The NetBSD Project

CVS log for pkgsrc/net/py-foolscap/distinfo

[BACK] Up to [] / pkgsrc / net / py-foolscap

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.19 / (download) - annotate - [select for diffs], Wed Mar 13 18:23:35 2019 UTC (2 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4, pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, HEAD
Changes since 1.18: +5 -5 lines
Diff to previous 1.18 (unified)

py-foolscap: updated to 0.13.1

Release 0.13.1

This release adds a minor feature to "flappclient": it now pays attention to
a pair of environment variables named $FOOLSCAP_TOR_CONTROL_PORT and
$FOOLSCAP_TOR_SOCKS_PORT. If set, the client will install a connection
handler that routes "tor:" -type FURLs through a Tor daemon at the given
ports (both of which are endpoint descriptors, e.g. "tcp:localhost:9050").

To use this, install the "tor" extra, like "pip install foolscap[tor]". If
this extra was not installed (e.g. "txtorcon" is not importable), the
environment variables will be ignored.

This release also improves the reliability of the unit test suite
(specifically test_reconnector) on slower systems.

Release 0.13.0

This release fixes compatibility with the latest Twisted-17.9.0 and changes
the way logfiles are encoded.

Foolscap's "flogtool" event-logging system can be configured to serialize log
events into "Incident Files". In previous versions, these were serialized
with the stdlib "pickle" module. However a recent change to Twisted's
"Failure" class made them unpickleable, causing Foolscap's unit test suite to
fail, and also affect applications which foolscap.logging.log.msg() with
Failures as arguments. And untrusted pickles were unsafe to load anyways.

This release replaces pickle with JSON, making it safe to use "flogtool"
utilities on untrusted incident files. All new incident files created by this
version will use JSON, and all tools (e.g. "flogtool dump") can only handle
JSON-based files.

This also resolves a problem with tox-2.9.0, which caused tests to not run at
all because nothing was installed into the test environment.

Revision 1.18 / (download) - annotate - [select for diffs], Sat Oct 7 11:58:09 2017 UTC (3 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.17: +5 -5 lines
Diff to previous 1.17 (unified)

py-foolscap: update to 0.12.7

Release 0.12.7:
This is a minor bugfix release to help Tahoe-LAFS.

It depends upon a newer version of I2P, which should handle Tahoe storage
servers that listen on I2P sockets (the Tahoe executable makes an outbound
connection to the local I2P daemon, however it then accepts inbound TLS
connections on that same socket, which confuses the TLS negotiation because
both sides appear to be "clients", and TLS requires exactly one "client" and
one "server").

It also fixes a minor Tub shutdown behavior to let unit tests work more

Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 18 20:46:34 2017 UTC (4 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.16: +5 -5 lines
Diff to previous 1.16 (unified)

Updated py-foolscap to 0.12.6.

* Release 0.12.6 (12-Jan-2017)

This is a minor release to improve compatibility with Twisted and I2P.

In this release, the Foolscap test suite no longer uses several deprecated
and/or internal Twisted attributes, so it should pass cleanly on the next
release of Twisted (which will probably be named Twisted-17.0.0).

In addition, the I2P connection handler was enhanced to let applications pass
arbitrary kwargs through to the underlying "SAM" API.

Finally connection-status error messages should be slightly cleaner and
provide more useful information in the face of unrecogized exceptions.

Revision 1.16 / (download) - annotate - [select for diffs], Mon Dec 12 14:27:39 2016 UTC (4 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.15: +5 -5 lines
Diff to previous 1.15 (unified)

Updated py-foolscap to 0.12.5.

* Release 0.12.5 (07-Dec-2016)

** Connection Status Reporting

This release adds an object named `ConnectionInfo`, which encapsulates
information about a connection (both progress while being established, and
the outcome once connected). This includes which connection hint was
successful, what happened with the other hints, which handlers were used for
each, and when the connection was made or lost. To get one of these, use
`tub.getConnectionInfoForFURL(furl)` any time after `getReference()` is
called, or `rref.getConnectionInfo()` after it resolves.  #267

It also adds `ReconnectionInfo`, a similar object for Reconnectors. These
capture the state of reconnection process (trying, established, waiting), and
will provide a `ConnectionInfo` for the most recent (possibly successful)
connection attempt. The API is `reconnector.getReconnectionInfo()`.  #268

For details, see "Connection Progress/Status" and "Reconnector Status" in

** Connection Handler API Changes

To support `ConnectionInfo`, the Connection Handler API was changed.

The one backwards-incompatible change was that the `hint_to_endpoint()`
method now takes a third argument, to update the status as the handler makes
progress. External handler functions will need to be modified to accept this
new argument, and applications which use them should declare a dependency
upon the latest Foolscap version, to avoid runtime breakage.

Several backwards-compatible changes were made too: handlers can provide a
`describe()` method (which feeds `ConnectionInfo.connectionHandlers`), and
they can now set a special attribute on any exception they raise, to further
influence the status string.

In addition, the `tor.control_endpoint_maker()` handler now accepts an
optional second argument, which causes the maker function to be called with a
additional `update_status` argument. This backwards-compatible change allows
the maker function to influence the `ConnectionInfo` status too.

The Tor connection handler was enhanced to report distinct statuses for the
different phases of connection: launching a new copy of Tor, connecting to an
existing Tor daemon, etc.

** Minor Fixes

Foolscap-0.12.0 broke `flappserver create`, causing the command to hang
rather than exiting cleanly (although the flappserver directory itself was
probably created properly). This release finally fixes it.  #271

Revision 1.15 / (download) - annotate - [select for diffs], Wed Oct 19 12:54:04 2016 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.14: +5 -5 lines
Diff to previous 1.14 (unified)

Updated py-foolscap to 0.12.4.

* Release 0.12.4 (27-Sep-2016)

** Improvements

The TCP connection-hint handler can now accept square-bracket-wrapped IPv6
addresses in colon-hex format. You can produce FURLs with such hints by doing


Foolscap Tubs have been using the IPv6-capable `HostnameEndpoint` since
0.11.0, so this completes the IPv6 support. Note that there are no provisions
for automatically detecting the host's IPv6 addresses: applications that wish
to use addresses (instead of hostnames) must discover those addresses on
their own. #155

A new `tor.control_endpoint_maker()` handler function was added, which is
just like `tor.control_endpoint()` but accepts a callable function, which
will be invoked only when a `tor:` hint is encountered. The function can
return a Deferred which yields the control endpoint. This allows lazy
launching of a Tor daemon, which can also be shared with other application
needs, such as listening on an Onion service.  #270

Revision 1.14 / (download) - annotate - [select for diffs], Sun Sep 4 09:28:18 2016 UTC (4 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.13: +5 -5 lines
Diff to previous 1.13 (unified)

Updated py-foolscap to 0.12.3.

* Release 0.12.3 (01-Sep-2016)

** Improvements

The `tor.socks_port()` handler was replaced by `tor.socks_endpoint()`, which
takes an Endpoint object (just like `tor.control_endpoint()` does). This
enables applications to speak SOCKS to the Tor daemon over e.g. a Unix-domain
socket. The `tor.socks_port()` API was removed, so applications using it must
upgrade. #265

The `allocate_tcp_port()` utility function would occasionally return ports
that were in use by other applications, when those applications bound their
own port to the loopback interface ( allocate_tcp_port should no
longer do this.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Sep 1 16:54:32 2016 UTC (4 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.12: +5 -5 lines
Diff to previous 1.12 (unified)

Updated py-foolscap to 0.12.2.

* Release 0.12.2 (28-Aug-2016)

** Improved Tor Connection Handler

The `tor.control_endpoint` connection handler now properly handles the
config.SocksPort response provided by the debian Tor daemon (and possibly
others), which included a confusing unix-domain socket in its response.

The `tor.socks_port` handler was changed to accept both hostname and port
number. Using anything but "localhost" or "" is highly discouraged,
as it would reveal your IP address to (possibly hostile) external hosts. This
change was made to support applications (e.g. Tahoe-LAFS) which accept
endpoint strings to configure socks_port, but then parse them and reject
anything but TCP endpoints (to match Foolscap's current limitations). Such
applications ought to warn their users to use only localhost.

* Release 0.12.1 (20-Aug-2016)

** Connection Handlers for SOCKS, Tor, I2P

Foolscap now includes importable connection handlers for SOCKS(5a), Tor, and
I2P. #242, #246, #261

These handlers require additional supporting libraries, so they must be
imported separately, and a setuptools "extra feature" declaration must be
used to ask for the supporting libs. For example, applications which want to
use `tor:` hints (on a host with a Tor daemon running) should have a


and the Tub setup code should do:

  from foolscap.connections import tor
  tub.addConnectionHintHandler("tor", tor.default_socks())

Full examples and docs are available in docs/connection-handlers.rst.

The default connection-negotiation timeout was increased from 60s to 120s, to
accomodate tor/i2p daemon startup times.

* Release 0.12.0 (20-Jul-2016)

** API changes: no more automatic configuration

Foolscap has moved from automatic listener configuration (randomly-allocated
TCP ports, automatically-determined IP address) to using more predictable
manual configuration. In our experience, the automatic configuration only
worked on hosts which had external IP addresses, which (sadly) is not the
case for most computers attached to the modern internet. #252

Applications must now explicitly provide Foolscap with port numbers (for
Tub.listenOn) and hostnames (for Tub.setLocation). Applications are
encouraged to give users configuration controls to teach Foolscap what
hostname and port number it should advertise to external hosts in the FURLs
it creates. See for ideas.

The specific API changes were:

- Tub.setLocationAutomatically() has been deprecated
- Listener.getPortnum() has been deprecated
- calling Tub.listenOn("tcp:0") is also deprecated: callers should allocate a
  port themselves (the foolscap.util.allocate_tcp_port utility function,
  which does not block, has been added for this purpose).

Foolscap tools like "flappserver create" and "flogtool create-gatherer" will
no longer try to deduce their external IP address in an attempt to build
externally-reachable FURLs, and will no longer accept "tcp:0" as a listening
port (they now default to specific port numbers). Instead, they have
--location= and --port arguments. The user must provide '--location' with a
connection-hint string like '' (which is put
into the server's FURLs). This must match the corresponding '--port'
argument, if provided.

- for all tools, if '--port' is provided, it must not be tcp:0
- 'flappserver create' now requires --location, and '--port' defaults to
- 'flogtool create-gatherer' requires --location, default port is tcp:3117
- 'flogtool create-incident-gatherer' does too, default is tcp:3118

For backwards-compatibility, old flappservers will have "tcp:0" written into
their "BASEDIR/port" file, and an empty string in "BASEDIR/location": these
must then be edited to allow the flappserver to start. For example, write
"tcp:12345" into "BASEDIR/port" to assign a portnumber, and
"tcp:HOSTNAME:12345" into "BASEDIR/location" to expose it in the generated

** Other API changes

Tub.listenOn() now takes a string or an Endpoint (something that implements
twisted.internet.interfaces.IStreamServerEndpoint). This makes it possible to
listen on non-IPv4 sockets (e.g. IPv6-only sockets, or unix-domain sockets,
or more exotic endpoints), as long as Tub.setLocation() is set to something
which the other end's connection handlers can deal with. #203 #243

The "DefaultTCP" handler (which manages normal "tcp:HOST:PORT" connection
hints) has been moved to foolscap.connections.tcp . This makes room for new
Tor/I2P/SOCKS handlers to live in e.g. foolscap.connections.tor . #260

Connection handlers are now allowed to return a Deferred from
hint_to_endpoint(), which should make some handlers easier to write. #262

Note that RemoteReference.notifyOnDisconnect() will be deprecated in the next
release (once all internal uses have been removed from Foolscap).
Applications should stop using it as soon as possible. #42 #140 #207

** Compatibility Changes

This release removes support for the old (py2.4) "sets" module. This was
retained to support applications which were trying to maintain py2.4
compatibility, but it's been so long since this was necessary, it's time to
remove it.

** Other Changes

The internal `allocate_tcp_port()` function was fixed: unexpected kernel
behavior meant that sometimes it would return a port that was actually in
use. This caused unit tests to fail randomly about 5% of the time. #258

IPv6 support is nearly complete: listening on a plain TCP port will typically
accept connections via both IPv4 and IPv6, and the DefaultTCP handler will do
a hostname lookup that can use both A and AAAA records. So as long as your
server has a DNS entry that points at its IPv6 address, and you provide the
hostname to Tub.setLocation(), Foolscap will connect over IPv6. There is one
piece missing for complete support: the DefaultTCP connection handler must be
modified to accept square-bracketed numeric IPv6 addresses, for rare
situations where the host has a known (stable) IPv6 address, but no DNS name.

Revision 1.12 / (download) - annotate - [select for diffs], Wed Apr 13 18:19:49 2016 UTC (5 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.11: +5 -5 lines
Diff to previous 1.11 (unified)

Update py-foolscap to 0.11.0.

* Release 0.11.0 (23-Mar-2016)

** Packaging Fixes

Foolscap now declares a dependency on "twisted[tls]" instead of just
"twisted": the "[tls]" extra means "we need Twisted and its TLS support".
That's how we ask for Twisted to depend upon service_identity and other
supporting packages. By using "[tls]", we no longer need to manually depend
upon service_identity ourselves. If Twisted switches to some other scheme for
TLS support, this will correctly ask for that to be included. (#249)

Note that we still depend on pyOpenSSL ourselves, because we need its code to
control certificate validation (if Twisted actually moved away from pyOpenSSL
for TLS, Foolscap might break altogether).

The Twisted dependency was updated to >=16.0.0 (the current version), to get
an important HostnameEndpoint fix (#155).

The "flogtool", "flappserver", and "flappclient" executables are now provided
as "entry_points" on all platforms, not just windows. The old bin/* scripts
have been removed. The "flogtool" entrypoint was fixed (a one-character typo
in the specification): apparently it was always broken on windows
and nobody noticed.

We now use "tox" to run tests, instead of "trial foolscap", although the
latter is still fine when run in a virtualenv into which Foolscap has been
installed (and is what "tox" does under the hood).

This release also moves all source code from "foolscap/" to "src/foolscap/",
which should avoid some confusion as to which code is being tested.
Developers who work from a git checkout should manually "rm -rf foolscap"
after pulling this change, because otherwise the leftover .pyc files are
likely to cause spurious test failures. (#250, #251)

** partial IPv6 support

Foolscap's outbound connections now use HostnameEndpoint, which means that
connection hints which contain DNS names which map to AAAA (and maybe A6)
records should successfully connect to those IPv6 addresses. There is not yet
any support to *listen* on IPv6 ports, so this probably does not enable IPv6
completely. But a client running this release may be able to connect to
server running some future IPv6-capable release and advertising v6-based
hostnames. (#155)

Revision 1.11 / (download) - annotate - [select for diffs], Mon Feb 1 11:58:19 2016 UTC (5 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1
Changes since 1.10: +5 -5 lines
Diff to previous 1.10 (unified)

Update to 0.10.1:

* Release 0.10.1 (21-Jan-2015)

** Packaging Fixes

This release fixes a version-string management failure when the "log
publisher" feature was used in a tree built from a release tarball (rather
than from a git checkout). This caused a unit test failure, as well as
operational failures when using `flogtool tail`. Thanks to Ramakrishnan
Muthukrishnan (vu3rdd) for the catch and the patch. (#248)

Revision 1.10 / (download) - annotate - [select for diffs], Mon Jan 18 23:03:03 2016 UTC (5 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.9: +5 -5 lines
Diff to previous 1.9 (unified)

Update py-foolscap to 0.10.0:

* Release 0.10.0 (15-Jan-2015)

** Compatibility Fixes

This release is compatible with Twisted-15.3.0 through 15.5.0. A change in
15.3.0 triggered a bug in Foolscap which produced a somewhat-infinite series
of log messages when run under `twistd`. This release fixes that bug, and
slightly changes the semantics of calling `log.msg()` with additional
parameters. (#244)

Foolscap no longer claims compatibility with python-2.6.x . Twisted-15.5.0
was the last release to offer 2.6 support, and subsequent releases actively
throw errors when run against 2.6, so we've turned off Foolscap's automated
testing for 2.6. It may remain compatible by accident for a while. (#245)

Revision 1.9 / (download) - annotate - [select for diffs], Wed Nov 4 00:35:30 2015 UTC (5 years, 7 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (unified)

Add SHA512 digests for distfiles for net category

Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.8 / (download) - annotate - [select for diffs], Wed Sep 30 19:24:35 2015 UTC (5 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.7: +4 -4 lines
Diff to previous 1.7 (unified)

Update to 0.9.1:

* Release 0.9.1 (21-Sep-2015)

Point release to deal with PyPI upload problems. No code changes.

* Release 0.9.0 (21-Sep-2015)

** Plugins for Connection Handlers (#236)

New types of connection hints can now be used, by installing a suitable
connection handler into the Tub. These hints could point to I2P servers or
Tor hidden-service (.onion) addresses. The built-in TCP handler can be
replaced entirely to protect a client's IP address by routing all connections
through Tor. Implementation of these plugins are left as exercise for the
reader: Foolscap only provides the built-in "DefaultTCP" handler. See
doc/connection-handlers.rst for details.

** Shared Listeners are removed (#239)

Until this version, it was possible to create a single Listener that serviced
multiple Tubs (by passing the Listener returned from `l=tubA.listenOn(where)`
into `tubB.listenOn(l)`). This seemed useful a long time ago, but in fact was
not, and the implementation caused irreparable problems that were exposed
while testing the new connection handlers. So support for shared Listeners
has been removed: Tubs can still use multiple Listeners, but each Listener
now services at most one Tub. In particular, `Tub.listenOn()` now only
accepts a string, not a Listener instance.

Note that relays and redirects are still on the roadmap, but neither feature
requires sharing a Listener between multiple local Tubs.

** Extended-Form Connection Hints are removed

Support for extended-form connection hints has been removed. These were hints
with explicit key names like "", or
"". They were added in the 0.7.0 release, but since
then we've realized that this is power that should not be granted to external
FURL providers.

The parser now only accepts "" and "".
Foolscap has never particularly encouraged applications to call
Tub.setLocation() with anything other than these two forms, so we do not
expect any compatibility problems.

** Option to Disable Gifts (#126)

"Gifts", more precisely known as "third-party reference introductions", occur
when one Tub sends you a message that includes a reference to some object on
a third Tub. This allows references to be passed around transparently,
without regard to which Tub they live on (yours, mine, or theirs), but allows
other Tubs to cause you to create network connections to hosts and ports of
their choosing. If this bothers you, the new `tub.setOption("accept-gifts",
False)` option instructs your Tub to reject these third-party references,
causing the calls that used them to signal a Violation error instead.

** Unreachable Tubs now fully supported (#208)

Unreachable "client-only" Tubs can be created by simply not calling either
`tub.listenOn()` nor `tub.setLocation()`. These Tubs can make outbound
connections, but will not accept inbound ones. `tub.registerReference()` will
throw an error, and Gifts delivered to third parties will not work.

Previous versions suggested using `tub.setLocation("")`: this is no longer

** new util.allocate_tcp_port() function

To support a future deprecation of `Tub.listenOn("tcp:0")`, the new
allocate_tcp_port() function was added to return (synchronously) a
currently-unused TCP port integer. This can be used during app configuration
to decide on a listening port, which can then be passed into
`Tub.listenOn("tcp:%d" % portnum)`. This may allow Tub.setLocation() to be
called *before* the reactor is started, simplifying application startup code
(this also requires a suitable hostname or IP address, which is a separate

** Packaging/Dependency Changes

Foolscap now requires Twisted 10.1.0 or newer, to use Endpoints and
connection handler plugins.

Foolscap's logging system (specifically the twisted-to-foolscap bridge) is
now compatible with Twisted-15.2.0. The previous version had problems with
the new contents of twisted.logger's "eventDict" objects. (#235)

Revision 1.7 / (download) - annotate - [select for diffs], Sun Apr 19 18:22:00 2015 UTC (6 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (unified)

Update to 0.8.0:

* Release 0.8.0 (15-Apr-2015)

** UnauthenticatedTub is gone

As announced in the previous release, UnauthenticatedTub has been removed.
All Tubs are fully authenticated now.

** Security Improvements

Foolscap now generates better TLS certificates, with 2048-bit RSA keys and
SHA256 digests. Previous versions used OpenSSL's defaults, which typically
meant 1024-bit MD5.

To benefit from the new certificates, you must regenerate your Tubs, which
means creating new FURLs (with new TubIDs). Previously-created Tubs will
continue to work normally: only new Tubs will be different.

** Packaging/Dependency Changes now requires setuptools

Foolscap now requires pyOpenSSL unconditionally, because all Tubs are

We now recommend "pip install ." to install Foolscap and all its
dependencies, instead of "python install". See #231 for details.

Revision 1.6 / (download) - annotate - [select for diffs], Wed Oct 1 11:43:27 2014 UTC (6 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.5: +4 -4 lines
Diff to previous 1.5 (unified)

Update to 0.7.0:

* Release 0.7.0 (23-Sep-2014)

** Security Fixes

The "flappserver" feature was found to have a vulnerability in the
service-lookup code which, when combined with an attacker who has the ability
to write files to a location where the flappserver process could read them,
would allow that attacker to obtain control of the flappserver process.

Users who run flappservers should upgrade to 0.7.0, where this was fixed as
part of #226.

Each flappserver runs from a "base directory", and uses multiple files within
the basedir to track the services that have been configured. The format of
these files has changed. The flappserver tool in 0.7.0 remains capable of
reading the old format (safely), but will upgrade the basedir to the new
format when you use "flappserver add" to add a new service. Brand new
servers, created with "flappserver create", will use the new format.

The flappserver tool in 0.6.5 (or earlier) cannot handle this new format, and
will believe that no services have been configured. Therefore downgrading to
an older version of Foolscap will require manual reconstruction of the
configured services.

** Major Changes

UnauthenticatedTub has been deprecated, and will be removed in the next
release (0.8.0). This seldom-used feature provides Foolscap's RPC semantics
without any of the security, and was included to enable the use of Foolscap
without depending upon the (challenging-to-install) PyOpenSSL library.
However, in practice, the lack of a solid dependency on PyOpenSSL has made
installation more difficult for applications that *do* want the security, and
UnauthenticatedTub is a footgun waiting to go off. Foolscap's code and
packaging will be simpler without it. (#67)

** Minor Changes

The "git-foolscap" tools, which make it possible to publish and clone Git
repositories over a Foolscap (flappserver) connection, have been moved from
their hiding place in doc/examples/ into their own project, hosted at . They will also be published on PyPI,
to enable "pip install git-foolscap".

The documentation was converted from Lore to ReStructuredText (.rst). Thanks
to Koblaid for the patient work. (#148)

The connection-hint parser in 0.7.0 has been changed to handle all TCP forms
of Twisted's "Client Endpoint Descriptor" syntax, including the short
"tcp:" variant. A future version should handle arbitrary
endpoint descriptors (including Tor and i2p, see #203), but this small step
should improve forward compatibility. (#216, #217)

Revision 1.5 / (download) - annotate - [select for diffs], Sun Aug 17 17:40:04 2014 UTC (6 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (unified)

Update to 0.6.5:

* Release 0.6.5 (12-Aug-2014)

** Compatibility Fixes

This release is compatible with Twisted-14.0.0.

Foolscap no longer claims compatability with python-2.4.x or 2.5.x . These
old versions might still work, but there are no longer automated tests to
ensure this. Future versions will almost certainly *not* work with anything
older than python-2.6.x . Foolscap remains incompatible with py3, sorry.

** Forward Compatibility

When parsing FURLs, the connection hints can now use TCP sockets described
with the Twisted Endpoints syntax (e.g. "tcp:host="), in
addition to the earlier host:port "" form. Foolscap-0.6.5
ignores any hint that is not in one of these two forms. This should make it
easier to introduce new hint types in the future.

** Minor Changes

The "ChangeLog" file is no longer updated.

Violation reports now include the method name. (#201)

The "flappserver" tool explicitly rejects unicode input, rather than
producing hard-to-diagnose errors later. (#209)

Revision 1.4 / (download) - annotate - [select for diffs], Tue Aug 21 23:43:46 2012 UTC (8 years, 9 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.3: +4 -4 lines
Diff to previous 1.3 (unified)

Update to 0.6.4.

* Release 0.6.4 (18-Jun-2012)

** Minor Changes

The unreliable 'extras_require' property in, which allowed other
python programs to declare a dependency on foolscap's "secure_connections"
feature, was removed. See README.packagers for alternate instructions. (#174)

'flogtool' log-dumping commands (dump, tail, web-viewer) now accept a
consistent --timestamps= argument to control how event times are displayed
(UTC, local, seconds-since-epoch, etc). (#192, #193)

Certain invalid "location" strings (accepted by Tub.setLocation and put into
FURLs) are rejected earlier, and with better error messages. The error
message produced when 'flogtool dump' is given a FURL-file (instead of an
event log file) has been improved.

The Incident Gatherer will tolerate incident-file errors better, fetching
remaining incidents instead of halting. (#190)

The git-over-foolscap tools were cleaned up, and the documentation was
brought into line with the implementation. (#197)

Other minor bugs were fixed: #179, #191, #194, #195, #196

Revision 1.3 / (download) - annotate - [select for diffs], Fri May 25 11:22:58 2012 UTC (9 years ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.2: +4 -4 lines
Diff to previous 1.2 (unified)

Update to 0.6.3.  Note that 0.6.1 really does not work with Twisted in

* Release 0.6.3 (05-Jan-2012)

** Compatibility Fixes

This release really is compatible with Twisted-11.1.0 . The previous Foolscap
release (0.6.2), despite the changes described below, suffered mild
incompatibilites with the new TLS code in the final Twisted-11.1.0 release.
The most common symptom is a DirtyReactorError in unit tests that use
Tub.stopService() in their tearDown() method (to coordinate shutdown and
cleanup). Another symptom is tests overlapping with one another, causing
port-already-in-use errors.

This incompatibility did not generally affect normal operation, but only
impacted unit tests.

** Other Changes

The Debian packaging tools in misc/ were removed, as they were pretty stale.
These days, both Debian and Ubuntu make their own Foolscap packages.

* Release 0.6.2 (15-Oct-2011)

** Compatibility Fixes

Foolscap-0.6.2 will be compatible with future versions of Twisted (>11.0.0).
The 0.6.1 release will not: a TLS change went into Twisted trunk recently
(after the 11.0.0 release) which broke Foolscap 0.6.1 and earlier.

This release also fixes a minor incompatibility with newer versions of
OpenSSL (0.9.8o was ok, 1.0.0d was not), which caused errors in the test
suite (but normal runtime operation) on e.g. Ubuntu 11.10 "Oneiric".

** Git-Over-Foolscap Tools

The doc/examples/ directory contains two executables (git-foolscap and
git-remote-pb) which, when placed in your $PATH, make it easy to use Foolscap
to access a Git repository. These use the flappserver/flappclient tools and
let you build a FURL that provides read-only or read-write access to a single
repository. This is somewhat like providing SSH access to a repo, but with a
much smaller scope: the client will only be able to manipulate the one
repository, and gets no other authority on the target system. See the tool's
inline comments for usage instructions.

** Minor Fixes

Using 'flappserver upload-file FILE1 FILE2 FILE3..' (with three or more
files) now correctly uploads all files: previously it only managed to upload
the first and last.

'flappserver' argument handling was improved slightly. A workaround was added
to handle a Twisted stdio-closing bug which affected flappserver's
run-command function and broke the git-foolscap tool. Several changes were
made for the benefit of Windows: log filenames all use hyphens (not colons),
log filtering tools tolerate the lack of atomic-rename filesystem operations,
and some unixisms in the test suite were removed.

The Tub.setLogGathererFURL() method can now accept a list (iterable) of log
gatherer FURLs, not just a single one.

Revision 1.2 / (download) - annotate - [select for diffs], Sat Jan 29 15:46:58 2011 UTC (10 years, 4 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1
Changes since 1.1: +4 -4 lines
Diff to previous 1.1 (unified)

Update to 0.6.1, triggered by pending tahoe-lafs 1.8.2 which will
require this.

* Release 0.6.1 (16-Jan-2011)

** Minor Fixes

The old "sets" module is no longer imported without wrapping the import in a
DeprecationWarning suppressor. We still import it from slicers.set for
compatibility with older code, but that import will not produce a warning.
This should make Foolscap quieter when used with Python 2.6 or later.

A new RemoteReference method named getDataLastReceivedAt() was added, which
will tell you when data was most recently received on the connection
supporting that reference. This can be compared against time.time() to see
how "live" the connection is. For performance reasons, this is only enabled
when keepalives are turned on, otherwise it returns None. (#169)

Some unreachable code was removed. (#165)

* Release 0.6.0 (28-Dec-2010)

** API Changes

*** "foolscap.api" now mandatory

The old import names from foolscap/ have been removed, finishing
the transition begun with 0.5.0 . Applications must now import Tub,
Referenceable, and so on from "foolscap.api". (#122)

** Compatibility Fixes

Foolscap-0.6.0 is compatible with Twisted-10.2 (released 29-Nov-2010). The
0.5.1 release was not: pb.Listener was depending upon the behavior of an
internal Twisted function that changed, causing an AttributeError in
"StreamServerEndpointService". This is fixed, but the code is still using an
undocumented internal attribute to handle port=0 which will need to be
replaced eventually. (#167)

The first unit test ("test__versions") spuriously failed against Twisted-10.1
and 10.2, mistakenly believing that 10.1 was older than 8.1.0 due to a
lexicographic comparison that should have been numeric.

** Other Changes

Incident filenames are now like "2008-08-22--16:20:28Z.flog" which are in UTC
and mostly ISO-8601 format (the real ISO-8601 would use "_" instead of "--").
This is also used for log-gatherer filenames. (#111)

The logging code now honors FLOGLEVEL= when using FLOGTOTWISTED=1; previously
FLOGLEVEL= was ignored when deciding which log events should be bridged to
the twisted logger. (#154)

Some minor packaging bugs were fixed.

Revision / (download) - annotate - [select for diffs] (vendor branch), Fri Jul 23 21:45:52 2010 UTC (10 years, 10 months ago) by gdt
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (unified)

Import py26-foolscap-0.5.1 as net/py-foolscap.

This is a ground-up rewrite of Perspective Broker, which itself is Twisted's
native RPC/RMI protocol (Remote Procedure Call / Remote Method Invocation).
If you have control of both ends of the wire, and are thus not constrained to
use some other protocol like HTTP/XMLRPC/CORBA/etc, you might consider using

Fundamentally, Foolscap allows you to make a python object in one process
available to code in other processes, which means you can invoke its methods
remotely. This includes a data serialization layer to convey the object
graphs for the arguments and the eventual response, and an object reference
system to keep track of which objects you are connecting to. It uses a
capability-based security model, such that once you create a non-public
object, it is only accessible to clients to whom you've given the
(unguessable) FURL. You can of course publish world-visible objects that
have well-known FURLs.

Revision 1.1 / (download) - annotate - [select for diffs], Fri Jul 23 21:45:52 2010 UTC (10 years, 10 months ago) by gdt
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>