Updates.

[pwmd.git] / NEWS

PWMD v0.7
---------
cache_push and working directory bugfix.

Added two new configuration options "key" and "key_file". Works with
cache_push too.

Added a boolean "cache_reset_timeout" configuration option to reset the timer
for a cached key when the OPEN or SAVE commands are used.

Added two new protocol commands CACHE RESET which clears only the key for the
specified file and CACHE RESETALL which clears the key for all files.

The "name" and "target" attributes are now case-sensitive.

The value of an element path that contains a "target" attribute can be
obtained by prefixing the account element with a '!'.


PWMD v0.6
---------
Fix for the LIST command. When an element path was specified and the document
had following elements in the tree the following elements would be shown.

Added the CACHE TIMEOUT command to specify the lifetime of a cached file in
seconds. This adds a new configuration file setting "cache_timeout".

Added per-file settings in the configuration file. A file section is declared
by placing the filename in braces. Only the "iterations" and "cache_timeout"
settings are used in a file section.

No longer chdir() to the data directory.


PWMD v0.5
---------
If a file size is 0 then CACHE ISCACHED will return EPWMD_FILE_NOT_FOUND.

Write a structure to the data file which specifies the iterations and IV. This
lets you open a file that had a different iteration setting than the current
setting. Breaks file compatibility with previous versions for hopefully the
last time.

cache_push with an invalid password bugfix.

Added command line option -I to import an XML file and write the encrypted
data to stdout.


PWMD v0.4
---------
Use AES-256-CBC to store the data file. This breaks file compatibility with
older versions. Sorry.

The ATTR protocol command has a new GET sub-command to get an attribute value
for an element path.

The LIST protocol command can now take an element path.

The DUMP command will format it's output.

Use MAP_ANONYMOUS|MAP_SHARED mmap() flags on Linux 2.4+. This won't create a
file in /dev/shm. #define MMAP_ANONYMOUS_SHARED in config.h if your OS
supports this.

Fixed closing file descriptors.

Fixed some memory leaks.

The contents of all memory allocated by Glib, libXML and libgcrypt is cleared
before free()ing.

Added an "iterations" configuration parameter. This specifies the amount of
times to encrypt the data to prevent dictionary attacks. Idea borrowed from
aespipe.


PWMD v0.3
---------
The SETATTR protocol command has been renamed to ATTR. This new command
includes three new sub-commands: SET, DELETE and LIST, to SET or update an
attribute, DELETE to delete an attribute and LIST to list attributes of an
element path. Read PROTOCOL for details.

Added the TARGET attribute. If an element has this attribute set, it's value
is another element path. It's recursive too so the destination element path
can be an element with a TARGET attribute. Be careful of loops though.

Added the DUMP protocol command. It shows the in-memory document. Useful for
cleaning up empty elements that aren't shown with any command.

The "name" attribute can be used in any element but cannot be removed for the
root "account" element.

More strict element name validation for new elements.

Code reorganization. Protocol commands have been put in src/commands.c.

The LIST command won't show element values anymore unless DEBUG was defined at
compile time. You must use the GET command to get a value.

The OPEN and SAVE protocol commands no longer expect a base64 encoded key.
Plain text is where it's at.

The STORE command wont base64 encode the value. We'll leave it up to the
client. But it's still recommended to avoid parsing errors.

All of the command line options have been moved into a configuration file. By
default pwmd will look for it in ~/.pwmdrc. You can use -f to specify an
alternate file. If the file doesn't exist, then some defaults will be used.
There is one new config option though; "cache_push" will take a list of
filenames as an argument. This will prompt for passwords upon startup and add
the file to the cache. It's a (temporary?) fix for background processes that
don't have an attached tty (see libpwmd/KnownBugs). Just make sure the file
the other process needs is added to the cache.


PWMD v0.2
---------
There is a library included in the archive to make interfacing the pwmd alot
easier. See libpwmd/README for more information.

A (temporary) fix for 100% CPU usage after a client connects.

GnuPG is no longer used for data encryption. Instead, libgcrypt will
encrypt/decrypt the data with AES-128 key. The OPEN and SAVE commands will
need the base64 encoded key.

Renamed host to hostname and added sslfingerprint to the DTD.

Added command line option -s to specify the socket path.

Added command line option -d to specify where pwmd will open and save the data
files.

Renamed protocol command SET to SETATTR.

Added shared memory file caching. If a file is found in the cache then the
cached password associated with the file will be used with the OPEN command.
With SAVE, if there is no cached password a key is required, else the cached
password will be used unless there is a key argument. This also adds a new
protocol command CACHE with 3 subcommands CLEARALL, CLEAR and ISCACHED.
Sending the SIGHUP signal to pwmd will clear the file cache.

Added command line option -M to disable calling mlockall(). mlock() will still
be used for the file cache reguardless of this option.

Added command line option -C to specify the file cache size. The cache size
must be in multiples of PAGE_SIZE.

Added command line option -l to enable logging to the specified file.

If there is a protocol command error, ERR is returned along with a protocol
error code and description. See src/pwmd_error.h for error codes.

Fix for the DELETE command and deleting an entire element tree when an invalid
element was in the element path.

Fix for the GET command and finding elements of the same name in other
accounts.

Added a manual page.


PWMD v0.1
---------
Initial release.