diff --git a/ChangeLog b/ChangeLog index 67a8889e..091ff466 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2009-09-10 Milan Broz + * Clean up Makefiles and configure script. + * Version 1.1.0-test0. + 2009-09-08 Milan Broz * Use dm-uuid for all crypt devices, contains device type and name now. * Try to read first sector from device to properly check that device is ready. diff --git a/configure.in b/configure.in index 5f4fe9e2..195e8792 100644 --- a/configure.in +++ b/configure.in @@ -1,5 +1,5 @@ AC_PREREQ(2.57) -AC_INIT(cryptsetup,1.0.7) +AC_INIT(cryptsetup,1.1.0-test0) AC_CONFIG_SRCDIR(src/cryptsetup.c) AC_CONFIG_MACRO_DIR([m4]) @@ -29,12 +29,13 @@ AC_CHECK_HEADERS(fcntl.h malloc.h inttypes.h sys/ioctl.h sys/mman.h \ AC_CHECK_HEADERS(uuid/uuid.h,,[AC_MSG_ERROR('You need the uuid library')]) AC_CHECK_HEADER(libdevmapper.h,,[AC_MSG_ERROR('You need the device-mapper library')]) -saved_LIBS="$LIBS" +saved_LIBS=$LIBS AC_CHECK_LIB(uuid, uuid_clear, ,[AC_MSG_ERROR('You need the uuid library')]) -AC_CHECK_LIB(devmapper, dm_task_set_name,,[AC_MSG_ERROR('You need the device-mapper library')]) -UUID_LIBS="$LIBS" -LIBS="$saved_LIBS" -AC_SUBST(UUID_LIBS) +AC_SUBST(UUID_LIBS, $LIBS) +LIBS=$saved_LIBS + + +AM_PATH_LIBGCRYPT(1.1.42,,[AC_MSG_ERROR('You need the gcrypt library')]) AC_CHECK_FUNCS([setlocale, posix_memalign]) @@ -53,12 +54,11 @@ AM_GNU_GETTEXT_VERSION([0.15]) dnl ========================================================================== -saved_LIBS="$LIBS" +saved_LIBS=$LIBS AC_CHECK_LIB(popt, poptConfigFileToString,, - AC_MSG_ERROR([You need popt 1.7 or newer to compile.])) -POPT_LIBS="$LIBS" -LIBS="$saved_LIBS" -AC_SUBST(POPT_LIBS) + [AC_MSG_ERROR([You need popt 1.7 or newer to compile.])]) +AC_SUBST(POPT_LIBS, $LIBS) +LIBS=$saved_LIBS dnl ========================================================================== @@ -68,52 +68,30 @@ AC_ARG_ENABLE(shared-library, enable_shared_library=yes) AM_CONDITIONAL(STATIC_LIBRARY, test x$enable_shared_library = xno) -AC_ARG_ENABLE(plugins, -[ --enable-plugins disable shared library plugins],,enable_plugins=no) -if test "x$enable_plugins" = xyes; then - AC_DEFINE(USE_PLUGINS, 1, [Define if you wish to use the plugin loader]) -fi - -AC_ARG_ENABLE(, [ -Modules: - --with-MODULE[[=shared]] builds the module MODULE as a shared library plugin -],,) - -AC_ARG_ENABLE(all, -[ --disable-all disable all modules built by default],,enable_all=default) - -MODULE_HELPER(libgcrypt, -[ --enable-libgcrypt enable libgcrypt crypto functions [[default=auto]]],auto,[ - AM_PATH_LIBGCRYPT(1.1.42,have_module=yes) -]) -AM_CONDITIONAL(BUILD_LIBGCRYPT, test x$build_static = xyes) -AM_CONDITIONAL(SHARED_LIBGCRYPT, test x$build_shared = xyes) - AC_ARG_ENABLE(selinux, [ --disable-selinux disable selinux support [[default=auto]]],[], []) -saved_LIBS="$LIBS" +saved_LIBS=$LIBS +AC_CHECK_LIB(devmapper, dm_task_set_name,,[AC_MSG_ERROR('You need the device-mapper library')]) +DEVMAPPER_LIBS=$LIBS +LIBS=$saved_LIBS if test "x$enable_selinux" != xno; then AC_CHECK_LIB(sepol, sepol_bool_set) AC_CHECK_LIB(selinux, is_selinux_enabled) - # Check if we need -pthread with --enable-static and selinux - if test x$build_static = xyes; then - saved_LIBS2="$LIBS" + if test x$enable_static = xyes; then + SELINUX_STATIC_LIBS=$LIBS + # Check if we need -pthread with --enable-static and selinux + saved_LIBS2=$LIBS LIBS="$LIBS -static" AC_SEARCH_LIBS([pthread_mutex_lock], [pthread], [test "$ac_cv_search_pthread_mutex_lock" = "none required" || LIB_PTHREAD=-lpthread]) - LIBS="$saved_LIBS2" - SELINUX_STATIC_LIBS="$LIBS" + LIBS=$saved_LIBS2 fi fi +LIBS=$saved_LIBS +DEVMAPPER_LIBS="$DEVMAPPER_LIBS $LIB_PTHREAD" +AC_SUBST(DEVMAPPER_LIBS) AC_SUBST(SELINUX_STATIC_LIBS) -LIBDEVMAPPER_LIBS="$LIBS $LIB_PTHREAD" -LIBS="$saved_LIBS" -AC_SUBST(LIBDEVMAPPER_LIBS) -AC_SUBST(LIBDEVMAPPER_CFLAGS) - -AM_CONDITIONAL(BUILD_LIBDEVMAPPER, test x$build_static = xyes) -AM_CONDITIONAL(SHARED_LIBDEVMAPPER, test x$build_shared = xyes) dnl ========================================================================== @@ -124,6 +102,7 @@ dnl ========================================================================== AC_OUTPUT([ Makefile lib/Makefile +lib/libcryptsetup.pc src/Makefile po/Makefile.in luks/Makefile diff --git a/lib/Makefile.am b/lib/Makefile.am index c711f650..1822ded7 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -1,28 +1,7 @@ moduledir = $(libdir)/cryptsetup -if BUILD_LIBDEVMAPPER -_LIBDEVMAPPER_LIBADD = @LIBDEVMAPPER_LIBS@ -_LIBDEVMAPPER_SOURCES = libdevmapper.c -_LIBDEVMAPPER_CFLAGS = -DBUILTIN_LIBDEVMAPPER -endif -libbbackend_devmapper_la_SOURCES = libdevmapper.c -libbbackend_devmapper_la_LDFLAGS = -avoid-version -module -libbbackend_devmapper_la_LIBADD = @LIBDEVMAPPER_LIBS@ -if SHARED_LIBDEVMAPPER -_LIBDEVMAPPER_SHLIB = libbbackend_devmapper.la -endif - -if BUILD_LIBGCRYPT -_LIBGCRYPT_LIBADD = @LIBGCRYPT_LIBS@ -_LIBGCRYPT_SOURCES = gcrypt.c -_LIBGCRYPT_CFLAGS = -DBUILTIN_GCRYPT -endif -libcrypto_gcrypt_la_SOURCES = gcrypt.c -libcrypto_gcrypt_la_LDFLAGS = -avoid-version -module -libcrypto_gcrypt_la_LIBADD = @LIBGCRYPT_LIBS@ -if SHARED_LIBGCRYPT -_LIBGCRYPT_SHLIB = libcrypto_gcrypt.la -endif +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = libcryptsetup.pc INCLUDES = \ -I$(top_srcdir) \ @@ -34,32 +13,27 @@ INCLUDES = \ -DVERSION=\""$(VERSION)"\" \ -D_GNU_SOURCE \ -D_LARGEFILE64_SOURCE \ - -D_FILE_OFFSET_BITS=64 \ - @LIBDEVMAPPER_CFLAGS@ \ - $(_LIBDEVMAPPER_CFLAGS) \ - @LIBGCRYPT_CFLAGS@ \ - $(_LIBGCRYPT_CFLAGS) + -D_FILE_OFFSET_BITS=64 -lib_LTLIBRARIES = \ - libcryptsetup.la - -module_LTLIBRARIES = \ - $(_LIBDEVMAPPER_SHLIB) \ - $(_LIBGCRYPT_SHLIB) +lib_LTLIBRARIES = libcryptsetup.la if STATIC_LIBRARY _STATIC_LIBRARY = -static endif +libcryptsetup_la_DEPENDENCIES = libcryptsetup.sym + libcryptsetup_la_LDFLAGS = \ - $(_STATIC_LIBRARY) + $(_STATIC_LIBRARY) \ + --version-script=libcryptsetup.sym \ + -version-info 1:0:0 libcryptsetup_la_CFLAGS = -Wall libcryptsetup_la_LIBADD = \ - $(_LIBDEVMAPPER_LIBADD) \ - $(_LIBGCRYPT_LIBADD) \ @UUID_LIBS@ \ + @DEVMAPPER_LIBS@ \ + @LIBGCRYPT_LIBS@ \ ../luks/libluks.la libcryptsetup_la_SOURCES = \ @@ -69,8 +43,9 @@ libcryptsetup_la_SOURCES = \ libcryptsetup.h \ utils.c \ backends.c \ - $(_LIBDEVMAPPER_SOURCES) \ - $(_LIBGCRYPT_SOURCES) + libdevmapper.c \ + gcrypt.c -include_HEADERS = \ - libcryptsetup.h +include_HEADERS = libcryptsetup.h + +EXTRA_DIST = libcryptsetup.pc.in libcryptsetup.sym diff --git a/lib/backends.c b/lib/backends.c index e05dfc9a..e2c441dc 100644 --- a/lib/backends.c +++ b/lib/backends.c @@ -8,18 +8,8 @@ extern struct hash_backend hash_gcrypt_backend; -#ifdef USE_PLUGINS -static void init_plugins(void) -{ -} -#else /* USE_PLUGINS */ -# define init_plugins() do { } while(0) -#endif /* USE_PLUGINS */ - static struct hash_backend *hash_backends[] = { -#ifdef BUILTIN_GCRYPT &hash_gcrypt_backend, -#endif NULL }; @@ -27,8 +17,6 @@ struct hash_backend *get_hash_backend(const char *name) { struct hash_backend **backend; - init_plugins(); - for(backend = hash_backends; *backend; backend++) if (!name || strcmp(name, (*backend)->name) == 0) break; diff --git a/lib/libcryptsetup.pc.in b/lib/libcryptsetup.pc.in new file mode 100644 index 00000000..24f363b8 --- /dev/null +++ b/lib/libcryptsetup.pc.in @@ -0,0 +1,10 @@ +prefix=@prefix@ +exec_prefix=@exec_prefix@ +libdir=@libdir@ +includedir=@includedir@ + +Name: cryptsetup +Description: cryptsetup library +Version: 1.0.0 +Cflags: -I${includedir} +Libs: -L${libdir} -lcryptsetup diff --git a/lib/libcryptsetup.sym b/lib/libcryptsetup.sym new file mode 100644 index 00000000..e059a161 --- /dev/null +++ b/lib/libcryptsetup.sym @@ -0,0 +1,61 @@ +CRYPTSETUP_1.0 { + global: + crypt_init; + crypt_init_by_name; + crypt_set_log_callback; + crypt_set_confirm_callback; + crypt_set_password_callback; + crypt_set_timeout; + crypt_set_password_retry; + crypt_set_iterarion_time; + crypt_set_password_verify; + + crypt_memory_lock; + crypt_format; + crypt_load; + crypt_suspend; + crypt_resume_by_passphrase; + crypt_resume_by_keyfile; + crypt_free; + + crypt_keyslot_add_by_passphrase; + crypt_keyslot_add_by_keyfile; + crypt_keyslot_add_by_volume_key; + crypt_keyslot_destroy; + crypt_activate_by_passphrase; + crypt_activate_by_keyfile; + crypt_activate_by_volume_key; + crypt_deactivate; + crypt_volume_key_get; + crypt_volume_key_verify; + crypt_status; + crypt_dump; + crypt_get_cipher; + crypt_get_cipher_mode; + crypt_get_uuid; + crypt_get_data_offset; + crypt_get_volume_key_size; + + crypt_keyslot_status; + crypt_get_error; + crypt_get_dir; + crypt_set_debug_level; + + crypt_create_device; + crypt_update_device; + crypt_resize_device; + crypt_query_device; + crypt_remove_device; + crypt_luksFormat; + crypt_luksOpen; + crypt_luksKillSlot; + crypt_luksRemoveKey; + crypt_luksAddKey; + crypt_luksUUID; + crypt_isLuks; + crypt_luksDump; + + crypt_put_options; + local: + *; +}; diff --git a/lib/setup.c b/lib/setup.c index 9c17bacb..add1bfb3 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -198,20 +198,22 @@ static int verify_other_keyslot(struct crypt_device *cd, if(!password) return -EINVAL; - if (ki == SLOT_ACTIVE_LAST) + ki = crypt_keyslot_status(cd, keyIndex); + if (ki == SLOT_ACTIVE) /* Not last slot */ LUKS_keyslot_set(&cd->hdr, keyIndex, 0); openedIndex = LUKS_open_key_with_hdr(cd->device, CRYPT_ANY_SLOT, password, passwordLen, &cd->hdr, &mk, cd); - if (openedIndex < 0) { - LUKS_keyslot_set(&cd->hdr, keyIndex, 1); - return -EPERM; - } + if (ki == SLOT_ACTIVE) + LUKS_keyslot_set(&cd->hdr, keyIndex, 1); LUKS_dealloc_masterkey(mk); safe_free(password); + if (openedIndex < 0) + return -EPERM; + log_std(cd, _("Key slot %d verified.\n"), openedIndex); return 0; } @@ -1430,10 +1432,9 @@ int crypt_keyslot_add_by_volume_key(struct crypt_device *cd, const char *volume_key, size_t volume_key_size, const char *passphrase, - size_t passphrase_size -) + size_t passphrase_size) { - struct luks_masterkey *mk; + struct luks_masterkey *mk = NULL; int r = -EINVAL; char *new_password = NULL; unsigned int new_passwordLen; diff --git a/tests/Makefile.am b/tests/Makefile.am index 873d927b..55a893fb 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,13 +1,13 @@ TESTS = apitest -EXTRA_DIST = apitest fileDiffer.py compatimage.img.bz2 test +EXTRA_DIST = fileDiffer.py compatimage.img.bz2 apitest_SOURCES = apitest.c apitest_LDADD = ../lib/libcryptsetup.la apitest_LDFLAGS = -static -apitest_CFLAGS = -g -O0 -I../lib/ +apitest_CFLAGS = -g -O0 -I$(top_srcdir)/lib/ -check_PROGRAMS = apitest compatimage.img test +check_PROGRAMS = apitest compatimage.img: @bzip2 -k -d compatimage.img.bz2 diff --git a/tests/apitest.c b/tests/apitest.c index 9ca62b79..b4c57d11 100644 --- a/tests/apitest.c +++ b/tests/apitest.c @@ -683,6 +683,11 @@ int main (int argc, char *argv[]) { int i; + if (getuid() != 0) { + printf("You must be root to run this test.\n"); + exit(0); + } + for (i = 1; i < argc; i++) { if (!strcmp("-v", argv[i]) || !strcmp("--verbose", argv[i])) _verbose = 1;