src/include/ecryptfs.h | 4 3 + 1 - 0 !
src/libecryptfs/key_management.c | 520 473 + 47 - 0 !
src/pam_ecryptfs/pam_ecryptfs.c | 32 32 + 0 - 0 !
tests/userspace/Makefile.am | 15 8 + 7 - 0 !
tests/userspace/tests.rc | 2 1 + 1 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase.sh | 63 63 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/test.c | 189 189 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/wp01 | 1 1 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/wp02 | 1 1 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/wp03 | 1 1 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/wp04 | 1 1 + 0 - 0 !
tests/userspace/v1-to-v2-wrapped-passphrase/wp05 | 1 1 + 0 - 0 !
tests/userspace/wrap-unwrap.sh | 7 6 + 1 - 0 !
13 files changed, 780 insertions(+), 57 deletions(-)

 salt the wrapping passphrase
 Modify ecryptfs_wrap_passphrase() to randomly generate an 8 byte salt to be
 used with the wrapping passphrase.
 .
 The salt is stored in the wrapped-passphrase file. To accomodate the randomly
 generated salt, a new wrapped-passphrase file format is introduced. It is
 referred to as "version 2".
 .
 The ability to read the version 1 wrapped-passphrase file format is retained.
 However, ecryptfs_wrap_passphrase() is modified to only create version 2
 wrapped-passphrase files.
 .
 The pam_ecryptfs module is modified to transparently migrate from version 1 to
 version 2 files when the user successfully logs in with their login password.