eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-20 15:20:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,651 Commits 13 Branches 81 Tags
0d90efac887deb7e1657cd63d48eab265e128bbc
Commit Graph

2651 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
807cedf4f3 Check for data device and hash device area overlap in veritysetup. 
Thanks Michal Virgovic for tests.
 2016-12-13 13:52:05 +01:00
Milan Broz
ef8a7d82d8 Update Readme.md. 2016-11-16 16:14:02 +01:00
Milan Broz
b906e8d299 Merge branch 'master' into 'master' 
Fix use of LibreSSL.

Libressl declares `OPENSSL_VERSION_NUMBER 	0x20000000L`.

See merge request !12
 2016-11-10 07:51:12 +00:00
Aric Belsito
0e14147132 Fix use of LibreSSL. 2016-11-03 11:55:39 -07:00
Milan Broz
c10e106787 Fix missing CRYPT_ACTIVATE_SAME_CPU_CRYPT flag check in status command. 2016-11-02 19:55:51 +01:00
Milan Broz
61725ee7cc Update readme.md for version 1.7.3. 2016-10-30 15:02:21 +01:00
Milan Broz
39f88f1712 Set devel version. 2016-10-30 14:53:54 +01:00
Milan Broz
e14aba8cf1 Add 1.7.3. Release Notes. 2016-10-28 11:19:26 +02:00
Milan Broz
97e774226d Update po files. 2016-10-28 11:01:23 +02:00
Milan Broz
6220e9c6cc Update po files. 2016-10-28 10:56:27 +02:00
Milan Broz
cba2a6c87c Update po files. 2016-10-22 10:35:52 +02:00
Milan Broz
71d7383491 Merge branch 'eviche/cryptsetup-patch-1' 2016-10-22 09:28:41 +02:00
Eduardo Villanueva Che
2c833c2342 Fixed veritysetup bug with hash offsets bigger than 2gb. 
The lseek in function write_blockwise() could return value
that is greater than integer for result so it can overflow
and fail the whole write.
[comment added by mbroz]
 2016-10-22 09:24:09 +02:00
Milan Broz
45fa8e724f Merge branch 'master' into 'master' 
Fix several minor spelling errors found by Lintian

Fixes #306 

* lib/setup.c: miliseconds -> milliseconds
* lib/utils_wipe.c: Unsuported -> Unsupported
* man/crypsetup.8: implicitely -> implicitly
* man/veritysetup.8: verion -> version
* python/pycryptsetup.c: miliseconds -> milliseconds

See merge request !11
 2016-10-22 07:04:10 +00:00
Jonas Meurer
b2a6e338b5 Fix several minor spelling errors found by Lintian 
* lib/setup.c: miliseconds -> milliseconds
* lib/utils_wipe.c: Unsuported -> Unsupported
* man/crypsetup.8: implicitely -> implicitly
* man/veritysetup.8: verion -> version
* python/pycryptsetup.c: miliseconds -> milliseconds
 2016-10-21 21:54:08 +02:00
Milan Broz
34734395c8 Set configured default iteration time early in crypt_init constructor. 2016-10-20 14:23:28 +02:00
Milan Broz
a3ee8f9cb8 Rephrase UUID error message forc cryptsetup-reencrypt. 2016-10-20 14:10:29 +02:00
Milan Broz
7f9e33ca1e Update po files. 2016-10-20 13:47:39 +02:00
Milan Broz
d4e8033fe0 Fix error path after conversion to OpenSSL 1.1.0. 2016-10-20 08:22:38 +02:00
Milan Broz
ab61af7481 Fix Nettle crypto backend definitions. 2016-10-19 21:18:07 +02:00
Milan Broz
8f204b4e23 Support OpenSSL 1.1.0 in cryptsetup backend. 2016-10-19 15:27:01 +02:00
Milan Broz
3b40e9dc93 Try to find python$VERSION-config. 2016-10-19 12:39:14 +02:00
Per x Johansson
b181b0ef6e Fix memory leak when using openssl backend 
Fixes a memory leak when using openssl backend caused by mismatched
calls to EVP_DigestInit and EVP_DigestFinal_ex.
 2016-10-18 14:05:49 +02:00
Milan Broz
4083bb2c0f Verify passphrase in cryptsetup-reencrypt when encrypting new drive. 2016-09-05 14:42:39 +02:00
Milan Broz
9d004a6aa4 Add link to LUKS spec on title page. 2016-09-05 09:37:36 +02:00
Milan Broz
d30bfe8b8e Update po files. 2016-08-03 14:19:20 +02:00
Milan Broz
38fbd85004 Update po files. 2016-07-25 12:23:09 +02:00
Milan Broz
467728b535 Fix keylength = 0 (no key) case. 2016-07-02 22:42:40 +02:00
Milan Broz
0c990eb0a2 Merge branch 'stoeckmann/cryptsetup-malloc' 2016-07-02 21:06:12 +02:00
Milan Broz
23ce9aa47e Fix crypt_generate_volume_key to use size_t for keylength. 2016-07-02 21:01:25 +02:00
Tobias Stoeckmann
a0587d4307 Avoid integer overflows during memory allocation. 
It is possible to overflow integers during memory allocation with
insanely large "key bytes" specified in a LUKS header.

Although it could be argued to properly validate LUKS headers while
parsing them, it's still a good idea to fix any form of possible
overflow attacks against cryptsetup in these allocation functions.
 2016-07-02 20:57:10 +02:00
Milan Broz
ea5e9c9fe2 Merge branch 'stoeckmann/cryptsetup-master' 2016-07-02 20:42:32 +02:00
Tobias Stoeckmann
14ebbce280 Avoid buffer overflow in uuid_or_device. 
The function uuid_or_device is prone to a buffer overflow if a very long
spec has been defined. The range check happens against PATH_MAX, with
i being set to 5 (due to "UUID=" offset of spec), but "/dev/disk/by-uuid"
has been already written into device.

The difference between "/dev/disk/by-uuid" and "UUID=" is 13, therefore
the correct range check must happen against PATH_MAX - 13.
@@ -204,7 +204,7 @@ const char *uuid_or_device(const char *spec)
                strcpy(device, "/dev/disk/by-uuid/");
 2016-07-02 20:41:51 +02:00
Milan Broz
67d55d08f8 Fix PBKDF2 benchmark to not double iteration count for corner case. 
If measurement function returns exactly 500 ms, the iteration
calculation loop doubles iteration count but instead of repeating
measurement it uses this value directly.

Thanks to Ondrej Mosnacek for bug report.
 2016-06-23 09:47:22 +02:00
Milan Broz
4d3a501b83 Force test to read device to detect corrupted blocks. 
(If udev scanning is switched off, there is no real activity on device yet.)
 2016-06-23 09:45:06 +02:00
Ondrej Kozina
16fab74ab1 code cleanup related to devfd checks 
alter all checks for devfd value after device_open to
less than zero insted of equals to -1. device_open will
return values different from -1 in case error happens.

In LUKSv1 device_open should always return -1 in case of
error but this check is safer.

The rest is just formating improvement.
 2016-06-08 13:12:06 +02:00
Milan Broz
f397d42d73 Update Readme.md. 2016-06-04 14:22:00 +02:00
Milan Broz
576a2e5b86 Workaround for align test for scsi_debug kernel in-use issue. 2016-06-04 13:12:15 +02:00
Milan Broz
060a4fbef0 Fix possible leak if reencryption is interrupted. 2016-06-04 12:36:51 +02:00
Milan Broz
f473fb3d7d Revert soname change. 2016-06-04 12:34:43 +02:00
Milan Broz
36f6073ec5 Set devel version. 2016-06-04 11:41:46 +02:00
Milan Broz
ebf7732943 Add 1.7.2 Release notes. 2016-06-04 11:36:36 +02:00
Milan Broz
c62427fd47 Update po files. 2016-06-02 19:18:04 +02:00
Milan Broz
ff09d1c531 Update po files. 2016-05-25 15:10:12 +02:00
Milan Broz
2852a48e6a Fix error message. 2016-05-25 14:56:13 +02:00
Milan Broz
1ab1803a43 Update po files. 2016-05-19 13:12:15 +02:00
Milan Broz
8f84fb49fa Fix help text for cipher benchmark specification. 2016-05-18 09:11:52 +02:00
Ondrej Kozina
e1dca468f5 keymanage: eliminate double close() call 
fix  double close() cases in LUKS_hdr_backup() and LUKS_hdr_restore()
functions. It should be harmless unless libcryptsetup is used
in multi-thread setup which is not supported anyway.
 2016-05-13 13:05:46 +02:00
Milan Broz
b1b3d93c96 Add ABI tracker output link. 2016-05-07 10:19:05 +02:00
Milan Broz
7d80112d4f Update LUKS doc format. 
Clarify fixed sector size and keyslots alignment.
 2016-05-04 15:48:04 +02:00