cryptsetup package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
2020-08-01 12:14:57 +02:00 · 2020-08-01 12:14:57 +02:00 · 8c69ce57d2
parent c0dc172dff
commit 8c69ce57d2
3 changed files with 601 additions and 8 deletions
--- a/SOURCES/cryptsetup-2.2.1-reinstate-missing-backing-file-hint-for-loop-device.patch
+++ b/SOURCES/cryptsetup-2.2.1-reinstate-missing-backing-file-hint-for-loop-device.patch
@ -0,0 +1,149 @@
+diff -rupN cryptsetup-2.0.3.old/src/Makemodule.am cryptsetup-2.0.3.new/src/Makemodule.am
+--- cryptsetup-2.0.3.old/src/Makemodule.am	2019-08-27 17:37:25.043999695 +0200
+++ cryptsetup-2.0.3.new/src/Makemodule.am	2019-08-27 17:39:40.303336254 +0200
+@@ -6,6 +6,7 @@ cryptsetup_SOURCES =		\
+ 	lib/utils_loop.c	\
+ 	lib/utils_io.c		\
+ 	src/utils_tools.c	\
+	lib/utils_loop.c	\
+ 	src/utils_password.c	\
+ 	src/cryptsetup.c	\
+ 	src/cryptsetup.h
+diff -rupN cryptsetup-2.0.3.old/src/utils_password.c cryptsetup-2.0.3.new/src/utils_password.c
+--- cryptsetup-2.0.3.old/src/utils_password.c	2019-08-27 17:37:25.043999695 +0200
+++ cryptsetup-2.0.3.new/src/utils_password.c	2019-08-27 17:38:35.354214280 +0200
+@@ -256,7 +256,7 @@ int tools_get_key(const char *prompt,
+ 		  int timeout, int verify, int pwquality,
+ 		  struct crypt_device *cd)
+ {
+-	char tmp[1024];
+	char tmp[1024], *backing_file;
+ 	int r = -EINVAL, block;
+ 
+ 	block = tools_signals_blocked();
+@@ -270,9 +270,11 @@ int tools_get_key(const char *prompt,
+ 			} else {
+ 				if (!prompt && !crypt_get_device_name(cd))
+ 					snprintf(tmp, sizeof(tmp), _("Enter passphrase: "));
+-				else if (!prompt)
+-					snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "),
+-						crypt_get_device_name(cd));
+				else if (!prompt) {
+					backing_file = crypt_loop_backing_file(crypt_get_device_name(cd));
+					snprintf(tmp, sizeof(tmp), _("Enter passphrase for %s: "), backing_file ?: crypt_get_device_name(cd));
+					free(backing_file);
+				}
+ 				r = crypt_get_key_tty(prompt ?: tmp, key, key_size, timeout, verify, cd);
+ 			}
+ 		} else {
+diff -rupN cryptsetup-2.0.3.old/tests/compat-test cryptsetup-2.0.3.new/tests/compat-test
+--- cryptsetup-2.0.3.old/tests/compat-test	2019-08-27 17:37:24.942997950 +0200
+++ cryptsetup-2.0.3.new/tests/compat-test	2019-08-27 17:41:15.868988979 +0200
+@@ -735,15 +735,20 @@ fi
+ which expect >/dev/null 2>&1 || skip "WARNING: expect tool missing, interactive test will be skipped." 0
+ 
+ prepare "[32] Interactive password retry from terminal." new
+if [ "$(pwd)" = "/" ]; then
+	EXPECT_DEV=/$IMG
+else
+	EXPECT_DEV=$(pwd)/$IMG
+fi
+ expect - >/dev/null <<EOF
+ proc abort {} { send_error "Timeout. "; exit 2 }
+ set timeout 10
+ eval spawn $CRYPTSETUP luksOpen -v -T 2 $LOOPDEV $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Key slot 0 unlocked."
+@@ -760,11 +765,11 @@ expect - >/dev/null <<EOF
+ proc abort {} { send_error "Timeout. "; exit 2 }
+ set timeout 10
+ eval spawn $CRYPTSETUP luksOpen -v -T 2 $LOOPDEV $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 y\n"
+ expect timeout abort "No key available with this passphrase."
+@@ -799,7 +804,7 @@ set timeout 10
+ eval spawn $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF_OPT -v $LOOPDEV
+ expect timeout abort "Are you sure? (Type uppercase yes):"
+ send "YES\n"
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Verify passphrase:"
+@@ -808,7 +813,7 @@ send "$PWD0\n"
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Command successful."
+@@ -829,7 +834,7 @@ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksFormat --type luks1 $FAST_PBKDF_OPT -v $LOOPDEV
+ expect timeout abort "Are you sure? (Type uppercase yes):"
+ send "YES\n"
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Verify passphrase:"
+@@ -838,7 +843,7 @@ send "$PWD0 x\n"
+ expect timeout abort "Passphrases do not match."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV -T 1 --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "No key available with this passphrase."
+@@ -890,7 +895,7 @@ send "$PWD1\n"
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksOpen -v $LOOPDEV --test-passphrase
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD1\n"
+ expect timeout abort "Command successful."
+@@ -908,21 +913,21 @@ eval spawn $CRYPTSETUP luksSuspend -v $D
+ expect timeout abort "Command successful."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksResume -v -T 3  $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 x\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD1\n"
+ expect timeout abort "No key available with this passphrase."
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0 y\n"
+ expect timeout abort "No key available with this passphrase."
+ expect timeout abort eof
+ eval spawn $CRYPTSETUP luksResume -v $DEV_NAME
+-expect timeout abort "Enter passphrase for $LOOPDEV:"
+expect timeout abort "Enter passphrase for $EXPECT_DEV:"
+ sleep 0.1
+ send "$PWD0\n"
+ expect timeout abort "Command successful."
--- a/SOURCES/cryptsetup-configure.patch
+++ b/SOURCES/cryptsetup-configure.patch
@ -0,0 +1,417 @@
+diff -rupN cryptsetup-2.0.3.old/config.h.in cryptsetup-2.0.3.new/config.h.in
+--- cryptsetup-2.0.3.old/config.h.in	2019-08-27 18:30:14.342521239 +0200
+++ cryptsetup-2.0.3.new/config.h.in	2019-08-27 18:30:48.212105267 +0200
+@@ -106,6 +106,12 @@
+ /* Define to 1 if you have the <argon2.h> header file. */
+ #undef HAVE_ARGON2_H
+ 
+/* Define to 1 to use blkid for detection of disk signatures. */
+#undef HAVE_BLKID
+
+/* Define to 1 if you have the <blkid/blkid.h> header file. */
+#undef HAVE_BLKID_BLKID_H
+
+ /* Define to 1 if you have the <byteswap.h> header file. */
+ #undef HAVE_BYTESWAP_H
+ 
+@@ -127,6 +133,30 @@
+    */
+ #undef HAVE_DCGETTEXT
+ 
+/* Define to 1 if you have the declaration of `blkid_do_probe', and to 0 if
+   you don't. */
+#undef HAVE_DECL_BLKID_DO_PROBE
+
+/* Define to 1 if you have the declaration of `blkid_do_safeprobe', and to 0
+   if you don't. */
+#undef HAVE_DECL_BLKID_DO_SAFEPROBE
+
+/* Define to 1 if you have the declaration of
+   `blkid_probe_filter_superblocks_type', and to 0 if you don't. */
+#undef HAVE_DECL_BLKID_PROBE_FILTER_SUPERBLOCKS_TYPE
+
+/* Define to 1 if you have the declaration of `blkid_probe_lookup_value ', and
+   to 0 if you don't. */
+#undef HAVE_DECL_BLKID_PROBE_LOOKUP_VALUE__________
+
+/* Define to 1 if you have the declaration of `blkid_probe_set_device', and to
+   0 if you don't. */
+#undef HAVE_DECL_BLKID_PROBE_SET_DEVICE
+
+/* Define to 1 if you have the declaration of `blkid_reset_probe', and to 0 if
+   you don't. */
+#undef HAVE_DECL_BLKID_RESET_PROBE
+
+ /* Define to 1 if you have the declaration of `dm_device_has_holders', and to
+    0 if you don't. */
+ #undef HAVE_DECL_DM_DEVICE_HAS_HOLDERS
+diff -rupN cryptsetup-2.0.3.old/configure cryptsetup-2.0.3.new/configure
+--- cryptsetup-2.0.3.old/configure	2019-08-27 18:30:14.342521239 +0200
+++ cryptsetup-2.0.3.new/configure	2019-08-27 18:30:48.212105267 +0200
+@@ -664,6 +664,10 @@ PWQUALITY_STATIC_LIBS
+ systemd_tmpfilesdir
+ DEVMAPPER_STATIC_LIBS
+ DEVMAPPER_STATIC_CFLAGS
+HAVE_BLKID_FALSE
+HAVE_BLKID_TRUE
+BLKID_LIBS
+BLKID_CFLAGS
+ CRYPTO_INTERNAL_ARGON2_FALSE
+ CRYPTO_INTERNAL_ARGON2_TRUE
+ LIBARGON2_LIBS
+@@ -878,6 +882,7 @@ enable_gcrypt_pbkdf2
+ with_libgcrypt_prefix
+ enable_internal_argon2
+ enable_libargon2
+enable_blkid
+ enable_dev_random
+ enable_python
+ with_python_version
+@@ -935,6 +940,8 @@ NSS_CFLAGS
+ NSS_LIBS
+ LIBARGON2_CFLAGS
+ LIBARGON2_LIBS
+BLKID_CFLAGS
+BLKID_LIBS
+ DEVMAPPER_STATIC_CFLAGS
+ DEVMAPPER_STATIC_LIBS
+ systemd_tmpfilesdir
+@@ -1607,6 +1614,8 @@ Optional Features:
+                           disable internal implementation of Argon2 PBKDF
+   --enable-libargon2      enable external libargon2 (PHC) library (disables
+                           internal bundled version)
+  --disable-blkid         disable use of blkid for device signature detection
+                          and wiping.
+   --enable-dev-random     use blocking /dev/random by default for key
+                           generator (otherwise use /dev/urandom)
+   --enable-python         enable Python bindings
+@@ -1719,6 +1728,9 @@ Some influential environment variables:
+               C compiler flags for LIBARGON2, overriding pkg-config
+   LIBARGON2_LIBS
+               linker flags for LIBARGON2, overriding pkg-config
+  BLKID_CFLAGS
+              C compiler flags for BLKID, overriding pkg-config
+  BLKID_LIBS  linker flags for BLKID, overriding pkg-config
+   DEVMAPPER_STATIC_CFLAGS
+               C compiler flags for DEVMAPPER_STATIC, overriding pkg-config
+   DEVMAPPER_STATIC_LIBS
+@@ -18580,6 +18592,211 @@ else
+ fi
+ 
+ 
+# Check whether --enable-blkid was given.
+if test "${enable_blkid+set}" = set; then :
+  enableval=$enable_blkid;
+else
+  enable_blkid=yes
+fi
+
+
+if test x$enable_blkid = xyes ; then
+
+pkg_failed=no
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BLKID" >&5
+$as_echo_n "checking for BLKID... " >&6; }
+
+if test -n "$BLKID_CFLAGS"; then
+    pkg_cv_BLKID_CFLAGS="$BLKID_CFLAGS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"blkid\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "blkid") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_BLKID_CFLAGS=`$PKG_CONFIG --cflags "blkid" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+if test -n "$BLKID_LIBS"; then
+    pkg_cv_BLKID_LIBS="$BLKID_LIBS"
+ elif test -n "$PKG_CONFIG"; then
+    if test -n "$PKG_CONFIG" && \
+    { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"blkid\""; } >&5
+  ($PKG_CONFIG --exists --print-errors "blkid") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then
+  pkg_cv_BLKID_LIBS=`$PKG_CONFIG --libs "blkid" 2>/dev/null`
+		      test "x$?" != "x0" && pkg_failed=yes
+else
+  pkg_failed=yes
+fi
+ else
+    pkg_failed=untried
+fi
+
+
+
+if test $pkg_failed = yes; then
+   	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
+        _pkg_short_errors_supported=yes
+else
+        _pkg_short_errors_supported=no
+fi
+        if test $_pkg_short_errors_supported = yes; then
+	        BLKID_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "blkid" 2>&1`
+        else
+	        BLKID_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "blkid" 2>&1`
+        fi
+	# Put the nasty error message in config.log where it belongs
+	echo "$BLKID_PKG_ERRORS" >&5
+
+	LIBBLKID_LIBS="-lblkid"
+elif test $pkg_failed = untried; then
+     	{ $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	LIBBLKID_LIBS="-lblkid"
+else
+	BLKID_CFLAGS=$pkg_cv_BLKID_CFLAGS
+	BLKID_LIBS=$pkg_cv_BLKID_LIBS
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+$as_echo "#define HAVE_BLKID 1" >>confdefs.h
+
+fi
+
+	for ac_header in blkid/blkid.h
+do :
+  ac_fn_c_check_header_mongrel "$LINENO" "blkid/blkid.h" "ac_cv_header_blkid_blkid_h" "$ac_includes_default"
+if test "x$ac_cv_header_blkid_blkid_h" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_BLKID_BLKID_H 1
+_ACEOF
+
+else
+  as_fn_error $? "You need blkid development library installed." "$LINENO" 5
+fi
+
+done
+
+	ac_fn_c_check_decl "$LINENO" "blkid_reset_probe" "ac_cv_have_decl_blkid_reset_probe" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_reset_probe" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_RESET_PROBE $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+ac_fn_c_check_decl "$LINENO" "blkid_probe_set_device" "ac_cv_have_decl_blkid_probe_set_device" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_probe_set_device" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_PROBE_SET_DEVICE $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+ac_fn_c_check_decl "$LINENO" "blkid_probe_filter_superblocks_type" "ac_cv_have_decl_blkid_probe_filter_superblocks_type" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_probe_filter_superblocks_type" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_PROBE_FILTER_SUPERBLOCKS_TYPE $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+ac_fn_c_check_decl "$LINENO" "blkid_do_safeprobe" "ac_cv_have_decl_blkid_do_safeprobe" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_do_safeprobe" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_DO_SAFEPROBE $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+ac_fn_c_check_decl "$LINENO" "blkid_do_probe" "ac_cv_have_decl_blkid_do_probe" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_do_probe" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_DO_PROBE $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+ac_fn_c_check_decl "$LINENO" "blkid_probe_lookup_value
+		       " "ac_cv_have_decl_blkid_probe_lookup_value__________" "#include <blkid/blkid.h>
+"
+if test "x$ac_cv_have_decl_blkid_probe_lookup_value__________" = xyes; then :
+  ac_have_decl=1
+else
+  ac_have_decl=0
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_DECL_BLKID_PROBE_LOOKUP_VALUE__________ $ac_have_decl
+_ACEOF
+if test $ac_have_decl = 1; then :
+
+else
+  as_fn_error $? "Can not compile with blkid support, disable it by --disable-blkid." "$LINENO" 5
+fi
+
+fi
+ if test x$enable_blkid = xyes; then
+  HAVE_BLKID_TRUE=
+  HAVE_BLKID_FALSE='#'
+else
+  HAVE_BLKID_TRUE='#'
+  HAVE_BLKID_FALSE=
+fi
+
+
+ if test x$enable_static_cryptsetup = xyes; then
+ 	saved_PKG_CONFIG=$PKG_CONFIG
+ 	PKG_CONFIG="$PKG_CONFIG --static"
+@@ -19043,6 +19260,7 @@ $as_echo "$systemd_tmpfilesdir" >&6; }
+ 
+ 
+ 
+
+ # Check whether --enable-dev-random was given.
+ if test "${enable_dev_random+set}" = set; then :
+   enableval=$enable_dev_random; default_rng=/dev/random
+@@ -20146,6 +20364,10 @@ if test -z "${CRYPTO_INTERNAL_ARGON2_TRU
+   as_fn_error $? "conditional \"CRYPTO_INTERNAL_ARGON2\" was never defined.
+ Usually this means the macro was only invoked conditionally." "$LINENO" 5
+ fi
+if test -z "${HAVE_BLKID_TRUE}" && test -z "${HAVE_BLKID_FALSE}"; then
+  as_fn_error $? "conditional \"HAVE_BLKID\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
+ if test -z "${PYTHON_CRYPTSETUP_TRUE}" && test -z "${PYTHON_CRYPTSETUP_FALSE}"; then
+   as_fn_error $? "conditional \"PYTHON_CRYPTSETUP\" was never defined.
+ Usually this means the macro was only invoked conditionally." "$LINENO" 5
+diff -rupN cryptsetup-2.0.3.old/Makefile.in cryptsetup-2.0.3.new/Makefile.in
+--- cryptsetup-2.0.3.old/Makefile.in	2019-08-27 18:30:14.223519187 +0200
+++ cryptsetup-2.0.3.new/Makefile.in	2019-08-27 18:34:03.679475168 +0200
+@@ -270,7 +270,8 @@ am_libcryptsetup_la_OBJECTS = lib/libcry
+ 	lib/luks2/libcryptsetup_la-luks2_keyslot.lo \
+ 	lib/luks2/libcryptsetup_la-luks2_keyslot_luks2.lo \
+ 	lib/luks2/libcryptsetup_la-luks2_token_keyring.lo \
+-	lib/luks2/libcryptsetup_la-luks2_token.lo
+	lib/luks2/libcryptsetup_la-luks2_token.lo \
+	lib/libcryptsetup_la-utils_blkid.lo
+ libcryptsetup_la_OBJECTS = $(am_libcryptsetup_la_OBJECTS)
+ libcryptsetup_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \
+ 	$(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \
+@@ -308,12 +309,14 @@ am__cryptsetup_SOURCES_DIST = lib/utils_
+ cryptsetup_OBJECTS = $(am_cryptsetup_OBJECTS)
+ @CRYPTSETUP_TRUE@cryptsetup_DEPENDENCIES = libcryptsetup.la
+ am__cryptsetup_reencrypt_SOURCES_DIST = lib/utils_crypt.c \
+-	lib/utils_io.c src/utils_tools.c src/utils_password.c \
+-	src/cryptsetup_reencrypt.c src/cryptsetup.h
+	lib/utils_io.c src/utils_tools.c lib/utils_loop.c \
+	src/utils_password.c src/cryptsetup_reencrypt.c \
+	src/cryptsetup.h
+ @REENCRYPT_TRUE@am_cryptsetup_reencrypt_OBJECTS =  \
+ @REENCRYPT_TRUE@	lib/utils_crypt.$(OBJEXT) \
+ @REENCRYPT_TRUE@	lib/utils_io.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/utils_tools.$(OBJEXT) \
+@REENCRYPT_TRUE@	lib/utils_loop.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/utils_password.$(OBJEXT) \
+ @REENCRYPT_TRUE@	src/cryptsetup_reencrypt.$(OBJEXT)
+ cryptsetup_reencrypt_OBJECTS = $(am_cryptsetup_reencrypt_OBJECTS)
+@@ -591,6 +594,8 @@ AUTOCONF = @AUTOCONF@
+ AUTOHEADER = @AUTOHEADER@
+ AUTOMAKE = @AUTOMAKE@
+ AWK = @AWK@
+BLKID_CFLAGS = @BLKID_CFLAGS@
+BLKID_LIBS = @BLKID_LIBS@
+ CC = @CC@
+ CCDEPMODE = @CCDEPMODE@
+ CFLAGS = @CFLAGS@
+@@ -846,6 +851,7 @@ libcryptsetup_la_LIBADD = \
+ 	@CRYPTO_LIBS@		\
+ 	@LIBARGON2_LIBS@	\
+ 	@JSON_C_LIBS@		\
+	@BLKID_LIBS@		\
+ 	libcrypto_backend.la
+ 
+ libcryptsetup_la_SOURCES = \
+@@ -908,7 +914,9 @@ libcryptsetup_la_SOURCES = \
+ 	lib/luks2/luks2_token_keyring.c	\
+ 	lib/luks2/luks2_token.c		\
+ 	lib/luks2/luks2_internal.h	\
+-	lib/luks2/luks2.h
+	lib/luks2/luks2.h		\
+	lib/utils_blkid.c		\
+	lib/utils_blkid.h
+ 
+ 
+ # cryptsetup
+@@ -1351,6 +1359,8 @@ lib/luks2/libcryptsetup_la-luks2_token_k
+ 	lib/luks2/$(am__dirstamp) lib/luks2/$(DEPDIR)/$(am__dirstamp)
+ lib/luks2/libcryptsetup_la-luks2_token.lo: lib/luks2/$(am__dirstamp) \
+ 	lib/luks2/$(DEPDIR)/$(am__dirstamp)
+lib/libcryptsetup_la-utils_blkid.lo: lib/$(am__dirstamp) \
+	lib/$(DEPDIR)/$(am__dirstamp)
+ 
+ libcryptsetup.la: $(libcryptsetup_la_OBJECTS) $(libcryptsetup_la_DEPENDENCIES) $(EXTRA_libcryptsetup_la_DEPENDENCIES) 
+ 	$(AM_V_CCLD)$(libcryptsetup_la_LINK) -rpath $(libdir) $(libcryptsetup_la_OBJECTS) $(libcryptsetup_la_LIBADD) $(LIBS)
+@@ -1507,6 +1517,7 @@ distclean-compile:
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-setup.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_benchmark.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_crypt.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_device.Plo@am__quote@
+ @AMDEP_TRUE@@am__include@ @am__quote@lib/$(DEPDIR)/libcryptsetup_la-utils_device_locking.Plo@am__quote@
+@@ -1991,6 +2002,13 @@ lib/luks2/libcryptsetup_la-luks2_token.l
+ @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+ @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -c -o lib/luks2/libcryptsetup_la-luks2_token.lo `test -f 'lib/luks2/luks2_token.c' || echo '$(srcdir)/'`lib/luks2/luks2_token.c
+ 
+lib/libcryptsetup_la-utils_blkid.lo: lib/utils_blkid.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -MT lib/libcryptsetup_la-utils_blkid.lo -MD -MP -MF lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Tpo -c -o lib/libcryptsetup_la-utils_blkid.lo `test -f 'lib/utils_blkid.c' || echo '$(srcdir)/'`lib/utils_blkid.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Tpo lib/$(DEPDIR)/libcryptsetup_la-utils_blkid.Plo
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='lib/utils_blkid.c' object='lib/libcryptsetup_la-utils_blkid.lo' libtool=yes @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libcryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(libcryptsetup_la_CFLAGS) $(CFLAGS) -c -o lib/libcryptsetup_la-utils_blkid.lo `test -f 'lib/utils_blkid.c' || echo '$(srcdir)/'`lib/utils_blkid.c
+
+ python/pycryptsetup_la-pycryptsetup.lo: python/pycryptsetup.c
+ @am__fastdepCC_TRUE@	$(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(pycryptsetup_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT python/pycryptsetup_la-pycryptsetup.lo -MD -MP -MF python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Tpo -c -o python/pycryptsetup_la-pycryptsetup.lo `test -f 'python/pycryptsetup.c' || echo '$(srcdir)/'`python/pycryptsetup.c
+ @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Tpo python/$(DEPDIR)/pycryptsetup_la-pycryptsetup.Plo
--- a/SPECS/cryptsetup.spec
+++ b/SPECS/cryptsetup.spec
@ -1,16 +1,36 @@
 %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}

+%if 0%{?fedora}
+%if 0%{?fedora} >= 29
+Obsoletes: python2-cryptsetup
+Obsoletes: cryptsetup-python3
+%global python2_enable 0
+%global python3_enable 0
+%else
 %global python2_enable 1
 %global python3_enable 1
-%global libargon2_enable 1
+%endif
+%else
+Obsoletes: cryptsetup-python3
+%global python3_enable 0
+%if 0%{?rhel} == 7
+%global python2_enable 1
+# Change to 1 when argon2 lands
+%global libargon2_enable 0
 # Change to 1 when dm-integrity gets backported
 %global integritysetup_enable 0
+%else
+Obsoletes: cryptsetup-python
+Obsoletes: python2-cryptsetup
+%global python2_enable 0
+%endif
+%endif


 Summary: A utility for setting up encrypted disks
 Name: cryptsetup
 Version: 2.0.3
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: GPLv2+ and LGPLv2+
 Group: Applications/System
 URL: https://gitlab.com/cryptsetup/cryptsetup
@ -63,7 +83,7 @@ Patch16: %{name}-2.0.4-allow-explicit-LUKS2-repair.patch
 Patch17: %{name}-2.0.4-update-crypt_repair-API-documentation-for-LUKS2.patch
 Patch18: %{name}-2.0.4-allow-LUKS2-repair-with-disabled-locks.patch
 # the configure patch must be applied last
-Patch19: %{name}-2.0.4-configure.patch
+Patch19: %{name}-configure.patch
 Patch20: %{name}-2.0.4-update-cryptsetup-man-page-for-type-option-usage.patch
 Patch21: %{name}-2.0.4-rephrase-error-message-for-invalid-type-param-in-con.patch
 Patch22: %{name}-2.0.4-fix-LUKS2-api-test.patch
@ -78,6 +98,7 @@ Patch30: %{name}-2.0.6-reshuffle-config-and-keyslots-areas-validation-code.patch
 Patch31: %{name}-2.0.6-fix-keyslot-areas-validation.patch
 # keep validation tests up to date
 Patch32: %{name}-2.1.0-sync-LUKS2-validation-tests.patch
+Patch33: %{name}-2.2.1-reinstate-missing-backing-file-hint-for-loop-device.patch

 %if 0%{?fedora} >= 19 || 0%{?rhel} >= 7
 %define configure_cipher --enable-gcrypt-pbkdf2
@ -199,6 +220,7 @@ for setting up disk encryption using dm-crypt kernel module.
 %patch30 -p1
 %patch31 -p1
 %patch32 -p1
+%patch33 -p1
 # the configure patch (always last)
 %patch19 -p1
 chmod -x python/pycryptsetup-test.py
@ -207,6 +229,11 @@ chmod +x tests/generators/generate-*.sh
 %setup -T -a 2 -D -n cryptsetup-%{upstream_version}/tests
 %setup -T -a 3 -D -n cryptsetup-%{upstream_version}/tests

+%if %{python3_enable}
+# copy the whole directory for the python3 build
+cp -a . %{py3dir}
+%endif
+
 %setup -T -a 1 -D -n cryptsetup-%{upstream_version}
 pushd cryptsetup-1.7.4
 %patch0 -p1
@ -215,11 +242,6 @@ pushd cryptsetup-1.7.4
 %patch3 -p1
 %patch4 -p1

-%if %{python3_enable}
-# copy the whole directory for the python3 build
-cp -a . %{py3dir}
-%endif
-
 %build
 %configure --enable-fips --enable-pwquality --with-default-luks-format=LUKS1 %{?configure_cipher} %{?configure_libargon2} %{?configure_integritysetup}
 pushd cryptsetup-1.7.4
@ -329,6 +351,11 @@ install -m755 misc/dracut_90reencrypt/reencrypt-verbose.sh %{buildroot}/%{dracut
 %clean

 %changelog
+* Tue Aug 27 2019 Ondrej Kozina <okozina@redhat.com> - 2.0.3-6
+- patch: Reinstate missing backing file hint for loop device
+  during unlock.
+- Resolves: #1726287
+
 * Wed Apr 03 2019 Ondrej Kozina <okozina@redhat.com> - 2.0.3-5
 - patch: calculate alignment offset correctly for LUKS2 devices.
 - patch: fix memory leak in LUKS2 validation.