mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity
openwrt-packages/utils/cryptsetup/Makefile

107 lines
3.1 KiB
Makefile
Raw Permalink Normal View History

import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
#
cryptsetup: bump copyright header Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 16:47:49 +01:00
# Copyright (C) 2006-2014 OpenWrt.org
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=cryptsetup
cryptsetup: update to version 2.7.1 The most notable change is the introduction of (optional) support for hardware OPAL disk encryption. However, as this requires Linux 6.4 or later, support for OPAL is implicitely disabled until targets used for the package build have been updated to Linux 6.6. See release notes for 2.7.0 and 2.7.1 for more details: https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.1-ReleaseNotes Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-04 04:01:39 +02:00
PKG_VERSION:=2.7.1
cryptsetup: update to version 2.6.1 Cryptsetup 2.6.1 Release Notes ============================== Stable bug-fix release with minor extensions. All users of cryptsetup 2.6.0 should upgrade to this version. Changes since version 2.6.0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ * bitlk: Fixes for BitLocker-compatible on-disk metadata parser (found by new cryptsetup OSS-Fuzz fuzzers). - Fix a possible memory leak if the metadata contains more than one description field. - Harden parsing of metadata entries for key and description entries. - Fix broken metadata parsing that can cause a crash or out of memory. * Fix possible iteration overflow in OpenSSL2 PBKDF2 crypto backend. OpenSSL2 uses a signed integer for PBKDF2 iteration count. As cryptsetup uses an unsigned value, this can lead to overflow and a decrease in the actual iteration count. This situation can happen only if the user specifies --pbkdf-force-iterations option. OpenSSL3 (and other supported crypto backends) are not affected. * Fix compilation for new ISO C standards (gcc with -std=c11 and higher). * fvault2: Fix compilation with very old uuid.h. * verity: Fix possible hash offset setting overflow. * bitlk: Fix use of startup BEK key on big-endian platforms. * Fix compilation with latest musl library. Recent musl no longer implements lseek64() in some configurations. Use lseek() as 64-bit offset is mandatory for cryptsetup. * Do not initiate encryption (reencryption command) when the header and data devices are the same. If data device reduction is not requsted, this leads to data corruption since LUKS metadata was written over the data device. * Fix possible memory leak if crypt_load() fails. * Always use passphrases with a minimal 8 chars length for benchmarking. Some enterprise distributions decided to set an unconditional check for PBKDF2 password length when running in FIPS mode. This questionable change led to unexpected failures during LUKS format and keyslot operations, where short passwords were used for benchmarking PBKDF2 speed. PBKDF2 benchmark calculations should not be affected by this change. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-08-05 03:32:24 +02:00
PKG_RELEASE:=1
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
cryptsetup: update to version 2.7.1 The most notable change is the introduction of (optional) support for hardware OPAL disk encryption. However, as this requires Linux 6.4 or later, support for OPAL is implicitely disabled until targets used for the package build have been updated to Linux 6.6. See release notes for 2.7.0 and 2.7.1 for more details: https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.1-ReleaseNotes Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-04-04 04:01:39 +02:00
PKG_SOURCE_URL:=@KERNEL/linux/utils/cryptsetup/v$(subst $(space),.,$(wordlist 1, 2, $(subst .,$(space),$(PKG_VERSION))))
PKG_HASH:=da5d1419e2a86e01aa32fd79582cd54d208857cb541bca2fd426a5ff1aaabbc3
cryptsetup: Update to 2.0.5 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-31 01:44:47 +01:00
cryptsetup: Replace libgcrypt with AFALG Add several configure arguments to speed up build time. Switch from using libgcrypt to using the kernel directly. This has a number of benefits including smaller size and faster speed. It also allows selection of desired crypto primatives instead of having all of them. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-12-11 01:14:58 +01:00
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
treewide: Change .*GPL.*+ licenses to SPDX compatible identifier The CONTRIBUTING.md requests an (or multiple) SPDX identifier for GPL licenses. But a lot of packages did use a different, non-SPDX style with a "+" at the end instead of "-or-later". Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-09-02 15:15:08 +02:00
PKG_LICENSE:=GPL-2.0-or-later LGPL-2.1-or-later
cryptsetup: Update to 2.0.5 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-31 01:44:47 +01:00
PKG_LICENSE_FILES:=COPYING COPYING.LGPL
utils/cryptsetup: assign PKG_CPE_ID https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:cryptsetup_project:cryptsetup Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2024-01-25 21:27:06 +01:00
PKG_CPE_ID:=cpe:/a:cryptsetup_project:cryptsetup
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
cryptsetup: fix library paths by calling autoreconf Use PKG_FIXUP:=autoreconf when building cryptsetup to prevent accidental linkage against host libraries. Fixes: #19011 Reported-by: @dreirund Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-23 10:37:28 +02:00
PKG_FIXUP:=autoreconf
cryptsetup: update to 2.3.0 Use PKG_INSTALL for consistency between packages. Add PKG_BUILD_PARALLEL for faster compilation. Fix wrong locking path. First discovered here: https://forum.openwrt.org/t/cannot-setup-dm-crypt/56836 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-05 04:25:27 +01:00
PKG_INSTALL:=1
PKG_BUILD_PARALLEL:=1
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
PKG_BUILD_DEPENDS:=!USE_GLIBC:argp-standalone
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
include $(INCLUDE_DIR)/package.mk
cryptsetup: add NLS support Needed for uClibc-ng. Added InstallDev section. Because why not. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-13 21:05:12 +01:00
include $(INCLUDE_DIR)/nls.mk
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
cryptsetup: Remove OpenSSL variant OpenSSL is only used for hashing while being a huge dependency (689.4KB for mips_24kc. Cryptsetup also supports and recommends argon2 for hashing, which is not provided by OpenSSL. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-01-10 04:23:30 +01:00
define Package/cryptsetup
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
SECTION:=utils
CATEGORY:=Utilities
cryptsetup: move to Encryption submenu Part of a wider housekeeping effort on the packages repository. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
2016-10-23 23:29:33 +02:00
SUBMENU:=Encryption
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
TITLE:=Cryptsetup
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
DEPENDS:=$(ICONV_DEPENDS) $(INTL_DEPENDS) +libblkid +libuuid +libpopt +lvm2 \
+libdevmapper +libjson-c +@KERNEL_DIRECT_IO +kmod-crypto-user
cryptsetup: Update to 2.0.4 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-08 00:31:30 +02:00
URL:=https://gitlab.com/cryptsetup/cryptsetup/
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
endef
define Package/cryptsetup/description
cryptsetup: Remove OpenSSL variant OpenSSL is only used for hashing while being a huge dependency (689.4KB for mips_24kc. Cryptsetup also supports and recommends argon2 for hashing, which is not provided by OpenSSL. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-01-10 04:23:30 +01:00
Cryptsetup is utility used to conveniently setup disk encryption based on DMCrypt kernel module.
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
endef
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
define Package/cryptsetup-ssh
SECTION:=utils
CATEGORY:=Utilities
SUBMENU:=Encryption
TITLE:=Cryptsetup SSH token
DEPENDS:=+cryptsetup +PACKAGE_cryptsetup-ssh:libssh
URL:=https://gitlab.com/cryptsetup/cryptsetup/
endef
define Package/cryptsetup-ssh/description
Experimental SSH token support for cryptsetup.
endef
cryptsetup: Replace libgcrypt with AFALG Add several configure arguments to speed up build time. Switch from using libgcrypt to using the kernel directly. This has a number of benefits including smaller size and faster speed. It also allows selection of desired crypto primatives instead of having all of them. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-12-11 01:14:58 +01:00
CONFIGURE_ARGS += \
cryptsetup: update to version 2.5.0 Update to new major release of cryptsetup. For details, please see the release notes[1]. [1]: https://cdn.kernel.org/pub/linux/utils/cryptsetup/v2.5/v2.5.0-ReleaseNotes Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-09-07 19:39:46 +02:00
--disable-asciidoc \
cryptsetup: Replace libgcrypt with AFALG Add several configure arguments to speed up build time. Switch from using libgcrypt to using the kernel directly. This has a number of benefits including smaller size and faster speed. It also allows selection of desired crypto primatives instead of having all of them. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-12-11 01:14:58 +01:00
--disable-cryptsetup-reencrypt \
--disable-integritysetup \
--disable-selinux \
--disable-rpath \
--disable-veritysetup \
--disable-udev \
cryptsetup: Remove OpenSSL variant OpenSSL is only used for hashing while being a huge dependency (689.4KB for mips_24kc. Cryptsetup also supports and recommends argon2 for hashing, which is not provided by OpenSSL. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-01-10 04:23:30 +01:00
--with-default-luks-format=LUKS2 \
cryptsetup: update to 2.3.0 Use PKG_INSTALL for consistency between packages. Add PKG_BUILD_PARALLEL for faster compilation. Fix wrong locking path. First discovered here: https://forum.openwrt.org/t/cannot-setup-dm-crypt/56836 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-05 04:25:27 +01:00
--with-luks2-lock-path=/var/run/cryptsetup \
cryptsetup: Replace libgcrypt with AFALG Add several configure arguments to speed up build time. Switch from using libgcrypt to using the kernel directly. This has a number of benefits including smaller size and faster speed. It also allows selection of desired crypto primatives instead of having all of them. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-12-11 01:14:58 +01:00
--with-crypto_backend=kernel
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
ifeq ($(CONFIG_PACKAGE_cryptsetup-ssh),)
CONFIGURE_ARGS += --disable-ssh-token
endif
CONFIGURE_VARS += \
LIBSSH_CFLAGS="-I$(STAGING_DIR)/usr/include" \
LIBSSH_LIBS="-L$(STAGING_DIR)/usr/lib -lssh"
cryptsetup: fix compilation with musl 1.2.4 Similar to mdadm also cryptsetup now requires _LARGEFILE64_SOURCE. Add -D_LARGEFILE64_SOURCE to TARGET_CFLAGS to fix compilation. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-18 04:14:29 +02:00
TARGET_CFLAGS += -D_LARGEFILE64_SOURCE
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
TARGET_LDFLAGS += -Wl,--gc-sections $(if $(INTL_FULL),-lintl)
cryptsetup: add NLS support Needed for uClibc-ng. Added InstallDev section. Because why not. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-13 21:05:12 +01:00
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/include/libcryptsetup.h $(1)/usr/include
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libcryptsetup.so* $(1)/usr/lib
$(INSTALL_DIR) $(1)/usr/lib/pkgconfig
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libcryptsetup.pc $(1)/usr/lib/pkgconfig
endef
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
define Package/cryptsetup/install
$(INSTALL_DIR) $(1)/usr/lib
cryptsetup: update to 2.3.0 Use PKG_INSTALL for consistency between packages. Add PKG_BUILD_PARALLEL for faster compilation. Fix wrong locking path. First discovered here: https://forum.openwrt.org/t/cannot-setup-dm-crypt/56836 Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-05 04:25:27 +01:00
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libcryptsetup.so* $(1)/usr/lib
cryptsetup: add NLS support Needed for uClibc-ng. Added InstallDev section. Because why not. Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-03-13 21:05:12 +01:00
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/cryptsetup $(1)/usr/sbin
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
endef
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
define Package/cryptsetup-ssh/install
$(INSTALL_DIR) $(1)/usr/lib/cryptsetup
$(CP) $(PKG_INSTALL_DIR)/usr/lib/cryptsetup/* $(1)/usr/lib/cryptsetup
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/cryptsetup-ssh $(1)/usr/sbin
endef
import cryptsetup from oldpackages and bump version to 1.6.6 and switch to kernel.org mirror Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2014-12-05 15:34:10 +01:00
$(eval $(call BuildPackage,cryptsetup))
cryptsetup: update to version 2.4.1 Package new experimental SSH token authenticator plugin as new package 'cryptsetup-ssh'. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-09 05:10:02 +02:00
$(eval $(call BuildPackage,cryptsetup-ssh))