Age | Commit message (Collapse) | Author |
|
- rpassword underwent some rework. The successor of
read_password_from_tty seems to be prompt_password, relevant commits
to rpassword:
- e6023757df00a67a1e16796db50c5ffad41b6268
- 2edf6cee07573ec4aa86531e6177ee90331d5c60
|
|
Generate an all-in-one manual page sq.1, and a separate manual page
for each leaf level subcommand: sq-armor.1, seq-key-generate.1, etc.
We've previously had a grouping of subcommands per top level
subcommand: all sub-subcommands of "sq key" would go into sq-key.1.
However, I found that to be hard to follow, as a reader. I prefer
either all in one, or just the one subcommand in a page.
Use custom code to generate the manual page, in sq/src/man.rs, because
I wasn't happy with clap_mangen output, and wanted something more
idiomatic. The custom code is a little specific for sq, and may or may
not be possible to use for other programs.
To trigger manual page generation, run sq with SQ_MAN set to the name
of a directory where the manual pages should be written, when running
sq. This was an easier way to do this than a new, hidden
subcommand ("sq generate-man" or something like that).
Add the roff crate as a dependency. It's used to generate troff source
code for manual pages. Generating correct troff is tricky enough that
there's no point in doing it manually.
Move the "SEE ALSO" section in the "after_help" text for "sq verify"
into the "before_help" so that it doesn't end up as plain text in the
manual page. This was an easier change than making the "sq help text
markup" parser in sq/src/man.rs understand the SEE ALSO heading.
Sponsored-by: pep.foundation
|
|
Update the dependency on Subplot to 0.5.0.
Subplot 0.5.0 requires document metadata (title, bindings files, etc)
to be in its own YAML file, where previous versions required it to be
embedded in Markdown (still as YAML). Move the metadata to sq.subplot
and fix what breaks.
Sponsored-by: pep.foundation
|
|
- Add dane::get.
- Make EmailAddress functions pub(crate) to use them from the DANE
module.
- Add tests for generating correct FQDN.
- See #865.
|
|
This will let `sq` not depend on `clap` version 2, even transitively.
Sponsored-by: pep.foundation
|
|
|
|
These aren't used yet, this is preparation for future changes.
Sponsored-by: NLnet Foundation; NGI Assure
|
|
|
|
|
|
|
|
- Use the latest versions of capnp and tokio.
- The ipc crate exposes capnp and tokio symbols via its public
API (sequoia_ipc::Handler). Thus any user of the ipc crate has
to use the same version. Upgrade the dependencies so that
downstream users can use the latest features.
|
|
|
|
|
|
- lalpop v0.19 a default features we do not use, we should not build
them, either.
- lalrpop v0.17, which we allow for Debian's benefit, does not have
any explicit features. In this case, stating
"default-features = false" in Cargo.toml does not hurt.
|
|
Change sq command line handling from using clap version 2 to version 3,
and adapt to all the breaking changes.
Clap version 3 is a major new version with a number of breaking
changes. It also adds functionality to allow a structopt style
declarative way of defining command line syntax. We want to use that,
but first we need to port the old "builder style" of defining the
command line syntax to clap version 3. The change to use the "derive
style" comes later.
The semantics of clap version 2's .multiple function were hard to
understand and it was replaced with .multiple_occurences. Care was taken
to preserve the original intention regarding an argument's number of
occurrences and number of values.
There are some changes to help output (in src/sq-usage.rs). These are
mostly from upstream changes and we think the differences are minor so
we are okay with following upstream's lead. In summary: FLAGS and
OPTIONS are merged into just OPTIONS; the layout of subcommand lists are
a little different (split into two lines); there is no "[--]" before
filename arguments anymore; default and allowed values for options are
on a separate line now; --version isn't repeated for every subcommand
anymore; help is listed for each subcommand separately.
In addition, we will help clap upstream fix a problem where the
help output doesn't have a "..." to indicate that an option may be used
several times.
Further, upstream has changed --help text to be of the form "Print
help", when it earlier was "Prints help". We will change our own help
texts to follow suite in a future commit. We don't do it in this commit,
to avoid making an even larger diff.
By default, clap v3 now colors its help output. However, this does not
support custom sections like our examples. Clap is tracking this as
https://github.com/clap-rs/clap/issues/3108. In the meantime, disable
colors.
|
|
- backtrace and quickcheck_macros are unused.
- found with cargo-udeps (https://github.com/est31/cargo-udeps).
|
|
|
|
- Remove duplicate dependency on cfg-if:0.1 and cfg-if:1.0 through
different transitive dependencies.
|
|
- Removes a duplicate dependency, sequoia-net uses hyper which
already pulls in socket2:0.4.
|
|
- Removes a duplicate dependency, as itertools:0.10 is used by
lalrpop:0.19.6, among others, anyway.
|
|
Update subplotlib and subplot-build dependencies to the recent
Subplot release. Subplot made a change that changes the document
metadata, which requires dropping the "template" field and changing
"functions" to "impls" in sq-subplot.md.
Sponsored-by: pep.foundation
|
|
- See https://rustsec.org/advisories/RUSTSEC-2022-0013
|
|
|
|
|
|
- assert_cli has been deprecated for a long time, assert_cmd is the
successor.
- a4cfd15805a543a327d2242f9c0f2b653a11ee55 introduced assert_cmd to
sq, in addition to assert_cli. It does not make sense to use two
different crates for cli testing.
- Closes #640.
|
|
- Fixes #824.
|
|
- Add support for revoking certificates to sq.
|
|
|
|
|
|
- Adapt to the new API:
- Gen is now a struct, not a Trait, and replaces StdThreadGen.
- The rand re-export has been removed. As a consequence, we need
our own function to generate an arbitrary value from a range.
|
|
|
|
- Remove the general-purpose ffi crates. They will be moved into
their own repository. Note that we consider general-purpose ffi
crates to be a dead end: exposing Sequoia's interface requires a
large number of types and functions, and using the interface from
C turned out to be verbose and error-prone. Instead, we prefer to
write point solutions in Rust that implement exactly the
functionality the downstream consumer needs, then expose this via
ffi bindings.
- See https://gitlab.com/sequoia-pgp/sequoia-ffi.
|
|
|
|
|
|
|
|
- tokio 1.12 has RUSTSEC-2021-0124.
|
|
- In assuan:
- tokio::io::AsyncRead::poll_read now uses a ReadBuf buffer instead
of a &mu [u8], so use that and write to the Client's buffer only
if a read was successful.
- Poll::Ready does not report n_read any more, so there cannot be a
conflict between the reported and actual number of bytes read,
remove that case.
- Fixes #780.
|
|
- The store has never been really used, and never reached a maturity
where it was useful. And, we're on the verge of replacing it with
the Shared PGP Certificate Directory.
|
|
- This is used by the Rust Crypto crates.
|
|
|
|
|
|
- Fixes #769.
|
|
- Fixes a bug where subplot picks up the wrong binary by mistake.
|
|
|
|
|
|
- When we stream packet bodies, we hash their contents so that we
can compare them later on, even if we no longer have the data.
Previously, we used the fasted hash from the SHA2 family, either
SHA256 or SHA512 depending on the architecture.
- That, however, turned out to be a major performance problem. When
decrypting a non-compressed, binary file on amd64, we spent
roughly a third of the time just to compute the hash.
- Using the non-cryptographic hash function XXH3, we can greatly
improve the performance. On my system, it is 30x as fast as SHA3,
and reduces the overhead of computing the body hash considerably:
% time ./sq-sha512 decrypt --recipient-key juliet.key.pgp 3g-for-juliet.binary.pgp >/dev/null 2>&1
13.931 total
% time ./sq-xxh3 decrypt --recipient-key juliet.key.pgp 3g-for-juliet.binary.pgp >/dev/null 2>&1
9.264 total
- See #771.
|
|
- Add sequoia_net::pks::unlock_signer.
- Add sequoia_net::pks::unlock_decryptor.
|
|
Add support for an integration and acceptance test suite using the
Subplot tool (https://subplot.liw.fi/). There are the initial, very
simple test scenarios, to get us started. The goal is to introduce the
scaffolding for integration tests, so that further tests can be added
with ease later.
The tests are documented and defined in sq-subplot.md. In build.rs, we
call Subplot to generate test code from the markdown file. The tests
are run via "cargo test", as usual.
Subplot can also generate a typeset test document from sq-subplot.md,
but we don't do that here.
|
|
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
|
|
|