| Age | Commit message (Collapse) | Author |
|---|
|
|
|
- Versions required by feature or API usage:
- anyhow 1.0.5.
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
- We might implement it for an iterator over certs at some point.
But in this case a simple `export` function is all we need.
- This will also allow us to seal the `Serialize` and `Marshal` traits.
|
|
- Secret key material is not authenticated by OpenPGP, so care must
be taken when merging certificates.
- Rename Cert::merge to Cert::merge_public_and_secret.
- Add new function Cert::merge_public. This function can be used to
merge certificates from untrusted sources as it ignores secret key
material that cannot be authenticated by OpenPGP.
- Fixes #584.
|
|
|
|
|
|
|
|
- See #480.
|
|
- See #480.
|
|
|
|
|
|
|
|
- Add a new constructor that takes headers. This allows us to make
the header argument polymorphic.
|
|
|
|
- See #462.
|
|
- See #462.
|
|
|
|
- Replace all usages of `to_hex` with formatting string with :X
specifier.
- Fixes #456.
|
|
- Previously, the paths generated included the top-level domain, but
that assumes that the top-level directory of the web root is
called like that. For me that was very surprising and
inconvenient, so I changed it.
|
|
- Fixes #420.
|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
|
|
|
|
- Add two new traits: `Marshal` and `MarshalInto`.
- Implement them instead of `Serialize` and `SerializeInto`.
- Only implement `Serialize` and `SerializeInto` for data structures
that are normally exported.
- This should prevent users from accidentally serializing a bare
signature (`Signature`) when they meant to serialize a signature
packet (`Packet`), for instance.
- Fixes #368.
|
|
- A `ComponentAmalgamation` derefs to a `ComponentBundle`. Don't
use `ComponentAmalgamation::bundle` if it is unnecessary and
doesn't improve legibility.
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
|
|
- Likewise KeyBinding, UserIDBinding, UserAttributeBinding,
UnknownBinding, etc.
- Reason: a self-signature on a component is a binding, but
revocations and TPSes are not bindings.
- Consistently call collections of components and associated
signatures bundles now. Likewise for fields, methods.
- Fixes #425.
|
|
|
|
|
|
- Change KeyIter to return KeyAmalgamations instead of Keys.
- Given a `KeyAmalgamation`, it is possible to turn it into a
`ValidKeyAmalgamation`. This is not possible with a `Key`.
- With a `KeyAmalgamation`, it is still possible to query things
about the certificate.
|
|
- `ComponentIter::components` returns `ComponentBindings`. It is
more accurate to call it `ComponentIter::component_bindings`.
But, since it is called on a component, just use the shorter name,
`ComponentIter::bindings`.
|
|
- Fixes #414.
|
|
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
|
|
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
|
|
- Fixes #387.
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
|
|
- Arguably, the user wanted to fetch a key with a certain ID. If the
server returns something different, we throw an error. That error
contains both the expected keyid as well as the TPK from the
server, in case the consumer wants to inspect the problem or make
use of the key regardless.
|
|
- RFC 4880 says that "by convention, [a User ID Packet] includes an
RFC 2822 [RFC2822] mail name-addr." This is not the actual
convention, and attempting to parse User IDs using an RFC 2822
parser means that many common User IDs cannot be parsed.
- Disparities between the actual convention and the stated
convention include:
- Neither users nor the software they use to create keys
correctly quotes User IDs:
- 'Nachname, Vorname <name@example.org>' is not valid, because
it contains an unquoted comma. It should be 'Nachname\,
Vorname <name@example.org>' or '"Nachname, Vorname"
<name@example.org>'. (The same goes for dots, single
quotes, etc.)
- 'user@example.org <user@example.org>' is not valid, because
it contains an unquoted at symbol.
- 'Bj=?utf-8?q?=C3=B6?=rn <bjoern@example.net>' is encoded
using RFC 2047, which is what RFC 2822 mandates when using
non-ASCII characters, but no OpenPGP software would decode
this User ID. In practice, everyone just uses UTF-8 (in
this case: 'Björn <bjoern@example.net>').
- There are many examples of User IDs containing raw email
addresses ('user@example.org'). But, these are not
"name-addr"s. At best, they are RFC 2822 "mailbox"es.
- Some User IDs only contain a name (e.g, "Frank PGP").
- RFC 2822 also includes a lot of complexity that no one uses or
needs. For instance, CFWS (comments and folding whitespace) can
be placed everywhere, and the rules for parsing them are
complex.
- Instead of continuing to bend the RFC 2822 parser to our will, we
instead accept reality.
- This patch replaces the RFC 2822 parser with a significantly
simpler parser, which is based on actual convention (i.e., User
IDs in the wild).
- This parser is based on dkg's mail to the OpenPGP working group
mailing list.
Message-ID: <87woe7zx7o.fsf@fifthhorseman.net>
https://mailarchive.ietf.org/arch/msg/openpgp/wNo27-0STfGR9JZSlC7s6OYOJkI
- This initial version has one notable regression with respect to
the RFC 2822 parser: it doesn't handle User IDs holding URIs.
|
|
|
|
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
- The rfc2822 crate doesn't implement all of RFC 2822. Moreover, it
includes a number of extensions. This makes rfc2822 a misnomer.
- RFC 2822 is actually obsoleted by RFC 5322. This means that if we
ever add support for RFC 5322, it will be an even worse misnomer.
- Move the whole crate into the openpgp crate. Note: we don't
directly export the API; it is only used internally by
packet::userid.
- Closes #279.
|
