Commit Graph

338 Commits

Author SHA1 Message Date
Justus Winter
5244b8d49a
Add --verbose. 2023-11-29 17:15:28 +01:00
Justus Winter
decbc5143a
Special-case the read-only Proton keyserver when sending. 2023-11-29 17:11:41 +01:00
Justus Winter
8d00aff2a2
Make sq keyserver get --server ... work.
- Mark sq keyserver --server argument as global so that it can be
    used in all keyserver subcommands.
2023-11-29 16:50:11 +01:00
Justus Winter
2ab3bd5efd
Word-wrap lines in human-readable messages.
- Replace every eprintln by wprintln, which prints to stderr as
    well, but word-wraps the messages.
2023-11-29 16:41:40 +01:00
Justus Winter
0400ae88eb
Rework signature status formatting. 2023-11-29 16:13:23 +01:00
Justus Winter
50c5c1ac86
Bump all dependencies. 2023-11-29 14:06:20 +01:00
Justus Winter
14b1a69eb4
Update subplot. 2023-11-29 14:06:20 +01:00
Justus Winter
ab8df96e5b
Update terminal_size. 2023-11-29 14:06:20 +01:00
Justus Winter
a19f4ecd25
Update predicates. 2023-11-29 14:06:20 +01:00
Justus Winter
f4f5f20e6e
Avoid deprecated function. 2023-11-29 14:06:20 +01:00
Justus Winter
544075bd86
Set our MSRV to 1.70. 2023-11-29 14:06:20 +01:00
Justus Winter
f8e32f2f16
Update itertools. 2023-11-29 13:33:27 +01:00
Justus Winter
537433d790
Update openssl to 0.10.60.
- Fixes https://rustsec.org/advisories/RUSTSEC-2023-0072
2023-11-29 11:57:11 +01:00
Justus Winter
cc1225f841
Require that only one keyserver send operation succeeds.
- Add a switch, --require-all, that checks that all send operations
    succeed, and returns an error otherwise.
2023-11-28 19:22:48 +01:00
Justus Winter
5127f1abb7
Improve formatting of the import output. 2023-11-28 17:44:07 +01:00
Justus Winter
424646e0f8
Make provenance information less overwhelming.
- See #156.
2023-11-28 17:26:30 +01:00
Justus Winter
e0e8b8f32c
Compute best-effort primary user ids, escape them when displaying.
- They may contain special characters and trick the user.  The
    current way to detect dodgy characters and escape them may not be
    the best, but it is better than the status quo, and we now encode
    intent.
2023-11-28 17:25:21 +01:00
Justus Winter
041574d320
Merge certs before importing them. 2023-11-28 12:52:50 +01:00
Justus Winter
712add9679
Align the keyserver options between sq lookup and sq keyserver. 2023-11-28 12:44:43 +01:00
Justus Winter
67b65ba55a
Use four keyservers by default.
- By using more than one keyserver, we increase the chance of
    successfully finding certificates and updates.  Further, multipath
    discovery increases robustness in the face of an attacker or
    censor.

  - We use keys.openpgp.org, the Proton key server, the Mailvelope
    keyserver, and the Ubuntu keyserver.
2023-11-28 12:38:01 +01:00
Justus Winter
e89a0b6c36
Implement sq lookup.
- Fixes #63.
2023-11-28 09:48:52 +01:00
Justus Winter
376438330e
Share the bulk of the network client code across protocols. 2023-11-28 09:48:52 +01:00
Justus Winter
6f9269b9c0
When emitting keyrings, merge the certs first.
- Now that we query multiple keyservers, or query for multiple certs
    in the network routines, we very well get the same cert twice.
    Merge them if we emit a keyring.
2023-11-28 09:08:47 +01:00
Justus Winter
d4632beb77
Refactor network client code so that it can be shared. 2023-11-28 09:08:46 +01:00
Justus Winter
975ce49581
Use the multi-threaded tokio runtime for network lookups. 2023-11-27 17:48:12 +01:00
Justus Winter
fb31dd6225
Proton has two API endpoints, unify them.
- I was assured privately that they should always return the same
    information, but unfortunately there is no public documentation
    about the Proton key server.  In any case, they are controlled by
    the same entity, thus should be considered the same for our
    purposes.
2023-11-27 17:43:48 +01:00
Justus Winter
f3757c004e
Revert argument long form.
- Renaming the struct field also changed the long form option, undo
    this by explicitly specifying it.

  - Fixes 337589fe9e.
2023-11-27 16:35:10 +01:00
Justus Winter
68353596cf
Fix the time in the example.
- Fixes 16fd67a10c.
2023-11-27 14:41:53 +01:00
Justus Winter
23d6621e37
Implement autocrypt import.
- Fixes #138.
2023-11-27 13:34:01 +01:00
Justus Winter
187b10e321
Make import and certification functions public. 2023-11-27 13:33:24 +01:00
Justus Winter
337589fe9e
Support querying multiple keyservers simultaneously.
- By default we only query keys.openpgp.org, but multiple servers
    can be specified now.

  - Fixes #64.
2023-11-27 12:02:19 +01:00
Justus Winter
c6152c4846
Allow multiple, simultaneous DANE queries in one invocation.
- Fixes #141.
2023-11-24 17:40:26 +01:00
Justus Winter
ddbe7a2681
Allow multiple, simultaneous WKD queries in one invocation.
- See #141.
2023-11-24 17:40:26 +01:00
Justus Winter
a6f36bc7b5
Allow multiple, simultaneous keyserver queries in one invocation.
- See #141.
2023-11-24 17:40:26 +01:00
Justus Winter
4b9c0d57e8
Generate DANE OPENPGPKEY records.
- Fixes #152.
2023-11-24 17:40:26 +01:00
Justus Winter
adc2ed4773
Port to sequoia-net 0.28.0. 2023-11-24 17:40:26 +01:00
Justus Winter
62dbde6b03
Silence compiler warning.
- This import is not necessary if the dot-writer feature is enabled,
    but necessary if it is not.
2023-11-24 17:40:26 +01:00
Justus Winter
041a41c01c
Port to sequoia-openpgp 1.17. 2023-11-24 17:40:26 +01:00
Justus Winter
de42ad66c9
ci: Use Debian Trixie, Rust 1.67. 2023-11-24 17:40:26 +01:00
Justus Winter
1837674639
Fix typos. 2023-11-24 17:17:18 +01:00
Neal H. Walfield
dcea72208a
Fix license
- On October 18, 2021, Sequoia PGP's license was changed from the
    GPL to the LGPL.  Unfortunately, we forgot to update sq's license.

  - See 884639bf1b

  - Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
    later as unanimously decided on October 18, 2021 by:

      - Christof Wahl <cw@pep.security> (pEp security CEO)
      - Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
        employee, Sequoia developer)
      - Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
        employee, Sequoia Founder)
      - Neal H. Walfield <neal@pep.foundation> (pEp Foundation
        employee, Sequoia Founder)
      - Patrick Meier <pm@pep.security> (pEp security Chief Product
        and Service Officer)
      - Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
        Board)
      - Volker Birk <vb@pep.security> (pEp security Founder, pEp
        Foundation Council)
2023-11-24 16:37:14 +01:00
Justus Winter
7de29e7351
Make the dot-writer dependency optional.
- The dot-writer crate is unmaintained, and prevents upgrading sq in
    Fedora.  As a short-term workaround, we make this dependency
    optional so that it can be easily patched out by packagers.  The
    same has been done for the sq-wot tool.

    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/51
    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/47

  - If the situation improves, either because the crate is maintained
    again, or we port to a different crate, we can easily undo this
    change.

  - Also, remove all the examples that use the dot output format.  Not
    only is it awkward to make these examples optional, the existing
    examples are also very repetetive, as they duplicate an existing
    example, and only change the output format.

  - Fixes #146.
2023-11-24 15:29:05 +01:00
Justus Winter
c5f01fbf65
Simplify expressions. 2023-11-24 15:29:05 +01:00
Justus Winter
239002b06e
Fix error message.
- Fixes #150.
2023-11-24 15:29:05 +01:00
Justus Winter
993a719a74
Disable notarizing of messages.
- Currently, sequoia-openpgp miscomputes notarization
    signatures (see
    https://gitlab.com/sequoia-pgp/sequoia/-/issues/1041) and fixing
    that has proven to be difficult.  Disable this functionality until
    we sorted out the underlying implementation.
2023-11-24 15:29:05 +01:00
Justus Winter
0499e25675
Disable padding support.
- Our method of padding messages is not universally supported by
    consuming implementations:

      https://tests.sequoia-pgp.org/#Packet_excess_consumption

  - Disable it for now.  Once we support generating v6 OpenPGP
    messages, we can enable it again with the new padding packet.
2023-11-24 12:31:20 +01:00
Neal H. Walfield
3983d42953
Remove inaccurate comment 2023-11-22 14:21:45 +01:00
Neal H. Walfield
227750dd0d
Use PathBuf instead of String for arguments taking a path
- `sq verify --detached <SIG>` and `sq wkd generate <WEB-ROOT>` take
    paths, but the argument type is a String. We should use a PathBuf
    instead, as paths, unlike strings, do not have to be valid UTF-8
    strings.

  - Fixes #154.

  - See #13.
2023-11-22 14:20:19 +01:00
Neal H. Walfield
dccae02148
Change sq packet split's prefix argument from a String to a PathBuf
- `sq packet split`'s `--prefix` argument is used to build a
    filename.  Make it a `PathBuf` instead of a `String`.

  - See #13.
2023-11-22 13:53:00 +01:00
Neal H. Walfield
f9362886f4
Use cli::Time instead of a String argument
- Have clap do the conversion from a string to `cli::Time` for the
    `--time` argument to `sq`.

  - Implement `cli::Time::now` to return the current time, and
    `cli::Time::openpgp` to convert the time to a time that is
    representable as an OpenPGP timestamp, if possible.

  - See #13.
2023-11-22 13:52:59 +01:00