458af6e007
keymgr: Fix another infinite loop around Keymgr error handling.
...
This `From` impl was just calling itself recursively...
2023-06-29 23:30:28 +01:00
36606a66dd
keymgr: Rename KeyStore to Keystore globally.
...
We've been capitalizing the "s" in "KeyStore" inconsistently. This
`s/KeyStore/Keystore/g` across the codebase.
2023-06-29 22:46:15 +01:00
8fe79b5a1d
Add a missing "experimental-api" rustdoc notation
2023-06-29 17:18:23 -04:00
a88fa71f25
Resolve XXXs from fixup-features.
...
Some of these seem spurious: it looks like fixup-features resolved
an issue and then complained about it too. I'll investigate further.
2023-06-29 17:14:00 -04:00
f8ee830a94
Run "cargo sort".
2023-06-29 17:10:27 -04:00
23c67d92e6
Run "fixup-features".
2023-06-29 17:09:52 -04:00
6e2b48c6b9
Merge branch 'rustdoc_fix' into 'main'
...
Fix a rustdoc link.
See merge request tpo/core/arti!1351
2023-06-29 20:53:41 +00:00
3c85863aa1
Merge branch 'exp' into 'main'
...
tor-error: Make KeystoreFsPermissions experimental for now
See merge request tpo/core/arti!1350
2023-06-29 19:55:06 +00:00
9ef65775c9
Merge branch 'validate-client-spec' into 'main'
...
keymgr: Validate ArtiPaths, replace HsClientSpecifier with generic ArtiPathComponent
See merge request tpo/core/arti!1262
2023-06-29 19:49:30 +00:00
09cb5eed4e
Merge branch 'keymgr-config' into 'main'
...
arti-client: Add keystore_dir to StorageConfig.
See merge request tpo/core/arti!1312
2023-06-29 19:30:41 +00:00
e299c2b4f7
Merge branch 'keymgr' into 'main'
...
tor-keymgr: Adjust stability guarantees for release
Closes #934
See merge request tpo/core/arti!1346
2023-06-29 19:27:14 +00:00
16a00846bd
Run rustfmt
2023-06-29 19:59:26 +01:00
69129bf2b4
tor-error: Make KeystoreFsPermissions experimental for now
...
Let's defer this decision.
2023-06-29 19:51:04 +01:00
effded7728
tor-keymgr: When keymgr enabled, enable tor-error's experimental too
2023-06-29 19:51:04 +01:00
90b5ce7fd7
Merge branch 'stabilize-hs-client' into 'main'
...
Mark all {hs,onion-serivce}-client features as non-experimental.
Closes #896
See merge request tpo/core/arti!1347
2023-06-29 18:50:30 +00:00
5ea89846b1
Merge branch 'default' into 'main'
...
Turn off HS client connections by default
See merge request tpo/core/arti!1345
2023-06-29 18:48:43 +00:00
474c313ab0
Fix a rustdoc link.
2023-06-29 14:33:34 -04:00
541e56fce4
arti-client: Fix clippy lint.
2023-06-29 19:30:48 +01:00
c9f4ef010f
keymgr: Remove unstable ErrorKind, use internal! for ArtiPath errors.
2023-06-29 19:28:22 +01:00
f81d16ff9b
keymgr: Validate the individual ArtiPahtComponents of ArtiPath.
...
This also implicitly forbids leading and trailing slashes in an
`ArtiPath`.
2023-06-29 19:28:22 +01:00
0ebb002de8
keymgr: Rephrase ArtiPath docs.
...
This updates the docs with Diziet's suggested doc improvements.
2023-06-29 19:28:22 +01:00
b5e190d05d
keymgr: Remove ArtiPath normalization, introduce additional restrictions.
2023-06-29 19:28:22 +01:00
d59c3bdea9
keymgr: Document how ArtiPath validation is actually supposed to work.
2023-06-29 19:28:22 +01:00
e8ef82b78d
keymgr: Move validation requirements to the ArtiPath docs.
2023-06-29 19:28:22 +01:00
66e6ab3f9e
keymgr: Make ArtiPath platform-independent by always using '/' as a separator.
2023-06-29 19:28:22 +01:00
b8b8a0d3ac
hsclient: Make HsClientSpecifier a newtype instead of a type alias.
2023-06-29 19:28:22 +01:00
adfde95703
keymgr: Add tests for ArtiPath validation.
2023-06-29 19:28:22 +01:00
f56ed918b0
keymgr: Validate ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
2825dfc2bc
keymgr: Derive Into for ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
0972fc5b2d
keymgr: Define an error type for bad `ArtiPathComponents`.
2023-06-29 19:28:22 +01:00
20713b24bf
arti-client, hsclient: Typealias HsClientSpecifier to ArtiPathComponent.
...
`ArtiPathComponent` is a more generic version of `HsClientSpecifier`.
2023-06-29 19:28:22 +01:00
095faf9c5c
keymgr: Derive Display for ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
89238f25a6
keymgr: Define `ArtiPathComponent`.
...
An `ArtiPathComponent` is a substring of an `ArtiPath`. An
`ArtiPathComponent` will be validated according to the same rules as
`ArtiPath`.
In the future we can replace `HsClientSpecifier` with
`ArtiPathComponent` (they both serve the same purpose except
`ArtiPathComponent` is more generic).
2023-06-29 19:28:22 +01:00
954e20bb50
tor-keymgr: Add missing footnote
2023-06-29 19:26:15 +01:00
28fae4d1fd
arti-client: Make keystore_dir an experimental option.
2023-06-29 19:19:51 +01:00
aa55fd8c13
arti-client: StreamPrefs: Add security note
2023-06-29 19:01:33 +01:00
d8e185a4bb
Turn off HS client connections by default
...
As per IRC discussion, re lack of Vanguards.
2023-06-29 19:01:33 +01:00
ea0fb30b2e
arti-client tests: Explicitly enable .onion in most tests
...
These tests include tests of .onion, which we are disabling by
default. So we must make some prefs that enable them.
2023-06-29 19:01:30 +01:00
4693359d8b
arti-client: Add TODO regarding keystore_dir deserialization.
2023-06-29 18:59:27 +01:00
434a8b3f0d
arti cfg tests: Add declare_exceptions for storage.keystore_dir.
...
This moves `storage.keystore_dir` to a separate `declare_exceptions`
block and explains why we have this exception.
2023-06-29 18:59:27 +01:00
65f85b813c
tor-config: Remove semver.md
...
The APIs mentioned in semver.md are all `experimental` now so we don't
really need the file anymore.
2023-06-29 18:59:27 +01:00
26eefdc564
tor-config: Make ItemOrBool an experimental feature.
2023-06-29 18:59:27 +01:00
373fd6acd2
example-config: Temporarily remove keystore_dir example.
...
Let's remove this until we figure out how the config should behave when
the `keymgr` feature is disabled (should it accept or reject
`keystore_dir = true`?)
2023-06-29 18:59:27 +01:00
0ce5fd8f92
arti-client: Fix clippy lints.
...
Part of #891
2023-06-29 18:59:27 +01:00
0c5c25f470
arti-client: Load keystore dir and permissions from config.
...
Part of #891
2023-06-29 18:59:27 +01:00
c93fac997e
arti-client: Add expand_keystore_dir function.
...
Part of #891
2023-06-29 18:59:27 +01:00
67db6e3127
arti-client: Add keystore_dir to StorageConfig.
2023-06-29 18:59:27 +01:00
450fa5c474
config: Add ItemOrBool helper for deserializing a bool or a value.
...
This will enable us to support the new `keystore_dir` field, which can
be either a boolean indicating whether the keystore is disabled or
enabled and initialized with the default keystore dir, or a string which
points to a custom keystore directory (and implies the keystore is
enabled):
```
# use this path, fail if compiled out
# keystore = "/path/to/arti/keystore"
#
# use default path, fail if compiled out
# keystore = true
#
# disable
# keystore = false
```
Part of #891
2023-06-29 18:59:27 +01:00
c90f9308c5
Merge branch 'timeouts' into 'main'
...
tor-hsclient: Use estimated timeouts
See merge request tpo/core/arti!1342
2023-06-29 17:19:53 +00:00
729bff6ff9
Merge branch 'maxintro3' into 'main'
...
tor-netdoc: Handle anomalous numbers of introduction points
See merge request tpo/core/arti!1332
2023-06-29 17:09:46 +00:00
d164a9dac2
Mark all {hs,onion-serivce}-client features as non-experimental.
2023-06-29 13:09:37 -04:00
f5532eafe7
tor-keymgr: Replace whole-crate-is-unstable warning
...
arti-client is going to use this so it can't be whole-crate-unstable,
but it can be rapidly-changing.
2023-06-29 17:47:54 +01:00
d960e7c15f
Merge branch 'keymgr-docs' into 'main'
...
keymgr: Fix keymgr docs
See merge request tpo/core/arti!1343
2023-06-29 16:45:07 +00:00
6addbd056b
tor-keymgr features: Document that "keymgr" is experimental
2023-06-29 17:44:51 +01:00
eb12a6e665
tor-keymgr features: Make "keymgr" disabled by default
2023-06-29 17:43:25 +01:00
9f3ec25a08
tor-hsclient: Add some notes about timeouts and hops
2023-06-29 17:41:49 +01:00
a604989ba7
tor-hsclient: Use estimated timeouts for introduction and rendezvous (fmt)
2023-06-29 17:41:49 +01:00
202104d05c
tor-hsclient: Use estimated timeouts for introduction and rendezvous
...
Replacing RPT_IPT_TIMEOUT is not entirely straightforward.
2023-06-29 17:41:49 +01:00
d48215a961
tor-hsclient: Use estimated timeout for hsdir fetches (fmt)
2023-06-29 17:41:49 +01:00
2563256f42
tor-hsclient: Use estimated timeout for hsdir fetches
2023-06-29 17:41:49 +01:00
a84460426f
tor-hsclient: Provide bodge constant for circuit length
2023-06-29 17:41:49 +01:00
fe2935d7c5
tor-hsclient: Plumb timeout estimation machinery
2023-06-29 17:41:49 +01:00
a7d1efe2ce
tor-circmgr: Provide estimate_timeout as a method on HsCircPool
2023-06-29 17:41:49 +01:00
b9530d0762
Merge branch 'netdir_by_rsa_experimental_apis' into 'main'
...
netdir: Conditionally expose APIs for working with unusable relays; document what "usable" means.
See merge request tpo/core/arti!1325
2023-06-29 16:08:51 +00:00
429e5d2512
keymgr: Fix dummy keymgr doc links.
...
`Error` is private to `dummy.rs` so let's not mention it in the docs of
the public items.
2023-06-29 17:08:14 +01:00
7bdc28014e
keymgr: Add missing dummy implementation for KeyType::arti_extension.
...
This fixes a rustdoc warning when building with:
```
cargo doc --locked --offline -p arti --no-default-features --features=full,onion-service-client
```
2023-06-29 17:08:14 +01:00
8133f8e456
Merge branch 'debug' into 'main'
...
tor-hsclient: Reimplement Debug for MockCirc
See merge request tpo/core/arti!1324
2023-06-29 15:46:25 +00:00
2b2ecfbb39
tor-hsclient: Reimplement Debug for MockCirc
...
This is less code. Also it now dumps the connect_called field which
was introduced in the meantime.
2023-06-29 16:11:03 +01:00
799480d885
Merge branch 'circparams' into 'main'
...
tor-hsclient: Use proper CircParameters
Closes #935
See merge request tpo/core/arti!1340
2023-06-29 15:03:40 +00:00
4941a88494
keymgr: Fix wrong_key_type test.
...
The string representation of `SshKeyAlgorithm` on `main` changed between
the time the tests were introduced and the time they were merged.
2023-06-29 15:21:27 +01:00
930ecc9eda
Merge branch 'handshake-error' into 'main'
...
tor-hsclient: Handle handshake completion error correctly
See merge request tpo/core/arti!1336
2023-06-29 13:44:48 +00:00
5c85ba5cf8
tor-hsclient: Use proper CircParameters
...
Fixes #935
2023-06-29 14:24:24 +01:00
f73c06314c
tor-circmgr: Expose CircParameters from NetParameters construction
...
As per #935 .
I called this "circparameters_from_netparameters" not
"circparameters_from_netparams" because the type is "NetParameters"
not "NetParams".
2023-06-29 14:24:19 +01:00
355b40bf84
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages (fmt)
2023-06-29 14:05:25 +01:00
855898ef2f
tor-hsclient: err: Rename to RendezvousCompletionCircuitError
...
Thsi is a bit of a mouthful now, but it is comprehensible.
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917235
2023-06-29 14:04:17 +01:00
d055e105fa
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages
2023-06-29 14:02:50 +01:00
9407fe1ab5
Merge branch 'keymgr-tests' into 'main'
...
keymgr: Add tests for ArtiNativeKeyStore
See merge request tpo/core/arti!1337
2023-06-29 13:02:07 +00:00
b13aa66a16
tor-hsclient: err: Move doc comment to correct impl
...
See
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917236
2023-06-29 13:59:33 +01:00
4f8c718c09
tor-hsclient: err: Mention RENDEZVOUS2
2023-06-29 13:57:38 +01:00
bfad582d1e
tor-hsclient: err: Reword comments about error
2023-06-29 13:56:12 +01:00
9790f820f7
netdir: add crosslinks to our definition of "usable".
2023-06-29 08:53:59 -04:00
a902f320b5
netdir: document what we mean by a "usable" relay.
2023-06-29 08:53:59 -04:00
7ac362eba7
netdir: Conditionally expose some by_rsa APIs as experimental.
...
Network-health wants these to see whether a given relay is listed in
the consensus.
cc @juga
2023-06-29 08:53:59 -04:00
83552b559f
Merge branch 'netdir_todos' into 'main'
...
Resolve or defer most TODO HS items in tor-netdir.
See merge request tpo/core/arti!1310
2023-06-29 12:48:32 +00:00
9c853e5b54
Merge branch 'badonion_error_2' into 'main'
...
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
Closes #932
See merge request tpo/core/arti!1331
2023-06-29 12:48:04 +00:00
76376b2abd
netdir: Remove a TODO HS
...
The function this comment is asking us to write is `circtarget_from_pieces`.
2023-06-29 08:19:37 -04:00
c565a67689
Downgrade TODO HS on HsDirParams::compute().expect()
...
(Adding comments explaining that these errors are really
unlikely to occur, unless there is a bug in our code or in Rust's
time handling.)
2023-06-29 08:19:37 -04:00
768452d9e5
netdir: Defer a TODO HS but add a comment
...
This issue with walking over the ring is an issue we really must
solve on the services timeframe, as is the one about looking only at
the rings for which a blinded ID is germane.
2023-06-29 08:19:37 -04:00
2bdf10db84
netdir: take n_replicas and spread_fetch from consensus parameters
...
This makes them configurable, since we allow the user to override
any consensus parameter.
2023-06-29 08:19:37 -04:00
3db0f74e22
netdir: Downgrade/remove/defer some TODO hs entries.
2023-06-29 08:19:37 -04:00
0c43801598
netdir: remove some now-needless warning suppressions.
2023-06-29 08:19:37 -04:00
f2a6754c88
dirmgr: use voting_period.
2023-06-29 08:19:37 -04:00
a9da1283bc
netdir: remove unnecessary wraps from srv_interval, extract_srvs
2023-06-29 08:19:37 -04:00
4803f6447d
netdir: Move voting_period() to netdoc::Lifetime
...
I was going to add a comment about "doing this if we need the voting
period anywhere else" but it turns out that we also use it in dirmgr.
2023-06-29 08:19:37 -04:00
6c06acc02c
arti_client: Add a warning comment to TorAddrError.
2023-06-29 08:16:51 -04:00
800061e70e
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
...
This variant can never be constructed when parsing a TorAddr, so it
doesn't make sense to have it in TorAddrError: the use can never see
it unless they enable `error_detail`.
Not a semver break because the client feature is not yet stable.
Closes #932 .
2023-06-29 08:16:51 -04:00
b059e02093
Merge branch 'keymgr-x25519-keys' into 'main'
...
keymgr: Add support for x25519 keys.
Closes #900
See merge request tpo/core/arti!1321
2023-06-29 11:46:03 +00:00
294bb728cf
keymgr: Add a TODO about implementing and testing has_key_bundle.
2023-06-29 12:10:35 +01:00
68c91223f1
keymgr: Add some basic insert and remove tests.
2023-06-29 12:10:35 +01:00
4d5f414017
keymgr: Add assert_found! test helper.
2023-06-29 11:54:54 +01:00
91573c6cbc
keymgr: Add some key retrieval tests for ArtiNativeKeyStore.
2023-06-29 11:54:54 +01:00
fd3b42688d
keymgr: Add a gen_keys param to init_keystore.
...
This will enable future tests to optionally initialize the test key
store with some test keys.
2023-06-29 11:54:54 +01:00
bc447524c2
keymgr: Add tests for ArtiNativeKeyStore::key_path.
2023-06-29 11:54:54 +01:00
89d52fff3e
keymgr: Derive Debug for ArtiNativeKeyStore.
2023-06-29 11:49:31 +01:00
ff02270307
keymgr: Add tests for ssh key handling.
...
Part of #895
2023-06-29 11:49:31 +01:00
16a7bb4624
keymgr: Return the key, not Box<()>.
...
This fixes a bug which caused the function to always return a
type-erased `()` instead of the actual key!
2023-06-29 11:49:31 +01:00
d999ea07ba
Merge branch 'config-option' into 'main'
...
arti cfg tests: exception declaration improvements
See merge request tpo/core/arti!1330
2023-06-29 10:43:00 +00:00
c1ab36dbec
Merge branch 'cleanup-todos-circmgr' into 'main'
...
Resolve a few "TODO HS" items in circmgr.
See merge request tpo/core/arti!1322
2023-06-28 20:14:24 +00:00
48f7fbbc96
Merge branch 'lifecycle_doc_tweaks' into 'main'
...
Documentation, mostly on channel and circuit lifecycles
See merge request tpo/core/arti!1318
2023-06-28 20:06:58 +00:00
02878518b8
circmgr: Refactor duplicate logic.
...
These two functions are only slightly different, and benefit from
taking a Fn.
2023-06-28 15:28:52 -04:00
6affb50c1a
circmgr: Remove a "TODO HS" about path restrictions.
...
I looked through the C tor source code and couldn't find any
additional path restrictions.
2023-06-28 15:28:52 -04:00
d32ba9ed18
circmgr: Defer two "TODO HS" in hspool
...
One of these is test-related; one is vanguards-related.
2023-06-28 15:28:52 -04:00
4ad1a5c6ac
ChanMgr: Tweak documentation a bit.
...
Adjust formatting, add more references to lower-level APIs, and
clarify lifetimes a little more.
2023-06-28 15:26:22 -04:00
2944d4f91f
proto: ClientCirc: remove now-obsolete note on Clone-ness
2023-06-28 15:26:22 -04:00
644c51173a
proto: document ClientCirc lifecycle better.
2023-06-28 15:26:22 -04:00
e8e95ec03b
proto: document channel lifecycle better.
2023-06-28 15:26:22 -04:00
4003e032d6
Remove spurious todo-hs items in tor-cert.
...
I am not sure why we wrote these comments, but they are incorrect:
I've investigated the C code and found only 3 key types. The
"unimplemented" types that the TODO comment here complains about are
in fact certificate types.
2023-06-28 15:18:13 -04:00
47b577d7a0
tor-netdoc: Placate clippy (fmt)
2023-06-28 18:57:06 +01:00
56813d9650
tor-netdoc: Placate clippy
2023-06-28 18:56:49 +01:00
f136e8ac41
Merge branch 'more-keymgr-todos' into 'main'
...
keymgr: Downgrade "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1334
2023-06-28 17:30:43 +00:00
8f1a71850c
tor-hsclient: Handle handshake completion error correctly
2023-06-28 17:14:45 +01:00
9216f628f1
tor-hsclient: Rename RendezvousCompletionCircuit from RendezvousCompletion
...
We need to handle errors during the handshake. That also produces a
`tor_proto::Error` but we want to print a different message for that,
so let's rename this before adding the new variant.
2023-06-28 17:14:26 +01:00
4eb3e3b6ec
tor-hsclient: Move handling of Bug to new section
...
It was wrong where ti was.
2023-06-28 17:14:26 +01:00
18478b47a7
tor-hsclient: Make RendPtIdentityForError use RelayIds
...
Since arti!1233 this is trivial.
2023-06-28 16:49:49 +01:00
4d071d1c07
tor-hsclient: Use RendPtIdentityForError in more places
...
For some reason this wasn't used in the actual errors,
although it *was* used in the types of the functions etc.
2023-06-28 16:47:55 +01:00
609e6ce7c7
keymgr: Downgrade "TODO hs" to "TODO HSS".
...
These TODOs can be deferred for now: we're not declaring the keymgr APIs
stable until we add support for hidden services.
2023-06-28 16:44:06 +01:00
8908d39872
tor-netdoc: Test hsdescs inners with a variety of IPT counts (fmt)
2023-06-28 16:29:05 +01:00
de63a6092d
tor-netdoc: Test hsdescs inners with a variety of IPT counts
2023-06-28 16:28:19 +01:00
cf4adad96e
tor-netdoc: hsdesc: Disregard intro points after the MAX'th
2023-06-28 16:28:11 +01:00
0e2f804d8f
tor-netdoc: Reject hsdescs with no intro points
...
None of the existing NetdocErrorKinds seemed right.
2023-06-28 16:27:05 +01:00
c95595227a
tor-hscrypto: Provide values for NUM_INTRO_POINT
...
These are in the spec and tor-hsclient is about to want them.
2023-06-28 14:49:49 +01:00
cbb8eb4fdd
Merge branch 'reuse' into 'main'
...
tor-hsclient: Discuss intro circuit extend-and-reuse
See merge request tpo/core/arti!1298
2023-06-28 13:48:12 +00:00
ea3f93d0e2
Merge branch 'keymgr-todos' into 'main'
...
keymgr: Remove/downgrade a few "TODO hs"
See merge request tpo/core/arti!1328
2023-06-28 13:45:19 +00:00
68aacc2140
arti cfg tests: Suppress an undesriable clippy lint
2023-06-28 14:43:48 +01:00
464c5e5efa
arti cfg tests: declare_exceptions: Annotate the types for clarity (fmt)
2023-06-28 14:25:55 +01:00
5f20b0ec29
arti cfg tests: declare_exceptions: Annotate the types for clarity
2023-06-28 14:25:55 +01:00
14b1cc0cc1
arti cfg tests: Point the reader to the types used in declarations
2023-06-28 14:25:55 +01:00
2ff494d081
arti cfg tests: Move InCode into declare_config_example
...
It's used for declarations only, and they should all be here.
2023-06-28 14:25:55 +01:00
5672b75de2
arti cfg tests: Make declare_exception take distinguished old/new types
...
As per discussion in
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1320#note_2916689
and IRC followup.
2023-06-28 14:23:13 +01:00
1be71b87d0
Merge branch 'config' into 'main'
...
tor-hsclient: Add configuration settings
See merge request tpo/core/arti!1305
2023-06-28 13:10:39 +00:00
e06cd63ffd
Merge branch 'dirclient-semver-entry' into 'main'
...
Missing semver entry for new dirclient API from !1323
See merge request tpo/core/arti!1327
2023-06-28 12:58:19 +00:00
cf5235a713
HS timeout parameters: Restore some TODOs
...
Conceptually this is a fixup to
HS configuration: Add retry parameters to configuration
which erroneously removed these comments - they were intended to apply
to *all* these parameters, not just the max attempts.
Not marking it as fixup! because that would involve merge conflicts.
2023-06-28 13:32:54 +01:00
11bb7e8a90
HS configuration: Use configured maximum attempts - comment
...
Explain why this fallback to MAX is good.
Discussion
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1305#note_2915927
2023-06-28 13:32:54 +01:00
2bfe12983a
HS configuration: Use configured maximum attempts (fmt)
2023-06-28 13:32:54 +01:00
be33f00b31
HS configuration: Use configured maximum attempts
2023-06-28 13:32:54 +01:00
a0b6f34e42
HS configuration: Plumb configuration through (fmt)
...
Apply deferred rustfmt churn.
2023-06-28 13:32:54 +01:00
3ebc3216e3
HS configuration: Plumb configuration through (clippy)
...
Apply deferred clippy churn.
2023-06-28 13:32:54 +01:00
984652217a
HS configuration: Plumb configuration through
...
Invent a trait a la circmgr config for the hs client connector config.
Plumb a suitable value all the way through to the code that will use it.
2023-06-28 13:32:54 +01:00
cdad2db082
HS configuration: Add retry parameters to configuration
...
I think these should go in `[circuit_timing]`. That section already
has some retry parameters, so is not strictly *timing*.
This is not honoured yet.
2023-06-28 13:32:54 +01:00
cc25c82d4b
HS configuration: Add and honour `allow_onion_addrs` in configuration
...
We put this in `[address_filter]`.
The interaction with the corresponding stream preference is a bit
complicated. We must turn the stream pref into a `BoolOrAuto`.
2023-06-28 13:32:54 +01:00
2bee27a737
Merge branch 'hsdir-identity' into 'main'
...
tor-hsclient: Completely hide hsdir identities in errors
See merge request tpo/core/arti!1326
2023-06-28 12:30:22 +00:00
70f468d0f1
keymgr: Downgrade some TODOs to "TODO HSS".
...
These don't need to be blockers for the next release.
2023-06-28 13:11:53 +01:00
928a9cd7ca
keymgr: Remove outdated TODOs regarding error handling.
...
These were tackled in #901 .
2023-06-28 13:07:52 +01:00
42e4929226
Missing semver entry for new dirclient API from !1323
2023-06-28 08:06:32 -04:00
41737efced
tor-hsclient: Completely hide hsdir identities in errors
2023-06-28 13:02:44 +01:00
63a7b25711
art cfg tests: Fix garbled doc wording
2023-06-28 12:56:09 +01:00
d56f28bc6f
arti cfg tests: Fix doc comment
2023-06-28 12:56:09 +01:00
ac38c862ec
arti cfg tests: Overhaul exception handling (fmt)
2023-06-28 12:56:09 +01:00
c0c0beb8e1
arti cfg tests: Overhaul exception handling
...
This was super confusing and fragile. Amongst the problems:
* Information about exceptional config keys was spread across a
number of places, manipulated in ad-hoc ways (conditional Vec
appends, etc).
* As a consequence, each exceptional table has confusing and unclear
semantics.
* It doesn't deal well with the way that cargo sometimes enables
features for dependency crates even if arti itself wouldn't demand
them; this can lead to sub-crates supporting config keys when the
tests in arti don't expect them to, causing spurious test failures.
Fix this:
* Introduce a new, systematic, way of writing information about
configuration keys that need some kind of special handling.
* Use this new approach in *both* sets of "thorough" config tests.
* Be more relaxed about deprecated keys. We don't want to tightly
couple this to absence in the supported file, I think.
* Understand more clearly the concept of keys of which we don't know,
in the current build config, whether the code is expected to
accept them.
I have tested this locally with:
for p in '-p arti' '--workspace'; do for f in '--no-default-features --features=tokio,native-tls' '--all-features' ''; do nailing-cargo test $p $f; done; done
2023-06-28 12:56:09 +01:00
479ed9d168
arti cfg tests: Remove a comment relating to work already done
...
We *do* have a thing that works like this.
It's fragile and confusing and that's what I'm about to fix.
2023-06-28 12:56:09 +01:00
0cde6134d0
arti cfg tests: Code motion
...
Bring the exciting tests together, and move some more normal tests out
of the middle.
2023-06-28 12:56:09 +01:00
2656b8fa04
geoip: conditionalise a test
...
Without this, the build fails with
cargo test --workspace --no-default-features --features=tokio,native-tls
2023-06-28 12:56:09 +01:00
ebb3455b3e
Conditionalise an import
...
Fixes a warning with
cargo clippy --locked --offline --workspace --all-targets
2023-06-28 12:56:09 +01:00
a6aa113865
Mark a builder as non-exhaustive
...
If all the fields vanish, this generates a warning with
cargo clippy --locked --offline --workspace --all-targets
Fix that.
2023-06-28 12:56:09 +01:00
6b8218f960
Merge branch 'keymgr-error-kind' into 'main'
...
keymgr: Implement ErrorKind for keymgr error types
See merge request tpo/core/arti!1315
2023-06-28 11:34:23 +00:00
26c4a274c7
Merge branch 'dirclient-todos' into 'main'
...
Resolve remaining dirclient HS todos
See merge request tpo/core/arti!1323
2023-06-28 11:33:32 +00:00
dff8c0163b
keymgr: Implement HasKind for ArtiNativeKeystoreError.
2023-06-28 11:59:00 +01:00
6ed8f5b9ea
tor-error: Add KeystoreAccessFailed, KeystoreFsPermissions to ErrorKind.
2023-06-28 11:59:00 +01:00
ef1c969c73
keymgr: Implement HasKind for SshKeyError.
2023-06-28 11:59:00 +01:00
c8a128cc59
tor-error: Add KeystoreCorrupted to ErrorKind.
2023-06-28 11:59:00 +01:00
f778d32a0e
Merge branch 'ticket_914' into 'main'
...
Remove support for receiving unauthenticated SENDMEs.
Closes #914
See merge request tpo/core/arti!1283
2023-06-28 10:54:05 +00:00
6f3761c24f
dirclient: use correct default max_len
...
Yes, it's 50 kilobytes, not 50 kibibytes. I double-checked this with
the C implementation and with param-spec.txt's documentation for
`HSV3MaxDescriptorSize`.
2023-06-27 16:21:29 -04:00
4692dba5e0
hsclient: Use HsDescDownloadRequest::set_max_len.
2023-06-27 16:21:29 -04:00
32e3cde3fd
dirclient: Correct an erroneous comment.
2023-06-27 16:21:29 -04:00
38db06ee4b
dirclient: Make maximum hsdesc length adjustable.
2023-06-27 16:21:29 -04:00
01ea20759b
dirclient: Explain why hardcoding "3" is ok.
2023-06-27 16:04:49 -04:00
e332caf562
keymgr: Remove unneeded error variant.
...
The `Unsupported` variant is no longer needed now that we support
`KeyType::X25519StaticSecret`s.
2023-06-27 20:11:07 +01:00
7732ac131b
keymgr: Add support for x25519 keys.
2023-06-27 20:11:07 +01:00
257797fff6
keymgr: Return a concrete type from read_ed25519_keypair.
...
This also fixes a bug which caused the function to always return a
type-erased `()` instead of the actual key!
2023-06-27 20:11:07 +01:00
b91a1c2859
keymgr: Move TODO closer to the code it refers to.
2023-06-27 20:11:07 +01:00
c114c413c2
keymgr: Map KeyType::X25519StaticSecret to an SshKeyAlgorithm.
2023-06-27 20:11:07 +01:00
8edbd04413
keymgr: Define an SshKeyAlgorithm enum.
...
This previously just re-exported `ssh_key::Algorithm`.
However, we will need to support x25519 keys (which aren't supported by
the `ssh_key` crate), so we define our own enum for the key algorithm.
In addition to the `Algorithm` variants from `ssh_key`, our enum also
has an `X25519` variant.
2023-06-27 20:11:07 +01:00
eb54691c50
Merge branch 'keymanip-ed-to-curve' into 'main'
...
llcrypto: Implement ed25519_to_curve25519_private conversion.
See merge request tpo/core/arti!1297
2023-06-27 19:10:33 +00:00
aa5e9b1e95
llcrypto: Add reference to paper about keypair reuse.
2023-06-27 19:23:42 +01:00
b466b24a18
llcrypto: Remove `# Availability` doc sections.
...
This removes the `# Availability` section from the
`convert_ed25519_to_curve25519_private` and
`convert_curve25519_to_ed25519_private` docs.
We don't generally have this sort of section anywhere else in the
codebase (we use unstable cargo-docs features to make sure items are
annotated correctly).
2023-06-27 19:23:42 +01:00
32261d4006
llcrypto: Add cvt-x25519 feature flag for exporting key conversion functions.
...
The `convert_curve25519_to_ed25519_private` and
`convert_ed25519_to_curve25519_private` functions are now exported by
`tor-llcrypto` if the `cvt-25519` feature is enabled.
2023-06-27 19:23:42 +01:00
9e80a206ca
llcrypto: Add keymgr feature to semver.md
2023-06-27 19:23:42 +01:00
94f405704f
llcrypto: Add `Panics`, `Availability` docs for convert_ed25519_to_curve25519_private.
2023-06-27 19:23:42 +01:00
7c44984f3d
llcrypto: Fix clippy lint.
2023-06-27 19:23:42 +01:00
e06fc04b0b
llcrypto: Explain what we need the ed25519->x25519 conversion for.
2023-06-27 19:23:42 +01:00
fa6290c0cc
llcrypto: Document how convert_ed25519_to_curve25519_private computes the key.
2023-06-27 19:23:42 +01:00
7ecb2221a0
llcrypto: Add note about bumping x25519-dalek and clamping.
...
This adds a TODO explaining how convert_ed25519_to_curve25519_private
will need to be audited when we upgrade to the latest x25519-dalek.
This also adds a `debug_assertions` and a test that ensures
`StaticSecret::from` is clamping the input (when we bump x25519-dalek,
the assertions will fail, as the latest version doesn't do clamping in
StaticSecret::from).
2023-06-27 19:23:42 +01:00
1fe15c5012
llcrypto: Document ed25519->curve25519->ed25519 conversion behaviour.
2023-06-27 19:23:42 +01:00
47606ad881
llcrypto: Implement ed25519_to_curve25519_private conversion.
...
In `ArtiNativeKeyStore`, private keys are stored in OpenSSH format.
However, `ssh-key` (the crate we use for parsing OpenSSH keys) doesn't
support x25519 keys. As a workaround, this type of key will stored
as ed25519 and converted to x25519 upon retrieval.
This commit implements the `convert_ed25519_to_curve25519_private`
conversion function (needed by `ArtiNativeKeyStore` to support x25519
keys).
Part of #900
2023-06-27 19:23:42 +01:00
58a4cc3000
llcrypto: Add missing docs for hsv3-service feature flag.
2023-06-27 19:23:42 +01:00
6dfcf40d20
keymgr: Add regression test for tor_keymgr::Error recursion bug.
2023-06-27 19:22:30 +01:00
a41c3a5c7c
keymgr: Fix infinite recursion in Error impl.
...
The `source` impl `tor_keymgr::Error` was just calling itself
recursively.
2023-06-27 19:22:30 +01:00
dd7b965199
Merge branch 'revert_to_x25519_pre1' into 'main'
...
Back down x25519-dalek to 2.0.0-pre.1 from 2.0.0-rc.2
Closes #926
See merge request tpo/core/arti!1317
2023-06-27 18:16:38 +00:00
4be2e3ce0f
Back down x25519-dalek to 2.0.0-pre.1 from 2.0.0-rc.2
...
=========================
Notes from nickm:
(This differs from pinkforest's original MR: It removes the
Cargo.lock changes and the version bump on tor-llcrypto.)
Minimal Cargo.lock changes from downgrade.
(These are exactly those changes generated by running "build" and
"test".)
There are several reasons to do this:
* It's best to bump all of our dalek dependencies at once to rc.3
or later, rather than the piecemeal approach we've been stuck
with so far.
* We don't want to do this bump right now, since there are some
tricky questions about clamping we need to figure out (see
#808 ), and we need to make sure we get them right, and we're in
a distracted this week.
* We _do_ need to move away from 2.0.0-rc.2 right now, since
it was causing a failure in `cargo install arti`, and then it
got yanked.
Thanks to pinkforest for helping us out here and explaining all of
this!
Fixes #926 .
Commit-edited-by: Nick Mathewson <nickm@torproject.org>
2023-06-27 13:55:24 -04:00
d6626acd65
Add Channel expiry info in ChanMgr docs
2023-06-27 18:24:56 +05:30
Gabriela Moldovan
Nick Mathewson
Ian Jackson
Ian Jackson
Alexander Færøy
pinkforest
Saksham Mittal