public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
* [rpms/rust-siguldry] f44: Update to v0.7.0
@ 2026-06-01 18:42 Jeremy Cline
0 siblings, 0 replies; only message in thread
From: Jeremy Cline @ 2026-06-01 18:42 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/rust-siguldry
Branch : f44
Commit : d59776d0d573ccddfe377a678369ed5c7b82d78b
Author : Jeremy Cline <jeremycline@microsoft.com>
Date : 2026-05-20T07:25:54-04:00
Stats : +4/-256 in 5 file(s)
URL : https://src.fedoraproject.org/rpms/rust-siguldry/c/d59776d0d573ccddfe377a678369ed5c7b82d78b?branch=f44
Log:
Update to v0.7.0
---
diff --git a/.gitignore b/.gitignore
index cfe735d..3f4f39f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@
/siguldry-0.4.1.crate
/siguldry-0.5.0.crate
/siguldry-0.6.0.crate
+/siguldry-0.7.0.crate
diff --git a/158.patch b/158.patch
deleted file mode 100644
index 95fdf81..0000000
--- a/158.patch
+++ /dev/null
@@ -1,253 +0,0 @@
-From 14818104a91d8a7bb3d454bcf58bd2815c738743 Mon Sep 17 00:00:00 2001
-From: Jeremy Cline <jeremycline@linux.microsoft.com>
-Date: Mon, 16 Mar 2026 14:53:29 -0400
-Subject: [PATCH] siguldry: add example config files
-
-It's helpful to see examples even if the CLI will also emit the
-defaults. This includes tests to ensure they remain up-to-date (at least
-in terms of being valid configs).
-
-Signed-off-by: Jeremy Cline <jeremycline@linux.microsoft.com>
----
- bridge.toml.example | 20 ++++++++++
- client.toml.example | 43 ++++++++++++++++++++
- server.toml.example | 74 +++++++++++++++++++++++++++++++++++
- src/bridge.rs | 19 +++++++--
- src/client/config.rs | 13 ++++++
- src/server/config.rs | 13 ++++++
- 6 files changed, 179 insertions(+), 3 deletions(-)
- create mode 100644 bridge.toml.example
- create mode 100644 client.toml.example
- create mode 100644 server.toml.example
-
-diff --git a/bridge.toml.example b/bridge.toml.example
-new file mode 100644
-index 00000000..8211eb6a
---- /dev/null
-+++ b/bridge.toml.example
-@@ -0,0 +1,20 @@
-+# This is an example bridge configuration.
-+
-+# The socket address to listen on for incoming connections from Siguldry servers.
-+#
-+# The default is to listen on all interfaces on port 44333.
-+server_listening_address = "[::]:44333"
-+
-+# The socket address to listen on for incoming connections from Siguldry clients.
-+#
-+# The default is to listen on all interfaces on port 44334.
-+client_listening_address = "[::]:44334"
-+
-+# The TLS credentials for the server and client listeners.
-+#
-+# Both clients and servers connect to the above addresses and perform mutual TLS.
-+# Note that the certificate must have `serverAuth` in its extended key usage extension.
-+[credentials]
-+private_key = "siguldry.bridge.private_key.pem"
-+certificate = "siguldry.bridge.certificate.pem"
-+ca_certificate = "siguldry.ca_certificate.pem"
-diff --git a/client.toml.example b/client.toml.example
-new file mode 100644
-index 00000000..01866cba
---- /dev/null
-+++ b/client.toml.example
-@@ -0,0 +1,43 @@
-+# An example client configuration
-+
-+# The Siguldry server hostname. This is used to validate the server's TLS certificate.
-+#
-+# However, since the client connects through the bridge, no DNS resolution is performed.
-+# This name just needs to match what is in the server's certificate.
-+server_hostname = "server.example.com"
-+
-+# The Siguldry bridge hostname. This is used to validate the bridge's TLS certificate.
-+bridge_hostname = "bridge.example.com"
-+
-+# The port on the Siguldry bridge to connect to; the default is 44334.
-+bridge_port = 44334
-+
-+# A list of keys to unlock for the client.
-+#
-+# This can be set for users of the client who can't (or don't want to) call unlock or safely
-+# store a password. One example would be the PKCS#11 module used inside a build environment.
-+#
-+# An example entry:
-+#
-+# [[keys]]
-+# key_name = "signing-key"
-+# # Store this encrypted in /etc/credstore.encrypted/
-+# passphrase_path = "siguldry.signing_key.passphrase"
-+keys = []
-+
-+# The amount of time to wait before giving up on a request and retrying.
-+#
-+# This covers both sending requests and receiving responses. In other words, the client
-+# will retry the request on a new connection if it cannot write the request to the socket
-+# within `request_timeout`, *and* it will retry if it fails to read a response to that
-+# request from the socket within `request_timeout`.
-+[request_timeout]
-+secs = 30
-+nanos = 0
-+
-+# The credentials to use when authenticating to the Siguldry bridge and server. Note that
-+# the certificate must have the `clientAuth` extended key usage extension.
-+[credentials]
-+private_key = "siguldry.client.private_key.pem"
-+certificate = "siguldry.client.certificate.pem"
-+ca_certificate = "siguldry.ca_certificate.pem"
-diff --git a/server.toml.example b/server.toml.example
-new file mode 100644
-index 00000000..a3a6018d
---- /dev/null
-+++ b/server.toml.example
-@@ -0,0 +1,74 @@
-+# An example server configuration
-+
-+# The location where the server should store its state.
-+#
-+# To back up the service, back up this directory.
-+state_directory = "/var/lib/siguldry/"
-+
-+# The hostname of the Sigul bridge; this is used to verify the bridge's
-+# TLS certificate.
-+bridge_hostname = "bridge.example.com"
-+
-+# The port to use when connecting to the Siguldry bridge
-+bridge_port = 44333
-+
-+# The number of ready connections to maintain with the bridge. This decreases the latency of
-+# responses when multiple client connections are established, at the expense of some idle
-+# connections. Be aware that the bridge has its own limits on the allowable number of idle
-+# server connections. If you use multiple servers with a single bridge, be sure that the
-+# bridge allows enough idle connections to cover each server's pool size. The default is 32.
-+connection_pool_size = 32
-+
-+# The minimum length for user's access password, in *bytes*. For example, the multi-byte
-+# UTF-8 character "🪿" counts as 4 bytes.
-+user_password_length = 32
-+
-+# The user ID to use when creating OpenPGP keys.
-+#
-+# This is typically an email like "Signing Key <signing@example.com>".
-+openpgp_user_id = "Test Signing <sign@example.com>"
-+
-+# The set of certificates to encrypt passwords with.
-+#
-+# At least one entry should include a PKCS#11 URI for a private key. Signing keys are encrypted
-+# using each certificate, so providing more than one binding means *any* of the private keys
-+# associated with the certificates will allow you to access the signing key, assuming you have
-+# the user-set password for the key as well.
-+#
-+# When binding is used, the admin needs to unlock the token by entering the PIN using
-+# "siguldry-server enter-pin".
-+#
-+# If no bindings are configured, the keys are protected using only the user-provided
-+# password.
-+#
-+# An example binding entry:
-+#
-+# [[pkcs11_bindings]]
-+# certificate = "/path/to/cert.pem"
-+# private_key = "pkcs11:token=some-token;type=private"
-+#
-+# [[pkcs11_bindings]]
-+# certificate = "/path/to/a/second/cert.pem"
-+pkcs11_bindings = []
-+
-+# The credentials to use when connecting to the bridge and when accepting client connections
-+# tunneled through the bridge. Note that the certificate must have both `clientAuth` and
-+# `serverAuth` in its extended key usage extension.
-+#
-+# It is expected that you store the private key in /etc/credstore.encrypted/ and the certificates
-+# in /etc/credstore/ (no encryption necessary).
-+[credentials]
-+private_key = "siguldry.server.private_key.pem"
-+certificate = "siguldry.server.certificate.pem"
-+ca_certificate = "siguldry.ca_certificate.pem"
-+
-+# Certificates created by Siguldry allow the user to specify the subject's common name.
-+#
-+# The rest of the certificate's subject is specified here.
-+[certificate_subject]
-+country = "US"
-+state_or_province = "Massachusetts"
-+locality = "Cambridge"
-+organization = "An Example Organization"
-+organizational_unit = "Example Department of the Organization"
-+
-diff --git a/src/bridge.rs b/src/bridge.rs
-index 56931176..d2f54623 100644
---- a/src/bridge.rs
-+++ b/src/bridge.rs
-@@ -47,9 +47,9 @@ impl Default for Config {
- client_listening_address: SocketAddr::from_str("[::]:44334")
- .expect("the default should be valid"),
- credentials: Credentials {
-- private_key: "sigul.bridge.private_key.pem".into(),
-- certificate: "sigul.bridge.certificate.pem".into(),
-- ca_certificate: "sigul.ca_certificate.pem".into(),
-+ private_key: "siguldry.bridge.private_key.pem".into(),
-+ certificate: "siguldry.bridge.certificate.pem".into(),
-+ ca_certificate: "siguldry.ca_certificate.pem".into(),
- },
- }
- }
-@@ -331,3 +331,16 @@ async fn bridge(
-
- Ok(())
- }
-+
-+#[cfg(test)]
-+mod tests {
-+ #[test]
-+ fn load_example_config() -> anyhow::Result<()> {
-+ let example_conf_path =
-+ std::path::PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("bridge.toml.example");
-+ let example_conf = std::fs::read_to_string(&example_conf_path)?;
-+ toml::de::from_str::<super::Config>(&example_conf)?;
-+
-+ Ok(())
-+ }
-+}
-diff --git a/src/client/config.rs b/src/client/config.rs
-index ce87630c..d79bd3ab 100644
---- a/src/client/config.rs
-+++ b/src/client/config.rs
-@@ -146,3 +146,16 @@ impl Key {
- .map(|p| String::from_utf8(p.to_vec()).expect("The password deserialized to a string"))
- }
- }
-+
-+#[cfg(test)]
-+mod tests {
-+ #[test]
-+ fn load_example_config() -> anyhow::Result<()> {
-+ let example_conf_path =
-+ std::path::PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("client.toml.example");
-+ let example_conf = std::fs::read_to_string(&example_conf_path)?;
-+ toml::de::from_str::<super::Config>(&example_conf)?;
-+
-+ Ok(())
-+ }
-+}
-diff --git a/src/server/config.rs b/src/server/config.rs
-index 519de60e..23bb3780 100644
---- a/src/server/config.rs
-+++ b/src/server/config.rs
-@@ -181,3 +181,16 @@ fn default_socket_path() -> PathBuf {
- fn default_state_directory() -> PathBuf {
- PathBuf::from("/var/lib/siguldry/")
- }
-+
-+#[cfg(test)]
-+mod tests {
-+ #[test]
-+ fn load_example_config() -> anyhow::Result<()> {
-+ let example_conf_path =
-+ std::path::PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("server.toml.example");
-+ let example_conf = std::fs::read_to_string(&example_conf_path)?;
-+ toml::de::from_str::<super::Config>(&example_conf)?;
-+
-+ Ok(())
-+ }
-+}
diff --git a/rust-siguldry.spec b/rust-siguldry.spec
index 1dd01f1..50af805 100644
--- a/rust-siguldry.spec
+++ b/rust-siguldry.spec
@@ -4,7 +4,7 @@
%global crate siguldry
Name: rust-siguldry
-Version: 0.6.0
+Version: 0.7.0
Release: %autorelease
Summary: Implementation of the Sigul protocol
diff --git a/siguldry-fix-metadata.diff b/siguldry-fix-metadata.diff
index a3ae75f..84f86ca 100644
--- a/siguldry-fix-metadata.diff
+++ b/siguldry-fix-metadata.diff
@@ -4,7 +4,7 @@
version = "1"
[dependencies.asn1]
--version = "0.23"
+-version = "0.24"
+version = ">=0.22, <0.25"
[dependencies.bytes]
diff --git a/sources b/sources
index b4704c0..fba685d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (siguldry-0.6.0.crate) = d38f0b9bb9b41eed5cebd99fec66776028654bf29c67f72e96965a5f87a46aeaa6e81c8b4f853d7cf867391210d2ea425c2f7b629b48c62427796c2487f72414
+SHA512 (siguldry-0.7.0.crate) = bb0b0b8f5d89e9b3397993a1caeab55a876960e4b443051dd2c0d479eb370cd09623c39a76db962f44554c8074872ce675f9d907f15fc6552e04241b80a25b5b
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-01 18:42 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-01 18:42 [rpms/rust-siguldry] f44: Update to v0.7.0 Jeremy Cline
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox