| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a new `Auth/PasswordCommand` option
to support security best practices re: handling secrets
in CLI program configuration.
Prior to this commit, the two available options
for specifying a password were:
1. via the `Auth/Password` config parameter, or
2. via a `$CALCURSE_CALDAV_PASSWORD` environment variable.
The former is unsafe for obvious reasons;
the latter is unsafe because as long as the script is running,
its environment can be accessed via
$ cat /proc/<pid>/environ
and is thus visible to anyone with access to the system.
This commit preserves preexisting behavior (for backward compatibility)
but removes all mention of option 2 from the README.
Since the README example for option 2 used a password command anyway,
there is little reason to continue its use,
and this commit recommends it be deprecated.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass disable_ssl_certificate_validation as keyword argument to
httplib2.Http().
Fixes a regression introduced in 1e1d615 (Refactor calcurse-caldav to
use httplib2, 2017-09-06).
Fixes GitHub issue #420.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently, while some CalDAV servers return href values as is in their
response, some might return them URL-quoted (which, if I am not
mistaken, was the reason for e943b06).
Assuming either behaviour when pushing local objects will lead to
discrepancy with events dictionary retrieved from the server and thus
bugs, hence we always want to use whatever form of href the server
returns.
Addresses GitHub issues #337 and #356.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
Add some clarification on the expected format for the Hostname and Path
options in the sample configuration file.
Addresses GitHub issues #95, #138, and #354.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous implementation allowed sections and keys other than those
used by the script which led to a variety of bug reports due to typos in
the configuration. Disallow entries other than those explicitly used and
make both section and key names case-sensitive (previously, only section
names where case-sensitive).
Check that Hostname and Path are set before using them.
Addresses GitHub issues #327 and #350.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
| |
Fixes #283.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
This patch makes check_dir(dir) create directories if they don't exist,
and it will fail if the path at dir is not a directory. It acts in a
similar fashion to io_check_dir from io.c.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
| |
Suggested-by: Tony Barganski <tonybarganski@outlook.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
Display a warning if any of the events reported by the server cannot be
found instead of bailing out.
Addresses GitHub issue #137 and #245.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
| |
Addresses GitHub issue #209.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
| |
Added the --datadir flag to calcurse-caldav which enables to specify a
custom calcurse data directory similarly to the -D flag in calcurse.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
The optional argument to -x must be given as "-xical" (without a space).
Partly addresses GitHub issue #177.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
| |
We cannot use the filter options when importing events.
This was noticed because the new calcurse argument parser catches
invalid input flag combinations and bails out.
Partly addresses GitHub issue #177.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
| |
Objects are reference in python, ".pop" was modifying the original
dictionary and thus breaking authentication by removing auth headers.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
| |
Fixes GitHub issue #144.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
Fixes a regression introduced in 6a6c711 (calcurse-caldav: fix basic
authentication, 2018-07-20).
Addresses GitHub issue #149.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
| |
Read whether basic authentication is used and add the credentials to
httplib2 when making a request.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce support for HTTP connections. Use "HTTPS" in the config file
to enable/disable (default is enabled). The option modifies the prefix
of the host name to "http://" when disabled, rather than always using
"https://" with no option to change.
httplib2 automatically handles URLs beginning with either http or https.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
The Authorization header contains the Base64-encoded user name and
password. Remove this information from debug logs, unless the user
explicitly requests to keep them by using the --debug-raw flag.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
When importing an iCal event via calcurse fails (i.e. does not return a
single object hash), do not write anything to the synchronization
database instead of blindly appending the entry, thereby potentially
corrupting the database.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
| |
Signed-off-by: Raf Czlonka <rczlonka@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
| |
Add information about the CALCURSE_CALDAV_PASSWORD environment variable.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
Add the option to read the basic authentication password from the
CALCURSE_CALDAV_PASSWORD environment variable.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit efd76a0d995292e48f5466fccada4901618f7d97.
Passing passwords as command line arguments is not a good idea, since
they may appear in process listings which are potentially visible to
other users logged into the system.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
The SyncFilter option filters the types of items synced from/to a CalDAV
server by making use of the --filter-type command line argument.
Signed-off-by: Satvik Sharma <satvik.sharma2@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is best practice to use `/usr/bin/env python3` instead of a hard
coded path. This will search for "python3" in the PATH environment
variable.
Most Linux distributions install python to "/usr/bin". Most BSDs to
"/usr/local/bin".
Signed-off-by: Stefan Hagen <github@textmail.me>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
The "--password" argument overrides the corresponding option in the
config file.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
Append instructions and information on synchronization with OAuth2-based
services, specifically Google Calendar.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
This ensures that the Markdown syntax is properly displayed by Github
and other Markdown readers. Also added quotes to a couple of paths and a
flag.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
OAuth2 authentication is completely optional. It is controlled by the
AuthMethod option in the config file. Other required options were
appended to config.sample.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
| |
This will allow much more flexibility and less code duplication when
adding OAuth2 support. OAuth2 support will require this library as it is
a dependency of oauth2client. The documentation was updated to reflect
the new dependency.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
| |
Certain CalDAV servers prohibit a single DELETE request to be sent to
the calendar collection root. Instead items need to be deleted one by
one.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
| |
When pushing objects, the unencoded uri path would be saved into the
sync.db. The unencoded path and the encoded path from the server would
be seen as two different objects, causing both to be resynced
unnecessarily.
Signed-off-by: Randy Ramos <rramos1295@gmail.com>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
| |
For the initial calendar-query request, set the Depth header to 1. This
is required because according to RFC 4791, the depth value defaults to 0
if no header is specified.
Fixes GitHub issue #38.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Some parameters where swapped accidentally when reworking the diff
computation in c8d3d87 (calcurse-caldav: Compute diffs before
synchronizing, 2016-12-13) such that the synchronization functions were
working with incorrect diffs since that commit. Exchange the parameters
again to fix this.
Reported-by: Guillaume Laurès <guillaume@lauresfamily.fr>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
| |
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
Instead of computing the objects to push/pull on-demand, use a snapshot
of the synchronization database taken before the synchronization process
starts.
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|
|
|
|
|
|
|
|
| |
When importing an appointment from the server, make sure we store a hash
of the item in the sync DB, and not the serialized item itself.
Reported-by: Guillaume Laurès <guillaume@lauresfamily.fr>
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
|