Nick Mathewson
17fab6e913
netdoc: Use derive amplify::Getters for HsDesc accessors.
...
Closes #909 .
2023-06-20 14:00:41 -04:00
Alexander Færøy
2fa8a4e56c
Merge branch 'update-keymgr-todo' into 'main'
...
keymgr: Change "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1264
2023-06-20 13:42:28 +00:00
gabi-250
d8ea9b234a
Merge branch 'dummy-keymgr-api-fixes' into 'main'
...
arti-client: Dummy KeyMgr API improvements
Closes #897
See merge request tpo/core/arti!1256
2023-06-20 13:18:52 +00:00
gabi-250
2a9c91e853
Merge branch 'keymgr-mistrust' into 'main'
...
keymgr: First steps towards path validation and permission checks
See merge request tpo/core/arti!1255
2023-06-20 13:15:51 +00:00
Gabriela Moldovan
c0762f76f1
keymgr: Fix broken docs.
2023-06-20 13:34:32 +01:00
Gabriela Moldovan
84e05591c7
arti-client: Remove unnecessary #[cfgs(...)].
...
The `keymgr` module selects one of the key manager implementations
(dummy or "real") and exposes all the APIs we need, so we can remove
all of the cfgs related to the `keymgr` feature from `client.rs`.
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
733a559322
arti-client: Create module exposing one of the key manager APIs.
...
This moves the key manager API selection (dummy vs "real" impl) into the
`keymgr` module. The module exports the dummy API if the `keymgr`
feature is disabled, and the impl from `tor-keymgr` otherwise.
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
8202be3cfe
arti-client: Make some of the dummy KeyMgr impls return an error.
...
`insert` and `remove` should return an error rather than `Ok(())`, as
`Ok(())` implies the key was stored/removed, which is impossible in the
no-op implementation.
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
02c36dabd7
arti-client: Add more dummy keymgr APIs.
...
This will help us reduce the number of `#[cfgs(...)]` from `client.rs`
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
c7d32dbf4c
arti-client: Add a result type for the dummy keymgr impl.
...
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
b289c0fd15
arti-client: Add an Error type for the dummy key manager.
...
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
95e4021ed8
arti-client, keymgr: Introduce Mistrust settings and enforce FS permissions.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
be5c911ac8
arti-client: Temporarily ignore key store errors.
...
We currently initialize the `ArtiNativeKeyStore` with a dummy root dir,
so when `ArtiNativeKeyStore` starts validating directories, this code
will start to fail. Let's preemptively ignore any errors coming from
`ArtiNativeKeyStore::new`. This is temporary and will be removed when we
introduce the key store config (and a real default value for the
keystore root dir).
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
e8176ac8b5
keymgr: Add TODO about separation of concerns wrt FS operations.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
6837dbce58
keymgr: Add an error variant for fs_mistrust errors.
...
This will be useful later, when `KeyMgr` will start validating
permissions and paths.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
01b43f7f26
keymgr: Add a FsErrorSource to Error::Fs.
...
In the future, the potential causes of an `Error::Filesystem` error will
include permission errors as well as other errors (not just
`io::Error`s).
2023-06-20 13:29:10 +01:00
Nick Mathewson
f24a7d48c0
Merge branch 'circmgr-todos' into 'main'
...
Resolve several "TODO HS" comments in circmgr.
See merge request tpo/core/arti!1258
2023-06-20 12:13:24 +00:00
Ian Jackson
affa5b5e91
Merge branch 'rpcdoc' into 'main'
...
rpc: Minor docs improvements
See merge request tpo/core/arti!1260
2023-06-20 12:11:49 +00:00
gabi-250
602bcc3c47
Typo fixes
2023-06-20 11:47:02 +00:00
Nick Mathewson
3e704a080c
rpc: Fix docs typo
2023-06-20 11:38:31 +00:00
Gabriela Moldovan
fed726e4ff
keymgr: Defer key bundle support until "Basic Service" milestone.
...
We don't really need "key bundles" for the client keys.
2023-06-20 11:36:04 +01:00
Gabriela Moldovan
0bb7c7f600
keymgr: Change "TODO hs" to "TODO HSS".
...
We probably don't need to support passphrases for the "Basic Client"
milestone, so let's update this TODO accordingly.
2023-06-20 11:24:03 +01:00
Alexander Færøy
f55187e065
Merge branch 'arti-client' into 'main'
...
Sort out .onion handling in arti-client
See merge request tpo/core/arti!1257
2023-06-19 14:44:55 +00:00
Nick Mathewson
c7fa6cb746
Merge branch 'rpc_session_mgt' into 'main'
...
More work on RPC sessions, connections, and managers
See merge request tpo/core/arti!1254
2023-06-16 18:08:58 +00:00
Nick Mathewson
b9500c6f3d
Merge branch 'netdoc-todos' into 'main'
...
Resolve many TODO HS items in tor-netdoc
See merge request tpo/core/arti!1251
2023-06-16 17:31:31 +00:00
Nick Mathewson
a34af0323b
Fix compilation afver last suggestion.
2023-06-16 13:24:41 -04:00
Ian Jackson
0e3dbdee8e
Apply 1 suggestion(s) to 1 file(s)
2023-06-16 17:07:25 +00:00
Nick Mathewson
eace504500
Merge branch 'tor-cell-todos-2' into 'main'
...
tor-cell: Downgrade 2 TODO-HS to TODO-HSS
See merge request tpo/core/arti!1259
2023-06-16 16:51:28 +00:00
Ian Jackson
85a046e266
rpc: Cross-reference up from tor-rpcbase re where DispatchTable lives
2023-06-16 17:48:59 +01:00
Ian Jackson
ceaa70f41a
rpc: Expand and clarify and cross-reference lock hierarchy
2023-06-16 17:48:59 +01:00
Ian Jackson
0460a4a4d8
rpc: Document relationship between `Connection` and `RpcSession`
2023-06-16 17:48:59 +01:00
Nick Mathewson
34fc77081c
hsdesc.rs: finally remove "allows".
...
The last piece here is removing some needless keygen from the
tests. This causes the test output (using the deterministic PRNG)
to change.
2023-06-16 12:24:05 -04:00
Nick Mathewson
1091918525
netdoc::doc::hsdesc changes to let us downgrade/remove allows
2023-06-16 12:24:05 -04:00
Nick Mathewson
f1b90fdfee
netdoc: unmark MAC_KEY_LEN as conjectural.
...
The value here is 32 bytes; I'm adding it to to the specification
as torspec!141
2023-06-16 12:24:05 -04:00
Nick Mathewson
d8f7ce510c
SharedRandVal: Note that it doesn't have to be Ct.
2023-06-16 12:24:05 -04:00
Nick Mathewson
984d97a38d
netdoc: remove a TODO about moving a module to where it already is.
2023-06-16 12:24:05 -04:00
Nick Mathewson
6edcca7df3
netdoc: use ct_lookup for rend descriptor cookie lookup
...
(I doubt that there is a viable side channel here, but still we
might as well get in the habit of doing these things properly.)
2023-06-16 12:24:05 -04:00
Nick Mathewson
2eba3d213e
llcrypto: add another warning to ct_lookup.
2023-06-16 12:24:05 -04:00
Nick Mathewson
25db56777c
Lower tor-proto::util::ct::lookup to tor-llcrypto
...
This is mostly code movement; you may want to review it with
`--color-moved`.
I'm doing this so we can also use the function in netdoc for
looking up hsdesc authentication.
2023-06-16 12:24:05 -04:00
Nick Mathewson
a20c3eda6e
netdoc: Downgrade an HS todo wrt HS_DESC_AUTH_TYPE
2023-06-16 12:24:05 -04:00
Nick Mathewson
6fb19c00f5
netdoc: downgrade some TODO HS to TODO HSS.
...
I'm using HSS for hs-service features.
2023-06-16 12:24:05 -04:00
Nick Mathewson
3c824fe302
netdoc::build remove very broken example.
...
This could never be a full rustdoc test, since rustdoc never
runs tests for private items. Even if it were a rustdoc test,
it uses a bunch of types that aren't exposed in the right places,
and it invokes nonexistent functions, and it assumes a `self`
that isn't there.
In lieu of writing a new untested test, I've added a note to refer
the developer to where they can find working example code.
2023-06-16 12:24:05 -04:00
Nick Mathewson
7a617a2dbd
netdoc: Remove a TODO that we already solved.
2023-06-16 12:23:56 -04:00
Nick Mathewson
072ce9182b
hsclient: note that we should check revctr.
2023-06-16 12:23:56 -04:00
Nick Mathewson
c2764cf111
tor-cell: Downgrade 2 TODO-HS to TODO-HSS
2023-06-16 12:21:27 -04:00
Nick Mathewson
1691c35392
circmgr: Use a slightly nicer way to pick a circuit from our pool.
...
This algorithm only looks at circuits until it finds one that
satisfies our needs. To get a random circuit, it just randomizes
the starting point within the pool.
This optimization may help if we let circuit pools grow large.
2023-06-16 12:14:49 -04:00
Nick Mathewson
686d5cf209
circmgr: Make hspool size dynamic
...
Previously we'd always try to keep 8 circuits ready. That doesn't
make sense if we are super-busy. Instead, if we run out of
circuits, we double the amount that we try to keep ready, and if we
never go under 80% of our target number, we half the number we try
to keep ready.
We limit the rate of change here, to make sure that we aren't
flapping too much or shrinking too aggressively.
This algorithm is still a mite arbitrary, and will need tuning in
the future.
2023-06-16 12:11:49 -04:00
Nick Mathewson
69179c5dfe
circmgr::hspool: Move the Mutex into an intermediary Inner struct
...
This will be helpful as we complexify the pool behavior a bit.
2023-06-16 11:42:38 -04:00
Nick Mathewson
1c470fd483
circmgr: Remove TODOS about retrying.
...
These functions' documentation already says that they don't retry,
and hsclient appears to be where we are concentrating our retry
efforts.
2023-06-16 11:40:00 -04:00
Ian Jackson
b34ba70070
arti-client: hs: remove some now-obsolete allows
2023-06-16 16:18:02 +01:00