On 26/04/2006 Kees Cook wrote:
> On Wed, Apr 26, 2006 at 11:13:16PM +0200, Jonas Meurer wrote:
> > can you provide the relevant ltrace output?
>
> Sure! Here's an example. I've attached the ltraces for a
> terminal-based stdin read vs a pipe stdin. As you can see from the
> hexdumps, the contents are very different, and from the ltrace you can
> see the broken one stops reading after 32 chars.
>
> [...]
> mylar:~# ltrace cryptsetup create crypt-test /dev/mapper/datavg-test
> 2>/tmp/working.ltrace
> Enter passphrase:
> [...]
> mylar:~# echo abcdefghijklmnopqrstuvwxyz0123456789 | ltrace cryptsetup create
> crypt-test /dev/mapper/datavg-test 2>/tmp/busted.ltrace
you're correct, with plain 'cryptsetup create', the string is truncated
to 32 characters if submitted via stdin.
fortunately this seems to be not the case for 'cryptsetup
luks{Format,Open,AddKey}. could you verify, that for a LUKS encrypted
partition, even keys longer than 32 characters work over stdin?
...
jonas
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
