Petr Pisar
5406064f55
po: update cs.po (from translationproject.org)
2021-08-17 13:48:13 +02:00
Milan Broz
9b66d0d039
Add experimental GitLab CI config.
2021-08-15 21:52:37 +02:00
Milan Broz
adff844c46
Remove test image in SSH test if ssh config fails.
2021-08-15 21:50:56 +02:00
Milan Broz
f702246d78
Remove test images dir once test is finished.
...
THsi allows another user to run test later without permission collision..
2021-08-15 21:46:28 +02:00
Milan Broz
8606342b53
Limit GitHub Actions job to this repository.
2021-08-15 11:29:37 +02:00
Milan Broz
ccb0f7c0b2
Fix typo in CI configure.
2021-08-15 11:24:13 +02:00
Milan Broz
72384b43bd
Add simple GitHub Action CI.
...
This runs only on push in selected branches.
(Not for push requests, we do not use PR on GitHub.)
2021-08-14 22:36:30 +02:00
Milan Broz
5ef3de8945
Add separate check-programs target.
2021-08-14 22:34:27 +02:00
Milan Broz
ad913cf437
Require only libtoolize in autogen.sh.
2021-08-12 21:30:02 +02:00
Milan Broz
7820f07e85
Fix libtool detection in autogen.sh.
...
The macro disappeared in 2.67 autoconf update (2010).
Fixes : #663 .
2021-08-12 19:13:52 +02:00
JT Moree
01bda280ee
man page
...
add note about searching the man page
2021-08-12 16:48:36 +00:00
JT Moree
b40f31fb8c
FAQ
...
add memory FAQ
add non root FAQs
2021-08-11 05:18:05 -07:00
Milan Broz
066d651210
Fix a possible memory leak of verity signature description.
...
The signature description should be allocated only if params field is used,
otherwise we can leak the string value.
(Moreover, the query path is currently used only for flag, not for the value.)
2021-08-04 13:06:14 +02:00
Yuri Chornoivan
b00946d449
Fix minor typo: assing -> assign
2021-07-30 16:19:36 +00:00
Guilhem Moulin
6a14f52e5d
Fix minor spelling errors.
...
(Found by Lintian.)
2021-07-30 02:56:38 +02:00
Milan Broz
3c68e3f5b1
Version 2.4.0-rc1 update.
2021-07-29 23:28:08 +02:00
Milan Broz
ec1ef8f19d
Update cryptsetup.pot.
2021-07-29 23:22:33 +02:00
Milan Broz
6a64c2e932
Prepare 2.4.0-rc1 version.
2021-07-29 23:18:59 +02:00
Milan Broz
835c603b13
Use cannot in all messages.
2021-07-29 22:00:04 +02:00
Milan Broz
a718b90ac6
Fix some gcc warnings in compiled tests.
2021-07-29 20:40:48 +02:00
Milan Broz
089edb74b4
Fix return code for skipped align tests.
2021-07-29 20:19:45 +02:00
Milan Broz
8c60cf8645
Silence also scsi_debug module load in tests.
2021-07-29 17:41:25 +02:00
Ondrej Kozina
f364990b9b
Do not fallback to pasphrase based activation when device exists.
...
If token based device activation activation fails with -EEXIST
report proper error and do not fallback to passphrase based
activation in cli.
2021-07-29 14:47:16 +00:00
Ondrej Kozina
3b826d0fa3
Add verbose messages explaining token errors.
2021-07-29 14:47:16 +00:00
Milan Broz
cab332c367
Silence all modprobe/rmmod calls in tests.
...
On systems where are modules compiled-in or missing this produces nois,
test will be skipped later anyway.
2021-07-29 16:20:00 +02:00
Ondrej Kozina
9ee74f59d7
Add cryptsetup --token-type parameter.
...
It restricts token type to parameter value in
case no specific token-id is selected.
2021-07-29 08:46:20 +00:00
Ondrej Kozina
46afee6299
Remove duplicate macro definition.
2021-07-29 08:46:20 +00:00
Milan Broz
90bba399ab
Fix LOOP_CONFIGURE incompatibility is some kernels.
...
Kernels with 32bit userspace can return ENOTTY,
we should use fallback to old code in this case.
For more info see
583990d25b
2021-07-29 10:32:13 +02:00
Milan Broz
c403f73ad0
Skip tests id scsi_debug is compiled-in or in use.
...
We need standalone scsi_debug module for some tests.
2021-07-28 23:20:45 +02:00
Milan Broz
470b99a647
Use long otpion for salt in tests.
...
Some old distros fail with -s=XX syntax (libpopt issue).
2021-07-28 19:36:56 +02:00
Milan Broz
a68968af8f
Fix possible dereference of pbkdf params.
...
This can only happen during misconfiguration of default parameters,
but eliminates one gcc warning.
2021-07-27 12:44:13 +02:00
Ondrej Kozina
ee9c7855ca
Use max token id in api test at least once.
...
so that we also test bitfield limits.
2021-07-26 14:10:08 +02:00
Ondrej Kozina
1a156458f2
Add PIN try loop for actions supporting tokens.
2021-07-26 14:10:08 +02:00
Ondrej Kozina
796b901912
Do not retry tokens that already returned -ENOANO.
...
In token based activation loop (token_id == CRYPT_ANY_TOKEN)
we do not want retry tokens that already returned -ENOANO (wrong pin)
once.
2021-07-26 14:10:08 +02:00
Milan Broz
508284cd28
Support build with older libssh.
...
The function ssh_session_is_known_server() was introduced later,
fallback to older version if libssh is available.
2021-07-25 21:57:09 +02:00
Milan Broz
5d1972bb97
Use depreacated attribute compatible with old gcc.
2021-07-25 18:27:55 +02:00
Vojtech Trefny
7c76d17a9c
ssh token: Make strings in the plugin translatable
2021-07-25 18:08:22 +02:00
Мирослав Николић
8ff663a761
po: update sr.po (from translationproject.org)
2021-07-25 13:40:57 +02:00
Antonio Ceballos
d3ad9fe25f
po: update es.po (from translationproject.org)
2021-07-25 13:40:57 +02:00
Luca Boccassi
cc374ee10d
veritysetup: add --root-hash-file option
...
Allow to pass the root hash via a file, rather than verbatim on
the command line, for the open/verify/format actions.
It is much more convenient when using veritysetup in scripts.
[some modifications by mbroz:]
- Add additional syntax and option description to man page.
- Fix a segfault with non-existing path.
- Do not read full file.
- Small refactor for argc handling and option processing.
2021-07-25 13:40:17 +02:00
Ondrej Kozina
06f132066b
Add crypt_reencrypt_run superseding now deprecated crypt_reencrypt.
...
This reverts commit 367cb7a761
2021-07-22 15:59:01 +02:00
Ondrej Kozina
82816cb52f
Suppress error message when keyslot is unusable for segment.
...
It's too verbose when run in loop for token based activation.
2021-07-22 13:55:22 +02:00
Ondrej Kozina
426cab3aeb
Add more LUKS2 token based activation tests.
2021-07-22 13:55:22 +02:00
Ondrej Kozina
152ed1fb44
Speed up LUKS2 api test.
2021-07-22 13:55:22 +02:00
Ondrej Kozina
c6ff9f8bd7
Respect keyslot priority with token based activation.
...
crypt_activate_by_token functions did not respect LUKS2 keyslot
priorities. These calls were able to activate device via keyslot with
CRYPT_SLOT_PRIORITY_IGNORE even when token was set to
CRYPT_ANY_TOKEN. This commit changes the token based activation
so that keyslot with priority ignore is eligible for unlock only
when specific token is selected. Also when activating with token
set to CRYPT_ANY_TOKEN keyslots with higher priority take precedence
over keyslots with normal priority. Keyslot with priority ignore are
correctly ignored when token is CRYPT_ANY_TOKEN.
2021-07-22 13:55:22 +02:00
Ondrej Kozina
c104bccc3f
Print some compile-time defaults in 00module-test.
2021-07-22 13:55:22 +02:00
Ondrej Kozina
4654e6f578
Add best effort try-loop for token based activation.
...
The loop is run only when token id in any of crypt_activate_by_token*
calls is set to CRYPT_ANY_TOKEN.
2021-07-22 13:55:19 +02:00
Ondrej Kozina
2cf38465c4
Change default error returned by token open.
...
It has to be -ENOENT since -EPERM would wrongly
implied the token provided wrong keyslot passphrase.
2021-07-22 13:47:40 +02:00
Ondrej Kozina
3428296186
Improve debug logs for external token handling.
2021-07-22 13:47:40 +02:00
Ondrej Kozina
877afd2281
Replace original token activation retcode -EAGAIN with -ENOANO.
...
crypt_activate_by_token (and _pin variant) now returns -ENOANO
instead -EAGAIN in case token handler identifies specific token
requires PIN to sucessfully complete token based activation.
-EAGAIN is now used for special case when additional system
resources are missing (HW token, other device, system daemon,
etc).
2021-07-22 13:47:14 +02:00
