Age | Commit message (Collapse) | Author |
|
- Use time::Timespec instead of std::time::SystemTime in the API.
- Record timestamps of encryptions and verifications.
- Adapt the tool.
|
|
- Move store::backend to its own directory, so that we can put the
store::backend::log module in its own file.
- Implement iterators for retrieving log messages related to stores,
bindings, and keys.
- Use loose coupling of logs and other entities, so that we can
delete either without worrying about the other.
- Add commands to the tool to retrieve logs.
|
|
- Do not silently ignore conflicts when adding bindings.
- Create BindingServer::lookup_or_create that handles the database
interaction.
- Rename KeyServer::lookup to KeyServer::lookup_or_create.
|
|
- Error handling when starting either server or process is tricky.
This patch at least displays errors when spawning a thread like we
do when spawning a process.
|
|
- Update all keys stored in a store with network policy 'encrypted'
and 'insecure' periodically using the SKS keyserver pool.
- Slightly amend the net::ipc interface so that servers can spawn
futures on the reactor.
- As a background service cannot directly communicate failures, this
patch adds a logging mechanism.
- In sq, display the key update timestamp, and the status of the
last update.
|
|
- Otherwise, the key stores may try to update keys from the network.
|
|
- Make the trait more general and easier to implement.
- Rename compute_stats to query stats and turn it into a method of
the Query trait.
|
|
- This also adds s2k support.
|
|
- Turn `Signature::hash_init` into `hash_context`: it is useful in
other contexts.
|
|
|
|
- Rename get_key_id to lookup and make it a method of Keyserver.
- Avoid failures on concurrent accesses.
|
|
- Introduce a type Timestamp that wraps SystemTime, but can be
serialized into the database.
|
|
|
|
|
|
|
|
- These were checked in by accident.
|
|
- It only contains a KeyId type which is redundant relative to KeyID
and it is buggy (e.g., when it converts a Key ID to hex, it drops
any leading zeros).
- Update users to use KeyID instead.
|
|
- Switch to using nettle for low-level hash functionality.
- Add functionality for hasing UserID, UserAttribute, Key and
Signature packets.
- Add functionliaty to compute the hashes for primary key bindings,
subkey bindings, user id bindings and user attribute bindings.
|
|
- Improve the internal subpacket parsing mechanism.
- Add support for the remaining subpackets defined in RFC 4880.
- Improve documentation.
- Add much more thorough unit tests.
|
|
|
|
- Also add corresponding commands to the tool.
|
|
- Previously, the database was initialized when a store was opened.
Initialize it at the server start instead.
|
|
- The client side of the RPC code hides the asynchronous nature of
the RPC library by sharing a common reactor. Previously, every
stub object kept a reference to the store. This, however, means
that every stub object must be created from a store. To provide a
rich iteration interface, we need to make this more flexible.
- On the server side it turns out that we do not need a mutable
reference to the database connection. Therefore, we can simply
drop the use of RefCell.
|
|
- Write proper documentation for fail! and sry!.
|
|
- Also add commands in the tool.
|
|
- The only mutable reference that we need is to the reactor core,
which we store in a RefCell anyway. Requiring mutable references
makes using the store very awkward, because the borrow checker
works on lexical scopes, not dynamic scopes.
|
|
- Map errors in the backend to 'node::Error', then convert from
'node::Error' in the frontend. No need to pollute the frontend
error type with errors from the backend.
- Instead of mapping SqlErrors like QueryReturnedNoRows everywhere,
do it once.
|
|
|
|
- Rename 'store_id' to just 'id' to make it consistent with the
other servers.
|
|
- Previously, the TcpListener 'l' that is handed to the child
process via conversion to a raw filedescriptor was closed when
being dropped. This lead to a small chance of closing the next
TcpListener, resulting in spurious failures when falling back to
the in-process server.
|
|
|
|
|
|
- There is no reason for Tag::to_numeric to be a static method.
|
|
- We don't support version 3 packets (or any other version but
version 4). If we encounter a non-v4 key or non-v4 signature,
return an Unknown packet instead.
- Use Unknown::parse to return unknown packets.
|
|
- It is not intended to be used directly, no need to clutter the
documentation with it.
|
|
- Add commands to add, import, export keys, and to get binding and
key stats.
|
|
- Also add a test for that.
|
|
- Save the label. We need this to reopen the label.
- Implement 'fmt::Debug' so that we can use 'assert_match'.
|
|
- Detect conflicts when no key is present in the database.
- Add comments.
|
|
- This aligns the name with the name of the function.
|
|
- This is no longer needed as the home is communicated via command
line argument.
|
|
|
|
- Errors need to be serialized and deserialized when using RPCs.
This is a bit lossy and needs some more work.
|
|
- Save the network policy when the store is created.
- Refuse to open the store with a different network policy.
|
|
- Save the name. We need this to reopen the store.
- Implement 'fmt::Debug' so that we can use 'assert_match'.
|
|
|
|
|
|
- At some points, we need to convert the policy to a primitive type.
It is better to just provide it.
- Use it in the ffi glue.
|
|
- The store stores transferable public keys in a SQLite database.
It runs either in an external process, or is co-located in the
current process.
- The store provides any number of stores for each application,
identified by domain and name. Each store maps labels to TPKs.
- The store uses a unified pool of TPKs. In the future, this pool
is automatically kept up-to-date.
|
|
|