gentoo resync : 10.11.2017

2 files changed, 292 insertions, 29 deletions

diff --git a/dev-libs/volume_key/Manifest b/dev-libs/volume_key/Manifest
index 4adffbd68224..c0a82e69b8d0 100644
--- a/dev-libs/volume_key/Manifest
+++ b/dev-libs/volume_key/Manifest
@@ -1,5 +1,5 @@
 AUX volume_key-0.3.9-config.h.diff 819 SHA256 de5f66ee91a652874dea2e09742c26ea16c41b053eef167f375876deb2b18757 SHA512 ce8fd4fd60baacda3bfd88de86f5251bd9394f4b13dbb0ece494a07c3510429c458cef051cf56d9ef04b97e7120898ab62585fd1966a93724ea0476a9d465c04 WHIRLPOOL 5a6afb754979d2132c7fd02cc7f3aa4e8fb2882456ada6b19364da72df1f620055825b78ff19f6d61c7f2df455516b94cf0e2bedd69daeb680deb16fdb67ecdf
-AUX volume_key-0.3.9-cryptsetup2.patch 2220 SHA256 29d8ac99366fd56810337887baf7d4d4b4620adf1cc633994c82c06fa5e3fdc6 SHA512 abc2438e7da3b92054d7db2cb5ada57079c056552a4c333ad56a9460f6adf09b91c7ff83fde11f113092a7262ac653957253ef75ab245458db445ee0f26f73ff WHIRLPOOL 4accc7bb9ce22b3e73a7b2dece2cd875596ee1ef2f9233f65b1abe5b07ab27c07f6648a41f0cebbe52c12a9c3437d8446852ff9d263d48d202deff7fdb600df9
+AUX volume_key-0.3.9-cryptsetup2.patch 11118 SHA256 f544ec62d74a1c739978cdc79cfcb95243cf06c0f68f435c6cc1256fc7ca3ab3 SHA512 154e8c2860ffb07f367696ed23309910162c23a445e7c46411f63f6a46e65aaf5285559a51320edf3a424d98300058356ef058689c06719e00616f211ac4164a WHIRLPOOL 6d43245a813603deb8ef8da6ba8cbae0e636a8930dc6b829a618d68bfbd20abcc0cb1853838625785d1fd8a6e3a5a8319473c5ba24390dc9c972829fe26b739b
 AUX volume_key-0.3.9-find_python.patch 1845 SHA256 18da65782c7294ea8ddc1bbd06ecf22c6c33e2a474c4614e696265cc5d65e1e5 SHA512 5b2de4c5c18bb17fbf2a7e5de8adc36d919c5e98aafc33bbd3464ab60ce520ee0b4da0447f7e55ae262c9f6243936badd20f8ce5f9f3367188d80ba28932d0d7 WHIRLPOOL dc10ade55e83b7a7183301d105f4771067051dad25d4a840d957d751d1237275ade43481173f41d3afe9707a42b3dfdfe6760682164bffdbf57d8d999b3dbc3d
 DIST volume_key-0.3.9.tar.xz 445092 SHA256 450a54fe9bf56acec6850c1e71371d3e4913c9ca1ef0cdc3a517b4b6910412a6 SHA512 bc0e690997b9fa1c9fff361d04e7eddcac4cac09779d7a1f9e161be117f5c589a7e444ac16dab25fb3e3ce201591f7dc937595ddf2745d7daa625d4ab0a255e0 WHIRLPOOL 928279511717a8fcd94a13b52c1450770f8f22aed4334a4dc87440cf3ffa706e99de6dac21ac8a7e6db990570525e4cf5f163b92351239d95dcf0b3f2b7cd8c7
 EBUILD volume_key-0.3.9.ebuild 987 SHA256 61f303f5e1e656397d3c522ad2e4fbef122daf097f20ad2e3e8a60a2e8abf6ab SHA512 1fe8ab3e149e6f306e288c5952fb4042fe6052bb2d2d0a07e5e46f35122f435f55090271c0a8ad0dbb4536cc04dc437613ca0661275396c8528c09e7145aaa41 WHIRLPOOL 629f19994bc15485592ea72f0b5958e5966fd39dfbbc01a28a48fe935f6e55398bb48ead848633d2336f0ca3234b9abf0e5d79fc49accd06b3372df4b3bf0174
diff --git a/dev-libs/volume_key/files/volume_key-0.3.9-cryptsetup2.patch b/dev-libs/volume_key/files/volume_key-0.3.9-cryptsetup2.patch
index c0386fabf72d..2798e882345b 100644
--- a/dev-libs/volume_key/files/volume_key-0.3.9-cryptsetup2.patch
+++ b/dev-libs/volume_key/files/volume_key-0.3.9-cryptsetup2.patch
@@ -1,25 +1,31 @@
-From a41c53d35b594a7fd8d5b92501b4fe52d7252909 Mon Sep 17 00:00:00 2001
-From: Milan Broz <gmazyland@gmail.com>
-Date: Tue, 17 Oct 2017 13:44:24 +0200
-Subject: [PATCH] volume_key: Switch to libcryptsetup error callback.
+From ecef526a51c5a276681472fd6df239570c9ce518 Mon Sep 17 00:00:00 2001
+From: Miloslav Trmač <mitr@redhat.com>
+Date: Nov 07 2017 15:55:55 +0000
+Subject: Stop using crypt_get_error
 
-This change should be compatible with new libcryptsetup as well.
 
-Note that now is error set even for retry, so the code must
-clear it after successfull (but retried) password query.
+Instead of crypt_get_error, which has been removed in cryptsetup 2.0,
+set up a log callback, which is available in both older and newer
+versions.
+
+Fixes #13.
 
-Signed-off-by: Milan Broz <gmazyland@gmail.com>
 ---
- lib/volume_luks.c | 21 ++++++++++++++-------
- 1 file changed, 14 insertions(+), 7 deletions(-)
 
 diff --git a/lib/volume_luks.c b/lib/volume_luks.c
-index 14794d7..4034cc3 100644
+index 14794d7..f4bf2c8 100644
 --- a/lib/volume_luks.c
 +++ b/lib/volume_luks.c
-@@ -65,13 +65,8 @@ my_strerror (int err_no)
+@@ -61,17 +61,13 @@ my_strerror (int err_no)
+ }
+ 
+ /* Set ERROR based on libcryptsetup error state after returning RES.
+-   Use CODE. */
++   Use CODE and LAST_LOG_ENTRY. */
  static void
- error_from_cryptsetup (GError **error, LIBVKError code, int res)
+-error_from_cryptsetup (GError **error, LIBVKError code, int res)
++error_from_cryptsetup (GError **error, LIBVKError code, int res,
++		       char *last_log_entry)
  {
 -  /* It's not possible to get the error message length from libcryptsetup, just
 -     guess. */
@@ -28,41 +34,298 @@ index 14794d7..4034cc3 100644
 -  crypt_get_error (crypt_msg, sizeof (crypt_msg));
 -  if (crypt_msg[0] != '\0')
 -    g_set_error (error, LIBVK_ERROR, code, "%s", crypt_msg);
-+  if (error && *error && (*error)->message)
-+    (*error)->code = code;
++  if (last_log_entry != NULL && last_log_entry[0] != '\0')
++    g_set_error (error, LIBVK_ERROR, code, "%s", last_log_entry);
    else
      {
        char *s;
-@@ -82,6 +77,16 @@ error_from_cryptsetup (GError **error, LIBVKError code, int res)
+@@ -82,17 +78,33 @@ error_from_cryptsetup (GError **error, LIBVKError code, int res)
      }
  }
  
-+void cryptsetup_log (int level, const char *msg, void *usrptr)
++static void
++record_cryptsetup_log_entry (int level, const char *msg, void *usrptr)
 +{
-+  GError **error = usrptr;
++  char **last_log_entry = usrptr;
 +
-+  if (level != CRYPT_LOG_ERROR)
-+    return;
-+  g_clear_error(error);
-+  g_set_error (error, LIBVK_ERROR, -1, "%s", msg);
++  if (level == CRYPT_LOG_ERROR)
++    {
++      g_free (*last_log_entry);
++      *last_log_entry = g_strdup (msg);
++    }
 +}
 +
  /* Open volume PATH and load its header.
++   Set up *LAST_LOG_ENTRY to be updated to the last logged message for the
++   device.  The caller must g_free(*LAST_LOG_ENTRY) after closing the device.
     Return the volume, or NULL on error. */
  static struct crypt_device *
-@@ -93,6 +98,7 @@ open_crypt_device (const char *path, GError **error)
+-open_crypt_device (const char *path, GError **error)
++open_crypt_device (const char *path, char **last_log_entry, GError **error)
+ {
+   struct crypt_device *cd;
+   int r;
+ 
++  *last_log_entry = NULL;
    r = crypt_init (&cd, path);
    if (r < 0)
      goto err;
-+  crypt_set_log_callback(cd, cryptsetup_log, error);
++  crypt_set_log_callback(cd, record_cryptsetup_log_entry, last_log_entry);
    r = crypt_load (cd, CRYPT_LUKS1, NULL);
    if (r < 0)
      goto err_cd;
-@@ -307,6 +313,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+@@ -101,9 +113,12 @@ open_crypt_device (const char *path, GError **error)
+  err_cd:
+   crypt_free (cd);
+  err:
+-  error_from_cryptsetup (error, LIBVK_ERROR_VOLUME_UNKNOWN_FORMAT, r);
++  error_from_cryptsetup (error, LIBVK_ERROR_VOLUME_UNKNOWN_FORMAT, r,
++			 *last_log_entry);
+   g_prefix_error (error, _("Error getting information about volume `%s': "),
+ 		  path);
++  g_free (*last_log_entry);
++  *last_log_entry = NULL;
+   return NULL;
+ }
+ 
+@@ -173,10 +188,11 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
+ {
+   struct luks_volume *luks;
+   struct crypt_device *cd;
++  char *last_log_entry;
+   const char *uuid;
+ 
+   (void)vol;
+-  cd = open_crypt_device (path, error);
++  cd = open_crypt_device (path, &last_log_entry, error);
+   if (cd == NULL)
+     return NULL;
+   /* A bit of paranoia */
+@@ -187,6 +203,7 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
+ 		   _("UUID mismatch between libblkid and libcryptsetup: `%s' "
+ 		     "vs. `%s'"), vol->uuid, uuid);
+       crypt_free (cd);
++      g_free (last_log_entry);
+       return NULL;
+     }
+ 
+@@ -195,6 +212,7 @@ luks_volume_open (struct libvk_volume *vol, const char *path, GError **error)
+   luks->cipher_mode = g_strdup (crypt_get_cipher_mode (cd));
+   luks->key_bytes = crypt_get_volume_key_size (cd);
+   crypt_free (cd);
++  g_free (last_log_entry);
+ 
+   luks->key = NULL;
+   luks->passphrase = NULL;
+@@ -256,7 +274,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+ 		 const struct libvk_ui *ui, GError **error)
+ {
+   struct crypt_device *cd;
+-  char *passphrase;
++  char *last_log_entry, *passphrase;
+   void *key;
+   size_t key_length;
+   int slot;
+@@ -276,7 +294,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+ 		   _("Encryption information type unsupported in LUKS"));
+       goto err;
+     }
+-  cd = open_crypt_device (vol->path, error);
++  cd = open_crypt_device (vol->path, &last_log_entry, error);
+   if (cd == NULL)
+     goto err;
+   key_length = crypt_get_volume_key_size (cd);
+@@ -303,7 +321,7 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+       g_free_passphrase (passphrase);
+       if (r != -EPERM)
+ 	{
+-	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
++	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
  	  g_prefix_error (error, _("Error getting LUKS data encryption key: "));
  	  goto err_prompt;
  	}
-+      g_clear_error(error);
+@@ -322,12 +340,14 @@ luks_get_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+   vol->v.luks->passphrase_slot = slot;
+   g_free (prompt);
+   crypt_free (cd);
++  g_free (last_log_entry);
+   return 0;
+ 
+  err_prompt:
+   g_free (prompt);
+   g_free_key (key, key_length);
+   crypt_free (cd);
++  g_free (last_log_entry);
+  err:
+   return -1;
+ }
+@@ -383,11 +403,12 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
+   if (packet->v.luks->key != NULL)
+     {
+       struct crypt_device *cd;
++      char *last_log_entry;
+       int r;
+ 
+       g_return_val_if_fail (vol->v.luks->key_bytes == packet->v.luks->key_bytes,
+ 			    -1);
+-      cd = open_crypt_device (vol->path, error);
++      cd = open_crypt_device (vol->path, &last_log_entry, error);
+       if (cd == NULL)
+ 	return -1;
+       r = crypt_volume_key_verify (cd, packet->v.luks->key,
+@@ -395,21 +416,25 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
+       crypt_free (cd);
+       if (r < 0)
+ 	{
+-	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r);
++	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r,
++				 last_log_entry);
+ 	  g_prefix_error (error, _("LUKS data encryption key in packet is "
+ 				   "invalid: "));
++	  g_free (last_log_entry);
+ 	  return -1;
+ 	}
++      g_free (last_log_entry);
+       luks_replace_key (vol, packet->v.luks->key);
+     }
+   if (packet->v.luks->passphrase != NULL)
+     {
+       struct crypt_device *cd;
++      char *last_log_entry;
+       void *key;
+       size_t key_size;
+       int r;
+ 
+-      cd = open_crypt_device (vol->path, error);
++      cd = open_crypt_device (vol->path, &last_log_entry, error);
+       if (cd == NULL)
+ 	return -1;
+       key_size = crypt_get_volume_key_size (cd);
+@@ -420,10 +445,13 @@ luks_load_packet (struct libvk_volume *vol, const struct libvk_volume *packet,
+       crypt_free (cd);
+       if (r < 0)
+ 	{
+-	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r);
++	  error_from_cryptsetup (error, LIBVK_ERROR_PACKET_VOLUME_MISMATCH, r,
++				 last_log_entry);
+ 	  g_prefix_error (error, _("LUKS passphrase in packet is invalid: "));
++	  g_free (last_log_entry);
+ 	  return -1;
+ 	}
++      g_free (last_log_entry);
+       luks_replace_passphrase (vol, packet->v.luks->passphrase);
+       vol->v.luks->passphrase_slot = r;
+       if (packet->v.luks->key == NULL)
+@@ -446,7 +474,7 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
+ 		   GError **error)
+ {
+   struct crypt_device *cd;
+-  char *prompt, *prompt2, *error_prompt, *passphrase;
++  char *last_log_entry, *prompt, *prompt2, *error_prompt, *passphrase;
+   unsigned failed;
+   int res;
+ 
+@@ -498,7 +526,7 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
+   goto err_prompts;
+ 
+  got_passphrase:
+-  cd = open_crypt_device (vol->path, error);
++  cd = open_crypt_device (vol->path, &last_log_entry, error);
+   if (cd == NULL)
+     goto err_passphrase;
+   res = crypt_keyslot_add_by_volume_key (cd, CRYPT_ANY_SLOT,
+@@ -508,10 +536,12 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
+   crypt_free (cd);
+   if (res < 0)
+     {
+-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res);
++      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res, last_log_entry);
+       g_prefix_error (error, _("Error adding a LUKS passphrase"));
++      g_free (last_log_entry);
+       goto err_passphrase;
+     }
++  g_free (last_log_entry);
+ 
+   g_return_val_if_fail (vol->v.luks->key_bytes == packet->v.luks->key_bytes,
+ 			-1);
+@@ -542,6 +572,7 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+ 		 const void *secret, size_t size, GError **error)
+ {
+   struct crypt_device *cd;
++  char *last_log_entry;
+   int res;
+ 
+   if (secret_type != LIBVK_SECRET_PASSPHRASE)
+@@ -562,7 +593,7 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+ 		   _("The passphrase must be a string"));
+       return -1;
      }
-   g_set_error (error, LIBVK_ERROR, LIBVK_ERROR_FAILED,
- 	       _("Too many attempts to get a valid passphrase"));
+-  cd = open_crypt_device (vol->path, error);
++  cd = open_crypt_device (vol->path, &last_log_entry, error);
+   if (cd == NULL)
+     return -1;
+   res = crypt_keyslot_add_by_volume_key (cd, CRYPT_ANY_SLOT, vol->v.luks->key,
+@@ -570,10 +601,12 @@ luks_add_secret (struct libvk_volume *vol, enum libvk_secret secret_type,
+   crypt_free (cd);
+   if (res < 0)
+     {
+-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res);
++      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, res, last_log_entry);
+       g_prefix_error (error, _("Error adding a LUKS passphrase"));
++      g_free (last_log_entry);
+       return -1;
+     }
++  g_free (last_log_entry);
+ 
+   luks_replace_passphrase (vol, secret);
+   vol->v.luks->passphrase_slot = res;
+@@ -823,12 +856,13 @@ luks_open_with_packet (struct libvk_volume *vol,
+ 		       GError **error)
+ {
+   struct crypt_device *cd;
++  char *last_log_entry;
+   void *to_free;
+   const void *key;
+   int r;
+   size_t key_size;
+ 
+-  cd = open_crypt_device (vol->path, error);
++  cd = open_crypt_device (vol->path, &last_log_entry, error);
+   if (cd == NULL)
+     goto err;
+   if (packet->v.luks->key != NULL)
+@@ -846,7 +880,7 @@ luks_open_with_packet (struct libvk_volume *vol,
+ 				strlen (packet->v.luks->passphrase));
+       if (r < 0)
+ 	{
+-	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
++	  error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
+ 	  g_prefix_error (error, _("Error getting LUKS data encryption key: "));
+ 	  goto err_to_free;
+ 	}
+@@ -862,7 +896,7 @@ luks_open_with_packet (struct libvk_volume *vol,
+   r = crypt_activate_by_volume_key (cd, name, key, key_size, 0);
+   if (r < 0)
+     {
+-      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r);
++      error_from_cryptsetup (error, LIBVK_ERROR_FAILED, r, last_log_entry);
+       g_prefix_error (error, _("Error opening LUKS volume: "));
+       goto err_to_free;
+     }
+@@ -870,6 +904,7 @@ luks_open_with_packet (struct libvk_volume *vol,
+   if (to_free != NULL)
+     g_free_key (to_free, key_size);
+   crypt_free (cd);
++  g_free (last_log_entry);
+   return 0;
+ 
+  err_to_free:
+@@ -877,6 +912,7 @@ luks_open_with_packet (struct libvk_volume *vol,
+     g_free_key (to_free, key_size);
+  err_cd:
+   crypt_free (cd);
++  g_free (last_log_entry);
+  err:
+   return -1;
+ }
+