This applies the following for both WebUI and Daemon:
1. Raised minimal TLS version to TLSv1.2
2. Added specific cipher suite list
3. Added support for ECDSA auth keys
4. Added support for ECDHE key exchange algorithm
We disabled the ability to perform TLS/SSL renegotiation and therefore
will prevent the clients from renegotiating, which can be exploit for
DoS attacks.
New security tests now will be skipped when running `pydef` and `trial`
testenvs. To run the test, use the testenv `security` or add the environment
variable `SECURITY_TESTS` before running the tests. Also should only run when
adding to the commit message the string `SECURITY_TEST`.
Add CSS background position and size for sidebar icons.
Without this change tracker icons that are too big, render as too big.
This restrains them to fit into the sidebar list item.
If the torrent_id argument received in the pause or resume methods is not a string, the methods execute with the un-parsed input and then with parsed input on a second call. A key error exception is thrown from the first call, and the second call succeeds.
Likely that the deprecation warning from cryptography is causing the
setup.py sphinx build command to return an error so the tox/travis job
is marked as failing. Changing to calling the sphinx-build command
directly solves this.
Also updated the sphinx config for built-in napoleon and faster builds
using jobs option.
Floor division will return a float if a float is provided so ensure int
when dividing by the stop_ratio. All other status values from libtorrent
are ints.
Added tests.
As of twisted 16.7.0, `twisted.web.client.HTTPDownloader` have been
marked as deprecated.
This caused the tests results to show many lines of warnings about it.
This refactor uses `twisted.web.client.Agent`, as suggested by Twisted.
- Replace usage of single char variable.
- Use max function to prevent negate lengths when calculating trim.
- Remove usage of insstr as the addstr exception when writing offscreen is
excpected behaviour so needs caught and passed. This fixes a similar
error with insstr.
The following error occured on Windows when switching to using HTTPS
url with Twisted Agent:
```
<class 'twisted.web._newclient.ResponseNeverReceived'>: [<twisted.python.failure.Failure OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]>
```
The fix is to install certifi and provide the path to the trust store as
env var for OpenSSL to pick up.
Also includes a simplication of the core test_listen_port code.
The usual minor fixes for unicode/bytes for library calls.
The minimum Twisted version is now 16 for Python 3 support so remove old
code and start replacing deprecated methods.
Raised the minimum TLS version to 1.2 for the web server.
* In Py3 base64.encodestring is deprecated so rather than use the
Py3 only encodebytes instead use b64encode. The other advantage is
that with issue a consistent TypeError is raised that we can catch.
Will the change to deluge.svg all the icons need recreated. I also
updated the script to losslessly compress the png files with zopflipng.
hicolor theme changes:
- Added a 512px icon.
- Added a deluge-panel.png for systray theming.
Added extra webui icons and updated index.html to use them
correctly.
Trying to connect to daemon B while still connected to A will cause
the torrents from A to be shown after connecting to B.
Therefor, checking if connected to any daemon before connecting to B.