From: Milan Broz <mbroz@redhat.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc1 (test release candidate)
Date: Tue, 15 Mar 2011 12:11:47 +0100 [thread overview]
Message-ID: <4D7F4973.9060509@redhat.com> (raw)
In-Reply-To: <20110315010242.GB23585@tansi.org>
On 03/15/2011 02:02 AM, Arno Wagner wrote:
> On Tue, Mar 15, 2011 at 12:45:59AM +0100, Rudolf Deilmann wrote:
>> On Mon, 14 Mar 2011 23:10:37 +0100
>> On my machine, $x greater than 90 results in different internal keys
>> for 'cat keyfile | cryptsetup ' and 'cryptsetup --key-file keyfile'. If
>> the key-file is even large, I get at least an error message. Sample
>> keyfile ( x=91 ) attached or at http://pastebin.com/PeLUZ5a4, if the
>> mailing list removes attachements.
>
> Wups, buffer overflow or cutdown (with the later being a whole
> lot better, but still a problem)?
There are no fixed buffers :)
Increasing LOOPAES_KEYFILE_MAXSIZE helps.
(it is clearly visible in debug output - when reading from stdout, it
reads 8125 bytes, but from keyfile it is limited to 8000).
I will also limit LUKS keyfile in next version, mistake will cause problems
(reading the whole device in locked memory -> OOPS or something like that).
I guess max 8MB is enough? We have already limit on passphrase from terminal
to 512 bytes.
Fixed in svn already.
Milan
next prev parent reply other threads:[~2011-03-15 11:11 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-14 17:44 [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc1 (test release candidate) Milan Broz
2011-03-14 21:13 ` Rudolf Deilmann
2011-03-14 22:10 ` Milan Broz
2011-03-14 23:45 ` Rudolf Deilmann
2011-03-15 1:02 ` Arno Wagner
2011-03-15 11:11 ` Milan Broz [this message]
2011-03-15 11:43 ` Jonas Meurer
2011-03-15 12:19 ` Milan Broz
2011-03-15 12:09 ` Arno Wagner
2011-03-15 12:36 ` Milan Broz
2011-03-15 13:49 ` Arno Wagner
2011-03-21 18:21 ` Milan Broz
2011-03-22 18:47 ` Rudolf Deilmann
2011-03-22 19:09 ` Milan Broz
2011-03-22 20:44 ` Rudolf Deilmann
2011-03-22 21:05 ` Milan Broz
2011-03-23 14:14 ` Rudolf Deilmann
2011-03-23 14:37 ` Milan Broz
2011-03-23 16:00 ` Rudolf Deilmann
2011-03-23 16:26 ` Milan Broz
2011-04-14 14:28 ` [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc1 ( test " Ludwig Nussel
2011-03-17 13:36 ` [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc1 (test " Ludwig Nussel
2011-03-17 14:02 ` Milan Broz
2011-03-22 12:50 ` [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0-rc2 " Milan Broz
2011-04-05 20:02 ` [dm-crypt] [ANNOUNCE] cryptsetup 1.3.0 Milan Broz
2011-04-05 20:02 ` Milan Broz
2011-05-24 15:48 ` [dm-crypt] [ANNOUNCE] cryptsetup 1.3.1 Milan Broz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D7F4973.9060509@redhat.com \
--to=mbroz@redhat.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.