Created by James Westby on 2012-10-20 and last modified on 2013-02-21
Get this branch:
bzr branch lp:ubuntu/raring/ecryptfs-utils
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

92. By Nobuto Murata on 2013-02-20

* fix an empty update-notifier window (LP: #1107650)
  - needed part was dropped accidentally at 102-0ubuntu1

91. By Dustin Kirkland  on 2013-01-25

[ Tyler Hicks ]
* debian/rules:
  - Use dpkg-buildflags to inject distro compiler hardening flags into the
    build. This also fixes the hardening-no-fortify-functions lintian

[ Dustin Kirkland ]
* doc/manpage/ecryptfs-add-passphrase.1, doc/manpage/ecryptfsd.8,
  doc/manpage/ecryptfs-find.1, doc/manpage/ecryptfs-generate-tpm-
  key.1, doc/manpage/ecryptfs-insert-wrapped-passphrase-into-
  keyring.1, doc/manpage/ecryptfs-manager.8, doc/manpage/ecryptfs-
  migrate-home.8, doc/manpage/ecryptfs-mount-private.1,
  doc/manpage/ecryptfs-recover-private.1, doc/manpage/ecryptfs-rewrap-
  passphrase.1, doc/manpage/ecryptfs-rewrite-file.1,
  doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs-setup-
  swap.1, doc/manpage/ecryptfs-stat.1, doc/manpage/ecryptfs-umount-
  private.1, doc/manpage/ecryptfs-unwrap-passphrase.1,
  doc/manpage/ecryptfs-verify.1, doc/manpage/ecryptfs-wrap-
  passphrase.1, doc/manpage/Makefile.am, doc/manpage/mount.ecryptfs.8,
  doc/manpage/mount.ecryptfs_private.1, doc/manpage/pam_ecryptfs.8,
  doc/manpage/umount.ecryptfs_private.1, src/desktop/ecryptfs-find =>
  src/utils/ecryptfs-find, src/desktop/Makefile.am,
  - add 3 new manpages, for ecryptfs-find, ecryptfs-verify, and
  - Add SEE ALSO section to manpages which were missing it
  - Mention "Debian and Ubuntu" in license location
  - move the ecryptfs-find utility to the proper location in src/utils
* src/utils/Makefile.am:
  - fix broken build
* debian/ecryptfs-utils.links:
  - link no longer needed for ecryptfs-find

[ Colin King ]
* === added directory tests/kernel/mmap-bmap, === added directory
  tests/kernel/xattr, tests/kernel/link.sh, tests/kernel/Makefile.am,
  tests/kernel/mknod.sh, tests/kernel/mmap-bmap.sh, tests/kernel/mmap-
  bmap/test.c, tests/kernel/tests.rc, tests/kernel/xattr.sh,
  - ran the current eCryptfs tests on 3.8-rc4 with kernel gcov enabled
    and spotted a few trivial areas where it would be useful to up the
    test coverage on the code
  - so here are a few very simple additional tests to exercise eCryptfs
    a little further

90. By Dustin Kirkland  on 2013-01-22

[ Dustin Kirkland ]
* debian/control:
  - bump standards, no change
* precise

[ Tyler Hicks ]
* autogen.sh, scripts/release.sh, Makefile.am:
  - Break out the autoreconf and intltoolize commands from release.sh into
    an executable autogen.sh
  - Use the --copy option when invoking intltoolize
  - Include the new autogen.sh script in the release tarball
* debian/rules, debian/control:
  - Use dh-autoreconf so that upstream sources can easily be used to build
    packages for all the stable Ubuntu releases in the ecryptfs-utils daily
    build PPA
  - Override the dh_autoreconf target by running the autogen.sh script
  - Drop Build-Depends on autotools-dev since dh-autoreconf is a superset of
  - Drop Build-Depends on autoconf, automake, and libtool since
    dh-autoreconf depends on all of these packages
* m4/ac_python_devel.m4:
  - Fix FTBFS in Raring Ringtail due to multiarch Python. Be sure to include
    platform specific Python include directions in SWIG_PYTHON_CPPFLAGS.
* src/utils/mount.ecryptfs_private.c:
  - Fix conditionals when checking whether to remove authentication tokens
    from the kernel keyring upon umount. This conditional was incorrectly
    modified in ecryptfs-utils-101, yet the authentication tokens still seem
    to be removed from the kernel keyring so it isn't clear if there was
    actually a user-facing regression.
  - Pass the FEKEK sig, rather than the FNEK sig, to
  - Restore behavior of not printing error messages to syslog when
    unmounting and keys cannot be found in the kernel keyring.
  - Restore behavior of printing a useful error message about
    ecryptfs-mount-private when mounting and keys cannot be found in the
    kernel keyring
  - Fix memory leak and clean up free()'s in an error path
  - Use pointer assignment tests, rather than strlen(), to determine which
    key signatures were fetched
* src/daemon/main.c, src/include/ecryptfs.h,
  doc/manpage/ecryptfsd.8, doc/design_doc/ecryptfs_design_doc_v0_2.tex:
  - Remove netlink messaging interface support
  - Netlink messaging support was superceded by the miscdev interface
    (/dev/ecryptfs) in upstream kernel version 2.6.26 in July, 2008
  - Netlink messaging support was completely removed from the upstream
    kernel starting with version 2.6.32 in December, 2009
* src/jprobes/*, scripts/delete-cruft.sh:
  - Remove all jprobes code, as I don't use jprobes to debug eCryptfs kernel
    issues and I don't like the idea of maintaining these jprobes outside of
    the kernel tree
* src/escrow/*:
  - Remove all escrow code, as it isn't used or maintained
* tests/kernel/llseek.sh, tests/kernel/llseek/test.c,
  tests/userspace/wrap-unwrap.sh, tests/userspace/wrap-unwrap/test.c:
  - Migrate some old testcases over to the modern test framework
* tests/lib/etl_funcs.sh:
  - Update etl_create_test_dir() to allow a parent directory to be specified
    when creating the directory
* src/testcases:
  - Delete old testcases that were either too basic, covered by more
    extensive tests in the modern test framework, or just didn't work

[ Nobuto MURATA ]
* src/desktop/ecryptfs-record-passphrase:

89. By Dimitri John Ledkov on 2012-12-24

Fix FTBFS: multiarched python2.7 paths.

88. By Nobuto Murata on 2012-12-06

* debian/patches/record-passphrase-dialogue-translatable.patch:
  - make "Record your encryption passphrase" dialogue translatable
    (LP: #982924)
  - to workaround lp bug 1075304, removing line breaks(.) in the

87. By Dustin Kirkland  on 2012-10-25

[ Eric Lammerts ]
* src/libecryptfs/sysfs.c: LP: #1007880
  - Handle NULL mnt pointer when sysfs is not mounted

[ Tyler Hicks ]
* src/utils/ecryptfs-migrate-home: LP: #1026180
  - Correct minor misspelling
* src/utils/ecryptfs-recover-private: LP: #1004082
  - Fix option parsing when --rw is specified
* src/utils/ecryptfs-recover-private: LP: #1028923
  - Simplify success message to prevent incorrectly reporting that a
    read-only mount was performed when the --rw option is specified
* tests/lib/etl_func.sh:
  - Add test library function to return a lower path from an upper path,
    based on inode numbers
* tests/kernel/mmap-close.sh, tests/kernel/mmap-close/test.c:
  - Add regression test for open->mmap()->close()->dirty memory->munmap()
* tests/kernel/lp-561129.sh:
  - Add test for checking that a pre-existing target inode is properly
    evicted after a rename
* tests/README:
  - Add documentation on the steps to take when adding new test cases

[ Colin King ]
* tests/kernel/lp-911507.sh:
  - Add test case for initializing empty lower files during open()
* tests/kernel/lp-872905.sh:
  - Add test case to check for proper unlinking of lower files when
    lower file initialization fails
* src/key_mod/ecryptfs_key_mod_openssl.c,
  src/utils/mount.ecryptfs_private.c, src/utils/umount.ecryptfs.c:
  - address some issues raised by smatch static analysis
  - fix some memory leaks with frees
  - fix some pointer refs and derefs
  - fix some comment typos

[ Dustin Kirkland ]
* src/libecryptfs/key_management.c:
  - silence pam error message when errno == EACCES
    + "Error attempting to parse .ecryptfsrc file; rc = [-13]"
* src/utils/mount.ecryptfs_private.c: LP: #1052038
  - fix race condition, which typically manifests itself with a user
    saying that their home directory is not accessible, or that their
    filenames are not decrypted
  - the root of the problem is that we were reading the signature file,
    ~/.ecryptfs/Private.sig, twice; in some cases, the first one succeeds,
    so the file encryption signature is read and key is loaded, but then
    some other process (usually from PAM, perhaps a cron job or a
    subsequent login) mounts the home directory before the filename
    encryption key is loaded; thus, $HOME is mounted but filenames are
    not decrypted, so the second read of ~/.ecryptfs/Private.sig fails
    as that file is not found
  - the solution is to rework the internal fetch_sig() function and read
    one or both signatures within a single open/read/close operation of
    the file
  - free memory used by char **sig on failure
* debian/copyright:
  - fix lintian warning
* precise

86. By Dustin Kirkland  on 2012-08-02

[ Tyler Hicks ]
* src/pam_ecryptfs/pam_ecryptfs.c, src/libecryptfs/key_management.c:
    LP: #1024476
  - fix regression introduced in ecryptfs-utils-99 when Encrypted
    Home/Private is in use and the eCryptfs kernel code is compiled as a
  - drop check for kernel filename encryption support in pam_ecryptfs, as
    appropriate privileges to load the eCryptfs kernel module may not be
    available and filename encryption has been supported since 2.6.29
  - always add filename encryption key to the kernel keyring from pam mount

[ Colin King ]
* tests/kernel/inode-race-stat/test.c:
  - limit number of forks based on fd limits
* tests/kernel/enospc.sh, tests/kernel/enospc/test.c,
  tests/kernel/Makefile.am, tests/kernel/tests.rc:
  - add test case for ENOSPC

[ Tim Harder ]
* m4/ac_python_devel.m4: LP: #1029217
  - properly save and restore CPPFLAGS and LIBS when python support is

85. By Dustin Kirkland  on 2012-07-13

[ Dustin Kirkland ]
* debian/ecryptfs-utils.postinst: LP: #936093
  - ensure desktop file is executable
* precise

[ Wesley Wiedenmeier ]
* src/utils/mount.ecryptfs.c: LP: #329264
  - remove old hack, that worked around a temporary kernel regression;
    ensure that all mount memory is mlocked

[ Sebastian Krahmer ]
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #732614
  - drop group privileges in the same places that user privileges are
  - check return status of setresuid() calls and return if they fail
  - drop privileges before checking for the existence of
    ~/.ecryptfs/auto-mount to prevent possible file existence leakage
    by a symlink to a path that typically would not be searchable by
    the user
  - drop privileges before reading salt from the rc file to prevent the
    leakage of root's salt and, more importantly, using the incorrect salt
  - discovered, independently, by Vasiliy Kulikov and Sebastian Krahmer
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #1020904
  - after dropping privileges, clear the environment before executing the
    private eCryptfs mount helper
  - discovered by Sebastian Krahmer
* src/utils/mount.ecryptfs_private.c: LP: #1020904
  - do not allow private eCryptfs mount aliases to contain ".." characters
    as a preventative measure against a crafted file path being used as an
  - force the MS_NOSUID mount flag to protect against user controlled lower
    filesystems, such as an auto mounted USB drive, that may contain a
    setuid-root binary
    + CVE-2012-3409
  - force the MS_NODEV mount flag
  - after dropping privileges, clear the environment before executing umount
  - discovered by Sebastian Krahmer

[ Tyler Hicks ]
* src/libecryptfs/key_management.c: LP: #732614
  - zero statically declared buffers to prevent the leakage of stack
    contents in the case of a short file read
  - discovered by Vasiliy Kulikov
* src/libecryptfs/module_mgr.c, src/pam_ecryptfs/pam_ecryptfs.c:
  - fix compiler warnings

84. By Dustin Kirkland  on 2012-06-24

[ Dustin Kirkland ]
* debian/ecryptfs-utils.prerm:
  - drop the pre-removal ERRORs down to WARNINGs
  - these have caused a ton of trouble; whatever is causing ecryptfs-utils
    to be marked for removal should be fixed; but ecryptfs exiting 1 seems
    to be causing more trouble than it's worth
  - LP: #871021, #812270, #988960, #990630, #995381, #1010961
* doc/ecryptfs-faq.html:
  - update the frequently asked questions, which haven't seen much
    attention in a while now
  - drop a few references to sourceforge
* doc/ecryptfs-pam-doc.txt, doc/manpage/fr/ecryptfs-add-passphrase.1,
  doc/manpage/fr/ecryptfs-generate-tpm-key.1, doc/manpage/fr/ecryptfs-
  insert-wrapped-passphrase-into-keyring.1, doc/manpage/fr/ecryptfs-
  mount-private.1, doc/manpage/fr/ecryptfs-rewrap-passphrase.1,
  doc/manpage/fr/ecryptfs-setup-private.1, doc/manpage/fr/ecryptfs-
  umount-private.1, doc/manpage/fr/ecryptfs-unwrap-passphrase.1,
  doc/manpage/fr/ecryptfs-wrap-passphrase.1, doc/manpage/fr/ecryptfs-
  zombie-kill.1, doc/manpage/fr/ecryptfs-zombie-list.1,
  doc/sourceforge_webpage/index.html, doc/sourceforge_webpage/README,
  === removed directory doc/manpage/fr, === removed directory
  doc/sourceforge_webpage, rpm/ecryptfs-utils.spec:
  - remove some deprecated documentation
  - fish it out of bzr, if we ever need it again, but let's
    quit publishing it in our release tarballs
* precise

83. By Dustin Kirkland  on 2012-06-15

[ Kees Cook ]
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #938326
  - exit, rather than return to prevent duplicate processes

[ Andreas Raster ]
* src/desktop/ecryptfs-find:
  - $mounts was quoted once too often

[ George Wilson ]
* src/key_mod/ecryptfs_key_mod_openssl.c,
  src/key_mod/ecryptfs_key_mod_tspi.c: LP: #937331
  - IBM would like to grant a license exception for key modules that
    require linking to OpenSSL. The change should make the modules
    shippable by Linux distributions

[ Dustin Kirkland ]
* debian/copyright:
  - note the GPLv2 SSL exception granted by IBM for the key modules
* debian/control, debian/copyright, doc/manpage/ecryptfs.7,
  doc/manpage/ecryptfs-add-passphrase.1, doc/manpage/ecryptfsd.8,
  doc/manpage/ecryptfs-generate-tpm-key.1, doc/manpage/ecryptfs-
  insert-wrapped-passphrase-into-keyring.1, doc/manpage/ecryptfs-
  manager.8, doc/manpage/ecryptfs-mount-private.1,
  doc/manpage/ecryptfs-recover-private.1, doc/manpage/ecryptfs-rewrap-
  passphrase.1, doc/manpage/ecryptfs-rewrite-file.1,
  doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs-setup-
  swap.1, doc/manpage/ecryptfs-stat.1, doc/manpage/ecryptfs-umount-
  private.1, doc/manpage/ecryptfs-unwrap-passphrase.1,
  doc/manpage/mount.ecryptfs.8, doc/manpage/mount.ecryptfs_private.1,
  doc/manpage/pam_ecryptfs.8, doc/manpage/umount.ecryptfs.8,
  doc/manpage/umount.ecryptfs_private.1, README,
  - use the new ecryptfs.org website where appropriate
* debian/control:
  - update to suggest zescrow-client
* precise

[ Sergio Peña ]
* src/libecryptfs/cipher_list.c: LP: #922821
  - add the new name of the blowfish cipher (linux >= 3.2)
* src/include/ecryptfs.h, src/libecryptfs/main.c,
  src/utils/mount.ecryptfs.c: LP: #917509
  - use execl() to mount ecryptfs
  - this allows us to support any arbitrary mount options in

[ Tyler Hicks ]
* doc/manpage/ecryptfs.7:
  - Remove the note saying that the passphrase and openssl key modules are
    available by default. That's true upstream but not always true in distro
* tests/run_tests.sh:
  - Make upper and lower mount point arguments optional by automatically
    creating directories in /tmp by default.
  - Make it possible to run only userspace tests without having to specify
    unused mount information
  - Accept a comma-separated list of lower filesystems to test on and loop
    through all kernel tests for each lower filesystem
  - Accept a comma-separated list of tests to run
* tests/lib/etl_funcs.sh:
  - Unset $ETL_DISK just before etl_remove_disk() successfully returns
* tests/userspace/Makefile.am:
  - Also build 'make check' tests when building with --enable-tests
* include/ecryptfs.h, libecryptfs/Makefile.am,
  libecryptfs/cipher_list.c, libecryptfs/module_mgr.c,
  utils/io.h: LP: #994813
  - remove overly complicated implementation to detect what ciphers
    are supported by the currently running kernel's crypto api
  - prompt for the entire supported cipher list, if the user selects a
    cipher that their kernel doesn't support, the mount will fail
    and the kernel will write an error message to the syslog
* src/libecryptfs/module_mgr.c:
  - Use correct blowfish block size when displaying supported ciphers to
    the user
* tests/kernel/lp-1009207.sh, tests/kernel/Makefile.am,
  - Add simple test case for incorrect handling of umask and default POSIX
    ACL masks
* tests/kernel/lp-994247.sh, tests/kernel/lp-994247/test.c,
  tests/kernel/Makefile.am, tests/kernel/tests.rc:
  - Add test case for incorrect handling of open /dev/ecryptfs file
    descriptors that are passed or inherited by other processes

[ Colin King ]
* tests/lib/etl_funcs.sh:
  - etl_lumount() should use DST rather than SRC dir so it can run on Lucid
  - use file system appropriate mkfs force flag
  - cater for correct ext2 default mount flags
* tests/kernel/lp-509180.sh, tests/kernel/lp-509180/test.c:
  - test for trailing garbage at end of files
* tests/kernel/lp-524919.sh, tests/kernel/lp-524919/test.c:
  - test case for checking lstat/readlink size
* tests/kernel/lp-870326.sh, tests/kernel/lp-870326/test.c:
  - test case for open(), mmap(), close(), modify mmap'd region
* tests/kernel/lp-469664.sh:
  - test case for lsattr
* tests/kernel/lp-613873.sh:
  - test case for stat modify time
* tests/kernel/lp-745836.sh:
  - test case for clearing ECRYPTFS_NEW_FILE flag during truncate
* tests/lib/etl_funcs.sh, tests/kernel/extend-file-random.sh,
  tests/kernel/trunc-file.sh (LP: #1007159):
  - Add test library function for estimating available space in lower fs
  - Use new library function in tests that need to create large files

[ Colin Watson ]
* src/utils/ecryptfs-setup-swap: Skip /dev/zram* swap devices
  LP: #979350

[ Serge Hallyn ]
* src/utils/mount.ecryptfs_private.c:
  - EoL fixes

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.