3 Ported to libPth2. This fixes key cache locking portability and removes the
4 --disable-locking 'configure' option.
6 Added configuration parameter "syslog" to enable logging to the syslog daemon
7 with facility LOG_DAEMON and priority LOG_INFO.
9 When the key cache changes, send the CACHE status message to each connected
12 Reuse libgpg-error error codes more often. If your using libpwmd, please
13 update to the latest version of libpwmd otherwise error codes will be wrong.
15 Added configuration option "keepalive" to specify the interval, in seconds, to
16 send the new KEEPALIVE status message.
18 Added pinentry(1) support. This adds a new configuration parameter
19 "enable_pinentry" (the default is enabled), and a few options that can be set
20 with the new OPTION command: PATH, TTYNAME, TTYTYPE, DISPLAY, TITLE, PROMPT,
21 DESC, TIMEOUT and PINENTRY. Read COMMANDS for details.
23 Added OPTION CLIENT NAME=VALUE to let clients set a string that is associated
24 with the connection thread ID. This may be useful for debugging log messages.
26 The "iterations" configuration parameter can be set to -1 to disable
27 encryption. Setting to 0, the default, will still encrypt with 1 iteration (I
28 know it doesn't make sense, but it's needed for compatibility with previous
31 Empty (null) keys are now allowed.
33 A few bug fixes. See ChangeLog for details.
38 More safety checks when writing the data file after a SAVE command.
40 Added configuration parameter "socket_perms" to set the permissions of the
41 created socked overriding any umask setting. May be useful if a client
42 other than the user who invoked pwmd needs to connect (i.e., ACL's).
44 Added 'configure' option --disable-locking to disable key cache mutex locking.
45 Some systems don't have a complete pthread_mutex_t data type which is needed
46 rather than a pointer (FreeBSD and others probably). Note that using this
47 option increases the risk of key cache and data file corruption when more than
48 one client is using pwmd at the same time and save to the same file. If
49 possible, upgrade your OS and see if this fixes things.
51 A few bugfixes. See ChangeLog for details.
56 Added locking of the file/key cache with certain commands. This prevents other
57 clients from modifying the cache until the lock is released. This adds a new
58 pthread compile time dependency.
60 Zlib version 1.2.2.1 or later is now a requirement.
65 Added configuration parameter "recursion_depth". This specifies the maximum
66 number of times to follow a "target" attribute for a single element. The
69 When creating a "target" attribute, each element in the element path value is
70 no longer modified with the literal '!' character at all. You need to specify
71 the literal instead. This keeps the syntax more consistent with the other
74 Added the COMPRESS and DECOMPRESS status messages. Both show the bytes
75 processed so far, and the total bytes. In order to see the total after
76 upgrading from a previous version you need to save the data file once.
78 Changed the PROGRESS status message to ENCRYPT and DECRYPT.
80 The "disable_mlockall" configuration parameter now defaults to "true". Saves
81 RAM and is overkill for most since each memory deallocation is cleared before
82 being freed. The file cache is still locked in RAM though (if possible).
84 Bugfixes. See ChangeLog for details.
89 EPWMD_FILE_NOT_FOUND is no longer used. It is up to the client to determine
90 if the file exists by using the GETCONFIG command along with 'data_directory'.
92 The CLEARCACHE command will always succeed (return 0) even if the file is not
100 Added gettext support. Translations welcome.
102 Strip the first '!' of a newly created element. If there's a following one
103 it's an error. This is to avoid syntax errors and confusion with other
104 commands and element paths.
106 Only show the number of iterations so far when showing the PROGRESS status
107 message. The client can get the percentage by calculating the
108 "iteration_progress" with GETCONFIG.
110 Fixed a huge memory leak with (de)compression.
112 The cache status message format has changed to only show the used and
113 available slots and without any text strings to make it easier for clients to
116 SIGUSR1 is caught in the child process. This allows for reloading of the
119 Fixed pushing files and xml import with compression.
121 Added --enable-mem-debug to use the standard memory allocators. Valgrind seems
122 to work better this way.
124 Fixed a few memory leaks.
126 Fixed creating invalid XML elements. Elements must not begin with punctuation
127 or digit and not contain any whitespace.
129 The output of the LIST command is no longer sorted. Leave it up to the client.
134 Added the GETCONFIG command. This will return a value for a configuration
135 parameter for the opened file or the default value if no file has been opened.
136 The "key" and "key_file" parameters are ignored.
138 Rewrote how element handling is done. No longer uses an xmlTextReader but
139 accesses the xmlDocPtr nodes directly.
141 The STORE command will no longer overwrite the element tree of the last
142 element in the specified element path. Instead it will set the content as
143 usual and keep the child nodes. This affects how GET handles empty elements.
144 GET will return EPWMD_EMPTY instead of EPWMD_TRAILING_ELEMENT. The STORE
145 command can also store content in a root element (account) and remove content
146 or store an empty element by not specifying any content after the last TAB in
149 Each element in an element path can now be prefixed with the literal '!'
150 character. This allows for following targets of elements other than the root
153 The LIST command will now shows all reachable elements including target
154 elements for the specified element path. It also prefixes each element with
155 the literal '!' when needed.
157 Added support for compressing data files before encryption. This adds the
158 "compression_level" configuration parameter. The default is 6 and setting to 0
161 A couple of bug fixes.
166 Fixed libgpg-error descriptions. The errors that pwmd uses for bad syntax and
167 invalid keys etc. used to return an error code that used
168 GPG_ERR_SOURCE_DEFAULT as the source. GPG_ERR_SOURCE_USER_1 is what pwmd uses
169 now. This breaks compatibility with clients that make use of the error codes
170 (i.e., libpwmd). Be sure to update.
172 Non-option arguments on the command line are files to cache upon startup. This
173 acts like the 'cache_push' configuration parameter.
175 The location of the default configuration file is now ~/.pwmd/config and the
176 default data directory is ~/.pwmd/data, and the default log file ~/.pwmd/log.
177 This fixes clients opening these non-data filenames.
179 Fixed default configuration values when an rcfile doesn't have one.
181 The configuration parameters 'key' and 'key_file' now check to make sure the
182 key is valid before adding it to the cache like 'cache_push' does.
184 Clear the file cache and free the memlist on SIGABRT when debugging is not
187 Added command line option -b to fork pwmd to the background.
189 Added configuration parameter "iteration_progress". pwmd will send the client
190 a status message showing the percent of iterations that are complete while
191 encrypting or decrypting a data file. The default is 0 which disables sending
194 Sending SIGUSR1 to pwmd will reload the configuration file.
196 New protocol command REALPATH. This will resolve any "target" attribute for
197 all elements in the specified element path and return the result.
199 Some portability (FreeBSD and maybe others) fixes.
201 SIGTERM and SIGABRT are now properly caught in a child process.
208 Now uses the assuan protocol. This requires libassuan and libgpg-error.
210 Clear the shared memory on exit.
212 The CACHE sub-commands ISCACHED, CLEARCACHE and CACHETIMEOUT have been made
213 into their own commands removing the CACHE command itself.
215 The RESETCACHE command and the cache_reset_timeout configuration parameter
216 have been removed. The cached files timeout is reset to it's configured value
217 (or set value with CACHETIMEOUT) after each OPEN or SAVE command.
219 The OPEN command can open another file using the same connection. Beware
220 though that if the OPEN of the new file fails, no file will be open at all.
222 When OPEN'ing a new file with a specified key, cache both the filename and
223 key. Before you had to SAVE to cache the key.
225 All commands will check if the file has been modified before continueing. Not
226 the cache commands though.
228 Don't unlink() a socket filename that wasn't created by pwmd.
230 Fixed allocating more slots than needed.
232 The commands GET, STORE, DELETE and ATTR make use of the "target" attribute
233 unless the element path argument is prefixed with a '!'. The LIST command
234 will support "target" in the next release, hopefully.
236 Accounts names can no longer begin with a '!' character to avoid problems with
237 the "target" attribute.
239 Removed EPWMD_ROOT_TEXT_ELEMENT. The STORE command will return
240 EPWMD_COMMAND_SYNTAX instead.
242 Added command line option -D and configuration parameter
243 "disable_list_and_dump". When specified or enabled, the LIST and DUMP protocol
244 commands will return EPWMD_EMPTY_ELEMENT.
249 Use AM_XML2_PATH() for finding libxml2.
251 Split pwmd and libpwmd into their own projects. Both can be found at
252 http://bjk.sourceforge.net/pwmd/.
257 cache_push and working directory bugfix.
259 Added two new configuration options "key" and "key_file". Works with
262 Added a boolean "cache_reset_timeout" configuration option to reset the timer
263 for a cached key when the OPEN or SAVE commands are used.
265 Added two new protocol commands CACHE RESET which clears only the key for the
266 specified file and CACHE RESETALL which clears the key for all files.
268 The "name" and "target" attributes are now case-sensitive.
270 The value of an element path that contains a "target" attribute can be
271 obtained by prefixing the account element with a '!'.
276 Fix for the LIST command. When an element path was specified and the document
277 had following elements in the tree the following elements would be shown.
279 Added the CACHE TIMEOUT command to specify the lifetime of a cached file in
280 seconds. This adds a new configuration file setting "cache_timeout".
282 Added per-file settings in the configuration file. A file section is declared
283 by placing the filename in braces. Only the "iterations" and "cache_timeout"
284 settings are used in a file section.
286 No longer chdir() to the data directory.
291 If a file size is 0 then CACHE ISCACHED will return EPWMD_FILE_NOT_FOUND.
293 Write a structure to the data file which specifies the iterations and IV. This
294 lets you open a file that had a different iteration setting than the current
295 setting. Breaks file compatibility with previous versions for hopefully the
298 cache_push with an invalid password bugfix.
300 Added command line option -I to import an XML file and write the encrypted
306 Use AES-256-CBC to store the data file. This breaks file compatibility with
307 older versions. Sorry.
309 The ATTR protocol command has a new GET sub-command to get an attribute value
312 The LIST protocol command can now take an element path.
314 The DUMP command will format it's output.
316 Use MAP_ANONYMOUS|MAP_SHARED mmap() flags on Linux 2.4+. This won't create a
317 file in /dev/shm. #define MMAP_ANONYMOUS_SHARED in config.h if your OS
320 Fixed closing file descriptors.
322 Fixed some memory leaks.
324 The contents of all memory allocated by Glib, libXML and libgcrypt is cleared
327 Added an "iterations" configuration parameter. This specifies the amount of
328 times to encrypt the data to prevent dictionary attacks. Idea borrowed from
334 The SETATTR protocol command has been renamed to ATTR. This new command
335 includes three new sub-commands: SET, DELETE and LIST, to SET or update an
336 attribute, DELETE to delete an attribute and LIST to list attributes of an
337 element path. Read PROTOCOL for details.
339 Added the TARGET attribute. If an element has this attribute set, it's value
340 is another element path. It's recursive too so the destination element path
341 can be an element with a TARGET attribute. Be careful of loops though.
343 Added the DUMP protocol command. It shows the in-memory document. Useful for
344 cleaning up empty elements that aren't shown with any command.
346 The "name" attribute can be used in any element but cannot be removed for the
347 root "account" element.
349 More strict element name validation for new elements.
351 Code reorganization. Protocol commands have been put in src/commands.c.
353 The LIST command won't show element values anymore unless DEBUG was defined at
354 compile time. You must use the GET command to get a value.
356 The OPEN and SAVE protocol commands no longer expect a base64 encoded key.
357 Plain text is where it's at.
359 The STORE command wont base64 encode the value. We'll leave it up to the
360 client. But it's still recommended to avoid parsing errors.
362 All of the command line options have been moved into a configuration file. By
363 default pwmd will look for it in ~/.pwmdrc. You can use -f to specify an
364 alternate file. If the file doesn't exist, then some defaults will be used.
365 There is one new config option though; "cache_push" will take a list of
366 filenames as an argument. This will prompt for passwords upon startup and add
367 the file to the cache. It's a (temporary?) fix for background processes that
368 don't have an attached tty (see libpwmd/KnownBugs). Just make sure the file
369 the other process needs is added to the cache.
374 There is a library included in the archive to make interfacing the pwmd alot
375 easier. See libpwmd/README for more information.
377 A (temporary) fix for 100% CPU usage after a client connects.
379 GnuPG is no longer used for data encryption. Instead, libgcrypt will
380 encrypt/decrypt the data with AES-128 key. The OPEN and SAVE commands will
381 need the base64 encoded key.
383 Renamed host to hostname and added sslfingerprint to the DTD.
385 Added command line option -s to specify the socket path.
387 Added command line option -d to specify where pwmd will open and save the data
390 Renamed protocol command SET to SETATTR.
392 Added shared memory file caching. If a file is found in the cache then the
393 cached password associated with the file will be used with the OPEN command.
394 With SAVE, if there is no cached password a key is required, else the cached
395 password will be used unless there is a key argument. This also adds a new
396 protocol command CACHE with 3 subcommands CLEARALL, CLEAR and ISCACHED.
397 Sending the SIGHUP signal to pwmd will clear the file cache.
399 Added command line option -M to disable calling mlockall(). mlock() will still
400 be used for the file cache reguardless of this option.
402 Added command line option -C to specify the file cache size. The cache size
403 must be in multiples of PAGE_SIZE.
405 Added command line option -l to enable logging to the specified file.
407 If there is a protocol command error, ERR is returned along with a protocol
408 error code and description. See src/pwmd_error.h for error codes.
410 Fix for the DELETE command and deleting an entire element tree when an invalid
411 element was in the element path.
413 Fix for the GET command and finding elements of the same name in other