diff options
| -rw-r--r-- | docs/sphinx/client.rst | 45 | ||||
| -rw-r--r-- | docs/sphinx/common.rst | 6 | ||||
| -rw-r--r-- | docs/sphinx/conf.py | 6 | ||||
| -rw-r--r-- | docs/sphinx/index.rst | 12 | ||||
| -rw-r--r-- | docs/sphinx/server.rst | 90 | ||||
| -rw-r--r-- | docs/sphinx/sync.rst | 39 | ||||
| -rw-r--r-- | server/src/leap/soledad/server/__init__.py | 65 | 
7 files changed, 101 insertions, 162 deletions
| diff --git a/docs/sphinx/client.rst b/docs/sphinx/client.rst index 0c608c31..ed813634 100644 --- a/docs/sphinx/client.rst +++ b/docs/sphinx/client.rst @@ -1,44 +1,9 @@ -Soledad Client documentation -============================ +Soledad Client API +================== -.. automodule:: leap.soledad.client -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.client.auth -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.client.crypto -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.client.shared_db -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.client.soledad_db -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.client.sqlcipher -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: +.. toctree:: +   :maxdepth: 2 -.. automodule:: leap.soledad.client.target +.. autoclass:: leap.soledad.client.Soledad      :members:      :undoc-members: -    :private-members: -    :show-inheritance: diff --git a/docs/sphinx/common.rst b/docs/sphinx/common.rst index 8755b3bd..f7a3dfa8 100644 --- a/docs/sphinx/common.rst +++ b/docs/sphinx/common.rst @@ -19,12 +19,6 @@ Soledad Common documentation      :private-members:      :show-inheritance: -.. automodule:: leap.soledad.common.ddocs -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: -  .. automodule:: leap.soledad.common.document      :members:      :undoc-members: diff --git a/docs/sphinx/conf.py b/docs/sphinx/conf.py index 552e5f56..bad9da6e 100644 --- a/docs/sphinx/conf.py +++ b/docs/sphinx/conf.py @@ -34,7 +34,7 @@ extensions = [      'sphinx.ext.autodoc',      'sphinx.ext.todo',      'sphinx.ext.coverage', -    'sphinx.ext.pngmath', +    'sphinx.ext.imgmath',      'sphinx.ext.viewcode',  ] @@ -59,9 +59,9 @@ copyright = u'2014, LEAP Encryption Access Project'  # built documents.  #  # The short X.Y version. -version = '0.4' +#version = '0.4'  # The full version, including alpha/beta/rc tags. -release = '0.4.0' +#release = '0.4.0'  # The language for content autogenerated by Sphinx. Refer to documentation  # for a list of supported languages. diff --git a/docs/sphinx/index.rst b/docs/sphinx/index.rst index 6298d034..c4ccffc9 100644 --- a/docs/sphinx/index.rst +++ b/docs/sphinx/index.rst @@ -6,22 +6,16 @@  Soledad documentation  ===================== -Contents: +Soledad is an acronym for Synchronization of Locally Encrypted Data Among +Devices. It is LEAP's solution for synchronizing client-encrypted data among +all user's devices that access a LEAP provider.  .. toctree::     :maxdepth: 2 -   common     client     server -.. automodule:: leap.soledad.common -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -  Indices and tables  ================== diff --git a/docs/sphinx/server.rst b/docs/sphinx/server.rst index f093adf4..4f99f266 100644 --- a/docs/sphinx/server.rst +++ b/docs/sphinx/server.rst @@ -1,27 +1,71 @@  Soledad Server documentation  ============================ -.. automodule:: leap.soledad.server -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.server.auth -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.server.gzip_middleware -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: - -.. automodule:: leap.soledad.server.lock_resource -    :members: -    :undoc-members: -    :private-members: -    :show-inheritance: +A U1DB server that stores data using CouchDB as its persistence layer. +.. contents:: +   :local: + +General information +------------------- + +This is written as a Twisted application and intended to be run using the +twistd command. To start the soledad server, run: + +.. code-block:: bash + +    twistd -n web \ +        --class=leap.soledad.server.entrypoint.SoledadEntrypoint \ +        --port=X + +An systemd script is included and will be installed system wide to make it +feasible to start and stop the Soledad server service using a standard +interface. + +Server database organization +---------------------------- + +Soledad Server works with one database per user and one shared database in +which user's encrypted secrets might be stored. + +User database +~~~~~~~~~~~~~ + +Users' databases in the server are named 'user-<uuid>' and Soledad Client +may perform synchronization between its local replicas and the user's +database in the server. Authorization for creating, updating, deleting and +retrieving information about the user database as well as performing +synchronization is handled by the `leap.soledad.server.auth` module. + +Shared database +~~~~~~~~~~~~~~~ + +Each user may store password-encrypted recovery data in the shared database. + +Recovery documents are stored in the database without any information that +may identify the user. In order to achieve this, the doc_id of recovery +documents are obtained as a hash of the user's uid and the user's password. +User's must have a valid token to interact with recovery documents, but the +server does not perform further authentication because it has no way to know +which recovery document belongs to each user. + +This has some implications: + +  * The security of the recovery document doc_id, and thus of access to the +    recovery document (encrypted) content, as well as tampering with the +    stored data, all rely on the difficulty of obtaining the user's password +    (supposing the user's uid is somewhat public) and the security of the hash +    function used to calculate the doc_id. + +  * The security of the content of a recovery document relies on the +    difficulty of obtaining the user's password. + +  * If the user looses his/her password, he/she will not be able to obtain the +    recovery document. + +  * Because of the above, it is recommended that recovery documents expire +    (not implemented yet) to prevent excess storage. + +The authorization for creating, updating, deleting and retrieving recovery +documents on the shared database is handled by `leap.soledad.server.auth` +module. diff --git a/docs/sphinx/sync.rst b/docs/sphinx/sync.rst index f243befb..b9d4c858 100644 --- a/docs/sphinx/sync.rst +++ b/docs/sphinx/sync.rst @@ -1,31 +1,34 @@  Soledad sync process  ==================== +TODO: this documentation needs to be updated to account for new streaming encryption method. +  Phases of sync: -(1) client acquires knowledge about server state. http GET -(2) client sends its documents to the server. http POSTs, or a single POST. -(3) client downloads documents from the server. -(4) client records its new state on the server. +1. client acquires knowledge about server state. +2. client sends its documents to the server. +3. client downloads documents from the server. +4. client records its new state on the server.  Originally in u1db: -    (1) is a GET, -    (2) and (3) are one POST (send in body, receive in response), -    (4) is a PUT. + +* **1** is a GET, +* **2** and **3** are one POST (send in body, receive in response), +* **4** is a PUT.  In soledad: -(1) is a GET. -(2) is either 1 or a series of sequential POSTS. -  (2.1) encrypt asynchronously -  (2.2) store in temp sync db -  (2.3) upload sequentially ***THIS IS SLOW*** -(3) is a series of concurrent POSTS, insert sequentially on local client db. -  (3.1) download concurrently -  (3.2) store in temp sync db -  (3.3) decrypt asynchronously -  (3.4) insert sequentially in local client db -(4) is a PUT. +* **1** is a GET. +* **2** is either 1 or a series of sequential POSTS. +    * **2.1** encrypt asynchronously +    * **2.2** store in temp sync db +    * **2.3** upload sequentially +* **3** is a series of concurrent POSTS, insert sequentially on local client db. +    * **3.1** download concurrently +    * **3.2** store in temp sync db +    * **3.3** decrypt asynchronously +    * **3.4** insert sequentially in local client db +* **4** is a PUT.  This difference between u1db and soledad was made in order to be able to gracefully interrupt the sync in the middle of the upload or the download. diff --git a/server/src/leap/soledad/server/__init__.py b/server/src/leap/soledad/server/__init__.py index 6640bab4..a4080f13 100644 --- a/server/src/leap/soledad/server/__init__.py +++ b/server/src/leap/soledad/server/__init__.py @@ -17,69 +17,8 @@  """ -A U1DB server that stores data using CouchDB as its persistence layer. - -General information -=================== - -This is written as a Twisted application and intended to be run using the -twistd command. To start the soledad server, run: - -    twistd -n web \ -        --wsgi=leap.soledad.server.application.wsgi_application \ -        --port=X - -An initscript is included and will be installed system wide to make it -feasible to start and stop the Soledad server service using a standard -interface. - -Server database organization -============================ - -Soledad Server works with one database per user and one shared database in -which user's encrypted secrets might be stored. - -User database -------------- - -Users' databases in the server are named 'user-<uuid>' and Soledad Client -may perform synchronization between its local replicas and the user's -database in the server. Authorization for creating, updating, deleting and -retrieving information about the user database as well as performing -synchronization is handled by the `leap.soledad.server.auth` module. - -Shared database ---------------- - -Each user may store password-encrypted recovery data in the shared database. - -Recovery documents are stored in the database without any information that -may identify the user. In order to achieve this, the doc_id of recovery -documents are obtained as a hash of the user's uid and the user's password. -User's must have a valid token to interact with recovery documents, but the -server does not perform further authentication because it has no way to know -which recovery document belongs to each user. - -This has some implications: - -  * The security of the recovery document doc_id, and thus of access to the -    recovery document (encrypted) content, as well as tampering with the -    stored data, all rely on the difficulty of obtaining the user's password -    (supposing the user's uid is somewhat public) and the security of the hash -    function used to calculate the doc_id. - -  * The security of the content of a recovery document relies on the -    difficulty of obtaining the user's password. - -  * If the user looses his/her password, he/she will not be able to obtain the -    recovery document. - -  * Because of the above, it is recommended that recovery documents expire -    (not implemented yet) to prevent excess storage. - -The authorization for creating, updating, deleting and retrieving recovery -documents on the shared database is handled by `leap.soledad.server.auth` -module. +The Soledad Server allows for recovery document storage and database +synchronization.  """  import six.moves.urllib.parse as urlparse | 
