ecryptfs team mailing list archive

[Dustin Kirkland <dustin.kirkland@xxxxxxxxx>]

Updated debdiff.  Thoroughly tested:

 * ecryptfs-add-passphrase:
 - tested with no and bad parameters, still shows usage statement
  - regression tested with command line parameters, and using stdin
  - verified that passphrase makes it into the keyring
   . check with "keyctl show"
   . clear with "keyctl clear @u")
 - tested adding arbitrary trailing new line characters and no newline character
   . verifying fgets() is working as expected

 * ecryptfs-wrap-passphrase:
  - tested with no and bad parameters, still shows usage statement
  - regression tested with command line parameters, and using stdin
  - verify that the passphrase get's encrypted
   . cat encrypted file
  - verify that the passphrase can be decrypted with the encryption passphrase
   . ecryptfs-unwrap-passphrase

 * ecryptfs-setup-private
 - tested with good and bad passphrases
 - tested on the command line, and interactively
 - unwrapped the passphrases written by ecryptfs-setup-private
 - mounted/unmounted
 - logged out, mounted/unmounted
 - rebooted, mounted/unmounted


:-Dustin

** Attachment added: "ecryptfs-utils.debdiff"
   http://launchpadlibrarian.net/18823458/ecryptfs-utils.debdiff

-- 
ecryptfs-setup-private should validate that the login password is correct
https://bugs.launchpad.net/bugs/287906
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” source package in Ubuntu: In Progress

Bug description:
Binary package hint: ecryptfs-utils

ecryptfs-setup-private should validate that the login password is correct.

Bug #259631 sort of exposed this bug.  Somewhere buried in there, we have a user who enters the wrong login password.  If they enter the same wrong password twice, ecryptfs-setup-private proceeds to use it.

This can be fixed with unix_chkpwd.

:-Dustin