kotovalexarian-likes-gitlab
/
hagrid-keyserver--hagrid
mirror of https://gitlab.com/hagrid-keyserver/hagrid.git
1
0
Fork 0
Code Releases Activity

lint: Apply clippy autofixes 

clippy::needless_borrow

  clippy::single_char_pattern

  clippy::redundant_clone

  clippy::needless_return

  clippy::needless_question_mark

  clippy::useless_conversion

  clippy::to_string_in_format_args

  clippy::to_string_in_format_args

  clippy::useless_format

  clippy::useless_vec

  clippy::toplevel_ref_arg

  clippy::redundant_static_lifetimes

  clippy::try_err
This commit is contained in:
Nora Widdecke 2022-02-18 11:14:58 +01:00
parent 8eb3984560
commit 421f8a0908
16 changed files with 143 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
database/src/fs.rs
View File

@ -248,7 +248,7 @@ impl Filesystem {
fn link_email_vks(&self, email: &Email, fpr: &Fingerprint) -> Result<()> {
let path = self.fingerprint_to_path_published(fpr);
let link = self.link_by_email(&email);
let link = self.link_by_email(email);
let target = diff_paths(&path, link.parent().unwrap()).unwrap();
if link == target {
@ -260,7 +260,7 @@ impl Filesystem {
fn link_email_wkd(&self, email: &Email, fpr: &Fingerprint) -> Result<()> {
let path = self.fingerprint_to_path_published_wkd(fpr);
let link = self.link_wkd_by_email(&email);
let link = self.link_wkd_by_email(email);
let target = diff_paths(&path, link.parent().unwrap()).unwrap();
if link == target {
@ -271,7 +271,7 @@ impl Filesystem {
}
fn unlink_email_vks(&self, email: &Email, fpr: &Fingerprint) -> Result<()> {
let link = self.link_by_email(&email);
let link = self.link_by_email(email);
let expected = diff_paths(
&self.fingerprint_to_path_published(fpr),
@ -282,7 +282,7 @@ impl Filesystem {
}
fn unlink_email_wkd(&self, email: &Email, fpr: &Fingerprint) -> Result<()> {
let link = self.link_wkd_by_email(&email);
let link = self.link_wkd_by_email(email);
let expected = diff_paths(
&self.fingerprint_to_path_published_wkd(fpr),
@ -338,7 +338,7 @@ impl Filesystem {
|| format_err!("Broken symlink {:?}: No such Key {}",
path, primary_fp))?;
check(&path, &tpk, &primary_fp)?;
check(path, tpk, &primary_fp)?;
}
Ok(())
@ -394,7 +394,7 @@ impl Database for Filesystem {
.duration_since(SystemTime::UNIX_EPOCH)
.unwrap()
.as_secs();
let fingerprint_line = format!("{:010} {}\n", timestamp, fpr_primary.to_string());
let fingerprint_line = format!("{:010} {}\n", timestamp, fpr_primary);
self.open_logfile(filename)?
.write_all(fingerprint_line.as_bytes())?;
@ -452,7 +452,7 @@ impl Database for Filesystem {
fn check_link_fpr(&self, fpr: &Fingerprint, fpr_target: &Fingerprint) -> Result<Option<Fingerprint>> {
let link_keyid = self.link_by_keyid(&fpr.into());
let link_fpr = self.link_by_fingerprint(&fpr);
let link_fpr = self.link_by_fingerprint(fpr);
let path_published = self.fingerprint_to_path_published(fpr_target);
@ -460,7 +460,7 @@ impl Database for Filesystem {
if !link_fpr_target.ends_with(&path_published) {
info!("Fingerprint points to different key for {} (expected {:?} to be suffix of {:?})",
fpr, &path_published, &link_fpr_target);
Err(anyhow!(format!("Fingerprint collision for key {}", fpr)))?;
return Err(anyhow!(format!("Fingerprint collision for key {}", fpr)));
}
}
@ -468,7 +468,7 @@ impl Database for Filesystem {
if !link_keyid_target.ends_with(&path_published) {
info!("KeyID points to different key for {} (expected {:?} to be suffix of {:?})",
fpr, &path_published, &link_keyid_target);
Err(anyhow!(format!("KeyID collision for key {}", fpr)))?;
return Err(anyhow!(format!("KeyID collision for key {}", fpr)));
}
}
@ -569,13 +569,13 @@ impl Database for Filesystem {
// XXX: slow
fn by_email(&self, email: &Email) -> Option<String> {
let path = self.link_by_email(&email);
let path = self.link_by_email(email);
self.read_from_path(&path, false)
}
// XXX: slow
fn by_email_wkd(&self, email: &Email) -> Option<Vec<u8>> {
let path = self.link_wkd_by_email(&email);
let path = self.link_wkd_by_email(email);
self.read_from_path_bytes(&path, false)
}
@ -596,7 +596,7 @@ impl Database for Filesystem {
self.perform_checks(&self.keys_dir_published, &mut tpks,
|path, _, primary_fp| {
// The KeyID corresponding with this path.
let fp = Filesystem::path_to_fingerprint(&path)
let fp = Filesystem::path_to_fingerprint(path)
.ok_or_else(|| format_err!("Malformed path: {:?}", path))?;
if fp != *primary_fp {
@ -612,7 +612,7 @@ impl Database for Filesystem {
self.perform_checks(&self.keys_dir_published, &mut tpks,
|_, tpk, primary_fp| {
// check that certificate exists in published wkd path
let path_wkd = self.fingerprint_to_path_published_wkd(&primary_fp);
let path_wkd = self.fingerprint_to_path_published_wkd(primary_fp);
let should_wkd_exist = tpk.userids().next().is_some();
if should_wkd_exist && !path_wkd.exists() {
@ -639,7 +639,7 @@ impl Database for Filesystem {
.flatten();
for fpr in fingerprints {
if let Some(missing_fpr) = self.check_link_fpr(&fpr, &primary_fp)? {
if let Some(missing_fpr) = self.check_link_fpr(&fpr, primary_fp)? {
return Err(format_err!(
"Missing link to key {} for sub {}", primary_fp, missing_fpr));
}
@ -676,7 +676,7 @@ impl Database for Filesystem {
self.perform_checks(&self.links_dir_by_fingerprint, &mut tpks,
|path, tpk, _| {
// The KeyID corresponding with this path.
let id = Filesystem::path_to_keyid(&path)
let id = Filesystem::path_to_keyid(path)
.ok_or_else(|| format_err!("Malformed path: {:?}", path))?;
let found = tpk.keys()
@ -694,7 +694,7 @@ impl Database for Filesystem {
self.perform_checks(&self.links_dir_by_keyid, &mut tpks,
|path, tpk, _| {
// The KeyID corresponding with this path.
let id = Filesystem::path_to_keyid(&path)
let id = Filesystem::path_to_keyid(path)
.ok_or_else(|| format_err!("Malformed path: {:?}", path))?;
let found = tpk.keys()
@ -712,7 +712,7 @@ impl Database for Filesystem {
self.perform_checks(&self.links_dir_by_email, &mut tpks,
|path, tpk, _| {
// The Email corresponding with this path.
let email = Filesystem::path_to_email(&path)
let email = Filesystem::path_to_email(path)
.ok_or_else(|| format_err!("Malformed path: {:?}", path))?;
let mut found = false;
for uidb in tpk.userids() {

46
database/src/lib.rs
View File

@ -175,7 +175,7 @@ pub trait Database: Sync + Send {
let armored = match term {
ByFingerprint(ref fp) => self.by_fpr(fp),
ByKeyID(ref keyid) => self.by_kid(keyid),
ByEmail(ref email) => self.by_email(&email),
ByEmail(ref email) => self.by_email(email),
_ => None,
};
@ -293,7 +293,7 @@ pub trait Database: Sync + Send {
let fpr_checks = fingerprints
.iter()
.map(|fpr| self.check_link_fpr(&fpr, &fpr_primary))
.map(|fpr| self.check_link_fpr(fpr, &fpr_primary))
.collect::<Vec<_>>()
.into_iter()
.collect::<Result<Vec<_>>>();
@ -330,7 +330,7 @@ pub trait Database: Sync + Send {
}
for revoked_email in newly_revoked_emails {
if let Err(e) = self.unlink_email(&revoked_email, &fpr_primary) {
if let Err(e) = self.unlink_email(revoked_email, &fpr_primary) {
info!("Error ensuring symlink! {} {} {:?}",
&fpr_primary, &revoked_email, e);
}
@ -356,7 +356,7 @@ pub trait Database: Sync + Send {
}
fn get_tpk_status(&self, fpr_primary: &Fingerprint, known_addresses: &[Email]) -> Result<TpkStatus> {
let tpk_full = self.by_fpr_full(&fpr_primary)
let tpk_full = self.by_fpr_full(fpr_primary)
.ok_or_else(|| anyhow!("Key not in database!"))
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()))?;
@ -369,7 +369,7 @@ pub trait Database: Sync + Send {
.count();
let published_uids: Vec<UserID> = self
.by_fpr(&fpr_primary)
.by_fpr(fpr_primary)
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()).ok())
.map(|tpk| tpk.userids()
.map(|binding| binding.userid().clone())
@ -421,12 +421,12 @@ pub trait Database: Sync + Send {
self.nolock_unlink_email_if_other(fpr_primary, email_new)?;
let full_tpk = self.by_fpr_full(&fpr_primary)
let full_tpk = self.by_fpr_full(fpr_primary)
.ok_or_else(|| anyhow!("Key not in database!"))
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()))?;
let published_uids_old: Vec<UserID> = self
.by_fpr(&fpr_primary)
.by_fpr(fpr_primary)
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()).ok())
.map(|tpk| tpk.userids()
.map(|binding| binding.userid().clone())
@ -438,12 +438,12 @@ pub trait Database: Sync + Send {
.collect();
// println!("publishing: {:?}", &uid_new);
if published_emails_old.contains(&email_new) {
if published_emails_old.contains(email_new) {
// UserID already published - just stop
return Ok(());
}
let mut published_emails = published_emails_old.clone();
let mut published_emails = published_emails_old;
published_emails.push(email_new.clone());
let published_tpk_new = tpk_filter_alive_emails(&full_tpk, &published_emails);
@ -459,12 +459,12 @@ pub trait Database: Sync + Send {
let published_tpk_clean = tpk_clean(&published_tpk_new)?;
let published_tpk_tmp = self.write_to_temp(&tpk_to_string(&published_tpk_clean)?)?;
self.move_tmp_to_published(published_tpk_tmp, &fpr_primary)?;
self.move_tmp_to_published(published_tpk_tmp, fpr_primary)?;
self.regenerate_wkd(fpr_primary, &published_tpk_clean)?;
self.update_write_log(&fpr_primary);
self.update_write_log(fpr_primary);
if let Err(e) = self.link_email(&email_new, &fpr_primary) {
if let Err(e) = self.link_email(email_new, fpr_primary) {
info!("Error ensuring email symlink! {} -> {} {:?}",
&email_new, &fpr_primary, e);
}
@ -516,7 +516,7 @@ pub trait Database: Sync + Send {
fpr_primary: &Fingerprint,
email_remove: impl Fn(&UserID) -> bool,
) -> Result<()> {
let published_tpk_old = self.by_fpr(&fpr_primary)
let published_tpk_old = self.by_fpr(fpr_primary)
.ok_or_else(|| anyhow!("Key not in database!"))
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()))?;
@ -526,7 +526,7 @@ pub trait Database: Sync + Send {
.flatten()
.collect();
let published_tpk_new = published_tpk_old.clone().retain_userids(
let published_tpk_new = published_tpk_old.retain_userids(
|uid| email_remove(uid.userid()));
let published_emails_new: Vec<Email> = published_tpk_new
@ -542,13 +542,13 @@ pub trait Database: Sync + Send {
let published_tpk_clean = tpk_clean(&published_tpk_new)?;
let published_tpk_tmp = self.write_to_temp(&tpk_to_string(&published_tpk_clean)?)?;
self.move_tmp_to_published(published_tpk_tmp, &fpr_primary)?;
self.move_tmp_to_published(published_tpk_tmp, fpr_primary)?;
self.regenerate_wkd(fpr_primary, &published_tpk_clean)?;
self.update_write_log(&fpr_primary);
self.update_write_log(fpr_primary);
for unpublished_email in unpublished_emails {
if let Err(e) = self.unlink_email(&unpublished_email, &fpr_primary) {
if let Err(e) = self.unlink_email(unpublished_email, fpr_primary) {
info!("Error deleting email symlink! {} -> {} {:?}",
&unpublished_email, &fpr_primary, e);
}
@ -579,7 +579,7 @@ pub trait Database: Sync + Send {
&self,
fpr_primary: &Fingerprint,
) -> Result<RegenerateResult> {
let tpk = self.by_primary_fpr(&fpr_primary)
let tpk = self.by_primary_fpr(fpr_primary)
.and_then(|bytes| Cert::from_bytes(bytes.as_bytes()).ok())
.ok_or_else(|| anyhow!("Key not in database!"))?;
@ -595,7 +595,7 @@ pub trait Database: Sync + Send {
let fpr_checks = fingerprints
.into_iter()
.map(|fpr| self.check_link_fpr(&fpr, &fpr_primary))
.map(|fpr| self.check_link_fpr(&fpr, fpr_primary))
.collect::<Vec<_>>()
.into_iter()
.collect::<Result<Vec<_>>>()?;
@ -607,12 +607,12 @@ pub trait Database: Sync + Send {
for fpr in fpr_not_linked {
keys_linked += 1;
self.link_fpr(&fpr, &fpr_primary)?;
self.link_fpr(&fpr, fpr_primary)?;
}
for email in published_emails {
emails_linked += 1;
self.link_email(&email, &fpr_primary)?;
self.link_email(&email, fpr_primary)?;
}
if keys_linked != 0 || emails_linked != 0 {
@ -647,10 +647,10 @@ fn tpk_get_emails(cert: &Cert) -> Vec<Email> {
}
pub fn tpk_get_linkable_fprs(tpk: &Cert) -> Vec<Fingerprint> {
let ref signing_capable = KeyFlags::empty()
let signing_capable = &KeyFlags::empty()
.set_signing()
.set_certification();
let ref fpr_primary = Fingerprint::try_from(tpk.fingerprint()).unwrap();
let fpr_primary = &Fingerprint::try_from(tpk.fingerprint()).unwrap();
tpk
.keys()
.into_iter()

44
database/src/test.rs
View File

@ -39,13 +39,13 @@ use TpkStatus;
use EmailAddressStatus;
fn check_mail_none(db: &impl Database, email: &Email) {
assert!(db.by_email(&email).is_none());
assert!(db.by_email_wkd(&email).is_none());
assert!(db.by_email(email).is_none());
assert!(db.by_email_wkd(email).is_none());
}
fn check_mail_some(db: &impl Database, email: &Email) {
assert!(db.by_email(&email).is_some());
assert!(db.by_email_wkd(&email).is_some());
assert!(db.by_email(email).is_some());
assert!(db.by_email_wkd(email).is_some());
}
pub fn test_uid_verification(db: &mut impl Database, log_path: &Path) {
@ -184,7 +184,7 @@ pub fn test_uid_verification(db: &mut impl Database, log_path: &Path) {
// publish w/ one uid less
{
let short_tpk = cert_without_uid(tpk.clone(), &uid1);
let short_tpk = cert_without_uid(tpk, &uid1);
let tpk_status = db.merge(short_tpk).unwrap().into_tpk_status();
assert_eq!(TpkStatus {
@ -824,7 +824,7 @@ pub fn test_same_email_1(db: &mut impl Database, log_path: &Path) {
assert_eq!(get_userids(&db.by_email(&email1).unwrap()[..]),
vec![ uid1.clone() ]);
assert_eq!(get_userids(&db.by_email(&email2).unwrap()[..]),
vec![ uid1.clone() ]);
vec![ uid1 ]);
// verify tpk2
db.set_email_published(&fpr2, &tpk_status2.email_status[0].0).unwrap();
@ -853,7 +853,7 @@ pub fn test_same_email_1(db: &mut impl Database, log_path: &Path) {
.unwrap()
};
assert_eq!(sig.typ(), SignatureType::CertificationRevocation);
let tpk2 = tpk2.insert_packets(sig.clone()).unwrap();
let tpk2 = tpk2.insert_packets(sig).unwrap();
let tpk_status2 = db.merge(tpk2).unwrap().into_tpk_status();
check_log_entry(log_path, &fpr2);
assert_eq!(TpkStatus {
@ -939,7 +939,7 @@ pub fn test_same_email_2(db: &mut impl Database, log_path: &Path) {
// fetch by both user ids. We should still get both user ids.
assert_eq!(get_userids(&db.by_email(&email).unwrap()[..]),
vec![ uid1.clone() ]);
vec![ uid1 ]);
}
// If a key has multiple user ids with the same email address, make
@ -1017,7 +1017,7 @@ pub fn test_same_email_3(db: &mut impl Database, log_path: &Path) {
db.set_email_unpublished(&fpr, &email).unwrap();
db.set_email_published(&fpr, &email).unwrap();
assert_eq!(get_userids(&db.by_email(&email).unwrap()[..]),
vec![ uid2.clone() ]);
vec![ uid2 ]);
}
// If a key has a verified email address, make sure newly uploaded user
@ -1037,16 +1037,16 @@ pub fn test_same_email_4(db: &mut impl Database, log_path: &Path) {
let fpr = Fingerprint::try_from(tpk.fingerprint()).unwrap();
let cert_uid_1 = cert_without_uid(tpk.clone(), &uid2);
let cert_uid_2 = cert_without_uid(tpk.clone(), &uid1);
let cert_uid_2 = cert_without_uid(tpk, &uid1);
// upload key
let tpk_status = db.merge(cert_uid_1.clone()).unwrap().into_tpk_status();
let tpk_status = db.merge(cert_uid_1).unwrap().into_tpk_status();
check_log_entry(log_path, &fpr);
db.set_email_published(&fpr, &tpk_status.email_status[0].0).unwrap();
assert_eq!(get_userids(&db.by_email(&email).unwrap()[..]),
vec![ uid1.clone() ]);
let tpk_status = db.merge(cert_uid_2.clone()).unwrap().into_tpk_status();
let tpk_status = db.merge(cert_uid_2).unwrap().into_tpk_status();
check_log_entry(log_path, &fpr);
assert_eq!(TpkStatus {
is_revoked: false,
@ -1058,7 +1058,7 @@ pub fn test_same_email_4(db: &mut impl Database, log_path: &Path) {
// fetch by both user ids. We should still get both user ids.
assert_eq!(get_userids(&db.by_email(&email).unwrap()[..]),
vec![ uid1.clone(), uid2.clone() ]);
vec![ uid1, uid2 ]);
}
@ -1090,13 +1090,13 @@ pub fn test_bad_uids(db: &mut impl Database, log_path: &Path) {
db.set_email_published(&fpr, &email2).unwrap();
let tpk_status = db.get_tpk_status(&fpr, &vec!(email1.clone(),
email2.clone())).unwrap();
let tpk_status = db.get_tpk_status(&fpr, &[email1.clone(),
email2.clone()]).unwrap();
assert_eq!(TpkStatus {
is_revoked: false,
email_status: vec!(
(email1.clone(), EmailAddressStatus::NotPublished),
(email2.clone(), EmailAddressStatus::Published),
(email1, EmailAddressStatus::NotPublished),
(email2, EmailAddressStatus::Published),
),
unparsed_uids: 1,
}, tpk_status);
@ -1187,7 +1187,7 @@ pub fn attested_key_signatures(db: &mut impl Database, log_path: &Path)
// Add the attestation, merge into the db, check that the
// certification is now included.
let bob_attested = bob.clone().insert_packets(vec![
attestation.clone(),
attestation,
])?;
db.merge(bob_attested.clone())?;
check_log_entry(log_path, &bobs_fp);
@ -1218,7 +1218,7 @@ pub fn attested_key_signatures(db: &mut impl Database, log_path: &Path)
let clear_attestation = attestations[0].clone();
let bob = bob.insert_packets(vec![
clear_attestation.clone(),
clear_attestation,
])?;
assert_eq!(bob.userids().nth(0).unwrap().certifications().count(), 1);
assert_eq!(bob.with_policy(&POLICY, None)?
@ -1226,7 +1226,7 @@ pub fn attested_key_signatures(db: &mut impl Database, log_path: &Path)
assert_eq!(bob.with_policy(&POLICY, None)?
.userids().nth(0).unwrap().attested_certifications().count(), 0);
db.merge(bob.clone())?;
db.merge(bob)?;
check_log_entry(log_path, &bobs_fp);
let bob_ = Cert::from_bytes(&db.by_fpr(&bobs_fp).unwrap())?;
assert_eq!(bob_.bad_signatures().count(), 0);
@ -1244,7 +1244,7 @@ fn check_log_entry(log_path: &Path, fpr: &Fingerprint) {
let last_entry = log_data
.lines()
.last().unwrap()
.split(" ")
.split(' ')
.last().unwrap();
assert_eq!(last_entry, fpr.to_string());
@ -1280,7 +1280,7 @@ pub fn nonexportable_sigs(db: &mut impl Database, _log_path: &Path)
let email2 = Email::from_str(str_uid2).unwrap();
let fpr = Fingerprint::try_from(cert.fingerprint()).unwrap();
db.merge(cert.clone()).unwrap();
db.merge(cert).unwrap();
// email1 is exportable, expect success.
db.set_email_published(&fpr, &email1).unwrap();

2
database/src/types.rs
View File

@ -41,7 +41,7 @@ impl TryFrom<&UserID> for Email {
.map_err(|e| anyhow!("punycode conversion failed: {:?}", e))?;
// TODO this is a hotfix for a lettre vulnerability. remove once fixed upstream.
if localpart.starts_with("-") {
if localpart.starts_with('-') {
return Err(anyhow!("malformed email address: '{:?}'", uid.value()));
}

2
database/src/wkd.rs
View File

@ -17,7 +17,7 @@ fn split_address(email_address: impl AsRef<str>) -> Result<(String,String)> {
let email_address = email_address.as_ref();
let v: Vec<&str> = email_address.split('@').collect();
if v.len() != 2 {
Err(anyhow!("Malformed email address".to_owned()))?;
return Err(anyhow!("Malformed email address".to_owned()));
};
// Convert to lowercase without tailoring, i.e. without taking any

2
src/delete.rs
View File

@ -65,7 +65,7 @@ fn delete(db: &KeyDatabase, query: &Query, all_bindings: bool, mut all: bool)
_ => (),
}
let tpk = db.lookup(&query)?.ok_or_else(
let tpk = db.lookup(query)?.ok_or_else(
|| anyhow::format_err!("No TPK matching {:?}", query))?;
let fp: database::types::Fingerprint = tpk.fingerprint().try_into()?;

2
src/dump.rs
View File

@ -238,7 +238,7 @@ impl PacketDumper {
pub fn flush(&self, output: &mut dyn io::Write) -> Result<()> {
if let Some(root) = self.root.as_ref() {
self.dump_tree(output, "", &root)?;
self.dump_tree(output, "", root)?;
}
Ok(())
}

6
src/i18n.rs
View File

@ -93,14 +93,14 @@ impl HelperDef for I18NHelper {
{
RenderError::from_error("Failed to render", e)
}
let response = self.lookup(lang, &id);
let response = self.lookup(lang, id);
if rerender {
let data = rcx.evaluate(context, "this").unwrap();
let response = reg.render_template(&response, data.as_json())
let response = reg.render_template(response, data.as_json())
.map_err(render_error_with)?;
out.write(&response).map_err(render_error_with)?;
} else {
out.write(&response).map_err(render_error_with)?;
out.write(response).map_err(render_error_with)?;
}
Ok(())
}

6
src/mail.rs
View File

@ -102,7 +102,7 @@ impl Service {
counters::inc_mail_sent("verify", userid);
self.send(
&vec![userid],
&[userid],
&i18n!(
i18n.catalog,
context = "Subject for verification email, {0} = userid, {1} = keyserver domain",
@ -166,7 +166,7 @@ impl Service {
counters::inc_mail_sent("welcome", userid);
self.send(
&vec![userid],
&[userid],
&format!("Your key upload on {domain}", domain = self.domain),
"welcome",
"en",
@ -202,7 +202,7 @@ impl Service {
if cfg!(debug_assertions) {
for recipient in to.iter() {
println!("To: {}", recipient.to_string());
println!("To: {}", recipient);
}
println!("{}", &txt);
}

2
src/sealed_state.rs
View File

@ -6,7 +6,7 @@ use ring::digest;
// Keep these in sync, and keep the key len synced with the `private` docs as
// well as the `KEYS_INFO` const in secure::Key.
static ALGO: &'static Algorithm = &AES_256_GCM;
static ALGO: &Algorithm = &AES_256_GCM;
const NONCE_LEN: usize = 12;
pub struct SealedState {

2
src/tokens.rs
View File

@ -48,7 +48,7 @@ impl Service {
let elapsed = current_time() - token.creation;
if elapsed > self.validity {
Err(anyhow!("Token has expired!"))?;
return Err(anyhow!("Token has expired!"));
}
let payload: T = serde_json::from_str(&token.payload)

14
src/web/hkp.rs
View File

@ -75,7 +75,7 @@ impl<'r> FromRequest<'r> for Hkp {
(search.starts_with("0x") && search.len() < 16 || search.len() == 8);
if looks_like_short_key_id {
Outcome::Success(Hkp::ShortKeyID {
query: search.to_string(),
query: search,
index,
})
} else if let Ok(fpr) = maybe_fpr {
@ -141,9 +141,9 @@ pub async fn pks_add_form(
i18n: I18n,
data: Data<'_>,
) -> MyResponse {
match vks_web::process_post_form(&db, &tokens_stateless, &rate_limiter, &i18n, data).await {
match vks_web::process_post_form(db, tokens_stateless, rate_limiter, &i18n, data).await {
Ok(UploadResponse::Ok { is_new_key, key_fpr, primary_uid, token, status, .. }) => {
let msg = pks_add_ok(&origin, &mail_service, &rate_limiter, token, status, is_new_key, key_fpr, primary_uid);
let msg = pks_add_ok(&origin, mail_service, rate_limiter, token, status, is_new_key, key_fpr, primary_uid);
MyResponse::plain(msg)
}
Ok(_) => {
@ -170,16 +170,16 @@ fn pks_add_ok(
let primary_uid = primary_uid.unwrap();
if is_new_key {
if send_welcome_mail(&origin, &mail_service, key_fpr, &primary_uid, token) {
if send_welcome_mail(origin, mail_service, key_fpr, &primary_uid, token) {
rate_limiter.action_perform(format!("hkp-sent-{}", &primary_uid));
return format!("Upload successful. This is a new key, a welcome email has been sent.");
return "Upload successful. This is a new key, a welcome email has been sent.".to_string();
}
return format!("Upload successful. Please note that identity information will only be published after verification. See {baseuri}/about/usage#gnupg-upload", baseuri = origin.get_base_uri())
}
let has_unverified = status.iter().any(|(_, v)| *v == EmailStatus::Unpublished);
if !has_unverified {
return format!("Upload successful.");
return "Upload successful.".to_string();
}
return format!("Upload successful. Please note that identity information will only be published after verification. See {baseuri}/about/usage#gnupg-upload", baseuri = origin.get_base_uri())
@ -252,7 +252,7 @@ fn key_to_hkp_index(
let mut out = String::default();
let p = tpk.primary_key();
let ref policy = StandardPolicy::new();
let policy = &StandardPolicy::new();
let ctime = format!("{}", p.creation_time().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs());
let is_rev =

87
src/web/mod.rs
View File

@ -263,8 +263,8 @@ pub fn key_to_response_plain(
return MyResponse::not_found_plain(describe_query_error(&i18n, &query));
};
return match db.by_fpr(&fp) {
Some(armored) => MyResponse::key(armored, &fp.into()),
match db.by_fpr(&fp) {
Some(armored) => MyResponse::key(armored, &fp),
None => MyResponse::not_found_plain(describe_query_error(&i18n, &query)),
}
}
@ -339,7 +339,7 @@ fn errors(
}
pub fn serve() -> Result<rocket::Rocket<rocket::Build>> {
Ok(rocket_factory(rocket::build())?)
rocket_factory(rocket::build())
}
compile_i18n!();
@ -439,8 +439,8 @@ fn configure_prometheus(config: &Figment) -> Option<PrometheusMetrics> {
return None;
}
let prometheus = PrometheusMetrics::new();
counters::register_counters(&prometheus.registry());
return Some(prometheus);
counters::register_counters(prometheus.registry());
Some(prometheus)
}
fn configure_db_service(config: &Figment) -> Result<KeyDatabase> {
@ -458,7 +458,6 @@ fn configure_hagrid_state(config: &Figment) -> Result<HagridState> {
// State
let base_uri: String = config.extract_inner("base-URI")?;
let base_uri_onion = config.extract_inner::<String>("base-URI-Onion")
.map(|c| c.to_string())
.unwrap_or(base_uri.clone());
Ok(HagridState {
assets_dir,
@ -538,8 +537,8 @@ pub mod tests {
use super::*;
/// Fake base URI to use in tests.
const BASE_URI: &'static str = "http://local.connection";
const BASE_URI_ONION: &'static str = "http://local.connection.onion";
const BASE_URI: &str = "http://local.connection";
const BASE_URI_ONION: &str = "http://local.connection.onion";
pub fn build_cert(name: &str) -> Cert {
let (tpk, _) = CertBuilder::new()
@ -548,7 +547,7 @@ pub mod tests {
.add_userid(name)
.generate()
.unwrap();
return tpk;
tpk
}
/// Creates a configuration and empty state dir for testing purposes.
@ -951,11 +950,11 @@ pub mod tests {
/// Asserts that lookups by the given email 404.
pub fn check_null_responses_by_email(client: &Client, addr: &str) {
check_null_response(
&client, &format!("/vks/v1/by-email/{}", addr));
client, &format!("/vks/v1/by-email/{}", addr));
check_null_response(
&client, &format!("/pks/lookup?op=get&search={}", addr));
client, &format!("/pks/lookup?op=get&search={}", addr));
check_null_response(
&client, &format!("/pks/lookup?op=get&options=mr&search={}",
client, &format!("/pks/lookup?op=get&options=mr&search={}",
addr));
}
@ -963,25 +962,25 @@ pub mod tests {
pub fn check_responses_by_email(client: &Client, addr: &str, tpk: &Cert,
nr_uids: usize) {
check_mr_response(
&client,
client,
&format!("/vks/v1/by-email/{}", addr),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/vks/v1/by-email/{}", addr.replace("@", "%40")),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&options=mr&search={}", addr),
&tpk, nr_uids);
tpk, nr_uids);
check_hr_response(
&client,
client,
&format!("/search?q={}", addr),
&tpk, nr_uids);
tpk, nr_uids);
check_hr_response_onion(
&client,
client,
&format!("/search?q={}", addr),
&tpk, nr_uids);
tpk, nr_uids);
}
/// Asserts that the given URI returns a Cert matching the given
@ -1030,34 +1029,34 @@ pub mod tests {
let keyid = sequoia_openpgp::KeyID::from(tpk.fingerprint()).to_hex();
check_mr_response(
&client, &format!("/vks/v1/by-keyid/{}", keyid), &tpk, nr_uids);
client, &format!("/vks/v1/by-keyid/{}", keyid), tpk, nr_uids);
check_mr_response(
&client, &format!("/vks/v1/by-fingerprint/{}", fp), &tpk, nr_uids);
client, &format!("/vks/v1/by-fingerprint/{}", fp), tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&options=mr&search={}", fp),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&options=mr&search=0x{}", fp),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&options=mr&search={}", keyid),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&options=mr&search=0x{}", keyid),
&tpk, nr_uids);
tpk, nr_uids);
check_mr_response(
&client,
client,
&format!("/pks/lookup?op=get&search=0x{}", keyid),
&tpk, nr_uids);
tpk, nr_uids);
check_index_response(
&client,
client,
&format!("/pks/lookup?op=index&search={}", fp),
&tpk);
tpk);
}
/// Asserts that the given URI contains the search string.
@ -1120,21 +1119,21 @@ pub mod tests {
let keyid = sequoia_openpgp::KeyID::from(tpk.fingerprint()).to_hex();
check_hr_response(
&client,
client,
&format!("/search?q={}", fp),
&tpk, nr_uids);
tpk, nr_uids);
check_hr_response(
&client,
client,
&format!("/search?q=0x{}", fp),
&tpk, nr_uids);
tpk, nr_uids);
check_hr_response(
&client,
client,
&format!("/search?q={}", keyid),
&tpk, nr_uids);
tpk, nr_uids);
check_hr_response(
&client,
client,
&format!("/search?q=0x{}", keyid),
&tpk, nr_uids);
tpk, nr_uids);
}
fn check_verify_link(client: &Client, token: &str, address: &str, lang: &'static str) {

14
src/web/vks.rs
View File

@ -182,7 +182,7 @@ fn process_key_single(
.map(|(email,_)| email.clone())
.collect();
VerifyTpkState {
fpr: fp.clone(),
fpr: fp,
addresses: emails,
requested: vec!(),
}
@ -204,14 +204,14 @@ pub fn request_verify(
token: String,
addresses: Vec<String>,
) -> response::UploadResponse {
let (verify_state, tpk_status) = match check_tpk_state(&db, &token_stateless, i18n, &token) {
let (verify_state, tpk_status) = match check_tpk_state(db, token_stateless, i18n, &token) {
Ok(ok) => ok,
Err(e) => return UploadResponse::err(&e.to_string()),
};
if tpk_status.is_revoked {
return show_upload_verify(
&rate_limiter, token, tpk_status, verify_state, false);
rate_limiter, token, tpk_status, verify_state, false);
}
let emails_requested: Vec<_> = addresses.into_iter()
@ -227,13 +227,13 @@ pub fn request_verify(
for email in emails_requested {
let rate_limit_ok = rate_limiter.action_perform(format!("verify-{}", &email));
if rate_limit_ok {
if send_verify_email(origin, &mail_service, &token_stateful, i18n, &verify_state.fpr, &email).is_err() {
if send_verify_email(origin, mail_service, token_stateful, i18n, &verify_state.fpr, &email).is_err() {
return UploadResponse::err(&format!("error sending email to {}", &email));
}
}
}
show_upload_verify(&rate_limiter, token, tpk_status, verify_state, false)
show_upload_verify(rate_limiter, token, tpk_status, verify_state, false)
}
fn check_tpk_state(
@ -267,7 +267,7 @@ fn send_verify_email(
i18n,
origin.get_base_uri(),
fpr.to_string(),
&email,
email,
&token_verify,
)
}
@ -278,7 +278,7 @@ pub fn verify_confirm(
token_service: &rocket::State<StatefulTokens>,
token: String,
) -> response::PublishResponse {
let (fingerprint, email) = match check_publish_token(&db, &token_service, token) {
let (fingerprint, email) = match check_publish_token(db, token_service, token) {
Ok(x) => x,
Err(_) => return PublishResponse::err(
i18n!(i18n.catalog, "Invalid verification link.")),

2
src/web/vks_api.rs
View File

@ -86,7 +86,7 @@ pub fn upload_json(
let data = json_or_error(data)?;
use std::io::Cursor;
let data_reader = Cursor::new(data.keytext.as_bytes());
let result = vks::process_key(&db, &i18n, &tokens_stateless, &rate_limiter, data_reader);
let result = vks::process_key(db, &i18n, tokens_stateless, rate_limiter, data_reader);
upload_ok_json(result)
}

22
src/web/vks_web.rs
View File

@ -151,7 +151,7 @@ impl MyResponse {
*status == EmailStatus::Pending)
.map(|(email,status)|
template::UploadUidStatus {
address: email.to_string(),
address: email,
requested: status == EmailStatus::Pending,
})
.collect();
@ -179,7 +179,7 @@ impl MyResponse {
.map(|fpr| {
let key_link = uri!(search(q = &fpr)).to_string();
template::UploadOkKey {
key_fpr: fpr.to_owned(),
key_fpr: fpr,
key_link,
}
})
@ -224,7 +224,7 @@ pub async fn process_post_form_data(
cont_type: &ContentType,
data: Data<'_>,
) -> Result<UploadResponse> {
process_upload(&db, &tokens_stateless, &rate_limiter, &i18n, data, cont_type)
process_upload(db, tokens_stateless, rate_limiter, &i18n, data, cont_type)
.await
}
@ -285,10 +285,10 @@ pub async fn quick_upload(
MyResponse::upload_response_quick(
vks::process_key(
&db,
db,
&i18n,
&tokens_stateless,
&rate_limiter,
tokens_stateless,
rate_limiter,
Cursor::new(buf)
),
i18n, origin)
@ -321,7 +321,7 @@ pub async fn upload_post_form(
i18n: I18n,
data: Data<'_>,
) -> MyResponse {
match process_post_form(&db, &tokens_stateless, &rate_limiter, &i18n, data).await {
match process_post_form(db, tokens_stateless, rate_limiter, &i18n, data).await {
Ok(response) => MyResponse::upload_response(response,
i18n, origin),
Err(err) => MyResponse::bad_request("upload/upload", err,
@ -349,10 +349,10 @@ pub async fn process_post_form(
match name.to_string().as_str() {
"keytext" => {
return Ok(vks::process_key(
&db,
&i18n,
&tokens_stateless,
&rate_limiter,
db,
i18n,
tokens_stateless,
rate_limiter,
Cursor::new(decoded_value.as_bytes())
));
}