summaryrefslogtreecommitdiff
path: root/src/journal/journal-authenticate.c
AgeCommit message (Collapse)Author
2016-02-13Merge pull request #2589 from keszybz/resolve-tool-2Lennart Poettering
Better support of OPENPGPKEY, CAA, TLSA packets and tests
2016-02-11Move initialize_libgcrypt to separate fileZbigniew Jędrzejewski-Szmek
It's annoying to have the exact same function in three places. It's stored in src/shared, but it's not added to the library to avoid the dependency on libgcrypt.
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2015-11-16tree-wide: sort includesThomas Hindoe Paaboel Andersen
Sort the includes accoding to the new coding style.
2015-10-27util-lib: split out hex/dec/oct encoding/decoding into its own fileLennart Poettering
2015-10-25util-lib: split out fd-related operations into fd-util.[ch]Lennart Poettering
There are more than enough to deserve their own .c file, hence move them over.
2015-03-13tree-wide: there is no ENOTSUP on linuxDavid Herrmann
Replace ENOTSUP by EOPNOTSUPP as this is what linux actually uses.
2014-12-13journal: have a named enum ObjectTypeMichal Schmidt
2014-12-13journal: consistently use OBJECT_<type> names instead of numbersMichal Schmidt
Note that numbers 0 and -1 are both replaced with OBJECT_UNUSED, because they are treated the same everywhere (e.g. type_to_context() translates them both to 0).
2014-12-13journal: consistently allow type==0 to mean "any type"Michal Schmidt
If type==0 and a non-NULL object were given as arguments to journal_file_hmac_put_object(), its object type check would fail and it would return -EBADMSG. All existing callers use either a positive type or -1. Still, for behavior consistency with journal_file_move_to_object() let's allow type 0 to pass.
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-03-18util: replace close_nointr_nofail() by a more useful safe_close()Lennart Poettering
safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.
2013-12-24log: log_error() and friends add a newline after each line anyway, so avoid ↵Lennart Poettering
including it in the log strings
2013-06-10Use stdint.h macros instead of casts to print uint64_t valuesZbigniew Jędrzejewski-Szmek
Casts are visually heavy, and can obscure unwanted truncations.
2012-10-18journal: add ability to list values a specified field can take in all ↵Lennart Poettering
entries of the journal The new 'unique' API allows listing all unique field values that a field specified by a field name can take in all entries of the journal. This allows answering queries such as "What units logged to the journal?", "What hosts have logged into the journal?", "Which boot IDs have logged into the journal?". Ultimately this allows implementation of tools similar to lastlog based on journal data. Note that listing these field values will not work for journal files created with older journald, as the field values are not indexed in older files.
2012-09-13journald: don't reposition window if we don't have toLennart Poettering
2012-09-10journald: don't complain if fss key does not existLennart Poettering
2012-08-22journald: write tags also to user journal filesLennart Poettering
2012-08-21journal: initialize libgcrypt explicitly, before using HMACLennart Poettering
2012-08-21journal: automatically evolve FSS key even when nothing is loggedLennart Poettering
2012-08-20journal: add missing endianess conversionLennart Poettering
2012-08-20journal: make libgcrypt dependency optionalLennart Poettering
2012-08-20journal: use a macro to check for file header flagsLennart Poettering
2012-08-17journal: don't write tag objects if nothing has been written since the last timeLennart Poettering
2012-08-17journal: rework terminologyLennart Poettering
Let's clean up our terminology a bit. New terminology: FSS = Forward Secure Sealing FSPRG = Forward Secure Pseudo-Random Generator FSS is the combination of FSPRG and a HMAC. Sealing = process of adding authentication tags to the journal. Verification = process of checking authentication tags to the journal. Sealing Key = The key used for adding authentication tags to the journal. Verification Key = The key used for checking authentication tags of the journal. Key pair = The pair of Sealing Key and Verification Key Internally, the Sealing Key is the combination of the FSPRG State plus change interval/start time. Internally, the Verification Key is the combination of the FSPRG Seed plus change interval/start time.
2012-08-16journal: add FSPRG journal authenticationLennart Poettering
2012-08-16journal: parse fsprg seedLennart Poettering
2012-08-16journalctl: add --verify-seed= switch to specify seed valueLennart Poettering
2012-08-16journal: split up journal-file.cLennart Poettering