On Tue, Apr 25, 2017 at 09:47:24AM -0500, Dan Williams wrote:
>On Tue, 2017-04-25 at 07:45 +0000, David Härdeman wrote:
>> April 24, 2017 5:49 PM, "Dan Williams" <d...@redhat.com> wrote:
>>>
>>> It's not clear that the GNOME side was implemented correct
On Tue, Apr 25, 2017 at 09:21:19PM +0200, David Härdeman wrote:
>On Tue, Apr 25, 2017 at 09:54:45AM +0200, David Herrmann wrote:
>>No, it does not. sd-bus was inconsistent. See, there are 3 things
>>involved in the Object-Manager:
>>
>>Signal: InterfacesAdded
>>
On Tue, Apr 25, 2017 at 09:54:45AM +0200, David Herrmann wrote:
>On Tue, Apr 25, 2017 at 9:40 AM, David Härdeman <da...@hardeman.nu> wrote:
>> April 21, 2017 1:22 PM, "David Herrmann" <dh.herrm...@gmail.com> wrote:
>>> This change makes sure all objects h
April 25, 2017 9:54 AM, "David Herrmann" <dh.herrm...@gmail.com> wrote:
> Hi
>
> On Tue, Apr 25, 2017 at 9:40 AM, David Härdeman <da...@hardeman.nu> wrote:
>
>> April 21, 2017 1:22 PM, "David Herrmann" <dh.herrm...@gmail.com> wrote:
April 24, 2017 5:49 PM, "Dan Williams" wrote:
> On Mon, 2017-04-24 at 16:50 +0200, Lennart Poettering wrote:
>> On Fri, 21.04.17 13:22, David Herrmann (dh.herrm...@gmail.com) wrote:
>>
> Anyway, gdbus bugs aside, it seems that the interfaces
> reported by
> sd-bus
April 21, 2017 1:22 PM, "David Herrmann" <dh.herrm...@gmail.com> wrote:
> On Fri, Apr 21, 2017 at 11:50 AM, David Härdeman <da...@hardeman.nu> wrote:
>> On Thu, Apr 20, 2017 at 02:19:22PM +0200, David Herrmann wrote:
>>> On Thu, Apr 20, 2017 at 12:06 PM,
April 24, 2017 4:51 PM, "Lennart Poettering" wrote:
> On Fri, 21.04.17 13:22, David Herrmann (dh.herrm...@gmail.com) wrote:
>
>> Anyway, gdbus bugs aside, it seems that the interfaces reported by
>> sd-bus should match what gdbus does? (assuming, of course, that gdbus
>>
On Thu, Apr 20, 2017 at 02:19:22PM +0200, David Herrmann wrote:
>On Thu, Apr 20, 2017 at 12:06 PM, David Härdeman <da...@hardeman.nu> wrote:
>> Hi,
>>
>> I'm implementing a server which creates an ObjectManager using the
>> sd-bus API and there seems to be s
Hi,
I'm implementing a server which creates an ObjectManager using the
sd-bus API and there seems to be some differences between how gdbus and
sd-bus implements the API.
I implemented a simple ObjectManager at /org/gnome/TestManager which
exports objects /org/gnome/TestManager/fooX with
On Sat, Jun 27, 2015 at 09:22:45AM +0200, David Härdeman wrote:
On Thu, Jun 25, 2015 at 04:25:29PM +0200, David Herrmann wrote:
On Tue, Jun 23, 2015 at 2:41 PM, David Härdeman da...@hardeman.nu wrote:
...
Now, a question...how is an object manager supposed to be implemented in
sd-bus?
I've
On Thu, Jun 25, 2015 at 04:25:29PM +0200, David Herrmann wrote:
On Tue, Jun 23, 2015 at 2:41 PM, David Härdeman da...@hardeman.nu wrote:
...
Now, a question...how is an object manager supposed to be implemented in
sd-bus?
I've seen that there's a sd_bus_add_object_manager() function in sd
Hi,
as an experiment I've tried porting a toy dbus daemon over to sd-bus. It
seems to be working well so far and I have to say I really like the
sd-bus API over the gdbus one (sd-bus feels like I'm still writing
C...can't say the same thing about gdbus).
Now, a question...how is an object
as a workaround...
...
On Wed, Feb 05, 2014 at 12:16:00AM +0100, Lennart Poettering wrote:
On Thu, 30.01.14 10:40, David Härdeman (da...@hardeman.nu) wrote:
b) the password agent implementation in systemd doesn't seem to
handle binary strings (i.e. strings with '\0'), as can be seen by
calls
The error path in efivar_get free's what would have been
the copy of the string if the strcpy had succeeded, which
it did not (or we wouldn't be in the error path).
Signed-off-by: David Härdeman da...@hardeman.nu
---
src/efi/util.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff
On Thu, Jul 03, 2014 at 01:41:43PM +0200, Lennart Poettering wrote:
On Fri, 27.06.14 01:54, David Härdeman (da...@hardeman.nu) wrote:
Add binary string handling functions and extend the password agent
protocol to support binary strings (using = as a string prefix
instead of +).
I am feeling
index 000..118e0aa
--- /dev/null
+++ b/src/shared/bstrv.c
@@ -0,0 +1,194 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2014 David Härdeman da...@hardeman.nu
+
+ systemd is free software; you can redistribute
committed very recently and I still need
to post patch 3/3. Then a separate patch is necessary for the cryptsetup
package in Debian and after that, keyscript= will work for Debian at
least.
--
David Härdeman
___
systemd-devel mailing list
systemd-devel
On Tue, Mar 25, 2014 at 01:58:27AM +0100, Lennart Poettering wrote:
On Tue, 04.02.14 00:57, David Härdeman (da...@hardeman.nu) wrote:
Sorry for the later review!
Add binary string handling functions and extend the password agent
protocol to support binary strings (using = as a string prefix
On Tue, Mar 25, 2014 at 09:50:10AM +0100, Benjamin SANS wrote:
* On Tuesday, 25 March 2014 01:46, David Härdeman da...@hardeman.nu wrote:
Bejamin's approach does not seem to solve the binary key part of the
puzzle either...(passing binary keys from the keyscript, as opposed to
passphrases
The command line key-size is in bits but the libcryptsetup API expects bytes.
Note that the modulo 8 check is in the original cryptsetup binary as well, so
it's no new limitation.
(v2: changed the point at which the /= 8 is performed, rebased, removed tabs)
---
src/cryptsetup/cryptsetup.c |
-password-api.h |6 --
4 files changed, 43 insertions(+), 11 deletions(-)
--
David Härdeman
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Add an (optional) Id key in the password agent .ask files. The Id is
supposed to be a simple string in subsystem:target form which
is used to provide more information on what the requested passphrase
is to be used for (which e.g. allows an agent to only react to cryptsetup
requests).
(v2:
On Tue, Mar 25, 2014 at 01:03:48AM +0100, Lennart Poettering wrote:
On Wed, 12.02.14 23:55, David Härdeman (da...@hardeman.nu) wrote:
Add an (optional) Id key in the password agent .ask files. The Id is
supposed to be a simple string in subsystem:target form which
is used to provide more
On Tue, Mar 25, 2014 at 01:03:48AM +0100, Lennart Poettering wrote:
On Wed, 12.02.14 23:55, David Härdeman (da...@hardeman.nu) wrote:
-r = ask_password_auto(text, drive-harddisk, until, accept_cached,
passwords);
+if (asprintf(id, cryptsetup:%s, name) 0)
+return
patch for now.
---
David Härdeman (3):
Add more password agent information
Fix keysize handling in cryptsetup (bits vs. bytes)
Fix askpass buffer overflow
src/ask-password/ask-password.c | 14 +++---
src/cryptsetup/cryptsetup.c | 19 +++
src
Fix askpass overflow in reading a passphrase from a tty.
Doesn't seem security sensitive, but add a check for correctness.
---
src/shared/ask-password-api.c |5 +
1 file changed, 5 insertions(+)
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index
Add an (optional) Id key in the password agent .ask files. The Id is
supposed to be a simple string in subsystem:target form which
is used to provide more information on what the requested passphrase
is to be used for (which e.g. allows an agent to only react to cryptsetup
requests).
---
The command line key-size is in bits but the libcryptsetup API expects bytes.
---
src/cryptsetup/cryptsetup.c |8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index f72cf9f..e7e8066 100644
---
On Wed, Feb 05, 2014 at 12:16:00AM +0100, Lennart Poettering wrote:
On Thu, 30.01.14 10:40, David Härdeman (da...@hardeman.nu) wrote:
This issue is fixable with minor upstream changes, e.g. by extending
the PasswordAgent protocol to add Subsystem=cryptsetup and
Target=diskname entries
and see if the overall approach is considered ok or not first.
---
David Härdeman (4):
Add more password agent information
Fix keysize handling in cryptsetup (bits vs. bytes)
Fix askpass buffer overflow
Add binary password agent protocol
Makefile.am
The command line key-size is in bits but the libcryptsetup API expects bytes.
---
src/cryptsetup/cryptsetup.c |8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 4a32856..c01ed01 100644
---
Add (optional) Purpose and Target keys in the password agent .ask
files. These are used to provide more information on what the requested
passphrase is to be used for (which e.g. allows an agent to only listen
to cryptsetup requests).
---
src/ask-password/ask-password.c | 22
Fix askpass overflow in reading a passphrase from a tty.
Doesn't seem security sensitive, but add a check for correctness.
---
src/shared/ask-password-api.c |5 +
1 file changed, 5 insertions(+)
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index
; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2014 David Härdeman da...@hardeman.nu
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation
qualified
to evaluate the situation.
That said, reading the upstream discussion, I guess we have 3 options
a/ do nothing about it
b/ apply the patch from David Härdeman downstream and maintaining it as
a downstream patch forever
c/ try to implement keyscript support based on the PasswordAgent
interface
On Tue, 10 Jul 2012 16:25:50 +0200, Lennart Poettering
lenn...@poettering.net wrote:
On Tue, 10.07.12 10:35, David Härdeman (da...@hardeman.nu) wrote:
Whenever a user comes up with another scheme for storing keys (you've
already seen some...like storing keys between the MBR and first
partition
On Mon, Jul 09, 2012 at 10:49:56PM +0200, Lennart Poettering wrote:
On Fri, 29.06.12 00:56, David Härdeman (da...@hardeman.nu) wrote:
Debian's cryptsetup package supports the keyscript= option in /etc/crypttab
This patch is a first attempt at implementing support for the same option
37 matches
Mail list logo