Milan Broz [Thu, 10 Jan 2013 14:37:26 +0000 (15:37 +0100)]
Fix null blocks in kernel backend.
Milan Broz [Thu, 10 Jan 2013 14:34:11 +0000 (15:34 +0100)]
Fix tests to work with pwquality compiled in.
Milan Broz [Wed, 9 Jan 2013 17:46:38 +0000 (18:46 +0100)]
Allow to overwrite gcrypt PBKDF2 use for configure.
Milan Broz [Wed, 9 Jan 2013 12:09:41 +0000 (13:09 +0100)]
Prepare 1.6.0 release.
Milan Broz [Tue, 8 Jan 2013 17:36:52 +0000 (18:36 +0100)]
Skip test for kernel wihtout autoclear flag.
Milan Broz [Tue, 8 Jan 2013 16:41:06 +0000 (17:41 +0100)]
Workaround api-test compilation on some very old systems.
Milan Broz [Tue, 8 Jan 2013 13:45:39 +0000 (14:45 +0100)]
Properly specify cipher in tests.
Milan Broz [Tue, 8 Jan 2013 13:19:31 +0000 (14:19 +0100)]
Fix displaying of error messages for mising kernel features.
Milan Broz [Tue, 8 Jan 2013 11:21:30 +0000 (12:21 +0100)]
Change LUKS default cipher to aes-xts-plain64 (AES128-XTS).
Milan Broz [Sat, 5 Jan 2013 11:51:58 +0000 (12:51 +0100)]
Update po files.
Milan Broz [Sat, 5 Jan 2013 11:51:21 +0000 (12:51 +0100)]
Properly initialize pkg-config in autoconf.
Milan Broz [Thu, 3 Jan 2013 13:11:52 +0000 (14:11 +0100)]
Prepare supported PBKDF2 implementation autodetection for gcrypt.
Milan Broz [Wed, 2 Jan 2013 21:46:32 +0000 (22:46 +0100)]
Update pl.po.
Milan Broz [Wed, 2 Jan 2013 20:53:49 +0000 (21:53 +0100)]
Fix benchmark alignment (wider columns).
Milan Broz [Wed, 2 Jan 2013 12:25:07 +0000 (13:25 +0100)]
Update po files.
Yuri Chornoivan [Mon, 31 Dec 2012 14:46:59 +0000 (16:46 +0200)]
Fix typo
Milan Broz [Sun, 30 Dec 2012 17:39:48 +0000 (18:39 +0100)]
Fix autogen script to handle configure.ac.
Dave Reisner [Sun, 30 Dec 2012 16:15:34 +0000 (11:15 -0500)]
build: use AM_CPPFLAGS instead of INCLUDES
The latter is marked as deprecated as of automake 1.12.4:
warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
Dave Reisner [Sun, 30 Dec 2012 16:15:33 +0000 (11:15 -0500)]
build: rename configure.in to configure.ac
With automake 1.13, configure.in is no longer honored.
Milan Broz [Sun, 30 Dec 2012 17:32:10 +0000 (18:32 +0100)]
Allow repair of 512bits key header.
Milan Broz [Sun, 30 Dec 2012 11:35:35 +0000 (12:35 +0100)]
Require lsblk for tcrypt test.
Milan Broz [Sun, 30 Dec 2012 11:28:30 +0000 (12:28 +0100)]
Add kernel userspace header detection.
Add --disable-kernel_crypto to allow compilation with old kernel.
Milan Broz [Sun, 30 Dec 2012 10:33:24 +0000 (11:33 +0100)]
Fix status of device if path argument is used. Fix double path prefix for non-existent device path.
wagner [Sun, 30 Dec 2012 10:39:08 +0000 (11:39 +0100)]
added warning that previously used containers should
be wiped before use as LUKS or plain dm-crypt containers.
Milan Broz [Sat, 29 Dec 2012 21:37:21 +0000 (22:37 +0100)]
Fix typos in changelog.
Milan Broz [Sat, 29 Dec 2012 19:21:53 +0000 (20:21 +0100)]
Skip TCRYPT KDF if hash is not available.
Milan Broz [Sat, 29 Dec 2012 16:40:46 +0000 (17:40 +0100)]
Add note about pbkdf2 benchmark.
Milan Broz [Sat, 29 Dec 2012 16:21:58 +0000 (17:21 +0100)]
Prepare version 1.6.0-rc1.
Milan Broz [Sat, 29 Dec 2012 14:29:43 +0000 (15:29 +0100)]
Support device/file images if O_DIRECT cannot be used (1.5.1).
On some filesystems (like tmpfs) O_DIRECT cannot be used.
So just try to open device without O_DIRECT in the second try.
Arno Wagner [Sat, 29 Dec 2012 11:44:40 +0000 (12:44 +0100)]
Added wipefs as option for fast FS removal in section 2.1
Milan Broz [Sat, 29 Dec 2012 10:43:52 +0000 (11:43 +0100)]
Change License for sub-libraries from GPLv2 only to LGPLv2.1+ ("or any later")
This includes crypto, loopaes, tcrypt handling code I have written myself
and verity code written originally by Mikulas Patocka and modified by me,
copyright by Red Hat.
Other part of library have to stay GPLv2+ only for now
(no agreement from all authors).
Milan Broz [Sat, 29 Dec 2012 10:33:54 +0000 (11:33 +0100)]
Change License from GPLv2 only to GPLv2+ ("or any later").
Agreed by all copyright authors.
Milan Broz [Mon, 24 Dec 2012 21:39:35 +0000 (22:39 +0100)]
Add TCRYPT password search example.
Milan Broz [Mon, 24 Dec 2012 18:32:07 +0000 (19:32 +0100)]
Fix non-translated messages.
wagner [Sat, 29 Dec 2012 06:58:00 +0000 (07:58 +0100)]
Synced with WIKI version
Milan Broz [Sat, 22 Dec 2012 21:34:09 +0000 (22:34 +0100)]
Add basic support for system TCRYPT device.
Rename option hidden to tcrypt-hidden.
Milan Broz [Fri, 21 Dec 2012 15:38:13 +0000 (16:38 +0100)]
Add copyright line for files I have written or modified.
Milan Broz [Fri, 21 Dec 2012 15:27:55 +0000 (16:27 +0100)]
Add crypt_keyslot_change_by_passphrase() api test.
Milan Broz [Fri, 21 Dec 2012 14:16:04 +0000 (15:16 +0100)]
Update fi.po (1.5.1).
Milan Broz [Fri, 21 Dec 2012 14:13:36 +0000 (15:13 +0100)]
Update TODO.
Milan Broz [Fri, 21 Dec 2012 14:08:35 +0000 (15:08 +0100)]
Do not maintain ChangeLog anymore, see git log.
Milan Broz [Wed, 19 Dec 2012 17:54:00 +0000 (18:54 +0100)]
Add utils_password.c to po files list.
Milan Broz [Wed, 19 Dec 2012 17:49:50 +0000 (18:49 +0100)]
Fix static build with pwquality (until it provides proper pkgconfig).
Milan Broz [Wed, 19 Dec 2012 16:25:11 +0000 (17:25 +0100)]
Add optional libpwquality support for new LUKS passwords.
If password is entered through terminal (no keyfile specified)
and cryptsetup is compiled with --enable-pwquality, default
system pwquality settings are used to check password quality.
Milan Broz [Wed, 19 Dec 2012 14:27:29 +0000 (15:27 +0100)]
Prepare cryptsetup functions for pwquality check.
Milan Broz [Wed, 19 Dec 2012 12:19:05 +0000 (13:19 +0100)]
Fix regression in header backup (1.5.1).
Access to backup file must handle write to regular files too.
Milan Broz [Mon, 17 Dec 2012 15:10:39 +0000 (16:10 +0100)]
Fix time of check/use Coverity report in cryptsetup-reencrypt.
Milan Broz [Mon, 17 Dec 2012 14:50:42 +0000 (15:50 +0100)]
Fix time of check/use Coverity report in veritysetup.
Milan Broz [Mon, 17 Dec 2012 14:35:33 +0000 (15:35 +0100)]
Fix time of check/use Coverity report (and ignore another) in loop/wipe utils.
Milan Broz [Mon, 17 Dec 2012 14:19:57 +0000 (15:19 +0100)]
Fix time of check/use Coverity report (and ignore another) in device utils.
Milan Broz [Mon, 17 Dec 2012 13:05:45 +0000 (14:05 +0100)]
Do not use stat for backup commands.
Milan Broz [Mon, 17 Dec 2012 08:54:10 +0000 (09:54 +0100)]
Add fixme for ETA calculation.
Milan Broz [Fri, 14 Dec 2012 13:48:36 +0000 (14:48 +0100)]
Add verbose messages during reencryption to avoid confusion.
Milan Broz [Tue, 11 Dec 2012 18:01:46 +0000 (19:01 +0100)]
Handle signals in tool context.
Milan Broz [Tue, 11 Dec 2012 14:40:42 +0000 (15:40 +0100)]
Move signal handling into common utils code.
Milan Broz [Tue, 11 Dec 2012 14:39:47 +0000 (15:39 +0100)]
Remove signal handling from LUKS keyencryption and simplify code.
Milan Broz [Mon, 10 Dec 2012 16:47:06 +0000 (17:47 +0100)]
Get page size should never fail (in the works case it fails later with wrong alignment).
Milan Broz [Mon, 10 Dec 2012 16:28:52 +0000 (17:28 +0100)]
Fix some problems found by Coverity scan.
Milan Broz [Mon, 10 Dec 2012 15:36:22 +0000 (16:36 +0100)]
TCRYPT: properly wipe all buffers; use prefix for all functions.
Milan Broz [Sat, 8 Dec 2012 00:31:38 +0000 (01:31 +0100)]
Require params for crypt_load & TCRYPT type.
Milan Broz [Fri, 7 Dec 2012 14:57:00 +0000 (15:57 +0100)]
Merge branch 'master' of https://code.google.com/p/cryptsetup
Milan Broz [Fri, 7 Dec 2012 14:55:56 +0000 (15:55 +0100)]
Disallow header restore if context is nonLUKS device.
Milan Broz [Fri, 7 Dec 2012 14:29:44 +0000 (15:29 +0100)]
Move change key into library (add crypt_keyslot_change_by_passphrase).
This change is useful mainly in FIPS mode, where we cannot
extract volume key directly from libcryptsetup.
wagner [Thu, 6 Dec 2012 15:24:16 +0000 (16:24 +0100)]
synced with web-version
Milan Broz [Wed, 5 Dec 2012 19:43:06 +0000 (20:43 +0100)]
Add man page description for KDF benchmark.
Milan Broz [Wed, 5 Dec 2012 19:35:42 +0000 (20:35 +0100)]
Add PBKDF2 benchmark.
Milan Broz [Mon, 3 Dec 2012 15:14:56 +0000 (16:14 +0100)]
Use union instead of replicated attributes.
Milan Broz [Mon, 3 Dec 2012 12:23:14 +0000 (13:23 +0100)]
Document new basic commands open/close (and old syntax aliases).
Milan Broz [Sun, 2 Dec 2012 21:27:19 +0000 (22:27 +0100)]
Remove some gcc extra warnings (signed/unsigned problems etc).
Milan Broz [Sun, 2 Dec 2012 20:21:14 +0000 (21:21 +0100)]
Add TCRYPT documentation,
Milan Broz [Sun, 2 Dec 2012 19:27:45 +0000 (20:27 +0100)]
Add master key dump option for tcryptDump.
Milan Broz [Sun, 2 Dec 2012 19:11:10 +0000 (20:11 +0100)]
cryptsetup: remove useless arg for action functions.
Milan Broz [Sun, 2 Dec 2012 18:58:52 +0000 (19:58 +0100)]
Add new commands open/close and make aliases.
open aliases : create, plainOpen, luksOpen, loopaesOpen, tcryptOpen
close aliases: remove, plainClose, luksClose, loopaesClose, tcryptClose
Milan Broz [Sat, 1 Dec 2012 13:32:01 +0000 (14:32 +0100)]
Fix (stupid) crc32 keyfile endianess bug.
Milan Broz [Sat, 1 Dec 2012 12:43:59 +0000 (13:43 +0100)]
Add keyfiles tcrypt test.
Milan Broz [Fri, 30 Nov 2012 17:53:32 +0000 (18:53 +0100)]
And skip tcrypt api test if there is no af_alf kernel interface.
Milan Broz [Fri, 30 Nov 2012 17:41:10 +0000 (18:41 +0100)]
Add TCRYPT api test, fix some minor problems found.
Milan Broz [Fri, 30 Nov 2012 16:05:03 +0000 (17:05 +0100)]
Add missing pbkdf check file.
Milan Broz [Fri, 30 Nov 2012 14:08:39 +0000 (15:08 +0100)]
Add sys/types.h for loop wrapper (required on new systems).
Milan Broz [Fri, 30 Nov 2012 14:03:01 +0000 (15:03 +0100)]
Better tcrypt test options.
Milan Broz [Fri, 30 Nov 2012 12:52:03 +0000 (13:52 +0100)]
And fix previous comment once more... :)
Milan Broz [Fri, 30 Nov 2012 12:37:14 +0000 (13:37 +0100)]
Fix skcipher failure handling.
Milan Broz [Thu, 29 Nov 2012 17:01:02 +0000 (18:01 +0100)]
Handle kernel crypto api init failure better.
Milan Broz [Tue, 27 Nov 2012 18:13:56 +0000 (19:13 +0100)]
Fix po files.
Milan Broz [Tue, 27 Nov 2012 18:08:10 +0000 (19:08 +0100)]
TCRYPT: add simple test and image archive.
Milan Broz [Tue, 27 Nov 2012 16:13:53 +0000 (17:13 +0100)]
TCRYPT: fix activation and hidden device offsets.
Milan Broz [Mon, 26 Nov 2012 12:15:08 +0000 (13:15 +0100)]
TCRYPT: add backup header option.
Milan Broz [Sun, 25 Nov 2012 22:43:14 +0000 (23:43 +0100)]
Remove test dir during cleanup.
Milan Broz [Sun, 25 Nov 2012 21:53:11 +0000 (22:53 +0100)]
Fix blockwise read/write for end writes near end of device.
Ignore setpriority failure (will be remoced later anyway).
Milan Broz [Sun, 25 Nov 2012 01:23:46 +0000 (02:23 +0100)]
TCRYPT: simplify code, support blowfish chains for header
Milan Broz [Fri, 23 Nov 2012 16:31:41 +0000 (17:31 +0100)]
Remove trailing spaces from manpage, add usage and help option.
Milan Broz [Fri, 23 Nov 2012 16:10:57 +0000 (17:10 +0100)]
TCRYPT: add dump command
Milan Broz [Fri, 23 Nov 2012 14:20:46 +0000 (15:20 +0100)]
TCRYPT: support crypt_volume_key_get
Milan Broz [Fri, 23 Nov 2012 12:46:23 +0000 (13:46 +0100)]
TCRYPT: show proper device in status for chained mode
Milan Broz [Fri, 23 Nov 2012 12:01:43 +0000 (13:01 +0100)]
TCRYPT: move all header handling into library.
Add warning about unsupported modes.
Milan Broz [Thu, 22 Nov 2012 16:28:03 +0000 (17:28 +0100)]
TCRYPT: parse cipher chain on init.
Milan Broz [Thu, 22 Nov 2012 13:19:43 +0000 (14:19 +0100)]
TCRYPT: support proper device removal
Daniel Kahn Gillmor [Tue, 20 Nov 2012 18:43:28 +0000 (13:43 -0500)]
make default LUKS PBKDF2 iteration time configurable
Milan Broz [Sun, 18 Nov 2012 17:31:17 +0000 (18:31 +0100)]
TCRYPT: implement (most of) legacy modes support.
Milan Broz [Fri, 16 Nov 2012 13:57:05 +0000 (14:57 +0100)]
TCRYPT: support keyfiles