From 3bc1d0b1be3f2a9147256e03f44ef3f6acd35506 Mon Sep 17 00:00:00 2001 From: Ben Kibbey Date: Sat, 8 Mar 2008 11:38:33 -0500 Subject: [PATCH] Version 1.9. --- NEWS | 15 ++++++++++++--- TODO | 12 ++++++++++++ configure.ac | 2 +- debian/changelog | 6 ++++++ doc/config.example | 29 +++++++++++++++-------------- 5 files changed, 46 insertions(+), 18 deletions(-) diff --git a/NEWS b/NEWS index 26ecfa2b..38b7b6eb 100644 --- a/NEWS +++ b/NEWS @@ -1,9 +1,13 @@ PWMD v1.9 ---------- +Fixed GETCONFIG showing the "key" and "key_file" parameters. Got broken in the +previous release. + Added the GETPID command which returns the process ID of pwmd. Fixed terminating a client after it disconnected in the middle of a file mutex -lock. +lock. Note that while a client is waiting for a file mutex lock, a LOCKED +status message will be sent to the client once every second. OPTION ITERATIONS no longer requires an open file and also sends the CONFIG status message when successful. @@ -13,8 +17,13 @@ DECRYPT status messages. This should make it easier for clients. The "iterations" configuration parameter is updated after a successful OPEN command. This keeps the iteration setting from the file header and can be -changed with OPTION ITERATIONS. The "iterations" config option is now only -useful for new files. +changed with OPTION ITERATIONS before saving. The "iterations" configuration +option is now only useful for new files. The CONFIG status message will be +sent to all clients when the file header iterations differs from the +configured one. Note that all this only applies to exiting files (OPEN) and +not new ones. + +The GETCONFIG command now converts the configuration parameter to lower case. PWMD v1.8 diff --git a/TODO b/TODO index 973237bb..1182d9ad 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,15 @@ Add "OPTION TIMEOUT=N" to specify a pinentry timeout. Need to wait for pinentry to support this option itself because assuan_pipe_connect() calls execv() to execute pinentry, which replaces the PID from pth_fork(). + +(???) Use gpgme to encrypt data files with a secret GnuPG key and use +gpg-agent. + +(???) Use the DBUS protocol instead of libassuan. Better asynchronous IO. More +language bindings. Both local and remote socket support for future expansion. +Better handling of large amounts of data. Shouldn't be too difficult to add. +Only need to modify each command to return a DBUS result and a control +structure holding the current command and processing state for asynchronous +IO (optional async option for libpwmd). The downside is that it's a binary +protocol but also adds an opertunity to fix file header related bugs which +would break compatibility with previous versions. diff --git a/configure.ac b/configure.ac index dfe19830..48dd7e87 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT(pwmd, 1.8, [Ben Kibbey bjk@luxsci.net]) +AC_INIT(pwmd, 1.9, [Ben Kibbey bjk@luxsci.net]) AC_CONFIG_AUX_DIR(build) AC_CANONICAL_TARGET AM_INIT_AUTOMAKE([foreign]) diff --git a/debian/changelog b/debian/changelog index 99fed289..b6de1c31 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +pwmd (1.9-1) testing; urgency=low + + * New upstream. + + -- Ben Kibbey Sat, 08 Mar 2008 11:23:01 -0500 + pwmd (1.8-1) testing; urgency=low * New upstream. diff --git a/doc/config.example b/doc/config.example index b9280d1d..0a2d954c 100644 --- a/doc/config.example +++ b/doc/config.example @@ -2,7 +2,7 @@ # Example PWMD configuration file. Edit and save to ~/.pwmd/config or # specify with the -f command line option. # -# The global section is non-file related settings and file defaults. +# The global section is for non-file related settings and file defaults. [global] # Location of the listening socket. @@ -11,7 +11,7 @@ # Socket permissions. This will override any umask setting. #socket_perms=0600 -# Where files will be read and stored. +# Where data files will be read and stored. #data_directory=~/.pwmd/data # If false, disable keeping backups for data files. @@ -32,22 +32,23 @@ # Set to false to call mlockall(2) after a client connects. Uses alot more # memory but is also more secure. Most will probably find it overkill since -# the contents of all memory is cleared before being freed (see KnownBugs -# though). Note that this doesn't affect the file cache which is always stored -# in RAM (if possible). +# the contents of all memory is cleared before being freed. Note that this +# doesn't affect the file cache which is always stored in RAM (if possible). #disable_mlockall=true # Disable the LIST and DUMP commands. When "true" and a client sends these # commands an error GPG_ERR_NOT_IMPLEMENTED will be returned. #disable_list_and_dump=false -# Number of encryption iterations. This is the number of times the data will -# be encrypted. Setting this to a high value (10000) will drastically slow -# down dictionary attacks. Setting to -1 will disable encryption. +# The number of encryption iterations for new files. This is the number of +# times the data will be encrypted. Setting this to a high value (10000 or +# more) will slow down dictionary attacks. Setting to -1 will disable +# encryption. #iterations=0 # After the set number of encryption or decryption iterations, a status -# message with the keyword PROGRESS is sent. Setting to 0 disables. +# message with the keyword ENCRYPT or DECRYPT will be sent. Set to 0 to +# disable. #iteration_progress=0 # A list of filenames separated by commas to add to the file cache upon @@ -56,11 +57,10 @@ #cache_push=somefile, anotherfile # The number of seconds to keep a file in the cache. If -1, the file will be -# kept forever. If 0, then every OPEN and SAVE command for a file will require -# a key. +# kept forever. If 0, then every OPEN and SAVE command will require a key. #cache_timeout=-1 -# Set to false to disable use of pinentry. +# Set to false to disable use of pinentry to retrieve keys. #enable_pinentry=true # The default compression level for data files from 1 to 9, 1 being the @@ -79,12 +79,13 @@ # Sends a KEEPALIVE status message every N seconds. Set to 0 to disable. #keepalive=30 + # END GLOBAL SETTINGS -# File specific settings are allowed by placing the filename in braces. +# File specific settings are allowed by placing the filename in braces. Each +# file can have it's own configuration settings from those listed below. #[somefile] #cache_timeout=300 -#iterations=15000 #iteration_progress=0 #key=password #key_file=/path/to/file.key -- 2.11.4.GIT