summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-12-09[bug] remove stuck_bootstrap deferred from ProviderRuben Pollan
This deferred was not used anywhere, but it was called twice. Provider is a singleton so multiple logins into the same provider where producing it to be called mor than once. - Resolves: #9171
2017-12-08[style] pep8Kali Kaneko
2017-12-08[docs] add comment about python interpreterKali Kaneko
2017-12-08[pkg] copy provider certificates on bundlesKali Kaneko
2017-12-08[pkg] add provider pinning to python packageKali Kaneko
2017-12-08[bug] remove hardcoded pathKali Kaneko
2017-12-08[feat] osx systray with pyqt5Kali Kaneko
2017-12-07[feat] update bitmask-root if neededRuben Pollan
Chech the hash of the installed bitmask root and sign as not installed if doesn't match the one we have in the bundle. Also for running bitmask-root, if there is more than one (in /usr/local/sbin and /usr/sbin) run the one with higher version number. - Resolves: #9020
2017-12-07[docs] document how to run osx testsKali Kaneko
using virtualbox executor for gitlab-runner
2017-12-07[tests] enable osx runnerKali Kaneko
2017-12-07[feat] add provider pinningRuben Pollan
Pin the provider.json and the ca cert for the public providers. - Resolves: #9074
2017-12-05[bug] change bitmask-root to work with dnsmasqelijah
2017-12-04[pkg] verify the remaining libsKali Kaneko
apparently, lzo and mbedtls do not like gpg.
2017-12-04[pkg] add --enable-iproute2 to openvpn binary compilationKali Kaneko
this will be used by bundles, and it's needed now that ifconfig and other net-utils are being deprecated.
2017-12-04[pkg] verify openvpn sourcesKali Kaneko
2017-12-03[feat] extend the expiration of private keys if neededRuben Pollan
Check on every fetch of the private key if the expiration is less than two months before it expire. And extend the expiration if needed. - Resolves: #8217
2017-12-03[refactor] remove rengenerate keyRuben Pollan
We are not planning to regenerate keys (for now), only to extend the expiration date.
2017-12-03[test] fix key renew testRuben Pollan
2017-12-03[feat] stop resetting signs used after key regenerationTulio Casagrande
We were considering to reset the sign_used flag to force the new key to be resend as attachment in forthcoming emails. Although, this is not a good solution, because we'll lose information about which keys the client has signed.
2017-12-03[feat] send public key as attachment on every emailTulio Casagrande
Previously, we were sending the key attached as long as the contact hasn't replied back. But with new key replace scenarios, we need to updated the contact keyring with the new key. We can implement autocrypt or similar in the future, but for now, let's send the key attached on every email.
2017-12-03[bug] remove change_key_expiration from the APITulio Casagrande
This was intended to offer the option of only extend the old key and not change it for a new one. However, we don't plan to use this behavior anymore.
2017-12-03[bug] specify _get_inactive_private_keys as a private methodTulio Casagrande
2017-12-03[tests] use the develop branch of python-gnupgTulio Casagrande
2017-12-03[refactor] rename key extension to expirationTulio Casagrande
This changes reflect python-gnupg naming. With @aarni
2017-12-03[bug] fix log of the key being fetchedTulio Casagrande
2017-12-03[bug] remove key generation event from regenerate_keyTulio Casagrande
The KEYMANAGER_FINISHED_KEY_GENERATION event is used to send a welcome mail to the users, which was causing a new welcome mail when regenerating a key. We removed the event from regenerate_key method. We should implement a KEYMANAGER_FINISHED_KEY_REGENERATION event when it's needed.
2017-12-03[bug] fix expected new_expiry_dateTulio Casagrande
Previously, new_expiry_date was calculated by the key creation date + 1 week, but the proper behavior is today + 1 week, accordingly with gpg behavior.
2017-12-03[bug] change edit-key to use fingerprint as paramTulio Casagrande
python-gnupg doesn't accept address as parameter for --edit-key
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[style] refactoring: renaming methods/variablesNavaL
2017-12-03[bug] sign_used flag is reset for all public keys when the key expiration ↵NavaL
date is extended - this is required so that the key is re-attached to the first outgoing email to all users who already have the expired key.
2017-12-03[feat] expired public key are remotely fetched if expiredNavaL
- private key is not allowed to be fetched remotely - fetch_remote needs to be specifically set - if a new key is fetched (ie different KeyID), the validation rule applies
2017-12-03[bug] key can tell if it should be renewedNavaL
2017-12-03[bug] decryption will be tried for all inactive keysNavaL
2017-12-03[feat] decryption interoperability, when the current key pairNavaL
is renewed - there is only one private inactive key that is the key expiring last among all inactive keys - if there is an inactive key, decryption with it, is tried if it fails with the current active key.
2017-12-03[feat] supplying gpgbinary when building gpg key from dictNavaL
2017-12-03[feat] reset sign_used flag after regenerating key pairNavaL
- this flag is used by leap.mail to attach the new key
2017-12-03[feat] first phase of key regenerationNavaL
- if current key pair is expired, it'll be extended for a day first - new key pair will be signed by the old key
2017-12-03[feat] add key expiry date extension in keymanagerNavaL
- extends key pair (unlocked from soledad) - extension period is counted from key creation date
2017-12-02[pkg] update versions of openvpn and mbedtlsKali Kaneko
2017-12-01[test] Use bitmask-dev docker image for testingVarac
2017-11-30[test] Fix e2e mail testVarac
- Enable XTRACE output of script - Run e2e mail test against ci.leap.se - Remove unused POLKIT variable - Specify MX server for e2e mail test - Fix helo in e2e tests Resolves: #9159
2017-11-30[test] install gnupg1 and haveged for the e2e testRuben Pollan
Since we are using artful for the tests it comes with gnupg2 and breaks the e2e tests. Also install haveged to speed up e2e tests. - Resolves: #9159
2017-11-30[pkg] pick gpg from local buildKali Kaneko
2017-11-30[pkg] minor fixes to the service plistKali Kaneko
some properties were not used as intended.
2017-11-30[refactor] use /var/run for osx helper socketKali Kaneko
2017-11-30[pkg] add osx uninstall scriptKali Kaneko
2017-11-29[docs] update changelogtravisKali Kaneko
2017-11-29[test] Run OSX test on travisVarac
- Related: #9092
2017-11-23[test] Install npm for build_ui CI jobVarac