,const char * pass,size_t pass_size )
{
int flags ;
struct crypt_device * cd ;
struct crypt_params_plain params ;
memset( ¶ms,'\0',sizeof( struct crypt_params_plain ) ) ;
params.hash = "ripemd160";
params.skip = 0;
params.offset = 0;
if( zuluCryptPathIsNotValid( device ) ){
return 3 ;
}
if( StringHasComponent( mode,"ro" ) ){
flags = 1 ;
}else{
flags = 0 ;
}
if( crypt_init( &cd,device ) != 0 ){
return 2 ;
}
if( crypt_format( cd,CRYPT_PLAIN,"aes","cbc-essiv:sha256",NULL,NULL,32,¶ms ) != 0 ){
return zuluExit( 2,cd ) ;
}
if( crypt_activate_by_passphrase( cd,mapper,CRYPT_ANY_SLOT,pass,pass_size,flags ) < 0 ){
return zuluExit( 2,cd ) ;
}else{
return zuluExit( 0,cd ) ;
}
}
int zuluCryptOpenPlain( const char * device,const char * mapper,const char * mode,const char * pass,size_t pass_size )
{
int lmode ;
string_t st ;
int fd ;
int r ;
if( StringPrefixMatch( device,"/dev/",5 ) ){
return _open_plain( device,mapper,mode,pass,pass_size ) ;
}else{
if( StringHasComponent( mode,"ro" ) ){
lmode = O_RDONLY ;
}else{
lmode = O_RDWR ;
}
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( device,lmode,&fd,&st ) ){
r = _open_plain( device,mapper,mode,pass,pass_size ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 2 ;
}
}
}
int zuluCryptOpenPlain_1( const open_struct_t * opt )
{
int mode ;
string_t st ;
int fd ;
int r ;
if( StringPrefixEqual( opt->device,"/dev/" ) ){
return _open_plain( opt->device,opt ) ;
}else{
if( StringHasComponent( opt->m_opts,"ro" ) ){
mode = O_RDONLY ;
}else{
mode = O_RDWR ;
}
/*
* zuluCryptAttachLoopDeviceToFile() is defined in ./create_loop.c
*/
if( zuluCryptAttachLoopDeviceToFile( opt->device,mode,&fd,&st ) ){
r = _open_plain( StringContent( st ),opt ) ;
StringDelete( &st ) ;
close( fd ) ;
return r ;
}else{
return 2 ;
}
}
}
static int _open_plain( const char * device,const open_struct_t * opt )
{
uint32_t flags ;
struct crypt_device * cd ;
struct crypt_params_plain params ;
memset( ¶ms,'\0',sizeof( struct crypt_params_plain ) ) ;
params.hash = "ripemd160" ;
if( zuluCryptPathIsNotValid( device ) ){
return 3 ;
}
if( crypt_init( &cd,device ) != 0 ){
return 2 ;
}
params.offset = _offset( opt->offset ) ;
if( StringHasComponent( opt->m_opts,"ro" ) ){
flags = CRYPT_ACTIVATE_READONLY ;
}else{
flags = CRYPT_ACTIVATE_ALLOW_DISCARDS ;
}
if( crypt_format( cd,CRYPT_PLAIN,"aes","cbc-essiv:sha256",NULL,NULL,32,¶ms ) != 0 ){
return zuluExit( 2,cd ) ;
}
if( crypt_activate_by_passphrase( cd,opt->mapper_name,CRYPT_ANY_SLOT,
opt->key,opt->key_len,flags ) < 0 ){
return zuluExit( 2,cd ) ;
}else{
return zuluExit( 0,cd ) ;
}
}
static int mount_FUSEfs_0( m_struct * mst )
{
int status ;
const char * opts ;
process_t p = Process( ZULUCRYPTmount ) ;
string_t st = set_mount_options( mst ) ;
opts = _mount_options( mst->m_flags,st ) ;
if( StringsAreEqual( mst->fs,"ntfs" ) ){
if( StringHasComponent( opts,"ignore_case" ) ){
ProcessSetArgumentList( p,"-n","-t","lowntfs-3g","-o",opts,mst->device,mst->m_point,ENDLIST ) ;
}else{
ProcessSetArgumentList( p,"-n","-t","ntfs-3g","-o",opts,mst->device,mst->m_point,ENDLIST ) ;
}
}else{
ProcessSetArgumentList( p,"-t",mst->fs,"-o",opts,mst->device,mst->m_point,ENDLIST ) ;
}
ProcessStart( p ) ;
status = ProcessExitStatus( p ) ;
ProcessDelete( &p ) ;
StringDelete( &st ) ;
return status ;
}
/*
* An assumption is made here that the path is an LVM path if "path"
* is in /dev/mapper/abc-def format and there exist a path at /dev/abc/def.
*
* Info in lvm path structures can be found here:
* https://www.redhat.com/archives/linux-lvm/2014-January/msg00014.html
*/
string_t zuluCryptConvertIfPathIsLVM( const char * path )
{
const char * e ;
const char ** z ;
struct stat st ;
StringIterator a ;
StringIterator b ;
StringIterator c ;
StringIterator d ;
string_t q = String( path ) ;
StringGetIterators( q,&c,&d ) ;
for( c = c + 3 ; c < d ; c++ ){
a = c - 2 ;
b = c - 1 ;
if( *a != '-' && *b == '-' && *c != '-' ){
/*
* found a place with a single dash,replace the dash with a slash
*/
*b = '/' ;
/*
* replace double dashes if present.
*/
z = StringPointer( q ) ;
while( StringHasComponent( *z,"--" ) ){
StringReplaceString( q,"--","-" ) ;
}
e = StringReplaceString( q,"/dev/mapper/","/dev/" ) ;
if( stat( e,&st ) == 0 ){
/*
* The path appear to be an LVM path since
* "/dev/mapper/ABC-DEF" input path has a corresponding
* "/dev/ABC/DEF" path
*/
}else{
/*
* Not an LVM volume,replace the string to its original
*/
StringReplace( q,path ) ;
}
break ;
}
}
return q ;
}
static const char * _remove_duplicates( string_t st )
{
const char ** z = StringPointer( st ) ;
while( StringHasComponent( *z,",," ) ){
StringReplaceString( st,",,","," ) ;
}
if( StringEndsWithChar( st,',' ) ){
return StringRemoveRight( st,1 ) ;
}else{
return StringContent( st ) ;
}
}
char * zuluCryptGetVolumeTypeFromMapperPath( const char * mapper )
{
struct crypt_device * cd ;
const char * type ;
char * r ;
string_t st ;
if( StringPrefixNotEqual( mapper,crypt_get_dir() ) ){
return StringCopy_2( "Nil" ) ;
}
if( crypt_init_by_name( &cd,mapper ) < 0 ){
return StringCopy_2( "Nil" ) ;
}
type = crypt_get_type( cd ) ;
if( type == NULL ){
if( StringHasComponent( mapper,"veracrypt" ) ){
r = StringCopy_2( "crypto_VCRYPT" ) ;
}else if( StringHasComponent( mapper,"truecrypt" ) ){
r = StringCopy_2( "crypto_TCRYPT" ) ;
}else{
r = _get_type_from_udev( mapper ) ;
}
}else{
st = String_1( "crypto_",type,NULL ) ;
r = StringDeleteHandle( &st ) ;
}
crypt_free( cd ) ;
return r ;
}
static void _printResult( const char * device,const char * m_point )
{
char * e ;
zuluCryptSecurityGainElevatedPrivileges() ;
/*
* zuluCryptGetVolumeTypeFromMapperPath() is defined in ../lib/status.c
*/
e = zuluCryptGetVolumeTypeFromMapperPath( device ) ;
zuluCryptSecurityDropElevatedPrivileges() ;
if( StringHasComponent( e,"LUKS" ) ){
printf( gettext( "SUCCESS: %s volume opened successfully\n" ),"luks" ) ;
}else if( StringHasComponent( e,"PLAIN" ) ){
printf( gettext( "SUCCESS: %s volume opened successfully\n" ),"plain" ) ;
}else if( StringHasComponent( e,"TCRYPT" ) ){
printf( gettext( "SUCCESS: %s volume opened successfully\n" ),"tcrypt" ) ;
}else if( StringHasComponent( e,"VCRYPT" ) ){
printf( gettext( "SUCCESS: %s volume opened successfully\n" ),"vcrypt" ) ;
}else{
printf( gettext( "SUCCESS: volume opened successfully\n" ) ) ;
}
StringFree( e ) ;
if( m_point != NULL ){
printf( gettext( "volume mounted at: %s\n" ),m_point ) ;
}
}
string_t zuluCryptCreateMountPoint( const char * device,const char * label,const char * m_opts,uid_t uid )
{
if( home_mount_prefix() ){
return create_home_mount_point( device,label,uid ) ;
}else{
if( StringHasComponent( m_opts,"mount-prefix=home" ) ){
if( zuluCryptUserIsAMemberOfAGroup( uid,"zulumount" ) ){
return create_home_mount_point( device,label,uid ) ;
}else{
return StringVoid ;
}
}else{
return create_mount_point( device,label,uid ) ;
}
}
}
int zuluCryptResolveDevicePath_0( int( *function )( const char *,const resolve_path_t * ),
const open_struct_t * opt,int error )
{
/*
* resolve_path_t is defined in includes.h
*/
resolve_path_t opts ;
memset( &opts,'\0',sizeof( opts ) ) ;
opts.args = opt ;
opts.device = opt->device ;
if( StringHasComponent( opt->m_opts,"ro" ) ){
opts.open_mode = O_RDONLY ;
}else{
opts.open_mode = O_RDWR ;
}
return _get_result_1( function,&opts,error ) ;
}
int zuluCryptMountFlagsAreNotCorrect( const char * mode,uid_t uid,unsigned long * flags )
{
unsigned long flg = 0 ;
if( mode == NULL ){
flg |= MS_NODEV | MS_NOSUID | MS_NOEXEC | MS_RELATIME ;
*flags = flg ;
return 0 ;
}
if( StringHasComponent( mode,"ro" ) ){
flg |= MS_RDONLY ;
}
if( StringHasComponent( mode,"dev" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
}else{
flg |= MS_NODEV ;
}
#if MOUNT_WITH_NOEXEC_BY_DEFAULT
if( zuluCryptUserIsAMemberOfAGroup( uid,"zulumount-exec" ) ){
/*
* user is a member of a group,mount volume with exec option by default
*/
if( StringHasComponent( mode,"noexec" ) ){
/*
* user with access wish to mount a volume without it
*/
flg |= MS_NOEXEC ;
}
}else{
if( StringHasComponent( mode,"exec" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
}else{
flg |= MS_NOEXEC ;
}
}
#else
if( StringHasComponent( mode,"noexec" ) ){
/*
* user with access wish to mount a volume without it
*/
flg |= MS_NOEXEC ;
}
#endif
if( StringHasComponent( mode,"suid" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
}else{
flg |= MS_NOSUID ;
}
if( StringHasComponent( mode,"bind" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_BIND ;
}
if( StringHasComponent( mode,"mandlock" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_MANDLOCK ;
}
if( StringHasComponent( mode,"move" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_MOVE ;
}
if( StringHasComponent( mode,"noatime" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_NOATIME ;
}
if( StringHasComponent( mode,"strictatime" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_STRICTATIME ;
}
if( flg & MS_NOATIME ){
/*
* MS_NOATIME flag is set by user,use it instead of MS_RELATIME
*/
;
}else if( flg & MS_STRICTATIME ){
/*
* MS_STRICTATIME flag is set by user,use it instead of MS_RELATIME
*/
;
}else{
/*
* MS_NOATIME flag not set,autoset MS_RELATIME flag as the default flag
*/
flg |= MS_RELATIME ;
}
#if 0
/*
* done check for this one since its a default option set above
*/
if( StringHasComponent( mode,"relatime" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_RELATIME ;
}
#endif
if( StringHasComponent( mode,"nodiratime" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_NODIRATIME ;
}
if( StringHasComponent( mode,"remount" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_REMOUNT ;
}
if( StringHasComponent( mode,"silent" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_SILENT ;
}
if( StringHasComponent( mode,"synchronous" ) ){
if( _user_has_no_access( uid ) ){
return 1 ;
}
flg |= MS_SYNCHRONOUS ;
}
*flags = flg ;
return 0 ;
}
static int _modify_tcrypt( info_t * info,const struct_opts * opts )
{
int k = 4 ;
int r ;
string_t st = StringVoid ;
string_t xt = StringVoid ;
if( StringsAreEqual( opts->key_source,"-p" ) ){
info->header_key = opts->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else if( opts->key == NULL && StringsAreNotEqual( opts->key_source,"-f" ) ){
st = info->getKey( &r ) ;
if( r ){
info->key = StringContent( st ) ;
info->header_key = info->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else{
return zuluExit_1( k,st,xt ) ;
}
}else{
/*
* function is defined at "path_access.c"
*/
zuluCryptGetPassFromFile( opts->key,info->uid,&st ) ;
zuluCryptSecurityGainElevatedPrivileges() ;
if( st == StringVoid ){
return zuluExit_1( k,st,xt ) ;
}else{
if( StringHasComponent( opts->key,".zuluCrypt-socket" ) ){
info->key = StringContent( st ) ;
info->header_key = info->key ;
info->header_key_source = "passphrase" ;
info->header_new_key_source = "new_passphrase" ;
}else{
xt = zuluCryptCreateKeyFile( StringContent( st ),StringLength( st ),"tcrypt-bk-" ) ;
if( xt == StringVoid ){
return zuluExit_1( k,st,xt ) ;
}else{
info->key = StringContent( xt ) ;
info->header_key = info->key ;
info->header_key_source = "keyfiles" ;
info->header_new_key_source = "new_keyfiles" ;
}
}
}
}
/*
* zuluCryptModifyTcryptHeader() is defined in ../lib/create_tcrypt.c
*/
k = zuluCryptModifyTcryptHeader( info ) ;
if( xt != StringVoid ){
/*
* zuluCryptDeleteFile() is defined in ../lib/file_path_security.c
*/
zuluCryptDeleteFile( StringContent( xt ) ) ;
}
return zuluExit_1( k,st,xt ) ;
}
static int _open_tcrypt_volume( const char * device,const open_struct_t * opts )
{
tc_api_task task ;
int r = !TC_OK ;
size_t i ;
size_t k ;
const char * const * z ;
const char * e ;
string_t st = StringVoid ;
if( tc_api_initialize() ){
task = tc_api_task_init( "map" ) ;
if( tc_api_task_initialized( task ) ){
tc_api_task_set( task,"veracrypt_mode",opts->veraCrypt_volume ) ;
tc_api_task_set( task,"map_name",opts->mapper_name ) ;
if( StringHasComponent( opts->m_opts,"ro" ) ){
tc_api_task_set( task,"read_only" ) ;
}
if( opts->tcrypt_system ){
if( StringPrefixEqual( device,"/dev/sd" ) ||
StringPrefixEqual( device,"/dev/hd" ) ){
st = String( device ) ;
e = StringRemoveDigits( st ) ;
tc_api_task_set( task,"dev",e ) ;
tc_api_task_set( task,"sys",e ) ;
}else{
tc_api_task_set( task,"dev",device ) ;
tc_api_task_set( task,"sys",device ) ;
}
}else{
tc_api_task_set( task,"dev",device ) ;
}
k = opts->tcrypt_keyfiles_count ;
z = opts->tcrypt_keyfiles ;
tc_api_task_set( task,"passphrase",opts->key ) ;
for( i = 0 ; i < k ; i++ ){
tc_api_task_set( task,"keyfiles",*( z + i ) ) ;
}
r = tc_api_task_do( task ) ;
tc_api_task_uninit( task ) ;
StringDelete( &st ) ;
}
tc_api_uninit() ;
}
return r ;
}
stringList_t zuluCryptOpenedVolumesList( uid_t uid )
{
const char * e ;
const char * c ;
const char * d ;
const char * t ;
char * f ;
char * g ;
StringListIterator it ;
StringListIterator end ;
ssize_t k ;
string_t q ;
string_t z ;
string_t j ;
stringList_t stx ;
stringList_t list = StringListVoid ;
stringList_t stl = zuluCryptGetMoutedList() ;
if( uid ) {
;
}
/*
* zuluCryptMapperPrefix() is defined in create_mapper_name.c
*/
j = String_1( zuluCryptMapperPrefix(),"/zuluCrypt-",NULL ) ;
/*
* t will probably contain "/dev/mapper/zuluCrypt-"
*/
t = StringContent( j ) ;
StringListGetIterators( stl,&it,&end ) ;
while( it != end ) {
c = StringContent( *it ) ;
it++ ;
if( StringPrefixNotEqual( c,t ) ) {
/*
* we only care about zuluCrypt volumes and these volumes that we care about starts with
* "/dev/mapper/zuluCrypt-"
*/
continue ;
}
if( StringHasComponent( c,"/run/media/public/" ) ) {
/*
* dont show mirror images due to bind mounts
*/
continue ;
}
stx = StringListSplit( c,' ' ) ;
e = StringListContentAtFirstPlace( stx ) ;
k = StringHasComponent_1( e,"-UUID-" ) ;
if( k != -1 ) {
q = StringListStringAtFirstPlace( stx ) ;
/*
* zuluCryptDecodeMountEntry() is defined in mount_volume.c
*/
d = zuluCryptDecodeMountEntry( StringListStringAtSecondPlace( stx ) ) ;
/*
* zuluCryptGetVolumeTypeFromMapperPath() is defined in status.c
*/
f = zuluCryptGetVolumeTypeFromMapperPath( StringContent( q ) ) ;
e = StringSubChar( q,StringLastIndexOfChar( q,'-' ),'\0' ) + k + 6 ;
z = String_1( "UUID=\"",e,"\"\t",d,"\t",f,NULL ) ;
list = StringListAppendString_1( list,&z ) ;
StringFree( f ) ;
} else {
/*
* zuluCryptVolumeDeviceName() is defined in status.c
*/
g = zuluCryptVolumeDeviceName( e ) ;
if( g != NULL ) {
d = zuluCryptDecodeMountEntry( StringListStringAtSecondPlace( stx ) ) ;
/*
* zuluCryptGetVolumeTypeFromMapperPath() is defined in status.c
*/
f = zuluCryptGetVolumeTypeFromMapperPath( StringListContentAtFirstPlace( stx ) ) ;
z = String_1( g,"\t",d,"\t",f,NULL ) ;
list = StringListAppendString_1( list,&z ) ;
StringFree( f ) ;
StringFree( g ) ;
}
}
StringListDelete( &stx ) ;
}
StringListDelete( &stl ) ;
StringDelete( &j ) ;
return list ;
}
int zuluCryptEXEOpenVolume( const struct_opts * opts,const char * mapping_name,uid_t uid )
{
int share = opts->share ;
int open_mount = opts->open_mount ;
const char * device = opts->device ;
const char * mount_point = opts->mount_point ;
const char * m_opts = opts->m_opts ;
const char * source = opts->key_source ;
const char * pass = opts->key ;
const char * plugin_path = opts->plugin_path ;
const char * fs_opts = opts->fs_opts ;
const char * offset = opts->offset ;
const char * const * tcrypt_keyfiles = opts->tcrypt_multiple_keyfiles ;
/*
* Below is a form of memory management.All strings are collected in a stringlist object to easily delete them
* when the function returns.This allows for the function to have multiple exit points without risks of leaking
* memory from manually examining each exit point to make sure all strings are deleted or go with multiple goto
* code deleting blocks to take into account different exit points.
*/
stringList_t stl ;
string_t * stringArray = StringListArray( &stl,6 ) ;
string_t * passphrase = &stringArray[ 0 ] ;
string_t * m_name = &stringArray[ 1 ] ;
string_t * data = &stringArray[ 2 ] ;
string_t * m_point = &stringArray[ 3 ] ;
string_t * mapper = &stringArray[ 4 ] ;
string_t * mapper_path = &stringArray[ 5 ] ;
const char * key = NULL ;
const char * mapper_name ;
const char * e ;
size_t key_len = 0 ;
int st = 0 ;
stringList_t stz ;
tvcrypt v_info ;
unsigned long m_flags ;
int tcrypt_keyfile = 0 ;
const char * uuid ;
char * device_path ;
/*
* open_struct_t is declared in ../lib/include.h
*/
open_struct_t volume ;
struct stat statstr ;
/*
* zuluCryptVolumeIsInSystemVolumeList() is defined in volumes.c
*/
if( zuluCryptVolumeIsInSystemVolumeList( device ) ){
/*
* check permissions only if volume is explicity mentioned as system.
* This is an exception to avoid some udev bad behaviors on udev enabled build
*/
if( !zuluCryptUserIsAMemberOfAGroup( uid,"zulucrypt" ) ){
return zuluExit( 22,device,mount_point,stl ) ;
}
}
if( m_opts == NULL ){
m_opts = "rw" ;
}
/*
* zuluCryptMountFlagsAreNotCorrect() is defined in ./mount_flags.c
*/
if( zuluCryptMountFlagsAreNotCorrect( m_opts,uid,&m_flags ) ){
return zuluExit( 5,device,mount_point,stl ) ;
}
if( StringHasComponent( m_opts,"rw" ) ){
/*
* zuluCryptSecurityDeviceIsWritable() is defined in path_access.c
*/
st = zuluCryptCanOpenPathForWriting( device,uid ) ;
}else{
/*
* zuluCryptSecurityDeviceIsReadable() is defined in path_access.c
*/
st = zuluCryptCanOpenPathForReading( device,uid ) ;
}
/*
* 1-permissions denied
* 2-invalid path
* 3-shenanigans
* 4-common error
*/
switch( st ){
case 0 : break ;
case 1 : return zuluExit( 6,device,mount_point,stl ) ;
case 2 : return zuluExit( 6,device,mount_point,stl ) ;
case 3 : return zuluExit( 6,device,mount_point,stl ) ;
case 4 : return zuluExit( 6,device,mount_point,stl ) ;
default: return zuluExit( 6,device,mount_point,stl ) ;
}
if( open_mount ){
/*
* zuluCryptCreateMountPoint() is defined in create_mount_point.c
*/
*m_point = zuluCryptCreateMountPoint( device,mount_point,m_opts,uid ) ;
mount_point = StringContent( *m_point ) ;
if( mount_point == NULL ){
return zuluExit( 9,device,mount_point,stl ) ;
}
}else{
if( uid != 0 ){
return zuluExit( 7,device,mount_point,stl ) ;
}
if( mount_point != NULL ){
return zuluExit( 8,device,mount_point,stl ) ;
}
}
if( share ){
/*
* zuluCryptBindSharedMountPointPathTaken() is defined in bind.c
*/
if( zuluCryptBindSharedMountPointPathTaken( *m_point ) ){
return zuluExit_1( 10,opts,device,mount_point,stl ) ;
}
}
/*
* zuluCryptCreateMapperName() is defined in ../lib/create_mapper_name.c
*/
*m_name = zuluCryptCreateMapperName( device,mapping_name,uid,ZULUCRYPTshortMapperPath ) ;
*mapper = StringCopy( *m_name ) ;
mapper_name = StringContent( *m_name ) ;
*mapper_path = String( zuluCryptMapperPrefix() ) ;
e = StringMultipleAppend( *mapper_path,"/",mapper_name,NULL ) ;
if( stat( e,&statstr ) == 0 ){
return zuluExit_1( 11,opts,device,mount_point,stl ) ;
}
if( plugin_path != NULL ){
/*
* zuluCryptUUIDFromPath() is defined in path_access.c
*/
uuid = zuluCryptUUIDFromPath( device ) ;
device_path = _device_path( device ) ;
/*
* zuluCryptPluginManagerGetKeyFromModule is defined in ../pluginManager/zuluCryptPluginManager.c
*/
*passphrase = zuluCryptPluginManagerGetKeyFromModule( device_path,plugin_path,uuid,uid,opts,&st ) ;
StringFree( device_path ) ;
StringFree( uuid ) ;
if( st != 0 || *passphrase == StringVoid ){
return zuluExit_1( 12,opts,device,mount_point,stl ) ;
}
key_len = StringLength( *passphrase ) ;
key = StringContent( *passphrase ) ;
zuluCryptSecurityLockMemory_1( *passphrase ) ;
}else if( source == NULL && tcrypt_keyfiles[ 0 ] == NULL ){
printf( gettext( "Enter passphrase: " ) ) ;
/*
* ZULUCRYPT_KEY_MAX_SIZE is set in ../constants.h
*/
switch( StringSilentlyGetFromTerminal_1( passphrase,ZULUCRYPT_KEY_MAX_SIZE ) ){
case 1 : return zuluExit_1( 13,opts,device,mount_point,stl ) ;
case 2 : return zuluExit_1( 14,opts,device,mount_point,stl ) ;
}
printf( "\n" ) ;
key = StringContent( *passphrase ) ;
key_len = StringLength( *passphrase ) ;
zuluCryptSecurityLockMemory_1( *passphrase ) ;
}else{
if( source == NULL || pass == NULL ){
if( tcrypt_keyfiles == NULL ){
return zuluExit_1( 15,opts,device,mount_point,stl ) ;
}
}
if( StringsAreEqual( source,"-p" ) ){
key = pass ;
key_len = StringSize( pass ) ;
}else if( StringsAreEqual( source,"-f" ) ){
if( StringHasNoComponent( pass,"/.zuluCrypt-socket" ) ){
tcrypt_keyfile = 1 ;
}
/*
* function is defined at "path_access.c"
*/
switch( zuluCryptGetPassFromFile( pass,uid,data ) ){
case 1 : return zuluExit_1( 16,opts,device,mount_point,stl ) ;
case 2 : return zuluExit_1( 17,opts,device,mount_point,stl ) ;
case 4 : return zuluExit_1( 18,opts,device,mount_point,stl ) ;
case 5 : return zuluExit_1( 19,opts,device,mount_point,stl ) ;
}
key = StringContent( *data ) ;
key_len = StringLength( *data ) ;
zuluCryptSecurityLockMemory_1( *data ) ;
}
}
memset( &volume,'\0',sizeof( open_struct_t ) ) ;
if( key != NULL ){
volume.key = key ;
volume.key_len = key_len ;
}else{
volume.key = "" ;
volume.key_len = 0 ;
}
volume.device = device ;
volume.offset = offset ;
volume.mapper_name = mapper_name ;
volume.m_point = mount_point ;
volume.fs_opts = fs_opts ;
volume.uid = uid ;
volume.m_opts = m_opts ;
volume.m_flags = m_flags ;
/*
* zuluCryptTrueCryptVeraCryptVolumeInfo() is defined in this source file.
*/
zuluCryptTrueCryptVeraCryptVolumeInfo( opts->type,&v_info ) ;
volume.iteration_count = v_info.iteration_count ;
volume.veraCrypt_volume = StringAtLeastOneMatch( v_info.type,"vcrypt","veracrypt","vera",NULL ) ;
StringDelete( &v_info.type ) ;
plugin_path = plugin_path + StringLastIndexOfChar_1( plugin_path,'/' ) + 1 ;
volume.luks_detached_header = StringHasComponent( plugin_path,"luks" ) ;
volume.general_detached_header = StringHasComponent( plugin_path,"generic_header" ) ;
if( tcrypt_keyfile ){
volume.key_source = TCRYPT_KEYFILE ;
}
if( tcrypt_keyfiles[ 0 ] != NULL ){
/*
* Here, we take a list of keyfiles supplied by the user and then copy them to a safe
* location at "/run/zuluCrypt" and then we pass these safe copies to cryptsetup.
*
* The idea is not to let cryptsetup, a privileged process handle user managed files.
*/
stz = zuluCryptCreateKeyFiles( tcrypt_keyfiles,0 ) ;
volume.tcrypt_keyfiles_count = StringListSize( stz ) ;
volume.tcrypt_keyfiles = StringListStringArray_0( stz ) ;
st = _open_volume( &volume ) ;
zuluCryptDeleteKeyFiles( stz ) ;
StringFree( volume.tcrypt_keyfiles ) ;
StringListDelete( &stz ) ;
}else{
st = _open_volume( &volume ) ;
}
/*
* below two return values comes from ../lib/mount_volume.c
*/
if( st == -1 ){
st = 20 ;
}
if( st == 12 ){
st = 21 ;
}
if( st == 8 || st == 3 ){
st = 3 ;
}
device = StringMultiplePrepend( *mapper,"/",zuluCryptMapperPrefix(),NULL ) ;
if( st == 0 && share ){
/*
* user wish to share the mount point bind the mount point to a publicly accessed path at /run/media/public/
*/
/*
* zuluCryptBindMountVolume() is defined in ../zuluCrypt-cli/bin/bind.c
*/
zuluCryptBindMountVolume( device,*m_point,m_flags ) ;
}
/*
* zuluCryptCheckInvalidKey() is defined in check_invalid_key.c
*/
zuluCryptCheckInvalidKey( opts->device ) ;
return zuluExit_1( st,opts,device,mount_point,stl ) ;
}
