diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-05-15 16:28:11 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-05-15 16:29:55 +0200 |
commit | a25ef6974e0ba3989f6205c19a1f9ccfc81db584 (patch) | |
tree | 4ce3b386923515a662051c40f67a135ee15681f6 | |
parent | 36e2d97ac013e023feb27df939c3f6d6e32d8669 (diff) |
core, store, tool: Use realm instead of domain.
- Remove the domain parameter from core::Context.
- Replace it with a realm to be passed in when opening a store.
- For sq, merge store name and realm into the --store parameter.
- Fixes #105.
-rw-r--r-- | core/src/lib.rs | 33 | ||||
-rw-r--r-- | examples/guide-the-keystore.rs | 5 | ||||
-rw-r--r-- | ffi/examples/configure.c | 2 | ||||
-rw-r--r-- | ffi/examples/keyserver.c | 2 | ||||
-rw-r--r-- | ffi/include/sequoia/core.h | 19 | ||||
-rw-r--r-- | ffi/include/sequoia/store.h | 26 | ||||
-rw-r--r-- | ffi/lang/python/Makefile | 2 | ||||
-rw-r--r-- | ffi/lang/python/examples/decrypt.py | 3 | ||||
-rw-r--r-- | ffi/lang/python/sequoia/core.py | 4 | ||||
-rw-r--r-- | ffi/lang/python/sequoia/glue.py | 4 | ||||
-rw-r--r-- | ffi/lang/python/sequoia/store.py | 12 | ||||
-rw-r--r-- | ffi/lang/python/tests/test_armor.py | 3 | ||||
-rw-r--r-- | ffi/lang/python/tests/test_packet_parser.py | 3 | ||||
-rw-r--r-- | ffi/lang/python/tests/test_store.py | 16 | ||||
-rw-r--r-- | ffi/lang/python/tests/test_tpk.py | 24 | ||||
-rw-r--r-- | ffi/src/core.rs | 32 | ||||
-rw-r--r-- | ffi/src/net.rs | 2 | ||||
-rw-r--r-- | ffi/src/store.rs | 22 | ||||
-rw-r--r-- | ipc/src/lib.rs | 2 | ||||
-rw-r--r-- | net/src/lib.rs | 6 | ||||
-rw-r--r-- | net/tests/hkp.rs | 4 | ||||
-rw-r--r-- | store/src/backend/mod.rs | 30 | ||||
-rw-r--r-- | store/src/lib.rs | 167 | ||||
-rw-r--r-- | store/src/store_protocol.capnp | 6 | ||||
-rw-r--r-- | store/tests/ipc-policy.rs | 18 | ||||
-rw-r--r-- | tool/src/sq.rs | 39 | ||||
-rw-r--r-- | tool/src/sq_cli.rs | 11 |
27 files changed, 235 insertions, 262 deletions
diff --git a/core/src/lib.rs b/core/src/lib.rs index a3b6010e..540ae34a 100644 --- a/core/src/lib.rs +++ b/core/src/lib.rs @@ -13,7 +13,7 @@ /// # use sequoia_core::{Context, Result}; /// # f().unwrap(); /// # fn f() -> Result<()> { -/// let c = Context::new("org.example.webmail")?; +/// let c = Context::new(); /// # Ok(()) /// # } /// ``` @@ -39,7 +39,7 @@ use tempdir::TempDir; /// # use sequoia_core::{Context, Result}; /// # f().unwrap(); /// # fn f() -> Result<()> { -/// let c = Context::new("org.example.webmail")?; +/// let c = Context::new()?; /// # Ok(()) /// # } /// ``` @@ -51,7 +51,7 @@ use tempdir::TempDir; /// # use sequoia_core::{Context, NetworkPolicy, Result}; /// # f().unwrap(); /// # fn f() -> Result<()> { -/// let c = Context::configure("org.example.webmail") +/// let c = Context::configure() /// # .ephemeral() /// .network_policy(NetworkPolicy::Offline) /// .build()?; @@ -59,7 +59,6 @@ use tempdir::TempDir; /// # } /// ``` pub struct Context { - domain: String, home: PathBuf, lib: PathBuf, network_policy: NetworkPolicy, @@ -71,7 +70,6 @@ pub struct Context { impl Clone for Context { fn clone(&self) -> Self { Context { - domain: self.domain.clone(), home: self.home.clone(), lib: self.lib.clone(), network_policy: self.network_policy, @@ -100,26 +98,17 @@ fn prefix() -> PathBuf { impl Context { /// Creates a Context with reasonable defaults. - /// - /// `domain` should uniquely identify your application, it is - /// strongly suggested to use a reversed fully qualified domain - /// name that is associated with your application. - pub fn new(domain: &str) -> Result<Self> { - Self::configure(domain).build() + pub fn new() -> Result<Self> { + Self::configure().build() } /// Creates a Context that can be configured. /// - /// `domain` should uniquely identify your application, it is - /// strongly suggested to use a reversed fully qualified domain - /// name that is associated with your application. - /// /// The configuration is seeded like in `Context::new`, but can be /// modified. A configuration has to be finalized using /// `.build()` in order to turn it into a Context. - pub fn configure(domain: &str) -> Config { + pub fn configure() -> Config { Config(Context { - domain: String::from(domain), home: PathBuf::from(""), // Defer computation of default. lib: prefix().join("lib").join("sequoia"), network_policy: NetworkPolicy::Encrypted, @@ -129,11 +118,6 @@ impl Context { }) } - /// Returns the domain of the context. - pub fn domain(&self) -> &str { - &self.domain - } - /// Returns the directory containing shared state. pub fn home(&self) -> &Path { &self.home @@ -169,7 +153,7 @@ impl Context { /// # use sequoia_core::{Context, NetworkPolicy, Result}; /// # f().unwrap(); /// # fn f() -> Result<()> { -/// let c = Context::configure("org.example.webmail") +/// let c = Context::configure() /// # .ephemeral() /// .network_policy(NetworkPolicy::Offline) /// .build()?; @@ -185,8 +169,7 @@ impl Context { /// # use std::path::Path; /// # f().unwrap(); /// # fn f() -> Result<()> { -/// let c = Context::configure("org.example.my.test") -/// .ephemeral().build()?; +/// let c = Context::configure().ephemeral().build()?; /// let ephemeral_home = c.home().to_path_buf(); /// // Do some tests. /// drop(c); diff --git a/examples/guide-the-keystore.rs b/examples/guide-the-keystore.rs index b4c5b15b..4748ad6b 100644 --- a/examples/guide-the-keystore.rs +++ b/examples/guide-the-keystore.rs @@ -39,13 +39,14 @@ fn main() { -----END PGP PUBLIC KEY BLOCK-----"; // Provide some context. - let ctx = core::Context::new("org.sequoia-pgp.guide").unwrap(); + let ctx = core::Context::new().unwrap(); // Parse TPK. let tpk = openpgp::TPK::from_bytes(tpk).unwrap(); // Open a store. - let store = store::Store::open(&ctx, "default").unwrap(); + let store = + store::Store::open(&ctx, store::REALM_CONTACTS, "default").unwrap(); // Store the TPK. store.import("Ἀριστοτέλης", &tpk).unwrap(); diff --git a/ffi/examples/configure.c b/ffi/examples/configure.c index 23e243ac..37401047 100644 --- a/ffi/examples/configure.c +++ b/ffi/examples/configure.c @@ -24,7 +24,7 @@ main (int argc, char **argv) sq_context_t ctx; sq_keyserver_t ks; - cfg = sq_context_configure ("org.sequoia-pgp.example"); + cfg = sq_context_configure (); sq_config_network_policy (cfg, SQ_NETWORK_POLICY_OFFLINE); ctx = sq_config_build (cfg, &err); if (ctx == NULL) diff --git a/ffi/examples/keyserver.c b/ffi/examples/keyserver.c index 1e6ca135..3a0acae7 100644 --- a/ffi/examples/keyserver.c +++ b/ffi/examples/keyserver.c @@ -24,7 +24,7 @@ main (int argc, char **argv) sq_keyserver_t ks; pgp_tpk_t tpk; - ctx = sq_context_new ("org.sequoia-pgp.example", &err); + ctx = sq_context_new (&err); if (ctx == NULL) error (1, 0, "Initializing sequoia failed: %s", pgp_error_to_string (err)); diff --git a/ffi/include/sequoia/core.h b/ffi/include/sequoia/core.h index d34f8985..c7f73f45 100644 --- a/ffi/include/sequoia/core.h +++ b/ffi/include/sequoia/core.h @@ -14,7 +14,7 @@ /// # Example /// /// ```c -/// struct sq_context *ctx sq_context_new("org.sequoia-pgp.example"); +/// struct sq_context *ctx sq_context_new(); /// if (ctx == NULL) { ... } /// ``` /*/ @@ -125,14 +125,10 @@ typedef enum sq_ipc_policy { /*/ /// Creates a Context with reasonable defaults. /// -/// `domain` should uniquely identify your application, it is strongly -/// suggested to use a reversed fully qualified domain name that is -/// associated with your application. `domain` must not be `NULL`. -/// /// Returns `NULL` on errors. If `errp` is not `NULL`, the error is /// stored there. /*/ -sq_context_t sq_context_new(const char *domain, pgp_error_t *errp); +sq_context_t sq_context_new(pgp_error_t *errp); /*/ /// Frees a context. @@ -142,20 +138,11 @@ void sq_context_free(sq_context_t context); /*/ /// Creates a Context that can be configured. /// -/// `domain` should uniquely identify your application, it is strongly -/// suggested to use a reversed fully qualified domain name that is -/// associated with your application. `domain` must not be `NULL`. -/// /// The configuration is seeded like in `sq_context_new`, but can be /// modified. A configuration has to be finalized using /// `sq_config_build()` in order to turn it into a Context. /*/ -sq_config_t sq_context_configure(const char *domain); - -/*/ -/// Returns the domain of the context. -/*/ -const char *sq_context_domain(const sq_context_t ctx); +sq_config_t sq_context_configure(void); /*/ /// Returns the directory containing shared state. diff --git a/ffi/include/sequoia/store.h b/ffi/include/sequoia/store.h index 343e52ab..47b581b1 100644 --- a/ffi/include/sequoia/store.h +++ b/ffi/include/sequoia/store.h @@ -4,6 +4,16 @@ #include <sequoia/core.h> /*/ +/// Keys used for communications. +/*/ +const char *SQ_REALM_CONTACTS = "org.sequoia-pgp.contacts"; + +/*/ +/// Keys used for signing software updates. +/*/ +const char *SQ_REALM_SOFTWARE_UPDATES = "org.sequoia-pgp.software-updates"; + +/*/ /// A public key store. /*/ typedef struct sq_store *sq_store_t; @@ -156,13 +166,13 @@ typedef struct sq_store_iter *sq_store_iter_t; /*/ /// Returns the next store. /// -/// Returns `NULL` on exhaustion. If `domainp` is not `NULL`, the -/// stores domain is stored there. If `namep` is not `NULL`, the +/// Returns `NULL` on exhaustion. If `realmp` is not `NULL`, the +/// stores realm is stored there. If `namep` is not `NULL`, the /// stores name is stored there. If `policyp` is not `NULL`, the /// stores network policy is stored there. /*/ sq_store_t sq_store_iter_next (sq_store_iter_t iter, - char **domainp, + char **realmp, char **namep, uint8_t *policyp); @@ -242,17 +252,17 @@ sq_key_iter_t sq_store_list_keys (sq_context_t ctx); /*/ /// Opens a store. /// -/// Opens a store with the given name. If the store does not -/// exist, it is created. Stores are handles for objects -/// maintained by a background service. The background service -/// associates state with this name. +/// Opens a store with the given name in the given realm. If the +/// store does not exist, it is created. Stores are handles for +/// objects maintained by a background service. The background +/// service associates state with this name. /// /// The store updates TPKs in compliance with the network policy /// of the context that created the store in the first place. /// Opening the store with a different network policy is /// forbidden. /*/ -sq_store_t sq_store_open (sq_context_t ctx, const char *name); +sq_store_t sq_store_open (sq_context_t ctx, const char *realm, const char *name); /*/ /// Adds a key identified by fingerprint to the store. diff --git a/ffi/lang/python/Makefile b/ffi/lang/python/Makefile index f398c0c2..429a133e 100644 --- a/ffi/lang/python/Makefile +++ b/ffi/lang/python/Makefile @@ -50,7 +50,7 @@ ifneq "$(PYTHON)" "disable" cp build/*/_sequoia.abi*.so . # XXX can we get setuptools to do that? LDFLAGS=-L$(CARGO_TARGET_DIR)/debug LD_LIBRARY_PATH=$(CARGO_TARGET_DIR)/debug \ $(IPYTHON) -i -c \ -'from sequoia.prelude import *; ctx = Context("org.sequoia-pgp.tests.interactive")' +'from sequoia.prelude import *; ctx = Context()' endif # Installation. diff --git a/ffi/lang/python/examples/decrypt.py b/ffi/lang/python/examples/decrypt.py index c65f151d..1f4109e1 100644 --- a/ffi/lang/python/examples/decrypt.py +++ b/ffi/lang/python/examples/decrypt.py @@ -5,8 +5,7 @@ from enum import Enum, auto from sequoia.core import Context, NetworkPolicy from sequoia.openpgp import Tag, PacketParser -ctx = Context("org.sequoia-pgp.examples", - network_policy=NetworkPolicy.Offline, +ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) class State(Enum): diff --git a/ffi/lang/python/sequoia/core.py b/ffi/lang/python/sequoia/core.py index a7e12808..b985247b 100644 --- a/ffi/lang/python/sequoia/core.py +++ b/ffi/lang/python/sequoia/core.py @@ -18,12 +18,12 @@ class IPCPolicy(Enum): class Context(SQObject): _del = lib.sq_context_free - def __init__(self, domain, + def __init__(self, home=None, network_policy=NetworkPolicy.Encrypted, ipc_policy=IPCPolicy.Robust, ephemeral=False): - cfg = lib.sq_context_configure(domain.encode()) + cfg = lib.sq_context_configure() if home: lib.sq_config_home(cfg, home.encode()) lib.sq_config_network_policy(cfg, network_policy.value) diff --git a/ffi/lang/python/sequoia/glue.py b/ffi/lang/python/sequoia/glue.py index ea40d20c..cca3a71d 100644 --- a/ffi/lang/python/sequoia/glue.py +++ b/ffi/lang/python/sequoia/glue.py @@ -109,6 +109,10 @@ def sq_str(s): return t _str = sq_str +def sq_static_str(s): + return ffi.string(s).decode() +_static_str = sq_static_str + def sq_iterator(iterator, next_fn, map=lambda x: x): while True: entry = next_fn(iterator) diff --git a/ffi/lang/python/sequoia/store.py b/ffi/lang/python/sequoia/store.py index 4a7a41a9..c9ce84e8 100644 --- a/ffi/lang/python/sequoia/store.py +++ b/ffi/lang/python/sequoia/store.py @@ -1,12 +1,18 @@ from _sequoia import ffi, lib from .error import Error -from .glue import _str, SQObject, sq_iterator, sq_time +from .glue import _str, _static_str, SQObject, sq_iterator, sq_time from .openpgp import Fingerprint, TPK class Store(SQObject): _del = lib.sq_store_free + # Keys used for communications. + REALM_CONTACTS = _static_str(lib.SQ_REALM_CONTACTS) + + # Keys used for signing software updates. + REALM_SOFTWARE_UPDATES = _static_str(lib.SQ_REALM_SOFTWARE_UPDATES) + @classmethod def server_log(cls, ctx): yield from sq_iterator( @@ -34,8 +40,8 @@ class Store(SQObject): next_fn) @classmethod - def open(cls, ctx, name): - return Store(lib.sq_store_open(ctx.ref(), name.encode()), context=ctx) + def open(cls, ctx, realm=REALM_CONTACTS, name="default"): + return Store(lib.sq_store_open(ctx.ref(), realm.encode(), name.encode()), context=ctx) def add(self, label, fingerprint): diff --git a/ffi/lang/python/tests/test_armor.py b/ffi/lang/python/tests/test_armor.py index e439f612..93486703 100644 --- a/ffi/lang/python/tests/test_armor.py +++ b/ffi/lang/python/tests/test_armor.py @@ -7,8 +7,7 @@ from sequoia.openpgp import ArmorReader, ArmorWriter, Kind TEST_VECTORS = [0, 1, 2, 3, 47, 48, 49, 50, 51] -ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, +ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) def fn_bin(t): diff --git a/ffi/lang/python/tests/test_packet_parser.py b/ffi/lang/python/tests/test_packet_parser.py index de126bc3..e50a58f5 100644 --- a/ffi/lang/python/tests/test_packet_parser.py +++ b/ffi/lang/python/tests/test_packet_parser.py @@ -6,8 +6,7 @@ pgp = "../../../openpgp/tests/data/messages/encrypted-aes128-password-123456789. plain = "../../../openpgp/tests/data/messages/a-cypherpunks-manifesto.txt" def test_decryption(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) class State(Enum): diff --git a/ffi/lang/python/tests/test_store.py b/ffi/lang/python/tests/test_store.py index 0c86a689..454afb7d 100644 --- a/ffi/lang/python/tests/test_store.py +++ b/ffi/lang/python/tests/test_store.py @@ -1,18 +1,18 @@ from sequoia.prelude import Context, Store, Fingerprint def test_open(): - c = Context("org.sequoia-pgp.tests", ephemeral=True) - Store.open(c, "default") + c = Context(ephemeral=True) + Store.open(c) def test_add(): - c = Context("org.sequoia-pgp.tests", ephemeral=True) - s = Store.open(c, "default") + c = Context(ephemeral=True) + s = Store.open(c) fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE") s.add("Ἀριστοτέλης", fp) def test_iterate(): - c = Context("org.sequoia-pgp.tests", ephemeral=True) - s = Store.open(c, "default") + c = Context(ephemeral=True) + s = Store.open(c) fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE") s.add("Ἀριστοτέλης", fp) l = list(s.iter()) @@ -23,8 +23,8 @@ def test_iterate(): assert fpi == fp def test_logs(): - c = Context("org.sequoia-pgp.tests", ephemeral=True) - s = Store.open(c, "default") + c = Context(ephemeral=True) + s = Store.open(c) fp = Fingerprint.from_hex("7DCA58B54EB143169DDEE15F247F6DABC84914FE") b = s.add("Ἀριστοτέλης", fp) l = list(s.iter()) diff --git a/ffi/lang/python/tests/test_tpk.py b/ffi/lang/python/tests/test_tpk.py index c630798f..5e06bd93 100644 --- a/ffi/lang/python/tests/test_tpk.py +++ b/ffi/lang/python/tests/test_tpk.py @@ -9,16 +9,14 @@ asc = "../../../openpgp/tests/data/keys/testy.asc" fp = Fingerprint.from_hex("3E8877C877274692975189F5D03F6F865226FE8B") def test_from_reader(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) r = Reader.open(ctx, pgp) t = TPK.from_reader(ctx, r) assert t.fingerprint() == fp def test_from_armor_reader(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) k = open(asc, "rb").read() r = Reader.from_bytes(ctx, k) @@ -27,30 +25,26 @@ def test_from_armor_reader(): assert t.fingerprint() == fp def test_from_file(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) t = TPK.open(ctx, pgp) assert t.fingerprint() == fp def test_from_packet_pile(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) r = PacketPile.open(ctx, pgp) t = TPK.from_packet_pile(ctx, r) assert t.fingerprint() == fp def test_from_bytes(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) t = TPK.from_bytes(ctx, open(pgp, "rb").read()) assert t.fingerprint() == fp def test_from_serialize(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) with TemporaryDirectory() as tmp: sink = join(tmp, "a") @@ -63,8 +57,7 @@ def test_from_serialize(): assert t.fingerprint() == fp def test_equals(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) b = open(pgp, "rb").read() t = TPK.from_bytes(ctx, b) @@ -72,8 +65,7 @@ def test_equals(): assert t == u def test_clone(): - ctx = Context("org.sequoia-pgp.tests", - network_policy=NetworkPolicy.Offline, + ctx = Context(network_policy=NetworkPolicy.Offline, ephemeral=True) a = TPK.open(ctx, pgp) b = a.copy() diff --git a/ffi/src/core.rs b/ffi/src/core.rs index 5b139fb4..830391d6 100644 --- a/ffi/src/core.rs +++ b/ffi/src/core.rs @@ -13,7 +13,7 @@ //! #include <sequoia.h> //! //! sq_context_t ctx; -//! ctx = sq_context_new ("org.sequoia-pgp.example", NULL); +//! ctx = sq_context_new (NULL); //! //! /* Use Sequoia. */ //! @@ -29,7 +29,7 @@ //! sq_config_t cfg; //! sq_context_t ctx; //! -//! cfg = sq_context_configure ("org.sequoia-pgp.example"); +//! cfg = sq_context_configure (); //! sq_config_network_policy (cfg, SQ_NETWORK_POLICY_OFFLINE); //! ctx = sq_config_build (cfg, NULL); //! @@ -72,20 +72,13 @@ fn sq_context_last_error(ctx: *mut Context) -> *mut ::error::Error { /// Creates a Context with reasonable defaults. /// -/// `domain` should uniquely identify your application, it is strongly -/// suggested to use a reversed fully qualified domain name that is |