This applies the following for both WebUI and Daemon:
1. Raised minimal TLS version to TLSv1.2
2. Added specific cipher suite list
3. Added support for ECDSA auth keys
4. Added support for ECDHE key exchange algorithm
We disabled the ability to perform TLS/SSL renegotiation and therefore
will prevent the clients from renegotiating, which can be exploit for
DoS attacks.
New security tests now will be skipped when running `pydef` and `trial`
testenvs. To run the test, use the testenv `security` or add the environment
variable `SECURITY_TESTS` before running the tests. Also should only run when
adding to the commit message the string `SECURITY_TEST`.
Use a sha1 of time.time() can result in identical host_id. This was
evident with Travis tests randomly failing due to host_id collision
returning the wrong host details.
Using uuid4 to generate a random UUID in hex form should fix this issue.
Using the setproctitle module the process name displayed in top
and other places will correctly reflect the binary name. This is an
optional dependency
* Implemented whitelist support to both core and GTK UI.
* Implemented ip filter cleaning before each update. Restarting the deluge
daemon is no longer needed.
* If "check_after_days" is 0(zero), the timer is not started anymore. It would
keep updating one call after the other. If the value changed, the timer is
now stopped and restarted using the new value.
All test were adapted, and some more were added to comply with the new multiuser support in deluge.
Regarding #1814, host entries in the Connection Manager UI are now migrated from the old format were automatic localhost logins were possible, which no longer is.
Passing `-r` to the cli's while also passing `-l` will make the logfile rotate when reaching 5Mb in size. Three backups will be kept at all times.
All deluge's code is now using this new style logging along with the git hosted plugins. For other plugins not hosted by deluge, which still imports `LOG` as the logger, a deprecation warning will be shown explaining the required changes needed to use the new style logging. New plugins created by the `create_plugin` script will use the new logging facilities.
DjLegolas
Doadin
Calum Lind
Calum Lind
Chase Sterling
John Garland
Pedro Algarvio
Damien Churchill
Pedro Algarvio
Andrew Resch