Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
- Fixes #1062.
|
|
- Fixes #104.
|
|
|
|
- Fixes https://gitlab.com/sequoia-pgp/sequoia/-/issues/1038
|
|
zbase32 is distributed under LGPL-3+ which is incompatible with some projects.
Use the MIT licensed implementation z-base-32 instead.
Signed-off-by: Dylan Aïssi <dylan.aissi@collabora.com>
|
|
- Upgrade base64 to version 0.21.
|
|
|
|
|
|
|
|
- This way, only the leaf package has to concern itself with the
selection of a cryptographic backend for Sequoia. Notably, we
don't have to repeat all of sequoia-openpgp's features in all
crates that use sequoia-openpgp.
- Enable the new feature resolver which allows for this method.
- A complication arises because we want to make `cargo test` work by
default for the intermediate crates without developers having to
select a cryptographic backend. To make that work, we implicitly
select a backend in the dev dependencies which are enabled when
compiling the tests. To make it even more convenient, we select
the most convenient backend, which is CNG for Windows and Nettle,
our default, for every other platform.
- Now that we have implicitly selected CNG on Windows for running
the tests, when the user wants to use Nettle on Windows, and does
`cargo test --features sequoia-openpgp/crypto-nettle`, then two
backends are selected: the implicitly selected CNG and the
explicitly selected Nettle. In this case, we detect that an
implicit selection has been made, and ignore the implicitly
selected backend. Now, this has already been compiled by
cargo (remember that we cannot influence the set of dependencies
at the time the build script is run), but we can still ignore the
implicit backend using conditional compilation (i.e. it will not
be included in the resulting binary). The same happens on
non-Windows platforms where Nettle is the implicit default for
tests when the user explicitly requests a different backend. In
both cases, Nettle and CNG are slim wrappers around native
libraries, so the wasted compilation time is low.
|
|
|
|
- Use Cargo.toml's rust-version field instead of a rust-toolchain
file. It is more flexible and does not prevent use of newer
compilers.
|
|
- Add dane::get.
- Make EmailAddress functions pub(crate) to use them from the DANE
module.
- Add tests for generating correct FQDN.
- See #865.
|
|
|
|
- Fixes #824.
|
|
|
|
|
|
- tokio 1.12 has RUSTSEC-2021-0124.
|
|
- Add sequoia_net::pks::unlock_signer.
- Add sequoia_net::pks::unlock_decryptor.
|
|
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
|
|
- Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
later as unanimously decided on October 18, 2021 by:
- Christof Wahl <cw@pep.security> (pEp security CEO)
- Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
employee, Sequoia developer)
- Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
employee, Sequoia Founder)
- Neal H. Walfield <neal@pep.foundation> (pEp Foundation
employee, Sequoia Founder)
- Patrick Meier <pm@pep.security> (pEp security Chief Product
and Service Officer)
- Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
Board)
- Volker Birk <vb@pep.security> (pEp security Founder, pEp
Foundation Council)
|
|
|
|
- The libtest benchmark harness that is automatically added by cargo
interferes with criterion. Disable it everywhere where there are no
benchmarks.
- https://github.com/rust-lang/rust/issues/47241
- https://bheisler.github.io/criterion.rs/book/faq.html
|
|
|
|
- Move core::NetworkPolicy to net::Policy, update all code
accordingly.
|
|
- Release buffered-reader 1.0.0, sequoia-openpgp 1.0.0, and
sequoia-sqv 1.0.0.
- Also release sequoia-sop 0.22.0.
|
|
|
|
- Versions required by feature or API usage:
- anyhow 1.0.18.
- policy::test::reject_seip_packet and
policy::test::reject_cipher' fail
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- The rfc2822 crate doesn't implement all of RFC 2822. Moreover, it
includes a number of extensions. This makes rfc2822 a misnomer.
- RFC 2822 is actually obsoleted by RFC 5322. This means that if we
ever add support for RFC 5322, it will be an even worse misnomer.
- Move the whole crate into the openpgp crate. Note: we don't
directly export the API; it is only used internally by
packet::userid.
- Closes #279.
|