blob: 2137aebd6f4a2289ffd189b7c9a3ac12a6ec0a71 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
0.3.1 Aug 23:
Client:
o Add libsqlite3-dev requirement for soledad.
o Check for None in private methods that depend on _db. Closes:
#3497
o Add XSalsa20 symmetric encryption method.
o Use pycryptopp for symmetric encryption.
o Add public method to access the saved password. Closes #3118.
o Split soledad package into common, client and server. Closes
#3487.
o Add versioneer, parse_requirements
Server:
o Split soledad package into common, client and server. Closes
#3487.
o Add versioneer, parse_requirements
Common:
o Split soledad package into common, client and server. Closes
#3487.
o Add versioneer, parse_requirements
0.3.0 Aug 9:
Client:
o Thread safe wrapper for pysqlcipher.
o Fix a couple of typos that prevented certain functionality to
work. Fixes #3306
Server:
o A plaintext port is not opened by soledad server initscript call
to twistd web anymore. Closes #3254.
0.2.3 Jul 26:
Client:
o Avoid possible timing attack in document's mac comparison by
comparing hashes instead of plain macs. Closes #3243.
Server:
o Refactor server side auth classes to make it possible for other
kinds of authentication to be easily implemented. Closes #2621.
o Fix double specified /etc/leap/soledad-server.pem in initscript by
pointing the PRIVKEY_PATH to /etc/leap/soledad-server.key. Fixes
#3174.
0.2.2 Jul 12:
Client:
o Add method for password change.
Server:
o Use the right name as the WSGI server
0.2.1 Jun 28:
Client:
o Do not list the backends in the __init__'s __all__ to allow not
supporting couch on the client side until the code is diveded into
client and server. o Fix bad dependencies in setup.py.
o Fix broken pip install
o Database request have default timeout too high, a
soledad.SOLEDAD_TIMEOUT variable has been added in order to have
more control over this. Fixes #2713
o Add validation and authorization of actions upon interaction with
server.
o Add MAC authentication to encrypted representation of documents.
o Add SQLCipher API to SQLCipher backend (allow for use of raw keys,
add better encrypted db assertion, add cipher, kdf_iter,
cipher_page_size and rekey PRAGMAS).
o Change symmetric encryption method to AES-256 CTR mode.
o Change the local storage of the storage secret:
* Use scrypt to derive a key for the encryption of the storage
secret.
* Store secret in a file called 'soledad.json' by default.
* Also store the salt and encryption details, as defined in the
spec.
* This change is not backwards compatible (i.e. all previously
stored secrets are incompatible with this new encryption and
storage scheme).
o Improve tests coverage.
o Split soledad client and server into two different packages.
o Use scrypt to derive the key for local encryption.
Server:
o Add a `status` option to Soledad init script.
o Allow to initialize soledad with a blank server
o b64 encode all U1DB data in couch backend to avoid utf8 encoding
problems.
* init.d script improvements:
* Add LSB (Linux Standards Base) 3.1 compliant header
* Remove unnecessary backslashes in variable definitions
* Replace environment variables with more standard upper-cased names
* Make a TWISTD_PATH environment variable to replace hard-coded
/usr/local/bin/twistd
* Pull environment variables together into one block o Remove strict
dependency on leap.common.
|
