Unrud
5704b5021b
PATH_INFO might not exist if it's empty
2017-05-31 12:01:35 +02:00
Unrud
f12dd31b4b
Small improvements for auth tests
2017-05-31 12:01:33 +02:00
Unrud
b10599d07d
Merge pull request #613 from Unrud/logging
...
Improve error handling
2017-05-31 11:44:11 +02:00
Unrud
c9664137a5
Improve error handling
...
* Check the configuration file for errors (check option names and basic type checking).
* Perform basic type checking on command line arguments.
* Only print stack traces in debug mode.
* Include much more information in error messages (e.g. include the path of invalid files).
* Send Bad Request to clients for invalid XML requests or iCalendar data.
* Change the log level of some messages.
2017-05-31 11:31:54 +02:00
Unrud
824835bcd4
Merge pull request #612 from Unrud/auth
...
Allow auth backends to provide login and password
2017-05-31 02:16:41 +02:00
Unrud
c2387403dd
Test the remote_user and http_x_remote user backends
2017-05-31 02:07:52 +02:00
Unrud
09bde14e50
Allow auth backends to provide login and password
...
This is used to implement an auth backend that takes the credentials from an HTTP header (e.g. accounts are managed by an reverse proxy)
2017-05-31 02:07:49 +02:00
Unrud
8bc45aeb24
Merge pull request #611 from Unrud/rights
...
Implement rights types directly and test them
2017-05-31 01:48:14 +02:00
Unrud
3e715a9aff
Test rights management
2017-05-31 01:41:23 +02:00
Unrud
5ce2c62402
Implement rights types directly
...
This is faster and easier to understand.
2017-05-31 00:43:07 +02:00
Unrud
1bc53ec113
Merge pull request #610 from Unrud/emptypath
...
Preserve empty PATH_INFO from WSGI and strip base prefix from destination
2017-05-31 00:35:24 +02:00
Unrud
8536ffee44
Preserve empty PATH_INFO from WSGI and strip base prefix from destination
2017-05-30 22:58:57 +02:00
Unrud
0601b81aa7
Merge pull request #586 from Unrud/xmlrequestresponse
...
Improve handling of XML requests and responses
2017-05-30 09:28:05 +02:00
Unrud
11c5dfdb53
Improve handling of XML requests and responses
...
* Move parsing/serialization of XML requests/responses from ``xmlutils.py`` to ``__init__.py``.
* Log XML requests/responses in pretty-printed form.
* Previously only the responses were logged in readable form. This is useful for debugging.
* The XML documents are only converted for pretty-printing if debugging is enabled (it's expensive)
* Send XML responses in minimized form to clients.
* Add **encoding** attribute to XML declaration in XML response.
* Only decode XML requests once. (Previously they were decoded, encoded and decoded again.)
2017-05-30 09:15:51 +02:00
Unrud
f1a9cf7694
Allow already encoded answers
2017-05-30 09:02:37 +02:00
Unrud
bc49542a62
Merge pull request #587 from Unrud/testscapturelogging
...
Capture log messages during tests
2017-05-30 07:55:05 +02:00
Unrud
f2bfcfd406
Merge pull request #588 from Unrud/daemon
...
Daemon: Exit first process after server is ready
2017-05-30 07:50:44 +02:00
Unrud
9cd9ad9a02
Only register exit function if a PID file was created
...
The function only deletes the PID file.
2017-05-30 07:41:50 +02:00
Unrud
01ea0a3c40
Capture log messages during tests
...
The log messages help finding problems with failed tests.
2017-05-30 05:44:02 +02:00
Unrud
6762fc1cad
Expand user on PID path
2017-05-30 05:10:07 +02:00
Unrud
fcccb3f7af
Daemonize after creation of network sockets
...
The original process should exit after the server is ready.
See also https://www.freedesktop.org/software/systemd/man/daemon.html#SysV%20Daemons
2017-05-30 05:10:07 +02:00
Unrud
360e88f350
Write PID file in original process
...
This ensures that the PID is written, when the process exists.
2017-05-30 05:10:07 +02:00
Unrud
6ade44c773
Make relative PID path absolute
...
The daemon changes the current directory to root.
2017-05-30 05:10:07 +02:00
Unrud
65c53df5b3
Keep original exception when PID file creation fails
2017-05-30 05:10:07 +02:00
Unrud
79bcedd4bc
Refactor: Extract daemonize function
2017-05-30 05:10:07 +02:00
Guillaume Ayoub
a94a3bc7c2
Version 2.0.0
2017-05-27 18:10:46 +02:00
Guillaume Ayoub
3e0c8cf285
Update copyright years
2017-05-27 17:28:07 +02:00
Guillaume Ayoub
d9b6750145
Merge branch 'master' of github.com:Kozea/radicale
2017-05-27 11:16:37 +02:00
Guillaume Ayoub
95ab6ee415
Add a news entry about 1.1.3
2017-05-27 11:15:57 +02:00
Guillaume Ayoub
1825c35bc7
Merge pull request #608 from Unrud/config_file
...
Fail if config file is not found
2017-05-26 11:08:12 +02:00
Guillaume Ayoub
e4af3fc3cd
Merge pull request #604 from Unrud/config_logging_config
...
Disable logging config by default
2017-05-26 11:06:27 +02:00
Unrud
577d9317d2
Strip script name from path
2017-05-26 11:02:07 +02:00
Unrud
d2a17c36ae
Fail if configuration is not found
...
If a configuration file is passed with a command line argument and the file is not found, Radicale shows a warning and continues with the default configuration.
There is no reason for doing this, Radicale should just fail.
Instead, this PR allows passing an empty string like ``--config ""``. Radicale will use the default configuration in this case, without trying to load the configuration from the common paths. Previously you had to do specify a path that doesn't exist like ``--config /does/not/exist``, which looks a bit ugly and showed a warning message.
2017-05-24 21:01:23 +02:00
Unrud
fed974e018
Disable logging config by default
...
Radicale always tries to load the system-wide configuration file. To turn this off, the logging-config option has to be added to all configuration files and command line arguments. It's easier to disable it by default and only add it once to the system-wide config file.
2017-05-24 17:03:48 +02:00
Guillaume Ayoub
22d364729b
Use "&" instead of "+" to test booleans
2017-05-23 17:11:28 +02:00
Guillaume Ayoub
85e8336361
Add python_requires into setup.py
2017-05-23 17:02:41 +02:00
Guillaume Ayoub
5066e97c66
Always compare both login and password to avoid timing attacks
...
Related to #591 .
2017-05-23 16:55:43 +02:00
Guillaume Ayoub
1b5bfee96c
Merge pull request #600 from Unrud/auth
...
Test and fix auth module. Configurable delay. Improve logging.
2017-05-23 12:22:16 +02:00
Unrud
cf78a23856
Improve logging
...
Log failed login attempts more clearly and also log access violations of authenticated users.
2017-05-23 04:16:52 +02:00
Unrud
f2fb07fa84
Move authentication delay into __init__.py and add config
...
Use the delay for all backends (not only htpasswd).
Add configuration option to configure the delay.
2017-05-23 04:07:32 +02:00
Unrud
fb970246e0
Only query auth backend when a user is set
2017-05-23 04:07:32 +02:00
Unrud
c4537b1f5c
Compare passwords and hashes in constant time ( Fixes #591 )
2017-05-23 04:07:32 +02:00
Unrud
fc309562da
Repair SSHA method
2017-05-23 04:07:31 +02:00
Unrud
99bda37839
Repair auth tests, add tests for all methods and cross check
...
The auth tests were not doing anything because "Basic" was missing in the AUTHORIZATION header.
2017-05-23 04:07:31 +02:00
Guillaume Ayoub
2e8cd09c02
Merge pull request #581 from jre-wine/patch-1
...
Add git init to config hook example
2017-05-05 01:03:15 +02:00
jre
1c357a5636
Add git init to config hook example
...
The example code previously required to manually create a git repo first.
Above change automates this.
2017-04-22 17:40:29 +02:00
Guillaume Ayoub
dcb0638538
Version 2.0.0rc2
2017-04-19 14:10:02 +02:00
Guillaume Ayoub
059ba8dec1
Random timer to avoid timing oracles and simple bruteforce attacks
...
Important note: this is a security fix.
2017-04-19 13:48:30 +02:00
Guillaume Ayoub
78e0bfd449
Correctly initialize the logger in the WSGI and FastCGI scripts
...
Fix #574 .
2017-04-15 18:11:47 +02:00
Guillaume Ayoub
7ad1f985a6
Use flup instead of flipflop to create the FastCGI application
2017-04-15 18:05:42 +02:00