The good news is that this tests the succeeding and failing cases,
and even managed to expose an off-by-one error in our hop counting.
The bad news is that these tests have shown even more ways in which
our wait_for code is unreliable, and forced me to slow it down even
harder.
I'm adding a local "Buildable" trait here so I can swap out Circuits
for something else. This also lets me refactor Builder<> to be
parameterized on TimeoutEstimator again, and lets us get rid of the
first_hop() accessor on paths.
There is something wrong here, though. I had to rewrite wait_for() a
lot back in the main branch to get this test working right. See
arti#149 for details on that issue.
This backend uses the kludged-up^W heuristic-enhanced Pareto
estimator from path-spec.txt section 2.4. See path-spec.txt for
full details on the algorithm. I've tried to note with TODO-SPEC
comments all the things that the spec currently leaves out.
Nothing actually uses this code yet. By the time it's in use, I'd
expect that many of these functions will need to have new
visibilities.
On #111, trinity-1686a points me towards a post on the apple dev
forum, suggesting that the problem here is that OSX's
SecureTransport API doesn't support PKCS12 files with empty passwords.
This reverts commit f30b22802a.
It turns out (see torspec#57) that there is no need for us to keep
this timestamp -- at least, not for the use we had in mind in
circuit timeouts.
We need this for the circuit timeout estimator (#57). It needs to
know "how recently have we got some incoming traffic", so that it
can tell whether a circuit has truly timed out, or whether the
entire network is down.
I'm implementing this with coarsetime, since we need to update these
in response to every single incoming cell, and we need the timestamp
operation to be _fast_.
Previously this was done in functions associated with Path and
OwnedPath, but this caused their method signatures to get more and
more complicated.
This change will also allow us to make timeout handling part of the
circuit-building process.
We implement this by giving a list of permitted licenses, and then
using cargo-license to dump everything's actual license. Since
packages list their licenses as "x OR y OR z", we permit any package
that is available under at least one license on the allow-list.