=== modified file 'Makefile'
--- Makefile	2008-09-24 23:03:31 +0000
+++ Makefile	2008-09-26 19:47:21 +0000
@@ -56,7 +56,7 @@
 MANPOST=sed --in-place --expression='s,\\\\en,\\en,g;s,\\n,\\en,g'
 
 PLUGINS=plugins.d/password-prompt plugins.d/mandos-client \
-	plugins.d/usplash plugins.d/splashy
+	plugins.d/usplash plugins.d/splashy plugins.d/askpass-fifo
 PROGS=plugin-runner $(PLUGINS)
 DOCS=mandos.8 plugin-runner.8mandos mandos-keygen.8 \
 	plugins.d/mandos-client.8mandos \
@@ -186,6 +186,9 @@
 	install --mode=u=rwxs,go=rx \
 		--target-directory=$(PREFIX)/lib/mandos/plugins.d \
 		plugins.d/splashy
+	install --mode=u=rwxs,go=rx \
+		--target-directory=$(PREFIX)/lib/mandos/plugins.d \
+		plugins.d/askpass-fifo
 	install initramfs-tools-hook \
 		$(INITRAMFSTOOLS)/hooks/mandos
 	install --mode=u=rw,go=r initramfs-tools-hook-conf \

=== modified file 'debian/mandos-client.lintian-overrides'
--- debian/mandos-client.lintian-overrides	2008-09-24 23:12:49 +0000
+++ debian/mandos-client.lintian-overrides	2008-09-26 19:47:21 +0000
@@ -1,6 +1,7 @@
 mandos-client binary: manpage-has-errors-from-man usr/share/man/man8/plugin-runner.8mandos.gz 297: warning [p 4, 5.8i]: can't break line
 mandos-client binary: non-standard-dir-perm etc/keys/mandos/ 0700 != 0755
 mandos-client binary: setuid-binary usr/lib/mandos/plugins.d/mandos-client 4755 root/root
+mandos-client binary: setuid-binary usr/lib/mandos/plugins.d/askpass-fifo 4755 root/root
 mandos-client binary: setuid-binary usr/lib/mandos/plugins.d/splashy 4755 root/root
 mandos-client binary: setuid-binary usr/lib/mandos/plugins.d/usplash 4755 root/root
 mandos-client binary: non-standard-dir-perm usr/lib/mandos/plugins.d/ 0700 != 0755

=== added file 'plugins.d/askpass-fifo.c'
--- plugins.d/askpass-fifo.c	1970-01-01 00:00:00 +0000
+++ plugins.d/askpass-fifo.c	2008-09-26 19:47:21 +0000
@@ -0,0 +1,80 @@
+#define _GNU_SOURCE		/* TEMP_FAILURE_RETRY() */
+#include <sys/types.h>		/* ssize_t */
+#include <sys/stat.h>		/* mkfifo(), S_IRUSR, S_IWUSR */
+#include <iso646.h>		/* and */
+#include <errno.h>		/* errno, EEXIST */
+#include <stdio.h>		/* perror() */
+#include <stdlib.h>		/* EXIT_FAILURE, NULL, size_t, free(), 
+				   realloc(), EXIT_SUCCESS */
+#include <fcntl.h>		/* open(), O_RDONLY */
+#include <unistd.h>		/* read(), close(), write(),
+				   STDOUT_FILENO */
+
+
+int main(__attribute__((unused))int argc,
+	 __attribute__((unused))char **argv){
+  int ret = 0;
+  ssize_t sret;
+  
+  /* Create FIFO */
+  const char passfifo[] = "/lib/cryptsetup/passfifo";
+  ret = TEMP_FAILURE_RETRY(mkfifo(passfifo, S_IRUSR | S_IWUSR));
+  if(ret == -1 and errno != EEXIST){
+    perror("mkfifo");
+    return EXIT_FAILURE;
+  }
+  
+  /* Open FIFO */
+  int fifo_fd = TEMP_FAILURE_RETRY(open(passfifo, O_RDONLY));
+  if(fifo_fd == -1){
+    perror("open");
+    return EXIT_FAILURE;
+  }
+  
+  /* Read from FIFO */
+  char *buf = NULL;
+  size_t buf_len = 0;
+  {
+    size_t buf_allocated = 0;
+    const size_t blocksize = 1024;
+    do{
+      if(buf_len + blocksize > buf_allocated){
+	char *tmp = realloc(buf, buf_allocated + blocksize);
+	if(tmp == NULL){
+	  perror("realloc");
+	  free(buf);
+	  return EXIT_FAILURE;
+	}
+	buf = tmp;
+	buf_allocated += blocksize;
+      }
+      sret = TEMP_FAILURE_RETRY(read(fifo_fd, buf + buf_len,
+				     buf_allocated - buf_len));
+      if(sret == -1){
+	perror("read");
+	free(buf);
+	return EXIT_FAILURE;
+      }
+      buf_len += (size_t)sret;
+    }while(sret != 0);
+  }
+  
+  /* Close FIFO */
+  TEMP_FAILURE_RETRY(close(fifo_fd));
+  
+  /* Print password to stdout */
+  size_t written = 0;
+  while(written < buf_len){
+    sret = TEMP_FAILURE_RETRY(write(STDOUT_FILENO, buf + written,
+				    buf_len - written));
+    if(sret == -1){
+      perror("write");
+      free(buf);
+      return EXIT_FAILURE;
+    }
+    written += (size_t)sret;
+  }
+  free(buf);
+  
+  return EXIT_SUCCESS;
+}