diff --git a/src/cli/network/wkd.rs b/src/cli/network/wkd.rs index 087ad9e9..20e547aa 100644 --- a/src/cli/network/wkd.rs +++ b/src/cli/network/wkd.rs @@ -1,12 +1,9 @@ -use std::path::PathBuf; - use clap::{Args, Parser, Subcommand}; use sequoia_net::wkd; use crate::cli::types::ClapData; use crate::cli::types::FileOrCertStore; -use crate::cli::types::FileOrStdin; use crate::cli::types::FileOrStdout; use crate::cli::examples; @@ -35,7 +32,6 @@ pub struct Command { #[derive(Debug, Subcommand)] pub enum Subcommands { Fetch(FetchCommand), - Generate(GenerateCommand), Publish(PublishCommand), DirectUrl(DirectUrlCommand), Url(UrlCommand), @@ -113,66 +109,6 @@ pub struct FetchCommand { pub output: Option, } -#[derive(Debug, Args)] -#[clap( - about = "Generate a Web Key Directory for the given domain and certs", - long_about = -"Generate a Web Key Directory for the given domain and certs - -If the WKD exists, the new certificates will be inserted and existing -ones will be updated. - -A WKD is per domain, and can be queried using the advanced or the \ -direct method. The advanced method uses a URL with a subdomain \ -'openpgpkey'. As per the specification, the advanced method is to be \ -preferred. The direct method may only be used if the subdomain \ -doesn't exist. The advanced method allows Web Key Directories for \ -several domains on one web server. - -The contents of the generated WKD must be copied to a web server so that \ -they are accessible under https://openpgpkey.example.com/.well-known/openpgp/... \ -for the advanced version, and https://example.com/.well-known/openpgp/... \ -for the direct version. sq does not copy files to the web server.", - after_help = -"EXAMPLES: - -# Generate a WKD in /tmp/wkdroot from certs.pgp for example.com. -$ sq wkd generate /tmp/wkdroot example.com certs.pgp -", -)] -pub struct GenerateCommand { - #[clap( - value_name = "WEB-ROOT", - help = "Write the WKD to WEB-ROOT", - long_help = "Write the WKD to WEB-ROOT. Transfer this directory to \ - the webserver.", - )] - pub base_directory: PathBuf, - #[clap( - value_name = "FQDN", - help = "Generate a WKD for a fully qualified domain name for email", - )] - pub domain: String, - #[clap( - default_value_t = FileOrStdin::default(), - value_name = "CERT-RING", - help = "Add certificates from CERT-RING (or stdin if omitted) to the WKD", - )] - pub input: FileOrStdin, - #[clap( - short = 'd', - long = "direct-method", - help = "Use the direct method [default: advanced method]", - )] - pub direct_method: bool, - #[clap( - short = 's', - long = "skip", - help = "Skip certificates that do not have User IDs for given domain.", - )] - pub skip: bool, -} - const PUBLISH_EXAMPLES: Actions = Actions { actions: &[ Action::Example(Example { diff --git a/src/commands/network.rs b/src/commands/network.rs index 3f021fa5..e70ed9c9 100644 --- a/src/commands/network.rs +++ b/src/commands/network.rs @@ -1030,37 +1030,6 @@ pub fn dispatch_wkd(mut sq: Sq, c: cli::network::wkd::Command) Response::import_or_emit(sq, c.output, c.binary, certs)?; Result::Ok(()) })?, - Generate(c) => { - let domain = c.domain; - let skip = c.skip; - let f = c.input.open()?; - let base_path = c.base_directory; - let variant = if c.direct_method { - wkd::Variant::Direct - } else { - wkd::Variant::Advanced - }; - let parser = CertParser::from_buffered_reader(f)?; - let certs: Vec = parser.filter_map(|cert| cert.ok()) - .collect(); - for cert in certs { - let vc = match cert.with_policy(sq.policy, sq.time) { - Ok(vc) => vc, - e @ Err(_) if !skip => e?, - _ => continue, - }; - if wkd::cert_contains_domain_userid(&domain, &vc) { - wkd::insert(&base_path, &domain, variant, &vc) - .context(format!("Failed to generate the WKD in \ - {}.", base_path.display()))?; - } else if !skip { - return Err(openpgp::Error::InvalidArgument( - format!("Certificate {} does not contain User IDs in domain {}.", - vc.fingerprint(), domain) - ).into()); - } - } - }, Publish(c) => { use wkd::Variant;