QTM libpwmd patch revised

Updated to apply against the QTM mecurial repository. Still requires libpwmd 8.x.

Download it here.

Pwmd 3.1.0-beta3 released

Here’s the NEWS for this (possibly final) beta release:

• The LS command now sorts filenames.
• Fixed a long standing memory leak related to a client’s thread name.
• Key expiration is now ignored when OPEN’ing a data file. The next SAVE will fail if using an expired key. See docs for details about what to do.
• The CACHETIMEOUT command now requires an opened data file and no longer considers an “invoking_user”. The syntax has also changed to require only a
  timeout parameter.
• Added GENKEY –no-expire to allow creating keys that do not expire.
• GENKEY now requires an opened data file.
• Bug fixes. See ChangeLog for details.

Download it here.

Advertisement

Pwmd 3.1.0-beta2 released

This changes a few important things from beta1: The SAVE command will no longer generate any keys even if the file is a new one. Instead, you should use the new GENKEY command to generate a keypair, then provide the encryption and signing keyid’s to SAVE. Or you can provide any other existing keyid’s.

A new command GENKEY has been added. Use this to generate a new encryption, signing or subkey for use with the SAVE command.

The SAVE command now only allows a single signer.

Added configuration parameter “strict_open” to prevent clients from creating new data files.

Added command DELETEKEY to delete a private key (and its’ subkeys).

The DUMP command no longer requires a passing checksum test. This is to allow a client to dump what they have edited when the checksum fails do to another client modifying the data file or some other reason.

Added copy-on-write support. When two or more clients have the same data file open and one modifies the document, a copy of the document is made for the client. Otherwise a document pointer is shared among clients to save some memory. The first client to SAVE the same document as another client “wins” and others will need to reopen the data file do to a checksum failure.

And… Happy New Year!

Pwmd version 3.1.0-beta1 released

This is a beta version so users can test it out and submit patches for any (major) bug fixes, features and any other changes before the final 3.1.0 release. The major change in this release is the use of GpgME for all crypto operations and the removal of “literal” elements. When a “target” attribute is encounted for an element in an element path, the target is always followed. See NEWS for more changes in this release.

Download it here.

Pwmd updates

The master branch of pwmd has merged the no-literals branch and also fixes the CLEARCACHE command to clear gpg-agent cached keys among other things. This requires libgpgme >= 1.7.0 and gpg-agent >= 2.1.15 which are both still in development and haven’t been released yet. But you can still try things out by building from their git repositories.

Also added are two new special attributes expire and expire_increment. When the GET command encounters an element with the expire attribute and the currrent time is greater than the attribute value, a new status message STATUS_EXPIRE is sent. The expire_increment attribute is the number of seconds that the next STORE command will increment the expire attribute by from the current time. So if you have set an expiry for an element and use a qpwmc shortcut to fetch element content with an expired element, you will be notified about it.

Possible pwmd database format change

I’ve run into a couple of more bugs relating to handling of the target attribute and recursion loops and have also recently learned about SQL relational object pointers which may be a canidate for replacing the target attribute and XML database format entirely. The command syntax may be able to be kept the same with the exception of the XPATH and XPATHATTR commands. But SQL has easier searching syntax anyway.

Hopefully we should be able to use sqlite3 since it can do in-memory databases and possibly faster than the XML database, too. We’ll see how it goes…

UPDATE: There is a project libsqlfs that utilizes sqlite’s VFS features as a fuse module. The fuse module itself isn’t very useful because fuse is Linux and *BSD (just looking at configure.ac) specific and not portable to other OS’s. Most filesystem operations can be done without the fuse parts with the exception (naturally) of symbolic links. I’ve got a somewhat working implementation of sqlfs_proc_realpath() that may be a suitable substitute for the "target" attribute.

Since the VFS features of sqlite are being used, most commands will probably change to look and behave like shell commands: cp, mv, ln, rm, etc.

UPDATE 2: Well, I don’t think SQLite is going to work as well as I thought. So I’m going to rewrite how the “target” attribute works by removing the notion of literal elements to simplify things. An element with a “target” attribute will work as usual, but a literal element — the element of the same name without a “target” attribute — will be non-existant. So if you remove an element that contains a “target” attribute, it will remove only that element and not the target element path. Kinda like removing a symbolic link on a filesystem. Remove the link and not the stuff the link points to. Thats the new plan. But things may of course change.

Pwmd version 3.0.18 released

This version contains mostly fixes backported from the development branch of pwmd. Here’s the NEWS for this release:

The "tcp_require_key" configuration parameter will no longer clear the cache
entry for a data file. It will only try to decrypt it.

Do an fsync(2) on the data file directory after a SAVE as recommended by the
manual page.

Only show regular files in the LS command and also be sure the OPEN'd file
is a regular one.

Disallow a new line character in an attribute value to prevent ATTR LIST
corruption.

TLS-1.0 is now disabled by default.

Fixed handling of invalid group names in an ACL. They are ignored rather than
returning an error.

When using gpg-agent and the agent cached key has expired, return
GPG_ERR_KEY_EXPIRED rather than GPG_ERR_NO_DATA. This can make it easier to
determine why you are asked for a passphrase by reviewing a pwmd log. Note
that the "max-cache-ttl" gpg-agent configuration parameter also affects the
cache state for a data file.

A few minor bug fixes. See ChangeLog for details.

Download it here.

Pwmd and OpenPGP status update

Work continues making pwmd work with libgpgme. There are a couple of things remaining to do before a release. Mainly, deciding whether to make a tool to import v3.0.x data files then export to OpenPGP. Should the version then be 3.1 or 4.0? Another possibility is to rename the executable to pwmd2 with a version of 1.0 or to fork the project entirely to something new. Also, should there be any beta releases?

The tickets on the SourceForge project page contain other things needing to be done, too.

Pwmd version 3.0.17 released

This version adds advisory locking for data files via flock(2). Now two instances of pwmd can share the same data file without risk of corruption. This version also reimplements data file ACL support and releases the data file mutex before beginning a data transfer during a command to let other clients aquire the mutex (unless locked explicitly). And a couple bug fixes.

Download it here.

Pwmd version 3.0.16 released

This version fixes a nasty bug that prevented opening a saved data file when the key was cached and adds a couple of features and fixes a couple of other minor bugs. See NEWS for details.

Download it here.