Wed Oct 1 11:43:27 2014 UTC ()
Update to 0.7.0:

* Release 0.7.0 (23-Sep-2014)

** Security Fixes

The "flappserver" feature was found to have a vulnerability in the
service-lookup code which, when combined with an attacker who has the ability
to write files to a location where the flappserver process could read them,
would allow that attacker to obtain control of the flappserver process.

Users who run flappservers should upgrade to 0.7.0, where this was fixed as
part of #226.

Each flappserver runs from a "base directory", and uses multiple files within
the basedir to track the services that have been configured. The format of
these files has changed. The flappserver tool in 0.7.0 remains capable of
reading the old format (safely), but will upgrade the basedir to the new
format when you use "flappserver add" to add a new service. Brand new
servers, created with "flappserver create", will use the new format.

The flappserver tool in 0.6.5 (or earlier) cannot handle this new format, and
will believe that no services have been configured. Therefore downgrading to
an older version of Foolscap will require manual reconstruction of the
configured services.

** Major Changes

UnauthenticatedTub has been deprecated, and will be removed in the next
release (0.8.0). This seldom-used feature provides Foolscap's RPC semantics
without any of the security, and was included to enable the use of Foolscap
without depending upon the (challenging-to-install) PyOpenSSL library.
However, in practice, the lack of a solid dependency on PyOpenSSL has made
installation more difficult for applications that *do* want the security, and
UnauthenticatedTub is a footgun waiting to go off. Foolscap's code and
packaging will be simpler without it. (#67)

** Minor Changes

The "git-foolscap" tools, which make it possible to publish and clone Git
repositories over a Foolscap (flappserver) connection, have been moved from
their hiding place in doc/examples/ into their own project, hosted at
https://github.com/warner/git-foolscap . They will also be published on PyPI,
to enable "pip install git-foolscap".

The documentation was converted from Lore to ReStructuredText (.rst). Thanks
to Koblaid for the patient work. (#148)

The connection-hint parser in 0.7.0 has been changed to handle all TCP forms
of Twisted's "Client Endpoint Descriptor" syntax, including the short
"tcp:127.0.0.1:9999" variant. A future version should handle arbitrary
endpoint descriptors (including Tor and i2p, see #203), but this small step
should improve forward compatibility. (#216, #217)


(wiz)
diff -r1.11 -r1.12 pkgsrc/net/py-foolscap/Makefile
diff -r1.3 -r1.4 pkgsrc/net/py-foolscap/PLIST
diff -r1.5 -r1.6 pkgsrc/net/py-foolscap/distinfo
cvs diff -r1.11 -r1.12 pkgsrc/net/py-foolscap/Makefile (expand / switch to context diff)
--- pkgsrc/net/py-foolscap/Makefile 2014/08/17 17:40:04 1.11
+++ pkgsrc/net/py-foolscap/Makefile 2014/10/01 11:43:27 1.12
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.11 2014/08/17 17:40:04 wiz Exp $
+# $NetBSD: Makefile,v 1.12 2014/10/01 11:43:27 wiz Exp $
 
-DISTNAME=	foolscap-0.6.5
-PKGNAME=	${PYPKGPREFIX}-${DISTNAME:S/.tar//}
+DISTNAME=	foolscap-0.7.0
+PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=	net python
 MASTER_SITES=	http://pypi.python.org/packages/source/f/foolscap/
 
@@ -26,11 +26,7 @@
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/doc/*.txt \
 		${DESTDIR}${PREFIX}/share/doc/py-foolscap
-	${INSTALL_DATA} ${WRKSRC}/doc/*.xhtml \
-		${DESTDIR}${PREFIX}/share/doc/py-foolscap
-	${INSTALL_DATA} ${WRKSRC}/doc/*.css \
-		${DESTDIR}${PREFIX}/share/doc/py-foolscap
-	${INSTALL_DATA} ${WRKSRC}/doc/*.tpl \
+	${INSTALL_DATA} ${WRKSRC}/doc/*.rst \
 		${DESTDIR}${PREFIX}/share/doc/py-foolscap
 
 .include "../../lang/python/egg.mk"
cvs diff -r1.3 -r1.4 pkgsrc/net/py-foolscap/PLIST (expand / switch to context diff)
--- pkgsrc/net/py-foolscap/PLIST 2012/05/25 11:22:58 1.3
+++ pkgsrc/net/py-foolscap/PLIST 2014/10/01 11:43:27 1.4
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2012/05/25 11:22:58 gdt Exp $
+@comment $NetBSD: PLIST,v 1.4 2014/10/01 11:43:27 wiz Exp $
 bin/flappclient
 bin/flappserver
 bin/flogtool
@@ -268,16 +268,13 @@
 ${PYSITELIB}/foolscap/vocab.py
 ${PYSITELIB}/foolscap/vocab.pyc
 ${PYSITELIB}/foolscap/vocab.pyo
-share/doc/py-foolscap/copyable.xhtml
-share/doc/py-foolscap/failures.xhtml
-share/doc/py-foolscap/flappserver.xhtml
+share/doc/py-foolscap/copyable.rst
+share/doc/py-foolscap/failures.rst
+share/doc/py-foolscap/flappserver.rst
 share/doc/py-foolscap/jobs.txt
-share/doc/py-foolscap/logging.xhtml
-share/doc/py-foolscap/schema.xhtml
-share/doc/py-foolscap/serializing.xhtml
-share/doc/py-foolscap/stylesheet-unprocessed.css
-share/doc/py-foolscap/stylesheet.css
-share/doc/py-foolscap/template.tpl
+share/doc/py-foolscap/logging.rst
+share/doc/py-foolscap/schema.rst
+share/doc/py-foolscap/serializing.rst
 share/doc/py-foolscap/todo.txt
 share/doc/py-foolscap/use-cases.txt
-share/doc/py-foolscap/using-foolscap.xhtml
+share/doc/py-foolscap/using-foolscap.rst
cvs diff -r1.5 -r1.6 pkgsrc/net/py-foolscap/distinfo (expand / switch to context diff)
--- pkgsrc/net/py-foolscap/distinfo 2014/08/17 17:40:04 1.5
+++ pkgsrc/net/py-foolscap/distinfo 2014/10/01 11:43:27 1.6
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.5 2014/08/17 17:40:04 wiz Exp $
+$NetBSD: distinfo,v 1.6 2014/10/01 11:43:27 wiz Exp $
 
-SHA1 (foolscap-0.6.5.tar.gz) = 5b95b8e97ec1dd54fcfa7daa749b60eb16c1359e
+SHA1 (foolscap-0.7.0.tar.gz) = 1571fc044e3b7f215880a122f657f33f38845164
-RMD160 (foolscap-0.6.5.tar.gz) = df514f312146aca450f8b092b51b9ab2a5c61687
+RMD160 (foolscap-0.7.0.tar.gz) = 0988ce6fb622385738536af44d048b8795a3a274
-Size (foolscap-0.6.5.tar.gz) = 481184 bytes
+Size (foolscap-0.7.0.tar.gz) = 478999 bytes