summaryrefslogtreecommitdiff
path: root/client/changes
AgeCommit message (Collapse)Author
2015-09-21[bug] set the received active secret before saving local fileKali Kaneko
- bug: we were dumping the received secrets locally to disk *before* setting the received property for the active secret, and therefore the 'active_secret' was always marked as null. - refactor common code into an utility method.
2015-08-31[bug] emit dict instead of strIvan Alejandro
- Resolves: #7412
2015-08-27[tests] fix variable name from refactorVictor Shyba
From: [refactor] removing getters and setters from couch.py _couch_url was a private variable with getter and setter doing the same as a public variable. It is accessed all over the code, so being private with getters and setters didnt make sense. This commit fixes the tests to also follow this style from now on.
2015-08-26[pkg] fold in changes0.7.2Ivan Alejandro
2015-08-26[pkg] add missing changes filesIvan Alejandro
2015-08-24[refactor] add changes file about simplejson dep removaldrebs
2015-08-19[bug] wait for db init on sync decrypter pooldrebs
Previous to this modification, the initialization of the sync decrypter pool could happen concurrently with other database operations. That could cause the pool to hang because it could be waiting for something that was mistakenly deleted because of the wrong order of database operations. This commit implements a standard which we already use in leap.keymanager and leap.mail which makes some methods wait for the initialization operation before they are actually called. Closes: #7386
2015-08-11[feat] emit a dict instead of a strIvan Alejandro
2015-08-04[refactor] remove circular dependency in SoledadCryptoRuben Pollan
SoledadCrypto had Soledad as parameter to be able to use SoledadSecrets. SoledadSecrets had SoledadCrypto as parameter to use *crypt_sym. This commit removes this circular dependency passing directly the secret that SoledadCrypto cares about to the constructor and removing the *crypt_sym methods from SoledadCrypto. - Resolves: #7338
2015-08-04[test] add initial enc/dec pool testsdrebs
2015-07-27[bug] avoid double decryption of documentsdrebs
Because of how the incoming document queue is implemented, it could be the case that a document was sent to async decryption queue more than once. This commit creates a list of documents to be decrypted, so we avoid sending the same document to the queue more than once.
2015-07-27[bug] fix order of incoming document eventsdrebs
The incoming documents events are meant to be used by a progress bar for soledad sync, yet to be implemented. When deferred decryption was used, the events were sent out of order, depending on the order of arrival of the documents. This commit changes it so that the content of the emited events are in order, so it is meaningful for the implementation of a progress bar. Note that even after documents are received from the server, they will still be decrypted asynchronously, so another signal could be implemented to signal for the waiting of the decryption of incoming documents.
2015-07-27[bug] remove mac from secrets filedrebs
This is how a secret was stored in the secrets json file: * each secret is symmetrically encrypted amd MACed with keys derived from the user's passphrase. * the encrypted secrets dictionary is then MACed with another key derived * from the user's passphrase. * each key is derived using scrypt and a unique random salt. There are disadvantages to this approach: * repeating scrypt many times is a waste of time. * an attacker could crack whichever has weaker parameters, if they get out of sync. * if an attacker can modify the secret in a way it is good to decrypt the database, then she can also modify the MAC. The solution for this is: * completelly eliminate the MAC from the storage secrets file. * attempt to decrypt the database with whatever is got from the decryption of the secret. If that is wrong, report an error. Closes #6980.
2015-07-22[refactor] use a deferred to signal when SyncDecriptionPool has finishedRuben Pollan
It makes the code simpler and clearer to use a deferred instead of having to pull on 'has_finished'. - Related: #7234
2015-07-10[pkg] bump dependencies0.7.1Ivan Alejandro
bump leap.common min required version, new change needed 'collect_plugins'.
2015-07-10[pkg] fold in changesIvan Alejandro
2015-06-15[pkg] changes and version_compat bumpKali Kaneko
2015-06-04Merge tag '0.7.0' into developdrebs
Tag version 0.7.0. Conflicts: client/pkg/requirements.pip common/pkg/requirements.pip
2015-06-03[bug] do not block when getting doc for async encdrebs
Previous to this change, the actual encryption method used to run on its own thread. When the close method was called from another thread, the queue could be deleted after the encryption method loop had started, but before the queue was checked for new items. By removing that thread and moving the encryption loop to the reactor, that race condition should disappear. Closes: #7088.
2015-06-01[pkg] fold in changes0.7.0drebs
2015-06-01[pkg] bump dependency versionsdrebs
2015-05-27[feat] adapt to new events api on commonIvan Alejandro
- Related: #6359
2015-05-25[feature] add pool of http/https connectionsdrebs
Instead of opening one TCP connection for each HTTP request, we want to reuse connections. Also, we need to be able to verify SSL certificates. This commit implements both features in the twisted http client sync.
2015-05-20[feature] use twisted.web.client in client syncdrebs
This change uses twisted deferreds for the whole syncing process and paves the way to implementing other transport schemes. It removes a lot of threaded code that used locks and was very difficult to maintain, and lets twisted to the dirty work. Furthermore, all blocking network i/o is now handled asynchronously by the twisted. This commit removes the possibility of interrupting a sync, and we should reimplement it using cancellable deferreds if we need it.
2015-05-20[bug] fix order of insertion of decrypted docsdrebs
This commit actually does some different things: * When doing asynchronous decryption of incoming documents in soledad client during a sync, there was the possibility that a document corresponding to a newer generation would be decrypted and inserted in the local database before a document corresponding to an older generation. When this happened, the metadata about the target database (i.e. its locally-known generation) would be first updated to the newer generation, and then an attempt to insert a document corresponding to an older generation would cause the infamous InvalidGeneration error. To fix that we use the sync-index information that is contained in the sync stream to correctly find the insertable docs to be inserted in the local database, thus avoiding the problem described above. * Refactor the sync encrypt/decrypt pool to its own file. * Fix the use of twisted adbapi with multiprocessing. Closes: #6757.
2015-05-20[feature] use async adbapi for async decryptiondrebs
Since we started implementing twisted api in soledad, some pieces are missing. Accessing the sqlcipher database directly with the twisted adbapi facilities is one of them. The async encryption/decryption was touching the database directly, and this was causing some difficulties like having different threads accessing the same database. This commit implements the twisted adbapi stuff for the asynchronous encryption/decryption facilities. Next steps would be use async adbapi for async encryption and use async adbapi for all sqlcipher access.
2015-05-20[bug] fix log messages for secrets in storagedrebs
2015-05-20[bug] fix log messages when fetching documentsdrebs
We always got a log message saying "canceling sync threads" in the end of the sync process, even when there was no error during the sync. This commit changes that in a way that we only have that log when the sync was actually cancelled because of an error.
2015-05-20[bug] always initialize sync dbdrebs
Both deferred encryption and decryption rely on a special sync db. Previous to this fix, the sync db was only initialized if a syncer was configured with deferred encryption capabilities. This was a problem when the syncer was not configured like so, but the actual sync method was initiated configured to do deferred decryption. This commit fixes this by always initializing the sync db, so we have the option of doing all combinations of deferred encryption and decryption.
2015-03-19[fix] add/fix dependency on twisteddrebs
Add dependency on twisted for Soledad Client. Also remove minimum twisted version for Soledad Server because debian stable currently distributes 12.0.0 and pypi currently distributes 15.0.0. Closes: #6797
2015-02-20cutoff for encoding detectionKali Kaneko
2015-02-11Retry on SQLCipher timeout (#6625).drebs
2014-12-08Add encryption scheme, method and iv to symmetrically encrypted document MAC ↵drebs
(#6400).
2014-11-27force tls v1 in soledad client. Partially fixes #6437Kali Kaneko
2014-11-27Add changes file for #5855.drebs
2014-09-29Wait for last post request to finish before starting a new one during sync ↵drebs
(#5975).
2014-08-28Do not depend on pysqlite2 (#2945).drebs
2014-08-01Add changes file (#5895).drebs
2013-12-06Fold in changesTomás Touceda
2013-12-04Revert "Stop creating per-user databases. Closes #4626."Tomás Touceda
This reverts commit 6eeed5c116d38ebae7d9309dd2f11660f6cff37e.
2013-11-29Stop creating per-user databases. Closes #4626.drebs
2013-11-19Merge remote-tracking branch ↵Tomás Touceda
'drebs/feature/4348_add-mac-verification-to-recovery-doc' into develop
2013-11-19Add MAC verification to recovery document. Closes #4348.drebs
2013-11-08Merge remote-tracking branch 'kali/bug/default-detected-encoding-to-utf8' ↵Tomás Touceda
into develop
2013-11-08default detected encoding to utf-8Kali Kaneko
2013-11-07open db in autocommit modeKali Kaneko
2013-08-23Fold in changes0.3.1Tomás Touceda
2013-08-23packaging improvementsKali Kaneko
* add versioneer (patched for our particular repo config) * add parse_requirements to unify requirement handling
2013-08-21Split soledad into common, client and server.drebs