Version 1.19.

[pwmd.git] / NEWS

PWMD v1.19
----------
Properly initialize libgcrypt.


PWMD v1.18
----------
Added "OPTION LC_CTYPE" and "OPTION LC_MESSAGES". Both of these can also be
set in ~/.pwmd/pinentry.conf.


PWMD v1.17
----------
SAVE command bugfix when OPTION PINENTRY=0.

Use a mutex to lock the memory list. Fixes potential memory corruption.


PWMD v1.16
----------
"disable_list_and_dump" now affects the XPATH command too.

When reloading the configuration file with SIGHUP, "disable_list_and_dump" is
no longer modified from the initial value specified at startup.

GETCONFIG will now accept the "key" and "key_file" parameters.

GETCONFIG will return GPG_ERR_NO_VALUE instead of GPG_ERR_SYNTAX when an
unknown or unspecified parameter is requested.

GETCONFIG should now work with a UTF8 filename argument.

Fixed a potential pinentry segfault and a minor memory leak.


PWMD v1.15
----------
Since the previous version I've lost some data including the gpg key used to
sign the archives and have no way of revoking it. I've generated a new key
0xF2B33BEF which will be used for future signings. Key 0x40D5FA7E should be
considered revoked.

pwmd_strerror() will return gpg_strerror() when the error code isn't related
to pwmd. This fixes some error descriptions.

Symbolic links are no longer allowed as data files. This prevents backups from
being created on different (e.g., non-encrypted) partitions.

Fixed checking new elements for whitespace as the first character.

Allow unicode filenames. Only '/' and whitespace are rejected.

Fixed an important bug when importing an XML file with -I. If no iterations
were specified, the output wasn't getting encrypted from the configuration
setting.

Added command line option -k to specify a keyfile when importing.

A few other bug fixes. See ChangeLog for details.


PWMD v1.14
----------
OPTION TIMEOUT will no longer be considered with the SAVE command. This should
be safe because it's normally an interactive command.

The keepalive and cache timeout threads aren't terminated until after all
clients have exited even after receiving a quit signal.

A few bug fixes. See ChangeLog for details.


PWMD v1.13
----------
Sorry about this second release in the same day but I didn't catch these two
bugs until it was too late.

Parse ~/.pwmd/pinentry.conf even when adding files from the command line.

Fixed an uninitialized variable which may have led to invalid DECRYPT status
messages.


PWMD v1.12
----------
There is now a GIT repository allowing anonymous checkouts and a web interface
at http://repo.or.cz/w/pwmd.git. To clone the repository:

    git clone git://repo.or.cz/pwmd.git

    To get the latest changes:

    git pull

Fixed a segfault when adding a file to the cache from the command line.


PWMD v1.11
----------
pwmd now becomes a daemon process (forks into the background) by default. To
prevent this use the new -n command line switch.

Added support for pinentry timeouts. This adds a new OPTION TIMEOUT protocol
command and the new "pinentry_timeout" configuration parameter. These set the
number of seconds before the pinentry process is terminated.

SIGHUP now reloads the configuration file rather than SIGUSR1 and SIGUSR1 will
reset the key cache. Sorry for the switch but I see more applications using
SIGHUP for file reloading and I'd like to be conforming.

Fixed launching pinentry when DISPLAY is unset.

Added configuration parameter "priority" to specify the niceness of pwmd. The
default value is inherited from the parent process.

Added support for pinentry's password quality meter. You'll need to have
cracklib2 installed and pass --enable-quality to ./configure.


PWMD v1.10
----------
ATTR LIST now separates the attribute name and value with a space rather than
a tab.

Send LOCKED status messages while waiting for the pinentry mutex.

A couple minor cleanups.


PWMD v1.9
----------
Fixed GETCONFIG showing the "key" and "key_file" parameters. Got broken in the
previous release.

Added the GETPID command which returns the process ID of pwmd.

Fixed terminating a client after it disconnected in the middle of a file mutex
lock. Note that while a client is waiting for a file mutex lock, a LOCKED
status message will be sent to the client once every second.

OPTION ITERATIONS no longer requires an open file and also sends the CONFIG
status message when successful.

Send both the current iteration and total iterations in the ENCRYPT and
DECRYPT status messages. This should make it easier for clients.

The "iterations" configuration parameter is updated after a successful OPEN
command. This keeps the iteration setting from the file header and can be
changed with OPTION ITERATIONS before saving. The "iterations" configuration
option is now only useful for new files. The CONFIG status message will be
sent to all clients when the file header iterations differs from the
configured one. Note that all this only applies to exiting files (OPEN) and
not new ones.

The GETCONFIG command now converts the configuration parameter to lower case.


PWMD v1.8
----------
The GETCONFIG command can take a file argument. This lets the client retrieve
values for files that aren't opened yet.

Added command line option -i to specify the number of encryption iterations
when importing. If not specified, the "global" configuration parameter will be
used like before.

Fixed the "iteration" and "iteration_progress" configuration parameters when
used in a file section.

Added the CONFIG status message. This is sent when the configuration file is
reloaded (SIGUSR1).

Added the CLIENTS status message to show how many clients are connected.

Removed the cleanup thread. Cleanups now occur immediately after the client
thread terminates.

Redid how status messages are sent. We now use a pth_msgport_t rather than
signals.

Added OPTION ITERATIONS to set the encryption iterations for the current file.
This will send the CONFIG status message when successful.


PWMD v1.7
----------
Added the LOCK and UNLOCK commands.

$DISPLAY bugfix. Use the --display pinentry command line option.

Fixed a xmlError segfault.


PWMD v1.6
----------
IMPORT command bugfix. It now overwrites the node of the same name as the root
node of the content argument.

When a client sends OPTION PINENTRY, the option value is valid for the current
session only, and not any future sessions of the same file.


PWMD v1.5
----------
Added the "backup" configuration parameter. When true, the default, a backup
of the opened file will be saved in "data_directory" when a SAVE command is
sent. The filename will have the ".backup" extension appended to it.

Added the XPATH command. This command can retrieve a result of the specified
expression or set a value to the result of the specified expression.

Added the IMPORT command. This is like STORE but reads real XML data and
stores it at the specified element path.

A few bugfixes. See ChangeLog for details.


PWMD v1.4
----------
Ported to libPth2. This fixes key cache locking portability and removes the
--disable-locking 'configure' option.

Added configuration parameter "syslog" to enable logging to the syslog daemon
with facility LOG_DAEMON and priority LOG_INFO.

When the key cache changes, send the CACHE status message to each connected
client.

Reuse libgpg-error error codes more often. If your using libpwmd, please
update to libpwmd5 otherwise error codes will be wrong.

Added configuration option "keepalive" to specify the interval, in seconds, to
send the new KEEPALIVE status message.

Added pinentry(1) support. This adds a new configuration parameter
"enable_pinentry" (the default is enabled), and a few options that can be set
with the new OPTION command: PATH, TTYNAME, TTYTYPE, DISPLAY, TITLE, PROMPT,
DESC and PINENTRY. Read COMMANDS for details.

Added OPTION CLIENT NAME=VALUE to let clients set a string that is associated
with the connection thread ID. This may be useful for debugging log messages.

The "iterations" configuration parameter can be set to -1 to disable
encryption. Setting to 0, the default, will still encrypt with 1 iteration (I
know it doesn't make sense, but it's needed for compatibility with previous
data files).

Empty (null) keys are now allowed.

Changed the "default" configuration file section to "global". Be sure to
update your config file(s).

A few bug fixes. See ChangeLog for details.


PWMD v1.3
----------
More safety checks when writing the data file after a SAVE command.

Added configuration parameter "socket_perms" to set the permissions of the
created socked overriding any umask setting. May be useful if a client
other than the user who invoked pwmd needs to connect (i.e., ACL's).

Added 'configure' option --disable-locking to disable key cache mutex locking.
Some systems don't have a complete pthread_mutex_t data type which is needed
rather than a pointer (FreeBSD and others probably). Note that using this
option increases the risk of key cache and data file corruption when more than
one client is using pwmd at the same time and save to the same file. If
possible, upgrade your OS and see if this fixes things.

A few bugfixes. See ChangeLog for details.


PWMD v1.2
----------
Added locking of the file/key cache with certain commands. This prevents other
clients from modifying the cache until the lock is released. This adds a new
pthread compile time dependency.

Zlib version 1.2.2.1 or later is now a requirement.


PWMD v1.1
----------
Added configuration parameter "recursion_depth". This specifies the maximum
number of times to follow a "target" attribute for a single element. The
default is 20.

When creating a "target" attribute, each element in the element path value is
no longer modified with the literal '!' character at all. You need to specify
the literal instead. This keeps the syntax more consistent with the other
commands.

Added the COMPRESS and DECOMPRESS status messages. Both show the bytes
processed so far, and the total bytes. In order to see the total after
upgrading from a previous version you need to save the data file once.

Changed the PROGRESS status message to ENCRYPT and DECRYPT.

The "disable_mlockall" configuration parameter now defaults to "true". Saves
RAM and is overkill for most since each memory deallocation is cleared before
being freed. The file cache is still locked in RAM though (if possible).

Bugfixes. See ChangeLog for details.


PWMD v1.0
----------
EPWMD_FILE_NOT_FOUND is no longer used. It is up to the client to determine
if the file exists by using the GETCONFIG command along with 'data_directory'.

The CLEARCACHE command will always succeed (return 0) even if the file is not
found.

A few minor bugfixes.


PWMD v0.12
----------
Added gettext support. Translations welcome.

Strip the first '!' of a newly created element. If there's a following one
it's an error. This is to avoid syntax errors and confusion with other
commands and element paths.

Only show the number of iterations so far when showing the PROGRESS status
message. The client can get the percentage by calculating the
"iteration_progress" with GETCONFIG.

Fixed a huge memory leak with (de)compression.

The cache status message format has changed to only show the used and
available slots and without any text strings to make it easier for clients to
parse.

SIGUSR1 is caught in the child process. This allows for reloading of the
configuration file.

Fixed pushing files and xml import with compression.

Added --enable-mem-debug to use the standard memory allocators. Valgrind seems
to work better this way.

Fixed a few memory leaks.

Fixed creating invalid XML elements. Elements must not begin with punctuation
or digit and not contain any whitespace.

The output of the LIST command is no longer sorted. Leave it up to the client.


PWMD v0.11
----------
Added the GETCONFIG command. This will return a value for a configuration
parameter for the opened file or the default value if no file has been opened.
The "key" and "key_file" parameters are ignored.

Rewrote how element handling is done. No longer uses an xmlTextReader but
accesses the xmlDocPtr nodes directly.

The STORE command will no longer overwrite the element tree of the last
element in the specified element path. Instead it will set the content as
usual and keep the child nodes. This affects how GET handles empty elements.
GET will return EPWMD_EMPTY instead of EPWMD_TRAILING_ELEMENT. The STORE
command can also store content in a root element (account) and remove content
or store an empty element by not specifying any content after the last TAB in
the element path.

Each element in an element path can now be prefixed with the literal '!'
character. This allows for following targets of elements other than the root
element.

The LIST command will now shows all reachable elements including target
elements for the specified element path. It also prefixes each element with
the literal '!' when needed.

Added support for compressing data files before encryption. This adds the
"compression_level" configuration parameter. The default is 6 and setting to 0
will disable.

A couple of bug fixes.


PWMD v0.10
----------
Fixed libgpg-error descriptions. The errors that pwmd uses for bad syntax and
invalid keys etc. used to return an error code that used
GPG_ERR_SOURCE_DEFAULT as the source. GPG_ERR_SOURCE_USER_1 is what pwmd uses
now. This breaks compatibility with clients that make use of the error codes
(i.e., libpwmd). Be sure to update.

Non-option arguments on the command line are files to cache upon startup. This
acts like the 'cache_push' configuration parameter.

The location of the default configuration file is now ~/.pwmd/config and the
default data directory is ~/.pwmd/data, and the default log file ~/.pwmd/log.
This fixes clients opening these non-data filenames.

Fixed default configuration values when an rcfile doesn't have one.

The configuration parameters 'key' and 'key_file' now check to make sure the
key is valid before adding it to the cache like 'cache_push' does.

Clear the file cache and free the memlist on SIGABRT when debugging is not
enabled.

Added command line option -b to fork pwmd to the background.

Added configuration parameter "iteration_progress". pwmd will send the client
a status message showing the percent of iterations that are complete while
encrypting or decrypting a data file. The default is 0 which disables sending
status messages.

Sending SIGUSR1 to pwmd will reload the configuration file.

New protocol command REALPATH. This will resolve any "target" attribute for
all elements in the specified element path and return the result.

Some portability (FreeBSD and maybe others) fixes.

SIGTERM and SIGABRT are now properly caught in a child process.

Bugfixes.


PWMD v0.9
---------
Now uses the assuan protocol. This requires libassuan and libgpg-error.

Clear the shared memory on exit.

The CACHE sub-commands ISCACHED, CLEARCACHE and CACHETIMEOUT have been made
into their own commands removing the CACHE command itself.

The RESETCACHE command and the cache_reset_timeout configuration parameter
have been removed. The cached files timeout is reset to it's configured value
(or set value with CACHETIMEOUT) after each OPEN or SAVE command.

The OPEN command can open another file using the same connection. Beware
though that if the OPEN of the new file fails, no file will be open at all.

When OPEN'ing a new file with a specified key, cache both the filename and
key. Before you had to SAVE to cache the key.

All commands will check if the file has been modified before continueing. Not
the cache commands though.

Don't unlink() a socket filename that wasn't created by pwmd.

Fixed allocating more slots than needed.

The commands GET, STORE, DELETE and ATTR make use of the "target" attribute
unless the element path argument is prefixed with a '!'. The LIST command
will support "target" in the next release, hopefully.

Accounts names can no longer begin with a '!' character to avoid problems with
the "target" attribute.

Removed EPWMD_ROOT_TEXT_ELEMENT. The STORE command will return
EPWMD_COMMAND_SYNTAX instead.

Added command line option -D and configuration parameter
"disable_list_and_dump". When specified or enabled, the LIST and DUMP protocol
commands will return EPWMD_EMPTY_ELEMENT.


PWMD v0.8
---------
Use AM_XML2_PATH() for finding libxml2.

Split pwmd and libpwmd into their own projects. Both can be found at
http://bjk.sourceforge.net/pwmd/.


PWMD v0.7
---------
cache_push and working directory bugfix.

Added two new configuration options "key" and "key_file". Works with
cache_push too.

Added a boolean "cache_reset_timeout" configuration option to reset the timer
for a cached key when the OPEN or SAVE commands are used.

Added two new protocol commands CACHE RESET which clears only the key for the
specified file and CACHE RESETALL which clears the key for all files.

The "name" and "target" attributes are now case-sensitive.

The value of an element path that contains a "target" attribute can be
obtained by prefixing the account element with a '!'.


PWMD v0.6
---------
Fix for the LIST command. When an element path was specified and the document
had following elements in the tree the following elements would be shown.

Added the CACHE TIMEOUT command to specify the lifetime of a cached file in
seconds. This adds a new configuration file setting "cache_timeout".

Added per-file settings in the configuration file. A file section is declared
by placing the filename in braces. Only the "iterations" and "cache_timeout"
settings are used in a file section.

No longer chdir() to the data directory.


PWMD v0.5
---------
If a file size is 0 then CACHE ISCACHED will return EPWMD_FILE_NOT_FOUND.

Write a structure to the data file which specifies the iterations and IV. This
lets you open a file that had a different iteration setting than the current
setting. Breaks file compatibility with previous versions for hopefully the
last time.

cache_push with an invalid password bugfix.

Added command line option -I to import an XML file and write the encrypted
data to stdout.


PWMD v0.4
---------
Use AES-256-CBC to store the data file. This breaks file compatibility with
older versions. Sorry.

The ATTR protocol command has a new GET sub-command to get an attribute value
for an element path.

The LIST protocol command can now take an element path.

The DUMP command will format it's output.

Use MAP_ANONYMOUS|MAP_SHARED mmap() flags on Linux 2.4+. This won't create a
file in /dev/shm. #define MMAP_ANONYMOUS_SHARED in config.h if your OS
supports this.

Fixed closing file descriptors.

Fixed some memory leaks.

The contents of all memory allocated by Glib, libXML and libgcrypt is cleared
before free()ing.

Added an "iterations" configuration parameter. This specifies the amount of
times to encrypt the data to prevent dictionary attacks. Idea borrowed from
aespipe.


PWMD v0.3
---------
The SETATTR protocol command has been renamed to ATTR. This new command
includes three new sub-commands: SET, DELETE and LIST, to SET or update an
attribute, DELETE to delete an attribute and LIST to list attributes of an
element path. Read PROTOCOL for details.

Added the TARGET attribute. If an element has this attribute set, it's value
is another element path. It's recursive too so the destination element path
can be an element with a TARGET attribute. Be careful of loops though.

Added the DUMP protocol command. It shows the in-memory document. Useful for
cleaning up empty elements that aren't shown with any command.

The "name" attribute can be used in any element but cannot be removed for the
root "account" element.

More strict element name validation for new elements.

Code reorganization. Protocol commands have been put in src/commands.c.

The LIST command won't show element values anymore unless DEBUG was defined at
compile time. You must use the GET command to get a value.

The OPEN and SAVE protocol commands no longer expect a base64 encoded key.
Plain text is where it's at.

The STORE command wont base64 encode the value. We'll leave it up to the
client. But it's still recommended to avoid parsing errors.

All of the command line options have been moved into a configuration file. By
default pwmd will look for it in ~/.pwmdrc. You can use -f to specify an
alternate file. If the file doesn't exist, then some defaults will be used.
There is one new config option though; "cache_push" will take a list of
filenames as an argument. This will prompt for passwords upon startup and add
the file to the cache. It's a (temporary?) fix for background processes that
don't have an attached tty (see libpwmd/KnownBugs). Just make sure the file
the other process needs is added to the cache.


PWMD v0.2
---------
There is a library included in the archive to make interfacing the pwmd alot
easier. See libpwmd/README for more information.

A (temporary) fix for 100% CPU usage after a client connects.

GnuPG is no longer used for data encryption. Instead, libgcrypt will
encrypt/decrypt the data with AES-128 key. The OPEN and SAVE commands will
need the base64 encoded key.

Renamed host to hostname and added sslfingerprint to the DTD.

Added command line option -s to specify the socket path.

Added command line option -d to specify where pwmd will open and save the data
files.

Renamed protocol command SET to SETATTR.

Added shared memory file caching. If a file is found in the cache then the
cached password associated with the file will be used with the OPEN command.
With SAVE, if there is no cached password a key is required, else the cached
password will be used unless there is a key argument. This also adds a new
protocol command CACHE with 3 subcommands CLEARALL, CLEAR and ISCACHED.
Sending the SIGHUP signal to pwmd will clear the file cache.

Added command line option -M to disable calling mlockall(). mlock() will still
be used for the file cache reguardless of this option.

Added command line option -C to specify the file cache size. The cache size
must be in multiples of PAGE_SIZE.

Added command line option -l to enable logging to the specified file.

If there is a protocol command error, ERR is returned along with a protocol
error code and description. See src/pwmd_error.h for error codes.

Fix for the DELETE command and deleting an entire element tree when an invalid
element was in the element path.

Fix for the GET command and finding elements of the same name in other
accounts.

Added a manual page.


PWMD v0.1
---------
Initial release.