[Libguestfs] [libguestfs-common PATCH 00/12] LUKS decryption with Clevis+Tang | CVE-2022-2211

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2100862 Please refer to the parent cover letter <https://listman.redhat.com/archives/libguestfs/2022-June/029274.html> regarding the relationship between the CVE fix and the larger series. The first four patches are bugfixes (of varying importance). The rest are refactorings and feature-let additions, intermixed as needed. Thanks, Laszlo Laszlo Ersek (12): options: fix buffer overflow in get_keys() [CVE-2022-2211] options: fix UUID comparison logic bug in get_keys() mltools/tools_utils: remove unused function "key_store_to_cli" mltools/tools_utils: allow multiple "--key" options for OCaml tools too options: replace NULL-termination with number-of-elements in get_keys() options: wrap each passphrase from get_keys() into a struct options: add back-end for LUKS decryption with Clevis+Tang options: introduce selector tpe "key_clevis" options: generalize "--key" selector parsing for C-language utilities mltools/tools_utils: generalize "--key" selector parsing for OCaml utils options, mltools/tools_utils: parse "--key ID:clevis" options options, mltools/tools_utils: add helper for network dependency mltools/tools_utils-c.c | 47 ++++--- mltools/tools_utils.ml | 51 ++++---- mltools/tools_utils.mli | 12 +- options/decrypt.c | 24 ++-- options/key-option.pod | 9 ++ options/keys.c | 130 ++++++++++++++------ options/options.h | 19 ++- 7 files changed, 195 insertions(+), 97 deletions(-) -- 2.19.1.3.g30247aa5d201