Hello community, here is the log from the commit of package trytond for openSUSE:Factory checked in at 2019-01-21 10:49:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trytond (Old) and /work/SRC/openSUSE:Factory/.trytond.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trytond" Mon Jan 21 10:49:51 2019 rev:27 rq:664379 version:4.6.11 Changes: -------- --- /work/SRC/openSUSE:Factory/trytond/trytond.changes 2018-12-12 17:31:09.630673824 +0100 +++ /work/SRC/openSUSE:Factory/.trytond.new.28833/trytond.changes 2019-01-21 10:50:14.604027491 +0100 @@ -1,0 +2,8 @@ +Mon Jan 7 16:19:58 UTC 2019 - Axel Braun <axel.br...@gmx.de> + +- Version 4.6.11 - cummulated changes: + * trytond_get_login.patch removed (series 4.2) + * get_login_trytond-46.patch added for 4.6 series + * trytond42_psql10.diff removed (not needed for 4.6) + +------------------------------------------------------------------- Old: ---- trytond-4.2.17.tar.gz trytond42_psql10.diff trytond_get_login.patch New: ---- get_login_trytond-46.patch trytond-4.6.11.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trytond.spec ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:18.976022168 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:18.980022164 +0100 @@ -1,8 +1,8 @@ # # spec file for package trytond # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2015 - 2018 Dr. Axel Braun +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2015-2018 Dr. Axel Braun # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,10 +17,10 @@ # -%define majorver 4.2 +%define majorver 4.6 %define base_name tryton Name: trytond -Version: %{majorver}.17 +Version: %{majorver}.11 Release: 0 Summary: An Enterprise Resource Planning (ERP) system @@ -28,28 +28,26 @@ Group: Productivity/Office/Management Url: http://www.tryton.org/ Source0: http://downloads.tryton.org/%{majorver}/%{name}-%{version}.tar.gz -#Patch0: trytond340.patch Source1: tryton-server.README.SUSE Source2: trytond.conf.example Source3: %{name}.conf Source4: %{name}_log.conf -# GNU Health patch for user login -Patch0: trytond_get_login.patch -Patch1: trytond42_psql10.diff Source20: %{name}.service + +Patch0: get_login_trytond-46.patch + # List of additional build dependencies BuildRequires: fdupes -BuildRequires: postgresql -BuildRequires: postgresql-server BuildRequires: python3-Werkzeug BuildRequires: python3-bcrypt -BuildRequires: python3-lxml +BuildRequires: python3-lxml >= 2.0 BuildRequires: python3-psycopg2 BuildRequires: python3-pydot3 BuildRequires: python3-python-sql BuildRequires: python3-setuptools BuildRequires: python3-wrapt BuildRequires: systemd-rpm-macros +Requires: html2text Requires: libreoffice-pyuno Requires: postgresql-server Requires: python3-Genshi @@ -61,20 +59,16 @@ Requires: python3-lxml Requires: python3-mock Requires: python3-polib -Requires: python3-psycopg2 -Requires: python3-python-sql -Requires: python3-relatorio +Requires: python3-psycopg2 >= 2.5.4 +Requires: python3-python-sql >= 0.4 +Requires: python3-relatorio >= 0.7.0 Requires: python3-simpleeval Requires: python3-wrapt Requires: unoconv Requires(pre): /usr/sbin/groupadd Requires(pre): /usr/sbin/useradd -# Post requires update-alternatives to install tool update-alternatives. -#Requires(post): update-alternatives - BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch - %{?systemd_requires} %description @@ -88,8 +82,7 @@ %setup -q cp %{S:1} . cp %{S:2} . -%patch0 -p0 -%patch1 -p1 -F2 +%patch0 -p1 %build python3 setup.py build @@ -105,19 +98,24 @@ install -p -m 644 %{SOURCE20} $RPM_BUILD_ROOT%{_unitdir}/%{name}.service mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/{lib,log}/%{base_name} -%fdupes -s %{buildroot} + +%python_expand %fdupes %{buildroot}%{$python_sitelib} %pre -getent group tryton > /dev/null || %{_sbindir}/groupadd -r tryton + +#Write GH Variable /etc/tryton/gnuhealthrc +cat > /etc/tryton/gnuhealthrc << "EOF" +TRYTON_VERSION=%{version} +EOF + +getent group tryton > /dev/null || %{_sbindir}/groupadd -r tryton || : getent passwd tryton > /dev/null || %{_sbindir}/useradd -r -g tryton \ -d %{_localstatedir}/lib/%{name} -s /sbin/nologin \ - -c 'Tryton ERP' tryton + -c 'Tryton ERP' tryton || : %service_add_pre trytond.service %post %service_add_post trytond.service -# Postgresql 96 is required for tryton series 4.2.x! -#update-alternatives --set postgresql /usr/lib/postgresql96 %preun %service_del_preun trytond.service ++++++ _service ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:19.020022115 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:19.020022115 +0100 @@ -1,4 +1,4 @@ <services> - <service name="download_files" mode="localonly"/> -</services> \ No newline at end of file +<service name="download_files" mode="localonly" /> +</services> ++++++ get_login_trytond-46.patch ++++++ diff -ruN a/trytond/res/user.py b/trytond/res/user.py - --- a/trytond/res/user.py 2018-11-22 09:21:59.077931014 +0000 +++ b/trytond/res/user.py 2018-11-22 09:21:04.423129737 +0000 @@ -20,6 +20,7 @@ from sql.conditionals import Coalesce from sql.aggregate import Count from sql.operators import Concat +from random import randint try: import bcrypt @@ -542,12 +543,15 @@ ''' Return user id if password matches ''' - - LoginAttempt = Pool().get('res.user.login.attempt') - - count = LoginAttempt.count(login) - - if count > config.getint('session', 'max_attempt', default=5): - - LoginAttempt.add(login) - - raise RateLimitException() - - Transaction().atexit(time.sleep, 2 ** count - 1) + login_max_delay = config.getint('session', 'login_max_delay') + + #Use a random delay (default between 1 and login_max_delay) + #If the param is not set, it defaults to 3 + + if (not login_max_delay) or (login_max_delay < 1): + login_max_delay = 3 + delay = randint(1,login_max_delay) + for method in config.get( 'session', 'authentications', default='password').split(','): try: @@ -557,10 +561,11 @@ continue user_id = func(login, parameters) if user_id: - - LoginAttempt.remove(login) return user_id - - LoginAttempt.add(login) - - + else: + logger.warning('Invalid login from : %s', login) + time.sleep(delay) + @classmethod def _login_password(cls, login, parameters): if 'password' not in parameters: ++++++ tryton-server.README.SUSE ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:19.072022052 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:19.076022046 +0100 @@ -55,9 +55,16 @@ Tryton uses a Relational Database Management System (RDBMS) to store data. The preferred RDBMS for Tryton is PostgreSQL. -The following steps guide you through the setup: +You have to setup this database manually. Here is a short explanation how to +achieve this. - * Make sure PostgreSQL is running: +We can distinguish two scenarios, to which the following description will reference: + + 1) the database is created manually (recommended for productive environments) + + 2) the database shall be created from the Tryton client (recommended for test) + + * In both cases, make sure PostgreSQL is running: > systemctl status postgresql @@ -131,7 +138,7 @@ Creating the database for Tryton -------------------------------- -For manual creation of the database, the following steps are to be performed: +For manual creation of the database, the folowing steps are to be performed: * Creating the database: @@ -149,9 +156,7 @@ > /usr/bin/trytond-admin -c /etc/tryton/trytond.conf --all -d mydb Note: Use the database name you chose in the previous step (here as default: - mydb). You will be asked for the admin password for this database. - For the first time, log in to the newly initialized database with user 'admin' - and password as set during initialization. + mydb). You will be asked for the admin password for this database. For the first time, log in to the newly initialized database with user admin and password as set during initialization. As result you will have a bare Tryton database with the base modules installed. @@ -180,7 +185,7 @@ tryton-sao into a directory, say /srv/tryton-sao Make sure you have nodejs and git installed: - > zypper install nodejs git phantomjs + > zypper install nodejs git Now change into to installation directory and install sao: > cd /srv/tryton-sao/package @@ -251,4 +256,4 @@ This file is based on tryton-server.README.Debian Copyright: 2009-2012 Daniel Baumann <dan...@debian.org> - 2011-2014 Mathias Behrle <mathi...@m9s.biz> \ No newline at end of file + 2011-2014 Mathias Behrle <mathi...@m9s.biz> ++++++ trytond-4.2.17.tar.gz -> trytond-4.6.11.tar.gz ++++++ ++++ 35624 lines of diff (skipped) ++++++ trytond.conf ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:19.356021706 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:19.360021701 +0100 @@ -21,13 +21,13 @@ uri = postgresql:/// # +# # PostgreSQL via TCP/IP # (e.g. connecting to a PostgreSQL database running on a remote machine or # by means of md5 authentication. Needs PostgreSQL to be configured to accept # those connections (pg_hba.conf).) -# #uri = postgresql://tryton:tryton@localhost:5432/ -# + # The path to the directory where the Tryton Server stores files. # The server must have write permissions to this directory. # (Internal default: /var/lib/trytond) @@ -84,7 +84,7 @@ # Settings for the WebDAV network interface # The IP/host and port number of the interface -listen = localhost:8080 +#listen = localhost:8080 [session] # Session settings @@ -92,16 +92,6 @@ # The time (in seconds) until an inactive session expires #timeout = 3600 -# The server administration password used by the client for -# the execution of database management tasks. It is encrypted -# using using the Unix crypt(3) routine. A password can be -# generated using the following command line (on one line): -# $ python -c 'import getpass,crypt,random,string; \ -# print crypt.crypt(getpass.getpass(), \ -# "".join(random.sample(string.ascii_letters + string.digits, 8)))' -# Example password with 'admin' -#super_pwd = jkUbZGvFNeugk - [email] # Mail settings @@ -135,4 +125,4 @@ [web] # Path for the web-frontend -#root = /usr/lib/node_modules/tryton-sao +#root = /usr/lib/node-modules/tryton-sao ++++++ trytond.conf.example ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:19.380021676 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:19.380021676 +0100 @@ -16,12 +16,16 @@ # (e.g. PostgreSQL database running on the same machine (localhost)) #uri = postgresql://tryton:tryton@/ # +#Default setting for a local postgres database + +uri = postgresql:/// + +# # PostgreSQL via TCP/IP # (e.g. connecting to a PostgreSQL database running on a remote machine or # by means of md5 authentication. Needs PostgreSQL to be configured to accept # those connections (pg_hba.conf).) - -uri = postgresql://tryton:tryton@localhost:5432/ +#uri = postgresql://tryton:tryton@localhost:5432/ # The path to the directory where the Tryton Server stores files. # The server must have write permissions to this directory. @@ -132,4 +136,4 @@ [web] # Path for the web-frontend -#root = /usr/lib/node_modules/tryton-sao +#root = /usr/lib/node-modules/tryton-sao ++++++ trytond_log.conf ++++++ --- /var/tmp/diff_new_pack.QVgAM5/_old 2019-01-21 10:50:19.408021643 +0100 +++ /var/tmp/diff_new_pack.QVgAM5/_new 2019-01-21 10:50:19.408021643 +0100 @@ -7,23 +7,23 @@ [database] [formatters] -keys: simple +keys=simple [handlers] -keys: rotate +keys=rotate [loggers] -keys: root +keys=root [formatter_simple] -format: %(asctime)s] %(levelname)s:%(name)s:%(message)s -datefmt: %a %b %d %H:%M:%S %Y +format=%(asctime)s] %(levelname)s:%(name)s:%(message)s +datefmt=%a %b %d %H:%M:%S %Y [handler_rotate] -class: handlers.TimedRotatingFileHandler -args: ('/var/log/tryton/trytond.log', 'D', 1, 30) -formatter: simple +class=handlers.TimedRotatingFileHandler +args=('/var/log/tryton/trytond.log', 'D', 1, 30) +formatter=simple [logger_root] -level: INFO -handlers: rotate +level=INFO +handlers=rotate