Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2018-06-08 | update .gitignore | 1 | -0/+4 | ||
2018-06-08 | make gitlab.com a mirror | 1 | -2/+6 | ||
https://blog.github.com/2018-06-04-github-microsoft/ | |||||
2018-06-06 | release: write tar signature to git notes | 1 | -0/+1 | ||
2018-04-01 | fix compiler warning/error with GCC 8.x | 1 | -1/+1 | ||
GCC 8.x reports: worker.c:66:2: error: 'strncpy' specified bound 108 equals destination size [-Werror=stringop-truncation] Replace strncpy() with memcpy(), fixes #25. | |||||
2018-03-14 | drop grub workaround, use upstream support for multiple early initrd imagesgrub-2-04 | 4 | -27/+18 | ||
This requires grub upstream support for multiple early initrd images: http://git.savannah.gnu.org/cgit/grub.git/commit/?id=a698240df0c43278b2d1d7259c8e7a6926c63112 | |||||
2018-01-29 | improve systemd notification handling | 1 | -1/+3 | ||
2018-01-22 | prepare version 0.7.40.7.4 | 1 | -1/+1 | ||
2018-01-19 | less conditions for string duplication | 1 | -4/+4 | ||
This makes sure second_factor is not NULL and prevents later NULL dereferences. Fixes #23. | |||||
2018-01-02 | update copyright for 2018 | 7 | -7/+7 | ||
2017-11-25 | link required libraries only | 1 | -6/+6 | ||
2017-11-25 | prepare version 0.7.30.7.3 | 1 | -1/+1 | ||
2017-11-22 | use printf to generate version.h | 1 | -3/+1 | ||
2017-11-21 | prevent systemd from reporting failed with result 'protocol' | 1 | -3/+5 | ||
A systemd service with Type=notify expects READY=1. | |||||
2017-10-30 | allow access to the service status notification socket | 1 | -0/+1 | ||
2017-10-30 | update the logic for second factor | 1 | -9/+20 | ||
2017-10-30 | make sure the worker is run from systemd service | 3 | -3/+16 | ||
2017-10-30 | add missing header comment | 1 | -0/+5 | ||
2017-10-20 | use annotated (and signed) tags only | 1 | -1/+1 | ||
2017-10-06 | prepare version 0.7.20.7.2 | 1 | -1/+1 | ||
2017-09-22 | run ykfde-worker after ykfde-2f, but do not require | 1 | -1/+0 | ||
2017-09-22 | sleep and pkill are no longer required | 3 | -6/+0 | ||
2017-09-22 | ... same for dracut | 1 | -2/+2 | ||
2017-09-22 | we always need the worker | 1 | -2/+2 | ||
2017-09-16 | update for recent keyring changes in systemdsystemd-v235 | 4 | -1/+4 | ||
With systemd v235 we will have new KeyringMode= for services. Setting KeyringMode=shared allows to share secrets between services. Use that for our services. As udev is not started with a shared keyring we can not run the worker directly. Instead always start the service. | |||||
2017-07-04 | prepare version 0.7.10.7.1 | 1 | -1/+1 | ||
2017-07-03 | undo the changes with session keyringsystemd-v234 | 1 | -16/+1 | ||
The keyring handling has been fixed with systemd v234, so revert using the session keyring. | |||||
2017-07-03 | prepare version 0.7.00.7.0 | 1 | -1/+1 | ||
2017-06-22 | do not track changes in /etc/ykfde.d/ | 2 | -1/+4 | ||
2017-06-22 | rename the worker program | 9 | -33/+17 | ||
This is no longer just udev... So rename and move. | |||||
2017-06-22 | wipe second factor from memory | 1 | -0/+1 | ||
2017-06-20 | Rework the code, update keyring handlingsystemd-v233 | 6 | -194/+208 | ||
This had some historical issue... So rework the code: * split into more functions * drop the sleep and notify logic * update keyring handling Depending on setup and systemd version (233 and up) the keyring handling fails. Try to fix this by... * writing to session keyring first * setting permissions * linking to user keyring * unlinking from session keyring https://mjg59.dreamwidth.org/37333.html | |||||
2017-06-20 | Revert "request key from user keyring" | 1 | -1/+1 | ||
This reverts commit e90e36ae106b4c6ff30a6ce0c0b1d03a5615a363. The argument expects a destination keyring to create a key in case it is not found. So keep the zero, which means not to create a key. | |||||
2017-06-14 | invert condition | 1 | -8/+5 | ||
2017-06-14 | FIX: save old termio structure properly | 1 | -2/+2 | ||
2017-04-28 | Updated ykfde.c to silently skip terminal updates when tcgetattr fails so ↵ | 1 | -14/+20 | ||
that keys can be piped through from other commands. | |||||
2017-03-08 | use https for my mirror | 1 | -1/+1 | ||
2017-03-02 | request key from user keyring | 1 | -1/+1 | ||
2017-03-02 | share memory for passphrase and askpass answer | 1 | -9/+7 | ||
2017-03-02 | systemd-ask-password: give id as suggested by man page | 1 | -1/+1 | ||
2017-03-02 | update copyright for 2017 | 6 | -6/+6 | ||
2016-07-09 | prepare version 0.6.40.6.4 | 1 | -1/+1 | ||
2016-07-07 | Small grammar and instruction updates | 2 | -42/+62 | ||
Modified a bit of grammar, added a clarifying paragraph or two, and added a working HOOKS example Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-07-06 | proper clean up of resources | 1 | -7/+15 | ||
2016-07-06 | fix some misc issues | 1 | -8/+10 | ||
2016-07-06 | simplify error path | 1 | -2/+1 | ||
2016-07-06 | open the Yubikey when needed | 1 | -11/+57 | ||
Some key do an unplug/plug sequence after challenge/response. Thus the second challenge/response failed. So let's open the key only when needed and have a clean context. | |||||
2016-07-06 | update dracut for latest code | 1 | -3/+5 | ||
Did I get everyting? This is untested... | |||||
2016-05-28 | add EditorConfig configuration | 1 | -0/+18 | ||
2016-05-28 | indent with tabs | 3 | -17/+17 | ||
2016-05-28 | Merge branch 'systemd-units' | 6 | -29/+31 | ||
2016-05-28 | install systemd unit file without execute permission | 1 | -1/+1 | ||
2016-05-22 | do not install ykfde-2f but ykfde-notify.service | 1 | -1/+1 | ||
2016-05-22 | update dependencies | 1 | -1/+3 | ||
2016-05-22 | add comment about sleep | 1 | -0/+3 | ||
Is there any better way than sleeping? | |||||
2016-05-22 | do not write password to logsystemd-v230 | 1 | -1/+1 | ||
This requires systemd-ask-password with option --no-output, so it depends on systemd v230 (or commit a5a4e365). | |||||
2016-05-22 | fix start order of units | 1 | -0/+1 | ||
2016-05-22 | drop shell script and implement with systemd units | 4 | -27/+23 | ||
2016-05-06 | use own function to ask for LUKS passphrase | 1 | -5/+11 | ||
2016-05-06 | prepare version 0.6.30.6.3 | 1 | -1/+1 | ||
2016-05-06 | make ykfde-cpio depend on version.h | 1 | -1/+1 | ||
2016-05-06 | give hint we want the *current* second factor | 1 | -1/+1 | ||
2016-05-04 | update documentation again, give real example | 2 | -16/+20 | ||
2016-05-04 | update help output | 2 | -2/+3 | ||
2016-05-04 | update documentation | 2 | -16/+24 | ||
* Use long version of switches. * Use --new-2nd-factor (instead of --2nd-factor) for initialization. | |||||
2016-05-04 | move terminal input to function, verify matching strings for new factor | 1 | -37/+49 | ||
2016-05-04 | simplify code structure | 1 | -47/+49 | ||
2016-05-04 | simplify return code handling | 3 | -67/+30 | ||
We do not return the return codes from library functionen, but that is not a big issue... | |||||
2016-05-04 | support reading second factor from terminal | 3 | -17/+78 | ||
This increases security by not displaying on display and not writing to shell history. | |||||
2016-05-04 | do not allow to give second factor twice | 1 | -0/+12 | ||
2016-05-04 | fix error condition for yk_close_key() and yk_release() | 2 | -4/+4 | ||
2016-05-04 | fix error condition for yk_init() | 2 | -4/+6 | ||
2016-05-04 | fix error condition for yk_get_serial() | 2 | -2/+4 | ||
2016-05-03 | prepare version 0.6.20.6.2 | 1 | -1/+1 | ||
2016-05-03 | add empty line for indention | 1 | -0/+1 | ||
2016-05-03 | fix error condition for yk_challenge_response() | 2 | -9/+12 | ||
2016-05-03 | do not crypt_free() when crypt_status() fails | 1 | -1/+1 | ||
2016-05-03 | make ykfde-cpio understand command parameters | 2 | -2/+35 | ||
2016-05-03 | fix compiler and linker flags and produce binaries with full RELRO | 2 | -2/+4 | ||
2016-05-03 | warn when second factor is preocessed but not enabled in config | 1 | -0/+5 | ||
2016-05-03 | define new constant for max second factor length | 1 | -2/+3 | ||
2016-04-04 | prepare version 0.6.10.6.1 | 1 | -1/+1 | ||
2016-04-04 | do not write second factor to stdout (and log to journal) | 1 | -1/+1 | ||
Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-04-04 | let systemd-ask-password add the key to store and drop keyctlsystemd-v227 | 2 | -4/+1 | ||
Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-04-04 | prepare version 0.6.00.6.0 | 1 | -1/+1 | ||
2016-02-26 | shell and commands are required for second factor only | 1 | -7/+7 | ||
2016-02-25 | README-mkinitcpio: emphasize we need a systemd-enabled initramfs | 1 | -2/+3 | ||
close #4 Signed-off-by: Christian Hesse <mail@eworm.de> | |||||
2016-02-25 | make sure we have shell and commands in initramfs | 1 | -0/+7 | ||
fix #5 | |||||
2016-01-20 | update the dracut stuff | 3 | -30/+44 | ||
Not tested, though... | |||||
2016-01-20 | ups, we want another level of heading | 1 | -5/+5 | ||
2016-01-19 | add condition for query of 2nd factor | 1 | -0/+1 | ||
2016-01-18 | update README-mkinitcpio | 1 | -26/+31 | ||
2016-01-18 | update README | 1 | -3/+1 | ||
2016-01-18 | merge mkinitcpio hooks | 4 | -17/+16 | ||
2016-01-18 | we have command options to control behaviour, remove loop hack | 1 | -40/+21 | ||
2016-01-18 | rename ykfde-cpio.service -> ykfde.service | 2 | -1/+1 | ||
2016-01-18 | remove ykfde-cpio hook and make cpio archive mandatory | 3 | -21/+0 | ||
2016-01-18 | add and install grub configuration | 2 | -0/+17 | ||
2016-01-18 | irgnore bad exit status for ykfde | 1 | -1/+1 | ||
2016-01-18 | update comment about compiler command | 1 | -1/+1 | ||
2016-01-18 | create archive on shutdown | 1 | -0/+1 | ||