From noreply at github.com Wed May 1 00:10:00 2019 From: noreply at github.com (Chris Wilson) Date: Tue, 30 Apr 2019 16:10:00 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 11efb4: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 11efb49a1c98601b68b77b6b906e5f2c21bc04ee https://github.com/boxbackup/boxbackup/commit/11efb49a1c98601b68b77b6b906e5f2c21bc04ee Author: Chris Wilson Date: 2019-04-30 (Tue, 30 Apr 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 00:16:56 2019 From: noreply at github.com (Chris Wilson) Date: Tue, 30 Apr 2019 16:16:56 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 421481: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 4214812158054c44ac0e2bf0de87070057a1aa35 https://github.com/boxbackup/boxbackup/commit/4214812158054c44ac0e2bf0de87070057a1aa35 Author: Chris Wilson Date: 2019-04-30 (Tue, 30 Apr 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 20:07:27 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 12:07:27 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 5980d0: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 5980d08b4d85997eea782674b07504a6275b3016 https://github.com/boxbackup/boxbackup/commit/5980d08b4d85997eea782674b07504a6275b3016 Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 21:21:38 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 13:21:38 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] f84644: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: f84644a06fdd24913cc4c2af645fdc64092570e5 https://github.com/boxbackup/boxbackup/commit/f84644a06fdd24913cc4c2af645fdc64092570e5 Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 22:00:21 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 14:00:21 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] bd766e: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: bd766e76cae8c854b53d2a74fb25276aa67c35d5 https://github.com/boxbackup/boxbackup/commit/bd766e76cae8c854b53d2a74fb25276aa67c35d5 Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 22:32:20 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 21:32:20 +0000 (UTC) Subject: [Box Backup-commit] [boxbackup/boxbackup] 74cfa2: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 74cfa224ca0d84ebb388f87c3a327e2aaab0591a https://github.com/boxbackup/boxbackup/commit/74cfa224ca0d84ebb388f87c3a327e2aaab0591a Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 22:38:14 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 21:38:14 +0000 (UTC) Subject: [Box Backup-commit] [boxbackup/boxbackup] cb3be2: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: cb3be2c23a2049b17c99e8220c41f10c090d2c91 https://github.com/boxbackup/boxbackup/commit/cb3be2c23a2049b17c99e8220c41f10c090d2c91 Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Wed May 1 23:34:45 2019 From: noreply at github.com (Chris Wilson) Date: Wed, 01 May 2019 15:34:45 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] eb787c: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: eb787c7484c9b6227f3ec78f7b929bbc48b06b3b https://github.com/boxbackup/boxbackup/commit/eb787c7484c9b6227f3ec78f7b929bbc48b06b3b Author: Chris Wilson Date: 2019-05-01 (Wed, 01 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Fri May 3 22:38:52 2019 From: noreply at github.com (Chris Wilson) Date: Fri, 03 May 2019 14:38:52 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] d879d3: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: d879d34347f750ff29ac5c484ee9dc14c5f7d84f https://github.com/boxbackup/boxbackup/commit/d879d34347f750ff29ac5c484ee9dc14c5f7d84f Author: Chris Wilson Date: 2019-05-03 (Fri, 03 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Sun May 5 06:52:53 2019 From: noreply at github.com (Chris Wilson) Date: Sat, 04 May 2019 22:52:53 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 559e3b: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 559e3b38cb262888fe28fb4fa81d2001bdc0279d https://github.com/boxbackup/boxbackup/commit/559e3b38cb262888fe28fb4fa81d2001bdc0279d Author: Chris Wilson Date: 2019-05-05 (Sun, 05 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP Commit: 013f11dcba234584a0f658a3f084c4f16ef3ade7 https://github.com/boxbackup/boxbackup/commit/013f11dcba234584a0f658a3f084c4f16ef3ade7 Author: Chris Wilson Date: 2019-05-05 (Sun, 05 May 2019) Changed paths: M lib/server/ServerTLS.h Log Message: ----------- Merge branch 'fix_debian_907135_ssl_key_size' of github.com:boxbackup/boxbackup into fix_debian_907135_ssl_key_size Compare: https://github.com/boxbackup/boxbackup/compare/d879d34347f7...013f11dcba23 From noreply at github.com Thu May 9 22:48:53 2019 From: noreply at github.com (Chris Wilson) Date: Thu, 09 May 2019 14:48:53 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 655d62: CMake buildsystem: configure files after all varia... Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 655d62b2fd9172846ef59ca6546f5dad72f1f37a https://github.com/boxbackup/boxbackup/commit/655d62b2fd9172846ef59ca6546f5dad72f1f37a Author: Chris Wilson Date: 2019-05-09 (Thu, 09 May 2019) Changed paths: M infrastructure/cmake/CMakeLists.txt Log Message: ----------- CMake buildsystem: configure files after all variables are known Commit: b9ebc0046263ef1d80d4441c1ade63feb1bb05e2 https://github.com/boxbackup/boxbackup/commit/b9ebc0046263ef1d80d4441c1ade63feb1bb05e2 Author: Chris Wilson Date: 2019-05-09 (Thu, 09 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP Compare: https://github.com/boxbackup/boxbackup/compare/013f11dcba23...b9ebc0046263 From noreply at github.com Sun May 12 22:28:20 2019 From: noreply at github.com (Chris Wilson) Date: Sun, 12 May 2019 14:28:20 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 1e1e14: SSL securitylevel WIP Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup Commit: 1e1e14787d00732bab47e711275e9f8541dd9d77 https://github.com/boxbackup/boxbackup/commit/1e1e14787d00732bab47e711275e9f8541dd9d77 Author: Chris Wilson Date: 2019-05-12 (Sun, 12 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerStream.h M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-FileEncKeys.raw A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/accounts.txt A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- SSL securitylevel WIP From noreply at github.com Mon May 13 21:19:42 2019 From: noreply at github.com (Chris Wilson) Date: Mon, 13 May 2019 13:19:42 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] c12fef: OpenSSL: detect SSL_CTX_set_security_level and fri... Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_merge Home: https://github.com/boxbackup/boxbackup Commit: c12feffd8a044bc3add241d0939699ce443288c3 https://github.com/boxbackup/boxbackup/commit/c12feffd8a044bc3add241d0939699ce443288c3 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 Log Message: ----------- OpenSSL: detect SSL_CTX_set_security_level and friends Needed to enable the new SSLSecurityLevel option only when building with a recent enough OpenSSL that supports it. From noreply at github.com Mon May 13 23:36:55 2019 From: noreply at github.com (Chris Wilson) Date: Mon, 13 May 2019 15:36:55 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] e0a146: Configuration: add a variant of GetKeyValueInt tha... Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_merge Home: https://github.com/boxbackup/boxbackup Commit: e0a1463227fb35a608d52407180277380c00f859 https://github.com/boxbackup/boxbackup/commit/e0a1463227fb35a608d52407180277380c00f859 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Configuration.cpp M lib/common/Configuration.h Log Message: ----------- Configuration: add a variant of GetKeyValueInt that has a default value This will be used for the new SSLSecurityLevel option. Commit: fc8237f7d1fb7e29ec074deed74e574a9a32dff1 https://github.com/boxbackup/boxbackup/commit/fc8237f7d1fb7e29ec074deed74e574a9a32dff1 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Test.cpp M lib/common/Test.h M test/bbackupd/testbbackupd.cpp Log Message: ----------- test_bbackupd_config_script: move temp files into testfiles/tmp This makes it easier to clean up all outputs of the test, making it rerunnable, by just deleting the entire tmp directory. Commit: da2f742b636a1a6353baddbc02469af48479239b https://github.com/boxbackup/boxbackup/commit/da2f742b636a1a6353baddbc02469af48479239b Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Test.cpp M lib/common/Test.h Log Message: ----------- Test library: make old_failure_count a private variable Commit: 906bfac7935396fe1fa15ed3f918987965313a75 https://github.com/boxbackup/boxbackup/commit/906bfac7935396fe1fa15ed3f918987965313a75 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/server/ServerStream.h Log Message: ----------- ServerStream: handle exceptions without killing server on Windows Commit: 079556371b484fa8e7656c456a45426c04463893 https://github.com/boxbackup/boxbackup/commit/079556371b484fa8e7656c456a45426c04463893 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/server/SocketStreamTLS.cpp M lib/server/TLSContext.cpp Log Message: ----------- SocketStreamTLS/TLSContext: improve SSL error messages Commit: b416481815e35a78e9bcb3654c4ae1de4b61c7a6 https://github.com/boxbackup/boxbackup/commit/b416481815e35a78e9bcb3654c4ae1de4b61c7a6 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/backupstore/BackupStoreCheck.cpp M lib/backupstore/BackupStoreCheck2.cpp M lib/backupstore/BackupStoreRefCountDatabase.cpp M lib/backupstore/BackupStoreRefCountDatabase.h Log Message: ----------- BackupStoreCheck: fix failure to compare refcounts of last object ID Fix test that would randomly detect an extra change to the refcount of an object, depending if the test broke the object with the highest unused object ID (which depended on upload order). Add ability to ignore changes to a specific object ID, and use it to ignore changes to any newly-created lost+found directory, as these are expected. (cherry picked from commit b911cb81ba6ee2cb5117947d00e9631420543c14) Compare: https://github.com/boxbackup/boxbackup/compare/c12feffd8a04...b416481815e3 From noreply at github.com Tue May 14 19:16:53 2019 From: noreply at github.com (Chris Wilson) Date: Tue, 14 May 2019 11:16:53 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 278294: Test setup: remove removal of files that are no lo... Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_wip Home: https://github.com/boxbackup/boxbackup Commit: 2782943c095060bb37e58014a39633d53d830269 https://github.com/boxbackup/boxbackup/commit/2782943c095060bb37e58014a39633d53d830269 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Test.cpp Log Message: ----------- Test setup: remove removal of files that are no longer created by tests Commit: ab4c10afadbe114f1f25c7a47cfbae18d49648d2 https://github.com/boxbackup/boxbackup/commit/ab4c10afadbe114f1f25c7a47cfbae18d49648d2 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/server/ServerTLS.h Log Message: ----------- ServerTLS: remove erroneous comment, add self-documenting named constant Commit: cbea196e2c488de0b5a892fe98648f098fe2dac7 https://github.com/boxbackup/boxbackup/commit/cbea196e2c488de0b5a892fe98648f098fe2dac7 Author: Chris Wilson Date: 2019-05-14 (Tue, 14 May 2019) Changed paths: M lib/backupstore/BackupStoreCheck.cpp M lib/backupstore/BackupStoreCheck2.cpp M lib/backupstore/BackupStoreRefCountDatabase.cpp M lib/backupstore/BackupStoreRefCountDatabase.h Log Message: ----------- BackupStoreCheck: fix failure to compare refcounts of last object ID Fix test that would randomly detect an extra change to the refcount of an object, depending if the test broke the object with the highest unused object ID (which depended on upload order). Add ability to ignore changes to a specific object ID, and use it to ignore changes to any newly-created lost+found directory, as these are expected. (cherry picked from commit b911cb81ba6ee2cb5117947d00e9631420543c14) (cherry picked from commit b416481815e35a78e9bcb3654c4ae1de4b61c7a6) Compare: https://github.com/boxbackup/boxbackup/compare/2782943c0950%5E...cbea196e2c48 From noreply at github.com Tue May 14 19:18:27 2019 From: noreply at github.com (Chris Wilson) Date: Tue, 14 May 2019 11:18:27 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size Home: https://github.com/boxbackup/boxbackup From noreply at github.com Tue May 14 19:32:23 2019 From: noreply at github.com (Chris Wilson) Date: Tue, 14 May 2019 11:32:23 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] b44cc4: Fix Debian bug 907135: weak certificates Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_merge Home: https://github.com/boxbackup/boxbackup Commit: b44cc44f788a9efea03efb366eb97489b04a18ad https://github.com/boxbackup/boxbackup/commit/b44cc44f788a9efea03efb366eb97489b04a18ad Author: Chris Wilson Date: 2019-05-14 (Tue, 14 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- Fix Debian bug 907135: weak certificates Debian Linux have recently upgraded to OpenSSL 1.1.1, which has increased the default global security level from 1 to 2. Level 2 does not accept certificates with 1024-bit keys, and certificates signed with the SHA1 algorithm, considering them to be weak and therefore dangerous. It now requires a minimum of 2048-bit keys and SHA256 signatures. (At the time of writing, this change is only in Debian Unstable, but it will eventually make its way into a stable release.) This has caused the following issues with Box Backup: * All existing certificates are signed with the SHA1 algorithm, and can no longer be used (by default); and * Some tests use 1024-bit certificates which can no longer be used either. This change implements the workarounds to enable users to continue to use old certificates, for the time being, with a warning: * Ensure that new installations are secure (stronger certificates generated and required); * Ensure that existing installations are not broken, even if they are considered "weak"; * Warn users if their certificates are (or might be) weak; * Allow them to disable this warning if required (not recommended); * Provide the option to not override the system-wide security level (which may be higher than 2 in future). It does this by adding the new SSLSecurityLevel configuration option, fixing the supplied scripts to generate stronger SSL certificates from now on, replacing the old certificates used in tests, and adding tests for the issue. If compiled with OpenSSL 1.0, existing behaviour will not change, and the security level cannot be raised. The SSLSecurityLevel option is recognised, but has no effect except to show a warning that it is not supported. More work could be done on making it easier to regenerate certificates, however some discussion is needed to come up with a plan that works and helps users. See https://www.boxbackup.org/wiki/WeakSSLCertificates for more details. From trac at boxbackup.org Sat May 18 10:06:17 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:06:17 -0000 Subject: [Box Backup-commit] #62: Backups of deleted files may be removed very quickly by housekeeping In-Reply-To: <042.00d0e516141a1b0015b7b80fcd5b7aaf@boxbackup.org> References: <042.00d0e516141a1b0015b7b80fcd5b7aaf@boxbackup.org> Message-ID: <057.7b9d660d18dc924f1d6b5ca59f6337fd@boxbackup.org> #62: Backups of deleted files may be removed very quickly by housekeeping -------------------------+------------------------------------------------- Reporter: chris | Owner: (none) Type: defect | Status: new Priority: major | Milestone: 0.12 Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: backup deletion archive snapshot | housekeeping -------------------------+------------------------------------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:07:07 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:07:07 -0000 Subject: [Box Backup-commit] #4: Port Box Backup to AIX In-Reply-To: <043.b45aed3a22c75a6981592cb23715af1d@boxbackup.org> References: <043.b45aed3a22c75a6981592cb23715af1d@boxbackup.org> Message-ID: <058.89f91fd755b2ff17d2760e4231ce1fb1@boxbackup.org> #4: Port Box Backup to AIX -----------------------------+-------------------- Reporter: Martin Ebourne | Owner: (none) Type: task | Status: new Priority: normal | Milestone: Component: box libraries | Version: 0.10 Resolution: | Keywords: -----------------------------+-------------------- Changes (by James O'Gorman): * owner: Martin Ebourne => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:05:14 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:05:14 -0000 Subject: [Box Backup-commit] #66: Windows ACL support In-Reply-To: <042.d7d15c842e4274edcc96b15ea0cce237@boxbackup.org> References: <042.d7d15c842e4274edcc96b15ea0cce237@boxbackup.org> Message-ID: <057.1cfd9b1257c8f54f54bbe81954ddae7d@boxbackup.org> #66: Windows ACL support ---------------------------+------------------------- Reporter: Achim J Latz | Owner: (none) Type: enhancement | Status: new Priority: normal | Milestone: Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: Windows ACL ---------------------------+------------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:03:59 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:03:59 -0000 Subject: [Box Backup-commit] #68: More details when ReadError occurs In-Reply-To: <042.6ace05e82415c13920d80672606c6088@boxbackup.org> References: <042.6ace05e82415c13920d80672606c6088@boxbackup.org> Message-ID: <057.12507015310a51a4c0e85c3f40489320@boxbackup.org> #68: More details when ReadError occurs ---------------------------+--------------------- Reporter: Achim J Latz | Owner: (none) Type: enhancement | Status: new Priority: minor | Milestone: Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: ---------------------------+--------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:04:41 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:04:41 -0000 Subject: [Box Backup-commit] #77: Min verbosity switch broken for bbackupquery In-Reply-To: <042.1cd5131f5bc0fa54fd57f9139a928d15@boxbackup.org> References: <042.1cd5131f5bc0fa54fd57f9139a928d15@boxbackup.org> Message-ID: <057.8491a419a579147246a9837a0a469e2f@boxbackup.org> #77: Min verbosity switch broken for bbackupquery ---------------------------+--------------------- Reporter: Achim J Latz | Owner: (none) Type: defect | Status: new Priority: minor | Milestone: Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: ---------------------------+--------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:07:27 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:07:27 -0000 Subject: [Box Backup-commit] #45: File diff performance patch (reduced disk IO and wall time In-Reply-To: <044.c280b9a070f67246356759e14aa24545@boxbackup.org> References: <044.c280b9a070f67246356759e14aa24545@boxbackup.org> Message-ID: <059.474e38ecb4ef9fa17d6385d6cd3be601@boxbackup.org> #45: File diff performance patch (reduced disk IO and wall time --------------------------+-------------------- Reporter: Alex Harper | Owner: (none) Type: enhancement | Status: new Priority: normal | Milestone: 0.12 Component: bbackupd | Version: trunk Resolution: | Keywords: --------------------------+-------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:05:50 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:05:50 -0000 Subject: [Box Backup-commit] #70: Non-ascii character cause error for notifyscript path In-Reply-To: <042.fedf6229df99865c95313a2506441bb0@boxbackup.org> References: <042.fedf6229df99865c95313a2506441bb0@boxbackup.org> Message-ID: <057.fe4f040b1d42b7d4a35c55d7e277b9dc@boxbackup.org> #70: Non-ascii character cause error for notifyscript path ---------------------------+--------------------- Reporter: Achim J Latz | Owner: (none) Type: defect | Status: new Priority: normal | Milestone: Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: ---------------------------+--------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:04:21 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:04:21 -0000 Subject: [Box Backup-commit] #57: Create boxbackupresume and other files in DataDirectory In-Reply-To: <042.7f6c29731329d3c2c35c875abeea2a0c@boxbackup.org> References: <042.7f6c29731329d3c2c35c875abeea2a0c@boxbackup.org> Message-ID: <057.5014e769d820d6d14b6309932fb62d96@boxbackup.org> #57: Create boxbackupresume and other files in DataDirectory ---------------------------+-------------------- Reporter: Achim J Latz | Owner: (none) Type: enhancement | Status: new Priority: minor | Milestone: Component: bbackupd | Version: trunk Resolution: | Keywords: ---------------------------+-------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:06:05 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:06:05 -0000 Subject: [Box Backup-commit] #65: Some file attributes under Windows are not backed up In-Reply-To: <042.49a9c53f3879af3e19d81668891e0a3c@boxbackup.org> References: <042.49a9c53f3879af3e19d81668891e0a3c@boxbackup.org> Message-ID: <057.7815f4e47421ad9f4e6444cf89abe6e1@boxbackup.org> #65: Some file attributes under Windows are not backed up ---------------------------+-------------------------------- Reporter: Achim J Latz | Owner: (none) Type: defect | Status: new Priority: normal | Milestone: Component: bbackupd | Version: 0.11rc2 Resolution: | Keywords: attributes windows ---------------------------+-------------------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From trac at boxbackup.org Sat May 18 10:04:56 2019 From: trac at boxbackup.org (Trac) Date: Sat, 18 May 2019 09:04:56 -0000 Subject: [Box Backup-commit] #58: bbackupquery connection timeout results in error message, should be more graceful In-Reply-To: <042.85f81e379cb7720efd571bfafe567aeb@boxbackup.org> References: <042.85f81e379cb7720efd571bfafe567aeb@boxbackup.org> Message-ID: <057.89e1db2d70310051599009c18f4772bc@boxbackup.org> #58: bbackupquery connection timeout results in error message, should be more graceful ---------------------------+-------------------- Reporter: Achim J Latz | Owner: (none) Type: defect | Status: new Priority: minor | Milestone: Component: bbackupd | Version: trunk Resolution: | Keywords: ---------------------------+-------------------- Changes (by James O'Gorman): * owner: ben => (none) -- Ticket URL: Box Backup An open source, completely automatic on-line backup system for UNIX. From noreply at github.com Sun May 19 00:33:27 2019 From: noreply at github.com (Chris Wilson) Date: Sat, 18 May 2019 16:33:27 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] 55aacf: Fix Debian bug 907135: weak certificates Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_merge Home: https://github.com/boxbackup/boxbackup Commit: 55aacf51d83c28d1046dcde84df6dc18cee808af https://github.com/boxbackup/boxbackup/commit/55aacf51d83c28d1046dcde84df6dc18cee808af Author: Chris Wilson Date: 2019-05-19 (Sun, 19 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- Fix Debian bug 907135: weak certificates Debian Linux have recently upgraded to OpenSSL 1.1.1, which has increased the default global security level from 1 to 2. Level 2 does not accept certificates with 1024-bit keys, and certificates signed with the SHA1 algorithm, considering them to be weak and therefore dangerous. It now requires a minimum of 2048-bit keys and SHA256 signatures. (At the time of writing, this change is only in Debian Unstable, but it will eventually make its way into a stable release.) This has caused the following issues with Box Backup: * All existing certificates are signed with the SHA1 algorithm, and can no longer be used (by default); and * Some tests use 1024-bit certificates which can no longer be used either. This change implements the workarounds to enable users to continue to use old certificates, for the time being, with a warning: * Ensure that new installations are secure (stronger certificates generated and required); * Ensure that existing installations are not broken, even if they are considered "weak"; * Warn users if their certificates are (or might be) weak; * Allow them to disable this warning if required (not recommended); * Provide the option to not override the system-wide security level (which may be higher than 2 in future). It does this by adding the new SSLSecurityLevel configuration option, fixing the supplied scripts to generate stronger SSL certificates from now on, replacing the old certificates used in tests, and adding tests for the issue. If compiled with OpenSSL 1.0, existing behaviour will not change, and the security level cannot be raised. The SSLSecurityLevel option is recognised, but has no effect except to show a warning that it is not supported. More work could be done on making it easier to regenerate certificates, however some discussion is needed to come up with a plan that works and helps users. See https://github.com/boxbackup/boxbackup/wiki/WeakSSLCertificates for more details. From noreply at github.com Sun May 19 17:01:39 2019 From: noreply at github.com (Chris Wilson) Date: Sun, 19 May 2019 09:01:39 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] e43161: Rename setup_test_bbackupd() in test/bbackupd Message-ID: Branch: refs/heads/master Home: https://github.com/boxbackup/boxbackup Commit: e43161d15dd297a66b50e2a86cc5a5b80baed3ed https://github.com/boxbackup/boxbackup/commit/e43161d15dd297a66b50e2a86cc5a5b80baed3ed Author: Chris Wilson Date: 2019-01-13 (Sun, 13 Jan 2019) Changed paths: M test/bbackupd/testbbackupd.cpp Log Message: ----------- Rename setup_test_bbackupd() in test/bbackupd The name of this utility function was confusing with the SETUP_TEST_BBACKUPD macro which served an entirely different purpose, so I renamed it to prepare_test_with_client_daemon(). (cherry picked from commit 0dac53b4a31263fe8976237702538cd258fc86e1) Commit: 254c099a15dbf3be89e7ef82d923fb66d2080959 https://github.com/boxbackup/boxbackup/commit/254c099a15dbf3be89e7ef82d923fb66d2080959 Author: Chris Wilson Date: 2019-01-13 (Sun, 13 Jan 2019) Changed paths: M test/bbackupd/testbbackupd.cpp Log Message: ----------- Rename test/bbackupd compare macros for readability, and add logging (cherry picked from commit 5cf8bad939937fb35e2cd4d1e8a6580c61b07d9a) Commit: 05b9202c4c2536432d41d523b9e17b7a9434b13a https://github.com/boxbackup/boxbackup/commit/05b9202c4c2536432d41d523b9e17b7a9434b13a Author: Chris Wilson Date: 2019-01-14 (Mon, 14 Jan 2019) Changed paths: M lib/backupstore/StoreTestUtils.cpp M lib/backupstore/StoreTestUtils.h M lib/common/Test.h M test/bbackupd/testbbackupd.cpp Log Message: ----------- Refactor Start/StopSimulator out of testbackupstore To enable reuse by testbackupstorepatch. (cherry picked from commit 92d3f329ad1ebd9ce04d18659ea47b14b64e78ba) Commit: 54d435424ab5d736e6675230101efb0f9f286ec0 https://github.com/boxbackup/boxbackup/commit/54d435424ab5d736e6675230101efb0f9f286ec0 Author: Chris Wilson Date: 2019-02-01 (Fri, 01 Feb 2019) Changed paths: M lib/backupstore/StoreTestUtils.cpp M lib/backupstore/StoreTestUtils.h M lib/common/BoxException.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ServerControl.cpp M lib/server/ServerControl.h M test/basicserver/testbasicserver.cpp Log Message: ----------- Move LaunchServer and WaitForServerStartup to lib/server/ServerControl.cpp Commit: 8c2837bda0237229c5f39e4cf95479038f9c7ec1 https://github.com/boxbackup/boxbackup/commit/8c2837bda0237229c5f39e4cf95479038f9c7ec1 Author: Chris Wilson Date: 2019-02-01 (Fri, 01 Feb 2019) Changed paths: M lib/common/FileStream.h M lib/common/Test.cpp M lib/server/ServerControl.cpp M lib/server/ServerControl.h M test/bbackupd/testbbackupd.cpp Log Message: ----------- test/bbackupd: add a test for bbackupd-config and bbstored-config scripts Test creating new clients and servers, signing their certificates and running a test backup. (cherry picked from commit 7ac15a016360fd03eb0d7dddd4c1528069486ab1) Commit: b0b572b69243266b7ff6423aa683bad8ec205061 https://github.com/boxbackup/boxbackup/commit/b0b572b69243266b7ff6423aa683bad8ec205061 Author: Chris Wilson Date: 2019-02-03 (Sun, 03 Feb 2019) Changed paths: M infrastructure/cmake/windows/CMakeLists.txt Log Message: ----------- Switch PCRE back to an official release (cherry picked from commit e4d488d1a07bf1db32e96a9526d1fd1ea54f0967) (cherry picked from commit c3f54004ab6aca059ec259b2b310b0bb3161e191) (cherry picked from commit 1f87f198b4a8e56eef0b28da4685e1c9084883df) Commit: 83238a9434a878bb86847cfd72077e07e8c65448 https://github.com/boxbackup/boxbackup/commit/83238a9434a878bb86847cfd72077e07e8c65448 Author: Chris Wilson Date: 2019-02-11 (Mon, 11 Feb 2019) Changed paths: M infrastructure/cmake/windows/CMakeLists.txt Log Message: ----------- Upgrade PCRE to 8.42, and switch to a new official site Commit: 655d62b2fd9172846ef59ca6546f5dad72f1f37a https://github.com/boxbackup/boxbackup/commit/655d62b2fd9172846ef59ca6546f5dad72f1f37a Author: Chris Wilson Date: 2019-05-09 (Thu, 09 May 2019) Changed paths: M infrastructure/cmake/CMakeLists.txt Log Message: ----------- CMake buildsystem: configure files after all variables are known Commit: c12feffd8a044bc3add241d0939699ce443288c3 https://github.com/boxbackup/boxbackup/commit/c12feffd8a044bc3add241d0939699ce443288c3 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M infrastructure/cmake/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 Log Message: ----------- OpenSSL: detect SSL_CTX_set_security_level and friends Needed to enable the new SSLSecurityLevel option only when building with a recent enough OpenSSL that supports it. Commit: e0a1463227fb35a608d52407180277380c00f859 https://github.com/boxbackup/boxbackup/commit/e0a1463227fb35a608d52407180277380c00f859 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Configuration.cpp M lib/common/Configuration.h Log Message: ----------- Configuration: add a variant of GetKeyValueInt that has a default value This will be used for the new SSLSecurityLevel option. Commit: fc8237f7d1fb7e29ec074deed74e574a9a32dff1 https://github.com/boxbackup/boxbackup/commit/fc8237f7d1fb7e29ec074deed74e574a9a32dff1 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Test.cpp M lib/common/Test.h M test/bbackupd/testbbackupd.cpp Log Message: ----------- test_bbackupd_config_script: move temp files into testfiles/tmp This makes it easier to clean up all outputs of the test, making it rerunnable, by just deleting the entire tmp directory. Commit: da2f742b636a1a6353baddbc02469af48479239b https://github.com/boxbackup/boxbackup/commit/da2f742b636a1a6353baddbc02469af48479239b Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/common/Test.cpp M lib/common/Test.h Log Message: ----------- Test library: make old_failure_count a private variable Commit: 906bfac7935396fe1fa15ed3f918987965313a75 https://github.com/boxbackup/boxbackup/commit/906bfac7935396fe1fa15ed3f918987965313a75 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/server/ServerStream.h Log Message: ----------- ServerStream: handle exceptions without killing server on Windows Commit: 079556371b484fa8e7656c456a45426c04463893 https://github.com/boxbackup/boxbackup/commit/079556371b484fa8e7656c456a45426c04463893 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/server/SocketStreamTLS.cpp M lib/server/TLSContext.cpp Log Message: ----------- SocketStreamTLS/TLSContext: improve SSL error messages Commit: b416481815e35a78e9bcb3654c4ae1de4b61c7a6 https://github.com/boxbackup/boxbackup/commit/b416481815e35a78e9bcb3654c4ae1de4b61c7a6 Author: Chris Wilson Date: 2019-05-13 (Mon, 13 May 2019) Changed paths: M lib/backupstore/BackupStoreCheck.cpp M lib/backupstore/BackupStoreCheck2.cpp M lib/backupstore/BackupStoreRefCountDatabase.cpp M lib/backupstore/BackupStoreRefCountDatabase.h Log Message: ----------- BackupStoreCheck: fix failure to compare refcounts of last object ID Fix test that would randomly detect an extra change to the refcount of an object, depending if the test broke the object with the highest unused object ID (which depended on upload order). Add ability to ignore changes to a specific object ID, and use it to ignore changes to any newly-created lost+found directory, as these are expected. (cherry picked from commit b911cb81ba6ee2cb5117947d00e9631420543c14) Commit: 55aacf51d83c28d1046dcde84df6dc18cee808af https://github.com/boxbackup/boxbackup/commit/55aacf51d83c28d1046dcde84df6dc18cee808af Author: Chris Wilson Date: 2019-05-19 (Sun, 19 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxPortsAndFiles.h.in M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerException.txt M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- Fix Debian bug 907135: weak certificates Debian Linux have recently upgraded to OpenSSL 1.1.1, which has increased the default global security level from 1 to 2. Level 2 does not accept certificates with 1024-bit keys, and certificates signed with the SHA1 algorithm, considering them to be weak and therefore dangerous. It now requires a minimum of 2048-bit keys and SHA256 signatures. (At the time of writing, this change is only in Debian Unstable, but it will eventually make its way into a stable release.) This has caused the following issues with Box Backup: * All existing certificates are signed with the SHA1 algorithm, and can no longer be used (by default); and * Some tests use 1024-bit certificates which can no longer be used either. This change implements the workarounds to enable users to continue to use old certificates, for the time being, with a warning: * Ensure that new installations are secure (stronger certificates generated and required); * Ensure that existing installations are not broken, even if they are considered "weak"; * Warn users if their certificates are (or might be) weak; * Allow them to disable this warning if required (not recommended); * Provide the option to not override the system-wide security level (which may be higher than 2 in future). It does this by adding the new SSLSecurityLevel configuration option, fixing the supplied scripts to generate stronger SSL certificates from now on, replacing the old certificates used in tests, and adding tests for the issue. If compiled with OpenSSL 1.0, existing behaviour will not change, and the security level cannot be raised. The SSLSecurityLevel option is recognised, but has no effect except to show a warning that it is not supported. More work could be done on making it easier to regenerate certificates, however some discussion is needed to come up with a plan that works and helps users. See https://github.com/boxbackup/boxbackup/wiki/WeakSSLCertificates for more details. Commit: 039c4a1277a9ace937f32fef77fd10721d801dcf https://github.com/boxbackup/boxbackup/commit/039c4a1277a9ace937f32fef77fd10721d801dcf Author: Chris Wilson Date: 2019-05-19 (Sun, 19 May 2019) Changed paths: M bin/bbackupd/bbackupd-config.in M bin/bbackupquery/bbackupquery.cpp M bin/bbstored/bbstored-certs.in M bin/bbstored/bbstored-config.in M infrastructure/cmake/CMakeLists.txt M infrastructure/cmake/windows/CMakeLists.txt M infrastructure/m4/boxbackup_tests.m4 M lib/backupclient/BackupDaemonConfigVerify.cpp M lib/backupstore/BackupStoreCheck.cpp M lib/backupstore/BackupStoreCheck2.cpp M lib/backupstore/BackupStoreRefCountDatabase.cpp M lib/backupstore/BackupStoreRefCountDatabase.h M lib/backupstore/StoreTestUtils.cpp M lib/backupstore/StoreTestUtils.h M lib/bbackupd/BackupDaemon.cpp M lib/common/BoxException.h M lib/common/BoxPortsAndFiles.h.in M lib/common/Configuration.cpp M lib/common/Configuration.h M lib/common/FileStream.h M lib/common/Test.cpp M lib/common/Test.h M lib/server/ConnectionException.txt M lib/server/Daemon.cpp M lib/server/Daemon.h M lib/server/ServerControl.cpp M lib/server/ServerControl.h M lib/server/ServerException.txt M lib/server/ServerStream.h M lib/server/ServerTLS.h M lib/server/SocketStream.cpp M lib/server/SocketStream.h M lib/server/SocketStreamTLS.cpp M lib/server/SocketStreamTLS.h M lib/server/TLSContext.cpp M lib/server/TLSContext.h M test/backupstorefix/testbackupstorefix.cpp M test/backupstorefix/testfiles/testbackupstorefix.pl.in M test/basicserver/testbasicserver.cpp A test/basicserver/testfiles/seclevel2-sha1/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha1/bbstored.conf A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha1/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha1/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha1/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha1/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha1/raidfile.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/1234567-key.pem A test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh A test/basicserver/testfiles/seclevel2-sha256/bbstored.conf A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-csr.pem A test/basicserver/testfiles/seclevel2-sha256/bbstored/localhost-key.pem A test/basicserver/testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/clientRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootCSR.pem A test/basicserver/testfiles/seclevel2-sha256/ca/keys/serverRootKey.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/clientCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.pem A test/basicserver/testfiles/seclevel2-sha256/ca/roots/serverCA.srl A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem A test/basicserver/testfiles/seclevel2-sha256/ca/servers/localhost-cert.pem A test/basicserver/testfiles/seclevel2-sha256/raidfile.conf A test/basicserver/testfiles/srv3-insecure-daemon.conf A test/basicserver/testfiles/srv3-seclevel2-sha1.conf A test/basicserver/testfiles/srv3-seclevel2-sha256.conf A test/basicserver/testfiles/srv4-noseclevel.conf A test/basicserver/testfiles/srv4-seclevel1.conf A test/basicserver/testfiles/srv4-seclevel2-insecure.conf A test/basicserver/testfiles/srv4-seclevel2-secure.conf R test/basicserver/testfiles/srv4.conf M test/bbackupd/testbbackupd.cpp Log Message: ----------- Merge pull request #36 from boxbackup/fix_debian_907135_ssl_key_size_merge Debian Linux have recently upgraded to OpenSSL 1.1.1, which has increased the default global security level from 1 to 2. Level 2 does not accept certificates with 1024-bit keys, and certificates signed with the SHA1 algorithm, considering them to be weak and therefore dangerous. It now requires a minimum of 2048-bit keys and SHA256 signatures. (At the time of writing, this change is only in Debian Unstable, but it will eventually make its way into a stable release.) This has caused the following issues with Box Backup: * All existing certificates are signed with the SHA1 algorithm, and can no longer be used (by default); and * Some tests use 1024-bit certificates which can no longer be used either. This change implements the workarounds to enable users to continue to use old certificates, for the time being, with a warning: * Ensure that new installations are secure (stronger certificates generated and required); * Ensure that existing installations are not broken, even if they are considered "weak"; * Warn users if their certificates are (or might be) weak; * Allow them to disable this warning if required (not recommended); * Provide the option to not override the system-wide security level (which may be higher than 2 in future). It does this by adding the new SSLSecurityLevel configuration option, fixing the supplied scripts to generate stronger SSL certificates from now on, replacing the old certificates used in tests, and adding tests for the issue. If compiled with OpenSSL 1.0, existing behaviour will not change, and the security level cannot be raised. The SSLSecurityLevel option is recognised, but has no effect except to show a warning that it is not supported. More work could be done on making it easier to regenerate certificates, however some discussion is needed to come up with a plan that works and helps users. See https://github.com/boxbackup/boxbackup/wiki/WeakSSLCertificates for more details. Compare: https://github.com/boxbackup/boxbackup/compare/2f5b556896ed...039c4a1277a9 From noreply at github.com Sun May 19 17:01:42 2019 From: noreply at github.com (Chris Wilson) Date: Sun, 19 May 2019 09:01:42 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] Message-ID: Branch: refs/heads/fix_debian_907135_ssl_key_size_merge Home: https://github.com/boxbackup/boxbackup From noreply at github.com Sun May 19 17:42:15 2019 From: noreply at github.com (Chris Wilson) Date: Sun, 19 May 2019 09:42:15 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] Message-ID: Branch: refs/tags/BoxBackup-0.12.master.190519.039c4a1 Home: https://github.com/boxbackup/boxbackup From noreply at github.com Sun May 26 09:38:40 2019 From: noreply at github.com (Chris Wilson) Date: Sun, 26 May 2019 01:38:40 -0700 Subject: [Box Backup-commit] [boxbackup/boxbackup] cc476c: Fix some cases of exceptions thrown in destructors Message-ID: Branch: refs/heads/s3_support_client_store_marker Home: https://github.com/boxbackup/boxbackup Commit: cc476c309688e856210d8f99aee86930cbb60c08 https://github.com/boxbackup/boxbackup/commit/cc476c309688e856210d8f99aee86930cbb60c08 Author: Chris Wilson Date: 2019-05-26 (Sun, 26 May 2019) Changed paths: M lib/common/DebugMemLeakFinder.cpp M lib/common/Logging.cpp M lib/common/Logging.h M lib/common/UnixUser.cpp M lib/compress/Compress.h Log Message: ----------- Fix some cases of exceptions thrown in destructors Commit: f4974dbb9fcf010c9544dcba949c05d792ba755b https://github.com/boxbackup/boxbackup/commit/f4974dbb9fcf010c9544dcba949c05d792ba755b Author: Chris Wilson Date: 2019-05-26 (Sun, 26 May 2019) Changed paths: M modules.txt Log Message: ----------- Fix testbackupstorefix dependencies, now requires s3simulator to be built first Commit: aeb6fe1dd86a5578a5e49f738acd6e5f0981ee3c https://github.com/boxbackup/boxbackup/commit/aeb6fe1dd86a5578a5e49f738acd6e5f0981ee3c Author: Chris Wilson Date: 2019-05-26 (Sun, 26 May 2019) Changed paths: M test/backupstorefix/testbackupstorefix.cpp Log Message: ----------- Fix missing locks in testbackupstorefix Compare: https://github.com/boxbackup/boxbackup/compare/c9b16658bf57...aeb6fe1dd86a