On Tue, 31.05.16 20:40, Raphaël Gertz (systemd-de...@rapsys.eu) wrote: > Hi, > > My question is relative to the file > systemd/src/shared/ask-password-api.c+651 : > l = strv_parse_nulstr(passphrase+1, n-1); > > On documentation > https://www.freedesktop.org/wiki/Software/systemd/PasswordAgents/ it is > specified that message should follow this pattern : > +passwordhere\0 > or > -\0 > With trailing \0 optional in both case. > > If I am right it seems all password sent through AF_UNIX/SOCK_DGRAM are > split using \0 character and cached as differents passwords.
Yes, that is correct. > I am trying to create a cgi which send password or keyfile through this > system. > > Cryptsetup can accept two case of password, a 512 max length passphrase in > interactive mode or a 8192 * 1024 keyfile. > (I have read the source code to find that) > > There seems to have nothing disallowing to have a password like "toto\0" or > a keyfile containing "toto\0". > > How am I supposed to submit password with \0 character inside or even worse > case with a \0 at end ? This is simply not supported right now. the ask-password logic is really for passwords only, not for keyfiles. There's no API currently to cover anything else. Sorry. There have been suggestions to improve the situation here, and cover more ground, but this never materialized, because the assumption was to move this all to a proper D-Bus API instead of the AF_UNIX-based logic it is right now. Given that this is early-boot stuff the this could only be delivered with kdbus however, but that was a big failure, hence this never readlly happened. Not sure where this really leaves us. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel