eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,643 Commits 14 Branches 78 Tags
main
Commit Graph

64 Commits

Author SHA1 Message Date
Milan Broz
9cfdd6ba06 Version 2.8.1. 2025-08-19 10:57:12 +02:00
Milan Broz
13306948c8 Version 2.8.0. 2025-06-24 09:30:17 +02:00
Milan Broz
a8105ef9bb Version 2.8.0-rc1. 2025-06-16 14:10:18 +02:00
Milan Broz
efc6f847ee Update kernel.org links to use CDN. 2025-06-03 09:54:49 +02:00
Milan Broz
30ede1be36 Test version 2.8.0-rc0. 2025-06-03 09:21:07 +02:00
Milan Broz
cbf6fa9d07 Fix external slot checker to work with LUKS2. 2025-05-22 16:09:50 +02:00
Milan Broz
33ed0d587e Fix typos found by lintian. 2024-10-30 19:11:29 +01:00
Milan Broz
35bf791e85 Version 2.7.4. 2024-07-30 14:14:22 +02:00
Milan Broz
e32ea56b59 Update README for version 2.7.3. 2024-06-17 14:39:42 +02:00
Milan Broz
1a6a611dff Reorganize license files. 
This patch adds README.licensing describing used licenses.
The license text files are now in dosc/licenses.

The main COPYING document in root is the default license,
this also forces GitHub to properly identify default license.
 2024-06-03 16:38:15 +00:00
Milan Broz
661f57def4 Use SPDX license identifiers. 
This patch switches code to SPDX one-line license identifiers according to
https://spdx.dev/learn/handling-license-info/
and replacing long license text headers.

I used C++ format on the first line in style
// SPDX-License-Identifier: <id>
except exported libcryptsetup.h, when only C comments are used.

The only additional changes are:
- switch backend utf8.c from LGPL2+ to LGPL2.1+ (as in systemd)
- add some additional formatting lines.
 2024-06-03 16:38:15 +00:00
Milan Broz
e17ec37341 Relicense older script to LGPL fro GPL2.0 only. 
(As I am sole author here.)
 2024-04-03 11:49:33 +00:00
Ondrej Kozina
fdac0d7ee2 cryptsetup.spec: drop libargon2 in favour of openssl implementation. 2024-02-12 10:43:47 +00:00
Milan Broz
37a2750e4f Update cryptsetup.spec. 2023-12-20 18:25:51 +01:00
Guilhem Moulin
3106b4e2c1 More typo and spelling fixes. 
Reported by `git ls-tree -rz --name-only | grep -Evz -e '\.(pdf|xz)$' -e
^po/ | xargs -r0 spellintian --`.  All changes are
documentation-related (comments, manuals, etc.) except for s/fial/fail/
in tests/unit-wipe-test.

The remaining entry are AFAICT all false positives, mostly annotations
such as `@param name name of xyz` or `struct foo foo`:

	$ git ls-tree -rz HEAD --name-only | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | xargs -r0 spellintian --
	COPYING.LGPL: "GNU Library Public License" -> "GNU Library General Public License"
	autogen.sh: echo echo (duplicate word) -> echo
	configure.ac: fi fi (duplicate word) -> fi
	docs/v1.7.2-ReleaseNotes: option option (duplicate word) -> option
	lib/crypto_backend/cipher_check.c: block block (duplicate word) -> block
	lib/libcryptsetup.h: name name (duplicate word) -> name
	lib/libcryptsetup.h: type type (duplicate word) -> type
	lib/libcryptsetup.h: passphrase passphrase (duplicate word) -> passphrase
	lib/libcryptsetup.h: flags flags (duplicate word) -> flags
	lib/libcryptsetup.h: password password (duplicate word) -> password
	lib/libcryptsetup.h: salt salt (duplicate word) -> salt
	lib/libcryptsetup.h: keyslot keyslot (duplicate word) -> keyslot
	lib/libcryptsetup.h: priority priority (duplicate word) -> priority
	lib/libcryptsetup.h: offset offset (duplicate word) -> offset
	lib/libcryptsetup.h: length length (duplicate word) -> length
	lib/libcryptsetup.h: keyfile keyfile (duplicate word) -> keyfile
	lib/libcryptsetup.h: token token (duplicate word) -> token
	lib/libcryptsetup.h: cipher cipher (duplicate word) -> cipher
	lib/libcryptsetup.h: size size (duplicate word) -> size
	lib/luks2/luks2_json_metadata.c: long long (duplicate word) -> long
	lib/luks2/luks2_keyslot_luks2.c: AFEKSize AFEKSize (duplicate word) -> AFEKSize
	lib/luks2/luks2_reencrypt.c: alignment alignment (duplicate word) -> alignment
	lib/luks2/luks2_reencrypt_digest.c: ptr ptr (duplicate word) -> ptr
	lib/luks2/luks2_reencrypt_digest.c: buffer buffer (duplicate word) -> buffer
	lib/luks2/luks2_segment.c: min min (duplicate word) -> min
	lib/verity/verity_fec.c: blocks blocks (duplicate word) -> blocks
	man/cryptsetup.8.adoc: LUKS LUKS (duplicate word) -> LUKS
	scripts/cryptsetup.conf.in: root root (duplicate word) -> root
	src/Makemodule.am: endif endif (duplicate word) -> endif
	src/cryptsetup.c: long long (duplicate word) -> long
	src/utils_args.c: long long (duplicate word) -> long
	tests/compat-test2: fi fi (duplicate word) -> fi
	tests/device-test: echo echo (duplicate word) -> echo
	tests/differ.c: long long (duplicate word) -> long
	tests/loopaes-test: done done (duplicate word) -> done
	tests/luks2-integrity-test: aead aead (duplicate word) -> aead
	tests/luks2-reencryption-test: fi fi (duplicate word) -> fi
	tests/mode-test: done done (duplicate word) -> done
	tests/password-hash-test: cat cat (duplicate word) -> cat
	tests/password-hash-test: fi fi (duplicate word) -> fi
	tests/unit-wipe.c: long long (duplicate word) -> long
	tests/verity-compat-test: done done (duplicate word) -> done
	tests/verity-compat-test: fi fi (duplicate word) -> fi
	tokens/ssh/cryptsetup-ssh.c: argp argp (duplicate word) -> argp
	tokens/ssh/cryptsetup-ssh.c: arguments arguments (duplicate word) -> arguments

(Treated COPYING.LGPL as a false positive too since it's the exact text
from https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html .)
 2022-07-15 16:35:02 +02:00
daniel.zatovic
8eff391a66 Regenerate manual pages using AsciiDoctor in spec file. 2022-07-13 21:08:17 +02:00
daniel.zatovic
dae6aa0384 Obsolete cryptsetup-reencrypt and add manual pages to spec file. 
The cryptsetup-reencrypt utility is now replaced by reencrypt action.
New per-action manual pages have been added.
 2022-07-13 21:08:15 +02:00
Milan Broz
aa126ac10a Remove dracut plugin that is obsolete and will not work with current reencrypt code. 2022-07-12 17:58:48 +00:00
Milan Broz
4746717b75 Update Fedora spec. 
Rebuild configure suite locally, so we do not need to patch generated
scripts because of RPATH issues.
 2021-08-18 14:02:28 +02:00
Ondrej Kozina
5fa8e84ef0 Also install directory for external plugins. 
And remove custom target from reference .spec file.
 2021-08-18 12:08:14 +02:00
Ondrej Kozina
c35b896209 cryptsetup.spec: remove .la file from plugins build dir. 2021-06-30 12:41:42 +02:00
Ondrej Kozina
95eb986206 Few fixes to ssh-token and related spec file. 2021-06-30 09:37:50 +02:00
Vojtech Trefny
b4670ce7f0 ssh token: Change license to LGPL 
The cryptsetup-ssh binary stays under GPL.
 2021-06-29 16:19:04 +02:00
Vojtech Trefny
eadbcac115 ssh token: Add man page for cryptsetup-ssh 2021-06-29 15:11:46 +02:00
Ondrej Kozina
5b9e98f941 Change external token handlers (plugins) default location. 
Search for token handlers in %{libdir}/cryptsetup directory
by default. Distros may change default location via
--with-luks2-external-tokens-path parameter during configuration.
 2021-06-24 12:54:13 +02:00
Milan Broz
fc6982f577 Add spec file for Fedora. 
Spec file will be needed for some automoatic tests.

THis is simplified version with some obsolete provides removal (cryptsetup-luks).
 2021-06-18 09:47:02 +02:00
Vojtech Trefny
9125df1398 misc: Remove LUKS2 SSH token example 
The SSH plugin in tokens/ssh replaces it.
 2021-06-16 12:30:53 +02:00
Milan Broz
89b3105493 Add example SSH token handler. 
Provides example of loadable token handler for activation
json validation and metadata dump.

For creating new ssh example token use special cryptsetup-ssh
binary.
 2021-02-03 11:43:04 +00:00
Milan Broz
d1d9dd8e20 Update Copyright year. 2021-01-25 22:00:25 +01:00
Milan Broz
080566a1fd Update copyright year. 2020-01-03 13:04:55 +01:00
Milan Broz
a6f5ce8c7b Update copyright year. 
And unify name copyright format.
 2019-01-25 09:45:57 +01:00
Ondrej Kozina
7de815e957 Silence annoying shell checks for dracut module. 
Also fixes one theoretical issue with 'local' keyword for
any (if any) POSIX-strictly shell.
 2018-12-12 15:08:06 +01:00
Rafael Fontenelle
f35ec9771e Fix typos 
A bunch of typos reported by codespell, most of them comments in the code
 2018-07-21 07:24:25 -03:00
Ondrej Kozina
8ea6b3eebd Redirect stdout to stderr during reencryption in initrd. 
Stdout is not printed in initrd unless user invokes debug mode.
It's inconvenient to have users waiting for reencryption to
finish with no input at all.
 2018-07-21 11:28:41 +02:00
Ondrej Kozina
1b9148f12f dracut-reencrypt: add --progress-frequency parameter 2018-07-18 11:56:04 +02:00
Milan Broz
6ddf765d8d Remove example covered by cryptsetup already. 2018-04-19 18:29:26 +02:00
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Andrea Gelmini
a97de38b6b Fix typos. 2017-11-08 10:22:49 +01:00
Milan Broz
dd397a9957 Fix Makefile example after automake changes. 2017-10-29 16:31:49 +01:00
Milan Broz
9bbc13f256 Add LUKS2 examples. 
Signed-off-by: Milan Broz <gmazyland@gmail.com>
 2017-09-27 07:46:41 +02:00
Harald Hoyer
1691282314 dracut-reencrypt: call "udevadm settle" once more 
Somehow testing in qemu resulted sometimes in an endless loop.
Either the timing or the settle fixed the issue.
When the VM was in an endless loop, an strace showed, that the first 512
and 1024 of the crypt partition was read over and over. Either it was
the udev blkid, or some device mapper udev rule.
Maybe the reencrypt tool opens and closes the device fd, where the close
triggers a udev blkid and causes the reencrypt tool to reread the device...
Anyhow.. with this settle the issue was not seen anymore.
 2017-04-26 10:50:44 +02:00
Harald Hoyer
3d6bb53b31 dracut-reencrypt: add UUID handling to rd.luks.reencrypt= 
This patch adds a udev rule, so that you can specify
rd.luks.reencrypt=<UUID> instead of rd.luks.reencrypt=<devname>

It also moves the job to the "settled" queue, which means, that it is
executed after udev has settled.
 2017-04-26 10:50:41 +02:00
Harald Hoyer
6a8a6aea54 dracut-reencrypt: add finished hook 
A finished hook prevents dracut-initqueue from exiting and lets it
finish the batched jobs. Without a "finished hook" and without
"root=<dev>" on the kernel command line, the reencrypt job would not be
executed.

Normally you want to reencrypt without a "root=<dev>" on the kernel
command and want to reboot after the reencrypt job is done.

This patch adds the missing "finished hook".
 2017-04-26 10:50:36 +02:00
Ondrej Kozina
1b7799cb1d dracut_90reencrypt: fix warns reported by static analysis 
- moddir is assigned in parent script run by dracut (warning was
  silenced)

- fix defect wrt to assignement and making variable local on
  same line. The variable cwd was first assigned by subshell
  and later any error originating in subshell was masked by
  making the variable local (which returns always 'true')
 2016-04-25 15:47:18 +02:00
Ondrej Kozina
2c072eb6b6 Clarify the reencrypt_keyslot= option 2016-02-21 18:48:49 +01:00
Milan Broz
78f938b0e9 Add old cryptsetup udev rules (for archive reasons). 
Do not install these until you know what are you doing.
 2014-02-05 17:22:07 +01:00
Ondrej Kozina
e52d5f3d98 90reencrypt fixes: 
- add loop module to initramfs image
- modprobe loop before reencrypt start
- add rd.luks.reencrypt_keyslot=
- add conflict with dracut crypt module
- drop to emergency_shell after reencryption
 2013-11-10 17:38:11 +01:00
wagner
cbfd48d949 Fixed the buit instruction 
Improved example
 2013-03-23 16:00:58 +01:00
Milan Broz
29f21208a0 Change License from GPLv2 only to GPLv2+ ("or any later"). 
Agreed by all copyright authors.
 2012-12-29 11:33:54 +01:00
Milan Broz
099a2b9d17 Add TCRYPT password search example. 2012-12-29 11:12:29 +01:00