summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-07-14[refactor] remove heuristic to check for usable platformRootKali Kaneko
the rationale here is that, in debian, certifi will always return a working platform trust, since the package points to the system certificates. in osx and windows, certifi will load an usable trustRoot that is kept up to date. another detail we didn't like about the heuristic is that the bundled certificate for testing will eventually expire, so that introduces the duty of keeping it up-to-date.
2017-07-11[feat] add fallback on trust sources for ssl verificationKali Kaneko
With the merge of platformTrust in twisted, the situation for cert chain verification in linux improved a lot. This patch implements fallbacks to do the following: - Try to use whatever trust sources are found in the system. This means that if ca-certificates is installed, pyopenssl will have a valid set of root certificates and verification will likely work (twisted uses platformTrust for this). - If that fails, try to use certifi. We could/should depend on that from now on, *but* it's not packaged before stretch. - So, I'm not deprecating its usage right now, but this one should be the last cacert.pem bundle that we ship with leap.common. - If the cacert.pem from leap.common fails to be found, well, there's nothing you can do. Your TOFU attempt with a cert coming from the CArtel will fail. Most of this MR should be sent as a patch upstream, see https://twistedmatrix.com/trac/ticket/6934 Also related: https://twistedmatrix.com/trac/ticket/9209 I think proper testing will depend on merging https://github.com/pyca/pyopenssl/pull/473 - Resolves: #8958 - Release: 0.6.0
2017-07-08[feat] update the certificate bundleKali Kaneko
2017-07-08[docs] update changelogKali Kaneko
2017-06-26[pkg] install pyinit file, since this is the common fileKali Kaneko
2017-06-22Skip failing Ubuntu package buildsVarac
When https://0xacab.org/leap/platform/issues/8826 is fixed we can reenable Ubuntu packaging again.
2017-06-20Upload packages to multiple deb reposVarac
See https://0xacab.org/leap/platform/issues/8825
2017-06-16Add dh-python to build-dependsVarac
see https://0xacab.org/leap/leap_pycommon/builds/9055 make[1]: Entering directory '/builds/leap/leap_pycommon/source' dh_installchangelogs CHANGELOG.rst make[1]: Leaving directory '/builds/leap/leap_pycommon/source' dh_python2 -O--buildsystem=python_distutils W: dh_python2:479: Please add dh-python package to Build-Depends
2017-04-20[feature] add bonafide auth event0.5.5Kali Kaneko
2017-03-17[pkg] Remove unused files/changesvarac
2017-03-17[pkg] Package for ubuntu 16.10 (yakkety)varac
2017-03-17[pkg] Revert "Use Standards-Version: 3.9.7 so xenial can lint it"varac
This reverts commit c951e94167f1aa333537571a192476973e81bde7.
2017-03-17[pkg] Use Standards-Version: 3.9.7 so xenial can lint itvarac
2017-03-17[pkg] Try packaging for xenialvarac
2017-03-17[pkg] Run test stage at beginning of pipelinevarac
2017-03-17[pkg] Use test_jessie_amd64 for testingvarac
2017-03-17[pkg] Lintian default vars now in gitlab-buildpackagevarac
2017-03-17[pkg] Package for jessie and stretchvarac
2017-03-17[pkg] remove dependency to python-zmq>=14.4.1-1.1 from debian/control as wellvarac
2017-03-17[docs] add changelog for 0.5.40.5.4Kali Kaneko
2017-03-17[feat] add VPN_STATUS_CHANGED eventRuben Pollan
2017-03-15[refactor] Improve python3 compatibilityefkin
This commit is required for `soledad` tests re-collection. Signed-off-by: Ruben Pollan <meskio@sindominio.net>
2017-03-13[pkg] add changelog for 0.5.30.5.3Kali Kaneko
2017-03-13[feat] add MAIL_STATUS_CHANGED eventRuben Pollan
2016-09-20Merge tag '0.5.2'Kali Kaneko
0.5.2
2016-07-11[pkg] remove dependency on dirspec0.5.2Kali Kaneko
2016-07-11[tests] ignore .tox folderHEADdevelopKali Kaneko
2016-07-11[pkg] remove dependency on dirspecdrebs
This commit removes the dep introduced in 5e12233 by just importing some tiny bit of dirspec code. The previous change was introduced because: * pyxdg did not account for Mac OS specifics, i.e. using ~/Library/ directory structure instead of .config (see: https://leap.se/code/issues/3574). * dirspec does the correct thing for xdg on Mac OS. * u1db depends on dirspec anyway. The problem is that dirspec is not maintained and published on pypi, what forces us to download it from an URL and add exceptions to be able to pip install it. As we are removing dependence on u1db on other modules, we can also remove it here. To workaround the Mac OS problem, we just add some code from dirspec to ensure we get the correct directory on Mac OS.
2016-07-11[test] toxify testsdrebs
2016-07-06[test] add gitlab ci filedrebs
2016-05-18[pkg] setup: use new versioneer json formatKali Kaneko
2016-05-16[style] move import to topKali Kaneko
2016-04-18Merge tag '0.5.1' into developKali Kaneko
Tag leap.bitmask version 0.5.1
2016-04-18Merge tag '0.5.1'Kali Kaneko
Tag leap.bitmask version 0.5.1 # gpg: Signature made Mon 18 Apr 2016 10:52:44 AM BOT # gpg: using RSA key 1CAF6C5B9F720808 # gpg: Good signature from "Kaliyuga <kaliyuga@riseup.net>" [ultimate] # gpg: aka "Kali Kaneko (leap communications) <kali@leap.se>" [ultimate]
2016-04-18[pkg] Update changelog0.5.1Kali Kaneko
2016-04-01[pkg] update to versioneer 0.16Kali Kaneko
2016-03-24[doc] update event annotationKali Kaneko
2016-03-24Merge remote-tracking branch 'leapcode/pr/139' into developKali Kaneko
2016-03-16[bug] close TxAuthenticator properlyChristoph Kluenter
otherwise the context.term() does not return
2016-03-11[feature] HookableServiceKali Kaneko
ad-hoc register/trigger mechanism used for service composition. to be used in bitmask.core and bitmask.bonafide in the first place.
2016-03-11Merge remote-tracking branch 'leapcode/pr/138' into developKali Kaneko
2016-03-10[setup] Added docs on how to run the testsBruno Wagner
Also added dirspec directly to the setuptools for now, because it needs the dependency along with the url, but pip would break if it had both
2016-03-10[setup] pycommon pip installs in edit modeBruno Wagner
Leap pycommon will now be installed in editable mode when you use pip install, so that you can run the tests and develop using only pip
2016-03-10[setup] Added dirspec url to requirementsBruno Wagner
I also added a conditional to the setup.py so that python setup.py develop can be used even with the dirspec url
2016-03-09[style] pep8Kali Kaneko
2016-02-29[tests] adapt events tests to recent changesKali Kaneko
2016-02-29[feature] reactor-based authenticatorKali Kaneko
We don't really need a thread to make use of the ZAP authenticator. Document bug fix after authenticator thread is gone
2016-02-23[bug] avoid the events server to block twistd daemonKali Kaneko
1. refactor the zmq_connect/bind methods to use the txzmq addEndpoints mechanism, which cleans up the code a bit. it uses the underlying bindOrConnect method. 2. wrap the addEndpoints call in a helper function that ensures that doRead is called afterward. I'm not fully comfortable with us still using the AuthenticatorThread, I believe we could go witha txzmq-based authenticator for curve.
2016-02-22[feature] optional flag to disable curve authenticationKali Kaneko
2016-02-18[feat] Get events working on windowsmeskio on windows
Always use tcp channels and disable curve encryption on the zmq connections. - Closes: #7899, #7239 - Related: #7919
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 20:56:26 +0000