GitLab-Mirror/hagrid
1
0
Fork 0
mirror of https://gitlab.com/keys.openpgp.org/hagrid.git synced 2025-10-06 00:23:08 +02:00
Code Issues Projects Releases Wiki Activity
728 Commits 34 Branches 8 Tags
nora/sqlite
Commit Graph

728 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nora Widdecke
eec60a9afd sqlite: Bundle sqlite. 
- rusqlite bundles an up-to-date version of libsqlite3. Enable this
    feature to be independent from OS supplied version.
 2022-01-19 16:22:13 +01:00
Nora Widdecke
bac42c0b8a hagridctl: Disable regenerate. 
- The regenerate command is too intertwined with the filesystem backend.
    Fix it later.
 2022-01-19 16:19:35 +01:00
Nora Widdecke
fd218bebba hagridctl: Adapt import to sqlite backend. 2022-01-19 16:19:35 +01:00
Nora Widdecke
a920d3ad9b sqlite: Store creation and update timestamps 2022-01-19 16:19:35 +01:00
Nora Widdecke
9d779de5dc sqlite: Remove dry_run flag. 2022-01-19 15:19:09 +01:00
Nora Widdecke
c6ae7fb5f5 sqlite: Add wkd hash to email table. 2022-01-19 15:19:09 +01:00
Nora Widdecke
a70ab40039 sqlite: Clarify cert table column names 2022-01-19 15:19:09 +01:00
Nora Widdecke
348db1f033 sqlite: Add lookup_primary_fingerprint unit test. 2022-01-19 15:19:09 +01:00
Nora Widdecke
e46ed608a4 sqlite: Flock the database file. 2022-01-19 15:19:09 +01:00
Nora Widdecke
b54b4f3c07 fs, sqlite: Fix test::new. 
This test probably never worked as intended. For a line like

    assert!(!db.merge(k2).unwrap().into_tpk_status().email_status.len() > 0);

  the associativity of ! means it is applied to the integer, so it is a
  bitwise NOT, not a logical NOT of the entire statement.

  This change attempts to catch the original intention of the test.
 2022-01-19 15:19:09 +01:00
Nora Widdecke
44ca689b15 fromSql 2022-01-19 15:19:09 +01:00
Nora Widdecke
dd75ceab05 sqlite: Implement Database trait for Sqlite. 2022-01-19 15:18:43 +01:00
Vincent Breitmoser
ba0acdc73d sqlite: add some more basic tests 2022-01-19 15:18:43 +01:00
Vincent Breitmoser
50c8dff783 sqlite: add query tracing during tests 2022-01-19 15:18:43 +01:00
puzzlewolf
c2593de5b7 sqlite: Initial work. 2022-01-19 15:18:37 +01:00
Vincent Breitmoser
33224d1855 i18n: fix tests and strings 2022-01-04 15:55:01 +01:00
Vincent Breitmoser
23880d1386 db+web: remove x-accel optimization 
This removes a shortcut to serve certificates from nginx by including an
X-Accel-Redirect header in the response.
 2022-01-04 13:52:58 +01:00
Vincent Breitmoser
77407e03cc db: correctly abstract NamedTempFile as type trait 2022-01-04 13:28:26 +01:00
Vincent Breitmoser
6782c57520 fs: group abstract methods on top of Database trait 2022-01-04 13:23:37 +01:00
Vincent Breitmoser
0e0b5c160a cargo: cargo update, and use recent nightly 2022-01-04 12:24:44 +01:00
Vincent Breitmoser
3aa26c10f3 nix: update shell.nix 2022-01-04 12:17:18 +01:00
Vincent Breitmoser
9d5ec287a9 cargo: update gettext-macros to patched 0.6 
This should work with rust stable, once we update rocket.

Uses a patched version of gettext-macros with a bugfix for
https://github.com/Plume-org/gettext-macros/issues/16
 2022-01-04 12:06:16 +01:00
Vincent Breitmoser
43cdb28b97 i18n: tx pull 2021-11-28 14:32:14 +01:00
Justus Winter
b8ddf58977 update sequoia-openpgp to 1.5 2021-10-25 16:04:12 +02:00
Justus Winter
6db41b87f2 update dump.rs from sq, revert to its canonical form 
Previously, the code was taken with the modifications from
dump.sequoia-pgp.org.  However, the canonical form is the one from the
sq tool.
 2021-10-11 11:06:13 +02:00
Justus Winter
8dabd2c37a update sequoia-openpgp to 1.4 2021-10-11 10:23:45 +02:00
Vincent Breitmoser
90356ddb28 update changed files from rebuild 2021-07-21 09:44:43 +02:00
Justus Winter
bb9a3d8324 Strip non-exportable signatures and cert components. 
If non-exportable signatures are uploaded to Hagrid, this is most
certainly an accident.  Handle this gracefully by stripping these
signatures (and certificate components that are only bound by
non-exportable signatures) when writing them to the database.

Fixes #155.
 2021-07-15 19:21:44 +00:00
Vincent Breitmoser
0543e13b14 nginx: re-add missing proxy cache path directive 2021-07-14 12:32:14 +02:00
Vincent Breitmoser
3432fbe584 readme: small update 
Mention use of ngx_http_lua_module for nginx config, and document move
of the IRC channel to OFTC.
 2021-07-13 11:09:00 +02:00
Vincent Breitmoser
569a9df5a0 nginx: update nginx.conf, ditch nginx-site.conf 2021-07-13 11:05:44 +02:00
Vincent Breitmoser
58585dd41f version 1.1.0 v1.1.0 2021-06-24 12:04:26 +02:00
Vincent Breitmoser
b7127a672e db: remove unused feature declaration 2021-06-24 11:59:55 +02:00
Justus Winter
39c0e12ac6 database: serve first-party attested third-party certifications 
This implements support for third-party userid certifications.  To
prevent denial-of-service attacks, we only merge those certifications
that are attested by the key holder.

The key holder attests the certifications using an Attested Key
Signature containing the digests of the certifications in an Attested
Certifications subpacket as specified in RFC4880bis-10.

Fixes #124.
 2021-06-13 13:30:53 +02:00
Justus Winter
3ecd264c59 sync the dumper code from sq 2021-06-13 10:48:59 +00:00
Justus Winter
c98c588064 update sequoia-openpgp to 1.3 2021-06-13 10:48:59 +00:00
Vincent Breitmoser
c85a7e2c14 about: move IRC channel to OFTC 2021-06-13 12:14:00 +02:00
Vincent Breitmoser
f0dd400a92 about: update rate limit info in api docs 2021-06-11 11:25:49 +02:00
Vincent Breitmoser
f0e0e179ce nginx: increase burst window for fpr lookups to 1000 2021-06-11 11:25:27 +02:00
Justus Winter
a9b1363d09 database: simplify tpk_to_string 
Use the convenience function to armor certificates.  This also adds
comments to the armor blocks, making it easier to identify
certificates when casually inspecting them as text files.
 2021-05-06 18:54:53 +00:00
Justus Winter
e1e88037e8 database: drop tpk_filter_userids 
This function is now provided by Sequoia, and as we no longer have to
reparse the certificate, it is infallible.  Simplify
tpk_filter_alive_emails accordingly.
 2021-05-06 18:54:53 +00:00
Justus Winter
5d23bc8c21 database: fix comment 2021-05-06 18:54:53 +00:00
Vincent Breitmoser
71ca5b2888 nginx: use application/octet-stream content-type for WKD routes 
The format of keys returned on WKD routes is binary, however
`application/pgp-keys` is specified to contain keys in ASCII-armored
format. The WKD spec says the returned content-type SHOULD be
`application/octet-stream`, too.

references:
https://www.ietf.org/archive/id/draft-koch-openpgp-webkey-service-11.txt
https://tools.ietf.org/html/rfc3156#section-7
 2021-04-28 13:22:37 +02:00
Vincent Breitmoser
a7b4eec1fe hkp: drop "upload" mails 2021-04-19 18:40:21 +02:00
Vincent Breitmoser
7011245414 db: don't quarantine degenerate keys 2021-04-15 00:25:18 +02:00
Vincent Breitmoser
7ad5746f52 db: fix check_link_fpr method 2021-04-15 00:25:09 +02:00
Vincent Breitmoser
a4d2197ac5 i18n: tx pull 2021-04-14 23:44:29 +02:00
Vincent Breitmoser
53270cfb04 nginx: add option for loose rate limiting 2021-03-05 13:23:51 +01:00
Vincent Breitmoser
3462a335dd i18n: tx pull 2021-03-03 15:55:44 +01:00
Vincent Breitmoser
ef14d709bd i18n: tx pull 2021-02-26 11:30:47 +01:00