From 6154d2a1a7d0cd5abbebce073f512d402b51f7dc Mon Sep 17 00:00:00 2001 From: Michal Hlavinka Date: Jun 25 2012 13:27:47 +0000 Subject: ecryptfs-utils updated to 97 --- diff --git a/.gitignore b/.gitignore index 2360010..516bcb1 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ ecryptfs-mount-private.png /ecryptfs-utils_93.orig.tar.gz /ecryptfs-utils_95.orig.tar.gz /ecryptfs-utils_96.orig.tar.gz +/ecryptfs-utils_97.orig.tar.gz diff --git a/ecryptfs-utils-75-werror.patch b/ecryptfs-utils-75-werror.patch index aee3690..9cedf2a 100644 --- a/ecryptfs-utils-75-werror.patch +++ b/ecryptfs-utils-75-werror.patch @@ -1,7 +1,7 @@ -diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c ---- ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2012-06-04 14:47:13.021862738 +0200 -+++ ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2012-06-04 14:47:13.036862853 +0200 -@@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize( +diff -up ecryptfs-utils-97/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-97/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c +--- ecryptfs-utils-97/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2012-06-25 15:25:21.915772946 +0200 ++++ ecryptfs-utils-97/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2012-06-25 15:25:21.928773050 +0200 +@@ -99,7 +99,7 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->serialized_id = NULL; } else { @@ -10,7 +10,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e i += serialized_id_length; } pkcs11h_data->certificate_blob_size = blob[i++] % 256; -@@ -104,12 +104,11 @@ static int ecryptfs_pkcs11h_deserialize( +@@ -117,12 +117,11 @@ static int ecryptfs_pkcs11h_deserialize( pkcs11h_data->passphrase = NULL; } else { @@ -24,7 +24,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -346,14 +345,14 @@ static int ecryptfs_pkcs11h_get_key_sig( +@@ -359,14 +358,14 @@ static int ecryptfs_pkcs11h_get_key_sig( data[i++] = '\02'; data[i++] = (char)(nbits >> 8); data[i++] = (char)nbits; @@ -43,7 +43,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e sig[ECRYPTFS_SIG_SIZE_HEX] = '\0'; rc = 0; -@@ -411,8 +410,8 @@ static int ecryptfs_pkcs11h_encrypt(char +@@ -424,8 +423,8 @@ static int ecryptfs_pkcs11h_encrypt(char if ( (rc = RSA_public_encrypt( from_size, @@ -54,7 +54,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e rsa, RSA_PKCS1_PADDING )) == -1 -@@ -506,9 +505,9 @@ static int ecryptfs_pkcs11h_decrypt(char +@@ -519,9 +518,9 @@ static int ecryptfs_pkcs11h_decrypt(char (rv = pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, @@ -66,7 +66,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e to_size )) != CKR_OK ) { -@@ -534,9 +533,9 @@ static int ecryptfs_pkcs11h_decrypt(char +@@ -547,9 +546,9 @@ static int ecryptfs_pkcs11h_decrypt(char pkcs11h_certificate_decryptAny ( certificate, CKM_RSA_PKCS, @@ -78,7 +78,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e to_size ); -@@ -851,7 +850,7 @@ static int ecryptfs_pkcs11h_process_key( +@@ -864,7 +863,7 @@ static int ecryptfs_pkcs11h_process_key( rc = MOUNT_ERROR; goto out; } @@ -87,7 +87,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e &subgraph_key_ctx->key_mod->blob_size, pkcs11h_data))) { syslog(LOG_ERR, "PKCS#11: Error serializing pkcs11; rc=[%d]\n", rc); -@@ -930,7 +929,7 @@ static int tf_pkcs11h_global_loglevel(st +@@ -943,7 +942,7 @@ static int tf_pkcs11h_global_loglevel(st rc = DEFAULT_TOK; node->val = NULL; @@ -96,7 +96,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -943,7 +942,7 @@ static int tf_pkcs11h_global_pincache(st +@@ -956,7 +955,7 @@ static int tf_pkcs11h_global_pincache(st rc = DEFAULT_TOK; node->val = NULL; @@ -105,7 +105,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -1013,7 +1012,7 @@ static int tf_pkcs11h_provider_prot_auth +@@ -1026,7 +1025,7 @@ static int tf_pkcs11h_provider_prot_auth sscanf (node->val, "%x", &subgraph_provider_ctx->allow_protected_authentication); rc = DEFAULT_TOK; node->val = NULL; @@ -114,7 +114,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -1027,7 +1026,7 @@ static int tf_pkcs11h_provider_cert_priv +@@ -1040,7 +1039,7 @@ static int tf_pkcs11h_provider_cert_priv sscanf (node->val, "%x", &subgraph_provider_ctx->certificate_is_private); rc = DEFAULT_TOK; node->val = NULL; @@ -123,7 +123,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -1042,7 +1041,7 @@ static int tf_pkcs11h_provider_private_m +@@ -1055,7 +1054,7 @@ static int tf_pkcs11h_provider_private_m rc = DEFAULT_TOK; node->val = NULL; @@ -132,7 +132,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -1073,7 +1072,7 @@ static int tf_pkcs11h_provider_end(struc +@@ -1086,7 +1085,7 @@ static int tf_pkcs11h_provider_end(struc free(subgraph_provider_ctx); *foo = NULL; rc = DEFAULT_TOK; @@ -141,7 +141,7 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e return rc; } -@@ -1120,7 +1119,7 @@ static int tf_pkcs11h_key_x509file(struc +@@ -1133,7 +1132,7 @@ static int tf_pkcs11h_key_x509file(struc X509 *x509 = NULL; unsigned char *p = NULL; FILE *fp = NULL; @@ -150,9 +150,9 @@ diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo); -diff -up ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c ---- ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c.werror 2011-12-14 00:01:38.000000000 +0100 -+++ ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c 2012-06-04 14:47:13.036862853 +0200 +diff -up ecryptfs-utils-97/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-97/src/libecryptfs/ecryptfs-stat.c +--- ecryptfs-utils-97/src/libecryptfs/ecryptfs-stat.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/src/libecryptfs/ecryptfs-stat.c 2012-06-25 15:25:21.929773058 +0200 @@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_ if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES @@ -162,9 +162,9 @@ diff -up ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils "bytes; there are only [%zu] bytes\n", __FUNCTION__, (ECRYPTFS_FILE_SIZE_BYTES + MAGIC_ECRYPTFS_MARKER_SIZE_BYTES -diff -up ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c.werror 2011-12-14 00:01:38.000000000 +0100 -+++ ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c 2012-06-04 14:47:13.036862853 +0200 +diff -up ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c 2012-06-25 15:25:21.929773058 +0200 @@ -39,35 +39,11 @@ #include #include @@ -258,39 +258,30 @@ diff -up ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils goto out; } saved_uid = geteuid(); -diff -up ecryptfs-utils-96/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-96/src/utils/mount.ecryptfs.c ---- ecryptfs-utils-96/src/utils/mount.ecryptfs.c.werror 2012-06-04 14:47:13.033862831 +0200 -+++ ecryptfs-utils-96/src/utils/mount.ecryptfs.c 2012-06-04 14:47:13.037862861 +0200 -@@ -461,7 +461,7 @@ static int ecryptfs_do_mount(int argc, c - { - int rc; - int flags = 0; -- int num_opts = 0; -+// int num_opts = 0; - char *src = NULL, *targ = NULL, *opts = NULL, *new_opts = NULL, *temp; - char *val; - -@@ -472,7 +472,7 @@ static int ecryptfs_do_mount(int argc, c - rc = strip_userland_opts(opts); - if (rc) - goto out; -- num_opts = ecryptfs_generate_mount_flags(opts, &flags); -+ ecryptfs_generate_mount_flags(opts, &flags); - if (!(temp = strdup("ecryptfs_unlink_sigs"))) { - rc = -ENOMEM; - goto out; -diff -up ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c ---- ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c.werror 2012-06-04 14:47:13.027862783 +0200 -+++ ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c 2012-06-04 14:47:13.037862861 +0200 -@@ -95,7 +95,6 @@ int read_config(char *pw_dir, int uid, c +diff -up ecryptfs-utils-97/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-97/src/utils/mount.ecryptfs.c +--- ecryptfs-utils-97/src/utils/mount.ecryptfs.c.werror 2012-06-25 15:25:21.926773034 +0200 ++++ ecryptfs-utils-97/src/utils/mount.ecryptfs.c 2012-06-25 15:25:21.930773066 +0200 +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + #include "config.h" + #include "ecryptfs.h" + #include "decision_graph.h" +diff -up ecryptfs-utils-97/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-97/src/utils/mount.ecryptfs_private.c +--- ecryptfs-utils-97/src/utils/mount.ecryptfs_private.c.werror 2012-06-25 15:25:21.921772994 +0200 ++++ ecryptfs-utils-97/src/utils/mount.ecryptfs_private.c 2012-06-25 15:25:21.930773066 +0200 +@@ -95,7 +95,7 @@ int read_config(char *pw_dir, int uid, c *s = strdup(e->mnt_fsname); if (!*s) return -2; -out: ++ return 0; } -@@ -302,7 +301,7 @@ int update_mtab(char *dev, char *mnt, ch +@@ -302,7 +302,7 @@ int update_mtab(char *dev, char *mnt, ch goto fail_early; } @@ -299,9 +290,9 @@ diff -up ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c.werror ecryptfs-ut if (addmntent(new_mtab, old_ent) != 0) { perror("addmntent"); goto fail; -diff -up ecryptfs-utils-96/src/utils/test.c.werror ecryptfs-utils-96/src/utils/test.c ---- ecryptfs-utils-96/src/utils/test.c.werror 2011-12-14 00:01:38.000000000 +0100 -+++ ecryptfs-utils-96/src/utils/test.c 2012-06-04 14:47:13.038862869 +0200 +diff -up ecryptfs-utils-97/src/utils/test.c.werror ecryptfs-utils-97/src/utils/test.c +--- ecryptfs-utils-97/src/utils/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/src/utils/test.c 2012-06-25 15:25:21.931773074 +0200 @@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache struct inode *lower_inode; struct ecryptfs_crypt_stat *crypt_stat; @@ -311,9 +302,9 @@ diff -up ecryptfs-utils-96/src/utils/test.c.werror ecryptfs-utils-96/src/utils/t int orig_byte_offset = 0; int num_extents_per_page; #define ECRYPTFS_PAGE_STATE_UNREAD 0 -diff -up ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c.werror ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c ---- ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c.werror 2012-02-13 17:30:32.000000000 +0100 -+++ ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c 2012-06-04 14:47:13.038862869 +0200 +diff -up ecryptfs-utils-97/tests/kernel/directory-concurrent/test.c.werror ecryptfs-utils-97/tests/kernel/directory-concurrent/test.c +--- ecryptfs-utils-97/tests/kernel/directory-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/tests/kernel/directory-concurrent/test.c 2012-06-25 15:25:21.931773074 +0200 @@ -149,7 +149,7 @@ int hang_check(int option, const char *f int test_dirs(const char *path, const int max_dirs) @@ -323,9 +314,9 @@ diff -up ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c.werror ecryp char *filename; size_t len = strlen(path) + 32; int ret = TEST_PASSED; -diff -up ecryptfs-utils-96/tests/kernel/extend-file-random/test.c.werror ecryptfs-utils-96/tests/kernel/extend-file-random/test.c ---- ecryptfs-utils-96/tests/kernel/extend-file-random/test.c.werror 2012-02-13 17:30:32.000000000 +0100 -+++ ecryptfs-utils-96/tests/kernel/extend-file-random/test.c 2012-06-04 14:48:48.034597731 +0200 +diff -up ecryptfs-utils-97/tests/kernel/extend-file-random/test.c.werror ecryptfs-utils-97/tests/kernel/extend-file-random/test.c +--- ecryptfs-utils-97/tests/kernel/extend-file-random/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/tests/kernel/extend-file-random/test.c 2012-06-25 15:25:21.931773074 +0200 @@ -48,7 +48,7 @@ int test_write(int fd, char *buffer, siz } @@ -351,21 +342,21 @@ diff -up ecryptfs-utils-96/tests/kernel/extend-file-random/test.c.werror ecryptf len, offset, strerror(errno)); return TEST_FAILED; } -diff -up ecryptfs-utils-96/tests/kernel/file-concurrent/test.c.werror ecryptfs-utils-96/tests/kernel/file-concurrent/test.c ---- ecryptfs-utils-96/tests/kernel/file-concurrent/test.c.werror 2012-02-13 17:30:32.000000000 +0100 -+++ ecryptfs-utils-96/tests/kernel/file-concurrent/test.c 2012-06-04 14:47:13.038862869 +0200 -@@ -178,7 +178,7 @@ int hang_check(int option, const char *f +diff -up ecryptfs-utils-97/tests/kernel/file-concurrent/test.c.werror ecryptfs-utils-97/tests/kernel/file-concurrent/test.c +--- ecryptfs-utils-97/tests/kernel/file-concurrent/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/tests/kernel/file-concurrent/test.c 2012-06-25 15:25:21.932773082 +0200 +@@ -177,7 +177,7 @@ int hang_check(int option, const char *f - int test_dirs(const char *path, const int max_files) + int test_files(const char *path, const int max_files) { - int i, j; + int i; char *filename; size_t len = strlen(path) + 32; int ret = TEST_PASSED; -diff -up ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c.werror ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c ---- ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c.werror 2012-02-16 03:56:20.000000000 +0100 -+++ ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c 2012-06-04 14:47:13.040862885 +0200 +diff -up ecryptfs-utils-97/tests/kernel/inode-race-stat/test.c.werror ecryptfs-utils-97/tests/kernel/inode-race-stat/test.c +--- ecryptfs-utils-97/tests/kernel/inode-race-stat/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/tests/kernel/inode-race-stat/test.c 2012-06-25 15:25:21.932773082 +0200 @@ -106,7 +106,6 @@ static void do_test(const int fdin, cons { for (;;) { @@ -400,9 +391,20 @@ diff -up ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c.werror ecryptfs-u (void)waitpid(pids[i], &status, 0); (void)close(pipe_to[i][1]); -diff -up ecryptfs-utils-96/tests/kernel/trunc-file/test.c.werror ecryptfs-utils-96/tests/kernel/trunc-file/test.c ---- ecryptfs-utils-96/tests/kernel/trunc-file/test.c.werror 2012-02-13 17:30:32.000000000 +0100 -+++ ecryptfs-utils-96/tests/kernel/trunc-file/test.c 2012-06-04 14:47:13.040862885 +0200 +diff -up ecryptfs-utils-97/tests/kernel/lp-509180/test.c.werror ecryptfs-utils-97/tests/kernel/lp-509180/test.c +--- ecryptfs-utils-97/tests/kernel/lp-509180/test.c.werror 2012-06-25 15:25:25.512801830 +0200 ++++ ecryptfs-utils-97/tests/kernel/lp-509180/test.c 2012-06-25 15:25:25.526801949 +0200 +@@ -48,7 +48,6 @@ int main(int argc, char **argv) + int fd; + int opt, flags = 0; + int rc = 0; +- unsigned int *ptr; + char *file; + unsigned char buffer[1]; + +diff -up ecryptfs-utils-97/tests/kernel/trunc-file/test.c.werror ecryptfs-utils-97/tests/kernel/trunc-file/test.c +--- ecryptfs-utils-97/tests/kernel/trunc-file/test.c.werror 2012-05-18 21:06:17.000000000 +0200 ++++ ecryptfs-utils-97/tests/kernel/trunc-file/test.c 2012-06-25 15:25:21.932773082 +0200 @@ -39,7 +39,7 @@ int write_buff(int fd, unsigned char *data, ssize_t size) diff --git a/ecryptfs-utils-87-fixpamfork.patch b/ecryptfs-utils-87-fixpamfork.patch index 3c9749c..6eb8861 100644 --- a/ecryptfs-utils-87-fixpamfork.patch +++ b/ecryptfs-utils-87-fixpamfork.patch @@ -1,7 +1,7 @@ -diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork 2011-10-31 13:44:28.643925611 +0100 -+++ ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c 2011-10-31 13:46:48.627152400 +0100 -@@ -207,7 +207,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +diff -up ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork 2012-06-25 14:57:39.908192484 +0200 ++++ ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c 2012-06-25 15:05:53.368373955 +0200 +@@ -208,7 +208,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h } out_child: free(auth_tok_sig); @@ -10,20 +10,20 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork ecryptfs-u } tmp_pid = waitpid(child_pid, NULL, 0); if (tmp_pid == -1) -@@ -295,7 +295,7 @@ static int private_dir(pam_handle_t *pam +@@ -296,7 +296,7 @@ static int private_dir(pam_handle_t *pam "%s/.ecryptfs/.wrapped-passphrase.recorded", pwd->pw_dir) < 0) || recorded == NULL) { syslog(LOG_ERR, "pam_ecryptfs: Error allocating memory for recorded name"); -- return 1; +- exit(1); + _exit(255); } if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { /* User has not recorded their passphrase */ -@@ -307,24 +307,26 @@ static int private_dir(pam_handle_t *pam +@@ -308,25 +308,27 @@ static int private_dir(pam_handle_t *pam if (stat(autofile, &s) != 0) { /* User does not want to auto-mount */ syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs mount"); -- return 0; +- exit(0); + _exit(0); } /* run mount.ecryptfs_private as the user */ @@ -35,21 +35,23 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.fixpamfork ecryptfs-u if (stat(autofile, &s) != 0) { /* User does not want to auto-unmount */ syslog(LOG_DEBUG, "pam_ecryptfs: Skipping automatic eCryptfs unmount"); -- return 0; +- exit(0); + _exit(0); } /* run umount.ecryptfs_private as the user */ setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid); execl("/sbin/umount.ecryptfs_private", "umount.ecryptfs_private", NULL); +- exit(1); + syslog(LOG_ERR,"unable to execute umount.ecryptfs_private : %m"); ++ _exit(255); } -- return 1; +- exit(1); + _exit(255); } else { waitpid(pid, &rc, 0); - goto out; -@@ -455,7 +457,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand + } +@@ -456,7 +458,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand goto out_child; } out_child: diff --git a/ecryptfs-utils-87-memcpyfix.patch b/ecryptfs-utils-87-memcpyfix.patch index 3e7a5cd..d9dc5da 100644 --- a/ecryptfs-utils-87-memcpyfix.patch +++ b/ecryptfs-utils-87-memcpyfix.patch @@ -1,15 +1,6 @@ diff -up ecryptfs-utils-87/src/utils/mount.ecryptfs.c.memcpyfix ecryptfs-utils-87/src/utils/mount.ecryptfs.c --- ecryptfs-utils-87/src/utils/mount.ecryptfs.c.memcpyfix 2011-07-11 15:04:00.742821125 +0200 +++ ecryptfs-utils-87/src/utils/mount.ecryptfs.c 2011-07-11 15:04:15.590926517 +0200 -@@ -189,7 +189,7 @@ static int ecryptfs_generate_mount_flags - *end = '\0'; - break; - } -- memcpy(opt, next_opt, end - next_opt); -+ memmove(opt, next_opt, end - next_opt); - end = end - (next_opt - opt); - *end = '\0'; - } @@ -416,7 +416,7 @@ static int opts_str_contains_option(char *end = '\0'; break; diff --git a/ecryptfs-utils-87-mtab.patch b/ecryptfs-utils-87-mtab.patch deleted file mode 100644 index 1e819f5..0000000 --- a/ecryptfs-utils-87-mtab.patch +++ /dev/null @@ -1,41 +0,0 @@ -diff -up ecryptfs-utils-90/src/libecryptfs/main.c.mtabfix ecryptfs-utils-90/src/libecryptfs/main.c ---- ecryptfs-utils-90/src/libecryptfs/main.c.mtabfix 2011-02-22 18:35:26.000000000 +0100 -+++ ecryptfs-utils-90/src/libecryptfs/main.c 2011-08-11 10:24:24.274245958 +0200 -@@ -382,6 +382,7 @@ out: - - int ecryptfs_mount(char *source, char *target, unsigned long flags, char *opts) - { -+ char dummy; - FILE *mtab_fd = NULL; - struct mntent mountent; - char *fullpath_source = NULL; -@@ -425,11 +426,14 @@ int ecryptfs_mount(char *source, char *t - syslog(LOG_ERR, "Failed to perform eCryptfs mount: [%m]\n"); - goto out; - } -- mtab_fd = setmntent("/etc/mtab", "a"); -- if (!mtab_fd) { -- rc = -EACCES; -- syslog(LOG_ERR, "Failed to update the mount table\n"); -- goto out; -+ /* it's possible that /etc/mtab is just a symlink to /proc/mounts */ -+ if (readlink("/etc/mtab", &dummy, 1) < 0) { -+ mtab_fd = setmntent("/etc/mtab", "a"); -+ if (!mtab_fd) { -+ rc = -EACCES; -+ syslog(LOG_ERR, "Failed to update the mount table\n"); -+ goto out; -+ } - } - mountent.mnt_fsname = fullpath_source; - mountent.mnt_dir = fullpath_target; -@@ -464,7 +468,7 @@ int ecryptfs_mount(char *source, char *t - } - mountent.mnt_freq = 0; - mountent.mnt_passno = 0; -- if (addmntent(mtab_fd, &mountent)) { -+ if (mtab_fd && addmntent(mtab_fd, &mountent)) { - rc = -EIO; - syslog(LOG_ERR, "Failed to write to the mount " - "table\n"); -diff -up ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c.mtabfix ecryptfs-utils-90/src/utils/mount.ecryptfs_private.c diff --git a/ecryptfs-utils-87-syslog.patch b/ecryptfs-utils-87-syslog.patch index d27fab8..a76fd01 100644 --- a/ecryptfs-utils-87-syslog.patch +++ b/ecryptfs-utils-87-syslog.patch @@ -1,6 +1,6 @@ -diff -up ecryptfs-utils-93/src/include/ecryptfs.h.syslog ecryptfs-utils-93/src/include/ecryptfs.h ---- ecryptfs-utils-93/src/include/ecryptfs.h.syslog 2011-10-31 13:57:01.132420947 +0100 -+++ ecryptfs-utils-93/src/include/ecryptfs.h 2011-10-31 13:57:01.135420971 +0100 +diff -up ecryptfs-utils-97/src/include/ecryptfs.h.syslog ecryptfs-utils-97/src/include/ecryptfs.h +--- ecryptfs-utils-97/src/include/ecryptfs.h.syslog 2012-06-25 15:06:12.902539327 +0200 ++++ ecryptfs-utils-97/src/include/ecryptfs.h 2012-06-25 15:06:12.907539370 +0200 @@ -143,7 +143,7 @@ #define ECRYPTFS_TAG_67_PACKET 0x43 @@ -10,10 +10,10 @@ diff -up ecryptfs-utils-93/src/include/ecryptfs.h.syslog ecryptfs-utils-93/src/i #define ECRYPTFS_MAX_NUM_CIPHERS 64 #define ECRYPTFS_ECHO_ON 1 -diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c ---- ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog 2011-10-31 13:57:01.129420920 +0100 -+++ ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c 2011-10-31 13:59:35.090721614 +0100 -@@ -90,7 +90,7 @@ static int wrap_passphrase_if_necessary( +diff -up ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c +--- ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c.syslog 2012-06-25 15:06:12.899539302 +0200 ++++ ecryptfs-utils-97/src/pam_ecryptfs/pam_ecryptfs.c 2012-06-25 15:07:29.141184640 +0200 +@@ -91,7 +91,7 @@ static int wrap_passphrase_if_necessary( rc = asprintf(&unwrapped_pw_filename, "/dev/shm/.ecryptfs-%s", username); if (rc == -1) { @@ -22,7 +22,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return -ENOMEM; } /* If /dev/shm/.ecryptfs-$USER exists and owned by the user -@@ -104,7 +104,7 @@ static int wrap_passphrase_if_necessary( +@@ -105,7 +105,7 @@ static int wrap_passphrase_if_necessary( setuid(uid); rc = ecryptfs_wrap_passphrase_file(wrapped_pw_filename, passphrase, salt, unwrapped_pw_filename); if (rc != 0) { @@ -31,7 +31,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils } return rc; } -@@ -122,7 +122,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -123,7 +123,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h struct ecryptfs_pam_data *epd = {0,}; if ((epd = malloc(sizeof(struct ecryptfs_pam_data))) == NULL) { @@ -40,7 +40,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = -ENOMEM; goto out; } -@@ -137,14 +137,14 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -138,14 +138,14 @@ PAM_EXTERN int pam_sm_authenticate(pam_h epd->homedir = pwd->pw_dir; } } else { @@ -57,7 +57,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils /* If private/home is already mounted, then we can skip costly loading of keys */ goto out; -@@ -152,7 +152,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -153,7 +153,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h /* we need side effect of this check: load ecryptfs module if not loaded already */ if (ecryptfs_get_version(&version) != 0) @@ -66,7 +66,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils saved_uid = geteuid(); seteuid(epd->uid); if(file_exists_dotecryptfs(epd->homedir, "wrapping-independent") == 1) -@@ -162,7 +162,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -163,7 +163,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h epd->passphrase = strdup(epd->passphrase); seteuid(saved_uid); if (rc != PAM_SUCCESS) { @@ -75,7 +75,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc); goto out; } -@@ -174,7 +174,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h +@@ -175,7 +175,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_h epd->unwrap = ((argc == 1) && (memcmp(argv[0], "unwrap\0", 7) == 0)); if ((rc=pam_set_data(pamh, ECRYPTFS_PAM_DATA, epd, pam_free_ecryptfsdata)) != PAM_SUCCESS) { @@ -84,7 +84,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils goto out; } out: -@@ -197,12 +197,12 @@ static struct passwd *fetch_pwd(pam_hand +@@ -198,12 +198,12 @@ static struct passwd *fetch_pwd(pam_hand rc = pam_get_user(pamh, &username, NULL); if (rc != PAM_SUCCESS || username == NULL) { @@ -99,7 +99,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return NULL; } return pwd; -@@ -233,13 +233,13 @@ static int private_dir(pam_handle_t *pam +@@ -234,13 +234,13 @@ static int private_dir(pam_handle_t *pam if ( (asprintf(&autofile, "%s/.ecryptfs/%s", pwd->pw_dir, a) < 0) || autofile == NULL) { @@ -115,7 +115,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils return 1; } if (stat(sigfile, &s) != 0) { -@@ -251,13 +251,13 @@ static int private_dir(pam_handle_t *pam +@@ -252,13 +252,13 @@ static int private_dir(pam_handle_t *pam goto out; } if ((pid = fork()) < 0) { @@ -131,7 +131,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } -@@ -265,7 +265,7 @@ static int private_dir(pam_handle_t *pam +@@ -266,7 +266,7 @@ static int private_dir(pam_handle_t *pam if ((asprintf(&recorded, "%s/.ecryptfs/.wrapped-passphrase.recorded", pwd->pw_dir) < 0) || recorded == NULL) { @@ -140,7 +140,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils _exit(255); } if (stat(recorded, &s) != 0 && stat("/usr/share/ecryptfs-utils/ecryptfs-record-passphrase", &s) == 0) { -@@ -277,25 +277,25 @@ static int private_dir(pam_handle_t *pam +@@ -278,25 +278,25 @@ static int private_dir(pam_handle_t *pam } if (stat(autofile, &s) != 0) { /* User does not want to auto-mount */ @@ -167,10 +167,10 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "umount.ecryptfs_private", NULL); - syslog(LOG_ERR,"unable to execute umount.ecryptfs_private : %m"); + ecryptfs_syslog(LOG_ERR,"unable to execute umount.ecryptfs_private : %m"); + _exit(255); } _exit(255); - } else { -@@ -324,25 +324,25 @@ static int fill_keyring(pam_handle_t *pa +@@ -325,25 +325,25 @@ static int fill_keyring(pam_handle_t *pa char *auth_tok_sig; auth_tok_sig = malloc(ECRYPTFS_SIG_SIZE_HEX + 1); if (!auth_tok_sig) { @@ -200,7 +200,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "Cannot validate keyring integrity\n"); } rc = 0; -@@ -354,12 +354,12 @@ static int fill_keyring(pam_handle_t *pa +@@ -355,12 +355,12 @@ static int fill_keyring(pam_handle_t *pa epd->homedir, ECRYPTFS_DEFAULT_WRAPPED_PASSPHRASE_FILENAME); if (rc == -1) { @@ -215,7 +215,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils } else { goto out_child; } -@@ -375,7 +375,7 @@ static int fill_keyring(pam_handle_t *pa +@@ -376,7 +376,7 @@ static int fill_keyring(pam_handle_t *pa goto out_child; } if (rc) { @@ -224,7 +224,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "user session keyring; rc = [%d]\n", rc); goto out_child; } -@@ -385,7 +385,7 @@ out_child: +@@ -386,7 +386,7 @@ out_child: } tmp_pid = waitpid(child_pid, NULL, 0); if (tmp_pid == -1) @@ -233,7 +233,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils "waitpid() returned with error condition\n"); -@@ -435,7 +435,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -436,7 +436,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand homedir = pwd->pw_dir; } } else { @@ -242,7 +242,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils goto out; } saved_uid = geteuid(); -@@ -443,7 +443,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -444,7 +444,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if ((rc = pam_get_item(pamh, PAM_OLDAUTHTOK, (const void **)&old_passphrase)) != PAM_SUCCESS) { @@ -251,7 +251,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils seteuid(saved_uid); goto out; } -@@ -451,7 +451,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -452,7 +452,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if ((flags & PAM_PRELIM_CHECK)) { if (!old_passphrase) { @@ -260,7 +260,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = PAM_AUTHTOK_RECOVER_ERR; } seteuid(saved_uid); -@@ -460,14 +460,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -461,14 +461,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if ((rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&new_passphrase)) != PAM_SUCCESS) { @@ -277,7 +277,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = -ENOMEM; goto out; } -@@ -477,14 +477,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -478,14 +478,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand from_hex(salt, salt_hex, ECRYPTFS_SALT_SIZE); } if (wrap_passphrase_if_necessary(username, uid, wrapped_pw_filename, new_passphrase, salt) == 0) { @@ -294,7 +294,7 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.syslog ecryptfs-utils rc = PAM_AUTHTOK_RECOVER_ERR; goto out; } -@@ -496,20 +496,20 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand +@@ -497,20 +497,20 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand if ((rc = ecryptfs_unwrap_passphrase(passphrase, wrapped_pw_filename, old_passphrase, salt))) { diff --git a/ecryptfs-utils-93-fixcrypto.patch b/ecryptfs-utils-93-fixcrypto.patch deleted file mode 100644 index 9e1dba0..0000000 --- a/ecryptfs-utils-93-fixcrypto.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff -up ecryptfs-utils-93/src/libecryptfs/cipher_list.c.fixcrypto ecryptfs-utils-93/src/libecryptfs/cipher_list.c ---- ecryptfs-utils-93/src/libecryptfs/cipher_list.c.fixcrypto 2012-02-09 16:30:26.131507587 +0100 -+++ ecryptfs-utils-93/src/libecryptfs/cipher_list.c 2012-02-09 16:33:53.483525760 +0100 -@@ -339,7 +339,9 @@ static struct cipher_name_module_map { - {"xeta", "tea.ko", 8, 16, 16, 9, 0}, - {"xtea", "tea.ko", 8, 16, 16, 8, 0}, - {"blowfish", "blowfish.ko", 16, 16, 56, 2, 1}, -+ {"blowfish", "blowfish_generic.ko", 16, 16, 56, 2, 1}, - {"twofish", "twofish.ko", 16, 16, 32, 4, 1}, -+ {"twofish", "twofish_generic.ko", 16, 16, 32, 4, 1}, - {"khazad", "khazad.ko", 8, 16, 16, 11, 0}, - {"cast5", "cast5.ko", 8, 5, 16, 14, 1}, - {"cast6", "cast6.ko", 16, 16, 32, 5, 1}, diff --git a/ecryptfs-utils.spec b/ecryptfs-utils.spec index 8a51912..f63ff97 100644 --- a/ecryptfs-utils.spec +++ b/ecryptfs-utils.spec @@ -4,8 +4,8 @@ %global _sbindir /sbin Name: ecryptfs-utils -Version: 96 -Release: 3%{?dist} +Version: 97 +Release: 1%{?dist} Summary: The eCryptfs mount helper and support libraries Group: System Environment/Base License: GPLv2+ @@ -31,9 +31,6 @@ Patch8: ecryptfs-utils-86-manpage.patch # autoload ecryptfs module in ecryptfs-setup-private when needed, rhbz#707608 Patch9: ecryptfs-utils-87-autoload.patch -# upstream patch is incomplete, rhbz#706911 -Patch10: ecryptfs-utils-87-mtab.patch - # fedora/rhel specific, check for pam ecryptfs module before home migration Patch11: ecryptfs-utils-87-authconfig.patch @@ -60,8 +57,6 @@ Patch18: ecryptfs-utils-87-fixconst.patch Patch19: ecryptfs-utils-87-syslog.patch -Patch20: ecryptfs-utils-93-fixcrypto.patch - # if e-m-p fails, check if user is member of ecryptfs group Patch21: ecryptfs-utils-96-groupcheck.patch @@ -108,7 +103,6 @@ the interface supplied by the ecryptfs-utils library. %patch5 -p1 -b .fixsigness %patch8 -p1 -b .manfix %patch9 -p1 -b .autoload -%patch10 -p1 -b .mtabfix %patch11 -p1 -b .authconfig %patch12 -p1 -b .memcpyfix %patch999 -p1 -b .werror @@ -118,7 +112,6 @@ the interface supplied by the ecryptfs-utils library. %patch17 -p1 -b .pamdata %patch18 -p1 -b .fixconst %patch19 -p1 -b .syslog -%patch20 -p1 -b .fixcrypto %patch21 -p1 -b .groupcheck %build @@ -266,6 +259,9 @@ rm -rf $RPM_BUILD_ROOT %{python_sitearch}/ecryptfs-utils/_libecryptfs.so %changelog +* Mon Jun 25 2012 Michal Hlavinka - 97-1 +- ecryptfs-utils updated to 97 + * Mon Jun 04 2012 Michal Hlavinka - 96-3 - for file name encryption support check, module must be loaded already diff --git a/sources b/sources index 8964a2c..63d6235 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ e612ddb9ccb17f8fec79df26e626a8c6 ecryptfs-mount-private.png -4f92c9f6e8f62ac00ca7e2c4e480f1d7 ecryptfs-utils_96.orig.tar.gz +74e8cacd5fa641075419ec02f6312421 ecryptfs-utils_97.orig.tar.gz