Nick Mathewson
a92dfa0b2a
Remove some outdated comments.
...
These all say, in one form or another, "there is no guard filtering;
there is only one selection". That's now false.
2022-06-17 08:47:57 -04:00
Nick Mathewson
89f9e1decb
Tweak parameters in guardmgr tests to improve testnet behavior.
...
The fake network we construct for these tests is small in ways that
can sometimes cause weird behavior with guard filters. We fix this
by adjusting the parameters of the guard selection algorithm
accordingly in the tests.
With these new parameters, #491 no longer occurs.
This commit also adds comments to explain why the parameters are set
as they are.
Closes #491 .
2022-06-17 08:47:57 -04:00
Nick Mathewson
34e8e208cc
CircMgr: Enable reachable_addrs filter.
2022-06-17 08:47:57 -04:00
Nick Mathewson
1c5f540dc8
Add a configuration option for reachable_addrs
...
(This doesn't do anything yet.)
2022-06-17 08:47:57 -04:00
Nick Mathewson
fb672dc688
NetDoc: Make AddrPortPattern implement serde traits
...
I'm using serde_with here to just re-use the Display and FromStr
implementations, since those are what has proven easier to type in
the past.
2022-06-17 08:47:57 -04:00
Nick Mathewson
48a86506be
GuardMgr: Support for multiple guard sets
...
guard-spec.txt specifies that we have multiple separate samples of
guards that we can use depending on whether the filter is
restrictive or not. Here we implement the rules for switching
between samples.
2022-06-17 08:47:57 -04:00
Nick Mathewson
e098a5a303
Move set_filter into GuardMgrInner.
...
Convert its argument type to Option<&NetDir> to better match the
rest of the API.
2022-06-17 08:47:57 -04:00
Nick Mathewson
a720f4f667
GuardMgr: Function to tell how permissive a filter is.
...
When we're filtering guards, we have to check whether the filter is
"restrictive": if it forbids most of the guards (by bandwidth), we
keep its guards separated from the main set. If it is
super-restrictive, we also warn.
This functionality is specified in guard-spec.txt.
2022-06-17 08:47:57 -04:00
Nick Mathewson
19fa946fc7
Make AddrPortPattern and friends implement Eq and PartialEq
2022-06-17 08:46:16 -04:00
Nick Mathewson
e3c2a86195
GuardMgr: Also apply filters to fallback directories.
2022-06-17 08:46:16 -04:00
Nick Mathewson
a189aaf1fb
GuardMgr: remove disallowed addresses from returned FirstHops.
...
Since a guard can have a bunch of addresses, and the guard is
permitted if any one of those addresses is permitted, then we might
decide to use a guard with some non-permitted addresses. Thus, we
need to filter those addresses before returning the view of the
guard as a FirstHop.
2022-06-17 08:46:16 -04:00
Nick Mathewson
23218fe037
GuardMgr: Remove old testing filter variant.
...
We don't need to restrict based on bits in the key id any longer,
since we have a real filter.
2022-06-17 08:46:16 -04:00
Nick Mathewson
9c4f31edc1
GuardMgr: Add a new filter type based on reachable addresses.
2022-06-17 08:46:16 -04:00
Nick Mathewson
801b6bec5f
Guardmgr: Change the GuardFilter API.
...
The guard filter is now a set of restrictions that can be placed on
allowable guards.
2022-06-17 08:46:16 -04:00
Nick Mathewson
bf15abbb97
Avoid matching crate names by prefix.
2022-06-17 08:41:38 -04:00
Nick Mathewson
5509bd0269
Merge branch 'config-fix2' into 'main'
...
Use impl_standard_builder more and remove manual Default/builder impls
See merge request tpo/core/arti!594
2022-06-16 20:30:34 +00:00
Nick Mathewson
677f1b8af0
Update check_tree to better detect errors in cargo-tree.
2022-06-16 16:13:11 -04:00
Nick Mathewson
349f9d5000
Don't install cargo-tree: It's built-in.
2022-06-16 15:54:21 -04:00
Ian Jackson
44659ebb8b
tor-proto: channel: Tell clippy it's ok to print in tests
2022-06-16 19:33:32 +01:00
Ian Jackson
61bd8b810a
Merge branch 'upgrade_float_eq' into 'main'
...
Upgrade to float_eq 1.0.0
See merge request tpo/core/arti!591
2022-06-16 17:26:04 +00:00
Ian Jackson
db51bdcbc1
Merge branch 'config-fix' into 'main'
...
Config handling and logging fixes
Closes #480
See merge request tpo/core/arti!589
2022-06-16 15:46:18 +00:00
Ian Jackson
ed62a575d3
arti: cfg: Remove another needless borrow
2022-06-16 16:08:10 +01:00
Ian Jackson
2ca2c03059
impl_standard_builder: Use for tor_dirmgr::Authority
2022-06-16 15:42:06 +01:00
Ian Jackson
e004316942
impl_standard_builder: Use for tor_guardmgr::FallbackDir
2022-06-16 15:42:06 +01:00
Ian Jackson
17caebd284
impl_standard_builder: Use for tor_dirmgr::DownloadSchedule
2022-06-16 15:42:06 +01:00
Ian Jackson
c466f13ce3
impl_standard_builder: Use for arti::logging::LogfileConfig
2022-06-16 15:42:06 +01:00
Ian Jackson
90ba8b15de
impl_standard_builder: Allow for !Default
2022-06-16 15:42:06 +01:00
Ian Jackson
c5bbaf470a
arti: logging config: Replace a manual Debug impl
2022-06-16 15:27:00 +01:00
Ian Jackson
8b724d40f8
impl_standard_builder: Use for tor_dirmgr::DownloadScheduleConfig
2022-06-16 15:27:00 +01:00
Ian Jackson
2ab5c0861e
impl_standard_builder: Use for tor_dirmgr::NetworkConfig
2022-06-16 15:27:00 +01:00
Ian Jackson
e32210a398
impl_standard_builder: Use for tor_dirmgr::DirSkewTolerance
2022-06-16 15:27:00 +01:00
Ian Jackson
c895057cb9
tor-config: impl_standard_builder: handle contexts with local Result
2022-06-16 15:27:00 +01:00
Nick Mathewson
e1fc59ba5f
Merge branch 'accel-features' into 'main'
...
Top-level (arti and arti-client) features to enable crypto acceleration
Closes #441
See merge request tpo/core/arti!590
2022-06-16 14:19:32 +00:00
Nick Mathewson
60eaabfb37
gitlab-ci: Use lowercase tpa tag.
...
Our gitlab admins are standardizing on this variant.
2022-06-16 10:01:07 -04:00
Ian Jackson
fc3f36e9c9
arti cfg tests: Remove a redundant line that shadows an earlier binding
...
Prompted by review
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/589#note_2813596
2022-06-16 14:34:43 +01:00
eta
ed3baea683
Fix grammar error
2022-06-16 14:34:43 +01:00
Ian Jackson
a0935ca6ee
arti: Enable some pre-config logging
2022-06-16 14:34:43 +01:00
Ian Jackson
d57fc34841
arti: Introduce closure which will be used for pre-config logging
...
Right now this is an IEFI and therefore a no-op.
2022-06-16 14:34:43 +01:00
Ian Jackson
1332e02b61
arti cfg tests: Test that example config works as-is
...
It contains only sections, but we want to detect when that is a problem!
2022-06-16 14:34:43 +01:00
Ian Jackson
0ab60d832a
arti: cfg tests: Refactor to prepare for new test
...
We're going to call this new closure another time.
2022-06-16 14:34:43 +01:00
Nick Mathewson
c4a9c8a1c4
Merge branch 'main' into 'accel-features'
...
# Conflicts:
# crates/arti-client/Cargo.toml
2022-06-16 13:24:46 +00:00
Nick Mathewson
c16b32f1d4
Add script and CI to make sure `ring` doesn't show up in arti/full
...
See arti#493.
2022-06-16 09:00:59 -04:00
Nick Mathewson
19679a6f13
Remove rustls from tor-rtcompat/full
...
This is another consequence of the `ring` license issue; see #493 .
2022-06-16 08:45:10 -04:00
Nick Mathewson
519f7dfa88
Upgrade to float_eq 1.0.0
2022-06-16 08:39:03 -04:00
Nick Mathewson
0223c91b26
Merge branch 'high-level-features' into 'main'
...
Add "full" and "experimental" features to arti, arti-client, and below.
Closes #499
See merge request tpo/core/arti!584
2022-06-16 12:24:47 +00:00
Ian Jackson
4c65e9994d
Add some missing `serde(default)` to uses of humantime_serde::option
...
Without this, if the substructure is provided, these fields are
mandatory within it.
2022-06-16 11:08:16 +01:00
Nick Mathewson
28a23e96bd
Remove "rustls" from "full", for license reasons.
...
Rustls uses ring, which uses code from BoringSSL, which derived from
OpenSSL before OpenSSL changed their license. So ring is currently
under 3BSD/SSLEay licenses, which aren't GPL-compatible, which may
be a problem for some people.
See #493 .
2022-06-15 13:45:38 -04:00
Nick Mathewson
5e05573ec9
Merge branch 'clippy_20220614' into 'main'
...
Fix several clippy issues, most with nightly
See merge request tpo/core/arti!588
2022-06-15 17:34:53 +00:00
Nick Mathewson
bd9bd39ef3
Add one more "allow" to tor_netdoc::parse::macros.
...
Without this, clippy is error-free, but `cargo test` somehow gives a
warning.
2022-06-15 11:52:30 -04:00
Nick Mathewson
2f0bef64a3
Permit eprintln in channel-padding test.
...
There is not, apparently, an eprintln equivalent for
allow-dbg-in-tests.
2022-06-15 11:52:30 -04:00