From aea8c4ca44d39ff68dd622584a31a3f04fc86354 Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Thu, 9 Jan 2014 16:53:19 -0300 Subject: Use a better version handler. --- changes/feature-use-better-version-handler | 1 + src/leap/keymanager/__init__.py | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) create mode 100644 changes/feature-use-better-version-handler diff --git a/changes/feature-use-better-version-handler b/changes/feature-use-better-version-handler new file mode 100644 index 0000000..57fabcc --- /dev/null +++ b/changes/feature-use-better-version-handler @@ -0,0 +1 @@ + o Use a better version handler for the gnupg version check. diff --git a/src/leap/keymanager/__init__.py b/src/leap/keymanager/__init__.py index aa4e2e7..4edcdd0 100644 --- a/src/leap/keymanager/__init__.py +++ b/src/leap/keymanager/__init__.py @@ -23,9 +23,9 @@ import sys try: from gnupg.gnupg import GPGUtilities assert(GPGUtilities) # pyflakes happy - from gnupg import __version__ - from distutils.version import LooseVersion as V - assert(V(__version__) >= V('1.2.3')) + from gnupg import __version__ as _gnupg_version + from pkg_resources import parse_version + assert(parse_version(_gnupg_version) >= parse_version('1.2.3')) except (ImportError, AssertionError): print "*******" -- cgit v1.2.3 From fba576b3b4bcad5f701144736336872968b52e3b Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Fri, 17 Jan 2014 14:53:10 -0300 Subject: Do not decode decrypted data, return as str. --- changes/do-not-decode-decrypted-data | 1 + src/leap/keymanager/openpgp.py | 10 +--------- 2 files changed, 2 insertions(+), 9 deletions(-) create mode 100644 changes/do-not-decode-decrypted-data diff --git a/changes/do-not-decode-decrypted-data b/changes/do-not-decode-decrypted-data new file mode 100644 index 0000000..a708be6 --- /dev/null +++ b/changes/do-not-decode-decrypted-data @@ -0,0 +1 @@ + o Do not decode decrypted data, return as str. diff --git a/src/leap/keymanager/openpgp.py b/src/leap/keymanager/openpgp.py index 4276b19..961e1ed 100644 --- a/src/leap/keymanager/openpgp.py +++ b/src/leap/keymanager/openpgp.py @@ -564,15 +564,7 @@ class OpenPGPScheme(EncryptionScheme): 'Failed to verify signature with key %s: %s' % (verify.key_id, result.stderr)) - # XXX: this is the encoding used by gpg module - # https://github.com/isislovecruft/python-gnupg/\ - # blob/master/gnupg/_meta.py#L121 - encoding = locale.getpreferredencoding() - if encoding is None: - encoding = sys.stdin.encoding - if encoding is None: - encoding = 'utf-8' - return result.data.decode(encoding, 'replace') + return result.data except errors.GPGError as e: logger.error('Failed to decrypt: %s.' % str(e)) raise errors.DecryptError(str(e)) -- cgit v1.2.3 From f1f9debfca03b3da1bc8c4dc4fb4eb129ab603a1 Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Fri, 17 Jan 2014 15:37:00 -0300 Subject: Remove unused imports, fix typo. --- src/leap/keymanager/openpgp.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/leap/keymanager/openpgp.py b/src/leap/keymanager/openpgp.py index 961e1ed..950d022 100644 --- a/src/leap/keymanager/openpgp.py +++ b/src/leap/keymanager/openpgp.py @@ -17,12 +17,10 @@ """ Infrastructure for using OpenPGP keys in Key Manager. """ -import locale import logging import os import re import shutil -import sys import tempfile from contextlib import closing @@ -522,7 +520,7 @@ class OpenPGPScheme(EncryptionScheme): return result.data except errors.GPGError as e: logger.error('Failed to decrypt: %s.' % str(e)) - raise error.EncryptError() + raise errors.EncryptError() def decrypt(self, data, privkey, passphrase=None, verify=None): """ -- cgit v1.2.3 From c4f07e6237ee4b4c0cd2180f00d9d681416fe63c Mon Sep 17 00:00:00 2001 From: Ivan Alejandro Date: Fri, 17 Jan 2014 17:47:06 -0300 Subject: Fix failing tests. Add missing MockSharedDB. Update Soledad parameters. --- src/leap/keymanager/tests/test_keymanager.py | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/leap/keymanager/tests/test_keymanager.py b/src/leap/keymanager/tests/test_keymanager.py index 67676e9..e2558e4 100644 --- a/src/leap/keymanager/tests/test_keymanager.py +++ b/src/leap/keymanager/tests/test_keymanager.py @@ -118,9 +118,21 @@ class KeyManagerWithSoledadTestCase(BaseLeapTest): Soledad._get_secrets_from_shared_db = Mock(return_value=None) Soledad._put_secrets_in_shared_db = Mock(return_value=None) + class MockSharedDB(object): + + get_doc = Mock(return_value=None) + put_doc = Mock() + lock = Mock(return_value=('atoken', 300)) + unlock = Mock(return_value=True) + + def __call__(self): + return self + + Soledad._shared_db = MockSharedDB() + self._soledad = Soledad( - "leap@leap.se", - "123456", + u"leap@leap.se", + u"123456", secrets_path=self.tempdir + "/secret.gpg", local_db_path=self.tempdir + "/soledad.u1db", server_url='', -- cgit v1.2.3 From b3a24c57a3cdf26eaf9f9aab1d7bea824e1fa7cb Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 17 Feb 2014 17:01:29 -0300 Subject: Update auth to interact with webapp v2. Closes #5120. --- changes/feature_5120_update-auth-to-webapp-v2 | 1 + src/leap/keymanager/__init__.py | 26 +++++++++++++------------- 2 files changed, 14 insertions(+), 13 deletions(-) create mode 100644 changes/feature_5120_update-auth-to-webapp-v2 diff --git a/changes/feature_5120_update-auth-to-webapp-v2 b/changes/feature_5120_update-auth-to-webapp-v2 new file mode 100644 index 0000000..8a22f31 --- /dev/null +++ b/changes/feature_5120_update-auth-to-webapp-v2 @@ -0,0 +1 @@ + o Update auth to interact with webapp v2 (#5120). diff --git a/src/leap/keymanager/__init__.py b/src/leap/keymanager/__init__.py index 4edcdd0..dfe0415 100644 --- a/src/leap/keymanager/__init__.py +++ b/src/leap/keymanager/__init__.py @@ -77,7 +77,7 @@ class KeyManager(object): OPENPGP_KEY = 'openpgp' PUBKEY_KEY = "user[public_key]" - def __init__(self, address, nickserver_uri, soledad, session_id=None, + def __init__(self, address, nickserver_uri, soledad, token=None, ca_cert_path=None, api_uri=None, api_version=None, uid=None, gpgbinary=None): """ @@ -90,8 +90,8 @@ class KeyManager(object): :type url: str :param soledad: A Soledad instance for local storage of keys. :type soledad: leap.soledad.Soledad - :param session_id: The session ID for interacting with the webapp API. - :type session_id: str + :param token: The token for interacting with the webapp API. + :type token: str :param ca_cert_path: The path to the CA certificate. :type ca_cert_path: str :param api_uri: The URI of the webapp API. @@ -106,7 +106,7 @@ class KeyManager(object): self._address = address self._nickserver_uri = nickserver_uri self._soledad = soledad - self._session_id = session_id + self._token = token self.ca_cert_path = ca_cert_path self.api_uri = api_uri self.api_version = api_version @@ -180,11 +180,11 @@ class KeyManager(object): self._ca_cert_path is not None, 'We need the CA certificate path!') leap_assert( - self._session_id is not None, - 'We need a session_id to interact with webapp!') + self._token is not None, + 'We need a token to interact with webapp!') res = self._fetcher.put( uri, data=data, verify=self._ca_cert_path, - cookies={'_session_id': self._session_id}) + headers={'Authorization': 'Token token=%s' % self._token}) # assert that the response is valid res.raise_for_status() return res @@ -353,14 +353,14 @@ class KeyManager(object): # Setters/getters # - def _get_session_id(self): - return self._session_id + def _get_token(self): + return self._token - def _set_session_id(self, session_id): - self._session_id = session_id + def _set_token(self, token): + self._token = token - session_id = property( - _get_session_id, _set_session_id, doc='The session id.') + token = property( + _get_token, _set_token, doc='The session token.') def _get_ca_cert_path(self): return self._ca_cert_path -- cgit v1.2.3 From bfc7be92ea22e202ed050e15c98b1a169743affb Mon Sep 17 00:00:00 2001 From: drebs Date: Mon, 31 Mar 2014 17:59:13 -0300 Subject: Properly raise exception when key is not found on server (#5415). --- changes/bug_5415_properly-raise-KeyNotFound | 2 ++ src/leap/keymanager/__init__.py | 18 +++++++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) create mode 100644 changes/bug_5415_properly-raise-KeyNotFound diff --git a/changes/bug_5415_properly-raise-KeyNotFound b/changes/bug_5415_properly-raise-KeyNotFound new file mode 100644 index 0000000..02e4905 --- /dev/null +++ b/changes/bug_5415_properly-raise-KeyNotFound @@ -0,0 +1,2 @@ + o Properly raise KeyNotFound exception when looking for keys on nickserver + (#5415). diff --git a/src/leap/keymanager/__init__.py b/src/leap/keymanager/__init__.py index dfe0415..41f352e 100644 --- a/src/leap/keymanager/__init__.py +++ b/src/leap/keymanager/__init__.py @@ -197,21 +197,25 @@ class KeyManager(object): :param address: The address bound to the keys. :type address: str - @raise KeyNotFound: If the key was not found on nickserver. + :raise KeyNotFound: If the key was not found on nickserver. """ # request keys from the nickserver res = None try: res = self._get(self._nickserver_uri, {'address': address}) + res.raise_for_status() server_keys = res.json() # insert keys in local database if self.OPENPGP_KEY in server_keys: self._wrapper_map[OpenPGPKey].put_ascii_key( server_keys['openpgp']) + except requests.exceptions.HTTPError as e: + if e.response.status_code == 404: + raise KeyNotFound(address) + logger.warning("HTTP error retrieving key: %r" % (e,)) + logger.warning("%s" % (res.content,)) except Exception as e: - logger.warning("Error retrieving the keys: %r" % (e,)) - if res: - logger.warning("%s" % (res.content,)) + logger.warning("Error retrieving key: %r" % (e,)) # # key management @@ -233,7 +237,7 @@ class KeyManager(object): :param ktype: The type of the key. :type ktype: KeyType - @raise KeyNotFound: If the key was not found in local database. + :raise KeyNotFound: If the key was not found in local database. """ leap_assert( ktype is OpenPGPKey, @@ -297,7 +301,7 @@ class KeyManager(object): raise signal(proto.KEYMANAGER_LOOKING_FOR_KEY, address) - self._fetch_keys_from_server(address) + self._fetch_keys_from_server(address) # might raise KeyNotFound key = self._wrapper_map[ktype].get_key(address, private=False) signal(proto.KEYMANAGER_KEY_FOUND, address) @@ -443,7 +447,7 @@ class KeyManager(object): :return: The decrypted data. :rtype: str - @raise InvalidSignature: Raised if unable to verify the signature with + :raise InvalidSignature: Raised if unable to verify the signature with C{verify} key. """ leap_assert_type(privkey, EncryptionKey) -- cgit v1.2.3 From f09baf67939b7d169e8e006cae38b67c391a0aae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Fri, 4 Apr 2014 16:21:47 -0300 Subject: Update dependencies --- changes/VERSION_COMPAT | 11 ++++++++++- pkg/requirements.pip | 2 +- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/changes/VERSION_COMPAT b/changes/VERSION_COMPAT index dfe67ab..cc00ecf 100644 --- a/changes/VERSION_COMPAT +++ b/changes/VERSION_COMPAT @@ -1 +1,10 @@ -leap.common >= 0.3.7 # memoize +################################################# +# This file keeps track of the recent changes +# introduced in internal leap dependencies. +# Add your changes here so we can properly update +# requirements.pip during the release process. +# (leave header when resetting) +################################################# +# +# BEGIN DEPENDENCY LIST ------------------------- +# leap.foo.bar>=x.y.z diff --git a/pkg/requirements.pip b/pkg/requirements.pip index 1515204..8dd84bf 100644 --- a/pkg/requirements.pip +++ b/pkg/requirements.pip @@ -1,4 +1,4 @@ -leap.common>=0.3.0 +leap.common>=0.3.7 simplejson requests # if we bump the gnupg version, bump also the sanity check -- cgit v1.2.3 From ee170c64aacdc59043b0e620fc476c1e60a0a1e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Fri, 4 Apr 2014 16:23:39 -0300 Subject: Fold in changes --- CHANGELOG | 10 ++++++++++ changes/bug_5415_properly-raise-KeyNotFound | 2 -- changes/do-not-decode-decrypted-data | 1 - changes/feature-use-better-version-handler | 1 - changes/feature_4784-memoize-get-key | 1 - changes/feature_5120_update-auth-to-webapp-v2 | 1 - 6 files changed, 10 insertions(+), 6 deletions(-) delete mode 100644 changes/bug_5415_properly-raise-KeyNotFound delete mode 100644 changes/do-not-decode-decrypted-data delete mode 100644 changes/feature-use-better-version-handler delete mode 100644 changes/feature_4784-memoize-get-key delete mode 100644 changes/feature_5120_update-auth-to-webapp-v2 diff --git a/CHANGELOG b/CHANGELOG index a081cc5..6b24e5b 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,13 @@ +0.3.8 Apr 4: + o Properly raise KeyNotFound exception when looking for keys on + nickserver. Fixes #5415. + o Do not decode decrypted data, return as str. + o Use a better version handler for the gnupg version check. + o Memoize call to get_key. Closes #4784. + o Update auth to interact with webapp v2. Fixes #5120. + +-- 2014 -- + 0.3.7 Dec 6: o Fix error return values on openpgp backend. o Remove address check when sending email and rely in the email diff --git a/changes/bug_5415_properly-raise-KeyNotFound b/changes/bug_5415_properly-raise-KeyNotFound deleted file mode 100644 index 02e4905..0000000 --- a/changes/bug_5415_properly-raise-KeyNotFound +++ /dev/null @@ -1,2 +0,0 @@ - o Properly raise KeyNotFound exception when looking for keys on nickserver - (#5415). diff --git a/changes/do-not-decode-decrypted-data b/changes/do-not-decode-decrypted-data deleted file mode 100644 index a708be6..0000000 --- a/changes/do-not-decode-decrypted-data +++ /dev/null @@ -1 +0,0 @@ - o Do not decode decrypted data, return as str. diff --git a/changes/feature-use-better-version-handler b/changes/feature-use-better-version-handler deleted file mode 100644 index 57fabcc..0000000 --- a/changes/feature-use-better-version-handler +++ /dev/null @@ -1 +0,0 @@ - o Use a better version handler for the gnupg version check. diff --git a/changes/feature_4784-memoize-get-key b/changes/feature_4784-memoize-get-key deleted file mode 100644 index 5284827..0000000 --- a/changes/feature_4784-memoize-get-key +++ /dev/null @@ -1 +0,0 @@ - o Memoize call to get_key. Closes: #4784 diff --git a/changes/feature_5120_update-auth-to-webapp-v2 b/changes/feature_5120_update-auth-to-webapp-v2 deleted file mode 100644 index 8a22f31..0000000 --- a/changes/feature_5120_update-auth-to-webapp-v2 +++ /dev/null @@ -1 +0,0 @@ - o Update auth to interact with webapp v2 (#5120). -- cgit v1.2.3