84e05591c7
arti-client: Remove unnecessary #[cfgs(...)].
...
The `keymgr` module selects one of the key manager implementations
(dummy or "real") and exposes all the APIs we need, so we can remove
all of the cfgs related to the `keymgr` feature from `client.rs`.
Part of #897
2023-06-20 13:33:51 +01:00
733a559322
arti-client: Create module exposing one of the key manager APIs.
...
This moves the key manager API selection (dummy vs "real" impl) into the
`keymgr` module. The module exports the dummy API if the `keymgr`
feature is disabled, and the impl from `tor-keymgr` otherwise.
Part of #897
2023-06-20 13:33:51 +01:00
8202be3cfe
arti-client: Make some of the dummy KeyMgr impls return an error.
...
`insert` and `remove` should return an error rather than `Ok(())`, as
`Ok(())` implies the key was stored/removed, which is impossible in the
no-op implementation.
2023-06-20 13:33:51 +01:00
02c36dabd7
arti-client: Add more dummy keymgr APIs.
...
This will help us reduce the number of `#[cfgs(...)]` from `client.rs`
Part of #897
2023-06-20 13:33:51 +01:00
c7d32dbf4c
arti-client: Add a result type for the dummy keymgr impl.
...
Part of #897
2023-06-20 13:33:51 +01:00
b289c0fd15
arti-client: Add an Error type for the dummy key manager.
...
Part of #897
2023-06-20 13:33:51 +01:00
95e4021ed8
arti-client, keymgr: Introduce Mistrust settings and enforce FS permissions.
2023-06-20 13:29:10 +01:00
be5c911ac8
arti-client: Temporarily ignore key store errors.
...
We currently initialize the `ArtiNativeKeyStore` with a dummy root dir,
so when `ArtiNativeKeyStore` starts validating directories, this code
will start to fail. Let's preemptively ignore any errors coming from
`ArtiNativeKeyStore::new`. This is temporary and will be removed when we
introduce the key store config (and a real default value for the
keystore root dir).
2023-06-20 13:29:10 +01:00
e8176ac8b5
keymgr: Add TODO about separation of concerns wrt FS operations.
2023-06-20 13:29:10 +01:00
6837dbce58
keymgr: Add an error variant for fs_mistrust errors.
...
This will be useful later, when `KeyMgr` will start validating
permissions and paths.
2023-06-20 13:29:10 +01:00
01b43f7f26
keymgr: Add a FsErrorSource to Error::Fs.
...
In the future, the potential causes of an `Error::Filesystem` error will
include permission errors as well as other errors (not just
`io::Error`s).
2023-06-20 13:29:10 +01:00
f24a7d48c0
Merge branch 'circmgr-todos' into 'main'
...
Resolve several "TODO HS" comments in circmgr.
See merge request tpo/core/arti!1258
2023-06-20 12:13:24 +00:00
affa5b5e91
Merge branch 'rpcdoc' into 'main'
...
rpc: Minor docs improvements
See merge request tpo/core/arti!1260
2023-06-20 12:11:49 +00:00
602bcc3c47
Typo fixes
2023-06-20 11:47:02 +00:00
3e704a080c
rpc: Fix docs typo
2023-06-20 11:38:31 +00:00
fed726e4ff
keymgr: Defer key bundle support until "Basic Service" milestone.
...
We don't really need "key bundles" for the client keys.
2023-06-20 11:36:04 +01:00
0bb7c7f600
keymgr: Change "TODO hs" to "TODO HSS".
...
We probably don't need to support passphrases for the "Basic Client"
milestone, so let's update this TODO accordingly.
2023-06-20 11:24:03 +01:00
f55187e065
Merge branch 'arti-client' into 'main'
...
Sort out .onion handling in arti-client
See merge request tpo/core/arti!1257
2023-06-19 14:44:55 +00:00
c7fa6cb746
Merge branch 'rpc_session_mgt' into 'main'
...
More work on RPC sessions, connections, and managers
See merge request tpo/core/arti!1254
2023-06-16 18:08:58 +00:00
b9500c6f3d
Merge branch 'netdoc-todos' into 'main'
...
Resolve many TODO HS items in tor-netdoc
See merge request tpo/core/arti!1251
2023-06-16 17:31:31 +00:00
a34af0323b
Fix compilation afver last suggestion.
2023-06-16 13:24:41 -04:00
0e3dbdee8e
Apply 1 suggestion(s) to 1 file(s)
2023-06-16 17:07:25 +00:00
85a046e266
rpc: Cross-reference up from tor-rpcbase re where DispatchTable lives
2023-06-16 17:48:59 +01:00
ceaa70f41a
rpc: Expand and clarify and cross-reference lock hierarchy
2023-06-16 17:48:59 +01:00
0460a4a4d8
rpc: Document relationship between `Connection` and `RpcSession`
2023-06-16 17:48:59 +01:00
34fc77081c
hsdesc.rs: finally remove "allows".
...
The last piece here is removing some needless keygen from the
tests. This causes the test output (using the deterministic PRNG)
to change.
2023-06-16 12:24:05 -04:00
1091918525
netdoc::doc::hsdesc changes to let us downgrade/remove allows
2023-06-16 12:24:05 -04:00
f1b90fdfee
netdoc: unmark MAC_KEY_LEN as conjectural.
...
The value here is 32 bytes; I'm adding it to to the specification
as torspec!141
2023-06-16 12:24:05 -04:00
d8f7ce510c
SharedRandVal: Note that it doesn't have to be Ct.
2023-06-16 12:24:05 -04:00
984d97a38d
netdoc: remove a TODO about moving a module to where it already is.
2023-06-16 12:24:05 -04:00
6edcca7df3
netdoc: use ct_lookup for rend descriptor cookie lookup
...
(I doubt that there is a viable side channel here, but still we
might as well get in the habit of doing these things properly.)
2023-06-16 12:24:05 -04:00
2eba3d213e
llcrypto: add another warning to ct_lookup.
2023-06-16 12:24:05 -04:00
25db56777c
Lower tor-proto::util::ct::lookup to tor-llcrypto
...
This is mostly code movement; you may want to review it with
`--color-moved`.
I'm doing this so we can also use the function in netdoc for
looking up hsdesc authentication.
2023-06-16 12:24:05 -04:00
a20c3eda6e
netdoc: Downgrade an HS todo wrt HS_DESC_AUTH_TYPE
2023-06-16 12:24:05 -04:00
6fb19c00f5
netdoc: downgrade some TODO HS to TODO HSS.
...
I'm using HSS for hs-service features.
2023-06-16 12:24:05 -04:00
3c824fe302
netdoc::build remove very broken example.
...
This could never be a full rustdoc test, since rustdoc never
runs tests for private items. Even if it were a rustdoc test,
it uses a bunch of types that aren't exposed in the right places,
and it invokes nonexistent functions, and it assumes a `self`
that isn't there.
In lieu of writing a new untested test, I've added a note to refer
the developer to where they can find working example code.
2023-06-16 12:24:05 -04:00
7a617a2dbd
netdoc: Remove a TODO that we already solved.
2023-06-16 12:23:56 -04:00
072ce9182b
hsclient: note that we should check revctr.
2023-06-16 12:23:56 -04:00
c2764cf111
tor-cell: Downgrade 2 TODO-HS to TODO-HSS
2023-06-16 12:21:27 -04:00
1691c35392
circmgr: Use a slightly nicer way to pick a circuit from our pool.
...
This algorithm only looks at circuits until it finds one that
satisfies our needs. To get a random circuit, it just randomizes
the starting point within the pool.
This optimization may help if we let circuit pools grow large.
2023-06-16 12:14:49 -04:00
686d5cf209
circmgr: Make hspool size dynamic
...
Previously we'd always try to keep 8 circuits ready. That doesn't
make sense if we are super-busy. Instead, if we run out of
circuits, we double the amount that we try to keep ready, and if we
never go under 80% of our target number, we half the number we try
to keep ready.
We limit the rate of change here, to make sure that we aren't
flapping too much or shrinking too aggressively.
This algorithm is still a mite arbitrary, and will need tuning in
the future.
2023-06-16 12:11:49 -04:00
69179c5dfe
circmgr::hspool: Move the Mutex into an intermediary Inner struct
...
This will be helpful as we complexify the pool behavior a bit.
2023-06-16 11:42:38 -04:00
1c470fd483
circmgr: Remove TODOS about retrying.
...
These functions' documentation already says that they don't retry,
and hsclient appears to be where we are concentrating our retry
efforts.
2023-06-16 11:40:00 -04:00
b34ba70070
arti-client: hs: remove some now-obsolete allows
2023-06-16 16:18:02 +01:00
f877f37308
arti-client: address: Prefer to throw OnionAddressResolveRequest (fmt)
2023-06-16 16:18:02 +01:00
d9f1c7195b
arti-client: address: Prefer to throw OnionAddressResolveRequest
...
Reformatting deferred for clarity.
2023-06-16 16:18:02 +01:00
dafccf93b0
arti-client: hs: Test cases for variously disabling .onion
...
This test case shows that we return a suboptimal error in some cases.
2023-06-16 16:18:02 +01:00
18291cb001
arti-client: Provide ErrorDetailDiscriminants for convenient testing
...
ErrorDetail isn't PartialEq so we can't assert_eq! it.
But the discriminants will be.
2023-06-16 16:18:02 +01:00
0a7ca71e70
arti-client: StreamPrefs::connect_to_onion_services: honour
2023-06-16 16:18:02 +01:00
2d112efc0f
arti-client: StreamPrefs::connect_to_onion_services: docs
...
This disposes of the TODO as well.
2023-06-16 16:18:02 +01:00
c5b655ed45
arti-client: StreamPrefs::connect_to_onion_services: fix cfg
2023-06-16 16:18:02 +01:00
21090aa6f0
arti-client: StreamPrefs::connect_to_onion_services: fix name
2023-06-16 16:18:02 +01:00
08b7419138
Added setter method in impl for StreamPrefs
...
(Taken from tpo/core/arti!1113 and squashed by Ian Jackson, with
conflicting hunk in StreamPrefs struct skipped.
The setter name is wrong, the cfg feature is wrong, there are no
docs, and the TODO is still there. These will be fixed in a moment.)
2023-06-16 16:18:02 +01:00
40dae63b65
arti-client hs: connect_to_onion_services: default to true
...
This should be enabled by default. There's still no setter for not,
nor is it honoured - those are separate TODOs.
2023-06-16 16:18:02 +01:00
ce72588322
arti-client: OnionAddressNotSupported: Change description and kind
...
Previously this error meant "we haven't written this code yet".
Now, we change it to "you haven't built Arti with this feature".
2023-06-16 16:18:02 +01:00
2521b88cd6
arti-client: address: Apply deferred rustfmt churn
2023-06-16 16:18:02 +01:00
60cfb09e77
arti-client: address: Plumb StreamPrefs into enforce_config
...
No functional change yet. We'll use this shortly.
2023-06-16 16:18:02 +01:00
bf93519cdd
arti-client: address: Move config enforcement
...
Disposes of two TODOs.
2023-06-16 16:18:02 +01:00
eb9b0d0d78
arti-client: address: Move config enforcement (pre-fmt)
...
This will make subsequent commits less noisy to read.
2023-06-16 16:18:02 +01:00
e95f9e52cc
arti-client: address: Disable some tests when HS disabled
...
These have already been partially/replaced supplemented.
The other test referred to will appear shortly.
2023-06-16 16:18:02 +01:00
e5d53091cf
Merge branch 'hs-naming-arti' into 'main'
...
arti-*: Rename hs feature to onion-service-client
See merge request tpo/core/arti!1039
2023-06-16 13:22:25 +00:00
672062113e
cirmgr: remove a dead-code exception.
2023-06-16 08:45:49 -04:00
5196363d36
Merge branch 'insert' into 'main'
...
rpc: Make CastTable::insert be more type-safe
See merge request tpo/core/arti!1253
2023-06-16 12:20:14 +00:00
07d5bc9537
arti-client: Rename hs feature to onion-service-client (cfg lines)
2023-06-16 12:34:53 +01:00
8d98982bb2
arti-client: Rename hs feature to onion-service-client
...
Rationale as per #756 .
This is the same name as in the `arti` crate.
2023-06-16 12:34:47 +01:00
37e0837cea
arti-client: rustfmt
2023-06-15 18:56:48 +01:00
94b228a4c6
arti-client: Fix clippy lints.
...
We need to allow some lints in the dummy key manager because its
implementation needs to mirror that of `tor_keymgr::KeyMgr` (so we can't
apply the API changes suggested by clippy).
2023-06-15 18:43:24 +01:00
ec9200c50f
keymgr: Add Diziet's notes about storing public keys in the key store.
2023-06-15 18:16:34 +01:00
bed1ae6304
arti-client: Use a dummy key manager if the keymgr feature is disabled.
...
TorClient now only uses the tor_keymgr::KeyMgr implementation if the
keymgr experimental feature is enabled. If the feature is disabled, a
dummy key manager implementation is used.
The new `keymgr` feature depends on `onion-client`, because the key
manager is only used for HS client auth.
2023-06-15 18:16:34 +01:00
35879a681f
arti-client: Implement From<tor_keymgr::Error> for Error.
2023-06-15 18:16:34 +01:00
21d93300eb
keymgr, arti-client: KeyMgr should return Ok(None) if the key is not found.
...
This simplifies usage quite a bit and will enable us to implement a
dummy `KeyMgr` that doesn't depend on the error types from tor-keymgr
(which will replace the "real" `KeyMgr` if the keymgr feature is
disabled).
2023-06-15 18:16:34 +01:00
60e2b51f3d
keymgr: Add TODO regarding KeyStore rename.
2023-06-15 18:16:34 +01:00
0525193d99
keymgr: Add TODO about KeyType refactorings.
2023-06-15 18:16:34 +01:00
97ba27aedb
keymgr: Add the key type to the `arti_extension`.
2023-06-15 18:16:34 +01:00
a958b3a91a
arti_client: Add TODO about refactoring code around HsClientSecretKeysBuilder.
2023-06-15 18:16:34 +01:00
15122a8e10
keymgr: Add TODO regarding some error refactorings.
2023-06-15 18:16:34 +01:00
eda974cd34
keymgr: Move the HS client and service key specifiers out of tor-keymgr.
...
The HS `HsClientSpecifier` and `HsClientSecretKeySpecifier` are moved to
`tor-hsclient`. The HS service secret key specifier stubs are moved to
`tor-hsservice`.
2023-06-15 18:16:33 +01:00
0828597a2e
keymgr: Expand the TODOs regarding HS service key specifiers.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-06-15 18:15:30 +01:00
e0ded457ba
keymgr: Expand HsClientSpecifier docs, add TODO about refactoring.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-06-15 18:15:30 +01:00
e99ee7ec02
arti-client, keymgr: Initialize KeyMgr with an ArtiNativeKeyStore.
...
The `KeyMgr` is now initialized with an `ArtiNativeKeyStore` built from
an invalid key store root dir (this is alright for the purposes of this
proof-of-concept, since `ArtiNativeKeyStore::new` won't fail as it
doesn't currently validate the keystore root dir).
2023-06-15 18:15:30 +01:00
64c24dca66
keymgr: Introduce ToEncodableKey to simplify lookups.
...
This means `KeyMgr` users don't need to specify the underlying key type
(e.g. `ed25519::Keypair`) when retrieving keys. Instead, they can just
specify the type required (as long as it implements `ToEncodableKey`),
e.g. `HsClientIntroAuthKeypair`.
2023-06-15 18:15:30 +01:00
fbed393680
arti-client: Make the client use the KeyMgr.
...
`TorClient` now uses a `KeyMgr` to retrieve the `HsClientSecretKeys`
client auth keys passed to `get_or_launch_connection`.
2023-06-15 18:15:30 +01:00
61f37b1b5c
keymgr: Add key manager implementation stub.
2023-06-15 18:15:30 +01:00
17ae752a0b
keymgr: Implement `SshKeyType::read_ssh_format_erased` for `KeyType`.
...
This adds a proof-of-concept `SshKeyType::read_ssh_format_erased`
implementation for `KeyType`. The implementation decodes an OpenSSH key
and converts it to one of the key types used internally by Arti. The
value returned is type-erased, and will be downscast later down the line
by the `KeyMgr` (note: `KeyMgr` doesn't exist yet).
The `SshKeyType::write_ssh_format` will be implemented once these APIs
are a bit more stable.
2023-06-15 18:15:30 +01:00
a2d0ee63cc
keymgr: Add ArtiNativeKeyStore implementation skeleton.
...
This adds implementation stubs for `ArtiNativeKeyStore`, and introduces
the traits needed to make the `KeyStore` APIs work.
2023-06-15 18:15:30 +01:00
d133c8b0a6
hsclient: Change builder error return type to ConfigBuildError.
...
It's not perfectly clear what this error type should be, so let's use
`ConfigBuildError` for now (it makes things easier in `arti-client`, as
we already have an `ErrorDetail` for it).
2023-06-15 18:15:30 +01:00
6521864a34
rpc: Document and apply lock hierarchy for Mgr/Connection
2023-06-15 12:53:50 -04:00
9e8ad5415e
rpc: Give the session-creation function an argument.
...
This will later let us tell the session-creation function
how the authentication occurred, which will let it decide
what privileges to provide.
2023-06-15 11:50:12 -04:00
2d28402fb7
rpc: revise session initialization a lot.
...
Formerly, every time we wanted to launch a new connection, we had
to give the RpcMgr a TorClient. The connection would hold that
TorClient until a session was authenticated, and then would wrap
it in a Session and put it in the object map.
Now, the RpcMgr holds a Box<dyn Fn()...> that knows how to
create Sessions. When a connection is authenticated, it
asks the Mgr to make it a new session. This lets us make it
clearer that the TorClient simply can't be given out until the
connection is authenticated. Later, it will let us create
more types of Session objects under more complicated rules.
2023-06-15 11:44:14 -04:00
a1934e7102
tor-hsclient: Make Untried a {}-less unit
...
Suggested here
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1247#note_2912642
It's unlikely this will grow any content, so fine.
2023-06-15 16:43:45 +01:00
7e601fba01
tor-hsclient: Insert a blank line
2023-06-15 16:43:45 +01:00
d99434d06b
tor-hsclient: Docs improvements.
2023-06-15 16:43:45 +01:00
856269f7a7
tor-hsclient: Remove two done TODOs
2023-06-15 16:43:45 +01:00
731cc9ed44
tor-hsclient: provide intro_index accessor for FailedAttemptError (xref)
...
Add a cross-reference to docs arising from MR comments in !1246 .
2023-06-15 16:43:45 +01:00
2dfa00f379
tor-hsclient: Actually store our IPT experiences
2023-06-15 16:43:45 +01:00
f5a895b33f
tor-hsclient: intro_rend_connect: bind `outcome`
...
This will be used in a moment.
2023-06-15 16:43:45 +01:00
4f4f753b6a
tor-hsclient: Actually choose which intro points to use
...
Right now this just always chooses randomly because nothing stores
anything in the HashMap.
2023-06-15 16:43:45 +01:00
65d7d499d7
tor-hsclient: Introduce RelayIdForExperience
...
Wrap this up in a newtype so we don't accidentally use it for anything
else. Provide two constructors, one for storing and one for lookups.
2023-06-15 16:43:45 +01:00
397c4fb01f
tor-hsclient: Add random sort key to UsableIpt
2023-06-15 16:43:45 +01:00
279afeefc2
tor-hsclient: provide intro_index accessor for FailedAttemptError
2023-06-15 16:43:45 +01:00
dac7a45ea8
tor-error: Introduce `LooseCmpRetryTime`
...
Having a newtype for this kind of thing is considerably more
convenient. I'm going to use this in a moment.
2023-06-15 16:43:45 +01:00
6da1acadab
rpc: Rename Session=>RpcSession
2023-06-15 11:29:57 -04:00
269fab7abe
rpc: Expose Session object.
...
We'll want to move the responsibility for creating Sessions outside
the rpcmgr crate.
2023-06-15 11:28:34 -04:00
bd134525fd
RPC: rename new_session to new_connection
2023-06-15 11:15:40 -04:00
1710ce54f4
rpc: Remove some verbiage about 'static, and demo that it's OK without
...
It's now not actually possible to write code that doesn't work, even
if `Tr` *isn't* 'static, because of the bounds on `CastTable::insert`.
I tried to produce a non-working setup with a non-static `Simple`, but
you can't implement `Object` for such a thing. Removing 'static from
Object would stop the downcasts from Any to Object working.
Prior to the new typesafe insert, this change
- let f: fn(&dyn $crate::Object) -> &(dyn $traitname + 'static) = |self_| {
+ let f: fn(&dyn $crate::Object) -> &(dyn $traitname) = |self_| {
would result in a runtime crash. Now it results in a compiler error.
2023-06-15 12:07:11 +01:00
0eedf0e254
rpc: Give the name `O` to "the type associated with this CastTable"
...
This was locally bound to `S` in one place. Bind and use it throughout.
Since this is an RPC object, `O` is a better name.
In each item, use the description once and thereafter just the name.
2023-06-15 12:03:53 +01:00
2228751a00
rpc: Add Simple test case for CastTable
2023-06-15 12:03:53 +01:00
54b364cdcf
rpc: Move boxing from macro to CastTable::insert (formatting)
2023-06-15 12:03:53 +01:00
890a7b52be
rpc: Move boxing from macro to CastTable::insert
2023-06-15 11:32:32 +01:00
8452fe11cf
rpc: Make CastTable::insert be more type-safe
...
This checks the Requirements.
2023-06-15 11:13:26 +01:00
de423f6a36
rpc: switch GlobalId mac to KMAC.
2023-06-14 14:47:13 -04:00
66a72370d1
rpc: connection_id _is_ used: remove a comment to the contrary
2023-06-14 14:46:08 -04:00
789953d800
rpc: revise the relationship between Mgr and Connection
...
This adds a Weak reference from Connection to Mgr, makes DispatchTable
mutable, and makes a few other changes as discussed between me and
Diziet the other week.
I bet we are not done tweaking this, but I hope it's a setp forwards.
2023-06-14 14:43:08 -04:00
a156e60780
Merge branch 'pt-snowflake-fix' into 'main'
...
make snowflake example feature-gated
See merge request tpo/core/arti!1249
2023-06-14 18:13:57 +00:00
02a82ad748
make snowflake example feature-gated
2023-06-14 18:13:57 +00:00
d277f6729d
tor-hsclient: InvalidTarget::ImpossibleRelayIds is RetryTime::Never
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1246#note_2912105
2023-06-14 17:26:05 +01:00
46a89ffb14
tor-hsclient: Correction to HasRetryTime for InvalidTarget doc
2023-06-14 17:26:05 +01:00
c99207b60e
tor-hsclient: Add doc for HasKind for FailedAttemptError
...
There is a cross-reference here to code (`IptSortKey`) in another
branch that I haven't made an MR for yet.
2023-06-14 17:26:05 +01:00
d5bf90c33e
tor-hsclient: Add docs and comments about HasRetryTime for InvalidTarget
2023-06-14 17:26:05 +01:00
3e8590c2b5
tor-cell: HasRetryTime for IntroduceAckStatus: Confirm re CANT_RELAY (fmt)
...
rustdoc insisted on misindenting this before, and now it insists on
un-mis-indenting it.
2023-06-14 17:26:05 +01:00
fb4e33fbdf
tor-cell: HasRetryTime for IntroduceAckStatus: Confirm re CANT_RELAY
...
Remove this todo as per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1246#note_2912104
2023-06-14 17:26:05 +01:00
bfcddd4e59
tor-cell: Add a doc comment for impl tor_error::HasRetryTime for IntroduceAckStatus
2023-06-14 17:26:05 +01:00
f32b8cfaa2
netdoc::build: remove or narrow `allow`s.
2023-06-14 11:26:05 -04:00
ea678ffa22
tor-hsclient: impl HasRetryTime for FailedAttemptError
2023-06-14 15:17:54 +01:00
c4944de996
tor-hsclient: impl HasRetryTime for InvalidTarget
2023-06-14 15:16:31 +01:00
f98c7df12e
tor-cell: impl HasRetryTime for IntroduceAckStatus
2023-06-14 15:16:31 +01:00
ab56dcf145
Merge branch 'tor-cell-todos' into 'main'
...
Resolve most TODO HS comments in tor-cell
See merge request tpo/core/arti!1245
2023-06-13 22:30:50 +00:00
677148d077
Merge branch 'hscrypto-todos' into 'main'
...
hscrypto: Resolve all but one TODO HS comment.
See merge request tpo/core/arti!1244
2023-06-13 18:40:59 +00:00
0912496dbb
cell: Downgrade a couple more TODO HS comments.
2023-06-13 13:57:57 -04:00
d843aaa3b2
Merge branch '20_byte_sendme_digest' into 'main'
...
proto: Make sure that auth tags are truncated to 20 bytes
See merge request tpo/core/arti!1242
2023-06-13 17:05:27 +00:00
589fefd581
cell: Remove relaycell::restrict
...
This module didn't have anything in it; nonetheless, removing it
does count as an API break since it was public.
2023-06-13 13:04:16 -04:00
6a6164a360
cell: Remove some TODOs
...
Yes, we still will need more accessors for onion services, but we
can add them as we find the need.
2023-06-13 12:58:22 -04:00
0f3724322d
cell: remove/localize "allow(dead-code)"
2023-06-13 12:50:09 -04:00
a931c7e5d9
Merge branch 'hs' into 'main'
...
tor-hsclient: Finish(?) plumbing up first cut of HS client connection
See merge request tpo/core/arti!1240
2023-06-13 16:47:19 +00:00
0add7df458
hscrypto: fix TODOs in time-period code.
...
* Return a more informative error type (instead of Option)
* Check that time periods are an integer number of seconds
* Decide not to change the semantics of an argument.
2023-06-13 12:39:52 -04:00
0a4dac0fa0
hscrypto: remove compatibility note about time periods.
...
We updated and clarified the spec in arti!107, and noted the
remaining infelicities in proposal 342.
2023-06-13 12:20:12 -04:00
44ced7dbd3
hscrypto: write a README
2023-06-13 12:15:04 -04:00
848793da5a
hscrypto: note that hs_mac is not a good choice for new protocols
2023-06-13 12:11:38 -04:00
7a82285984
hscrypto: comment out an unused key type.
...
(I'm not removing it entirely since maybe we _should_ use it, and
maybe we _will_ as we do services. I've added a TODO HS for
removing it or using it, and removed the TODO HS at the head of
pk.rs about making sure that all the key types in the module really
belong there.)
2023-06-13 12:01:12 -04:00
9888c4422d
hscrypto: Remove a TODO about extending an internal macro.
2023-06-13 11:53:29 -04:00
cc7fd57511
Merge branch 'hs3' into 'main'
...
tor-hsclient: Plumb some needed values through etc.
See merge request tpo/core/arti!1238
2023-06-13 15:53:01 +00:00
670c73a159
hscrypto: Remove a TODO about implementing ErrorKind.
...
I think it isn't actually a great idea for HsIdParseError to
implement ErrorKind, since the actual ErrorKind would depend
entirely on where the problematic ID came from.
2023-06-13 11:50:53 -04:00
9311a8da5b
hscrypto: clarify and downgrade TODOs about blinding secrets
2023-06-13 11:48:54 -04:00
bfaf0bba6f
tor-hsclient: Add some more debugging
2023-06-13 16:14:57 +01:00
e123ade035
tor-hsclient: Return the circuit
2023-06-13 16:14:57 +01:00
57ba35dfe0
tor-hsclient: Conduct the INTRODUCE1 exchange
2023-06-13 16:14:57 +01:00
ab11a2042f
tor-hsclient: Remove an already-done TODO
...
Since !1238 we do pass the handshake_state along.
2023-06-13 16:14:57 +01:00
f76b6eb614
tor-cell: IntroduceAck: Add .success() function to give a Result
...
The type is a bit odd but this is a result of the underlying protocol.
I don't feel like inventing `IntroduceAckSuccess` that contains only
the extensions.
2023-06-13 16:14:57 +01:00
0c10a9554b
tor-hsclient: Rename some errors for greater consistency
2023-06-13 16:14:57 +01:00
d98405d1e0
tor-hsclient: Reorder timeout errors to be "less interesting"
...
If something *other* than a timeout went wrong, then that is less
expected so more interesting.
2023-06-13 16:14:57 +01:00
c79ed2b31b
tor-hsclient: Improve proto_oneshot docs
2023-06-13 16:14:06 +01:00
b1ac10203a
tor-hsclient: Pass handshake_state to complete_handcshake (fmt)
2023-06-13 16:14:03 +01:00
6810881f38
tor-hsclient: Pass handshake_state to complete_handcshake
...
Pass Introduced to complete_handshake. The lack of this was a slip.
Add handshake_state to Introduced, and use it.
2023-06-13 16:13:57 +01:00
40840b1f3a
proto: Make sure that auth tags are truncated to 20 bytes
...
Onion service hops (pointlessly) use SHA3-256 for their
authentication, but they truncate it to 20 bytes (assuming I'm
reading the C right.)
See torspec#204 for clarification here.
2023-06-13 11:04:23 -04:00
85273a7646
tor-hsclient: Add a missing doc
...
Requested in !1228 but overlooked
2023-06-13 13:22:27 +01:00
01259a560b
tor-hsclient: Introduce proto_oneshot, to help with message handling (fmt)
2023-06-13 13:22:27 +01:00
0dcf872e3a
tor-hsclient: Introduce proto_oneshot, to help with message handling
...
This gets rid of a lot of repeated `oneshot::<...<Result, ...>>` and
a bit of repeated functional code, etc.
2023-06-13 13:22:27 +01:00
1587c06790
tor-hsclient: (try to) receive the RENDEZVOUS2 message
2023-06-13 13:00:19 +01:00
5d49660e0a
RPC: Suppress a warning to do with RPC and SOCKS
...
Fixes `cargo check`
2023-06-13 12:11:23 +01:00
880095356e
tor-hsclient: Fix a botched doc comment
2023-06-13 12:00:56 +01:00
78de0d279c
Merge branch 'msg_in_handler' into 'main'
...
proto: Convert MsgHandler API to expect a message, not a cell.
Closes #887
See merge request tpo/core/arti!1236
2023-06-13 10:57:01 +00:00
beecf3c92c
proto: Convert MsgHandler API to expect a message, not a cell.
...
Closes #887 .
2023-06-12 14:55:26 -04:00
47b1083d3a
Merge branch 'rpc_pseudomethods_v6' into 'main'
...
RPC: Functionality to downcast dyn Object to a dyn Trait.
See merge request tpo/core/arti!1225
2023-06-12 18:10:46 +00:00
5480035f51
Merge branch 'desc-validation-err-doc' into 'main'
...
tor-error: Document another potential cause for OnionServiceDescriptorValidationFailed.
See merge request tpo/core/arti!1215
2023-06-12 18:03:06 +00:00
8166a29746
RPC: Functionality to downcast dyn Object to a dyn Trait.
...
This is a rather tricky piece of functionality. It works as
follows.
We introduce a `CastTable` type. Each `CastTable` tells us how to
downcast `dyn Object` for objects of a single concrete type.
The `Object` type now has a `get_casttable` method that returns
an empty `CastTable` by default.
`CastTable` is, internally, a map from the `TypeId` of the target
dyn Trait reference type to a function
`fn(&dyn Object) -> &dyn Trait`. These functions are stored as
`Box<dyn Any + ...>`. (They are Boxed because they may refer to
generic functions, which you can't get a static reference to,
and they're Any because the functions have different types.)
The `decl_object!` macro now implements `get_casttable` as
appropriate. (The syntax is a bit janky, but that's what we get
for not using derive_adhoc.) For non-generic types, `get_casttable`
uses a Lazy<CastTable>`. to initialize a CastTable exactly once.
For generic types, it use a `Lazy<RwLock<HashMap<..>>` to
build one CastTable per instantiation of the generic type.
This could probably be optimized a bit more, the yaks could be
shaved in a more scintillating hairstyle, and the syntax for
generic `decl_object` could definitely be improved.
2023-06-12 13:35:28 -04:00
44fca4c2ca
tor-error: Clarify what we mean by "hostile".
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-06-12 18:25:50 +01:00
de8ca98900
tor-error: Document another potential cause for OnionServiceDescriptorValidationFailed.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-06-12 18:25:46 +01:00
255d74ac3c
hsclient: fill in a lot more introduce/rendezvous logic.
...
This code tries to fill in some TODO HS code, replacing it with a
lot more code with a bunch more TODO HS comments. Hopefully the
expansions of the new TODO HS comments should be simpler.
2023-06-12 13:15:59 -04:00
2c8e3b22b5
cell: Add an accessor for the body of a Rendezvous2.
2023-06-12 13:15:59 -04:00
f78c5a5a42
proto: Add a commment about a problem in my hs_ntor plans.
...
I am pretty sure that C tor works around this somehow; we should
figure out how!
2023-06-12 13:15:59 -04:00
c38ba16a81
proto: code movement and reindentation in hs_ntor
2023-06-12 13:15:59 -04:00
7255b122d7
proto: Remove now-unused hs_ntor APIs
2023-06-12 13:15:59 -04:00
bb6115103a
proto: refactor hs_ntor to reuse state.
...
We want the ability to send the same handshake request in parallel
on multiple introduce circuits. This implies encoding the client
handshake more than once.
(Sadly we can't _actually_ do this in the protocol as it stands,
since the onion service can use a separate KP_hss_ntor for each
introduction point; I'll add a comment to that effect later.)
2023-06-12 13:15:59 -04:00
edfb3642e0
hsclient: receive rendezvous2 messages too.
2023-06-12 13:15:59 -04:00
32d54c857e
hsclient: Move the body of the msg handler into a new function
2023-06-12 13:15:59 -04:00
e948116bc7
hsclient: Add a second oneshot to Rendezvous msghandler
...
On a client's circuit to the rendezvous point, we need to first wait
for an `RENDEZVOUS_ESTABLISHED` message, and then for a
`RENDEZVOUS2` message.
2023-06-12 13:15:59 -04:00
796dc4457b
hsclient: use hs-client feature in tor-proto.
2023-06-12 13:15:59 -04:00
ac90cb7500
Upgrade async-trait requirement to 1.54
...
We need the fix from [82d69902], which first appeared in async-trait
version 1.54. (Technically we only need this fix in tor-hsclient,
but we may as well update our minimal async-trait version everywhere.)
[82d69902]: 82d6990253
2023-06-12 13:15:59 -04:00
3b93cdb2dd
Merge branch 'redactable_relayids' into 'main'
...
Implement Redactable for RelayIds, and other improvements
Closes #882
See merge request tpo/core/arti!1233
2023-06-12 16:06:11 +00:00
ddea524849
linkspec: cleanup usage; change std::fmt to fmt.
2023-06-12 11:39:45 -04:00
345808322d
Merge branch 'circuit_send_message_fixes' into 'main'
...
Correct documentation and API on ClientCirc::send_control_message
Closes #885 and #881
See merge request tpo/core/arti!1232
2023-06-12 14:14:32 +00:00
da78c53e20
Merge branch 'arc_hsdirs_in_netdir' into 'main'
...
netdir: Wrap HsDir an Arc<>
Closes #883
See merge request tpo/core/arti!1234
2023-06-12 13:56:44 +00:00
4ee4de2d0a
Apply 1 suggestion(s) to 1 file(s)
2023-06-12 13:49:18 +00:00
b19eb8648f
Merge branch 'pt-snowflake' into 'main'
...
add documentation for configuring snowflake pt
Closes #879 and #875
See merge request tpo/core/arti!1216
2023-06-11 20:59:31 +00:00
0313ca9f62
netdir: Wrap HsDir an Arc<>
...
This change reduces the cost of cloning a `NetDir`. It's fine
since–although we replace the HsDir once–we never modify it once it
exists.
Closes #883 .
2023-06-09 16:08:57 -04:00
a542a3e93f
RelayId: Display the ID type on redacted identities.
...
Formerly we would display just the first characters of the identity,
without telling you what kind of ID it was.
2023-06-09 16:03:56 -04:00
a6ce079d4a
linkspec: implement Display/Redacted on RelayIds
2023-06-09 16:03:56 -04:00
979a2bd6a0
linkspec: Implement HasRelayIds::display_relay_ids().
2023-06-09 15:50:25 -04:00
c76fbff125
proto: Have send_control_message take an AnyRelayMsg.
...
When we break the 1:1 relationship of message and cell, we'll want
this API to take messages, not cells.
This API is experimental, so we don't need to call it a semver
break.
Closes #881 .
2023-06-09 15:28:01 -04:00
58babcb756
proto: Correct the docs on send_control_message
...
Formerly we said that it would not return until the handler
was uninstalled. This is incorrect: it returns as soon as the
message is sent and the handler installed.
Closes #885 .
2023-06-09 15:22:15 -04:00
a74bb8d4d8
add a few more comments on PTs
2023-06-09 20:15:25 +02:00
7231042343
tor-hsclient: Use send_control_message properly (fmt)
...
This re-indents the body of the trapping IEFE.
2023-06-09 17:47:35 +01:00
e4a3498f28
tor-hsclient: Use send_control_message properly
...
The comment was entirely wrong. send_control_message returns as soon
as the message has been enqueued. So we actually *need* to wait for
the oneshot.
Also, given that a circuit collapse doesn't give us a real error, we
plumb the error through the oneshot. Introduce an IEFE to capture the
error from the decoding.
2023-06-09 17:45:50 +01:00
8d71ceef9a
tor-hsclient: Obtain reply_tx earlier
...
No functional change other than to error cases.
Will fit better with code to come in a moment.
2023-06-09 17:45:41 +01:00
27b76ffa3c
tor-hsclient: Break out handle_proto_error
...
We're going to want to reuse this.
2023-06-09 17:45:29 +01:00
c9cc76addb
tor-hsclient: Add TODO for broken send_control_message use
2023-06-09 17:36:48 +01:00
9240ae55ba
tor-hsclient: Discuss circuit parallelisation in sad case
...
Apropose
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1228#note_2910588
2023-06-09 17:36:48 +01:00
5cc1323752
tor-hsclient: Add a TODO to retain the NetDir less long
2023-06-09 17:36:48 +01:00
a9a59186fa
tor-hsclient: Add some trace! temporarily
...
With this I see this:
2023-06-09T12:26:27.698815Z DEBUG tor_hsclient::connect: hs conn to duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion: RPT $36acd600bc8ea6c2800434778909ce3d83621358: sending ESTABLISH_RENDEZVOUS
2023-06-09T12:26:27.699144Z TRACE tor_proto::circuit::reactor: Circ 1.0: reactor received SendMsgAndInstallHandler { msg: RelayCell { streamid: StreamId(0), msg: EstablishRendezvous(EstablishRendezvous { cookie: RendCookie(CtByteArray([220, 39, 37, 30, 37, 108, 111, 23, 127, 220, 50, 108, 161, 109, 229, 235, 110, 88, 233, 38])) }) }, sender: Sender { complete: false } }
2023-06-09T12:26:27.699238Z TRACE tor_guardmgr: Received report of guard status guard_id=FirstHopId(Guard(Default, GuardId(RelayIds { ed_identity: Some(Ed25519Identity { 6lORxW93KRbhHFPNG0g+oBkXZbRnpwBzyfDcta7ed/M }), rsa_identity: Some(RsaIdentity { $f0c9c07d1b7c6fc8547f52cac1015b4a79e2ac1a }) }))) status=Success
2023-06-09T12:26:27.699429Z TRACE tor_hsclient::connect: SEND CONTROL MESSAGE RETURNED
2023-06-09T12:26:27.699966Z INFO tor_guardmgr:💂 We have found that guard [scrubbed] is usable.
2023-06-09T12:26:27.700030Z TRACE tor_guardmgr:💂 Guard status changed. guard_id=GuardId(RelayIds { ed_identity: Some(Ed25519Identity { 6lORxW93KRbhHFPNG0g+oBkXZbRnpwBzyfDcta7ed/M }), rsa_identity: Some(RsaIdentity { $f0c9c07d1b7c6fc8547f52cac1015b4a79e2ac1a }) }) old=Untried new=Reachable
2023-06-09T12:26:27.700607Z TRACE tor_guardmgr: Known usability status guard_id=FirstHopId(Guard(Default, GuardId(RelayIds { ed_identity: Some(Ed25519Identity { 6lORxW93KRbhHFPNG0g+oBkXZbRnpwBzyfDcta7ed/M }), rsa_identity: Some(RsaIdentity { $f0c9c07d1b7c6fc8547f52cac1015b4a79e2ac1a }) }))) usable=true
2023-06-09T12:26:27.701481Z DEBUG arti_client::status: 45%: connecting successfully; directory is fetching authority certificates (8/8)
2023-06-09T12:26:27.765193Z TRACE tor_proto::circuit::reactor: Circ 1.0: handling cell: Relay(Relay { body: .. })
2023-06-09T12:26:27.765284Z TRACE tor_proto::circuit::reactor: Circ 1.0: Received meta-cell UnparsedRelayCell { body: [39, 0, 0, 0 [[[ eldied -iwj ]]]] }
2023-06-09T12:26:27.765352Z TRACE tor_hsclient::connect: SENDING VIA ONESHOT
2023-06-09T12:26:27.765363Z TRACE tor_hsclient::connect: SENDING VIA ONESHOT DONE
2023-06-09T12:26:27.765367Z TRACE tor_proto::circuit::reactor: Circ 1.0: meta handler completed with result: Ok(UninstallHandler)
2023-06-09T12:26:29.588045Z DEBUG tor_hsclient::connect: hs conn to duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion: attempt failed: error: internal error (bug) at /volatile/rustcargo/Rustup/Arti/arti/crates/tor-hsclient/src/connect.rs:725:28: RENDEZVOUS_ESTABLISHED not sent yet
This seems to suggest that send_control_message is returning sooner
than expected.
2023-06-09 17:36:48 +01:00
7be005b05d
tor-hsclient: Add a lot of debug! (fmt)
2023-06-09 17:36:48 +01:00
Gabriela Moldovan
Nick Mathewson
Ian Jackson
Alexander Færøy
Ian Jackson
nate_d1azzz
trinity-1686a
trinity-1686a