This release changes how launcher identifies itself to K2. Previously, we used RSA and AES to secure some communication, now we use ECC keys and NaCl boxes. This changes parts of the Device Trust Authentication flow.
But the bulk if changes are changes to how upcoming features (Kolide Desktop and it's control protocol) will work. As these features are disabled outside of Kolide's test environment, these should be low impact.
Table Changes
General
- Control server phase 3: Desktop subsystem implementation by @seejdev in #984
- Persist lastFetched control data across launcher restarts by @seejdev in #990
- Let launcher choose debug icon when running in non-prod by @seejdev in #1014
- First pass at notifications by @RebeccaMahany in #985
- Use dispatch semaphore to signal completion of notifications by @RebeccaMahany in #991
- Small notification adjustments for Darwin by @RebeccaMahany in #1001
- Enable Kolide Desktop, for internal kolide PRs by @seejdev in #1002
- Enable desktop for linux by @RebeccaMahany in #983
- Name changes for desktop / control server systems by @seejdev in #987
- Run desktop process with launchctl asuser so that notifications work by @RebeccaMahany in #1003
- Add ECC Key Support by @directionless in #993
- updates local server the handle new challenge protocol with ecc keys by @James-Pickett in #1000
- Add png encoding back by @directionless in #1004
- adds kolide-krypto header to v2 local server krypto by @James-Pickett in #1005
- makes ec middleware test valid, adds some sanity assertions to test by @James-Pickett in #1006
- Disable hardware keys by @James-Pickett in #1008
- adds local key and hardware key to launcher_info table, fixes vscode debugging, increases local server write timeout by @James-Pickett in #1012
- adds timeout to console users func on local server request id, returns empty array of users if error by @James-Pickett in #1011
- Add documentation on research for user context/secure enclave/notifications by @RebeccaMahany in #1009
- Update README by @directionless in #981
Build and Package
- Entitlements File by @directionless in #996
- Update Entitlements by @directionless in #998
- update krypto, go mod tidy by @James-Pickett in #997
- entitlements-application-identifier by @James-Pickett in #999
- Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible by @dependabot in #989
- Compile launcher Windows as a GUI binary to avoid cmd window prompts by @seejdev in #1007
Full Changelog: v0.13.2...v0.13.5