aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add --usb-path option to select deviceRobin Krahl2021-01-10
| | | | | | | | | | | | | This patch adds the --usb-path option as an additional way to filter the Nitrokey device to connect to. While the serial number is a better identifier in theory, the Nitrokey Storage devices do not send their serial number in the USB device descriptor. Having the --usb-path options allows users to select one of multiple Nitrokey Storage devices. While we could directly call the nitrokey::Manager::connect_path function with the specified path, we integrate the --usb-path option into the existing find_device function for consistent error messages and to avoid having to duplicate the --model and --serial-number checks.
* Add test cases for new connection logicRobin Krahl2021-01-10
| | | | | | | | | | | | | This patch adds test cases for the new connection logic: - connect_multiple checks that nitrocli aborts if more than one Nitrokey device is connected and no filter is set. - connect_serial_number checks that we can use the --serial-number option to connect to all supported Nitrokey devices. - connect_wrong_serial_number checks that nitrocli aborts if it can’t find a device with the requested serial number. - connect_model checks that we can use the --model option to select the Nitrokey device to connect to, and that nitrocli aborts if it finds no matching device or multiple matching devices.
* Update structopt dependency to 0.3.17Daniel Mueller2020-08-25
| | | | | | | | | | This change updates the structopt crate to version 0.3.17. We need this version as it fixes a compilation error [0] when using the external_subcommand enum variant annotation provided by the crate. This functionality will be used in a follow up change that enables usage of user provided extensions. [0]: https://github.com/TeXitoi/structopt/issues/424
* Add --serial-number optionRobin Krahl2021-01-10
| | | | | | | | This patch adds the --serial-number option that allows the user to filter the attached Nitrokey devices by serial number. As the Nitrokey Storage does not include its serial number in the USB device descriptor and as we don't want to connect to it just to query the serial number, this option only works for Nitrokey Storage devices.
* Fail if multiple matching devices are attachedRobin Krahl2021-01-10
| | | | | | | | Previously, we just applied our filter (if any) to all attached Nitrokey devices and selected the first match when connection to a Nitrokey device. This may lead to unexpected behavior if multiple devices are attached. This patch changes the find_device function to return an error if multiple matching devices are found.
* Refactor connection handlingRobin Krahl2021-01-10
| | | | | | | | | | This patch introduces two new functions, find_device and connect, to connect to a Nitrokey device. find_device queries the attached Nitrokey devices, applies the filters (currently only the --model option) and returns the first match. connect calls find_device and connects to the returned device. This refactoring allows us to add more device filters, for example a --serial-number option, without code duplication.
* Introduce builder-inspired way for configuring Nitrocli instanceDaniel Mueller2020-08-24
| | | | | | | | In the future we would like to provide more ways for tests to create a Nitrocli instance. In order to prevent explosion of with_XXX methods for each possible combination of arguments, this change allows for an easier configuration of an existing object with builder-pattern-inspired modifier methods.
* Remove Nitrocli::model methodDaniel Mueller2020-09-05
| | | | | | | | While the Nitrocli::model() method was well intentioned, we do not actually need it because we create a Nitrocli instance from the model passed to the individual test. We can just reuse this model instead. With this patch we do exactly that, allowing us to get rid of Nitrocli::model() all together.
* Declare semver compatibility and public APIRobin Krahl2021-01-10
| | | | | | This patch adds a new section to the README that declares that we follow the Semantic Versioning specification and that the public API of our crate is defined by the man page.
* Adjust copyright & license specification to comply with REUSE 3.0Daniel Mueller2020-09-02
| | | | | | | | With this change we switch to using a REUSE compliant way of specifying the copyright & license of the program. To be fully in conformance we also add additional license specifications for the remaining files in the project. Lastly, a new CI pipeline rule takes care of verifying compliance on an ongoing basis.
* Adjust copyright string to refer to The Nitrocli DevelopersDaniel Mueller2020-09-01
| | | | | This change adjusts the copyright header in all files to no longer mention individuals but refer to The Nitrocli Developers in general.
* Add Context::from_env constructorRobin Krahl2021-01-10
| | | | | This patch adds the from_env constructor to Context to make the main function easier to read.
* Merge ExecCtx and RunCtx into ContextRobin Krahl2021-01-10
| | | | | | | Since we moved the model, no_cache and verbosity fields from ExecCtx into Config and added a Config field to both ExecCtx and RunCtx, RunCtx and ExecCtx are identical. Therefore this patch merges the ExecCtx and RunCtx structs into the new Context struct.
* Remove Stdio traitDaniel Mueller2020-09-03
| | | | | | | With the switch from argparse over to structopt a while back the need for the Stdio trait that we used for abstracting over the different contexts vanished. With this change we remove the trait and its various implementations.
* Update man pageRobin Krahl2021-01-10
| | | | | | | This patch updates the man page for the last changes: - new option --no-cache - changes to the environment variables - configuration files
* Add --no-cache option to bypass PIN cacheRobin Krahl2021-01-10
| | | | | | | | This patch adds a new --no-cache option that corresponds to the NITROCLI_NO_CACHE environment variable and the no_cache configuration. This makes the user interface more consistent as all configuration items are now backed by both an environment variable and a command-line option.
* Add config test case and example config fileRobin Krahl2021-01-10
| | | | | | | | This patch adds a simple configuration file that demonstrates the syntax and contains some documentation. We suggest to ship this file together with nitrocli and to install it e.g., in the /usr/share/doc/nitrocli directory. This patch also adds a simple test case that makes sure that the example file is parsed correctly.
* Use standard configuration file locationsRobin Krahl2021-01-10
| | | | | | | | | This patch uses the directories crate to query the appropriate path for the configuration files. For Linux, paths according to the XDG Base Directory Specification are used. Note that directories does not yet support the XDG_CONFIG_DIRS variable for system-wide configuration files. Therefore we only use a user configuration file.
* Use envy to parse environment variables for ConfigRobin Krahl2021-01-10
| | | | | | | | This patch uses the envy crate to parse the environment. A variable NITROCLI_KEY can be used to overwrite the configuration for *key*. This has the side effect that the NITROCLI_NO_CACHE variable is evaluated as a boolean variable (instead of only checking whether it is set). We also accept two new variables, NITROCLI_MODEL and NITROCLI_VERBOSITY.
* Implement configuration handlingRobin Krahl2021-01-10
| | | | | | | | | This patch implements basic configuration handling that reads a configuration file and stores the parsed data in the ExecCtx and RunCtx structs. It supports three configuration items: - model (previously only --model) - no_cache (previously only NITROCLI_NO_CACHE) - verbosity (previously only --verbose)
* Bump version to 0.3.4v0.3.4Daniel Mueller2020-09-05
| | | | | | | | | | | | This change bumps the version of the crate to 0.3.4. The following notable changes have been made since 0.3.3: - Changed default OTP format from hex to base32 - Improved error reporting format and fidelity - Added anyhow dependency in version 1.0.32 - Updated minimum required Rust version to 1.42.0 - Bumped nitrokey dependency to 0.7.1 - Bumped proc-macro2 dependency to 1.0.19 - Bumped syn dependency to 1.0.36
* Remove warning for missing_copy_implementations lintDaniel Mueller2020-09-01
| | | | | | | The missing_copy_implementations lint is arguably not super useful in an application crate, where no third party is consuming the type definitions. As such, this change removes it from the list of lints causing warnings.
* Update syn and proc-macro2 dependenciesRobin Krahl2020-09-05
| | | | | This change updates the syn dependency we consume to 1.0.36 and proc-macro2 to 1.0.19.
* Remove application global Result definitionDaniel Mueller2020-08-31
| | | | | | | In the past we were using an application global custom Result type definition. This makes less sense now that we switched over to using anyhow's Error and Result types. We kept that for the time being, but with this change we remove the type and use anyhow::Result instead.
* Remove no longer used error moduleDaniel Mueller2020-08-31
| | | | | | This change removes the error module. This module, and the Error type it homes, are no longer used by the application, as everything has been transitioned over to using anyhow's Error type.
* Remove no longer necessary msg parameter from try_with_* functionsDaniel Mueller2020-08-29
| | | | | | | | | With the move to using anyhow's Error type and adding contextual information at the point where we bubble up errors, we no longer require the 'msg' argument that is passed to the try_with_pin_* and authenticate functions. To that end, this change removes this parameter, concluding the switch to using anyhow.
* Use anyhow for error handlingDaniel Mueller2020-08-28
| | | | | | | | | | | This patch changes our error handling approach from the ground up: instead of having a globally used Error enum that contains variants for all possible errors, we now use anyhow's Error type. This approach is more dynamic (and not statically typed), but it allows for more fine grained error messages and overall more user-friendly error reporting. Overall it also is a net simplification. While we have one dynamic cast now, in order to be able to handle erroneous password/PIN entries correctly, that is considered a reasonable compromise.
* Update nitrokey dependency to 0.7.1Daniel Mueller2020-07-17
| | | | | | | | | This change updates the nitrokey dependency we consume to 0.7.1. With this version the crate's Error type got reworked slightly, allowing it to implement Sync and Send. It furthermore no longer duplicates information available through the source() method in its Display implementation. Both these changes will enable us to switch over to using the anyhow crate for error handling in nitrocli in the future.
* Update nitrokey-test dependency to 0.4.0Daniel Mueller2020-07-15
| | | | This change updates the nitrokey-test development dependency to 0.4.0.
* Update minimum required Rust version to 1.42.0Daniel Mueller2020-07-10
| | | | | | This change updates the minimum required version of Rust to 1.42.0. We will need this version in order to make use of the most recent version of nitrokey-test.
* Refrain from using Error::Error variant in pinentry testsDaniel Mueller2020-07-09
| | | | | | | | The pinentry tests currently expect the Error::Error variant to be reported for failures. This patch adjusts the tests to merely compare strings and ignore the exact type of error. Doing so will make it easier to switch to using anyhow for error handling.
* Remove UnwrapError test traitDaniel Mueller2020-07-09
| | | | | | This change wraps up the removal of the UnwrapError test trait. This step prepares us for the subsequent removal of the application's global Error enum type, in favor of the usage of anyhow's Error type.
* Remove unwrap_lib_err method from UnwrapError test traitDaniel Mueller2020-07-09
| | | | | This change marks the next step in getting rid of the UnwrapError test trait. Specifically, it removes its unwrap_lib_err method.
* Remove unwrap_str_err method from UnwrapError test traitDaniel Mueller2020-07-08
| | | | | | | | | | With upcoming changes we intend to move towards a model where we do not distinguish the individual error variants the program deals with in a global enum. In preparation of such a change, this patch marks a first step in removing the UnwrapError test trait, which relies on the existence of exactly such typed errors. In particular, we remove the unwrap_str_err method from it, basically falling back to just working with strings.
* Change default OTP format to base32Daniel Mueller2020-07-07
| | | | | | | | | | | An arguably unrepresentative survey of services (GitHub, Google Authenticator, and Bitbucket) seems to suggests that the base32 format is the de-facto standard format for OTP secrets. Given that it's not necessarily obvious what format a secret is in and that most services refrain from mentioning it explicitly, having the correct default format is fairly important. With this change we switch the default format from hexadecimal to base32 to accommodate for this finding.
* Fix binary-sizes.py scriptDaniel Mueller2020-07-26
| | | | | | | A while back we removed the nitrocli/ directory in the repository root. Unfortunately, we missed that the binary-sizes.py script relied on the previous directory structure. This change adjusts the script to work with the new structure.
* Correctly use doc comments in macrosDaniel Mueller2020-07-03
| | | | | | | | | | | | | | | | Our custom macros for conveniently creating types with additional meta information for working with structopt do not actually use the doc comments we have in place -- these comments are solely for in-source documentation. We are an application and as such crates.io will not automatically generate documentation. All of that does not deter rustc from complaining that doc comments are unused. In the past we tried to fudge that by adding a special allowance, #[allow(unused_doc_comments)], but that seems to have seized to work. With this change we finally give in and move the doc comment into the macro itself, where it will be used to annotate the generated type. This step should hopefully silence rustc once and for all -- at the expense of a slight decrease in readability.
* Bump version to 0.3.3v0.3.3Daniel Mueller2020-04-19
| | | | | | | | | | | This change bumps the version of the crate to 0.3.3. The following notable changes have been made since 0.3.2: - Added bash completion support via shell-complete utility program - Updated minimum required Rust version to 1.40.0 - Converted Cargo.lock to new lock file format - Bumped libc dependency to 0.2.69 - Bumped structopt dependency to 0.3.13 - Bumped various transitive dependencies to most recent versions
* Convert Cargo.lock to new lock file formatDaniel Mueller2020-04-16
| | | | | | | | | Since version 1.38.0 of Rust, Cargo has built in support for a new lock file format that aims at reducing merge conflicts of unrelated changes. Given that we require an even more recent version of Rust, it seems safe to switch over to this new format (which by now is the default for new projects anyway). This patch changes the format of Cargo.lock accordingly.
* Update transitive nitrokey dependenciesDaniel Mueller2020-04-15
| | | | | This change updates transitive dependencies of the nitrokey crate to their most recent versions.
* Update regex dependency to 1.3.7Daniel Mueller2020-04-14
| | | | | This change updates the regex crate to version 1.3.7. Transitive dependencies are updated as well.
* Update structopt dependency to 0.3.13Daniel Mueller2020-04-13
| | | | | This change updates the structopt crate to version 0.3.13. Transitive dependencies are updated as well.
* Update libc dependency to 0.2.69Daniel Mueller2020-04-12
| | | | This change updates the libc crate to version 0.2.69.
* Rename arg_defs.rs to args.rsDaniel Mueller2020-04-11
| | | | | | We have never been fully satisfied with the name arg_defs. Now that we have gotten rid of the formerly used args module, this change renames arg_defs to args.
* Merge remaining bits of args.rs into main.rsDaniel Mueller2020-04-11
| | | | | | This change removes the args module by moving all remaining functionality in it into main.rs. The result is arguably a nice consolidation of all context related definitions in a single module.
* Merge config_set function into commands.rsDaniel Mueller2020-04-11
| | | | | | As a next step moving us closer towards removing the args module, this change merges the config_set function into the existing function of the same name in the commands module.
* Merge otp_set function into commands.rsDaniel Mueller2020-04-10
| | | | | | | | | Now that we have isolated and separated out structopt specific definitions into a new module, arg_defs, args.rs is actually so small that we do not want to keep it around any longer. This change marks a first step moving us closer towards removing it. Specifically, it merges the otp_set function from args.rs into the function of the same name in commands.rs.
* Update minimum required Rust version to 1.40.0Daniel Mueller2020-04-05
| | | | | | This change updates the minimum required version of Rust to 1.40.0. Among other changes, this version stabilized std::mem::take, which is something we will use with subsequent changes.
* Add test for bash completion functionalityDaniel Mueller2020-04-05
| | | | | | | | | This change adds a test for the previously introduced bash completion functionality. To test the generated completion script, we spin up a bash instance, source the script, and then perform a completion as the shell would do it. It seems impossible to convince compgen to do the heavy lifting for us and so we invoke the completion function with the expected environment variables present.
* Add support for generating a bash completion scriptDaniel Mueller2020-04-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds support for generating a bash completion script. If sourced, the shell will provide tab completions for the program's arguments. There are two possible approaches provided by clap for going about generating shell completion functionality: either at build time, by separately generating the clap parsers out-of-band, or at run time, as an option to the main program itself. We are generally not too much in favor of a run time approach, as it means less inspectability at installation time and more overhead in the form of code crammed into the main binary. Hence, with this change we take the "build time" approach. Clap recommends hooking the generation up in build.rs, but this seems like an inflexible choice. For one, that is because it would mean unconditionally generating this file or using some user-unfriendly environment variable based approach for making the process conditional. But there is also the fact that specifying the command for which to generate the script should likely be configurable. That is a limitation of the completion script that clap generates (see https://github.com/clap-rs/clap/issues/1764). In our version we provide a utility program that emits the completion script to standard output, accepting regular command line options itself. In doing so we allow for installation time generation of the completion script or installation of the utility itself, the output of which could be sourced on demand -- depending on the user's preference.