summaryrefslogtreecommitdiff
path: root/CHANGELOG
blob: d3a5b9b4eb146b9f731c7a7579134ea0847c5f89 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
0.5.0 Apr 4, 2014:
Client:
  o Catch lock timeout exception. Fixes #4435.
  o Add lock for create_doc and update_indexes call, prevents
    concurrent access to the db. Closes #5139.
  o Back-compatibility for socket.create_connection interface in
    2.6. Closes #5208.
  o Always return unicode in helper method, even on
    UnicodeError. Related to #4998.
  o Fix a bug in soledad.client.sqlcipher by which we were creating a
    new connection for each sync.
  o Unlock shared_db if anything fails in the bootstrap
    sequence. Fixes #4702.
  o Avoid concurrent syncs for the same account, but allow for
    distinct accounts. Fixes #4451.
  o Adds a get_count_by_index to sqlcipher u1db backend. Related to:
    #4616.
  o Do not autocreate remote user database when syncing. Tapicero
    should make sure that that db is created when the user is
    created. Closes #5302.
  o Add a read-write lock for all client operations. Addresses: #4972
  o Add sync=off and tem_store=mem to soledad client, for
    optimization.

Common:
  o Add lock timeout HTTP error. Fixes #4435.
  o Remodel couch backend to fix concurrency and scalability. Closes
    #4475, #4682, #4683 and #4680.
  o Remove check for design docs on couch server state initialization
    Closes #5387.
  o Renew HTTP session after multipart PUTs to avoid request hanging.
    Fixes #5449.
  o Preload time.strptime() to avoid multi-threaded problem on couch
    backend get_docs() method. Fixes #5449.
  o Improve error messages. Closes #5035.
  o Add MissingTokenError and InvalidTokenError as sub exceptions
    from Unauthorized.
  o Allow sync of large files (~100MB). Closes #4836.
  o Add exceptions to deal with missing design documents. Fixes #4994.
  o Parallelize get_docs() on couch backend to accelerate sync.
    Closes #5008.
  o Use less memory when putting docs on couch. Fixes #5011.
  o Prevent CouchServerState from creating or deleting databases. This
    way, Soledad remote clients won't ever be able to do these
    operations when syncing. Part of #5302.
  o Avoid concurrent syncs problem by adding a lock for PUTting to the
    sync log update handler. Fixes #5388.
  o Remove check for couch permissions when CouchServerState is
    instantiated. This is not necessary anymore because platform
    takes care of giving the soledad user enough permissions and
    tapicero takes care of uploading the needed design documents.

Server:
  o Send propper lock timeout response. Fixes #4435.
  o Fix raising of auth token errors. Fixes #5191.
  o Allow sync of large files (~100MB). Closes #4836.
  o Use a temporary directory for server side locks. Fixes #4918.
  o Catch couchdb.http.ResourceNotFound exceptions when accessing
    design documents on couch backend, and raise appropriate missing
    design documents exceptions. Fixes #4994.
  o Do not try to create the shared database when running the Soledad
    Server application. Fixes #5302.
  o Enable Gzip compression on the soledad wsgi app.

0.4.4 Dec 6, 2013:
Client:
  o Add MAC verirication to the recovery document and
    soledad.json. Closes #4348.
Common:
  o Add unicode conversion to put_doc(). Closes #4095.
  o Remove tests dependency on nose2. Closes #4258.

0.4.3 Nov 15, 2013:
Client:
  o Defaults detected encoding to utf-8 to avoid bug if detected
    encoding is None. Closes: #4417
  o Open db in autocommit mode, to avoid nested transactions problems.
    Closes: #4400

0.4.2 Nov 1, 2013:
Client:
  o Support non-ascii passwords. Closes #4001.
  o Change error severity for missing secrets path.
  o Use chardet as fallback if cchardet not found.
  o Improve bootstrap sequence and allow for locking the shared
    database while creating/uploading the encryption secret. Closes
    #4097.
Common:
  o Move some common functions and global variables to
    leap.soledad.common.
Server:
  o Allow for locking the shared database. Closes #4097.

0.4.1 Oct 4, 2013:
Client:
  o Save only UTF8 strings. Related to #3660.

0.4.0 Sep 20, 2013:
Client:
  o Remove redundant logging when creating data dirs.
Server:
  o Verify for couch permissions when starting server. Closes #3501.
Common:
  o Improve u1db data storage in couch. Closes #3647.
  o Turn couchdb dependency for common into optional. Closes #2167.
  o Add verification for couch permissions. Closes #3501.

0.3.2 Sep 6, 2013:
Client:
  o Use dirspec instead of plain xdg. Closes #3574.
Server:
  o Fix the init script for soledad server so that it uses the new
    package namespace.

0.3.1 Aug 23, 2013:
Client:
  o Add libsqlite3-dev requirement for soledad.
  o Check for None in private methods that depend on _db. Closes:
    #3497
  o Add XSalsa20 symmetric encryption method.
  o Use pycryptopp for symmetric encryption.
  o Add public method to access the saved password. Closes #3118.
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements
Server:
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements
Common:
  o Split soledad package into common, client and server. Closes
    #3487.
  o Add versioneer, parse_requirements

0.3.0 Aug 9, 2013:
Client:
  o Thread safe wrapper for pysqlcipher.
  o Fix a couple of typos that prevented certain functionality to
    work. Fixes #3306
Server:
  o A plaintext port is not opened by soledad server initscript call
    to twistd web anymore. Closes #3254.

0.2.3 Jul 26, 2013:
Client:
  o Avoid possible timing attack in document's mac comparison by
    comparing hashes instead of plain macs. Closes #3243.
Server:
  o Refactor server side auth classes to make it possible for other
    kinds of authentication to be easily implemented. Closes #2621.
  o Fix double specified /etc/leap/soledad-server.pem in initscript by
    pointing the PRIVKEY_PATH to /etc/leap/soledad-server.key. Fixes
    #3174.

0.2.2 Jul 12, 2013:
Client:
  o Add method for password change.
Server:
  o Use the right name as the WSGI server

0.2.1 Jun 28, 2013:
Client:
  o Do not list the backends in the __init__'s __all__ to allow not
    supporting couch on the client side until the code is diveded into
    client and server.  o Fix bad dependencies in setup.py.
  o Fix broken pip install
  o Database request have default timeout too high, a
    soledad.SOLEDAD_TIMEOUT variable has been added in order to have
    more control over this. Fixes #2713
  o Add validation and authorization of actions upon interaction with
    server.
  o Add MAC authentication to encrypted representation of documents.
  o Add SQLCipher API to SQLCipher backend (allow for use of raw keys,
    add better encrypted db assertion, add cipher, kdf_iter,
    cipher_page_size and rekey PRAGMAS).
  o Change symmetric encryption method to AES-256 CTR mode.
  o Change the local storage of the storage secret:
      * Use scrypt to derive a key for the encryption of the storage
        secret.
      * Store secret in a file called 'soledad.json' by default.
      * Also store the salt and encryption details, as defined in the
        spec.
      * This change is not backwards compatible (i.e. all previously
        stored secrets are incompatible with this new encryption and
        storage scheme).
  o Improve tests coverage.
  o Split soledad client and server into two different packages.
  o Use scrypt to derive the key for local encryption.

Server:
  o Add a `status` option to Soledad init script.
  o Allow to initialize soledad with a blank server
  o b64 encode all U1DB data in couch backend to avoid utf8 encoding
    problems.
    * init.d script improvements:
    * Add LSB (Linux Standards Base) 3.1 compliant header
    * Remove unnecessary backslashes in variable definitions
    * Replace environment variables with more standard upper-cased names
    * Make a TWISTD_PATH environment variable to replace hard-coded
      /usr/local/bin/twistd
    * Pull environment variables together into one block o Remove strict
      dependency on leap.common.