From 4fce575de20effc9c4d934028f8ccdfbd97932e1 Mon Sep 17 00:00:00 2001 From: drebs Date: Thu, 29 Dec 2016 09:28:10 -0200 Subject: [refactor] remove twisted session persistence The need for token caching in server is a matter of debate, as is the ideal way to do it. Twisted sessions store the session id in a cookie and use that session id to persist. It is not clear if that implementation is needed, works with future features (as multiple soledad servers) or represents a security problem in some way. Because of these, this commit removes it for now. The feature is left in git history so we can bring it back later if needed. --- .../src/leap/soledad/client/http_target/__init__.py | 21 +++------------------ client/src/leap/soledad/client/sqlcipher.py | 8 +------- 2 files changed, 4 insertions(+), 25 deletions(-) (limited to 'client/src') diff --git a/client/src/leap/soledad/client/http_target/__init__.py b/client/src/leap/soledad/client/http_target/__init__.py index 590ae8f6..b67d03f6 100644 --- a/client/src/leap/soledad/client/http_target/__init__.py +++ b/client/src/leap/soledad/client/http_target/__init__.py @@ -24,10 +24,7 @@ after receiving. import os -from cookielib import CookieJar - from twisted.web.client import Agent -from twisted.web.client import CookieAgent from twisted.internet import reactor from leap.common.certs import get_compatible_ssl_context_factory @@ -47,14 +44,6 @@ if os.environ.get('SOLEDAD_STATS'): DO_STATS = True -def newCookieAgent(cert_file): - _factory = get_compatible_ssl_context_factory(cert_file) - _agent = Agent(reactor, _factory) - _cookieJar = CookieJar() - agent = CookieAgent(_agent, _cookieJar) - return agent - - class SoledadHTTPSyncTarget(SyncTargetAPI, HTTPDocSender, HTTPDocFetcher): """ @@ -66,8 +55,7 @@ class SoledadHTTPSyncTarget(SyncTargetAPI, HTTPDocSender, HTTPDocFetcher): the parsed documents that the remote send us, before being decrypted and written to the main database. """ - def __init__(self, url, source_replica_uid, creds, crypto, cert_file, - agent=None): + def __init__(self, url, source_replica_uid, creds, crypto, cert_file): """ Initialize the sync target. @@ -85,8 +73,6 @@ class SoledadHTTPSyncTarget(SyncTargetAPI, HTTPDocSender, HTTPDocFetcher): the SSL certificate used by the remote soledad server. :type cert_file: str - :param agent: an http agent - :type agent: twisted.web.client.Agent """ if url.endswith("/"): url = url[:-1] @@ -101,9 +87,8 @@ class SoledadHTTPSyncTarget(SyncTargetAPI, HTTPDocSender, HTTPDocFetcher): self._insert_doc_cb = None # Twisted default Agent with our own ssl context factory - if not agent: - agent = newCookieAgent(cert_file) - self._http = agent + factory = get_compatible_ssl_context_factory(cert_file) + self._http = Agent(reactor, factory) if DO_STATS: self.sync_exchange_phase = [0] diff --git a/client/src/leap/soledad/client/sqlcipher.py b/client/src/leap/soledad/client/sqlcipher.py index 9b352bbf..a3e45228 100644 --- a/client/src/leap/soledad/client/sqlcipher.py +++ b/client/src/leap/soledad/client/sqlcipher.py @@ -59,7 +59,6 @@ from leap.soledad.common.l2db.backends import sqlite_backend from leap.soledad.common.errors import DatabaseAccessError from leap.soledad.client.http_target import SoledadHTTPSyncTarget -from leap.soledad.client.http_target import newCookieAgent from leap.soledad.client.sync import SoledadSynchronizer from leap.soledad.client import pragmas @@ -407,10 +406,6 @@ class SQLCipherU1DBSync(SQLCipherDatabase): # storage for the documents received during a sync self.received_docs = [] - # setup an http agent capable of storing cookies, so we can use - # server's session persistence feature - self._agent = newCookieAgent(cert_file) - self.running = False self._db_handle = None @@ -495,8 +490,7 @@ class SQLCipherU1DBSync(SQLCipherDatabase): self._replica_uid, creds=creds, crypto=self._crypto, - cert_file=self._cert_file, - agent=self._agent)) + cert_file=self._cert_file)) # # Symmetric encryption of syncing docs -- cgit v1.2.3