3 This version breaks API compatibility so be sure to adjust your patches. There
4 are quite a few new features and changes in this release; the main one being
5 remote socket support by using libssh2 to connect to an SSH server (see
6 README.SSH for details) and how pwmd_process() works. Here are the API
9 removed: pwmd_open_nb(), pwmd_save_nb(), pwmd_open_nb_finalize(),
10 pwmd_save_nb_finalize(), pwmd_terminate_pinentry(), pwmd_assuan_ctx(),
13 added: pwmd_new(), pwmd_get_fd(), pwmd_get_fd2(), pwmd_free(),
14 pwmd_malloc(), pwmd_realloc(), pwmd_calloc(), pwmd_strdup(),
15 pwmd_open_async2(), pwmd_save_async2(), pwmd_ssh_connect(),
16 pwmd_ssh_connect_async(), pwmd_get_hostkey(),
17 pwmd_get_hostkey_async(), pwmd_strerror_r()
19 options: PWMD_OPTION_IP_VERSION
21 See the manual page or libpwmd.h for details. The pwmc options have also
22 changed to use getopt_long() so be sure to read pwmc.1 also.
27 Ported to libpth. Two versions of libpwmd will be built when libpth is
28 available and --with-pth is passed to configure (the default). The libpth
29 version will be called libpwmd-pth and clients should link with -lpwmd-pth or
30 use the libpwmd-pth.pc pkg-config metadata file. Pass --without-pth to
31 configure to disable libpth support.
33 pwmd_open_nb(), pwmd_save_nb(), pwmd_open_nb_finalize() and
34 pwmd_save_nb_finalize() are no longer flagged as deprecated. Clients that
35 connect to a pwmd that cannot use pinentry can use these functions to locally
36 get a passphrase from pinentry.
38 pwmd_open_nb() and pwmd_save_nb() will set the error code to zero before
39 returning a valid file descriptor. Only for convenience.
44 There is now a GIT repository allowing anonymous checkouts and a web interface
45 at http://repo.or.cz/w/libpwmd.git. To clone the repository:
47 git clone git://repo.or.cz/libpwmd.git
49 To get the latest changes:
53 Fixed setting the pinentry title string when an invalid password was entered.
60 pwmc now sends the LOCK command after opening the data file.
62 Added pwmc command line option -t to specify the pinentry timeout.
64 Requires pinentry 0.7.5 or later when using pwmd_open_nb(). This version uses
67 pwmd_open() now uses pwmd's pinentry method rather than forking. This makes
68 version 1.11 of pwmd a requirement.
70 pwmd_open_async() now honors PWMD_OPTION_PINENTRY_TRIES.
75 Fixed pwmd_process() to make sure all pending data has read.
77 A couple minor bugfixes.
82 Added pwmc command line option -i to specify the number of iterations when
83 saving (-S). Requires pwmd v1.9.
88 This release is mainly fixes and features for asynchronous clients.
90 Added pwmd_assuan_ctx() to return both the assuan context and socket file
91 descriptor associated with the specified pwm_t handle.
93 Added pwmd_pending_line() which is a wrapper around assuan_pending_line() and
96 Don't return an error if the data file is unreadable when pwmd_open() is
99 The socket file descriptor is set to block when doing an INQUIRE. Fixes
100 GPG_ERR_EAGAIN being returned from assuan_transact().
102 Fixed status messages when using pwmd_process().
104 Removed assuan.h client dependency.
109 Added pwmd_open_async(), pwmd_save_async(), pwmd_process(), pwmd_finalize()
110 and pwmd_async_t. This will replace pwmd_open_nb(), pwmd_open_nb_finalize(),
111 pwmd_save_nb(), pwmd_save_nb_finalize() and pwmd_nb_state_t in a future
112 version. These new functions allow pwmd to use its pinentry method rather than
113 having libpwmd fork() and launch pinentry for nonblocking IO.
115 When DEBUG is defined, a few new command line options are available to pwmc to
116 test password retrieval methods.
121 Let pwmc handle the new IMPORT command.
123 Fixed disconnecting pinentry.
125 When the inquire callback returns GPG_ERR_EOF and 'result' is not NULL, send
126 the rest of 'result' before terminating the callback.
131 This version breaks backward compatibility and requires pwmd 1.4 or later. The
132 reason is because of how commands that use the INQUIRE response (the "STORE"
133 command) from the server has changed. To do a INQUIRE command, use the new
134 pwmd_inquire() function and not pwmd_command(). The reason for this is to use
135 less memory when large amounts of data is to be sent. The entire data doesn't
136 need to be stored in a buffer before sending. It can be sent ASSUAN_LINELENGTH
137 bytes at a time (~1000) and also removes the one-line-per-command restriction;
138 the data can contain newline characters. See pwmc.c for example usage.
140 Updated to use new pwmd error codes.
142 Fixed pwmd_connect() not setting the error parameter on success.
144 Only one command can be processed with pwmc do to the new INQUIRE code. This
145 removes pwmc command line option -E.
147 Added pwmc command line option -I to read INQUIRE (STORE command) data
148 from the specified file descriptor. Reading from a file descriptor rather from
149 a pipe can save memory when large amounts of data is being sent. See the pwmc
150 manual page for example usage.
152 The result of a pwmc command is not modified at all (newline characters).
154 Send OPTION CLIENT NAME=pwmc when pwmc connects to the server.
156 Server status messages are printed to stderr by default. Use the new command
157 line option -X to suppress status messages.
159 Since pwmd 1.4 includes it's own pinentry support, setting
160 PWMD_OPTION_PINENTRY with pwmd_setopt() will send "OPTION PINENTRY=0" to the
161 server to prevent pwmd from using its pinentry support.
163 Renamed 'configure' option --with-pinentry-path to --with-pinentry.
165 Look for ~/.pwmd/pinentry.conf rather than ~/.pwmd/env. The variable names
166 have also changed. They are now: TTYNAME, TTYTYPE, DISPLAY and PATH.
168 A few bugfixes. See ChangeLog for details.
173 Added --with-pinentry-path to configure to set the default location of the
174 pinentry binary. The default is /usr/bin/pinentry.
176 The timeout (if set) is cancelled after pinentry returns since this means
179 PWMD no longer returns EPWMD_FILE_NOT_FOUND anywhere. It is up to the client
180 to figure out if the file is new or not by using the GETCONFIG protocol
183 Added the -d command line switch to pwmc. This will redirect any command
184 output to the specified file descriptor. If your using pinentry to retrieve a
185 password from the same tty as pwmc and redirecting output, this is needed.
187 Added pwmc command line options -D, -T and -N. These can set the pinentry
188 display, tty and terminal type.
190 A couple of minor bugfixes.
195 Added gettext support.
197 Don't free the password when set with pwmd_setopt() until pwmd_close() is
198 called. Fixes pwmc -p for example.
200 Fixed pwmc and looping when an error occurs and pinentry is used to get the
206 FreeBSD compile-time fix.
208 pwmd_open() will return GPG_ERR_TIMEOUT after pwmd_terminate_pinentry() is
211 Warn about unused function results at compile-time.
216 Fixed gpg-error descriptions. Client's linked to this version of libpwmd
217 should be using pwmd v0.10 or later.
219 Made the pwm_t structure private.
221 Library functions returning PWMD_OK or PWMD_ERROR now are prototyped to return
222 a type of gpg_error_t. This removes the extra needed parameter when calling
223 these functions. When these functions succeed, 0 is returned. Otherwise it's
224 an error code that pwmd_strerror() can describe.
226 Renamed pwmd_option to pwmd_option_t.
228 Added PWMD_OPTION_STATUS_FUNC and PWMD_OPTION_STATUS_DATA. The set function
229 will be called when pwmd sends a status (S) line. The function should return 0
230 on success or a gpg_error_t which will fail the current command with the
233 Renamed PWMD_OPTION_[TITLE|PROMPT|DESC] to PWMD_OPTION_PINENTRY_...
235 When using pinentry for password retrieval, PWMD_OPTION_PINENTRY_TRIES can
236 be set to specify the number of times before giving up after an invalid
239 The custom memory de/allocator symbols are now hidden.
241 Renamed pwmd_password_func to pwmd_password_fn. A pwm_t * is also a required
244 Renamed pwmd_status_func to pwmd_status_fn.
246 Removed pwmd_get_password(). This has been replaced by pwmd_open_nb() and
247 pwmd_save_nb(). These function's will return a file descriptor that select()
248 can use when a file isn't cached. When available for a read(), a
249 pwmd_nb_status_t should be read and then passed to pwmd_open_nb_finalize() or
250 pwmd_save_nb_finalize() to update the pwm handle. pwmd_open_nb() also has an
251 option to specify the number of seconds until the pinentry process will
254 Added pwmd_terminate_pinentry() which will kill the pinentry process
255 associated with the specified pwm handle. Use this if you need a pinentry
256 timeout but don't call pwmd_open_nb().
258 Added pwmc command line option -t to specified the pinentry timeout.
260 When a file ~/.pwmd/env exists, it is read before calling pinentry. This file
261 contains NAME=VALUE pinentry settings where NAME is one of TTY, TERM or
262 DISPLAY. These settings will overwrite the ones set by pwmd_setopt(). This
263 allows a daemon process to use pinentry after it's cache entry has been
266 Quite a few API changes and bugfixes. Read libpwmd.3 for details.
271 Now uses the assuan protocol for communicating with pwmd. This changes things
272 quite a bit. Read on...
274 Uses more secure memory allocation. Kinda. It mainly just zero's out what is
275 allocated before free()'ing it.
277 Added pwmd_init(). Call this before anything else.
279 Added pwmd_open() and pwmd_save(). This removes PWMD_OPEN and PWMD_SAVE.
281 Removed PWMD_COMMAND. pwmd_command() now accepts a format string as the
284 Added pwmd_free_result(). Use this to free a result from pwmd_command().
286 Removed PWMD_SETOPT. Changed to pwmd_setopt().
288 Added options for setting up the pinentry terminal and display.
290 Added pwmd_get_password(). This is a nonblocking way of calling pinentry. It
291 returns a file descriptor that select() can use to read from when a password
292 is ready to be read from with read() (mostly ripped from Elinks'
293 start_thread()). Thanks Kalle Olavi Niemitalo <kon@iki.fi> for the idea.
295 Now uses libgpg-error error codes.
297 Fixed pwmc and the BYE command.
299 A few other changes. Read the libpwmd.h header file, libpwmd.3 and ChangeLog
305 Split pwmd and libpwmd into their own packages.
307 Added PWMD_SETOPT options PWMD_OPTION_PASSWORD_FUNC and
308 PWMD_OPTION_PASSWORD_DATA to specify a custom password retrieval function for
309 use with the PWMD_OPEN and PWMD_SAVE commands.
311 gpg-agent(1) is no longer used for interacting with pinentry(1). Now libassuan
312 calls pinentry directly. This adds PWMD_OPTION_PINENTRY_PATH to specify the
313 location of the pinentry program. The default is /usr/bin/pinentry. New
314 programs should use PWMD_OPTION_PINENTRY instead of PWMD_OPTION_USEAGENT and
315 EPWMD_PINENTRY_ERROR instead of EPWMD_AGENT_ERROR.
322 Removed pwmd_list_free(). The prototype disappeared but I forgot to remove the
328 Restore the working directory after connecting to the socket.
330 Changed the gpg-agent title and description strings in pwmc.
332 Fixed a segfault when looking for the empty string in a result from
338 Most of the PWMD_* commands have been removed. PWMD_OPEN, PWMD_SAVE,
339 PWMD_SETOPT and the new PWMD_COMMAND remain. PWMD_COMMAND takes a char*
340 argument being the protocol command along with any argument to send to the
341 server. This is alot simpler and less error prone than before. Also the
342 library won't need to be updated if a protocol command changed or is added.
344 Fixed PWMD_SAVE and asking for a password when the file was cached.
346 Added pwmc. This is a command line client for pwmd. It reads protocol commands
349 Removed pwmd_base64_encode() and pwmd_base64_decode().
351 Added a pkg-config meta file.
356 Added PWMD_ATTR_GET to get an attribute value from an element path.
358 pwmd_base64_decode() bugfix. Don't assume the return value is a character
359 array by nul-terminating it.
361 Added pwmd_list_free() to free a "list" result.
363 Can compile with g++ and maybe other C++ compilers.
365 Fixed some memory leaks.
367 Bugfix for the protocol parser.
372 Changed the version number as suggested by the libtool docs.
374 pwmd_base64_decode() bugfix. The returned string wasn't NULL terminated.
376 Updates for the OPEN and SAVE protocol commands. libPWMD no longer base64
379 Updates for the new ATTR protocol command.