diff options
author | Neal H. Walfield <neal@pep.foundation> | 2020-01-06 10:29:13 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2020-01-06 14:34:03 +0100 |
commit | 7e78e716610ac3a9bff86035c52b344b437951a2 (patch) | |
tree | 8897a006fd588a019c4beffabdf0050bdc1b8c5b /sqv | |
parent | a01b070c9599be7f2be4dfaa25dd9ff01efe8a57 (diff) |
openpgp: Pass a timestamp to the KeyIter instead of each filter.
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
Diffstat (limited to 'sqv')
-rw-r--r-- | sqv/src/sqv.rs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs index 59ea23d2..e1859132 100644 --- a/sqv/src/sqv.rs +++ b/sqv/src/sqv.rs @@ -155,7 +155,7 @@ fn real_main() -> Result<(), failure::Error> { fn cert_has_key(cert: &Cert, keyid: &KeyID) -> bool { // Even if a key is revoked or expired, we can still use it to // verify a message. - cert.keys().any(|ka| *keyid == ka.key().keyid()) + cert.keys().any(|key| *keyid == key.keyid()) } // Find the certs. @@ -233,7 +233,7 @@ fn real_main() -> Result<(), failure::Error> { if let Some(cert) = certs.get(&issuer.clone().into()) { let cert = cert.borrow(); // Find the right key. - for ka in cert.keys() { + for ka in cert.keys().policy(None) { // Use the current binding signature. let binding = match ka.binding_signature(None) { Some(b) => b, |