wagner [Sat, 23 Mar 2013 15:00:58 +0000 (16:00 +0100)]
Fixed the buit instruction
Improved example
Milan Broz [Sun, 17 Mar 2013 19:54:04 +0000 (20:54 +0100)]
Fix deactivation of device when failed underlying node disappeared
If underlying device disappears (failed drive, removed flash drive etc)
cryptsetup cannot report LUKS parameters (header no longer available).
Fix return code of init_by name in this situation (crypt
context is NULL).
Report visible error if deactivation fails and device is still busy.
Fixes issue#149.
Milan Broz [Sun, 17 Mar 2013 18:20:42 +0000 (19:20 +0100)]
Deactivate whole device TCRYPT tree if context is NULL
API (unfortunately) supports NULL argument for crypt_deactivate,
with new chained TCRYPT devices it must deactivate all
chained devices as well.
Fixes issue#147.
Milan Broz [Sun, 17 Mar 2013 16:34:41 +0000 (17:34 +0100)]
Update nl.po.
Milan Broz [Sun, 10 Mar 2013 15:09:00 +0000 (16:09 +0100)]
Update de.po.
Milan Broz [Fri, 15 Feb 2013 08:52:22 +0000 (09:52 +0100)]
Return EPERM instead EINVAL for too long TCRYPT passphrase.
Milan Broz [Thu, 14 Feb 2013 13:37:50 +0000 (14:37 +0100)]
Fix passphrase pool overflow for TCRYPT device id passphrase > pool size.
TCRYPT format limits passphrase length to max. 64 characters so simply error in this case.
Milan Broz [Mon, 11 Feb 2013 13:53:49 +0000 (14:53 +0100)]
Make passphrase prompts more consistent.
Also see http://code.google.com/p/cryptsetup/issues/detail?id=145
John Spencer [Fri, 1 Feb 2013 07:36:36 +0000 (08:36 +0100)]
Fix missing headers
2 header inclusions were missing, one for PATH_MAX (limits.h) and one
for FD_ZERO, FD_SET, ... (sys/select.h)
on glibc, those headers are erroneusly (namespace pollution) pulled in
through other headers, so the author didnt notice.
Signed-Off-By: John Spencer <maillist-cryptsetup@barfooze.de>
wagner [Fri, 1 Feb 2013 04:35:36 +0000 (05:35 +0100)]
sync with wiki
Milan Broz [Tue, 22 Jan 2013 15:20:09 +0000 (16:20 +0100)]
Do not support user uuid for plain & loopaes devices.
This function was not documented.
So now crypt_get_uuid() returns only on-disk UUID.
Milan Broz [Wed, 16 Jan 2013 14:28:12 +0000 (15:28 +0100)]
Properly cleanup on interrupt in api-test.
Milan Broz [Tue, 15 Jan 2013 13:53:19 +0000 (14:53 +0100)]
Support test run in kernel FIPS mode.
Milan Broz [Mon, 14 Jan 2013 11:49:04 +0000 (12:49 +0100)]
Set devel version.
Milan Broz [Sun, 13 Jan 2013 23:22:50 +0000 (00:22 +0100)]
Fix doxygen doc for libcryptsetup.h.
Milan Broz [Sun, 13 Jan 2013 22:53:35 +0000 (23:53 +0100)]
Fix tcrypt test header.
Milan Broz [Sun, 13 Jan 2013 19:45:55 +0000 (20:45 +0100)]
Use tabs in script.
Milan Broz [Sun, 13 Jan 2013 18:29:12 +0000 (19:29 +0100)]
Update po files.
Milan Broz [Sun, 13 Jan 2013 18:28:36 +0000 (19:28 +0100)]
Update bitops.h (stolen from util-linux:).
Milan Broz [Fri, 11 Jan 2013 12:03:05 +0000 (13:03 +0100)]
Update po files.
Milan Broz [Thu, 10 Jan 2013 16:26:19 +0000 (17:26 +0100)]
Fix some extended compile warning.
Milan Broz [Thu, 10 Jan 2013 15:48:47 +0000 (16:48 +0100)]
Do not include pbkdf2 prototype in header if code is not compiled in.
Milan Broz [Thu, 10 Jan 2013 14:37:26 +0000 (15:37 +0100)]
Fix null blocks in kernel backend.
Milan Broz [Thu, 10 Jan 2013 14:34:11 +0000 (15:34 +0100)]
Fix tests to work with pwquality compiled in.
Milan Broz [Wed, 9 Jan 2013 17:46:38 +0000 (18:46 +0100)]
Allow to overwrite gcrypt PBKDF2 use for configure.
Milan Broz [Wed, 9 Jan 2013 12:09:41 +0000 (13:09 +0100)]
Prepare 1.6.0 release.
Milan Broz [Tue, 8 Jan 2013 17:36:52 +0000 (18:36 +0100)]
Skip test for kernel wihtout autoclear flag.
Milan Broz [Tue, 8 Jan 2013 16:41:06 +0000 (17:41 +0100)]
Workaround api-test compilation on some very old systems.
Milan Broz [Tue, 8 Jan 2013 13:45:39 +0000 (14:45 +0100)]
Properly specify cipher in tests.
Milan Broz [Tue, 8 Jan 2013 13:19:31 +0000 (14:19 +0100)]
Fix displaying of error messages for mising kernel features.
Milan Broz [Tue, 8 Jan 2013 11:21:30 +0000 (12:21 +0100)]
Change LUKS default cipher to aes-xts-plain64 (AES128-XTS).
Milan Broz [Sat, 5 Jan 2013 11:51:58 +0000 (12:51 +0100)]
Update po files.
Milan Broz [Sat, 5 Jan 2013 11:51:21 +0000 (12:51 +0100)]
Properly initialize pkg-config in autoconf.
Milan Broz [Thu, 3 Jan 2013 13:11:52 +0000 (14:11 +0100)]
Prepare supported PBKDF2 implementation autodetection for gcrypt.
Milan Broz [Wed, 2 Jan 2013 21:46:32 +0000 (22:46 +0100)]
Update pl.po.
Milan Broz [Wed, 2 Jan 2013 20:53:49 +0000 (21:53 +0100)]
Fix benchmark alignment (wider columns).
Milan Broz [Wed, 2 Jan 2013 12:25:07 +0000 (13:25 +0100)]
Update po files.
Yuri Chornoivan [Mon, 31 Dec 2012 14:46:59 +0000 (16:46 +0200)]
Fix typo
Milan Broz [Sun, 30 Dec 2012 17:39:48 +0000 (18:39 +0100)]
Fix autogen script to handle configure.ac.
Dave Reisner [Sun, 30 Dec 2012 16:15:34 +0000 (11:15 -0500)]
build: use AM_CPPFLAGS instead of INCLUDES
The latter is marked as deprecated as of automake 1.12.4:
warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
Dave Reisner [Sun, 30 Dec 2012 16:15:33 +0000 (11:15 -0500)]
build: rename configure.in to configure.ac
With automake 1.13, configure.in is no longer honored.
Milan Broz [Sun, 30 Dec 2012 17:32:10 +0000 (18:32 +0100)]
Allow repair of 512bits key header.
Milan Broz [Sun, 30 Dec 2012 11:35:35 +0000 (12:35 +0100)]
Require lsblk for tcrypt test.
Milan Broz [Sun, 30 Dec 2012 11:28:30 +0000 (12:28 +0100)]
Add kernel userspace header detection.
Add --disable-kernel_crypto to allow compilation with old kernel.
Milan Broz [Sun, 30 Dec 2012 10:33:24 +0000 (11:33 +0100)]
Fix status of device if path argument is used. Fix double path prefix for non-existent device path.
wagner [Sun, 30 Dec 2012 10:39:08 +0000 (11:39 +0100)]
added warning that previously used containers should
be wiped before use as LUKS or plain dm-crypt containers.
Milan Broz [Sat, 29 Dec 2012 21:37:21 +0000 (22:37 +0100)]
Fix typos in changelog.
Milan Broz [Sat, 29 Dec 2012 19:21:53 +0000 (20:21 +0100)]
Skip TCRYPT KDF if hash is not available.
Milan Broz [Sat, 29 Dec 2012 16:40:46 +0000 (17:40 +0100)]
Add note about pbkdf2 benchmark.
Milan Broz [Sat, 29 Dec 2012 16:21:58 +0000 (17:21 +0100)]
Prepare version 1.6.0-rc1.
Milan Broz [Sat, 29 Dec 2012 14:29:43 +0000 (15:29 +0100)]
Support device/file images if O_DIRECT cannot be used (1.5.1).
On some filesystems (like tmpfs) O_DIRECT cannot be used.
So just try to open device without O_DIRECT in the second try.
Arno Wagner [Sat, 29 Dec 2012 11:44:40 +0000 (12:44 +0100)]
Added wipefs as option for fast FS removal in section 2.1
Milan Broz [Sat, 29 Dec 2012 10:43:52 +0000 (11:43 +0100)]
Change License for sub-libraries from GPLv2 only to LGPLv2.1+ ("or any later")
This includes crypto, loopaes, tcrypt handling code I have written myself
and verity code written originally by Mikulas Patocka and modified by me,
copyright by Red Hat.
Other part of library have to stay GPLv2+ only for now
(no agreement from all authors).
Milan Broz [Sat, 29 Dec 2012 10:33:54 +0000 (11:33 +0100)]
Change License from GPLv2 only to GPLv2+ ("or any later").
Agreed by all copyright authors.
Milan Broz [Mon, 24 Dec 2012 21:39:35 +0000 (22:39 +0100)]
Add TCRYPT password search example.
Milan Broz [Mon, 24 Dec 2012 18:32:07 +0000 (19:32 +0100)]
Fix non-translated messages.
wagner [Sat, 29 Dec 2012 06:58:00 +0000 (07:58 +0100)]
Synced with WIKI version
Milan Broz [Sat, 22 Dec 2012 21:34:09 +0000 (22:34 +0100)]
Add basic support for system TCRYPT device.
Rename option hidden to tcrypt-hidden.
Milan Broz [Fri, 21 Dec 2012 15:38:13 +0000 (16:38 +0100)]
Add copyright line for files I have written or modified.
Milan Broz [Fri, 21 Dec 2012 15:27:55 +0000 (16:27 +0100)]
Add crypt_keyslot_change_by_passphrase() api test.
Milan Broz [Fri, 21 Dec 2012 14:16:04 +0000 (15:16 +0100)]
Update fi.po (1.5.1).
Milan Broz [Fri, 21 Dec 2012 14:13:36 +0000 (15:13 +0100)]
Update TODO.
Milan Broz [Fri, 21 Dec 2012 14:08:35 +0000 (15:08 +0100)]
Do not maintain ChangeLog anymore, see git log.
Milan Broz [Wed, 19 Dec 2012 17:54:00 +0000 (18:54 +0100)]
Add utils_password.c to po files list.
Milan Broz [Wed, 19 Dec 2012 17:49:50 +0000 (18:49 +0100)]
Fix static build with pwquality (until it provides proper pkgconfig).
Milan Broz [Wed, 19 Dec 2012 16:25:11 +0000 (17:25 +0100)]
Add optional libpwquality support for new LUKS passwords.
If password is entered through terminal (no keyfile specified)
and cryptsetup is compiled with --enable-pwquality, default
system pwquality settings are used to check password quality.
Milan Broz [Wed, 19 Dec 2012 14:27:29 +0000 (15:27 +0100)]
Prepare cryptsetup functions for pwquality check.
Milan Broz [Wed, 19 Dec 2012 12:19:05 +0000 (13:19 +0100)]
Fix regression in header backup (1.5.1).
Access to backup file must handle write to regular files too.
Milan Broz [Mon, 17 Dec 2012 15:10:39 +0000 (16:10 +0100)]
Fix time of check/use Coverity report in cryptsetup-reencrypt.
Milan Broz [Mon, 17 Dec 2012 14:50:42 +0000 (15:50 +0100)]
Fix time of check/use Coverity report in veritysetup.
Milan Broz [Mon, 17 Dec 2012 14:35:33 +0000 (15:35 +0100)]
Fix time of check/use Coverity report (and ignore another) in loop/wipe utils.
Milan Broz [Mon, 17 Dec 2012 14:19:57 +0000 (15:19 +0100)]
Fix time of check/use Coverity report (and ignore another) in device utils.
Milan Broz [Mon, 17 Dec 2012 13:05:45 +0000 (14:05 +0100)]
Do not use stat for backup commands.
Milan Broz [Mon, 17 Dec 2012 08:54:10 +0000 (09:54 +0100)]
Add fixme for ETA calculation.
Milan Broz [Fri, 14 Dec 2012 13:48:36 +0000 (14:48 +0100)]
Add verbose messages during reencryption to avoid confusion.
Milan Broz [Tue, 11 Dec 2012 18:01:46 +0000 (19:01 +0100)]
Handle signals in tool context.
Milan Broz [Tue, 11 Dec 2012 14:40:42 +0000 (15:40 +0100)]
Move signal handling into common utils code.
Milan Broz [Tue, 11 Dec 2012 14:39:47 +0000 (15:39 +0100)]
Remove signal handling from LUKS keyencryption and simplify code.
Milan Broz [Mon, 10 Dec 2012 16:47:06 +0000 (17:47 +0100)]
Get page size should never fail (in the works case it fails later with wrong alignment).
Milan Broz [Mon, 10 Dec 2012 16:28:52 +0000 (17:28 +0100)]
Fix some problems found by Coverity scan.
Milan Broz [Mon, 10 Dec 2012 15:36:22 +0000 (16:36 +0100)]
TCRYPT: properly wipe all buffers; use prefix for all functions.
Milan Broz [Sat, 8 Dec 2012 00:31:38 +0000 (01:31 +0100)]
Require params for crypt_load & TCRYPT type.
Milan Broz [Fri, 7 Dec 2012 14:57:00 +0000 (15:57 +0100)]
Merge branch 'master' of https://code.google.com/p/cryptsetup
Milan Broz [Fri, 7 Dec 2012 14:55:56 +0000 (15:55 +0100)]
Disallow header restore if context is nonLUKS device.
Milan Broz [Fri, 7 Dec 2012 14:29:44 +0000 (15:29 +0100)]
Move change key into library (add crypt_keyslot_change_by_passphrase).
This change is useful mainly in FIPS mode, where we cannot
extract volume key directly from libcryptsetup.
wagner [Thu, 6 Dec 2012 15:24:16 +0000 (16:24 +0100)]
synced with web-version
Milan Broz [Wed, 5 Dec 2012 19:43:06 +0000 (20:43 +0100)]
Add man page description for KDF benchmark.
Milan Broz [Wed, 5 Dec 2012 19:35:42 +0000 (20:35 +0100)]
Add PBKDF2 benchmark.
Milan Broz [Mon, 3 Dec 2012 15:14:56 +0000 (16:14 +0100)]
Use union instead of replicated attributes.
Milan Broz [Mon, 3 Dec 2012 12:23:14 +0000 (13:23 +0100)]
Document new basic commands open/close (and old syntax aliases).
Milan Broz [Sun, 2 Dec 2012 21:27:19 +0000 (22:27 +0100)]
Remove some gcc extra warnings (signed/unsigned problems etc).
Milan Broz [Sun, 2 Dec 2012 20:21:14 +0000 (21:21 +0100)]
Add TCRYPT documentation,
Milan Broz [Sun, 2 Dec 2012 19:27:45 +0000 (20:27 +0100)]
Add master key dump option for tcryptDump.
Milan Broz [Sun, 2 Dec 2012 19:11:10 +0000 (20:11 +0100)]
cryptsetup: remove useless arg for action functions.
Milan Broz [Sun, 2 Dec 2012 18:58:52 +0000 (19:58 +0100)]
Add new commands open/close and make aliases.
open aliases : create, plainOpen, luksOpen, loopaesOpen, tcryptOpen
close aliases: remove, plainClose, luksClose, loopaesClose, tcryptClose
Milan Broz [Sat, 1 Dec 2012 13:32:01 +0000 (14:32 +0100)]
Fix (stupid) crc32 keyfile endianess bug.
Milan Broz [Sat, 1 Dec 2012 12:43:59 +0000 (13:43 +0100)]
Add keyfiles tcrypt test.
Milan Broz [Fri, 30 Nov 2012 17:53:32 +0000 (18:53 +0100)]
And skip tcrypt api test if there is no af_alf kernel interface.
Milan Broz [Fri, 30 Nov 2012 17:41:10 +0000 (18:41 +0100)]
Add TCRYPT api test, fix some minor problems found.
Milan Broz [Fri, 30 Nov 2012 16:05:03 +0000 (17:05 +0100)]
Add missing pbkdf check file.