diff options
Diffstat (limited to 'src/Core/Unix')
| -rw-r--r-- | src/Core/Unix/CoreService.cpp | 10 | ||||
| -rw-r--r-- | src/Core/Unix/CoreServiceProxy.h | 6 | ||||
| -rw-r--r-- | src/Core/Unix/CoreUnix.cpp | 4 | ||||
| -rw-r--r-- | src/Core/Unix/FreeBSD/CoreFreeBSD.cpp | 47 | ||||
| -rw-r--r-- | src/Core/Unix/Linux/CoreLinux.cpp | 12 | ||||
| -rw-r--r-- | src/Core/Unix/MacOSX/CoreMacOSX.cpp | 8 |
6 files changed, 72 insertions, 15 deletions
diff --git a/src/Core/Unix/CoreService.cpp b/src/Core/Unix/CoreService.cpp index f05d8569..e3fca20e 100644 --- a/src/Core/Unix/CoreService.cpp +++ b/src/Core/Unix/CoreService.cpp @@ -303,14 +303,13 @@ namespace VeraCrypt // We also use the old way if the user is forcing the use of dummy password for sudo #if defined(TC_LINUX ) || defined (TC_FREEBSD) - + bool authCheckDone = false; if (!Core->GetUseDummySudoPassword ()) { std::vector<char> buffer(128, 0); std::string result; - bool authCheckDone = false; - FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command + FILE* pipe = popen("sudo -n uptime 2>&1 | grep 'load average' | wc -l | tr -d '[:blank:]'", "r"); // We redirect stderr to stdout (2>&1) to be able to catch the result of the command if (pipe) { while (!feof(pipe)) @@ -354,7 +353,10 @@ namespace VeraCrypt } request.FastElevation = false; - (*AdminPasswordCallback) (request.AdminPassword); +#if defined(TC_LINUX ) || defined (TC_FREEBSD) + if(!authCheckDone) +#endif + (*AdminPasswordCallback) (request.AdminPassword); } } } diff --git a/src/Core/Unix/CoreServiceProxy.h b/src/Core/Unix/CoreServiceProxy.h index f5bbae3d..d57d8163 100644 --- a/src/Core/Unix/CoreServiceProxy.h +++ b/src/Core/Unix/CoreServiceProxy.h @@ -98,11 +98,11 @@ namespace VeraCrypt { MountOptions newOptions = options; - newOptions.Password = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password); + newOptions.Password = Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled); if (newOptions.Keyfiles) newOptions.Keyfiles->clear(); - newOptions.ProtectionPassword = Keyfile::ApplyListToPassword (options.ProtectionKeyfiles, options.ProtectionPassword); + newOptions.ProtectionPassword = Keyfile::ApplyListToPassword (options.ProtectionKeyfiles, options.ProtectionPassword, options.EMVSupportEnabled); if (newOptions.ProtectionKeyfiles) newOptions.ProtectionKeyfiles->clear(); @@ -126,7 +126,7 @@ namespace VeraCrypt if (options.CachePassword && ((options.Password && !options.Password->IsEmpty()) || (options.Keyfiles && !options.Keyfiles->empty()))) { - VolumePasswordCache::Store (*Keyfile::ApplyListToPassword (options.Keyfiles, options.Password)); + VolumePasswordCache::Store (*Keyfile::ApplyListToPassword (options.Keyfiles, options.Password, options.EMVSupportEnabled)); } } diff --git a/src/Core/Unix/CoreUnix.cpp b/src/Core/Unix/CoreUnix.cpp index 56382c18..258979b9 100644 --- a/src/Core/Unix/CoreUnix.cpp +++ b/src/Core/Unix/CoreUnix.cpp @@ -546,8 +546,8 @@ namespace VeraCrypt options.Password, options.Pim, options.Kdf, - options.TrueCryptMode, options.Keyfiles, + options.EMVSupportEnabled, options.Protection, options.ProtectionPassword, options.ProtectionPim, @@ -691,7 +691,7 @@ namespace VeraCrypt { try { - chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId()); + throw_sys_sub_if (chown (mountPoint.c_str(), GetRealUserId(), GetRealGroupId()) == -1, mountPoint); } catch (...) { } } } diff --git a/src/Core/Unix/FreeBSD/CoreFreeBSD.cpp b/src/Core/Unix/FreeBSD/CoreFreeBSD.cpp index 01463c35..05520274 100644 --- a/src/Core/Unix/FreeBSD/CoreFreeBSD.cpp +++ b/src/Core/Unix/FreeBSD/CoreFreeBSD.cpp @@ -83,7 +83,7 @@ namespace VeraCrypt #ifdef TC_MACOSX const string busType = "rdisk"; #else - foreach (const string &busType, StringConverter::Split ("ad da")) + foreach (const string &busType, StringConverter::Split ("ad da vtbd")) #endif { for (int devNumber = 0; devNumber < 64; devNumber++) @@ -185,10 +185,51 @@ namespace VeraCrypt void CoreFreeBSD::MountFilesystem (const DevicePath &devicePath, const DirectoryPath &mountPoint, const string &filesystemType, bool readOnly, const string &systemMountOptions) const { + std::string chosenFilesystem = "msdos"; + std::string modifiedMountOptions = systemMountOptions; + + if (filesystemType.empty() && modifiedMountOptions.find("mountprog") == string::npos) { + // No filesystem type specified through CLI, attempt to identify with blkid + // as mount is unable to probe filesystem type on BSD + // Make sure we don't override user defined mountprog + std::vector<char> buffer(128,0); + std::string cmd = "blkid -o value -s TYPE " + static_cast<std::string>(devicePath) + " 2>/dev/null"; + std::string result; + + FILE* pipe = popen(cmd.c_str(), "r"); + if (pipe) { + while (!feof(pipe)) { + if (fgets(buffer.data(), 128, pipe) != nullptr) + result += buffer.data(); + } + fflush(pipe); + pclose(pipe); + pipe = nullptr; + } + + if (result.find("ext") == 0 || StringConverter::ToLower(filesystemType).find("ext") == 0) { + chosenFilesystem = "ext2fs"; + } + else if (result.find("exfat") == 0 || StringConverter::ToLower(filesystemType) == "exfat") { + chosenFilesystem = "exfat"; + modifiedMountOptions += string(!systemMountOptions.empty() ? "," : "") + + "mountprog=/usr/local/sbin/mount.exfat"; + } + else if (result.find("ntfs") == 0 || StringConverter::ToLower(filesystemType) == "ntfs") { + chosenFilesystem = "ntfs"; + modifiedMountOptions += string(!systemMountOptions.empty() ? "," : "") + + "mountprog=/usr/local/bin/ntfs-3g"; + } + else if (!filesystemType.empty()) { + // Filesystem is specified but is none of the above, then supply as is + chosenFilesystem = filesystemType; + } + } else + chosenFilesystem = filesystemType; + try { - // Try to mount FAT by default as mount is unable to probe filesystem type on BSD - CoreUnix::MountFilesystem (devicePath, mountPoint, filesystemType.empty() ? "msdos" : filesystemType, readOnly, systemMountOptions); + CoreUnix::MountFilesystem (devicePath, mountPoint, chosenFilesystem, readOnly, modifiedMountOptions); } catch (ExecutedProcessFailed&) { diff --git a/src/Core/Unix/Linux/CoreLinux.cpp b/src/Core/Unix/Linux/CoreLinux.cpp index e1da6dff..5d5ba38f 100644 --- a/src/Core/Unix/Linux/CoreLinux.cpp +++ b/src/Core/Unix/Linux/CoreLinux.cpp @@ -22,6 +22,9 @@ #include "Platform/SystemInfo.h" #include "Platform/TextReader.h" #include "Volume/EncryptionModeXTS.h" +#ifdef WOLFCRYPT_BACKEND +#include "Volume/EncryptionModeWolfCryptXTS.h" +#endif #include "Driver/Fuse/FuseService.h" #include "Core/Unix/CoreServiceProxy.h" @@ -302,8 +305,13 @@ namespace VeraCrypt void CoreLinux::MountVolumeNative (shared_ptr <Volume> volume, MountOptions &options, const DirectoryPath &auxMountPoint) const { - bool xts = (typeid (*volume->GetEncryptionMode()) == typeid (EncryptionModeXTS)); - bool algoNotSupported = (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik)) + bool xts = (typeid (*volume->GetEncryptionMode()) == + #ifdef WOLFCRYPT_BACKEND + typeid (EncryptionModeWolfCryptXTS)); + #else + typeid (EncryptionModeXTS)); + #endif + bool algoNotSupported = (typeid (*volume->GetEncryptionAlgorithm()) == typeid (Kuznyechik)) || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (CamelliaKuznyechik)) || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikTwofish)) || (typeid (*volume->GetEncryptionAlgorithm()) == typeid (KuznyechikAES)) diff --git a/src/Core/Unix/MacOSX/CoreMacOSX.cpp b/src/Core/Unix/MacOSX/CoreMacOSX.cpp index b596e6e8..dde0d949 100644 --- a/src/Core/Unix/MacOSX/CoreMacOSX.cpp +++ b/src/Core/Unix/MacOSX/CoreMacOSX.cpp @@ -107,7 +107,13 @@ namespace VeraCrypt void CoreMacOSX::CheckFilesystem (shared_ptr <VolumeInfo> mountedVolume, bool repair) const { list <string> args; - args.push_back ("/Applications/Utilities/Disk Utility.app"); + struct stat sb; + + if (stat("/Applications/Utilities/Disk Utility.app", &sb) == 0) + args.push_back ("/Applications/Utilities/Disk Utility.app"); + else + args.push_back ("/System/Applications/Utilities/Disk Utility.app"); + Process::Execute ("open", args); } |