19c0dd153a
tor-proto: Add a TODO about simplifying a common pattern.
2023-02-15 10:51:03 -05:00
21db73f182
tor-cell: add a TODO comment about simplifying Body away.
2023-02-15 10:48:19 -05:00
fce1c83f2e
tor-cell: Add another debug_assert to relay cell encoding
2023-02-15 10:48:19 -05:00
5d28e9e7d0
slicewriter: rename a local variable.
2023-02-15 10:48:19 -05:00
19c9593acf
Move slicewriter to tor-cell and make it private.
...
Also, add some comments about how it is likely to change.
2023-02-15 10:48:19 -05:00
1ee6bfa59c
tor-proto: note implications for future HS work
2023-02-15 10:48:19 -05:00
41b50b6c56
tor-proto: Push stream message parsing into the stream objects.
...
This closes #525 , and ensures, at last, that we don't parse any
message that we wouldn't accept.
2023-02-15 10:48:19 -05:00
58c3b8276c
tor-proto: Defer parsing of messages send to half-closed streams
...
This includes a partial solution for #769 , but also turned up
another bug (#774 ) while I was working on it. I'll close them both
once I have a real solution.
2023-02-15 10:48:19 -05:00
bd0f6f5adf
tor-proto: stop reactor (and kill circuit) if meta handler fails
...
If the meta handler reports an error, then the circuit has violated
its protocol, and needs to be shut down.
Fixes #773 .
2023-02-15 10:48:19 -05:00
2e483124cb
tor-proto: defer meta-cell parsing to the last moment.
2023-02-15 10:48:19 -05:00
0765243f5e
tor-proto: Use UnparsedRelayCell to start deferring cell processing.
...
In general, we want to avoid parsing these cells until we are
fairly sure that they are something we would accept.
2023-02-15 10:48:19 -05:00
e4bc7ef57b
tor-cell: Add RelayCell::into_msg.
2023-02-15 10:48:19 -05:00
3f1457ea04
tor-cell: Implement {Relay,Chan}Msg for every body type
...
This will make it ergonomic to decode a single body type without
having to declare a variant that accepts only a single message.
2023-02-15 10:48:19 -05:00
65cc7d0974
tor-cell: Note an opportunity for future optimization
2023-02-15 10:48:19 -05:00
a809a809ba
tor-cell: Add a new UnparsedRelayCell
...
We'll use this to router relay messages on a circuit to the
appropriate stream, and hand them to that stream, without parsing
the message until the stream has been determined.
2023-02-15 10:48:19 -05:00
ca3b33a1af
tor-cell: Refactor relay cells to copy much less
...
We now manipulate raw relay cell bodies as (an alias for)
`Box<[u8;509]>` rather than as (an alias for) `[u8;509]`. This
enables us to do much less copying. It will become more important
soon, as we defer parsing relay cell bodies even longer.
Related to #7 .
We also use SliceWriter to avoid allocating a Vec<> for every relay
message we want to encode, and instead encode directly into the
cell.
2023-02-15 10:48:19 -05:00
9e2b6f3aed
tor-bytes: Add a new writer implementation for fixed-size objects
...
Because the API assumes that many writes are infallible, this writer
takes ownership of the backing object, and will only return it to
you if you didn't run over the end.
I'm going to use this to save some allocations in relay cell bodies
2023-02-15 10:48:19 -05:00
5521df0909
tor-cell: Use a more generic mechanism for managing extensions
...
Several HS message types have an extension list type. They all use
the same framing for extensions, but each of them has separate
extension types and separate extension namespaces.
This commit simplifies establish_intro a little, and adds support
for maintaining unrecognized extension types--at the expense of some
new internal code.
2023-02-15 08:44:43 -05:00
dccb641354
Merge branch 'fuzz-hsdesc' into 'main'
...
Fuzzing for hsdesc parsers
See merge request tpo/core/arti!1018
2023-02-15 12:47:38 +00:00
37fcb0ca7c
tor-cell: Extract establish-intro into its own module.
...
Some of the HS message types have a lot of dependent types, like
extensions and options for those extensions, and so on. Except when
those extensions are portable across cell types, it makes sense
to put them in their own modules.
2023-02-15 07:46:36 -05:00
5c85397bb7
tor-cell: rename onion_service module to hs
2023-02-15 07:38:19 -05:00
f1ec64bfe5
Upgrade to latest toml crate.
...
(None of the breaking changes affect us this time.)
2023-02-14 11:06:00 -05:00
e00dfcf41e
netdoc: Add a basic fuzzer for the hsdesc layers.
...
I've been running this for 5 minutes and haven't found any
crashes. I'll run it for an hour or two, then add the results to the
corpus repository.
2023-02-14 07:49:34 -05:00
79dd2ef995
netdoc: Add a feature to expose hsdesc inner doc parsers
...
We want to fuzz these parsers, but there's no currently way to get
at the parsers for inner documents without going through a lot of
encryption. (Coverage-guided fuzzers are powerful, but they
can't find SHA3 preimages.)
2023-02-14 07:44:18 -05:00
74ef8de86f
Merge branch 'doc-iter' into 'main'
...
Introduce new batching iterator and use it in two places
See merge request tpo/core/arti!1016
2023-02-13 18:59:42 +00:00
297019bb23
batching_split_before: Whitespace error fix
2023-02-13 17:34:04 +00:00
b4d0b585c2
batching_split_before: Better xref for doc hidden
...
And another UNSTABLE warning.
2023-02-13 17:32:54 +00:00
1232bb6661
batching_split_before: Clarify API sequential restriction
2023-02-13 17:29:17 +00:00
5be6db006c
batching_split_before: Fix and clarify Batches/LendingIterator doc
2023-02-13 17:28:39 +00:00
15f33ce13c
batching_split_before: Introduce unit token types
...
And explain why we're not using booleans.
2023-02-13 17:19:13 +00:00
73a20cdc36
batching_split_before: Expand on the remaining use of "meta-iterator"
2023-02-13 17:13:55 +00:00
04e3a22b82
batching_split_before: Fix link to BatchesWithHeader::subsequent
2023-02-13 17:12:17 +00:00
53ef0d65ea
batching_split_before: Provide description for BatchesWithHeader
2023-02-13 17:09:08 +00:00
6799fb6e3e
batching_split_before: Document generics on our non-private types
2023-02-13 17:04:29 +00:00
e44be77f52
batching_split_before: Rename "prefix" to "header"
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1016#note_2877759
"_prefixed" becomes "_with_header". That mirrors the returned struct
which is nice.
2023-02-13 16:55:36 +00:00
72b1cb797d
batching_split_before: Rename "start" to "batch-starting"
...
Roughly as per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1016#note_2877822
2023-02-13 16:52:07 +00:00
09060b4748
batching_split_before: Remove false assertions about batch contents
2023-02-13 16:44:47 +00:00
4333a1ef1c
batching_split_before: Clarify heading of BatchesWithPrefix
2023-02-13 16:37:13 +00:00
5c1cbd5486
batching_split_before: docs improvements.
2023-02-13 16:12:26 +00:00
7363bee6a4
netdoc: give hsdesc test info in its original form.
2023-02-13 10:30:27 -05:00
8703a969f4
tor-netdoc: Use batching iterator in authcert.rs
...
This gets rid of a lot of manual boolean state variable iterator
stuff.
2023-02-10 19:48:26 +00:00
d35f7990e8
tor-netdoc: Use batching_split_before in HsDescInner
2023-02-10 19:47:45 +00:00
fd35f05b26
tor-netdoc: Provide new batching_split_before
...
There will be two call sites to demonstrate it.
Eventually maybe this will want to be in tor-basic-utils, since it
doesn't depend on any of the tor-netdoc types. But it would be
sensible to wait until the situation with PeekableIterator and
Itertools is improved.
For now we make this #[doc(hidden)] to avoid it becoming part of our
stable API.
2023-02-10 19:47:45 +00:00
1b5a5eb57a
tor-netdoc: Provide NetDocReader::into_iter
...
This will avoids some hairy borrowck disasters when we try to use
iterator adapters.
2023-02-10 19:47:45 +00:00
5f0ff78c2d
tor-netdoc: util: use super::* in tests
...
Not xure how my MR to try to do this everyone missed this one.
2023-02-10 19:47:45 +00:00
a5be14ed5e
tor-netdoc: util: Add standard lint block to tests
...
Not xure how my MR to try to do this everyone missed this one.
2023-02-10 12:47:02 +00:00
3f5502c5bc
netdoc: Add a test for HSDesc decryption.
2023-02-10 07:36:40 -05:00
ced33029f6
Add another test hsdesc to parse.
...
This one was generated (by dgoulet) using `ClientDescEncKey`
encryption. Its information is:
```
Address: paozpdhgz2okvc6kgbxvh2bnfsmt4xergrtcl4obkhopyvwxkpjzvoad.onion
Time period: 19397
Client:
paozpdhgz2okvc6kgbxvh2bnfsmt4xergrtcl4obkhopyvwxkpjzvoad:descriptor:x25519:SDZNMD4RP4SCH4EYTTUZPFRZINNFWAOPPKZ6BINZAC7LREV24RBQ
Service:
descriptor:x25519:SACGOAEODFGCYY22NYZV45ZESFPFLDGLMBWFACKEO34XGHASSAMQ
```
2023-02-10 07:26:31 -05:00
b4cca45410
hscrypto: Use minutes, not seconds, in blinding parameter.
...
Fixes an instance of #768 .
The problem with the test vectors is that I used a random time
period number (1234) and the default-in-tor period length (1440)
without checking whether 1440 _meant_ minutes or seconds. I'll add
another test to Tor to make sure that the time period matches now.
With this change, I can test Tor-generated hsdescs with encryption,
so I'm fairly confident that the new behavior is correct.
2023-02-10 06:54:19 -05:00
696b9bd2d5
Merge branch 'ticket_525_part2' into 'main'
...
Apply restricted_msg to ChanMsg parts of tor-proto
See merge request tpo/core/arti!1013
2023-02-09 18:06:39 +00:00
62fa652fcd
Merge branch 'hsdir' into 'main'
...
Compute the HS directory hash ring
See merge request tpo/core/arti!1012
2023-02-09 16:35:42 +00:00
3d6e6fcf0d
Fix minimal-versions (.then_some is too new)
2023-02-09 16:07:16 +00:00
4b7f2e84bf
tor-netdir: Make is_hsdir_for_ring crate-local
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1012#note_2876824
2023-02-09 16:07:16 +00:00
0d772e5bed
Rename OpenClientChan{Msg,Cell} => OpenChan{Msg,Cell}S2C
2023-02-09 10:20:31 -05:00
b7490ce374
tor-proto: Do not parse forbidden commands on inbound cells.
...
Unlike C tor, we treat unrecognized commands as reason to kill off
the connection entirely. That's fine; if we need to add an
unrecognized command in the future, we can use VERSIONS to negotiate
it.
Also, if someday we want this code to support relay channels as
well, we can use some type trickery to have that work too.
2023-02-09 10:20:31 -05:00
b49bd3b121
tor-proto: only parse allowed ChanMsg types during handshake.
2023-02-09 10:20:31 -05:00
1c1dec0948
tor-cell: Return a useful error when restrist_msg rejects a command.
2023-02-09 10:20:31 -05:00
48ab7b0463
Change tor_bytes::Error::BadMessage to a Cow.
...
Actually, to avoid making a breaking change, I'm deprecating
BadMessage and creating a new InvalidMessage variant that takes a
Cow. This way I don't need to track every crate that re-exposes
tor_bytes::Error and call this a breaking change in those.
Making this change will allow tor_bytes errors to be much more
helpful.
2023-02-09 10:20:31 -05:00
037d1658b2
tor-cell: Re-export paste so restrict_msg can work outside the crate.
2023-02-09 10:20:31 -05:00
0633f17131
tor-cell: Remove chancell::msg::Body::into_message.
...
It's now redundant, since `restricted_msg!` defines From and Into
for us.
2023-02-09 10:20:31 -05:00
16b9d23a7c
tor-cell: Make RelayEarly a separate type.
...
This allows us to remove a shenanigan from `restricted_msg!{}`.
2023-02-09 10:20:28 -05:00
e832cbd29c
tor-cell: Have restrict_msg add conversion functions.
...
Every FooMsg type now implements Into<AnyFooMsg>, and
TryFrom<FooMsg>.
Additionally, it now implements From<X> for every distinct type that
it supports. This last part lets us discard a bunch of code.
Unfortunately, I needed some downright hackish trickery in order to
get these macros to avoid generating `From<AnyFooMsg> for AnyFooMsg`
and conflicting with the blanket implementation.
The trickery to deal with RelayEarly and Relay being the same type
was not necessarily worth it; I will be separating them and removing
said trickery in the next commit.
2023-02-09 10:20:11 -05:00
4ca661a4dc
tor-netdir: Document fill_from_previous_netdir semver
2023-02-09 14:57:29 +00:00
8cda5a1a3e
Clarify which netdir index is meant
2023-02-09 14:56:30 +00:00
33b8ebd67e
Fix typos
2023-02-09 14:48:56 +00:00
1f3f659536
Fix compilation with various feature combinations
2023-02-09 14:35:57 +00:00
73ce68ac21
Rename DescEncNonce => HsDescEncNonce
2023-02-09 08:57:09 -05:00
b6f6fa4d4b
cell: Parameterize ChannelCodec::decode and encode.
...
This change lets us use ChannelCodec to encode and decode any
restricted channel message type we want. (Later on, we'll turn the
related Codec class in tor-proto into a more type-restricted version
of this.)
2023-02-09 08:26:09 -05:00
335043658e
hsdir: rustfmt
...
Deferred formatting changes which would have obscured the commits they
were prompted by.
2023-02-09 13:01:37 +00:00
3dd0d381d0
hsdir: Actually compute the hash ring
2023-02-09 13:01:37 +00:00
f5c3c1f277
hsdir: Be able to enumerate the hidden service directories
...
* Provide an accessor for the HSDIR flag
* Provide a function for testing a relay for hsdir inclusion
* Provide an iterator on NetDir that returns the hsdirs
2023-02-09 13:01:37 +00:00
f12277141b
hsdir: Ring calculation plumbing
...
* Implement Netdir::compute_rings in terms of a new
HsDirRing::compute, that currently does nothing.
* Actually call Netdir::compute_rings (since now it doesn't panic).
* Make Netdir::compute_rings not be pub. We do this unconditionally,
rather than exposing the distinction between a netdir-without-hsdir
and a netdir-with-hsdir.
2023-02-09 13:01:37 +00:00
fe1113bd6b
hsdir representation: Introduce HsDirs generic type
...
This already allows us to get rid of some duplication, and will be
useful more widely in a moment.
2023-02-09 13:01:37 +00:00
d63c44f96d
hsdir: Implement HS hash ring index calculations
2023-02-09 13:01:37 +00:00
a12df180b5
hsdir: Make HsDirIndex be AsRef<[u8; ]>
2023-02-09 12:56:47 +00:00
3f04e7f43e
hsdir: impl Eq for HsDirParams
...
This will allow us to tell if we can reuse parts of a ring.
2023-02-09 12:56:18 +00:00
5fcae642d6
hsdir: Rename HsRingParams to HsDirParams
...
The file which contains this type is called hsdir_params.rs. We have
a general problem with slight confusion about when to includen "dir"
and when to include "ring".
Resolve this in favour of the rule now added to the module-level doc
comment.
2023-02-09 12:56:18 +00:00
962c879005
hsdir_params: Rename some variables for consistency
...
These variables are going to be struct fields, which will sort of
enforce consistent naming. The struct fields are going to appear in a
moment. We'll call the fields "current" and "secondary" after the
naming in the test cases.
And import hsdir_params::HsRingParams, which we're going to make more
references to.
2023-02-09 12:56:18 +00:00
5f52015239
hsdir: Replace open-coded params fields and args with HsRingParams
...
This will enable us to pass these around more conveniently.
And make empty_from_params take an owned params, which it would like.
2023-02-09 12:56:18 +00:00
8d4552de8b
hsdir: Remove a done TODO - this *is* now a TiSlice
2023-02-09 12:56:18 +00:00
cd0c38ae6c
tor-netdir: Provide Netdir::md_by_idx
...
We'll need this shortly.
2023-02-09 12:56:18 +00:00
6acf9cf5e8
tor-netdir: Store previous netdir (if required by features)
2023-02-09 12:56:18 +00:00
f69d7f96ac
tor-netdoc: Change fill_from_previous_netdir
...
* Remove the return value, which was not used anywhere.
Also remove the code to calculate the return value.
* Take an Arc<NetDir> rather than a reference. We are going to want
this for HS support. This has no overall effect on the lifetime of
the4 Arc, which was owned at the one call site and then imediately
dropped.
* Change the documentation to explain what the function's role is in
the netdir API, rather than the fiddly details of what it actually
does internally. Relegate the latter to a code comment.
(When we have HS, this will do more, or, at least, make further
arrangements.)
2023-02-09 12:56:18 +00:00
81d4e6971b
tor-netdoc: Discuss that relays are ordered by rsa id in Consensus
2023-02-09 12:56:18 +00:00
1e3d20bdba
tor-netdir: Use typed-index-collections for router index (fix hsdir)
...
This was omitted in !1004 . (Because this code isn't actually wired up
yet, it typechecked anyway. But we need to fix it.)
2023-02-09 12:56:18 +00:00
4626ccfcaa
hs time handling: Make TimePeriod contain length as IntegerMinutes
...
Locally, the only functional effect is that now we refuse to handle
non-whole-number-of-minutes lengths - but since the consensus
parameter can't represent those, there's no overall functional change.
2023-02-09 12:56:18 +00:00
bb2ab7c2a3
tor-units: Fix IntegerMinutes accessor (omg)
2023-02-09 12:56:18 +00:00
0a80c468df
hsdesc: Use an IntegerMinutes<u16> to hold lifetime.
2023-02-08 13:33:07 -05:00
39f5f90f3f
netdoc: Fix most "TODO HS rename" comments
2023-02-08 13:23:21 -05:00
8c3bd3626b
netdoc::hsdesc: Distinguish layer from document.
2023-02-08 13:16:44 -05:00
966ddeb092
netdoc::hsdesc: Rename "layer" modules.
2023-02-08 13:08:57 -05:00
964ca511c4
netdoc::hsdesc: Excise reference to "password" authentication
...
As far as we can tell, this never existed.
2023-02-08 12:57:52 -05:00
cce56c793b
hscrypto,netdoc: Add and use a type for KP_hss_desc_enc.
2023-02-08 12:50:34 -05:00
99ec1c9818
tor-hscrypto: Rename key types to correspond to new spec names.
2023-02-08 12:27:36 -05:00
d1ee5807ed
Rename DescriptorCookie to DescEncNonce
...
(I think it's okay to omit the Hs here, since this type is not
visible outside the hsdesc parsing code. I'll rename if others
disagree.)
2023-02-08 12:10:24 -05:00
39e1116ece
Renaming cleanup for and around now-renamed "KP_hs_desc_ephem".
2023-02-08 12:06:42 -05:00
18e8ac7cb6
Rename key identifiers that have changed in the spec
...
Generated with perl:
s/K([PS])_hs_intro_tid/K$1_hs_ipt_sid/g;
s/K([PS])_onion_ntor/K$1_ntor/g;
s/K([PS])_hs_intro_ntor/K$1_hss_ntor/g;
s/K([PS])_hs_desc_ephem/K$1_hss_desc_enc/g;
2023-02-08 11:57:51 -05:00
d1eeffbf42
Fix typo
2023-02-08 00:04:25 +02:00
7feda22444
tor-cell: documentation cleanups related to restricted_msg
2023-02-07 16:03:14 -05:00
77cccdfd6e
tor-cell: correct handling of optional msg types.
...
We need to make sure any `#[cfg(feature=...)]` attributes are
applied not only to our variant declarations, but also to the
branches in the match statements that deal with them.
2023-02-07 16:03:14 -05:00
d63d7926bd
tor-cell: Rename RelayMsg and RelayCell-related types.
...
Thanks to rust-analyzer for making this simple.
2023-02-07 16:03:14 -05:00
d99c130679
tor-cell: Rename ChanMsg and ChanCell-related types.
2023-02-07 16:03:14 -05:00
c529bb9c30
tor-cell: Remove RelayMsg methods that are duplicated in RelayMsgClass.
2023-02-07 16:03:14 -05:00
3c7aea723b
tor-cell: Remove ChanMsg methods that are duplicated in ChanMsgClass.
2023-02-07 16:03:14 -05:00
71445f7ace
tor-cell: Use macro to generate ChanMsg too.
2023-02-07 16:03:14 -05:00
706a39a870
tor-cell: Use macro to define RelayMsg type too.
2023-02-07 16:03:14 -05:00
f5f8402d50
tor-cell: Macro to generate restricted RelayMsg and ChanMsg.
...
This is the main implementation part of #525 .
2023-02-07 16:03:14 -05:00
ffb443709b
tor-cell: Change all variants of RelayMsg to have a body.
...
Previously, there were some unit variants, but that makes things
quite awkward for #525 .
2023-02-07 16:03:14 -05:00
afd5232430
tor-cell: Make Body and MsgClass traits more uniform.
...
Doing this will make it much easier to implement a macro that
generates restricted instances of the Msg types (for #525 ).
The Body change is a breaking change. I don't think anybody else
implements Body, but in theory they could.
2023-02-07 16:03:14 -05:00
e099cc7ef8
tor-cell: Generic "Restricted{Relay,Chan}Cell" types.
...
These are generalizations of RelayCell and ChanCell respectively,
that allow using an arbitrary message type in place of the fully
general RelayMsg and ChanMsg types. Doing this is a prerequisite
for usefully implementing arti#525.
2023-02-07 16:03:14 -05:00
f537a7ad48
Update hsdesc parser code to new sectionrules::builder code.
2023-02-07 15:28:10 -05:00
85ca3e41b9
Merge branch 'shadykaty-error-hint-v2' into 'main'
...
Create and use an ErrorHint type to report how to fix a problem.
Closes #579 and #578
See merge request tpo/core/arti!994
2023-02-07 16:32:10 +00:00
c7c4fff66e
Merge branch 'authcert_bug' into 'main'
...
Fix AuthCert behavior on unrecognized tokens, and prevent bug from recurring elsewhere.
Closes #752
See merge request tpo/core/arti!1006
2023-02-07 16:06:20 +00:00
a1c36b2087
netdoc: Add a comment about renaming layer to document.
2023-02-07 09:02:15 -05:00
257aaf9e5b
netdoc::hsdesc: rename Passwd to Password.
2023-02-07 09:02:15 -05:00
2ba28aa289
netdoc: Rename/comment objects from hsdesc.
2023-02-07 09:02:15 -05:00
d10ccf0dc5
netdoc: Rename/comment objects from inner_layer.
2023-02-07 09:02:15 -05:00
1cdd36f511
netdoc: Rename/comment objects from middle_layer.
2023-02-07 09:02:15 -05:00
1a59005ae0
netdoc: Rename/comment objects from desc_enc
2023-02-07 09:02:15 -05:00
7701e02aad
netdoc: Renaming and comments in outer_layer.
2023-02-07 09:02:15 -05:00
68d2ccf5fe
netdoc: Use Itertools::exactly_once in hsdesc parsing
2023-02-07 09:02:15 -05:00
3d53a30c94
netdoc: Remove useless should_be_exhausted calls.
2023-02-07 09:02:15 -05:00
cff2326f6f
Remove a needless line.
2023-02-07 09:02:15 -05:00
fbffd3168c
Even more clarifying comments.
2023-02-07 09:02:15 -05:00
328535855a
netdoc: Try to add a bunch of clarifying documentation.
...
In the process I found a couple of keys without identifiers in the
spec.
2023-02-07 09:02:15 -05:00
6954c6b488
netdoc: Use Signature::from to construct ed25519 sigs.
2023-02-07 09:02:15 -05:00
4c24f8e8a2
netdoc: Clear up a few typos in hsdesc comments and strings.
2023-02-07 09:02:15 -05:00
d699742400
netdoc: Implement onion service descriptor parsers.
2023-02-07 09:02:15 -05:00
2b82011dfb
tor-checkable: Add dangerously_map() functions.
...
These functions consume a checkable wrapper, and return a new
checkable wrapper with mapped contents but the same not-yet-checked
constraints.
As documented, They are "dangerous" because the provided function
gets access to the contents before they are checked; the caller has
to make sure that the provided function doesn't expose their
contents inappropriately.
2023-02-07 09:02:15 -05:00
23757d90c1
netdoc: Parse the inner layer of an onion service descriptor.
...
There are some places where I note certificates which are not
currently validated, because there is no cryptographic point in
doing so. We should either document that this is okay, or validate
the certificates anyway.
This code might benefit from refactoring to make it prettier.
2023-02-07 09:02:15 -05:00
6817f61641
netdoc: Add a workaround for C Tor's lack of mid-layer NL
...
It turns out that C Tor doesn't add a newline at the end of the
middle layer of an onion service descriptor. I've made a spec MR
(torspec!109) to document this: here, it's time to work around the
issue.
2023-02-07 09:02:15 -05:00
4be4d178fa
netdoc: Parse the middle layer of a hsdesc, and decrypt it.
2023-02-07 09:02:15 -05:00
321c8582ce
netdoc: Use correct size for descriptor encryption cookie
2023-02-07 09:02:15 -05:00
d8849f583e
netdoc: move test descriptor to a higher level test module
...
We're going to make use of it in all of our tests, so we may as well
expose it to them from hsdesc::test.
2023-02-07 09:02:15 -05:00
02fa682bc0
netdoc: implement onion service descryptor encryption
...
This is tested via a round-trip check, and via a successful
decryption of our example descriptor's outer layer.
2023-02-07 09:02:13 -05:00
6c4e9c8f1d
netdoc: Parser for outer layer of onion service descriptors.
2023-02-07 09:00:19 -05:00
d35e8a751d
netdoc: Add an example onion service descriptor to test our parsing.
...
I generated this using C tor (latest main) and a Chutney network
about a week ago.
The subcredential is:
78210A0D2C72BB7A0CAF606BCD938B9A3696894FDDDBC3B87D424753A7E3DF37
The HS_blind_id is:
43CC0D62FC6252F578705CA645A46109E265290343B1137E90189744B20B3F2D
2023-02-07 09:00:19 -05:00
0f1cfc308a
netdoc: Derive Debug and Clone on HsDesc and its kin.
2023-02-07 09:00:19 -05:00
4c0be7c568
hscrypto: Impl From<Ed25519Identity> for BlindedOnionId.
2023-02-07 09:00:19 -05:00
3ce5ee1499
hscrypto: add From/Into between RevisionCounter and u64.
2023-02-07 09:00:19 -05:00
a751eacd5b
tor-cert: document hs-related certificate types.
...
Also, explain why a few of these certificates aren't actually useful
as certificates. (This issue is also documented in torspec!110)
2023-02-07 09:00:19 -05:00
079002d283
tor-cert: Implement Timebound for Ed25519Cert
...
This allows us to run `is_valid_at` and friends on the certificate
itself, which we will use soon in hsdesc validity checks.
2023-02-07 09:00:19 -05:00
59b981ea5e
llcrypto: Implement `Into<[u8;32]>` for Ed25519Identity
2023-02-07 09:00:19 -05:00
72448b704a
llcrypto: Derive zeroize for CtByteArray.
2023-02-07 09:00:19 -05:00
a0a740ffc1
tor-linkspec: LinkSpec parsing: use read_nested_u8len (fmt)
2023-02-06 16:08:32 +00:00
5997d99a7a
tor-linkspec: LinkSpec parsing: use read_nested_u8len
...
This eliminates hardcoded length values.
2023-02-06 16:08:21 +00:00
73199ebf68
netdoc: Require that unrecognized tokens be handled explicitly.
...
Now we require that, for all `SectionRules`, either the caller say
how to handle unrecognized tokens (using `.add(UNRECOGNIZED...)`),
or that they explicitly reject unrecognized tokens (using
`reject_unrecognized`()`.)
This solution uses an assert!() rather than an Error to indicate
failure. I say that's fine, since
1. This is a crate-internal API.
2. We never dynamically construct SectionRules according to
different behavior: they are always prefabricated in a fixed
code block. Thus, if we test a parser at all, we will make
sure that its SectionRules are well-formed.
I considered and explicitly rejected a solution where the builder
had to be finalized with separate methods `build_strict()` or
`build_tolerant()`: It's too easy IMO for the caller to forget what
these call means.
Prevents further recurrences of #752 .
Closes #752 .
2023-02-03 11:33:30 -05:00
13d5452e2e
netdoc: Switch SectionRules building to use a Buidler pattern.
...
No new behavior yet.
2023-02-03 11:14:00 -05:00
266c61f721
Add a rule to handle UNRECOGNIZED in AuthCert.
...
This fixes an instance of bug#752. Previously, we would reject any
AuthCert that contained an unexpected keyword. (Fortunately, this
data format does not change very often.)
2023-02-03 10:53:23 -05:00
d469aef72a
Tidy up docs about RouterStatusIdx
...
Always use "index" and not "position".
Remove wording which is otiose given the type name.
2023-02-01 19:40:17 +00:00
2dbffa1208
tor-netdir: Use typed-index-collections for router status index
2023-02-01 19:40:17 +00:00
b7e41c3981
tor-netdir: Provide ConsensusRelays extension trait (fmt)
2023-02-01 19:39:14 +00:00
4eee59ddb7
tor-netdir: Provide ConsensusRelays extension trait
...
Call it everywhere instead of the inherent method on MdConsensus.
(Verified by ad-hoc temporarily renaming MdConsensus::relays().)
2023-02-01 19:39:09 +00:00
5bca38acc5
tor-netdoc: Suppress a cfg-dependent dead code warning
...
This is dead code when
cargo +stable clippy -p tor-netdir --all-features --all-targets
2023-02-01 18:46:54 +00:00
155b9ed581
Change two in-code references to the wrong feature name
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/issues/756
I think this is going in the wrong direction, but it is better to fix
it so that the names agree for now, pending a decision on the naming.
2023-02-01 18:46:54 +00:00
8ee04ac203
Merge branch 'logs' into 'main'
...
Report causes of errors
Closes #680
See merge request tpo/core/arti!997
2023-02-01 18:19:33 +00:00
04628ca5ab
Remove semver.md files now that 1.1.1 is tagged.
2023-02-01 12:46:01 -05:00
a2b1f20216
Bump minor version of tor-cell.
...
In !948 we renamed a couple of accessor functions, which is a
breaking change in `tor-cell`'s API.
In retrospect, perhaps we should have deprecated the old names and
added the new ones, so we wouldn't have to break the API. (This is
the only API break AFAICT since 1.1.0.)
2023-02-01 10:42:58 -05:00
7c1b6a5a81
Bump the patch version of every crate that had API additions
...
These crates had API or behavior changes that may affect downstream
crates. Fortunately, they're all version 0.x, and don't need minor
bumps for this.
2023-02-01 10:36:29 -05:00
66f594a4b6
Bump the patch-level version of crates with _minor_ changes.
...
These changes influence behavior, but not effect compatibility.
(If I messed up, and any crate except for `arti` has non-breaking
API changes, that's still fine, since they are all version
0.x.)
2023-02-01 10:23:58 -05:00
592d6bf8a3
Bump the patch version of each crate with _trivial_ changes.
...
These crates have not had changes to their behavior; as such it is
not necessary to bump their dependencies to require the new versions.
2023-02-01 10:10:36 -05:00
c42350c6bf
Move tor-proto/semver.md to tor-cell
...
It was erroneously created in the wrong place.
2023-02-01 09:50:02 -05:00
e172a0c893
Mark arti-config as "publish=false"
...
We no longer use it anywhere; there is no reason to keep publishing
updates to it.
2023-02-01 09:48:09 -05:00
37edcd688a
Use ErrorReport - run rustfmt
...
Split off for ease of review and possible rebase.
2023-01-30 18:52:32 +00:00
e159bf57d2
Use ErrorReport for errors in error! in tor-ptmgr
2023-01-30 18:52:32 +00:00
aa7397bc0f
Use ErrorReport's .report() for two errors in error! in bridgedesc.rs
...
No functional change, just using the new idiom.
2023-01-30 18:52:32 +00:00
3a8c36e9c6
Use ErrorReport for remaining errors in error! in tor-circmgr
2023-01-30 18:52:32 +00:00
8c1830090c
Use ErrorReport for errors in error! in tor-chanmgr
2023-01-30 18:52:32 +00:00
22016f233b
Use tor_error::Report for remaining errors in error! in arti
2023-01-30 18:52:32 +00:00
49f3697b19
Apply safelog to DNS response serialisation errors, but report them
...
With safe logging disabled, print the error too.
With safe logging enabled, do not print the message or the error.
2023-01-30 18:52:32 +00:00
5c0a7e0127
Use ErrorReport for errors in error! in arti-client
2023-01-30 18:52:32 +00:00
2954568fae
Use ErrorReport for errors in warn! in tor-ptmgr
2023-01-30 18:52:32 +00:00
47e226293f
Use ErrorReport for errors in warn! in tor-persist
2023-01-30 18:52:32 +00:00
dc9352b515
Use ErrorReport for errors in warn! in tor-dirmgr
2023-01-30 18:52:32 +00:00
25c41977ac
Use ErrorReport for errors in warn! in tor-circmgr
2023-01-30 18:52:32 +00:00
410fdc9f32
Use ErrorReport for errors in warn! in tor-chanmgr
2023-01-30 18:52:32 +00:00
36ebf7d23a
Use ErrorReport/Report for errors in warn! in arti
2023-01-30 18:52:32 +00:00
cc6cf7f973
Use ErrorReport for errors in info! in tor-dirmgr
2023-01-30 18:04:57 +00:00
0e6be61db6
tor-dirclient: De-genericise internal fn retire_circ
...
Requring `Display` is wrong here, because if this is actually an
Error, Display would be wrong because it doesn't display causes.
As it happens, the `error` parameter is only ever `&str`.
2023-01-30 18:00:53 +00:00
f657ef5b6c
Use ErrorReport for errors in info! in tor-circmgr
2023-01-30 17:59:09 +00:00
c2e4b8b7f9
Errors: Mark the type of an error, for clarity
...
We want to call ErrorReport::report() on Errors, but this isn't an
Error but only a string.
2023-01-30 17:52:02 +00:00
f6cbd180a1
netdir: remove duplicate code in param calculation
2023-01-28 12:43:08 -05:00
4e7a552171
netdir: remove the vestigial smallvec implementation I added
...
It's cute, but I don't think it will help performance, and I'm
undecided about whether the semantic implications are true.
2023-01-28 12:43:08 -05:00
268a723e49
Turn compute_ring_params into a method.
2023-01-28 12:43:08 -05:00
2490b3cdc6
Use derive_more on SharedRandVal
...
This may be temporary if we wind up converting to CtByteArray,
but for now it's good to be terse.
2023-01-28 12:43:08 -05:00
a51c76178e
Several suggestions on gitlab.
2023-01-28 12:43:08 -05:00
5236c5cf88
netdir: Implement ring-param constructors and time period accessors
...
This logic is a bit tricky, so I've tried to document it and add
fairly good tests. The silver lining is that the external API for
all of this logic will make it invisible and hidden.
There are some cases where I added functions that I think might
eventually get lowered into MdConsensus: But I don't want to lower
too much right now, since the convention for our netdoc accessors is
that they are fairly unsophisticated, and they show you the document
as it is.
Closes #686
2023-01-28 12:43:08 -05:00
9f3e6783ca
netdoc: Add Eq and a note to SharedRandVal.
2023-01-28 12:12:17 -05:00
790b38eec8
netdoc: Add SRV accessors.
...
These are deliberately unsophisticated accessors, in that they return Option<>
rather than filling in missing values with the documented
fallbacks. It seems better to leave a way to distinguish the absent
case in the API.
2023-01-28 12:12:17 -05:00
c1ced84239
netdoc: Add a timestamp to SRVs per prop#342.
...
This breaks some experimental APIs, but since they are experimental
no semver note is needed.
2023-01-28 12:12:17 -05:00
8ce447b7e2
netdoc: Add Iso8601 time _with_ a "T" as an argument type.
2023-01-28 12:12:17 -05:00
3da36c5c8b
Fix typos
2023-01-28 01:31:10 +02:00
856d3b0a8b
ErrorHint: Report hints for arti_client errors.
2023-01-27 11:56:53 -05:00
b3c963e7fa
ErrorHint: Add a note about lowering the permissions hint
2023-01-27 11:56:53 -05:00
ae963e3c6b
ErrorHint: use anonymize_home
2023-01-27 11:56:53 -05:00
39ad97fdc2
ErrorHint: Implement tryfrom_torpersist
2023-01-27 11:56:53 -05:00
3c82f794c1
ErrorHint: refactor API (part 2)
...
Change ErrorHint so that, internally, it just holds an enum with a
lightweight reference to whatever parts of the error it needs to
generate a hint. Then we can move the formatting logic into a
Display function for ErrorHint, and do away with ErrorDetail entirely.
2023-01-27 11:56:53 -05:00
b8058c5d02
ErrorHint: refactor API (part 1)
...
Move the "hint" function into Error, and use Option rather than Result.
(I'm using Option here because it's not really an error case not to have
a hint; we just either have a hint, or we don't.)
2023-01-27 11:56:53 -05:00
cc4c07678a
add opaque ErrorHint API, impl ErrorHint from BadPermissions
2023-01-27 11:02:42 -05:00
b7c8646d7b
circmgr: drop a receiver more explicitly.
...
Clippy now complains about `let _ = (expr_producing_a_future);`,
which is probably smart, since maybe you wanted to await that future
and ignore the result. So it seems that the right way to get rid of
an unwanted Receiver is now to drop it explicitly.
Closes #749
2023-01-27 09:16:51 -05:00
2127c6b088
"Fix" remaining unchecked-subtraction warnings.
...
In both cases I think it's fine to panic; but it's best to do so
explicitly.
2023-01-27 09:16:41 -05:00
a6dd92843e
Allow clippy::unchecked_duration_subtraction in tests
...
This panics on error, and we're fine with a panic on misbehavior in
tests.
2023-01-27 08:28:02 -05:00
ed74c62931
Elide a bunch of lifetimes.
...
Clippy now warns about these; I'm not sure how these warnings snuck
up on us.
2023-01-27 08:28:02 -05:00
bf04641c68
Disable clippy::unlinlined-format-args
...
This warning kind of snuck up on us! (See #748 ) For now, let's
disable it. (I've cleaned it up in a couple of examples, since
those are meant to be more idiomatic and user-facing.)
Closes #748 .
2023-01-27 08:27:47 -05:00
f2e254e63d
Merge branch 'toml_0.6' into 'main'
...
Upgrade toml to version 0.6.
See merge request tpo/core/arti!989
2023-01-26 17:34:52 +00:00
b2373e6d3f
Merge branch 'hscrypto_impl' into 'main'
...
Implement tor-hscrypto
Closes #684 and #742
See merge request tpo/core/arti!980
2023-01-26 14:28:13 +00:00
51741398b2
Merge branch 'netdoc-builder' into 'main'
...
tor-netdoc: Provide NetdocEncoder (internal)
See merge request tpo/core/arti!984
2023-01-26 11:40:50 +00:00
02d15dc5c1
Merge branch 'env' into 'main'
...
shell: use /usr/bin/env instead of absolute paths
See merge request tpo/core/arti!988
2023-01-26 11:35:38 +00:00
cd7059f5c7
Merge branch 'sensitive' into 'main'
...
tor-proto: Mark stream ids in errors as sensitive
See merge request tpo/core/arti!986
2023-01-26 11:31:46 +00:00
f9903789d1
Upgrade toml to version 0.6.
...
This required rewriting some of our error handling code in
command-line processing, since the toml crate now displays and
reports errors differently. (Admittedly, this code still is kind of
ugly, but at least it is nicely hidden.)
2023-01-25 16:29:53 -05:00
790f21032a
hscrypto: Remove Credential.
...
It turns out that the credential is only calculated as an
intermediate result in order to blind keys and produce the
subcredential. As such, it has no need to leave the hscrypto module.
2023-01-25 14:34:16 -05:00
b4c4a21297
hscrypto: add a note about maybe replacing epoch_offset with voting_interval
2023-01-25 14:15:53 -05:00
9864fd9db8
hscrypto: Explain why vanity onions require expanded secret keys.
2023-01-25 14:14:32 -05:00
4399722ada
hscrypto: document why we have keys in un-expanded form
2023-01-25 14:07:04 -05:00
360e84afab
hscrypto: Note that maybe Duration is the wrong type to use.
2023-01-25 13:59:50 -05:00
904688467c
hscrypto: Note the need for a Result rather than an Option
2023-01-25 13:57:57 -05:00
ab0edd55e0
Apply several clarifications (and fixes for missing refs)
2023-01-25 18:54:48 +00:00
386de7587e
hscrypto: Use derive_more, and derive Deref for public keys.
2023-01-25 13:48:40 -05:00
79097484de
shell: use /usr/bin/env instead of absolute paths
...
This commit changes the shebang in all shell scripts from absolute
paths (such as `/bin/bash` or `/usr/bin/python3`) to the `/usr/bin/env`
binary with the accompanying interpreter as it's argument.
The reason for this are as follows:
- NixOS cannot work with absolute paths
- BSD systems install their packages in /usr/local/bin
2023-01-25 18:35:53 +01:00
fe6575ef98
hscrypto: Revise TimePeriod to account for variable offset.
...
Previously, the offset was set to 12 hours unconditionally (like the
spec says). But based on a conversation on tor-dev, it seems that
the offset should actually be 12 times the voting interval.
I'm also opening an MR to change the spec.
2023-01-24 15:04:40 -05:00
108bb72c5e
hscrypto: Add documentation for ClientSecretKeys
2023-01-24 13:40:59 -05:00
93cdb0a2c3
Add a note about why we use ExpandedSecretKey for OnionIdSecretKey
2023-01-24 13:40:59 -05:00
00aaf79620
hscrypto: Add our standard clippy warnings
...
(I have squashed the fixes for these warnings into the earlier
commits in this branch, so it will look like I did everything right
the first time.)
2023-01-24 13:40:59 -05:00
f192429442
hscrypto: Implement key blinding.
...
This implementation was made based on the specification, and then
validated against itself, and against C Tor.
2023-01-24 13:40:59 -05:00
3dfeb5b144
hscrypto: Add an implementation for TimePeriod
...
This required some API tweaks, which is probably to be expected;
these time periods are a wonky kind of thing.
2023-01-24 13:33:48 -05:00
0a52d90af3
hscrypto: Implement hs_mac.
2023-01-24 13:33:48 -05:00
44e9d31af9
hscrypto: Improve documentation for RendCookie
2023-01-24 13:33:48 -05:00
49afcafadd
hscrypto: use a macro to define our byte wrappers too.
2023-01-24 13:33:48 -05:00
7e4ad381a8
hscrypto: Add and use a macro to define all PK types.
2023-01-24 13:33:46 -05:00
36485218c3
hscrypto: A couple of spelling fixes.
2023-01-24 13:32:18 -05:00
23bbf17d38
hscrypto: Associate each type with new name from rend-spec-v3.txt
2023-01-24 13:32:18 -05:00
3b2848f904
Merge branch 'onion-api-highlevel' into 'main'
...
Onion-service APIs: circmgr, hsclient, hsservice
See merge request tpo/core/arti!972
2023-01-24 18:19:42 +00:00
590c139af9
tor-proto: Mark stream ids in errors as sensitive
...
Pursuant to #556
2023-01-24 18:08:40 +00:00
5b4ffc5e48
Note a needed isolation API.
2023-01-24 12:32:21 -05:00
606426bfc7
hsservice: Add a note about the contents of circ_info.
...
In order to store per-circuit information, it's a good idea if we
provide something that can be the key of a `PtrWeakKeyHashMap`.
2023-01-24 12:32:21 -05:00
a210686c80
Sketch an API for onion services.
2023-01-24 12:32:21 -05:00
32ae6dfa09
Add a new stub hsclient module to connect to onion services.
2023-01-24 12:32:21 -05:00
8ce05dc725
CircMgr: Draft API to construct targeted multihop circuits.
...
Onion services and onion clients need these to make connections to
HsDirs, Introduction points, and Rendezvous points.
2023-01-24 12:32:21 -05:00
190f24e66d
CircMgr: Draft APIs used to implement onion service clients.
2023-01-24 12:32:21 -05:00
1834579460
Merge branch 'onion-proto-apis' into 'main'
...
Draft APIs for onion services in tor-proto
See merge request tpo/core/arti!970
2023-01-24 17:28:16 +00:00
ce293e4ce4
tor-proto: comment fixes and more TODO hs
2023-01-24 11:50:10 -05:00
92ba020534
Add missing docsrs attribute
2023-01-24 16:19:05 +00:00
15a543d738
netdoc builder: Add two TODOs, prompted by testing experience
2023-01-24 16:15:17 +00:00
be1cd7789d
netdoc builder test: Make a bigger dummy document and test reparsing
2023-01-24 16:15:17 +00:00
eb3b261595
netdoc builder: Implement object() and add one test case
2023-01-24 16:15:17 +00:00
4f0d17d96d
netdoc-builder: Initial test case (no object yet)
2023-01-24 16:15:17 +00:00
066eb12f50
netdoc-builder: Provide new() method
2023-01-24 16:15:17 +00:00
e989871a7b
netdoc-builder: Implement ItemArgument for more needed types
2023-01-24 16:15:17 +00:00
94fec1e12c
netdoc-builder: Remove some obsolete comments
2023-01-24 16:15:17 +00:00
16c4fee4b8
netdoc-builder: Move example into implementation doc comment
...
Not actually tested yet
2023-01-24 16:15:17 +00:00
8f725a19f8
netdoc-builder: Implement most of the internal general doc builder
2023-01-24 16:15:17 +00:00
22cf060426
netdoc-builder api: Clarify docs for object()
2023-01-24 16:15:17 +00:00
c7e816d263
netdoc-builder api: Introduce ItemArgument trait
2023-01-24 16:15:17 +00:00
eac7befc87
netdoc-builder api: Have .item() return ItemBuilder
...
This was a slip in the design doc.
2023-01-24 16:15:17 +00:00
8c8ff4948f
netdoc-builder api: Abolish `K` generic on ItemEncoder
...
We're going to eagerly encode the keyword, so this will be easy.
Removing the generic simplifies the API.
2023-01-24 16:15:17 +00:00
669a399c46
netdoc-builder api: Don't promise to check args_raw_string value
2023-01-24 16:15:17 +00:00
2bc7a371b4
netdoc-builder api: Make ItemEncoder methods consume and return self
...
This will actually make the pattern in the example work.
The mentioned `ItemArgument` trait will arrive soon.
2023-01-24 16:15:17 +00:00
5fccbce160
netdoc-builder api: Move internal API into actual code file (fmt)
2023-01-24 16:15:17 +00:00
e971d1ad59
netdoc-builder api: Move internal API into actual code file
...
Motion, plus the bare minimum needed to make it compile.
2023-01-24 16:15:17 +00:00
f735a128bb
tor-netdoc: tokenize: Provide BASE64_PEM_MAX_LINE
...
We'll use this in the netdoc builder, but it naturally lives here.
2023-01-24 16:15:17 +00:00
c8ac951cf5
tor-netdoc: tokenize: Rename to tag_keywords_ok, document, expose
...
Rename from _keyword_, since this actually checks the *multiple*
keywords that can appear in an object's BEGIN line.
Make this clear in the doc comment.
Expose it for use by the netdoc builder.
2023-01-24 16:15:17 +00:00
a8ab0a5f46
tor-netdoc: tokenize: crate-Expose object::BEGIN_STR etc.
...
The document builder wants these too.
2023-01-24 16:15:17 +00:00
5bd54f3701
tor-netdoc: Make AuthCertKwd pub(crate)
...
For now, this will be useful in a test.
2023-01-24 16:15:17 +00:00
043581fe0e
tor-bytes: impl Writeable for &impl Writeable
2023-01-24 16:15:17 +00:00
a4a4b19f21
tor-bytes: Implement conversion from EncodeError to Bug
2023-01-24 16:15:17 +00:00
c31f451e0b
Merge branch 'bug736' into 'main'
...
Prop304: Add extended SOCKS result codes for onion services
See merge request tpo/core/arti!978
2023-01-24 15:05:19 +00:00
fd8915155e
Merge branch 'ignore' into 'main'
...
Do not .gitignore crates/*/fuzz/corpus
See merge request tpo/core/arti!982
2023-01-20 18:47:20 +00:00
5c76bca692
tor-llcrypto: Tolerate some warnings (fmt)
2023-01-20 17:29:45 +00:00
4e6f5b7ff3
Do not .gitignore crates/*/fuzz/corpus
...
These are symlinks which are actually checked in. They should not be
ignored. (This caused trouble for some of my privsep tooling...)
2023-01-20 17:29:00 +00:00
bd21d23279
tor-llcrypto: Tolerate some warnings
...
Without this,
cargo +stable clippy -p tor-netdoc --all-features
produces warnings.
2023-01-20 16:37:31 +00:00
131775bf36
Upgrade to latest rsa crate.
2023-01-20 08:06:30 -05:00
02a1f9a3e4
Upgrade to latest async-broadcast
...
(We don't yet use the code that uses it, but we might as well have
our unused code be up-to-date.)
2023-01-20 08:06:30 -05:00
707efc944d
upgrade to latest serial_test
2023-01-20 08:06:30 -05:00
889206cde4
Complete our migration to base64ct.
...
This is in lieu of upgrading to the latest base64 crate, which has
a different API from the old one. Since we have to migrate either
way, we might as well use base64ct everywhere.
I don't think that most of these cases _require_ constant-time
base64, but it won't hurt.
2023-01-20 08:06:30 -05:00
6cb0528cc1
Upgrade to latest rlimit crate.
2023-01-19 14:10:54 -05:00
66a649f5f8
Prop304: Add extended SOCKS result codes for onion services
2023-01-18 18:39:00 -08:00
fa93f6674d
made TorClient::set_stream_prefs public
2023-01-18 18:20:59 +01:00
12845d6e1e
tor-proto: Draft API to handle incoming BEGIN requests.
...
Onion services (and later, exits and caches) will need this.
2023-01-17 15:20:03 -05:00
e8ed46006e
tor-proto: Expose support for doing onion service handshakes
...
This is a little tricky, but I think that we're not actually
exposing too much here. I expect we'll need to tweak this stuff
between now and our final version.
2023-01-17 15:20:03 -05:00
99fdaa7c2e
tor-proto: Draft APIs for handling control messages
...
We will need these for onion services, to send and receive messages
of types not handled directly by the tor-proto crate.
2023-01-17 15:20:03 -05:00
4fedd301cf
tor-proto: Rename "hs" experimental feature to "onion-common"
...
(For consistency with other crates)
2023-01-17 15:20:03 -05:00
56cb2d2a10
Make a top-level API for connecting to onion services.
...
Fortunately, it adds very little to the arti-client API surface.
2023-01-12 09:28:58 -05:00
7030cbe460
Merge branch 'onion-netdir-apis' into 'main'
...
Add onion service APIs to tor-netdir
See merge request tpo/core/arti!966
2023-01-11 16:08:18 +00:00
de3f10f492
netdir: add network parameters related to onion services
...
These are available unconditionally, since they represent
comparatively little storage and processing effort.
See param-spec.txt section 8 for the original information here.
2023-01-11 09:10:08 -05:00
136f70545d
tor-units: Add an IntegerMinutes.
2023-01-11 09:10:08 -05:00
5b74ef7af9
Adjust onion service ring APIs in light of prop#342
...
* It is the NetDir's responsibility to tell the caller what the time
period is.
* There can be up to two secondary time periods.
* Each time period has a single SRV.
* Secondary time periods only apply for onion services, when they
publish.
* When publishing, the correct input is a time period.
2023-01-11 09:04:13 -05:00
f24f8d295c
Sketch APIs for the onion service directory ring.
...
These are a bit complex internally, but the API they present is
pretty simple. I've left some discussion of points where the design
isn't totally fleshed out, and where we need to look harder at the
spec.
Part of #716 .
2023-01-11 09:04:13 -05:00
2c41321710
Netdoc: Refactor SharedRandVal.
...
SharedRandVal now holds only the 32-byte random value itself; the
"number of commits" field is in SharedRandStatus.
This commit also makes the SharedRandVal be exactly 32 bytes, since
we've set it to that value in the spec.
2023-01-11 09:04:12 -05:00
d7abced11f
hscrypto: Add several derives
...
The important addition here is the Copy derives, which affect API
design. I'm applying them to the types that are 32 byte or smaller.
2023-01-11 09:04:12 -05:00
d6800bae0c
Merge branch 'blind_privkey' into 'main'
...
llcrypto: Implement secret-key blinding.
Closes #719
See merge request tpo/core/arti!964
2023-01-09 18:06:00 +00:00
cea6396513
Merge branch 'typos' into 'main'
...
Fix typos
See merge request tpo/core/arti!965
2023-01-09 14:44:00 +00:00
371bcdc554
Merge branch 'arti-hyper-fixing-715' into 'main'
...
Temporary fix for #715 and #569
Closes #715
See merge request tpo/core/arti!958
2023-01-09 14:43:37 +00:00
892c6eaadf
Fix typos
2023-01-07 20:35:54 +02:00
2e8c38d11d
Removed unnecessary "all()" cfg constraint
2023-01-07 13:00:40 +01:00
90a25fa21a
Added x86_64-apple-darwin to fallback to "tls-api-openssl"
2023-01-07 12:57:23 +01:00
0a04851636
fixed "broken_intra_doc_link"
2023-01-06 19:43:44 +01:00
8472acf3ac
Merge branch 'onion-api-v0.2' into 'main'
...
Onion service APIs, part 1.
See merge request tpo/core/arti!959
2023-01-06 18:32:36 +00:00
0c2f800ab0
Merge branch 'sensitive' into 'main'
...
tor-proto: Remove some sensitive info from errors
See merge request tpo/core/arti!934
2023-01-06 18:07:26 +00:00
7f6e3e19a3
Sketch a solution for arti#525
2023-01-06 13:03:50 -05:00
91d9ffe0b6
Sketch out new required APIs in tor-cell
2023-01-06 13:03:50 -05:00
9a54e01dd0
tor-cert: add a few hs TODOs
2023-01-06 13:03:50 -05:00
eba937e54c
netdoc: Outline some basic types for encoding HsDescs.
2023-01-06 13:03:50 -05:00
0203634ec5
Create a new tor-hscrypto crate.
...
This module has types and operations needed in multiple places
for an onion service implementation. There are a bunch of
TODO hs-crypto comments that we'll need to fill in.
2023-01-06 13:03:50 -05:00
e650e07cd4
netdoc: note some changes we will have to make to srv
2023-01-06 13:03:50 -05:00
7d38bbd829
llcrypto: fix a comment.
...
This described the wrong type of key.
2023-01-06 13:03:50 -05:00
e7c87372e2
llcrypto: clarify meaning of "Identity".
...
The `Ed25519Identity` and `RsaIdentity` types are not precisely
always used as relay identifiers: they are more generally used as
_key_ identifiers.
This will become relevant as `RsaIdentity` is used for authority
keys (as in authorities' VoterInfo blocks), and as `Ed25519Identity`
is used as the identifier behind an onion service key.
2023-01-06 13:03:47 -05:00
98acafe9d1
tor-proto: rustfmt
...
Not sure why the tree didn't have this newline already. "Whatever".
2023-01-06 17:26:54 +00:00
0639b105c5
tor-proto: CreateFastWrap::decode_chanmsg: Do not report handshake
...
The debug impl prints the handshake challenge, which we should
probably treat as sensitive.
2023-01-06 17:26:54 +00:00
df2124e28f
tor-proto: impl Display for CreateResponse
...
Don't print the handshake value, but do print the display reason.
2023-01-06 17:26:54 +00:00
8c925499f8
tor-proto: When relay IDs mismatch, the IDs are sensitive in errors
2023-01-06 17:26:54 +00:00
1e25a962a7
chanmgr: trace-level logs when launching connections.
...
Based on more temporary debugging code. Yet another part of #677 .
2023-01-06 17:19:00 +00:00
71dfaa3125
ptmgr: Add more logs when looking/creating a PT.
...
These are also based on temporary logs that I added locally while I
was hunting bugs.
Also part of #677 .
2023-01-06 17:19:00 +00:00
3eebe33678
ptmgr: Add more logging to IPC code.
...
This is based on logs that I added locally while I was trying to
debug some startup issues. Hopefully they'll make things easier the
next time there's something to debug.
Part of #677 .
2023-01-06 17:19:00 +00:00
b525fccfb0
Merge branch 'ya-lint' into 'main'
...
tor-linkspec: Fix an unused lint
See merge request tpo/core/arti!935
2023-01-06 17:16:27 +00:00
118050e54c
Merge branch 'test-lints' into 'main'
...
Add test lint blocks to all "mod test"
See merge request tpo/core/arti!937
2023-01-06 17:16:09 +00:00
fbae20537c
Merge branch 'bug589a' into 'main'
...
Remove allow(unreachable_pub) from tor-guardmgr/src/lib.rs
Closes #589
See merge request tpo/core/arti!944
2023-01-06 17:14:03 +00:00
d869676263
Merge branch 'socks-resolve-ip' into 'main'
...
resolve ip through socks by parsing them
Closes #714
See merge request tpo/core/arti!957
2023-01-06 17:08:25 +00:00
306e72c566
llcrypto: Implement secret-key blinding.
...
Closes #719 .
Due to a difference between ed25519-dalek and ed25519-donna,
converting these secret keys directly to public keys does not work.
I've documented this in a "Limitations" section.
2023-01-06 12:02:49 -05:00
246a5f1e56
Merge branch 'ctbytes' into 'main'
...
Add a new "CtByteArray" type, and use it in Id types.
See merge request tpo/core/arti!962
2023-01-06 16:41:29 +00:00
9d3f19fd38
Add a new "CtByteArray" type, and use it in Id types.
...
This type provides a common implementation for types that are
implemented as arrays of bytes that should only be compared
with constant-time comparisons.
2023-01-05 12:34:14 -05:00
0d05a61381
Temporary fix for #715 and #569
2023-01-05 00:00:47 +01:00
a7035d08a1
Merge branch 'tor-rtmock-rfc3399' into 'main'
...
Use parse_rfc3339() in the tor-rtmock crate
See merge request tpo/core/arti!943
2023-01-04 14:32:13 +00:00
8f91bc5ef9
Merge branch 'tor-proto-use-rfc3339' into 'main'
...
Use parse_rfc3339() in the tor-proto crate
See merge request tpo/core/arti!942
2023-01-04 14:31:07 +00:00
0ac7dfbd9e
Merge branch 'tor-netdoc-rfc3399' into 'main'
...
Use parse_rfc3339() in the tor-netdoc crate
See merge request tpo/core/arti!941
2023-01-04 14:30:08 +00:00
29f1d9012d
resolve ip through socks by parsing them
2023-01-03 17:53:16 +01:00
8579bc66a8
doc: consistent summary line for the READMEs
...
This commit introduces a consistency to the summary line of all
README.md files in each and every crate.
2022-12-20 14:31:47 +01:00
e39e39ea27
Add semver.md for (into_)handshake()
2022-12-19 08:25:15 -08:00
b649a1d86f
msg::{CreateFast/CreatedFast}: Rename accessor to (into_)body()
2022-12-18 21:00:24 -08:00
23db2944cc
Remove allow(unreachable_pub) from tor-guardmgr/src/lib.rs
...
Closes #589
2022-12-16 13:23:57 -08:00
11958c9241
Use parse_rfc3339() in the tor-rtmock crate
2022-12-16 13:07:49 -08:00
a180f911bd
Use parse_rfc3339() in the tor-netdoc crate
2022-12-16 12:56:00 -08:00
c171c0f834
Use parse_rfc3339() in the tor-proto crate
2022-12-16 12:53:50 -08:00
fa5a417fc9
Merge branch 'err-dyn-report' into 'main'
...
Error logging (ErrorReport, .report()) POC
See merge request tpo/core/arti!936
2022-12-15 15:02:17 +00:00
8a28cb2d14
tor-error: tests: Add a test case for Report and Bug wrapping
2022-12-15 14:37:08 +00:00
125a455bdc
test lint blocks: Add many many automatically
...
This is precisely the result of running the rune in
maint/adhoc-add-lint-blocks.
2022-12-12 18:00:30 +00:00
baf78361e8
test lint blocks: Do some semi-manually
...
This is the hunks from running the rune in maint/adhoc-add-lint-blocks
but which require some subsequent manual fixup: usually, deleting
now-superfluous outer allows, but in some cases manually putting back
lints that the adhoc script deleted.
2022-12-12 18:00:29 +00:00
ec7720ae91
test lint blocks: Standardise one in tor-socksproto
...
The previous syntax was recognised by the real script, but not by the
ad-hoc script I'm about to use to add all the missing ones.
2022-12-12 17:50:39 +00:00
25f113b8b3
Tackling issue #663 (Use humantime in tests)
2022-12-12 17:41:22 +00:00
4181ccb8cc
tor-circmgr: Use ErrorReport on a logged error
...
To demonstrate what the use looks like.
2022-12-12 16:40:51 +00:00
b132536b32
tor-error: Provide ErrorReport extension trait with .report() method
2022-12-12 16:40:51 +00:00
bd46e2ae84
tor_error: Promote internal StdError alias to report
...
The std::error::Error repetition was getting rather repetitively
repetitious, and is about to get more so.
2022-12-12 16:40:51 +00:00
8fea4dd6d3
tor-proto: reactor tests: Use debug fmt on an error
...
In tests, debug fmt is usually appropriate.
Found while looking for a candidate for
https://gitlab.torproject.org/tpo/core/arti/-/issues/680
2022-12-12 16:40:51 +00:00
05ca80950e
tor-linkspec: Fix an unused lint
...
Otherwise:
cargo +stable clippy -p tor-proto --all-features --all-targets
Produces:
warning: unused import: `PtTargetAddr`
--> crates/tor-linkspec/src/traits.rs:9:28
|
9 | use crate::{ChannelMethod, PtTargetAddr, RelayIdRef, RelayIdType, RelayIdTypeIter};
| ^^^^^^^^^^^^
2022-12-12 15:08:31 +00:00
5611d5cb0c
Rename Sensitive::into_inner() from ::unwrap()
...
By analogy with similar methods on Mutex, Cell, BufReader, etc. etc.
Discussed here
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/890#note_2856885
Make it a method, as per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/928
2022-12-12 11:52:34 +00:00
7c1beb6171
Fix typos
2022-12-09 11:57:36 +02:00
dc2c00e282
Merge branch 'doc-config-must' into 'main'
...
tor-config: Document how to reject compiled-out features
Closes #654
See merge request tpo/core/arti!929
2022-12-07 13:20:09 +00:00
64ea12d4b9
Merge branch 'shewllexpand' into 'main'
...
tor-config: Update to shellexpand 3.x
See merge request tpo/core/arti!927
2022-12-07 13:19:39 +00:00
4e74104e70
Merge branch 'spelling-20221206' into 'main'
...
A few spelling fixes for bridgedescmgr code
See merge request tpo/core/arti!925
2022-12-06 18:25:43 +00:00
d88e890583
Merge branch 'persist_err_test' into 'main'
...
Test a couple more error cases in tor-persist, and lightly refactor
See merge request tpo/core/arti!930
2022-12-06 16:38:28 +00:00
fe5aeed41f
Merge branch 'safelog_tests' into 'main'
...
More unit tests for safelog crate
See merge request tpo/core/arti!928
2022-12-06 16:17:44 +00:00
Nick Mathewson
Ian Jackson
Ian Jackson
Dimitris Apostolou
eta
Shady Katy
Emil Engler
Neel Chauhan
Michael van Straten
trinity-1686a
coral