CHANGELOG


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

0.4.3 Nov 15:
  o Defaults detected encoding to utf-8 to avoid bug if detected
    encoding is None. Closes: #4417
  o Open db in autocommit mode, to avoid nested transactions problems.
    Closes: #4400

0.4.2 Nov 1:
Client:
  o Support non-ascii passwords. Closes #4001.
  o Change error severity for missing secrets path.
  o Use chardet as fallback if cchardet not found.
  o Improve bootstrap sequence and allow for locking the shared
    database while creating/uploading the encryption secret. Closes
    #4097.
Common:
  o Move some common functions and global variables to
    leap.soledad.common.
Server:
  o Allow for locking the shared database. Closes #4097.

0.4.1 Oct 4:
Client:
  o Save only UTF8 strings. Related to #3660.

0.4.0 Sep 20:
Client:
  o Remove redundant logging when creating data dirs.
Server:
  o Verify for couch permissions when starting server. Closes #3501.
Common:
  o Improve u1db data storage in couch. Closes #3647.
  o Turn couchdb dependency for common into optional. Closes #2167.
  o Add verification for couch permissions. Closes #3501.

0.3.2 Sep 6:
Client:
  o Use dirspec instead of plain xdg. Closes #3574.
Server:
  o Fix the init script for soledad server so that it uses the new
    package namespace.

0.3.1 Aug 23:
Client:
  o Add libsqlite3-dev requirement for soledad.
  o Check for None in private methods that depend on _db. Closes:
    #3497
  o Add XSalsa20 symmetric encryption method.
  o Use pycryptopp for symmetric encryption.
  o Add public method to access the saved password. Closes #3118.
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements
Server:
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements
Common:
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements

0.3.0 Aug 9:
Client:
  o Thread safe wrapper for pysqlcipher.
  o Fix a couple of typos that prevented certain functionality to
    work. Fixes #3306
Server:
  o A plaintext port is not opened by soledad server initscript call
    to twistd web anymore. Closes #3254.

0.2.3 Jul 26:
Client:
  o Avoid possible timing attack in document's mac comparison by
    comparing hashes instead of plain macs. Closes #3243.
Server:
  o Refactor server side auth classes to make it possible for other
    kinds of authentication to be easily implemented. Closes #2621.
  o Fix double specified /etc/leap/soledad-server.pem in initscript by
    pointing the PRIVKEY_PATH to /etc/leap/soledad-server.key. Fixes
    #3174.

0.2.2 Jul 12:
Client:
  o Add method for password change.
Server:
  o Use the right name as the WSGI server

0.2.1 Jun 28:
Client:
  o Do not list the backends in the __init__'s __all__ to allow not
    supporting couch on the client side until the code is diveded into
    client and server.  o Fix bad dependencies in setup.py.
  o Fix broken pip install
  o Database request have default timeout too high, a
    soledad.SOLEDAD_TIMEOUT variable has been added in order to have
    more control over this. Fixes #2713
  o Add validation and authorization of actions upon interaction with
    server.
  o Add MAC authentication to encrypted representation of documents.
  o Add SQLCipher API to SQLCipher backend (allow for use of raw keys,
    add better encrypted db assertion, add cipher, kdf_iter,
    cipher_page_size and rekey PRAGMAS).
  o Change symmetric encryption method to AES-256 CTR mode.
  o Change the local storage of the storage secret:
      * Use scrypt to derive a key for the encryption of the storage
        secret.
      * Store secret in a file called 'soledad.json' by default.
      * Also store the salt and encryption details, as defined in the
        spec.
      * This change is not backwards compatible (i.e. all previously
        stored secrets are incompatible with this new encryption and
        storage scheme).
  o Improve tests coverage.
  o Split soledad client and server into two different packages.
  o Use scrypt to derive the key for local encryption.

Server:
  o Add a `status` option to Soledad init script.
  o Allow to initialize soledad with a blank server
  o b64 encode all U1DB data in couch backend to avoid utf8 encoding
    problems.
    * init.d script improvements:
    * Add LSB (Linux Standards Base) 3.1 compliant header
    * Remove unnecessary backslashes in variable definitions
    * Replace environment variables with more standard upper-cased names
    * Make a TWISTD_PATH environment variable to replace hard-coded
      /usr/local/bin/twistd
    * Pull environment variables together into one block o Remove strict
      dependency on leap.common.