soledad.git - [soledad]

Age	Commit message (Collapse)	Author
2017-02-09	[feature] announce server blobs capabilities	drebs
	- add a new ServerInfo resource for / - move entrypoint to its own module
2017-02-09	[refactor] rename server auth classes	drebs

2017-02-09	[feature] add server config option for blobs	drebs

2017-02-09	[test] move server auth tests to its own file	drebs

2017-02-09	[feature] add server config option for blobs	drebs

2017-02-09	[bug] Fix import for load_configuration on migration script	Thais Siqueira

2017-02-09	[refactor] allow passing threadpool pool for server sync resource	drebs
	Conflicts: server/src/leap/soledad/server/_resource.py testing/tests/server/test__resource.py
2017-02-09	[refactor] move wsgi sync setup to its own module	drebs
	Conflicts: server/src/leap/soledad/server/_wsgi.py server/src/leap/soledad/server/entrypoint.py server/src/leap/soledad/server/resource.py testing/tests/server/test__resource.py
2017-02-09	[test] fix session and auth tests	drebs

2017-02-09	[test] add tests for server auth session	drebs

2017-02-09	[test] add tests for server auth	drebs

2017-02-09	[refactor] remove twisted session persistence	drebs
	The need for token caching in server is a matter of debate, as is the ideal way to do it. Twisted sessions store the session id in a cookie and use that session id to persist. It is not clear if that implementation is needed, works with future features (as multiple soledad servers) or represents a security problem in some way. Because of these, this commit removes it for now. The feature is left in git history so we can bring it back later if needed.
2017-02-09	[test] split url mapper test in many smaller tests	drebs

2017-02-09	[bug] fix name of module on import	drebs

2017-02-09	[refactor] remove leftover code from previous wsgi auth	drebs

2017-02-09	[refactor] separate url mapper, avoid hanging tests	drebs
	Because the wsgi resource has its own threadpool, tests might get confused when shutting down and the reactor may get clogged waiting for the threadpool to be stopped. By refactoring the URLMapper to its own module, server tests can avoid loading the resource module, where the wsgi threadpool resides, so the threapool will not be started.
2017-02-09	[feat] use cookies in the client syncer	drebs

2017-02-09	[feat] cache session data in server	drebs

2017-02-09	[feat] use twisted web http auth and creds	drebs

2017-02-09	[feat] reuse the url mapper instead of creating it for every request	drebs

2017-02-09	[bug] disallow all requests to "user-{uuid}/"	drebs

2017-02-09	[pkg] improve migration script logging	drebs

2017-02-09	[doc] improve comment for client secrets file migration function	drebs

2017-02-09	[test] move client secrets tests to its own file	drebs

2017-02-09	[bug] several fixes for secrets refactor	drebs
	- store ENC_METHOD value instead of string in secrets file - allow for migration of not-activated secrets - allow migration of 'aes256' and ENC_METHOD secrets cipher
2017-02-09	[bug] Fix import for load_configuration on migration script	Thais Siqueira
	Related with https://leap.se/code/issues/8742
2017-02-09	[test] fix test after secrets refactor	drebs

2017-02-09	[bug] use derived key for local storage	drebs

2017-02-09	[refactor] improve secrets generation and storage code	drebs

2016-12-22	Merge tag '0.9.2'	drebs
	Tag version 0.9.2 # gpg: Signature made Thu 22 Dec 2016 05:33:30 PM BRST # gpg: using RSA key 0x6071E70DCACC60B2 # gpg: Good signature from "drebs (work key) <db@leap.se>" [ultimate] # gpg: aka "drebs (work key) <drebs@leap.se>" [ultimate] # Impressão da chave primária: 9F73 295B 6306 E06F 3151 99AE 6071 E70D CACC 60B2
2016-12-22	[pkg] update changelog for 0.9.20.9.2 release/0.9.x	drebs

2016-12-19	[test] remove benchmark from ci pipeline	drebs

2016-12-17	[test] add couchdb tag for tests	drebs

2016-12-17	[pkg] use a twisted resource as server entrypoint	drebs

2016-12-12	[test] configure baremetal gitlab ci runner	drebs

2016-12-12	[feature] Change CTR to GCM on secrets.py	Victor Shyba
	Current implementation can allow tampering and the CTR->GCM exchange can help to avoid it. This commits also alters a behaviour where we moved ahead after failing to decrypt a recovery document. IMHO we can't move ahead as this is a fatal error. Signed-off-by: Victor Shyba <victor1984@riseup.net>
2016-12-12	[feature] Add retro compat on secrets.py ciphers	Victor Shyba
	Integrated the secrets's JSON key that specifies ciphers into _crypto and added optional GCM. Also added a test to check if both cipher types can be imported. Resolves: #8680 Signed-off-by: Victor Shyba <victor1984@riseup.net>
2016-12-12	[feature] use GCM instead of CTR+HMAC	Victor Shyba
	Resolves: #8668 - client: substitute usage of CTR mode + HMAC by GCM cipher mode Signed-off-by: Victor Shyba <victor1984@riseup.net>
2016-12-12	[refactor] improve blob signature magic usage	Victor Shyba
	Our magic value wasn't being used and were represented as a string. Refactored it to a constant, increased it's size to 2 bytes and optimzed is_symmetrically_encrypted to look for the magic and symmetrically encrypted flag under base64 encoding. Most file types will use this feature to help identifying themselves, so it got refactored to serve the purpose it was created.
2016-12-12	[bug] enable batching again	Victor Shyba
	Something happened during rebase. This configuration is supposed to be True by default now.
2016-12-12	[style] fixes from code-review	Victor Shyba
	Naming, interfaces and other details.
2016-12-12	[feature] speed up sync benchmark setup code	Victor Shyba
	We aren't testing huge payloads on CI, so it doesn't make sense to insert docs one by one. 'gatherResults' can speed up bench setup.
2016-12-12	[refactor] introduces a GenericWriter	Victor Shyba
	AESWriter and HMACWriter are just applying hmac or aes into a flow of data. Abstracted the application of those operations into a super class and highlighted just the difference on each implementation.
2016-12-12	[refactor] adds PipeableWriter to pipe two streams	Victor Shyba
	VerifiedEncryptor and VerifiedDecryptor are just a pipe and a fan-out. This class provides both behaviors to two distinct writeable things.
2016-12-12	[refactor] simplify _crypto	Victor Shyba
	After adding the streaming decrypt, some classes were doing almost the same thing. Unified them. Also fixed some module level variables to upper case and some class name to camel case.
2016-12-12	[refactor] improve logging	Victor Shyba
	Some exceptions were missing a proper description and client_side_db.py script wasn't capturing logs from Twisted.
2016-12-12	[bug] make the semaphore cover all parsing	Victor Shyba
	Unfortunately, if a doc finishes decryption before the previous one we will still have an issue while inserting. This commits solves it by adding the parse and decrypt inside of the semaphore.
2016-12-12	[feature] make _crypto stream on decryption	Victor Shyba
	We are already doing this on encryption, now we can stream also from decryption. This unblocks the reactor and will be valuable for blobs-io.
2016-12-12	[feature] delimit preamble from ciphertext	Victor Shyba
	We now encode preamble and ciphertext+hmac in two distinct payloads separated by a space. This allows metadata to be extracted and used before decoding the whole document. It also introduces a single packer for packing and unpacking of data instead of reads and writes. Downside: doc_id and rev are limited to 255 chars now.
2016-12-12	[refactor] Hide IV, simplify some calls	Victor Shyba
	IV was being set during tests and this required some defensive coding to avoid IV being set in production. This commits makes the test use the generated IV and "hides" it using a read-only property to let it clear this should never happen. Also refactored out some parameters that are generated automatically to reduce some lines of code and enhance readability.