Hello community,
here is the log from the commit of package util-linux-crypto
checked in at Fri May 4 17:37:44 CEST 2007.
--------
--- util-linux-crypto/util-linux-crypto.changes 2007-04-27 15:54:31.000000000 +0200
+++ /mounts/work_src_done/STABLE/util-linux-crypto/util-linux-crypto.changes 2007-05-04 16:38:57.000000000 +0200
@@ -1,0 +2,8 @@
+Fri May 4 16:38:11 CEST 2007 - lnussel@suse.de
+
+- upgrade cryptsetup to current svn revision 30 which includes
+ previous patches.
+- fix background prompt process not getting killed on ctrl-d in
+ boot.crypto
+
+-------------------------------------------------------------------
Old:
----
cryptsetup-luks-1.0.4-loop_fish2_compat.diff
cryptsetup-luks-1.0.4_SVN26.tar.bz2
cryptsetup-luks-ctrl-d.diff
cryptsetup-luks-fixretries.diff
New:
----
cryptsetup-luks-1.0.4_SVN30.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ util-linux-crypto.spec ++++++
--- /var/tmp/diff_new_pack.H28215/_old 2007-05-04 17:37:17.000000000 +0200
+++ /var/tmp/diff_new_pack.H28215/_new 2007-05-04 17:37:17.000000000 +0200
@@ -13,7 +13,7 @@
Name: util-linux-crypto
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
# cryptsetup version
-%define csver 1.0.4_SVN26
+%define csver 1.0.4_SVN30
# hashalot version
%define haver 0.3
# dmconvert version
@@ -22,7 +22,7 @@
Group: System/Base
Autoreqprov: on
Version: 2.12r
-Release: 26
+Release: 28
Summary: A Collection of Basic File System Encryption Utilities
Source: cryptsetup-luks-%csver.tar.bz2
Source1: hashalot-%haver.tar.bz2
@@ -35,10 +35,7 @@
# use this to create the tarball from svn
Source99: cryptsetup-mktar
Patch0: dmconvert-0.2-uninitialized.patch
-Patch1: cryptsetup-luks-1.0.4-loop_fish2_compat.diff
-Patch2: cryptsetup-luks-fixretries.diff
-Patch3: cryptsetup-luks-ctrl-d.diff
-Patch4: cryptsetup-luks-libnostderr.diff
+Patch1: cryptsetup-luks-libnostderr.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Provides: aaa_base:/etc/init.d/boot.crypto
# we need losetup
@@ -77,9 +74,6 @@
%patch0
cd cryptsetup-luks-%csver
%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
%build
# cryptsetup build
@@ -169,6 +163,11 @@
%{_libdir}/libcryptsetup.so
%changelog
+* Fri May 04 2007 - lnussel@suse.de
+- upgrade cryptsetup to current svn revision 30 which includes
+ previous patches.
+- fix background prompt process not getting killed on ctrl-d in
+ boot.crypto
* Fri Apr 27 2007 - lnussel@suse.de
- upgrade cryptsetup to current svn revision 26. Does no longer hang
when a file is specified instead of a device.
++++++ boot.crypto ++++++
--- util-linux-crypto/boot.crypto 2007-04-27 14:44:57.000000000 +0200
+++ /mounts/work_src_done/STABLE/util-linux-crypto/boot.crypto 2007-05-02 09:35:52.000000000 +0200
@@ -309,9 +309,15 @@
params="-t $TIMEOUT -c $cipher -s $keylen -h $hashalgo"
setprompt
- /sbin/cryptsetup $params create "$name" "$device" < $REDIRECT > $REDIRECT 2>&1 || continue 2
+ /sbin/cryptsetup $params create "$name" "$device" < $REDIRECT > $REDIRECT 2>&1
+ stat=$?
unsetprompt
+ if test "$stat" -ne 0; then
+ detachloopdev
+ continue 2
+ fi
+
device="/dev/mapper/$name"
paranoid_safety_checks "$filesys" "$device" "$access" "$physdev"
++++++ cryptsetup-luks-1.0.4_SVN26.tar.bz2 -> cryptsetup-luks-1.0.4_SVN30.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/backend.diff new/cryptsetup-luks-1.0.4_SVN30/backend.diff
--- old/cryptsetup-luks-1.0.4_SVN26/backend.diff 2006-09-24 19:31:56.000000000 +0200
+++ new/cryptsetup-luks-1.0.4_SVN30/backend.diff 1970-01-01 01:00:00.000000000 +0100
@@ -1,68 +0,0 @@
---- /home/clemens/luks/cryptsetup-devel/lib/backends.c 2005-09-11 18:14:30.000000000 +0200
-+++ cryptsetup-luks-1.0.1.fk02/lib/backends.c 2005-08-20 15:02:06.000000000 +0200
-@@ -48,7 +48,7 @@
- }
-
- int hash(const char *backend_name, const char *hash_name,
-- char *result, int size, const char *passphrase)
-+ char *result, size_t size, const char *passphrase)
- {
- struct hash_backend *backend;
- struct hash_type *hashes = NULL, *hash;
-@@ -56,33 +56,26 @@
-
- backend = get_hash_backend(backend_name);
- if (!backend) {
-- set_error("No hash backend found");
-+ set_error(_("No hash backend found"));
- return -ENOSYS;
- }
-
- hashes = backend->get_hashes();
- if (!hashes) {
-- set_error("No hash functions available");
-- goto out;
-- }
--
-- for(hash = hashes; hash->name; hash++)
-- if (strcmp(hash->name, hash_name) == 0)
-- break;
-- if (!hash->name) {
-- set_error("Unknown hash type %s", hash_name);
-- goto out;
-- }
-+ set_error(_("No hash functions available"));
-+ } else {
-+ for(hash = hashes; hash->name && strcmp(hash->name, hash_name) != 0; ++hash);
-+
-+ if (!hash->name) {
-+ set_error(_("Unknown hash type %s"), hash_name);
-+ } else {
-+ r = hash->fn(hash->private, size, result, passphrase);
-+ if(r < 0) set_error(_("Error hashing passphrase"));
-+ }
-
-- r = hash->fn(hash->private, size, result, passphrase);
-- if (r < 0) {
-- set_error("Error hashing passphrase");
-- goto out;
-+ backend->free_hashes(hashes);
- }
-
--out:
-- if (hashes)
-- backend->free_hashes(hashes);
- put_hash_backend(backend);
-
- return r;
-@@ -94,9 +87,7 @@
-
- init_plugins();
-
-- for(backend = setup_backends; *backend; backend++)
-- if (!name || strcmp(name, (*backend)->name) == 0)
-- break;
-+ for(backend = setup_backends; *backend && name && strcmp(name, (*backend)->name) != 0; ++backend);
-
- return *backend;
- }
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/ChangeLog new/cryptsetup-luks-1.0.4_SVN30/ChangeLog
--- old/cryptsetup-luks-1.0.4_SVN26/ChangeLog 2006-11-28 00:34:36.000000000 +0100
+++ new/cryptsetup-luks-1.0.4_SVN30/ChangeLog 2007-05-01 20:02:54.000000000 +0200
@@ -1,3 +1,21 @@
+2007-05-01 Clemens Fruhwirth
+
+ * lib/backends.c, man/cryptsetup.8: Apply patch from Ludwig Nussel
+ , for old SuSE compat hashing.
+
+
+2007-04-16 Clemens Fruhwirth
+
+ * Summary of changes in subversion:
+ Fix segfault for key size > 32 bytes.
+ Kick ancient header version conversion.
+ Fix http://bugs.debian.org/403075
+ No passwort retrying for I/O errors.
+ Fix hang on "-i 0".
+ Fix parenthesization error that prevented --tries from working
+ correctly.
+
+
2006-11-28 gettextize
* m4/gettext.m4: Upgrade to gettext-0.15.
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/lib/backends.c new/cryptsetup-luks-1.0.4_SVN30/lib/backends.c
--- old/cryptsetup-luks-1.0.4_SVN26/lib/backends.c 2006-11-22 21:29:36.000000000 +0100
+++ new/cryptsetup-luks-1.0.4_SVN30/lib/backends.c 2007-05-01 20:02:54.000000000 +0200
@@ -1,5 +1,6 @@
#include
#include
+#include
#include
#include "libcryptsetup.h"
@@ -53,8 +54,29 @@
{
struct hash_backend *backend;
struct hash_type *hashes = NULL, *hash;
+ char hash_name_buf[256], *s;
+ size_t pad = 0;
int r = -ENOENT;
+ if (strlen(hash_name) >= sizeof(hash_name_buf)) {
+ set_error("hash name too long: %s", hash_name);
+ return -ENAMETOOLONG;
+ }
+
+ if ((s = strchr(hash_name, ':'))) {
+ size_t hlen;
+ strcpy(hash_name_buf, hash_name);
+ hash_name_buf[s-hash_name] = '\0';
+ hash_name = hash_name_buf;
+ hlen = atoi(++s);
+ if (hlen > size) {
+ set_error("requested hash length (%zd) > key length (%zd)", hlen, size);
+ return -EINVAL;
+ }
+ pad = size-hlen;
+ size = hlen;
+ }
+
backend = get_hash_backend(backend_name);
if (!backend) {
set_error("No hash backend found");
@@ -81,6 +103,10 @@
goto out;
}
+ if (pad) {
+ memset(result+size, 0, pad);
+ }
+
out:
if (hashes)
backend->free_hashes(hashes);
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/lib/setup.c new/cryptsetup-luks-1.0.4_SVN30/lib/setup.c
--- old/cryptsetup-luks-1.0.4_SVN26/lib/setup.c 2006-12-30 16:22:17.000000000 +0100
+++ new/cryptsetup-luks-1.0.4_SVN30/lib/setup.c 2007-05-02 16:52:25.000000000 +0200
@@ -77,6 +77,9 @@
if (i > 0) {
pass[i-1] = '\0';
i = 0;
+ } else if (i == 0) { /* EOF */
+ *pass = 0;
+ i = -1;
}
return i;
}
@@ -605,7 +608,7 @@
static int __crypt_luks_open(int arg, struct setup_backend *backend, struct crypt_options *options)
{
- struct luks_masterkey *mk=NULL;
+ struct luks_masterkey *mk;
struct luks_phdr hdr;
char *password; int passwordLen;
struct device_infos infos;
@@ -629,6 +632,7 @@
options->flags |= CRYPT_FLAG_READONLY;
start:
+ mk=NULL;
options->key_size = 0; // FIXME, define a clean interface some day.
if(get_key(options,"Enter LUKS passphrase: ",&password,&passwordLen))
@@ -639,7 +643,7 @@
if(!password) {
r = -EINVAL; goto out;
}
- if((r = LUKS_open_any_key(options->device, password, passwordLen, &hdr, &mk, backend) < 0)) {
+ if((r = LUKS_open_any_key(options->device, password, passwordLen, &hdr, &mk, backend)) < 0) {
set_error("No key available with this passphrase.\n");
goto out1;
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/man/cryptsetup.8 new/cryptsetup-luks-1.0.4_SVN30/man/cryptsetup.8
--- old/cryptsetup-luks-1.0.4_SVN26/man/cryptsetup.8 2006-11-23 22:08:11.000000000 +0100
+++ new/cryptsetup-luks-1.0.4_SVN30/man/cryptsetup.8 2007-05-01 20:02:54.000000000 +0200
@@ -148,6 +148,11 @@
cryptsetup is written by Christophe Saout
.br
LUKS extensions, and man page by Clemens Fruhwirth
+.SH "COMPATABILITY WITH OLD SUSE TWOFISH PARTITIONS"
+To read images created with SuSE Linux 9.2's loop_fish2 use --cipher
+twofish-cbc-null -s 256 -h sha512, for images created with even
+older SuSE Linux use --cipher twofish-cbc-null -s 192 -h
+ripemd160:20
.SH "REPORTING BUGS"
Report bugs to .
.SH COPYRIGHT
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/po/cryptsetup-luks.pot new/cryptsetup-luks-1.0.4_SVN30/po/cryptsetup-luks.pot
--- old/cryptsetup-luks-1.0.4_SVN26/po/cryptsetup-luks.pot 2006-09-24 19:31:56.000000000 +0200
+++ new/cryptsetup-luks-1.0.4_SVN30/po/cryptsetup-luks.pot 2007-04-16 11:42:40.000000000 +0200
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2006-08-04 23:05+0200\n"
+"POT-Creation-Date: 2007-01-02 16:49+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME \n"
"Language-Team: LANGUAGE \n"
@@ -25,46 +25,42 @@
msgid "Failed to obtain device mapper directory."
msgstr ""
-#: luks/keymanage.c:53
-msgid "automatic header conversion from 0.99 to 0.991 triggered"
-msgstr ""
-
-#: luks/keymanage.c:68 luks/keymanage.c:117 luks/keymanage.c:380
+#: luks/keymanage.c:79 luks/keymanage.c:120 luks/keymanage.c:390
#, c-format
msgid "Can't open device: %s\n"
msgstr ""
-#: luks/keymanage.c:75
+#: luks/keymanage.c:86
#, c-format
msgid "%s is not a LUKS partition\n"
msgstr ""
-#: luks/keymanage.c:78
+#: luks/keymanage.c:89
msgid "unknown hash spec in phdr"
msgstr ""
-#: luks/keymanage.c:81
+#: luks/keymanage.c:92
#, c-format
msgid "unknown version %d\n"
msgstr ""
-#: luks/keymanage.c:210
+#: luks/keymanage.c:213
#, c-format
msgid "key %d active, purge first.\n"
msgstr ""
-#: luks/keymanage.c:215
+#: luks/keymanage.c:218
#, c-format
msgid ""
"key material section %d includes too few stripes. Header manipulation?\n"
msgstr ""
-#: luks/keymanage.c:278
+#: luks/keymanage.c:281
#, c-format
msgid "key %d is disabled.\n"
msgstr ""
-#: luks/keymanage.c:417
+#: luks/keymanage.c:427
#, c-format
msgid "Key %d not active. Can't wipe.\n"
msgstr ""
Files old/cryptsetup-luks-1.0.4_SVN26/po/de.gmo and new/cryptsetup-luks-1.0.4_SVN30/po/de.gmo differ
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/po/de.po new/cryptsetup-luks-1.0.4_SVN30/po/de.po
--- old/cryptsetup-luks-1.0.4_SVN26/po/de.po 2006-09-24 19:31:56.000000000 +0200
+++ new/cryptsetup-luks-1.0.4_SVN30/po/de.po 2007-04-16 11:42:40.000000000 +0200
@@ -8,7 +8,7 @@
msgstr ""
"Project-Id-Version: cryptsetup 1.0.1.fk01\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2006-08-04 23:05+0200\n"
+"POT-Creation-Date: 2007-01-02 16:49+0100\n"
"PO-Revision-Date: 2005-08-18 19:52+0200\n"
"Last-Translator: Florian Knauf \n"
"Language-Team: German \n"
@@ -25,47 +25,43 @@
msgid "Failed to obtain device mapper directory."
msgstr ""
-#: luks/keymanage.c:53
-msgid "automatic header conversion from 0.99 to 0.991 triggered"
-msgstr ""
-
-#: luks/keymanage.c:68 luks/keymanage.c:117 luks/keymanage.c:380
+#: luks/keymanage.c:79 luks/keymanage.c:120 luks/keymanage.c:390
#, fuzzy, c-format
msgid "Can't open device: %s\n"
msgstr "Fehler beim �ffnen des Ger�ts: %s"
-#: luks/keymanage.c:75
+#: luks/keymanage.c:86
#, c-format
msgid "%s is not a LUKS partition\n"
msgstr ""
-#: luks/keymanage.c:78
+#: luks/keymanage.c:89
#, fuzzy
msgid "unknown hash spec in phdr"
msgstr "Unbekannter Hash im Partitions-Header"
-#: luks/keymanage.c:81
+#: luks/keymanage.c:92
#, c-format
msgid "unknown version %d\n"
msgstr ""
-#: luks/keymanage.c:210
+#: luks/keymanage.c:213
#, c-format
msgid "key %d active, purge first.\n"
msgstr ""
-#: luks/keymanage.c:215
+#: luks/keymanage.c:218
#, c-format
msgid ""
"key material section %d includes too few stripes. Header manipulation?\n"
msgstr ""
-#: luks/keymanage.c:278
+#: luks/keymanage.c:281
#, c-format
msgid "key %d is disabled.\n"
msgstr ""
-#: luks/keymanage.c:417
+#: luks/keymanage.c:427
#, c-format
msgid "Key %d not active. Can't wipe.\n"
msgstr ""
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/cryptsetup-luks-1.0.4_SVN26/po/Makefile.in new/cryptsetup-luks-1.0.4_SVN30/po/Makefile.in
--- old/cryptsetup-luks-1.0.4_SVN26/po/Makefile.in 2007-01-02 16:48:46.000000000 +0100
+++ new/cryptsetup-luks-1.0.4_SVN30/po/Makefile.in 2007-05-01 20:02:54.000000000 +0200
@@ -28,9 +28,9 @@
localedir = ${datarootdir}/locale
gettextsrcdir = $(datadir)/gettext/po
-INSTALL = /usr/bin/install -c
+INSTALL = /bin/install -c
INSTALL_DATA = ${INSTALL} -m 644
-mkinstalldirs = $(SHELL) /home/clemens/luks/cryptsetup/install-sh -d
+mkinstalldirs = $(SHELL) /home/clemens/devel/luks/cryptsetup/install-sh -d
mkdir_p = mkdir -p --
GMSGFMT_ = /usr/bin/gmsgfmt
++++++ cryptsetup-luks-libnostderr.diff ++++++
--- /var/tmp/diff_new_pack.H28215/_old 2007-05-04 17:37:18.000000000 +0200
+++ /var/tmp/diff_new_pack.H28215/_new 2007-05-04 17:37:18.000000000 +0200
@@ -1,12 +1,11 @@
-use set_error instead of printf in library to report errors about why
-LUKS_open_any_key failed.
+use set_error instead of printf in library to report errors.
Signed-off-by: Ludwig Nussel
-Index: cryptsetup-luks-1.0.4_SVN26/lib/setup.c
+Index: cryptsetup-luks-1.0.4_SVN29/lib/setup.c
===================================================================
---- cryptsetup-luks-1.0.4_SVN26.orig/lib/setup.c
-+++ cryptsetup-luks-1.0.4_SVN26/lib/setup.c
+--- cryptsetup-luks-1.0.4_SVN29.orig/lib/setup.c
++++ cryptsetup-luks-1.0.4_SVN29/lib/setup.c
@@ -98,7 +98,7 @@ static int timed_read(int fd, char *pass
if (select(fd+1, &fds, NULL, NULL, &t) > 0)
failed = untimed_read(fd, pass, maxlen);
@@ -52,10 +51,28 @@
goto out1;
}
-Index: cryptsetup-luks-1.0.4_SVN26/luks/keymanage.c
+@@ -718,7 +719,7 @@ static int __crypt_luks_add_key(int arg,
+ r = -EINVAL; goto out;
+ }
+ if(LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend) < 0) {
+- printf("No key available with this passphrase.\n");
++ set_error("No key available with this passphrase");
+ r = -EPERM; goto out;
+ }
+ safe_free(password);
+@@ -761,7 +762,7 @@ static int __crypt_luks_del_key(int arg,
+ }
+ openedIndex = LUKS_open_any_key(device, password, passwordLen, &hdr, &mk, backend);
+ if(openedIndex < 0 || keyIndex == openedIndex) {
+- printf("No remaining key available with this passphrase.\n");
++ set_error("No remaining key available with this passphrase");
+ r = -EPERM; goto out;
+ }
+ }
+Index: cryptsetup-luks-1.0.4_SVN29/luks/keymanage.c
===================================================================
---- cryptsetup-luks-1.0.4_SVN26.orig/luks/keymanage.c
-+++ cryptsetup-luks-1.0.4_SVN26/luks/keymanage.c
+--- cryptsetup-luks-1.0.4_SVN29.orig/luks/keymanage.c
++++ cryptsetup-luks-1.0.4_SVN29/luks/keymanage.c
@@ -76,20 +76,20 @@ int LUKS_read_phdr(const char *device, s
devfd = open(device,O_RDONLY | O_DIRECT | O_SYNC);
@@ -125,7 +142,7 @@
goto out;
}
-@@ -388,7 +390,7 @@ static int wipe(const char *device, unsi
+@@ -387,7 +389,7 @@ static int wipe(const char *device, unsi
devfd = open(device, O_RDWR | O_DIRECT);
if(devfd == -1) {
@@ -134,10 +151,10 @@
return -EINVAL;
}
-Index: cryptsetup-luks-1.0.4_SVN26/lib/utils.c
+Index: cryptsetup-luks-1.0.4_SVN29/lib/utils.c
===================================================================
---- cryptsetup-luks-1.0.4_SVN26.orig/lib/utils.c
-+++ cryptsetup-luks-1.0.4_SVN26/lib/utils.c
+--- cryptsetup-luks-1.0.4_SVN29.orig/lib/utils.c
++++ cryptsetup-luks-1.0.4_SVN29/lib/utils.c
@@ -225,7 +225,7 @@ ssize_t read_blockwise(int fd, void *ori
while(count) {
r = read(fd,padbuf,bsize);
@@ -147,10 +164,10 @@
goto out;
}
step = count