Make sq pki certify's positional parameter a named parameter.
- In `sq pki certify`, change the certifier file parameter from a positional parameter to a named parameter, `--certifier-file`.
This commit is contained in:
parent
bb0aa2f555
commit
b55d1f3239
2
NEWS
2
NEWS
@ -53,6 +53,8 @@
|
||||
positional parameter to a named parameter, `--cert-file`.
|
||||
- `sq pki certify`'s certifier parameter interprets `-` as meaning
|
||||
it should read the certificate from stdin.
|
||||
- In `sq pki certify`, change the certifier file parameter from a
|
||||
positional parameter to a named parameter, `--certifier-file`.
|
||||
* Changes in 0.36.0
|
||||
- Missing
|
||||
* Changes in 0.35.0
|
||||
|
@ -44,11 +44,13 @@ reference time.
|
||||
"EXAMPLES:
|
||||
|
||||
# Juliet certifies that Romeo controls romeo.pgp and romeo@example.org
|
||||
$ sq pki certify juliet.pgp romeo.pgp '<romeo@example.org>'
|
||||
$ sq pki certify --certifier-file juliet.pgp
|
||||
romeo.pgp '<romeo@example.org>'
|
||||
|
||||
# Certify the User ID Ada, and set the certification time to July
|
||||
# 21, 2013 at midnight UTC:
|
||||
$ sq pki certify --time 20130721 neal.pgp ada.pgp Ada
|
||||
$ sq pki certify --time 20130721 --certifier-file neal.pgp
|
||||
ada.pgp Ada
|
||||
",
|
||||
)]
|
||||
pub struct Command {
|
||||
@ -196,23 +198,23 @@ pub struct Command {
|
||||
)]
|
||||
pub allow_revoked_certifier: bool,
|
||||
#[clap(
|
||||
value_name = "CERTIFIER-KEY",
|
||||
long,
|
||||
value_name = "CERTIFIER-FILE",
|
||||
required = true,
|
||||
index = 1,
|
||||
help = "Create the certification using CERTIFIER-KEY.",
|
||||
)]
|
||||
pub certifier: FileOrStdin,
|
||||
pub certifier_file: FileOrStdin,
|
||||
#[clap(
|
||||
value_name = "KEY_ID|FINGERPRINT|FILE",
|
||||
required = true,
|
||||
index = 2,
|
||||
index = 1,
|
||||
help = "Certify CERTIFICATE.",
|
||||
)]
|
||||
pub certificate: String,
|
||||
#[clap(
|
||||
value_name = "USERID",
|
||||
required = true,
|
||||
index = 3,
|
||||
index = 2,
|
||||
help = "Certify USERID for CERTIFICATE.",
|
||||
)]
|
||||
pub userid: String,
|
||||
|
@ -26,7 +26,7 @@ pub fn certify(sq: Sq, c: certify::Command)
|
||||
let userid = c.userid;
|
||||
|
||||
let certifier = sq.lookup_one(
|
||||
c.certifier, Some(KeyFlags::empty().set_certification()), true)?;
|
||||
c.certifier_file, Some(KeyFlags::empty().set_certification()), true)?;
|
||||
// XXX: Change this interface: it's dangerous to guess whether an
|
||||
// identifier is a file or a key handle.
|
||||
let cert = if let Ok(kh) = cert.parse::<KeyHandle>() {
|
||||
|
@ -44,7 +44,7 @@ fn sq_certify() -> Result<()> {
|
||||
.arg("--no-cert-store")
|
||||
.arg("--no-key-store")
|
||||
.arg("pki").arg("certify")
|
||||
.arg(alice_pgp.to_str().unwrap())
|
||||
.arg("--certifier-file").arg(alice_pgp.to_str().unwrap())
|
||||
.arg(bob_pgp.to_str().unwrap())
|
||||
.arg("bob@example.org")
|
||||
.assert()
|
||||
@ -84,7 +84,7 @@ fn sq_certify() -> Result<()> {
|
||||
.arg("--no-cert-store")
|
||||
.arg("--no-key-store")
|
||||
.arg("pki").arg("certify")
|
||||
.arg(alice_pgp.to_str().unwrap())
|
||||
.arg("--certifier-file").arg(alice_pgp.to_str().unwrap())
|
||||
.arg(bob_pgp.to_str().unwrap())
|
||||
.arg("bob@example.org")
|
||||
.args(["--expiry", "never"])
|
||||
@ -124,7 +124,7 @@ fn sq_certify() -> Result<()> {
|
||||
.arg("--no-cert-store")
|
||||
.arg("--no-key-store")
|
||||
.arg("pki").arg("certify")
|
||||
.arg(alice_pgp.to_str().unwrap())
|
||||
.arg("--certifier-file").arg(alice_pgp.to_str().unwrap())
|
||||
.arg(bob_pgp.to_str().unwrap())
|
||||
.arg("bob@example.org")
|
||||
.args(["--depth", "10"])
|
||||
@ -172,7 +172,7 @@ fn sq_certify() -> Result<()> {
|
||||
.arg("--no-cert-store")
|
||||
.arg("--no-key-store")
|
||||
.arg("pki").arg("certify")
|
||||
.arg(alice_pgp.to_str().unwrap())
|
||||
.arg("--certifier-file").arg(alice_pgp.to_str().unwrap())
|
||||
.arg(bob_pgp.to_str().unwrap())
|
||||
.arg("bob")
|
||||
.assert()
|
||||
@ -187,7 +187,7 @@ fn sq_certify() -> Result<()> {
|
||||
.args(["--notation", "foo", "bar"])
|
||||
.args(["--notation", "!foo", "xyzzy"])
|
||||
.args(["--notation", "hello@example.org", "1234567890"])
|
||||
.arg(alice_pgp.to_str().unwrap())
|
||||
.arg("--certifier-file").arg(alice_pgp.to_str().unwrap())
|
||||
.arg(bob_pgp.to_str().unwrap())
|
||||
.arg("bob@example.org")
|
||||
.assert()
|
||||
@ -310,7 +310,7 @@ fn sq_certify_creation_time() -> Result<()>
|
||||
cmd.args(["--no-cert-store",
|
||||
"--no-key-store",
|
||||
"pki", "certify",
|
||||
&alice_pgp.to_string_lossy(),
|
||||
"--certifier-file", &alice_pgp.to_string_lossy(),
|
||||
&bob_pgp.to_string_lossy(), bob,
|
||||
"--time", iso8601 ]);
|
||||
|
||||
@ -397,7 +397,7 @@ fn sq_certify_with_expired_key() -> Result<()>
|
||||
cmd.args(["--no-cert-store",
|
||||
"--no-key-store",
|
||||
"pki", "certify",
|
||||
&alice_pgp.to_string_lossy(),
|
||||
"--certifier-file", &alice_pgp.to_string_lossy(),
|
||||
&bob_pgp.to_string_lossy(), bob ]);
|
||||
cmd.assert().failure();
|
||||
|
||||
@ -408,7 +408,7 @@ fn sq_certify_with_expired_key() -> Result<()>
|
||||
"--no-key-store",
|
||||
"pki", "certify",
|
||||
"--allow-not-alive-certifier",
|
||||
&alice_pgp.to_string_lossy(),
|
||||
"--certifier-file", &alice_pgp.to_string_lossy(),
|
||||
&bob_pgp.to_string_lossy(), bob ]);
|
||||
|
||||
let assertion = cmd.assert().try_success()?;
|
||||
@ -493,7 +493,7 @@ fn sq_certify_with_revoked_key() -> Result<()>
|
||||
cmd.args(["--no-cert-store",
|
||||
"--no-key-store",
|
||||
"pki", "certify",
|
||||
&alice_pgp.to_string_lossy(),
|
||||
"--certifier-file", &alice_pgp.to_string_lossy(),
|
||||
&bob_pgp.to_string_lossy(), bob ]);
|
||||
cmd.assert().failure();
|
||||
|
||||
@ -504,7 +504,7 @@ fn sq_certify_with_revoked_key() -> Result<()>
|
||||
"--no-key-store",
|
||||
"pki", "certify",
|
||||
"--allow-revoked-certifier",
|
||||
&alice_pgp.to_string_lossy(),
|
||||
"--certifier-file", &alice_pgp.to_string_lossy(),
|
||||
&bob_pgp.to_string_lossy(), bob ]);
|
||||
|
||||
let assertion = cmd.assert().try_success()?;
|
||||
@ -587,7 +587,7 @@ fn sq_certify_using_cert_store() -> Result<()>
|
||||
let mut cmd = Command::cargo_bin("sq")?;
|
||||
cmd.args(["--cert-store", &certd,
|
||||
"pki", "certify",
|
||||
&alice_pgp,
|
||||
"--certifier-file", &alice_pgp,
|
||||
&bob.fingerprint().to_string(),
|
||||
"<bob@example.org>"]);
|
||||
|
||||
|
@ -227,7 +227,9 @@ mod integration {
|
||||
for userid in bob_certified_userids {
|
||||
let mut cmd = Command::cargo_bin("sq")?;
|
||||
cmd.args(["--cert-store", &certd,
|
||||
"pki", "certify", &alice_pgp, &bob_pgp, userid]);
|
||||
"pki", "certify",
|
||||
"--certifier-file", &alice_pgp,
|
||||
&bob_pgp, userid]);
|
||||
|
||||
let output = cmd.output().expect("success");
|
||||
let stdout = String::from_utf8_lossy(&output.stdout);
|
||||
|
@ -195,7 +195,8 @@ fn sq_certify(cert_store: &str,
|
||||
{
|
||||
let mut cmd = Command::cargo_bin("sq").expect("have sq");
|
||||
cmd.args(&["--cert-store", cert_store]);
|
||||
cmd.args(&["pki", "certify", "--time", &tick(), key, cert, userid]);
|
||||
cmd.args(&["pki", "certify", "--time", &tick(),
|
||||
"--certifier-file", key, cert, userid]);
|
||||
if let Some(trust_amount) = trust_amount {
|
||||
cmd.args(&["--amount", &trust_amount.to_string()[..]]);
|
||||
}
|
||||
|
@ -1187,7 +1187,7 @@ fn sq_verify_wot() -> Result<()> {
|
||||
{
|
||||
let mut cmd = Command::cargo_bin("sq").expect("have sq");
|
||||
cmd.args(&["--cert-store", cert_store]);
|
||||
cmd.args(&["pki", "certify", key, cert, userid]);
|
||||
cmd.args(&["pki", "certify", "--certifier-file", key, cert, userid]);
|
||||
if let Some(trust_amount) = trust_amount {
|
||||
cmd.args(&["--amount", &trust_amount.to_string()[..]]);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user