| Age | Commit message (Collapse) | Author |
|---|
|
|
|
There was a duplicate import for get_versions, that was not at
the top of the file, that caused a pep warning and was fixed
in this commit
|
|
|
|
- Resolves: #7974
|
|
During encryption we where updating 'enc_used' in the key without
checking if it was already set.
|
|
|
|
- Resolves: #7500
|
|
- Resolves: #7485
|
|
This commit put those gnupg operations to be run on external threads
limited by the amount of cores present on user machine.
Some gnupg calls spawn processes and communicating to them is a
synchronous operation, so running outside of a reactor should improve
response time by avoiding reactor locking.
|
|
Some methods were missing docstrings and some code was exceeding the 80
column limit. Also some asserts arent needed anymore.
|
|
This commit adapts code to use HTTPClient instead of requests.
requests library receives a certificate as parameter during requests
while HTTPClient recelives a cert only on constructor. In order to have
both types (leap cert and commercial certs) working together we
introduced two clients on constructor.
|
|
Isolate requests lib related code and update docstrings.
|
|
That's a temporary fix for #6506
This commit adapts code to deal with deferreds coming from calling
requests from Twisted. Next step is just to change requests for twisted
http client present in leap.common.
Unfortunately, this last step will be a bit longer and would be better
to have integrations tests to ensure current HTTP behaviour.
|
|
The latests refactor missed one line.
|
|
Improve readability of operations on generic keys, by assigning the
class matching the type of key (_wrapper_map[ktype]) at the beginning of
each block.
in the future, we could pass the type of key (only PGP keys being used
at the moment) on initialization of the Keymanager, so we don't have to
pass the ktype on each method call.
|
|
|
|
In previous commit 9546348c, the combined bundle ca
was not long enough in scope and was therefore deleted
when it actually was used.
Adopted test to check whether file is deleted.
|
|
During decryption the signing public key was getting repush with a
different address as part of the verify usage flagging.
- Resolves: https://github.com/pixelated/pixelated-user-agent/issues/466
- Related: #7420
|
|
Fixup for 9546348c36. This problem only occurs in
test setups where '' is passed to ca_cert_path.
|
|
On fetch_key we were not catching the request exceptions, now they are
returned as failure in the deferred as it should.
- Related: #7410
|
|
|
|
This is necessary as a fetch by url will talk to remote
sites or, for providers with a commercial cert, with
a cert that had not been signed with the provider CA.
- support lookup of local keys by url for providers
with a commercial cert
- combine ca_bundle with ca_cert_path if specified
- close soledad after each test
|
|
In case of failure of fetch_key will be useful to have some logging
telling us wich key is fetching.
- Related: #7410
|
|
|
|
this avoids using a separate thread with tornado ioloop for events
client, since we can use twisted reactor.
- Resolves: #7274
|
|
Fixed pep8 warnings to prepare the keymanager for CI
|
|
|
|
latest gnupg version (from pypi) was '2.0.2-py2.7.egg', which is parsed
as a LegacyVersion and therefore breaks the numeric comparison. this is
a workaround to allow the sanity check to continue, by comparing just
the numeric part of the version string.
|
|
* Resolves: #7188
|
|
- Related: #6359
|
|
Nicknym server is authoritative for its own domain, but for others it might
retrieve keys from key servers. On keys from the same domain we set the
validation level to 'Provider Trust'. For other domains in the email
address we set it to 'Weak Chain' as we don't have info about its source.
Resolves: #6815
Related: #6718
Releases: 0.4.0
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Don't throw an exception if verification fails
|
|
|
|
|
|
|
|
|
|
For that that now the type is the class.__name__ instead of
str(class)
|
|
|
|
|
|
binary keys support is still missing
|
|
|
|
Don't fit with the logic of the keymanager and it's not use except for
some commented code in bitmask_client
|
|
|
|
We only need to cache the fetch with a sort timeout. The tests that
fetches keys now have to use different keys or will be cached.
|
