lp:ecryptfs

Created by Dustin Kirkland  and last modified
Get this branch:
bzr branch lp:ecryptfs
Members of eCryptfs can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
eCryptfs
Project:
eCryptfs
Status:
Development

Recent revisions

894. By Tyler Hicks

Remove unreachable code when parsing mount opt name value pairs

Revision 886 introduced a change to the mount option parsing code for
name-value pairs. A break was added to a loop once the first '=' is seen.
Before the break was added, it was possible that a '=' would be seen, then
memory allocated for the name portion of the string, then another '=' could be
seen and the previous name string be freed and then reallocated. However,
there's no longer a chance of needing to reallocate the name string so the
free() is not needed.

Discovered by Coverity (CID 1375979)

893. By Jason Xing

src/utils/ecryptfs-recover-private: Prevent ecryptfs-recover-private command is
terminated because of printing warnings. So just get rid of line "exit 1" in
the warn() function.

892. By Tyler Hicks

warn when recovering with a mount passphrase (LP: #1694272, LP: #1439825)

[tyhicks: add context to changelog entry and create helper warn() function]

891. By Tyler Hicks

ecryptfs-migrate-home: Pass --nopwcheck to ecryptfs-setup-private (LP: #1630477)

[tyhicks: Remove extra spaces in usage output and add changelog entry]

889. By Jason Xing

ecryptfs-mount-private -h prints short usage message (LP: #1449253)

[tyhicks: Add debian/changelog entry]

888. By Jason Xing

Fix loop in ecryptfs-manager when there are no options (LP: #1695767)

Reproduce case:
1) User doesn't install openssl.
2) Run ecryptfs-manager and make selection 3.
It goes in the infinite loop...which means whatever selection you enter next
cannot end this command or alter your option.

Explanation for the patch:
Adding several lines to take such a case into consideration, through testing
whether "num_transitions" is set to zero or not we could prevent the infinite
loop. If it is set to zero, it will return -EINVAL because "num_transitions"
means how many options this command could show to users and zero means that
user has no option to choose.

[tyhicks: Print to stderr, adjust error message, and add changelog entry]

887. By Tyler Hicks

Add Jason's mount option parser fix to debian/changelog

886. By Jason Xing

libecryptfs: Handle '=' characters in mount option string values

Users cannot mount ecryptfs with "-o passphrase_passwd_file=mykey" (<mykey> is
"passwd=123=abc") or "-o passwd=123=abc". Because the passphrase user uses
includes "=" character.

Because in the manner of process_comma_tok() function, ecryptfs will store
"passwd=123" as the @current->name and "abc" as @current->value. That will go
wrong when we go into tf_pass_file() function because it cannot match the name
"passphrase_passwd" or "passwd".

Add two lines in process_comma_tok() to change that case. If we match one "="
character in the string, we don't need to loop and match another "=" again.

885. By Tyler Hicks

debian/changelog: Annotate CVE-2015-8946 and CVE-2016-6224

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:~ecryptfs/ecryptfs/oldtrunk2
This branch contains Public information 
Everyone can see this information.