Created by Dustin Kirkland  and last modified
Get this branch:
bzr branch lp:ecryptfs
Members of eCryptfs can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information


Recent revisions

894. By Tyler Hicks

Remove unreachable code when parsing mount opt name value pairs

Revision 886 introduced a change to the mount option parsing code for
name-value pairs. A break was added to a loop once the first '=' is seen.
Before the break was added, it was possible that a '=' would be seen, then
memory allocated for the name portion of the string, then another '=' could be
seen and the previous name string be freed and then reallocated. However,
there's no longer a chance of needing to reallocate the name string so the
free() is not needed.

Discovered by Coverity (CID 1375979)

893. By Jason Xing

src/utils/ecryptfs-recover-private: Prevent ecryptfs-recover-private command is
terminated because of printing warnings. So just get rid of line "exit 1" in
the warn() function.

892. By Tyler Hicks

warn when recovering with a mount passphrase (LP: #1694272, LP: #1439825)

[tyhicks: add context to changelog entry and create helper warn() function]

891. By Tyler Hicks

ecryptfs-migrate-home: Pass --nopwcheck to ecryptfs-setup-private (LP: #1630477)

[tyhicks: Remove extra spaces in usage output and add changelog entry]

889. By Jason Xing

ecryptfs-mount-private -h prints short usage message (LP: #1449253)

[tyhicks: Add debian/changelog entry]

888. By Jason Xing

Fix loop in ecryptfs-manager when there are no options (LP: #1695767)

Reproduce case:
1) User doesn't install openssl.
2) Run ecryptfs-manager and make selection 3.
It goes in the infinite loop...which means whatever selection you enter next
cannot end this command or alter your option.

Explanation for the patch:
Adding several lines to take such a case into consideration, through testing
whether "num_transitions" is set to zero or not we could prevent the infinite
loop. If it is set to zero, it will return -EINVAL because "num_transitions"
means how many options this command could show to users and zero means that
user has no option to choose.

[tyhicks: Print to stderr, adjust error message, and add changelog entry]

887. By Tyler Hicks

Add Jason's mount option parser fix to debian/changelog

886. By Jason Xing

libecryptfs: Handle '=' characters in mount option string values

Users cannot mount ecryptfs with "-o passphrase_passwd_file=mykey" (<mykey> is
"passwd=123=abc") or "-o passwd=123=abc". Because the passphrase user uses
includes "=" character.

Because in the manner of process_comma_tok() function, ecryptfs will store
"passwd=123" as the @current->name and "abc" as @current->value. That will go
wrong when we go into tf_pass_file() function because it cannot match the name
"passphrase_passwd" or "passwd".

Add two lines in process_comma_tok() to change that case. If we match one "="
character in the string, we don't need to loop and match another "=" again.

885. By Tyler Hicks

debian/changelog: Annotate CVE-2015-8946 and CVE-2016-6224

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.