blob: b8202ef69543ae0dde1246479e737bc9af5fc9c3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "homework-password-cache.h"
#include "keyring-util.h"
#include "missing_syscall.h"
#include "user-record.h"
void password_cache_free(PasswordCache *cache) {
if (!cache)
return;
cache->volume_key = erase_and_free(cache->volume_key);
cache->pkcs11_passwords = strv_free_erase(cache->pkcs11_passwords);
cache->fido2_passwords = strv_free_erase(cache->fido2_passwords);
}
void password_cache_load_keyring(UserRecord *h, PasswordCache *cache) {
_cleanup_free_ char *name = NULL;
_cleanup_(erase_and_freep) void *vk = NULL;
size_t vks;
key_serial_t serial;
int r;
assert(h);
assert(cache);
name = strjoin("homework-user-", h->user_name);
if (!name)
return (void) log_oom();
serial = request_key("user", name, NULL, 0);
if (serial == -1) {
if (errno == ENOKEY) {
log_info("Home volume key is not available in kernel keyring.");
return;
}
return (void) log_warning_errno(errno, "Failed to request key '%s', ignoring: %m", name);
}
r = keyring_read(serial, &vk, &vks);
if (r < 0)
return (void) log_warning_errno(r, "Failed to read keyring key '%s', ignoring: %m", name);
log_info("Successfully acquired home volume key from kernel keyring.");
erase_and_free(cache->volume_key);
cache->volume_key = TAKE_PTR(vk);
cache->volume_key_size = vks;
}
|
