On 08/16/2014 12:59 PM, .. ink .. wrote: > > On Sat, Aug 16, 2014 at 6:49 AM, Milan Broz <gmazyland@xxxxxxxxx <mailto:gmazyland@xxxxxxxxx>> wrote: > > > > Cryptsetup API NOTE: > The direct terminal handling for passphrase entry will be removed from > libcryptsetup in next major version (application should handle it itself). > > It means that you have to always either provide password in buffer or set > your own password callback function through crypt_set_password_callback(). > See API documentation (or libcryptsetup.h) for more info. > > > > Any reason why this API is being remove? In fact this was a design mistake while I was rewriting API from legacy code. No direct terminal handling should be in library this way and AFAIK there are no extensive users for this part of API (except cryptsetup binary itself). So in fact this should not cause any problem at all, except need for rebuild. (IOW it is only removal of "NULL" option in password param in API functions, functions will stay the same - grep for deprecated warnings in libcryptsetup.h.) > Any new APIs will be introduced in the next major version? Probably yes, depends on which planned features we will be able to implement. The most important task I would like to see is support for new KDF algorithms for LUKS, based on Password hashing competition finalist. This will require some header extension but maybe it is possible that we will have complete new LUKS2 on-disk header version. There will be some experimental branches for some time for testing and discussion. Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
