Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2017-10-30 | update the logic for second factor | Christian Hesse | 1 | -9/+20 | |
2017-10-30 | make sure the worker is run from systemd service | Christian Hesse | 3 | -3/+16 | |
2017-10-30 | add missing header comment | Christian Hesse | 1 | -0/+5 | |
2017-10-20 | use annotated (and signed) tags only | Christian Hesse | 1 | -1/+1 | |
2017-10-06 | prepare version 0.7.20.7.2 | Christian Hesse | 1 | -1/+1 | |
2017-09-22 | run ykfde-worker after ykfde-2f, but do not require | Christian Hesse | 1 | -1/+0 | |
2017-09-22 | sleep and pkill are no longer required | Christian Hesse | 3 | -6/+0 | |
2017-09-22 | ... same for dracut | Christian Hesse | 1 | -2/+2 | |
2017-09-22 | we always need the worker | Christian Hesse | 1 | -2/+2 | |
2017-09-16 | update for recent keyring changes in systemdsystemd-v235 | Christian Hesse | 4 | -1/+4 | |
With systemd v235 we will have new KeyringMode= for services. Setting KeyringMode=shared allows to share secrets between services. Use that for our services. As udev is not started with a shared keyring we can not run the worker directly. Instead always start the service. | |||||
2017-07-04 | prepare version 0.7.10.7.1 | Christian Hesse | 1 | -1/+1 | |
2017-07-03 | undo the changes with session keyringsystemd-v234 | Christian Hesse | 1 | -16/+1 | |
The keyring handling has been fixed with systemd v234, so revert using the session keyring. | |||||
2017-07-03 | prepare version 0.7.00.7.0 | Christian Hesse | 1 | -1/+1 | |
2017-06-22 | do not track changes in /etc/ykfde.d/ | Christian Hesse | 2 | -1/+4 | |
2017-06-22 | rename the worker program | Christian Hesse | 9 | -33/+17 | |
This is no longer just udev... So rename and move. | |||||
2017-06-22 | wipe second factor from memory | Christian Hesse | 1 | -0/+1 | |
2017-06-20 | Rework the code, update keyring handlingsystemd-v233 | Christian Hesse | 6 | -194/+208 | |
This had some historical issue... So rework the code: * split into more functions * drop the sleep and notify logic * update keyring handling Depending on setup and systemd version (233 and up) the keyring handling fails. Try to fix this by... * writing to session keyring first * setting permissions * linking to user keyring * unlinking from session keyring https://mjg59.dreamwidth.org/37333.html | |||||
2017-06-20 | Revert "request key from user keyring" | Christian Hesse | 1 | -1/+1 | |
This reverts commit e90e36ae106b4c6ff30a6ce0c0b1d03a5615a363. The argument expects a destination keyring to create a key in case it is not found. So keep the zero, which means not to create a key. | |||||
2017-06-14 | invert condition | Christian Hesse | 1 | -8/+5 | |
2017-06-14 | FIX: save old termio structure properly | Benjamin Pereto | 1 | -2/+2 | |
2017-04-28 | Updated ykfde.c to silently skip terminal updates when tcgetattr fails so ↵ | Alec Lanter | 1 | -14/+20 | |
that keys can be piped through from other commands. | |||||
2017-03-08 | use https for my mirror | Christian Hesse | 1 | -1/+1 | |
2017-03-02 | request key from user keyring | Christian Hesse | 1 | -1/+1 | |
2017-03-02 | share memory for passphrase and askpass answer | Christian Hesse | 1 | -9/+7 | |
2017-03-02 | systemd-ask-password: give id as suggested by man page | Christian Hesse | 1 | -1/+1 | |
2017-03-02 | update copyright for 2017 | Christian Hesse | 6 | -6/+6 | |
2016-07-09 | prepare version 0.6.40.6.4 | Christian Hesse | 1 | -1/+1 | |
2016-07-07 | Small grammar and instruction updates | Steve Divskinsy | 2 | -42/+62 | |
Modified a bit of grammar, added a clarifying paragraph or two, and added a working HOOKS example Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-07-06 | proper clean up of resources | Christian Hesse | 1 | -7/+15 | |
2016-07-06 | fix some misc issues | Christian Hesse | 1 | -8/+10 | |
2016-07-06 | simplify error path | Christian Hesse | 1 | -2/+1 | |
2016-07-06 | open the Yubikey when needed | Christian Hesse | 1 | -11/+57 | |
Some key do an unplug/plug sequence after challenge/response. Thus the second challenge/response failed. So let's open the key only when needed and have a clean context. | |||||
2016-07-06 | update dracut for latest code | Christian Hesse | 1 | -3/+5 | |
Did I get everyting? This is untested... | |||||
2016-05-28 | add EditorConfig configuration | Christian Hesse | 1 | -0/+18 | |
2016-05-28 | indent with tabs | Christian Hesse | 3 | -17/+17 | |
2016-05-28 | Merge branch 'systemd-units' | Christian Hesse | 6 | -29/+31 | |
2016-05-28 | install systemd unit file without execute permission | Christian Hesse | 1 | -1/+1 | |
2016-05-22 | do not install ykfde-2f but ykfde-notify.service | Christian Hesse | 1 | -1/+1 | |
2016-05-22 | update dependencies | Christian Hesse | 1 | -1/+3 | |
2016-05-22 | add comment about sleep | Christian Hesse | 1 | -0/+3 | |
Is there any better way than sleeping? | |||||
2016-05-22 | do not write password to logsystemd-v230 | Christian Hesse | 1 | -1/+1 | |
This requires systemd-ask-password with option --no-output, so it depends on systemd v230 (or commit a5a4e365). | |||||
2016-05-22 | fix start order of units | Christian Hesse | 1 | -0/+1 | |
2016-05-22 | drop shell script and implement with systemd units | Christian Hesse | 4 | -27/+23 | |
2016-05-06 | use own function to ask for LUKS passphrase | Christian Hesse | 1 | -5/+11 | |
2016-05-06 | prepare version 0.6.30.6.3 | Christian Hesse | 1 | -1/+1 | |
2016-05-06 | make ykfde-cpio depend on version.h | Christian Hesse | 1 | -1/+1 | |
2016-05-06 | give hint we want the *current* second factor | Christian Hesse | 1 | -1/+1 | |
2016-05-04 | update documentation again, give real example | Christian Hesse | 2 | -16/+20 | |
2016-05-04 | update help output | Christian Hesse | 2 | -2/+3 | |
2016-05-04 | update documentation | Christian Hesse | 2 | -16/+24 | |
* Use long version of switches. * Use --new-2nd-factor (instead of --2nd-factor) for initialization. | |||||
2016-05-04 | move terminal input to function, verify matching strings for new factor | Christian Hesse | 1 | -37/+49 | |
2016-05-04 | simplify code structure | Christian Hesse | 1 | -47/+49 | |
2016-05-04 | simplify return code handling | Christian Hesse | 3 | -67/+30 | |
We do not return the return codes from library functionen, but that is not a big issue... | |||||
2016-05-04 | support reading second factor from terminal | Christian Hesse | 3 | -17/+78 | |
This increases security by not displaying on display and not writing to shell history. | |||||
2016-05-04 | do not allow to give second factor twice | Christian Hesse | 1 | -0/+12 | |
2016-05-04 | fix error condition for yk_close_key() and yk_release() | Christian Hesse | 2 | -4/+4 | |
2016-05-04 | fix error condition for yk_init() | Christian Hesse | 2 | -4/+6 | |
2016-05-04 | fix error condition for yk_get_serial() | Christian Hesse | 2 | -2/+4 | |
2016-05-03 | prepare version 0.6.20.6.2 | Christian Hesse | 1 | -1/+1 | |
2016-05-03 | add empty line for indention | Christian Hesse | 1 | -0/+1 | |
2016-05-03 | fix error condition for yk_challenge_response() | Christian Hesse | 2 | -9/+12 | |
2016-05-03 | do not crypt_free() when crypt_status() fails | Christian Hesse | 1 | -1/+1 | |
2016-05-03 | make ykfde-cpio understand command parameters | Christian Hesse | 2 | -2/+35 | |
2016-05-03 | fix compiler and linker flags and produce binaries with full RELRO | Christian Hesse | 2 | -2/+4 | |
2016-05-03 | warn when second factor is preocessed but not enabled in config | Christian Hesse | 1 | -0/+5 | |
2016-05-03 | define new constant for max second factor length | Christian Hesse | 1 | -2/+3 | |
2016-04-04 | prepare version 0.6.10.6.1 | Christian Hesse | 1 | -1/+1 | |
2016-04-04 | do not write second factor to stdout (and log to journal) | Christian Hesse | 1 | -1/+1 | |
Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-04-04 | let systemd-ask-password add the key to store and drop keyctlsystemd-v227 | Christian Hesse | 2 | -4/+1 | |
Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-04-04 | prepare version 0.6.00.6.0 | Christian Hesse | 1 | -1/+1 | |
2016-02-26 | shell and commands are required for second factor only | Christian Hesse | 1 | -7/+7 | |
2016-02-25 | README-mkinitcpio: emphasize we need a systemd-enabled initramfs | Aron Widforss | 1 | -2/+3 | |
close #4 Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-02-25 | make sure we have shell and commands in initramfs | Christian Hesse | 1 | -0/+7 | |
fix #5 | |||||
2016-01-20 | update the dracut stuff | Christian Hesse | 3 | -30/+44 | |
Not tested, though... | |||||
2016-01-20 | ups, we want another level of heading | Christian Hesse | 1 | -5/+5 | |
2016-01-19 | add condition for query of 2nd factor | Christian Hesse | 1 | -0/+1 | |
2016-01-18 | update README-mkinitcpio | Christian Hesse | 1 | -26/+31 | |
2016-01-18 | update README | Christian Hesse | 1 | -3/+1 | |
2016-01-18 | merge mkinitcpio hooks | Christian Hesse | 4 | -17/+16 | |
2016-01-18 | we have command options to control behaviour, remove loop hack | Christian Hesse | 1 | -40/+21 | |
2016-01-18 | rename ykfde-cpio.service -> ykfde.service | Christian Hesse | 2 | -1/+1 | |
2016-01-18 | remove ykfde-cpio hook and make cpio archive mandatory | Christian Hesse | 3 | -21/+0 | |
2016-01-18 | add and install grub configuration | Christian Hesse | 2 | -0/+17 | |
2016-01-18 | irgnore bad exit status for ykfde | Christian Hesse | 1 | -1/+1 | |
2016-01-18 | update comment about compiler command | Christian Hesse | 1 | -1/+1 | |
2016-01-18 | create archive on shutdown | Christian Hesse | 1 | -0/+1 | |
2016-01-18 | remove macro, this works with gcc option -std=gnu11 | Christian Hesse | 1 | -7/+0 | |
2016-01-17 | unlink pid file before exit | Christian Hesse | 1 | -0/+2 | |
2016-01-16 | We have support for second factor. Yeah! | Christian Hesse | 12 | -160/+396 | |
2016-01-04 | update copyright for 2016 | Christian Hesse | 4 | -4/+4 | |
2015-05-27 | prepare version 0.5.20.5.2 | Christian Hesse | 1 | -1/+1 | |
2015-05-27 | iniparser_getstring() returns const char * | Christian Hesse | 2 | -2/+2 | |
2015-05-12 | fix typo in comment | Christian Hesse | 1 | -1/+1 | |
2015-01-07 | prepare version 0.5.10.5.1 | Christian Hesse | 1 | -1/+1 | |
2015-01-07 | delete documentation target on error | Christian Hesse | 1 | -11/+5 | |
This prevents zero-size html files to be present on markdown failure. | |||||
2015-01-07 | do not pipe to sed and catch markdown failures | Christian Hesse | 1 | -3/+6 | |
2015-01-07 | do not recommend to create symlinks | Christian Hesse | 1 | -5/+7 | |
Naming executables is package manager's job. We do not touch that but use what is given. | |||||
2015-01-06 | Merge pull request #2 from nj0y/dev | Christian Hesse | 2 | -7/+56 | |
Update Documentation from Dracut & modified dracut | |||||
2015-01-06 | make challenges available in the main initramfs | Benjamin Pereto | 1 | -0/+1 | |
2015-01-06 | updated README-dracut.md | Benjamin Pereto | 1 | -7/+55 | |