Jean-Paul Calderone
c43eacc3a9
clarify which party is vulnerable
2018-06-13 08:27:45 -04:00
Jean-Paul Calderone
b31b78e6cf
Merge pull request #501 from exarkun/1595.address-already-in-use-test_introducer-create_tub
...
Fix "Address already in use" errors from test_introducer on POSIX
2018-06-08 16:21:34 -04:00
Jean-Paul Calderone
1911b35499
Get the fcntl import up to the top as well
2018-06-08 13:15:19 -04:00
Jean-Paul Calderone
97e0ad627b
explain the buried reactor import, just in case
2018-06-08 13:13:26 -04:00
Jean-Paul Calderone
2c38b148bf
Move the safe interface import to the top
2018-06-08 13:12:46 -04:00
Jean-Paul Calderone
d25693145c
Factor a little more duplication out of the tests
2018-06-08 11:21:25 -04:00
Jean-Paul Calderone
c491b1a7d4
bring some imports up to the top
2018-06-08 10:36:45 -04:00
Jean-Paul Calderone
c3011a434b
Specify preferred encoding and encoding negotiation
2018-06-06 13:46:45 -04:00
Jean-Paul Calderone
b8cfee79e3
frame it a little more
2018-06-06 13:31:34 -04:00
meejah
4c7d13dea6
Merge pull request #497 from meejah/release-1-13-0-no-checklist
...
Release 1.13.0 updates
2018-05-30 07:07:17 +00:00
meejah
8800fff774
two typos
2018-05-29 15:08:46 -06:00
meejah
1aa3d080c7
refactor more
2018-05-29 13:17:32 -06:00
meejah
f23406dc68
CNAME -> github (because https)
2018-05-29 13:11:15 -06:00
meejah
6001243daf
refactor (more functions)
2018-05-29 13:10:48 -06:00
meejah
6a269c74c1
http -> https
2018-05-29 13:10:33 -06:00
meejah
6418eb8887
fix typos in NEWS
2018-05-29 13:10:00 -06:00
meejah
87404e94b7
version mismatch in relnotes
2018-05-29 13:09:45 -06:00
Jean-Paul Calderone
4e10f7971a
discuss decision to use query args
2018-05-29 10:52:37 -04:00
Jean-Paul Calderone
28a2e6e557
Merge pull request #502 from exarkun/2926.cli-status-exceptions
...
Fix several cases where `tahoe status` rendering raises an unhandled exception.
Closes ticket:2926
Some possible operation states were not accounted for.
2018-05-28 08:38:42 -04:00
Jean-Paul Calderone
bfedd79633
Merge pull request #487 from tahoe-lafs/1455.x-frame-options.2
...
Set `X-Frame-Options: DENY` for all web status pages.
This prevents attackers from loading web status pages in a frame as a way to trick users into interactions which attackers are restricted from performing unaided.
2018-05-28 08:12:35 -04:00
Jean-Paul Calderone
20084506b3
Handle all the status cases
2018-05-23 13:59:42 -04:00
Jean-Paul Calderone
318eea05e3
docs
2018-05-23 10:59:42 -04:00
Jean-Paul Calderone
8a5e2edb91
Also CLOEXEC the descriptor
...
This avoids leaking it into any child processes that the tests might launch.
2018-05-23 10:56:26 -04:00
Jean-Paul Calderone
be6e458770
Ensure the fd will be valid by the time we listen
2018-05-23 10:50:54 -04:00
Jean-Paul Calderone
62836b6858
Switch another test to the adoption method
2018-05-23 10:47:41 -04:00
Jean-Paul Calderone
711d63960d
Switch another test to the adoption method
2018-05-23 10:47:30 -04:00
Jean-Paul Calderone
277cd16594
Avoid race-prone allocate_tcp_port for some Tubs when possible
...
create_tub on POSIX can pre-allocate a port safely instead.
2018-05-23 10:45:15 -04:00
Jean-Paul Calderone
3d3c3d2eb4
elaborate on the transition stages
...
talk about cases of each stage and desired behavior
2018-05-22 09:57:39 -04:00
Jean-Paul Calderone
a592053b18
refer to GBS more than HTTP
2018-05-22 09:57:29 -04:00
Jean-Paul Calderone
534b8db318
markup and spelling
2018-05-22 09:57:18 -04:00
Jean-Paul Calderone
acf541a0be
try to make the example more useful
2018-05-22 09:08:59 -04:00
Jean-Paul Calderone
504452f1fd
clean up description of certificate validity period
2018-05-22 09:00:30 -04:00
Jean-Paul Calderone
ab37b5eabb
clean up the description of the tls usage
2018-05-22 09:00:10 -04:00
Jean-Paul Calderone
65103445ea
secrecy is the kind of security we're talking about here
2018-05-22 08:43:19 -04:00
Jean-Paul Calderone
97176e88d4
but it is part of this proposed solution
2018-05-22 08:43:12 -04:00
Jean-Paul Calderone
bf305b91e4
HTTP *per se* is not a requirement
2018-05-22 08:42:55 -04:00
Jean-Paul Calderone
5ede9662bb
fix typo
2018-05-22 08:42:39 -04:00
Jean-Paul Calderone
44afc1de03
talk about a non-security requirement!
2018-05-22 08:42:28 -04:00
Jean-Paul Calderone
ff48e67418
flop some heading levels around
2018-05-22 08:42:16 -04:00
Jean-Paul Calderone
c321c937f6
copy edits and another option for tubID length
2018-05-22 08:27:31 -04:00
Jean-Paul Calderone
b73e95ec30
discuss protocol identification
2018-05-22 08:27:24 -04:00
Jean-Paul Calderone
17ae8a191b
I like it
2018-05-22 08:27:15 -04:00
Jean-Paul Calderone
4592bf3de2
wip - more edits of the security material & transition plan
2018-05-21 16:23:53 -04:00
Jean-Paul Calderone
176732dcaf
gotta announce the new fURL sometime
2018-05-21 14:59:46 -04:00
Jean-Paul Calderone
16076f9bd7
be explicit about the security goals being achieved
2018-05-21 14:59:28 -04:00
Jean-Paul Calderone
11184939e8
It's SPKI not public key
2018-05-21 14:59:10 -04:00
Jean-Paul Calderone
fa4384e36e
add a security summary (noting foolscap features)
...
also, expanded discussion.
2018-05-21 14:14:53 -04:00
Jean-Paul Calderone
cea0ae8004
tahoe-lafs is already good at redundant storage
2018-05-21 14:14:39 -04:00
Jean-Paul Calderone
4626a09224
elaborate on reputation-based assumptions
2018-05-21 13:31:16 -04:00
Jean-Paul Calderone
931ffec005
semantic newlines
2018-05-21 13:31:10 -04:00