Nick Mathewson
19c0dd153a
tor-proto: Add a TODO about simplifying a common pattern.
2023-02-15 10:51:03 -05:00
Nick Mathewson
21db73f182
tor-cell: add a TODO comment about simplifying Body away.
2023-02-15 10:48:19 -05:00
Nick Mathewson
fce1c83f2e
tor-cell: Add another debug_assert to relay cell encoding
2023-02-15 10:48:19 -05:00
Nick Mathewson
5d28e9e7d0
slicewriter: rename a local variable.
2023-02-15 10:48:19 -05:00
Nick Mathewson
19c9593acf
Move slicewriter to tor-cell and make it private.
...
Also, add some comments about how it is likely to change.
2023-02-15 10:48:19 -05:00
Nick Mathewson
1ee6bfa59c
tor-proto: note implications for future HS work
2023-02-15 10:48:19 -05:00
Nick Mathewson
41b50b6c56
tor-proto: Push stream message parsing into the stream objects.
...
This closes #525 , and ensures, at last, that we don't parse any
message that we wouldn't accept.
2023-02-15 10:48:19 -05:00
Nick Mathewson
58c3b8276c
tor-proto: Defer parsing of messages send to half-closed streams
...
This includes a partial solution for #769 , but also turned up
another bug (#774 ) while I was working on it. I'll close them both
once I have a real solution.
2023-02-15 10:48:19 -05:00
Nick Mathewson
bd0f6f5adf
tor-proto: stop reactor (and kill circuit) if meta handler fails
...
If the meta handler reports an error, then the circuit has violated
its protocol, and needs to be shut down.
Fixes #773 .
2023-02-15 10:48:19 -05:00
Nick Mathewson
2e483124cb
tor-proto: defer meta-cell parsing to the last moment.
2023-02-15 10:48:19 -05:00
Nick Mathewson
0765243f5e
tor-proto: Use UnparsedRelayCell to start deferring cell processing.
...
In general, we want to avoid parsing these cells until we are
fairly sure that they are something we would accept.
2023-02-15 10:48:19 -05:00
Nick Mathewson
e4bc7ef57b
tor-cell: Add RelayCell::into_msg.
2023-02-15 10:48:19 -05:00
Nick Mathewson
3f1457ea04
tor-cell: Implement {Relay,Chan}Msg for every body type
...
This will make it ergonomic to decode a single body type without
having to declare a variant that accepts only a single message.
2023-02-15 10:48:19 -05:00
Nick Mathewson
65cc7d0974
tor-cell: Note an opportunity for future optimization
2023-02-15 10:48:19 -05:00
Nick Mathewson
a809a809ba
tor-cell: Add a new UnparsedRelayCell
...
We'll use this to router relay messages on a circuit to the
appropriate stream, and hand them to that stream, without parsing
the message until the stream has been determined.
2023-02-15 10:48:19 -05:00
Nick Mathewson
ca3b33a1af
tor-cell: Refactor relay cells to copy much less
...
We now manipulate raw relay cell bodies as (an alias for)
`Box<[u8;509]>` rather than as (an alias for) `[u8;509]`. This
enables us to do much less copying. It will become more important
soon, as we defer parsing relay cell bodies even longer.
Related to #7 .
We also use SliceWriter to avoid allocating a Vec<> for every relay
message we want to encode, and instead encode directly into the
cell.
2023-02-15 10:48:19 -05:00
Nick Mathewson
9e2b6f3aed
tor-bytes: Add a new writer implementation for fixed-size objects
...
Because the API assumes that many writes are infallible, this writer
takes ownership of the backing object, and will only return it to
you if you didn't run over the end.
I'm going to use this to save some allocations in relay cell bodies
2023-02-15 10:48:19 -05:00
Nick Mathewson
5521df0909
tor-cell: Use a more generic mechanism for managing extensions
...
Several HS message types have an extension list type. They all use
the same framing for extensions, but each of them has separate
extension types and separate extension namespaces.
This commit simplifies establish_intro a little, and adds support
for maintaining unrecognized extension types--at the expense of some
new internal code.
2023-02-15 08:44:43 -05:00
Ian Jackson
dccb641354
Merge branch 'fuzz-hsdesc' into 'main'
...
Fuzzing for hsdesc parsers
See merge request tpo/core/arti!1018
2023-02-15 12:47:38 +00:00
Nick Mathewson
37fcb0ca7c
tor-cell: Extract establish-intro into its own module.
...
Some of the HS message types have a lot of dependent types, like
extensions and options for those extensions, and so on. Except when
those extensions are portable across cell types, it makes sense
to put them in their own modules.
2023-02-15 07:46:36 -05:00
Nick Mathewson
5c85397bb7
tor-cell: rename onion_service module to hs
2023-02-15 07:38:19 -05:00
Nick Mathewson
f1ec64bfe5
Upgrade to latest toml crate.
...
(None of the breaking changes affect us this time.)
2023-02-14 11:06:00 -05:00
Nick Mathewson
e00dfcf41e
netdoc: Add a basic fuzzer for the hsdesc layers.
...
I've been running this for 5 minutes and haven't found any
crashes. I'll run it for an hour or two, then add the results to the
corpus repository.
2023-02-14 07:49:34 -05:00
Nick Mathewson
79dd2ef995
netdoc: Add a feature to expose hsdesc inner doc parsers
...
We want to fuzz these parsers, but there's no currently way to get
at the parsers for inner documents without going through a lot of
encryption. (Coverage-guided fuzzers are powerful, but they
can't find SHA3 preimages.)
2023-02-14 07:44:18 -05:00
Nick Mathewson
74ef8de86f
Merge branch 'doc-iter' into 'main'
...
Introduce new batching iterator and use it in two places
See merge request tpo/core/arti!1016
2023-02-13 18:59:42 +00:00
Ian Jackson
297019bb23
batching_split_before: Whitespace error fix
2023-02-13 17:34:04 +00:00
Ian Jackson
b4d0b585c2
batching_split_before: Better xref for doc hidden
...
And another UNSTABLE warning.
2023-02-13 17:32:54 +00:00
Ian Jackson
1232bb6661
batching_split_before: Clarify API sequential restriction
2023-02-13 17:29:17 +00:00
Ian Jackson
5be6db006c
batching_split_before: Fix and clarify Batches/LendingIterator doc
2023-02-13 17:28:39 +00:00
Ian Jackson
15f33ce13c
batching_split_before: Introduce unit token types
...
And explain why we're not using booleans.
2023-02-13 17:19:13 +00:00
Ian Jackson
73a20cdc36
batching_split_before: Expand on the remaining use of "meta-iterator"
2023-02-13 17:13:55 +00:00
Ian Jackson
04e3a22b82
batching_split_before: Fix link to BatchesWithHeader::subsequent
2023-02-13 17:12:17 +00:00
Ian Jackson
53ef0d65ea
batching_split_before: Provide description for BatchesWithHeader
2023-02-13 17:09:08 +00:00
Ian Jackson
6799fb6e3e
batching_split_before: Document generics on our non-private types
2023-02-13 17:04:29 +00:00
Ian Jackson
e44be77f52
batching_split_before: Rename "prefix" to "header"
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1016#note_2877759
"_prefixed" becomes "_with_header". That mirrors the returned struct
which is nice.
2023-02-13 16:55:36 +00:00
Ian Jackson
72b1cb797d
batching_split_before: Rename "start" to "batch-starting"
...
Roughly as per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1016#note_2877822
2023-02-13 16:52:07 +00:00
Ian Jackson
09060b4748
batching_split_before: Remove false assertions about batch contents
2023-02-13 16:44:47 +00:00
Ian Jackson
4333a1ef1c
batching_split_before: Clarify heading of BatchesWithPrefix
2023-02-13 16:37:13 +00:00
Nick Mathewson
5c1cbd5486
batching_split_before: docs improvements.
2023-02-13 16:12:26 +00:00
Nick Mathewson
7363bee6a4
netdoc: give hsdesc test info in its original form.
2023-02-13 10:30:27 -05:00
Ian Jackson
8703a969f4
tor-netdoc: Use batching iterator in authcert.rs
...
This gets rid of a lot of manual boolean state variable iterator
stuff.
2023-02-10 19:48:26 +00:00
Ian Jackson
d35f7990e8
tor-netdoc: Use batching_split_before in HsDescInner
2023-02-10 19:47:45 +00:00
Ian Jackson
fd35f05b26
tor-netdoc: Provide new batching_split_before
...
There will be two call sites to demonstrate it.
Eventually maybe this will want to be in tor-basic-utils, since it
doesn't depend on any of the tor-netdoc types. But it would be
sensible to wait until the situation with PeekableIterator and
Itertools is improved.
For now we make this #[doc(hidden)] to avoid it becoming part of our
stable API.
2023-02-10 19:47:45 +00:00
Ian Jackson
1b5a5eb57a
tor-netdoc: Provide NetDocReader::into_iter
...
This will avoids some hairy borrowck disasters when we try to use
iterator adapters.
2023-02-10 19:47:45 +00:00
Ian Jackson
5f0ff78c2d
tor-netdoc: util: use super::* in tests
...
Not xure how my MR to try to do this everyone missed this one.
2023-02-10 19:47:45 +00:00
Ian Jackson
a5be14ed5e
tor-netdoc: util: Add standard lint block to tests
...
Not xure how my MR to try to do this everyone missed this one.
2023-02-10 12:47:02 +00:00
Nick Mathewson
3f5502c5bc
netdoc: Add a test for HSDesc decryption.
2023-02-10 07:36:40 -05:00
Nick Mathewson
ced33029f6
Add another test hsdesc to parse.
...
This one was generated (by dgoulet) using `ClientDescEncKey`
encryption. Its information is:
```
Address: paozpdhgz2okvc6kgbxvh2bnfsmt4xergrtcl4obkhopyvwxkpjzvoad.onion
Time period: 19397
Client:
paozpdhgz2okvc6kgbxvh2bnfsmt4xergrtcl4obkhopyvwxkpjzvoad:descriptor:x25519:SDZNMD4RP4SCH4EYTTUZPFRZINNFWAOPPKZ6BINZAC7LREV24RBQ
Service:
descriptor:x25519:SACGOAEODFGCYY22NYZV45ZESFPFLDGLMBWFACKEO34XGHASSAMQ
```
2023-02-10 07:26:31 -05:00
Nick Mathewson
b4cca45410
hscrypto: Use minutes, not seconds, in blinding parameter.
...
Fixes an instance of #768 .
The problem with the test vectors is that I used a random time
period number (1234) and the default-in-tor period length (1440)
without checking whether 1440 _meant_ minutes or seconds. I'll add
another test to Tor to make sure that the time period matches now.
With this change, I can test Tor-generated hsdescs with encryption,
so I'm fairly confident that the new behavior is correct.
2023-02-10 06:54:19 -05:00
Nick Mathewson
696b9bd2d5
Merge branch 'ticket_525_part2' into 'main'
...
Apply restricted_msg to ChanMsg parts of tor-proto
See merge request tpo/core/arti!1013
2023-02-09 18:06:39 +00:00
Ian Jackson
62fa652fcd
Merge branch 'hsdir' into 'main'
...
Compute the HS directory hash ring
See merge request tpo/core/arti!1012
2023-02-09 16:35:42 +00:00
Ian Jackson
3d6e6fcf0d
Fix minimal-versions (.then_some is too new)
2023-02-09 16:07:16 +00:00
Ian Jackson
4b7f2e84bf
tor-netdir: Make is_hsdir_for_ring crate-local
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1012#note_2876824
2023-02-09 16:07:16 +00:00
Nick Mathewson
0d772e5bed
Rename OpenClientChan{Msg,Cell} => OpenChan{Msg,Cell}S2C
2023-02-09 10:20:31 -05:00
Nick Mathewson
b7490ce374
tor-proto: Do not parse forbidden commands on inbound cells.
...
Unlike C tor, we treat unrecognized commands as reason to kill off
the connection entirely. That's fine; if we need to add an
unrecognized command in the future, we can use VERSIONS to negotiate
it.
Also, if someday we want this code to support relay channels as
well, we can use some type trickery to have that work too.
2023-02-09 10:20:31 -05:00
Nick Mathewson
b49bd3b121
tor-proto: only parse allowed ChanMsg types during handshake.
2023-02-09 10:20:31 -05:00
Nick Mathewson
1c1dec0948
tor-cell: Return a useful error when restrist_msg rejects a command.
2023-02-09 10:20:31 -05:00
Nick Mathewson
48ab7b0463
Change tor_bytes::Error::BadMessage to a Cow.
...
Actually, to avoid making a breaking change, I'm deprecating
BadMessage and creating a new InvalidMessage variant that takes a
Cow. This way I don't need to track every crate that re-exposes
tor_bytes::Error and call this a breaking change in those.
Making this change will allow tor_bytes errors to be much more
helpful.
2023-02-09 10:20:31 -05:00
Nick Mathewson
037d1658b2
tor-cell: Re-export paste so restrict_msg can work outside the crate.
2023-02-09 10:20:31 -05:00
Nick Mathewson
0633f17131
tor-cell: Remove chancell::msg::Body::into_message.
...
It's now redundant, since `restricted_msg!` defines From and Into
for us.
2023-02-09 10:20:31 -05:00
Nick Mathewson
16b9d23a7c
tor-cell: Make RelayEarly a separate type.
...
This allows us to remove a shenanigan from `restricted_msg!{}`.
2023-02-09 10:20:28 -05:00
Nick Mathewson
e832cbd29c
tor-cell: Have restrict_msg add conversion functions.
...
Every FooMsg type now implements Into<AnyFooMsg>, and
TryFrom<FooMsg>.
Additionally, it now implements From<X> for every distinct type that
it supports. This last part lets us discard a bunch of code.
Unfortunately, I needed some downright hackish trickery in order to
get these macros to avoid generating `From<AnyFooMsg> for AnyFooMsg`
and conflicting with the blanket implementation.
The trickery to deal with RelayEarly and Relay being the same type
was not necessarily worth it; I will be separating them and removing
said trickery in the next commit.
2023-02-09 10:20:11 -05:00
Ian Jackson
4ca661a4dc
tor-netdir: Document fill_from_previous_netdir semver
2023-02-09 14:57:29 +00:00
Nick Mathewson
8cda5a1a3e
Clarify which netdir index is meant
2023-02-09 14:56:30 +00:00
Nick Mathewson
33b8ebd67e
Fix typos
2023-02-09 14:48:56 +00:00
Ian Jackson
1f3f659536
Fix compilation with various feature combinations
2023-02-09 14:35:57 +00:00
Nick Mathewson
73ce68ac21
Rename DescEncNonce => HsDescEncNonce
2023-02-09 08:57:09 -05:00
Nick Mathewson
b6f6fa4d4b
cell: Parameterize ChannelCodec::decode and encode.
...
This change lets us use ChannelCodec to encode and decode any
restricted channel message type we want. (Later on, we'll turn the
related Codec class in tor-proto into a more type-restricted version
of this.)
2023-02-09 08:26:09 -05:00
Ian Jackson
335043658e
hsdir: rustfmt
...
Deferred formatting changes which would have obscured the commits they
were prompted by.
2023-02-09 13:01:37 +00:00
Ian Jackson
3dd0d381d0
hsdir: Actually compute the hash ring
2023-02-09 13:01:37 +00:00
Ian Jackson
f5c3c1f277
hsdir: Be able to enumerate the hidden service directories
...
* Provide an accessor for the HSDIR flag
* Provide a function for testing a relay for hsdir inclusion
* Provide an iterator on NetDir that returns the hsdirs
2023-02-09 13:01:37 +00:00
Ian Jackson
f12277141b
hsdir: Ring calculation plumbing
...
* Implement Netdir::compute_rings in terms of a new
HsDirRing::compute, that currently does nothing.
* Actually call Netdir::compute_rings (since now it doesn't panic).
* Make Netdir::compute_rings not be pub. We do this unconditionally,
rather than exposing the distinction between a netdir-without-hsdir
and a netdir-with-hsdir.
2023-02-09 13:01:37 +00:00
Ian Jackson
fe1113bd6b
hsdir representation: Introduce HsDirs generic type
...
This already allows us to get rid of some duplication, and will be
useful more widely in a moment.
2023-02-09 13:01:37 +00:00
Ian Jackson
d63c44f96d
hsdir: Implement HS hash ring index calculations
2023-02-09 13:01:37 +00:00
Ian Jackson
a12df180b5
hsdir: Make HsDirIndex be AsRef<[u8; ]>
2023-02-09 12:56:47 +00:00
Ian Jackson
3f04e7f43e
hsdir: impl Eq for HsDirParams
...
This will allow us to tell if we can reuse parts of a ring.
2023-02-09 12:56:18 +00:00
Ian Jackson
5fcae642d6
hsdir: Rename HsRingParams to HsDirParams
...
The file which contains this type is called hsdir_params.rs. We have
a general problem with slight confusion about when to includen "dir"
and when to include "ring".
Resolve this in favour of the rule now added to the module-level doc
comment.
2023-02-09 12:56:18 +00:00
Ian Jackson
962c879005
hsdir_params: Rename some variables for consistency
...
These variables are going to be struct fields, which will sort of
enforce consistent naming. The struct fields are going to appear in a
moment. We'll call the fields "current" and "secondary" after the
naming in the test cases.
And import hsdir_params::HsRingParams, which we're going to make more
references to.
2023-02-09 12:56:18 +00:00
Ian Jackson
5f52015239
hsdir: Replace open-coded params fields and args with HsRingParams
...
This will enable us to pass these around more conveniently.
And make empty_from_params take an owned params, which it would like.
2023-02-09 12:56:18 +00:00
Ian Jackson
8d4552de8b
hsdir: Remove a done TODO - this *is* now a TiSlice
2023-02-09 12:56:18 +00:00
Ian Jackson
cd0c38ae6c
tor-netdir: Provide Netdir::md_by_idx
...
We'll need this shortly.
2023-02-09 12:56:18 +00:00
Ian Jackson
6acf9cf5e8
tor-netdir: Store previous netdir (if required by features)
2023-02-09 12:56:18 +00:00
Ian Jackson
f69d7f96ac
tor-netdoc: Change fill_from_previous_netdir
...
* Remove the return value, which was not used anywhere.
Also remove the code to calculate the return value.
* Take an Arc<NetDir> rather than a reference. We are going to want
this for HS support. This has no overall effect on the lifetime of
the4 Arc, which was owned at the one call site and then imediately
dropped.
* Change the documentation to explain what the function's role is in
the netdir API, rather than the fiddly details of what it actually
does internally. Relegate the latter to a code comment.
(When we have HS, this will do more, or, at least, make further
arrangements.)
2023-02-09 12:56:18 +00:00
Ian Jackson
81d4e6971b
tor-netdoc: Discuss that relays are ordered by rsa id in Consensus
2023-02-09 12:56:18 +00:00
Ian Jackson
1e3d20bdba
tor-netdir: Use typed-index-collections for router index (fix hsdir)
...
This was omitted in !1004 . (Because this code isn't actually wired up
yet, it typechecked anyway. But we need to fix it.)
2023-02-09 12:56:18 +00:00
Ian Jackson
4626ccfcaa
hs time handling: Make TimePeriod contain length as IntegerMinutes
...
Locally, the only functional effect is that now we refuse to handle
non-whole-number-of-minutes lengths - but since the consensus
parameter can't represent those, there's no overall functional change.
2023-02-09 12:56:18 +00:00
Ian Jackson
bb2ab7c2a3
tor-units: Fix IntegerMinutes accessor (omg)
2023-02-09 12:56:18 +00:00
Nick Mathewson
0a80c468df
hsdesc: Use an IntegerMinutes<u16> to hold lifetime.
2023-02-08 13:33:07 -05:00
Nick Mathewson
39f5f90f3f
netdoc: Fix most "TODO HS rename" comments
2023-02-08 13:23:21 -05:00
Nick Mathewson
8c3bd3626b
netdoc::hsdesc: Distinguish layer from document.
2023-02-08 13:16:44 -05:00
Nick Mathewson
966ddeb092
netdoc::hsdesc: Rename "layer" modules.
2023-02-08 13:08:57 -05:00
Nick Mathewson
964ca511c4
netdoc::hsdesc: Excise reference to "password" authentication
...
As far as we can tell, this never existed.
2023-02-08 12:57:52 -05:00
Nick Mathewson
cce56c793b
hscrypto,netdoc: Add and use a type for KP_hss_desc_enc.
2023-02-08 12:50:34 -05:00
Nick Mathewson
99ec1c9818
tor-hscrypto: Rename key types to correspond to new spec names.
2023-02-08 12:27:36 -05:00
Nick Mathewson
d1ee5807ed
Rename DescriptorCookie to DescEncNonce
...
(I think it's okay to omit the Hs here, since this type is not
visible outside the hsdesc parsing code. I'll rename if others
disagree.)
2023-02-08 12:10:24 -05:00
Nick Mathewson
39e1116ece
Renaming cleanup for and around now-renamed "KP_hs_desc_ephem".
2023-02-08 12:06:42 -05:00
Nick Mathewson
18e8ac7cb6
Rename key identifiers that have changed in the spec
...
Generated with perl:
s/K([PS])_hs_intro_tid/K$1_hs_ipt_sid/g;
s/K([PS])_onion_ntor/K$1_ntor/g;
s/K([PS])_hs_intro_ntor/K$1_hss_ntor/g;
s/K([PS])_hs_desc_ephem/K$1_hss_desc_enc/g;
2023-02-08 11:57:51 -05:00
Dimitris Apostolou
d1eeffbf42
Fix typo
2023-02-08 00:04:25 +02:00
Nick Mathewson
7feda22444
tor-cell: documentation cleanups related to restricted_msg
2023-02-07 16:03:14 -05:00
Nick Mathewson
77cccdfd6e
tor-cell: correct handling of optional msg types.
...
We need to make sure any `#[cfg(feature=...)]` attributes are
applied not only to our variant declarations, but also to the
branches in the match statements that deal with them.
2023-02-07 16:03:14 -05:00
Nick Mathewson
d63d7926bd
tor-cell: Rename RelayMsg and RelayCell-related types.
...
Thanks to rust-analyzer for making this simple.
2023-02-07 16:03:14 -05:00
Nick Mathewson
d99c130679
tor-cell: Rename ChanMsg and ChanCell-related types.
2023-02-07 16:03:14 -05:00
Nick Mathewson
c529bb9c30
tor-cell: Remove RelayMsg methods that are duplicated in RelayMsgClass.
2023-02-07 16:03:14 -05:00
Nick Mathewson
3c7aea723b
tor-cell: Remove ChanMsg methods that are duplicated in ChanMsgClass.
2023-02-07 16:03:14 -05:00
Nick Mathewson
71445f7ace
tor-cell: Use macro to generate ChanMsg too.
2023-02-07 16:03:14 -05:00
Nick Mathewson
706a39a870
tor-cell: Use macro to define RelayMsg type too.
2023-02-07 16:03:14 -05:00
Nick Mathewson
f5f8402d50
tor-cell: Macro to generate restricted RelayMsg and ChanMsg.
...
This is the main implementation part of #525 .
2023-02-07 16:03:14 -05:00
Nick Mathewson
ffb443709b
tor-cell: Change all variants of RelayMsg to have a body.
...
Previously, there were some unit variants, but that makes things
quite awkward for #525 .
2023-02-07 16:03:14 -05:00
Nick Mathewson
afd5232430
tor-cell: Make Body and MsgClass traits more uniform.
...
Doing this will make it much easier to implement a macro that
generates restricted instances of the Msg types (for #525 ).
The Body change is a breaking change. I don't think anybody else
implements Body, but in theory they could.
2023-02-07 16:03:14 -05:00
Nick Mathewson
e099cc7ef8
tor-cell: Generic "Restricted{Relay,Chan}Cell" types.
...
These are generalizations of RelayCell and ChanCell respectively,
that allow using an arbitrary message type in place of the fully
general RelayMsg and ChanMsg types. Doing this is a prerequisite
for usefully implementing arti#525.
2023-02-07 16:03:14 -05:00
Nick Mathewson
f537a7ad48
Update hsdesc parser code to new sectionrules::builder code.
2023-02-07 15:28:10 -05:00
eta
85ca3e41b9
Merge branch 'shadykaty-error-hint-v2' into 'main'
...
Create and use an ErrorHint type to report how to fix a problem.
Closes #579 and #578
See merge request tpo/core/arti!994
2023-02-07 16:32:10 +00:00
eta
c7c4fff66e
Merge branch 'authcert_bug' into 'main'
...
Fix AuthCert behavior on unrecognized tokens, and prevent bug from recurring elsewhere.
Closes #752
See merge request tpo/core/arti!1006
2023-02-07 16:06:20 +00:00
Nick Mathewson
a1c36b2087
netdoc: Add a comment about renaming layer to document.
2023-02-07 09:02:15 -05:00
Nick Mathewson
257aaf9e5b
netdoc::hsdesc: rename Passwd to Password.
2023-02-07 09:02:15 -05:00
Nick Mathewson
2ba28aa289
netdoc: Rename/comment objects from hsdesc.
2023-02-07 09:02:15 -05:00
Nick Mathewson
d10ccf0dc5
netdoc: Rename/comment objects from inner_layer.
2023-02-07 09:02:15 -05:00
Nick Mathewson
1cdd36f511
netdoc: Rename/comment objects from middle_layer.
2023-02-07 09:02:15 -05:00
Nick Mathewson
1a59005ae0
netdoc: Rename/comment objects from desc_enc
2023-02-07 09:02:15 -05:00
Nick Mathewson
7701e02aad
netdoc: Renaming and comments in outer_layer.
2023-02-07 09:02:15 -05:00
Nick Mathewson
68d2ccf5fe
netdoc: Use Itertools::exactly_once in hsdesc parsing
2023-02-07 09:02:15 -05:00
Nick Mathewson
3d53a30c94
netdoc: Remove useless should_be_exhausted calls.
2023-02-07 09:02:15 -05:00
Nick Mathewson
cff2326f6f
Remove a needless line.
2023-02-07 09:02:15 -05:00
Nick Mathewson
fbffd3168c
Even more clarifying comments.
2023-02-07 09:02:15 -05:00
Nick Mathewson
328535855a
netdoc: Try to add a bunch of clarifying documentation.
...
In the process I found a couple of keys without identifiers in the
spec.
2023-02-07 09:02:15 -05:00
Nick Mathewson
6954c6b488
netdoc: Use Signature::from to construct ed25519 sigs.
2023-02-07 09:02:15 -05:00
Nick Mathewson
4c24f8e8a2
netdoc: Clear up a few typos in hsdesc comments and strings.
2023-02-07 09:02:15 -05:00
Nick Mathewson
d699742400
netdoc: Implement onion service descriptor parsers.
2023-02-07 09:02:15 -05:00
Nick Mathewson
2b82011dfb
tor-checkable: Add dangerously_map() functions.
...
These functions consume a checkable wrapper, and return a new
checkable wrapper with mapped contents but the same not-yet-checked
constraints.
As documented, They are "dangerous" because the provided function
gets access to the contents before they are checked; the caller has
to make sure that the provided function doesn't expose their
contents inappropriately.
2023-02-07 09:02:15 -05:00
Nick Mathewson
23757d90c1
netdoc: Parse the inner layer of an onion service descriptor.
...
There are some places where I note certificates which are not
currently validated, because there is no cryptographic point in
doing so. We should either document that this is okay, or validate
the certificates anyway.
This code might benefit from refactoring to make it prettier.
2023-02-07 09:02:15 -05:00
Nick Mathewson
6817f61641
netdoc: Add a workaround for C Tor's lack of mid-layer NL
...
It turns out that C Tor doesn't add a newline at the end of the
middle layer of an onion service descriptor. I've made a spec MR
(torspec!109) to document this: here, it's time to work around the
issue.
2023-02-07 09:02:15 -05:00
Nick Mathewson
4be4d178fa
netdoc: Parse the middle layer of a hsdesc, and decrypt it.
2023-02-07 09:02:15 -05:00
Nick Mathewson
321c8582ce
netdoc: Use correct size for descriptor encryption cookie
2023-02-07 09:02:15 -05:00
Nick Mathewson
d8849f583e
netdoc: move test descriptor to a higher level test module
...
We're going to make use of it in all of our tests, so we may as well
expose it to them from hsdesc::test.
2023-02-07 09:02:15 -05:00
Nick Mathewson
02fa682bc0
netdoc: implement onion service descryptor encryption
...
This is tested via a round-trip check, and via a successful
decryption of our example descriptor's outer layer.
2023-02-07 09:02:13 -05:00
Nick Mathewson
6c4e9c8f1d
netdoc: Parser for outer layer of onion service descriptors.
2023-02-07 09:00:19 -05:00
Nick Mathewson
d35e8a751d
netdoc: Add an example onion service descriptor to test our parsing.
...
I generated this using C tor (latest main) and a Chutney network
about a week ago.
The subcredential is:
78210A0D2C72BB7A0CAF606BCD938B9A3696894FDDDBC3B87D424753A7E3DF37
The HS_blind_id is:
43CC0D62FC6252F578705CA645A46109E265290343B1137E90189744B20B3F2D
2023-02-07 09:00:19 -05:00
Nick Mathewson
0f1cfc308a
netdoc: Derive Debug and Clone on HsDesc and its kin.
2023-02-07 09:00:19 -05:00
Nick Mathewson
4c0be7c568
hscrypto: Impl From<Ed25519Identity> for BlindedOnionId.
2023-02-07 09:00:19 -05:00
Nick Mathewson
3ce5ee1499
hscrypto: add From/Into between RevisionCounter and u64.
2023-02-07 09:00:19 -05:00
Nick Mathewson
a751eacd5b
tor-cert: document hs-related certificate types.
...
Also, explain why a few of these certificates aren't actually useful
as certificates. (This issue is also documented in torspec!110)
2023-02-07 09:00:19 -05:00
Nick Mathewson
079002d283
tor-cert: Implement Timebound for Ed25519Cert
...
This allows us to run `is_valid_at` and friends on the certificate
itself, which we will use soon in hsdesc validity checks.
2023-02-07 09:00:19 -05:00
Nick Mathewson
59b981ea5e
llcrypto: Implement `Into<[u8;32]>` for Ed25519Identity
2023-02-07 09:00:19 -05:00
Nick Mathewson
72448b704a
llcrypto: Derive zeroize for CtByteArray.
2023-02-07 09:00:19 -05:00
Ian Jackson
a0a740ffc1
tor-linkspec: LinkSpec parsing: use read_nested_u8len (fmt)
2023-02-06 16:08:32 +00:00
Ian Jackson
5997d99a7a
tor-linkspec: LinkSpec parsing: use read_nested_u8len
...
This eliminates hardcoded length values.
2023-02-06 16:08:21 +00:00
Nick Mathewson
73199ebf68
netdoc: Require that unrecognized tokens be handled explicitly.
...
Now we require that, for all `SectionRules`, either the caller say
how to handle unrecognized tokens (using `.add(UNRECOGNIZED...)`),
or that they explicitly reject unrecognized tokens (using
`reject_unrecognized`()`.)
This solution uses an assert!() rather than an Error to indicate
failure. I say that's fine, since
1. This is a crate-internal API.
2. We never dynamically construct SectionRules according to
different behavior: they are always prefabricated in a fixed
code block. Thus, if we test a parser at all, we will make
sure that its SectionRules are well-formed.
I considered and explicitly rejected a solution where the builder
had to be finalized with separate methods `build_strict()` or
`build_tolerant()`: It's too easy IMO for the caller to forget what
these call means.
Prevents further recurrences of #752 .
Closes #752 .
2023-02-03 11:33:30 -05:00
Nick Mathewson
13d5452e2e
netdoc: Switch SectionRules building to use a Buidler pattern.
...
No new behavior yet.
2023-02-03 11:14:00 -05:00
Nick Mathewson
266c61f721
Add a rule to handle UNRECOGNIZED in AuthCert.
...
This fixes an instance of bug#752. Previously, we would reject any
AuthCert that contained an unexpected keyword. (Fortunately, this
data format does not change very often.)
2023-02-03 10:53:23 -05:00
Ian Jackson
d469aef72a
Tidy up docs about RouterStatusIdx
...
Always use "index" and not "position".
Remove wording which is otiose given the type name.
2023-02-01 19:40:17 +00:00
Ian Jackson
2dbffa1208
tor-netdir: Use typed-index-collections for router status index
2023-02-01 19:40:17 +00:00
Ian Jackson
b7e41c3981
tor-netdir: Provide ConsensusRelays extension trait (fmt)
2023-02-01 19:39:14 +00:00
Ian Jackson
4eee59ddb7
tor-netdir: Provide ConsensusRelays extension trait
...
Call it everywhere instead of the inherent method on MdConsensus.
(Verified by ad-hoc temporarily renaming MdConsensus::relays().)
2023-02-01 19:39:09 +00:00
Ian Jackson
5bca38acc5
tor-netdoc: Suppress a cfg-dependent dead code warning
...
This is dead code when
cargo +stable clippy -p tor-netdir --all-features --all-targets
2023-02-01 18:46:54 +00:00
Ian Jackson
155b9ed581
Change two in-code references to the wrong feature name
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/issues/756
I think this is going in the wrong direction, but it is better to fix
it so that the names agree for now, pending a decision on the naming.
2023-02-01 18:46:54 +00:00
Nick Mathewson
8ee04ac203
Merge branch 'logs' into 'main'
...
Report causes of errors
Closes #680
See merge request tpo/core/arti!997
2023-02-01 18:19:33 +00:00
Nick Mathewson
04628ca5ab
Remove semver.md files now that 1.1.1 is tagged.
2023-02-01 12:46:01 -05:00
Nick Mathewson
a2b1f20216
Bump minor version of tor-cell.
...
In !948 we renamed a couple of accessor functions, which is a
breaking change in `tor-cell`'s API.
In retrospect, perhaps we should have deprecated the old names and
added the new ones, so we wouldn't have to break the API. (This is
the only API break AFAICT since 1.1.0.)
2023-02-01 10:42:58 -05:00
Nick Mathewson
7c1b6a5a81
Bump the patch version of every crate that had API additions
...
These crates had API or behavior changes that may affect downstream
crates. Fortunately, they're all version 0.x, and don't need minor
bumps for this.
2023-02-01 10:36:29 -05:00
Nick Mathewson
66f594a4b6
Bump the patch-level version of crates with _minor_ changes.
...
These changes influence behavior, but not effect compatibility.
(If I messed up, and any crate except for `arti` has non-breaking
API changes, that's still fine, since they are all version
0.x.)
2023-02-01 10:23:58 -05:00
Nick Mathewson
592d6bf8a3
Bump the patch version of each crate with _trivial_ changes.
...
These crates have not had changes to their behavior; as such it is
not necessary to bump their dependencies to require the new versions.
2023-02-01 10:10:36 -05:00
Nick Mathewson
c42350c6bf
Move tor-proto/semver.md to tor-cell
...
It was erroneously created in the wrong place.
2023-02-01 09:50:02 -05:00
Nick Mathewson
e172a0c893
Mark arti-config as "publish=false"
...
We no longer use it anywhere; there is no reason to keep publishing
updates to it.
2023-02-01 09:48:09 -05:00
Ian Jackson
37edcd688a
Use ErrorReport - run rustfmt
...
Split off for ease of review and possible rebase.
2023-01-30 18:52:32 +00:00
Ian Jackson
e159bf57d2
Use ErrorReport for errors in error! in tor-ptmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
aa7397bc0f
Use ErrorReport's .report() for two errors in error! in bridgedesc.rs
...
No functional change, just using the new idiom.
2023-01-30 18:52:32 +00:00
Ian Jackson
3a8c36e9c6
Use ErrorReport for remaining errors in error! in tor-circmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
8c1830090c
Use ErrorReport for errors in error! in tor-chanmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
22016f233b
Use tor_error::Report for remaining errors in error! in arti
2023-01-30 18:52:32 +00:00
Ian Jackson
49f3697b19
Apply safelog to DNS response serialisation errors, but report them
...
With safe logging disabled, print the error too.
With safe logging enabled, do not print the message or the error.
2023-01-30 18:52:32 +00:00
Ian Jackson
5c0a7e0127
Use ErrorReport for errors in error! in arti-client
2023-01-30 18:52:32 +00:00
Ian Jackson
2954568fae
Use ErrorReport for errors in warn! in tor-ptmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
47e226293f
Use ErrorReport for errors in warn! in tor-persist
2023-01-30 18:52:32 +00:00
Ian Jackson
dc9352b515
Use ErrorReport for errors in warn! in tor-dirmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
25c41977ac
Use ErrorReport for errors in warn! in tor-circmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
410fdc9f32
Use ErrorReport for errors in warn! in tor-chanmgr
2023-01-30 18:52:32 +00:00
Ian Jackson
36ebf7d23a
Use ErrorReport/Report for errors in warn! in arti
2023-01-30 18:52:32 +00:00
Ian Jackson
cc6cf7f973
Use ErrorReport for errors in info! in tor-dirmgr
2023-01-30 18:04:57 +00:00
Ian Jackson
0e6be61db6
tor-dirclient: De-genericise internal fn retire_circ
...
Requring `Display` is wrong here, because if this is actually an
Error, Display would be wrong because it doesn't display causes.
As it happens, the `error` parameter is only ever `&str`.
2023-01-30 18:00:53 +00:00
Ian Jackson
f657ef5b6c
Use ErrorReport for errors in info! in tor-circmgr
2023-01-30 17:59:09 +00:00
Ian Jackson
c2e4b8b7f9
Errors: Mark the type of an error, for clarity
...
We want to call ErrorReport::report() on Errors, but this isn't an
Error but only a string.
2023-01-30 17:52:02 +00:00
Nick Mathewson
f6cbd180a1
netdir: remove duplicate code in param calculation
2023-01-28 12:43:08 -05:00
Nick Mathewson
4e7a552171
netdir: remove the vestigial smallvec implementation I added
...
It's cute, but I don't think it will help performance, and I'm
undecided about whether the semantic implications are true.
2023-01-28 12:43:08 -05:00
Nick Mathewson
268a723e49
Turn compute_ring_params into a method.
2023-01-28 12:43:08 -05:00
Nick Mathewson
2490b3cdc6
Use derive_more on SharedRandVal
...
This may be temporary if we wind up converting to CtByteArray,
but for now it's good to be terse.
2023-01-28 12:43:08 -05:00
Ian Jackson
a51c76178e
Several suggestions on gitlab.
2023-01-28 12:43:08 -05:00
Nick Mathewson
5236c5cf88
netdir: Implement ring-param constructors and time period accessors
...
This logic is a bit tricky, so I've tried to document it and add
fairly good tests. The silver lining is that the external API for
all of this logic will make it invisible and hidden.
There are some cases where I added functions that I think might
eventually get lowered into MdConsensus: But I don't want to lower
too much right now, since the convention for our netdoc accessors is
that they are fairly unsophisticated, and they show you the document
as it is.
Closes #686
2023-01-28 12:43:08 -05:00
Nick Mathewson
9f3e6783ca
netdoc: Add Eq and a note to SharedRandVal.
2023-01-28 12:12:17 -05:00
Nick Mathewson
790b38eec8
netdoc: Add SRV accessors.
...
These are deliberately unsophisticated accessors, in that they return Option<>
rather than filling in missing values with the documented
fallbacks. It seems better to leave a way to distinguish the absent
case in the API.
2023-01-28 12:12:17 -05:00
Nick Mathewson
c1ced84239
netdoc: Add a timestamp to SRVs per prop#342.
...
This breaks some experimental APIs, but since they are experimental
no semver note is needed.
2023-01-28 12:12:17 -05:00
Nick Mathewson
8ce447b7e2
netdoc: Add Iso8601 time _with_ a "T" as an argument type.
2023-01-28 12:12:17 -05:00
Dimitris Apostolou
3da36c5c8b
Fix typos
2023-01-28 01:31:10 +02:00
Nick Mathewson
856d3b0a8b
ErrorHint: Report hints for arti_client errors.
2023-01-27 11:56:53 -05:00
Nick Mathewson
b3c963e7fa
ErrorHint: Add a note about lowering the permissions hint
2023-01-27 11:56:53 -05:00
Nick Mathewson
ae963e3c6b
ErrorHint: use anonymize_home
2023-01-27 11:56:53 -05:00
Nick Mathewson
39ad97fdc2
ErrorHint: Implement tryfrom_torpersist
2023-01-27 11:56:53 -05:00
Nick Mathewson
3c82f794c1
ErrorHint: refactor API (part 2)
...
Change ErrorHint so that, internally, it just holds an enum with a
lightweight reference to whatever parts of the error it needs to
generate a hint. Then we can move the formatting logic into a
Display function for ErrorHint, and do away with ErrorDetail entirely.
2023-01-27 11:56:53 -05:00
Nick Mathewson
b8058c5d02
ErrorHint: refactor API (part 1)
...
Move the "hint" function into Error, and use Option rather than Result.
(I'm using Option here because it's not really an error case not to have
a hint; we just either have a hint, or we don't.)
2023-01-27 11:56:53 -05:00
Shady Katy
cc4c07678a
add opaque ErrorHint API, impl ErrorHint from BadPermissions
2023-01-27 11:02:42 -05:00
Nick Mathewson
b7c8646d7b
circmgr: drop a receiver more explicitly.
...
Clippy now complains about `let _ = (expr_producing_a_future);`,
which is probably smart, since maybe you wanted to await that future
and ignore the result. So it seems that the right way to get rid of
an unwanted Receiver is now to drop it explicitly.
Closes #749
2023-01-27 09:16:51 -05:00
Nick Mathewson
2127c6b088
"Fix" remaining unchecked-subtraction warnings.
...
In both cases I think it's fine to panic; but it's best to do so
explicitly.
2023-01-27 09:16:41 -05:00
Nick Mathewson
a6dd92843e
Allow clippy::unchecked_duration_subtraction in tests
...
This panics on error, and we're fine with a panic on misbehavior in
tests.
2023-01-27 08:28:02 -05:00
Nick Mathewson
ed74c62931
Elide a bunch of lifetimes.
...
Clippy now warns about these; I'm not sure how these warnings snuck
up on us.
2023-01-27 08:28:02 -05:00
Nick Mathewson
bf04641c68
Disable clippy::unlinlined-format-args
...
This warning kind of snuck up on us! (See #748 ) For now, let's
disable it. (I've cleaned it up in a couple of examples, since
those are meant to be more idiomatic and user-facing.)
Closes #748 .
2023-01-27 08:27:47 -05:00
Ian Jackson
f2e254e63d
Merge branch 'toml_0.6' into 'main'
...
Upgrade toml to version 0.6.
See merge request tpo/core/arti!989
2023-01-26 17:34:52 +00:00
Nick Mathewson
b2373e6d3f
Merge branch 'hscrypto_impl' into 'main'
...
Implement tor-hscrypto
Closes #684 and #742
See merge request tpo/core/arti!980
2023-01-26 14:28:13 +00:00
eta
51741398b2
Merge branch 'netdoc-builder' into 'main'
...
tor-netdoc: Provide NetdocEncoder (internal)
See merge request tpo/core/arti!984
2023-01-26 11:40:50 +00:00
eta
02d15dc5c1
Merge branch 'env' into 'main'
...
shell: use /usr/bin/env instead of absolute paths
See merge request tpo/core/arti!988
2023-01-26 11:35:38 +00:00
eta
cd7059f5c7
Merge branch 'sensitive' into 'main'
...
tor-proto: Mark stream ids in errors as sensitive
See merge request tpo/core/arti!986
2023-01-26 11:31:46 +00:00
Nick Mathewson
f9903789d1
Upgrade toml to version 0.6.
...
This required rewriting some of our error handling code in
command-line processing, since the toml crate now displays and
reports errors differently. (Admittedly, this code still is kind of
ugly, but at least it is nicely hidden.)
2023-01-25 16:29:53 -05:00
Nick Mathewson
790f21032a
hscrypto: Remove Credential.
...
It turns out that the credential is only calculated as an
intermediate result in order to blind keys and produce the
subcredential. As such, it has no need to leave the hscrypto module.
2023-01-25 14:34:16 -05:00
Nick Mathewson
b4c4a21297
hscrypto: add a note about maybe replacing epoch_offset with voting_interval
2023-01-25 14:15:53 -05:00
Nick Mathewson
9864fd9db8
hscrypto: Explain why vanity onions require expanded secret keys.
2023-01-25 14:14:32 -05:00
Nick Mathewson
4399722ada
hscrypto: document why we have keys in un-expanded form
2023-01-25 14:07:04 -05:00
Nick Mathewson
360e84afab
hscrypto: Note that maybe Duration is the wrong type to use.
2023-01-25 13:59:50 -05:00
Nick Mathewson
904688467c
hscrypto: Note the need for a Result rather than an Option
2023-01-25 13:57:57 -05:00
Ian Jackson
ab0edd55e0
Apply several clarifications (and fixes for missing refs)
2023-01-25 18:54:48 +00:00
Nick Mathewson
386de7587e
hscrypto: Use derive_more, and derive Deref for public keys.
2023-01-25 13:48:40 -05:00
Emil Engler
79097484de
shell: use /usr/bin/env instead of absolute paths
...
This commit changes the shebang in all shell scripts from absolute
paths (such as `/bin/bash` or `/usr/bin/python3`) to the `/usr/bin/env`
binary with the accompanying interpreter as it's argument.
The reason for this are as follows:
- NixOS cannot work with absolute paths
- BSD systems install their packages in /usr/local/bin
2023-01-25 18:35:53 +01:00
Nick Mathewson
fe6575ef98
hscrypto: Revise TimePeriod to account for variable offset.
...
Previously, the offset was set to 12 hours unconditionally (like the
spec says). But based on a conversation on tor-dev, it seems that
the offset should actually be 12 times the voting interval.
I'm also opening an MR to change the spec.
2023-01-24 15:04:40 -05:00
Nick Mathewson
108bb72c5e
hscrypto: Add documentation for ClientSecretKeys
2023-01-24 13:40:59 -05:00
Nick Mathewson
93cdb0a2c3
Add a note about why we use ExpandedSecretKey for OnionIdSecretKey
2023-01-24 13:40:59 -05:00
Nick Mathewson
00aaf79620
hscrypto: Add our standard clippy warnings
...
(I have squashed the fixes for these warnings into the earlier
commits in this branch, so it will look like I did everything right
the first time.)
2023-01-24 13:40:59 -05:00
Nick Mathewson
f192429442
hscrypto: Implement key blinding.
...
This implementation was made based on the specification, and then
validated against itself, and against C Tor.
2023-01-24 13:40:59 -05:00
Nick Mathewson
3dfeb5b144
hscrypto: Add an implementation for TimePeriod
...
This required some API tweaks, which is probably to be expected;
these time periods are a wonky kind of thing.
2023-01-24 13:33:48 -05:00
Nick Mathewson
0a52d90af3
hscrypto: Implement hs_mac.
2023-01-24 13:33:48 -05:00
Nick Mathewson
44e9d31af9
hscrypto: Improve documentation for RendCookie
2023-01-24 13:33:48 -05:00
Nick Mathewson
49afcafadd
hscrypto: use a macro to define our byte wrappers too.
2023-01-24 13:33:48 -05:00
Nick Mathewson
7e4ad381a8
hscrypto: Add and use a macro to define all PK types.
2023-01-24 13:33:46 -05:00
Nick Mathewson
36485218c3
hscrypto: A couple of spelling fixes.
2023-01-24 13:32:18 -05:00
Nick Mathewson
23bbf17d38
hscrypto: Associate each type with new name from rend-spec-v3.txt
2023-01-24 13:32:18 -05:00
Nick Mathewson
3b2848f904
Merge branch 'onion-api-highlevel' into 'main'
...
Onion-service APIs: circmgr, hsclient, hsservice
See merge request tpo/core/arti!972
2023-01-24 18:19:42 +00:00
Ian Jackson
590c139af9
tor-proto: Mark stream ids in errors as sensitive
...
Pursuant to #556
2023-01-24 18:08:40 +00:00
Nick Mathewson
5b4ffc5e48
Note a needed isolation API.
2023-01-24 12:32:21 -05:00
Nick Mathewson
606426bfc7
hsservice: Add a note about the contents of circ_info.
...
In order to store per-circuit information, it's a good idea if we
provide something that can be the key of a `PtrWeakKeyHashMap`.
2023-01-24 12:32:21 -05:00
Nick Mathewson
a210686c80
Sketch an API for onion services.
2023-01-24 12:32:21 -05:00
Nick Mathewson
32ae6dfa09
Add a new stub hsclient module to connect to onion services.
2023-01-24 12:32:21 -05:00
Nick Mathewson
8ce05dc725
CircMgr: Draft API to construct targeted multihop circuits.
...
Onion services and onion clients need these to make connections to
HsDirs, Introduction points, and Rendezvous points.
2023-01-24 12:32:21 -05:00
Nick Mathewson
190f24e66d
CircMgr: Draft APIs used to implement onion service clients.
2023-01-24 12:32:21 -05:00
Nick Mathewson
1834579460
Merge branch 'onion-proto-apis' into 'main'
...
Draft APIs for onion services in tor-proto
See merge request tpo/core/arti!970
2023-01-24 17:28:16 +00:00
Nick Mathewson
ce293e4ce4
tor-proto: comment fixes and more TODO hs
2023-01-24 11:50:10 -05:00
Ian Jackson
92ba020534
Add missing docsrs attribute
2023-01-24 16:19:05 +00:00
Ian Jackson
15a543d738
netdoc builder: Add two TODOs, prompted by testing experience
2023-01-24 16:15:17 +00:00
Ian Jackson
be1cd7789d
netdoc builder test: Make a bigger dummy document and test reparsing
2023-01-24 16:15:17 +00:00
Ian Jackson
eb3b261595
netdoc builder: Implement object() and add one test case
2023-01-24 16:15:17 +00:00
Ian Jackson
4f0d17d96d
netdoc-builder: Initial test case (no object yet)
2023-01-24 16:15:17 +00:00
Ian Jackson
066eb12f50
netdoc-builder: Provide new() method
2023-01-24 16:15:17 +00:00
Ian Jackson
e989871a7b
netdoc-builder: Implement ItemArgument for more needed types
2023-01-24 16:15:17 +00:00
Ian Jackson
94fec1e12c
netdoc-builder: Remove some obsolete comments
2023-01-24 16:15:17 +00:00
Ian Jackson
16c4fee4b8
netdoc-builder: Move example into implementation doc comment
...
Not actually tested yet
2023-01-24 16:15:17 +00:00
Ian Jackson
8f725a19f8
netdoc-builder: Implement most of the internal general doc builder
2023-01-24 16:15:17 +00:00
Ian Jackson
22cf060426
netdoc-builder api: Clarify docs for object()
2023-01-24 16:15:17 +00:00
Ian Jackson
c7e816d263
netdoc-builder api: Introduce ItemArgument trait
2023-01-24 16:15:17 +00:00
Ian Jackson
eac7befc87
netdoc-builder api: Have .item() return ItemBuilder
...
This was a slip in the design doc.
2023-01-24 16:15:17 +00:00
Ian Jackson
8c8ff4948f
netdoc-builder api: Abolish `K` generic on ItemEncoder
...
We're going to eagerly encode the keyword, so this will be easy.
Removing the generic simplifies the API.
2023-01-24 16:15:17 +00:00
Ian Jackson
669a399c46
netdoc-builder api: Don't promise to check args_raw_string value
2023-01-24 16:15:17 +00:00
Ian Jackson
2bc7a371b4
netdoc-builder api: Make ItemEncoder methods consume and return self
...
This will actually make the pattern in the example work.
The mentioned `ItemArgument` trait will arrive soon.
2023-01-24 16:15:17 +00:00
Ian Jackson
5fccbce160
netdoc-builder api: Move internal API into actual code file (fmt)
2023-01-24 16:15:17 +00:00
Ian Jackson
e971d1ad59
netdoc-builder api: Move internal API into actual code file
...
Motion, plus the bare minimum needed to make it compile.
2023-01-24 16:15:17 +00:00
Ian Jackson
f735a128bb
tor-netdoc: tokenize: Provide BASE64_PEM_MAX_LINE
...
We'll use this in the netdoc builder, but it naturally lives here.
2023-01-24 16:15:17 +00:00
Ian Jackson
c8ac951cf5
tor-netdoc: tokenize: Rename to tag_keywords_ok, document, expose
...
Rename from _keyword_, since this actually checks the *multiple*
keywords that can appear in an object's BEGIN line.
Make this clear in the doc comment.
Expose it for use by the netdoc builder.
2023-01-24 16:15:17 +00:00
Ian Jackson
a8ab0a5f46
tor-netdoc: tokenize: crate-Expose object::BEGIN_STR etc.
...
The document builder wants these too.
2023-01-24 16:15:17 +00:00
Ian Jackson
5bd54f3701
tor-netdoc: Make AuthCertKwd pub(crate)
...
For now, this will be useful in a test.
2023-01-24 16:15:17 +00:00
Ian Jackson
043581fe0e
tor-bytes: impl Writeable for &impl Writeable
2023-01-24 16:15:17 +00:00
Ian Jackson
a4a4b19f21
tor-bytes: Implement conversion from EncodeError to Bug
2023-01-24 16:15:17 +00:00
eta
c31f451e0b
Merge branch 'bug736' into 'main'
...
Prop304: Add extended SOCKS result codes for onion services
See merge request tpo/core/arti!978
2023-01-24 15:05:19 +00:00
Nick Mathewson
fd8915155e
Merge branch 'ignore' into 'main'
...
Do not .gitignore crates/*/fuzz/corpus
See merge request tpo/core/arti!982
2023-01-20 18:47:20 +00:00
Ian Jackson
5c76bca692
tor-llcrypto: Tolerate some warnings (fmt)
2023-01-20 17:29:45 +00:00
Ian Jackson
4e6f5b7ff3
Do not .gitignore crates/*/fuzz/corpus
...
These are symlinks which are actually checked in. They should not be
ignored. (This caused trouble for some of my privsep tooling...)
2023-01-20 17:29:00 +00:00
Ian Jackson
bd21d23279
tor-llcrypto: Tolerate some warnings
...
Without this,
cargo +stable clippy -p tor-netdoc --all-features
produces warnings.
2023-01-20 16:37:31 +00:00
Nick Mathewson
131775bf36
Upgrade to latest rsa crate.
2023-01-20 08:06:30 -05:00
Nick Mathewson
02a1f9a3e4
Upgrade to latest async-broadcast
...
(We don't yet use the code that uses it, but we might as well have
our unused code be up-to-date.)
2023-01-20 08:06:30 -05:00
Nick Mathewson
707efc944d
upgrade to latest serial_test
2023-01-20 08:06:30 -05:00
Nick Mathewson
889206cde4
Complete our migration to base64ct.
...
This is in lieu of upgrading to the latest base64 crate, which has
a different API from the old one. Since we have to migrate either
way, we might as well use base64ct everywhere.
I don't think that most of these cases _require_ constant-time
base64, but it won't hurt.
2023-01-20 08:06:30 -05:00
Nick Mathewson
6cb0528cc1
Upgrade to latest rlimit crate.
2023-01-19 14:10:54 -05:00
Neel Chauhan
66a649f5f8
Prop304: Add extended SOCKS result codes for onion services
2023-01-18 18:39:00 -08:00
Michael van Straten
fa93f6674d
made TorClient::set_stream_prefs public
2023-01-18 18:20:59 +01:00
Nick Mathewson
12845d6e1e
tor-proto: Draft API to handle incoming BEGIN requests.
...
Onion services (and later, exits and caches) will need this.
2023-01-17 15:20:03 -05:00
Nick Mathewson
e8ed46006e
tor-proto: Expose support for doing onion service handshakes
...
This is a little tricky, but I think that we're not actually
exposing too much here. I expect we'll need to tweak this stuff
between now and our final version.
2023-01-17 15:20:03 -05:00
Nick Mathewson
99fdaa7c2e
tor-proto: Draft APIs for handling control messages
...
We will need these for onion services, to send and receive messages
of types not handled directly by the tor-proto crate.
2023-01-17 15:20:03 -05:00
Nick Mathewson
4fedd301cf
tor-proto: Rename "hs" experimental feature to "onion-common"
...
(For consistency with other crates)
2023-01-17 15:20:03 -05:00
Nick Mathewson
56cb2d2a10
Make a top-level API for connecting to onion services.
...
Fortunately, it adds very little to the arti-client API surface.
2023-01-12 09:28:58 -05:00
Nick Mathewson
7030cbe460
Merge branch 'onion-netdir-apis' into 'main'
...
Add onion service APIs to tor-netdir
See merge request tpo/core/arti!966
2023-01-11 16:08:18 +00:00
Nick Mathewson
de3f10f492
netdir: add network parameters related to onion services
...
These are available unconditionally, since they represent
comparatively little storage and processing effort.
See param-spec.txt section 8 for the original information here.
2023-01-11 09:10:08 -05:00
Nick Mathewson
136f70545d
tor-units: Add an IntegerMinutes.
2023-01-11 09:10:08 -05:00
Nick Mathewson
5b74ef7af9
Adjust onion service ring APIs in light of prop#342
...
* It is the NetDir's responsibility to tell the caller what the time
period is.
* There can be up to two secondary time periods.
* Each time period has a single SRV.
* Secondary time periods only apply for onion services, when they
publish.
* When publishing, the correct input is a time period.
2023-01-11 09:04:13 -05:00
Nick Mathewson
f24f8d295c
Sketch APIs for the onion service directory ring.
...
These are a bit complex internally, but the API they present is
pretty simple. I've left some discussion of points where the design
isn't totally fleshed out, and where we need to look harder at the
spec.
Part of #716 .
2023-01-11 09:04:13 -05:00
Nick Mathewson
2c41321710
Netdoc: Refactor SharedRandVal.
...
SharedRandVal now holds only the 32-byte random value itself; the
"number of commits" field is in SharedRandStatus.
This commit also makes the SharedRandVal be exactly 32 bytes, since
we've set it to that value in the spec.
2023-01-11 09:04:12 -05:00
Nick Mathewson
d7abced11f
hscrypto: Add several derives
...
The important addition here is the Copy derives, which affect API
design. I'm applying them to the types that are 32 byte or smaller.
2023-01-11 09:04:12 -05:00
Ian Jackson
d6800bae0c
Merge branch 'blind_privkey' into 'main'
...
llcrypto: Implement secret-key blinding.
Closes #719
See merge request tpo/core/arti!964
2023-01-09 18:06:00 +00:00
eta
cea6396513
Merge branch 'typos' into 'main'
...
Fix typos
See merge request tpo/core/arti!965
2023-01-09 14:44:00 +00:00
eta
371bcdc554
Merge branch 'arti-hyper-fixing-715' into 'main'
...
Temporary fix for #715 and #569
Closes #715
See merge request tpo/core/arti!958
2023-01-09 14:43:37 +00:00
Dimitris Apostolou
892c6eaadf
Fix typos
2023-01-07 20:35:54 +02:00
Michael van Straten
2e8c38d11d
Removed unnecessary "all()" cfg constraint
2023-01-07 13:00:40 +01:00
Michael van Straten
90a25fa21a
Added x86_64-apple-darwin to fallback to "tls-api-openssl"
2023-01-07 12:57:23 +01:00
Michael van Straten
0a04851636
fixed "broken_intra_doc_link"
2023-01-06 19:43:44 +01:00
Nick Mathewson
8472acf3ac
Merge branch 'onion-api-v0.2' into 'main'
...
Onion service APIs, part 1.
See merge request tpo/core/arti!959
2023-01-06 18:32:36 +00:00
Ian Jackson
0c2f800ab0
Merge branch 'sensitive' into 'main'
...
tor-proto: Remove some sensitive info from errors
See merge request tpo/core/arti!934
2023-01-06 18:07:26 +00:00
Nick Mathewson
7f6e3e19a3
Sketch a solution for arti#525
2023-01-06 13:03:50 -05:00
Nick Mathewson
91d9ffe0b6
Sketch out new required APIs in tor-cell
2023-01-06 13:03:50 -05:00
Nick Mathewson
9a54e01dd0
tor-cert: add a few hs TODOs
2023-01-06 13:03:50 -05:00
Nick Mathewson
eba937e54c
netdoc: Outline some basic types for encoding HsDescs.
2023-01-06 13:03:50 -05:00
Nick Mathewson
0203634ec5
Create a new tor-hscrypto crate.
...
This module has types and operations needed in multiple places
for an onion service implementation. There are a bunch of
TODO hs-crypto comments that we'll need to fill in.
2023-01-06 13:03:50 -05:00
Nick Mathewson
e650e07cd4
netdoc: note some changes we will have to make to srv
2023-01-06 13:03:50 -05:00
Nick Mathewson
7d38bbd829
llcrypto: fix a comment.
...
This described the wrong type of key.
2023-01-06 13:03:50 -05:00
Nick Mathewson
e7c87372e2
llcrypto: clarify meaning of "Identity".
...
The `Ed25519Identity` and `RsaIdentity` types are not precisely
always used as relay identifiers: they are more generally used as
_key_ identifiers.
This will become relevant as `RsaIdentity` is used for authority
keys (as in authorities' VoterInfo blocks), and as `Ed25519Identity`
is used as the identifier behind an onion service key.
2023-01-06 13:03:47 -05:00
Ian Jackson
98acafe9d1
tor-proto: rustfmt
...
Not sure why the tree didn't have this newline already. "Whatever".
2023-01-06 17:26:54 +00:00
Ian Jackson
0639b105c5
tor-proto: CreateFastWrap::decode_chanmsg: Do not report handshake
...
The debug impl prints the handshake challenge, which we should
probably treat as sensitive.
2023-01-06 17:26:54 +00:00
Ian Jackson
df2124e28f
tor-proto: impl Display for CreateResponse
...
Don't print the handshake value, but do print the display reason.
2023-01-06 17:26:54 +00:00
Ian Jackson
8c925499f8
tor-proto: When relay IDs mismatch, the IDs are sensitive in errors
2023-01-06 17:26:54 +00:00
Nick Mathewson
1e25a962a7
chanmgr: trace-level logs when launching connections.
...
Based on more temporary debugging code. Yet another part of #677 .
2023-01-06 17:19:00 +00:00
Nick Mathewson
71dfaa3125
ptmgr: Add more logs when looking/creating a PT.
...
These are also based on temporary logs that I added locally while I
was hunting bugs.
Also part of #677 .
2023-01-06 17:19:00 +00:00
Nick Mathewson
3eebe33678
ptmgr: Add more logging to IPC code.
...
This is based on logs that I added locally while I was trying to
debug some startup issues. Hopefully they'll make things easier the
next time there's something to debug.
Part of #677 .
2023-01-06 17:19:00 +00:00
eta
b525fccfb0
Merge branch 'ya-lint' into 'main'
...
tor-linkspec: Fix an unused lint
See merge request tpo/core/arti!935
2023-01-06 17:16:27 +00:00
eta
118050e54c
Merge branch 'test-lints' into 'main'
...
Add test lint blocks to all "mod test"
See merge request tpo/core/arti!937
2023-01-06 17:16:09 +00:00
eta
fbae20537c
Merge branch 'bug589a' into 'main'
...
Remove allow(unreachable_pub) from tor-guardmgr/src/lib.rs
Closes #589
See merge request tpo/core/arti!944
2023-01-06 17:14:03 +00:00
eta
d869676263
Merge branch 'socks-resolve-ip' into 'main'
...
resolve ip through socks by parsing them
Closes #714
See merge request tpo/core/arti!957
2023-01-06 17:08:25 +00:00
Nick Mathewson
306e72c566
llcrypto: Implement secret-key blinding.
...
Closes #719 .
Due to a difference between ed25519-dalek and ed25519-donna,
converting these secret keys directly to public keys does not work.
I've documented this in a "Limitations" section.
2023-01-06 12:02:49 -05:00
eta
246a5f1e56
Merge branch 'ctbytes' into 'main'
...
Add a new "CtByteArray" type, and use it in Id types.
See merge request tpo/core/arti!962
2023-01-06 16:41:29 +00:00
Nick Mathewson
9d3f19fd38
Add a new "CtByteArray" type, and use it in Id types.
...
This type provides a common implementation for types that are
implemented as arrays of bytes that should only be compared
with constant-time comparisons.
2023-01-05 12:34:14 -05:00
Michael van Straten
0d05a61381
Temporary fix for #715 and #569
2023-01-05 00:00:47 +01:00
Ian Jackson
a7035d08a1
Merge branch 'tor-rtmock-rfc3399' into 'main'
...
Use parse_rfc3339() in the tor-rtmock crate
See merge request tpo/core/arti!943
2023-01-04 14:32:13 +00:00
Ian Jackson
8f91bc5ef9
Merge branch 'tor-proto-use-rfc3339' into 'main'
...
Use parse_rfc3339() in the tor-proto crate
See merge request tpo/core/arti!942
2023-01-04 14:31:07 +00:00
Ian Jackson
0ac7dfbd9e
Merge branch 'tor-netdoc-rfc3399' into 'main'
...
Use parse_rfc3339() in the tor-netdoc crate
See merge request tpo/core/arti!941
2023-01-04 14:30:08 +00:00
trinity-1686a
29f1d9012d
resolve ip through socks by parsing them
2023-01-03 17:53:16 +01:00
Emil Engler
8579bc66a8
doc: consistent summary line for the READMEs
...
This commit introduces a consistency to the summary line of all
README.md files in each and every crate.
2022-12-20 14:31:47 +01:00
Neel Chauhan
e39e39ea27
Add semver.md for (into_)handshake()
2022-12-19 08:25:15 -08:00
Neel Chauhan
b649a1d86f
msg::{CreateFast/CreatedFast}: Rename accessor to (into_)body()
2022-12-18 21:00:24 -08:00
Neel Chauhan
23db2944cc
Remove allow(unreachable_pub) from tor-guardmgr/src/lib.rs
...
Closes #589
2022-12-16 13:23:57 -08:00
Neel Chauhan
11958c9241
Use parse_rfc3339() in the tor-rtmock crate
2022-12-16 13:07:49 -08:00
Neel Chauhan
a180f911bd
Use parse_rfc3339() in the tor-netdoc crate
2022-12-16 12:56:00 -08:00
Neel Chauhan
c171c0f834
Use parse_rfc3339() in the tor-proto crate
2022-12-16 12:53:50 -08:00
Ian Jackson
fa5a417fc9
Merge branch 'err-dyn-report' into 'main'
...
Error logging (ErrorReport, .report()) POC
See merge request tpo/core/arti!936
2022-12-15 15:02:17 +00:00
Ian Jackson
8a28cb2d14
tor-error: tests: Add a test case for Report and Bug wrapping
2022-12-15 14:37:08 +00:00
Ian Jackson
125a455bdc
test lint blocks: Add many many automatically
...
This is precisely the result of running the rune in
maint/adhoc-add-lint-blocks.
2022-12-12 18:00:30 +00:00
Ian Jackson
baf78361e8
test lint blocks: Do some semi-manually
...
This is the hunks from running the rune in maint/adhoc-add-lint-blocks
but which require some subsequent manual fixup: usually, deleting
now-superfluous outer allows, but in some cases manually putting back
lints that the adhoc script deleted.
2022-12-12 18:00:29 +00:00
Ian Jackson
ec7720ae91
test lint blocks: Standardise one in tor-socksproto
...
The previous syntax was recognised by the real script, but not by the
ad-hoc script I'm about to use to add all the missing ones.
2022-12-12 17:50:39 +00:00
coral
25f113b8b3
Tackling issue #663 (Use humantime in tests)
2022-12-12 17:41:22 +00:00
Ian Jackson
4181ccb8cc
tor-circmgr: Use ErrorReport on a logged error
...
To demonstrate what the use looks like.
2022-12-12 16:40:51 +00:00
Ian Jackson
b132536b32
tor-error: Provide ErrorReport extension trait with .report() method
2022-12-12 16:40:51 +00:00
Ian Jackson
bd46e2ae84
tor_error: Promote internal StdError alias to report
...
The std::error::Error repetition was getting rather repetitively
repetitious, and is about to get more so.
2022-12-12 16:40:51 +00:00
Ian Jackson
8fea4dd6d3
tor-proto: reactor tests: Use debug fmt on an error
...
In tests, debug fmt is usually appropriate.
Found while looking for a candidate for
https://gitlab.torproject.org/tpo/core/arti/-/issues/680
2022-12-12 16:40:51 +00:00
Ian Jackson
05ca80950e
tor-linkspec: Fix an unused lint
...
Otherwise:
cargo +stable clippy -p tor-proto --all-features --all-targets
Produces:
warning: unused import: `PtTargetAddr`
--> crates/tor-linkspec/src/traits.rs:9:28
|
9 | use crate::{ChannelMethod, PtTargetAddr, RelayIdRef, RelayIdType, RelayIdTypeIter};
| ^^^^^^^^^^^^
2022-12-12 15:08:31 +00:00
Ian Jackson
5611d5cb0c
Rename Sensitive::into_inner() from ::unwrap()
...
By analogy with similar methods on Mutex, Cell, BufReader, etc. etc.
Discussed here
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/890#note_2856885
Make it a method, as per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/928
2022-12-12 11:52:34 +00:00
Dimitris Apostolou
7c1beb6171
Fix typos
2022-12-09 11:57:36 +02:00
Nick Mathewson
dc2c00e282
Merge branch 'doc-config-must' into 'main'
...
tor-config: Document how to reject compiled-out features
Closes #654
See merge request tpo/core/arti!929
2022-12-07 13:20:09 +00:00
Nick Mathewson
64ea12d4b9
Merge branch 'shewllexpand' into 'main'
...
tor-config: Update to shellexpand 3.x
See merge request tpo/core/arti!927
2022-12-07 13:19:39 +00:00
Ian Jackson
4e74104e70
Merge branch 'spelling-20221206' into 'main'
...
A few spelling fixes for bridgedescmgr code
See merge request tpo/core/arti!925
2022-12-06 18:25:43 +00:00
Ian Jackson
d88e890583
Merge branch 'persist_err_test' into 'main'
...
Test a couple more error cases in tor-persist, and lightly refactor
See merge request tpo/core/arti!930
2022-12-06 16:38:28 +00:00
Ian Jackson
fe5aeed41f
Merge branch 'safelog_tests' into 'main'
...
More unit tests for safelog crate
See merge request tpo/core/arti!928
2022-12-06 16:17:44 +00:00