ChangeLog for cryptmount

04Aug07 - *** cryptmount-2.1 released

04Aug07	- split /etc/init.d script into separate early & normal phases
	added basic cryptmount-setup manual page

20Jul07	- updated rpm build-file
	patched ownership-setting bugs in auto-setup script

19Jul07	- updated debian build-files

17Jul07	- *** cryptmount-2.1beta1 released

15Jul07	- added notices about migration plans for avoiding OpenSSL library
	added 'reuse-key' option

14Jul07	- add OpenSSL-compatible key reading/writing via libgcrypt
	extended tests for cipher/digest name-mapping in armour-gcry.c
	added unit-test for extraction of OpenSSL keys via libgcrypt
	extended automatic cipher/digest name-mapping in armour-gcry.c

13Jul07	- reorganized libgcrypt key/iv-init to allow OpenSSL-compatible algo

12Jul07	- adjusted add_keymgr() to allow adding pre-built lists of key-managers

30May07	- extended commentary messaging in auto-setup script

28May07	- added beginning of auto-setup script

06May07	- added basic '--safetynet' option

04May07	- added precautionary modprobe for dm-mod to /etc/init.d startup script

29Apr07	- patched BLKGETSIZE test to cope better with block-size != 512bytes
	added comments in documentation about bad keysizes
	added explicit casting on converting uint32 to uchar
	updated to autoconf-1.9.6 & gettext-0.16.1

18Apr07 - added more return-code checks in password-changing

10Apr07 - *** cryptmount-2.0 released

02Apr07	- updated French manual pages

29Mar07	- added extra checks for fwrite()-success on key-generation

27Mar07	- widened use of size_t, to improve 64bit-cleanliness

24Mar07	- added 'splint' target to Makefile
	patched various type imperfections identified by 'splint'

19Mar07	- added basic security check on key-manager module directory

18Mar07	- extended README discussion of configuration at boot

15Mar07	- patched unsigned/size_t conflict in km_aug_key()

12Mar07 - *** cryptmount-2.0beta1 released

10Mar07	- reduced dependency of mudslinger testing-script on OpenSSL support
	adjusted configure.ac to use OpenSSL & libgcrypt by default if available

07Mar07	- made random-key generation less excessively greedy for entropy

06Mar07	- neatened internal special cases for unencrypted (raw) keys

04Mar07	- re-prioritized keymanagers to make builtin-type default for new keys
	added '--key-managers' option for listing available crypto engines

03Mar07	- increased security of memory management in armour-gcry key-extraction

01Mar07	- extracted armour-grcy key augmentation/checksum routines into utils.c

27Feb07	- added beginnings of built-in sha1/blowfish key-manager mechanisms
	added unit-test for internal Blowfish algorithm

25Feb07	- added unit-test for internal SHA1 algorithm
	added implementation of Blowfish algorithm (from http://www.schneier.com/code/bfsh-sch.zip (declared as "public domain"))

24Feb07	- extracted various armour/tables functions into new utils.{h,c}
	added basic implementation of SHA1 message-digest
	replaced crude raw-keymanager hashing algorithm with SHA1

23Feb07	- added basic support for dynamically loadable keymanager modules

19Feb07	- extracted OpenSSL & libgcrypt routines into separate armour-*.c files
	adjusted key-manager list-mechanisms to prepare for loadable modules

17Feb07	- added support for 'early' setup of cryptmount devices on system boot

13Feb07	- improved cleanup on test-failure in testing script

11Feb07	- improved configure.ac tests for libdevmapper components

10Feb07	- added randomized time-delay to config-file locking mechanisms

28Jan07	- added outline description of boot-time mounting/swap-on to README

26Jan07	- added new getblkcount() method for 32/64 bit filesystem block-count
	added unit-test for relationship between BLKGETSIZE64 & BLKGETSIZE

25Jan07	- changed block-start/length & iv-offset to int64 type to support v.large filesystems

05Nov06	- automated translation of install-paths in debian setup

15Oct06 - *** cryptmount-1.2 released

15Oct06	- added debian/* entries to default distribution

10Oct06	- augmented initscript to automatically include pathname of executable

05Oct06	- adjusted is_mounted() to use device-IDs rather than pathnames

01Oct06	- enhanced checking for missing command-line parameters

30Sep06	- added support for reading config-info from command-line via stream
	added separate unit-test for locks on privileged operations

02Sep06	- added support for 'pri=' flag in fsoptions for crypto-swap
	patched is_mounted() to mitigate pathname canonicalization in /etc/mtab
	added tests for pathname oddities in testing script

29Aug06	- incorporated Erich Schubert's patch for posix-compliant init script

14Aug06 - *** cryptmount-1.1 released

06Aug06	- added /etc/init.d script for setting up swap/filesystems at boot-up

30Jul06	- added '--enable-swap' option to configure.ac for crypto-swap

17Jul06 - *** cryptmount-1.1_beta released

16Jul06	- added support for encrypted swap partitions via '--swapon' option

08Jul06	- incorporated Baruch Even's '\-' patches into man-pages

30Jun06	- added unit-test for keyfile r/w across all key formats

24Jun06	- added support for keyfiles protected by libgcrypt library

18Jun06	- added clarifications to licence relating to OpenSSL linkage

17Jun06	- added simple unit-testing mechanisms for internal routines

16Jun06	- added '--with-openssl' option to configure

14Jun06	- abstracted cipher functions to enable support for multiple crypto-libs

27May06	- added default cipher-algorithm variables to configure.ac

26May06	- patched bug relating to loopbacks on readonly devices

08May06 - *** cryptmount-1.0rc1 forked & released

07May06	- added testing of multiple quasi-simultaneous mounts to testing script

06May06	- added cmstatus file to store user-locks rather than chown() keyfiles

30Apr06	- added argv[0] switches to allow invocation via 'cryptumount' etc

28Apr06	- updated man-page and README to include easier keyfile generation
	added testing of --change-password to testing script

27Apr06	- added testing of --generate-key to testing script

23Apr06	- added password-changing facilities
	added user-friendly facility for generating new key-files

21Apr06	- added preliminary French message translations (.po file)

20Apr06	- added French versions of manual pages

16Apr06	- changed delegation and fsck to be enabled by default
	moved man-pages into separate sub-directory (to prepare to i18n)

14Apr06	- patched rpm .spec file to allow building by non-root user

------

08Apr06 - *** cryptmount-0.4 released

08Apr06	- added test for user/nouser flags
	adjusted man-page preprocessing to reflect fsck compilation-flag

07Apr06	- added 'flags' parameter to control privileged actions + auto-fsck

01Apr06	- added optional automatic fsck before mounting

24Mar06	- added optional delegation of (un)mounting to /bin/mount, /bin/umount

22Mar06	- created new fsutils.{h,c} & prepared fsoptions for mount-delegation

14Mar06	- added facility for unprotected (plain) decryption key

11Mar06	- added separate man-page for configuration file
	improved configure/Makefile expansion of @etcdir@ macro in man-pages

10Mar06	- changed output of --list to go to stdout rather than stderr
	added testing of --list and null-cmtab to testing script

------

05Mar06 - *** cryptmount-0.3 released

02Mar06	- added password-changing & fsck examples to man-page

28Feb06	- added debianization scripts

26Feb06	- added test for /etc/mtab updating to testing script

25Feb06	- added connection to syslog for mount/unmount/prepare/release actions
	neatened configure tests for openssl & libdevmapper

24Feb06	- patched to improve support for LARGEFILEs

22Feb06	- made testing-script more tolerant of miscompiled executable

17Feb06	- changed /etc/mtab entries to use full name of mounted device
	adjusted unmount/release modes to continue beyond unconfigured targets

11Feb06	- added facilities for multiple-targets & '--all' option on command-line

10Feb06	- added security checks on directory containing cmtab

------

02Feb06 - *** cryptmount-0.2 released

28Jan06	- added 'loop' parameter test to testing script
	improved syntax-error catching in cmtab
	added basic checks on security of target specification

23Jan06	- added 'loop' parameter to cmtab parser
	added basic checks on security of cmtab

22Jan06	- added rpm spec-file (based on version by Holger Mueller)

21Jan06	- added 'ivoffset' parameter to cmtab parser
	neatened delegation mechanisms for cmtab token-processing
	added cryptsetup-compatibility test to testing-script

20Jan06	- moved various security-related routines into new armour.{c,h}

15Jan06	- increased speed of startsector/numsector unit-test with new bingrep.c

14Jan06	- added 'startsector' & 'numsectors' parameters to cmtab parser

------

06Jan06 - *** cryptmount-0.1 released

04Jan06	- added more informative error-messages for (un)mount failures

25Dec05	- patched command-line options to prefer 'unmount' over 'umount'
	added option-synonym test to testing-script

23Dec05	- patched to ease compilation on FedoraCore-4 (+ kernel-2.4 headers)

22Dec05	- neatened usage examples in README & man-page

18Dec05	- added mechanisms for updating /etc/mtab on (un)mounting

------

16Dec05 - *** cryptmount-0.0.3 released

16Dec05	- allowed for automatic creation of device-nodes by libdevmapper

15Dec05	- added key-decryption failure detection

14Dec05	- patched bug in handling non-default keycipher & keyhash algorithms

12Dec05	- informative return-codes wired-in
	automatic testing script ("mudslinger") created

------

09Dec05 - *** cryptmount-0.0.2 released

06Dec05	- added basic man-page
	added locking mechanism to avoid unmounting by different user

04Dec05	- added facility for configuring devices without mounting

03Dec05	- config-files below ${sysconfdir}/cryptmount/
	improved error-handling & debris-removal on mount-failures

------

02Dec05 - *** cryptmount-0.0.1 released

# $Revision: 176 $, $Date: 2007-08-04 14:01:08 +0100 (Sat, 04 Aug 2007) $
