lp:~jelle-vdwaa/ecryptfs/ecryptfs
- Get this branch:
- bzr branch lp:~jelle-vdwaa/ecryptfs/ecryptfs
Branch merges
- Tyler Hicks: Approve
- Raphael Groner (community): Approve
-
Diff: 165 lines (+52/-8)2 files modifiedsrc/key_mod/ecryptfs_key_mod_openssl.c (+25/-4)
src/key_mod/ecryptfs_key_mod_pkcs11_helper.c (+27/-4)
Related bugs
Related blueprints
Branch information
Recent revisions
- 889. By Jelle van der Waa
-
Fix build with OpenSSL 1.1.x
The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.EVP_PKEY structure has been made opaque, use EVP_PKEY_base_id
to get the type. - 888. By Jelle van der Waa
-
Fix build with OpenSSL 1.1.x
The rsa_st struct has been made opaque in 1.1.x, add forward compatible
code to access the n, e, d members of rsa_struct.CRYPTO_malloc_init has been removed from OpenSSL 1.1.x since the library
calls this routine by itself. - 886. By Jason Xing
-
libecryptfs: Handle '=' characters in mount option string values
Users cannot mount ecryptfs with "-o passphrase_
passwd_ file=mykey" (<mykey> is
"passwd=123=abc") or "-o passwd=123=abc". Because the passphrase user uses
includes "=" character.Because in the manner of process_comma_tok() function, ecryptfs will store
"passwd=123" as the @current->name and "abc" as @current->value. That will go
wrong when we go into tf_pass_file() function because it cannot match the name
"passphrase_passwd" or "passwd".Add two lines in process_comma_tok() to change that case. If we match one "="
character in the string, we don't need to loop and match another "=" again. - 884. By Tyler Hicks
-
debian/
ecryptfs- utils.postinst: Fix any unencrypted GPT swap partitions
that have mistakenly remained marked as auto mount. This should only
modify the swap partitions on systems that ecryptfs-setup-swap has been
used on. (LP: #1447282, LP: #1597154) - 883. By Tyler Hicks
-
tests/kernel/
lp-872905. sh: Adjust the test to account for upstream kernel
changes that were preventing the test from cleaning up after itself. The kernel
had a change of behavior where mounts that are configured to use encrypted
filenames will not be able to successfully lookup lower files with plaintext
filenames. This change caused the lower filler file, which was being created
directly in the lower filesystem, to not be removed during the test cleanup and
all of the following tests to fail since the lower filesystem remained full.The upstream kernel commit mentioned above is:
88ae4ab ecryptfs_lookup(): try either only encrypted or plaintext name
- 882. By Tyler Hicks
-
src/utils/
ecryptfs- setup-swap: Prevent unencrypted swap partitions from
being automatically enabled by systemd. This bug affected GPT partitioned
NVMe/MMC drives and resulted in the swap partition being used without
encryption. It also resulted in a usability issue in that users were
erroneously prompted to enter a pass-phrase to unlock their swap partition
at boot. (LP: #1597154) - 881. By Tyler Hicks
-
[ Richard Laager ]
* src/utils/ecryptfs- setup-private: LP: #1574174
- Adjust the test for discovering already active mount point destinations
so that it doesn't accidentally match mount point sources.
- Fixes ecryptfs-setup-private issue when attempting to use ZFS and
eCryptfs together
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ecryptfs