From e073ff3c736f70fbf0ae9767db9b223becee0b4e Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Wed, 26 Nov 2014 21:06:25 +0100
Subject: force tls v1 in soledad client. Partially fixes #6437

---
 client/src/leap/soledad/client/__init__.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'client/src/leap')

diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index 586e3389..4703133c 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -1335,7 +1335,8 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
 
         self.sock = ssl.wrap_socket(sock,
                                     ca_certs=SOLEDAD_CERT,
-                                    cert_reqs=ssl.CERT_REQUIRED)
+                                    cert_reqs=ssl.CERT_REQUIRED,
+                                    ssl_version=ssl.PROTOCOL_TLSv1)
         match_hostname(self.sock.getpeercert(), self.host)
 
 
-- 
cgit v1.2.3


From 6fc80e14d568d83df7899e516d1422b2e011d2cb Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Wed, 3 Dec 2014 00:22:18 +0100
Subject: Use SSL negotiation.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Although the API can be misleading, PROTOCOL_SSLv23 selects the highest
protocol version that both the client and server support. Despite the
name, this option can select “TLS” protocols as well as “SSL”.

In this way, we can use TLSv1.2 (PROTOCOL_TLSv1 will *only* give us TLS
v1.0)

In the client side, we try to disable SSLv2 and SSLv3 options
explicitely.

The python version in wheezy does not offer PROTOCOL_TLSv1_2 nor
OP_NO_SSLv2 or OP_NO_SSLv3 (It's new in 2.7.9)
---
 client/src/leap/soledad/client/__init__.py | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'client/src/leap')

diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index 4703133c..7ef5f6a9 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -1333,10 +1333,23 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
             self.sock = sock
             self._tunnel()
 
-        self.sock = ssl.wrap_socket(sock,
-                                    ca_certs=SOLEDAD_CERT,
-                                    cert_reqs=ssl.CERT_REQUIRED,
-                                    ssl_version=ssl.PROTOCOL_TLSv1)
+        # negotiate the best availabe version...
+        ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+
+        # but if possible, we want to disable bad ones
+        # needs python 2.7.9+
+        try:
+            ctx.options |= ssl.OP_NO_SSLv2
+            ctx.options |= ssl.OP_NO_SSLv3
+        except AttributeError:
+            pass
+
+        ctx.load_cert_chain(certfile=SOLEDAD_CERT)
+        ctx.verify_mode = ssl.CERT_REQUIRED
+
+        self.sock = ctx.wrap_socket(
+            sock, server_side=True, server_hostname=self.host)
+
         match_hostname(self.sock.getpeercert(), self.host)
 
 
-- 
cgit v1.2.3


From 527c28c73d22b5f852273e2c5d1713e82a2c49fd Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Thu, 4 Dec 2014 18:13:06 +0100
Subject: fix ssl negotiation

since ssl.SSLContext does not exist prior to python 2.7.9
---
 client/src/leap/soledad/client/__init__.py | 23 +++++++++++++----------
 1 file changed, 13 insertions(+), 10 deletions(-)

(limited to 'client/src/leap')

diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index 7ef5f6a9..c350d021 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -1333,22 +1333,25 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
             self.sock = sock
             self._tunnel()
 
-        # negotiate the best availabe version...
-        ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
+        highest_supported = ssl.PROTOCOL_SSLv23
 
-        # but if possible, we want to disable bad ones
-        # needs python 2.7.9+
         try:
+            # needs python 2.7.9+
+            # negotiate the best available version,
+            # but explicitely disabled bad ones.
+            ctx = ssl.SSLContext(highest_supported)
             ctx.options |= ssl.OP_NO_SSLv2
             ctx.options |= ssl.OP_NO_SSLv3
-        except AttributeError:
-            pass
 
-        ctx.load_cert_chain(certfile=SOLEDAD_CERT)
-        ctx.verify_mode = ssl.CERT_REQUIRED
+            ctx.load_cert_chain(certfile=SOLEDAD_CERT)
+            ctx.verify_mode = ssl.CERT_REQUIRED
+            self.sock = ctx.wrap_socket(
+                sock, server_side=True, server_hostname=self.host)
 
-        self.sock = ctx.wrap_socket(
-            sock, server_side=True, server_hostname=self.host)
+        except AttributeError:
+            self.sock = ssl.wrap_socket(
+                sock, ca_certs=SOLEDAD_CERT, cert_reqs=ssl.CERT_REQUIRED,
+                ssl_version=highest_supported)
 
         match_hostname(self.sock.getpeercert(), self.host)
 
-- 
cgit v1.2.3


From dafcfac4663d00ee2049b0a245c2ecb84ef2bad5 Mon Sep 17 00:00:00 2001
From: Kali Kaneko <kali@leap.se>
Date: Tue, 9 Dec 2014 16:07:17 -0600
Subject: Fix incorrect ssl context setup

The changes introduced in aafa79c0f5 having to do with the cert
verification are incorrect, regarding the use of the newest ssl context
api introduced in python 2.7.9. There the use of the server setup was
taken, instead of the correct client options.

I hereby apologize for the insuficient testing on that fix. It happens
that I wrongly tested in an evironment that did the fallback to
pre-2.7.9 interpreter.
---
 client/src/leap/soledad/client/__init__.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'client/src/leap')

diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index c350d021..c5832249 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -1343,10 +1343,9 @@ class VerifiedHTTPSConnection(httplib.HTTPSConnection):
             ctx.options |= ssl.OP_NO_SSLv2
             ctx.options |= ssl.OP_NO_SSLv3
 
-            ctx.load_cert_chain(certfile=SOLEDAD_CERT)
+            ctx.load_verify_locations(cafile=SOLEDAD_CERT)
             ctx.verify_mode = ssl.CERT_REQUIRED
-            self.sock = ctx.wrap_socket(
-                sock, server_side=True, server_hostname=self.host)
+            self.sock = ctx.wrap_socket(sock)
 
         except AttributeError:
             self.sock = ssl.wrap_socket(
-- 
cgit v1.2.3


From a7abb6eb3fe9a0a904bcabd0bf344637e9fd4e62 Mon Sep 17 00:00:00 2001
From: drebs <drebs@leap.se>
Date: Mon, 15 Dec 2014 15:55:25 -0200
Subject: Fix deferred enc/dec params and fallback (#6500).

---
 client/src/leap/soledad/client/__init__.py  | 2 +-
 client/src/leap/soledad/client/sqlcipher.py | 5 +++++
 client/src/leap/soledad/client/target.py    | 3 ---
 3 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'client/src/leap')

diff --git a/client/src/leap/soledad/client/__init__.py b/client/src/leap/soledad/client/__init__.py
index c5832249..07255406 100644
--- a/client/src/leap/soledad/client/__init__.py
+++ b/client/src/leap/soledad/client/__init__.py
@@ -224,7 +224,7 @@ class Soledad(object):
 
     def __init__(self, uuid, passphrase, secrets_path, local_db_path,
                  server_url, cert_file,
-                 auth_token=None, secret_id=None, defer_encryption=False):
+                 auth_token=None, secret_id=None, defer_encryption=True):
         """
         Initialize configuration, cryptographic keys and dbs.
 
diff --git a/client/src/leap/soledad/client/sqlcipher.py b/client/src/leap/soledad/client/sqlcipher.py
index 2df9606e..fded2119 100644
--- a/client/src/leap/soledad/client/sqlcipher.py
+++ b/client/src/leap/soledad/client/sqlcipher.py
@@ -452,6 +452,11 @@ class SQLCipherDatabase(sqlite_backend.SQLitePartialExpandDatabase):
 
             # XXX could mark the critical section here...
             try:
+                if defer_decryption and not self.defer_encryption:
+                    logger.warning("Can't defer decryption without first having "
+                                   "created a sync db. Falling back to normal "
+                                   "syncing mode.")
+                    defer_decryption = False
                 res = syncer.sync(autocreate=autocreate,
                                   defer_decryption=defer_decryption)
 
diff --git a/client/src/leap/soledad/client/target.py b/client/src/leap/soledad/client/target.py
index 70e4d3a2..1eb84e64 100644
--- a/client/src/leap/soledad/client/target.py
+++ b/client/src/leap/soledad/client/target.py
@@ -28,12 +28,10 @@ import logging
 import re
 import urllib
 import threading
-import urlparse
 
 from collections import defaultdict
 from time import sleep
 from uuid import uuid4
-from contextlib import contextmanager
 
 import simplejson as json
 from taskthread import TimerTask
@@ -44,7 +42,6 @@ from u1db.remote.http_client import _encode_query_parameter, HTTPClientBase
 from zope.proxy import ProxyBase
 from zope.proxy import sameProxiedObjects, setProxiedObject
 
-from leap.soledad.common import soledad_assert
 from leap.soledad.common.document import SoledadDocument
 from leap.soledad.client.auth import TokenBasedAuth
 from leap.soledad.client.crypto import is_symmetrically_encrypted
-- 
cgit v1.2.3