Need a way for the client to distinguish between authenticated (certain)
and unauthenticated (likely) author SIDs in the context of a bundle list,
since the bundle list does not verify manifest signatures for performance
and battery life reasons.
List all the HTTP status codes in the REST API tech doc.
Only use 403 Forbidden for requests originating from a disallowed
origin (ie, not localhost).
- Return 400 for missing, unknown, duplicate and out-of-order form
parts in POST requests.
- Return 415 Unsupported Media Type for unsupported form part
Content-Disposition and Content-Type (including unsupported
charset).
- Return 414 Request-URI Too Long for any buffer exhaustion while
parsing request.
- Return 419 Authentication Timeout for missing crypto secret.
Original DEBUG() and DEBUGF() macros renamed to _DEBUG() and _DEBUGF()
New DEBUG() and DEBUGF() macros, first argument is flagname
New DEBUGF2(foo, bar, ...) macro does if(config.debug.foo||config.debug.bar) test
Replace almost all config.debug.xxx references to IF_DEBUG(xxx)
A convenience to re-use an existing manifest, instead of having
to extract the manifest, erase some fields, then pass the result
back into the 'rhizome add file' command
All strn_to_xxx() functions should take a 'size_t len' parameter
All functions that take a 'const char **endp' parameter should
be named parse_xxx(), and should also have a 'ssize_t len' parameter
which can be -1 to indicate a null-terminated string
Distinguish between fatal and user-supplied-input errors, return
error descriptive text in a strbuf to allow dynamic content, apply
user-supplied field assgnments/deletions _after_ copying existing
manifest fields, use exit status 4 (invalid manifest) when applying
journal append to a non-journal or vice versa
The "#passphrase" notation was already supported, and now the RESTful
API can be used to create and update anonymous and authored bundles
using only the bundle secret, just like the CLI.
The OpenJDK 7 recently introduced the UNUSED() macro in their jni_md.h
header file, which is included from <jni.h>. This causes a
compile-error if "constants.h", which defines our own UNUSED() macro, is
included as well as <jni.h>.
The OpenJDK UNUSED() macro is unsuitable for our own use, because it
prefixes the unused identifier with "UNUSED_" whereas we depend on the
parameter name remaining unchanged.
I have reported this as a Request for Enhancement with Oracle Java,
asking them to remove the UNUSED() macro, since it is not used by any
JNI or Java extension header files. Review ID: JI-9013689.
In the meantime, constants.h now undefines UNUSED before defining it, so
including <jni.h> before "constants.h" will avoid a compile error.
Change manifest Content-Type from rhizome-manifest/text to
rhizome/manifest; format="text+binarysig"
Add "Content-Transfer-Encoding" form-part headers to Java API
sent form parts, although not currently checked by Rhizome
RESTful interface
Add RHIZOME_BUNDLE_STATUS_READONLY enum value
Tighten up switch statements on bundle and payload status enums (no
default labels)
Rename some recently added enum entries
Return bundle status and payload status in HTTP responses
Add test for failing to decrypt a foreign encrypted bundle payload,
fix bug that caused an assertion failure
Add tests for fetching a non-existent manifest and fetching bundles
whose payload blob is not in the store
/restful/meshms/SID/SID/sendmessage now enforces Content-Disposition:
form-data (was ignoring), and enforces Content-Type: text/plain;
charset=utf-8 (was ignoring)
New negative test cases to ensure that these are treated strictly