chore: bump version to 0.2.4

Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>
fix: add ca_chain and crl_pem to EnrollmentStatusResponse
2026-06-06 00:04:08 -05:00 · 2026-06-05 23:57:23 -05:00 · 2026-06-05 23:05:41 -05:00 · 2026-06-05 22:52:59 -05:00 · 2026-06-05 21:23:55 -05:00 · 2026-06-05 21:08:00 -05:00
8 changed files with 21 additions and 17 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -2043,7 +2043,7 @@ checksum = "f8ca58f447f06ed17d5fc4043ce1b10dd205e060fb3ce5b979b8ed8e59ff3f79"
 [[package]]
 name = "migrate-secrets"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "hex",
@ -2548,7 +2548,7 @@ dependencies = [
 [[package]]
 name = "pm-agent-client"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "chrono",
@ -2565,7 +2565,7 @@ dependencies = [
 [[package]]
 name = "pm-auth"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "argon2",
@ -2593,7 +2593,7 @@ dependencies = [
 [[package]]
 name = "pm-ca"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "chrono",
@ -2617,7 +2617,7 @@ dependencies = [
 [[package]]
 name = "pm-core"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "aes-gcm",
 "anyhow",
@ -2641,7 +2641,7 @@ dependencies = [
 [[package]]
 name = "pm-reports"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "chrono",
@ -2661,7 +2661,7 @@ dependencies = [
 [[package]]
 name = "pm-web"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "axum",
@ -2702,7 +2702,7 @@ dependencies = [
 [[package]]
 name = "pm-worker"
-version = "0.1.9"
+version = "0.2.3"
 dependencies = [
 "anyhow",
 "chrono",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -12,7 +12,7 @@ members = [
 ]
 [workspace.package]
-version = "0.2.0"
+version = "0.2.4"
 edition = "2021"
 authors = ["Echo <echo@moon-dragon.us>"]
 license = "MIT"
--- a/crates/pm-auth/src/session.rs
+++ b/crates/pm-auth/src/session.rs
@ -120,7 +120,7 @@ pub async fn login(
    let user: Option<DbUser> = sqlx::query_as(
        r#"
        SELECT id, username, display_name, role, auth_provider,
-               password_hash, totp_secret, mfa_enabled, is_active, force_password_reset,
+               password_hash, totp_secret_encrypted, totp_secret_nonce, mfa_enabled, is_active, force_password_reset,
               failed_login_attempts, locked_until
        FROM users
        WHERE username = $1 AND auth_provider = 'local'
@ -278,7 +278,7 @@ pub async fn refresh_session(
    let user: DbUser = sqlx::query_as(
        r#"
        SELECT id, username, display_name, role, auth_provider,
-               password_hash, totp_secret, mfa_enabled, is_active, force_password_reset,
+               password_hash, totp_secret_encrypted, totp_secret_nonce, mfa_enabled, is_active, force_password_reset,
               failed_login_attempts, locked_until
        FROM users WHERE id = $1
        "#,
--- a/crates/pm-ca/src/ca.rs
+++ b/crates/pm-ca/src/ca.rs
@ -553,7 +553,7 @@ impl CertAuthority {
             FROM certificates \
             WHERE status = 'revoked'::cert_status \
               AND revoked_at IS NOT NULL \
-               AND not_after > NOW() \
+               AND expires_at > NOW() \
             ORDER BY revoked_at ASC",
        )
        .fetch_all(db)
--- a/crates/pm-core/src/models.rs
+++ b/crates/pm-core/src/models.rs
@ -178,8 +178,10 @@ pub enum EnrollmentStatusResponse {
    Pending,
    Approved {
        ca_crt: String,
        ca_chain: String,
        server_crt: String,
        server_key: String,
        crl_pem: String,
    },
    Denied,
    NotFound,
--- a/crates/pm-web/src/routes/auth.rs
+++ b/crates/pm-web/src/routes/auth.rs
@ -435,7 +435,7 @@ async fn disable_mfa(
        ));
    }
-    sqlx::query("UPDATE users SET totp_secret = NULL, mfa_enabled = FALSE WHERE id = $1")
+    sqlx::query("UPDATE users SET totp_secret_encrypted = NULL, totp_secret_nonce = NULL, mfa_enabled = FALSE WHERE id = $1")
        .bind(auth_user.user_id)
        .execute(&state.db)
        .await
--- a/crates/pm-web/src/routes/enrollment.rs
+++ b/crates/pm-web/src/routes/enrollment.rs
@ -111,8 +111,10 @@ async fn enroll_status(
        }
        return Ok(Json(EnrollmentStatusResponse::Approved {
            ca_crt: entry.pki.ca_crt.clone(),
            ca_chain: entry.pki.ca_chain.clone(),
            server_crt: entry.pki.server_crt.clone(),
            server_key: entry.pki.server_key.clone(),
            crl_pem: entry.pki.crl_pem.clone(),
        }));
    }
@ -186,7 +188,7 @@ async fn approve_enrollment(
    // Check for FQDN/IP collision in hosts table
    if let Some(existing_host) = sqlx::query_as::<_, Host>(
-        "SELECT id, fqdn, ip_address::text, display_name, os_family, os_name, arch, agent_version, health_status, last_health_at, last_patch_at, agent_port, notes, registered_at, updated_at FROM hosts WHERE fqdn = $1 OR ip_address = $2::inet"
+        "SELECT id, fqdn, ip_address::text, display_name, os_family, os_name, arch, agent_version, health_status, last_health_at, last_patch_at, agent_port, notes, registered_at, updated_at, crl_status, crl_age_seconds, crl_next_update FROM hosts WHERE fqdn = $1 OR ip_address = $2::inet"
    )
    .bind(&enrollment_request.fqdn)
    .bind(enrollment_request.ip_address.to_string())
--- a/crates/pm-web/src/routes/hosts.rs
+++ b/crates/pm-web/src/routes/hosts.rs
@ -132,7 +132,7 @@ async fn list_hosts(
                     THEN 'some_unhealthy'
                   ELSE 'all_healthy'
                 END AS health_check_status,
-                   h.registered_at
+                   h.registered_at,
                   h.crl_status
            FROM hosts h
            LEFT JOIN host_patch_data hpd ON hpd.host_id = h.id
@ -166,7 +166,7 @@ async fn list_hosts(
                     THEN 'some_unhealthy'
                   ELSE 'all_healthy'
                 END AS health_check_status,
-                   h.registered_at
+                   h.registered_at,
                   h.crl_status
            FROM hosts h
            LEFT JOIN host_patch_data hpd ON hpd.host_id = h.id
@ -434,7 +434,7 @@ async fn update_host(
            SELECT id, fqdn, host(ip_address)::text AS ip_address, display_name,
                   os_family, os_name, arch, agent_version, health_status,
                   last_health_at, last_patch_at, agent_port, notes,
-                   registered_at, updated_at
+                   registered_at, updated_at, crl_status, crl_age_seconds, crl_next_update
            FROM hosts WHERE id = (SELECT id FROM updated)
        ) h
        "#,
Author	SHA1	Message	Date
Draco-Lunaris-Echo	dd6961265d	chore: bump version to 0.2.4 All checks were successful CI Pipeline / Rust Format Check (push) Successful in 3s CI Pipeline / Clippy Lints (push) Successful in 51s CI Pipeline / Rust Unit Tests (push) Successful in 1m10s CI Pipeline / Frontend Lint & Type Check (push) Successful in 19s CI Pipeline / Build .deb & Release (push) Successful in 3m41s CI Pipeline / Security Audit (push) Successful in 5s Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-06 00:04:08 -05:00
Draco-Lunaris-Echo	40ba483d35	fix: add ca_chain and crl_pem to EnrollmentStatusResponse Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 23:57:23 -05:00
Draco-Lunaris-Echo	192ebbd47f	chore: bump version to 0.2.3 All checks were successful CI Pipeline / Rust Format Check (push) Successful in 3s CI Pipeline / Clippy Lints (push) Successful in 52s CI Pipeline / Rust Unit Tests (push) Successful in 1m10s CI Pipeline / Security Audit (push) Successful in 9s CI Pipeline / Frontend Lint & Type Check (push) Successful in 14s CI Pipeline / Build .deb & Release (push) Successful in 3m44s Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 23:05:41 -05:00
Draco-Lunaris-Echo	050439ee14	fix: add missing CRL columns to Host SQL queries and fix comma syntax Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 22:52:59 -05:00
Draco-Lunaris-Echo	0b12ded1cf	chore: bump version to 0.2.2 All checks were successful CI Pipeline / Rust Format Check (push) Successful in 5s CI Pipeline / Clippy Lints (push) Successful in 52s CI Pipeline / Rust Unit Tests (push) Successful in 1m9s CI Pipeline / Security Audit (push) Successful in 5s CI Pipeline / Frontend Lint & Type Check (push) Successful in 16s CI Pipeline / Build .deb & Release (push) Successful in 3m41s Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 21:23:55 -05:00
Draco-Lunaris-Echo	0296cf9c51	fix(auth): update SQL queries to use totp_secret_encrypted instead of dropped totp_secret column Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 21:08:00 -05:00
Draco-Lunaris-Echo	604b31b937	chore: bump version to 0.2.1 All checks were successful CI Pipeline / Rust Format Check (push) Successful in 4s CI Pipeline / Clippy Lints (push) Successful in 52s CI Pipeline / Rust Unit Tests (push) Successful in 1m11s CI Pipeline / Security Audit (push) Successful in 5s CI Pipeline / Frontend Lint & Type Check (push) Successful in 17s CI Pipeline / Build .deb & Release (push) Successful in 3m43s Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 19:41:24 -05:00
Draco-Lunaris-Echo	89e572faf8	fix(ca): correct not_after column name to expires_at in CRL query All checks were successful CI Pipeline / Rust Format Check (push) Successful in 7s CI Pipeline / Clippy Lints (push) Successful in 50s CI Pipeline / Rust Unit Tests (push) Successful in 1m9s CI Pipeline / Security Audit (push) Successful in 5s CI Pipeline / Frontend Lint & Type Check (push) Successful in 15s CI Pipeline / Build .deb & Release (push) Has been skipped The generate_crl() SQL query referenced a non-existent column "not_after" instead of the actual column "expires_at" in the certificates table. This caused a 500 error when requesting the CRL endpoint because PostgreSQL could not find the column. Fixes: CRL endpoint returns 500 Internal Server Error Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 19:27:32 -05:00
Draco-Lunaris-Echo	78f5304214	chore: bump version to 0.2.0 All checks were successful CI Pipeline / Rust Format Check (push) Successful in 4s CI Pipeline / Clippy Lints (push) Successful in 55s CI Pipeline / Rust Unit Tests (push) Successful in 1m12s CI Pipeline / Security Audit (push) Successful in 6s CI Pipeline / Frontend Lint & Type Check (push) Successful in 18s CI Pipeline / Build .deb & Release (push) Has been skipped Co-authored-by: Draco Lunaris <331325+Draco-Lunaris@users.noreply.github.com>	2026-06-05 17:41:02 -05:00