[OpenSRF-GIT] OpenSRF branch rel_2_1 updated. osrf_rel_2_1_0-10-g724bc6d
Evergreen Git
git at git.evergreen-ils.org
Sun Nov 18 07:21:30 EST 2012
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OpenSRF".
The branch, rel_2_1 has been updated
via 724bc6d80e805b580b8340f6d205597e2423ed07 (commit)
via 7c3727761dd359adde04f7ff0584ad98f25baf67 (commit)
from c49f3d1c5c65e7313d631df20ec38c459a8cd404 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 724bc6d80e805b580b8340f6d205597e2423ed07
Author: Dan Scott <dan at coffeecode.net>
Date: Tue Oct 30 23:39:25 2012 -0400
Bump release numbers, create 2.1.1 change log
Signed-off-by: Dan Scott <dan at coffeecode.net>
diff --git a/ChangeLog b/ChangeLog
index 9a5c707..870dcfe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,185 @@
-ChangeLog for OpenSRF 2.1.0
-===========================
+ChangeLog
+=========
+
+OpenSRF 2.1.1
+-------------
+
+commit e93c7c932b144aac2633fe5d058f298a29909f02
+Author: Dan Scott <dan at coffeecode.net>
+Date: Tue Oct 30 23:34:04 2012 -0400
+
+ Release notes for 2.1.1: input log redaction
+
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+12 3 doc/RELEASE_NOTES.txt
+
+commit fd367d0a978cd85d2726a1ea2bd0412abf57fb12
+Author: Dan Scott <dan at coffeecode.net>
+Date: Tue Oct 30 23:27:34 2012 -0400
+
+ Purge the wildly out-of-date Roadmap document
+
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+0 51 doc/Roadmap.txt
+ delete mode 100644 doc/Roadmap.txt
+
+commit 97a520bce382c8806ad1772f98e1e9169a2297b9
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Tue Nov 6 12:32:48 2012 -0500
+
+ Bump libopensrf version-info revision and age
+
+ The log redaction functionality changed the source files (thus 'age'
+ gets bumped) and is backwards-compatible (thus 'revision' gets bumped)
+ but maintains the same interface (thus 'current' stays the same).
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+1 1 src/libopensrf/Makefile.am
+
+commit b81a8c2ada734fe8c47e758c681e2bb952f29c39
+Author: Dan Wells <dbw2 at calvin.edu>
+Date: Wed Oct 31 10:21:14 2012 -0400
+
+ Protect against empty/invalid log_protect sections
+
+ Connectivity would fail if the log_protect section of opensrf_core.xml
+ was empty, or contained only comments, as it does in the default
+ example. Add a simple guard against this potential problem. This fix
+ will also protect against cases where the 'log_protect' section
+ contains text rather than separate configuration elements.
+
+ Credit to Dan Scott for finding the bug and working out how to fix it.
+
+ Signed-off-by: Dan Wells <dbw2 at calvin.edu>
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+6 4 src/perl/lib/OpenSRF/Application.pm
+
+commit a2a286ef7fbf70e695ab23289fe9f131a9037922
+Author: Bill Erickson <berick at esilibrary.com>
+Date: Wed Oct 17 15:57:14 2012 -0400
+
+ Consolidate duplicate osrfMethodVerifyContext handler
+
+ Log redaction was not occuring in some cases because the code was using
+ the OSRF_METHOD_VERIFY_CONTEXT macro instead of the similarly named
+ function which does the same thing. This change points the macro at the
+ function so that all code uses the same underlying code.
+
+ Note this change turns on CALL param logging unconditionally, whereas
+ users of the macro would previously have been able to avoid CALL logging
+ via the OSRF_LOG_PARAMS variable. In practice, little code uses the
+ macro and all code enables OSRF_LOG_PARAMS. If we need to add this
+ control back, it can be added directly to osrfMethodVerifyContext().
+ For now, it's one less env variable we need to define.
+
+ Signed-off-by: Bill Erickson <berick at esilibrary.com>
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+2 36 include/opensrf/osrf_application.h
+
+commit 157ad5d6553b29585afd4b2180db91e2d13b5961
+Author: Dan Wells <dbw2 at calvin.edu>
+Date: Fri Oct 12 09:45:35 2012 -0400
+
+ Log redaction for sensitive input values, Perl side
+
+ This commit attempts to do the same as the C log redaction fix,
+ but now at the Perl level. The Perl configuration code was a
+ little more crufty than the C side, so an additional feature was
+ added to Config.pm to support the new 'shared' section. At some
+ point we should consider a ground-up rewrite of Config.pm, as the
+ code seems to suffer some from its INI file roots.
+
+ Signed-off-by: Dan Wells <dbw2 at calvin.edu>
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+3 3 examples/opensrf_core.xml.example
+21 1 src/perl/lib/OpenSRF/Application.pm
+9 0 src/perl/lib/OpenSRF/System.pm
+48 12 src/perl/lib/OpenSRF/Utils/Config.pm
+
+commit fe9617eda262cc3a3890d068e938ef0ffb99d07a
+Author: Dan Wells <dbw2 at calvin.edu>
+Date: Wed Oct 10 17:28:07 2012 -0400
+
+ Log redaction for sensitive input values, C side
+
+ Some service/methods deal with sensitive information (passwords,
+ financial, etc.). All input values (e.g. gateway method params)
+ are currently logged in the activity log regardless of your log
+ level. This commit will allow you to redact the params of any
+ method which matches a configurable set of left-anchored string
+ values.
+
+ This commit adds the initial config, and covers redaction of method
+ parameters sent through the gateway, the translator, and more general
+ OpenSRF C applications.
+
+ Signed-off-by: Dan Wells <dbw2 at calvin.edu>
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+12 0 examples/opensrf_core.xml.example
+1 0 include/opensrf/osrf_application.h
+2 0 include/opensrf/osrf_system.h
+25 10 src/gateway/osrf_http_translator.c
+22 7 src/gateway/osrf_json_gateway.c
+23 4 src/libopensrf/osrf_application.c
+6 0 src/libopensrf/osrf_system.c
+
+commit cd24bb1c94c95027310f63909b692e4dbb05507f
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Mon Oct 22 11:50:21 2012 -0400
+
+ Use apt-get instead of aptitude on Debian / Ubuntu
+
+ Reports from the field state that aptitude is not installed by default on
+ Ubuntu any longer; thus go with the sure thing.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+1 1 README
+1 1 src/extras/Makefile.install
+
+commit 20a115a421c56b56968accc27b63da7656a70ee8
+Author: Dan Scott <dscott at laurentian.ca>
+Date: Mon Oct 22 11:53:24 2012 -0400
+
+ Remove the reference to Evergreen in the README
+
+ Stephen Wills reported problems installing Evergreen because of missing
+ dependencies, and reading the OpenSRF README shows that it refers to the
+ Evergreen prerequisite installer in a confusing way that might lead to
+ users using only the Evergreen Makefile.install, rather than using the
+ OpenSRF Makefile.install.
+
+ In addition, Fedora 16 is going to be out of support soon, and Fedora 17
+ and 18 are well-tested targets now.
+
+ Signed-off-by: Dan Scott <dscott at laurentian.ca>
+
+2 2 README
+
+commit 83dd58abfca26418f8bdaecb73dbd2c177cc0093
+Author: Jason Stephenson <jstephenson at mvlc.org>
+Date: Tue Nov 6 09:16:18 2012 -0500
+
+ Fix installation on Ubuntu Precise.
+
+ Remove libreadline5-dev and replace with libreadline-dev for Ubuntu
+ and Debian. This installs libreadline6, but everything still works
+ since there's nothing version specific in our use of libreadline.
+
+ Signed-off-by: Jason Stephenson <jstephenson at mvlc.org>
+ Signed-off-by: Dan Scott <dan at coffeecode.net>
+
+2 3 src/extras/Makefile.install
+
+OpenSRF 2.1.0
+-------------
commit 79694c390e0350a199be409ceadb19945ddf2b5c
Author: Dan Scott <dan at coffeecode.net>
diff --git a/src/perl/lib/OpenSRF.pm b/src/perl/lib/OpenSRF.pm
index 1319f33..4b1bab3 100644
--- a/src/perl/lib/OpenSRF.pm
+++ b/src/perl/lib/OpenSRF.pm
@@ -14,11 +14,11 @@ OpenSRF - Top level class for OpenSRF perl modules.
=head1 VERSION
-Version 2.1.0
+Version 2.1.1
=cut
-our $VERSION = "2.10";
+our $VERSION = "2.11";
=head1 METHODS
diff --git a/version.m4 b/version.m4
index bdb0dc9..0771fec 100644
--- a/version.m4
+++ b/version.m4
@@ -1 +1 @@
-m4_define([VERSION_NUMBER],[2.1.0])
+m4_define([VERSION_NUMBER],[2.1.1])
commit 7c3727761dd359adde04f7ff0584ad98f25baf67
Author: Dan Scott <dan at coffeecode.net>
Date: Tue Oct 30 23:34:04 2012 -0400
Release notes for 2.1.1: input log redaction
Signed-off-by: Dan Scott <dan at coffeecode.net>
diff --git a/doc/RELEASE_NOTES.txt b/doc/RELEASE_NOTES.txt
index b71918e..871b303 100644
--- a/doc/RELEASE_NOTES.txt
+++ b/doc/RELEASE_NOTES.txt
@@ -1,4 +1,4 @@
-Release notes for OpenSRF 2.1.0
+Release notes for OpenSRF 2.1.1
===============================
Supported platforms
@@ -16,8 +16,17 @@ The following platforms are *no longer* supported:
* Fedora 14 and 15
* RHEL 5
-New features
-------------
+Changes in 2.1.1
+----------------
+
+Input log redaction
+~~~~~~~~~~~~~~~~~~~
+To avoid exposing potentially sensitive information, Perl and C services will
+not log the parameters of methods matching a set of left-anchored string values
+configured in `opensrf_core.xml`.
+
+New features in 2.1.0
+----------------------
OpenSRF Validator service (`opensrf.validator`)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 184 ++++++++++++++++++++++++++++++++++++++++++++++-
doc/RELEASE_NOTES.txt | 15 +++-
src/perl/lib/OpenSRF.pm | 4 +-
version.m4 | 2 +-
4 files changed, 197 insertions(+), 8 deletions(-)
hooks/post-receive
--
OpenSRF
More information about the opensrf-commits
mailing list