- Feb 10, 2025
-
-
-
David Runge authored
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
David Runge authored
Due to the linter check not running in merge request pipelines, this has not been caught in 2cfc9d2e. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jan 28, 2025
-
-
Levente Polyak authored
Previously we opened a temporary file handle and have used this handle in multiple stages during creating a revocation certification, which has worked so far. Since latest sequoia, the passed file does not seem to be truncated but unlinked before being written to, which means our cached file handle is not valid anymore and subsequent truncation and write operations will point into the void instead of the inode currently used for the specific path. This lead to the actual certificate containing the revocation to never be written to the expected path, which means the keyring tooling has never picked up this packet. Stop relying on this behavior and instead just write to a handle once and create a new file for any further stages where we need to write a certificate to the filesystem. Signed-off-by:
Levente Polyak <anthraxx@archlinux.org>
-
Sq once more shuffled its interface around by removing the previously introduced toolbox subcommand again. We now add `--home none` and `--cert-store none` for all sq calls to ensure to hopefully not use a stateful interface. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jan 23, 2025
-
-
Levente Polyak authored
-
David Runge authored
Allow downloading all certificates of a UserID, so that users are able to get to old ones and those used in parallel as well. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jan 22, 2025
-
- Dec 04, 2024
-
-
Leonidas Spyropoulos authored
Signed-off-by:
Leonidas Spyropoulos <artafinde@archlinux.org>
-
- Dec 03, 2024
-
-
David Runge authored
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
Signed-off-by:
Johannes Löthberg <johannes@kyriasis.com>
-
-
- Nov 29, 2024
-
-
fixes #275
-
Wiktor Kwapisiewicz authored
This UID is present on the mumble server and when the sync services tries to refresh Kyle's certificate using archlinux.org WKD it fails. Add the missing User ID which will then be exported via WKD. Reported-by: Christian Heusel Signed-off-by:
Wiktor Kwapisiewicz <wiktor@metacode.biz>
-
Closes #276
-
- Nov 11, 2024
-
-
David Runge authored
In 1b5d2bdd the invocation for packet dump has changed, but the expected system call for the test had not. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Nov 01, 2024
-
-
David Runge authored
Add various fixes, as - the output format of `sq toolbox packet split` changed (again) - the CLI of `sq toolbox packet split` changed (again) - the useless warning message on stderr now covers two lines and interferes with parsing of `sq toolbox packet dump` output - the global option `--force` was renamed to `--overwrite` - the `sq key generate` subcommand introduced a mandatory `--rev-cert` option - the `pki certify` subcommand was moved to `pki vouch certify` and introduced mandatory options for our use-case (`--certifier-file`, `--cert-file`, `--userid`) Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Oct 23, 2024
-
-
Add `build` target to .PHONY targets so that it is actually run when only calling `make wkd`. Fixes: #258 Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
As sequoia-sq >= 0.38 breaks our use-case of exporting a keyring to a WKD directory structure, we switch to the simpler `wkd-exporter`. In addition to all `archlinux.org` User IDs, we now also export all `master-key.archlinux.org` User IDs. The `wkd-exporter` tool omits the creation of the `.well-known` directory, as the dedicated `openpgp` directory in it is the relevant bit. Therefore we adjust (the use of) `WKD_BUILD_DIR` accordingly. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
When calling `sq key generate` also pass in `--without-password`, as otherwise an interactive prompt is spawned. The default has changed in 0.38.0. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Oct 15, 2024
-
- Oct 12, 2024
-
-
Johannes Löthberg authored
Signed-off-by:
Johannes Löthberg <johannes@kyriasis.com>
-
- Oct 02, 2024
-
-
Leonidas Spyropoulos authored
Signed-off-by:
Leonidas Spyropoulos <artafinde@archlinux.org>
-
- Oct 01, 2024
-
-
David Runge authored
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
Peter Jung authored
Signed-off-by:
Peter Jung <admin@ptr1337.dev>
-
- Sep 18, 2024
-
-
Daniel M. Capella authored
-
- Aug 23, 2024
-
-
Leonidas Spyropoulos authored
Signed-off-by:
Leonidas Spyropoulos <artafinde@archlinux.org>
-
- Aug 17, 2024
-
-
Leonidas Spyropoulos authored
Signed-off-by:
Leonidas Spyropoulos <artafinde@archlinux.org>
-
- Aug 14, 2024
-
-
David Runge authored
Add revocation certification for the bluewind@archlinux.org User ID on bluewind's packager key. Related to #268 Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Aug 13, 2024
-
-
David Runge authored
As something has again been changed in some sq subcommand, we need to adapt library and tests. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jul 17, 2024
-
-
David Runge authored
As bluewind is leaving the project, he can no longer craft releases for the archlinux-keyring. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
David Runge authored
Just assign everything to the main-key-holders group. There is not much sense in being more specific and currently the file does not seem to do anything. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
David Runge authored
It is easier to modify text and review changes to singular lines and not deal with (changing) line breaks in prose documents, than it is to deal with them. Text editors are able to do linewraps and as such long lines should not be a problem. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
David Runge authored
Not adding full links to the text but to the bottom is easier to read and review. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jul 15, 2024
-
-
David Runge authored
Raise the minimum group size of main signing keys from three to four. If only three main signing keys are left, each of them becomes a liability. If four or more main signing keys are left, this becomes less problematic. Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
David Runge authored
As bluewind resigned as main signing key holder, they should not be used in the GitLab issue templates anymore, see: #269 Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
- Jul 09, 2024
-
-
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-
Signed-off-by:
Leonidas Spyropoulos <artafinde@archlinux.org>
-
David Runge authored
Signed-off-by:
David Runge <dvzrv@archlinux.org>
-