| Age | Commit message (Collapse) | Author |
|---|
|
- Detected by the rustdoc::bare-urls lint.
|
|
- Previous refactoring inadvertently broke capability URL
construction.
- Fix the bug by moving `append_pair` after `join`.
- Add test cases to capability URL construction code.
|
|
|
|
|
|
|
|
This change aligns Private Key Store support to the newest version and
changes how the hash algorithm is passed. Previously it was in the query
parameters and the routine to add that parameter was prone to abuse on
malformed input. Passing the correct algorithm in the `Content-Type`
header is cleaner and simpler for both clients and servers.
|
|
|
|
|
|
- tokio 1.12 has RUSTSEC-2021-0124.
|
|
- Continuation of e6a335b93a10620bcb7cbfa32e232949758f0c99.
|
|
- Fixed with the help of clippy::needless_borrow.
|
|
- Add sequoia_net::pks::unlock_signer.
- Add sequoia_net::pks::unlock_decryptor.
|
|
|
|
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
|
|
- Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
later as unanimously decided on October 18, 2021 by:
- Christof Wahl <cw@pep.security> (pEp security CEO)
- Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
employee, Sequoia developer)
- Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
employee, Sequoia Founder)
- Neal H. Walfield <neal@pep.foundation> (pEp Foundation
employee, Sequoia Founder)
- Patrick Meier <pm@pep.security> (pEp security Chief Product
and Service Officer)
- Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
Board)
- Volker Birk <vb@pep.security> (pEp security Founder, pEp
Foundation Council)
|
|
|
|
An if condition is an expression and can be as complex as the
programmer wants. However, the more complex a condition is, the harder
it tends to be to understand. I marked functions with such if
conditions so that clippy won't complain about the code. I probably
should have simplified the code, perhaps by extracting the condition
to its own function, but it would have been much harder to do, so I
didn't.
Found by clippy lint blocks_in_if_conditions:
https://rust-lang.github.io/rust-clippy/master/index.html#blocks_in_if_conditions
|
|
It is customary for Rust data container structures to have both
is_empty and len, methods, because is_empty can both more to the point
and also faster to implement.
Sometimes is_empty makes no sense, as it doesn't for
openpgp::types::Curve, which isn't a container structure. Arguably it
would be better to rename Curve::len to something like Curve::bits,
but as that would change the API, I've opted to tell clippy that not
having is_empty in this case is OK.
Found by clippy lint len_without_is_empty:
https://rust-lang.github.io/rust-clippy/master/index.html#len_without_is_empty
|
|
If a closure just passes the argument it gets to a function, the
closure is usually redundant and you can just use the function instead
of the closure. Thus, instead of this:
iter().map(|x| foo(x))
you can write this:
iter().map(foo)
This is shorter and simpler.
Sometimes it doesn't work and the closure is necessary. Such locations
can be marked with `#[allow(clippy::redundant_closure)]`.
Found by clippy lint redundant_closure:
https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure
|
|
In a match arm, instead of binding the matched value to the name "_",
just don't bind. Its shorter and easier to understand
Found by clippy lint redundant_patter:
https://rust-lang.github.io/rust-clippy/master/index.html#redundant_pattern
|
|
When creating a struct with a field foo, using a variable also named
foo, it's not necessary to name the field explicitly. Thus, instead
of:
Self { foo: foo }
use this:
Self { foo }
The shorter form is more idiomatic and thus less confusing to
experienced Rust programmers.
This was found by the clippy lint redundant_field_names:
https://rust-lang.github.io/rust-clippy/master/index.html#redundant_field_names
Sponsored-by: author
|
|
This was found by the clippy clone_on_copy lint:
https://rust-lang.github.io/rust-clippy/master/index.html#clone_on_copy
|
|
The extra & in a pattern (match arm or if let) is unnecessary and only
makes the code harder to read. In most places it's enough to just
remove the & from the pattern, but in a few places a dereference (*)
needs to be added where the value captured in the pattern is used, as
removing the & changes the type of the captured value to be a
reference.
Overall, the changes are almost mechanical. Although the diff is huge,
it should be easy to read.
The clippy lint match_ref_pats warns about this. See:
https://rust-lang.github.io/rust-clippy/master/index.html#match_ref_pats
|
|
|
|
|
|
- Apply cargo intraconv.
|
|
- The libtest benchmark harness that is automatically added by cargo
interferes with criterion. Disable it everywhere where there are no
benchmarks.
- https://github.com/rust-lang/rust/issues/47241
- https://bheisler.github.io/criterion.rs/book/faq.html
|
|
Having the license file in the root directory is not enough, since
cargo actions for workspace members will not consider this file.
This commit adds a symbolic link to the license file in the root
directory of all workspace members, so "cargo publish" will include
the LICENSE.txt file when publishing crates.
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_clone
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#len_zero
- https://rust-lang.github.io/rust-clippy/master/index.html#comparison_to_empty
|
|
- Constants have by default a `'static` lifetime
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_static_lifetimes
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#or_fun_call
|
|
- Use explicit depth to indicate how many redirects have been executed
and break the loop if the number is bigger than 10.
- Using `reqwest` was considered but rejected due to Tokio version
incompatibility (`reqwest` insists on using Tokio 1 while Sequoia
uses 0.2 in many places).
|
|
- See: https://lists.gnupg.org/pipermail/gnupg-devel/2018-May/033736.html
- This solves lookups on domains that do redirects such as kernel.org
- Fixes #666.
|
|
|
|
|
|
|
|
- Move core::NetworkPolicy to net::Policy, update all code
accordingly.
|
|
- Release buffered-reader 1.0.0, sequoia-openpgp 1.0.0, and
sequoia-sqv 1.0.0.
- Also release sequoia-sop 0.22.0.
|
|
|
|
- Versions required by feature or API usage:
- anyhow 1.0.18.
- policy::test::reject_seip_packet and
policy::test::reject_cipher' fail
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
|
|
|
|
|
|
- We might implement it for an iterator over certs at some point.
But in this case a simple `export` function is all we need.
- This will also allow us to seal the `Serialize` and `Marshal` traits.
|
|
- Secret key material is not authenticated by OpenPGP, so care must
be taken when merging certificates.
- Rename Cert::merge to Cert::merge_public_and_secret.
- Add new function Cert::merge_public. This function can be used to
merge certificates from untrusted sources as it ignores secret key
material that cannot be authenticated by OpenPGP.
- Fixes #584.
|
|
|
|
|
|
|
|
- See #480.
|
