azul [Mon, 5 Feb 2018 11:04:01 +0000 (03:04 -0800)]
Merge branch 'feature/web-key-directory' into 'master'
feature: enamble wkd lookup
Closes #1
See merge request leap/nickserver!23
Azul [Mon, 5 Feb 2018 10:25:33 +0000 (11:25 +0100)]
feature: enamble wkd lookup
fixes #1
azul [Mon, 5 Feb 2018 08:35:07 +0000 (00:35 -0800)]
Merge branch 'feature/katzenpost-keys' into 'master'
feature: hand out other key types like katzenpost keys
See merge request leap/nickserver!22
Azul [Mon, 5 Feb 2018 08:27:48 +0000 (09:27 +0100)]
feature: hand out other key types like katzenpost keys
azul [Tue, 7 Nov 2017 16:20:41 +0000 (08:20 -0800)]
Merge branch 'refactor/clarify-response' into 'master'
Refactor/clarify response
See merge request leap/nickserver!20
Azul [Sat, 4 Nov 2017 07:30:08 +0000 (08:30 +0100)]
refactor: turn Hkp::Response into KeyResponse
We now also use it from wkd and it seems like a generally
useful kind of response.
Azul [Fri, 3 Nov 2017 13:33:51 +0000 (14:33 +0100)]
fix: no expiration date means not outdated
We were using Time.at(expirationdate) even if it was nil which
led to using the Time.at(0). Instead an unset expirationdate
is meant to not expire the key at all.
Our tests did not catch this because the assertions were in
blocks that did not get run at all. (at least in the HKP
integration test).
Azul [Wed, 11 Oct 2017 13:57:39 +0000 (15:57 +0200)]
docs: update README.md
* We are using Celluloid instead of EventMachine now
* The json responses are currently not signed
* we actually pick a key rather than sending all available
* There are only two install options listed. We were claiming there are three.
Azul [Wed, 11 Oct 2017 13:46:48 +0000 (15:46 +0200)]
style: more rubocop fixes
azul [Sat, 23 Sep 2017 15:11:20 +0000 (15:11 +0000)]
Merge branch 'rubocop' into 'master'
Style fixes based on Rubocop
See merge request leap/nickserver!19
Azul [Sat, 23 Sep 2017 13:41:56 +0000 (15:41 +0200)]
style: avoid endless elsif in KeyInfo#error
using an array of symbols representing the different checks now.
Azul [Sat, 23 Sep 2017 13:10:11 +0000 (15:10 +0200)]
refactor: move error detection into key_info
Still needs something better than all these elsifs though
Azul [Sat, 23 Sep 2017 11:43:29 +0000 (13:43 +0200)]
style: more rubocop fixes
Azul [Sat, 23 Sep 2017 09:07:32 +0000 (11:07 +0200)]
style: rubocop mostly auto-correct
Azul [Fri, 22 Sep 2017 13:30:40 +0000 (15:30 +0200)]
wkd: implement basic lookup of keys through wkd
wkd is the web key directory. See the Readme.md in
/lib/nickserver/wkd
azul [Sat, 23 Sep 2017 14:44:56 +0000 (14:44 +0000)]
Merge branch 'wkd' into 'master'
Fetch keys from web key directory
See merge request leap/nickserver!18
Azul [Fri, 22 Sep 2017 16:40:45 +0000 (18:40 +0200)]
fiX: tests need different names, warnings
Azul [Fri, 22 Sep 2017 13:30:40 +0000 (15:30 +0200)]
wkd: implement basic lookup of keys through wkd
wkd is the web key directory. See the Readme.md in
/lib/nickserver/wkd
Azul [Mon, 7 Aug 2017 07:28:05 +0000 (09:28 +0200)]
update changelog
Azul [Thu, 3 Aug 2017 14:41:13 +0000 (16:41 +0200)]
Version 0.10.0
This is a maintainance release - bugfixes and upgrades of dependencies.
This release fixes a major issue with leaking file descriptors. Please
upgrade as soon as possible. Ruby 2.1 is required - no other upgrade
issues are known.
bugfixes:
* #3 handle domains without A-record
* filedescriptor leak from http_adapters
* send empty json object on 404 rather than nil
* remote nicknym is on port 6425
* use user:password@ prefix in http basic auth
upgrades:
* require at least ruby 2.1
* upgrade bundled gems to latest available
tests:
* more meaningful error messages in case of failures
* test bundle is up to date
* regression test for nonexisting domain
integration:
* Add systemd service unit file
* Restart nickserver automatically from systemd
* gitignore: bundle dir
cleanup:
* old empty adapters and tests
azul [Tue, 25 Jul 2017 07:01:56 +0000 (07:01 +0000)]
Merge branch 'test/nonexisting-domain' into 'master'
test: regression test for nonexisting domain
See merge request !17
Azul [Tue, 25 Jul 2017 06:59:42 +0000 (08:59 +0200)]
test: regression test for nonexisting domain
related to platform#8674
azul [Mon, 24 Jul 2017 10:00:01 +0000 (10:00 +0000)]
Merge branch 'test/http-adapter' into 'master'
test: minor: add http adapter test
See merge request !16
Azul [Mon, 24 Jul 2017 09:02:48 +0000 (11:02 +0200)]
test: minor: add http adapter test
azul [Mon, 24 Jul 2017 08:05:11 +0000 (08:05 +0000)]
Merge branch 'bugfix/name-resolution' into 'master'
fix: #3 handle domains without A-record
Closes #3
See merge request !15
Azul [Mon, 24 Jul 2017 07:55:28 +0000 (09:55 +0200)]
fix: #3 handle domains without A-record
If a domain only has an mx record but no A record it
will trigger a ConnectionError when attempting the
nicknym key lookup.
We need to detect and handle this in the http adapter
already because once the exception is handled by Celluloid
our actor will be terminated.
So now we allow for handing a rescue option to the
adapter with a string that is checked for inclusion in
the error message. If the string is found the exception
will be caught and the adapter returns nil.
We only make use of this when checking the availability
of nicknym so far. That should be the only http request
going out.
azul [Mon, 24 Jul 2017 08:01:49 +0000 (08:01 +0000)]
Merge branch 'test/fd-count-tweak' into 'master'
minor: tweak file descriptor count test
See merge request !14
Azul [Mon, 24 Jul 2017 06:10:32 +0000 (08:10 +0200)]
minor: tweak file descriptor count test
azul [Mon, 24 Jul 2017 05:22:44 +0000 (05:22 +0000)]
Merge branch 'upgrade/bundle' into 'master'
Upgrade/bundle
See merge request !12
azul [Mon, 24 Jul 2017 05:22:15 +0000 (05:22 +0000)]
Merge branch 'fix/fd-leak' into 'master'
fix: filedescriptor leak from http_adapters
See merge request !13
Azul [Fri, 21 Jul 2017 06:19:20 +0000 (08:19 +0200)]
fix: filedescriptor leak from http_adapters
Now we reuse a single adapter for all requests triggered
by an incoming request. Then we .terminate the adapter.
Includes a regression test.
Azul [Thu, 20 Jul 2017 18:51:53 +0000 (20:51 +0200)]
upgrade: bundle
Azul [Thu, 20 Jul 2017 18:50:05 +0000 (20:50 +0200)]
ci: test bundle is up to date
azul [Thu, 20 Jul 2017 18:43:53 +0000 (18:43 +0000)]
Merge branch 'upgrade' into 'master'
upgrade dependencies
See merge request !11
Azul [Thu, 11 May 2017 06:39:22 +0000 (08:39 +0200)]
upgrade dependencies
Azul [Tue, 21 Feb 2017 12:22:57 +0000 (13:22 +0100)]
gitignore: bundle dir
varac [Tue, 17 Jan 2017 11:47:25 +0000 (12:47 +0100)]
Restart nickserver automatically from systemd
varac [Mon, 16 Jan 2017 15:24:18 +0000 (16:24 +0100)]
Add systemd service unit file
Azul [Mon, 5 Dec 2016 13:38:43 +0000 (14:38 +0100)]
bugfix: send empty json object on 404 rather than nil
sending nothing was keeping the connection alive.
Azul [Fri, 2 Dec 2016 18:21:11 +0000 (19:21 +0100)]
bugfix: remote nicknym is on port 6425
We may use a different port in the config that is then mapped somehow.
But this should not affect where we try to contact remote nicknym servers.
azul [Fri, 2 Dec 2016 11:25:35 +0000 (11:25 +0000)]
Merge branch 'bugfix/couch-auth' into 'master'
bugfix: use user:password@ prefix in http basic auth
See merge request !9
Azul [Fri, 2 Dec 2016 11:24:13 +0000 (12:24 +0100)]
debug: raise error on 401
This will get us more debug info in the logs if it happens again
Azul [Fri, 2 Dec 2016 10:36:02 +0000 (11:36 +0100)]
bugfix: use user:password@ prefix in http basic auth
http.rb does not do this on its own.
Azul [Fri, 2 Dec 2016 10:31:20 +0000 (11:31 +0100)]
cleanup: old empty adapters and tests
azul [Fri, 2 Dec 2016 10:28:46 +0000 (10:28 +0000)]
Merge branch 'test/debug-failures' into 'master'
test: more meaningful error messages in case of failures
See merge request !8
Azul [Wed, 30 Nov 2016 11:49:50 +0000 (12:49 +0100)]
test: more meaningful error messages in case of failures
azul [Mon, 17 Oct 2016 09:09:59 +0000 (09:09 +0000)]
Merge branch 'release/0.9' into 'master'
Release 0.9
Version 0.9.0
Allow queries by fingerprint (using keyservers to reply) and support key
lookup from other nickservers.
This is a major rewrite both in terms of our dependencies and our
architecture. We moved the server and http_client from eventmachine to
Celluloid based libraries. This allows for a more concise syntax and
proper https handling.
In addition we now support ruby 2.3, use a Logger instead of stdout and handle
network errors properly
See merge request !7
Azul [Sun, 2 Oct 2016 13:34:18 +0000 (15:34 +0200)]
Version 0.9.0
Allow queries by fingerprint (using keyservers to reply) and support key
lookup from other nickservers.
This is a major rewrite both in terms of our dependencies and our
architecture. We moved the server and http_client from eventmachine to
Celluloid based libraries. This allows for a more concise syntax and
proper https handling.
In addition we now support ruby 2.3, use a Logger instead of stdout and handle
network errors properly
azul [Mon, 17 Oct 2016 08:58:08 +0000 (08:58 +0000)]
Merge branch 'feature/log-requests-and-errors' into 'master'
Log requests and errors
proper logging
See merge request !6
Azul [Sun, 2 Oct 2016 13:28:50 +0000 (15:28 +0200)]
doc: prepara CHANGES.md for 0.9.0
Azul [Sun, 2 Oct 2016 13:28:19 +0000 (15:28 +0200)]
minor: gitignore byebug_history
Azul [Sun, 2 Oct 2016 13:27:47 +0000 (15:27 +0200)]
minor: include Gemfile.lock
Azul [Sun, 2 Oct 2016 13:27:15 +0000 (15:27 +0200)]
doc: add sequence diagrams for high level overview
Azul [Sun, 2 Oct 2016 13:05:02 +0000 (15:05 +0200)]
silence Celluloid.logger in tests
Introduced CelluloidTest as a test class for all tests that depend on
Celluloid being up and running.
Azul [Fri, 30 Sep 2016 10:47:32 +0000 (12:47 +0200)]
change default adapter to CelluloidHttp
Turns out without this nickserver will not respond to multiple concurrent requests.
Azul [Fri, 30 Sep 2016 10:46:41 +0000 (12:46 +0200)]
logger: log celluloid errors to default log
Azul [Fri, 30 Sep 2016 10:46:05 +0000 (12:46 +0200)]
minor: test: fix * interpreted as arg prefix warning
Azul [Fri, 30 Sep 2016 10:03:36 +0000 (12:03 +0200)]
logger: log to STDOUT when run in foreground
Azul [Fri, 30 Sep 2016 09:59:20 +0000 (11:59 +0200)]
logging: use proper logger
This way the logs do not interfere with test output
Azul [Thu, 29 Sep 2016 11:18:38 +0000 (13:18 +0200)]
use stderr for errors
Azul [Thu, 29 Sep 2016 10:56:14 +0000 (12:56 +0200)]
skip tests with ConnectionErrors
We handle these errors nicely in the dispatcher and have tests for that.
Tests should fail or err out when running into exceptions we are not
handling yet. But for these it's better to just skip.
Azul [Sat, 24 Sep 2016 10:12:21 +0000 (12:12 +0200)]
log HTTP::ConnectionErrors, respond with json body
Azul [Sat, 24 Sep 2016 10:00:56 +0000 (12:00 +0200)]
use plain http.rb rather than celluloid i/o
Turns out http.rb does not support celluloid i/o andymore and we were not making
use of it anyway.
Here's what https://github.com/httprb/http/wiki/Thread-Safety says:
(NOTE: this gem previously supported Celluloid::IO, but that support was removed to add the current timeout backend. It may be added back in a future version)
So now we have a plain http.rb adapter and use that as the default.
This prevents actors from crashing in the adapter (as we don't have any).
Azul [Sat, 24 Sep 2016 09:56:59 +0000 (11:56 +0200)]
test: rename so no name is duplicated
Azul [Fri, 23 Sep 2016 13:54:56 +0000 (15:54 +0200)]
basic logging and recovery from exceptions raised
Azul [Fri, 23 Sep 2016 13:54:34 +0000 (15:54 +0200)]
test: some very basic functional tests
azul [Fri, 23 Sep 2016 06:45:18 +0000 (06:45 +0000)]
Merge branch 'feature/deal-with-network-failures' into 'master'
Feature/deal with network failures
Also activates the new nicknym lookup.
See merge request !5
Azul [Thu, 22 Sep 2016 10:27:53 +0000 (12:27 +0200)]
return nil on 404 in hkp source
This way the other RequestHandlers can give it a try.
If none handles it we'll get a 404 anyway. But maybe there's
been an exception before so a 502 should be send.
Azul [Thu, 22 Sep 2016 09:31:01 +0000 (11:31 +0200)]
hand on connection errors to dispatcher so it can handle it
Azul [Thu, 22 Sep 2016 09:07:47 +0000 (11:07 +0200)]
feature: 502 on ConnectionErrors
If one source raises a 502 and no other handler has any result we'll
respond with a 502 - bad gateway.
Azul [Wed, 21 Sep 2016 11:05:50 +0000 (13:05 +0200)]
doc: explain the purpose of different integration tests
Azul [Wed, 21 Sep 2016 10:48:11 +0000 (12:48 +0200)]
feature: activate nicknym lookup
Azul [Tue, 20 Sep 2016 07:14:43 +0000 (09:14 +0200)]
rescue and track exceptions in handler chain
Azul [Mon, 19 Sep 2016 07:51:38 +0000 (09:51 +0200)]
refactor: separate handler chain from dispatcher
Handler Chain is of handlers that respond to call.
Invoking handle(*args) on the chain will call the handlers with the given args
until one of them returns a result that is truethy (i.e. not false or nil).
Extracted from the dispatcher so we can also handle exceptions there in the
future. (So that if one of the network connections to the request_handlers
fails we can continue while still tracking the failed exception.)
Azul [Fri, 16 Sep 2016 13:29:06 +0000 (15:29 +0200)]
gitignore: vendor
Azul [Fri, 16 Sep 2016 12:32:55 +0000 (14:32 +0200)]
deal with network issues in nicknym source
This is a first step. In case the suspected nicknym server cannot be
reached we will now move on and try other sources.
It's robably not what we want in the long run. In order to know wether
no key exists or we just failed to connect to some servers a different
http response code would be nice if network errors occured.
This simplifies testing such scenarios in the unit test and makes the
remote tests skip on network failure.
azul [Fri, 16 Sep 2016 12:07:27 +0000 (12:07 +0000)]
Merge branch 'bugfix/load-error-in-bin' into 'master'
bugfix: load order issue in server, include test
Includes our first functional test. This one only makes sure loading
the bin/nickserver actually works fine. Enough to catch this bug.
See merge request !4
Azul [Fri, 16 Sep 2016 10:56:13 +0000 (12:56 +0200)]
bugfix: load order issue in server, include test
Includes our first functional test. This one only makes sure loading
the bin/nickserver actually works fine. Enough to catch this bug.
azul [Fri, 16 Sep 2016 10:23:25 +0000 (10:23 +0000)]
Merge branch 'feature/query-leap-servers' into 'master'
test: properly test nicknym source + fixes
See merge request !3
Azul [Tue, 13 Sep 2016 14:45:28 +0000 (16:45 +0200)]
test: properly test nicknym source + fixes
Azul [Mon, 12 Sep 2016 14:34:25 +0000 (16:34 +0200)]
test: separate remote tests into own directory
Dropped the webmock dependency. We have our own http adapter. So we can
stub that to inject a mock. As an added bonus this does not mess with
other http requests.
Also wrote down testing strategy. Not completely implemented yet.
Azul [Mon, 12 Sep 2016 12:04:45 +0000 (14:04 +0200)]
test: first steps towards a remote nicknym test
Azul [Mon, 12 Sep 2016 09:42:02 +0000 (11:42 +0200)]
[wip] nicknym source query implemented
Also changed Nickserver::Response to not include the status code.
This may be okay for error responses but in most cases we want to
have a parsable message and not some status code prepended to it.
Azul [Wed, 31 Aug 2016 10:15:20 +0000 (12:15 +0200)]
refactor: remove global require in test_helper
require all the things we depend upon where we depend upon them.
Azul [Tue, 30 Aug 2016 10:38:43 +0000 (12:38 +0200)]
wip: key lookup by address via leaps nicknym
I added a RequestHandler that uses Nicknym::Source - but that has not
been implemented yet.
Azul [Tue, 30 Aug 2016 10:10:57 +0000 (12:10 +0200)]
refactor: make the RequestHandler classes callable
Whenever a RequestHandler class is called we instantiate it with the request.
Then we call handle on the instance. This way we can access the request and
its content via accessors rather than only in the handle method.
Azul [Tue, 30 Aug 2016 09:25:15 +0000 (11:25 +0200)]
refactor: rename EmailHandler to HkpEmailHandler
Azul [Mon, 29 Aug 2016 10:51:00 +0000 (12:51 +0200)]
feature: keep trying if no Host header given
So far we would error out if no host was specified in the config or
the request. It's true that we can't do local lookup if we don't
know our own domain. However we can still use HKP.
In the future we will query leaps own API for other providers. If the
host was not set in the initial request we might even proxy a request to
ourselves. Providing the Host header will prevent an infinite loop in
that case.
azul [Mon, 29 Aug 2016 10:19:22 +0000 (10:19 +0000)]
Merge branch 'refactor/request-handling' into 'master'
refactor: restructure the way we handle requests to make it more consistent.
Requests are handled at a lot of different ways in different styles right now.
Let's make this more consistent and flexible to add email lookup at other leap providers.
See merge request !2
Azul [Mon, 29 Aug 2016 09:59:54 +0000 (11:59 +0200)]
refactor: split EmailHandler in 3
InvalidEmailHandler - handle emails with an invalid format
LocalEmailHandler - handle emails on the local domain
EmailHandler - handle all other emails by using hkp
This is a preparation to add leap provider email lookup and remove
hkp eventually. But for now we keep the behaviour the same and only
refactor.
Azul [Mon, 29 Aug 2016 08:36:05 +0000 (10:36 +0200)]
cleanup: remove outdated ideas
Lookup and InvalidSource were experiments for a design for the
dispatching. Our new dispatcher seems better.
Azul [Mon, 29 Aug 2016 08:26:54 +0000 (10:26 +0200)]
refactor: let handlers check if they are applicable
Instead of testing the preconditions for each handler in the dispatcher
the dispatcher hands a request to one handler after the other until one of
them responds.
This is similar to the Chain of Responsibility patter but we iterate over the
'handler_chain' array instead of a linked list.
To change the order of handlers or add other handlers change the array in the
handler_chain function.
Azul [Mon, 29 Aug 2016 07:41:12 +0000 (09:41 +0200)]
refactor: split up ResponseHandler
Now we have a Dispatcher and two ResponseHandlers that have the same interface.
Moving towards a Chain of Responsibility pattern.
Azul [Sat, 27 Aug 2016 09:25:30 +0000 (11:25 +0200)]
expose Request class from RequestHandler
This way we can separate the EmailHandler and the FingerprintHandler as well.
Azul [Sat, 27 Aug 2016 07:09:07 +0000 (09:09 +0200)]
refactor: push down adapter dependency injection to sources
The original idea was that we would have all the celluloid related things
injected in reel_server. However it seems unlikely that we will use a
different http system anytime soon.
Removing some layers of dependency injection to reduce complexity. We
can easily bring this back if we want.
Azul [Fri, 26 Aug 2016 21:15:34 +0000 (23:15 +0200)]
refactor: split up RequestHandler even more
Azul [Fri, 26 Aug 2016 17:39:26 +0000 (19:39 +0200)]
refactor: Request helper class in RequestHandler
We have a specific way of encoding the thing we are looking for in the
request. I added a small helper class to access the fingerprint and
email.
This also cleans up the RequestHandler code to some extend.
azul [Fri, 26 Aug 2016 17:42:27 +0000 (17:42 +0000)]
Merge branch 'test/gitlab' into 'master'
Run tests on gitlab
See merge request !1
Azul [Fri, 26 Aug 2016 15:52:54 +0000 (17:52 +0200)]
[upgrade] ruby 2.3 on CI
Azul [Fri, 26 Aug 2016 15:47:16 +0000 (17:47 +0200)]
[update] trying to silence warnings
These warnings were showing on gitlab ci.
$ bundle exec rake test
/usr/local/bin/ruby -w -Ilib:test -I/builds/leap/nickserver/vendor/ruby/2.1.0/gems/rake-11.2.2/lib /builds/leap/nickserver/vendor/ruby/2.1.0/gems/rake-11.2.2/lib/rake/rake_test_loader.rb test/**/*_test.rb
/usr/local/lib/ruby/gems/2.1.0/gems/bundler-1.12.5/lib/bundler/rubygems_integration.rb:468: warning: method redefined; discarding old find_spec_for_exe
/usr/local/lib/ruby/site_ruby/2.1.0/rubygems.rb:261: warning: previous definition of find_spec_for_exe was here
I, [2016-08-26T15:34:46.162843 #325] INFO -- : Celluloid 0.17.3 is running in BACKPORTED mode. [ http://git.io/vJf3J ]
/builds/leap/nickserver/test/unit/request_handler_test.rb:28: warning: mismatched indentations at 'end' with 'def' at 21
/builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_protocols not initialized
/builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_select_cb not initialized
Run options: --seed 61653
# Running:
.................../builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_protocols not initialized
/builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_select_cb not initialized
.../builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_protocols not initialized
/builds/leap/nickserver/vendor/ruby/2.1.0/gems/celluloid-io-0.17.3/lib/celluloid/io/ssl_socket.rb:22: warning: instance variable @npn_select_cb not initialized
.................
Finished in 2.029982s, 19.2120 runs/s, 10.8375 assertions/s.