Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
- update pip
- install base reqs, with insecure flags for dirspec and u1db
|
|
Because of how the incoming document queue is implemented, it could be the
case that a document was sent to async decryption queue more than once. This
commit creates a list of documents to be decrypted, so we avoid sending the
same document to the queue more than once.
|
|
|
|
The incoming documents events are meant to be used by a progress bar for
soledad sync, yet to be implemented. When deferred decryption was used, the
events were sent out of order, depending on the order of arrival of the
documents. This commit changes it so that the content of the emited events are
in order, so it is meaningful for the implementation of a progress bar.
Note that even after documents are received from the server, they will still
be decrypted asynchronously, so another signal could be implemented to signal
for the waiting of the decryption of incoming documents.
|
|
|
|
This is how a secret was stored in the secrets json file:
* each secret is symmetrically encrypted amd MACed with keys derived from
the user's passphrase.
* the encrypted secrets dictionary is then MACed with another key derived
* from the user's passphrase.
* each key is derived using scrypt and a unique random salt.
There are disadvantages to this approach:
* repeating scrypt many times is a waste of time.
* an attacker could crack whichever has weaker parameters, if they get out
of sync.
* if an attacker can modify the secret in a way it is good to decrypt the
database, then she can also modify the MAC.
The solution for this is:
* completelly eliminate the MAC from the storage secrets file.
* attempt to decrypt the database with whatever is got from the decryption
of the secret. If that is wrong, report an error.
Closes #6980.
|
|
resulting from the previous pep8 cleanup
|
|
|
|
|
|
|
|
|
|
|
|
- Related: #7288
|
|
to make all CIs happy :)
|
|
Deferred encryption was disabled because the soledad u1db wrapper for adbapi
did not correctly udated the parameter that controls it. Also, it did not
contain the encrypter pool. This commit moves the sync db and encrypt pool to
the main api, so they can be passed to the wrapper and deferred encryption
can work.
|
|
* Close soledad when finished.
* Allow creation of many documents.
* Store timestamp in documents.
* Log errors.
* Update docstrings.
|
|
|
|
|
|
|
|
this is part of a process to make the setup of the development mode less
troublesome. from now on, setting up a virtualenv in pure development
mode will be as easy as telling pip to just install the external dependencies::
pip install -r pkg/requirements.pip
and traversing all the leap repos for the needed leap dependencies doing::
python setup.py develop
- Related: #7288
|
|
It makes the code simpler and clearer to use a deferred instead of
having to pull on 'has_finished'.
- Related: #7234
|
|
bump leap.common min required version, new change needed
'collect_plugins'.
|
|
|
|
master and develop "diverged" because a merge commit, this moves us
back to good track.
|
|
When trying to use an unexisting list function, to alter a view, the error is
not a missing document error, but an obscure "TypeError" saying that "point is
undefined" because of the way the javascript code in couchdb server tries to
find the list function.
This commit adds a catch for that error and raises the proper exception in the
soledad couch module.
|
|
|
|
HTTP client cached connections will hang around in the reactor if they are not
properly cleaned up, and might raise a "reactor unclean" message on shutdown.
This commit adds a close() method to the client http target that will cleanup
those connections.
|
|
|
|
Using real uuid to separate Locks on each test allow them to
be run in parallel. Using real uuid also allows parallel syncs.
This is being done to allow test suite to run in parallel on future.
|
|
after suggestions in the review
|
|
|
|
|
|
|
|
|
|
|
|
implementing a generic plugin interface to allow other modules to react
to soledad syncs, receiving a list of document ids that they've
subscribed to.
- Resolves: #6996
- Releases: 0.7.1
|
|
|
|
Once upon a time we needed to pin the PyOpenSSL version to avoid unneeded
crypto deps (see https://leap.se/code/issues/5368#note-5). Since then, jessie
was released and PyOpenSSL 0.14 is now shipped with it. We have removed that
pinning from the debian package, and it is not needed here.
|
|
|
|
Tag version 0.7.0.
Conflicts:
CHANGELOG
client/src/leap/soledad/client/__init__.py
client/src/leap/soledad/client/sqlcipher.py
client/src/leap/soledad/client/target.py
server/pkg/soledad-server
|
|
Tag version 0.7.0.
Conflicts:
client/pkg/requirements.pip
common/pkg/requirements.pip
|
|
When async decrypting, we want to finish as fast as possible. When encrypting,
though, we don't have such a rush. With an encryption loop period of 2
seconds, we're able to encrypt 30 documents in one minute (the current bitmask
client sync period), which is meaningful: should moderatelly use the processor
while not syncing and relief from some work when actually syncing.
|
|
Previous to this change, the actual encryption method used to run on its own
thread. When the close method was called from another thread, the queue could
be deleted after the encryption method loop had started, but before the queue
was checked for new items.
By removing that thread and moving the encryption loop to the reactor, that
race condition should disappear.
Closes: #7088.
|
|
Queue exceptions are not in multiprocessing.Queue module, but in plain Queue
instead.
|
|
|
|
|