| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
- To simplify debugging client-server interactions, add tracing
callbacks to `Assuan`.
|
|
- The Chameleon copied and improved `Client::send_simple`. Update
the copy here. See:
https://gitlab.com/sequoia-pgp/sequoia-chameleon-gnupg/-/blob/70802790d7d95c0084a8fea71a0836b3efc39910/src/agent.rs#L182
|
|
- If the server exits, we set the connection's state to
`WriteState::Dead`.
- When sending a message, don't panic if the connection's state is
`WriteState::Dead`. Instead, return an error message.
|
|
- dvzrv and wiktor left the project, rescind their authorizations.
- See https://gitlab.com/sequoia-pgp/sequoia-web/-/merge_requests/47 .
|
|
|
|
- Fixes #1091.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- OpenPGP uses the uncompressed representation. Previously, the
OpenSSL backend used the compressed representation by mistake.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Keep `anyhow` at 1.0.76; the latest version (1.0.80) still exhibits
the performance problem on Windows.
- See https://github.com/dtolnay/anyhow/issues/347 .
|
|
- According to the documentation for [`TcpListener::from_std`] the
passed socket must be in non-blocking mode:
> The caller is responsible for ensuring that the listener is in
> non-blocking mode. Otherwise all I/O operations on the listener
> will block the thread, which will cause unexpected
> behavior. Non-blocking mode can be set using set_nonblocking.
[`TcpListener::from_std`]: https://docs.rs/tokio/1.36.0/tokio/net/struct.TcpListener.html
- Make sure that is the case for any socket we pass to
`TcpListener::from_std`.
|
|
- Asymmetric::x25519_generate_key generates an X25519 key. Clamping
is not necessary here: X25519 mandates implicit clamping when
decrypting.
|
|
- Move common code into a common frontend function.
|
|
- Fixes #1087.
|
|
|
|
|
|
|
|
Signed-off-by: Luca Saiu <positron@pep-project.org>
|
|
|
|
|
|
- There appears to be a performance regression in version 1.0.77,
version 1.0.78, and version 1.0.79 of anyhow on Windows.
- Downgrade to 1.0.76.
- See https://github.com/dtolnay/anyhow/issues/347
|
|
|
|
|
|
- Previously, KeyHandle::partial_cmp tried to sort aliasing handles
together. However, this made the function not transitive, which
is required by implementations of PartialOrd.
- Fix this by simply comparing the byte representations, and
computing aliasing in KeyHandle::aliases.
- Note: This makes PartialOrd (and PartialEq) total, but we still
don't implement Ord (and Eq) to prevent naive comparisons.
|
|
|
|
|
|
- Cert::into_packet is problematic because it does not protect from
accidentally leaking secret key material. The documentation even
warns about that, but it still happened. Hence, this is a
violation of our safe-by-default principle guiding the API, and we
should fix it.
- The replacement, Cert::into_packets2, strips secret key material
just as serializing a cert does. To convert to a sequence of
packets while keeping the secret key material, a new function is
added: TSK::into_packets, analogous to how TSK serializes secret
key material.
|
|
|
|
|
|
- Previously, the filter operated on references with the lifetime 'a
only, which is the lifetime associated with the Cert the TSK
object references. Change the signature to take a reference with
an anonymous lifetime instead.
- This makes the filter more general, but it can no longer rely on
the fact that the references are live for 'a. However, the
function is a Fn, not a FnMut, and returns a bool, so the function
cannot store the reference anywhere, so this shouldn't make a
difference in practice.
- Annoyingly, there is a wrinkle. If a closure bound to an
identifier is given to TSK::set_filter, the Rust compiler
incorrectly (or over eagerly?) specializes the function in a way
that it doesn't match the callback's prototype:
error[E0308]: mismatched types
--> openpgp/src/serialize/cert.rs:946:16
|
946 | check!(tsk_0.as_tsk().set_filter(no_secrets),
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ one type is more general than the other
|
= note: expected trait `for<'a> Fn<(&'a packet::Key<packet::key::SecretParts, packet::key::UnspecifiedRole>,)>`
found trait `Fn<(&packet::Key<packet::key::SecretParts, packet::key::UnspecifiedRole>,)>`
note: this closure does not fulfill the lifetime requirements
--> openpgp/src/serialize/cert.rs:940:26
|
940 | let no_secrets = |_| false;
| ^^^
note: the lifetime requirement is introduced here
--> openpgp/src/serialize/cert.rs:318:23
|
318 | where P: 'a + Fn(&key::UnspecifiedSecret) -> bool
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
error: implementation of `FnOnce` is not general enough
--> openpgp/src/serialize/cert.rs:946:16
|
946 | check!(tsk_0.as_tsk().set_filter(no_secrets),
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ implementation of `FnOnce` is not general enough
|
= note: closure with signature `fn(&'2 packet::Key<packet::key::SecretParts, packet::key::UnspecifiedRole>) -> bool` must implement `FnOnce<(&'1 packet::Key<packet::key::SecretParts, packet::key::UnspecifiedRole>,)>`, for any lifetime `'1`...
= note: ...but it actually implements `FnOnce<(&'2 packet::Key<packet::key::SecretParts, packet::key::UnspecifiedRole>,)>`, for some specific lifetime `'2`
This is easily fixed by providing a partial type for the
callback's argument. This commit includes a tweak for our test.
|
|
|
|
- When parsing a key ID string, reject short key IDs.
- Note: we can't reject short key IDs in `KeyID::from_bytes`,
because that function in infallible. But, that function does return
`KeyID::Invalid` when presented with a short key ID.
- Fixes #388.
|
|
- Simplify initialization.
- Use `KeyHandle::aliases` to compare two `KeyHandle`s.
|
|
- Add references to related functions.
|
|
- When checking for an issuer subpacket, `SubpacketAreas::issuers`,
not `SubpacketAreas::get_issuers`.
|
|
- When checking of a list of issuers contains a fingerprint, use
`KeyHandle::aliases`, don't search for the fingerprint, and then the
key ID.
|
|
- Add `UserID::from_static_bytes`, which is equivalent to
`UserID::from` for a byte slice, but is a constant function.
|
|
- When creating a `UserID`, avoid unnecessary heap allocations by
making better use of what we have. For example, we can directly
convert a `String` to a `Vec<u8>` without allocating a `Vec<u8>`,
and copying the contents.
|
