d10ccf0dc5
netdoc: Rename/comment objects from inner_layer.
2023-02-07 09:02:15 -05:00
1cdd36f511
netdoc: Rename/comment objects from middle_layer.
2023-02-07 09:02:15 -05:00
1a59005ae0
netdoc: Rename/comment objects from desc_enc
2023-02-07 09:02:15 -05:00
7701e02aad
netdoc: Renaming and comments in outer_layer.
2023-02-07 09:02:15 -05:00
68d2ccf5fe
netdoc: Use Itertools::exactly_once in hsdesc parsing
2023-02-07 09:02:15 -05:00
3d53a30c94
netdoc: Remove useless should_be_exhausted calls.
2023-02-07 09:02:15 -05:00
cff2326f6f
Remove a needless line.
2023-02-07 09:02:15 -05:00
fbffd3168c
Even more clarifying comments.
2023-02-07 09:02:15 -05:00
328535855a
netdoc: Try to add a bunch of clarifying documentation.
...
In the process I found a couple of keys without identifiers in the
spec.
2023-02-07 09:02:15 -05:00
6954c6b488
netdoc: Use Signature::from to construct ed25519 sigs.
2023-02-07 09:02:15 -05:00
4c24f8e8a2
netdoc: Clear up a few typos in hsdesc comments and strings.
2023-02-07 09:02:15 -05:00
d699742400
netdoc: Implement onion service descriptor parsers.
2023-02-07 09:02:15 -05:00
2b82011dfb
tor-checkable: Add dangerously_map() functions.
...
These functions consume a checkable wrapper, and return a new
checkable wrapper with mapped contents but the same not-yet-checked
constraints.
As documented, They are "dangerous" because the provided function
gets access to the contents before they are checked; the caller has
to make sure that the provided function doesn't expose their
contents inappropriately.
2023-02-07 09:02:15 -05:00
23757d90c1
netdoc: Parse the inner layer of an onion service descriptor.
...
There are some places where I note certificates which are not
currently validated, because there is no cryptographic point in
doing so. We should either document that this is okay, or validate
the certificates anyway.
This code might benefit from refactoring to make it prettier.
2023-02-07 09:02:15 -05:00
6817f61641
netdoc: Add a workaround for C Tor's lack of mid-layer NL
...
It turns out that C Tor doesn't add a newline at the end of the
middle layer of an onion service descriptor. I've made a spec MR
(torspec!109) to document this: here, it's time to work around the
issue.
2023-02-07 09:02:15 -05:00
4be4d178fa
netdoc: Parse the middle layer of a hsdesc, and decrypt it.
2023-02-07 09:02:15 -05:00
321c8582ce
netdoc: Use correct size for descriptor encryption cookie
2023-02-07 09:02:15 -05:00
d8849f583e
netdoc: move test descriptor to a higher level test module
...
We're going to make use of it in all of our tests, so we may as well
expose it to them from hsdesc::test.
2023-02-07 09:02:15 -05:00
02fa682bc0
netdoc: implement onion service descryptor encryption
...
This is tested via a round-trip check, and via a successful
decryption of our example descriptor's outer layer.
2023-02-07 09:02:13 -05:00
6c4e9c8f1d
netdoc: Parser for outer layer of onion service descriptors.
2023-02-07 09:00:19 -05:00
d35e8a751d
netdoc: Add an example onion service descriptor to test our parsing.
...
I generated this using C tor (latest main) and a Chutney network
about a week ago.
The subcredential is:
78210A0D2C72BB7A0CAF606BCD938B9A3696894FDDDBC3B87D424753A7E3DF37
The HS_blind_id is:
43CC0D62FC6252F578705CA645A46109E265290343B1137E90189744B20B3F2D
2023-02-07 09:00:19 -05:00
0f1cfc308a
netdoc: Derive Debug and Clone on HsDesc and its kin.
2023-02-07 09:00:19 -05:00
4c0be7c568
hscrypto: Impl From<Ed25519Identity> for BlindedOnionId.
2023-02-07 09:00:19 -05:00
3ce5ee1499
hscrypto: add From/Into between RevisionCounter and u64.
2023-02-07 09:00:19 -05:00
a751eacd5b
tor-cert: document hs-related certificate types.
...
Also, explain why a few of these certificates aren't actually useful
as certificates. (This issue is also documented in torspec!110)
2023-02-07 09:00:19 -05:00
079002d283
tor-cert: Implement Timebound for Ed25519Cert
...
This allows us to run `is_valid_at` and friends on the certificate
itself, which we will use soon in hsdesc validity checks.
2023-02-07 09:00:19 -05:00
59b981ea5e
llcrypto: Implement `Into<[u8;32]>` for Ed25519Identity
2023-02-07 09:00:19 -05:00
72448b704a
llcrypto: Derive zeroize for CtByteArray.
2023-02-07 09:00:19 -05:00
a0a740ffc1
tor-linkspec: LinkSpec parsing: use read_nested_u8len (fmt)
2023-02-06 16:08:32 +00:00
5997d99a7a
tor-linkspec: LinkSpec parsing: use read_nested_u8len
...
This eliminates hardcoded length values.
2023-02-06 16:08:21 +00:00
73199ebf68
netdoc: Require that unrecognized tokens be handled explicitly.
...
Now we require that, for all `SectionRules`, either the caller say
how to handle unrecognized tokens (using `.add(UNRECOGNIZED...)`),
or that they explicitly reject unrecognized tokens (using
`reject_unrecognized`()`.)
This solution uses an assert!() rather than an Error to indicate
failure. I say that's fine, since
1. This is a crate-internal API.
2. We never dynamically construct SectionRules according to
different behavior: they are always prefabricated in a fixed
code block. Thus, if we test a parser at all, we will make
sure that its SectionRules are well-formed.
I considered and explicitly rejected a solution where the builder
had to be finalized with separate methods `build_strict()` or
`build_tolerant()`: It's too easy IMO for the caller to forget what
these call means.
Prevents further recurrences of #752 .
Closes #752 .
2023-02-03 11:33:30 -05:00
13d5452e2e
netdoc: Switch SectionRules building to use a Buidler pattern.
...
No new behavior yet.
2023-02-03 11:14:00 -05:00
266c61f721
Add a rule to handle UNRECOGNIZED in AuthCert.
...
This fixes an instance of bug#752. Previously, we would reject any
AuthCert that contained an unexpected keyword. (Fortunately, this
data format does not change very often.)
2023-02-03 10:53:23 -05:00
d469aef72a
Tidy up docs about RouterStatusIdx
...
Always use "index" and not "position".
Remove wording which is otiose given the type name.
2023-02-01 19:40:17 +00:00
2dbffa1208
tor-netdir: Use typed-index-collections for router status index
2023-02-01 19:40:17 +00:00
b7e41c3981
tor-netdir: Provide ConsensusRelays extension trait (fmt)
2023-02-01 19:39:14 +00:00
4eee59ddb7
tor-netdir: Provide ConsensusRelays extension trait
...
Call it everywhere instead of the inherent method on MdConsensus.
(Verified by ad-hoc temporarily renaming MdConsensus::relays().)
2023-02-01 19:39:09 +00:00
5bca38acc5
tor-netdoc: Suppress a cfg-dependent dead code warning
...
This is dead code when
cargo +stable clippy -p tor-netdir --all-features --all-targets
2023-02-01 18:46:54 +00:00
155b9ed581
Change two in-code references to the wrong feature name
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/issues/756
I think this is going in the wrong direction, but it is better to fix
it so that the names agree for now, pending a decision on the naming.
2023-02-01 18:46:54 +00:00
8ee04ac203
Merge branch 'logs' into 'main'
...
Report causes of errors
Closes #680
See merge request tpo/core/arti!997
2023-02-01 18:19:33 +00:00
04628ca5ab
Remove semver.md files now that 1.1.1 is tagged.
2023-02-01 12:46:01 -05:00
a2b1f20216
Bump minor version of tor-cell.
...
In !948 we renamed a couple of accessor functions, which is a
breaking change in `tor-cell`'s API.
In retrospect, perhaps we should have deprecated the old names and
added the new ones, so we wouldn't have to break the API. (This is
the only API break AFAICT since 1.1.0.)
2023-02-01 10:42:58 -05:00
7c1b6a5a81
Bump the patch version of every crate that had API additions
...
These crates had API or behavior changes that may affect downstream
crates. Fortunately, they're all version 0.x, and don't need minor
bumps for this.
2023-02-01 10:36:29 -05:00
66f594a4b6
Bump the patch-level version of crates with _minor_ changes.
...
These changes influence behavior, but not effect compatibility.
(If I messed up, and any crate except for `arti` has non-breaking
API changes, that's still fine, since they are all version
0.x.)
2023-02-01 10:23:58 -05:00
592d6bf8a3
Bump the patch version of each crate with _trivial_ changes.
...
These crates have not had changes to their behavior; as such it is
not necessary to bump their dependencies to require the new versions.
2023-02-01 10:10:36 -05:00
c42350c6bf
Move tor-proto/semver.md to tor-cell
...
It was erroneously created in the wrong place.
2023-02-01 09:50:02 -05:00
e172a0c893
Mark arti-config as "publish=false"
...
We no longer use it anywhere; there is no reason to keep publishing
updates to it.
2023-02-01 09:48:09 -05:00
37edcd688a
Use ErrorReport - run rustfmt
...
Split off for ease of review and possible rebase.
2023-01-30 18:52:32 +00:00
e159bf57d2
Use ErrorReport for errors in error! in tor-ptmgr
2023-01-30 18:52:32 +00:00
aa7397bc0f
Use ErrorReport's .report() for two errors in error! in bridgedesc.rs
...
No functional change, just using the new idiom.
2023-01-30 18:52:32 +00:00
3a8c36e9c6
Use ErrorReport for remaining errors in error! in tor-circmgr
2023-01-30 18:52:32 +00:00
8c1830090c
Use ErrorReport for errors in error! in tor-chanmgr
2023-01-30 18:52:32 +00:00
22016f233b
Use tor_error::Report for remaining errors in error! in arti
2023-01-30 18:52:32 +00:00
49f3697b19
Apply safelog to DNS response serialisation errors, but report them
...
With safe logging disabled, print the error too.
With safe logging enabled, do not print the message or the error.
2023-01-30 18:52:32 +00:00
5c0a7e0127
Use ErrorReport for errors in error! in arti-client
2023-01-30 18:52:32 +00:00
2954568fae
Use ErrorReport for errors in warn! in tor-ptmgr
2023-01-30 18:52:32 +00:00
47e226293f
Use ErrorReport for errors in warn! in tor-persist
2023-01-30 18:52:32 +00:00
dc9352b515
Use ErrorReport for errors in warn! in tor-dirmgr
2023-01-30 18:52:32 +00:00
25c41977ac
Use ErrorReport for errors in warn! in tor-circmgr
2023-01-30 18:52:32 +00:00
410fdc9f32
Use ErrorReport for errors in warn! in tor-chanmgr
2023-01-30 18:52:32 +00:00
36ebf7d23a
Use ErrorReport/Report for errors in warn! in arti
2023-01-30 18:52:32 +00:00
cc6cf7f973
Use ErrorReport for errors in info! in tor-dirmgr
2023-01-30 18:04:57 +00:00
0e6be61db6
tor-dirclient: De-genericise internal fn retire_circ
...
Requring `Display` is wrong here, because if this is actually an
Error, Display would be wrong because it doesn't display causes.
As it happens, the `error` parameter is only ever `&str`.
2023-01-30 18:00:53 +00:00
f657ef5b6c
Use ErrorReport for errors in info! in tor-circmgr
2023-01-30 17:59:09 +00:00
c2e4b8b7f9
Errors: Mark the type of an error, for clarity
...
We want to call ErrorReport::report() on Errors, but this isn't an
Error but only a string.
2023-01-30 17:52:02 +00:00
f6cbd180a1
netdir: remove duplicate code in param calculation
2023-01-28 12:43:08 -05:00
4e7a552171
netdir: remove the vestigial smallvec implementation I added
...
It's cute, but I don't think it will help performance, and I'm
undecided about whether the semantic implications are true.
2023-01-28 12:43:08 -05:00
268a723e49
Turn compute_ring_params into a method.
2023-01-28 12:43:08 -05:00
2490b3cdc6
Use derive_more on SharedRandVal
...
This may be temporary if we wind up converting to CtByteArray,
but for now it's good to be terse.
2023-01-28 12:43:08 -05:00
a51c76178e
Several suggestions on gitlab.
2023-01-28 12:43:08 -05:00
5236c5cf88
netdir: Implement ring-param constructors and time period accessors
...
This logic is a bit tricky, so I've tried to document it and add
fairly good tests. The silver lining is that the external API for
all of this logic will make it invisible and hidden.
There are some cases where I added functions that I think might
eventually get lowered into MdConsensus: But I don't want to lower
too much right now, since the convention for our netdoc accessors is
that they are fairly unsophisticated, and they show you the document
as it is.
Closes #686
2023-01-28 12:43:08 -05:00
9f3e6783ca
netdoc: Add Eq and a note to SharedRandVal.
2023-01-28 12:12:17 -05:00
790b38eec8
netdoc: Add SRV accessors.
...
These are deliberately unsophisticated accessors, in that they return Option<>
rather than filling in missing values with the documented
fallbacks. It seems better to leave a way to distinguish the absent
case in the API.
2023-01-28 12:12:17 -05:00
c1ced84239
netdoc: Add a timestamp to SRVs per prop#342.
...
This breaks some experimental APIs, but since they are experimental
no semver note is needed.
2023-01-28 12:12:17 -05:00
8ce447b7e2
netdoc: Add Iso8601 time _with_ a "T" as an argument type.
2023-01-28 12:12:17 -05:00
3da36c5c8b
Fix typos
2023-01-28 01:31:10 +02:00
856d3b0a8b
ErrorHint: Report hints for arti_client errors.
2023-01-27 11:56:53 -05:00
b3c963e7fa
ErrorHint: Add a note about lowering the permissions hint
2023-01-27 11:56:53 -05:00
ae963e3c6b
ErrorHint: use anonymize_home
2023-01-27 11:56:53 -05:00
39ad97fdc2
ErrorHint: Implement tryfrom_torpersist
2023-01-27 11:56:53 -05:00
3c82f794c1
ErrorHint: refactor API (part 2)
...
Change ErrorHint so that, internally, it just holds an enum with a
lightweight reference to whatever parts of the error it needs to
generate a hint. Then we can move the formatting logic into a
Display function for ErrorHint, and do away with ErrorDetail entirely.
2023-01-27 11:56:53 -05:00
b8058c5d02
ErrorHint: refactor API (part 1)
...
Move the "hint" function into Error, and use Option rather than Result.
(I'm using Option here because it's not really an error case not to have
a hint; we just either have a hint, or we don't.)
2023-01-27 11:56:53 -05:00
cc4c07678a
add opaque ErrorHint API, impl ErrorHint from BadPermissions
2023-01-27 11:02:42 -05:00
b7c8646d7b
circmgr: drop a receiver more explicitly.
...
Clippy now complains about `let _ = (expr_producing_a_future);`,
which is probably smart, since maybe you wanted to await that future
and ignore the result. So it seems that the right way to get rid of
an unwanted Receiver is now to drop it explicitly.
Closes #749
2023-01-27 09:16:51 -05:00
2127c6b088
"Fix" remaining unchecked-subtraction warnings.
...
In both cases I think it's fine to panic; but it's best to do so
explicitly.
2023-01-27 09:16:41 -05:00
a6dd92843e
Allow clippy::unchecked_duration_subtraction in tests
...
This panics on error, and we're fine with a panic on misbehavior in
tests.
2023-01-27 08:28:02 -05:00
ed74c62931
Elide a bunch of lifetimes.
...
Clippy now warns about these; I'm not sure how these warnings snuck
up on us.
2023-01-27 08:28:02 -05:00
bf04641c68
Disable clippy::unlinlined-format-args
...
This warning kind of snuck up on us! (See #748 ) For now, let's
disable it. (I've cleaned it up in a couple of examples, since
those are meant to be more idiomatic and user-facing.)
Closes #748 .
2023-01-27 08:27:47 -05:00
f2e254e63d
Merge branch 'toml_0.6' into 'main'
...
Upgrade toml to version 0.6.
See merge request tpo/core/arti!989
2023-01-26 17:34:52 +00:00
b2373e6d3f
Merge branch 'hscrypto_impl' into 'main'
...
Implement tor-hscrypto
Closes #684 and #742
See merge request tpo/core/arti!980
2023-01-26 14:28:13 +00:00
51741398b2
Merge branch 'netdoc-builder' into 'main'
...
tor-netdoc: Provide NetdocEncoder (internal)
See merge request tpo/core/arti!984
2023-01-26 11:40:50 +00:00
02d15dc5c1
Merge branch 'env' into 'main'
...
shell: use /usr/bin/env instead of absolute paths
See merge request tpo/core/arti!988
2023-01-26 11:35:38 +00:00
cd7059f5c7
Merge branch 'sensitive' into 'main'
...
tor-proto: Mark stream ids in errors as sensitive
See merge request tpo/core/arti!986
2023-01-26 11:31:46 +00:00
f9903789d1
Upgrade toml to version 0.6.
...
This required rewriting some of our error handling code in
command-line processing, since the toml crate now displays and
reports errors differently. (Admittedly, this code still is kind of
ugly, but at least it is nicely hidden.)
2023-01-25 16:29:53 -05:00
790f21032a
hscrypto: Remove Credential.
...
It turns out that the credential is only calculated as an
intermediate result in order to blind keys and produce the
subcredential. As such, it has no need to leave the hscrypto module.
2023-01-25 14:34:16 -05:00
b4c4a21297
hscrypto: add a note about maybe replacing epoch_offset with voting_interval
2023-01-25 14:15:53 -05:00
9864fd9db8
hscrypto: Explain why vanity onions require expanded secret keys.
2023-01-25 14:14:32 -05:00
4399722ada
hscrypto: document why we have keys in un-expanded form
2023-01-25 14:07:04 -05:00
360e84afab
hscrypto: Note that maybe Duration is the wrong type to use.
2023-01-25 13:59:50 -05:00
904688467c
hscrypto: Note the need for a Result rather than an Option
2023-01-25 13:57:57 -05:00
ab0edd55e0
Apply several clarifications (and fixes for missing refs)
2023-01-25 18:54:48 +00:00
386de7587e
hscrypto: Use derive_more, and derive Deref for public keys.
2023-01-25 13:48:40 -05:00
79097484de
shell: use /usr/bin/env instead of absolute paths
...
This commit changes the shebang in all shell scripts from absolute
paths (such as `/bin/bash` or `/usr/bin/python3`) to the `/usr/bin/env`
binary with the accompanying interpreter as it's argument.
The reason for this are as follows:
- NixOS cannot work with absolute paths
- BSD systems install their packages in /usr/local/bin
2023-01-25 18:35:53 +01:00
fe6575ef98
hscrypto: Revise TimePeriod to account for variable offset.
...
Previously, the offset was set to 12 hours unconditionally (like the
spec says). But based on a conversation on tor-dev, it seems that
the offset should actually be 12 times the voting interval.
I'm also opening an MR to change the spec.
2023-01-24 15:04:40 -05:00
108bb72c5e
hscrypto: Add documentation for ClientSecretKeys
2023-01-24 13:40:59 -05:00
93cdb0a2c3
Add a note about why we use ExpandedSecretKey for OnionIdSecretKey
2023-01-24 13:40:59 -05:00
00aaf79620
hscrypto: Add our standard clippy warnings
...
(I have squashed the fixes for these warnings into the earlier
commits in this branch, so it will look like I did everything right
the first time.)
2023-01-24 13:40:59 -05:00
f192429442
hscrypto: Implement key blinding.
...
This implementation was made based on the specification, and then
validated against itself, and against C Tor.
2023-01-24 13:40:59 -05:00
3dfeb5b144
hscrypto: Add an implementation for TimePeriod
...
This required some API tweaks, which is probably to be expected;
these time periods are a wonky kind of thing.
2023-01-24 13:33:48 -05:00
0a52d90af3
hscrypto: Implement hs_mac.
2023-01-24 13:33:48 -05:00
44e9d31af9
hscrypto: Improve documentation for RendCookie
2023-01-24 13:33:48 -05:00
49afcafadd
hscrypto: use a macro to define our byte wrappers too.
2023-01-24 13:33:48 -05:00
7e4ad381a8
hscrypto: Add and use a macro to define all PK types.
2023-01-24 13:33:46 -05:00
36485218c3
hscrypto: A couple of spelling fixes.
2023-01-24 13:32:18 -05:00
23bbf17d38
hscrypto: Associate each type with new name from rend-spec-v3.txt
2023-01-24 13:32:18 -05:00
3b2848f904
Merge branch 'onion-api-highlevel' into 'main'
...
Onion-service APIs: circmgr, hsclient, hsservice
See merge request tpo/core/arti!972
2023-01-24 18:19:42 +00:00
590c139af9
tor-proto: Mark stream ids in errors as sensitive
...
Pursuant to #556
2023-01-24 18:08:40 +00:00
5b4ffc5e48
Note a needed isolation API.
2023-01-24 12:32:21 -05:00
606426bfc7
hsservice: Add a note about the contents of circ_info.
...
In order to store per-circuit information, it's a good idea if we
provide something that can be the key of a `PtrWeakKeyHashMap`.
2023-01-24 12:32:21 -05:00
a210686c80
Sketch an API for onion services.
2023-01-24 12:32:21 -05:00
32ae6dfa09
Add a new stub hsclient module to connect to onion services.
2023-01-24 12:32:21 -05:00
8ce05dc725
CircMgr: Draft API to construct targeted multihop circuits.
...
Onion services and onion clients need these to make connections to
HsDirs, Introduction points, and Rendezvous points.
2023-01-24 12:32:21 -05:00
190f24e66d
CircMgr: Draft APIs used to implement onion service clients.
2023-01-24 12:32:21 -05:00
1834579460
Merge branch 'onion-proto-apis' into 'main'
...
Draft APIs for onion services in tor-proto
See merge request tpo/core/arti!970
2023-01-24 17:28:16 +00:00
ce293e4ce4
tor-proto: comment fixes and more TODO hs
2023-01-24 11:50:10 -05:00
92ba020534
Add missing docsrs attribute
2023-01-24 16:19:05 +00:00
15a543d738
netdoc builder: Add two TODOs, prompted by testing experience
2023-01-24 16:15:17 +00:00
be1cd7789d
netdoc builder test: Make a bigger dummy document and test reparsing
2023-01-24 16:15:17 +00:00
eb3b261595
netdoc builder: Implement object() and add one test case
2023-01-24 16:15:17 +00:00
4f0d17d96d
netdoc-builder: Initial test case (no object yet)
2023-01-24 16:15:17 +00:00
066eb12f50
netdoc-builder: Provide new() method
2023-01-24 16:15:17 +00:00
e989871a7b
netdoc-builder: Implement ItemArgument for more needed types
2023-01-24 16:15:17 +00:00
94fec1e12c
netdoc-builder: Remove some obsolete comments
2023-01-24 16:15:17 +00:00
16c4fee4b8
netdoc-builder: Move example into implementation doc comment
...
Not actually tested yet
2023-01-24 16:15:17 +00:00
8f725a19f8
netdoc-builder: Implement most of the internal general doc builder
2023-01-24 16:15:17 +00:00
22cf060426
netdoc-builder api: Clarify docs for object()
2023-01-24 16:15:17 +00:00
c7e816d263
netdoc-builder api: Introduce ItemArgument trait
2023-01-24 16:15:17 +00:00
eac7befc87
netdoc-builder api: Have .item() return ItemBuilder
...
This was a slip in the design doc.
2023-01-24 16:15:17 +00:00
8c8ff4948f
netdoc-builder api: Abolish `K` generic on ItemEncoder
...
We're going to eagerly encode the keyword, so this will be easy.
Removing the generic simplifies the API.
2023-01-24 16:15:17 +00:00
669a399c46
netdoc-builder api: Don't promise to check args_raw_string value
2023-01-24 16:15:17 +00:00
2bc7a371b4
netdoc-builder api: Make ItemEncoder methods consume and return self
...
This will actually make the pattern in the example work.
The mentioned `ItemArgument` trait will arrive soon.
2023-01-24 16:15:17 +00:00
5fccbce160
netdoc-builder api: Move internal API into actual code file (fmt)
2023-01-24 16:15:17 +00:00
e971d1ad59
netdoc-builder api: Move internal API into actual code file
...
Motion, plus the bare minimum needed to make it compile.
2023-01-24 16:15:17 +00:00
f735a128bb
tor-netdoc: tokenize: Provide BASE64_PEM_MAX_LINE
...
We'll use this in the netdoc builder, but it naturally lives here.
2023-01-24 16:15:17 +00:00
c8ac951cf5
tor-netdoc: tokenize: Rename to tag_keywords_ok, document, expose
...
Rename from _keyword_, since this actually checks the *multiple*
keywords that can appear in an object's BEGIN line.
Make this clear in the doc comment.
Expose it for use by the netdoc builder.
2023-01-24 16:15:17 +00:00
a8ab0a5f46
tor-netdoc: tokenize: crate-Expose object::BEGIN_STR etc.
...
The document builder wants these too.
2023-01-24 16:15:17 +00:00
5bd54f3701
tor-netdoc: Make AuthCertKwd pub(crate)
...
For now, this will be useful in a test.
2023-01-24 16:15:17 +00:00
043581fe0e
tor-bytes: impl Writeable for &impl Writeable
2023-01-24 16:15:17 +00:00
a4a4b19f21
tor-bytes: Implement conversion from EncodeError to Bug
2023-01-24 16:15:17 +00:00
c31f451e0b
Merge branch 'bug736' into 'main'
...
Prop304: Add extended SOCKS result codes for onion services
See merge request tpo/core/arti!978
2023-01-24 15:05:19 +00:00
fd8915155e
Merge branch 'ignore' into 'main'
...
Do not .gitignore crates/*/fuzz/corpus
See merge request tpo/core/arti!982
2023-01-20 18:47:20 +00:00
5c76bca692
tor-llcrypto: Tolerate some warnings (fmt)
2023-01-20 17:29:45 +00:00
4e6f5b7ff3
Do not .gitignore crates/*/fuzz/corpus
...
These are symlinks which are actually checked in. They should not be
ignored. (This caused trouble for some of my privsep tooling...)
2023-01-20 17:29:00 +00:00
bd21d23279
tor-llcrypto: Tolerate some warnings
...
Without this,
cargo +stable clippy -p tor-netdoc --all-features
produces warnings.
2023-01-20 16:37:31 +00:00
131775bf36
Upgrade to latest rsa crate.
2023-01-20 08:06:30 -05:00
02a1f9a3e4
Upgrade to latest async-broadcast
...
(We don't yet use the code that uses it, but we might as well have
our unused code be up-to-date.)
2023-01-20 08:06:30 -05:00
707efc944d
upgrade to latest serial_test
2023-01-20 08:06:30 -05:00
889206cde4
Complete our migration to base64ct.
...
This is in lieu of upgrading to the latest base64 crate, which has
a different API from the old one. Since we have to migrate either
way, we might as well use base64ct everywhere.
I don't think that most of these cases _require_ constant-time
base64, but it won't hurt.
2023-01-20 08:06:30 -05:00
6cb0528cc1
Upgrade to latest rlimit crate.
2023-01-19 14:10:54 -05:00
66a649f5f8
Prop304: Add extended SOCKS result codes for onion services
2023-01-18 18:39:00 -08:00
fa93f6674d
made TorClient::set_stream_prefs public
2023-01-18 18:20:59 +01:00
12845d6e1e
tor-proto: Draft API to handle incoming BEGIN requests.
...
Onion services (and later, exits and caches) will need this.
2023-01-17 15:20:03 -05:00
e8ed46006e
tor-proto: Expose support for doing onion service handshakes
...
This is a little tricky, but I think that we're not actually
exposing too much here. I expect we'll need to tweak this stuff
between now and our final version.
2023-01-17 15:20:03 -05:00
99fdaa7c2e
tor-proto: Draft APIs for handling control messages
...
We will need these for onion services, to send and receive messages
of types not handled directly by the tor-proto crate.
2023-01-17 15:20:03 -05:00
4fedd301cf
tor-proto: Rename "hs" experimental feature to "onion-common"
...
(For consistency with other crates)
2023-01-17 15:20:03 -05:00
56cb2d2a10
Make a top-level API for connecting to onion services.
...
Fortunately, it adds very little to the arti-client API surface.
2023-01-12 09:28:58 -05:00
7030cbe460
Merge branch 'onion-netdir-apis' into 'main'
...
Add onion service APIs to tor-netdir
See merge request tpo/core/arti!966
2023-01-11 16:08:18 +00:00
de3f10f492
netdir: add network parameters related to onion services
...
These are available unconditionally, since they represent
comparatively little storage and processing effort.
See param-spec.txt section 8 for the original information here.
2023-01-11 09:10:08 -05:00
136f70545d
tor-units: Add an IntegerMinutes.
2023-01-11 09:10:08 -05:00
5b74ef7af9
Adjust onion service ring APIs in light of prop#342
...
* It is the NetDir's responsibility to tell the caller what the time
period is.
* There can be up to two secondary time periods.
* Each time period has a single SRV.
* Secondary time periods only apply for onion services, when they
publish.
* When publishing, the correct input is a time period.
2023-01-11 09:04:13 -05:00
f24f8d295c
Sketch APIs for the onion service directory ring.
...
These are a bit complex internally, but the API they present is
pretty simple. I've left some discussion of points where the design
isn't totally fleshed out, and where we need to look harder at the
spec.
Part of #716 .
2023-01-11 09:04:13 -05:00
2c41321710
Netdoc: Refactor SharedRandVal.
...
SharedRandVal now holds only the 32-byte random value itself; the
"number of commits" field is in SharedRandStatus.
This commit also makes the SharedRandVal be exactly 32 bytes, since
we've set it to that value in the spec.
2023-01-11 09:04:12 -05:00
d7abced11f
hscrypto: Add several derives
...
The important addition here is the Copy derives, which affect API
design. I'm applying them to the types that are 32 byte or smaller.
2023-01-11 09:04:12 -05:00
d6800bae0c
Merge branch 'blind_privkey' into 'main'
...
llcrypto: Implement secret-key blinding.
Closes #719
See merge request tpo/core/arti!964
2023-01-09 18:06:00 +00:00
cea6396513
Merge branch 'typos' into 'main'
...
Fix typos
See merge request tpo/core/arti!965
2023-01-09 14:44:00 +00:00
371bcdc554
Merge branch 'arti-hyper-fixing-715' into 'main'
...
Temporary fix for #715 and #569
Closes #715
See merge request tpo/core/arti!958
2023-01-09 14:43:37 +00:00
892c6eaadf
Fix typos
2023-01-07 20:35:54 +02:00
2e8c38d11d
Removed unnecessary "all()" cfg constraint
2023-01-07 13:00:40 +01:00
90a25fa21a
Added x86_64-apple-darwin to fallback to "tls-api-openssl"
2023-01-07 12:57:23 +01:00
0a04851636
fixed "broken_intra_doc_link"
2023-01-06 19:43:44 +01:00
8472acf3ac
Merge branch 'onion-api-v0.2' into 'main'
...
Onion service APIs, part 1.
See merge request tpo/core/arti!959
2023-01-06 18:32:36 +00:00
0c2f800ab0
Merge branch 'sensitive' into 'main'
...
tor-proto: Remove some sensitive info from errors
See merge request tpo/core/arti!934
2023-01-06 18:07:26 +00:00
7f6e3e19a3
Sketch a solution for arti#525
2023-01-06 13:03:50 -05:00
91d9ffe0b6
Sketch out new required APIs in tor-cell
2023-01-06 13:03:50 -05:00
9a54e01dd0
tor-cert: add a few hs TODOs
2023-01-06 13:03:50 -05:00
eba937e54c
netdoc: Outline some basic types for encoding HsDescs.
2023-01-06 13:03:50 -05:00
0203634ec5
Create a new tor-hscrypto crate.
...
This module has types and operations needed in multiple places
for an onion service implementation. There are a bunch of
TODO hs-crypto comments that we'll need to fill in.
2023-01-06 13:03:50 -05:00
e650e07cd4
netdoc: note some changes we will have to make to srv
2023-01-06 13:03:50 -05:00
7d38bbd829
llcrypto: fix a comment.
...
This described the wrong type of key.
2023-01-06 13:03:50 -05:00
e7c87372e2
llcrypto: clarify meaning of "Identity".
...
The `Ed25519Identity` and `RsaIdentity` types are not precisely
always used as relay identifiers: they are more generally used as
_key_ identifiers.
This will become relevant as `RsaIdentity` is used for authority
keys (as in authorities' VoterInfo blocks), and as `Ed25519Identity`
is used as the identifier behind an onion service key.
2023-01-06 13:03:47 -05:00
98acafe9d1
tor-proto: rustfmt
...
Not sure why the tree didn't have this newline already. "Whatever".
2023-01-06 17:26:54 +00:00
0639b105c5
tor-proto: CreateFastWrap::decode_chanmsg: Do not report handshake
...
The debug impl prints the handshake challenge, which we should
probably treat as sensitive.
2023-01-06 17:26:54 +00:00
df2124e28f
tor-proto: impl Display for CreateResponse
...
Don't print the handshake value, but do print the display reason.
2023-01-06 17:26:54 +00:00
8c925499f8
tor-proto: When relay IDs mismatch, the IDs are sensitive in errors
2023-01-06 17:26:54 +00:00
1e25a962a7
chanmgr: trace-level logs when launching connections.
...
Based on more temporary debugging code. Yet another part of #677 .
2023-01-06 17:19:00 +00:00
71dfaa3125
ptmgr: Add more logs when looking/creating a PT.
...
These are also based on temporary logs that I added locally while I
was hunting bugs.
Also part of #677 .
2023-01-06 17:19:00 +00:00
3eebe33678
ptmgr: Add more logging to IPC code.
...
This is based on logs that I added locally while I was trying to
debug some startup issues. Hopefully they'll make things easier the
next time there's something to debug.
Part of #677 .
2023-01-06 17:19:00 +00:00
b525fccfb0
Merge branch 'ya-lint' into 'main'
...
tor-linkspec: Fix an unused lint
See merge request tpo/core/arti!935
2023-01-06 17:16:27 +00:00
118050e54c
Merge branch 'test-lints' into 'main'
...
Add test lint blocks to all "mod test"
See merge request tpo/core/arti!937
2023-01-06 17:16:09 +00:00
fbae20537c
Merge branch 'bug589a' into 'main'
...
Remove allow(unreachable_pub) from tor-guardmgr/src/lib.rs
Closes #589
See merge request tpo/core/arti!944
2023-01-06 17:14:03 +00:00
Nick Mathewson
Ian Jackson
Ian Jackson
Dimitris Apostolou
Shady Katy
eta
Emil Engler
Neel Chauhan
Michael van Straten