unknown ciphers can be selected in mount helper
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Fix Released
|
Medium
|
Tyler Hicks |
Bug Description
eCryptfs has a list of known, whitelisted ciphers that it displays in the mount helper if they are found in /proc/crypto or their unloaded kernel modules are found. There are also a few blacklisted ciphers in the list of known ciphers. If a cipher is found in /proc/crypto but is not found in the known list (neither whitelisted or blacklisted), it still makes it through to potentially be selected by the user. The mount helper then enters a continuous loop during key size selection.
To reproduce:
gentoo-virt tmp # modprobe camellia
gentoo-virt tmp # mount -t ecryptfs 1 2
Select key type to use for newly created files:
1) openssl
2) passphrase
Selection: 2
Passphrase:
Select cipher:
1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
2) blowfish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (loaded)
4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded)
6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded)
7) des: blocksize = 8; min keysize = 8; max keysize = 8 (loaded)
8) camellia: blocksize = 16; min keysize = 16; max keysize = 32 (loaded)
Selection [aes]: 8
Select key bytes:
Selection: 16
Select key bytes:
Selection: 32
Select key bytes:
Selection:
Related branches
Changed in ecryptfs: | |
assignee: | nobody → tyhicks |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in ecryptfs: | |
status: | Fix Committed → Fix Released |
Fix commited: http:// bazaar. launchpad. net/~ecryptfs/ ecryptfs/ ecryptfs- utils/revision/ 335