Unrud
f3c368e547
Support generic component names
2017-08-30 18:03:41 +02:00
Unrud
cfb9b1fc0a
Skip filters with three levels of comp-filter
2017-08-30 18:03:40 +02:00
Unrud
773e4cfca4
Remove filter_length variable
2017-08-30 18:03:39 +02:00
Unrud
5ce67320e1
Convert PARAM and components names to upper-case
2017-08-29 20:24:38 +02:00
Unrud
b0452b3014
Detect VFREEBUSY and VALARM component names
2017-08-29 20:24:38 +02:00
Unrud
f7d942bfeb
More tests for filtering calendars
2017-08-29 20:24:38 +02:00
Unrud
ad0b4e5e85
Add tests for filtering address books
2017-08-29 20:24:38 +02:00
Unrud
31a0f65a7e
Don't getattr unless required in _visit_time_ranges
2017-08-29 20:24:38 +02:00
Unrud
c9177e2338
Use logger variable
2017-08-29 20:24:38 +02:00
Unrud
71e5dcf414
Add support for test property in CARDDAV:filter
2017-08-29 20:24:38 +02:00
Unrud
31ba4eb876
Stricter parsing of filters
2017-08-29 20:08:30 +02:00
Unrud
963e28d661
Add support for match-type to text-filter
2017-08-29 20:08:29 +02:00
Unrud
642b4236fe
Cache item name and component_name
2017-08-29 20:08:28 +02:00
Unrud
f37b22b682
Correct ;component=... in getcontenttype
2017-08-29 20:08:26 +02:00
Unrud
a2a046f35f
Correct Content-Type for VLIST in HTTP header
2017-08-29 20:08:25 +02:00
Unrud
c1d279e63f
Bump version to 2.1.5
2017-08-25 19:13:11 +02:00
Unrud
d96faa35dd
Print warning when server.timeout is used with Python < 3.5.2
2017-08-25 19:13:10 +02:00
Unrud
2df009fac8
Add --verify-storage argument
2017-08-25 19:13:09 +02:00
Unrud
36bca799e1
Use length of encoded error response
...
This is purely cosmetic. The lengths are the same, because it gets encoded as ASCII.
2017-08-24 14:34:29 +02:00
Unrud
4cfe92cf50
Close HTTPServer when bind and activate fails
2017-08-24 14:34:29 +02:00
Unrud
31564c7cf2
Improve error message for missing main component
2017-08-23 13:36:35 +02:00
Unrud
574961417d
Rename variable recurrence to is_recurrence
2017-08-23 13:36:12 +02:00
Unrud
f912642c20
htpasswd: ignore comments
2017-08-17 06:46:40 +02:00
Unrud
73038e518a
htpasswd: don't strip whitespaces and allow ':' in plain password
2017-08-17 06:46:38 +02:00
Unrud
a73a7ab193
Remove cookies from logging output
...
HTTP cookies are shared across all ports on a host. The log might contain session ids or CSRF tokens from other applications on the same host.
2017-08-14 18:16:46 +02:00
Unrud
f87c16a42b
Small cosmetic improvements
2017-08-14 18:16:45 +02:00
Unrud
86631e4ddd
Sync cache folder when uploading whole collection
2017-08-09 17:37:48 +02:00
Unrud
1821b872d2
Don't keep files open when uploading whole collection
2017-08-09 17:37:47 +02:00
Unrud
59eded976b
Bump version to 2.1.4
2017-08-04 14:59:03 +02:00
Unrud
8e88a47978
Fix owner property
2017-08-04 14:59:02 +02:00
Unrud
c6ca643bcf
Don't handle empty properties as deleted
2017-08-04 14:59:01 +02:00
Unrud
5c15b30058
Set deleted props to None instead of ""
2017-08-04 14:59:00 +02:00
Unrud
f91b2bc17e
Webinterface: Escape . correctly in RegExp
2017-08-04 14:58:59 +02:00
Unrud
73fb669fd8
Add note about rescheduled recurrences
2017-08-04 14:58:58 +02:00
Unrud
a6663f19f0
Ignore overwritten recurrences in time range filter ( fixes #630 )
2017-08-03 23:26:12 +02:00
Unrud
ae897c1cd3
Test time range filter with overwritten recurrence
2017-08-03 23:25:50 +02:00
Unrud
748519e94d
Fix time range filtering with overwritten recurrences
2017-08-03 19:52:16 +02:00
Unrud
7678da7926
Test unordered recurrences
...
Time range matching stops early when the visited time range is behind the end date of the filter.
Components are visited in the order, in which they are specified in the VCALENDAR.
This can cause problems with overwritten recurrences.
2017-08-03 19:47:00 +02:00
Unrud
e060bb3d8b
Specify items for _test_filter explicitly
2017-08-03 19:46:59 +02:00
Unrud
ba5fe590c9
Improve error message when fsync'ing files fails
2017-08-03 19:46:58 +02:00
Unrud
434178ab07
Pass the filesystem_path instead of folder to Collection
2017-08-02 17:16:42 +02:00
Unrud
6d5374f690
Remove item cache tag
...
This is not required any more, because the workarounds for bugs in VObject were removed.
2017-08-02 17:16:41 +02:00
Unrud
263f76f88e
Bump version to 2.1.3
2017-08-01 17:18:13 +02:00
Unrud
ed3708db22
Don't read cache entry twice with exclusive access
2017-08-01 17:16:58 +02:00
Unrud
1576f9b7fb
Use ExitStack instead of suppress as dummy context manager
2017-08-01 17:14:26 +02:00
Unrud
d72455fff6
Log collection path without leading and trailing /
2017-08-01 17:13:05 +02:00
Unrud
aac472960f
Improve handling of unsafe user names
2017-07-30 12:00:42 +02:00
Unrud
6d39a61a51
Shut down server on SIGINT on Windows
...
select.select blocks SIGINT on Windows.
2017-07-30 11:27:08 +02:00
Unrud
d34ee1217d
Revert "Shut down server on SIGINT on Windows"
...
This reverts commit f8de674bd2
.
2017-07-30 11:21:04 +02:00
Unrud
f8de674bd2
Shut down server on SIGINT on Windows
2017-07-30 11:00:24 +02:00
Unrud
d6435c36c9
Lock the item cache when filling it
...
Prevents performance losses when many clients request the same missing items in parallel.
2017-07-30 11:00:24 +02:00
Unrud
16abbd9ea6
Refactor: Extract class FileBackedRwLock
2017-07-30 10:57:41 +02:00
Unrud
c028de4fb7
Test missing UIDs
2017-07-27 19:08:11 +02:00
Unrud
b19b1b34e8
Test deleting the item cache
2017-07-27 19:08:09 +02:00
Unrud
5d238afb5e
Don't check the vobject item in storage.Item
...
This is the responsibility of the storage plugin.
2017-07-27 19:08:08 +02:00
Unrud
9bde9d82f4
Store item on upload in the item cache
...
This rejects items that break the item cache before they are stored in the storage.
2017-07-27 19:08:07 +02:00
Unrud
796ba54f42
Clean item cache once per request
2017-07-27 19:08:05 +02:00
Unrud
0a1de26ae5
Refactor: Extract item cache methods
2017-07-27 19:08:04 +02:00
Unrud
46c636e642
Move item cache entry when item is moved
2017-07-27 19:08:02 +02:00
Unrud
e807b5d953
Move storage hook tests from BaseRequestsMixIn to TestMultiFileSystem
2017-07-27 19:08:00 +02:00
Unrud
deffed8f14
Do SSL handshake in request thread ( fixes #674 )
...
The handshake could block the main thread, especially since the socket timeout was not set at that point.
2017-07-27 01:46:27 +02:00
Unrud
b3957bc2c7
Bump version to 2.1.2
2017-07-24 04:22:57 +02:00
Unrud
1f4fb9e306
Use repr(...) instead of "%r" % ...
2017-07-22 23:32:26 +02:00
Unrud
d0aacd3dcf
Check uploaded data for more than one VCALENDAR
2017-07-22 23:32:26 +02:00
Unrud
316b0a5832
Change owner and is_principal to properties in BaseCollection
2017-07-22 23:32:26 +02:00
Unrud
1ce404ca35
Rename encoding to _encoding in Collection
2017-07-22 23:32:26 +02:00
Unrud
33ad60503f
Sort keys of properties JSON file
2017-07-22 23:32:26 +02:00
Unrud
71916452ec
Include properties in collection etag
2017-07-22 23:32:26 +02:00
Unrud
a26d90d8d7
Web interface: Delete empty properties
2017-07-22 23:32:26 +02:00
Unrud
05b1e8296c
Check collection properties
2017-07-22 23:32:26 +02:00
Unrud
863c70f35f
Improve validation of uploaded items and stored items
...
This reverts commit 4533f76df9
.
2017-07-22 23:32:26 +02:00
Unrud
e0045ca98d
Don't use VObject for collection serialization
2017-07-22 23:32:26 +02:00
Unrud
debba3c7a1
Don't serialize collection for etag
2017-07-22 23:32:26 +02:00
Unrud
95380c5ce7
Add file name to VObject serialization errors
2017-07-22 23:32:26 +02:00
Unrud
4533f76df9
Accept VLIST items ( fixes #661 )
...
Custom format used by SOGo Connector to store lists of contacts
2017-07-21 16:12:19 +02:00
Unrud
4f831de006
Verify number of components in items
2017-07-15 09:42:01 +02:00
Unrud
d3a90d16c3
Improve log message when fsync'ing directory fails (fixes 656)
2017-07-15 09:42:00 +02:00
Unrud
56c88b4c54
Remove workarounds for bugs in VObject
...
The bugs got fixed in version 0.9.5
2017-07-01 05:45:15 +02:00
Unrud
f4a9399a97
Change HTTP response 303 to 302
2017-07-01 04:20:13 +02:00
Unrud
9f0611cd20
Small improvements for tests
2017-07-01 04:20:11 +02:00
Unrud
08919510cb
Bump version to 2.1.1
2017-07-01 01:25:16 +02:00
Unrud
2b3fd1fb9b
Add missing UIDs instead of failing
2017-07-01 01:24:53 +02:00
Unrud
019dc7a39c
Use UUID format for random UIDs
2017-07-01 01:24:53 +02:00
Unrud
5b3fbb79a1
Small improvements for tests
2017-07-01 01:24:53 +02:00
Unrud
02575580c6
Test creation of whole address book
2017-07-01 01:24:53 +02:00
Unrud
70043c07b9
Improve test for creation of whole calendar
2017-07-01 01:24:53 +02:00
Unrud
cc888ebe9e
Test adding contact to address book
2017-07-01 01:24:53 +02:00
Unrud
c135dc026d
Fix uploading of whole address books
2017-07-01 01:24:53 +02:00
Unrud
69086c6d70
Remove some hacks for bugs fixed in VObject 0.9.5
2017-07-01 01:24:53 +02:00
Unrud
5576cb38eb
Bump version to 2.1.0
2017-06-25 09:55:39 +02:00
Unrud
6bf7aa2b3c
Bump version to 2.1.0rc3
2017-06-23 22:04:37 +02:00
Unrud
98caa88a25
Include VObject version in item cache hash
2017-06-23 22:04:37 +02:00
Unrud
df5565f237
Only send timeout responses for client timeouts
...
A timeout could happen in an custom storage backend.
2017-06-23 21:55:44 +02:00
Unrud
746cd9feb1
Include exception in timeout log message
2017-06-23 21:55:42 +02:00
Unrud
65a1b572e3
Bump version to 2.1.0rc2
2017-06-21 09:57:52 +02:00
Unrud
2b45af92f3
Small improvements for wording in exceptions messages
2017-06-21 09:57:52 +02:00
Unrud
68184858b4
Add request method and path to error message
2017-06-21 09:54:33 +02:00
Unrud
276de4fd3a
Allow additional config options for external plugins
2017-06-21 09:54:33 +02:00
Unrud
db93d969ab
Bump version to 2.1.0rc1
2017-06-17 01:45:53 +02:00
Unrud
39a11bc7b7
Change "answer" to "response" in log message
2017-06-17 01:41:33 +02:00
Unrud
cf9129f6db
Name web plugin as the other plugins
2017-06-16 23:28:15 +02:00
Unrud
9ce8e9d94d
Include path in access denied log message
2017-06-16 23:28:15 +02:00
Unrud
070a39a51d
Improve documentation
2017-06-16 23:28:15 +02:00
Unrud
0cb6642ec3
Don't overwrite environment variables
...
The original PATH_INFO is required for redirects.
2017-06-16 23:28:15 +02:00
Unrud
ded660df07
Don't leak existing user in owner_only rights plugin
...
If a user didn't exist the error message for the principal collection was 404.
2017-06-16 23:28:15 +02:00
Unrud
5669433f58
Let rights plugins decide if access to item is granted
2017-06-16 23:28:15 +02:00
Unrud
04c51d2ced
Check if item is collection with storage.BaseCollection
...
The same as in xmlutils.py
2017-06-16 23:12:08 +02:00
Unrud
73a73bb0a5
Improve log message for discovery of unsafe paths
2017-06-16 23:11:43 +02:00
Unrud
67669bd690
Rename path to sane_path
2017-06-16 23:11:29 +02:00
Unrud
5a0d4f7f2f
Remove unused variable
2017-06-16 23:11:22 +02:00
Unrud
12dbeeecb3
Separate imports of pytest and radicale
...
Depending on the install location of pytest this causes isort to pass or fail.
2017-06-16 01:39:30 +02:00
Unrud
75605b5f03
Catch all exceptions when loading plugins
2017-06-15 23:54:32 +02:00
Unrud
6f5e30670f
Don't change permissions of lock file
...
The file is part of the storage folder. Setting permissions of the storage folder is not handled by Radicale.
2017-06-15 23:44:39 +02:00
Unrud
f1f94dffbd
Output raw collection path
...
The same as everywhere else.
2017-06-15 23:44:35 +02:00
Unrud
6b8de92c57
Small improvements for Collection
2017-06-09 02:59:29 +02:00
Unrud
e09d33f3ee
Document properties of BaseCollection
2017-06-09 02:59:29 +02:00
Unrud
79e7232ecb
Rename self._meta to self._meta_cache and self._etag to self._etag_cache
2017-06-09 02:59:29 +02:00
Unrud
12871fdcb3
Workaround for bugs in VObject during filtering
2017-06-09 02:59:29 +02:00
Unrud
db572e91f8
Test time range filtering with RDATE
2017-06-09 02:59:29 +02:00
Unrud
c54196bb72
Test time range filtering with overwritten recurrence
2017-06-09 02:59:29 +02:00
Unrud
f9d299fbb9
Match time against all components
2017-06-09 02:59:29 +02:00
Unrud
f5835cfe46
raise VObjectBugException for bugs with recurrence rules
2017-06-09 02:59:29 +02:00
Unrud
02371685bd
Respond with bad request when MKCOL, MCALENDAR or MOVE fails
2017-06-09 02:59:29 +02:00
Unrud
48d2a33053
Rename upload_all_atomic to _upload_all_atomic
2017-06-09 02:59:29 +02:00
Unrud
dbd06a1952
Default implementation for BaseCollection.serialize
2017-06-09 02:59:29 +02:00
Unrud
47d311b101
Improve doc strings
2017-06-09 02:59:29 +02:00
Unrud
12f9ac44c2
Remove __init__ from BaseCollection
...
It's not used anywhere
2017-06-09 02:59:29 +02:00
Unrud
a4fc123286
Use last_modified attribute of item
2017-06-09 02:59:29 +02:00
Unrud
30a4105065
Add TODO comments for time ranges
2017-06-07 21:54:49 +02:00
Unrud
bab35e9692
Detect errors in recurrence rules early
2017-06-07 21:54:38 +02:00
Unrud
0e35ab1baf
Fix detection of infinite recurrence
...
* The RRULE field might not exist.
* vobject also accepts lower case COUNT and UNTIL.
2017-06-07 15:31:05 +02:00
Unrud
3753364fc8
XML error message for invalid sync-token
2017-06-07 14:17:57 +02:00
Unrud
13381fb829
Change logging level of invalid sync token to warning
...
Some clients stop to work, when told their sync-token are invalid.
2017-06-07 14:15:30 +02:00
Unrud
1b54b23bb3
Add info about disabling locking to error message
2017-06-07 14:14:09 +02:00
Unrud
217859bf5e
Fix empty REPORT requests
2017-06-07 14:13:12 +02:00
Unrud
2860c664d0
Check that vobject_item have a UID
2017-06-06 20:01:09 +02:00
Unrud
fe97741f08
Better reporting of errors in PUT requests
2017-06-06 20:01:07 +02:00
Unrud
e47747d4d4
return None instead of False if UID field is missing
2017-06-06 20:01:06 +02:00
Unrud
bea855cb80
Improve file names used when uploading whole collection
...
* Use 64 bit random sequence (extremely low chance of collisions)
* Improve error message in case of collisions
* Add file extension to names
2017-06-06 20:01:04 +02:00
Unrud
a6a3756e05
Check error code of PUT request
...
Detect errors early
2017-06-06 20:01:02 +02:00
Unrud
5660f70753
Rename deleted item in test
...
The backend may derive the item name from the UID (e.g. "event1.ics" from the UID "event1").
2017-06-06 20:00:59 +02:00
Unrud
ee214d6697
Remove user from URL
...
It's not supported by many clients.
2017-06-04 15:43:55 +02:00
Unrud
37c9a1da18
Store user and password in session storage
...
Allow reloading of the page.
2017-06-04 15:43:27 +02:00
Unrud
4afbefbc9f
Disable update timer
2017-06-04 15:43:20 +02:00
Unrud
fca70f482f
Web interface: Wrapping of URLs, titles, ...
2017-06-04 15:42:33 +02:00
Unrud
396b9ffecb
Log error message from parser for items in storage
2017-06-02 16:36:02 +02:00
Unrud
a1ebc52b39
Don't delete cache entry that gets overwritten
...
It's unnecessary.
2017-06-02 14:19:53 +02:00
Unrud
07c792f14e
Use %r n error messages for token names
2017-06-02 14:18:39 +02:00
Unrud
9ceae0a751
Make Radicale fast ( #569 )
...
* Change get_multi to also return missing items
get_multi is not used anywhere and this makes it easier to use.
* Use get_multi for report requests
* Add get_all to BaseCollection
This can be used for optimization on multifilesystem.
* Use iterator for files
* Remove unnecessary checks
This never happens and would be an error.
* Don't raise exception when calling get with colliding name
This behavior is wrong, it should be handled as if the file doesn't exist.
* Use get_all and get_multi to skip unnecessary checks
Collision checks are slow on big collections.
* Use exception instead of existence checks
It's a bit faster.
* Use os.scandir instead of os.listdir
It's faster and doesn't load all files at once.
* Cache metadata when storage is read-only
Metadata is queried a lot during a request. It's quiet slow to load and parse the file every time.
* Cache the etag when the storage is read-only
The etag is calculated twice for GET requests on collections.
* Add helper method for cleaning caches
* Use item etags to calculate collection etag
It's very slow and unnecessary to parse all files with VObject and serialize them again.
* Cache serialized collections in file system
Serialization is very slow for big collections. This caches the result in a file.
* Add helper function for prefilters
The simplify_prefilters functions converts XML filters to a simple tag and time range, which can be easily matched against the tag and time range that are extracted from vobject_items by the function find_tag_and_time_range.
* Add ability to cache etag and serialization of item
Parsing items with vobject is very slow and not required for many requests.
Caching can be used to speed it up.
* Cache metadata and serialization from items in file system
Store the serialized text and the tag and time range from vobject_items in the cache.
The metadata is used for prefilters.
* Remove the cache for the serialization of collections
* Serialize calendars without vobject
Merge the calendar components manually. This is much faster and requires less memory. Caching of the result is not required anymore.
* Allow pre_filtered_list to indicate that filters match
The storage backend can indicate that it evaluated the filters completely.
* Skip filtering with vobject if prefiltering is sufficient
``simplify_prefilters`` indicates if the simplified condition is identical to ``filters``.
This is used in the multifilesystem backend to detect if prefiltering is sufficient.
* Make constants global
* Use generator expressions
* Only extract elements from inside of VCALENDAR
This is unnecessary at the moment, the text representation should never contain anything but VCALENDAR.
* Improve comments
* restore backward compatiblity
* Small improvements for fastbackend
2017-06-02 14:14:55 +02:00
Unrud
78a62aee86
Merge pull request #565 from Unrud/synctoken
...
Support for sync-token and sync-collection
2017-06-02 13:01:54 +02:00
Unrud
7687afc4c6
Merge pull request #622 from Unrud/clientcertificate
...
Add option for CA certificate for validating clients
2017-06-02 12:59:35 +02:00
Unrud
f633b48a7a
Real sync-collection support for the multifilesystem backend
2017-06-02 12:53:37 +02:00
Unrud
0ffa97eca0
Allow opening binary files with _atomic_write
2017-06-02 12:44:36 +02:00
Unrud
1dee561692
Add helper method for cleaning caches
2017-06-02 12:44:34 +02:00
Unrud
3009ce5414
Test sync-token and sync-collection
2017-06-02 12:44:31 +02:00
Unrud
f2b415c4a6
Initial sync-token and sync-collection support
...
Use the etag of the collection as the sync token and tell the client that the token is invalid when the collection changed.
2017-06-02 12:44:23 +02:00
Unrud
428abf10de
don't use REMOTE_USER in tests
2017-06-02 12:43:44 +02:00
Unrud
6edaf27a38
rename backend from "None" to "none"
2017-06-02 12:43:23 +02:00
Unrud
5d27265d5c
fail when logging config file is not found
2017-06-02 12:43:03 +02:00
Unrud
1812aeb238
include expected type of config option in error
2017-06-02 12:42:40 +02:00
Unrud
881757815f
Add simple range checking to config options
2017-06-02 12:42:19 +02:00
Unrud
95a8c7b903
use mapping api to set config options
...
Provides protection against typos in names
2017-06-02 12:41:47 +02:00
Unrud
3af5809d71
Add option for CA certificate for validating clients
...
This can be used to secure TCP traffic between Radicale and a reverse proxy
2017-06-02 12:41:03 +02:00
Unrud
3bfac019a8
Close lock file when running tests
...
The name of configuration option was wrong.
2017-06-01 16:10:50 +02:00
Unrud
c400414b27
Don't turn off all locking with filesystem_locking
2017-06-01 16:10:34 +02:00
Unrud
f715f0ba8a
Remove font from web interface
2017-06-01 16:10:17 +02:00
Unrud
ac230efa57
Merge pull request #619 from Unrud/log_unsafe_paths
...
Log unsafe paths
2017-06-01 12:55:45 +02:00
Unrud
efb20d994f
Adjust imports for isort
2017-06-01 12:45:44 +02:00
Unrud
2178ba58be
Log unsafe paths
2017-06-01 12:45:44 +02:00
Unrud
8fed92dc24
Fix absolute paths in web interface when SCRIPT_NAME is used
2017-06-01 12:13:34 +02:00
Unrud
fd55bbce15
Adjust imports for isort
2017-06-01 11:54:04 +02:00
Unrud
a18874fc59
raise exception when locking the storage fails
...
Previously it was silently ignored, which is dangerous when multiple instances of Radicale are running.
A configuration option to disable locking was added.
2017-06-01 11:21:22 +02:00
Unrud
9585c0b048
Web interface for managing calendars and addressbooks
2017-05-31 13:18:42 +02:00
Unrud
ab9e9b2d7c
Add web interface module
2017-05-31 13:18:40 +02:00
Unrud
eba6621f17
Rename backends from None to none
...
All other backend names are lower case.
2017-05-31 12:02:29 +02:00
Unrud
edaf21561d
Don't strip SCRIPT_NAME from PATH_INFO
2017-05-31 12:01:37 +02:00
Unrud
5704b5021b
PATH_INFO might not exist if it's empty
2017-05-31 12:01:35 +02:00
Unrud
f12dd31b4b
Small improvements for auth tests
2017-05-31 12:01:33 +02:00
Unrud
c9664137a5
Improve error handling
...
* Check the configuration file for errors (check option names and basic type checking).
* Perform basic type checking on command line arguments.
* Only print stack traces in debug mode.
* Include much more information in error messages (e.g. include the path of invalid files).
* Send Bad Request to clients for invalid XML requests or iCalendar data.
* Change the log level of some messages.
2017-05-31 11:31:54 +02:00
Unrud
c2387403dd
Test the remote_user and http_x_remote user backends
2017-05-31 02:07:52 +02:00
Unrud
09bde14e50
Allow auth backends to provide login and password
...
This is used to implement an auth backend that takes the credentials from an HTTP header (e.g. accounts are managed by an reverse proxy)
2017-05-31 02:07:49 +02:00
Unrud
3e715a9aff
Test rights management
2017-05-31 01:41:23 +02:00
Unrud
5ce2c62402
Implement rights types directly
...
This is faster and easier to understand.
2017-05-31 00:43:07 +02:00
Unrud
8536ffee44
Preserve empty PATH_INFO from WSGI and strip base prefix from destination
2017-05-30 22:58:57 +02:00
Unrud
11c5dfdb53
Improve handling of XML requests and responses
...
* Move parsing/serialization of XML requests/responses from ``xmlutils.py`` to ``__init__.py``.
* Log XML requests/responses in pretty-printed form.
* Previously only the responses were logged in readable form. This is useful for debugging.
* The XML documents are only converted for pretty-printing if debugging is enabled (it's expensive)
* Send XML responses in minimized form to clients.
* Add **encoding** attribute to XML declaration in XML response.
* Only decode XML requests once. (Previously they were decoded, encoded and decoded again.)
2017-05-30 09:15:51 +02:00
Unrud
f1a9cf7694
Allow already encoded answers
2017-05-30 09:02:37 +02:00
Unrud
bc49542a62
Merge pull request #587 from Unrud/testscapturelogging
...
Capture log messages during tests
2017-05-30 07:55:05 +02:00
Unrud
9cd9ad9a02
Only register exit function if a PID file was created
...
The function only deletes the PID file.
2017-05-30 07:41:50 +02:00
Unrud
01ea0a3c40
Capture log messages during tests
...
The log messages help finding problems with failed tests.
2017-05-30 05:44:02 +02:00
Unrud
6762fc1cad
Expand user on PID path
2017-05-30 05:10:07 +02:00
Unrud
fcccb3f7af
Daemonize after creation of network sockets
...
The original process should exit after the server is ready.
See also https://www.freedesktop.org/software/systemd/man/daemon.html#SysV%20Daemons
2017-05-30 05:10:07 +02:00
Unrud
360e88f350
Write PID file in original process
...
This ensures that the PID is written, when the process exists.
2017-05-30 05:10:07 +02:00
Unrud
6ade44c773
Make relative PID path absolute
...
The daemon changes the current directory to root.
2017-05-30 05:10:07 +02:00
Unrud
65c53df5b3
Keep original exception when PID file creation fails
2017-05-30 05:10:07 +02:00
Unrud
79bcedd4bc
Refactor: Extract daemonize function
2017-05-30 05:10:07 +02:00
Guillaume Ayoub
a94a3bc7c2
Version 2.0.0
2017-05-27 18:10:46 +02:00
Guillaume Ayoub
3e0c8cf285
Update copyright years
2017-05-27 17:28:07 +02:00
Guillaume Ayoub
1825c35bc7
Merge pull request #608 from Unrud/config_file
...
Fail if config file is not found
2017-05-26 11:08:12 +02:00
Guillaume Ayoub
e4af3fc3cd
Merge pull request #604 from Unrud/config_logging_config
...
Disable logging config by default
2017-05-26 11:06:27 +02:00
Unrud
577d9317d2
Strip script name from path
2017-05-26 11:02:07 +02:00
Unrud
d2a17c36ae
Fail if configuration is not found
...
If a configuration file is passed with a command line argument and the file is not found, Radicale shows a warning and continues with the default configuration.
There is no reason for doing this, Radicale should just fail.
Instead, this PR allows passing an empty string like ``--config ""``. Radicale will use the default configuration in this case, without trying to load the configuration from the common paths. Previously you had to do specify a path that doesn't exist like ``--config /does/not/exist``, which looks a bit ugly and showed a warning message.
2017-05-24 21:01:23 +02:00
Unrud
fed974e018
Disable logging config by default
...
Radicale always tries to load the system-wide configuration file. To turn this off, the logging-config option has to be added to all configuration files and command line arguments. It's easier to disable it by default and only add it once to the system-wide config file.
2017-05-24 17:03:48 +02:00
Guillaume Ayoub
22d364729b
Use "&" instead of "+" to test booleans
2017-05-23 17:11:28 +02:00
Guillaume Ayoub
5066e97c66
Always compare both login and password to avoid timing attacks
...
Related to #591 .
2017-05-23 16:55:43 +02:00
Unrud
cf78a23856
Improve logging
...
Log failed login attempts more clearly and also log access violations of authenticated users.
2017-05-23 04:16:52 +02:00
Unrud
f2fb07fa84
Move authentication delay into __init__.py and add config
...
Use the delay for all backends (not only htpasswd).
Add configuration option to configure the delay.
2017-05-23 04:07:32 +02:00
Unrud
fb970246e0
Only query auth backend when a user is set
2017-05-23 04:07:32 +02:00
Unrud
c4537b1f5c
Compare passwords and hashes in constant time ( Fixes #591 )
2017-05-23 04:07:32 +02:00
Unrud
fc309562da
Repair SSHA method
2017-05-23 04:07:31 +02:00
Unrud
99bda37839
Repair auth tests, add tests for all methods and cross check
...
The auth tests were not doing anything because "Basic" was missing in the AUTHORIZATION header.
2017-05-23 04:07:31 +02:00
Guillaume Ayoub
dcb0638538
Version 2.0.0rc2
2017-04-19 14:10:02 +02:00
Guillaume Ayoub
059ba8dec1
Random timer to avoid timing oracles and simple bruteforce attacks
...
Important note: this is a security fix.
2017-04-19 13:48:30 +02:00
Guillaume Ayoub
8293ca5c1c
Fix a CLI help description
2017-04-15 16:03:51 +02:00
Guillaume Ayoub
7e2406c778
Version 2.0.0rc1
2017-04-15 15:51:05 +02:00
Guillaume Ayoub
864eb5931a
Merge setup.cfg and pytest.ini, fix tests
2017-04-15 10:51:00 +02:00
Guillaume Ayoub
26d8214296
Merge pull request #566 from Unrud/cleanxmlutils
...
Some small fixes for xmlutils.py
2017-04-15 09:24:38 +02:00
Guillaume Ayoub
b173307f55
Merge pull request #570 from Unrud/patch-5
...
Fix permissions for REPORT request
2017-04-15 09:20:01 +02:00
Guillaume Ayoub
d74ee7b688
Merge pull request #553 from Kozea/config
...
Change default values for the config
2017-04-15 09:19:32 +02:00
Unrud
4f6d2e8b58
Only search for filter that are direct children
2017-03-18 04:59:27 +01:00
Unrud
a05cca563a
Stop iterating when a component is found
2017-03-18 04:58:55 +01:00
Unrud
8a98f4861d
Fix permissions for REPORT request
...
Only read access is required.
2017-03-13 08:22:14 +01:00
Unrud
c027b68b4f
PROPFIND: return all supported report methods
...
addressbook-multiget, addressbook-query, calendar-multiget and calendar-query were missing.
sync-collection only works for leaf collections.
2017-03-10 22:30:44 +01:00
Unrud
53a7e15833
Return empty result for unsupported report methods
2017-03-10 22:19:10 +01:00
Unrud
2f67da5750
Remove unnecessary conditions
2017-03-10 22:16:46 +01:00
Unrud
a7f12b5fac
PROPFIND: only one privilege per privilege element
...
Before: <privilege><read /><write /></privilege>
After: <privilege><read /></privilege><privilege><write /></privilege>
2017-03-10 22:14:13 +01:00
Unrud
7d687205bd
Use logger for WSGIServer
...
Log exception from the WSGIServer. Exceptions from socket timeouts are currently written to stderr.
2017-03-10 13:39:26 +01:00
Guillaume Ayoub
edebcf03c7
Merge pull request #558 from Unrud/collision
...
Check for conflicting file names
2017-03-08 15:58:48 +01:00
Guillaume Ayoub
33b27a2e71
Merge pull request #559 from Unrud/remotehostlogging
...
Cleanup remote host logging
2017-03-08 15:57:07 +01:00
Guillaume Ayoub
9b8fc4ac14
Update and fix some config values
2017-03-08 15:50:24 +01:00
Unrud
5cd5cfe368
Use REMOTE_ADDR if REMOTE_HOST is missing
...
WSGIRequestHandler doesn't set REMOTE_HOST if dns lookup is disabled.
2017-03-07 20:34:37 +01:00
Unrud
69d39b47ca
Also log the forwarding host for forwarded requests
2017-03-07 20:34:36 +01:00
Unrud
c104da28ce
Use UNKNOWN if user agent is missing
...
This is much shorter and doesn't clutter the log as much.
2017-03-07 20:33:37 +01:00
Unrud
266dc608f2
Remove unnecessary if-statements
2017-03-07 20:32:23 +01:00
Unrud
c6c32945a0
Log unsafe paths when discovering collections
2017-03-07 18:24:40 +01:00
Unrud
9b27d075b6
Always close files when creating collection
...
If an exception occurs we rely on garbage collection to close the files.
2017-03-07 18:13:52 +01:00
Unrud
2d170bd41f
Check for conflicting file names
...
On Windows file systems the user "TESTUS~1" can access the data of the user "testuser".
2017-03-07 18:04:51 +01:00
Guillaume Ayoub
4278cc3443
Set htpasswd encryption type to plain in tests
2017-03-04 14:25:01 +01:00
Guillaume Ayoub
78abe39002
Set authentication method when testing rights
2017-03-04 14:22:28 +01:00
Guillaume Ayoub
b47505d5bd
Don't set rights management when no authentication is set
2017-03-04 14:15:46 +01:00
Guillaume Ayoub
8cc15a3d25
Change default values for the config
...
Fix #346 .
2017-03-04 14:06:09 +01:00
Guillaume Ayoub
fc04e4543b
Remove unused import
2017-02-26 16:41:59 +01:00
Guillaume Ayoub
6b683477cb
Merge branch 'improved-broken-vcard-handling' of https://github.com/pbiering/Radicale into pbiering-improved-broken-vcard-handling
2017-02-26 16:35:44 +01:00
Guillaume Ayoub
5d67257555
Merge branch 'trycatch-broken-objects' of https://github.com/pbiering/Radicale into pbiering-trycatch-broken-objects
2017-02-26 16:24:41 +01:00
Guillaume Ayoub
46fcec8fe0
Cosmetics
2017-02-26 16:19:38 +01:00
Guillaume Ayoub
e6880057a2
Merge pull request #518 from pbiering/improved-access-logging
...
improved request logging
2017-02-26 16:17:44 +01:00
Guillaume Ayoub
9d958e8e51
Remove unused import
2017-02-26 16:13:50 +01:00
Guillaume Ayoub
04764c2af4
Merge branch 'storage' of https://github.com/Unrud/Radicale into Unrud-storage
2017-02-26 15:48:22 +01:00
Guillaume Ayoub
b9db971060
Merge branch 'fixed-propfind-handling' of https://github.com/muggenhor/Radicale into muggenhor-fixed-propfind-handling
2017-02-26 15:33:34 +01:00
Guillaume Ayoub
3213495245
Merge branch 'url' of https://github.com/Unrud/Radicale into Unrud-url
2017-02-26 14:43:59 +01:00
Guillaume Ayoub
78db0072bc
Merge pull request #521 from stephane-martin/fix-support-report-set-xml-element
...
<report> should contain XML elements, not text
2017-02-26 14:37:38 +01:00
Guillaume Ayoub
34a82c9b69
Merge pull request #540 from twoodcock/master
...
remove umask(0) in daemon mode
2017-02-26 14:35:19 +01:00
Tim Woodcock
7f0d717459
remove umask(0) in daemon mode
2016-11-29 16:33:10 -08:00
Guillaume Ayoub
e55d75ce46
Set charsets in headers
2016-10-12 14:50:53 +02:00
Guillaume Ayoub
c459d32a19
Use argparse to parse command arguments
...
This commit also allows users to specify all the config values through
the command line.
Fix #154 .
2016-10-12 14:30:18 +02:00
Yohann Rebattu
6d76cfa5aa
use dash instead of underscore in options as well
2016-10-12 10:48:14 +02:00
Yohann Rebattu
fb3e733596
use dash instead of underscore
2016-10-12 10:44:13 +02:00
Yohann Rebattu
d6ee788ff5
comment…
2016-10-11 18:22:26 +02:00
Yohann Rebattu
ca2d519345
use group exclusively except for config
2016-10-11 18:21:17 +02:00
Yohann Rebattu
11710f75a8
allow config override from commandline
2016-10-11 18:17:01 +02:00
Stephane Martin
5abc8aea43
<report> should contain XML elements, not text
2016-09-20 00:27:03 +02:00
Peter Bieringer
c578470fc3
log depth also on response log line
2016-09-19 20:11:52 +02:00
Peter Bieringer
f52fa73cab
check env first before using HTTP_DEPTH
2016-09-19 20:04:11 +02:00
Peter Bieringer
87061df68f
add conditional logging of given depth
2016-09-19 19:59:47 +02:00
Peter Bieringer
830d6f9305
add examples of broken vcard and vevent
2016-09-18 19:36:54 +02:00
Peter Bieringer
a5e3ffa427
realign change
2016-09-18 19:30:51 +02:00
Peter Bieringer
e05206eec3
Merge branch 'improved-broken-vcard-handling' of github.com:pbiering/Radicale into improved-broken-vcard-handling
2016-09-18 19:28:15 +02:00
Peter Bieringer
af5c1582dc
improved detection of broken vcards
2016-09-18 19:23:24 +02:00
Peter Bieringer
1ffdb03106
simplify patch
2016-09-17 18:16:27 +02:00
Peter Bieringer
ff02d17619
remove temporary debug statements
2016-09-17 17:44:33 +02:00
Peter Bieringer
1cfd3fd95b
filter broken vcard entries before delivered, found on real life system at least 2 cards where vobject claimed about
...
vobject.base.ValidateError: 'VCARD components must contain at least 1 N'
2016-09-17 16:53:24 +02:00
Peter Bieringer
18181374e1
log exception for broken items
2016-09-17 16:29:40 +02:00
Peter Bieringer
d116423458
improved request logging
2016-09-17 15:35:43 +02:00
Peter Bieringer
e6ba31937a
3rd catch
2016-09-17 15:11:02 +02:00
Peter Bieringer
a57fcad270
catch 2nd case for broken object
2016-09-17 13:56:27 +02:00
Peter Bieringer
cd97aab72c
try/catch of objects avoiding not serving any object in case an object has no valid contents
...
also log duration of how many objects are read per folder
2016-09-17 12:52:42 +02:00
Guillaume Ayoub
0c1dbc30bd
Log read objects
2016-09-16 14:13:53 +02:00
Guillaume Ayoub
ecb8a99ed1
Merge branch 'master' of github.com:Kozea/radicale
2016-09-16 14:12:36 +02:00
Guillaume Ayoub
2c938ea67a
Don't log when skipping .Radicale* files
...
Patch proposed by @pbiering.
2016-09-16 14:12:05 +02:00
Unrud
def34b1454
Fix BaseCollection.move
...
The update method doesn't exist.
2016-09-15 11:18:55 +02:00
Guillaume Ayoub
e95d187cbc
Merge pull request #509 from Unrud/patch-2
...
Set password to empty string instead of None
2016-09-07 16:08:37 +02:00
Unrud
f7435814fc
Repair hreferences in REPORT response
...
They were not extended with base_prefix.
2016-09-06 16:53:20 +02:00
Unrud
eb4b513d63
Quote hreferences
...
RFC 4918 states that they are URIs and RFC 3986 says that URIs must always be in percent-encoded form.
2016-09-06 16:53:20 +02:00
Unrud
83046c80c4
Let reverse proxies overwrite script name
...
Reverse proxies can overwrite the script name with the HTTP header field X-Script-Name.
2016-09-06 16:53:14 +02:00
Unrud
90486f33a5
Log invalid URLs in XML requests
...
Before the requests either failed or the invalid hreference was silently dropped.
2016-09-04 22:28:01 +02:00
Unrud
d5b8ddd71c
Check that name is valid in name_from_path
...
Before it was possible craft XML requests, so that the storage backend got requests with invalid hrefs.
2016-09-04 22:28:01 +02:00
Unrud
139076faee
Sanitize URLs from XML requests
2016-09-04 22:27:59 +02:00
Unrud
13d652b094
Remove unnecessary module prefix
2016-09-04 22:26:46 +02:00
Unrud
664fa71278
Don't double unquote request URL
...
"%2525" was transformed to "%" instead of "%25".
2016-09-04 22:26:46 +02:00
Unrud
dbaf58dbfe
Remove base_prefix and use SCRIPT_NAME instead
...
This conforms with the WSGI reference (PEP 333)
2016-09-04 22:26:40 +02:00
Unrud
03fbb1e68e
Don't strip {} in get method
...
If someone uploads a file that starts or ends with the chars {}, all REPORT requests on that collection will fail and it's impossible to delete the file.
2016-09-04 13:35:44 +02:00
Unrud
6df54bf88a
Log name of faulty component
...
If vobject can't parse a component it raises an exception, but the filename of that component is missing in the logs.
2016-09-04 13:23:01 +02:00
Unrud
5ccfe16372
Remove Collection.has
...
It's the same as BaseCollection.has
2016-09-04 13:21:57 +02:00
Unrud
de09f6689a
Only relevant files for last_modified calculation
...
Leftovers from failed transactions etc. should not change that property.
2016-09-04 13:16:42 +02:00
Unrud
cd9f789294
Name variables for files f
...
fd sounds more like file descriptions.
prop doesn't sound like a file at all.
2016-09-04 13:14:51 +02:00
Unrud
f5650df5f7
Remove checks for existence of collection
...
They are unnecessary since the discover methods stopped returning collections that actually don't exist.
2016-09-04 13:13:35 +02:00
Unrud
e7d8b4816c
Duplicate code: Use list and get methods
2016-09-04 13:12:55 +02:00
Unrud
5dbf9df876
Add missing checks for safe fileystem components
...
Currently it's not possible to exploit these.
2016-09-04 13:09:10 +02:00
Unrud
dc501d5dc5
Refactor/Duplicate code: Extract _fsync method
2016-09-04 13:08:12 +02:00
Unrud
77e9ca1252
Remove EtagMismatchError
...
Etags are not checked in storage anymore and this is unused.
2016-09-04 13:06:09 +02:00
Unrud
a12ef69129
Secure is_safe_filesystem_path_component
...
On Windows 1/2 would be a safe filesystem path component, but it's not safe to pass it to path_to_filesystem.
Currently only the get method can be called with a href like that and it checked for that.
This just moves the check into the is_safe_filesystem_path_component function.
2016-09-04 12:55:28 +02:00