mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-22 18:18:59 +00:00
improve the check if a tomb file is in use
Change the mapper path using a hash of the tomb file path, making it unique and reproducible to check if tomb is in use. Check happens inside the new render_mapper() function which is executed right after the key file opening.
This commit is contained in:
parent
763dbdb356
commit
59d3810665
57
tomb
57
tomb
@ -647,6 +647,26 @@ is_valid_tomb() {
|
||||
return 0
|
||||
}
|
||||
|
||||
# render the path to the unique /dev/mapper using an hash of the path
|
||||
# of the tombfile and its name. Checks for duplicates (tomb is in use)
|
||||
render_mapper() {
|
||||
[[ "$tombpath" == "" ]] &&
|
||||
_failure "cannot render mapper: missing \$tombpath"
|
||||
[[ "$TOMBNAME" == "" ]] &&
|
||||
_failure "cannot render mapper: missing \$TOMBNAME"
|
||||
local maphash=`print $tombpath | sha256sum -z`
|
||||
mapper="tomb.$TOMBNAME.${maphash[(w)1]}"
|
||||
local mounted_tombs=(`list_tomb_mounts`)
|
||||
local usedmapper
|
||||
for t in ${mounted_tombs}; do
|
||||
usedmapper=`basename "${t[(ws:;:)1]}"`
|
||||
[[ "$usedmapper" == "$mapper" ]] &&
|
||||
_failure "Tomb file already in use: ::1 tombname::" $TOMBNAME
|
||||
done
|
||||
_verbose "Mapper: ::1 mapper::" $mapper
|
||||
print "$mapper"
|
||||
}
|
||||
|
||||
# $1 is the tomb file to be lomounted
|
||||
lo_mount() {
|
||||
tpath="$1"
|
||||
@ -2135,7 +2155,11 @@ change_tomb_key() {
|
||||
[[ $? == 0 ]] || {
|
||||
_failure "Not a valid LUKS encrypted volume: ::1 volume::" $TOMBPATH }
|
||||
|
||||
_load_key $tombkey # Try loading given key and set TOMBKEY and
|
||||
_load_key $tombkey # Try loading given key and set TOMBKEY
|
||||
|
||||
mapper=`render_mapper`
|
||||
[[ "$mapper" == "" ]] && _failure "Operation aborted."
|
||||
|
||||
# TOMBKEYFILE
|
||||
local oldkey=$TOMBKEY
|
||||
local oldkeyfile=$TOMBKEYFILE
|
||||
@ -2144,11 +2168,6 @@ change_tomb_key() {
|
||||
_success "Changing lock on tomb ::1 tomb name::" $TOMBNAME
|
||||
_message "Old key: ::1 old key::" $oldkeyfile
|
||||
|
||||
# render the mapper
|
||||
mapdate=`date +%s`
|
||||
# save date of mount in minutes since 1970
|
||||
mapper="tomb.$TOMBNAME.$mapdate.$(basename $nstloop)"
|
||||
|
||||
# load the old key
|
||||
if option_is_set --tomb-old-pwd; then
|
||||
tomb_old_pwd="`option_value --tomb-old-pwd`"
|
||||
@ -2230,6 +2249,9 @@ mount_tomb() {
|
||||
|
||||
_load_key # Try loading new key from option -k and set TOMBKEYFILE
|
||||
|
||||
mapper=`render_mapper`
|
||||
[[ "$mapper" == "" ]] && _failure "Operation aborted."
|
||||
|
||||
tombmount="$2"
|
||||
[[ "$tombmount" = "" ]] && {
|
||||
tombmount=/media/$TOMBNAME
|
||||
@ -2239,6 +2261,8 @@ mount_tomb() {
|
||||
_message "Mountpoint not specified, using default: ::1 mount point::" $tombmount
|
||||
}
|
||||
|
||||
_success "Opening ::1 tomb file:: on ::2 mount point::" $TOMBNAME $tombmount
|
||||
|
||||
# check if the mountpoint is already used
|
||||
mounted_tombs=(`list_tomb_mounts`)
|
||||
for t in ${mounted_tombs}; do
|
||||
@ -2247,8 +2271,6 @@ mount_tomb() {
|
||||
_failure "Mountpoint already in use: ::1 mount point::" $tombmount
|
||||
done
|
||||
|
||||
_success "Opening ::1 tomb file:: on ::2 mount point::" $TOMBNAME $tombmount
|
||||
|
||||
lo_mount $TOMBPATH
|
||||
nstloop=`lo_new`
|
||||
|
||||
@ -2272,12 +2294,6 @@ mount_tomb() {
|
||||
[[ "$slotwarn" == "WARN" ]] && {
|
||||
_warning "Multiple key slots are enabled on this tomb. Beware: there can be a backdoor." }
|
||||
|
||||
# save date of mount in minutes since 1970
|
||||
mapdate=`date +%s`
|
||||
|
||||
mapper="tomb.$TOMBNAME.$mapdate.$(basename $nstloop)"
|
||||
|
||||
_verbose "dev mapper device: ::1 mapper::" $mapper
|
||||
_verbose "Tomb key: ::1 key file::" $TOMBKEYFILE
|
||||
|
||||
# take the name only, strip extensions
|
||||
@ -2814,13 +2830,11 @@ resize_tomb() {
|
||||
|
||||
_load_key # Try loading new key from option -k and set TOMBKEYFILE
|
||||
|
||||
local oldtombsize=$(( `stat -c %s "$TOMBPATH" 2>/dev/null` / 1048576 ))
|
||||
local mounted_tomb=`_sudo findmnt -rvo SOURCE,TARGET,FSTYPE,OPTIONS,LABEL |
|
||||
awk -vtomb="[$TOMBNAME]" '/^\/dev\/mapper\/tomb/ { if($5==tomb) print $1 }'`
|
||||
mapper=`render_mapper`
|
||||
[[ "$mapper" == "" ]] && _failure "Operation aborted."
|
||||
|
||||
local oldtombsize=$(( `stat -c %s "$TOMBPATH" 2>/dev/null` / 1048576 ))
|
||||
|
||||
# Tomb must not be open
|
||||
[[ -z "$mounted_tomb" ]] || {
|
||||
_failure "Please close the tomb ::1 tomb name:: before trying to resize it." $TOMBNAME }
|
||||
# New tomb size must be specified
|
||||
[[ -n "$newtombsize" ]] || {
|
||||
_failure "You must specify the new size of ::1 tomb name::" $TOMBNAME }
|
||||
@ -2861,9 +2875,6 @@ resize_tomb() {
|
||||
lo_mount "$TOMBPATH"
|
||||
nstloop=`lo_new`
|
||||
|
||||
mapdate=`date +%s`
|
||||
mapper="tomb.$TOMBNAME.$mapdate.$(basename $nstloop)"
|
||||
|
||||
_message "opening tomb"
|
||||
_cryptsetup luksOpen ${nstloop} ${mapper} || {
|
||||
_failure "Failure mounting the encrypted file." }
|
||||
|
Loading…
Reference in New Issue
Block a user