summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2016-07-06proper clean up of resourcesGravatar Christian Hesse1-7/+15
2016-07-06fix some misc issuesGravatar Christian Hesse1-8/+10
2016-07-06simplify error pathGravatar Christian Hesse1-2/+1
2016-07-06open the Yubikey when neededGravatar Christian Hesse1-11/+57
Some key do an unplug/plug sequence after challenge/response. Thus the second challenge/response failed. So let's open the key only when needed and have a clean context.
2016-07-06update dracut for latest codeGravatar Christian Hesse1-3/+5
Did I get everyting? This is untested...
2016-05-28add EditorConfig configurationGravatar Christian Hesse1-0/+18
2016-05-28indent with tabsGravatar Christian Hesse3-17/+17
2016-05-28Merge branch 'systemd-units'Gravatar Christian Hesse6-29/+31
2016-05-28install systemd unit file without execute permissionGravatar Christian Hesse1-1/+1
2016-05-22do not install ykfde-2f but ykfde-notify.serviceGravatar Christian Hesse1-1/+1
2016-05-22update dependenciesGravatar Christian Hesse1-1/+3
2016-05-22add comment about sleepGravatar Christian Hesse1-0/+3
Is there any better way than sleeping?
2016-05-22do not write password to logsystemd-v230Gravatar Christian Hesse1-1/+1
This requires systemd-ask-password with option --no-output, so it depends on systemd v230 (or commit a5a4e365).
2016-05-22fix start order of unitsGravatar Christian Hesse1-0/+1
2016-05-22drop shell script and implement with systemd unitsGravatar Christian Hesse4-27/+23
2016-05-06use own function to ask for LUKS passphraseGravatar Christian Hesse1-5/+11
2016-05-06prepare version 0.6.30.6.3Gravatar Christian Hesse1-1/+1
2016-05-06make ykfde-cpio depend on version.hGravatar Christian Hesse1-1/+1
2016-05-06give hint we want the *current* second factorGravatar Christian Hesse1-1/+1
2016-05-04update documentation again, give real exampleGravatar Christian Hesse2-16/+20
2016-05-04update help outputGravatar Christian Hesse2-2/+3
2016-05-04update documentationGravatar Christian Hesse2-16/+24
* Use long version of switches. * Use --new-2nd-factor (instead of --2nd-factor) for initialization.
2016-05-04move terminal input to function, verify matching strings for new factorGravatar Christian Hesse1-37/+49
2016-05-04simplify code structureGravatar Christian Hesse1-47/+49
2016-05-04simplify return code handlingGravatar Christian Hesse3-67/+30
We do not return the return codes from library functionen, but that is not a big issue...
2016-05-04support reading second factor from terminalGravatar Christian Hesse3-17/+78
This increases security by not displaying on display and not writing to shell history.
2016-05-04do not allow to give second factor twiceGravatar Christian Hesse1-0/+12
2016-05-04fix error condition for yk_close_key() and yk_release()Gravatar Christian Hesse2-4/+4
2016-05-04fix error condition for yk_init()Gravatar Christian Hesse2-4/+6
2016-05-04fix error condition for yk_get_serial()Gravatar Christian Hesse2-2/+4
2016-05-03prepare version 0.6.20.6.2Gravatar Christian Hesse1-1/+1
2016-05-03add empty line for indentionGravatar Christian Hesse1-0/+1
2016-05-03fix error condition for yk_challenge_response()Gravatar Christian Hesse2-9/+12
2016-05-03do not crypt_free() when crypt_status() failsGravatar Christian Hesse1-1/+1
2016-05-03make ykfde-cpio understand command parametersGravatar Christian Hesse2-2/+35
2016-05-03fix compiler and linker flags and produce binaries with full RELROGravatar Christian Hesse2-2/+4
2016-05-03warn when second factor is preocessed but not enabled in configGravatar Christian Hesse1-0/+5
2016-05-03define new constant for max second factor lengthGravatar Christian Hesse1-2/+3
2016-04-04prepare version 0.6.10.6.1Gravatar Christian Hesse1-1/+1
2016-04-04do not write second factor to stdout (and log to journal)Gravatar Christian Hesse1-1/+1
Signed-off-by: Christian Hesse <mail@eworm.de>
2016-04-04let systemd-ask-password add the key to store and drop keyctlsystemd-v227Gravatar Christian Hesse2-4/+1
Signed-off-by: Christian Hesse <mail@eworm.de>
2016-04-04prepare version 0.6.00.6.0Gravatar Christian Hesse1-1/+1
2016-02-26shell and commands are required for second factor onlyGravatar Christian Hesse1-7/+7
2016-02-25README-mkinitcpio: emphasize we need a systemd-enabled initramfsGravatar Aron Widforss1-2/+3
close #4 Signed-off-by: Christian Hesse <mail@eworm.de>
2016-02-25make sure we have shell and commands in initramfsGravatar Christian Hesse1-0/+7
fix #5
2016-01-20update the dracut stuffGravatar Christian Hesse3-30/+44
Not tested, though...
2016-01-20ups, we want another level of headingGravatar Christian Hesse1-5/+5
2016-01-19add condition for query of 2nd factorGravatar Christian Hesse1-0/+1
2016-01-18update README-mkinitcpioGravatar Christian Hesse1-26/+31
2016-01-18update READMEGravatar Christian Hesse1-3/+1
2016-01-18merge mkinitcpio hooksGravatar Christian Hesse4-17/+16
2016-01-18we have command options to control behaviour, remove loop hackGravatar Christian Hesse1-40/+21
2016-01-18rename ykfde-cpio.service -> ykfde.serviceGravatar Christian Hesse2-1/+1
2016-01-18remove ykfde-cpio hook and make cpio archive mandatoryGravatar Christian Hesse3-21/+0
2016-01-18add and install grub configurationGravatar Christian Hesse2-0/+17
2016-01-18irgnore bad exit status for ykfdeGravatar Christian Hesse1-1/+1
2016-01-18update comment about compiler commandGravatar Christian Hesse1-1/+1
2016-01-18create archive on shutdownGravatar Christian Hesse1-0/+1
2016-01-18remove macro, this works with gcc option -std=gnu11Gravatar Christian Hesse1-7/+0
2016-01-17unlink pid file before exitGravatar Christian Hesse1-0/+2
2016-01-16We have support for second factor. Yeah!Gravatar Christian Hesse12-160/+396
2016-01-04update copyright for 2016Gravatar Christian Hesse4-4/+4
2015-05-27prepare version 0.5.20.5.2Gravatar Christian Hesse1-1/+1
2015-05-27iniparser_getstring() returns const char *Gravatar Christian Hesse2-2/+2
2015-05-12fix typo in commentGravatar Christian Hesse1-1/+1
2015-01-07prepare version 0.5.10.5.1Gravatar Christian Hesse1-1/+1
2015-01-07delete documentation target on errorGravatar Christian Hesse1-11/+5
This prevents zero-size html files to be present on markdown failure.
2015-01-07do not pipe to sed and catch markdown failuresGravatar Christian Hesse1-3/+6
2015-01-07do not recommend to create symlinksGravatar Christian Hesse1-5/+7
Naming executables is package manager's job. We do not touch that but use what is given.
2015-01-06Merge pull request #2 from nj0y/devGravatar Christian Hesse2-7/+56
Update Documentation from Dracut & modified dracut
2015-01-06make challenges available in the main initramfsGravatar Benjamin Pereto1-0/+1
2015-01-06updated README-dracut.mdGravatar Benjamin Pereto1-7/+55
2015-01-06update documentation for mkinitcpio & dracutGravatar Christian Hesse5-96/+191
2015-01-04make defines more portableGravatar Christian Hesse2-4/+10
Looks like _DEFAULT_SOURCE requires a recent glibc and does not work on Fedora. So use _XOPEN_SOURCE and _XOPEN_SOURCE_EXTENDED instead. Reported-by: Benjamin Pereto <benjamin.pereto@gmail.com>
2015-01-04add dracut moduleGravatar Benjamin Pereto4-1/+35
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-01-04add .tar.xz archive for releaseGravatar Benjamin Pereto1-0/+2
2015-01-04add comment with Yubikey details to udev ruleGravatar Christian Hesse1-3/+26
2015-01-04aded more IDs to udev-ruleGravatar Benjamin Pereto1-1/+1
It exists new versions of yubikey, add support
2015-01-04udev rule is installed to mkinitcpio specific pathGravatar Christian Hesse2-1/+1
2015-01-04update copyright for 2015Gravatar Christian Hesse4-4/+4
2014-12-30some more detailed documentationGravatar Christian Hesse1-1/+6
2014-12-29refactor install section and add hint about dracutGravatar Christian Hesse1-3/+8
2014-12-29introduce config.hGravatar Christian Hesse8-21/+51
We now have configuration in just one place.
2014-12-29do not create directory '.' in archiveGravatar Christian Hesse1-5/+0
This has been changes in mkinitcpio, so we do it the same. https://projects.archlinux.org/mkinitcpio.git/commit/?id=514d5f1fa641b0bfc66d43f4c0c7e7830f747899
2014-12-23prepare version 0.5.00.5.0Gravatar Christian Hesse1-1/+1
2014-12-23rename systemd service to ykfde-cpioGravatar Christian Hesse2-1/+1
2014-12-23install ykfde-cpio hookGravatar Christian Hesse1-0/+1
2014-12-23support updating the challenge on bootGravatar Christian Hesse8-13/+276
2014-12-22prepare version 0.4.00.4.0Gravatar Christian Hesse1-1/+1
Signed-off-by: Christian Hesse <mail@eworm.de>
2014-12-22replace shell script with C code, and many moreGravatar Christian Hesse9-137/+408
* place bin/ykfde with C source code bin/ykfde.c * challenge/response can be updated in place WARNING: This required config file syntax change! * updates and simplification to udev/ykfde * a lot more... Signed-off-by: Christian Hesse <mail@eworm.de>
2014-12-11build pisition independent executableGravatar Christian Hesse1-1/+1
2014-10-21prepare release 0.3.40.3.4Gravatar Christian Hesse1-1/+1
2014-10-21use ISO C11 standardGravatar Christian Hesse1-1/+1
2014-10-21no need to include usbhid moduleGravatar Christian Hesse1-1/+0
This uses libusb to communicate with Yubikey, so usbhid module is not needed. Now that yubikey-personalization does not expect an active kernel driver this works reliable. https://github.com/Yubico/yubikey-personalization/commit/ad3d02fe756adfc04f849f5b4221357f2f2ecb03
2014-05-05prepare release 0.3.30.3.3Gravatar Christian Hesse1-1/+1
2014-05-05fix udev ruleGravatar Christian Hesse1-1/+2
Yubikey emits a lot of events when inserted and queried. We do have to act on insert, so make sure to match the correct case.
2014-05-04make output to /dev/console a compile time optionGravatar Christian Hesse1-1/+3
2014-04-17prepare release 0.3.20.3.2Gravatar Christian Hesse1-1/+1
2014-04-17fix getopt optionsGravatar Christian Hesse1-1/+1
2014-04-17get encrypted device from /etc/crypttab.initramfsGravatar Christian Hesse2-18/+14