Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-02-10 | [bug] fix typo in the resource path | Kali Kaneko | |
2017-02-09 | [docs] add changelog-next file | Kali Kaneko | |
2017-02-09 | [pkg] add systemd service file to master | Kali Kaneko | |
this is to ease the packaging flow used in some environments like Pixelated, that use a debian branch against different branches. - Resolves: #8762 | |||
2017-02-09 | [test] move server url mapper tests to its own file | drebs | |
2017-02-09 | [refactor] parametrize blobs toggling in soledad server resource | drebs | |
2017-02-09 | [refacor] make proper use of twisted web dyamic resources in server | drebs | |
2017-02-09 | [refactor] allow passing threadpool pool for server sync resource | drebs | |
2017-02-09 | [refactor] move wsgi sync setup to its own module | drebs | |
2017-02-09 | [test] add tests for server resource and server info | drebs | |
2017-02-09 | [feature] announce server blobs capabilities | drebs | |
- add a new ServerInfo resource for / - move entrypoint to its own module | |||
2017-02-09 | [refactor] rename server auth classes | drebs | |
2017-02-09 | [feature] add server config option for blobs | drebs | |
2017-02-09 | [test] move server auth tests to its own file | drebs | |
2017-02-09 | [feature] add server config option for blobs | drebs | |
2017-02-09 | [bug] Fix import for load_configuration on migration script | Thais Siqueira | |
2017-02-09 | [refactor] allow passing threadpool pool for server sync resource | drebs | |
Conflicts: server/src/leap/soledad/server/_resource.py testing/tests/server/test__resource.py | |||
2017-02-09 | [refactor] move wsgi sync setup to its own module | drebs | |
Conflicts: server/src/leap/soledad/server/_wsgi.py server/src/leap/soledad/server/entrypoint.py server/src/leap/soledad/server/resource.py testing/tests/server/test__resource.py | |||
2017-02-09 | [test] fix session and auth tests | drebs | |
2017-02-09 | [test] add tests for server auth session | drebs | |
2017-02-09 | [test] add tests for server auth | drebs | |
2017-02-09 | [refactor] remove twisted session persistence | drebs | |
The need for token caching in server is a matter of debate, as is the ideal way to do it. Twisted sessions store the session id in a cookie and use that session id to persist. It is not clear if that implementation is needed, works with future features (as multiple soledad servers) or represents a security problem in some way. Because of these, this commit removes it for now. The feature is left in git history so we can bring it back later if needed. | |||
2017-02-09 | [test] split url mapper test in many smaller tests | drebs | |
2017-02-09 | [bug] fix name of module on import | drebs | |
2017-02-09 | [refactor] remove leftover code from previous wsgi auth | drebs | |
2017-02-09 | [refactor] separate url mapper, avoid hanging tests | drebs | |
Because the wsgi resource has its own threadpool, tests might get confused when shutting down and the reactor may get clogged waiting for the threadpool to be stopped. By refactoring the URLMapper to its own module, server tests can avoid loading the resource module, where the wsgi threadpool resides, so the threapool will not be started. | |||
2017-02-09 | [feat] use cookies in the client syncer | drebs | |
2017-02-09 | [feat] cache session data in server | drebs | |
2017-02-09 | [feat] use twisted web http auth and creds | drebs | |
2017-02-09 | [feat] reuse the url mapper instead of creating it for every request | drebs | |
2017-02-09 | [bug] disallow all requests to "user-{uuid}/" | drebs | |
2017-02-09 | [pkg] improve migration script logging | drebs | |
2017-02-09 | [doc] improve comment for client secrets file migration function | drebs | |
2017-02-09 | [test] move client secrets tests to its own file | drebs | |
2017-02-09 | [bug] several fixes for secrets refactor | drebs | |
- store ENC_METHOD value instead of string in secrets file - allow for migration of not-activated secrets - allow migration of 'aes256' and ENC_METHOD secrets cipher | |||
2017-02-09 | [bug] Fix import for load_configuration on migration script | Thais Siqueira | |
Related with https://leap.se/code/issues/8742 | |||
2017-02-09 | [test] fix test after secrets refactor | drebs | |
2017-02-09 | [bug] use derived key for local storage | drebs | |
2017-02-09 | [refactor] improve secrets generation and storage code | drebs | |
2016-12-22 | Merge tag '0.9.2' | drebs | |
Tag version 0.9.2 # gpg: Signature made Thu 22 Dec 2016 05:33:30 PM BRST # gpg: using RSA key 0x6071E70DCACC60B2 # gpg: Good signature from "drebs (work key) <db@leap.se>" [ultimate] # gpg: aka "drebs (work key) <drebs@leap.se>" [ultimate] # Impressão da chave primária: 9F73 295B 6306 E06F 3151 99AE 6071 E70D CACC 60B2 | |||
2016-12-22 | [pkg] update changelog for 0.9.20.9.2release/0.9.x | drebs | |
2016-12-19 | [test] remove benchmark from ci pipeline | drebs | |
2016-12-17 | [test] add couchdb tag for tests | drebs | |
2016-12-17 | [pkg] use a twisted resource as server entrypoint | drebs | |
2016-12-12 | [test] configure baremetal gitlab ci runner | drebs | |
2016-12-12 | [feature] Change CTR to GCM on secrets.py | Victor Shyba | |
Current implementation can allow tampering and the CTR->GCM exchange can help to avoid it. This commits also alters a behaviour where we moved ahead after failing to decrypt a recovery document. IMHO we can't move ahead as this is a fatal error. Signed-off-by: Victor Shyba <victor1984@riseup.net> | |||
2016-12-12 | [feature] Add retro compat on secrets.py ciphers | Victor Shyba | |
Integrated the secrets's JSON key that specifies ciphers into _crypto and added optional GCM. Also added a test to check if both cipher types can be imported. Resolves: #8680 Signed-off-by: Victor Shyba <victor1984@riseup.net> | |||
2016-12-12 | [feature] use GCM instead of CTR+HMAC | Victor Shyba | |
Resolves: #8668 - client: substitute usage of CTR mode + HMAC by GCM cipher mode Signed-off-by: Victor Shyba <victor1984@riseup.net> | |||
2016-12-12 | [refactor] improve blob signature magic usage | Victor Shyba | |
Our magic value wasn't being used and were represented as a string. Refactored it to a constant, increased it's size to 2 bytes and optimzed is_symmetrically_encrypted to look for the magic and symmetrically encrypted flag under base64 encoding. Most file types will use this feature to help identifying themselves, so it got refactored to serve the purpose it was created. | |||
2016-12-12 | [bug] enable batching again | Victor Shyba | |
Something happened during rebase. This configuration is supposed to be True by default now. | |||
2016-12-12 | [style] fixes from code-review | Victor Shyba | |
Naming, interfaces and other details. |