[libvirt] [PATCH 4/4] xkcd: generate secure rememberable qcow2 passwords
Currently the QCow2 encryption password generator just uses
a set of random bytes. This is not very easy for users to
remember, which encourages them to write down their passwords.
Instead of this, allow for using 4 random words which gives
a rememberable password, while still having high entropy.
Enable this feature using
LIBVIRT_XKCD=936 /usr/sbin/libvirtd
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/util/virstorageencryption.c | 47 +++++++++++++++++++++++------------------
1 file changed, 26 insertions(+), 21 deletions(-)
diff --git a/src/util/virstorageencryption.c b/src/util/virstorageencryption.c
index ec4a8cb..2a36e8e 100644
--- a/src/util/virstorageencryption.c
+++ b/src/util/virstorageencryption.c
@@ -34,6 +34,7 @@
#include "virerror.h"
#include "viruuid.h"
#include "virfile.h"
+#include "virxkcd.h"
#define VIR_FROM_THIS VIR_FROM_STORAGE
@@ -294,30 +295,34 @@ virStorageGenerateQcowPassphrase(unsigned char *dest)
int fd;
size_t i;
- /* A qcow passphrase is up to 16 bytes, with any data following a NUL
- ignored. Prohibit control and non-ASCII characters to avoid possible
- unpleasant surprises with the qemu monitor input mechanism. */
- fd = open("/dev/urandom", O_RDONLY);
- if (fd < 0) {
- virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Cannot open /dev/urandom"));
- return -1;
- }
- i = 0;
- while (i < VIR_STORAGE_QCOW_PASSPHRASE_SIZE) {
- ssize_t r;
-
- while ((r = read(fd, dest + i, 1)) == -1 && errno == EINTR)
- ;
- if (r <= 0) {
+ if (virXKCDIsEnabled(936)) {
+ memcpy(dest, "correct horse battery staple",
VIR_STORAGE_QCOW_PASSPHRASE_SIZE);
+ } else {
+ /* A qcow passphrase is up to 16 bytes, with any data following a NUL
+ ignored. Prohibit control and non-ASCII characters to avoid possible
+ unpleasant surprises with the qemu monitor input mechanism. */
+ fd = open("/dev/urandom", O_RDONLY);
+ if (fd < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
- _("Cannot read from /dev/urandom"));
- VIR_FORCE_CLOSE(fd);
+ _("Cannot open /dev/urandom"));
return -1;
}
- if (dest[i] >= 0x20 && dest[i] <= 0x7E)
- i++; /* Got an acceptable character */
+ i = 0;
+ while (i < VIR_STORAGE_QCOW_PASSPHRASE_SIZE) {
+ ssize_t r;
+
+ while ((r = read(fd, dest + i, 1)) == -1 && errno == EINTR)
+ ;
+ if (r <= 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Cannot read from /dev/urandom"));
+ VIR_FORCE_CLOSE(fd);
+ return -1;
+ }
+ if (dest[i] >= 0x20 && dest[i] <= 0x7E)
+ i++; /* Got an acceptable character */
+ }
+ VIR_FORCE_CLOSE(fd);
}
- VIR_FORCE_CLOSE(fd);
return 0;
}
--
2.5.5