[libguestfs-common PATCH v2 00/12] LUKS decryption with Clevis+Tang
by Laszlo Ersek
v1: https://listman.redhat.com/archives/libguestfs/2022-June/029277.html
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1809453
Please see the Notes section on each patch for the updates in this
version. (The CVE fix has been merged: 35467027f657.)
Thanks,
Laszlo
Laszlo Ersek (12):
options: fix UUID comparison logic bug in get_keys()
mltools/tools_utils: remove unused function "key_store_to_cli"
mltools/tools_utils: allow multiple "--key" options for OCaml tools
too
options: replace NULL-termination with number-of-elements in
get_keys()
options: wrap each passphrase from get_keys() into a struct
options: add back-end for LUKS decryption with Clevis+Tang
options: introduce selector type "key_clevis"
options: generalize "--key" selector parsing for C-language utilities
mltools/tools_utils-c: handle internal type error with abort()
mltools/tools_utils: generalize "--key" selector parsing for OCaml
utils
options, mltools/tools_utils: parse "--key ID:clevis" options
options, mltools/tools_utils: add helper for network dependency
mltools/tools_utils-c.c | 43 ++++---
mltools/tools_utils.ml | 51 ++++----
mltools/tools_utils.mli | 12 +-
options/decrypt.c | 30 +++--
options/key-option.pod | 9 ++
options/keys.c | 124 ++++++++++++++------
options/options.h | 19 ++-
7 files changed, 191 insertions(+), 97 deletions(-)
--
2.19.1.3.g30247aa5d201
2 years, 5 months