eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 11:20:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,589 Commits 16 Branches 78 Tags
429afe8fc3532bb30cc8b47a8247a61a643be59c
Commit Graph

3589 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Antonio Ceballos
07e687106a po: update es.po (from translationproject.org) 2021-06-16 13:04:36 +02:00
Vojtech Trefny
9125df1398 misc: Remove LUKS2 SSH token example 
The SSH plugin in tokens/ssh replaces it.
 2021-06-16 12:30:53 +02:00
Vojtech Trefny
52cc01c977 cryptsetup-ssh: Add debug and verbose options 2021-06-16 12:30:53 +02:00
Vojtech Trefny
b8d2218720 cryptsetup-ssh: Better argument parsing and help for the options 2021-06-16 12:30:49 +02:00
Milan Broz
05a4d3fe0a Use VeraCrypt option by default; add --disable-veracrypt option. 
While TrueCrypt is no longer developed and supported since 2014,
VeraCrypt devices (as a successor of TrueCrypt) are much more
used today.

This patch switch default to scan for VeraCrypt signature, making
--veracrypt option obsolete (ignored by default as it is default).

If you need to disable VeraCrypt support, use new option
--disable-veracrypt.
 2021-06-15 12:05:16 +00:00
Milan Broz
df5e54545e Add API and CLI option to disable token plugins. 
This could be useful for debugging external plugins
or ot intentionally disable loading of a token library.
 2021-06-13 23:22:44 +02:00
Vojtech Trefny
f79ef935a7 ssh-plugin-test: Do not use systemctl to check for SSH server 
netcat should be also available on non-systemd systems.
 2021-06-09 10:26:09 +02:00
Milan Broz
cd3cb945ab Update Readme.md. 2021-05-28 12:26:38 +02:00
Milan Broz
f1d624b6c8 Add 2.3.6 release notes. 2021-05-28 12:03:48 +02:00
Yuri Chornoivan
3f268c3052 po: update uk.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Yuri Kozlov
0ec7027d83 po: update ru.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Jakub Bogusz
0ae5240f55 po: update pl.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Hiroshi Takekawa
51f5f71ee0 po: update ja.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Frédéric Marchal
5784692218 po: update fr.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Roland Illig
f82d3ee51a po: update de.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Petr Pisar
d02c809bc7 po: update cs.po (from translationproject.org) 2021-05-28 11:59:51 +02:00
Klaus Zipfel
b7a07efdcf Fixing incorrect offsets for data/IV with TCRYPT system-encryption with a detached header 
Related: #587
 2021-05-26 09:41:08 +02:00
Milan Broz
a8bb07ae9f Fix typo in Makefile. 2021-05-24 14:52:45 +02:00
Milan Broz
897e798fc0 Add day do valglog (valgrind test output files). 2021-05-24 12:12:39 +02:00
Milan Broz
2d0b19b359 Allow tcrypt test to run under valgrind. 2021-05-24 12:09:54 +02:00
Milan Broz
702f9b1cf4 Add note about --header use in TCRYPT format to man page. 
Related: #587
 2021-05-24 10:43:51 +02:00
Milan Broz
1d20a60e4a Do not use Whirlpool hash in tests (some crypto backends do not implement it). 2021-05-23 11:12:10 +02:00
Milan Broz
71422b411e Increase interactive expect test timeout if runing under valgrind. 2021-05-22 09:47:14 +02:00
Мирослав Николић
f446dbb896 po: update sr.po (from translationproject.org) 2021-05-21 17:28:30 +02:00
Antonio Ceballos
975425d0eb po: update es.po (from translationproject.org) 2021-05-21 17:28:30 +02:00
Ondrej Kozina
c020fafd66 Fix LUKS2 detached header reencryption test. 2021-05-21 14:32:40 +02:00
Ondrej Kozina
2954b46d43 Move LUKS2 detached header decryption test. 
It should not be skipped if dm-delay target is missing
 2021-05-21 14:09:55 +02:00
Milan Broz
4cdd826282 Check exit value for snprintf where it makes sense. 2021-05-18 22:07:47 +02:00
Milan Broz
413b484774 Add some fixes and workarounds for gcc-11 static analyzer. 
Not everything is a real bug (false positive rate is very high here),
but the code is actually more readable.
 2021-05-18 17:28:47 +02:00
Milan Broz
351d7fefca integritysetup: mention maximal allowed key size 
The error message and man page should contain this information.
 2021-05-18 16:35:41 +02:00
Milan Broz
a7872ab856 Fix description of maximum passphrase size. 2021-05-18 16:35:36 +02:00
Milan Broz
c1613285e7 Add test for longer integritysetup keys. 2021-05-18 16:35:31 +02:00
Milan Broz
8805eb2b45 devmapper: avoid truncation of table features 
This patch fixes several problems:
 - some optional features for dm-verity can be larger than pre-allocated buffer
 - device paths and other strings can be allocated dynamically
 - featured options with keys in dm-integrity are not wiped on stack
 - get rid of strncat()
 - always check return code of snprintf

Related #648
 2021-05-18 16:35:16 +02:00
Andrii Pravorskyi
a3f919bd25 Add a note about CRC32 and other non-cryptographic checksums 2021-05-17 17:54:47 +02:00
Milan Broz
4f6f7404df Revert "Add a note about CRC32 and other non-cryptographic checksums" 
This reverts commit 5776c52bcf.

This commit has no valid author and email address by mistake.
 2021-05-17 17:43:20 +02:00
Your Name
5776c52bcf Add a note about CRC32 and other non-cryptographic checksums 2021-05-12 13:43:49 +00:00
Ondrej Kozina
db44e9de22 Add api exposing external token handlers support. 2021-05-12 14:32:54 +02:00
Ondrej Kozina
c40be6cc7a Replace condition with assert for obvious coding mistake. 2021-04-15 21:43:31 +02:00
Ondrej Kozina
b047b8ae20 Improvements to error code handling during token based activation. 2021-04-15 21:43:31 +02:00
Ondrej Kozina
e9434dc9e3 Check tokens are eligible for unlocking segment keyslots. 
Defer token handler load and token unlock after check token
is assigned to keyslot containing proper data segment volume key.
 2021-04-15 21:43:30 +02:00
Ondrej Kozina
c6149c9cd8 Do not search/load token handler when not needed. 2021-04-15 21:41:09 +02:00
Ondrej Kozina
8f2b23cd94 Refactor LUKS2 token activation. 
Replace LUKS2_token_open_and_activate and
LUKS2_token_open_and_activavate_any with single function
instead.
 2021-04-15 21:41:06 +02:00
Ondrej Kozina
8d449aa9a6 Add failsafe test for eventual broken symbol versioning. 
Due to nature of recent change in GCC10 that silently
broken symbol versioning, let's be a bit pedantic
and test all symbols are available in all versions that
meant to be exported to users.
 2021-04-13 16:42:14 +02:00
Ondrej Kozina
e6089dd9c9 Reflect on some incompatible changes in GCC 10. 
Starting with GCC10 and LTO enabled, current symbols
versioning hack does not work anymore. This patch
reflects on that and should be compatible with older
compilers that does not support __attribute__((symver))
yet.

Inspired by following code:
https://github.com/linux-rdma/rdma-core/blob/master/util/symver.h
 2021-04-12 20:38:19 +02:00
Ondrej Kozina
bc488fd4f1 Stick with general practice in symbol map file. 
Including old versions section with every new one _should_
have no effect but since it's a convetion let's stick with
this format instead.
 2021-04-09 16:56:08 +02:00
Milan Broz
ec3a9746a9 integritysetup: add recalculate-reset flag. 
The new dm-integrity option in kernel 5.13 can restart
recalculation from the beginning of the device.
It can be used to change the integrity checksum function.

This patch adds support to libcryptsetup for this flag
and adds --integrity-recalculate-rest option to integritysetup.

Fixes: #631.
 2021-03-30 21:40:35 +02:00
Milan Broz
530bcfd4fa Allow CRYPT_BUSY also a a valid check for active device. 
In ideal system nothing should touch test devices, but to make tests
more robust, we should expect that something is still scanning devices
after activation. So replace all checks for CRYPT_ACTIVE to allow
also CRYPT_BUSY.

(Fixes some problems seen in #633)
 2021-03-25 11:11:06 +01:00
Ondrej Kozina
bd4f374b47 Fix supposed debug message. 2021-03-25 08:44:42 +01:00
Milan Broz
0a7c13207d Fix broken loopaes test. 
We actually try to write file in /dev because the device is deactivated.

Broken since 2018 in 8728ba08e2
 2021-03-25 00:07:53 +01:00
Milan Broz
c5fc3fe84a Fix libintl detection for compiled tests. 
Commit 99c4e83994 was incomplete.

See #633.
 2021-03-25 00:07:46 +01:00