Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

improve API (make it harder to use wrong) #130

Closed
hannesm opened this issue Jan 27, 2020 · 2 comments · Fixed by ocaml/opam-repository#15986
Closed

improve API (make it harder to use wrong) #130

hannesm opened this issue Jan 27, 2020 · 2 comments · Fixed by ocaml/opam-repository#15986

Comments

@hannesm
Copy link
Member

hannesm commented Jan 27, 2020
edited
Loading

as discussed with @emillon

  • remove Authenticator.null
  • make Authenticator.t abstract (and provide a constructor) <- more easily discover Authenticator.t uses
  • use time:(unit -> Ptime.t option) ((a) being explicit about time - (b) rename time to something more sensible - (c) also use a function to avoid the timestamp used at Authenticator creation time vs actual authentication)
  • use host:[`host] Domain_name.t option as well
@hannesm
Copy link
Member Author

hannesm commented Feb 2, 2020

  • provide a pp for Certifiacte.Host_set.t (maybe it should be X509.Host_set -- i.e. no Certificate, since it is as well used by Signing_request)

@hannesm hannesm changed the title imrpove API (make it harder to use wrong) improve API (make it harder to use wrong) Feb 26, 2020
@hannesm
Copy link
Member Author

hannesm commented Mar 11, 2020

see #131

@hannesm hannesm closed this as completed Mar 11, 2020
hannesm added a commit to hannesm/opam-repository that referenced this issue Mar 11, 2020
@hannesm
[new release] x509 (0.10.0)
fc974ae 
CHANGES:

* BREAKING mirleft/ocaml-x509#131 use mirage-crypto and mirage-crypto-pk instead of nocrypto
  raise lower OCaml bound to 4.07.0, test 4.10.0 in CI
* BREAKING mirleft/ocaml-x509#131 Certificate.Host_set is now Host.Set, and has pretty-printers
* BREAKING mirleft/ocaml-x509#131 Authenticator.null was removed (fixes mirleft/ocaml-x509#130, suggested by @emillon)
* BREAKING mirleft/ocaml-x509#131 Authenticator.t now requires (non-optional) ~host and ~time
  arguments which may return an option. This allows to more easily spot the
  cases where None is provided. Also, time is (unit -> Ptime.t option) instead
  of Ptime.t -- thus the timestamp at the time of certificate verification is
  used instead of the time of Authenticator construction. Similar changes in
  Validation for verify_chain, verify_chain_of_trust, trust_key_fingerprint,
  trust_cert_fingerprint.
  fixes mirleft/ocaml-x509#130, suggested by @emillon
@hannesm hannesm mentioned this issue Mar 11, 2020
Merged
@hannesm hannesm mentioned this issue Mar 31, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Release x509 0.10.0 hannesm/opam-repository
1 participant
@hannesm