Age | Commit message (Collapse) | Author |
|
- https://rust-lang.github.io/rust-clippy/master/index.html#clone_on_copy
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#single_component_path_imports
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#iter_nth_zero
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#len_zero
|
|
- Constants have by default a `'static` lifetime
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#needless_return
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#match_like_matches_macro
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#useless_asref
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#char_lit_as_u8
|
|
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#useless_conversion
|
|
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#or_fun_call
|
|
|
|
- This check no longer makes sense as the crate versions are no
longer in sync.
- Fixes #703.
|
|
|
|
|
|
- The size of SystemTime is an implementation detail of the
standard library and does not give a direct indication whether
values larger that i32::MAX will fit in it.
- Adjust the test to observe if we are on a system can represent
a large value as a SystemTime or not, and assert that the values
are clamped correctly.
|
|
@nwalfield suggested this correction in #697
|
|
on Debian GNU/Linux systems, time_t is 4 octets for i386 (rust calls
this platform target_arch "x86"), armel ("arm"), armhf ("arm"), and
mipsel ("mips"). I've pulled these arch names from platforms [0].
[0] https://github.com/RustSec/platforms-crate/blob/main/src/target/arch.rs
There are likely other platforms that have a 32-bit time_t (and indeed,
some variants of 32-bit platforms like musl may have a 64-bit time_t [1]),
so this gating mechanism still isn't quite right. But it's an improvement
over the status quo of just gating on target_arch = "x86".
[1] https://musl.libc.org/time64.html
|
|
|
|
|
|
|
|
- This causes issues when dependencies are merged as rand 0.8 has more
granular feature selection and at least `std` should be used there.
|
|
- Use explicit depth to indicate how many redirects have been executed
and break the loop if the number is bigger than 10.
- Using `reqwest` was considered but rejected due to Tokio version
incompatibility (`reqwest` insists on using Tokio 1 while Sequoia
uses 0.2 in many places).
|
|
- See: https://lists.gnupg.org/pipermail/gnupg-devel/2018-May/033736.html
- This solves lookups on domains that do redirects such as kernel.org
- Fixes #666.
|
|
- This moves all functionality from sequoia_core crate as an inner
`core` module of the ipc crate.
- The `core` module has to be public as other crates depend on
`core::Context` either directly (store, ffi) or indirectly (store
through ffi crate).
- Remove the `core` crate completely.
|
|
- Rewrite any `expect`s and `unwrap`s into the `?` operator.
- This loses the error detail. It could be recovered using `context`
but for simplicity sake of the example the `?` operator suffices.
- Additionally the `crate::` prefix has been removed as it is not
necessary.
|
|
|
|
|
|
|
|
- Fixes #698.
|
|
- Previously the armor::Writer was used but this caused the armoring
not to be finalized and the output to appear truncated.
- Migrate to Armorer to fix the resulting output.
|
|
- The regex 'a|b|' is an alternation of three branches: 'a', 'b',
and ''. The last branch matches anything, so the alternation
matches anything, and therefore the whole thing can be
elided.
- This is required for regex <= 1.3.7, which doesn't support empty
alternations.
- Unfortunately, this is the version in Debian Bullseye.
- Fixes #694.
|
|
- At some point, invalid self-signatures would be mis-classified as
third-party certifications by Cert::canonicalize. As a side-effect,
invalid self-revocations would be considered third-party
revocations, changing the certificates revocation status to
CouldBe. Confusingly, also changing the digest prefix would break
this mis-classification, resulting in a revocation status of
NotAsFarAsWeKnow.
- The underlying issue was fixed in
7afee60b7cf0f19559bfccd8c42fdc77f6b9c655.
- Add a test that demonstrates that bad signatures are now
recognized as such, and that the confusing behavior previously
observed is now consistent.
- Fixes #486.
|
|
|
|
|
|
- Previously, serializing Packet::PublicKey(k) would not serialize
any secret key material on k, but when comparing
Packet::PublicKey(k) with Packet::PublicKey(l), the secret key
material would be significant. This is in conflict with our
definition of equality, which states that two objects are
considered equal if their canonical serialized form is equal.
- Closely related, secret key material was considered significant
when comparing Key<_, _> objects, and secret key material was
emitted when they were serialized, even for objects of type
Key<PublicParts, _>.
- Align equality, serialization of Key<_, _> objects by ignoring any
secret key material when comparing and serializing objects of type
Key<PublicParts, _>.
- Fixes #632 and #633.
|
|
|
|
- This avoids side-channel attacks on the MDC computed digest.
|
|
- Tampering with MDC packets can be used to create decryption
oracles. To defend against that, we need to respond with uniform
error messages.
- Thanks to Lara Bruseghini for bringing this to our attention.
- Fixes #693.
|
|
- Add a test exercising key encryption.
- Demonstrate that key packets are correctly replacing existing
packets when using Cert::insert_packets.
|
|
|
|
- Fixes #686.
|
|
- See #686.
|
|
- See #686.
|
|
- See #335 and https://savannah.nongnu.org/bugs/index.php?60154
|
|
- Try hard to list the most relevant (i.e. primary) user id.
- Add a flag --all-userids to list all userids.
|
|
- Fixes #689.
|