Compare commits
52 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
c31e753f4b | ||
|
48e35c62a2 | ||
|
a826a4b1af | ||
|
6d34f800c2 | ||
|
91b20b097b | ||
|
5dae3701ee | ||
|
b28d111460 | ||
|
97c67a9548 | ||
|
6fbd69e362 | ||
|
2894bfabcd | ||
|
f2216ba485 | ||
|
c5b69b3798 | ||
|
2aaaf551a4 | ||
|
19de152f74 | ||
|
8f83183cd9 | ||
|
d2f83644d5 | ||
|
7b2adf2f44 | ||
|
78e5420049 | ||
|
c6eb606826 | ||
|
6a7979d571 | ||
|
1ff6710715 | ||
|
8fab58af59 | ||
|
3d0316b6da | ||
|
545816c001 | ||
|
48a54bccf9 | ||
|
6b0d58e6c2 | ||
|
85c6d0916a | ||
|
56b0682c19 | ||
|
538deeaf89 | ||
|
d367a1f5c6 | ||
|
60cc6e0e99 | ||
|
db21301720 | ||
|
91a56fa56e | ||
|
6de3b0c117 | ||
|
020f1c3fa6 | ||
|
312c50a77b | ||
|
6c38de1557 | ||
|
82c3707961 | ||
|
4886de908b | ||
|
f93fc197bb | ||
|
2e6d0e53e8 | ||
|
62a674eb0b | ||
|
3895626cc2 | ||
|
14d952f359 | ||
|
b4b07aac45 | ||
|
25078df2b2 | ||
|
a710b21d0f | ||
|
4128c34ecc | ||
|
a677246089 | ||
|
2c2f8b1b47 | ||
|
bee7fb4fb1 | ||
|
08740c7ca4 |
@ -1,2 +0,0 @@
|
||||
volume_key-0.2.tar.bz2
|
||||
cryptsetup-1.0.7-rc1.tar.bz2
|
9
.gitignore
vendored
Normal file
9
.gitignore
vendored
Normal file
@ -0,0 +1,9 @@
|
||||
/.project
|
||||
/volume_key-0.3.3.tar.xz
|
||||
/volume_key-0.3.4.tar.xz
|
||||
/volume_key-0.3.5.tar.xz
|
||||
/volume_key-0.3.6.tar.xz
|
||||
/volume_key-0.3.7.tar.xz
|
||||
/volume_key-0.3.8.tar.xz
|
||||
/volume_key-0.3.9.tar.xz
|
||||
/volume_key-0.3.10.tar.xz
|
21
Makefile
21
Makefile
@ -1,21 +0,0 @@
|
||||
# Makefile for source rpm: volume_key
|
||||
# $Id$
|
||||
NAME := volume_key
|
||||
SPECFILE = $(firstword $(wildcard *.spec))
|
||||
|
||||
define find-makefile-common
|
||||
for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(find-makefile-common))
|
||||
|
||||
ifeq ($(MAKEFILE_COMMON),)
|
||||
# attept a checkout
|
||||
define checkout-makefile-common
|
||||
test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
|
||||
endef
|
||||
|
||||
MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
|
||||
endif
|
||||
|
||||
include $(MAKEFILE_COMMON)
|
@ -1,674 +0,0 @@
|
||||
Index: lib/libcryptsetup.h
|
||||
===================================================================
|
||||
--- lib/libcryptsetup.h (revision 62)
|
||||
+++ lib/libcryptsetup.h (working copy)
|
||||
@@ -65,6 +65,78 @@
|
||||
int crypt_luksFormat(struct crypt_options *options);
|
||||
int crypt_luksDump(struct crypt_options *options);
|
||||
|
||||
+struct crypt_luks_volume_info;
|
||||
+
|
||||
+/* Get information about DEVICE,
|
||||
+ Return 0 on sucess, setting INFO to the volume information.
|
||||
+ return a negative errno value otherwise, the caller can try to use
|
||||
+ crypt_get_error() to get an error message.
|
||||
+ INFO can be NULL, in which case the function only verifies DEVICE is a valid
|
||||
+ LUKS device.
|
||||
+ If INFO is not not NULL, it should be freed using crypt_luks_vi_free().
|
||||
+*/
|
||||
+int crypt_luks_get_volume_info(struct crypt_luks_volume_info **info,
|
||||
+ const char *device);
|
||||
+
|
||||
+/* Get cipher name from INFO.
|
||||
+ Return a string for free(), or NULL if out of memory. */
|
||||
+char *crypt_luks_vi_get_cipher_name(struct crypt_luks_volume_info *info);
|
||||
+
|
||||
+/* Get cipher mode from INFO.
|
||||
+ Return a string for free(), or NULL if out of memory. */
|
||||
+char *crypt_luks_vi_get_cipher_mode(struct crypt_luks_volume_info *info);
|
||||
+
|
||||
+/* Get number of master key bytes from INFO. */
|
||||
+unsigned crypt_luks_vi_get_key_bytes(struct crypt_luks_volume_info *info);
|
||||
+
|
||||
+/* Get UUID from INFO.
|
||||
+ Return a string for free(), or NULL if out of memory. */
|
||||
+char *crypt_luks_vi_get_uuid(struct crypt_luks_volume_info *info);
|
||||
+
|
||||
+/* Free INFO. */
|
||||
+void crypt_luks_vi_free(struct crypt_luks_volume_info *info);
|
||||
+
|
||||
+/* Get the master key of DEVICE, using PASSPHRASE with PASSPHRASE_LENGTH.
|
||||
+ Return the used slot on success, setting KEY and KEY_LENGTH to the master
|
||||
+ key;
|
||||
+ return a negative errno value otherwise, the caller can try to use
|
||||
+ crypt_get_error() to get an error message.
|
||||
+ The caller is responsible for calling free(KEY) if this function returns
|
||||
+ 0. */
|
||||
+int crypt_luks_get_master_key(unsigned char **key, size_t *key_length,
|
||||
+ const char *device,
|
||||
+ const unsigned char *passphrase,
|
||||
+ size_t passphrase_length,
|
||||
+ void (*log)(int class, char *msg));
|
||||
+
|
||||
+/* Verify that KEY with KEY_LENGTH is valid for DEVICE.
|
||||
+ Return 0 on success.
|
||||
+ Return a negative errno value otherwise, the caller can try to use
|
||||
+ crypt_get_error() to get an error message. */
|
||||
+int crypt_luks_verify_master_key(const char *device, const unsigned char *key,
|
||||
+ size_t key_length);
|
||||
+
|
||||
+/* Open DEVICE using KEY with KEY_LENGTH as NAME.
|
||||
+ Return 0 on success.
|
||||
+ Return a negative errno value otherwise, the caller can try to use
|
||||
+ crypt_get_error() to get an error message. */
|
||||
+int crypt_luks_open_by_master_key(const char *name, const char *device,
|
||||
+ const unsigned char *key, size_t key_length,
|
||||
+ int flags, void (*log)(int class, char *msg));
|
||||
+
|
||||
+/* Add a PASSPHRASE with PASSPHRASE_LENGTH to SLOT of DEVICE, using KEY with
|
||||
+ KEY_LENGTH.
|
||||
+ Return the used slot on success;
|
||||
+ Return a negative errno value otherwise, the caller can try to use
|
||||
+ crypt_get_error() to get an error message.
|
||||
+ SLOT may be -1 to use the first empty slot. */
|
||||
+int crypt_luks_add_passphrase_by_master_key(const char *device,
|
||||
+ const unsigned char *key,
|
||||
+ size_t key_length, int slot,
|
||||
+ const unsigned char *passphrase,
|
||||
+ size_t passphrase_length,
|
||||
+ void (*log)(int class, char *msg));
|
||||
+
|
||||
void crypt_get_error(char *buf, size_t size);
|
||||
void crypt_put_options(struct crypt_options *options);
|
||||
const char *crypt_get_dir(void);
|
||||
Index: lib/setup.c
|
||||
===================================================================
|
||||
--- lib/setup.c (revision 62)
|
||||
+++ lib/setup.c (working copy)
|
||||
@@ -282,7 +282,7 @@
|
||||
}
|
||||
}
|
||||
|
||||
-static int __crypt_create_device(int reload, struct setup_backend *backend,
|
||||
+static int __crypt_create_device(intptr_t reload, struct setup_backend *backend,
|
||||
struct crypt_options *options)
|
||||
{
|
||||
struct crypt_options tmp = {
|
||||
@@ -359,7 +359,7 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_query_device(int details, struct setup_backend *backend,
|
||||
+static int __crypt_query_device(intptr_t details, struct setup_backend *backend,
|
||||
struct crypt_options *options)
|
||||
{
|
||||
int r = backend->status(details, options, NULL);
|
||||
@@ -371,7 +371,7 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_resize_device(int details, struct setup_backend *backend,
|
||||
+static int __crypt_resize_device(intptr_t details, struct setup_backend *backend,
|
||||
struct crypt_options *options)
|
||||
{
|
||||
struct crypt_options tmp = {
|
||||
@@ -412,7 +412,7 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_remove_device(int arg, struct setup_backend *backend,
|
||||
+static int __crypt_remove_device(intptr_t arg, struct setup_backend *backend,
|
||||
struct crypt_options *options)
|
||||
{
|
||||
int r;
|
||||
@@ -428,7 +428,7 @@
|
||||
return backend->remove(0, options);
|
||||
}
|
||||
|
||||
-static int __crypt_luks_format(int arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
+static int __crypt_luks_format(intptr_t arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
{
|
||||
int r;
|
||||
|
||||
@@ -504,8 +504,94 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_luks_open(int arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
+static int open_from_hdr_and_mk(struct luks_phdr *hdr,
|
||||
+ struct luks_masterkey *mk,
|
||||
+ const struct device_infos *infos,
|
||||
+ struct setup_backend *backend,
|
||||
+ struct crypt_options *options)
|
||||
{
|
||||
+ char *dmCipherSpec;
|
||||
+ int excl = (options->flags & CRYPT_FLAG_NON_EXCLUSIVE_ACCESS)
|
||||
+ ? 0 : O_EXCL;
|
||||
+ int r;
|
||||
+
|
||||
+ if (infos->readonly)
|
||||
+ options->flags |= CRYPT_FLAG_READONLY;
|
||||
+ options->offset = hdr->payloadOffset;
|
||||
+ if (asprintf(&dmCipherSpec, "%s-%s", hdr->cipherName, hdr->cipherMode)
|
||||
+ < 0) {
|
||||
+ r = -ENOMEM;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ options->cipher = dmCipherSpec;
|
||||
+ options->key_size = mk->keyLength;
|
||||
+ options->skip = 0;
|
||||
+
|
||||
+ options->size = infos->size;
|
||||
+ if (!options->size) {
|
||||
+ set_error("Not a block device.\n");
|
||||
+ r = -ENOTBLK;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ if (options->size <= options->offset) {
|
||||
+ set_error("Invalid offset");
|
||||
+ r = -EINVAL;
|
||||
+ goto out;
|
||||
+ }
|
||||
+ options->size -= options->offset;
|
||||
+ /* FIXME: code allows multiple crypt mapping, cannot use uuid then.
|
||||
+ * anyway, it is dangerous and can corrupt data. Remove it in next version! */
|
||||
+ r = backend->create(0, options, mk->key, excl ? hdr->uuid : NULL);
|
||||
+ out:
|
||||
+ free(dmCipherSpec);
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+static int __crypt_luks_open_by_master_key(intptr_t arg,
|
||||
+ struct setup_backend *backend,
|
||||
+ struct crypt_options *options)
|
||||
+{
|
||||
+ struct luks_masterkey *mk;
|
||||
+ struct luks_phdr hdr;
|
||||
+ struct device_infos infos;
|
||||
+ struct crypt_options tmp = {
|
||||
+ .name = options->name,
|
||||
+ };
|
||||
+ int r;
|
||||
+ int excl = (options->flags & CRYPT_FLAG_NON_EXCLUSIVE_ACCESS) != 0
|
||||
+ ? 0 : O_EXCL ;
|
||||
+
|
||||
+ mk = (struct luks_masterkey *)arg;
|
||||
+
|
||||
+ r = backend->status(0, &tmp, NULL);
|
||||
+ if (r >= 0) {
|
||||
+ set_error("Device %s already exists.", options->name);
|
||||
+ return -EEXIST;
|
||||
+ }
|
||||
+
|
||||
+ if (!LUKS_device_ready(options->device, O_RDONLY | excl))
|
||||
+ return -ENOTBLK;
|
||||
+
|
||||
+ if (get_device_infos(options->device, &infos) < 0) {
|
||||
+ set_error("Can't get device information.\n");
|
||||
+ return -ENOTBLK;
|
||||
+ }
|
||||
+
|
||||
+ r = LUKS_read_phdr(options->device, &hdr);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ r = LUKS_verify_master_key(&hdr, mk);
|
||||
+ if (r == -EPERM)
|
||||
+ set_error("Master key does not match the volume.\n");
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ return open_from_hdr_and_mk(&hdr, mk, &infos, backend, options);
|
||||
+}
|
||||
+
|
||||
+static int __crypt_luks_open(intptr_t arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
+{
|
||||
struct luks_masterkey *mk=NULL;
|
||||
struct luks_phdr hdr;
|
||||
char *prompt = NULL;
|
||||
@@ -515,7 +601,6 @@
|
||||
struct crypt_options tmp = {
|
||||
.name = options->name,
|
||||
};
|
||||
- char *dmCipherSpec = NULL;
|
||||
int r, tries = options->tries;
|
||||
int excl = (options->flags & CRYPT_FLAG_NON_EXCLUSIVE_ACCESS) ? 0 : O_EXCL ;
|
||||
|
||||
@@ -533,9 +618,6 @@
|
||||
return -ENOTBLK;
|
||||
}
|
||||
|
||||
- if (infos.readonly)
|
||||
- options->flags |= CRYPT_FLAG_READONLY;
|
||||
-
|
||||
if(asprintf(&prompt, "Enter LUKS passphrase for %s: ", options->device) < 0)
|
||||
return -ENOMEM;
|
||||
|
||||
@@ -559,33 +641,8 @@
|
||||
|
||||
logger(options, CRYPT_LOG_NORMAL,"key slot %d unlocked.\n", r);
|
||||
|
||||
+ r = open_from_hdr_and_mk(&hdr, mk, &infos, backend, options);
|
||||
|
||||
- options->offset = hdr.payloadOffset;
|
||||
- if (asprintf(&dmCipherSpec, "%s-%s", hdr.cipherName, hdr.cipherMode) < 0) {
|
||||
- r = -ENOMEM;
|
||||
- goto out2;
|
||||
- }
|
||||
- options->cipher = dmCipherSpec;
|
||||
- options->key_size = mk->keyLength;
|
||||
- options->skip = 0;
|
||||
-
|
||||
- options->size = infos.size;
|
||||
- if (!options->size) {
|
||||
- set_error("Not a block device.\n");
|
||||
- r = -ENOTBLK; goto out2;
|
||||
- }
|
||||
- if (options->size <= options->offset) {
|
||||
- set_error("Invalid offset");
|
||||
- r = -EINVAL; goto out2;
|
||||
- }
|
||||
- options->size -= options->offset;
|
||||
- /* FIXME: code allows multiple crypt mapping, cannot use uuid then.
|
||||
- * anyway, it is dangerous and can corrupt data. Remove it in next version! */
|
||||
- r = backend->create(0, options, mk->key, excl ? hdr.uuid : NULL);
|
||||
-
|
||||
- out2:
|
||||
- free(dmCipherSpec);
|
||||
- dmCipherSpec = NULL;
|
||||
out1:
|
||||
safe_free(password);
|
||||
out:
|
||||
@@ -598,8 +655,76 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_luks_add_key(int arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
+/* arg is a struct luks_masterkey **. Caller must LUKS_dealloc_masterkey(*arg)
|
||||
+ if this function returns 0.
|
||||
+ options->key_size is abused as passphrase length. */
|
||||
+static int __crypt_luks_get_master_key(intptr_t arg,
|
||||
+ struct setup_backend *backend,
|
||||
+ struct crypt_options *options)
|
||||
{
|
||||
+ struct luks_masterkey *mk;
|
||||
+ struct luks_phdr hdr;
|
||||
+ int r;
|
||||
+
|
||||
+ if (!LUKS_device_ready(options->device, O_RDONLY))
|
||||
+ return -ENOTBLK;
|
||||
+
|
||||
+ r = LUKS_open_any_key(options->device, options->passphrase,
|
||||
+ options->key_size, &hdr, &mk, backend);
|
||||
+ if (r == -EPERM)
|
||||
+ set_error("No key available with this passphrase.");
|
||||
+ if (r < 0) {
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+ return r;
|
||||
+ }
|
||||
+
|
||||
+ *(struct luks_masterkey **)arg = mk;
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+/* options->key_size is abused as passphrase length. */
|
||||
+static int __crypt_luks_add_passphrase_by_master_key
|
||||
+ (intptr_t arg, struct setup_backend *backend,
|
||||
+ struct crypt_options *options)
|
||||
+{
|
||||
+ struct luks_phdr hdr;
|
||||
+ unsigned int keyIndex;
|
||||
+ struct luks_masterkey *mk;
|
||||
+ const char *device = options->device;
|
||||
+ int r;
|
||||
+
|
||||
+ mk = (struct luks_masterkey *)arg;
|
||||
+
|
||||
+ if (!LUKS_device_ready(options->device, O_RDWR))
|
||||
+ return -ENOTBLK;
|
||||
+
|
||||
+ r = LUKS_read_phdr(device, &hdr);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ r = LUKS_verify_master_key(&hdr, mk);
|
||||
+ if (r < 0) {
|
||||
+ set_error("Master key does not match the volume");
|
||||
+ return -EINVAL;
|
||||
+ }
|
||||
+
|
||||
+ keyIndex = keyslot_from_option(options->key_slot, &hdr, options);
|
||||
+ if (keyIndex == -EINVAL)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ hdr.keyblock[keyIndex].passwordIterations
|
||||
+ = at_least_one(LUKS_benchmarkt_iterations()
|
||||
+ * ((float)options->iteration_time / 1000));
|
||||
+
|
||||
+ r = LUKS_set_key(device, keyIndex, options->passphrase,
|
||||
+ options->key_size, &hdr, mk, backend);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+ return keyIndex;
|
||||
+}
|
||||
+
|
||||
+static int __crypt_luks_add_key(intptr_t arg, struct setup_backend *backend, struct crypt_options *options)
|
||||
+{
|
||||
struct luks_masterkey *mk=NULL;
|
||||
struct luks_phdr hdr;
|
||||
char *password=NULL; unsigned int passwordLen;
|
||||
@@ -664,7 +789,7 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int luks_remove_helper(int arg, struct setup_backend *backend, struct crypt_options *options, int supply_it)
|
||||
+static int luks_remove_helper(intptr_t arg, struct setup_backend *backend, struct crypt_options *options, int supply_it)
|
||||
{
|
||||
struct luks_masterkey *mk;
|
||||
struct luks_phdr hdr;
|
||||
@@ -735,18 +860,18 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int __crypt_luks_kill_slot(int arg, struct setup_backend *backend, struct crypt_options *options) {
|
||||
+static int __crypt_luks_kill_slot(intptr_t arg, struct setup_backend *backend, struct crypt_options *options) {
|
||||
return luks_remove_helper(arg, backend, options, 0);
|
||||
}
|
||||
|
||||
-static int __crypt_luks_remove_key(int arg, struct setup_backend *backend, struct crypt_options *options) {
|
||||
+static int __crypt_luks_remove_key(intptr_t arg, struct setup_backend *backend, struct crypt_options *options) {
|
||||
return luks_remove_helper(arg, backend, options, 1);
|
||||
}
|
||||
|
||||
|
||||
-static int crypt_job(int (*job)(int arg, struct setup_backend *backend,
|
||||
+static int crypt_job(int (*job)(intptr_t arg, struct setup_backend *backend,
|
||||
struct crypt_options *options),
|
||||
- int arg, struct crypt_options *options)
|
||||
+ intptr_t arg, struct crypt_options *options)
|
||||
{
|
||||
struct setup_backend *backend;
|
||||
int r;
|
||||
@@ -807,6 +932,96 @@
|
||||
return crypt_job(__crypt_luks_format, 0, options);
|
||||
}
|
||||
|
||||
+int crypt_luks_get_master_key(unsigned char **key, size_t *key_length,
|
||||
+ const char *device,
|
||||
+ const unsigned char *passphrase,
|
||||
+ size_t passphrase_length,
|
||||
+ void (*log)(int class, char *msg))
|
||||
+{
|
||||
+ struct crypt_options options;
|
||||
+ struct interface_callbacks icb;
|
||||
+ struct luks_masterkey *mk;
|
||||
+ int r;
|
||||
+
|
||||
+ memset(&icb, 0, sizeof(icb));
|
||||
+ icb.log = log;
|
||||
+ memset(&options, 0, sizeof(options));
|
||||
+ options.device = device;
|
||||
+ options.icb = &icb;
|
||||
+ options.passphrase = (const char *)passphrase;
|
||||
+ options.key_size = passphrase_length; /* Abusing the field */
|
||||
+ if (options.key_size != passphrase_length) {
|
||||
+ set_error("passphrase_length too large");
|
||||
+ return -EOVERFLOW;
|
||||
+ }
|
||||
+ r = crypt_job(__crypt_luks_get_master_key, (intptr_t)&mk, &options);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+ /* Note: this memory is not mlock()ed */
|
||||
+ *key = malloc(mk->keyLength);
|
||||
+ if (*key == NULL) {
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+ return -ENOMEM;
|
||||
+ }
|
||||
+ memcpy(*key, mk->key, mk->keyLength);
|
||||
+ *key_length = mk->keyLength;
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+int crypt_luks_verify_master_key(const char *device, const unsigned char *key,
|
||||
+ size_t key_length)
|
||||
+{
|
||||
+ struct luks_masterkey *mk;
|
||||
+ struct luks_phdr hdr;
|
||||
+ int r;
|
||||
+
|
||||
+ r = LUKS_read_phdr(device, &hdr);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ mk = LUKS_alloc_masterkey(key_length);
|
||||
+ if (mk == NULL)
|
||||
+ return -ENOMEM;
|
||||
+ memcpy(mk->key, key, key_length);
|
||||
+
|
||||
+ r = LUKS_verify_master_key(&hdr, mk);
|
||||
+ if (r == -EPERM)
|
||||
+ set_error("Master key does not match the volume.\n");
|
||||
+
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+int crypt_luks_open_by_master_key(const char *name, const char *device,
|
||||
+ const unsigned char *key, size_t key_length,
|
||||
+ int flags, void (*log)(int class, char *msg))
|
||||
+{
|
||||
+ struct crypt_options options;
|
||||
+ struct interface_callbacks icb;
|
||||
+ struct luks_masterkey *mk;
|
||||
+ int r;
|
||||
+
|
||||
+ memset(&icb, 0, sizeof(icb));
|
||||
+ icb.log = log;
|
||||
+ memset(&options, 0, sizeof(options));
|
||||
+ options.name = name;
|
||||
+ options.device = device;
|
||||
+ options.flags = flags;
|
||||
+ options.offset = 0;
|
||||
+ options.icb = &icb;
|
||||
+
|
||||
+ mk = LUKS_alloc_masterkey(key_length);
|
||||
+ if (mk == NULL)
|
||||
+ return -ENOMEM;
|
||||
+ memcpy(mk->key, key, key_length);
|
||||
+ r = crypt_job(__crypt_luks_open_by_master_key, (intptr_t)mk, &options);
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
int crypt_luksOpen(struct crypt_options *options)
|
||||
{
|
||||
return crypt_job(__crypt_luks_open, 0, options);
|
||||
@@ -822,6 +1037,39 @@
|
||||
return crypt_job(__crypt_luks_remove_key, 0, options);
|
||||
}
|
||||
|
||||
+int crypt_luks_add_passphrase_by_master_key(const char *device,
|
||||
+ const unsigned char *key,
|
||||
+ size_t key_length, int slot,
|
||||
+ const unsigned char *passphrase,
|
||||
+ size_t passphrase_length,
|
||||
+ void (*log)(int class, char *msg))
|
||||
+{
|
||||
+ struct crypt_options options;
|
||||
+ struct interface_callbacks icb;
|
||||
+ struct luks_masterkey *mk;
|
||||
+ int r;
|
||||
+
|
||||
+ memset(&icb, 0, sizeof(icb));
|
||||
+ icb.log = log;
|
||||
+ memset(&options, 0, sizeof(options));
|
||||
+ options.device = device;
|
||||
+ options.passphrase = (const char *)passphrase;
|
||||
+ options.key_size = passphrase_length; /* Abusing the field */
|
||||
+ options.key_slot = slot;
|
||||
+ options.iteration_time = 1000;
|
||||
+ options.icb = &icb;
|
||||
+
|
||||
+ mk = LUKS_alloc_masterkey(key_length);
|
||||
+ if (mk == NULL)
|
||||
+ return -ENOMEM;
|
||||
+ memcpy(mk->key, key, key_length);
|
||||
+ r = crypt_job(__crypt_luks_add_passphrase_by_master_key, (intptr_t)mk,
|
||||
+ &options);
|
||||
+ LUKS_dealloc_masterkey(mk);
|
||||
+
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
int crypt_luksAddKey(struct crypt_options *options)
|
||||
{
|
||||
return crypt_job(__crypt_luks_add_key, 0, options);
|
||||
@@ -840,6 +1088,84 @@
|
||||
return 0;
|
||||
}
|
||||
|
||||
+struct crypt_luks_volume_info
|
||||
+{
|
||||
+ struct luks_phdr h;
|
||||
+};
|
||||
+
|
||||
+int crypt_luks_get_volume_info(struct crypt_luks_volume_info **info,
|
||||
+ const char *device)
|
||||
+{
|
||||
+ struct crypt_luks_volume_info *vi;
|
||||
+ int r;
|
||||
+
|
||||
+ vi = malloc(sizeof(*vi));
|
||||
+ if (vi == NULL)
|
||||
+ return -ENOMEM;
|
||||
+ r = LUKS_read_phdr(device, &vi->h);
|
||||
+ if (r != 0) {
|
||||
+ free(vi);
|
||||
+ return r;
|
||||
+ }
|
||||
+ if (info != NULL)
|
||||
+ *info = vi;
|
||||
+ else
|
||||
+ free(vi);
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+char *crypt_luks_vi_get_cipher_name(struct crypt_luks_volume_info *info)
|
||||
+{
|
||||
+ size_t field_size;
|
||||
+ char *r;
|
||||
+
|
||||
+ field_size = sizeof(info->h.cipherName);
|
||||
+ r = malloc(field_size + 1);
|
||||
+ if (r != NULL) {
|
||||
+ memcpy(r, info->h.cipherName, field_size);
|
||||
+ r[field_size] = '\0';
|
||||
+ }
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+char *crypt_luks_vi_get_cipher_mode(struct crypt_luks_volume_info *info)
|
||||
+{
|
||||
+ size_t field_size;
|
||||
+ char *r;
|
||||
+
|
||||
+ field_size = sizeof(info->h.cipherMode);
|
||||
+ r = malloc(field_size + 1);
|
||||
+ if (r != NULL) {
|
||||
+ memcpy(r, info->h.cipherMode, field_size);
|
||||
+ r[field_size] = '\0';
|
||||
+ }
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+unsigned crypt_luks_vi_get_key_bytes(struct crypt_luks_volume_info *info)
|
||||
+{
|
||||
+ return info->h.keyBytes;
|
||||
+}
|
||||
+
|
||||
+char *crypt_luks_vi_get_uuid(struct crypt_luks_volume_info *info)
|
||||
+{
|
||||
+ size_t field_size;
|
||||
+ char *r;
|
||||
+
|
||||
+ field_size = sizeof(info->h.uuid);
|
||||
+ r = malloc(field_size + 1);
|
||||
+ if (r != NULL) {
|
||||
+ memcpy(r, info->h.uuid, field_size);
|
||||
+ r[field_size] = '\0';
|
||||
+ }
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
+void crypt_luks_vi_free(struct crypt_luks_volume_info *info)
|
||||
+{
|
||||
+ free(info);
|
||||
+}
|
||||
+
|
||||
int crypt_isLuks(struct crypt_options *options)
|
||||
{
|
||||
struct luks_phdr hdr;
|
||||
Index: luks/keymanage.c
|
||||
===================================================================
|
||||
--- luks/keymanage.c (revision 62)
|
||||
+++ luks/keymanage.c (working copy)
|
||||
@@ -280,6 +280,20 @@
|
||||
return r;
|
||||
}
|
||||
|
||||
+/* Check whether a master key is invalid. */
|
||||
+int LUKS_verify_master_key(const struct luks_phdr *hdr,
|
||||
+ const struct luks_masterkey *mk)
|
||||
+{
|
||||
+ char checkHashBuf[LUKS_DIGESTSIZE];
|
||||
+
|
||||
+ PBKDF2_HMAC_SHA1(mk->key, mk->keyLength, hdr->mkDigestSalt,
|
||||
+ LUKS_SALTSIZE, hdr->mkDigestIterations, checkHashBuf,
|
||||
+ LUKS_DIGESTSIZE);
|
||||
+
|
||||
+ return memcmp(checkHashBuf, hdr->mkDigest, LUKS_DIGESTSIZE) == 0
|
||||
+ ? 0 : -EPERM;
|
||||
+}
|
||||
+
|
||||
/* Try to open a particular key slot,
|
||||
|
||||
*/
|
||||
@@ -295,7 +309,6 @@
|
||||
char derivedKey[hdr->keyBytes];
|
||||
char *AfKey;
|
||||
size_t AFEKSize;
|
||||
- char checkHashBuf[LUKS_DIGESTSIZE];
|
||||
int r;
|
||||
|
||||
if(hdr->keyblock[keyIndex].active != LUKS_KEY_ENABLED) {
|
||||
@@ -329,13 +342,8 @@
|
||||
|
||||
r = AF_merge(AfKey,mk->key,mk->keyLength,hdr->keyblock[keyIndex].stripes);
|
||||
if(r < 0) goto out;
|
||||
-
|
||||
- PBKDF2_HMAC_SHA1(mk->key,mk->keyLength,
|
||||
- hdr->mkDigestSalt,LUKS_SALTSIZE,
|
||||
- hdr->mkDigestIterations,
|
||||
- checkHashBuf,LUKS_DIGESTSIZE);
|
||||
|
||||
- r = (memcmp(checkHashBuf,hdr->mkDigest, LUKS_DIGESTSIZE) == 0)?0:-EPERM;
|
||||
+ r = LUKS_verify_master_key(hdr, mk);
|
||||
out:
|
||||
free(AfKey);
|
||||
return r;
|
||||
Index: luks/luks.h
|
||||
===================================================================
|
||||
--- luks/luks.h (revision 62)
|
||||
+++ luks/luks.h (working copy)
|
||||
@@ -124,6 +124,8 @@
|
||||
struct luks_masterkey **mk,
|
||||
struct setup_backend *backend);
|
||||
|
||||
+int LUKS_verify_master_key(const struct luks_phdr *hdr,
|
||||
+ const struct luks_masterkey *mk);
|
||||
|
||||
int LUKS_del_key(const char *device, unsigned int keyIndex);
|
||||
int LUKS_is_last_keyslot(const char *device, unsigned int keyIndex);
|
3
sources
3
sources
@ -1,2 +1 @@
|
||||
882ec96bef41962a33a24d6ee5821a29 volume_key-0.2.tar.bz2
|
||||
0910632173fb960252412bf7342b42fc cryptsetup-1.0.7-rc1.tar.bz2
|
||||
SHA512 (volume_key-0.3.10.tar.xz) = b050d333e021bc3721f5e72c1d2498adea3265afe7f702e1b1e859546755745ac70dcffc194739a4833d4b0b77168506f7fe90fde382d8aab4df2af7b635932b
|
||||
|
@ -1,17 +0,0 @@
|
||||
diff --git a/lib/volume.c b/lib/volume.c
|
||||
index 91c9dbc..62fc6ec 100644
|
||||
--- a/lib/volume.c
|
||||
+++ b/lib/volume.c
|
||||
@@ -311,7 +311,11 @@ libvk_volume_open (const char *path, GError **error)
|
||||
}
|
||||
vol = g_new (struct libvk_volume, 1);
|
||||
vol->source = VOLUME_SOURCE_LOCAL;
|
||||
- vol->format = g_strdup (c);
|
||||
+ /* The LUKS type identifier returned by blkid has changed. */
|
||||
+ if (strcmp (c, "crypto_LUKS") == 0)
|
||||
+ vol->format = g_strdup (LIBVK_VOLUME_FORMAT_LUKS);
|
||||
+ else
|
||||
+ vol->format = g_strdup (c);
|
||||
free (c);
|
||||
|
||||
vol->hostname = g_strdup (g_get_host_name ());
|
231
volume_key.spec
231
volume_key.spec
@ -2,25 +2,19 @@
|
||||
|
||||
Summary: An utility for manipulating storage encryption keys and passphrases
|
||||
Name: volume_key
|
||||
Version: 0.2
|
||||
Release: 3
|
||||
Version: 0.3.10
|
||||
Release: 2%{?dist}
|
||||
License: GPLv2
|
||||
Group: Applications/System
|
||||
URL: https://fedorahosted.org/volume_key/
|
||||
Requires: volume_key-libs = %{version}-%{release}
|
||||
URL: https://pagure.io/volume_key/
|
||||
Requires: volume_key-libs%{?_isa} = %{version}-%{release}
|
||||
|
||||
Source0: https://fedorahosted.org/releases/v/o/volume_key/volume_key-%{version}.tar.bz2
|
||||
Source1: http://cryptsetup.googlecode.com/files/cryptsetup-1.0.7-rc1.tar.bz2
|
||||
# http://code.google.com/p/cryptsetup/issues/detail?id=15
|
||||
Patch0: https://fedorahosted.org/releases/v/o/volume_key/cryptsetup-svn-r62.patch
|
||||
Patch1: volume_key-0.2-libblkid-type.patch
|
||||
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
|
||||
BuildRequires: gettext-devel, glib2-devel, gnupg, gpgme-devel, libblkid-devel
|
||||
BuildRequires: nss-devel, python-devel
|
||||
|
||||
# For cryptsetup
|
||||
BuildRequires: device-mapper-devel, e2fsprogs-devel, libgcrypt-devel
|
||||
BuildRequires: libgpg-error-devel, libselinux-devel, libsepol-devel, popt-devel
|
||||
Source0: https://releases.pagure.org/volume_key/volume_key-%{version}.tar.xz
|
||||
BuildRequires: gcc
|
||||
BuildRequires: cryptsetup-luks-devel, gettext-devel, glib2-devel, /usr/bin/gpg2
|
||||
BuildRequires: gpgme-devel, libblkid-devel, nss-devel, python2-devel
|
||||
# Needed by %%check:
|
||||
BuildRequires: nss-tools
|
||||
|
||||
%description
|
||||
This package provides a command-line tool for manipulating storage volume
|
||||
@ -35,7 +29,7 @@ company data after an employee leaves abruptly.
|
||||
%package devel
|
||||
Summary: A library for manipulating storage encryption keys and passphrases
|
||||
Group: Development/Libraries
|
||||
Requires: volume_key-libs = %{version}-%{release}
|
||||
Requires: volume_key-libs%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description devel
|
||||
This package provides libvolume_key, a library for manipulating storage volume
|
||||
@ -50,6 +44,7 @@ company data after an employee leaves abruptly.
|
||||
%package libs
|
||||
Summary: A library for manipulating storage encryption keys and passphrases
|
||||
Group: System Environment/Libraries
|
||||
Requires: /usr/bin/gpg2
|
||||
|
||||
%description libs
|
||||
This package provides libvolume_key, a library for manipulating storage volume
|
||||
@ -61,12 +56,13 @@ back up can also be useful for extracting data after a hardware or software
|
||||
failure that corrupts the header of the encrypted volume, or to access the
|
||||
company data after an employee leaves abruptly.
|
||||
|
||||
%package -n python-volume_key
|
||||
%package -n python2-volume_key
|
||||
%{?python_provide:%python_provide python2-volume_key}
|
||||
Summary: Python bindings for libvolume_key
|
||||
Group: System Environment/Libraries
|
||||
Requires: volume_key-libs = %{version}-%{release}
|
||||
Requires: volume_key-libs%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description -n python-volume_key
|
||||
%description -n python2-volume_key
|
||||
This package provides Python bindings for libvolume_key, a library for
|
||||
manipulating storage volume encryption keys and storing them separately from
|
||||
volumes.
|
||||
@ -81,62 +77,197 @@ volume_key currently supports only the LUKS volume encryption format. Support
|
||||
for other formats is possible, some formats are planned for future releases.
|
||||
|
||||
%prep
|
||||
%setup -q -a 1
|
||||
%patch1 -p1 -b .libblkid-type
|
||||
pushd cryptsetup-1.0.7-rc1
|
||||
%patch0 -p0 -b .cs-vk
|
||||
popd
|
||||
%setup -q
|
||||
|
||||
%build
|
||||
cryptsetup_root=$(pwd)/cryptsetup-root
|
||||
|
||||
pushd cryptsetup-1.0.7-rc1
|
||||
%configure --enable-static --disable-shared --with-pic
|
||||
make %{?_smp_mflags}
|
||||
make install "DESTDIR=$cryptsetup_root"
|
||||
popd
|
||||
|
||||
%configure "CPPFLAGS=-I$cryptsetup_root"%{_includedir} \
|
||||
"LDFLAGS=-L$cryptsetup_root"%{_libdir} --disable-static
|
||||
%configure
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p'
|
||||
|
||||
%check
|
||||
make check
|
||||
|
||||
%find_lang volume_key
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%post libs -p /sbin/ldconfig
|
||||
%postun libs -p /sbin/ldconfig
|
||||
%ldconfig_scriptlets libs
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
%doc README
|
||||
%doc README contrib
|
||||
%{_bindir}/volume_key
|
||||
%{_mandir}/man8/volume_key.8*
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root,-)
|
||||
%{_includedir}/volume_key
|
||||
%exclude %{_libdir}/libvolume_key.la
|
||||
%{_libdir}/libvolume_key.so
|
||||
|
||||
%files libs -f volume_key.lang
|
||||
%defattr(-,root,root,-)
|
||||
%doc AUTHORS COPYING ChangeLog NEWS
|
||||
%{_libdir}/libvolume_key.so.*
|
||||
|
||||
%files -n python-volume_key
|
||||
%defattr(-,root,root,-)
|
||||
%files -n python2-volume_key
|
||||
%exclude %{python_sitearch}/_volume_key.la
|
||||
%{python_sitearch}/_volume_key.so
|
||||
%{python_sitearch}/volume_key.py*
|
||||
%{python2_sitearch}/_volume_key.so
|
||||
%{python2_sitearch}/volume_key.py*
|
||||
|
||||
%changelog
|
||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.10-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||
|
||||
* Wed May 16 2018 Jiri Kucera <jkucera@redhat.com> - 0.3.10-1
|
||||
- Update to volume_key-0.3.10
|
||||
Resolves: #1479349, #1517016
|
||||
|
||||
* Wed Feb 14 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.3.9-20
|
||||
- Update Python 2 dependency declarations to new packaging standards
|
||||
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.9-19
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.3.9-18
|
||||
- Switch to %%ldconfig_scriptlets
|
||||
|
||||
* Tue Nov 7 2017 Miloslav Trmač <mitr@redhat.com> - 0.3.9-17
|
||||
- Update for libcryptsetup ABI change
|
||||
|
||||
* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.3.9-16
|
||||
- Python 2 binary package renamed to python2-volume_key
|
||||
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.9-15
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.9-14
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Mon May 29 2017 Miloslav Trmač <mitr@redhat.com> - 0.3.9-13
|
||||
- Point URL: and Source: to the new home at pagure.io
|
||||
Resolves: 1456378
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.9-12
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Sat Dec 10 2016 Igor Gnatenko <i.gnatenko.brain@gmail.com> - 0.3.9-11
|
||||
- Rebuild for gpgme 1.18
|
||||
|
||||
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-10
|
||||
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
|
||||
|
||||
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.3.9-9
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Tue Jan 13 2015 Miloslav Trmač <mitr@redhat.com> - 0.3.9-7
|
||||
- Don't #include <config.h> in libvolume_key.h
|
||||
Patch by Vratislav Podzimek <vpodzime@redhat.com>.
|
||||
|
||||
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||
|
||||
* Fri Feb 15 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.9-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||
|
||||
* Thu Nov 22 2012 Miloslav Trmač <mitr@redhat.com> - 0.3.9-2
|
||||
- Fix a crash when trying to use passphrase encryption in FIPS mode
|
||||
|
||||
* Sat Sep 22 2012 Miloslav Trmač <mitr@redhat.com> - 0.3.9-1
|
||||
- Update to volume_key-0.3.9
|
||||
|
||||
* Mon Aug 6 2012 Miloslav Trmač <mitr@redhat.com> - 0.3.8-4
|
||||
- Use BuildRequires: /usr/bin/gpg instead of gnupg, for compatibility with RHEL
|
||||
|
||||
* Mon Jul 23 2012 Miloslav Trmač <mitr@redhat.com> - 0.3.8-3
|
||||
- Add Requires: /usr/bin/gpg
|
||||
Resolves: #842074
|
||||
|
||||
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.8-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||
|
||||
* Sat Mar 3 2012 Miloslav Trmač <mitr@redhat.com> - 0.3.8-1
|
||||
- Update to volume_key-0.3.8
|
||||
|
||||
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.7-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||
|
||||
* Fri Oct 14 2011 Miloslav Trmač <mitr@redhat.com> - 0.3.7-2
|
||||
- Rebuild with newer libcryptsetup
|
||||
|
||||
* Wed Aug 24 2011 Miloslav Trmač <mitr@redhat.com> - 0.3.7-1
|
||||
- Update to volume_key-0.3.7
|
||||
|
||||
* Fri Jun 10 2011 Miloslav Trmač <mitr@redhat.com> - 0.3.6-2
|
||||
- Fix a typo
|
||||
Resolves: #712256
|
||||
|
||||
* Thu Mar 31 2011 Miloslav Trmač <mitr@redhat.com> - 0.3.6-1
|
||||
- Update to volume_key-0.3.6
|
||||
|
||||
* Mon Feb 07 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3.5-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||
|
||||
* Fri Feb 4 2011 Miloslav Trmač <mitr@redhat.com> - 0.3.5-2
|
||||
- Use %%{?_isa} in Requires:
|
||||
|
||||
* Wed Nov 24 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.5-1
|
||||
- Update to volume_key-0.3.5
|
||||
|
||||
* Mon Oct 18 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-4
|
||||
- Tell the user if asking for the same passphrase again
|
||||
Resolves: #641111
|
||||
- Check certificate file before interacting with the user
|
||||
Resolves: #643897
|
||||
|
||||
* Fri Oct 8 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-3
|
||||
- Make it possible to interrupt password prompts
|
||||
Resolves: #641111
|
||||
|
||||
* Wed Sep 29 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-2
|
||||
- Clarify which block device should be passed as an argument
|
||||
Resolves: #636541
|
||||
- Recognize SSL error messages from NSS as well
|
||||
Resolves: #638732
|
||||
|
||||
* Fri Aug 27 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-1
|
||||
- Update to volume_key-0.3.4
|
||||
|
||||
* Mon Jul 26 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.3-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
|
||||
|
||||
* Thu Jul 22 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.3-3
|
||||
- Fix build with new gpgme
|
||||
|
||||
* Thu Jul 22 2010 David Malcolm <dmalcolm@redhat.com> - 0.3.3-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
|
||||
|
||||
* Fri Mar 26 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.3-1
|
||||
- Update to volume_key-0.3.3
|
||||
|
||||
* Thu Mar 4 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.2-1
|
||||
- Update to volume_key-0.3.2
|
||||
- Drop no longer necessary references to BuildRoot:
|
||||
|
||||
* Fri Feb 5 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.1-2
|
||||
- Fix a crash when an empty passphrase is provided
|
||||
Resolves: #558410
|
||||
|
||||
* Fri Dec 11 2009 Miloslav Trmač <mitr@redhat.com> - 0.3.1-1
|
||||
- Update to volume_key-0.3.1.
|
||||
|
||||
* Wed Sep 30 2009 Miloslav Trmač <mitr@redhat.com> - 0.3-1
|
||||
- Update to volume_key-0.3.
|
||||
- Drop bundled libcryptsetup.
|
||||
|
||||
* Sat Aug 8 2009 Miloslav Trmač <mitr@redhat.com> - 0.2-3
|
||||
- Handle changed "TYPE=crypto_LUKS" from libblkid
|
||||
- Preserve file timestamps during installation
|
||||
|
Loading…
Reference in New Issue
Block a user