Commit Graph

7713 Commits

Author SHA1 Message Date
Jean-Paul Calderone
28a2e6e557
Merge pull request #502 from exarkun/2926.cli-status-exceptions
Fix several cases where `tahoe status` rendering raises an unhandled exception.

Closes ticket:2926

Some possible operation states were not accounted for.
2018-05-28 08:38:42 -04:00
Jean-Paul Calderone
bfedd79633
Merge pull request #487 from tahoe-lafs/1455.x-frame-options.2
Set `X-Frame-Options: DENY` for all web status pages.

This prevents attackers from loading web status pages in a frame as a way to trick users into interactions which attackers are restricted from performing unaided.
2018-05-28 08:12:35 -04:00
Jean-Paul Calderone
20084506b3 Handle all the status cases 2018-05-23 13:59:42 -04:00
Jean-Paul Calderone
318eea05e3 docs 2018-05-23 10:59:42 -04:00
Jean-Paul Calderone
8a5e2edb91 Also CLOEXEC the descriptor
This avoids leaking it into any child processes that the tests might launch.
2018-05-23 10:56:26 -04:00
Jean-Paul Calderone
be6e458770 Ensure the fd will be valid by the time we listen 2018-05-23 10:50:54 -04:00
Jean-Paul Calderone
62836b6858 Switch another test to the adoption method 2018-05-23 10:47:41 -04:00
Jean-Paul Calderone
711d63960d Switch another test to the adoption method 2018-05-23 10:47:30 -04:00
Jean-Paul Calderone
277cd16594 Avoid race-prone allocate_tcp_port for some Tubs when possible
create_tub on POSIX can pre-allocate a port safely instead.
2018-05-23 10:45:15 -04:00
Jean-Paul Calderone
3d3c3d2eb4 elaborate on the transition stages
talk about cases of each stage and desired behavior
2018-05-22 09:57:39 -04:00
Jean-Paul Calderone
a592053b18 refer to GBS more than HTTP 2018-05-22 09:57:29 -04:00
Jean-Paul Calderone
534b8db318 markup and spelling 2018-05-22 09:57:18 -04:00
Jean-Paul Calderone
acf541a0be try to make the example more useful 2018-05-22 09:08:59 -04:00
Jean-Paul Calderone
504452f1fd clean up description of certificate validity period 2018-05-22 09:00:30 -04:00
Jean-Paul Calderone
ab37b5eabb clean up the description of the tls usage 2018-05-22 09:00:10 -04:00
Jean-Paul Calderone
65103445ea secrecy is the kind of security we're talking about here 2018-05-22 08:43:19 -04:00
Jean-Paul Calderone
97176e88d4 but it is part of this proposed solution 2018-05-22 08:43:12 -04:00
Jean-Paul Calderone
bf305b91e4 HTTP *per se* is not a requirement 2018-05-22 08:42:55 -04:00
Jean-Paul Calderone
5ede9662bb fix typo 2018-05-22 08:42:39 -04:00
Jean-Paul Calderone
44afc1de03 talk about a non-security requirement! 2018-05-22 08:42:28 -04:00
Jean-Paul Calderone
ff48e67418 flop some heading levels around 2018-05-22 08:42:16 -04:00
Jean-Paul Calderone
c321c937f6 copy edits and another option for tubID length 2018-05-22 08:27:31 -04:00
Jean-Paul Calderone
b73e95ec30 discuss protocol identification 2018-05-22 08:27:24 -04:00
Jean-Paul Calderone
17ae8a191b I like it 2018-05-22 08:27:15 -04:00
Jean-Paul Calderone
4592bf3de2 wip - more edits of the security material & transition plan 2018-05-21 16:23:53 -04:00
Jean-Paul Calderone
176732dcaf gotta announce the new fURL sometime 2018-05-21 14:59:46 -04:00
Jean-Paul Calderone
16076f9bd7 be explicit about the security goals being achieved 2018-05-21 14:59:28 -04:00
Jean-Paul Calderone
11184939e8 It's SPKI not public key 2018-05-21 14:59:10 -04:00
Jean-Paul Calderone
fa4384e36e add a security summary (noting foolscap features)
also, expanded discussion.
2018-05-21 14:14:53 -04:00
Jean-Paul Calderone
cea0ae8004 tahoe-lafs is already good at redundant storage 2018-05-21 14:14:39 -04:00
Jean-Paul Calderone
4626a09224 elaborate on reputation-based assumptions 2018-05-21 13:31:16 -04:00
Jean-Paul Calderone
931ffec005 semantic newlines 2018-05-21 13:31:10 -04:00
meejah
fb9317ed80 change versions in INSTALL 2018-05-18 14:41:48 -06:00
meejah
9bc8b69663 a couple additions to CREDITS 2018-05-18 14:41:48 -06:00
meejah
123bffb18b update NEWS for new release 2018-05-18 14:41:48 -06:00
meejah
ae2f6f6ef2 script to fetch PR information from GitHub 2018-05-18 14:41:34 -06:00
meejah
43c0c0b3ec start doc changes for new release 2018-05-18 14:32:30 -06:00
Jean-Paul Calderone
d09b613d59 make mutable and immutable read the same 2018-05-18 15:45:22 -04:00
Jean-Paul Calderone
f4b59b166d no more int-key mappings 2018-05-18 13:08:13 -04:00
Jean-Paul Calderone
3898911fcc consistent title levels 2018-05-18 13:07:18 -04:00
Jean-Paul Calderone
f09ed91ab6 collapse these two APIs, they are the same
also add mutable .../shares listing
2018-05-18 13:01:57 -04:00
Jean-Paul Calderone
9388903515 need a way to advise of corrupt mutable shares 2018-05-18 13:01:45 -04:00
Jean-Paul Calderone
c6a8e4535c mount this beneath the storage index resource 2018-05-18 13:01:19 -04:00
Jean-Paul Calderone
69195e0a5a maybe we don't even want Range 2018-05-18 13:01:10 -04:00
Jean-Paul Calderone
6c664d69a8 consistent non-abbreviation 2018-05-18 13:01:03 -04:00
Jean-Paul Calderone
9402698918 Harmonize hyphens 2018-05-18 11:11:04 -04:00
Jean-Paul Calderone
943b389d77 Banish slots and deemphasize buckets 2018-05-18 11:09:17 -04:00
Jean-Paul Calderone
3ef1ceeead markup 2018-05-18 09:13:57 -04:00
Jean-Paul Calderone
dd78fe81d0 note the failure case 2018-05-18 09:05:46 -04:00
Jean-Paul Calderone
fb51c1df40 correct the sample code 2018-05-18 09:05:37 -04:00