Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
Check on every fetch of the private key if the expiration is less than
two months before it expire. And extend the expiration if needed.
- Resolves: #8217
|
|
We are not planning to regenerate keys (for now), only to extend the
expiration date.
|
|
|
|
We were considering to reset the sign_used flag to force the new key to
be resend as attachment in forthcoming emails. Although, this is not a
good solution, because we'll lose information about which keys the
client has signed.
|
|
Previously, we were sending the key attached as long as the contact
hasn't replied back. But with new key replace scenarios, we need to updated
the contact keyring with the new key.
We can implement autocrypt or similar in the future, but for now, let's
send the key attached on every email.
|
|
This was intended to offer the option of only extend the old key and
not change it for a new one. However, we don't plan to use this
behavior anymore.
|
|
|
|
This changes reflect python-gnupg naming.
With @aarni
|
|
Previously, new_expiry_date was calculated by the key creation date + 1
week, but the proper behavior is today + 1 week, accordingly with gpg
behavior.
|
|
- private key is not allowed to be fetched remotely
- fetch_remote needs to be specifically set
- if a new key is fetched (ie different KeyID), the validation
rule applies
|
|
date is extended
- this is required so that the key is re-attached to the first
outgoing email to all users who already have the expired key.
|
|
- private key is not allowed to be fetched remotely
- fetch_remote needs to be specifically set
- if a new key is fetched (ie different KeyID), the validation
rule applies
|
|
|
|
is renewed
- there is only one private inactive key that is the key
expiring last among all inactive keys
- if there is an inactive key, decryption with it, is tried
if it fails with the current active key.
|
|
- this flag is used by leap.mail to attach the new key
|
|
- if current key pair is expired, it'll be extended for a day first
- new key pair will be signed by the old key
|
|
- extends key pair (unlocked from soledad)
- extension period is counted from key creation date
|
|
- Enable XTRACE output of script
- Run e2e mail test against ci.leap.se
- Remove unused POLKIT variable
- Specify MX server for e2e mail test
- Fix helo in e2e tests
Resolves: #9159
|
|
Since we are using artful for the tests it comes with gnupg2 and breaks
the e2e tests.
Also install haveged to speed up e2e tests.
- Resolves: #9159
|
|
|
|
|
|
I tried to upgrade to ubuntu packages chromedriver 2.32 (artful)
but this didn't help.
After using latest chromedriver release 2.33 from
https://sites.google.com/a/chromium.org/chromedriver/downloads
it works.
Also, build docker image from LEAP/artful.
Resolves: #9149
|
|
|
|
|
|
|
|
- Resolves: #9030
|
|
- Resolves: #9023
|
|
There was a mismatch on the return values of Nicknym class and the
expectations. As most of the code was expecting an OpenPGPKey, but it
was returning the json as it came from the nickserver. Now is just
returning the key data.
|
|
There was common situations where two provider instances where running
in parallel. And was creating weird errors (like getting wrong api_uri)
because the bootstrap deferreds were global but the Provider objects
not.
I don't like much singletons, but I think now is simpler than before.
- Resolves: #9073
|
|
Relates to #8918
|
|
(add some extra line to force tests to run again)
|
|
here we port the if-modified-since conditional mechanism, so that we
only write the config if it is newer than whan we have.
we also add a line with the status code to the logs, so that it's easier
to debug.
note that the 'configs.json' file is never returning 304.
- Resolves: #8773
|
|
node-mail chokes if we don't.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|