eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 06:40:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,050 Commits 13 Branches 80 Tags
4acac9a294c1cb15d08b061231d95b03927b56b0
Commit Graph

2050 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
3bf40bb8dd Add 1.6.3 ChangeLog. v1_6_3 2013-12-13 21:33:53 +01:00
Milan Broz
79956a4d47 Fix skip/offset option description in man page. 2013-12-11 23:22:03 +01:00
Milan Broz
2d755335de Fix previous commit. 2013-12-08 18:15:00 +01:00
Milan Broz
d7762c09dd Add new test images to automake file list. 2013-12-08 18:02:58 +01:00
Milan Broz
957201e758 Fix reencryption tool to work with 4k devices. 
See https://bugzilla.redhat.com/show_bug.cgi?id=1029032#c7

Thanks to Ondra Kozina to figure this out.
 2013-12-08 17:50:25 +01:00
Milan Broz
004dc271a4 Fix wrong block size if used on 4k block fs through loop device. 
Always use page size if running through loop device.
 2013-12-08 16:09:25 +01:00
Milan Broz
a9b24ccc82 Remove obsoleted warning. 2013-12-08 00:04:32 +01:00
Milan Broz
c57071a43a Fix TCRYPT system encryption mapping for multiple partitions. 
Since this commit, one can use partition directly as device parameter.

Should fix Issue#183 and Issue#188.
 2013-12-07 23:58:56 +01:00
Milan Broz
df27f04f61 Update po files. 2013-12-01 10:58:05 +01:00
Milan Broz
f3e398afc5 Rewrite cipher benchmark loop. 
Using getrusage seems toi give not adequate precision,
so use clock_gettime and try to scale buffer size a bit
on high performance systems.

If it still fail, return ERANGE error instead calculating
completely unreliable numbers.

Should fix Issue#186.
 2013-12-01 10:55:35 +01:00
Milan Broz
65877efe8b Update po files. 2013-11-25 21:26:33 +01:00
Milan Broz
96acd87f0b Update po files. 2013-11-24 17:47:14 +01:00
Milan Broz
fcb35d4e73 Prepare version 1.6.3. 
For updating po files (translators).
 2013-11-24 12:47:24 +01:00
Ondrej Kozina
0d47e5eb76 Enable reencryption tests using last keyslot 2013-11-21 19:48:17 +01:00
Ondrej Kozina
f30bbbffe7 Fix minimal size expectations failure for backup header file 
- backup header file must be page size aligned
- fix for https://bugzilla.redhat.com/show_bug.cgi?id=1030288
- add regression test to api-tests
 2013-11-21 19:48:12 +01:00
Ondrej Kozina
6b88461553 modify fips detection also in api-test 2013-11-21 19:48:03 +01:00
Milan Broz
700b558fb6 Fix api test to use proper key size. 
LUKS format now reuires correct kernel parameters always,
so validation test must use different but still correct key size.
 2013-11-20 22:20:15 +01:00
Milan Broz
58b5be440f Fix initialization of unknown used device. 
dm_query can return open count, this should be processed
as success (and properly fail later ;-)
 2013-11-19 20:57:23 +01:00
Milan Broz
626801f7df Unify LUKS type check. 
Warn if device type is not set (incompatible activation
either by manual dmsetup or other tools).
 2013-11-19 20:50:36 +01:00
Ondrej Kozina
77a345d4cb Add tests to reencryption-compat-test 
- test --keyslot modification (commit: 5736b0a114)
- test reecryption w/o adding --keyslot option
- use variable instead of static string ("key1" -> KEY1)
- comment one failing test (https://bugzilla.redhat.com/show_bug.cgi?id=1030288)

[gmayland: removed some tests & added -i 1 to save test time]
 2013-11-17 21:01:19 +01:00
Dave Reisner
18901fd501 libdevmapper: correctly compare major and minor versions 
Previously, this code could incorrectly identify a version of crypt or
dm due to the way it compared versions. For example, if a feature was
gated on crypt version 1.5, it would disable the feature for crypt
version 2.2.
 2013-11-14 08:32:02 +01:00
Milan Broz
5b86cb5cc2 Enable TCW dmcrypt version check (patch should be in kernel 3.13). 2013-11-10 22:20:30 +01:00
Milan Broz
ce23225e46 Check if provided cipher and mode is usable before writing LUKS header to disk. 
If user provided unusable cipher-mode string, LUKS header was written and
keyslot creation failed later.

Better check early (by creating fake dmcrypt device) if cipher is usable
and fail early (without writing LUKS header to device).

Fixes Issue#176
 2013-11-10 22:11:00 +01:00
Milan Broz
09c229fe6c Support limitation for "plain" hash (no hash). 
This can be used for mapping problematic cryptosystems which
wipes some key (losetup sometimes set last byte to zero).
 2013-11-10 19:31:02 +01:00
Milan Broz
db56125708 Fix hash limiting if parameter is not a number. 
If hash lenght specification was not a number, the whole key was set
to zero instead of command failure.

Resolves
https://bugzilla.redhat.com/show_bug.cgi?id=1028362
 2013-11-10 19:08:01 +01:00
Ondrej Kozina
5736b0a114 unify --key-slot behavior in cryptsetup_reencrypt 
- cryptsetup-reencrypt: unify --key-slot behavior
  across the utility and enable the option even
  without --key-file.

[FIXME: add tests and man page revision]
 2013-11-10 18:29:11 +01:00
Ondrej Kozina
a21c0503f8 make FIPS checks compliant with new guidance 
(gmazyland: Simplified this NIST nonsense, should be still exactly
equivalent to former patch)
 2013-11-10 18:10:39 +01:00
Ondrej Kozina
e52d5f3d98 90reencrypt fixes: 
- add loop module to initramfs image
- modprobe loop before reencrypt start
- add rd.luks.reencrypt_keyslot=
- add conflict with dracut crypt module
- drop to emergency_shell after reencryption
 2013-11-10 17:38:11 +01:00
Milan Broz
0e96b9d010 Update es.po. 2013-11-10 17:34:39 +01:00
Milan Broz
dcba8c28f2 Update es.po. 2013-10-29 20:37:03 +01:00
Milan Broz
da93a3320b Add commandline option --tcrypt-backup to access TCRYPT backup header. 2013-10-29 20:35:07 +01:00
Milan Broz
53607a0274 Add CBC TCRYPT VFAT id test images and run it by default. 2013-10-26 22:48:05 +02:00
Milan Broz
67d19f3570 Add es.po. 2013-10-26 18:54:12 +02:00
Milan Broz
54c1f71bd3 Detect presence of TCW mode support in kernel dmcrypt. 2013-10-20 13:20:22 +02:00
Milan Broz
a7e2809466 Properly calculate key sizes (inluding IV seed and whitening) for TCRYPT. 
Also prepare code for possible activation through dmcrypt for some
CBC container variants.
 2013-10-20 13:07:24 +02:00
Milan Broz
3f66e9fe4b Fix error path for DM UUID wrong format. 2013-10-20 13:06:16 +02:00
wagner
f547d0fac3 sunc with wiki version 2013-09-12 17:50:22 +02:00
Milan Broz
cdf272315e Update nl.po. 2013-08-12 08:15:29 +02:00
Milan Broz
31303718da Fix static compilation with OpenSSL. 
Resolves issue#172, see
https://bugs.gentoo.org/show_bug.cgi?id=472692
 2013-08-08 18:57:45 +02:00
Milan Broz
4192bdd731 Update pl.po. 2013-08-04 20:42:32 +02:00
Milan Broz
c18aa03552 Devel version switch. 2013-08-04 19:45:37 +02:00
Milan Broz
b2283f045a Version 1.6.2. v1_6_2 2013-08-04 19:01:55 +02:00
wagner
8e3863aa20 sync with wiki version 2013-08-02 23:53:22 +02:00
Milan Broz
79899badd0 Update fr.po. 2013-07-31 21:20:14 +02:00
Milan Broz
691b7a63f2 Update po files. 2013-07-30 07:45:12 +02:00
Milan Broz
154731306b Add 1.6.2 release notes. 
Remove some TCRYPT comments from man page (FAQ is better for this).
 2013-07-27 22:59:40 +02:00
Milan Broz
d67548adfe Fails if more device arguments are present for isLuks. 
Fixes
http://code.google.com/p/cryptsetup/issues/detail?id=165
 2013-07-27 12:43:48 +02:00
Milan Broz
cfeaaa02fc Fix sscanf cipher string and avoid warning wih -fsanitize=address. 
Code need to count terminating zero.
 2013-07-23 22:07:13 +02:00
Milan Broz
c5270f85d3 Update de.po. 2013-07-14 11:49:28 +02:00
wagner
45931a890d fixed all items in issue 164 
Escaped dashes in options, e.g. \-\-iter-time => \-\-iter\-time
to prevent word-breaks at inner dashes.
 2013-07-04 01:03:07 +02:00