eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-22 00:00:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,267 Commits 13 Branches 81 Tags
a1111c7aa0ff267427bba440cc38bbf765d4cb1c
Commit Graph

2267 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Milan Broz
fc42f878e9 Update README.md for 1.7.4. 2017-03-15 10:54:56 +01:00
Milan Broz
98368c4770 Update copyright years. 2017-03-12 13:17:15 +01:00
Milan Broz
c9da7f9f8c Add 1.7.4. Release notes. 2017-03-12 13:01:05 +01:00
Milan Broz
e7f8727d2d Fix some compiler warnings / wipe PIM properly. 2017-03-12 12:00:38 +01:00
Milan Broz
2657746451 Used LUKS1 compiled-in defaults also in Python wrapper. 2017-03-12 10:29:46 +01:00
Milan Broz
2701993dd6 Update po files. 2017-03-12 10:18:54 +01:00
Daniel Reichelt
9a798a766e support PIM parameter for VeraCrypt compatible devices 
This patch adds the --veracrypt-pim=INT and --veracrypt-query-pim command-
line parameters to support specification of or being queried for a custom
Personal Iteration Multiplier respectively. This affects the number of
iterations for key derivation from the entered password. The manpage is
also updated accordingly.

Fixes Issue #307.
 2017-03-02 09:11:23 +01:00
Bastien DHIVER
36419b25aa Add hashMode parameter in CryptSetup_luksFormat() 2017-03-01 13:32:26 +01:00
Milan Broz
9da67b701d Clarify use of --size parameter. 2017-02-15 20:26:02 +01:00
Milan Broz
ef7ecb5567 Fix race while allocating free loop device. 
Fixes Issue #314.

Thanks to Martin Jeřábek for the report.
 2017-01-20 15:27:40 +01:00
Milan Broz
a77c609c62 Fix possible fd leaks after exec. 
Thanks Natanael Copa for the report.
Fixes issue#313.
 2017-01-20 13:47:14 +01:00
Milan Broz
bca2bab560 Fix OpenSSL 1.1.0 compatibility 
If backward-compatible API is not defined (-DOPENSSL_API_COMPAT=0x10100000L)
deprecated symbols cannot be used.

Also see https://bugs.gentoo.org/show_bug.cgi?id=604698

Thanks eroen for reporting this.
 2017-01-05 09:06:31 +01:00
Milan Broz
e129b13402 Fix TrueCrypt URL in man page. 2017-01-04 08:04:10 +01:00
Arno Wagner
520b6d7344 some typos fixed in FAQ 2017-01-01 20:39:46 +01:00
Arno Wagner
bed395d039 Updates to FAQ 
- Finished section 9 initrd with examples how to do your own
- Some minor fixes elswehere
 2017-01-01 20:14:21 +01:00
Milan Broz
566f8c322b Update veritysetup man page. 
Thanks Michal Virgovic for patch.
 2016-12-13 14:29:13 +01:00
Milan Broz
807cedf4f3 Check for data device and hash device area overlap in veritysetup. 
Thanks Michal Virgovic for tests.
 2016-12-13 13:52:05 +01:00
Milan Broz
ef8a7d82d8 Update Readme.md. 2016-11-16 16:14:02 +01:00
Milan Broz
b906e8d299 Merge branch 'master' into 'master' 
Fix use of LibreSSL.

Libressl declares `OPENSSL_VERSION_NUMBER 	0x20000000L`.

See merge request !12
 2016-11-10 07:51:12 +00:00
Aric Belsito
0e14147132 Fix use of LibreSSL. 2016-11-03 11:55:39 -07:00
Milan Broz
c10e106787 Fix missing CRYPT_ACTIVATE_SAME_CPU_CRYPT flag check in status command. 2016-11-02 19:55:51 +01:00
Milan Broz
61725ee7cc Update readme.md for version 1.7.3. 2016-10-30 15:02:21 +01:00
Milan Broz
39f88f1712 Set devel version. 2016-10-30 14:53:54 +01:00
Milan Broz
e14aba8cf1 Add 1.7.3. Release Notes. 2016-10-28 11:19:26 +02:00
Milan Broz
97e774226d Update po files. 2016-10-28 11:01:23 +02:00
Milan Broz
6220e9c6cc Update po files. 2016-10-28 10:56:27 +02:00
Milan Broz
cba2a6c87c Update po files. 2016-10-22 10:35:52 +02:00
Milan Broz
71d7383491 Merge branch 'eviche/cryptsetup-patch-1' 2016-10-22 09:28:41 +02:00
Eduardo Villanueva Che
2c833c2342 Fixed veritysetup bug with hash offsets bigger than 2gb. 
The lseek in function write_blockwise() could return value
that is greater than integer for result so it can overflow
and fail the whole write.
[comment added by mbroz]
 2016-10-22 09:24:09 +02:00
Milan Broz
45fa8e724f Merge branch 'master' into 'master' 
Fix several minor spelling errors found by Lintian

Fixes #306 

* lib/setup.c: miliseconds -> milliseconds
* lib/utils_wipe.c: Unsuported -> Unsupported
* man/crypsetup.8: implicitely -> implicitly
* man/veritysetup.8: verion -> version
* python/pycryptsetup.c: miliseconds -> milliseconds

See merge request !11
 2016-10-22 07:04:10 +00:00
Jonas Meurer
b2a6e338b5 Fix several minor spelling errors found by Lintian 
* lib/setup.c: miliseconds -> milliseconds
* lib/utils_wipe.c: Unsuported -> Unsupported
* man/crypsetup.8: implicitely -> implicitly
* man/veritysetup.8: verion -> version
* python/pycryptsetup.c: miliseconds -> milliseconds
 2016-10-21 21:54:08 +02:00
Milan Broz
34734395c8 Set configured default iteration time early in crypt_init constructor. 2016-10-20 14:23:28 +02:00
Milan Broz
a3ee8f9cb8 Rephrase UUID error message forc cryptsetup-reencrypt. 2016-10-20 14:10:29 +02:00
Milan Broz
7f9e33ca1e Update po files. 2016-10-20 13:47:39 +02:00
Milan Broz
d4e8033fe0 Fix error path after conversion to OpenSSL 1.1.0. 2016-10-20 08:22:38 +02:00
Milan Broz
ab61af7481 Fix Nettle crypto backend definitions. 2016-10-19 21:18:07 +02:00
Milan Broz
8f204b4e23 Support OpenSSL 1.1.0 in cryptsetup backend. 2016-10-19 15:27:01 +02:00
Milan Broz
3b40e9dc93 Try to find python$VERSION-config. 2016-10-19 12:39:14 +02:00
Per x Johansson
b181b0ef6e Fix memory leak when using openssl backend 
Fixes a memory leak when using openssl backend caused by mismatched
calls to EVP_DigestInit and EVP_DigestFinal_ex.
 2016-10-18 14:05:49 +02:00
Milan Broz
4083bb2c0f Verify passphrase in cryptsetup-reencrypt when encrypting new drive. 2016-09-05 14:42:39 +02:00
Milan Broz
9d004a6aa4 Add link to LUKS spec on title page. 2016-09-05 09:37:36 +02:00
Milan Broz
d30bfe8b8e Update po files. 2016-08-03 14:19:20 +02:00
Milan Broz
38fbd85004 Update po files. 2016-07-25 12:23:09 +02:00
Milan Broz
467728b535 Fix keylength = 0 (no key) case. 2016-07-02 22:42:40 +02:00
Milan Broz
0c990eb0a2 Merge branch 'stoeckmann/cryptsetup-malloc' 2016-07-02 21:06:12 +02:00
Milan Broz
23ce9aa47e Fix crypt_generate_volume_key to use size_t for keylength. 2016-07-02 21:01:25 +02:00
Tobias Stoeckmann
a0587d4307 Avoid integer overflows during memory allocation. 
It is possible to overflow integers during memory allocation with
insanely large "key bytes" specified in a LUKS header.

Although it could be argued to properly validate LUKS headers while
parsing them, it's still a good idea to fix any form of possible
overflow attacks against cryptsetup in these allocation functions.
 2016-07-02 20:57:10 +02:00
Milan Broz
ea5e9c9fe2 Merge branch 'stoeckmann/cryptsetup-master' 2016-07-02 20:42:32 +02:00
Tobias Stoeckmann
14ebbce280 Avoid buffer overflow in uuid_or_device. 
The function uuid_or_device is prone to a buffer overflow if a very long
spec has been defined. The range check happens against PATH_MAX, with
i being set to 5 (due to "UUID=" offset of spec), but "/dev/disk/by-uuid"
has been already written into device.

The difference between "/dev/disk/by-uuid" and "UUID=" is 13, therefore
the correct range check must happen against PATH_MAX - 13.
@@ -204,7 +204,7 @@ const char *uuid_or_device(const char *spec)
                strcpy(device, "/dev/disk/by-uuid/");
 2016-07-02 20:41:51 +02:00
Milan Broz
67d55d08f8 Fix PBKDF2 benchmark to not double iteration count for corner case. 
If measurement function returns exactly 500 ms, the iteration
calculation loop doubles iteration count but instead of repeating
measurement it uses this value directly.

Thanks to Ondrej Mosnacek for bug report.
 2016-06-23 09:47:22 +02:00