Change sq pki link add to use a named argument for the certificate.
- `sq pki link add` uses a positional argument to specify the certificate to link. Change it to be a named argument, `--cert`. - See #318.
This commit is contained in:
parent
0a55f6cdc4
commit
bc075f9328
3
NEWS
3
NEWS
@ -72,6 +72,9 @@
|
||||
- Add the `--domain` argument to `sq pki authorize` so the user
|
||||
doesn't have to manually convert a domain to a regular
|
||||
expression.
|
||||
- `sq pki link add`'s positional argument for specifying the
|
||||
certificate to link must now be specified using a named
|
||||
argument, `--cert`.
|
||||
|
||||
* Changes in 0.38.0
|
||||
** Notable changes
|
||||
|
@ -27,7 +27,7 @@ const ENCRYPT_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--email", "alice@example.org",
|
||||
],
|
||||
}),
|
||||
|
@ -148,7 +148,7 @@ const UPDATE_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"511257EBBF077B7AEDAE5D093F68CB84CE537C9A",
|
||||
"--cert", "511257EBBF077B7AEDAE5D093F68CB84CE537C9A",
|
||||
"--email", "bob@example.org",
|
||||
],
|
||||
}),
|
||||
|
@ -68,7 +68,8 @@ const AUTHENTICATE_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0", "--all",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
Action::Example(Example {
|
||||
@ -143,7 +144,8 @@ const LOOKUP_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0", "--all",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
Action::Example(Example {
|
||||
@ -208,7 +210,8 @@ const IDENTIFY_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0", "--all",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
Action::Example(Example {
|
||||
@ -270,7 +273,8 @@ const LIST_EXAMPLES: Actions = Actions {
|
||||
Action::Setup(Setup {
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0", "--all",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
Action::Example(Example {
|
||||
|
@ -6,6 +6,8 @@ use sequoia_openpgp as openpgp;
|
||||
use openpgp::KeyHandle;
|
||||
|
||||
use crate::cli::examples::*;
|
||||
use crate::cli::types::CertDesignators;
|
||||
use crate::cli::types::cert_designator;
|
||||
use crate::cli::types::Expiration;
|
||||
use crate::cli::types::TrustAmount;
|
||||
|
||||
@ -68,7 +70,7 @@ Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
|
||||
with the email address alice@example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--email=alice@example.org",
|
||||
],
|
||||
}),
|
||||
@ -81,7 +83,7 @@ user IDs for a week.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--expiration=1w",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -95,7 +97,7 @@ certificate is considered a trusted introducer for example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--ca=example.org",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -275,12 +277,12 @@ to force the signature to be re-created anyway.",
|
||||
The special keyword `never` sets an unlimited expiry.",
|
||||
)]
|
||||
pub expiration: Expiration,
|
||||
#[clap(
|
||||
value_name = "FINGERPRINT|KEYID",
|
||||
required = true,
|
||||
help = "The certificate to accept.",
|
||||
)]
|
||||
pub certificate: KeyHandle,
|
||||
|
||||
#[command(flatten)]
|
||||
pub cert: CertDesignators<
|
||||
cert_designator::CertArg,
|
||||
cert_designator::CertPrefix,
|
||||
cert_designator::OneValue>,
|
||||
|
||||
#[clap(
|
||||
long = "all",
|
||||
@ -351,7 +353,7 @@ Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
|
||||
with the email address alice@example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--email=alice@example.org",
|
||||
],
|
||||
}),
|
||||
@ -373,7 +375,7 @@ user IDs for a week.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--expiration=1w",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -385,7 +387,7 @@ EB28F26E2739A4870ECC47726F0073F60FD0CBF0 with all of its self-signed \
|
||||
user IDs.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -398,7 +400,7 @@ authority. That is, the certificate is considered a trust root.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--ca=*",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -412,7 +414,7 @@ certificate is considered a trusted introducer for example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"--ca=example.org",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -426,7 +428,7 @@ certification authority.",
|
||||
"sq", "pki", "link", "add",
|
||||
"--ca=*",
|
||||
"--amount=60",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--all",
|
||||
],
|
||||
}),
|
||||
@ -531,7 +533,7 @@ Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
|
||||
with the email address alice@example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--email=alice@example.org",
|
||||
],
|
||||
}),
|
||||
@ -591,7 +593,7 @@ Link the certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \
|
||||
with the email address alice@example.org.",
|
||||
command: &[
|
||||
"sq", "pki", "link", "add",
|
||||
"EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0",
|
||||
"--email=alice@example.org",
|
||||
],
|
||||
}),
|
||||
|
@ -25,7 +25,7 @@ const VERIFY_EXAMPLES: Actions = Actions {
|
||||
command: &[
|
||||
"sq", "--time", "2024-06-19",
|
||||
"pki", "link", "add",
|
||||
"7A58B15E3B9459483D9FFA8D40E299AC5F2B0872",
|
||||
"--cert", "7A58B15E3B9459483D9FFA8D40E299AC5F2B0872",
|
||||
"--email", "juliet@example.org",
|
||||
],
|
||||
}),
|
||||
|
@ -497,7 +497,7 @@ impl<'c, 'store, 'rstore> VHelper<'c, 'store, 'rstore> {
|
||||
you can authenticate the binding using:",
|
||||
cert_fpr, signer_userid))
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg(cert_fpr)
|
||||
.arg("--cert").arg(cert_fpr)
|
||||
.arg(signer_userid)
|
||||
.done();
|
||||
}
|
||||
@ -512,7 +512,7 @@ impl<'c, 'store, 'rstore> VHelper<'c, 'store, 'rstore> {
|
||||
you can authenticate the binding using:",
|
||||
cert_fpr, signer_userid))
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg(cert_fpr)
|
||||
.arg("--cert").arg(cert_fpr)
|
||||
.arg(signer_userid)
|
||||
.done();
|
||||
}
|
||||
|
@ -258,13 +258,13 @@ pub fn generate(
|
||||
fully trusted introducer:"))
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg_value("--ca", "*")
|
||||
.arg(cert.fingerprint())
|
||||
.arg("--cert").arg(cert.fingerprint())
|
||||
.arg("--all")
|
||||
.done();
|
||||
|
||||
sq.hint(format_args!("Otherwise, you should mark it as authenticated:"))
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg(cert.fingerprint())
|
||||
.arg("--cert").arg(cert.fingerprint())
|
||||
.arg("--all")
|
||||
.done();
|
||||
|
||||
|
@ -143,7 +143,7 @@ pub fn import_certs(sq: &Sq, certs: Vec<Cert>) -> Result<()> {
|
||||
{
|
||||
hint = hint
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg(vcert.fingerprint())
|
||||
.arg("--cert").arg(vcert.fingerprint())
|
||||
.arg_value("--userid", uid)
|
||||
.done();
|
||||
|
||||
@ -155,7 +155,7 @@ pub fn import_certs(sq: &Sq, certs: Vec<Cert>) -> Result<()> {
|
||||
"Alternatively, all user IDs can be marked as authenticated \
|
||||
using:"))
|
||||
.sq().arg("pki").arg("link").arg("add")
|
||||
.arg(vcert.fingerprint())
|
||||
.arg("--cert").arg(vcert.fingerprint())
|
||||
.arg("--all")
|
||||
.done();
|
||||
}
|
||||
|
@ -211,7 +211,8 @@ pub fn add(sq: Sq, c: link::AddCommand)
|
||||
let trust_root = sq.local_trust_root()?;
|
||||
let trust_root = trust_root.to_cert()?;
|
||||
|
||||
let cert = sq.lookup_one(&c.certificate, None, true)?;
|
||||
let (cert, _from_file)
|
||||
= sq.resolve_cert(&c.cert, sequoia_wot::FULLY_TRUSTED)?;
|
||||
|
||||
let mut userids =
|
||||
check_userids(&sq, &cert, true, &c.userid, &c.email, &c.pattern)
|
||||
|
@ -1498,7 +1498,7 @@ impl Sq {
|
||||
for arg in extra_args {
|
||||
cmd.arg(arg);
|
||||
}
|
||||
cmd.arg(&cert.to_string());
|
||||
cmd.arg("--cert").arg(cert.to_string());
|
||||
cmd.arg(userid);
|
||||
|
||||
let output = self.run(cmd, None);
|
||||
|
@ -219,7 +219,7 @@ fn update_authenticated() -> Result<()> {
|
||||
|
||||
// Link Bob's cert to his user ID.
|
||||
let mut link = sq.command();
|
||||
link.args(&["pki", "link", "add", &bob_fp, BOB_USERID]);
|
||||
link.args(&["pki", "link", "add", "--cert", &bob_fp, BOB_USERID]);
|
||||
sq.run(link, true);
|
||||
|
||||
// Attest Bob's certification.
|
||||
|
@ -93,7 +93,8 @@ fn sq_link(sq: &Sq,
|
||||
-> (ExitStatus, String, String)
|
||||
{
|
||||
let mut cmd = sq.command();
|
||||
cmd.args(&["pki", "link", "add", "--time", &tick(), cert]);
|
||||
cmd.args(&["pki", "link", "add", "--time", &tick()]);
|
||||
cmd.arg("--cert").arg(cert);
|
||||
cmd.args(userids);
|
||||
cmd.args(more_args);
|
||||
let output = sq.run(cmd, None);
|
||||
|
Loading…
Reference in New Issue
Block a user