Merge branch 'main' into zombie-two

Author: zeripath

cmd/web_letsencrypt.go

@@ -54,6 +54,7 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 	}
 
 	tlsConfig := magic.TLSConfig()
+	tlsConfig.NextProtos = append(tlsConfig.NextProtos, "h2")
 
 	if enableHTTPChallenge {
 		go func() {

integrations/api_gpg_keys_test.go

@@ -29,10 +29,10 @@ func TestGPGKeys(t *testing.T) {
 		results     []int
 	}{
 		{name: "NoLogin", makeRequest: MakeRequest, token: "",
-			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
+			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
 		},
 		{name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,
-			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusCreated}},
+			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusNotFound, http.StatusCreated}},
 	}
 
 	for _, tc := range tt {
@@ -60,7 +60,7 @@ func TestGPGKeys(t *testing.T) {
 			t.Run("CreateValidGPGKey", func(t *testing.T) {
 				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])
 			})
-			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
+			t.Run("CreateValidSecondaryEmailGPGKeyNotActivated", func(t *testing.T) {
 				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])
 			})
 		})
@@ -74,6 +74,7 @@ func TestGPGKeys(t *testing.T) {
 		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) //GET all keys
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &keys)
+		assert.Len(t, keys, 1)
 
 		primaryKey1 := keys[0] //Primary key 1
 		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
@@ -85,12 +86,6 @@ func TestGPGKeys(t *testing.T) {
 		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
 		assert.Empty(t, subKey.Emails)
 
-		primaryKey2 := keys[1] //Primary key 2
-		assert.EqualValues(t, "3CEF46EF40BEFC3E", primaryKey2.KeyID)
-		assert.Len(t, primaryKey2.Emails, 1)
-		assert.EqualValues(t, "[email protected]", primaryKey2.Emails[0].Email)
-		assert.False(t, primaryKey2.Emails[0].Verified)
-
 		var key api.GPGKey
 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) //Primary key 1
 		resp = session.MakeRequest(t, req, http.StatusOK)
@@ -105,15 +100,6 @@ func TestGPGKeys(t *testing.T) {
 		DecodeJSON(t, resp, &key)
 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
 		assert.Empty(t, key.Emails)
-
-		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)+"?token="+token) //Primary key 2
-		resp = session.MakeRequest(t, req, http.StatusOK)
-		DecodeJSON(t, resp, &key)
-		assert.EqualValues(t, "3CEF46EF40BEFC3E", key.KeyID)
-		assert.Len(t, key.Emails, 1)
-		assert.EqualValues(t, "[email protected]", key.Emails[0].Email)
-		assert.False(t, key.Emails[0].Verified)
-
 	})
 
 	//Check state after basic add

models/error.go

@@ -451,6 +451,7 @@ func (err ErrKeyNameAlreadyUsed) Error() string {
 // ErrGPGNoEmailFound represents a "ErrGPGNoEmailFound" kind of error.
 type ErrGPGNoEmailFound struct {
 	FailedEmails []string
+	ID           string
 }
 
 // IsErrGPGNoEmailFound checks if an error is a ErrGPGNoEmailFound.
@@ -463,6 +464,22 @@ func (err ErrGPGNoEmailFound) Error() string {
 	return fmt.Sprintf("none of the emails attached to the GPG key could be found: %v", err.FailedEmails)
 }
 
+// ErrGPGInvalidTokenSignature represents a "ErrGPGInvalidTokenSignature" kind of error.
+type ErrGPGInvalidTokenSignature struct {
+	Wrapped error
+	ID      string
+}
+
+// IsErrGPGInvalidTokenSignature checks if an error is a ErrGPGInvalidTokenSignature.
+func IsErrGPGInvalidTokenSignature(err error) bool {
+	_, ok := err.(ErrGPGInvalidTokenSignature)
+	return ok
+}
+
+func (err ErrGPGInvalidTokenSignature) Error() string {
+	return "the provided signature does not sign the token with the provided key"
+}
+
 // ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error.
 type ErrGPGKeyParsing struct {
 	ParseError error