summaryrefslogtreecommitdiff
path: root/service/pixelated
AgeCommit message (Collapse)Author
2016-09-28remove private key from [gnupg] logs the right wayRoald de Vries
2016-09-28Adds fallback to previous way to get body message.Denis Costa
2016-09-28actually 404-ing valid requests but non-existing resourceNavaL
Issue #684
2016-09-27Fixes charset on welcome mail in portuguese.Denis Costa
2016-09-26[#668] Moved user folder under pixelated subfolderTulio Casagrande
2016-09-26Ensuring 503 is thrown whenever the root_resource is not yet initialized, ↵NavaL
for all cases, not just when it is csrf valid. Issue #684
2016-09-26rearranged leap session creation to not sync nor setup account/fetcher, when ↵NavaL
using the cache Issue #773
2016-09-23[#668] Put search index under pixelated subfolderTulio Casagrande
2016-09-23Replace SRPSession usages with bonafideTulio Casagrande
In order to replace leap_auth with bonafide, we created a class to hold the user credentials
2016-09-23Fixes typo.Denis Costa
2016-09-23Adds translation to welcome mail.Denis Costa
2016-09-22Moved all manhole start to manhole initBruno Wagner
The start_plugins part of the manhole initialization was being initialized, logging lines and creating a file whenever the user agent was started, as opposed to only when the manhole option is active
2016-09-22move loglinegenerator to the support packageRoald de Vries
2016-09-21open telnet/ssh port only on localhostRoald de Vries
2016-09-21add a first pluginRoald de Vries
2016-09-21use absolute path to manhole configRoald de Vries
2016-09-21allow both telnet and sshRoald de Vries
2016-09-21allow ssh for manholeRoald de Vries
2016-09-21add manhole option to user agentRoald de Vries
2016-09-13[#778] Handling case of failed key uploadTulio Casagrande
If we get any problem with the upload of the user's public key, we are deleting the key pair from the local database and denying login. That way, a new login will have a chance to regenerate the key and upload it properly.
2016-09-13[#778] Renaming get_key to be consistent with keymanagerTulio Casagrande
2016-09-12Implements bonafide to replace leap.authBruno Wagner
This still uses the SRPSession object to hold the credentials so we don't have to adapt the rest of the user agent code
2016-09-08Logging out a logged out user was breaking the UABruno Wagner
In case a user was being logged out and there's a soledad invalid auth token error, there might be an inconsistent state where the user session doesn't exist when this second logout is tried. This was breaking the login for that user until the next UA restart, I adapted the code to make logging out an user idempotent to prevent this corner case
2016-09-08Only send public key if a new key was generatedBruno Wagner
We were always sending the public key to nicknym, even if it was already there. The send_key method purpose is to update the public key in case a new pair is created and shouldn't be done at every login
2016-09-05Adapted register after latest changesBruno Wagner
Register was trying to use LeapConfig and breaking when trying to register users
2016-08-31Reading interstitial on class initBruno Wagner
The interstitial was being read at every login request, that was a blocking read on the main loop for every user. That file was also being opened and not closed at every request, that would aggravate the 'too many open files' problem
2016-08-30[#765] Move combined certificates to the leap folderTulio Casagrande
Since we are creating the combined certificates at the beginning of the UA and using it for multiple users, it makes more sense to create it in the leap folder instead of on a temporary file This bundle will be updated on every UA start
2016-08-29[#765] Move combined_ca_bundle to UA initializationTulio Casagrande
With this change we don't have to create the combined_ca_bundle for every user at every login. To support this change, we started migrating away from the LeapCertificate class that was making the LeapProvider setup more brittle
2016-08-26[Denis/Tulio][#769] Fix activist mode initializationTulio Casagrande
2016-08-24[#762] Remove smtp-service download from session creationTulio Casagrande
SMTP json is a blocking HTTP request that was taking ~1 sec of the session creation. We moved it to the UA initialization
2016-08-23Fixed leap home default home to use expand_pathBruno Wagner
In some cases, the default home was not expanding the user part of the path and was causing errors, now we make sure the path is expanded when setting the default value
2016-08-23Changes soledad json download orderBruno Wagner
Soledad json must only be downloaded after we fetch the api provider certificate, we can't make the request for it before having this cert
2016-08-23fix pep8Christoph Kluenter
2016-08-22Added clock support functionThais Siqueira
Now we can clock how long a piece of code takes to execute without being constrained by whole method like we were with the decorator
2016-08-19Started deferring leap session creation #759Bruno Wagner
Started adapting get_leap_session to deferreds Soledad and keymanager setup calls will now happen in deferreds and leap session creation itself is a deferred with callbacks This is a start in breaking the big blocking calls we were doing on the main thread, this was done without changing code inside the leap libraries yet so things can be further optimized This breaks the ~4 seconds get_leap_session piece into smaller 1 seconds one, that can be further optimized and deferred to even smaller calls There are requests calls happening on the main thread that should get this number even further down Also moved some pieces from bitmask libraries to our bootstrap, because they are not bitmask libraries anymore and that was causing confusion
2016-08-19Removed auth from leap session #759Bruno Wagner
Authentication is now consistently done before creating the leap session, so I removed the auth attempt from inside the leap session factory
2016-08-19Normalizing single and multi user bootstrap #759Bruno Wagner
Consolidated authentication to always be done is a defer to thread and changed the authenticate_user method name to conform with what it actually does
2016-08-19Removed cert download from session creation #759Bruno Wagner
It is already done earlier in the bootstrap and is not user specific, so shouldn't be done on user bootstrap
2016-07-04Issue #738: Bypass cookie validation for sandboxFelix Hammerl
2016-06-28Normalize i18n keysTulio Casagrande
2016-06-27Csrf not being enforced on GETCaio Carrara
2016-06-27Fix xsrf-token verification in async callsCaio Carrara
The previous behaviour only checked xsrf-token in headers, but it can be informed in a token as well.
2016-06-24Issue #694 add an admin restricted resource for user statsNavaL
2016-06-23refactoring: renaming services factory methods to relate them to user ↵NavaL
services sessions
2016-06-23refactoring: moved Service factories to the service config fileNavaL
2016-06-16Fix UNNAMED attachment bugTulio Casagrande
Previously some attachments were being showed as UNNAMED. This change fix it and creates propers tests for attachments. See: #608
2016-06-16Stops filtering application/pgp-keys attachmentsTulio Casagrande
See: #608
2016-06-14starting the server when the reactor is running and adding proper error ↵NavaL
handling during multi-user boostrap - reactor.stop will not work if the reactor is not running. This will make sure it will be stopped on bootstrap errors now. - added a wrapper that returns a defer.fail for exceptions thrown during the multi-user boostrap - Issue #535
2016-06-14Empty FEEDBACK_URL env variable should also disable feedbackNavaL
This is needed as we need to provide empty FEEDBACK_URL, just to remind that it can be set if desired Issue #710
2016-06-07Update keymanager calls due api updateCaio Carrara
Some keymanager api was updated, so we needed to update some calls.