summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
...
| * | Fix ReCaptchaProtectedResource.checkSolution() to pull response from deferred.fix/11218-deferred-solution-isvalidIsis Lovecruft2014-03-17
|/ / | | | | | | | | | | * FIXES a bug introduced in #11127 where checkSolution() was expecting the boolean response from the reCaptcha API server, not a deferred as is now returned.
* | Merge branch 'master' into developIsis Lovecruft2014-03-16
|\ \ | |/
| * Merge branch 'release-0.1.5'Isis Lovecruft2014-03-16
| |\ | |/ |/|
* | Only read emails into logger if configured to log emails.bridgedb-0.1.5Isis Lovecruft2014-03-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The variable name and logging text stating that the "email body" was being logged was untrue ― the entire email text was logged, including headers, which completely nullified all the other efforts to use SAFE_LOGGING and keep client email addresses out of BridgeDB's log files. In commit 3a3fe60e159bfcb93f51cff861a0db794b867ad4, these lines were changed to use `Util.logSafely(f.read())`. However, this is inefficient. We shouldn't bother reading the entire email file if the `Util.logSafely()` is only going to rewrite those contents with the string `[scrubbed]`. * CHANGE the way the `bridgedb.EmailServer.composeEmail()` function logs email contents to use SAFE_LOGGING more efficiently.
* | Update CHANGELOG entry for bridgedb-0.1.5.Isis Lovecruft2014-03-16
| |
* | Merge branch 'fix/11127-recaptcha-ssl_10809r1_r1' into developIsis Lovecruft2014-03-15
|\ \
| * | Fix monarchic typo and inaccurate class docstring in test_txrecaptcha.fix/11127-recaptcha-ssl_10809r1_r1Isis Lovecruft2014-03-12
| | |
| * | Add test_txrecaptcha note about `DelayedCall`s and dirty reactor cleanups.Isis Lovecruft2014-03-12
| | |
| * | Change duplicate txrecaptcha unittest to check ConnectionDone result.Isis Lovecruft2014-03-12
| | |
| * | Use txrecaptcha in bridgedb.HTTPServer.ReCaptchaProtectedResource.Isis Lovecruft2014-03-12
| | |
| * | Twisted implementation of reCaptcha's submit(); use SSL for CAPTCHA verify.Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | * ADD module bridgedb.txrecaptcha. * FIXES #11127
| * | Implement cert-chain and hostname checking OpenSSL.SSL.Context factory.Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | | | | * ADD bridgedb.crypto.SSLVerifyingContextFactory class, which verifies certificate chains and checks certificate hostnames for a requested resource.
| * | Add unittests for bridgedb.txrecaptcha module.Isis Lovecruft2014-03-12
| | |
| * | Add unittests for bridgedb.crypto.SSLVerifyingContextFactory.Isis Lovecruft2014-03-12
| | |
* | | Merge branch 'fix/10809-gimp-captcha_r1' into developIsis Lovecruft2014-03-15
|\ \ \ | |/ /
| * | Two whitespace fixes in lib/bridgedb/test/test_captcha.py.fix/10809-gimp-captcha_r1Isis Lovecruft2014-03-12
| | | | | | | | | | | | [ci-skip]
| * | Change assertTrue(a == b) in unittest to assertEquals.Isis Lovecruft2014-03-12
| | |
| * | Add default captcha cache directory to .gitignore.Isis Lovecruft2014-03-12
| | |
| * | Add example CAPTCHA for unittests.Isis Lovecruft2014-03-12
| | |
| * | Add unittests for bridgedb.captcha module.Isis Lovecruft2014-03-12
| | |
| * | Use RSA and HMAC captcha keys in resource init in addWebServer().Isis Lovecruft2014-03-12
| | |
| * | Pep8; change `c` → `capt` in ReCaptchaProtectedResource.getCaptchaImage().Isis Lovecruft2014-03-12
| | |
| * | Document `request` parameter in ReCaptchaProtectedResource.getCaptchaImage().Isis Lovecruft2014-03-12
| | |
| * | Remove unused zope imports in bridgedb.HTTPServer.Isis Lovecruft2014-03-12
| | |
| * | Update bridgedb.crypto.getKey() docstring.Isis Lovecruft2014-03-12
| | |
| * | Rewrite GimpCaptchaProtectedResource to use RSA & HMAC keys for verification.Isis Lovecruft2014-03-12
| | |
| * | Reformat docstrings and update some descriptions in bridgedb.HTTPServer.Isis Lovecruft2014-03-12
| | |
| * | Add coverage skip lines to untestable portion of ReCaptcha.get().Isis Lovecruft2014-03-12
| | |
| * | Add GIMP_CAPTCHA_[RSA|HMAC]_KEYFILE settings to bridgedb.Main.loadConfig().Isis Lovecruft2014-03-12
| | |
| * | Add GIMP_CAPTCHA_[ENABLED|DIR|KEYFILE] settings to bridgedb.conf.Isis Lovecruft2014-03-12
| | |
| * | Update docstring for bridgedb.captcha.GimpCaptcha.get().Isis Lovecruft2014-03-12
| | |
| * | Change captcha.GimpCaptcha check() and get() to use HMAC(encrypt(answer)).Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This changes the way that ``captcha.GimpCaptcha``s work to use an asymmetric keypair to encrypt the CAPTCHA answer. Then, it creates an HMAC of that encrypted result, using an HMAC key which is derived from the client's IP address and a master HMAC key used for CAPTCHA challenge string verification. TODO: We should possibly add a timestamp into the HMACed data so that we can timeout requests, and also to disallow adversarial bots which solved one CAPTCHA a year ago from reusing it over and over again.
| * | Add more documentation to captcha.ReCaptcha class and its methods.Isis Lovecruft2014-03-12
| | |
| * | Add documentation to captcha.Captcha class.Isis Lovecruft2014-03-12
| | |
| * | Condense single use ReCaptchaKeyError exception message.Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | | | | It's only used once, we may just as well initialise it in that one place with that message and remove the __init__ constructor from the exception class.
| * | Add crypto.getRSAKey() function.Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | * ADD a function for getting/creating RSA keypairs. * ADDS a dependency on pyCrypto.
| * | Separate key storage from crypto.getKey() to crypto.writeKeyToFile().Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | * ADD a new function, bridgedb.crypto.writeKeyToFile(), which is merely the keyfile writing logic from bridgedb.crypto.getKey().
| * | Move HMAC and HMACfunction creators to bridgedb.crypto module.Isis Lovecruft2014-03-12
| | | | | | | | | | | | | | | | | | | | | * MOVE bridgedb.Bridges.get_hmac() → bridgedb.crypto.getHMAC() * MOVE bridgedb.Bridges.get_hmac_fn() → bridgedb.crypto.getHMACFunc() * CHANGE all other modules which use these functions to use the newer ones.
| * | Pep8 and cleanup for bridgedb.Bridges.get_hmac_fn().Isis Lovecruft2014-03-12
| | |
| * | Pep8 and docstring cleanup for bridgedb.Bridges.get_hmac().Isis Lovecruft2014-03-12
| | |
| * | Move Raptcha.rst → captcha.rst so that Sphinx finds it during builds.Isis Lovecruft2014-03-12
| | |
| * | Pep8 fixes for bridgedb.captcha.ReCaptcha.get() method.Isis Lovecruft2014-03-12
| | |
| * | Add challenge Attribute to ICaptcha interface and implementation.Isis Lovecruft2014-03-12
| | |
| * | Add missing period to ReCaptchaKeyError docstring.Isis Lovecruft2014-03-12
| | |
| * | Import only API_SSL_SERVER from recaptcha.client.captcha in bridgedb.captcha.Isis Lovecruft2014-03-12
| | |
| * | Use GimpCaptchProtectedResources in HTTPServer.addServer(), if configured to ↵Isis Lovecruft2014-03-12
| | | | | | | | | | | | do so.
| * | Move the addition of options.html leaf before bridges.html.Isis Lovecruft2014-03-12
| | |
| * | Remove unused ``site=None`` in bridgedb.HTTPServer.addWebServer().Isis Lovecruft2014-03-12
| | |
| * | Update ReCaptchaProtectedResouce docstring.Isis Lovecruft2014-03-12
| | |
| * | Add HTTPServer.GimpCaptchaProtectedResource class.Isis Lovecruft2014-03-12
| | |
generated by cgit v1.2.1 (git 2.18.0) at 2024-02-08 07:47:25 +0000