Daniel Zatovic
ae80dc0e8e
CI: add compilation tests with various disable options
2023-01-20 14:37:28 +00:00
Daniel Zatovic
3f6d5470e3
Fix compilation warning with disabled keyring.
2023-01-20 14:34:14 +01:00
Ondrej Kozina
4cd8d1efdb
Fix api test on kernels with capi format support.
2023-01-19 11:50:48 +01:00
Milan Broz
48d6f85cc3
bitlk: fix printf debug message
...
Fixes Coverity warning.
2023-01-18 13:55:03 +01:00
Ondrej Kozina
5216002773
Use ISO C compliant inline assembly with supported compilers.
...
When compiled with enforced ISO C (e.g. -std=c11) 'asm' inline
does not compile (it's GNU extension). Use __asm__ inline assembly
with GCC and clang compliers instead.
Fixes : #786 .
2023-01-18 08:59:58 +00:00
Milan Broz
482c819ea2
fvault2: fix compilatioon with very old uuid.h
...
UUID_STR_LEN is undefined for old headers, just
use internal definition (both are 37 bytes).
2023-01-17 13:32:29 +00:00
Milan Broz
0622b51634
verity: fix hash offset 64bit values
...
Hash offset is 64bit values, for some reason it is
used as size_t on one place. Fix it by properly use uint64_t.
Fixes : #792
2023-01-17 13:16:30 +01:00
Daniel Zatovic
7bbfccbbfa
fuzzing: update script to build popt using CMake
...
Popt library removed support for autotools build system and can be built
only using CMake.
2023-01-11 14:02:47 +01:00
Milan Broz
7c25db5bf3
bitlk: fix possible leak of description
...
If metdata contains more than one description fields,
use just the first one.
Fixes OSS-fuzz bug 54682.
2022-12-30 13:47:20 +01:00
Milan Broz
034041a922
bitlk: clean formatting to use tabs
2022-12-29 01:02:24 +01:00
Milan Broz
776baf4ccc
bitlk: fix use of startup BEK key on big-endian platform
...
The version and metadata size is stored as little-endian.
2022-12-29 01:02:20 +01:00
Milan Broz
d1a607e0b2
bitlk: harden parsing of metadata entries (for vmk and description entry)
...
For broken metadata BITLK format parsing can cause crash or out of memory
on several places.
Add better size checks to avoid parsing such a metadata.
Also be aware that entry_size can be smalle (so minus operation can underflow).
Also fix memory leak if FVEK entry is more than once in metadata
(just use the first entry and ignore others).
2022-12-29 01:02:05 +01:00
Milan Broz
1682e72bf5
bitlk: harden parsing of metadata entries
...
For broken metadata BITLK format parsing can cause crash or out of memory
on several places.
Add better size checks to avoid parsing such a metadata.
Fixes OSS-fuzz bug 54548,54553,54559.
2022-12-25 21:34:34 +01:00
Khem Raj
8e7f07841e
Replace off64_t with off_t
...
AC_SYS_LARGEFILE autoconf macro is in use in configure script which will
add needed feature macros on commandline to enable 64bit off_t.
Also replace lseek64 with lseek, since it will be same when
_FILE_OFFSET_BITS=64 is defined on relevant platforms via AC_SYS_LARGEFILE
This fixes build with latest musl, where LFS64 interfaces are moved out
of _GNU_SOURCE feature test macros namespace [1]
[1] https://git.musl-libc.org/cgit/musl/commit/?id=25e6fee27f4a293728dd15b659170e7b9c7db9bc
Signed-off-by: Khem Raj <raj.khem@gmail.com >
2022-12-23 15:49:00 +01:00
David Flor
50e8879528
fuzzing: add new fuzzer for fuzzing multiple types at once
...
* added fuzz target 'crypt2_load_ondisk_fuzz' that tries to load fuzz input as LUKS1, FileVault2, BitLocker in that order.
* added dictionary for this fuzz target
* added fuzz target to relevant files
2022-12-23 15:00:01 +01:00
Ondrej Kozina
c18dcfaa0b
Abort encryption when header and data devices are same.
...
If data device reduction is not requsted this led
to data corruption since LUKS metadata was written
over the data device.
2022-12-14 09:52:19 +01:00
Ondrej Kozina
be088b8de8
Enable crypt_header_is_detached for empty contexts.
...
Also changes few tests now expecting crypt_header_is_detached
works with empty contexts.
2022-12-14 09:52:19 +01:00
Milan Broz
de221b4ea7
Fix typo in comment.
2022-12-08 14:17:50 +01:00
Milan Broz
170161b9b6
Free all possible allocated params if crypt_load() fails.
...
If format load fails in some intermediate step, the internal
params struct can contain already set values.
While context is set still to none type, it can cause segfault
in releasing active_name.
(Found by fuzzing target processing crypt_load.)
2022-12-08 14:17:44 +01:00
Milan Broz
a649d734b6
Let crypt_set_null_type wipe whole context always.
...
We have to be sure that after setting new type some
union is not misused.
2022-12-08 13:02:18 +01:00
Milan Broz
15c998d523
Move crypt_free_type and allow force type override.
...
Will be used later on error path.
2022-12-08 13:02:18 +01:00
Ondrej Kozina
14eff9480d
Change tests to use passphrases with minimal 8 chars length.
...
Skip tests that can not satisfy minimal test passphrase length:
- empty passphrase
- LUKS1 cipher_null tests (empty passphrase is mandatory)
- LUKS1 encryption
2022-12-08 11:03:09 +00:00
Ondrej Kozina
4621580802
Run PBKDF benchmark with 8 bytes long well-known passphrase.
2022-12-08 11:03:09 +00:00
Milan Broz
4bede447c8
Set devel version.
2022-12-08 11:48:28 +01:00
Milan Broz
b08212ea45
Version 2.6.0.
2022-11-28 12:27:33 +01:00
Milan Broz
5a976ad1d9
Do not log score from pwquality.
...
This information is really not needed in debug log.
2022-11-28 10:37:58 +01:00
Yuri Kozlov
0e4182874b
po: update ru.po (from translationproject.org)
2022-11-27 23:20:25 +01:00
Milan Broz
487e85fdec
Wipe buffers to be sure padding is always empty.
...
Detected by valgrind as writing unitialized data.
2022-11-27 23:18:36 +01:00
Milan Broz
32344d5a84
tests: fix reencryption-mangle test valgrind log name.
...
Use the same logic as in compat-test (just the line
number is the last one for cryptsetup_raw).
2022-11-27 21:02:49 +01:00
Milan Broz
ebb16a511c
tests: fix list of valgrind tests
...
FVAULT2 test was missing; systemd test does not support valgrid yet.
2022-11-27 19:48:57 +01:00
Milan Broz
51200eb6da
tests: do not require build tools for localtest in systemd plugin test
...
Fo localtest we use installed binaries, only checkprograms need to be build.
2022-11-24 16:37:38 +01:00
Milan Broz
119c57e00e
tests: remove stray backslash in grep expression
2022-11-24 15:01:47 +01:00
Milan Broz
700b0f6e36
tests: do not run systemd plugin test without fake tpm path
...
We want to avoid touching real TPM during test.
2022-11-24 15:00:19 +01:00
Milan Broz
8fff498062
tests: compile fake_tpm_path util also for localtest
...
Otherwise TPM_PATH will not be used.
2022-11-24 14:54:18 +01:00
Milan Broz
2ef2f6017d
Update release notes.
2022-11-24 13:49:27 +01:00
Ondrej Kozina
cdfa213ad0
Allocate internal buffer in LUKS2 keyring token with crypt_safe_alloc.
...
With changes in db65a5ceac
2022-11-24 09:03:29 +00:00
Milan Broz
dab00bfd4f
CI: use libsepol-dev for Debian based distros.
...
Seems libselpol1-dev is disappearing.
2022-11-23 11:57:59 +00:00
Ondrej Kozina
c018558f2d
Remove unused define CRYPT_KC_TYPE_UNDEFINED.
...
The defined was not yet released in stable version.
2022-11-23 11:08:55 +01:00
Milan Broz
3633b81909
CI: fix GutHub action install script
2022-11-22 16:38:10 +01:00
Yuri Chornoivan
b23a02b05c
po: update uk.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Jakub Bogusz
347c39ca97
po: update pl.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Hiroshi Takekawa
2d1f1833e8
po: update ja.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Frédéric Marchal
7f09ab67e2
po: update fr.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Roland Illig
f5fb1f1b94
po: update de.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Petr Pisar
005141554f
po: update cs.po (from translationproject.org)
2022-11-22 16:17:48 +01:00
Ondrej Kozina
cd8f80b7ee
Clarify type requirements in crypt_volume_key_get_by_keyslot_context.
2022-11-21 15:56:14 +01:00
Milan Broz
c7bbae01a6
Fix some strings for translations.
...
No need to translate debug strings.
Fix spaces in key slot queries.
2022-11-20 12:36:26 +01:00
Milan Broz
257bc80ae9
Version 2.6.0-rc0.
2022-11-18 22:32:47 +01:00
Milan Broz
6c2e64bf75
fvault2: fix typo
2022-11-18 22:25:31 +01:00
Milan Broz
942cea1803
Update pot file.
2022-11-18 22:22:06 +01:00
