Merge pull request #18 from hannesm/ci

CI fixes, x509 0.13.0
mirage · Apr 22, 2021 · f26a42a · f26a42a
2 parents 9d1350b + e67947e
commit f26a42a
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 18 deletions.
diff --git a/.ocamlformat b/.ocamlformat
@@ -1,2 +1,2 @@
-version = 0.15.0
+version = 0.18.0
 profile=conventional
diff --git a/ca-certs.opam b/ca-certs.opam
@@ -23,13 +23,13 @@ depends: [
   "ptime"
   "logs"
   "mirage-crypto"
-  "x509" {>= "0.11.0"}
-  "ocaml" {>= "4.07.0"}
+  "x509" {>= "0.13.0"}
+  "ocaml" {>= "4.08.0"}
   "alcotest" {with-test}
 ]
 dev-repo: "git+https://github.com/mirage/ca-certs.git"
 build: [
-  ["dune" "subst"] {pinned}
+  ["dune" "subst"] {dev}
   [
     "dune"
     "build"

diff --git a/ca-certs.opam.template b/ca-certs.opam.template
@@ -1,5 +1,5 @@
 build: [
-  ["dune" "subst"] {pinned}
+  ["dune" "subst"] {dev}
   [
     "dune"
     "build"

diff --git a/dune-project b/dune-project
@@ -12,8 +12,8 @@
  (name ca-certs)
  (depends
   astring bos fpath rresult ptime logs mirage-crypto
-  (x509 (>= 0.11.0))
-  (ocaml (>= 4.07.0))
+  (x509 (>= 0.13.0))
+  (ocaml (>= 4.08.0))
   (alcotest :with-test))
  (synopsis "Detect root CA certificates from the operating system")
  (description

diff --git a/lib/ca_certs.ml b/lib/ca_certs.ml
@@ -16,18 +16,18 @@ let detect_one path =
   | _ ->
       Error
         (`Msg
-          ( "ca-certs: no trust anchor file found, looked into " ^ path ^ ".\n"
-          ^ issue ))
+          ("ca-certs: no trust anchor file found, looked into " ^ path ^ ".\n"
+         ^ issue))
 
 let detect_list paths =
   let rec one = function
     | [] ->
         Error
           (`Msg
-            ( "ca-certs: no trust anchor file found, looked into "
-            ^ String.concat ", " paths ^ ".\n" ^ issue ))
+            ("ca-certs: no trust anchor file found, looked into "
+           ^ String.concat ", " paths ^ ".\n" ^ issue))
     | path :: paths -> (
-        match detect_one path with Ok data -> Ok data | Error _ -> one paths )
+        match detect_one path with Ok data -> Ok data | Error _ -> one paths)
   in
   one paths
 
@@ -95,7 +95,7 @@ let trust_anchors () =
         Bos.OS.Cmd.(run_out cmd |> out_string |> success)
     | s -> Error (`Msg ("ca-certs: unknown system " ^ s ^ ".\n" ^ issue))
 
-let authenticator ?crls ?hash_whitelist () =
+let authenticator ?crls ?allowed_hashes () =
   let open Rresult.R.Infix in
   trust_anchors () >>= fun data ->
   let time () = Some (Ptime_clock.now ()) in
@@ -119,4 +119,4 @@ let authenticator ?crls ?hash_whitelist () =
   let cas = List.rev cas in
   match cas with
   | [] -> Error (`Msg ("ca-certs: empty trust anchors.\n" ^ issue))
-  | _ -> Ok (X509.Authenticator.chain_of_trust ?crls ?hash_whitelist ~time cas)
+  | _ -> Ok (X509.Authenticator.chain_of_trust ?crls ?allowed_hashes ~time cas)
diff --git a/lib/ca_certs.mli b/lib/ca_certs.mli
@@ -1,13 +1,13 @@
 val authenticator :
   ?crls:X509.CRL.t list ->
-  ?hash_whitelist:Mirage_crypto.Hash.hash list ->
+  ?allowed_hashes:Mirage_crypto.Hash.hash list ->
   unit ->
   (X509.Authenticator.t, [> `Msg of string ]) result
-(** [authenticator ~crls ~hash_whitelist ()] detects the root CAs (trust
+(** [authenticator ~crls ~allowed_hashes ()] detects the root CAs (trust
     anchors) in the operating system's trust store using {!trust_anchors}. It
     constructs an authenticator with the current timestamp {!Ptime_clock.now},
-    and the provided [~crls] and [~hash_whitelist] arguments, to be used for
-    {!Tls.Config.client}.
+    and the provided [~crls] and [~allowed_hashes] arguments. The resulting
+    authenticator can be used for {!Tls.Config.client}.
     Returns [Error `Msg msg] if detection did not succeed. *)
 
 val trust_anchors : unit -> (string, [> `Msg of string ]) result