100 Commits

Author SHA1 Message Date
Neal H. Walfield
7ecc843dee
Add new command sq download.
- Add a new command, `sq download`, which downloads a file and a
    signature file, and then authenticates the file.

  - Fixes #84.
2024-11-09 13:28:17 +01:00
Neal H. Walfield
1c96be5f62
Release 0.39.0. 2024-10-30 17:02:34 +01:00
Neal H. Walfield
0bb0960757
Loosen reqwest dependency.
- Allow using newer versions of reqwest.  Don't actually use them,
    as other dependencies still require the older version.
2024-10-30 16:59:30 +01:00
Neal H. Walfield
e724dad138
Loosen subplot dependency.
- Allow using newer versions of subplot (but don't actually use them
    as they have a higher MSRV).
2024-10-30 16:53:57 +01:00
Neal H. Walfield
fa5750cb49
Upgrade terminal_size. 2024-10-30 16:43:48 +01:00
Neal H. Walfield
93549fd108
Upgrade sequoia-policy-config. 2024-10-30 16:36:53 +01:00
Neal H. Walfield
5e5be69dab
Upgrade sequoia-wot. 2024-10-26 09:15:02 +02:00
Justus Winter
f448fcb347
Avoid file descriptor exhaustion when fetching certificates.
- Previously, there was a chance of running out of file descriptors
    while or after fetching a large number of certificates using sq
    network fetch.

  - The root cause of that was the use of getaddrinfo(3) to resolve
    names, which is a blocking interface, which has to be executed on
    a special thread for blocking tasks on the tokio runtime.  The
    maximum number of these threads is capped at 512 by default, and
    these threads can tie up a significant number of file descriptors
    in sockets.  The threads do close their sockets and go away after
    a while, presumably after a timeout.  Further, blocking tasks can
    not be canceled.

  - Do release all thread pool resources after doing the fetch.

  - Also, switch to the hickory crate for doing name lookups.  This
    implements a non-blocking interface, and releases resources in a
    timely fashion.

  - Fixes #335.
2024-09-27 13:34:31 +02:00
Neal H. Walfield
6477009a78
Bump MSRV to 1.75.
- `rustc` version 1.75 has entered Debian Trixie.  Bump our MSRV
    accordingly.
2024-09-26 16:02:32 +02:00
Neal H. Walfield
16aaab33b9
Add a certificate designator abstraction.
- Add a new type, `CertDesignators`, which can be flattened into a
    clap subcommand, and exposes one or more certificate designator
    arguments (`--file`, `--cert`, `--userid`, `--userid`, `--domain`,
    and `--grep`) with an optional prefix (e.g., it transforms `--file`
    into `--cert-file`).

  - See #207.
2024-09-25 13:15:57 +02:00
Justus Winter
dfaba32a7a
Release 0.38.0. 2024-09-03 17:23:42 +02:00
Justus Winter
9861598940
Drop dependency itertools. 2024-09-03 17:23:41 +02:00
Justus Winter
5c68890fb2
Update sequoia-keystore. 2024-09-02 14:47:55 +02:00
Justus Winter
5131a72569
Drop serde_json dependency. 2024-09-02 14:47:54 +02:00
Justus Winter
761f373754
Compile the RustCrypto crates with optimizations. 2024-08-15 15:48:32 +02:00
Justus Winter
c94fb2249d
Improve the way we make the subplot tests opt-in.
- Promote subplotlib to a proper dependency, as dev-dependencies can
    not be optional.
2024-08-15 14:16:26 +02:00
Justus Winter
20eb29930f
Remove the dot output.
- The dot output does not fit into the output framework: it can only
    describe graphs, and most of what sq emits are not graphs.  Once
    sq gains machine-readable output, the current functionality can be
    implemented by emitting the graph data as machine-readable data,
    then transforming it into dot.

  - Fixes #290.

  - Fixes #137.
2024-08-14 14:29:04 +02:00
Justus Winter
272bda3703
Cleanup recursive copying.
- Replace dircpy with the more mature and more widely used fs_extra.
2024-07-11 15:26:27 +02:00
Justus Winter
87806baf6a
Implement sq network wkd publish. 2024-07-11 14:52:35 +02:00
Neal H. Walfield
44973f0fb7
Upgrade chrono.
- Change the minimum supported version of `chrono` to 0.4.38.

  - This is the version in Debian testing.

  - Upgrading allows us to remove the use of some deprecated
    functions.
2024-07-05 09:50:36 +02:00
Neal H. Walfield
b3fbee9565
Upgrade sequoia-openpgp.
- Upgrade `sequoia-openpgp` to 1.21.1.

  - Versions prior to 1.21.1 have some security vulnerabilities.
2024-07-04 22:51:46 +02:00
Neal H. Walfield
8752cc462f
Release v0.37.0. 2024-06-14 20:53:27 +02:00
Neal H. Walfield
9ce23340f7
Upgrade sequoia-cert-store and sequoia-wot.
- Upgrade `sequoia-cert-store` to 0.6.0 and `sequoia-wot` to 0.12.0.
2024-06-14 19:38:58 +02:00
Neal H. Walfield
6eef5e9ffc
Change sq key password to support the cert store and key store.
- Change `sq key password` to support the cert store and key store.

  - See #205.
2024-06-05 09:35:11 +02:00
Neal H. Walfield
446c63d0ed
Move Config to its own module.
- Move the `Config` to sq.rs.

  - Change `main.rs` to `sq`'s entry point.
2024-05-26 09:40:23 +02:00
Neal H. Walfield
94b506ca37
Release v0.36.0. 2024-05-21 23:33:00 +02:00
Neal H. Walfield
e75ad72c65
Use sequoia-directories.
- Use `sequoia-directories` to compute the home directory, and the
    various component directories.

  - This also allows the use of `SEQUOIA_HOME` to set the home
    directory.
2024-05-21 21:22:39 +02:00
Neal H. Walfield
1d162d214b
Upgrade sequoia-keystore. 2024-05-21 18:11:44 +02:00
Neal H. Walfield
c48d1d48dc
Release 0.35.0. 2024-04-15 15:27:08 +02:00
Neal H. Walfield
aafce5da3f
Upgrade sequoia-cert-store.
- Upgrade `sequoia-cert-store` to at least 0.5.3.  0.5.1 and 0.5.2
    have a minor bug in the cert-d lookup code.
2024-04-15 15:26:58 +02:00
Neal H. Walfield
03c6e57d10
When possible, prefer from_buffered_reader to from_reader.
- Objects that work with either a `BufferedReader` or a `Read`er are
    often more efficient when they are directly passed the
    `BufferedReader`.

  - Prefer `from_buffered_reader` to `from_reader` when possible.
2024-04-12 11:59:47 +02:00
Neal H. Walfield
a549cabf8d
Require canonical user IDs by default.
- Change `sq key generate` and `sq key userid add` to require
    canonical user IDs by default.

  - If a user ID is not in canonical form, explain the problem, and
    suggest a solution, if possible.

  - Allow the user to disable this check by passing the
    `--allow-non-canonical-userids` flag.

  - Fixes #209.
2024-04-09 12:07:42 +02:00
Neal H. Walfield
ddfda32cec
Upgrade sequoia-keystore. 2024-04-04 17:33:30 +02:00
Justus Winter
93e8543748
Trim dependencies. 2024-03-25 12:18:53 +01:00
Neal H. Walfield
696bf3a677
Release 0.34.0. 2024-02-29 17:21:43 +01:00
Neal H. Walfield
828eb4dd44
Relax version requirements on textwrap.
- Also accept version 0.15.x of `textwrap`.
2024-02-29 17:21:37 +01:00
Neal H. Walfield
011c426970
Change best_effort_primary_uid to prefer authenticated user IDs.
- Change `best_effort_primary_uid` to prefer authenticated user IDs
    to user IDs that are only self signed.
2024-02-29 13:42:28 +01:00
Neal H. Walfield
314e19c1af
Upgrade sequoia-cert-store and sequoia-wot.
- Upgrade `sequoia-cert-store` and `sequoia-wot` and adapt to their
    API changes.
2024-02-23 16:58:15 +01:00
Neal H. Walfield
b07a922bb6
Upgrade sequoia-keystore and sequoia-ipc.
- `sequoia-ipc` version 0.33.0 fixes a bug on Windows.

  - See 44b349e32d .
2024-02-20 16:25:39 +01:00
Neal H. Walfield
27093c1709
Add support for using a key store.
- Support using keys managed by `sequoia-keystore`.

  - When decrypting a message, have `sq` automatically ask the
    key store to decrypt the PKESKs.

  - Extend `sq sign` and `sq encrypt` with the `--signer-key`
    parameter to use a key managed by the keystore.

  - Add two top-level options: `--no-key-store`, which disables the
    use of the key store, and `--key-store`, which uses an alternate
    key store instance.

  - Add `sq key list` to list keys on the key store.
2024-02-18 15:24:02 +01:00
Justus Winter
d9f9bf6ea2
Certify certs downloaded from the web.
- Fixes #174.
2024-02-13 14:21:33 +01:00
Justus Winter
b796ce1b8c
Add a progress bar to the network fetch commands. 2024-02-09 18:16:43 +01:00
Neal H. Walfield
0d1da78356
Add a framework to format and test examples.
- The `--help` output for most subcommands includes one or more
    examples.

  - We should test these, like we test everything else.

  - Add a framework to format, and test the examples.

  - Fixes #190.

  - Also, fix some broken examples.
2024-02-09 18:08:09 +01:00
Justus Winter
825f4463de
Wrap human-readable pki output. 2024-02-08 16:23:19 +01:00
Justus Winter
1259f0c237
Drop the compression-bzip2 feature, making compression mandatory.
- Fixes #42.  See #137.
2024-02-07 12:19:06 +01:00
Neal H. Walfield
c45686c4da
Use sequoia-cert-store to manage shadow CAs.
- As of 0.4.1, sequoia-cert-store includes (better versions of)
    shadow CA functionality.

  - Prefer it.
2024-01-29 19:07:14 +01:00
Justus Winter
a8110e1229
Update to sequoia-openpgp 1.18. 2024-01-29 18:52:02 +01:00
Justus Winter
195ef2bf9b
Release 0.33.0. 2024-01-19 14:39:35 +01:00
Justus Winter
83f92ef064
Allow updating textwrap to 0.16.
- Don't actually update, as other dependencies are still on 0.15.
2024-01-19 14:39:29 +01:00
Justus Winter
fd08784e3a
Use std::io::IsTerminal instead of is-terminal.
- Available since Rust 1.70.
2024-01-08 14:18:42 +01:00