Date: Friday, May 29, 2020 @ 22:03:59 Author: arojas Revision: 637301
Add support for LUKS2 (FS#66753) Added: pam_mount/trunk/pam_mount-luks2.patch Modified: pam_mount/trunk/PKGBUILD -----------------------+ PKGBUILD | 12 ++++++++--- pam_mount-luks2.patch | 52 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 61 insertions(+), 3 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2020-05-29 21:49:51 UTC (rev 637300) +++ PKGBUILD 2020-05-29 22:03:59 UTC (rev 637301) @@ -4,7 +4,7 @@ pkgname=pam_mount pkgver=2.16 -pkgrel=6 +pkgrel=7 pkgdesc="A PAM module that can mount volumes for a user session" arch=(x86_64) url="http://pam-mount.sourceforge.net/" @@ -12,11 +12,17 @@ depends=(pcre util-linux libhx libxml2 cryptsetup) backup=('etc/security/pam_mount.conf.xml') options=(!emptydirs) -source=("https://downloads.sourceforge.net/project/pam-mount/$pkgname/$pkgver/$pkgname-$pkgver.tar.xz"{,.asc}) +source=("https://downloads.sourceforge.net/project/pam-mount/$pkgname/$pkgver/$pkgname-$pkgver.tar.xz"{,.asc} + pam_mount-luks2.patch) sha256sums=('ae0207ea6c96189414f906a7b0880abc7751a98e26b3d0375c9afab3722471e7' - 'SKIP') + 'SKIP' + 'b11f3ed8d95b25089963b74bead65d8100825c7d6043187008334bea8ebeb091') validpgpkeys=(2F8BFE96D14F8B560FBC1F1DA28BDFEEB5A2B2FF) # Jan Engelhardt <jeng...@inai.de> +prepare() { + patch -d $pkgname-$pkgver -p1 -i ../pam_mount-luks2.patch # Add support for LUKS2 +} + build() { cd $pkgname-$pkgver aclocal Added: pam_mount-luks2.patch =================================================================== --- pam_mount-luks2.patch (rev 0) +++ pam_mount-luks2.patch 2020-05-29 22:03:59 UTC (rev 637301) @@ -0,0 +1,52 @@ +From d4434c05e7c0cf05d87089404cfa2deedc60811a Mon Sep 17 00:00:00 2001 +From: Ingo Franzki <ifran...@linux.ibm.com> +Date: Mon, 29 Oct 2018 16:47:40 +0100 +Subject: [PATCH] crypto: Add support for LUKS2 + +Cryptsetup version 2.0 added support for LUKS2. +This patch adds support for mounting LUKS2 volumes with +pam_mount. + +Signed-off-by: Ingo Franzki <ifran...@linux.ibm.com> +Signed-off-by: Till Maas <opensou...@till.name> +--- + src/crypto-dmc.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/src/crypto-dmc.c b/src/crypto-dmc.c +index d0ab6ca..abd0358 100644 +--- a/src/crypto-dmc.c ++++ b/src/crypto-dmc.c +@@ -21,6 +21,12 @@ + #include "libcryptmount.h" + #include "pam_mount.h" + ++#ifndef CRYPT_LUKS ++ #define CRYPT_LUKS NULL /* Passing NULL to crypt_load will ++ default to LUKS(1) on older ++ libcryptsetup versions. */ ++#endif ++ + /** + * dmc_is_luks - check if @path points to a LUKS volume (cf. normal dm-crypt) + * @path: path to the crypto container +@@ -48,7 +54,7 @@ EXPORT_SYMBOL int ehd_is_luks(const char *path, bool blkdev) + + ret = crypt_init(&cd, device); + if (ret == 0) { +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == -EINVAL) + ret = false; + else if (ret == 0) +@@ -106,7 +112,7 @@ static bool dmc_run(const struct ehd_mount_request *req, + #endif + } + +- ret = crypt_load(cd, CRYPT_LUKS1, NULL); ++ ret = crypt_load(cd, CRYPT_LUKS, NULL); + if (ret == 0) { + ret = crypt_activate_by_passphrase(cd, mt->crypto_name, + CRYPT_ANY_SLOT, req->key_data, req->key_size, flags); +-- +2.24.1