Jean-Paul Calderone
82e4704415
Merge remote-tracking branch 'remediate/master' into LFS-01-008
2021-10-22 15:27:15 -04:00
Jean-Paul Calderone
ff577066a0
Merge pull request #31 from tahoe-lafs/LFS-01-007
...
Fix item LFS-01-007 from the Cure53 audit
Fixes: ticket:3821
2021-10-22 15:26:22 -04:00
Jean-Paul Calderone
ce30f9dd06
clean up copyediting errors
2021-10-22 15:04:45 -04:00
Jean-Paul Calderone
7f3d9316d2
Give the news fragment its real name
2021-10-22 12:59:26 -04:00
Jean-Paul Calderone
bcdfb8155c
give the news fragment its proper name
2021-10-22 12:53:17 -04:00
Jean-Paul Calderone
bb31215134
Merge remote-tracking branch 'remediate/master' into LFS-01-007
2021-10-22 12:35:57 -04:00
Jean-Paul Calderone
d8c466e9a7
try to explain lease_count_format
more clearly
2021-10-22 12:35:11 -04:00
Jean-Paul Calderone
a22787e879
Merge pull request #30 from tahoe-lafs/LFS-01-001
...
Fix item LFS-01-001 from the Cure53 audit
Fixes: ticket:3819
2021-10-22 12:20:38 -04:00
Jean-Paul Calderone
6c0ca0b885
try making windows let us use longer paths
2021-10-22 11:42:13 -04:00
Jean-Paul Calderone
a8d3555ebb
reference the eventually-public ticket number
2021-10-21 15:24:53 -04:00
Jean-Paul Calderone
3cd9a02c81
Reject negative lengths in MutableShareFile._read_share_data and readv
2021-10-18 20:22:52 -04:00
Jean-Paul Calderone
5e58b62979
Add a test for negative offset or length to MutableShareFile.readv
2021-10-18 20:22:52 -04:00
Jean-Paul Calderone
4a5e4be006
news fragment
2021-10-18 20:22:52 -04:00
Jean-Paul Calderone
df64bbb1e4
fail to encode the lease count *before* changing anything
...
This preserves the failure behavior - `struct.error` is raised - but leaves
the actual share file contents untouched if the new lease count cannot be
encoded.
There are still two separate write operations so it is conceivable that some
other problem could cause `write_lease_record` to happen but
`write_encoded_num_leases` not to happen. As far as I can tell we have
severely limited options for addressing that problem in general as long as
share files are backed by a POSIX filesystem.
However, by removing the failure mode that depends on user input, it may be
that this is all that is needed to close the *security* hole.
2021-10-18 20:17:41 -04:00
Jean-Paul Calderone
f60bbbd3e2
make it possible to test this behavior of add_lease
2021-10-18 20:17:41 -04:00
Jean-Paul Calderone
7d04e6ab86
news fragment
2021-10-18 20:17:41 -04:00
Jean-Paul Calderone
040dbf3267
Merge pull request #1142 from LeastAuthority/3815.security-towncrier-type
...
Add towncrier "security" type
Fixes: ticket:3815
2021-10-18 13:02:11 -04:00
Itamar Turner-Trauring
4c7e50360c
Merge pull request #1139 from tahoe-lafs/3812-test-advise-corrupt-share
...
Tests for IStorageServer.advise_corrupt_share
Fixes ticket:3812
2021-10-18 12:39:41 -04:00
Jean-Paul Calderone
f2ef72e935
newsfragment in temporary location
2021-10-18 08:14:42 -04:00
Jean-Paul Calderone
30ae30e325
fix the whitespace :/
2021-10-18 08:11:49 -04:00
Jean-Paul Calderone
a7073fe531
news fragment
2021-10-18 08:08:58 -04:00
Jean-Paul Calderone
67fb8aeb25
add the security type
2021-10-18 08:08:01 -04:00
Jean-Paul Calderone
1c347c5931
replace sensitive introducer fURL with path where it can be found
2021-10-18 08:05:40 -04:00
Itamar Turner-Trauring
e099bc6736
Tests for IStorageServer.advise_corrupt_share.
2021-10-14 12:52:56 -04:00
Itamar Turner-Trauring
22aab98fcf
When callRemoteOnly as removed, these probably should've been changed to return
...
a Deferred.
2021-10-14 12:52:40 -04:00
Jean-Paul Calderone
efc9dc831b
Revert "a stab at using setup.cfg and setuptools_scm"
...
This reverts commit 68e8e0a7d5
.
2021-10-14 11:01:37 -04:00
Jean-Paul Calderone
68e8e0a7d5
a stab at using setup.cfg and setuptools_scm
2021-10-14 10:58:41 -04:00
Itamar Turner-Trauring
984b4ac45e
News file.
2021-10-13 13:56:14 -04:00
Itamar Turner-Trauring
be5f5839b3
Merge pull request #1136 from tahoe-lafs/3798-bucket-write-abort-tests
...
IStorageServer tests: bucket abort.
Fixes ticket:3798
2021-10-07 15:58:19 -04:00
Itamar Turner-Trauring
807363adc9
Reduce duplication.
2021-10-06 16:41:50 -04:00
Itamar Turner-Trauring
3cf09ef888
Merge remote-tracking branch 'origin/master' into 3798-bucket-write-abort-tests
2021-10-06 16:07:39 -04:00
Itamar Turner-Trauring
0a605530d8
Merge pull request #1134 from tahoe-lafs/3793-persistent-bucketwriter
...
Don't tie BucketWriter lifetime to Foolscap connection lifetime
Fixes ticket:3793
2021-10-06 16:07:17 -04:00
Itamar Turner-Trauring
f3ebc71410
Merge pull request #1133 from tahoe-lafs/3805-istorageserver-tests-slot-readv
...
IStorageServer tests: slot_readv
Fixes ticket:3805
2021-10-06 15:41:29 -04:00
Itamar Turner-Trauring
cf48397e72
Merge pull request #1132 from tahoe-lafs/3806-switch-to-patch-for-http-uploads
...
Switch to PATCH for http uploads
Fixes ticket:3806
2021-10-06 15:37:45 -04:00
Itamar Turner-Trauring
bf176144c5
Handle double-disconnect, should it happen by mistake.
2021-10-06 15:18:00 -04:00
Itamar Turner-Trauring
82cbce6b7e
Better explanation.
2021-10-06 15:12:22 -04:00
Itamar Turner-Trauring
aef581628f
Add discussion.
2021-10-06 15:10:58 -04:00
Jean-Paul Calderone
d4b4850afb
Merge pull request #1137 from tahoe-lafs/3810-unbreak-macos-github-actions
...
Pin macOS 10.15 on GitHub Actions for Python 2.7 support
Fixes: ticket:3810
2021-10-06 13:51:04 -04:00
Itamar Turner-Trauring
2b83edc5b3
Use macos-10.15 for Python 2.7.
2021-10-04 11:00:16 -04:00
Itamar Turner-Trauring
add34efffb
News file.
2021-10-04 10:58:42 -04:00
Itamar Turner-Trauring
17a670dfb5
Test for aborting bucket upload.
2021-10-04 10:37:37 -04:00
Itamar Turner-Trauring
b09b7fd01b
Merge branch '3793-persistent-bucketwriter' into 3798-bucket-write-abort-tests
2021-10-04 10:30:41 -04:00
Jean-Paul Calderone
7508eb7825
Merge pull request #1135 from LeastAuthority/3808.py3-nixos
...
Support Py3 on NixOS 21.05
Fixes: ticket:3808
2021-10-04 09:52:09 -04:00
Jean-Paul Calderone
49df402f07
maybe this is the right url
2021-09-29 15:48:33 -04:00
Jean-Paul Calderone
5a3028bdab
add a python3 expression
...
most deps are in nixpkgs now but we still need an overlay for th very very
recent collections-extended dependency
2021-09-29 15:46:18 -04:00
Jean-Paul Calderone
49ee4b8acf
callPackage not directly available from python-self in newer nixpkgs
2021-09-29 15:27:17 -04:00
Jean-Paul Calderone
fc01835a56
ci configuration
2021-09-29 15:16:01 -04:00
Jean-Paul Calderone
1f6daf02eb
news fragment
2021-09-29 15:15:56 -04:00
Itamar Turner-Trauring
23fd11be43
Expand explanation.
2021-09-29 14:13:18 -04:00
Itamar Turner-Trauring
016d6b4530
Fix spurious type checking error.
2021-09-29 14:10:14 -04:00