public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_mount/, sys-auth/pam_mount/files/
@ 2019-05-16  4:52 Robin H. Johnson
  0 siblings, 0 replies; 2+ messages in thread
From: Robin H. Johnson @ 2019-05-16  4:52 UTC (permalink / raw
  To: gentoo-commits

commit:     8d2dcb41f4b7acbb1dac92107ee3c086221f06ae
Author:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
AuthorDate: Thu May 16 04:50:51 2019 +0000
Commit:     Robin H. Johnson <robbat2 <AT> gentoo <DOT> org>
CommitDate: Thu May 16 04:52:45 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d2dcb41

sys-auth/pam_mount: fix LUKS2 header detection for AEAD/integrity

Trying to use a LUKS2 device via pam_mount fails with a cryptic message:
'No dmcrypt cipher specified (use -o cipher=xxx)'

Trivial upstream patch is needed to fix the detection.

See-Also: https://bbs.archlinux.org/viewtopic.php?id=242131
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org>

 ...m_mount-2.16-crypto-Add-support-for-LUKS2.patch | 52 ++++++++++++++++++++++
 sys-auth/pam_mount/pam_mount-2.16-r1.ebuild        | 44 ++++++++++++++++++
 2 files changed, 96 insertions(+)

diff --git a/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch b/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
new file mode 100644
index 00000000000..437f359277d
--- /dev/null
+++ b/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
@@ -0,0 +1,52 @@
+From d4434c05e7c0cf05d87089404cfa2deedc60811a Mon Sep 17 00:00:00 2001
+From: Ingo Franzki <ifranzki@linux.ibm.com>
+Date: Mon, 29 Oct 2018 16:47:40 +0100
+Subject: [PATCH] crypto: Add support for LUKS2
+
+Cryptsetup version 2.0 added support for LUKS2.
+This patch adds support for mounting LUKS2 volumes with
+pam_mount.
+
+Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
+---
+ src/crypto-dmc.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c
+index d0ab6ca..abd0358 100644
+--- a/src/crypto-dmc.c
++++ b/src/crypto-dmc.c
+@@ -21,6 +21,12 @@
+ #include "libcryptmount.h"
+ #include "pam_mount.h"
+ 
++#ifndef CRYPT_LUKS
++	#define CRYPT_LUKS	NULL /* Passing NULL to crypt_load will
++					default to LUKS(1) on older
++					libcryptsetup versions. */
++#endif
++
+ /**
+  * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt)
+  * @path:	path to the crypto container
+@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev)
+ 
+ 	ret = crypt_init(&cd, device);
+ 	if (ret == 0) {
+-		ret = crypt_load(cd, CRYPT_LUKS1, NULL);
++		ret = crypt_load(cd, CRYPT_LUKS, NULL);
+ 		if (ret == -EINVAL)
+ 			ret = false;
+ 		else if (ret == 0)
+@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req,
+ #endif
+ 	}
+ 
+-	ret = crypt_load(cd, CRYPT_LUKS1, NULL);
++	ret = crypt_load(cd, CRYPT_LUKS, NULL);
+ 	if (ret == 0) {
+ 		ret = crypt_activate_by_passphrase(cd, mt->crypto_name,
+ 		      CRYPT_ANY_SLOT, req->key_data, req->key_size, flags);
+-- 
+2.21.0
+

diff --git a/sys-auth/pam_mount/pam_mount-2.16-r1.ebuild b/sys-auth/pam_mount/pam_mount-2.16-r1.ebuild
new file mode 100644
index 00000000000..c13a0c5eacb
--- /dev/null
+++ b/sys-auth/pam_mount/pam_mount-2.16-r1.ebuild
@@ -0,0 +1,44 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit multilib
+
+DESCRIPTION="A PAM module that can mount volumes for a user session"
+HOMEPAGE="http://pam-mount.sourceforge.net"
+SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+IUSE="crypt ssl selinux"
+
+COMMON_DEPEND=">=sys-libs/pam-0.99
+	>=sys-libs/libhx-3.12.1
+	>=dev-libs/libxml2-2.6
+	crypt? ( >=sys-fs/cryptsetup-1.1.0 )
+	ssl? ( dev-libs/openssl:0= )
+	selinux? ( sys-libs/libselinux )"
+DEPEND="${COMMON_DEPEND}
+	virtual/pkgconfig"
+RDEPEND="${COMMON_DEPEND}
+	>=sys-apps/util-linux-2.20"
+
+PATCHES=(
+		"${FILESDIR}"/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
+)
+
+src_configure() {
+	econf --with-slibdir="/$(get_libdir)" \
+			$(use_with crypt cryptsetup) \
+			$(use_with ssl crypto) \
+			$(use_with selinux)
+}
+
+src_install() {
+	default
+	use selinux || rm -r "${D}"/etc/selinux
+	dodoc doc/*.txt
+}


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_mount/, sys-auth/pam_mount/files/
@ 2022-05-17 11:22 Hanno Böck
  0 siblings, 0 replies; 2+ messages in thread
From: Hanno Böck @ 2022-05-17 11:22 UTC (permalink / raw
  To: gentoo-commits

commit:     feb6620ced74acd651e5c2442860bcfc73c0210d
Author:     Hanno Böck <hanno <AT> gentoo <DOT> org>
AuthorDate: Tue May 17 11:22:45 2022 +0000
Commit:     Hanno Böck <hanno <AT> gentoo <DOT> org>
CommitDate: Tue May 17 11:22:45 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=feb6620c

sys-auth/pam_mount: Remove old versions

Closes: https://bugs.gentoo.org/837983
Signed-off-by: Hanno Böck <hanno <AT> gentoo.org>
Package-Manager: Portage-3.0.30, Repoman-3.0.3

 sys-auth/pam_mount/Manifest                        |  2 -
 ...m_mount-2.16-crypto-Add-support-for-LUKS2.patch | 52 ----------------------
 sys-auth/pam_mount/pam_mount-2.16-r3.ebuild        | 47 -------------------
 sys-auth/pam_mount/pam_mount-2.17.ebuild           | 49 --------------------
 sys-auth/pam_mount/pam_mount-2.18.ebuild           | 49 --------------------
 5 files changed, 199 deletions(-)

diff --git a/sys-auth/pam_mount/Manifest b/sys-auth/pam_mount/Manifest
index aa1f2ed80637..caf8020cba63 100644
--- a/sys-auth/pam_mount/Manifest
+++ b/sys-auth/pam_mount/Manifest
@@ -1,3 +1 @@
-DIST pam_mount-2.16.tar.xz 312316 BLAKE2B 5954af8f8bf8b9cb47e1c07dc0d5fc5c4db099eeca5de90a3a53dc65aac0a2a6fba3f99c4d91d12f53b13abb5d3bae262b42536434553872a36ec108dc8d2c0c SHA512 3a579d7287cfcaef831d3e54d3e912407b65a966303e81c47f445d601f38f866ce04326e3d37a061f74f97b9cfb201e56109f57e55699d15d8f947ae2b91c8e3
-DIST pam_mount-2.17.tar.xz 326948 BLAKE2B b5d8c5701bfa4e3ce50ca71b1130d5f68655df12ac45cf554f38f2625b33fcece895d4b67d79cea2ad735c4994c779844dfc5266872e054a1e6d078632f3370c SHA512 d55d2a0e99d51ef649845548e4178b9b34db9c742c592e0ba97359646281af17795080e6ecb1a2a11bc680d31f2c77e69261f731de8f68e8602bcd838371927f
 DIST pam_mount-2.18.tar.xz 324524 BLAKE2B a3f29de8c0a348c98d3e73ac3568595083036fa704b5c34ed17c3660fcc8ff5f64195ad4158af6e351f79865a9128dbb773c7d18bbb07bdff1010e555803cfce SHA512 7f1e373fd7876eddd9226163602ba484ed8a7e1ce92ba6140c1f7603cb205190cb11ad75be41b54d2a6cd21602320d41a65714bfd0af8b5247850a3ef0fe3b22

diff --git a/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch b/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
deleted file mode 100644
index 437f359277d5..000000000000
--- a/sys-auth/pam_mount/files/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From d4434c05e7c0cf05d87089404cfa2deedc60811a Mon Sep 17 00:00:00 2001
-From: Ingo Franzki <ifranzki@linux.ibm.com>
-Date: Mon, 29 Oct 2018 16:47:40 +0100
-Subject: [PATCH] crypto: Add support for LUKS2
-
-Cryptsetup version 2.0 added support for LUKS2.
-This patch adds support for mounting LUKS2 volumes with
-pam_mount.
-
-Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
----
- src/crypto-dmc.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c
-index d0ab6ca..abd0358 100644
---- a/src/crypto-dmc.c
-+++ b/src/crypto-dmc.c
-@@ -21,6 +21,12 @@
- #include "libcryptmount.h"
- #include "pam_mount.h"
- 
-+#ifndef CRYPT_LUKS
-+	#define CRYPT_LUKS	NULL /* Passing NULL to crypt_load will
-+					default to LUKS(1) on older
-+					libcryptsetup versions. */
-+#endif
-+
- /**
-  * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt)
-  * @path:	path to the crypto container
-@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev)
- 
- 	ret = crypt_init(&cd, device);
- 	if (ret == 0) {
--		ret = crypt_load(cd, CRYPT_LUKS1, NULL);
-+		ret = crypt_load(cd, CRYPT_LUKS, NULL);
- 		if (ret == -EINVAL)
- 			ret = false;
- 		else if (ret == 0)
-@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req,
- #endif
- 	}
- 
--	ret = crypt_load(cd, CRYPT_LUKS1, NULL);
-+	ret = crypt_load(cd, CRYPT_LUKS, NULL);
- 	if (ret == 0) {
- 		ret = crypt_activate_by_passphrase(cd, mt->crypto_name,
- 		      CRYPT_ANY_SLOT, req->key_data, req->key_size, flags);
--- 
-2.21.0
-

diff --git a/sys-auth/pam_mount/pam_mount-2.16-r3.ebuild b/sys-auth/pam_mount/pam_mount-2.16-r3.ebuild
deleted file mode 100644
index df0bd7fb125a..000000000000
--- a/sys-auth/pam_mount/pam_mount-2.16-r3.ebuild
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-DESCRIPTION="A PAM module that can mount volumes for a user session"
-HOMEPAGE="http://pam-mount.sourceforge.net"
-SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="amd64 ppc x86"
-
-IUSE="crypt ssl selinux"
-
-COMMON_DEPEND=">=sys-libs/pam-0.99
-	>=sys-libs/libhx-3.12.1:=
-	>=dev-libs/libxml2-2.6
-	crypt? ( >=sys-fs/cryptsetup-1.1.0:= )
-	ssl? ( dev-libs/openssl:0= )
-	selinux? ( sys-libs/libselinux )"
-DEPEND="${COMMON_DEPEND}
-	virtual/pkgconfig"
-RDEPEND="${COMMON_DEPEND}
-	>=sys-apps/util-linux-2.20"
-
-PATCHES=(
-	"${FILESDIR}"/pam_mount-2.16-crypto-Add-support-for-LUKS2.patch
-	"${FILESDIR}"/pam_mount-2.16-remove-obsolete-openssl-api.patch
-)
-
-src_configure() {
-	econf --with-slibdir="/$(get_libdir)" \
-			$(use_with crypt cryptsetup) \
-			$(use_with ssl crypto) \
-			$(use_with selinux)
-}
-
-src_install() {
-	default
-	use selinux || rm -r "${D}"/etc/selinux
-	dodoc doc/*.txt
-
-	# Remove unused nonstandard run-dir, current version uses
-	# FHS-compatible /run, but has leftover mkdir from old version
-	rm -r "${D}/var/lib"
-}

diff --git a/sys-auth/pam_mount/pam_mount-2.17.ebuild b/sys-auth/pam_mount/pam_mount-2.17.ebuild
deleted file mode 100644
index 5e97bda985cd..000000000000
--- a/sys-auth/pam_mount/pam_mount-2.17.ebuild
+++ /dev/null
@@ -1,49 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-DESCRIPTION="A PAM module that can mount volumes for a user session"
-HOMEPAGE="http://pam-mount.sourceforge.net"
-SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~x86"
-
-IUSE="crypt ssl selinux"
-
-DEPEND="
-	>=sys-libs/pam-0.99
-	>=sys-libs/libhx-3.12.1:=
-	>=sys-apps/util-linux-2.20:=
-	>=dev-libs/libxml2-2.6:=
-	>=dev-libs/libpcre-7:=
-	crypt? ( >=sys-fs/cryptsetup-1.1.0:= )
-	ssl? ( dev-libs/openssl:0= )
-	selinux? ( sys-libs/libselinux )"
-RDEPEND="${DEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
-	"${FILESDIR}"/pam_mount-2.16-remove-obsolete-openssl-api.patch
-)
-
-src_configure() {
-	econf --with-slibdir="/$(get_libdir)" \
-			$(use_with crypt cryptsetup) \
-			$(use_with ssl crypto) \
-			$(use_with selinux)
-}
-
-src_install() {
-	default
-	use selinux || rm -r "${D}"/etc/selinux
-	dodoc doc/*.txt
-
-	# Remove unused nonstandard run-dir, current version uses
-	# FHS-compatible /run, but has leftover mkdir from old version
-	rm -r "${D}/var/lib"
-
-	find "${ED}" -name '*.la' -delete || die
-}

diff --git a/sys-auth/pam_mount/pam_mount-2.18.ebuild b/sys-auth/pam_mount/pam_mount-2.18.ebuild
deleted file mode 100644
index 5e97bda985cd..000000000000
--- a/sys-auth/pam_mount/pam_mount-2.18.ebuild
+++ /dev/null
@@ -1,49 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-DESCRIPTION="A PAM module that can mount volumes for a user session"
-HOMEPAGE="http://pam-mount.sourceforge.net"
-SRC_URI="mirror://sourceforge/pam-mount/${P}.tar.xz"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~x86"
-
-IUSE="crypt ssl selinux"
-
-DEPEND="
-	>=sys-libs/pam-0.99
-	>=sys-libs/libhx-3.12.1:=
-	>=sys-apps/util-linux-2.20:=
-	>=dev-libs/libxml2-2.6:=
-	>=dev-libs/libpcre-7:=
-	crypt? ( >=sys-fs/cryptsetup-1.1.0:= )
-	ssl? ( dev-libs/openssl:0= )
-	selinux? ( sys-libs/libselinux )"
-RDEPEND="${DEPEND}"
-BDEPEND="virtual/pkgconfig"
-
-PATCHES=(
-	"${FILESDIR}"/pam_mount-2.16-remove-obsolete-openssl-api.patch
-)
-
-src_configure() {
-	econf --with-slibdir="/$(get_libdir)" \
-			$(use_with crypt cryptsetup) \
-			$(use_with ssl crypto) \
-			$(use_with selinux)
-}
-
-src_install() {
-	default
-	use selinux || rm -r "${D}"/etc/selinux
-	dodoc doc/*.txt
-
-	# Remove unused nonstandard run-dir, current version uses
-	# FHS-compatible /run, but has leftover mkdir from old version
-	rm -r "${D}/var/lib"
-
-	find "${ED}" -name '*.la' -delete || die
-}


^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-05-17 11:22 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-05-17 11:22 [gentoo-commits] repo/gentoo:master commit in: sys-auth/pam_mount/, sys-auth/pam_mount/files/ Hanno Böck
  -- strict thread matches above, loose matches on Subject: below --
2019-05-16  4:52 Robin H. Johnson

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox