forked from pool/cryptsetup
This commit is contained in:
parent
22b79821ac
commit
1c200b4673
@ -1,7 +1,17 @@
|
|||||||
Index: cryptsetup-1.0.5/lib/libdevmapper.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-1.0.5.orig/lib/libdevmapper.c
|
From: Matthias Koenig <mkoenig@suse.de>
|
||||||
+++ cryptsetup-1.0.5/lib/libdevmapper.c
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
lib/libdevmapper.c | 10 ++++++++++
|
||||||
|
1 files changed, 10 insertions(+), 0 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
|
||||||
|
index 676064a..f18b7a1 100644
|
||||||
|
--- a/lib/libdevmapper.c
|
||||||
|
+++ b/lib/libdevmapper.c
|
||||||
@@ -18,6 +18,13 @@
|
@@ -18,6 +18,13 @@
|
||||||
|
|
||||||
#define CRYPT_TARGET "crypt"
|
#define CRYPT_TARGET "crypt"
|
||||||
@ -16,7 +26,7 @@ Index: cryptsetup-1.0.5/lib/libdevmapper.c
|
|||||||
static void set_dm_error(int level, const char *file, int line,
|
static void set_dm_error(int level, const char *file, int line,
|
||||||
const char *f, ...)
|
const char *f, ...)
|
||||||
{
|
{
|
||||||
@@ -184,6 +191,9 @@ static int dm_create_device(int reload,
|
@@ -184,6 +191,9 @@ static int dm_create_device(int reload, struct crypt_options *options,
|
||||||
if (dmi.read_only)
|
if (dmi.read_only)
|
||||||
options->flags |= CRYPT_FLAG_READONLY;
|
options->flags |= CRYPT_FLAG_READONLY;
|
||||||
|
|
||||||
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:4bab529afa00cafde3bc5df2769578c88438f80c5152d4257cd0e86986f95bc4
|
|
||||||
size 322394
|
|
3
cryptsetup-1.0.5_SVNr31.tar.bz2
Normal file
3
cryptsetup-1.0.5_SVNr31.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:87b342eb6ba641e694121e40a7aff3ac86df642f5450c047958b1e92cb215510
|
||||||
|
size 415998
|
@ -1,12 +1,25 @@
|
|||||||
fix implicit function declarations
|
fix implicit function declarations
|
||||||
|
|
||||||
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/internal.h
|
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
===================================================================
|
---
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/internal.h
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/internal.h
|
lib/internal.h | 13 +++++++++++++
|
||||||
@@ -62,6 +62,9 @@ int hash(const char *backend_name, const
|
lib/libcryptsetup.h | 5 ++++-
|
||||||
|
lib/utils.c | 1 +
|
||||||
|
luks/af.c | 1 +
|
||||||
|
luks/keyencryption.c | 6 ------
|
||||||
|
luks/keymanage.c | 10 ----------
|
||||||
|
luks/luks.h | 1 +
|
||||||
|
src/cryptsetup.c | 4 ++++
|
||||||
|
8 files changed, 24 insertions(+), 17 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/internal.h b/lib/internal.h
|
||||||
|
index 8877c01..7a7354e 100644
|
||||||
|
--- a/lib/internal.h
|
||||||
|
+++ b/lib/internal.h
|
||||||
|
@@ -62,6 +62,9 @@ int hash(const char *backend_name, const char *hash_name,
|
||||||
struct setup_backend *get_setup_backend(const char *name);
|
struct setup_backend *get_setup_backend(const char *name);
|
||||||
void put_setup_backend(struct setup_backend *backend);
|
void put_setup_backend(struct setup_backend *backend);
|
||||||
|
|
||||||
@ -16,11 +29,32 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/internal.h
|
|||||||
ssize_t write_blockwise(int fd, const void *buf, size_t count);
|
ssize_t write_blockwise(int fd, const void *buf, size_t count);
|
||||||
ssize_t read_blockwise(int fd, void *_buf, size_t count);
|
ssize_t read_blockwise(int fd, void *_buf, size_t count);
|
||||||
ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offset);
|
ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offset);
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h
|
@@ -69,4 +72,14 @@ ssize_t write_lseek_blockwise(int fd, const char *buf, size_t count, off_t offse
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/libcryptsetup.h
|
int get_key(char *prompt, char **key, int *passLen, int key_size, const char *key_file, int passphrase_fd, int timeout, int how2verify);
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h
|
|
||||||
@@ -45,6 +45,8 @@ int crypt_luksDelKey(struct crypt_option
|
+#define div_round_up(a,b) ({ \
|
||||||
|
+ typeof(a) __a = (a); \
|
||||||
|
+ typeof(b) __b = (b); \
|
||||||
|
+ (__a - 1) / __b + 1; \
|
||||||
|
+})
|
||||||
|
+
|
||||||
|
+static inline int round_up_modulo(int x, int m) {
|
||||||
|
+ return div_round_up(x, m) * m;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
#endif /* INTERNAL_H */
|
||||||
|
diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h
|
||||||
|
index 53846ef..69b9ba4 100644
|
||||||
|
--- a/lib/libcryptsetup.h
|
||||||
|
+++ b/lib/libcryptsetup.h
|
||||||
|
@@ -53,10 +53,13 @@ int crypt_query_device(struct crypt_options *options);
|
||||||
|
int crypt_remove_device(struct crypt_options *options);
|
||||||
|
int crypt_luksInit(struct crypt_options *options);
|
||||||
|
int crypt_luksOpen(struct crypt_options *options);
|
||||||
|
-int crypt_luksDelKey(struct crypt_options *options);
|
||||||
|
+int crypt_luksKillSlot(struct crypt_options *options);
|
||||||
|
+int crypt_luksRemoveKey(struct crypt_options *options);
|
||||||
int crypt_luksAddKey(struct crypt_options *options);
|
int crypt_luksAddKey(struct crypt_options *options);
|
||||||
int crypt_luksUUID(struct crypt_options *options);
|
int crypt_luksUUID(struct crypt_options *options);
|
||||||
int crypt_isLuks(struct crypt_options *options);
|
int crypt_isLuks(struct crypt_options *options);
|
||||||
@ -29,35 +63,22 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/libcryptsetup.h
|
|||||||
|
|
||||||
void crypt_get_error(char *buf, size_t size);
|
void crypt_get_error(char *buf, size_t size);
|
||||||
void crypt_put_options(struct crypt_options *options);
|
void crypt_put_options(struct crypt_options *options);
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
diff --git a/lib/utils.c b/lib/utils.c
|
||||||
===================================================================
|
index 23ddae1..718d418 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c
|
--- a/lib/utils.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
+++ b/lib/utils.c
|
||||||
@@ -107,7 +107,7 @@ static int interactive_pass(const char *
|
|
||||||
{
|
|
||||||
struct termios orig, tmp;
|
|
||||||
int failed = -1;
|
|
||||||
- int infd, outfd;
|
|
||||||
+ int infd = STDIN_FILENO, outfd;
|
|
||||||
|
|
||||||
if (maxlen < 1)
|
|
||||||
goto out_err;
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|
||||||
@@ -9,6 +9,7 @@
|
@@ -9,6 +9,7 @@
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
+#include <sys/ioctl.h>
|
+#include <sys/ioctl.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
#include <termios.h>
|
||||||
|
|
||||||
#include "libcryptsetup.h"
|
diff --git a/luks/af.c b/luks/af.c
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/af.c
|
index 7166669..66c4861 100644
|
||||||
===================================================================
|
--- a/luks/af.c
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/af.c
|
+++ b/luks/af.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/af.c
|
|
||||||
@@ -30,6 +30,7 @@
|
@@ -30,6 +30,7 @@
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include "sha1.h"
|
#include "sha1.h"
|
||||||
@ -66,37 +87,58 @@ Index: cryptsetup-luks-1.0.4_SVN30/luks/af.c
|
|||||||
|
|
||||||
/* diffuse: Information spreading over the whole dataset with
|
/* diffuse: Information spreading over the whole dataset with
|
||||||
* the help of sha512.
|
* the help of sha512.
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c
|
diff --git a/luks/keyencryption.c b/luks/keyencryption.c
|
||||||
===================================================================
|
index f154a01..b09aa83 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/keyencryption.c
|
--- a/luks/keyencryption.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c
|
+++ b/luks/keyencryption.c
|
||||||
@@ -40,6 +40,9 @@
|
@@ -35,12 +35,6 @@
|
||||||
(__a - 1) / __b + 1; \
|
#include "../lib/internal.h"
|
||||||
})
|
#include "../lib/blockdev.h"
|
||||||
|
|
||||||
+static inline int round_up_modulo(int x, int m) {
|
|
||||||
+ return div_round_up(x, m) * m;
|
|
||||||
+}
|
|
||||||
|
|
||||||
|
-#define div_round_up(a,b) ({ \
|
||||||
|
- typeof(a) __a = (a); \
|
||||||
|
- typeof(b) __b = (b); \
|
||||||
|
- (__a - 1) / __b + 1; \
|
||||||
|
-})
|
||||||
|
-
|
||||||
static int setup_mapping(const char *cipher, const char *name,
|
static int setup_mapping(const char *cipher, const char *name,
|
||||||
const char *device, unsigned int payloadOffset,
|
const char *device, unsigned int payloadOffset,
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
const char *key, size_t keyLength,
|
||||||
===================================================================
|
diff --git a/luks/keymanage.c b/luks/keymanage.c
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c
|
index 77d8414..81929cd 100644
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
--- a/luks/keymanage.c
|
||||||
@@ -141,7 +141,7 @@ int LUKS_write_phdr(const char *device,
|
+++ b/luks/keymanage.c
|
||||||
return r;
|
@@ -37,16 +37,6 @@
|
||||||
}
|
#include <uuid/uuid.h>
|
||||||
|
#include <../lib/internal.h>
|
||||||
|
|
||||||
|
-#define div_round_up(a,b) ({ \
|
||||||
|
- typeof(a) __a = (a); \
|
||||||
|
- typeof(b) __b = (b); \
|
||||||
|
- (__a - 1) / __b + 1; \
|
||||||
|
-})
|
||||||
|
-
|
||||||
-inline int round_up_modulo(int x, int m) {
|
-inline int round_up_modulo(int x, int m) {
|
||||||
+static inline int round_up_modulo(int x, int m) {
|
- return div_round_up(x, m) * m;
|
||||||
return div_round_up(x, m) * m;
|
-}
|
||||||
}
|
-
|
||||||
|
struct luks_masterkey *LUKS_alloc_masterkey(int keylength)
|
||||||
|
{
|
||||||
|
struct luks_masterkey *mk=malloc(sizeof(*mk) + keylength);
|
||||||
|
diff --git a/luks/luks.h b/luks/luks.h
|
||||||
|
index 7356c92..f11516d 100644
|
||||||
|
--- a/luks/luks.h
|
||||||
|
+++ b/luks/luks.h
|
||||||
|
@@ -133,4 +133,5 @@ int LUKS_decrypt_from_storage(char *dst, size_t dstLength,
|
||||||
|
const char *device,
|
||||||
|
unsigned int sector, struct setup_backend *backend);
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c
|
+int LUKS_device_ready(char *device, int mode);
|
||||||
===================================================================
|
#endif
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/src/cryptsetup.c
|
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c
|
index edb155a..e7f47a2 100644
|
||||||
|
--- a/src/cryptsetup.c
|
||||||
|
+++ b/src/cryptsetup.c
|
||||||
@@ -4,6 +4,7 @@
|
@@ -4,6 +4,7 @@
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <inttypes.h>
|
#include <inttypes.h>
|
||||||
|
@ -1,161 +1,19 @@
|
|||||||
use set_error instead of printf in library to report errors.
|
use set_error instead of printf in library to report errors.
|
||||||
|
|
||||||
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
|
||||||
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
---
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
lib/utils.c | 2 +-
|
||||||
===================================================================
|
luks/keyencryption.c | 5 +++--
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c
|
2 files changed, 4 insertions(+), 3 deletions(-)
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
|
||||||
@@ -96,7 +96,7 @@ static int timed_read(int fd, char *pass
|
|
||||||
if (select(fd+1, &fds, NULL, NULL, &t) > 0)
|
|
||||||
failed = untimed_read(fd, pass, maxlen);
|
|
||||||
else
|
|
||||||
- fprintf(stderr, "Operation timed out.\n");
|
|
||||||
+ set_error("Operation timed out");
|
|
||||||
return failed;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -195,14 +195,16 @@ static int get_key(struct crypt_options
|
diff --git a/lib/utils.c b/lib/utils.c
|
||||||
|
index fbf34bc..b9fc006 100644
|
||||||
pass = safe_alloc(512);
|
--- a/lib/utils.c
|
||||||
if (!pass || (i = interactive_pass(prompt, pass, 512, options->timeout))) {
|
+++ b/lib/utils.c
|
||||||
- set_error("Error reading passphrase");
|
@@ -227,7 +227,7 @@ ssize_t read_blockwise(int fd, void *orig_buf, size_t count) {
|
||||||
+ if(!get_error())
|
|
||||||
+ set_error("Error reading passphrase");
|
|
||||||
goto out_err;
|
|
||||||
}
|
|
||||||
if (verify || verify_if_possible) {
|
|
||||||
char pass_verify[512];
|
|
||||||
i = interactive_pass("Verify passphrase: ", pass_verify, sizeof(pass_verify), options->timeout);
|
|
||||||
if (i || strcmp(pass, pass_verify) != 0) {
|
|
||||||
- set_error("Passphrases do not match");
|
|
||||||
+ if(!get_error())
|
|
||||||
+ set_error("Passphrases do not match");
|
|
||||||
goto out_err;
|
|
||||||
}
|
|
||||||
memset(pass_verify, 0, sizeof(pass_verify));
|
|
||||||
@@ -383,7 +385,7 @@ static int parse_into_name_and_mode(cons
|
|
||||||
strncpy(mode,"cbc-plain",10);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
- fprintf(stderr, "no known cipher-spec pattern detected\n");
|
|
||||||
+ set_error("no known cipher-spec pattern detected");
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -642,7 +644,6 @@ start:
|
|
||||||
r = -EINVAL; goto out;
|
|
||||||
}
|
|
||||||
if((r = LUKS_open_any_key(options->device, password, passwordLen, &hdr, &mk, backend)) < 0) {
|
|
||||||
- set_error("No key available with this passphrase.\n");
|
|
||||||
goto out1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -716,7 +717,7 @@ static int __crypt_luks_add_key(int arg,
|
|
||||||
r = -EINVAL; goto out;
|
|
||||||
}
|
|
||||||
if(LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend) < 0) {
|
|
||||||
- printf("No key available with this passphrase.\n");
|
|
||||||
+ set_error("No key available with this passphrase");
|
|
||||||
r = -EPERM; goto out;
|
|
||||||
}
|
|
||||||
safe_free(password);
|
|
||||||
@@ -759,7 +760,7 @@ static int __crypt_luks_del_key(int arg,
|
|
||||||
}
|
|
||||||
openedIndex = LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend);
|
|
||||||
if(openedIndex < 0 || keyIndex == openedIndex) {
|
|
||||||
- printf("No remaining key available with this passphrase.\n");
|
|
||||||
+ set_error("No remaining key available with this passphrase");
|
|
||||||
r = -EPERM; goto out;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
|
||||||
@@ -76,20 +76,20 @@ int LUKS_read_phdr(const char *device, s
|
|
||||||
|
|
||||||
devfd = open(device,O_RDONLY | O_DIRECT | O_SYNC);
|
|
||||||
if(-1 == devfd) {
|
|
||||||
- fprintf(stderr, _("Can't open device: %s\n"), device);
|
|
||||||
+ set_error(_("Can't open device %s"), device);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(read_blockwise(devfd, hdr, sizeof(struct luks_phdr)) < sizeof(struct luks_phdr)) {
|
|
||||||
r = -EIO;
|
|
||||||
} else if(memcmp(hdr->magic, luksMagic, LUKS_MAGIC_L)) { /* Check magic */
|
|
||||||
- fprintf(stderr, _("%s is not a LUKS partition\n"), device);
|
|
||||||
+ set_error(_("%s is not a LUKS partition\n"), device);
|
|
||||||
r = -EINVAL;
|
|
||||||
} else if(memcmp(hdr->hashSpec, "sha1", 4)) { /* Check for SHA1 - other hashspecs are not implemented ATM */
|
|
||||||
- fputs(_("unknown hash spec in phdr"), stderr);
|
|
||||||
+ set_error(_("unknown hash spec in phdr"));
|
|
||||||
r = -EINVAL;
|
|
||||||
} else if((hdr->version = ntohs(hdr->version)) != 1) { /* Convert every uint16/32_t item from network byte order */
|
|
||||||
- fprintf(stderr, _("unknown version %d\n"), hdr->version);
|
|
||||||
+ set_error( _("unknown LUKS version %d\n"), hdr->version);
|
|
||||||
r = -EINVAL;
|
|
||||||
} else {
|
|
||||||
hdr->payloadOffset = ntohl(hdr->payloadOffset);
|
|
||||||
@@ -117,7 +117,7 @@ int LUKS_write_phdr(const char *device,
|
|
||||||
|
|
||||||
devfd = open(device,O_RDWR | O_DIRECT | O_SYNC);
|
|
||||||
if(-1 == devfd) {
|
|
||||||
- fprintf(stderr, _("Can't open device: %s\n"), device);
|
|
||||||
+ set_error(_("Can't open device %s"), device);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -210,12 +210,12 @@ int LUKS_set_key(const char *device, uns
|
|
||||||
int r;
|
|
||||||
|
|
||||||
if(hdr->keyblock[keyIndex].active != LUKS_KEY_DISABLED) {
|
|
||||||
- fprintf(stderr, _("key %d active, purge first.\n"), keyIndex);
|
|
||||||
+ set_error( _("key %d active, purge first"), keyIndex);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(hdr->keyblock[keyIndex].stripes < LUKS_STRIPES) {
|
|
||||||
- fprintf(stderr,_("key material section %d includes too few stripes. Header manipulation?\n"),keyIndex);
|
|
||||||
+ set_error(_("key material section %d includes too few stripes. Header manipulation?"),keyIndex);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
r = getRandom(hdr->keyblock[keyIndex].passwordSalt, LUKS_SALTSIZE);
|
|
||||||
@@ -247,7 +247,8 @@ int LUKS_set_key(const char *device, uns
|
|
||||||
hdr->keyblock[keyIndex].keyMaterialOffset,
|
|
||||||
backend);
|
|
||||||
if(r < 0) {
|
|
||||||
- fprintf(stderr,"Failed to write to key storage.\n");
|
|
||||||
+ if(!get_error())
|
|
||||||
+ set_error("Failed to write to key storage");
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -303,7 +304,8 @@ int LUKS_open_key(const char *device,
|
|
||||||
hdr->keyblock[keyIndex].keyMaterialOffset,
|
|
||||||
backend);
|
|
||||||
if(r < 0) {
|
|
||||||
- fprintf(stderr,"Failed to read from key storage\n");
|
|
||||||
+ if(!get_error())
|
|
||||||
+ set_error("Failed to read from key storage");
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -387,7 +389,7 @@ static int wipe(const char *device, unsi
|
|
||||||
|
|
||||||
devfd = open(device, O_RDWR | O_DIRECT);
|
|
||||||
if(devfd == -1) {
|
|
||||||
- fprintf(stderr, _("Can't open device: %s\n"), device);
|
|
||||||
+ set_error(_("Can't open device %s"), device);
|
|
||||||
return -EINVAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|
||||||
@@ -226,7 +226,7 @@ ssize_t read_blockwise(int fd, void *ori
|
|
||||||
while(count) {
|
while(count) {
|
||||||
r = read(fd,padbuf,bsize);
|
r = read(fd,padbuf,bsize);
|
||||||
if(r < 0 || r != bsize) {
|
if(r < 0 || r != bsize) {
|
||||||
@ -164,11 +22,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
step = count<bsize?count:bsize;
|
step = count<bsize?count:bsize;
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c
|
diff --git a/luks/keyencryption.c b/luks/keyencryption.c
|
||||||
===================================================================
|
index f154a01..de02f50 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/keyencryption.c
|
--- a/luks/keyencryption.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c
|
+++ b/luks/keyencryption.c
|
||||||
@@ -61,7 +61,7 @@ static int setup_mapping(const char *cip
|
@@ -58,7 +58,7 @@ static int setup_mapping(const char *cipher, const char *name,
|
||||||
* device's sector size, otherwise the mapping will be refused.
|
* device's sector size, otherwise the mapping will be refused.
|
||||||
*/
|
*/
|
||||||
if(device_sector_size < 0) {
|
if(device_sector_size < 0) {
|
||||||
@ -177,7 +35,7 @@ Index: cryptsetup-luks-1.0.4_SVN30/luks/keyencryption.c
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
options->size = round_up_modulo(srcLength,device_sector_size)/SECTOR_SIZE;
|
options->size = round_up_modulo(srcLength,device_sector_size)/SECTOR_SIZE;
|
||||||
@@ -121,7 +121,8 @@ static int LUKS_endec_template(char *src
|
@@ -138,7 +138,8 @@ static int LUKS_endec_template(char *src, size_t srcLength,
|
||||||
|
|
||||||
r = setup_mapping(dmCipherSpec,name,device,hdr->payloadOffset,key,keyLength,sector,srcLength,backend,mode);
|
r = setup_mapping(dmCipherSpec,name,device,hdr->payloadOffset,key,keyLength,sector,srcLength,backend,mode);
|
||||||
if(r < 0) {
|
if(r < 0) {
|
||||||
|
@ -1,17 +0,0 @@
|
|||||||
fix segfault when trying to open a non existing device
|
|
||||||
|
|
||||||
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
|
||||||
@@ -608,7 +608,7 @@ out:
|
|
||||||
|
|
||||||
static int __crypt_luks_open(int arg, struct setup_backend *backend, struct crypt_options *options)
|
|
||||||
{
|
|
||||||
- struct luks_masterkey *mk;
|
|
||||||
+ struct luks_masterkey *mk=NULL;
|
|
||||||
struct luks_phdr hdr;
|
|
||||||
char *password; int passwordLen;
|
|
||||||
struct device_infos infos;
|
|
@ -1,12 +1,21 @@
|
|||||||
fix some gcc warnings
|
fix some gcc warnings
|
||||||
|
|
||||||
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
From: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c
|
Signed-off-by: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
===================================================================
|
---
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/libdevmapper.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c
|
lib/libdevmapper.c | 2 +-
|
||||||
@@ -258,7 +258,7 @@ static int dm_query_device(int details,
|
lib/setup.c | 2 --
|
||||||
|
lib/utils.c | 4 ++--
|
||||||
|
luks/keymanage.c | 2 +-
|
||||||
|
4 files changed, 4 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
|
||||||
|
index 888b689..676064a 100644
|
||||||
|
--- a/lib/libdevmapper.c
|
||||||
|
+++ b/lib/libdevmapper.c
|
||||||
|
@@ -258,7 +258,7 @@ static int dm_query_device(int details, struct crypt_options *options,
|
||||||
options->skip = 0;
|
options->skip = 0;
|
||||||
options->size = length;
|
options->size = length;
|
||||||
if (details) {
|
if (details) {
|
||||||
@ -15,11 +24,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/libdevmapper.c
|
|||||||
uint64_t val64;
|
uint64_t val64;
|
||||||
|
|
||||||
set_error("Invalid dm table");
|
set_error("Invalid dm table");
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
diff --git a/lib/setup.c b/lib/setup.c
|
||||||
===================================================================
|
index 0429b33..5b85bd6 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/setup.c
|
--- a/lib/setup.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
+++ b/lib/setup.c
|
||||||
@@ -57,8 +57,6 @@ static int setup_enter(struct setup_back
|
@@ -56,8 +56,6 @@ static int setup_enter(struct setup_backend *backend)
|
||||||
|
|
||||||
static int setup_leave(struct setup_backend *backend)
|
static int setup_leave(struct setup_backend *backend)
|
||||||
{
|
{
|
||||||
@ -28,11 +37,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/setup.c
|
|||||||
if (backend)
|
if (backend)
|
||||||
backend->exit();
|
backend->exit();
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
diff --git a/lib/utils.c b/lib/utils.c
|
||||||
===================================================================
|
index 718d418..fbf34bc 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/lib/utils.c
|
--- a/lib/utils.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
+++ b/lib/utils.c
|
||||||
@@ -173,7 +173,7 @@ ssize_t write_blockwise(int fd, const vo
|
@@ -174,7 +174,7 @@ ssize_t write_blockwise(int fd, const void *orig_buf, size_t count)
|
||||||
{
|
{
|
||||||
char *padbuf; char *padbuf_base;
|
char *padbuf; char *padbuf_base;
|
||||||
char *buf = (char *)orig_buf;
|
char *buf = (char *)orig_buf;
|
||||||
@ -41,7 +50,7 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|||||||
int hangover; int solid; int bsize;
|
int hangover; int solid; int bsize;
|
||||||
|
|
||||||
if ((bsize = sector_size(fd)) < 0)
|
if ((bsize = sector_size(fd)) < 0)
|
||||||
@@ -213,7 +213,7 @@ ssize_t write_blockwise(int fd, const vo
|
@@ -214,7 +214,7 @@ ssize_t write_blockwise(int fd, const void *orig_buf, size_t count)
|
||||||
ssize_t read_blockwise(int fd, void *orig_buf, size_t count) {
|
ssize_t read_blockwise(int fd, void *orig_buf, size_t count) {
|
||||||
char *padbuf; char *padbuf_base;
|
char *padbuf; char *padbuf_base;
|
||||||
char *buf = (char *)orig_buf;
|
char *buf = (char *)orig_buf;
|
||||||
@ -50,11 +59,11 @@ Index: cryptsetup-luks-1.0.4_SVN30/lib/utils.c
|
|||||||
int step;
|
int step;
|
||||||
int bsize;
|
int bsize;
|
||||||
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
diff --git a/luks/keymanage.c b/luks/keymanage.c
|
||||||
===================================================================
|
index 77d8414..8b07458 100644
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/keymanage.c
|
--- a/luks/keymanage.c
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
+++ b/luks/keymanage.c
|
||||||
@@ -417,7 +417,7 @@ static int wipe(const char *device, unsi
|
@@ -420,7 +420,7 @@ static int wipe(const char *device, unsigned int from, unsigned int to)
|
||||||
int LUKS_del_key(const char *device, unsigned int keyIndex)
|
int LUKS_del_key(const char *device, unsigned int keyIndex)
|
||||||
{
|
{
|
||||||
struct luks_phdr hdr;
|
struct luks_phdr hdr;
|
||||||
@ -63,30 +72,3 @@ Index: cryptsetup-luks-1.0.4_SVN30/luks/keymanage.c
|
|||||||
int r;
|
int r;
|
||||||
|
|
||||||
r = LUKS_read_phdr(device, &hdr);
|
r = LUKS_read_phdr(device, &hdr);
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/luks/random.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/luks/random.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/luks/random.c
|
|
||||||
@@ -13,7 +13,7 @@
|
|
||||||
|
|
||||||
int getRandom(char *buf, size_t len)
|
|
||||||
{
|
|
||||||
- int randomfd, r = 0, index = 0;
|
|
||||||
+ int randomfd, r = 0;
|
|
||||||
|
|
||||||
//FIXME Run a FIPS test for the random device or include
|
|
||||||
// PRNG if urandom not avail.
|
|
||||||
Index: cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c
|
|
||||||
===================================================================
|
|
||||||
--- cryptsetup-luks-1.0.4_SVN30.orig/src/cryptsetup.c
|
|
||||||
+++ cryptsetup-luks-1.0.4_SVN30/src/cryptsetup.c
|
|
||||||
@@ -203,7 +203,8 @@ static int yesDialog(char *msg)
|
|
||||||
size_t size=0;
|
|
||||||
fprintf(stderr,"\nWARNING!\n========\n");
|
|
||||||
fprintf(stderr,"%s\n\nAre you sure? (Type uppercase yes): ",msg);
|
|
||||||
- getline(&answer,&size,stdin);
|
|
||||||
+ if(getline(&answer,&size,stdin) == -1)
|
|
||||||
+ return 0;
|
|
||||||
if(strcmp(answer,"YES\n") == 0)
|
|
||||||
r = 1;
|
|
||||||
free(answer);
|
|
||||||
|
@ -1,3 +1,21 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Oct 16 10:38:35 CEST 2007 - lnussel@suse.de
|
||||||
|
|
||||||
|
- upgrade to svn revision 31
|
||||||
|
* Rename luksDelKey into luksKillSlot
|
||||||
|
* Add luksRemoveKey that queries a given key before removal
|
||||||
|
* Fix segfault in luksOpen.
|
||||||
|
* Add LUKS_device_ready check for most LUKS calls, so that
|
||||||
|
cryptsetup dies before password querying in case a blockdev is
|
||||||
|
unavailable
|
||||||
|
* For LUKS key material access require exclusive access to the
|
||||||
|
underlying device. This will prevent multiple mappings onto a
|
||||||
|
single LUKS device. dm*crypt doesn't feature any syncing
|
||||||
|
capabilities, hence there is no real application for this as it
|
||||||
|
will likely lead to disk corruption.
|
||||||
|
* Add signal handler to keyencryption to free the temporary
|
||||||
|
mapping in case the user hits ctrl-c.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Aug 27 16:25:54 CEST 2007 - lnussel@suse.de
|
Mon Aug 27 16:25:54 CEST 2007 - lnussel@suse.de
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# spec file for package cryptsetup (Version 1.0.5)
|
# spec file for package cryptsetup (Version 1.0.5_SVNr31)
|
||||||
#
|
#
|
||||||
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||||
# This file and all modifications and additions to the pristine
|
# This file and all modifications and additions to the pristine
|
||||||
@ -11,17 +11,17 @@
|
|||||||
# norootforbuild
|
# norootforbuild
|
||||||
|
|
||||||
Name: cryptsetup
|
Name: cryptsetup
|
||||||
URL: http://luks.endorphin.org/dm-crypt
|
Url: http://luks.endorphin.org/dm-crypt
|
||||||
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
|
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
|
||||||
# hashalot version
|
# hashalot version
|
||||||
%define haver 0.3
|
%define haver 0.3
|
||||||
License: BSD 3-Clause, GPL v2 or later
|
License: BSD 3-Clause; GPL v2 or later
|
||||||
Group: System/Base
|
Group: System/Base
|
||||||
Autoreqprov: on
|
AutoReqProv: on
|
||||||
Version: 1.0.5
|
Version: 1.0.5_SVNr31
|
||||||
Release: 24
|
Release: 1
|
||||||
Summary: Set Up dm-crypt Based Encrypted Block Devices
|
Summary: Set Up dm-crypt Based Encrypted Block Devices
|
||||||
Source: cryptsetup-1.0.5.tar.bz2
|
Source: cryptsetup-1.0.5_SVNr31.tar.bz2
|
||||||
Source1: hashalot-%haver.tar.bz2
|
Source1: hashalot-%haver.tar.bz2
|
||||||
Source50: boot.crypto
|
Source50: boot.crypto
|
||||||
Source90: Makefile.doc
|
Source90: Makefile.doc
|
||||||
@ -30,7 +30,6 @@ Source91: crypttab.5.txt
|
|||||||
Source92: crypttab.5
|
Source92: crypttab.5
|
||||||
# use this to create the tarball from svn
|
# use this to create the tarball from svn
|
||||||
Source99: cryptsetup-mktar
|
Source99: cryptsetup-mktar
|
||||||
Patch1: cryptsetup-luks-uninitialized.diff
|
|
||||||
Patch2: cryptsetup-luks-implicit-declarations.diff
|
Patch2: cryptsetup-luks-implicit-declarations.diff
|
||||||
Patch3: cryptsetup-luks-warnings.diff
|
Patch3: cryptsetup-luks-warnings.diff
|
||||||
Patch4: cryptsetup-luks-libnostderr.diff
|
Patch4: cryptsetup-luks-libnostderr.diff
|
||||||
@ -84,7 +83,7 @@ Authors:
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -b 1
|
%setup -q -b 1
|
||||||
%patch1 -p1
|
#%patch1 -p1
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
@ -183,8 +182,22 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%defattr(-,root,root)
|
%defattr(-,root,root)
|
||||||
%_includedir/libcryptsetup.h
|
%_includedir/libcryptsetup.h
|
||||||
%{_libdir}/libcryptsetup.so
|
%{_libdir}/libcryptsetup.so
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Oct 16 2007 - lnussel@suse.de
|
||||||
|
- upgrade to svn revision 31
|
||||||
|
* Rename luksDelKey into luksKillSlot
|
||||||
|
* Add luksRemoveKey that queries a given key before removal
|
||||||
|
* Fix segfault in luksOpen.
|
||||||
|
* Add LUKS_device_ready check for most LUKS calls, so that
|
||||||
|
cryptsetup dies before password querying in case a blockdev is
|
||||||
|
unavailable
|
||||||
|
* For LUKS key material access require exclusive access to the
|
||||||
|
underlying device. This will prevent multiple mappings onto a
|
||||||
|
single LUKS device. dm*crypt doesn't feature any syncing
|
||||||
|
capabilities, hence there is no real application for this as it
|
||||||
|
will likely lead to disk corruption.
|
||||||
|
* Add signal handler to keyencryption to free the temporary
|
||||||
|
mapping in case the user hits ctrl-c.
|
||||||
* Mon Aug 27 2007 - lnussel@suse.de
|
* Mon Aug 27 2007 - lnussel@suse.de
|
||||||
- remove /var/run/keymap from previous boot to make /etc/init.d/kbd
|
- remove /var/run/keymap from previous boot to make /etc/init.d/kbd
|
||||||
work (#296409)
|
work (#296409)
|
||||||
|
Loading…
Reference in New Issue
Block a user