diff options
Diffstat (limited to 'src/cryptenroll')
-rw-r--r-- | src/cryptenroll/cryptenroll-password.c | 15 | ||||
-rw-r--r-- | src/cryptenroll/cryptenroll.c | 20 |
2 files changed, 11 insertions, 24 deletions
diff --git a/src/cryptenroll/cryptenroll-password.c b/src/cryptenroll/cryptenroll-password.c index 1775912d8e..9b7c8b5400 100644 --- a/src/cryptenroll/cryptenroll-password.c +++ b/src/cryptenroll/cryptenroll-password.c @@ -17,20 +17,13 @@ int enroll_password( _cleanup_free_ char *error = NULL; const char *node; int r, keyslot; - char *e; assert_se(node = crypt_get_device_name(cd)); - e = getenv("NEWPASSWORD"); - if (e) { - - new_password = strdup(e); - if (!new_password) - return log_oom(); - - assert_se(unsetenv_erase("NEWPASSWORD") >= 0); - - } else { + r = getenv_steal_erase("NEWPASSWORD", &new_password); + if (r < 0) + return log_error_errno(r, "Failed to acquire password from environment: %m"); + if (r == 0) { _cleanup_free_ char *disk_path = NULL; unsigned i = 5; const char *id; diff --git a/src/cryptenroll/cryptenroll.c b/src/cryptenroll/cryptenroll.c index c9bc9a2489..e13f5b7ac8 100644 --- a/src/cryptenroll/cryptenroll.c +++ b/src/cryptenroll/cryptenroll.c @@ -409,8 +409,8 @@ static int prepare_luks( size_t *ret_volume_key_size) { _cleanup_(crypt_freep) struct crypt_device *cd = NULL; + _cleanup_(erase_and_freep) char *envpw = NULL; _cleanup_(erase_and_freep) void *vk = NULL; - char *e = NULL; size_t vks; int r; @@ -445,23 +445,17 @@ static int prepare_luks( if (!vk) return log_oom(); - e = getenv("PASSWORD"); - if (e) { - _cleanup_(erase_and_freep) char *password = NULL; - - password = strdup(e); - if (!password) - return log_oom(); - - assert_se(unsetenv_erase("PASSWORD") >= 0); - + r = getenv_steal_erase("PASSWORD", &envpw); + if (r < 0) + return log_error_errno(r, "Failed to acquire password from environment: %m"); + if (r > 0) { r = crypt_volume_key_get( cd, CRYPT_ANY_SLOT, vk, &vks, - password, - strlen(password)); + envpw, + strlen(envpw)); if (r < 0) return log_error_errno(r, "Password from environment variable $PASSWORD did not work."); } else { |