Age | Commit message (Collapse) | Author |
|
Incoming API will receive externally encrypted PGP documents. This
commit adds this kind of encryption scheme and method to preamble module
on soledad.common
-- Resolves: #8890
|
|
This move allows server to use it on #8868 as described in #8890
-- Relates: #8890
|
|
Extracted preamble code for making space to #8890 changes.
-- Related: #8890
|
|
|
|
there is a combination that was failing, with a recent-enough version of
cryptography coming from jessie-backports (>1.0), but still being linked
to openssl 1.0 which does not have a usable scrypt backend.
with this commit we fallback on doing scrypt using python's scrypt
package.
|
|
|
|
|
|
leap.common 0.6.0 renamed this method.
we should think about not using the factory directly, since we want to
deprecate leap.common.http
|
|
This needs OpenSSL >= 1.1, otherwise it will keep using the scrypt
dependency.
We should think about deprecating scrypt as a dependency when we can be
sure that the adoption of libssl 1.1 is wide enough. I think that at
some point (soledad 0.11 or so) we can drop the scrypt dependency, which
was being somehow problematic at times (the _scrypt.so was not appearing
when installing with pip, needed workarounds). From that moment on, we
can raise an error if an old libssl is found and no scrypt can be
imported - leaving that to the user/packager.
In debian stretch and afterwards, you can get that version by installing
libssl-dev
- Related: #8472
|
|
Adds an extra parameter called "namespace" on the backend interface and
on FileSystemBlobsBackend. This parameter overrides default id
partitioning and uses a separate folder for a custom namespace.
-- Resolves: #8889
|
|
|
|
Adds the routing code for exposing /incoming from SoledadResource.
- Related: #8827
|
|
|
|
|
|
|
|
|
|
We have been discussing about this merge for a while.
Its main goal is to simplify things: code navigation, but also
packaging.
The rationale is that the code is more cohesive in this way, and there's
only one source package to install.
Dependencies that are only for the server or the client will not be
installed by default, and they are expected to be provided by the
environment. There are setuptools extras defined for the client and the
server.
Debianization is still expected to split the single source package into
3 binaries.
Another avantage is that the documentation can now install a single
package with a single step, and therefore include the docstrings into
the generated docs.
- Resolves: #8896
|
|
|
|
develop
|
|
|
|
|
|
|
|
|
|
* Encapsulate leap_assert and leap_assert_type so Soledad works without them.
* Remove dependency on leap.common.files.mkdir_p().
* Encapsulate signaling.
* Add changes file.
|
|
|
|
|
|
'drebs/feature/2359-avoid-encoding-problems-when-storing-u1db-data' into develop
|
|
|
|
|
|
* Add code for use of raw 64 hex-char key in sqlcipher databases.
* Add encrypted db assertion according to sqlcipher doc.
* Add the following PRAGMAS to the API:
* PRAGMA cipher
* PRAGMA kdf_iter
* PRAGMA cipher_page_size
* PRAGMA rekey
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Use routes for validating user actions when interacting with server.
* Also add tests for action validation.
* Add changes file.
* Closes #2356.
|
|
'drebs/feature/2491-soledad-server-create-the-shared-database-in-couch' into develop
|
|
* Closes #2371.
|
|
|
|
|
|
* Also remove unneeded need_auth() method (because all requests need auth).
* This closes #2491.
|
|
|
|
* Fix docstrings.
|
|
|
|
passphrase.
|
|
|
|
|
|
* Use AES256 for encrypting storage_secret.
* Add prepended IV to storage secret's ciphertext.
* _get_storage_secret() returns binary.
* Fix key length when hashing using scrypt.
* Remove password from export/import_recovery_document().
|