Commit Graph

7731 Commits

Author SHA1 Message Date
Jean-Paul Calderone
c43eacc3a9 clarify which party is vulnerable 2018-06-13 08:27:45 -04:00
Jean-Paul Calderone
b31b78e6cf
Merge pull request #501 from exarkun/1595.address-already-in-use-test_introducer-create_tub
Fix "Address already in use" errors from test_introducer on POSIX
2018-06-08 16:21:34 -04:00
Jean-Paul Calderone
1911b35499 Get the fcntl import up to the top as well 2018-06-08 13:15:19 -04:00
Jean-Paul Calderone
97e0ad627b explain the buried reactor import, just in case 2018-06-08 13:13:26 -04:00
Jean-Paul Calderone
2c38b148bf Move the safe interface import to the top 2018-06-08 13:12:46 -04:00
Jean-Paul Calderone
d25693145c Factor a little more duplication out of the tests 2018-06-08 11:21:25 -04:00
Jean-Paul Calderone
c491b1a7d4 bring some imports up to the top 2018-06-08 10:36:45 -04:00
Jean-Paul Calderone
c3011a434b Specify preferred encoding and encoding negotiation 2018-06-06 13:46:45 -04:00
Jean-Paul Calderone
b8cfee79e3 frame it a little more 2018-06-06 13:31:34 -04:00
meejah
4c7d13dea6
Merge pull request #497 from meejah/release-1-13-0-no-checklist
Release 1.13.0 updates
2018-05-30 07:07:17 +00:00
meejah
8800fff774 two typos 2018-05-29 15:08:46 -06:00
meejah
1aa3d080c7 refactor more 2018-05-29 13:17:32 -06:00
meejah
f23406dc68 CNAME -> github (because https) 2018-05-29 13:11:15 -06:00
meejah
6001243daf refactor (more functions) 2018-05-29 13:10:48 -06:00
meejah
6a269c74c1 http -> https 2018-05-29 13:10:33 -06:00
meejah
6418eb8887 fix typos in NEWS 2018-05-29 13:10:00 -06:00
meejah
87404e94b7 version mismatch in relnotes 2018-05-29 13:09:45 -06:00
Jean-Paul Calderone
4e10f7971a discuss decision to use query args 2018-05-29 10:52:37 -04:00
Jean-Paul Calderone
28a2e6e557
Merge pull request #502 from exarkun/2926.cli-status-exceptions
Fix several cases where `tahoe status` rendering raises an unhandled exception.

Closes ticket:2926

Some possible operation states were not accounted for.
2018-05-28 08:38:42 -04:00
Jean-Paul Calderone
bfedd79633
Merge pull request #487 from tahoe-lafs/1455.x-frame-options.2
Set `X-Frame-Options: DENY` for all web status pages.

This prevents attackers from loading web status pages in a frame as a way to trick users into interactions which attackers are restricted from performing unaided.
2018-05-28 08:12:35 -04:00
Jean-Paul Calderone
20084506b3 Handle all the status cases 2018-05-23 13:59:42 -04:00
Jean-Paul Calderone
318eea05e3 docs 2018-05-23 10:59:42 -04:00
Jean-Paul Calderone
8a5e2edb91 Also CLOEXEC the descriptor
This avoids leaking it into any child processes that the tests might launch.
2018-05-23 10:56:26 -04:00
Jean-Paul Calderone
be6e458770 Ensure the fd will be valid by the time we listen 2018-05-23 10:50:54 -04:00
Jean-Paul Calderone
62836b6858 Switch another test to the adoption method 2018-05-23 10:47:41 -04:00
Jean-Paul Calderone
711d63960d Switch another test to the adoption method 2018-05-23 10:47:30 -04:00
Jean-Paul Calderone
277cd16594 Avoid race-prone allocate_tcp_port for some Tubs when possible
create_tub on POSIX can pre-allocate a port safely instead.
2018-05-23 10:45:15 -04:00
Jean-Paul Calderone
3d3c3d2eb4 elaborate on the transition stages
talk about cases of each stage and desired behavior
2018-05-22 09:57:39 -04:00
Jean-Paul Calderone
a592053b18 refer to GBS more than HTTP 2018-05-22 09:57:29 -04:00
Jean-Paul Calderone
534b8db318 markup and spelling 2018-05-22 09:57:18 -04:00
Jean-Paul Calderone
acf541a0be try to make the example more useful 2018-05-22 09:08:59 -04:00
Jean-Paul Calderone
504452f1fd clean up description of certificate validity period 2018-05-22 09:00:30 -04:00
Jean-Paul Calderone
ab37b5eabb clean up the description of the tls usage 2018-05-22 09:00:10 -04:00
Jean-Paul Calderone
65103445ea secrecy is the kind of security we're talking about here 2018-05-22 08:43:19 -04:00
Jean-Paul Calderone
97176e88d4 but it is part of this proposed solution 2018-05-22 08:43:12 -04:00
Jean-Paul Calderone
bf305b91e4 HTTP *per se* is not a requirement 2018-05-22 08:42:55 -04:00
Jean-Paul Calderone
5ede9662bb fix typo 2018-05-22 08:42:39 -04:00
Jean-Paul Calderone
44afc1de03 talk about a non-security requirement! 2018-05-22 08:42:28 -04:00
Jean-Paul Calderone
ff48e67418 flop some heading levels around 2018-05-22 08:42:16 -04:00
Jean-Paul Calderone
c321c937f6 copy edits and another option for tubID length 2018-05-22 08:27:31 -04:00
Jean-Paul Calderone
b73e95ec30 discuss protocol identification 2018-05-22 08:27:24 -04:00
Jean-Paul Calderone
17ae8a191b I like it 2018-05-22 08:27:15 -04:00
Jean-Paul Calderone
4592bf3de2 wip - more edits of the security material & transition plan 2018-05-21 16:23:53 -04:00
Jean-Paul Calderone
176732dcaf gotta announce the new fURL sometime 2018-05-21 14:59:46 -04:00
Jean-Paul Calderone
16076f9bd7 be explicit about the security goals being achieved 2018-05-21 14:59:28 -04:00
Jean-Paul Calderone
11184939e8 It's SPKI not public key 2018-05-21 14:59:10 -04:00
Jean-Paul Calderone
fa4384e36e add a security summary (noting foolscap features)
also, expanded discussion.
2018-05-21 14:14:53 -04:00
Jean-Paul Calderone
cea0ae8004 tahoe-lafs is already good at redundant storage 2018-05-21 14:14:39 -04:00
Jean-Paul Calderone
4626a09224 elaborate on reputation-based assumptions 2018-05-21 13:31:16 -04:00
Jean-Paul Calderone
931ffec005 semantic newlines 2018-05-21 13:31:10 -04:00