Cryptsetup 1.5.1 Release Notes
==============================

Changes since version 1.5.0

* The libcryptsetup library now tries to initialize device-mapper backend and
  loop devices only if they are really needed (lazy initializations).
  This allows some operations to be run by a non-root user.

  (Unfortunately LUKS header keyslot operations still require temporary dm-crypt
  device and device-mapper subsystem is available only to superuser.)

  Also clear error messages are provided if running as non-root user and
  operation requires privileged user.

* Veritysetup can be now used by a normal user for creating hash image to file
  and also it can create hash image if doesn't exist.
  (Previously it required pre-allocated space.)

* Added crypt_keyslot_area() API call which allows external tools
  to get exact keyslot offsets and analyse content.

  An example of a tool that searches the keyslot area of a LUKS container
  for positions where entropy is low and hence there is a high probability
  of damage is in misc/kesylot_checker.
  (Thanks to Arno Wagner for the code.)

* Optimized seek to keyfile-offset if key offset is large.

* Fixed luksHeaderBackup for very old v1.0 unaligned LUKS headers.

* Various fixes for problems found by a several static analysis tools.