Hello community, here is the log from the commit of package ecryptfs-utils for openSUSE:Factory checked in at 2015-10-19 22:52:26 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ecryptfs-utils (Old) and /work/SRC/openSUSE:Factory/.ecryptfs-utils.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ecryptfs-utils" Changes: -------- --- /work/SRC/openSUSE:Factory/ecryptfs-utils/ecryptfs-utils.changes 2015-10-08 08:26:22.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.ecryptfs-utils.new/ecryptfs-utils.changes 2015-10-20 00:06:15.000000000 +0200 @@ -1,0 +2,6 @@ +Sat Oct 17 08:13:38 UTC 2015 - [email protected] + +- Update to 108 + * This release does not have a changelog. + +------------------------------------------------------------------- Old: ---- ecryptfs-utils_106.orig.tar.gz New: ---- ecryptfs-utils_108.orig.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ecryptfs-utils.spec ++++++ --- /var/tmp/diff_new_pack.00eUsH/_old 2015-10-20 00:06:16.000000000 +0200 +++ /var/tmp/diff_new_pack.00eUsH/_new 2015-10-20 00:06:16.000000000 +0200 @@ -18,7 +18,7 @@ %define lname libecryptfs1 Name: ecryptfs-utils -Version: 106 +Version: 108 Release: 0 Summary: Userspace Utilities for ecryptfs License: GPL-2.0+ ++++++ ecryptfs-setup-swap-SuSE.patch ++++++ --- /var/tmp/diff_new_pack.00eUsH/_old 2015-10-20 00:06:16.000000000 +0200 +++ /var/tmp/diff_new_pack.00eUsH/_new 2015-10-20 00:06:16.000000000 +0200 @@ -1,7 +1,7 @@ -Index: ecryptfs-utils-106/src/utils/ecryptfs-setup-swap +Index: ecryptfs-utils-108/src/utils/ecryptfs-setup-swap =================================================================== ---- ecryptfs-utils-106.orig/src/utils/ecryptfs-setup-swap -+++ ecryptfs-utils-106/src/utils/ecryptfs-setup-swap +--- ecryptfs-utils-108.orig/src/utils/ecryptfs-setup-swap ++++ ecryptfs-utils-108/src/utils/ecryptfs-setup-swap @@ -37,23 +37,20 @@ warn() { usage() { echo @@ -28,17 +28,17 @@ *) usage ;; -@@ -149,7 +146,8 @@ i=0 - for swap in $swaps; do - info `gettext "Setting up swap:"` "[$swap]" +@@ -151,7 +148,8 @@ for swap in $swaps; do uuid=$(blkid -o value -s UUID $swap) -- for target in "UUID=$uuid" $swap; do -+ suse_swap=$(grep swap /etc/fstab |cut -d' ' -f1) -+ for target in "UUID=$uuid" $swap $suse_swap; do + # /etc/fstab might use a symlink like /dev/mapper/ubuntu--vg-swap_1 + links=$(for d in $(udevadm info --query=symlink -n $swap); do echo /dev/$d; done) +- for target in "UUID=$uuid" $swap $links; do ++ suse_swap=$(grep swap /etc/fstab |cut -d' ' -f1) ++ for target in "UUID=$uuid" $swap $links $suse_swap; do if [ -n "$target" ] && grep -qs "^$target\s\+" /etc/fstab; then sed -i "s:^$target\s\+:\#$target :" /etc/fstab warn "Commented out your unencrypted swap from /etc/fstab" -@@ -181,3 +179,4 @@ if [ "$NO_RELOAD" != 1 ]; then +@@ -201,3 +199,4 @@ if [ "$NO_RELOAD" != 1 ]; then fi info `gettext "Successfully encrypted swap!"` ++++++ ecryptfs-utils_106.orig.tar.gz -> ecryptfs-utils_108.orig.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/configure new/ecryptfs-utils-108/configure --- old/ecryptfs-utils-106/configure 2015-03-12 00:34:23.000000000 +0100 +++ new/ecryptfs-utils-108/configure 2015-08-06 19:46:17.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for ecryptfs-utils 106. +# Generated by GNU Autoconf 2.69 for ecryptfs-utils 108. # # # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. @@ -587,8 +587,8 @@ # Identity of this package. PACKAGE_NAME='ecryptfs-utils' PACKAGE_TARNAME='ecryptfs-utils' -PACKAGE_VERSION='106' -PACKAGE_STRING='ecryptfs-utils 106' +PACKAGE_VERSION='108' +PACKAGE_STRING='ecryptfs-utils 108' PACKAGE_BUGREPORT='' PACKAGE_URL='' @@ -1472,7 +1472,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures ecryptfs-utils 106 to adapt to many kinds of systems. +\`configure' configures ecryptfs-utils 108 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1543,7 +1543,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of ecryptfs-utils 106:";; + short | recursive ) echo "Configuration of ecryptfs-utils 108:";; esac cat <<\_ACEOF @@ -1696,7 +1696,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -ecryptfs-utils configure 106 +ecryptfs-utils configure 108 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2061,7 +2061,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by ecryptfs-utils $as_me 106, which was +It was created by ecryptfs-utils $as_me 108, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -16439,44 +16439,6 @@ # Substitute ALL_LINGUAS so we can use it in po/Makefile -# Set DATADIRNAME correctly if it is not set yet -# (copied from glib-gettext.m4) -if test -z "$DATADIRNAME"; then - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ -extern int _nl_msg_cat_cntr; - return _nl_msg_cat_cntr - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - DATADIRNAME=share -else - case $host in - *-*-solaris*) - ac_fn_c_check_func "$LINENO" "bind_textdomain_codeset" "ac_cv_func_bind_textdomain_codeset" -if test "x$ac_cv_func_bind_textdomain_codeset" = xyes; then : - DATADIRNAME=share -else - DATADIRNAME=lib -fi - - ;; - *) - DATADIRNAME=lib - ;; - esac -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi - - @@ -17187,7 +17149,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by ecryptfs-utils $as_me 106, which was +This file was extended by ecryptfs-utils $as_me 108, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -17253,7 +17215,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -ecryptfs-utils config.status 106 +ecryptfs-utils config.status 108 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/configure.ac new/ecryptfs-utils-108/configure.ac --- old/ecryptfs-utils-106/configure.ac 2015-03-11 16:34:12.000000000 +0100 +++ new/ecryptfs-utils-108/configure.ac 2015-03-27 23:53:15.000000000 +0100 @@ -10,7 +10,7 @@ AC_PREREQ(2.59) -AC_INIT([ecryptfs-utils],[106]) +AC_INIT([ecryptfs-utils],[108]) AC_CANONICAL_HOST AC_CANONICAL_TARGET AM_INIT_AUTOMAKE([${PACKAGE_NAME}], [${PACKAGE_VERSION}]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/ltmain.sh new/ecryptfs-utils-108/ltmain.sh --- old/ecryptfs-utils-106/ltmain.sh 2015-03-12 00:34:13.000000000 +0100 +++ new/ecryptfs-utils-108/ltmain.sh 2015-08-06 19:46:02.000000000 +0200 @@ -70,7 +70,7 @@ # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.10ubuntu1 +# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.11 # automake: $automake_version # autoconf: $autoconf_version # @@ -80,7 +80,7 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.2 Debian-2.4.2-1.10ubuntu1" +VERSION="2.4.2 Debian-2.4.2-1.11" TIMESTAMP="" package_revision=1.3337 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/m4/intltool.m4 new/ecryptfs-utils-108/m4/intltool.m4 --- old/ecryptfs-utils-106/m4/intltool.m4 2015-03-12 00:34:17.000000000 +0100 +++ new/ecryptfs-utils-108/m4/intltool.m4 2015-08-06 19:46:06.000000000 +0200 @@ -155,31 +155,6 @@ # Substitute ALL_LINGUAS so we can use it in po/Makefile AC_SUBST(ALL_LINGUAS) -# Set DATADIRNAME correctly if it is not set yet -# (copied from glib-gettext.m4) -if test -z "$DATADIRNAME"; then - AC_LINK_IFELSE( - [AC_LANG_PROGRAM([[]], - [[extern int _nl_msg_cat_cntr; - return _nl_msg_cat_cntr]])], - [DATADIRNAME=share], - [case $host in - *-*-solaris*) - dnl On Solaris, if bind_textdomain_codeset is in libc, - dnl GNU format message catalog is always supported, - dnl since both are added to the libc all together. - dnl Hence, we'd like to go with DATADIRNAME=share - dnl in this case. - AC_CHECK_FUNC(bind_textdomain_codeset, - [DATADIRNAME=share], [DATADIRNAME=lib]) - ;; - *) - [DATADIRNAME=lib] - ;; - esac]) -fi -AC_SUBST(DATADIRNAME) - IT_PO_SUBDIR([po]) ]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/po/Makefile.in.in new/ecryptfs-utils-108/po/Makefile.in.in --- old/ecryptfs-utils-106/po/Makefile.in.in 2015-03-12 00:34:17.000000000 +0100 +++ new/ecryptfs-utils-108/po/Makefile.in.in 2015-08-06 19:46:06.000000000 +0200 @@ -33,8 +33,7 @@ datadir = @datadir@ datarootdir = @datarootdir@ libdir = @libdir@ -DATADIRNAME = @DATADIRNAME@ -itlocaledir = $(prefix)/$(DATADIRNAME)/locale +localedir = @localedir@ subdir = po install_sh = @install_sh@ # Automake >= 1.8 provides @mkdir_p@. @@ -80,7 +79,7 @@ .po.pox: $(MAKE) $(GETTEXT_PACKAGE).pot - $(MSGMERGE) $< $(GETTEXT_PACKAGE).pot -o $*.pox + $(MSGMERGE) $* $(GETTEXT_PACKAGE).pot -o $*.pox .po.mo: $(INTLTOOL_V_MSGFMT)$(MSGFMT) -o $@ $< @@ -108,7 +107,7 @@ install-data-yes: all linguas="$(USE_LINGUAS)"; \ for lang in $$linguas; do \ - dir=$(DESTDIR)$(itlocaledir)/$$lang/LC_MESSAGES; \ + dir=$(DESTDIR)$(localedir)/$$lang/LC_MESSAGES; \ $(mkdir_p) $$dir; \ if test -r $$lang.gmo; then \ $(INSTALL_DATA) $$lang.gmo $$dir/$(GETTEXT_PACKAGE).mo; \ @@ -142,8 +141,8 @@ uninstall: linguas="$(USE_LINGUAS)"; \ for lang in $$linguas; do \ - rm -f $(DESTDIR)$(itlocaledir)/$$lang/LC_MESSAGES/$(GETTEXT_PACKAGE).mo; \ - rm -f $(DESTDIR)$(itlocaledir)/$$lang/LC_MESSAGES/$(GETTEXT_PACKAGE).mo.m; \ + rm -f $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(GETTEXT_PACKAGE).mo; \ + rm -f $(DESTDIR)$(localedir)/$$lang/LC_MESSAGES/$(GETTEXT_PACKAGE).mo.m; \ done check: all $(GETTEXT_PACKAGE).pot diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/libecryptfs/key_management.c new/ecryptfs-utils-108/src/libecryptfs/key_management.c --- old/ecryptfs-utils-106/src/libecryptfs/key_management.c 2015-03-11 16:07:01.000000000 +0100 +++ new/ecryptfs-utils-108/src/libecryptfs/key_management.c 2015-03-26 14:28:59.000000000 +0100 @@ -587,9 +587,9 @@ int rc; decrypted_passphrase_bytes = strlen(decrypted_passphrase); - if (decrypted_passphrase_bytes > ECRYPTFS_MAX_PASSPHRASE_BYTES) { - syslog(LOG_ERR, "Decrypted passphrase is [%d] bytes long; " - "[%d] is the max\n", decrypted_passphrase_bytes, + if (decrypted_passphrase_bytes < 1 || + decrypted_passphrase_bytes > ECRYPTFS_MAX_PASSPHRASE_BYTES) { + syslog(LOG_ERR, "Decrypted passphrase size is invalid; [1] to [%d] is the valid range\n", ECRYPTFS_MAX_PASSPHRASE_BYTES); rc = -EIO; goto out; @@ -750,7 +750,7 @@ if (fd != -1) close(fd); - return 0; + return rc; } /** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/libecryptfs/main.c new/ecryptfs-utils-108/src/libecryptfs/main.c --- old/ecryptfs-utils-106/src/libecryptfs/main.c 2015-02-10 17:59:34.000000000 +0100 +++ new/ecryptfs-utils-108/src/libecryptfs/main.c 2015-03-26 14:28:59.000000000 +0100 @@ -224,10 +224,11 @@ int rc = 0; passphrase_size = strlen(passphrase); - if (passphrase_size > ECRYPTFS_MAX_PASSPHRASE_BYTES) { + if (passphrase_size < 1 || + passphrase_size > ECRYPTFS_MAX_PASSPHRASE_BYTES) { passphrase_sig = NULL; - syslog(LOG_ERR, "Passphrase too large (%d bytes)\n", - passphrase_size); + syslog(LOG_ERR, "Passphrase size is invalid; [1] to [%d] is the valid range\n", + ECRYPTFS_MAX_PASSPHRASE_BYTES); return -EINVAL; } memcpy(salt_and_passphrase, salt, ECRYPTFS_SALT_SIZE); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/pam_ecryptfs/pam_ecryptfs.c new/ecryptfs-utils-108/src/pam_ecryptfs/pam_ecryptfs.c --- old/ecryptfs-utils-106/src/pam_ecryptfs/pam_ecryptfs.c 2015-03-11 16:07:01.000000000 +0100 +++ new/ecryptfs-utils-108/src/pam_ecryptfs/pam_ecryptfs.c 2015-08-05 23:37:17.000000000 +0200 @@ -387,7 +387,7 @@ if (setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid) < 0) exit(-1); execl("/sbin/umount.ecryptfs_private", - "umount.ecryptfs_private", NULL); + "umount.ecryptfs_private", "-d", NULL); exit(1); } exit(1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/utils/ecryptfs-setup-swap new/ecryptfs-utils-108/src/utils/ecryptfs-setup-swap --- old/ecryptfs-utils-106/src/utils/ecryptfs-setup-swap 2015-03-11 16:15:31.000000000 +0100 +++ new/ecryptfs-utils-108/src/utils/ecryptfs-setup-swap 2015-08-04 17:41:39.000000000 +0200 @@ -149,7 +149,9 @@ for swap in $swaps; do info `gettext "Setting up swap:"` "[$swap]" uuid=$(blkid -o value -s UUID $swap) - for target in "UUID=$uuid" $swap; do + # /etc/fstab might use a symlink like /dev/mapper/ubuntu--vg-swap_1 + links=$(for d in $(udevadm info --query=symlink -n $swap); do echo /dev/$d; done) + for target in "UUID=$uuid" $swap $links; do if [ -n "$target" ] && grep -qs "^$target\s\+" /etc/fstab; then sed -i "s:^$target\s\+:\#$target :" /etc/fstab warn "Commented out your unencrypted swap from /etc/fstab" @@ -160,6 +162,24 @@ i=$((i+1)) [ -e "/dev/mapper/cryptswap$i" ] || break done + + # If this is a GPT partition, mark it as no-auto mounting, to avoid + # auto-activating it on boot + if [ "$(blkid -p -s PART_ENTRY_SCHEME -o value "$swap")" = "gpt" ]; then + drive="${swap%[0-9]*}" + partno="${swap#$drive}" + if [ -b "$drive" ]; then + if printf "x\np\n" | fdisk "$drive" | grep -q "^$swap .* GUID:.*\b63\b"; then + echo "$swap is already marked as no-auto" + else + # toggle flag 63 ("no auto") + echo "marking GPT swap partition $swap as no-auto..." + # unfortunately fdisk fails on "cannot re-read part table" and is very verbose + printf "x\nS\n$partno\n63\nr\nw\n" | fdisk "$drive" >/dev/null 2>&1 || true + fi + fi + fi + # Add crypttab entry # Use /dev/urandom, since this is not a long lived key (generated each boot), # and so that we don't block booting while waiting for entropy diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/utils/ecryptfs-umount-private new/ecryptfs-utils-108/src/utils/ecryptfs-umount-private --- old/ecryptfs-utils-106/src/utils/ecryptfs-umount-private 2015-02-10 17:59:34.000000000 +0100 +++ new/ecryptfs-utils-108/src/utils/ecryptfs-umount-private 2015-08-05 23:37:17.000000000 +0200 @@ -23,4 +23,6 @@ echo " cd $PWD" echo fi + exit 0 fi +exit 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/src/utils/mount.ecryptfs_private.c new/ecryptfs-utils-108/src/utils/mount.ecryptfs_private.c --- old/ecryptfs-utils-106/src/utils/mount.ecryptfs_private.c 2015-02-10 17:59:34.000000000 +0100 +++ new/ecryptfs-utils-108/src/utils/mount.ecryptfs_private.c 2015-08-05 23:37:17.000000000 +0200 @@ -472,6 +472,67 @@ return bump_counter(fh, -MAXINT+1); } +/* Returns -1 on error, 0 on success, and 1 if the program should exit with 0 */ +static int parse_options(int argc, char *argv[], int *mounting, int *force, + int *nonzero_decrement_is_error, char **alias) +{ + const char *optstr, *usagestr; + int opt, usage = 0, rc = -1; + + *force = 0; + *nonzero_decrement_is_error = 1; + *alias = NULL; + + /* Determine if mounting or unmounting by looking at the invocation */ + if (strstr(argv[0], "umount") == NULL) { + *mounting = 1; + optstr = "h"; + usagestr = "[ALIAS]\n" + "Mount the default private directory or ALIAS, if specified.\n" + "\n" + " -h display this help and exit\n"; + } else { + *mounting = 0; + optstr = "hfd"; + usagestr = "[-f] [-d] [ALIAS]\n" + "Unmount the default private directory or ALIAS, if specified.\n" + "\n" + " -h display this help and exit\n" + " -f forcibly unmount\n" + " -d don't treat a non-zero session counter as an error\n"; + } + + while ((opt = getopt(argc, argv, optstr)) != -1) { + switch (opt) { + case 'h': + rc = 1; + usage = 1; + goto out; + case 'f': + *force = 1; + break; + case 'd': + *nonzero_decrement_is_error = 0; + break; + default: + usage = 1; + goto out; + } + } + + if (optind < (argc - 1)) { + usage = 1; + goto out; + } else if (optind == (argc - 1)) { + *alias = argv[optind]; + } + + rc = 0; +out: + if (usage) + fprintf(stderr, "Usage: %s %s", argv[0], usagestr); + return rc; +} /* This program is a setuid-executable allowing a non-privileged user to mount * and unmount an ecryptfs private directory. This program is necessary to @@ -509,8 +570,7 @@ int main(int argc, char *argv[]) { uid_t uid; gid_t gid; - int mounting; - int force = 0; + int mounting, force, nonzero_decrement_is_error; struct passwd *pwd; char *alias, *src, *dest, *opt, *opts2; char *sig_fekek = NULL, *sig_fnek = NULL; @@ -532,10 +592,20 @@ goto fail; } + switch (parse_options(argc, argv, &mounting, &force, + &nonzero_decrement_is_error, &alias)) { + case -1: + goto fail; + case 1: + goto success; + default: + break; /* proceed */ + } + /* If no arguments, default to private dir; but accept at most one argument, an alias for the configuration to read and use. */ - if (argc == 1) { + if (alias == NULL) { /* Use default source and destination dirs */ alias = ECRYPTFS_PRIVATE_DIR; if ((asprintf(&src, "%s/.%s", pwd->pw_dir, alias) < 0) || src == NULL) { @@ -547,8 +617,7 @@ perror("asprintf (dest)"); goto fail; } - } else if (argc == 2) { - alias = argv[1]; + } else { /* Read the source and destination dirs from .conf file */ if (read_config(pwd->pw_dir, uid, alias, &src, &dest, &opts2) < 0) { fputs("Error reading configuration file\n", stderr); @@ -558,9 +627,6 @@ fputs("Mount options are not supported here\n", stderr); exit(1); } - } else { - fputs("Too many arguments\n", stderr); - exit(1); } if (strstr(alias, "..")) { @@ -582,19 +648,6 @@ goto fail; } - /* Determine if mounting or unmounting by looking at the invocation */ - if (strstr(argv[0], "umount") == NULL) { - mounting = 1; - } else { - mounting = 0; - /* Determine if unmounting is forced */ - if (argv[1] != NULL && strncmp(argv[1], "-f", 2) == 0) { - force = 1; - } else { - force = 0; - } - } - /* Fetch signatures from file */ /* First line is the file content encryption key signature */ /* Second line, if present, is the filename encryption key signature */ @@ -677,6 +730,8 @@ if (force == 1) { zero(fh_counter); } else if (decrement(fh_counter) > 0) { + if (!nonzero_decrement_is_error) + goto success; fputs("Sessions still open, not unmounting\n", stderr); goto fail; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ecryptfs-utils-106/tests/userspace/wrap-unwrap/test.c new/ecryptfs-utils-108/tests/userspace/wrap-unwrap/test.c --- old/ecryptfs-utils-106/tests/userspace/wrap-unwrap/test.c 2015-02-10 17:59:34.000000000 +0100 +++ new/ecryptfs-utils-108/tests/userspace/wrap-unwrap/test.c 2015-03-26 14:28:59.000000000 +0100 @@ -106,6 +106,21 @@ rc = 1; goto out; } + + /* Ensure that an empty passphrase is rejected */ + if ((rc = ecryptfs_wrap_passphrase(path, "testwrappw", salt, "")) == 0) { + fprintf(stderr, "ecryptfs_wrap_passphrase() wrapped an empty passphrase\n"); + rc = 1; + goto out; + } + + /* Ensure that an empty wrapping passphrase is rejected */ + if ((rc = ecryptfs_wrap_passphrase(path, "", salt, "testpassphrase")) == 0) { + fprintf(stderr, "ecryptfs_wrap_passphrase() used an empty wrapping passphrase\n"); + rc = 1; + goto out; + } + rc = 0; out: return rc;
