2.2

Features

• Fully stable SKS recon using aggressive normalisation (#198)
• Improved multithreading safety (#170)
• Deletion of personal data from hard-revoked keys (#250)
• Admin deletion of keys via signed submissions
• Detached revocation certificate support (#281)

Bugfixes

• Missing direct key signature validation (#199)
• Missing subkeys with v3 sbinds (#205)
• Missing CORS headers (#226)
• HTTPS binding errors (#295)
• Several cosmetic improvements (#257 #289 #291 ...)

Deprecations

• SKS-keyserver recon compatibility
• UAT image packets
• User deletion and replacement of keys via /pks/delete and /pks/replace endpoints

2.1.2

Bugs closed

#286 Block abusive scraping in haproxy

Other enhancements

#257 Display key version in index view
Bump snapcraft go version

2.1.1

Enhancements in 2.1.1

Sync improvements

• AIMD adaptive request size
• Retry limits
• LRU seen-cache
• Weighted peers
• Ability to disable sync
• Deduplication and length limits in responses

Front end Improvements

• Rate-limiting HAProxy
• JS and CSS optimisation
• Fingerprint search without leading 0x
• Support for http virtual hosts

Backend improvements

• Bulk insertion to DB
• Key search and deletion helper scripts
• Log privacy options
• Improved thread safety
• Data normalisation

Deployment improvements

• Automatic population of build version from git describe
• Simplification of docker-compose/standalone deployment
• Improved systemd script
• Support for non-letsencrypt ACME services
• Key deletion helper script
• Support go templating in configuration file
• Pin to go v1.18

Bugs closed

#95 - Dockerfile build failure
#100 - Missing signatures in UI
#129 - Bad handling of UIDs containing hyphens
#131 - Slow loading of keydumps
#140 - Incorrect display of expiry dates
#160 - Keyword search for bare email UIDs
#187 - Missing UIDs on keys created by openpgp-php
#192 - Missing UID/UAT revocations
#194 - Mac GPG Suite incompatibility
#196 - Inconsistent hashes in UI
#197 - Missing self-sigs on revoked UIDs
#200 - Missing stats history
#205 - Validation of v3 sbinds over v4 subkeys
#212 - Improved error messages
#226 - CORS headers
#260 - Missing content-disposition header

2.1.0

New features in 2.1.0

Full ECC support with ProtonMail's openpgp fork.

All ECC algorithms supported by GnuPG 2.x are now supported by Hockeypuck, courtesy of ProtonMail's improvements to the go.crypto/openpgp package.

Reduced memory footprint

Some conflux improvements to reduce memory footprint. Content blocking also makes a huge difference in memory consumption.

Content blocking options

Content length limits

Configurable limits on overall key and packet lengths. These are now the defaults:

[hockeypuck.openpgp]
maxKeyLength=1048576
maxPacketLength=8192

With these settings, it is possible to run Hockeypuck on an e2-small in Google Cloud (2GB ram, 2 vCPU). Most legitimate content falls below these limits, except a few vandalized keys. See "Authenticated Key Management" below for how to remove signature spam from your keys in 2.1.0 if you've been a target.

Blacklisting

A primary key fingerprint blacklist can be used to block specific keys. For example, these keys seem to have been created without any purpose but to waste keyserver resources:

[hockeypuck.openpgp]
blacklist=[
  "2790943722612cf8d9c2db9213de25eed1bb5151",
  "a490d0f4d311a4153e2bb7cadbb802b258acd84f",
  "5c738727ee58786a777c4f1db5aa3fa3486ed7ad",
  "33d51b5621953173ab74b521bdca9f8e3a6c1785",
]

This feature can also be a useful tool to deal with GDPR "right to be forgotten" type requests. The blacklist will prevent keys from getting re-submitted or re-synced back to the keyserver once they are deleted from the postgres database.

Authenticated Key Management

See HIP-1 for a detailed design spec and examples of usage. Basically, you can replace or delete the contents of your key on the keyserver with new endpoints, /pks/replace and /pks/delete. These endpoints require that you sign the uploaded key material in the request to prove you own the private key for it.

/pks/replace replaces the entire key contents on the keyserver with your copy, removing any missing signatures in the process. This allows someone with a vandalized key containing a large amount of spam to still push updates to their key. It is necessary if the key has been spammed to exceed the keyserver's maximum length limit.

/pks/delete allows deleting your own key contents from the keyserver.

Specialized keyserver queries

Some keyservers only need to support package signatures. For this use case, WoT and keyword search capabilities can be disabled completely, to only allow queries by fingerprint and self-signed content in results. This can further reduce operational overhead.

[hockeypuck.hkp.queries]
selfSignedOnly=true
keywordSearchDisabled=true

CPU and Memory profiling

Give hockeypuck a SIGUSR2 to cause it to dump profiles on top-k CPU calls and heap allocations. Files are written to:

/tmp/hockeypuck-cpu.prof
/tmp/hockeypuck-mem.prof

Bugs closed

#77, Log key sizes

#79, Blocking support

#67, GDPR & right to be forgotten

#62 and #64 fixed by using ProtonMail's openpgp implementation.

EOL

MongoDB support

I have no interest in maintaining the MongoDB backend, so it has been removed.

Travis CI

Replaced with Github Actions.

2.0.15

Release 2.0.15

Release 2.0.14

This is the first Hockeypuck release in quite a while. Changes since the last Github release:

hockeypuck (2.0.14) bionic; urgency=medium

• add option to disable keyword searches
• add option to send only valid self-signed packets in responses
• added example standalone docker-compose deployment

-- Casey Marshall casey.marshall@canonical.com Mon, 02 Sep 2019 16:42:39 -0500

hockeypuck (2.0.13) bionic; urgency=medium

• support for gnupg 2.x ECC keys
• misc test fixes

-- Casey Marshall casey.marshall@canonical.com Sun, 01 Sep 2019 14:08:26 -0500

hockeypuck (2.0.12) bionic; urgency=medium

• remove duplicate role from WithLabelValues in recordReconBusyPeer
• get/hget: write required trailing newline
• pghkp: use only "IF NOT EXISTS" schema statements

-- Paul Collins paul.collins@canonical.com Mon, 19 Aug 2019 16:16:47 +1200

hockeypuck (2.0.11) bionic; urgency=medium

• add prometheus metrics to hockeypuck
• switch to a separate metrics listener
• more and better logging for recon and recovery
• 30 second timeout for hashquery POST requests

-- Paul Collins paul.collins@canonical.com Wed, 07 Aug 2019 17:21:18 +1200

hockeypuck (2.0.10) bionic; urgency=medium

• capture and log the HTTP status code, and some other headers
• conflux: log remote address

-- Paul Collins paul.collins@canonical.com Tue, 06 Aug 2019 10:27:58 +1200

hockeypuck (2.0.9) bionic; urgency=medium

• set ID fields in overlooked KeyAdded and KeyReplaced values, fixing logging

-- Paul Collins paul.collins@canonical.com Fri, 02 Aug 2019 08:42:20 +1200

hockeypuck (2.0.8) bionic; urgency=medium

• use plainto_tsquery instead of preparing the query ourselves
• pg_config prints a hint on failure; report it
• include the public key ID when logging parse errors
• include the public key ID when reporting additions and changes

-- Paul Collins paul.collins@canonical.com Thu, 01 Aug 2019 09:22:34 +1200

hockeypuck (2.0.7) bionic; urgency=medium

• add systemd unit file, and install it
• include the prefix tree key in full-key hash format when logging
• match by subkey ID, and do not pass through non-existent full-length IDs

-- Paul Collins paul.collins@canonical.com Wed, 31 Jul 2019 08:50:15 +1200

hockeypuck (2.0.6) bionic; urgency=medium

• Handle keywords that exceed tsvector limits.

-- Joel Sing joel.sing@canonical.com Thu, 27 Jun 2019 02:03:29 +1000

hockeypuck (2.0.5) bionic; urgency=medium

[ Paul Collins ]

• pghkp: report duplicates when inserting
• insertKey: flag duplicate keys that have no subkeys

[ Joel Sing ]

• Add hockeypuck website content

-- Joel Sing joel.sing@canonical.com Fri, 07 Jun 2019 12:14:46 +0200

hockeypuck (2.0.4) bionic; urgency=medium

• Drop malformed packets when serving armoured key ring.
• Clean up stats code and fix locking.

-- Joel Sing joel.sing@canonical.com Thu, 23 May 2019 14:02:50 +1000

hockeypuck (2.0.3) bionic; urgency=medium

• Place postgresql related tests under integration flag

-- Joel Sing joel.sing@canonical.com Thu, 23 May 2019 03:16:55 +1000

hockeypuck (2.0.2) bionic; urgency=medium

• Keep GOCACHE inside the project

-- Joel Sing joel.sing@canonical.com Thu, 23 May 2019 02:19:44 +1000

hockeypuck (2.0.1) bionic; urgency=medium

• Correct build dependencies.
• Bump major to 2.x.

-- Joel Sing joel.sing@canonical.com Thu, 23 May 2019 01:48:11 +1000

hockeypuck (1.0.1) bionic; urgency=medium

[ Joel Sing ]

• Initial README and .gitignore
• Squash merge github.com/hockeypuck/packaging at 1be94a6a.
• Move scripts into a separate directory.
• Document hockeypuck subtrees.
• Merge commit 'e263fdf06008f8ab5aa1d116e09317b11e8dfe1c' as 'src/hockeypuck/conflux'
• Merge commit '547481fd09f6e2241b14e267a5deddece0227bc4' as 'src/hockeypuck/hkp'
• Merge commit 'bf43df5ac52c73e23fc3b2a09bb519aa76efa0e2' as 'src/hockeypuck/logrus'
• Merge commit '31c49c0f74e4d74ab406fed93406452d90f8e298' as 'src/hockeypuck/mgohkp'
• Merge commit '1f22021942c1f9685d3b9531a355f122dfb62102' as 'src/hockeypuck/openpgp'
• Merge commit '2b536c3de0809ad2e2326195dbf0e58a8224348b' as 'src/hockeypuck/pghkp'
• Merge commit 'c88932516c77bcf9528315dedb61f0acf842b63f' as 'src/hockeypuck/server'
• More hockeypuck subtrees
• Rewrite hockeypuck imports.
• Convert dependencies to go mod
• Fix incorrect logrus imports on vendored code.
• Vendor dependencies via 'go mod vendor'
• Provide initial Makefile
• gofmt
• Ensure hockeypuck server has no unexpected arguments
• Improve hockeypuck-load logging
• Merge commit 'eaa0c669027ace098ee2cc4f4fd2169e68c8e414' as 'src/hockeypuck/testing'
• Merge commit '29aca47cd0261b613faf221600c7d89f44c4e5de' as 'src/hockeypuck/pgtest'

[ Casey Marshall ]

• Fix row scan type for RenotifyAll.

[ Simon Law ]

• Match username or domain part of email addresses

[ Joel Sing ]

• Update vendored dependencies
• Add lint/test targets and fix various lint errors.
• Export jsonhkp.publicKey (as PublicKey)
• Fix locking related bug in Stats.ReadFile
• Fix various tests and a bug in Stats.ReadFile
• Handle each key in a separate database transaction
• Avoid incorrect use of sync.WaitGroup and improve skew
• Fix bad NewStats merge.
• Simplify packaging and release process

-- Joel Sing joel.sing@canonical.com Thu, 23 May 2019 01:11:20 +1000

2.0-rc2: New release

• Fixed PostgreSQL errors in hockeypuck-pbuild, discovered in hockeypuck/server#11.
• hockeypuck-pbuild updates stats (relative to ptree directory).
• Fix version string in package binaries (debs, cross-platform tarballs).

2.0-rc1: Release Candidate

Release candidate 1 for Hockeypuck 2.0.

Documentation at https://hockeypuck.github.io/.

1.0.1-rc1-dump: Dump utility for migrating to Hockeypuck 2.0

The hockeypuck1-dump utility can be used to export public key material from a Hockeypuck 1.x server so that it may be migrated to a Hockeypuck 2.0 server.

This tool is useful for upgrading Hockeypuck deployments used to distribute public keys on private networks -- where the keys were not distributed to the global pool.

For upgrading a public keyserver, it's probably better to populate a new installation of Hockeypuck 2.0 from the global pool dump files.

2.0-b4: New release

2.0-b4 improvements over b3:

• Added a keyfile dump utility
• New hosting options: hockeypuck.contact, hockeypuck.hostname
• Fixed an issue in the mgohkp.v1 package, which prevented pbuild from completing (invalid cursor errors).