Overview Repositories Revisions Requests Users Attributes Meta

Revisions of cryptctl

buildservice-autocommit accepted request 977474 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 25) 
baserev update by copy to link target
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 975922 from Peter Varkoly's avatar Peter Varkoly (varkoly) (revision 24) 
- Update to version 2.4:
  * (bsc#1186226) - (CVE-2019-18906) client side password hashing is equivalent to clear text password storage
  * Fix authentication on all places.
  * Fix sysconfig variable name.
  * First step to use plain text password instead of hashed password.
  * Move repository into the SUSE github organization
  * decorate readme with more usage instructions
  * in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address
  * Test clear expired commands in TestDB_UpdateSeenFlag
  * tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case
  * avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server.
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 907570 from Paolo Perego's avatar Paolo Perego (pperego) (revision 23) 
- Fixed build errors adding a "go mod init"
- Binaries are now compiled with PIE support
- Also client service is symlinked so to avoid warnings
- Use %{_udevrulesdir} instead of abusing %{_libexecdir}.
- BuildRequire pkgconfig(systemd|udev) instead of systemd and udev:
  Allow OBS to shortcut through -mini flavors.
- Name the rpmlintrc file according the policy: cryptctl-rpmlintrc.
- Replace references to /var/adm/fillup-templates with new
  %_fillupdir macro (boo#1069468)
- Add previously missing systemd service cryptctl-client.service
  into RPM content, continue with bsc#1056082.
- Upgrade to upstream release 2.3 that brings a new feature to allow
  system administrators to issue mount/umount commands to client
  computers via key server. (bsc#1056082)
- Upgrade to upstream release 2.2 that brings important enhancements
  in effort of implementing fate#322979:
  * System administrator may now optionally turn off TLS certificate
    verification on KMIP server. Note that, certificate verification
    is enforced by default.
  * Improve handling of boolean answers from interactive command line.
  * Improve error handling in KMIP client.
- Upgrade to upstream release 2.1 that brings important enhancements
  in effort of implementing fate#322979:
  * Improve KMIP compatibility with key prefix names and proper
    serialisation of authentication header.
  * Fail over KMIP connection using a server list.
  * Destroy key on KMIP after its tracking record is erased from DB.
- Upgrade to upstream release 2.0 that brings a protocol evolution
  together with several new features:
  * Optionally utilise an external KMIP-v1.3 compatible service to
    store actual encryption key.
  * Optionally verify client identity before serving its key requests.
  * Password is hashed before transmitting over TLS-secured channel.
  * Fix an issue that previously allowed a malicious administrator
    to craft RPC request to overwrite files outside of key database.
  Implemented accordint to fate#322979 and fate#322293.
- Upgrade to 1.99pre that introduces a library for decoding, encoding,
  and serialisation operations of KMIP v1.3 for fate#322979.
- Upgrade to 1.2.6 for accumulated bug fixes (bsc#1006219):
  * Prevent user from attempting to encrypt a disk with mounted
    partitions, or an existing encrypted+opened disk.
  * Ensure CA path input is an absolute path.
  * Fix two mistakes in handling of timeout input.
  * Fix minor formatting issue in manual page.
  * Suppress consecutive failure messages in the journal of
    ReportAlive and AutoOnlineUnlockFS routines.
- Implement mandatory enhancements:
  * Do not allow encrypting a remote file system.
  * Implement command for erasing an encrypted file system.
- Bump version to 1.2.5 for fate#320367.
- Implement mandatory enhancements:
  * Make workflow across all sub-commands consistent in invocation
    style.
  * Implement auto-unlocking of encrypted disks.
  * Show key record usage and details on demand.
- Bump version to 1.2.4 for fate#320367.
- Implement mandatory enhancements:
  * Remove necessity for a backup directory to be involved for
    encryption routine.
  * Optimise certificate generation prompts.
  * Remove unused error messages and fix several of their typos.
  * Remove unnecessary safety checks.
  * Make the encryption routine work with btrfs and LVM.
- Bump version to 1.2.3 fate#320367.
- Upon request, generate a self-signed TLS certificate for
  experimental purposes.
- Bump version to 1.2.2 fate#320367.
- Implement mandatory features:
  * Encrypt empty directory skips backup steps.
  * Explain key revocation and TLS mechanisms in manual page.
- Bump version to 1.2.1 fate#320367.
- Implement mandatory features:
  * List and edit key records
  * Unlock file system via key record file
  * Use custom options to mount unlocked file system
  Enhance usability:
  * Make encryption procedure's pre-check more thorough
  * Improve overall command prompts
- Bump version to 1.2 fate#320367.
- A preview version with most of the desired functions implemented:
  * Key database
  * Key RPC server
  * Client encryption and decryption routines
  Bump version to 1.1
  fate#320367.
- First version, only to help with building ISOs.
  Implement fate#320367.
buildservice-autocommit accepted request 828243 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 22) 
baserev update by copy to link target
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 827819 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 21) 
- Use %{_udevrulesdir} instead of abusing %{_libexecdir}.

- Replace references to /var/adm/fillup-templates with new
buildservice-autocommit accepted request 769963 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 20) 
baserev update by copy to link target
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 769561 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 19) 
Shortcut through -mini
buildservice-autocommit accepted request 545076 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 18) 
baserev update by copy to link target
Howard Guo's avatar Howard Guo (guohouzuo) accepted request 544728 from Richard Brown's avatar Richard Brown (RBrownSUSE) (revision 17) 
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
buildservice-autocommit accepted request 536376 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 16) 
baserev update by copy to link target
Howard Guo's avatar Howard Guo (guohouzuo) committed (revision 15) 
- Add previously missing systemd service cryptctl-client.service
  into RPM content, continue with bsc#1056082.
  computers via key server. (bsc#1056082)
buildservice-autocommit accepted request 519142 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 14) 
baserev update by copy to link target
Howard Guo's avatar Howard Guo (guohouzuo) committed (revision 13) 
- Upgrade to upstream release 2.3 that brings a new feature to allow
  system administrators to issue mount/umount commands to client
  computers via key server. (fate#322292)
buildservice-autocommit accepted request 502643 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 12) 
baserev update by copy to link target
Howard Guo's avatar Howard Guo (guohouzuo) committed (revision 11) 
Fix a typo in changelog entry "in effort of"
buildservice-autocommit accepted request 501709 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 10) 
baserev update by copy to link target
Howard Guo's avatar Howard Guo (guohouzuo) committed (revision 9) 
- Upgrade to upstream release 2.2 that brings important enhancements
  in effor tof implementing fate#322979:
  * System administrator may now optionally turn off TLS certificate
    verification on KMIP server. Note that, certificate verification
    is enforced by default.
  * Improve handling of boolean answers from interactive command line.
  * Improve error handling in KMIP client.
Howard Guo's avatar Howard Guo (guohouzuo) committed (revision 8) 
- There is no change made about the package itself, this is only
  copying over some changelog texts from SLE package:
- [fate#322979](https://fate.suse.com/322979)
buildservice-autocommit accepted request 500581 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 7) 
baserev update by copy to link target
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 500405 from Howard Guo's avatar Howard Guo (guohouzuo) (revision 6) 
- Upgrade to upstream release 2.1 that brings important enhancements
  in effort of implementing fate#322979:
  * Improve KMIP compatibility with key prefix names and proper
    serialisation of authentication header.
  * Fail over KMIP connection using a server list.
  * Destroy key on KMIP after its tracking record is erased from DB.
Displaying revisions 1 - 20 of 25
openSUSE Build Service is sponsored by
Places