diff mbox series

[bug#34366] gnu: cryptsetup: Update to 2.0.6.

Message ID 87k1i4wq1c.fsf@fastmail.com
State Accepted
Headers show
Series [bug#34366] gnu: cryptsetup: Update to 2.0.6. | expand

Checks

Context Check Description
cbaines/applying patch fail Apply failed

Commit Message

Marius Bakke Feb. 12, 2019, 11:22 p.m. UTC 
Leo Famulari <leo@famulari.name> writes:

> On Sat, Feb 09, 2019 at 10:24:00AM +0100, Rutger Helling wrote:
>> I just tested reconfiguring and rebooting. Everything still works for
>> me, including the initramfs.
>> 
>> On Thu, 7 Feb 2019 11:19:02 +0100
>> Rutger Helling <rhelling@mykolab.com> wrote:
>> 
>> > Hey Guix,
>> > 
>> > here's an update for cryptsetup. Note that although it seems to run
>> > fine I haven't been able to test it with an initramfs (yet).
>
> Thanks!
>
> Are you able to incorporate the changes suggested in
> <https://bugs.gnu.org/30974> to cryptsetup-static? Let us know either
> way.

Note that, when testing #30974 on my machine, it caused severe file
system corruption and I had to reinstall.  So I recommend taking a full
backup before trying this on real hardware!

That said, I have tested a more recent version of that patch (attached)
in a VM and it appears to works fine.  Did not get around to trying it
on an already encrypted disk yet though.
diff mbox series

Patch

From 49d8c2519c05403c6a4ffb992b49f64a772eeecb Mon Sep 17 00:00:00 2001
From: Marius Bakke <mbakke@fastmail.com>
Date: Fri, 1 Feb 2019 00:27:45 +0100
Subject: [PATCH] gnu: cryptsetup: Update to 2.0.6.

* gnu/packages/cryptsetup.scm (cryptsetup): Update to 2.0.6.
[source](snippet): Delete bundled argon2.
[arguments]: Add #:configure-flags to use system argon2.
[inputs]: Add ARGON2 and JSON-C.
[native-inputs]: Add PKG-CONFIG.
(cryptsetup-static)[inputs]: Add ARGON2 and JSON-C.
[arguments]: Add "--enable-libargon2" and "BLKID_LIBS" to #:configure-flags.
[inputs]: Distinguish the static output of UTIL-LINUX.
---
 gnu/packages/cryptsetup.scm | 43 ++++++++++++++++++++++++++++++-------
 1 file changed, 35 insertions(+), 8 deletions(-)

diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm
index be60ef072d..c1aafc3bbc 100644
--- a/gnu/packages/cryptsetup.scm
+++ b/gnu/packages/cryptsetup.scm
@@ -25,14 +25,17 @@ 
   #:use-module (guix utils)
   #:use-module (gnu packages)
   #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu packages password-utils)
+  #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages python)
-  #:use-module (gnu packages linux))
+  #:use-module (gnu packages web))
 
 (define-public cryptsetup
   (package
    (name "cryptsetup")
-   (version "1.7.5")
+   (version "2.0.6")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://kernel.org/linux/utils/cryptsetup/v"
@@ -40,15 +43,30 @@ 
                                 "/" name "-" version ".tar.xz"))
             (sha256
              (base32
-              "1gail831j826lmpdx2gsc83lp3br6wfnwh3vqwxaa1nn1lfwsc1b"))))
+              "0c1x125s7p4ps13spsqrcsd9dclz01vsrchmypq9msp7y3hgllbw"))
+            (modules '((guix build utils)))
+            (snippet
+             '(begin
+                ;; Delete bundled argon2 library.  Preserve the build files
+                ;; so that we don't trigger 'autoreconf'.
+                (for-each (lambda (file)
+                            (delete-file file))
+                          (find-files "lib/crypto_backend/argon2"
+                                      "(README|LICENSE|\\.[ch])$"))
+                #t))))
    (build-system gnu-build-system)
+   (arguments
+    `(#:configure-flags '("--enable-libargon2")))
    (inputs
-    `(("libgcrypt" ,libgcrypt)
+    `(("argon2" ,argon2)
+      ("json-c" ,json-c)
+      ("libgcrypt" ,libgcrypt)
       ("lvm2" ,lvm2)
       ("util-linux" ,util-linux)
       ("popt" ,popt)))
    (native-inputs
-    `(("python" ,python-wrapper)))
+    `(("pkg-config" ,pkg-config)
+      ("python" ,python-wrapper)))
    (synopsis "Hard disk encryption tool")
    (description
     "LUKS (Linux Unified Key Setup)/Cryptsetup provides a standard on-disk
@@ -78,8 +96,15 @@  files).  This assumes LIBRARY uses Libtool."
     (inherit cryptsetup)
     (name "cryptsetup-static")
     (arguments
-     '(#:configure-flags '("--disable-shared"
+     '(#:configure-flags `("--disable-shared"
                            "--enable-static-cryptsetup"
+                           "--enable-libargon2"
+
+                           ;; Link against the statically built blkid library instead
+                           ;; of the shared one guessed by pkg-config.
+                           ,(string-append "BLKID_LIBS=-L"
+                                           (assoc-ref %build-inputs "util-linux:static")
+                                           " -lblkid")
 
                            ;; 'libdevmapper.a' pulls in libpthread, libudev and libm.
                            "LIBS=-ludev -pthread -lm")
@@ -117,9 +142,11 @@  files).  This assumes LIBRARY uses Libtool."
               (inherit (static-library libgcrypt))
               (propagated-inputs
                `(("libgpg-error-host" ,(static-library libgpg-error)))))))
-       `(("libgcrypt" ,libgcrypt-static)
+       `(("argon2" ,argon2)
+         ("json-c" ,json-c)
+         ("libgcrypt" ,libgcrypt-static)
          ("lvm2" ,lvm2-static)
-         ("util-linux" ,util-linux "static")
+         ("util-linux:static" ,util-linux "static")
          ("util-linux" ,util-linux)
          ("popt" ,popt))))
     (synopsis "Hard disk encryption tool (statically linked)")))
-- 
2.20.1