Age | Commit message (Collapse) | Author |
|
|
|
- Versions required by feature or API usage:
- anyhow 1.0.18.
- policy::test::reject_seip_packet and
policy::test::reject_cipher' fail
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
- Secret key material is not authenticated by OpenPGP, so care must
be taken when merging certificates.
- Rename Cert::merge to Cert::merge_public_and_secret.
- Add new function Cert::merge_public. This function can be used to
merge certificates from untrusted sources as it ignores secret key
material that cannot be authenticated by OpenPGP.
- Fixes #584.
|
|
|
|
Closes #581.
|
|
|
|
- See #480.
|
|
- See #480.
|
|
|
|
|
|
Cargo features are inherently additive, which means that if:
- package A walts to build package C with features ABC,
- package B walts to build package C with features BCD,
the package C will be built with *both* ABC and BCD enabled.
There is currently no way to specify mutually exclusive features
and these have to be implemented using existing, additive, ones.
That's problematic for us, because currently the cryptographic
backend in sequoia-openpgp is selected globally at build-time and
thus at most one can be selected for the compilation to succeed.
It's worth noting that we can't use Cargo build scripts to emit
the `--cfg`-passing [directive] because it does *not* affect
Cargo's dependency resolution and that's needed in order to skip
unbuildable backends on certain OSes (e.g. nettle when using Windows MSVC ABI).
To allow for other local crates, most notably sequoia-openpgp-ffi, to
build with different backends, we expose and forward any features that
may be used by the crates they transitively depend on.
At the time of writing, these different features seem to be implemented:
- buffered-reader: compression support
- openpgp: compression support and cryptographic backend
- store: background-services feature
[directive](https://doc.rust-lang.org/cargo/reference/build-scripts.html#cargorustc-cfgkeyvalue)
|
|
- 0.19 had vulnerability RUSTSEC-2020-0014.
|
|
|
|
|
|
- Add explicit build-release and install targets.
- Explicitly build the crates.
- Move installation to the crate's Makefile.
- This allows building of Sequoia's individual parts, e.g. by using
'make -Copenpgp-ffi install'.
|
|
|
|
|
|
- See #462.
|
|
|
|
Since around Rust 1.40 the unused parens lint is more aggressive. Since
all of these warnings are from generated code (effectively false
positives), let's just silence the warnings.
|
|
|
|
- Replace all usages of `to_hex` with formatting string with :X
specifier.
- Fixes #456.
|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
|
|
|
|
|
|
- Likewise KeyBinding, UserIDBinding, UserAttributeBinding,
UnknownBinding, etc.
- Reason: a self-signature on a component is a binding, but
revocations and TPSes are not bindings.
- Consistently call collections of components and associated
signatures bundles now. Likewise for fields, methods.
- Fixes #425.
|
|
- Change KeyIter to return KeyAmalgamations instead of Keys.
- Given a `KeyAmalgamation`, it is possible to turn it into a
`ValidKeyAmalgamation`. This is not possible with a `Key`.
- With a `KeyAmalgamation`, it is still possible to query things
about the certificate.
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
- Fixes #387.
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
|
|
|
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
Newer Rust compilers requre `dyn` marking trait objects.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
- A drawback of this change is that currently AsRef<[u8]> is not
implemented for [u8; _], only for specific lengths. This is a
compiler limitation that may be lifted in the future. This
limitation required fixing some tests, notably those using
include_bytes!.
- Fixes #296.
|
|
|
|
- Fixes #88.
|
|
|
|
|
|
- This implements std::str::FromStr for types that have
string-representations and are reasonably likely to be encountered
by downstream users, e.g. fingerprints or messages. This allows
us to do `"xxx".parse()?`.
- Fixes #320.
|
|
- 0.20 requires a newer rustc.
|
|
|
|
|