Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
security
cryptctl
cryptctl.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cryptctl.changes of Package cryptctl
------------------------------------------------------------------- Mon May 9 16:55:47 UTC 2022 - Peter Varkoly <varkoly@suse.com> - Update to version 2.4: * (bsc#1186226) - (CVE-2019-18906) client side password hashing is equivalent to clear text password storage * Fix authentication on all places. * Fix sysconfig variable name. * First step to use plain text password instead of hashed password. * Move repository into the SUSE github organization * decorate readme with more usage instructions * in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address * Test clear expired commands in TestDB_UpdateSeenFlag * tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case * avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server. ------------------------------------------------------------------- Wed Jul 21 16:02:08 UTC 2021 - Paolo Perego <paolo.perego@suse.com> - Fixed build errors adding a "go mod init" - Binaries are now compiled with PIE support - Also client service is symlinked so to avoid warnings ------------------------------------------------------------------- Wed Aug 19 09:54:56 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org> - Use %{_udevrulesdir} instead of abusing %{_libexecdir}. ------------------------------------------------------------------- Mon Feb 3 12:13:56 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org> - BuildRequire pkgconfig(systemd|udev) instead of systemd and udev: Allow OBS to shortcut through -mini flavors. - Name the rpmlintrc file according the policy: cryptctl-rpmlintrc. ------------------------------------------------------------------- Thu Nov 23 13:44:21 UTC 2017 - rbrown@suse.com - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) ------------------------------------------------------------------- Mon Oct 23 14:26:02 UTC 2017 - hguo@suse.com - Add previously missing systemd service cryptctl-client.service into RPM content, continue with bsc#1056082. ------------------------------------------------------------------- Mon Aug 28 13:37:13 UTC 2017 - hguo@suse.com - Upgrade to upstream release 2.3 that brings a new feature to allow system administrators to issue mount/umount commands to client computers via key server. (bsc#1056082) ------------------------------------------------------------------- Wed Jun 7 12:11:50 UTC 2017 - hguo@suse.com - Upgrade to upstream release 2.2 that brings important enhancements in effort of implementing fate#322979: * System administrator may now optionally turn off TLS certificate verification on KMIP server. Note that, certificate verification is enforced by default. * Improve handling of boolean answers from interactive command line. * Improve error handling in KMIP client. ------------------------------------------------------------------- Thu Jun 1 13:00:57 UTC 2017 - hguo@suse.com - Upgrade to upstream release 2.1 that brings important enhancements in effort of implementing fate#322979: * Improve KMIP compatibility with key prefix names and proper serialisation of authentication header. * Fail over KMIP connection using a server list. * Destroy key on KMIP after its tracking record is erased from DB. ------------------------------------------------------------------- Thu May 11 14:00:39 UTC 2017 - hguo@suse.com - Upgrade to upstream release 2.0 that brings a protocol evolution together with several new features: * Optionally utilise an external KMIP-v1.3 compatible service to store actual encryption key. * Optionally verify client identity before serving its key requests. * Password is hashed before transmitting over TLS-secured channel. * Fix an issue that previously allowed a malicious administrator to craft RPC request to overwrite files outside of key database. Implemented accordint to fate#322979 and fate#322293. ------------------------------------------------------------------- Fri Apr 28 08:32:46 UTC 2017 - hguo@suse.com - Upgrade to 1.99pre that introduces a library for decoding, encoding, and serialisation operations of KMIP v1.3 for fate#322979. ------------------------------------------------------------------- Wed Nov 16 14:45:31 UTC 2016 - hguo@suse.com - Upgrade to 1.2.6 for accumulated bug fixes (bsc#1006219): * Prevent user from attempting to encrypt a disk with mounted partitions, or an existing encrypted+opened disk. * Ensure CA path input is an absolute path. * Fix two mistakes in handling of timeout input. * Fix minor formatting issue in manual page. * Suppress consecutive failure messages in the journal of ReportAlive and AutoOnlineUnlockFS routines. ------------------------------------------------------------------- Fri Sep 16 09:37:42 UTC 2016 - hguo@suse.com - Implement mandatory enhancements: * Do not allow encrypting a remote file system. * Implement command for erasing an encrypted file system. - Bump version to 1.2.5 for fate#320367. ------------------------------------------------------------------- Fri Sep 2 14:36:01 UTC 2016 - hguo@suse.com - Implement mandatory enhancements: * Make workflow across all sub-commands consistent in invocation style. * Implement auto-unlocking of encrypted disks. * Show key record usage and details on demand. - Bump version to 1.2.4 for fate#320367. ------------------------------------------------------------------- Thu Aug 18 14:44:23 UTC 2016 - hguo@suse.com - Implement mandatory enhancements: * Remove necessity for a backup directory to be involved for encryption routine. * Optimise certificate generation prompts. * Remove unused error messages and fix several of their typos. * Remove unnecessary safety checks. * Make the encryption routine work with btrfs and LVM. - Bump version to 1.2.3 fate#320367. ------------------------------------------------------------------- Wed Aug 3 14:13:05 UTC 2016 - hguo@suse.com - Upon request, generate a self-signed TLS certificate for experimental purposes. - Bump version to 1.2.2 fate#320367. ------------------------------------------------------------------- Mon Aug 1 13:50:48 UTC 2016 - hguo@suse.com - Implement mandatory features: * Encrypt empty directory skips backup steps. * Explain key revocation and TLS mechanisms in manual page. - Bump version to 1.2.1 fate#320367. ------------------------------------------------------------------- Mon Jul 11 12:07:09 UTC 2016 - hguo@suse.com - Implement mandatory features: * List and edit key records * Unlock file system via key record file * Use custom options to mount unlocked file system Enhance usability: * Make encryption procedure's pre-check more thorough * Improve overall command prompts - Bump version to 1.2 fate#320367. ------------------------------------------------------------------- Fri Jul 1 14:30:10 UTC 2016 - hguo@suse.com - A preview version with most of the desired functions implemented: * Key database * Key RPC server * Client encryption and decryption routines Bump version to 1.1 fate#320367. ------------------------------------------------------------------- Wed Jun 8 10:22:03 UTC 2016 - hguo@suse.com - First version, only to help with building ISOs. Implement fate#320367.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
