Age | Commit message (Collapse) | Author |
|
|
|
- update pip
- install base reqs, with insecure flags for dirspec and u1db
|
|
|
|
this is part of a process to make the setup of the development mode less
troublesome. from now on, setting up a virtualenv in pure development
mode will be as easy as telling pip to just install the external dependencies::
pip install -r pkg/requirements.pip
and traversing all the leap repos for the needed leap dependencies doing::
python setup.py develop
- Related: #7288
|
|
Once upon a time we needed to pin the PyOpenSSL version to avoid unneeded
crypto deps (see https://leap.se/code/issues/5368#note-5). Since then, jessie
was released and PyOpenSSL 0.14 is now shipped with it. We have removed that
pinning from the debian package, and it is not needed here.
|
|
|
|
soledad-common versions before 0.6.5 do not contain the fix for #6833 and thus
will not work with most recent server. That is why we have to bump this
soledad-server dependency on soledad.common.
|
|
This commit removes some leftover code from a time when Soledad Server used to
check for permissions on certain databases when starting (i.e. shared and
tokens databases). This was later removed as correct permissions enforcement
was relayed to tapicero.
Closes: #6833.
|
|
In the past, we wanted dependency on leap.common to be optional, but now
because of the explicit use of the config path prefix and signaling, we want
to enforce dependency on leap.common.
|
|
Add dependency on twisted for Soledad Client. Also remove minimum twisted
version for Soledad Server because debian stable currently distributes 12.0.0
and pypi currently distributes 15.0.0.
Closes: #6797
|
|
Any solead release that includes this commit will be incompatible with LEAP
Platform < 0.6.1 because only from that version on the platform implements the
ephemeral monthly tokens databases.
Closes: #6785.
|
|
|
|
|
|
Although the API can be misleading, PROTOCOL_SSLv23 selects the highest
protocol version that both the client and server support. Despite the
name, this option can select “TLS” protocols as well as “SSL”.
In this way, we can use TLSv1.2 (PROTOCOL_TLSv1 will *only* give us TLS
v1.0)
In the client side, we try to disable SSLv2 and SSLv3 options
explicitely.
The python version in wheezy does not offer PROTOCOL_TLSv1_2 nor
OP_NO_SSLv2 or OP_NO_SSLv3 (It's new in 2.7.9)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(#4994).
|
|
|
|
|
|
|
|
|
|
|
|
until now this was only possible when running python setup.py version
from the source tree. now the <module>.__version__ also reports
correctly the runnng version
|
|
|
|
|
|
|
|
|
|
* Improve bootstrap sequence:
- stages are more organized.
- there are less useless requests to server.
* Improve shared db access:
- instantiate the shared db only once.
- also results in less requests to server.
* Handle unicode passphrases.
* Move some common functions and global variables to common.
* Improve security of recovery document:
- access to the recovery document now depends on the user password.
* Improve documentation.
|