gnu: Add pam-mount.

[jackhill/guix/guix.git] / gnu / packages / patches / pam-mount-luks2-support.patch

From d4434c05e7c0cf05d87089404cfa2deedc60811a Mon Sep 17 00:00:00 2001
From: Ingo Franzki <ifranzki@linux.ibm.com>
Date: Mon, 29 Oct 2018 16:47:40 +0100
Subject: [PATCH] crypto: Add support for LUKS2

Cryptsetup version 2.0 added support for LUKS2.
This patch adds support for mounting LUKS2 volumes with
pam_mount.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
---
 src/crypto-dmc.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c
index d0ab6ca..abd0358 100644
--- a/src/crypto-dmc.c
+++ b/src/crypto-dmc.c
@@ -21,6 +21,12 @@
 #include "libcryptmount.h"
 #include "pam_mount.h"
 
+#ifndef CRYPT_LUKS
+       #define CRYPT_LUKS      NULL /* Passing NULL to crypt_load will
+                                       default to LUKS(1) on older
+                                       libcryptsetup versions. */
+#endif
+
 /**
  * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt)
  * @path:      path to the crypto container
@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev)
 
        ret = crypt_init(&cd, device);
        if (ret == 0) {
-               ret = crypt_load(cd, CRYPT_LUKS1, NULL);
+               ret = crypt_load(cd, CRYPT_LUKS, NULL);
                if (ret == -EINVAL)
                        ret = false;
                else if (ret == 0)
@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req,
 #endif
        }
 
-       ret = crypt_load(cd, CRYPT_LUKS1, NULL);
+       ret = crypt_load(cd, CRYPT_LUKS, NULL);
        if (ret == 0) {
                ret = crypt_activate_by_passphrase(cd, mt->crypto_name,
                      CRYPT_ANY_SLOT, req->key_data, req->key_size, flags);
-- 
2.21.0