Ian Jackson
ae1f144829
tor-hsclient: Add HSID to some log messages
...
For the debug!, we can use the unredacted form. For error!, we use
Sensitive.
2023-06-21 12:19:04 +01:00
Ian Jackson
d4b7714926
tor-hsclient: Do Debug the descriptor as part of Data
...
Empirically, this does not cause the descriptor to be spat out in
normal operation. And it seems right.
2023-06-21 12:19:04 +01:00
Ian Jackson
c94a726664
tor-hsclient: Drop some temporary trace calls
...
These were added as part of a debugging #885 , and are no longer
needed.
2023-06-21 12:19:04 +01:00
Ian Jackson
8267fb4535
tor-hsclient: Drop two eprintlns in production code
2023-06-21 12:19:04 +01:00
Ian Jackson
0845694021
tor-hsclinet: Promote dead code allows to cover all tests
...
We want to remove the crate-level dead code allows. The tests are
incomplete and there are multiple todos for that.
2023-06-21 12:19:04 +01:00
Ian Jackson
63ab6fb01c
tor-hsclient: Use a formulaic TODO mark for incompleteness of tests
2023-06-21 12:19:04 +01:00
Ian Jackson
5a7ea7067d
tor-hsclinet: Add a narrow allow, pending answer to open question
...
I need to talk to HS expert(s) about when this circuit can be
torn down.
2023-06-21 12:19:04 +01:00
Ian Jackson
9a30c4afce
tor-hsclient: Remove unused Context.hs_blind_id_key
2023-06-21 12:19:04 +01:00
Ian Jackson
8f90fe619e
tor-hsclient: Add an allow for a deliberately-unused variable
2023-06-21 12:19:04 +01:00
Ian Jackson
be3433891f
tor-hsclient: Omit some unussed struct fields in patterns
...
For the arms that have a fixed retry time, or a fixed ErrorKind,
dont't bind the unused inner error.
2023-06-21 12:19:04 +01:00
Ian Jackson
161b9844da
lints: Run maint/add_warning to actually apply new lints
2023-06-21 12:15:41 +01:00
Ian Jackson
802200e238
lints: Promote clippy::print_stderr and clippy::print_stdout
...
These are available in our MSRV now, so we don't need to handle
specially. We can just add them to the standard lint block.
(Lint block in every crate will be updated automatically in the next
commit.)
2023-06-21 12:14:10 +01:00
Ian Jackson
0c18de656f
Bump openssl because RUSTSEC-2023-0044
2023-06-21 11:57:34 +01:00
Nick Mathewson
8676b27e95
geoip: Add a few more tests.
2023-06-20 16:22:21 -04:00
Nick Mathewson
b0342a8ede
geoip: Explain in more detail what a CountryCode is to us.
2023-06-20 16:22:21 -04:00
Nick Mathewson
f918a86c10
geoip: require that ccs actually are printable ascii.
...
(There are plenty of strings that convert into 2 bytes of UTF8
without being two ascii characters, and there are plenty of
sequences of two ascii characters that aren't printable.)
2023-06-20 16:22:21 -04:00
Nick Mathewson
cf9d902320
geoip: Make ?? a little more bullet-proof
...
We want to make sure that ?? is always None, never a CountryCode.
2023-06-20 16:22:21 -04:00
gabi-250
db7f46265e
Merge branch 'keymgr-refactor-fs-ops' into 'main'
...
keymgr: Move FS operations out of KeyType impl
See merge request tpo/core/arti!1263
2023-06-20 18:41:33 +00:00
Nick Mathewson
f41b1178c5
netdoc: downgrade two accessor-related TODOs
2023-06-20 14:02:04 -04:00
Nick Mathewson
17fab6e913
netdoc: Use derive amplify::Getters for HsDesc accessors.
...
Closes #909 .
2023-06-20 14:00:41 -04:00
Nick Mathewson
8d4ca94e19
Merge branch 'add-tor-geoip' into 'main'
...
tor-geoip: Add new crate with GeoIP database functionality
See merge request tpo/core/arti!1239
2023-06-20 17:59:15 +00:00
Gabriela Moldovan
c40e064b42
keymgr: Fix clippy lints.
2023-06-20 18:54:35 +01:00
Gabriela Moldovan
97350cfe4b
keymgr: Address clippy lints and run cargo fmt.
2023-06-20 18:54:35 +01:00
Gabriela Moldovan
2f10b08d41
keymgr: Enforce keystore_dir properties for every key read/written from the keystore.
2023-06-20 18:54:35 +01:00
Gabriela Moldovan
9bfd263f42
keymgr: Update function names and docs to reflect reality.
...
The functions that handle OpenSSH-formatted keys now no longer read or
write from disk. This commit updates their names and doc strings to stop
suggesting they do.
2023-06-20 18:54:35 +01:00
Gabriela Moldovan
abdf854547
keymgr: Move FS operations out of ssh.rs
...
This moves the filesystem calls from the `ssh` module to
`ArtiNativeKeyStore`. While `ArtiNativeKeyStore` shouldn't be concerning
itself with filesystem operations either, that refactoring will be
tackled separately (see arti#899).
2023-06-20 18:54:35 +01:00
Nick Mathewson
a812a486c3
Downgrade every "TODO HS" in tor-hsservice
...
These are all service-specific, and not client-specific.
2023-06-20 13:30:56 -04:00
eta
d5632eacb2
tor-geoip: Add new crate with GeoIP database functionality
...
- This adds a new crate, `tor-geoip`, which can parse and perform
lookups in the GeoIP database C-tor already uses (generated by a
maintenance utility in the C-tor codebase).
- We embed a copy of C-tor's databases with the crate and use
`include_str!` to ship them with the binary, bloating its size
somewhat.
- This does, however, solve the problem of figuring out how to
distribute these.
- The plan is to gate this functionality behind a feature flag anyway,
so the cost should be nil unless explicitly opted into.
Part of tpo/core/onionmasq#47.
2023-06-20 16:57:58 +01:00
Gabriela Moldovan
181638333f
keymgr: Create a temporary error type for the key types we don't support yet.
2023-06-20 16:48:36 +01:00
Gabriela Moldovan
0c7e5d1924
keymgr: Create a separate error source for key corruption errors.
2023-06-20 16:48:36 +01:00
Alexander Færøy
2fa8a4e56c
Merge branch 'update-keymgr-todo' into 'main'
...
keymgr: Change "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1264
2023-06-20 13:42:28 +00:00
gabi-250
d8ea9b234a
Merge branch 'dummy-keymgr-api-fixes' into 'main'
...
arti-client: Dummy KeyMgr API improvements
Closes #897
See merge request tpo/core/arti!1256
2023-06-20 13:18:52 +00:00
gabi-250
2a9c91e853
Merge branch 'keymgr-mistrust' into 'main'
...
keymgr: First steps towards path validation and permission checks
See merge request tpo/core/arti!1255
2023-06-20 13:15:51 +00:00
Gabriela Moldovan
c0762f76f1
keymgr: Fix broken docs.
2023-06-20 13:34:32 +01:00
Gabriela Moldovan
84e05591c7
arti-client: Remove unnecessary #[cfgs(...)].
...
The `keymgr` module selects one of the key manager implementations
(dummy or "real") and exposes all the APIs we need, so we can remove
all of the cfgs related to the `keymgr` feature from `client.rs`.
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
733a559322
arti-client: Create module exposing one of the key manager APIs.
...
This moves the key manager API selection (dummy vs "real" impl) into the
`keymgr` module. The module exports the dummy API if the `keymgr`
feature is disabled, and the impl from `tor-keymgr` otherwise.
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
8202be3cfe
arti-client: Make some of the dummy KeyMgr impls return an error.
...
`insert` and `remove` should return an error rather than `Ok(())`, as
`Ok(())` implies the key was stored/removed, which is impossible in the
no-op implementation.
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
02c36dabd7
arti-client: Add more dummy keymgr APIs.
...
This will help us reduce the number of `#[cfgs(...)]` from `client.rs`
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
c7d32dbf4c
arti-client: Add a result type for the dummy keymgr impl.
...
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
b289c0fd15
arti-client: Add an Error type for the dummy key manager.
...
Part of #897
2023-06-20 13:33:51 +01:00
Gabriela Moldovan
95e4021ed8
arti-client, keymgr: Introduce Mistrust settings and enforce FS permissions.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
be5c911ac8
arti-client: Temporarily ignore key store errors.
...
We currently initialize the `ArtiNativeKeyStore` with a dummy root dir,
so when `ArtiNativeKeyStore` starts validating directories, this code
will start to fail. Let's preemptively ignore any errors coming from
`ArtiNativeKeyStore::new`. This is temporary and will be removed when we
introduce the key store config (and a real default value for the
keystore root dir).
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
e8176ac8b5
keymgr: Add TODO about separation of concerns wrt FS operations.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
6837dbce58
keymgr: Add an error variant for fs_mistrust errors.
...
This will be useful later, when `KeyMgr` will start validating
permissions and paths.
2023-06-20 13:29:10 +01:00
Gabriela Moldovan
01b43f7f26
keymgr: Add a FsErrorSource to Error::Fs.
...
In the future, the potential causes of an `Error::Filesystem` error will
include permission errors as well as other errors (not just
`io::Error`s).
2023-06-20 13:29:10 +01:00
Nick Mathewson
f24a7d48c0
Merge branch 'circmgr-todos' into 'main'
...
Resolve several "TODO HS" comments in circmgr.
See merge request tpo/core/arti!1258
2023-06-20 12:13:24 +00:00
Ian Jackson
affa5b5e91
Merge branch 'rpcdoc' into 'main'
...
rpc: Minor docs improvements
See merge request tpo/core/arti!1260
2023-06-20 12:11:49 +00:00
gabi-250
602bcc3c47
Typo fixes
2023-06-20 11:47:02 +00:00
Nick Mathewson
3e704a080c
rpc: Fix docs typo
2023-06-20 11:38:31 +00:00
Gabriela Moldovan
fed726e4ff
keymgr: Defer key bundle support until "Basic Service" milestone.
...
We don't really need "key bundles" for the client keys.
2023-06-20 11:36:04 +01:00