Age | Commit message (Collapse) | Author |
|
|
|
- Provide a function Descriptor::connect_with_policy that allows one
to override the configured IPC policy.
- Can be used to enforce the handling of secret key material in an
external server.
|
|
- By using the asynchronous network interface in the housekeeping
"thread", we avoid blocking it and thus the caller.
|
|
- Use failure to handle backend errors, then convert prior to
transmission over RPC.
|
|
|
|
- The header was already unwieldy, and we did not even include
accessors for all the data structures we currently have.
|
|
|
|
- This binds the functions of the store module.
- Note that the logs and stats are currently not useful because they
lack accessors.
|
|
|
|
|
|
- Organize the ffi module the way Sequoia is organized.
- Add more examples.
|
|
- Also fix the error handling.
|
|
|
|
|
|
|
|
- All ffi functions need the no_mangle attribute.
|
|
|
|
- Introduce sq_context_t as alias for struct sq_context *.
- Our types are opaque structs for the C world, there is no point in
calling it a struct everywhere. Also, since the struct definition
is incomplete, one can only ever point to these objects, hence we
just make the *_t types pointers.
|
|
- Use the new facilities for more functions.
- Improve documentation.
|
|
|
|
- Add a new type ffi::Context that provides an error slot.
- Functions that can return complex errors can stash the error
there, while still be convenient to use.
- For now, there is only sq_last_strerror that returns a string
representation of the error. In the future we should also return
a numeric code, and may want to expose the stack of failures.
|
|
- Do not provide slug when listing entries related to a specific
binding.
|
|
- Provide meaningful slugs.
- Use key ids instead of fingerprints.
|
|
|
|
|
|
|
|
- Use $crate to refer to the current crate making this macro easier
to use.
- Simplify examples accordingly.
|
|
|
|
|
|
|
|
- Add a simple integration test checking hkp interactions.
|
|
- Provide external servers with a more useful context. This is not
so critical for the keystore, but could be interesting for servers
providing secret key services.
|
|
- Move the call to env::home_dir from Context::configure to
Config.build. This lets us handle failures, which should be rare.
On systems where it fails (think embedded systems), users have to
explicitly provide a path.
- Allow ephemeral contexts with explicitly configure home
directories. E.g. clients and servers share ephemeral contexts
with the same home directory.
|
|
- Now that the Context is Send + Clone, we can attach a clone to the
Descriptor and pass it to the server thread.
|
|
- We no longer rely on TempDir to clean up the directory, but we do
it in Drop. Since we no longer need the TempDir around, we are
now Send.
- Implement Clone so that cloned contexts do not delete the
temporary home when dropped.
|
|
- We should replace this with a more comprehensive example covering
the other crates too.
|
|
- This is especially helpful for documentation and experimentation.
|
|
- With this change, both types can also own the source or sink.
|
|
|
|
|
|
- The failure crate is a young error handling solution for Rust. It
may change the API, but since we pin our dependencies, this should
not be a problem for us, albeit a bit inconvenient.
- Introduction of the crate is a bit noisy, but not as bad as
anticipated, because failure magically handles all errors used in
the standard library.
- Matching on concrete error values requires downcasting before
matching, which seems a bit unidiomatic. This is the cost of
using and "chaining" arbitrary error types. This is something
that may be improved later on in the library or language.
- Having said that, using the error type in the tool was nice. I
did not have to use a downcast, so maybe my worries about
downcasts are unjustified because it is not such a common use case
after all. On the other hand, the tool is quite simple and our
only mode of failure is to print the message.
|
|
|
|
|
|
- Spawn background servers according to the IPC policy.
- Add a test to store that demonstrates this.
|
|
- The IPC policy governs how we spawn background servers.
- Add ffi glue.
|
|
- Previously, servers running in threads advertised their cookie in
the synchronization file, making it possible to connect to them.
However, the lifetime of these servers is bound to the lifetime of
the host process. This leads to spurious errors for other
processes when servers go down unexpectedly. A scheme to restart
servers magically seems not worth the trouble. This means that
servers need to rely on some other synchronization mechanism to
control access to shared resources.
|
|
- Test storing and retrieving a key.
|
|
- Replace StoreIterItem, BindingIterItem, and KeyIterItem with
tuples.
- Remove binding counts from the items. If such information is
needed, an RPC should be introduced.
- Update all callers.
|
|
- Improves time handling in the backend. Uses time instead of
std::time.
- Use UTC.
|
|
|