platform/upstream/cryptsetup.git
8 years agoImported Upstream version 1.6.7 91/68991/1 upstream/1.6.7
Kichan Kwon [Wed, 11 May 2016 02:52:46 +0000 (11:52 +0900)]
Imported Upstream version 1.6.7

Change-Id: I7f33776c1d534cf59a8f28b972698ad95240ce5e
Signed-off-by: Kichan Kwon <k_c.kwon@samsung.com>
8 years agoRevert "Imported upstream version 1.6.7" 41/68941/1
Kwon [Tue, 10 May 2016 12:13:56 +0000 (05:13 -0700)]
Revert "Imported upstream version 1.6.7"

This reverts commit a3777a6b2cde2c7133141474dd4c428220a3e9cc.

Change-Id: I5c3c27a5a5677c20afb1a8e69c6ac99785cb37d1

8 years agoImported upstream version 1.6.7 63/68863/1
Kichan Kwon [Tue, 10 May 2016 06:48:59 +0000 (15:48 +0900)]
Imported upstream version 1.6.7

Change-Id: Ibccd9c20d2f467bdafb3eadb136dac955efd8e45
Signed-off-by: Kichan Kwon <k_c.kwon@samsung.com>
11 years agoUpdate nl.po. upstream/1.6
Milan Broz [Mon, 12 Aug 2013 06:15:29 +0000 (08:15 +0200)]
Update nl.po.

11 years agoFix static compilation with OpenSSL.
Milan Broz [Thu, 8 Aug 2013 16:57:45 +0000 (18:57 +0200)]
Fix static compilation with OpenSSL.

Resolves issue#172, see
https://bugs.gentoo.org/show_bug.cgi?id=472692

11 years agoUpdate pl.po.
Milan Broz [Sun, 4 Aug 2013 18:42:32 +0000 (20:42 +0200)]
Update pl.po.

11 years agoDevel version switch.
Milan Broz [Sun, 4 Aug 2013 17:45:37 +0000 (19:45 +0200)]
Devel version switch.

11 years agoVersion 1.6.2.
Milan Broz [Sun, 4 Aug 2013 16:36:09 +0000 (18:36 +0200)]
Version 1.6.2.

11 years agosync with wiki version
wagner [Fri, 2 Aug 2013 21:53:22 +0000 (23:53 +0200)]
sync with wiki version

11 years agoUpdate fr.po.
Milan Broz [Wed, 31 Jul 2013 19:20:14 +0000 (21:20 +0200)]
Update fr.po.

11 years agoUpdate po files.
Milan Broz [Tue, 30 Jul 2013 05:45:12 +0000 (07:45 +0200)]
Update po files.

11 years agoAdd 1.6.2 release notes.
Milan Broz [Sat, 27 Jul 2013 20:59:40 +0000 (22:59 +0200)]
Add 1.6.2 release notes.

Remove some TCRYPT comments from man page (FAQ is better for this).

11 years agoFails if more device arguments are present for isLuks.
Milan Broz [Sat, 27 Jul 2013 10:33:22 +0000 (12:33 +0200)]
Fails if more device arguments are present for isLuks.

Fixes
http://code.google.com/p/cryptsetup/issues/detail?id=165

11 years agoFix sscanf cipher string and avoid warning wih -fsanitize=address.
Milan Broz [Tue, 23 Jul 2013 20:07:13 +0000 (22:07 +0200)]
Fix sscanf cipher string and avoid warning wih -fsanitize=address.

Code need to count terminating zero.

11 years agoUpdate de.po.
Milan Broz [Sun, 14 Jul 2013 09:49:28 +0000 (11:49 +0200)]
Update de.po.

11 years agofixed all items in issue 164
wagner [Wed, 3 Jul 2013 23:03:07 +0000 (01:03 +0200)]
fixed all items in issue 164
Escaped dashes in options, e.g. \-\-iter-time => \-\-iter\-time
to prevent word-breaks at inner dashes.

11 years agoExpanded more on protection of hidden TrueCrypt volumes and
wagner [Tue, 2 Jul 2013 01:23:49 +0000 (03:23 +0200)]
Expanded more on protection of hidden TrueCrypt volumes and
its problems.

11 years agoAdded comment that a hidden volume is unprotected against changes
wagner [Tue, 2 Jul 2013 01:00:02 +0000 (03:00 +0200)]
Added comment that a hidden volume is unprotected against changes
in its outer volume and hence the outer volume should not be mounted.

11 years agoMap TCRYPT system encryption through partition.
Milan Broz [Sun, 30 Jun 2013 08:46:21 +0000 (10:46 +0200)]
Map TCRYPT system encryption through partition.

Kernel doesn't allow mapping through whle device if some
other partition an the device is used.

So first try to find partition device which match
system encryption (== TCRYPT partition system encryption)
and use that.

11 years agoSimplify sysfs helpers.
Milan Broz [Sun, 30 Jun 2013 07:04:00 +0000 (09:04 +0200)]
Simplify sysfs helpers.

11 years agoUse internally common uint64 parsing for sysfs values.
Milan Broz [Sat, 29 Jun 2013 11:06:04 +0000 (13:06 +0200)]
Use internally common uint64 parsing for sysfs values.

11 years agoAdd kernel version to DM debug output.
Milan Broz [Sat, 29 Jun 2013 09:28:33 +0000 (11:28 +0200)]
Add kernel version to DM debug output.

11 years agoFix default modes in man page.
Milan Broz [Fri, 28 Jun 2013 18:39:54 +0000 (20:39 +0200)]
Fix default modes in man page.

11 years agodm-verity: Fix a boundary condition that caused failure for certain device sizes
Mikulas Patocka [Fri, 28 Jun 2013 14:56:31 +0000 (10:56 -0400)]
dm-verity: Fix a boundary condition that caused failure for certain device sizes

On Fri, 28 Jun 2013, Mikulas Patocka wrote:

Fix a boundary condition that caused failure for certain device sizes

The problem is reported at
http://code.google.com/p/cryptsetup/issues/detail?id=160

This is the userspace fix.

Signed-off-by: Mikulas Patocka <mpatocka@redhat.com
11 years agoFix buildsytem to always include config.h.
Cristian Rodríguez [Sat, 22 Jun 2013 02:38:46 +0000 (22:38 -0400)]
Fix buildsytem to always include config.h.

- config.h must always be the first file to be included
- Use AM_CFLAGS and AM_LDFLAGS consistently and properly.

(Modified to disable build without largefile support etc
by Milan Broz <gmazyland@gmail.com>)

11 years agoForce use serial-tests.
Milan Broz [Sun, 23 Jun 2013 14:16:43 +0000 (16:16 +0200)]
Force use serial-tests.

Unfortunately, automake did not provided compatible way,
so if anyone need to use old automake, one line change
in is needed.

11 years agoCopy file in automake, never make symlinks.
Milan Broz [Sun, 23 Jun 2013 13:37:27 +0000 (15:37 +0200)]
Copy file in automake, never make symlinks.

11 years agoPrint a warning if system encryption is used and device is a partition.
Milan Broz [Sun, 23 Jun 2013 13:26:45 +0000 (15:26 +0200)]
Print a warning if system encryption is used and device is a partition.

System encryption hav metadata in space located ouside of
partition itself.

Ideally the check should be automatic but for virtualized systems
(where a partition could be "whole device" for another sustem this
can be dangerous.

11 years agoFix mapping of TCRYPT system encryption for more partitions.
Milan Broz [Sun, 23 Jun 2013 13:24:01 +0000 (15:24 +0200)]
Fix mapping of TCRYPT system encryption for more partitions.

If TCRYPT system encryption uses only partition (not the whole device)
some other partitions could be in use and we have to use
more relaxed check to allow device activation.

11 years agobuild: test byteswap.h and endian.h for bitops.h
Cristian Rodríguez [Mon, 3 Jun 2013 19:27:27 +0000 (15:27 -0400)]
build: test byteswap.h and endian.h for bitops.h

Otherwise the fallback code will be used.

11 years agoDisallow explicit small payload offset for detached header.
Milan Broz [Sat, 11 May 2013 08:59:02 +0000 (10:59 +0200)]
Disallow explicit small payload offset for detached header.

LUKS detached header has some limitations, one of them
is that you cannot run some explicit check for data offsets
without providing also data device.

Because luksDump and all key handle commands takes only
metadata device (LUKS heaer device), it not easy to properly
support data payload offset validation.

So if detached header is present for luksFormat, code now
allows data payload 0 (IOW whole data device is used)
and explicit offset larger than header+keyslots
(the same as the header is on data device - so some space is wasted).

N.B. with detached header the option --align-payload is used
directly without any round up caculations.

Fixes Issue#155.

11 years agosync with Wiki
wagner [Wed, 24 Apr 2013 22:08:42 +0000 (00:08 +0200)]
sync with Wiki

11 years agoUpdate nl.po.
Milan Broz [Sun, 7 Apr 2013 07:33:23 +0000 (09:33 +0200)]
Update nl.po.

11 years agosync with wiki version
wagner [Fri, 5 Apr 2013 09:24:44 +0000 (11:24 +0200)]
sync with wiki version

11 years agoSet devel version.
Milan Broz [Sun, 31 Mar 2013 09:59:54 +0000 (11:59 +0200)]
Set devel version.

11 years agoFix gcc signed/unsigned warning for key length.
Milan Broz [Sun, 31 Mar 2013 09:24:26 +0000 (11:24 +0200)]
Fix gcc signed/unsigned warning for key length.

And always use unsigned int declaration.

11 years agoUpdate vi.po.
Milan Broz [Tue, 26 Mar 2013 20:19:03 +0000 (21:19 +0100)]
Update vi.po.

11 years agoUpdate po files.
Milan Broz [Sun, 24 Mar 2013 22:36:26 +0000 (23:36 +0100)]
Update po files.

11 years agoAdd 1.6.1 release notes.
Milan Broz [Sun, 24 Mar 2013 09:01:34 +0000 (10:01 +0100)]
Add 1.6.1 release notes.

11 years agoUpdate copyright year on changed files.
Milan Broz [Sun, 24 Mar 2013 08:05:33 +0000 (09:05 +0100)]
Update copyright year on changed files.

11 years agoFix loop-AES keyfile parsing.
Milan Broz [Sat, 23 Mar 2013 17:06:27 +0000 (18:06 +0100)]
Fix loop-AES keyfile parsing.

Loop-AES keyfile should be text keyfile,
properly check that keys are terminated and of the same length.

Fixes issue#153.

11 years agoFixed the buit instruction
wagner [Sat, 23 Mar 2013 15:00:58 +0000 (16:00 +0100)]
Fixed the buit instruction
Improved example

11 years agoFix deactivation of device when failed underlying node disappeared
Milan Broz [Sun, 17 Mar 2013 19:54:04 +0000 (20:54 +0100)]
Fix deactivation of device when failed underlying node disappeared

If underlying device disappears (failed drive, removed flash drive etc)
cryptsetup cannot report LUKS parameters (header no longer available).

Fix return code of init_by name in this situation (crypt
context is NULL).

Report visible error if deactivation fails and device is still busy.

Fixes issue#149.

11 years agoDeactivate whole device TCRYPT tree if context is NULL
Milan Broz [Sun, 17 Mar 2013 18:20:42 +0000 (19:20 +0100)]
Deactivate whole device TCRYPT tree if context is NULL

API (unfortunately) supports NULL argument for crypt_deactivate,
with new chained TCRYPT devices it must deactivate all
chained devices as well.

Fixes issue#147.

11 years agoUpdate nl.po.
Milan Broz [Sun, 17 Mar 2013 16:34:41 +0000 (17:34 +0100)]
Update nl.po.

11 years agoUpdate de.po.
Milan Broz [Sun, 10 Mar 2013 15:09:00 +0000 (16:09 +0100)]
Update de.po.

11 years agoReturn EPERM instead EINVAL for too long TCRYPT passphrase.
Milan Broz [Fri, 15 Feb 2013 08:52:22 +0000 (09:52 +0100)]
Return EPERM instead EINVAL for too long TCRYPT passphrase.

11 years agoFix passphrase pool overflow for TCRYPT device id passphrase > pool size.
Milan Broz [Thu, 14 Feb 2013 13:37:50 +0000 (14:37 +0100)]
Fix passphrase pool overflow for TCRYPT device id passphrase > pool size.

TCRYPT format limits passphrase length to max. 64 characters so simply error in this case.

11 years agoMake passphrase prompts more consistent.
Milan Broz [Mon, 11 Feb 2013 13:53:49 +0000 (14:53 +0100)]
Make passphrase prompts more consistent.

Also see http://code.google.com/p/cryptsetup/issues/detail?id=145

11 years agoFix missing headers
John Spencer [Fri, 1 Feb 2013 07:36:36 +0000 (08:36 +0100)]
Fix missing headers

2 header inclusions were missing, one for PATH_MAX (limits.h) and one
for FD_ZERO, FD_SET, ... (sys/select.h)

on glibc, those headers are erroneusly (namespace pollution) pulled in
through other headers, so the author didnt notice.

Signed-Off-By: John Spencer <maillist-cryptsetup@barfooze.de>
11 years agosync with wiki
wagner [Fri, 1 Feb 2013 04:35:36 +0000 (05:35 +0100)]
sync with wiki

11 years agoDo not support user uuid for plain & loopaes devices.
Milan Broz [Tue, 22 Jan 2013 15:20:09 +0000 (16:20 +0100)]
Do not support user uuid for plain & loopaes devices.

This function was not documented.
So now crypt_get_uuid() returns only on-disk UUID.

11 years agoProperly cleanup on interrupt in api-test.
Milan Broz [Wed, 16 Jan 2013 14:28:12 +0000 (15:28 +0100)]
Properly cleanup on interrupt in api-test.

11 years agoSupport test run in kernel FIPS mode.
Milan Broz [Tue, 15 Jan 2013 13:53:19 +0000 (14:53 +0100)]
Support test run in kernel FIPS mode.

11 years agoSet devel version.
Milan Broz [Mon, 14 Jan 2013 11:49:04 +0000 (12:49 +0100)]
Set devel version.

11 years agoFix doxygen doc for libcryptsetup.h.
Milan Broz [Sun, 13 Jan 2013 23:22:50 +0000 (00:22 +0100)]
Fix doxygen doc for libcryptsetup.h.

11 years agoFix tcrypt test header.
Milan Broz [Sun, 13 Jan 2013 22:53:35 +0000 (23:53 +0100)]
Fix tcrypt test header.

11 years agoUse tabs in script.
Milan Broz [Sun, 13 Jan 2013 19:45:55 +0000 (20:45 +0100)]
Use tabs in script.

11 years agoUpdate po files.
Milan Broz [Sun, 13 Jan 2013 18:29:12 +0000 (19:29 +0100)]
Update po files.

11 years agoUpdate bitops.h (stolen from util-linux:).
Milan Broz [Sun, 13 Jan 2013 18:28:36 +0000 (19:28 +0100)]
Update bitops.h (stolen from util-linux:).

11 years agoUpdate po files.
Milan Broz [Fri, 11 Jan 2013 12:03:05 +0000 (13:03 +0100)]
Update po files.

11 years agoFix some extended compile warning.
Milan Broz [Thu, 10 Jan 2013 16:26:19 +0000 (17:26 +0100)]
Fix some extended compile warning.

11 years agoDo not include pbkdf2 prototype in header if code is not compiled in.
Milan Broz [Thu, 10 Jan 2013 15:48:47 +0000 (16:48 +0100)]
Do not include pbkdf2 prototype in header if code is not compiled in.

11 years agoFix null blocks in kernel backend.
Milan Broz [Thu, 10 Jan 2013 14:37:26 +0000 (15:37 +0100)]
Fix null blocks in kernel backend.

11 years agoFix tests to work with pwquality compiled in.
Milan Broz [Thu, 10 Jan 2013 14:34:11 +0000 (15:34 +0100)]
Fix tests to work with pwquality compiled in.

11 years agoAllow to overwrite gcrypt PBKDF2 use for configure.
Milan Broz [Wed, 9 Jan 2013 17:46:38 +0000 (18:46 +0100)]
Allow to overwrite gcrypt PBKDF2 use for configure.

11 years agoPrepare 1.6.0 release.
Milan Broz [Wed, 9 Jan 2013 12:09:41 +0000 (13:09 +0100)]
Prepare 1.6.0 release.

11 years agoSkip test for kernel wihtout autoclear flag.
Milan Broz [Tue, 8 Jan 2013 17:36:52 +0000 (18:36 +0100)]
Skip test for kernel wihtout autoclear flag.

11 years agoWorkaround api-test compilation on some very old systems.
Milan Broz [Tue, 8 Jan 2013 16:41:06 +0000 (17:41 +0100)]
Workaround api-test compilation on some very old systems.

11 years agoProperly specify cipher in tests.
Milan Broz [Tue, 8 Jan 2013 13:45:39 +0000 (14:45 +0100)]
Properly specify cipher in tests.

11 years agoFix displaying of error messages for mising kernel features.
Milan Broz [Tue, 8 Jan 2013 13:19:31 +0000 (14:19 +0100)]
Fix displaying of error messages for mising kernel features.

11 years agoChange LUKS default cipher to aes-xts-plain64 (AES128-XTS).
Milan Broz [Tue, 8 Jan 2013 11:21:30 +0000 (12:21 +0100)]
Change LUKS default cipher to aes-xts-plain64 (AES128-XTS).

11 years agoUpdate po files.
Milan Broz [Sat, 5 Jan 2013 11:51:58 +0000 (12:51 +0100)]
Update po files.

11 years agoProperly initialize pkg-config in autoconf.
Milan Broz [Sat, 5 Jan 2013 11:51:21 +0000 (12:51 +0100)]
Properly initialize pkg-config in autoconf.

11 years agoPrepare supported PBKDF2 implementation autodetection for gcrypt.
Milan Broz [Thu, 3 Jan 2013 13:11:52 +0000 (14:11 +0100)]
Prepare supported PBKDF2 implementation autodetection for gcrypt.

11 years agoUpdate pl.po.
Milan Broz [Wed, 2 Jan 2013 21:46:32 +0000 (22:46 +0100)]
Update pl.po.

11 years agoFix benchmark alignment (wider columns).
Milan Broz [Wed, 2 Jan 2013 20:53:49 +0000 (21:53 +0100)]
Fix benchmark alignment (wider columns).

11 years agoUpdate po files.
Milan Broz [Wed, 2 Jan 2013 12:25:07 +0000 (13:25 +0100)]
Update po files.

11 years agoFix typo
Yuri Chornoivan [Mon, 31 Dec 2012 14:46:59 +0000 (16:46 +0200)]
Fix typo

11 years agoFix autogen script to handle configure.ac.
Milan Broz [Sun, 30 Dec 2012 17:39:48 +0000 (18:39 +0100)]
Fix autogen script to handle configure.ac.

11 years agobuild: use AM_CPPFLAGS instead of INCLUDES
Dave Reisner [Sun, 30 Dec 2012 16:15:34 +0000 (11:15 -0500)]
build: use AM_CPPFLAGS instead of INCLUDES

The latter is marked as deprecated as of automake 1.12.4:

warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')

11 years agobuild: rename configure.in to configure.ac
Dave Reisner [Sun, 30 Dec 2012 16:15:33 +0000 (11:15 -0500)]
build: rename configure.in to configure.ac

With automake 1.13, configure.in is no longer honored.

11 years agoAllow repair of 512bits key header.
Milan Broz [Sun, 30 Dec 2012 17:32:10 +0000 (18:32 +0100)]
Allow repair of 512bits key header.

11 years agoRequire lsblk for tcrypt test.
Milan Broz [Sun, 30 Dec 2012 11:35:35 +0000 (12:35 +0100)]
Require lsblk for tcrypt test.

11 years agoAdd kernel userspace header detection.
Milan Broz [Sun, 30 Dec 2012 11:28:30 +0000 (12:28 +0100)]
Add kernel userspace header detection.
Add --disable-kernel_crypto to allow compilation with old kernel.

11 years agoFix status of device if path argument is used. Fix double path prefix for non-existen...
Milan Broz [Sun, 30 Dec 2012 10:33:24 +0000 (11:33 +0100)]
Fix status of device if path argument is used. Fix double path prefix for non-existent device path.

11 years agoadded warning that previously used containers should
wagner [Sun, 30 Dec 2012 10:39:08 +0000 (11:39 +0100)]
added warning that previously used containers should
be wiped before use as LUKS or plain dm-crypt containers.

11 years agoFix typos in changelog.
Milan Broz [Sat, 29 Dec 2012 21:37:21 +0000 (22:37 +0100)]
Fix typos in changelog.

11 years agoSkip TCRYPT KDF if hash is not available.
Milan Broz [Sat, 29 Dec 2012 19:21:53 +0000 (20:21 +0100)]
Skip TCRYPT KDF if hash is not available.

11 years agoAdd note about pbkdf2 benchmark.
Milan Broz [Sat, 29 Dec 2012 16:40:46 +0000 (17:40 +0100)]
Add note about pbkdf2 benchmark.

11 years agoPrepare version 1.6.0-rc1.
Milan Broz [Sat, 29 Dec 2012 16:21:58 +0000 (17:21 +0100)]
Prepare version 1.6.0-rc1.

11 years agoSupport device/file images if O_DIRECT cannot be used (1.5.1).
Milan Broz [Sat, 29 Dec 2012 14:29:43 +0000 (15:29 +0100)]
Support device/file images if O_DIRECT cannot be used (1.5.1).

On some filesystems (like tmpfs) O_DIRECT cannot be used.
So just try to open device without O_DIRECT in the second try.

11 years agoAdded wipefs as option for fast FS removal in section 2.1
Arno Wagner [Sat, 29 Dec 2012 11:44:40 +0000 (12:44 +0100)]
Added wipefs as option for fast FS removal in section 2.1

11 years agoChange License for sub-libraries from GPLv2 only to LGPLv2.1+ ("or any later")
Milan Broz [Sat, 29 Dec 2012 10:43:52 +0000 (11:43 +0100)]
Change License for sub-libraries from GPLv2 only to LGPLv2.1+ ("or any later")

This includes crypto, loopaes, tcrypt handling code I have written myself
and verity code written originally by Mikulas Patocka and modified by me,
copyright by Red Hat.

Other part of library have to stay GPLv2+ only for now
(no agreement from all authors).

11 years agoChange License from GPLv2 only to GPLv2+ ("or any later").
Milan Broz [Sat, 29 Dec 2012 10:33:54 +0000 (11:33 +0100)]
Change License from GPLv2 only to GPLv2+ ("or any later").

Agreed by all copyright authors.

11 years agoAdd TCRYPT password search example.
Milan Broz [Mon, 24 Dec 2012 21:39:35 +0000 (22:39 +0100)]
Add TCRYPT password search example.

11 years agoFix non-translated messages.
Milan Broz [Mon, 24 Dec 2012 18:32:07 +0000 (19:32 +0100)]
Fix non-translated messages.

11 years agoSynced with WIKI version
wagner [Sat, 29 Dec 2012 06:58:00 +0000 (07:58 +0100)]
Synced with WIKI version

11 years agoAdd basic support for system TCRYPT device.
Milan Broz [Sat, 22 Dec 2012 21:34:09 +0000 (22:34 +0100)]
Add basic support for system TCRYPT device.
Rename option hidden to tcrypt-hidden.

11 years agoAdd copyright line for files I have written or modified.
Milan Broz [Fri, 21 Dec 2012 15:38:13 +0000 (16:38 +0100)]
Add copyright line for files I have written or modified.