rpms/clevis
5
0
Fork 0
Code Issues Pull Requests Releases Activity
b8be01bab6
clevis/0001-Fix-for-t-option-in-clevis-luks-bind-297.patch
DistroBaker f6576d8f7a Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/clevis.git#accda6600ef0b8f1bbbccdf9b133d306cf94ae9e
2021-03-16 18:15:30 +00:00

53 lines
2.1 KiB
Diff
Raw Blame History

From a7d17dab6957b3036972575af04b55590c53b9ad Mon Sep 17 00:00:00 2001
From: John Baublitz <jbaublitz@redhat.com>
Date: Tue, 16 Mar 2021 09:36:46 -0400
Subject: [PATCH] Fix for -t option in clevis luks bind (#297)
---
src/luks/clevis-luks-bind | 2 +-
src/luks/clevis-luks-common-functions.in | 2 +-
src/luks/tests/bind-luks2 | 4 ++++
3 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/luks/clevis-luks-bind b/src/luks/clevis-luks-bind
index 9bea9b1..a0f3430 100755
--- a/src/luks/clevis-luks-bind
+++ b/src/luks/clevis-luks-bind
@@ -119,7 +119,7 @@ if [ "${luks_type}" = "luks1" ] && ! luksmeta test -d "${DEV}"; then
luksmeta init -d "${DEV}" ${FRC}
fi
-if ! clevis_luks_do_bind "${DEV}" "${SLT}" "" \
+if ! clevis_luks_do_bind "${DEV}" "${SLT}" "${TOKEN_ID}" \
"${PIN}" "${CFG}" \
"${YES}" "" \
"${existing_key}" "${keyfile}"; then
diff --git a/src/luks/clevis-luks-common-functions.in b/src/luks/clevis-luks-common-functions.in
index 1bd7616..30fef56 100644
--- a/src/luks/clevis-luks-common-functions.in
+++ b/src/luks/clevis-luks-common-functions.in
@@ -978,7 +978,7 @@ clevis_luks_do_bind() {
return 1
fi
- if ! clevis_luks_save_slot "${DEV}" "${SLT}" "${tkn_id}" \
+ if ! clevis_luks_save_slot "${DEV}" "${SLT}" "${TKN_ID}" \
"${jwe}" "${OVERWRITE}"; then
echo "Unable to update metadata; operation cancelled" >&2
clevis_luks_restore_dev "${CLEVIS_TMP_DIR}" || :
diff --git a/src/luks/tests/bind-luks2 b/src/luks/tests/bind-luks2
index 492db50..04c6b8e 100755
--- a/src/luks/tests/bind-luks2
+++ b/src/luks/tests/bind-luks2
@@ -47,3 +47,7 @@ new_device "luks2" "${DEV}"
if ! clevis luks bind -d "${DEV}" -t "$TOKEN_ID" tang "${CFG}" <<< "${DEFAULT_PASS}"; then
error "${TEST}: Binding is expected to succeed when given a correct (${DEFAULT_PASS}) password." >&2
fi
+
+if ! cryptsetup token export --token-id=5 "${DEV}"; then
+ error "${TEST}: Clevis did not add the LUKS2 token to the correct slot." >&2
+fi
--
2.30.2
Reference in New Issue View Git Blame Copy Permalink