Age | Commit message (Expand) | Author | Files | Lines |
2017-10-30 | add missing header comment | Christian Hesse | 1 | -0/+5 |
2017-10-20 | use annotated (and signed) tags only | Christian Hesse | 1 | -1/+1 |
2017-10-06 | prepare version 0.7.20.7.2 | Christian Hesse | 1 | -1/+1 |
2017-09-22 | run ykfde-worker after ykfde-2f, but do not require | Christian Hesse | 1 | -1/+0 |
2017-09-22 | sleep and pkill are no longer required | Christian Hesse | 3 | -6/+0 |
2017-09-22 | ... same for dracut | Christian Hesse | 1 | -2/+2 |
2017-09-22 | we always need the worker | Christian Hesse | 1 | -2/+2 |
2017-09-16 | update for recent keyring changes in systemd•••With systemd v235 we will have new KeyringMode= for services. Setting
KeyringMode=shared allows to share secrets between services. Use that
for our services.
As udev is not started with a shared keyring we can not run the worker
directly. Instead always start the service.
systemd-v235 | Christian Hesse | 4 | -1/+4 |
2017-07-04 | prepare version 0.7.10.7.1 | Christian Hesse | 1 | -1/+1 |
2017-07-03 | undo the changes with session keyring•••The keyring handling has been fixed with systemd v234, so revert using
the session keyring.
systemd-v234 | Christian Hesse | 1 | -16/+1 |
2017-07-03 | prepare version 0.7.00.7.0 | Christian Hesse | 1 | -1/+1 |
2017-06-22 | do not track changes in /etc/ykfde.d/ | Christian Hesse | 2 | -1/+4 |
2017-06-22 | rename the worker program•••This is no longer just udev... So rename and move.
| Christian Hesse | 9 | -33/+17 |
2017-06-22 | wipe second factor from memory | Christian Hesse | 1 | -0/+1 |
2017-06-20 | Rework the code, update keyring handling•••This had some historical issue... So rework the code:
* split into more functions
* drop the sleep and notify logic
* update keyring handling
Depending on setup and systemd version (233 and up) the keyring handling
fails. Try to fix this by...
* writing to session keyring first
* setting permissions
* linking to user keyring
* unlinking from session keyring
https://mjg59.dreamwidth.org/37333.html
systemd-v233 | Christian Hesse | 6 | -194/+208 |
2017-06-20 | Revert "request key from user keyring"•••This reverts commit e90e36ae106b4c6ff30a6ce0c0b1d03a5615a363.
The argument expects a destination keyring to create a key in case it is
not found. So keep the zero, which means not to create a key.
| Christian Hesse | 1 | -1/+1 |
2017-06-14 | invert condition | Christian Hesse | 1 | -8/+5 |
2017-06-14 | FIX: save old termio structure properly | Benjamin Pereto | 1 | -2/+2 |
2017-04-28 | Updated ykfde.c to silently skip terminal updates when tcgetattr fails so tha... | Alec Lanter | 1 | -14/+20 |
2017-03-08 | use https for my mirror | Christian Hesse | 1 | -1/+1 |
2017-03-02 | request key from user keyring | Christian Hesse | 1 | -1/+1 |
2017-03-02 | share memory for passphrase and askpass answer | Christian Hesse | 1 | -9/+7 |
2017-03-02 | systemd-ask-password: give id as suggested by man page | Christian Hesse | 1 | -1/+1 |
2017-03-02 | update copyright for 2017 | Christian Hesse | 6 | -6/+6 |
2016-07-09 | prepare version 0.6.40.6.4 | Christian Hesse | 1 | -1/+1 |
2016-07-07 | Small grammar and instruction updates•••Modified a bit of grammar, added a clarifying paragraph or two,
and added a working HOOKS example
Signed-off-by: Christian Hesse <mail@eworm.de>
| Steve Divskinsy | 2 | -42/+62 |
2016-07-06 | proper clean up of resources | Christian Hesse | 1 | -7/+15 |
2016-07-06 | fix some misc issues | Christian Hesse | 1 | -8/+10 |
2016-07-06 | simplify error path | Christian Hesse | 1 | -2/+1 |
2016-07-06 | open the Yubikey when needed•••Some key do an unplug/plug sequence after challenge/response. Thus the
second challenge/response failed.
So let's open the key only when needed and have a clean context.
| Christian Hesse | 1 | -11/+57 |
2016-07-06 | update dracut for latest code•••Did I get everyting? This is untested...
| Christian Hesse | 1 | -3/+5 |
2016-05-28 | add EditorConfig configuration | Christian Hesse | 1 | -0/+18 |
2016-05-28 | indent with tabs | Christian Hesse | 3 | -17/+17 |
2016-05-28 | Merge branch 'systemd-units' | Christian Hesse | 6 | -29/+31 |
2016-05-28 | install systemd unit file without execute permission | Christian Hesse | 1 | -1/+1 |
2016-05-22 | do not install ykfde-2f but ykfde-notify.service | Christian Hesse | 1 | -1/+1 |
2016-05-22 | update dependencies | Christian Hesse | 1 | -1/+3 |
2016-05-22 | add comment about sleep•••Is there any better way than sleeping?
| Christian Hesse | 1 | -0/+3 |
2016-05-22 | do not write password to log•••This requires systemd-ask-password with option --no-output, so it
depends on systemd v230 (or commit a5a4e365).
systemd-v230 | Christian Hesse | 1 | -1/+1 |
2016-05-22 | fix start order of units | Christian Hesse | 1 | -0/+1 |
2016-05-22 | drop shell script and implement with systemd units | Christian Hesse | 4 | -27/+23 |
2016-05-06 | use own function to ask for LUKS passphrase | Christian Hesse | 1 | -5/+11 |
2016-05-06 | prepare version 0.6.30.6.3 | Christian Hesse | 1 | -1/+1 |
2016-05-06 | make ykfde-cpio depend on version.h | Christian Hesse | 1 | -1/+1 |
2016-05-06 | give hint we want the *current* second factor | Christian Hesse | 1 | -1/+1 |
2016-05-04 | update documentation again, give real example | Christian Hesse | 2 | -16/+20 |
2016-05-04 | update help output | Christian Hesse | 2 | -2/+3 |
2016-05-04 | update documentation•••* Use long version of switches.
* Use --new-2nd-factor (instead of --2nd-factor) for initialization.
| Christian Hesse | 2 | -16/+24 |
2016-05-04 | move terminal input to function, verify matching strings for new factor | Christian Hesse | 1 | -37/+49 |
2016-05-04 | simplify code structure | Christian Hesse | 1 | -47/+49 |
2016-05-04 | simplify return code handling•••We do not return the return codes from library functionen, but that is
not a big issue...
| Christian Hesse | 3 | -67/+30 |
2016-05-04 | support reading second factor from terminal•••This increases security by not displaying on display and not writing
to shell history.
| Christian Hesse | 3 | -17/+78 |
2016-05-04 | do not allow to give second factor twice | Christian Hesse | 1 | -0/+12 |
2016-05-04 | fix error condition for yk_close_key() and yk_release() | Christian Hesse | 2 | -4/+4 |
2016-05-04 | fix error condition for yk_init() | Christian Hesse | 2 | -4/+6 |
2016-05-04 | fix error condition for yk_get_serial() | Christian Hesse | 2 | -2/+4 |
2016-05-03 | prepare version 0.6.20.6.2 | Christian Hesse | 1 | -1/+1 |
2016-05-03 | add empty line for indention | Christian Hesse | 1 | -0/+1 |
2016-05-03 | fix error condition for yk_challenge_response() | Christian Hesse | 2 | -9/+12 |
2016-05-03 | do not crypt_free() when crypt_status() fails | Christian Hesse | 1 | -1/+1 |
2016-05-03 | make ykfde-cpio understand command parameters | Christian Hesse | 2 | -2/+35 |
2016-05-03 | fix compiler and linker flags and produce binaries with full RELRO | Christian Hesse | 2 | -2/+4 |
2016-05-03 | warn when second factor is preocessed but not enabled in config | Christian Hesse | 1 | -0/+5 |
2016-05-03 | define new constant for max second factor length | Christian Hesse | 1 | -2/+3 |
2016-04-04 | prepare version 0.6.10.6.1 | Christian Hesse | 1 | -1/+1 |
2016-04-04 | do not write second factor to stdout (and log to journal)•••Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 1 | -1/+1 |
2016-04-04 | let systemd-ask-password add the key to store and drop keyctl•••Signed-off-by: Christian Hesse <mail@eworm.de>
systemd-v227 | Christian Hesse | 2 | -4/+1 |
2016-04-04 | prepare version 0.6.00.6.0 | Christian Hesse | 1 | -1/+1 |
2016-02-26 | shell and commands are required for second factor only | Christian Hesse | 1 | -7/+7 |
2016-02-25 | README-mkinitcpio: emphasize we need a systemd-enabled initramfs•••close #4
Signed-off-by: Christian Hesse <mail@eworm.de>
| Aron Widforss | 1 | -2/+3 |
2016-02-25 | make sure we have shell and commands in initramfs•••fix #5
| Christian Hesse | 1 | -0/+7 |
2016-01-20 | update the dracut stuff•••Not tested, though...
| Christian Hesse | 3 | -30/+44 |
2016-01-20 | ups, we want another level of heading | Christian Hesse | 1 | -5/+5 |
2016-01-19 | add condition for query of 2nd factor | Christian Hesse | 1 | -0/+1 |
2016-01-18 | update README-mkinitcpio | Christian Hesse | 1 | -26/+31 |
2016-01-18 | update README | Christian Hesse | 1 | -3/+1 |
2016-01-18 | merge mkinitcpio hooks | Christian Hesse | 4 | -17/+16 |
2016-01-18 | we have command options to control behaviour, remove loop hack | Christian Hesse | 1 | -40/+21 |
2016-01-18 | rename ykfde-cpio.service -> ykfde.service | Christian Hesse | 2 | -1/+1 |
2016-01-18 | remove ykfde-cpio hook and make cpio archive mandatory | Christian Hesse | 3 | -21/+0 |
2016-01-18 | add and install grub configuration | Christian Hesse | 2 | -0/+17 |
2016-01-18 | irgnore bad exit status for ykfde | Christian Hesse | 1 | -1/+1 |
2016-01-18 | update comment about compiler command | Christian Hesse | 1 | -1/+1 |
2016-01-18 | create archive on shutdown | Christian Hesse | 1 | -0/+1 |
2016-01-18 | remove macro, this works with gcc option -std=gnu11 | Christian Hesse | 1 | -7/+0 |
2016-01-17 | unlink pid file before exit | Christian Hesse | 1 | -0/+2 |
2016-01-16 | We have support for second factor. Yeah! | Christian Hesse | 12 | -160/+396 |
2016-01-04 | update copyright for 2016 | Christian Hesse | 4 | -4/+4 |
2015-05-27 | prepare version 0.5.20.5.2 | Christian Hesse | 1 | -1/+1 |
2015-05-27 | iniparser_getstring() returns const char * | Christian Hesse | 2 | -2/+2 |
2015-05-12 | fix typo in comment | Christian Hesse | 1 | -1/+1 |
2015-01-07 | prepare version 0.5.10.5.1 | Christian Hesse | 1 | -1/+1 |
2015-01-07 | delete documentation target on error•••This prevents zero-size html files to be present on markdown failure.
| Christian Hesse | 1 | -11/+5 |
2015-01-07 | do not pipe to sed and catch markdown failures | Christian Hesse | 1 | -3/+6 |
2015-01-07 | do not recommend to create symlinks•••Naming executables is package manager's job. We do not touch that but
use what is given.
| Christian Hesse | 1 | -5/+7 |
2015-01-06 | Merge pull request #2 from nj0y/dev•••Update Documentation from Dracut & modified dracut | Christian Hesse | 2 | -7/+56 |
2015-01-06 | make challenges available in the main initramfs | Benjamin Pereto | 1 | -0/+1 |
2015-01-06 | updated README-dracut.md | Benjamin Pereto | 1 | -7/+55 |
2015-01-06 | update documentation for mkinitcpio & dracut | Christian Hesse | 5 | -96/+191 |
2015-01-04 | make defines more portable•••Looks like _DEFAULT_SOURCE requires a recent glibc and does not work on
Fedora. So use _XOPEN_SOURCE and _XOPEN_SOURCE_EXTENDED instead.
Reported-by: Benjamin Pereto <benjamin.pereto@gmail.com>
| Christian Hesse | 2 | -4/+10 |