diff --git a/cryptsetup-1.0.5-run_udevsettle.patch b/cryptsetup-1.0.5-run_udevsettle.patch index d466f51..01cbf12 100644 --- a/cryptsetup-1.0.5-run_udevsettle.patch +++ b/cryptsetup-1.0.5-run_udevsettle.patch @@ -1,7 +1,17 @@ -Index: cryptsetup-1.0.5/lib/libdevmapper.c -=================================================================== ---- cryptsetup-1.0.5.orig/lib/libdevmapper.c -+++ cryptsetup-1.0.5/lib/libdevmapper.c + + +From: Matthias Koenig + + +--- + + lib/libdevmapper.c | 10 ++++++++++ + 1 files changed, 10 insertions(+), 0 deletions(-) + +diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c +index 676064a..f18b7a1 100644 +--- a/lib/libdevmapper.c ++++ b/lib/libdevmapper.c @@ -18,6 +18,13 @@ #define CRYPT_TARGET "crypt" @@ -16,7 +26,7 @@ Index: cryptsetup-1.0.5/lib/libdevmapper.c static void set_dm_error(int level, const char *file, int line, const char *f, ...) { -@@ -184,6 +191,9 @@ static int dm_create_device(int reload, +@@ -184,6 +191,9 @@ static int dm_create_device(int reload, struct crypt_options *options, if (dmi.read_only) options->flags |= CRYPT_FLAG_READONLY; diff --git a/cryptsetup-1.0.5.tar.bz2 b/cryptsetup-1.0.5.tar.bz2 deleted file mode 100644 index d57250c..0000000 --- a/cryptsetup-1.0.5.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4bab529afa00cafde3bc5df2769578c88438f80c5152d4257cd0e86986f95bc4 -size 322394 diff --git a/cryptsetup-1.0.5_SVNr31.tar.bz2 b/cryptsetup-1.0.5_SVNr31.tar.bz2 new file mode 100644 index 0000000..07c3395 --- /dev/null +++ b/cryptsetup-1.0.5_SVNr31.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:87b342eb6ba641e694121e40a7aff3ac86df642f5450c047958b1e92cb215510 +size 415998 diff --git a/cryptsetup-luks-implicit-declarations.diff b/cryptsetup-luks-implicit-declarations.diff index 0ecee26..cd02ea1 100644 --- a/cryptsetup-luks-implicit-declarations.diff +++ b/cryptsetup-luks-implicit-declarations.diff @@ -1,12 +1,25 @@ fix implicit function declarations -Signed-off-by: Ludwig Nussel +From: Ludwig Nussel -Index: cryptsetup-luks-1.0.4_SVN30/lib/internal.h -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/internal.h -+++ cryptsetup-luks-1.0.4_SVN30/lib/internal.h -@@ -62,6 +62,9 @@ int hash(const char *backend_name, const +Signed-off-by: Ludwig Nussel +--- + + lib/internal.h | 13 +++++++++++++ + lib/libcryptsetup.h | 5 ++++- + lib/utils.c | 1 + + luks/af.c | 1 + + luks/keyencryption.c | 6 ------ + luks/keymanage.c | 10 ---------- + luks/luks.h | 1 + + src/cryptsetup.c | 4 ++++ + 8 files changed, 24 insertions(+), 17 deletions(-) + +diff --git a/lib/internal.h b/lib/internal.h +index 8877c01..7a7354e 100644 +--- a/lib/internal.h ++++ b/lib/internal.h +@@ -62,6 +62,9 @@ int hash(const char *backend_name, const char *hash_name, struct setup_backend *get_setup_backend(const char *name); void put_setup_backend(struct setup_backend *backend); @@ -16,11 +29,32 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/internal.h ssize_t write_blockwise(int fd, const void *buf, size_t count); ssize_t read_blockwise(int fd, void *_buf, size_t count); ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offset); -Index: cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/libcryptsetup.h -+++ cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h -@@ -45,6 +45,8 @@ int crypt_luksDelKey(struct crypt_option +@@ -69,4 +72,14 @@ ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offse + + int get_key(char *prompt, char **key, int *passLen, int key_size, const char *key_file, int passphrase_fd, int timeout, int how2verify); + ++#define div_round_up(a,b) ({ \ ++ typeof(a) __a = (a); \ ++ typeof(b) __b = (b); \ ++ (__a - 1) / __b + 1; \ ++}) ++ ++static inline int round_up_modulo(int x, int m) { ++ return div_round_up(x, m) * m; ++} ++ + #endif /* INTERNAL_H */ +diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h +index 53846ef..69b9ba4 100644 +--- a/lib/libcryptsetup.h ++++ b/lib/libcryptsetup.h +@@ -53,10 +53,13 @@ int crypt_query_device(struct crypt_options *options); + int crypt_remove_device(struct crypt_options *options); + int crypt_luksInit(struct crypt_options *options); + int crypt_luksOpen(struct crypt_options *options); +-int crypt_luksDelKey(struct crypt_options *options); ++int crypt_luksKillSlot(struct crypt_options *options); ++int crypt_luksRemoveKey(struct crypt_options *options); int crypt_luksAddKey(struct crypt_options *options); int crypt_luksUUID(struct crypt_options *options); int crypt_isLuks(struct crypt_options *options); @@ -29,35 +63,22 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h void crypt_get_error(char *buf, size_t size); void crypt_put_options(struct crypt_options *options); -Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c -@@ -107,7 +107,7 @@ static int interactive_pass(const char * - { - struct termios orig, tmp; - int failed = -1; -- int infd, outfd; -+ int infd = STDIN_FILENO, outfd; - - if (maxlen < 1) - goto out_err; -Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c +diff --git a/lib/utils.c b/lib/utils.c +index 23ddae1..718d418 100644 +--- a/lib/utils.c ++++ b/lib/utils.c @@ -9,6 +9,7 @@ #include #include #include +#include #include + #include - #include "libcryptsetup.h" -Index: cryptsetup-luks-1.0.4_SVN30/luks/af.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/af.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/af.c +diff --git a/luks/af.c b/luks/af.c +index 7166669..66c4861 100644 +--- a/luks/af.c ++++ b/luks/af.c @@ -30,6 +30,7 @@ #include #include "sha1.h" @@ -66,37 +87,58 @@ Index: cryptsetup-luks-1.0.4_SVN30/luks/af.c /* diffuse: Information spreading over the whole dataset with * the help of sha512. -Index: cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/keyencryption.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c -@@ -40,6 +40,9 @@ - (__a - 1) / __b + 1; \ - }) - -+static inline int round_up_modulo(int x, int m) { -+ return div_round_up(x, m) * m; -+} +diff --git a/luks/keyencryption.c b/luks/keyencryption.c +index f154a01..b09aa83 100644 +--- a/luks/keyencryption.c ++++ b/luks/keyencryption.c +@@ -35,12 +35,6 @@ + #include "../lib/internal.h" + #include "../lib/blockdev.h" +-#define div_round_up(a,b) ({ \ +- typeof(a) __a = (a); \ +- typeof(b) __b = (b); \ +- (__a - 1) / __b + 1; \ +-}) +- static int setup_mapping(const char *cipher, const char *name, const char *device, unsigned int payloadOffset, -Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -@@ -141,7 +141,7 @@ int LUKS_write_phdr(const char *device, - return r; - } + const char *key, size_t keyLength, +diff --git a/luks/keymanage.c b/luks/keymanage.c +index 77d8414..81929cd 100644 +--- a/luks/keymanage.c ++++ b/luks/keymanage.c +@@ -37,16 +37,6 @@ + #include + #include <../lib/internal.h> +-#define div_round_up(a,b) ({ \ +- typeof(a) __a = (a); \ +- typeof(b) __b = (b); \ +- (__a - 1) / __b + 1; \ +-}) +- -inline int round_up_modulo(int x, int m) { -+static inline int round_up_modulo(int x, int m) { - return div_round_up(x, m) * m; - } +- return div_round_up(x, m) * m; +-} +- + struct luks_masterkey *LUKS_alloc_masterkey(int keylength) + { + struct luks_masterkey *mk=malloc(sizeof(*mk) + keylength); +diff --git a/luks/luks.h b/luks/luks.h +index 7356c92..f11516d 100644 +--- a/luks/luks.h ++++ b/luks/luks.h +@@ -133,4 +133,5 @@ int LUKS_decrypt_from_storage(char *dst, size_t dstLength, + const char *device, + unsigned int sector, struct setup_backend *backend); -Index: cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/src/cryptsetup.c -+++ cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c ++int LUKS_device_ready(char *device, int mode); + #endif +diff --git a/src/cryptsetup.c b/src/cryptsetup.c +index edb155a..e7f47a2 100644 +--- a/src/cryptsetup.c ++++ b/src/cryptsetup.c @@ -4,6 +4,7 @@ #include #include diff --git a/cryptsetup-luks-libnostderr.diff b/cryptsetup-luks-libnostderr.diff index edd1290..0b9acbc 100644 --- a/cryptsetup-luks-libnostderr.diff +++ b/cryptsetup-luks-libnostderr.diff @@ -1,161 +1,19 @@ use set_error instead of printf in library to report errors. -Signed-off-by: Ludwig Nussel +From: Ludwig Nussel -Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c -@@ -96,7 +96,7 @@ static int timed_read(int fd, char *pass - if (select(fd+1, &fds, NULL, NULL, &t) > 0) - failed = untimed_read(fd, pass, maxlen); - else -- fprintf(stderr, "Operation timed out.\n"); -+ set_error("Operation timed out"); - return failed; - } - -@@ -195,14 +195,16 @@ static int get_key(struct crypt_options - - pass = safe_alloc(512); - if (!pass || (i = interactive_pass(prompt, pass, 512, options->timeout))) { -- set_error("Error reading passphrase"); -+ if(!get_error()) -+ set_error("Error reading passphrase"); - goto out_err; - } - if (verify || verify_if_possible) { - char pass_verify[512]; - i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), options->timeout); - if (i || strcmp(pass, pass_verify) != 0) { -- set_error("Passphrases do not match"); -+ if(!get_error()) -+ set_error("Passphrases do not match"); - goto out_err; - } - memset(pass_verify, 0, sizeof(pass_verify)); -@@ -383,7 +385,7 @@ static int parse_into_name_and_mode(cons - strncpy(mode,"cbc-plain",10); - } - else { -- fprintf(stderr, "no known cipher-spec pattern detected\n"); -+ set_error("no known cipher-spec pattern detected"); - return -EINVAL; - } - } -@@ -642,7 +644,6 @@ start: - r = -EINVAL; goto out; - } - if((r = LUKS_open_any_key(options->device, password, passwordLen, &hdr, &mk, backend)) < 0) { -- set_error("No key available with this passphrase.\n"); - goto out1; - } - -@@ -716,7 +717,7 @@ static int __crypt_luks_add_key(int arg, - r = -EINVAL; goto out; - } - if(LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend) < 0) { -- printf("No key available with this passphrase.\n"); -+ set_error("No key available with this passphrase"); - r = -EPERM; goto out; - } - safe_free(password); -@@ -759,7 +760,7 @@ static int __crypt_luks_del_key(int arg, - } - openedIndex = LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend); - if(openedIndex < 0 || keyIndex == openedIndex) { -- printf("No remaining key available with this passphrase.\n"); -+ set_error("No remaining key available with this passphrase"); - r = -EPERM; goto out; - } - } -Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -@@ -76,20 +76,20 @@ int LUKS_read_phdr(const char *device, s - - devfd = open(device,O_RDONLY | O_DIRECT | O_SYNC); - if(-1 == devfd) { -- fprintf(stderr, _("Can't open device: %s\n"), device); -+ set_error(_("Can't open device %s"), device); - return -EINVAL; - } - - if(read_blockwise(devfd, hdr, sizeof(struct luks_phdr)) < sizeof(struct luks_phdr)) { - r = -EIO; - } else if(memcmp(hdr->magic, luksMagic, LUKS_MAGIC_L)) { /* Check magic */ -- fprintf(stderr, _("%s is not a LUKS partition\n"), device); -+ set_error(_("%s is not a LUKS partition\n"), device); - r = -EINVAL; - } else if(memcmp(hdr->hashSpec, "sha1", 4)) { /* Check for SHA1 - other hashspecs are not implemented ATM */ -- fputs(_("unknown hash spec in phdr"), stderr); -+ set_error(_("unknown hash spec in phdr")); - r = -EINVAL; - } else if((hdr->version = ntohs(hdr->version)) != 1) { /* Convert every uint16/32_t item from network byte order */ -- fprintf(stderr, _("unknown version %d\n"), hdr->version); -+ set_error( _("unknown LUKS version %d\n"), hdr->version); - r = -EINVAL; - } else { - hdr->payloadOffset = ntohl(hdr->payloadOffset); -@@ -117,7 +117,7 @@ int LUKS_write_phdr(const char *device, - - devfd = open(device,O_RDWR | O_DIRECT | O_SYNC); - if(-1 == devfd) { -- fprintf(stderr, _("Can't open device: %s\n"), device); -+ set_error(_("Can't open device %s"), device); - return -EINVAL; - } - -@@ -210,12 +210,12 @@ int LUKS_set_key(const char *device, uns - int r; - - if(hdr->keyblock[keyIndex].active != LUKS_KEY_DISABLED) { -- fprintf(stderr, _("key %d active, purge first.\n"), keyIndex); -+ set_error( _("key %d active, purge first"), keyIndex); - return -EINVAL; - } - - if(hdr->keyblock[keyIndex].stripes < LUKS_STRIPES) { -- fprintf(stderr,_("key material section %d includes too few stripes. Header manipulation?\n"),keyIndex); -+ set_error(_("key material section %d includes too few stripes. Header manipulation?"),keyIndex); - return -EINVAL; - } - r = getRandom(hdr->keyblock[keyIndex].passwordSalt, LUKS_SALTSIZE); -@@ -247,7 +247,8 @@ int LUKS_set_key(const char *device, uns - hdr->keyblock[keyIndex].keyMaterialOffset, - backend); - if(r < 0) { -- fprintf(stderr,"Failed to write to key storage.\n"); -+ if(!get_error()) -+ set_error("Failed to write to key storage"); - goto out; - } - -@@ -303,7 +304,8 @@ int LUKS_open_key(const char *device, - hdr->keyblock[keyIndex].keyMaterialOffset, - backend); - if(r < 0) { -- fprintf(stderr,"Failed to read from key storage\n"); -+ if(!get_error()) -+ set_error("Failed to read from key storage"); - goto out; - } - -@@ -387,7 +389,7 @@ static int wipe(const char *device, unsi - - devfd = open(device, O_RDWR | O_DIRECT); - if(devfd == -1) { -- fprintf(stderr, _("Can't open device: %s\n"), device); -+ set_error(_("Can't open device %s"), device); - return -EINVAL; - } - -Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c -@@ -226,7 +226,7 @@ ssize_t read_blockwise(int fd, void *ori +Signed-off-by: Ludwig Nussel +--- + + lib/utils.c | 2 +- + luks/keyencryption.c | 5 +++-- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/lib/utils.c b/lib/utils.c +index fbf34bc..b9fc006 100644 +--- a/lib/utils.c ++++ b/lib/utils.c +@@ -227,7 +227,7 @@ ssize_t read_blockwise(int fd, void *orig_buf, size_t count) { while(count) { r = read(fd,padbuf,bsize); if(r < 0 || r != bsize) { @@ -164,11 +22,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c goto out; } step = countsize = round_up_modulo(srcLength,device_sector_size)/SECTOR_SIZE; -@@ -121,7 +121,8 @@ static int LUKS_endec_template(char *src +@@ -138,7 +138,8 @@ static int LUKS_endec_template(char *src, size_t srcLength, r = setup_mapping(dmCipherSpec,name,device,hdr->payloadOffset,key,keyLength,sector,srcLength,backend,mode); if(r < 0) { diff --git a/cryptsetup-luks-uninitialized.diff b/cryptsetup-luks-uninitialized.diff deleted file mode 100644 index c279f23..0000000 --- a/cryptsetup-luks-uninitialized.diff +++ /dev/null @@ -1,17 +0,0 @@ -fix segfault when trying to open a non existing device - -Signed-off-by: Ludwig Nussel - -Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c -@@ -608,7 +608,7 @@ out: - - static int __crypt_luks_open(int arg, struct setup_backend *backend, struct crypt_options *options) - { -- struct luks_masterkey *mk; -+ struct luks_masterkey *mk=NULL; - struct luks_phdr hdr; - char *password; int passwordLen; - struct device_infos infos; diff --git a/cryptsetup-luks-warnings.diff b/cryptsetup-luks-warnings.diff index 10c0521..eaf900b 100644 --- a/cryptsetup-luks-warnings.diff +++ b/cryptsetup-luks-warnings.diff @@ -1,12 +1,21 @@ fix some gcc warnings -Signed-off-by: Ludwig Nussel +From: Ludwig Nussel -Index: cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/libdevmapper.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c -@@ -258,7 +258,7 @@ static int dm_query_device(int details, +Signed-off-by: Ludwig Nussel +--- + + lib/libdevmapper.c | 2 +- + lib/setup.c | 2 -- + lib/utils.c | 4 ++-- + luks/keymanage.c | 2 +- + 4 files changed, 4 insertions(+), 6 deletions(-) + +diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c +index 888b689..676064a 100644 +--- a/lib/libdevmapper.c ++++ b/lib/libdevmapper.c +@@ -258,7 +258,7 @@ static int dm_query_device(int details, struct crypt_options *options, options->skip = 0; options->size = length; if (details) { @@ -15,11 +24,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c uint64_t val64; set_error("Invalid dm table"); -Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c -@@ -57,8 +57,6 @@ static int setup_enter(struct setup_back +diff --git a/lib/setup.c b/lib/setup.c +index 0429b33..5b85bd6 100644 +--- a/lib/setup.c ++++ b/lib/setup.c +@@ -56,8 +56,6 @@ static int setup_enter(struct setup_backend *backend) static int setup_leave(struct setup_backend *backend) { @@ -28,11 +37,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c if (backend) backend->exit(); -Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c -+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c -@@ -173,7 +173,7 @@ ssize_t write_blockwise(int fd, const vo +diff --git a/lib/utils.c b/lib/utils.c +index 718d418..fbf34bc 100644 +--- a/lib/utils.c ++++ b/lib/utils.c +@@ -174,7 +174,7 @@ ssize_t write_blockwise(int fd, const void *orig_buf, size_t count) { char *padbuf; char *padbuf_base; char *buf = (char *)orig_buf; @@ -41,7 +50,7 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c int hangover; int solid; int bsize; if ((bsize = sector_size(fd)) < 0) -@@ -213,7 +213,7 @@ ssize_t write_blockwise(int fd, const vo +@@ -214,7 +214,7 @@ ssize_t write_blockwise(int fd, const void *orig_buf, size_t count) ssize_t read_blockwise(int fd, void *orig_buf, size_t count) { char *padbuf; char *padbuf_base; char *buf = (char *)orig_buf; @@ -50,11 +59,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c int step; int bsize; -Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c -@@ -417,7 +417,7 @@ static int wipe(const char *device, unsi +diff --git a/luks/keymanage.c b/luks/keymanage.c +index 77d8414..8b07458 100644 +--- a/luks/keymanage.c ++++ b/luks/keymanage.c +@@ -420,7 +420,7 @@ static int wipe(const char *device, unsigned int from, unsigned int to) int LUKS_del_key(const char *device, unsigned int keyIndex) { struct luks_phdr hdr; @@ -63,30 +72,3 @@ Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c int r; r = LUKS_read_phdr(device, &hdr); -Index: cryptsetup-luks-1.0.4_SVN30/luks/random.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/luks/random.c -+++ cryptsetup-luks-1.0.4_SVN30/luks/random.c -@@ -13,7 +13,7 @@ - - int getRandom(char *buf, size_t len) - { -- int randomfd, r = 0, index = 0; -+ int randomfd, r = 0; - - //FIXME Run a FIPS test for the random device or include - // PRNG if urandom not avail. -Index: cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c -=================================================================== ---- cryptsetup-luks-1.0.4_SVN30.orig/src/cryptsetup.c -+++ cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c -@@ -203,7 +203,8 @@ static int yesDialog(char *msg) - size_t size=0; - fprintf(stderr,"\nWARNING!\n========\n"); - fprintf(stderr,"%s\n\nAre you sure? (Type uppercase yes): ",msg); -- getline(&answer,&size,stdin); -+ if(getline(&answer,&size,stdin) == -1) -+ return 0; - if(strcmp(answer,"YES\n") == 0) - r = 1; - free(answer); diff --git a/cryptsetup.changes b/cryptsetup.changes index 653c5b3..ccfa929 100644 --- a/cryptsetup.changes +++ b/cryptsetup.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Tue Oct 16 10:38:35 CEST 2007 - lnussel@suse.de + +- upgrade to svn revision 31 + * Rename luksDelKey into luksKillSlot + * Add luksRemoveKey that queries a given key before removal + * Fix segfault in luksOpen. + * Add LUKS_device_ready check for most LUKS calls, so that + cryptsetup dies before password querying in case a blockdev is + unavailable + * For LUKS key material access require exclusive access to the + underlying device. This will prevent multiple mappings onto a + single LUKS device. dm*crypt doesn't feature any syncing + capabilities, hence there is no real application for this as it + will likely lead to disk corruption. + * Add signal handler to keyencryption to free the temporary + mapping in case the user hits ctrl-c. + ------------------------------------------------------------------- Mon Aug 27 16:25:54 CEST 2007 - lnussel@suse.de diff --git a/cryptsetup.spec b/cryptsetup.spec index e03c7f5..0c0b18a 100644 --- a/cryptsetup.spec +++ b/cryptsetup.spec @@ -1,5 +1,5 @@ # -# spec file for package cryptsetup (Version 1.0.5) +# spec file for package cryptsetup (Version 1.0.5_SVNr31) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -11,17 +11,17 @@ # norootforbuild Name: cryptsetup -URL: http://luks.endorphin.org/dm-crypt +Url: http://luks.endorphin.org/dm-crypt BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel # hashalot version %define haver 0.3 -License: BSD 3-Clause, GPL v2 or later +License: BSD 3-Clause; GPL v2 or later Group: System/Base -Autoreqprov: on -Version: 1.0.5 -Release: 24 +AutoReqProv: on +Version: 1.0.5_SVNr31 +Release: 1 Summary: Set Up dm-crypt Based Encrypted Block Devices -Source: cryptsetup-1.0.5.tar.bz2 +Source: cryptsetup-1.0.5_SVNr31.tar.bz2 Source1: hashalot-%haver.tar.bz2 Source50: boot.crypto Source90: Makefile.doc @@ -30,7 +30,6 @@ Source91: crypttab.5.txt Source92: crypttab.5 # use this to create the tarball from svn Source99: cryptsetup-mktar -Patch1: cryptsetup-luks-uninitialized.diff Patch2: cryptsetup-luks-implicit-declarations.diff Patch3: cryptsetup-luks-warnings.diff Patch4: cryptsetup-luks-libnostderr.diff @@ -84,7 +83,7 @@ Authors: %prep %setup -q -b 1 -%patch1 -p1 +#%patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 @@ -183,8 +182,22 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) %_includedir/libcryptsetup.h %{_libdir}/libcryptsetup.so - %changelog +* Tue Oct 16 2007 - lnussel@suse.de +- upgrade to svn revision 31 + * Rename luksDelKey into luksKillSlot + * Add luksRemoveKey that queries a given key before removal + * Fix segfault in luksOpen. + * Add LUKS_device_ready check for most LUKS calls, so that + cryptsetup dies before password querying in case a blockdev is + unavailable + * For LUKS key material access require exclusive access to the + underlying device. This will prevent multiple mappings onto a + single LUKS device. dm*crypt doesn't feature any syncing + capabilities, hence there is no real application for this as it + will likely lead to disk corruption. + * Add signal handler to keyencryption to free the temporary + mapping in case the user hits ctrl-c. * Mon Aug 27 2007 - lnussel@suse.de - remove /var/run/keymap from previous boot to make /etc/init.d/kbd work (#296409)