diff options
-rw-r--r-- | CHANGELOG | 111 | ||||
-rw-r--r-- | CHANGELOG.rst | 150 | ||||
-rw-r--r-- | README.rst | 7 | ||||
-rw-r--r-- | changes/next-changelog.rst | 28 | ||||
-rw-r--r-- | debian/changelog | 7 | ||||
-rwxr-xr-x | debian/rules | 2 | ||||
-rw-r--r-- | setup.py | 2 | ||||
-rw-r--r-- | src/leap/common/_version.py | 4 | ||||
-rw-r--r-- | src/leap/common/certs.py | 19 |
9 files changed, 214 insertions, 116 deletions
diff --git a/CHANGELOG b/CHANGELOG deleted file mode 100644 index 1ce64b7..0000000 --- a/CHANGELOG +++ /dev/null @@ -1,111 +0,0 @@ -0.4.4 Oct 28, 2015: - o Consider standalone flag when saving events certificates. Related #7512. - o fix wrong ca_cert path inside bundle. - o Workaround for deadlock problem in zmq auth. - -0.4.3 Sep 22, 2015: - o Expose async methods for events. Closes: #7274 - -0.4.2 Aug 26, 2015: - o Add http request timeout. Related to #7234. - o Add a flag to disable events framework. Closes: #7259 - o Allow passing callback to HTTP client. - o Bugfix: do not add a port string to non-tcp addresses. - o Add close method for http agent. - o Fix code style and tests. - o Bugfix: HTTP timeout was not being cleared on abort. - -0.4.1 Jul 10, 2015: - o Fix regexp to allow ipc protocol in zmq sockets. Closes: #7089. - o Remove extraneous data from events logs. Closes #7130. - o Make https client use Twisted SSL validation and adds a reuse by default - behavior on connection pool - -0.4.0 Jun 1, 2015: - o Modify leap.common.events to use ZMQ. Closes #6359. - o Fix time comparison between local and UTC times that caused the VPN - certificates not being correctly downloaded on time. Closes #6994. - o Add a HTTPClient the twisted way. - -0.3.10 Jan 26, 2015: - o Consider different possibilities for tmpdir. Related to #6631. - o Add support for deferreds to memoize_method decorator - o Extract the environment set up and tear down for tests - -0.3.9 Jul 18, 2014: - o Include pemfile in the package data. Closes #5897. - o Look for bundled cacert.pem in the Resources dir for OSX. - -0.3.8 Jun 6, 2014: - o Add Soledad sync status signals. Closes #5517. - -0.3.7 Apr 4, 2014: - o Add memoized_method decorator. Closes #4784. - o Add Soledad invalid auth token event. Closes #5191. - o Support str type in email charset detection. - -0.3.6 Dec 6, 2013: - o Update some documentation and packaging bits. - -0.3.5 Nov 1, 2013: - o Move get_email_charset to this module. - -0.3.4 Oct 4, 2013: - o Add cert bundle including ca-cert certificate. Closes #3850. - -0.3.3 Sep 20, 2013: - o Fix events server exception raising when port is occupied by some - other process. Closes #3515. - -0.3.2 Sep 06, 2013: - o Use dirspec instead of plain xdg. Closes #3574. - o Correct use of CallbackAlreadyRegistered exception. - -0.3.1 Aug 23, 2013: - o Add libssl-dev requirement for pyOpenSSL. - o Make the server ping call be async inside events' - ensure_server. Fixes #3355. - o Requirements in setup are taken from requirements.pip - o Updated requirements. - o Add IMAP_UNREAD_MAIL event. - o Add events for SMTP relay signaling. Closes #3464. - o Add events for imap and keymanager notifications. Closes: #3480 - o Add versioneer to handle versioning. - -0.3.0 Aug 9, 2013: - o OSX: Fix problem with path prefix not returning the correct - value. Fixes #3273. - o Check if schema exists before load a config. Related to #3310. - o Handle schemas and api versions in base class. Related to #3310. - -0.2.7 Jul 26, 2013: - o Refactor events so components are now called clients. Closes #3246 - o Add leap_check helper method, to use whenever leap_assert does not - apply. Related to #3007. - -0.2.6 Jul 12, 2013: - o Improve leap_assert so that it only prints the traceback from the - leap_assert call up. Closes #2895 - o Add OSX temp directories to the basetests class. - -0.2.5 Jun 28, 2013: - o Bugfix: use the provider's default language as default - string. Also take care (and note) a possible case with a - problematic provider misconfiguration. Closes #3029. - o Add data files to setup and manifest (certificates for tests) - o Allow absolute paths in baseconfig.load - o Fix deprecation warnings - o Fix attempt to fetch private keys from server. - o Fix missing imports - o Add possibility of unregistering callbacks for a signal. - o Add a mechanism for events signaling between components. - o Prioritize the path_extension in the which method so it finds our - bundled app before the system one, if any. - o Move the Key Manager to leap client repository. - o Move symmetric encryption code to leap.soledad. - o Refactor opengpg utility functions implementation so it uses a - context manager. - o Add OpenPGP sign/verify - o Add RAISE_WINDOW event - o Add AES-256 (CTR mode) encrypting/decrypting functions using - PyCrypto. diff --git a/CHANGELOG.rst b/CHANGELOG.rst new file mode 100644 index 0000000..25266ab --- /dev/null +++ b/CHANGELOG.rst @@ -0,0 +1,150 @@ +.. :changelog:: + +Changelog +--------- + +==== +2015 +==== + + +0.5.0 Nov 11, 2015 +++++++++++++++++++ + +Features +~~~~~~~~ +- `#7523 <https://leap.se/code/issues/7523>`_: Allow to skip the twisted version check, needed to run soledad-client sync tests in the platform with the twisted versions in wheezy. + +Misc +~~~~ +- Bump version to 0.5.0, to correct a versioning mistake in the debian packages. +- Rename extras to 'http' and document dependencies on the README. +- Migrate changelog to rst. + + +0.4.4 Oct 28, 2015 +++++++++++++++++++ +- Consider standalone flag when saving events certificates. Related `#7512 <https://leap.se/code/issues/7512>`_. +- fix wrong ca_cert path inside bundle. +- Workaround for deadlock problem in zmq auth. + +0.4.3 Sep 22, 2015 +++++++++++++++++++ +- Expose async methods for events. Closes: `#7274 <https://leap.se/code/issues/7274>`_. + +0.4.2 Aug 26, 2015 +++++++++++++++++++ +- Add http request timeout. Related to `#7234 <https://leap.se/code/issues/7234>`_. +- Add a flag to disable events framework. Closes:`#7259 <https://leap.se/code/issues/7259>`_ +- Allow passing callback to HTTP client. +- Bugfix: do not add a port string to non-tcp addresses. +- Add close method for http agent. +- Fix code style and tests. +- Bugfix: HTTP timeout was not being cleared on abort. + +0.4.1 Jul 10, 2015 +++++++++++++++++++ +- Fix regexp to allow ipc protocol in zmq sockets. Closes: `#7089 <https://leap.se/code/issues/7089>`_. +- Remove extraneous data from events logs. Closes `#7130 <https://leap.se/code/issues/7130>`_. +- Make https client use Twisted SSL validation and adds a reuse by default behavior on connection pool + +0.4.0 Jun 1, 2015 ++++++++++++++++++ +- Modify leap.common.events to use ZMQ. Closes `#6359 <https://leap.se/code/issues/6359>`_. +- Fix time comparison between local and UTC times that caused the VPN certificates not being correctly downloaded on time. Closes `#6994 <https://leap.se/code/issues/6994>`_. +- Add a HTTPClient the twisted way. + +0.3.10 Jan 26, 2015 ++++++++++++++++++++ +- Consider different possibilities for tmpdir. Related to `#6631 <https://leap.se/code/issues/6631>`_. +- Add support for deferreds to memoize_method decorator +- Extract the environment set up and tear down for tests + +==== +2014 +==== + +0.3.9 Jul 18, 2014 +++++++++++++++++++ +- Include pemfile in the package data. Closes `#5897 <https://leap.se/code/issues/5897>`_. +- Look for bundled cacert.pem in the Resources dir for OSX. + +0.3.8 Jun 6, 2014 ++++++++++++++++++ +- Add Soledad sync status signals. Closes `#5517 <https://leap.se/code/issues/5517>`_. + +0.3.7 Apr 4, 2014 ++++++++++++++++++ +- Add memoized_method decorator. Closes `#4784 <https://leap.se/code/issues/4784>`_. +- Add Soledad invalid auth token event. Closes `#5191 <https://leap.se/code/issues/5191>`_. +- Support str type in email charset detection. + +==== +2013 +==== + +0.3.6 Dec 6, 2013 ++++++++++++++++++ +- Update some documentation and packaging bits. + +0.3.5 Nov 1, 2013 ++++++++++++++++++ +- Move get_email_charset to this module. + +0.3.4 Oct 4, 2013 ++++++++++++++++++ +- Add cert bundle including ca-cert certificate. Closes `#3850 <https://leap.se/code/issues/3850>`_. + +0.3.3 Sep 20, 2013 +++++++++++++++++++ +- Fix events server exception raising when port is occupied by some other process. Closes `#3515 <https://leap.se/code/issues/3515>`_. + +0.3.2 Sep 06, 2013 +++++++++++++++++++ +- Use dirspec instead of plain xdg. Closes `#3574 <https://leap.se/code/issues/3574>`_. +- Correct use of CallbackAlreadyRegistered exception. + +0.3.1 Aug 23, 2013 +++++++++++++++++++ +- Add libssl-dev requirement for pyOpenSSL. +- Make the server ping call be async inside events' ensure_server. Fixes `#3355 <https://leap.se/code/issues/3355>`_. +- Requirements in setup are taken from requirements.pip +- Updated requirements. +- Add IMAP_UNREAD_MAIL event. +- Add events for SMTP relay signaling. Closes `#3464 <https://leap.se/code/issues/3464>`_. +- Add events for imap and keymanager notifications. Closes:`#3480 <https://leap.se/code/issues/3480>`_ +- Add versioneer to handle versioning. + +0.3.0 Aug 9, 2013 ++++++++++++++++++ +- OSX: Fix problem with path prefix not returning the correct value. Fixes `#3273 <https://leap.se/code/issues/3273>`_. +- Check if schema exists before load a config. Related to `#3310 <https://leap.se/code/issues/3310>`_. +- Handle schemas and api versions in base class. Related to `#3310 <https://leap.se/code/issues/3310>`_. + +0.2.7 Jul 26, 2013 +++++++++++++++++++ +- Refactor events so components are now called clients. Closes `#3246 <https://leap.se/code/issues/3246>`_ +- Add leap_check helper method, to use whenever leap_assert does not apply. Related to `#3007 <https://leap.se/code/issues/3007>`_. + +0.2.6 Jul 12, 2013 +++++++++++++++++++ +- Improve leap_assert so that it only prints the traceback from the leap_assert call up. Closes `#2895 <https://leap.se/code/issues/2895>`_ +- Add OSX temp directories to the basetests class. + +0.2.5 Jun 28, 2013 +++++++++++++++++++ +- Bugfix: use the provider's default language as default string. Also take care (and note) a possible case with a problematic provider misconfiguration. Closes `#3029 <https://leap.se/code/issues/3029>`_. +- Add data files to setup and manifest (certificates for tests) +- Allow absolute paths in baseconfig.load +- Fix deprecation warnings +- Fix attempt to fetch private keys from server. +- Fix missing imports +- Add possibility of unregistering callbacks for a signal. +- Add a mechanism for events signaling between components. +- Prioritize the path_extension in the which method so it finds our bundled app before the system one, if any. +- Move the Key Manager to leap client repository. +- Move symmetric encryption code to leap.soledad. +- Refactor opengpg utility functions implementation so it uses a context manager. +- Add OpenPGP sign/verify +- Add RAISE_WINDOW event +- Add AES-256 (CTR mode) encrypting/decrypting functions using PyCrypto. @@ -22,3 +22,10 @@ Library dependencies Python dependencies ------------------- * See ``pkg/requirements.pip`` + +Extras +------------------- +Using `leap.common.http` needs some extra dependencies (twisted.web >= 14.0.2, +python-service-identity). You can install them by running:: + + pip install leap.common[http] diff --git a/changes/next-changelog.rst b/changes/next-changelog.rst new file mode 100644 index 0000000..9f0b455 --- /dev/null +++ b/changes/next-changelog.rst @@ -0,0 +1,28 @@ +0.5.0 ++++++++++++++++++++ + +Please add lines to this file, they will be moved to the CHANGELOG.rst during +the next release. + +There are two template lines for each category, use them as reference. + +I've added a new category `Misc` so we can track doc/style/packaging stuff. + +Features +~~~~~~~~ +- `#1234 <https://leap.se/code/issues/1234>`_: Description of the new feature corresponding with issue #1234. +- New feature without related issue number. + +Bugfixes +~~~~~~~~ +- `#1235 <https://leap.se/code/issues/1235>`_: Description for the fixed stuff corresponding with issue #1235. +- Bugfix without related issue number. + +Misc +~~~~ +- `#1236 <https://leap.se/code/issues/1236>`_: Description of the new feature corresponding with issue #1236. +- Some change without issue number. + +Known Issues +~~~~~~~~~~~~ +- `#1236 <https://leap.se/code/issues/1236>`_: Description of the known issue corresponding with issue #1236. diff --git a/debian/changelog b/debian/changelog index 797aded..d9087d8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +leap-common (0.5.0) unstable; urgency=medium + + * Update to 0.5.0 release + * Version bump to fix previous versioning mistakes in the 0.4.x series. + + -- Ben Carrillo <ben@futeisha.org> Wed, 11 Nov 2015 16:22:10 -0400 + leap-common (0.4.11.2) unstable; urgency=medium * Relax dependency on python-zmq diff --git a/debian/rules b/debian/rules index 734e561..0007226 100755 --- a/debian/rules +++ b/debian/rules @@ -4,4 +4,4 @@ dh $@ --with python2 --buildsystem=python_distutils override_dh_installchangelogs: - dh_installchangelogs CHANGELOG + dh_installchangelogs CHANGELOG.rst @@ -144,6 +144,6 @@ setup( # needed for leap.common.http # service_identity needed for propper hostname identification, # see http://twistedmatrix.com/documents/current/core/howto/ssl.html - 'Twisted': ["Twisted>=14.0.2", "service_identity", "zope.interface"] + 'http': ["Twisted>=14.0.2", "service_identity", "zope.interface"] }, ) diff --git a/src/leap/common/_version.py b/src/leap/common/_version.py index f5738ea..2f2cac0 100644 --- a/src/leap/common/_version.py +++ b/src/leap/common/_version.py @@ -5,8 +5,8 @@ # unpacked source archive. Distribution tarballs contain a pre-generated copy # of this file. -version_version = '0.4.4' -version_full = 'ee0e9cadccd00cb62032d8fc4b322bb6fe3dc7ed' +version_version = '0.5.0' +version_full = 'dd032e7374fa137a8613c2392d744b9b16280fca' def get_versions(default={}, verbose=False): diff --git a/src/leap/common/certs.py b/src/leap/common/certs.py index 37ede8e..c49015a 100644 --- a/src/leap/common/certs.py +++ b/src/leap/common/certs.py @@ -30,6 +30,8 @@ from leap.common.check import leap_assert logger = logging.getLogger(__name__) +SKIP_SSL_CHECK = os.environ.get('SKIP_TWISTED_SSL_CHECK', False) + def get_cert_from_string(string): """ @@ -182,10 +184,25 @@ def should_redownload(certfile, now=time.gmtime): def get_compatible_ssl_context_factory(cert_path=None): import twisted + from twisted.internet import ssl cert = None + + if SKIP_SSL_CHECK: + # This should be used *only* for testing purposes. + + class WebClientContextFactory(ssl.ClientContextFactory): + """ + A web context factory which ignores the hostname and port and does no + certificate verification. + """ + def getContext(self, hostname, port): + return ssl.ClientContextFactory.getContext(self) + + contextFactory = WebClientContextFactory() + return contextFactory + if twisted.version.base() > '14.0.1': from twisted.web.client import BrowserLikePolicyForHTTPS - from twisted.internet import ssl if cert_path: cert = ssl.Certificate.loadPEM(open(cert_path).read()) policy = BrowserLikePolicyForHTTPS(cert) |