cryptsetup package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>

SOURCES/cryptsetup-2.2.1-reinstate-missing-backing-file-hint-for-loop-device.patch

@@ -0,0 +1,149 @@
+diff -rupN cryptsetup-2.0.3.old/src/Makemodule.am cryptsetup-2.0.3.new/src/Makemodule.am
+--- cryptsetup-2.0.3.old/src/Makemodule.am	2019-08-27 17:37:25.043999695 +0200
++++ cryptsetup-2.0.3.new/src/Makemodule.am	2019-08-27 17:39:40.303336254 +0200
+@@ -6,6 +6,7 @@ cryptsetup_SOURCES =		\
+ 	lib/utils_loop.c	\
+ 	lib/utils_io.c		\
+ 	src/utils_tools.c	\
++	lib/utils_loop.c	\
+ 	src/utils_password.c	\
+ 	src/cryptsetup.c	\
+ 	src/cryptsetup.h
+diff -rupN cryptsetup-2.0.3.old/src/utils_password.c cryptsetup-2.0.3.new/src/utils_password.c
+--- cryptsetup-2.0.3.old/src/utils_password.c	2019-08-27 17:37:25.043999695 +0200
++++ cryptsetup-2.0.3.new/src/utils_password.c	2019-08-27 17:38:35.354214280 +0200
+@@ -256,7 +256,7 @@ int tools_get_key(const char *prompt,
+ 		  int timeout, int verify, int pwquality,
+ 		  struct crypt_device *cd)
+ {
+-	char tmp[1024];
++	char tmp[1024], *backing_file;
+ 	int r = -EINVAL, block;
+ 
+ 	block = tools_signals_blocked();
+@@ -270,9 +270,11 @@ int tools_get_key(const char *prompt,
+ 			} else {
+ 				if (!prompt && !crypt_get_device_name(cd))
+ 					snprintf(tmp, sizeof(tmp), _("Enter passphrase: "));
+-				else if (!prompt)
+-					snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "),
+-						crypt_get_device_name(cd));
++				else if (!prompt) {
++					backing_file = crypt_loop_backing_file(crypt_get_device_name(cd));
++					snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "), backing_file ?: crypt_get_device_name(cd));
++					free(backing_file);
++				}
+ 				r = crypt_get_key_tty(prompt ?: tmp, key, key_size, timeout, verify, cd);
+ 			}
+ 		} else {
+diff -rupN cryptsetup-2.0.3.old/tests/compat-test cryptsetup-2.0.3.new/tests/compat-test
+--- cryptsetup-2.0.3.old/tests/compat-test	2019-08-27 17:37:24.942997950 +0200
++++ cryptsetup-2.0.3.new/tests/compat-test	2019-08-27 17:41:15.868988979 +0200
+@@ -735,15 +735,20 @@ fi
+ which expect >/dev/null 2>&1 || skip "WARNING: expect tool missing, interactive test will be skipped." 0
+ 
+ prepare "[32] Interactive password retry from terminal." new
++if [ "$(pwd)" = "/" ]; then
++	EXPECT_DEV=/$IMG
++else
++	EXPECT_DEV=$(pwd)/$IMG
++fi
+ expect - >/dev/null <<EOF
+ proc abort {} { send_error "Timeout. "; exit 2 }
+ set timeout 10
+ eval spawn $CRYPTSETUP luksOpen -v -T 2 $LOOPDEV $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Key slot 0 unlocked."
+@@ -760,11 +765,11 @@ expect - >/dev/null <<EOF
+ proc abort {} { send_error "Timeout. "; exit 2 }
+ set timeout 10
+ eval spawn $CRYPTSETUP luksOpen -v -T 2 $LOOPDEV $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 y\n"
+ expect timeout abort "No key available with this passphrase."
+@@ -799,7 +804,7 @@ set timeout 10
+ eval spawn $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF_OPT -v $LOOPDEV
+ expect timeout abort "Are you sure? (Type uppercase yes):"
+ send "YES\n"
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Verify passphrase:"
+@@ -808,7 +813,7 @@ send "$PWD0\n"
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Command successful."
+@@ -829,7 +834,7 @@ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF_OPT -v $LOOPDEV
+ expect timeout abort "Are you sure? (Type uppercase yes):"
+ send "YES\n"
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Verify passphrase:"
+@@ -838,7 +843,7 @@ send "$PWD0 x\n"
+ expect timeout abort "Passphrases do not match."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV -T 1 --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "No key available with this passphrase."
+@@ -890,7 +895,7 @@ send "$PWD1\n"
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD1\n"
+ expect timeout abort "Command successful."
+@@ -908,21 +913,21 @@ eval spawn $CRYPTSETUP luksSuspend -v $D
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksResume -v -T 3  $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD1\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 y\n"
+ expect timeout abort "No key available with this passphrase."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksResume -v $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
++expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Command successful."

SOURCES/cryptsetup-configure.patch

@@ -0,0 +1,417 @@
+diff -rupN cryptsetup-2.0.3.old/config.h.in cryptsetup-2.0.3.new/config.h.in
+--- cryptsetup-2.0.3.old/config.h.in	2019-08-27 18:30:14.342521239 +0200
++++ cryptsetup-2.0.3.new/config.h.in	2019-08-27 18:30:48.212105267 +0200
+@@ -106,6 +106,12 @@
+ /* Define to 1 if you have the <argon2.h> header file. */
+ #undef HAVE_ARGON2_H
+ 
++/* Define to 1 to use blkid for detection of disk signatures. */
++#undef HAVE_BLKID
++
++/* Define to 1 if you have the <blkid/blkid.h> header file. */
++#undef HAVE_BLKID_BLKID_H
++
+ /* Define to 1 if you have the <byteswap.h> header file. */
+ #undef HAVE_BYTESWAP_H
+ 
+@@ -127,6 +133,30 @@
+    */
+ #undef HAVE_DCGETTEXT
+ 
++/* Define to 1 if you have the declaration of `blkid_do_probe', and to 0 if
++   you don't. */
++#undef HAVE_DECL_BLKID_DO_PROBE
++
++/* Define to 1 if you have the declaration of `blkid_do_safeprobe', and to 0
++   if you don't. */
++#undef HAVE_DECL_BLKID_DO_SAFEPROBE
++
++/* Define to 1 if you have the declaration of
++   `blkid_probe_filter_superblocks_type', and to 0 if you don't. */
++#undef HAVE_DECL_BLKID_PROBE_FILTER_SUPERBLOCKS_TYPE
++
++/* Define to 1 if you have the declaration of `blkid_probe_lookup_value ', and
++   to 0 if you don't. */
++#undef HAVE_DECL_BLKID_PROBE_LOOKUP_VALUE__________
++
++/* Define to 1 if you have the declaration of `blkid_probe_set_device', and to
++   0 if you don't. */
++#undef HAVE_DECL_BLKID_PROBE_SET_DEVICE
++
++/* Define to 1 if you have the declaration of `blkid_reset_probe', and to 0 if
++   you don't. */
++#undef HAVE_DECL_BLKID_RESET_PROBE
++
+ /* Define to 1 if you have the declaration of `dm_device_has_holders', and to
+    0 if you don't. */
+ #undef HAVE_DECL_DM_DEVICE_HAS_HOLDERS
+diff -rupN cryptsetup-2.0.3.old/configure cryptsetup-2.0.3.new/configure
+--- cryptsetup-2.0.3.old/configure	2019-08-27 18:30:14.342521239 +0200
++++ cryptsetup-2.0.3.new/configure	2019-08-27 18:30:48.212105267 +0200
+@@ -664,6 +664,10 @@ PWQUALITY_STATIC_LIBS
+ systemd_tmpfilesdir
+ DEVMAPPER_STATIC_LIBS
+ DEVMAPPER_STATIC_CFLAGS
++HAVE_BLKID_FALSE
++HAVE_BLKID_TRUE
++BLKID_LIBS
++BLKID_CFLAGS
+ CRYPTO_INTERNAL_ARGON2_FALSE
+ CRYPTO_INTERNAL_ARGON2_TRUE
+ LIBARGON2_LIBS
+@@ -878,6 +882,7 @@ enable_gcrypt_pbkdf2
+ with_libgcrypt_prefix
+ enable_internal_argon2
+ enable_libargon2
++enable_blkid
+ enable_dev_random
+ enable_python
+ with_python_version
+@@ -935,6 +940,8 @@ NSS_CFLAGS
+ NSS_LIBS
+ LIBARGON2_CFLAGS
+ LIBARGON2_LIBS
++BLKID_CFLAGS
++BLKID_LIBS
+ DEVMAPPER_STATIC_CFLAGS
+ DEVMAPPER_STATIC_LIBS
+ systemd_tmpfilesdir
+@@ -1607,6 +1614,8 @@ Optional Features:
+                           disable internal implementation of Argon2 PBKDF
+   --enable-libargon2      enable external libargon2 (PHC) library (disables
+                           internal bundled version)
++  --disable-blkid         disable use of blkid for device signature detection
++                          and wiping.
+   --enable-dev-random     use blocking /dev/random by default for key
+                           generator (otherwise use /dev/urandom)
+   --enable-python         enable Python bindings
+@@ -1719,6 +1728,9 @@ Some influential environment variables:
+               C compiler flags for LIBARGON2, overriding pkg-config
+   LIBARGON2_LIBS
+               linker flags for LIBARGON2, overriding pkg-config
++  BLKID_CFLAGS
++              C compiler flags for BLKID, overriding pkg-config
++  BLKID_LIBS  linker flags for BLKID, overriding pkg-config
+   DEVMAPPER_STATIC_CFLAGS
+               C compiler flags for DEVMAPPER_STATIC, overriding pkg-config
+   DEVMAPPER_STATIC_LIBS
+@@ -18580,6 +18592,211 @@ else
+ fi
+ 
+ 
++# Check whether --enable-blkid was given.
++if test "${enable_blkid+set}" = set; then :
++  enableval=$enable_blkid;
++else
++  enable_blkid=yes
++fi
++
++
++if test x$enable_blkid = xyes ; then
++
++pkg_failed=no
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BLKID" >&5
++$as_echo_n "checking for BLKID... " >&6; }
++
++if test -n "$BLKID_CFLAGS"; then
++    pkg_cv_BLKID_CFLAGS="$BLKID_CFLAGS"
++ elif test -n "$PKG_CONFIG"; then
++    if test -n "$PKG_CONFIG" && \
++    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"blkid\""; } >&5
++  ($PKG_CONFIG --exists --print-errors "blkid") 2>&5
++  ac_status=$?
++  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++  test $ac_status = 0; }; then
++  pkg_cv_BLKID_CFLAGS=`$PKG_CONFIG --cflags "blkid" 2>/dev/null`
++		      test "x$?" != "x0" && pkg_failed=yes
++else
++  pkg_failed=yes
++fi
++ else
++    pkg_failed=untried
++fi
++if test -n "$BLKID_LIBS"; then
++    pkg_cv_BLKID_LIBS="$BLKID_LIBS"
++ elif test -n "$PKG_CONFIG"; then
++    if test -n "$PKG_CONFIG" && \
++    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"blkid\""; } >&5
++  ($PKG_CONFIG --exists --print-errors "blkid") 2>&5
++  ac_status=$?
++  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
++  test $ac_status = 0; }; then
++  pkg_cv_BLKID_LIBS=`$PKG_CONFIG --libs "blkid" 2>/dev/null`
++		      test "x$?" != "x0" && pkg_failed=yes
++else
++  pkg_failed=yes
++fi
++ else
++    pkg_failed=untried
++fi
++
++
++
++if test $pkg_failed = yes; then
++   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
++$as_echo "no" >&6; }
++
++if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
++        _pkg_short_errors_supported=yes
++else
++        _pkg_short_errors_supported=no
++fi
++        if test $_pkg_short_errors_supported = yes; then
++	        BLKID_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "blkid" 2>&1`
++        else
++	        BLKID_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "blkid" 2>&1`
++        fi
++	# Put the nasty error message in config.log where it belongs
++	echo "$BLKID_PKG_ERRORS" >&5
++
++	LIBBLKID_LIBS="-lblkid"
++elif test $pkg_failed = untried; then
++     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
++$as_echo "no" >&6; }
++	LIBBLKID_LIBS="-lblkid"
++else
++	BLKID_CFLAGS=$pkg_cv_BLKID_CFLAGS
++	BLKID_LIBS=$pkg_cv_BLKID_LIBS
++        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
++$as_echo "yes" >&6; }
++
++$as_echo "#define HAVE_BLKID 1" >>confdefs.h
++
++fi
++
++	for ac_header in blkid/blkid.h
++do :
++  ac_fn_c_check_header_mongrel "$LINENO" "blkid/blkid.h" "ac_cv_header_blkid_blkid_h" "$ac_includes_default"
++if test "x$ac_cv_header_blkid_blkid_h" = xyes; then :
++  cat >>confdefs.h <<_ACEOF
++#define HAVE_BLKID_BLKID_H 1
++_ACEOF
++
++else
++  as_fn_error $? "You need blkid development library installed." "$LINENO" 5
++fi
++
++done
++
++	ac_fn_c_check_decl "$LINENO" "blkid_reset_probe" "ac_cv_have_decl_blkid_reset_probe" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_reset_probe" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_RESET_PROBE $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++ac_fn_c_check_decl "$LINENO" "blkid_probe_set_device" "ac_cv_have_decl_blkid_probe_set_device" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_probe_set_device" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_PROBE_SET_DEVICE $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++ac_fn_c_check_decl "$LINENO" "blkid_probe_filter_superblocks_type" "ac_cv_have_decl_blkid_probe_filter_superblocks_type" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_probe_filter_superblocks_type" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_PROBE_FILTER_SUPERBLOCKS_TYPE $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++ac_fn_c_check_decl "$LINENO" "blkid_do_safeprobe" "ac_cv_have_decl_blkid_do_safeprobe" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_do_safeprobe" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_DO_SAFEPROBE $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++ac_fn_c_check_decl "$LINENO" "blkid_do_probe" "ac_cv_have_decl_blkid_do_probe" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_do_probe" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_DO_PROBE $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++ac_fn_c_check_decl "$LINENO" "blkid_probe_lookup_value
++		       " "ac_cv_have_decl_blkid_probe_lookup_value__________" "#include <blkid/blkid.h>
++"
++if test "x$ac_cv_have_decl_blkid_probe_lookup_value__________" = xyes; then :
++  ac_have_decl=1
++else
++  ac_have_decl=0
++fi
++
++cat >>confdefs.h <<_ACEOF
++#define HAVE_DECL_BLKID_PROBE_LOOKUP_VALUE__________ $ac_have_decl
++_ACEOF
++if test $ac_have_decl = 1; then :
++
++else
++  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
++fi
++
++fi
++ if test x$enable_blkid = xyes; then
++  HAVE_BLKID_TRUE=
++  HAVE_BLKID_FALSE='#'
++else
++  HAVE_BLKID_TRUE='#'
++  HAVE_BLKID_FALSE=
++fi
++
++
+ if test x$enable_static_cryptsetup = xyes; then
+ 	saved_PKG_CONFIG=$PKG_CONFIG
+ 	PKG_CONFIG="$PKG_CONFIG --static"
+@@ -19043,6 +19260,7 @@ $as_echo "$systemd_tmpfilesdir" >&6; }
+ 
+ 
+ 
++
+ # Check whether --enable-dev-random was given.
+ if test "${enable_dev_random+set}" = set; then :
+   enableval=$enable_dev_random; default_rng=/dev/random
+@@ -20146,6 +20364,10 @@ if test -z "${CRYPTO_INTERNAL_ARGON2_TRU
+   as_fn_error $? "conditional \"CRYPTO_INTERNAL_ARGON2\" was never defined.
+ Usually this means the macro was only invoked conditionally." "$LINENO" 5
+ fi
++if test -z "${HAVE_BLKID_TRUE}" && test -z "${HAVE_BLKID_FALSE}"; then
++  as_fn_error $? "conditional \"HAVE_BLKID\" was never defined.
++Usually this means the macro was only invoked conditionally." "$LINENO" 5
++fi
+ if test -z "${PYTHON_CRYPTSETUP_TRUE}" && test -z "${PYTHON_CRYPTSETUP_FALSE}"; then
+   as_fn_error $? "conditional \"PYTHON_CRYPTSETUP\" was never defined.
+ Usually this means the macro was only invoked conditionally." "$LINENO" 5
+diff -rupN cryptsetup-2.0.3.old/Makefile.in cryptsetup-2.0.3.new/Makefile.in
+--- cryptsetup-2.0.3.old/Makefile.in	2019-08-27 18:30:14.223519187 +0200
++++ cryptsetup-2.0.3.new/Makefile.in	2019-08-27 18:34:03.679475168 +0200
+@@ -270,7 +270,8 @@ am_libcryptsetup_la_OBJECTS = lib/libcry
+ 	lib/luks2/libcryptsetup_la-luks2_keyslot.lo \
+ 	lib/luks2/libcryptsetup_la-luks2_keyslot_luks2.lo \
+ 	lib/luks2/libcryptsetup_la-luks2_token_keyring.lo \
+-	lib/luks2/libcryptsetup_la-luks2_token.lo
++	lib/luks2/libcryptsetup_la-luks2_token.lo \
++	lib/libcryptsetup_la-utils_blkid.lo
+ libcryptsetup_la_OBJECTS = $(am_libcryptsetup_la_OBJECTS)
+ libcryptsetup_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ 	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+@@ -308,12 +309,14 @@ am__cryptsetup_SOURCES_DIST = lib/utils_
+ cryptsetup_OBJECTS = $(am_cryptsetup_OBJECTS)
+ @CRYPTSETUP_TRUE@cryptsetup_DEPENDENCIES = libcryptsetup.la
+ am__cryptsetup_reencrypt_SOURCES_DIST = lib/utils_crypt.c \
+-	lib/utils_io.c src/utils_tools.c src/utils_password.c \
+-	src/cryptsetup_reencrypt.c src/cryptsetup.h
++	lib/utils_io.c src/utils_tools.c lib/utils_loop.c \
++	src/utils_password.c src/cryptsetup_reencrypt.c \
++	src/cryptsetup.h
+ @REENCRYPT_TRUE@am_cryptsetup_reencrypt_OBJECTS =  \
+ @REENCRYPT_TRUE@	lib/utils_crypt.$(OBJEXT) \
+ @REENCRYPT_TRUE@	lib/utils_io.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/utils_tools.$(OBJEXT) \
++@REENCRYPT_TRUE@	lib/utils_loop.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/utils_password.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/cryptsetup_reencrypt.$(OBJEXT)
+ cryptsetup_reencrypt_OBJECTS = $(am_cryptsetup_reencrypt_OBJECTS)
+@@ -591,6 +594,8 @@ AUTOCONF = @AUTOCONF@
+ AUTOHEADER = @AUTOHEADER@
+ AUTOMAKE = @AUTOMAKE@
+ AWK = @AWK@
++BLKID_CFLAGS = @BLKID_CFLAGS@
++BLKID_LIBS = @BLKID_LIBS@
+ CC = @CC@
+ CCDEPMODE = @CCDEPMODE@
+ CFLAGS = @CFLAGS@
+@@ -846,6 +851,7 @@ libcryptsetup_la_LIBADD = \
+ 	@CRYPTO_LIBS@		\
+ 	@LIBARGON2_LIBS@	\
+ 	@JSON_C_LIBS@		\
++	@BLKID_LIBS@		\
+ 	libcrypto_backend.la
+ 
+ libcryptsetup_la_SOURCES = \
+@@ -908,7 +914,9 @@ libcryptsetup_la_SOURCES = \
+ 	lib/luks2/luks2_token_keyring.c	\
+ 	lib/luks2/luks2_token.c		\
+ 	lib/luks2/luks2_internal.h	\
+-	lib/luks2/luks2.h
++	lib/luks2/luks2.h		\
++	lib/utils_blkid.c		\
++	lib/utils_blkid.h
+ 
+ 
+ # cryptsetup
+@@ -1351,6 +1359,8 @@ lib/luks2/libcryptsetup_la-luks2_token_k
+ 	lib/luks2/$(am__dirstamp) lib/luks2/$(DEPDIR)/$(am__dirstamp)
+ lib/luks2/libcryptsetup_la-luks2_token.lo: lib/luks2/$(am__dirstamp) \
+ 	lib/luks2/$(DEPDIR)/$(am__dirstamp)
++lib/libcryptsetup_la-utils_blkid.lo: lib/$(am__dirstamp) \
++	lib/$(DEPDIR)/$(am__dirstamp)
+ 
+ libcryptsetup.la: $(libcryptsetup_la_OBJECTS) $(libcryptsetup_la_DEPENDENCIES) $(EXTRA_libcryptsetup_la_DEPENDENCIES) 
+ 	$(AM_V_CCLD)$(libcryptsetup_la_LINK) -rpath $(libdir) $(libcryptsetup_la_OBJECTS) $(libcryptsetup_la_LIBADD) $(LIBS)
+@@ -1507,6 +1517,7 @@ distclean-compile:
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-setup.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_benchmark.Plo@am__quote@
++@AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_crypt.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_device.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_device_locking.Plo@am__quote@
+@@ -1991,6 +2002,13 @@ lib/luks2/libcryptsetup_la-luks2_token.l
+ @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -c -o lib/luks2/libcryptsetup_la-luks2_token.lo `test -f 'lib/luks2/luks2_token.c' || echo '$(srcdir)/'`lib/luks2/luks2_token.c
+ 
++lib/libcryptsetup_la-utils_blkid.lo: lib/utils_blkid.c
++@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -MT lib/libcryptsetup_la-utils_blkid.lo -MD -MP -MF lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Tpo -c -o lib/libcryptsetup_la-utils_blkid.lo `test -f 'lib/utils_blkid.c' || echo '$(srcdir)/'`lib/utils_blkid.c
++@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Tpo lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Plo
++@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='lib/utils_blkid.c' object='lib/libcryptsetup_la-utils_blkid.lo' libtool=yes @AMDEPBACKSLASH@
++@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
++@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -c -o lib/libcryptsetup_la-utils_blkid.lo `test -f 'lib/utils_blkid.c' || echo '$(srcdir)/'`lib/utils_blkid.c
++
+ python/pycryptsetup_la-pycryptsetup.lo: python/pycryptsetup.c
+ @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(pycryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT python/pycryptsetup_la-pycryptsetup.lo -MD -MP -MF python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Tpo -c -o python/pycryptsetup_la-pycryptsetup.lo `test -f 'python/pycryptsetup.c' || echo '$(srcdir)/'`python/pycryptsetup.c
+ @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Tpo python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Plo

SPECS/cryptsetup.spec

@@ -1,16 +1,36 @@
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
 
+%if 0%{?fedora}
+%if 0%{?fedora} >= 29
+Obsoletes: python2-cryptsetup
+Obsoletes: cryptsetup-python3
+%global python2_enable 0
+%global python3_enable 0
+%else
 %global python2_enable 1
 %global python3_enable 1
-%global libargon2_enable 1
+%endif
+%else
+Obsoletes: cryptsetup-python3
+%global python3_enable 0
+%if 0%{?rhel} == 7
+%global python2_enable 1
+# Change to 1 when argon2 lands
+%global libargon2_enable 0
 # Change to 1 when dm-integrity gets backported
 %global integritysetup_enable 0
+%else
+Obsoletes: cryptsetup-python
+Obsoletes: python2-cryptsetup
+%global python2_enable 0
+%endif
+%endif
 
 
 Summary: A utility for setting up encrypted disks
 Name: cryptsetup
 Version: 2.0.3
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: Applications/System
 URL: https://gitlab.com/cryptsetup/cryptsetup
@@ -63,7 +83,7 @@ Patch16: %{name}-2.0.4-allow-explicit-LUKS2-repair.patch
 Patch17: %{name}-2.0.4-update-crypt_repair-API-documentation-for-LUKS2.patch
 Patch18: %{name}-2.0.4-allow-LUKS2-repair-with-disabled-locks.patch
 # the configure patch must be applied last
-Patch19: %{name}-2.0.4-configure.patch
+Patch19: %{name}-configure.patch
 Patch20: %{name}-2.0.4-update-cryptsetup-man-page-for-type-option-usage.patch
 Patch21: %{name}-2.0.4-rephrase-error-message-for-invalid-type-param-in-con.patch
 Patch22: %{name}-2.0.4-fix-LUKS2-api-test.patch
@@ -78,6 +98,7 @@ Patch30: %{name}-2.0.6-reshuffle-config-and-keyslots-areas-validation-code.patch
 Patch31: %{name}-2.0.6-fix-keyslot-areas-validation.patch
 # keep validation tests up to date
 Patch32: %{name}-2.1.0-sync-LUKS2-validation-tests.patch
+Patch33: %{name}-2.2.1-reinstate-missing-backing-file-hint-for-loop-device.patch
 
 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
 %define configure_cipher --enable-gcrypt-pbkdf2
@@ -199,6 +220,7 @@ for setting up disk encryption using dm-crypt kernel module.
 %patch30 -p1
 %patch31 -p1
 %patch32 -p1
+%patch33 -p1
 # the configure patch (always last)
 %patch19 -p1
 chmod -x python/pycryptsetup-test.py
@@ -207,6 +229,11 @@ chmod +x tests/generators/generate-*.sh
 %setup -T -a 2 -D -n cryptsetup-%{upstream_version}/tests
 %setup -T -a 3 -D -n cryptsetup-%{upstream_version}/tests
 
+%if %{python3_enable}
+# copy the whole directory for the python3 build
+cp -a . %{py3dir}
+%endif
+
 %setup -T -a 1 -D -n cryptsetup-%{upstream_version}
 pushd cryptsetup-1.7.4
 %patch0 -p1
@@ -215,11 +242,6 @@ pushd cryptsetup-1.7.4
 %patch3 -p1
 %patch4 -p1
 
-%if %{python3_enable}
-# copy the whole directory for the python3 build
-cp -a . %{py3dir}
-%endif
-
 %build
 %configure --enable-fips --enable-pwquality --with-default-luks-format=LUKS1 %{?configure_cipher} %{?configure_libargon2} %{?configure_integritysetup}
 pushd cryptsetup-1.7.4
@@ -329,6 +351,11 @@ install -m755 misc/dracut_90reencrypt/reencrypt-verbose.sh %{buildroot}/%{dracut
 %clean
 
 %changelog
+* Tue Aug 27 2019 Ondrej Kozina <okozina@redhat.com> - 2.0.3-6
+- patch: Reinstate missing backing file hint for loop device
+  during unlock.
+- Resolves: #1726287
+
 * Wed Apr 03 2019 Ondrej Kozina <okozina@redhat.com> - 2.0.3-5
 - patch: calculate alignment offset correctly for LUKS2 devices.
 - patch: fix memory leak in LUKS2 validation.