Merge branch 'main' into simplify-openid-connect

NLnetLabs · Dec 5, 2024 · b56265d · b56265d
2 parents 4f23dc4 + 5fa686c
commit b56265d
Show file tree

Hide file tree

Showing 13 changed files with 36 additions and 19 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -256,6 +256,9 @@ depends = "$auto, passwd"
 [package.metadata.deb.variants.debian-bookworm]
 depends = "$auto, passwd, libssl3"
 
+[package.metadata.deb.variants.ubuntu-noble]
+depends = "$auto, passwd, libssl3"
+
 # Cross compilation variants:
 # Note: we have to specifiy dependencies manually because we don't run cargo-deb
 # on the target platform and so it cannot determine the dependencies correctly

diff --git a/Changelog.md b/Changelog.md
@@ -21,12 +21,22 @@ Bug Fixes
 * Fixed a potential infinite recursion in PKCS11 error handling. ([#1215])
 * Open ID connect: Re-initialize the connection after 60s to pick up
   configuration changes at the provider. ([#1226])
+* Fixed the naming of the trust anchor timing configuration. It was
+  expected to be `timing_config` for the config used by Krill and
+  `ta_timing` if used by the Krill TA signer. It is now `ta_timing` in
+  both cases while `timing_config` is accepted as an alias in both cases.
+  ([#1241])
 
 Other changes
 
+* Added packaging support for Ubuntu Noble; removed packaging support for
+  Ubuntu Xenial and Bionic, and Debian Stretch. ([#1239])
+
 [#1215]: https://github.com/NLnetLabs/krill/pull/1215
 [#1226]: https://github.com/NLnetLabs/krill/pull/1226
 [#1228]: https://github.com/NLnetLabs/krill/pull/1228
+[#1239]: https://github.com/NLnetLabs/krill/pull/1239
+[#1241]: https://github.com/NLnetLabs/krill/pull/1241
 
 
 ## 0.14.5 ‘Who dis? New Phone’

diff --git a/doc/manual/source/install-and-run.rst b/doc/manual/source/install-and-run.rst
@@ -113,6 +113,7 @@ public rsyncd and HTTPS web server available.
        To install a Routinator package, you need the 64-bit version of one of
        these Ubuntu versions:
 
+         - Ubuntu Noble 24.04 (LTS)
          - Ubuntu Jammy 22.04 (LTS)
          - Ubuntu Focal 20.04 (LTS)
 

diff --git a/pkg/common/krill-ubuntu-noble.krill.service b/pkg/common/krill-ubuntu-noble.krill.service
@@ -0,0 +1 @@
+krill-debian-bullseye.krill.service
diff --git a/pkg/rules/packages-to-build.yml b/pkg/rules/packages-to-build.yml
@@ -5,11 +5,9 @@ pkg:
   - "krillup"
   - "krillta"
 image:
-  - "ubuntu:xenial" # ubuntu/16.04
-  - "ubuntu:bionic" # ubuntu/18.04
   - "ubuntu:focal" # ubuntu/20.04
   - "ubuntu:jammy" # ubuntu/22.04
-  - "debian:stretch" # debian/9
+  - "ubuntu:noble" # ubuntu/24.04
   - "debian:buster" # debian/10
   - "debian:bullseye" # debian/11
   - "debian:bookworm" # debian/12

diff --git a/pkg/rules/packages-to-test.yml b/pkg/rules/packages-to-test.yml
@@ -5,11 +5,9 @@ pkg:
   - "krillup"
   - "krillta"
 image:
-  - "ubuntu:xenial" # ubuntu/16.04
-  - "ubuntu:bionic" # ubuntu/18.04
   - "ubuntu:focal" # ubuntu/20.04
   - "ubuntu:jammy" # ubuntu/22.04
-  - "debian:stretch" # debian/9
+  - "ubuntu:noble" # ubuntu/24.04
   - "debian:buster" # debian/10
   - "debian:bullseye" # debian/11
   - "debian:bookworm" # debian/12
@@ -70,14 +68,14 @@ include:
     image: "debian:buster"
     target: "aarch64-unknown-linux-gnu"
 
-# Exclude upgrade testing on Debian Bookworm as no prior released versions exist to upgrade from.
+# Exclude upgrade testing on Ubuntu Noble as no prior released versions exist to upgrade from.
 exclude:
   - pkg: "krill"
-    image: "debian:bookworm"
+    image: "ubuntu:noble"
     mode: "upgrade-from-published"
   - pkg: "krillta"
-    image: "debian:bookworm"
+    image: "ubuntu:noble"
     mode: "upgrade-from-published"
   - pkg: "krillup"
-    image: "debian:bookworm"
+    image: "ubuntu:noble"
     mode: "upgrade-from-published"
diff --git a/src/bin/krillup.rs b/src/bin/krillup.rs
@@ -114,6 +114,7 @@ fn main() {
 
 /// The command line options for the krillup command.
 #[derive(clap::Parser)]
+#[command(version)]
 pub struct Options {
     /// Path to the Krill config file
     #[arg(

diff --git a/src/cli/ta/signer.rs b/src/cli/ta/signer.rs
@@ -145,7 +145,7 @@ impl TrustAnchorSignerManager {
                     tal_rsync: info.tal_rsync,
                     private_key_pem: info.private_key_pem,
                     ta_mft_nr_override: info.ta_mft_nr_override,
-                    timing: self.config.timing_config,
+                    timing: self.config.ta_timing,
                     signer: self.signer.clone(),
                 },
                 &self.actor,
@@ -170,7 +170,7 @@ impl TrustAnchorSignerManager {
         let cmd = TrustAnchorSignerCommand::make_process_request_command(
             &self.ta_handle,
             signed_request,
-            self.config.timing_config,
+            self.config.ta_timing,
             ta_mft_number_override,
             self.signer.clone(),
             &self.actor,

diff --git a/src/commons/crypto/signing/dispatch/krillsigner.rs b/src/commons/crypto/signing/dispatch/krillsigner.rs
@@ -79,7 +79,6 @@ use crate::commons::crypto::{
 /// struct AND implement management of signers and dispatch to the correct
 /// signer all in one place, and that quickly becomes harder to read,
 /// understand and maintain.
-
 type SignerBuilderFn = fn(
     &SignerType,
     SignerFlags,

diff --git a/src/commons/crypto/signing/signers/pkcs11/signer.rs b/src/commons/crypto/signing/signers/pkcs11/signer.rs
@@ -1601,7 +1601,7 @@ where
 {
     struct UintOrString(PhantomData<fn() -> SlotIdOrLabel>);
 
-    impl<'de> Visitor<'de> for UintOrString {
+    impl Visitor<'_> for UintOrString {
         type Value = SlotIdOrLabel;
 
         fn expecting(

diff --git a/src/daemon/config.rs b/src/daemon/config.rs
@@ -447,7 +447,7 @@ pub enum OneOrMany<'a, T> {
     _LifeTimeMarker(std::marker::PhantomData<&'a u32>),
 }
 
-impl<'a, T> From<OneOrMany<'a, T>> for Vec<T> {
+impl<T> From<OneOrMany<'_, T>> for Vec<T> {
     fn from(one_or_many: OneOrMany<T>) -> Self {
         match one_or_many {
             OneOrMany::One(t) => vec![t],
@@ -637,7 +637,10 @@ pub struct Config {
 
     pub benchmark: Option<Benchmark>,
 
-    #[serde(default)]
+    #[serde(
+        default,
+        alias="timing_config"
+    )]
     pub ta_timing: TaTimingConfig,
 }
 

diff --git a/src/ta/config.rs b/src/ta/config.rs
@@ -130,8 +130,11 @@ pub struct Config {
     #[serde(default = "crate::daemon::config::ConfigDefaults::signers")]
     pub signers: Vec<SignerConfig>,
 
-    #[serde(default)]
-    pub timing_config: TaTimingConfig,
+    #[serde(
+        default,
+        alias="timing_config"
+    )]
+    pub ta_timing: TaTimingConfig,
 }
 
 impl Config {

diff --git a/tests/common/mod.rs b/tests/common/mod.rs
@@ -736,7 +736,7 @@ impl<'a> ExpectedObjects<'a> {
     }
 }
 
-impl<'a> std::iter::Extend<String> for ExpectedObjects<'a> {
+impl std::iter::Extend<String> for ExpectedObjects<'_> {
     fn extend<T: IntoIterator<Item = String>>(&mut self, iter: T) {
         self.files.extend(iter)
     }