Add --all
flag to sq network wkd publish
and dane generate
.
- Fixes #273.
This commit is contained in:
parent
361e68a248
commit
2a40afef11
3
NEWS
3
NEWS
@ -92,6 +92,9 @@
|
||||
- Move `sq pki certify` to `sq pki vouch certify`.
|
||||
- Move `sq pki authorize` to `sq pki vouch authorize`.
|
||||
- Move `sq pki list` to `sq cert list`.
|
||||
- Add a new flag `--all` to `sq network wkd publish` and `sq
|
||||
network dane generate` that adds all certificates with a user ID
|
||||
in the target domain that can be authenticated.
|
||||
|
||||
* Changes in 0.38.0
|
||||
** Notable changes
|
||||
|
@ -42,6 +42,20 @@ pub enum Subcommands {
|
||||
|
||||
const GENERATE_EXAMPLES: Actions = Actions {
|
||||
actions: &[
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "cert", "import", "juliet.pgp",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--userid=Alice <alice@example.org>",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Example(Example {
|
||||
comment: "\
|
||||
Generate DANE records from juliet.pgp for example.org.",
|
||||
@ -51,6 +65,17 @@ Generate DANE records from juliet.pgp for example.org.",
|
||||
"--file=juliet.pgp",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Example(Example {
|
||||
comment: "\
|
||||
Generate DANE records for all certs with an authenticated \
|
||||
user ID in example.org.",
|
||||
command: &[
|
||||
"sq", "network", "dane", "generate",
|
||||
"--domain=example.org",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
],
|
||||
};
|
||||
test_examples!(sq_network_dane_generate, GENERATE_EXAMPLES);
|
||||
@ -77,6 +102,17 @@ pub struct GenerateCommand {
|
||||
NoPrefix,
|
||||
OptionalValue>,
|
||||
|
||||
#[clap(
|
||||
long = "all",
|
||||
help = "Publish authenticated certs with a user ID matching domain",
|
||||
long_help = "\
|
||||
Use all authenticated certificates with a user ID in the given domain
|
||||
|
||||
Use all certificates that have a user ID matching the domain given \
|
||||
to the `--domain` parameter that can be fully authenticated.",
|
||||
)]
|
||||
pub all: bool,
|
||||
|
||||
#[clap(
|
||||
long = "domain",
|
||||
value_name = "FQDN",
|
||||
|
@ -12,10 +12,7 @@ use crate::cli::types::cert_designator::{
|
||||
OptionalValue,
|
||||
};
|
||||
|
||||
use crate::cli::examples;
|
||||
use examples::Action;
|
||||
use examples::Actions;
|
||||
use examples::Example;
|
||||
use crate::cli::examples::*;
|
||||
|
||||
#[derive(Parser, Debug)]
|
||||
#[clap(
|
||||
@ -90,6 +87,20 @@ pub struct SearchCommand {
|
||||
|
||||
const PUBLISH_EXAMPLES: Actions = Actions {
|
||||
actions: &[
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "cert", "import", "juliet.pgp",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--userid=Alice <alice@example.org>",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Example(Example {
|
||||
comment: "Create a new WKD hierarchy in the local directory \
|
||||
`public_html`, and insert Alice's cert.",
|
||||
@ -110,6 +121,18 @@ const PUBLISH_EXAMPLES: Actions = Actions {
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Example(Example {
|
||||
comment: "\
|
||||
Add all certs with an authenticated user ID \
|
||||
in example.org to the existing WKD hierarchy.",
|
||||
command: &[
|
||||
"sq", "network", "wkd", "publish",
|
||||
"--domain=example.org",
|
||||
"--all",
|
||||
"public_html",
|
||||
],
|
||||
}),
|
||||
|
||||
Action::Example(Example {
|
||||
comment: "Refresh all certs in the existing WKD hierarchy \
|
||||
in the local directory `public_html` from the \
|
||||
@ -156,6 +179,17 @@ pub struct PublishCommand {
|
||||
NoPrefix,
|
||||
OptionalValue>,
|
||||
|
||||
#[clap(
|
||||
long = "all",
|
||||
help = "Publish authenticated certs with a user ID matching domain",
|
||||
long_help = "\
|
||||
Use all authenticated certificates with a user ID in the given domain
|
||||
|
||||
Use all certificates that have a user ID matching the domain given \
|
||||
to the `--domain` parameter that can be fully authenticated.",
|
||||
)]
|
||||
pub all: bool,
|
||||
|
||||
#[clap(
|
||||
long = "create",
|
||||
value_name = "METHOD",
|
||||
|
@ -1225,10 +1225,17 @@ pub fn dispatch_wkd(mut sq: Sq, c: cli::network::wkd::Command)
|
||||
Result::Ok(())
|
||||
})?,
|
||||
|
||||
Publish(c) => {
|
||||
Publish(mut c) => {
|
||||
use wkd::Variant;
|
||||
let cert_store = sq.cert_store_or_else()?;
|
||||
|
||||
// Make `--all` implicitly select all certs with a user ID
|
||||
// matching `--domain` that can be authenticated.
|
||||
if c.all {
|
||||
use cli::types::cert_designator::CertDesignator;
|
||||
c.certs.push(CertDesignator::Domain(c.domain.clone()));
|
||||
}
|
||||
|
||||
let (insert, errors) = sq.resolve_certs(
|
||||
&c.certs, sequoia_wot::FULLY_TRUSTED)?;
|
||||
for error in errors.iter() {
|
||||
@ -1398,7 +1405,14 @@ pub fn dispatch_dane(mut sq: Sq, c: cli::network::dane::Command)
|
||||
|
||||
use crate::cli::network::dane::Subcommands::*;
|
||||
match c.subcommand {
|
||||
Generate(c) => {
|
||||
Generate(mut c) => {
|
||||
// Make `--all` implicitly select all certs with a user ID
|
||||
// matching `--domain` that can be authenticated.
|
||||
if c.all {
|
||||
use cli::types::cert_designator::CertDesignator;
|
||||
c.certs.push(CertDesignator::Domain(c.domain.clone()));
|
||||
}
|
||||
|
||||
let (certs, errors) = sq.resolve_certs(
|
||||
&c.certs, sequoia_wot::FULLY_TRUSTED)?;
|
||||
for error in errors.iter() {
|
||||
|
Loading…
Reference in New Issue
Block a user