Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2014-07-13 17:15:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cryptsetup" Changes: -------- --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes 2014-04-26 17:01:56.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2014-07-13 17:15:28.000000000 +0200 @@ -0,0 +1,25 @@ +Tue May 27 14:38:57 UTC 2014 - [email protected] + +- version 1.6.4 + - new tarball / signature location + * Implement new erase (with alias luksErase) command. + * Add internal "whirlpool_gcryptbug hash" for accessing flawed + Whirlpool hash in gcrypt (requires gcrypt 1.6.1 or above). + * Allow to use --disable-gcrypt-pbkdf2 during configuration + to force use internal PBKDF2 code. + * Require gcrypt 1.6.1 for imported implementation of PBKDF2 + (PBKDF2 in gcrypt 1.6.0 is too slow). + * Add --keep-key to cryptsetup-reencrypt. + * By default verify new passphrase in luksChangeKey and luksAddKey + commands (if input is from terminal). + * Fix memory leak in Nettle crypto backend. + * Support --tries option even for TCRYPT devices in cryptsetup. + * Support --allow-discards option even for TCRYPT devices. + (Note that this could destroy hidden volume and it is not suggested + by original TrueCrypt security model.) + * Link against -lrt for clock_gettime to fix undefined reference + to clock_gettime error (introduced in 1.6.2). + * Fix misleading error message when some algorithms are not available. + * Count system time in PBKDF2 benchmark if kernel returns no self + usage info. + Old: ---- cryptsetup-1.6.3.tar.bz2 cryptsetup-1.6.3.tar.bz2.asc New: ---- cryptsetup-1.6.4.tar.sign cryptsetup-1.6.4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cryptsetup.spec ++++++ --- /var/tmp/diff_new_pack.ALFTz5/_old 2014-07-13 17:15:29.000000000 +0200 +++ /var/tmp/diff_new_pack.ALFTz5/_new 2014-07-13 17:15:29.000000000 +0200 @@ -18,19 +18,22 @@ Name: cryptsetup Url: http://code.google.com/p/cryptsetup/ -Version: 1.6.3 +Version: 1.6.4 Release: 0 Summary: Set Up dm-crypt Based Encrypted Block Devices License: SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+ Group: System/Base -Source: http://cryptsetup.googlecode.com/files/cryptsetup-%version.tar.bz2 -Source1: http://cryptsetup.googlecode.com/files/cryptsetup-%version.tar.bz2.asc +Source: https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.xz +# this is the signature of the uncompressed tarball +Source1: https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.sign Source2: baselibs.conf Source3: %{name}.keyring BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: device-mapper-devel BuildRequires: e2fsprogs-devel +BuildRequires: fipscheck +BuildRequires: fipscheck-devel BuildRequires: libgcrypt-devel BuildRequires: libselinux-devel BuildRequires: libtool @@ -84,10 +87,18 @@ %configure \ --disable-static --enable-shared \ --enable-cryptsetup-reencrypt \ - --enable-selinux + --enable-selinux --enable-fips make %{?_smp_mflags} %install +# Generate HMAC checksums (FIPS) +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + fipshmac %{buildroot}/%{_libdir}/libcryptsetup.so.* \ +%{nil} + make install DESTDIR=$RPM_BUILD_ROOT install -d -m 755 $RPM_BUILD_ROOT/sbin ln -s ..%{_sbindir}/cryptsetup $RPM_BUILD_ROOT/sbin @@ -96,8 +107,6 @@ # %find_lang %name --all-name -%pre - %post test -n "$FIRST_ARG" || FIRST_ARG="$1" # @@ -137,6 +146,7 @@ %files -n libcryptsetup4 %defattr(-,root,root) /%{_libdir}/libcryptsetup.so.4* +/%{_libdir}/.libcryptsetup.so.4*hmac %files -n libcryptsetup-devel %defattr(-,root,root) -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
