a604989ba7
tor-hsclient: Use estimated timeouts for introduction and rendezvous (fmt)
2023-06-29 17:41:49 +01:00
202104d05c
tor-hsclient: Use estimated timeouts for introduction and rendezvous
...
Replacing RPT_IPT_TIMEOUT is not entirely straightforward.
2023-06-29 17:41:49 +01:00
d48215a961
tor-hsclient: Use estimated timeout for hsdir fetches (fmt)
2023-06-29 17:41:49 +01:00
2563256f42
tor-hsclient: Use estimated timeout for hsdir fetches
2023-06-29 17:41:49 +01:00
a84460426f
tor-hsclient: Provide bodge constant for circuit length
2023-06-29 17:41:49 +01:00
fe2935d7c5
tor-hsclient: Plumb timeout estimation machinery
2023-06-29 17:41:49 +01:00
a7d1efe2ce
tor-circmgr: Provide estimate_timeout as a method on HsCircPool
2023-06-29 17:41:49 +01:00
b9530d0762
Merge branch 'netdir_by_rsa_experimental_apis' into 'main'
...
netdir: Conditionally expose APIs for working with unusable relays; document what "usable" means.
See merge request tpo/core/arti!1325
2023-06-29 16:08:51 +00:00
429e5d2512
keymgr: Fix dummy keymgr doc links.
...
`Error` is private to `dummy.rs` so let's not mention it in the docs of
the public items.
2023-06-29 17:08:14 +01:00
7bdc28014e
keymgr: Add missing dummy implementation for KeyType::arti_extension.
...
This fixes a rustdoc warning when building with:
```
cargo doc --locked --offline -p arti --no-default-features --features=full,onion-service-client
```
2023-06-29 17:08:14 +01:00
8133f8e456
Merge branch 'debug' into 'main'
...
tor-hsclient: Reimplement Debug for MockCirc
See merge request tpo/core/arti!1324
2023-06-29 15:46:25 +00:00
2b2ecfbb39
tor-hsclient: Reimplement Debug for MockCirc
...
This is less code. Also it now dumps the connect_called field which
was introduced in the meantime.
2023-06-29 16:11:03 +01:00
799480d885
Merge branch 'circparams' into 'main'
...
tor-hsclient: Use proper CircParameters
Closes #935
See merge request tpo/core/arti!1340
2023-06-29 15:03:40 +00:00
4941a88494
keymgr: Fix wrong_key_type test.
...
The string representation of `SshKeyAlgorithm` on `main` changed between
the time the tests were introduced and the time they were merged.
2023-06-29 15:21:27 +01:00
930ecc9eda
Merge branch 'handshake-error' into 'main'
...
tor-hsclient: Handle handshake completion error correctly
See merge request tpo/core/arti!1336
2023-06-29 13:44:48 +00:00
5c85ba5cf8
tor-hsclient: Use proper CircParameters
...
Fixes #935
2023-06-29 14:24:24 +01:00
f73c06314c
tor-circmgr: Expose CircParameters from NetParameters construction
...
As per #935 .
I called this "circparameters_from_netparameters" not
"circparameters_from_netparams" because the type is "NetParameters"
not "NetParams".
2023-06-29 14:24:19 +01:00
355b40bf84
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages (fmt)
2023-06-29 14:05:25 +01:00
855898ef2f
tor-hsclient: err: Rename to RendezvousCompletionCircuitError
...
Thsi is a bit of a mouthful now, but it is comprehensible.
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917235
2023-06-29 14:04:17 +01:00
d055e105fa
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages
2023-06-29 14:02:50 +01:00
9407fe1ab5
Merge branch 'keymgr-tests' into 'main'
...
keymgr: Add tests for ArtiNativeKeyStore
See merge request tpo/core/arti!1337
2023-06-29 13:02:07 +00:00
b13aa66a16
tor-hsclient: err: Move doc comment to correct impl
...
See
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917236
2023-06-29 13:59:33 +01:00
4f8c718c09
tor-hsclient: err: Mention RENDEZVOUS2
2023-06-29 13:57:38 +01:00
bfad582d1e
tor-hsclient: err: Reword comments about error
2023-06-29 13:56:12 +01:00
9790f820f7
netdir: add crosslinks to our definition of "usable".
2023-06-29 08:53:59 -04:00
a902f320b5
netdir: document what we mean by a "usable" relay.
2023-06-29 08:53:59 -04:00
7ac362eba7
netdir: Conditionally expose some by_rsa APIs as experimental.
...
Network-health wants these to see whether a given relay is listed in
the consensus.
cc @juga
2023-06-29 08:53:59 -04:00
83552b559f
Merge branch 'netdir_todos' into 'main'
...
Resolve or defer most TODO HS items in tor-netdir.
See merge request tpo/core/arti!1310
2023-06-29 12:48:32 +00:00
9c853e5b54
Merge branch 'badonion_error_2' into 'main'
...
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
Closes #932
See merge request tpo/core/arti!1331
2023-06-29 12:48:04 +00:00
76376b2abd
netdir: Remove a TODO HS
...
The function this comment is asking us to write is `circtarget_from_pieces`.
2023-06-29 08:19:37 -04:00
c565a67689
Downgrade TODO HS on HsDirParams::compute().expect()
...
(Adding comments explaining that these errors are really
unlikely to occur, unless there is a bug in our code or in Rust's
time handling.)
2023-06-29 08:19:37 -04:00
768452d9e5
netdir: Defer a TODO HS but add a comment
...
This issue with walking over the ring is an issue we really must
solve on the services timeframe, as is the one about looking only at
the rings for which a blinded ID is germane.
2023-06-29 08:19:37 -04:00
2bdf10db84
netdir: take n_replicas and spread_fetch from consensus parameters
...
This makes them configurable, since we allow the user to override
any consensus parameter.
2023-06-29 08:19:37 -04:00
3db0f74e22
netdir: Downgrade/remove/defer some TODO hs entries.
2023-06-29 08:19:37 -04:00
0c43801598
netdir: remove some now-needless warning suppressions.
2023-06-29 08:19:37 -04:00
f2a6754c88
dirmgr: use voting_period.
2023-06-29 08:19:37 -04:00
a9da1283bc
netdir: remove unnecessary wraps from srv_interval, extract_srvs
2023-06-29 08:19:37 -04:00
4803f6447d
netdir: Move voting_period() to netdoc::Lifetime
...
I was going to add a comment about "doing this if we need the voting
period anywhere else" but it turns out that we also use it in dirmgr.
2023-06-29 08:19:37 -04:00
6c06acc02c
arti_client: Add a warning comment to TorAddrError.
2023-06-29 08:16:51 -04:00
800061e70e
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
...
This variant can never be constructed when parsing a TorAddr, so it
doesn't make sense to have it in TorAddrError: the use can never see
it unless they enable `error_detail`.
Not a semver break because the client feature is not yet stable.
Closes #932 .
2023-06-29 08:16:51 -04:00
b059e02093
Merge branch 'keymgr-x25519-keys' into 'main'
...
keymgr: Add support for x25519 keys.
Closes #900
See merge request tpo/core/arti!1321
2023-06-29 11:46:03 +00:00
294bb728cf
keymgr: Add a TODO about implementing and testing has_key_bundle.
2023-06-29 12:10:35 +01:00
68c91223f1
keymgr: Add some basic insert and remove tests.
2023-06-29 12:10:35 +01:00
4d5f414017
keymgr: Add assert_found! test helper.
2023-06-29 11:54:54 +01:00
91573c6cbc
keymgr: Add some key retrieval tests for ArtiNativeKeyStore.
2023-06-29 11:54:54 +01:00
fd3b42688d
keymgr: Add a gen_keys param to init_keystore.
...
This will enable future tests to optionally initialize the test key
store with some test keys.
2023-06-29 11:54:54 +01:00
bc447524c2
keymgr: Add tests for ArtiNativeKeyStore::key_path.
2023-06-29 11:54:54 +01:00
89d52fff3e
keymgr: Derive Debug for ArtiNativeKeyStore.
2023-06-29 11:49:31 +01:00
ff02270307
keymgr: Add tests for ssh key handling.
...
Part of #895
2023-06-29 11:49:31 +01:00
16a7bb4624
keymgr: Return the key, not Box<()>.
...
This fixes a bug which caused the function to always return a
type-erased `()` instead of the actual key!
2023-06-29 11:49:31 +01:00
d999ea07ba
Merge branch 'config-option' into 'main'
...
arti cfg tests: exception declaration improvements
See merge request tpo/core/arti!1330
2023-06-29 10:43:00 +00:00
c1ab36dbec
Merge branch 'cleanup-todos-circmgr' into 'main'
...
Resolve a few "TODO HS" items in circmgr.
See merge request tpo/core/arti!1322
2023-06-28 20:14:24 +00:00
48f7fbbc96
Merge branch 'lifecycle_doc_tweaks' into 'main'
...
Documentation, mostly on channel and circuit lifecycles
See merge request tpo/core/arti!1318
2023-06-28 20:06:58 +00:00
02878518b8
circmgr: Refactor duplicate logic.
...
These two functions are only slightly different, and benefit from
taking a Fn.
2023-06-28 15:28:52 -04:00
6affb50c1a
circmgr: Remove a "TODO HS" about path restrictions.
...
I looked through the C tor source code and couldn't find any
additional path restrictions.
2023-06-28 15:28:52 -04:00
d32ba9ed18
circmgr: Defer two "TODO HS" in hspool
...
One of these is test-related; one is vanguards-related.
2023-06-28 15:28:52 -04:00
4ad1a5c6ac
ChanMgr: Tweak documentation a bit.
...
Adjust formatting, add more references to lower-level APIs, and
clarify lifetimes a little more.
2023-06-28 15:26:22 -04:00
2944d4f91f
proto: ClientCirc: remove now-obsolete note on Clone-ness
2023-06-28 15:26:22 -04:00
644c51173a
proto: document ClientCirc lifecycle better.
2023-06-28 15:26:22 -04:00
e8e95ec03b
proto: document channel lifecycle better.
2023-06-28 15:26:22 -04:00
4003e032d6
Remove spurious todo-hs items in tor-cert.
...
I am not sure why we wrote these comments, but they are incorrect:
I've investigated the C code and found only 3 key types. The
"unimplemented" types that the TODO comment here complains about are
in fact certificate types.
2023-06-28 15:18:13 -04:00
47b577d7a0
tor-netdoc: Placate clippy (fmt)
2023-06-28 18:57:06 +01:00
56813d9650
tor-netdoc: Placate clippy
2023-06-28 18:56:49 +01:00
f136e8ac41
Merge branch 'more-keymgr-todos' into 'main'
...
keymgr: Downgrade "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1334
2023-06-28 17:30:43 +00:00
8f1a71850c
tor-hsclient: Handle handshake completion error correctly
2023-06-28 17:14:45 +01:00
9216f628f1
tor-hsclient: Rename RendezvousCompletionCircuit from RendezvousCompletion
...
We need to handle errors during the handshake. That also produces a
`tor_proto::Error` but we want to print a different message for that,
so let's rename this before adding the new variant.
2023-06-28 17:14:26 +01:00
4eb3e3b6ec
tor-hsclient: Move handling of Bug to new section
...
It was wrong where ti was.
2023-06-28 17:14:26 +01:00
18478b47a7
tor-hsclient: Make RendPtIdentityForError use RelayIds
...
Since arti!1233 this is trivial.
2023-06-28 16:49:49 +01:00
4d071d1c07
tor-hsclient: Use RendPtIdentityForError in more places
...
For some reason this wasn't used in the actual errors,
although it *was* used in the types of the functions etc.
2023-06-28 16:47:55 +01:00
609e6ce7c7
keymgr: Downgrade "TODO hs" to "TODO HSS".
...
These TODOs can be deferred for now: we're not declaring the keymgr APIs
stable until we add support for hidden services.
2023-06-28 16:44:06 +01:00
8908d39872
tor-netdoc: Test hsdescs inners with a variety of IPT counts (fmt)
2023-06-28 16:29:05 +01:00
de63a6092d
tor-netdoc: Test hsdescs inners with a variety of IPT counts
2023-06-28 16:28:19 +01:00
cf4adad96e
tor-netdoc: hsdesc: Disregard intro points after the MAX'th
2023-06-28 16:28:11 +01:00
0e2f804d8f
tor-netdoc: Reject hsdescs with no intro points
...
None of the existing NetdocErrorKinds seemed right.
2023-06-28 16:27:05 +01:00
c95595227a
tor-hscrypto: Provide values for NUM_INTRO_POINT
...
These are in the spec and tor-hsclient is about to want them.
2023-06-28 14:49:49 +01:00
cbb8eb4fdd
Merge branch 'reuse' into 'main'
...
tor-hsclient: Discuss intro circuit extend-and-reuse
See merge request tpo/core/arti!1298
2023-06-28 13:48:12 +00:00
ea3f93d0e2
Merge branch 'keymgr-todos' into 'main'
...
keymgr: Remove/downgrade a few "TODO hs"
See merge request tpo/core/arti!1328
2023-06-28 13:45:19 +00:00
68aacc2140
arti cfg tests: Suppress an undesriable clippy lint
2023-06-28 14:43:48 +01:00
464c5e5efa
arti cfg tests: declare_exceptions: Annotate the types for clarity (fmt)
2023-06-28 14:25:55 +01:00
5f20b0ec29
arti cfg tests: declare_exceptions: Annotate the types for clarity
2023-06-28 14:25:55 +01:00
14b1cc0cc1
arti cfg tests: Point the reader to the types used in declarations
2023-06-28 14:25:55 +01:00
2ff494d081
arti cfg tests: Move InCode into declare_config_example
...
It's used for declarations only, and they should all be here.
2023-06-28 14:25:55 +01:00
5672b75de2
arti cfg tests: Make declare_exception take distinguished old/new types
...
As per discussion in
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1320#note_2916689
and IRC followup.
2023-06-28 14:23:13 +01:00
1be71b87d0
Merge branch 'config' into 'main'
...
tor-hsclient: Add configuration settings
See merge request tpo/core/arti!1305
2023-06-28 13:10:39 +00:00
e06cd63ffd
Merge branch 'dirclient-semver-entry' into 'main'
...
Missing semver entry for new dirclient API from !1323
See merge request tpo/core/arti!1327
2023-06-28 12:58:19 +00:00
cf5235a713
HS timeout parameters: Restore some TODOs
...
Conceptually this is a fixup to
HS configuration: Add retry parameters to configuration
which erroneously removed these comments - they were intended to apply
to *all* these parameters, not just the max attempts.
Not marking it as fixup! because that would involve merge conflicts.
2023-06-28 13:32:54 +01:00
11bb7e8a90
HS configuration: Use configured maximum attempts - comment
...
Explain why this fallback to MAX is good.
Discussion
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1305#note_2915927
2023-06-28 13:32:54 +01:00
2bfe12983a
HS configuration: Use configured maximum attempts (fmt)
2023-06-28 13:32:54 +01:00
be33f00b31
HS configuration: Use configured maximum attempts
2023-06-28 13:32:54 +01:00
a0b6f34e42
HS configuration: Plumb configuration through (fmt)
...
Apply deferred rustfmt churn.
2023-06-28 13:32:54 +01:00
3ebc3216e3
HS configuration: Plumb configuration through (clippy)
...
Apply deferred clippy churn.
2023-06-28 13:32:54 +01:00
984652217a
HS configuration: Plumb configuration through
...
Invent a trait a la circmgr config for the hs client connector config.
Plumb a suitable value all the way through to the code that will use it.
2023-06-28 13:32:54 +01:00
cdad2db082
HS configuration: Add retry parameters to configuration
...
I think these should go in `[circuit_timing]`. That section already
has some retry parameters, so is not strictly *timing*.
This is not honoured yet.
2023-06-28 13:32:54 +01:00
cc25c82d4b
HS configuration: Add and honour `allow_onion_addrs` in configuration
...
We put this in `[address_filter]`.
The interaction with the corresponding stream preference is a bit
complicated. We must turn the stream pref into a `BoolOrAuto`.
2023-06-28 13:32:54 +01:00
2bee27a737
Merge branch 'hsdir-identity' into 'main'
...
tor-hsclient: Completely hide hsdir identities in errors
See merge request tpo/core/arti!1326
2023-06-28 12:30:22 +00:00
70f468d0f1
keymgr: Downgrade some TODOs to "TODO HSS".
...
These don't need to be blockers for the next release.
2023-06-28 13:11:53 +01:00
928a9cd7ca
keymgr: Remove outdated TODOs regarding error handling.
...
These were tackled in #901 .
2023-06-28 13:07:52 +01:00
42e4929226
Missing semver entry for new dirclient API from !1323
2023-06-28 08:06:32 -04:00
41737efced
tor-hsclient: Completely hide hsdir identities in errors
2023-06-28 13:02:44 +01:00
63a7b25711
art cfg tests: Fix garbled doc wording
2023-06-28 12:56:09 +01:00
d56f28bc6f
arti cfg tests: Fix doc comment
2023-06-28 12:56:09 +01:00
ac38c862ec
arti cfg tests: Overhaul exception handling (fmt)
2023-06-28 12:56:09 +01:00
c0c0beb8e1
arti cfg tests: Overhaul exception handling
...
This was super confusing and fragile. Amongst the problems:
* Information about exceptional config keys was spread across a
number of places, manipulated in ad-hoc ways (conditional Vec
appends, etc).
* As a consequence, each exceptional table has confusing and unclear
semantics.
* It doesn't deal well with the way that cargo sometimes enables
features for dependency crates even if arti itself wouldn't demand
them; this can lead to sub-crates supporting config keys when the
tests in arti don't expect them to, causing spurious test failures.
Fix this:
* Introduce a new, systematic, way of writing information about
configuration keys that need some kind of special handling.
* Use this new approach in *both* sets of "thorough" config tests.
* Be more relaxed about deprecated keys. We don't want to tightly
couple this to absence in the supported file, I think.
* Understand more clearly the concept of keys of which we don't know,
in the current build config, whether the code is expected to
accept them.
I have tested this locally with:
for p in '-p arti' '--workspace'; do for f in '--no-default-features --features=tokio,native-tls' '--all-features' ''; do nailing-cargo test $p $f; done; done
2023-06-28 12:56:09 +01:00
479ed9d168
arti cfg tests: Remove a comment relating to work already done
...
We *do* have a thing that works like this.
It's fragile and confusing and that's what I'm about to fix.
2023-06-28 12:56:09 +01:00
0cde6134d0
arti cfg tests: Code motion
...
Bring the exciting tests together, and move some more normal tests out
of the middle.
2023-06-28 12:56:09 +01:00
2656b8fa04
geoip: conditionalise a test
...
Without this, the build fails with
cargo test --workspace --no-default-features --features=tokio,native-tls
2023-06-28 12:56:09 +01:00
ebb3455b3e
Conditionalise an import
...
Fixes a warning with
cargo clippy --locked --offline --workspace --all-targets
2023-06-28 12:56:09 +01:00
a6aa113865
Mark a builder as non-exhaustive
...
If all the fields vanish, this generates a warning with
cargo clippy --locked --offline --workspace --all-targets
Fix that.
2023-06-28 12:56:09 +01:00
6b8218f960
Merge branch 'keymgr-error-kind' into 'main'
...
keymgr: Implement ErrorKind for keymgr error types
See merge request tpo/core/arti!1315
2023-06-28 11:34:23 +00:00
26c4a274c7
Merge branch 'dirclient-todos' into 'main'
...
Resolve remaining dirclient HS todos
See merge request tpo/core/arti!1323
2023-06-28 11:33:32 +00:00
dff8c0163b
keymgr: Implement HasKind for ArtiNativeKeystoreError.
2023-06-28 11:59:00 +01:00
6ed8f5b9ea
tor-error: Add KeystoreAccessFailed, KeystoreFsPermissions to ErrorKind.
2023-06-28 11:59:00 +01:00
ef1c969c73
keymgr: Implement HasKind for SshKeyError.
2023-06-28 11:59:00 +01:00
c8a128cc59
tor-error: Add KeystoreCorrupted to ErrorKind.
2023-06-28 11:59:00 +01:00
f778d32a0e
Merge branch 'ticket_914' into 'main'
...
Remove support for receiving unauthenticated SENDMEs.
Closes #914
See merge request tpo/core/arti!1283
2023-06-28 10:54:05 +00:00
6f3761c24f
dirclient: use correct default max_len
...
Yes, it's 50 kilobytes, not 50 kibibytes. I double-checked this with
the C implementation and with param-spec.txt's documentation for
`HSV3MaxDescriptorSize`.
2023-06-27 16:21:29 -04:00
4692dba5e0
hsclient: Use HsDescDownloadRequest::set_max_len.
2023-06-27 16:21:29 -04:00
32e3cde3fd
dirclient: Correct an erroneous comment.
2023-06-27 16:21:29 -04:00
38db06ee4b
dirclient: Make maximum hsdesc length adjustable.
2023-06-27 16:21:29 -04:00
01ea20759b
dirclient: Explain why hardcoding "3" is ok.
2023-06-27 16:04:49 -04:00
e332caf562
keymgr: Remove unneeded error variant.
...
The `Unsupported` variant is no longer needed now that we support
`KeyType::X25519StaticSecret`s.
2023-06-27 20:11:07 +01:00
7732ac131b
keymgr: Add support for x25519 keys.
2023-06-27 20:11:07 +01:00
257797fff6
keymgr: Return a concrete type from read_ed25519_keypair.
...
This also fixes a bug which caused the function to always return a
type-erased `()` instead of the actual key!
2023-06-27 20:11:07 +01:00
b91a1c2859
keymgr: Move TODO closer to the code it refers to.
2023-06-27 20:11:07 +01:00
c114c413c2
keymgr: Map KeyType::X25519StaticSecret to an SshKeyAlgorithm.
2023-06-27 20:11:07 +01:00
8edbd04413
keymgr: Define an SshKeyAlgorithm enum.
...
This previously just re-exported `ssh_key::Algorithm`.
However, we will need to support x25519 keys (which aren't supported by
the `ssh_key` crate), so we define our own enum for the key algorithm.
In addition to the `Algorithm` variants from `ssh_key`, our enum also
has an `X25519` variant.
2023-06-27 20:11:07 +01:00
eb54691c50
Merge branch 'keymanip-ed-to-curve' into 'main'
...
llcrypto: Implement ed25519_to_curve25519_private conversion.
See merge request tpo/core/arti!1297
2023-06-27 19:10:33 +00:00
aa5e9b1e95
llcrypto: Add reference to paper about keypair reuse.
2023-06-27 19:23:42 +01:00
b466b24a18
llcrypto: Remove `# Availability` doc sections.
...
This removes the `# Availability` section from the
`convert_ed25519_to_curve25519_private` and
`convert_curve25519_to_ed25519_private` docs.
We don't generally have this sort of section anywhere else in the
codebase (we use unstable cargo-docs features to make sure items are
annotated correctly).
2023-06-27 19:23:42 +01:00
32261d4006
llcrypto: Add cvt-x25519 feature flag for exporting key conversion functions.
...
The `convert_curve25519_to_ed25519_private` and
`convert_ed25519_to_curve25519_private` functions are now exported by
`tor-llcrypto` if the `cvt-25519` feature is enabled.
2023-06-27 19:23:42 +01:00
9e80a206ca
llcrypto: Add keymgr feature to semver.md
2023-06-27 19:23:42 +01:00
94f405704f
llcrypto: Add `Panics`, `Availability` docs for convert_ed25519_to_curve25519_private.
2023-06-27 19:23:42 +01:00
7c44984f3d
llcrypto: Fix clippy lint.
2023-06-27 19:23:42 +01:00
e06fc04b0b
llcrypto: Explain what we need the ed25519->x25519 conversion for.
2023-06-27 19:23:42 +01:00
fa6290c0cc
llcrypto: Document how convert_ed25519_to_curve25519_private computes the key.
2023-06-27 19:23:42 +01:00
7ecb2221a0
llcrypto: Add note about bumping x25519-dalek and clamping.
...
This adds a TODO explaining how convert_ed25519_to_curve25519_private
will need to be audited when we upgrade to the latest x25519-dalek.
This also adds a `debug_assertions` and a test that ensures
`StaticSecret::from` is clamping the input (when we bump x25519-dalek,
the assertions will fail, as the latest version doesn't do clamping in
StaticSecret::from).
2023-06-27 19:23:42 +01:00
1fe15c5012
llcrypto: Document ed25519->curve25519->ed25519 conversion behaviour.
2023-06-27 19:23:42 +01:00
47606ad881
llcrypto: Implement ed25519_to_curve25519_private conversion.
...
In `ArtiNativeKeyStore`, private keys are stored in OpenSSH format.
However, `ssh-key` (the crate we use for parsing OpenSSH keys) doesn't
support x25519 keys. As a workaround, this type of key will stored
as ed25519 and converted to x25519 upon retrieval.
This commit implements the `convert_ed25519_to_curve25519_private`
conversion function (needed by `ArtiNativeKeyStore` to support x25519
keys).
Part of #900
2023-06-27 19:23:42 +01:00
58a4cc3000
llcrypto: Add missing docs for hsv3-service feature flag.
2023-06-27 19:23:42 +01:00
6dfcf40d20
keymgr: Add regression test for tor_keymgr::Error recursion bug.
2023-06-27 19:22:30 +01:00
a41c3a5c7c
keymgr: Fix infinite recursion in Error impl.
...
The `source` impl `tor_keymgr::Error` was just calling itself
recursively.
2023-06-27 19:22:30 +01:00
dd7b965199
Merge branch 'revert_to_x25519_pre1' into 'main'
...
Back down x25519-dalek to 2.0.0-pre.1 from 2.0.0-rc.2
Closes #926
See merge request tpo/core/arti!1317
2023-06-27 18:16:38 +00:00
4be2e3ce0f
Back down x25519-dalek to 2.0.0-pre.1 from 2.0.0-rc.2
...
=========================
Notes from nickm:
(This differs from pinkforest's original MR: It removes the
Cargo.lock changes and the version bump on tor-llcrypto.)
Minimal Cargo.lock changes from downgrade.
(These are exactly those changes generated by running "build" and
"test".)
There are several reasons to do this:
* It's best to bump all of our dalek dependencies at once to rc.3
or later, rather than the piecemeal approach we've been stuck
with so far.
* We don't want to do this bump right now, since there are some
tricky questions about clamping we need to figure out (see
#808 ), and we need to make sure we get them right, and we're in
a distracted this week.
* We _do_ need to move away from 2.0.0-rc.2 right now, since
it was causing a failure in `cargo install arti`, and then it
got yanked.
Thanks to pinkforest for helping us out here and explaining all of
this!
Fixes #926 .
Commit-edited-by: Nick Mathewson <nickm@torproject.org>
2023-06-27 13:55:24 -04:00
d6626acd65
Add Channel expiry info in ChanMgr docs
2023-06-27 18:24:56 +05:30
062b7e7ced
tor-hsclient: Increase some timeouts
...
1. Fix a use of 10ms that should have been TIMEOUT_SLOP.
2. Increase BODGE_YIELD by a factor of 5.
Now this test should tolerate being hung up for 125ms. I am hoping
that this will fix the CI failure
https://gitlab.torproject.org/Diziet/arti/-/jobs/302457
which fails at the line comparing circuit1 with circuit2a.
(I can't repro that locally.)
2023-06-26 17:57:33 +01:00
e5c4551993
tor-hsclient: test: Introduce some constants for timings
2023-06-26 17:57:33 +01:00
c8d1cdded7
tor-hsclient: test: Add another sleep for expiry task *start*
...
Without this, the expiry task can end up choosing a 600s timeout
starting *after we advanced the clock*.
Fixes #923
2023-06-26 17:55:10 +01:00
355e65003c
tor-hsclient: impl Debug by hand for MockCirc
...
The provided impl for Mutex is hopeless: it prints just some internal
flags and doesn't acquire the mutex for printing purposes.
At some point we might want to factor this out as a general function
on `Arc<Mutex<...>>` but not now.
2023-06-26 17:55:10 +01:00
639efe65f6
Merge branch 'send_sync_torclientbuilder' into 'main'
...
arti-client: Mark DirProviderBuilder Send+Sync;
Closes #924
See merge request tpo/core/arti!1307
2023-06-26 15:51:37 +00:00
09e4676a99
Also require that TorClientBuilder be Sync.
2023-06-26 10:58:48 -04:00
357f8ebf8d
Merge branch 'netdoc-todos-again' into 'main'
...
netdoc: Resolve nearly all remaining TODO HS items.
See merge request tpo/core/arti!1304
2023-06-26 14:55:27 +00:00
dece1bec6c
Merge branch 'upgrade-itertools' into 'main'
...
Upgrade to itertools 0.11.0
See merge request tpo/core/arti!1306
2023-06-26 14:42:02 +00:00
5f0855f3df
netdoc: remove final TODO HS
...
Although this Errorkind is not perfect, it is good enough.
2023-06-26 09:57:26 -04:00
83fbae201d
netdoc: Downgrade TODO on EncryptedHsDesc::decrypt
2023-06-26 09:57:26 -04:00
0933937567
netdoc: Remove "decrypted_with_id" as meaningless
...
Actually, never mind about adding an accessor here: this value was
set incorrectly and didn't match its documentation. As such it's
basically useless, and we might as well throw it out.
2023-06-26 09:57:26 -04:00
6313f0513e
netdoc: Remove dead_code exception; add accessors.
...
This commit removes some actual dead code and additionally adds some
minimal accessors to HsDesc to expose some of its properties. (I'm
trying to keep these minimal since it's not yet clear whether we
want to expose more detail here.)
Here we also make StoredHsDescMeta a conditional type that's only
present when the new "hs-dir" feature is enabled. Neither relays
nor clients need this: Only HsDirs will need it, when we finally
implement relays.
2023-06-26 09:57:26 -04:00
30124acbc5
arti-client: Mark DirProviderBuilder Send+Sync;
...
Doing this causes TorClientBuilder to become Send. I also add a
test to ensure that TorClientBuilder remains Send in the future.
This isn't a semver break, but only because DirProviderBuilder is
marked with `experimental-api`.
Closes #924
2023-06-26 09:49:56 -04:00
b31a253931
Merge branch 'data' into 'main'
...
tor-hsclient: Expire old IPT and HS descriptor data eventually
See merge request tpo/core/arti!1290
2023-06-26 13:45:15 +00:00
2f513fd82d
netdoc: Note new feature in itertools
2023-06-26 09:41:34 -04:00
0bffdf23a4
Upgrade to itertools 0.11.0
...
The breaking changes here do not seem to affect us.
2023-06-26 09:30:54 -04:00
8a707bef85
tor-hsclient: Split out expire_old_data function
...
As per discussion in
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1290#note_2915679
2023-06-26 13:45:57 +01:00
c653a8ce89
netdoc: change a TODO HS about a distinguisher to a NOTE.
...
(We explicitly do not care if Arti can be distinguished from C tor.)
2023-06-26 08:45:06 -04:00
69dcacd69b
netdoc: replace a test TODO with a reference to other tests
...
The tests called for here already existed.
2023-06-26 08:45:06 -04:00
f4a4c11627
proto: Remove support for receiving unauthenticated SENDMEs
...
We haven't generated these since Tor 0.3.5, which is no longer
supported on the network.
Closes #914 .
2023-06-26 08:38:24 -04:00
cccf6309d8
tor-hsclient: Add a comment about what run_housekeeping does
...
Prompted by
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1290#note_2915679
2023-06-26 13:23:41 +01:00
e588f4be72
tor-hsclient: Add a debug message about task exit
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1290#note_2915678
2023-06-26 13:23:41 +01:00
b3b4abcf90
keymgr: Document why we need the StdError impl for tor_keymgr::Error.
2023-06-26 13:16:58 +01:00
a1dbec79bd
keymgr: Remove AsRef<dyn StdError> trait bound and unneeded impls.
...
We don't really need the `AsRef<dyn StdError>` impls if we make
`StdError` a supertrait of `KeystoreError` (and remove the `AsRef<dyn
StdError>` trait bound).
2023-06-26 13:16:58 +01:00
de0f662fb6
keymgr: Add the file path to SshKeyError context.
2023-06-26 13:16:04 +01:00
60036b3cc3
keymgr: Add the path to ArtiNativeKeystoreError Display impl.
2023-06-26 13:16:04 +01:00
85305e156f
keymgr: Replace Error with Box<dyn KeystoreError>.
...
Part of #901
2023-06-26 13:16:03 +01:00
e5e4cf65f7
tor-hsclient: Comment explaining why no launch_background_tasks
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1290#note_2915676
2023-06-26 13:15:22 +01:00
09ae0aed4a
tor-hsclient: Say we *mustn't* do housekeeping while dormant
...
This is a change to the API docs, but not to the actual code, since
our call site is in arti-client and tied to netdir fetch,
which *doesn't* happen when dormant.
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1290#note_2915677
2023-06-26 13:14:17 +01:00
4870c2e7d9
keymgr: Add helper for boxing SshKeyError.
2023-06-26 13:13:44 +01:00
74f41fd7f3
keymgr: Implement KeystoreError for SshKeyError.
2023-06-26 13:13:43 +01:00
165b1060ef
keymgr: Add some initial variants to SshKeyError.
2023-06-26 13:13:16 +01:00
a5b8291ca9
keymgr: Define an error type for the ssh module.
2023-06-26 13:13:16 +01:00
158255b827
keymgr: Define an error type for ArtiNativeKeyStore.
...
Part of #901
2023-06-26 13:13:16 +01:00
fe929d8efe
keymgr: Implement KeystoreError for Bug.
...
This also implements `AsRef<StdError>` for `Bug` to satisfy the
`KeystoreError: AsRef<dyn StdError>` trait bound.
Part of #901
2023-06-26 13:13:16 +01:00
7c023f2ec2
keymgr: Create a KeyStoreError trait for keystore errors.
...
The new `BoxedError` type will replace `tor_keymgr::Error`.
Part of #901
2023-06-26 13:13:15 +01:00
08d1155cb9
Merge branch 'stabilize-ll-crates' into 'main'
...
Remove final "experimental" status from tor-hscrypto and tor-error.
See merge request tpo/core/arti!1291
2023-06-23 21:09:11 +00:00
9e3e683e1b
arti, hsclent: remove dependencies on tor-error/experimental-api
...
The relevant ErrorKinds and macros are now stable.
2023-06-23 12:49:46 -04:00
7510f52eea
hscrypto: remove "tor-error/experimental-api" dependency
...
The ErrorKinds that we use here are now non-experimental.
2023-06-23 12:49:46 -04:00
085c45ed18
tor-error: Mark define_asref_dyn_std_error as non-experimental
...
(I see no problems with this macro. In the worst case, we deprecate
it someday.)
2023-06-23 12:49:46 -04:00
e3b13f6cd8
netdoc: fill in some test data
...
This resolves some TODO HS items now that we are confident we want
to have these actual examples in our tests.
2023-06-23 11:23:18 -04:00
6572de2677
Merge branch 'random-idx-where' into 'main'
...
random_idx_where: Fix bias
See merge request tpo/core/arti!1301
2023-06-23 14:57:39 +00:00
0fb70f646e
Merge branch 'circuit-bis' into 'main'
...
Add TODO SPEC for issues dealt with in !1299
See merge request tpo/core/arti!1303
2023-06-23 14:11:33 +00:00
56198928ee
Merge branch 'expire' into 'main'
...
tor-hsclient: Add a TODO SPEC re circuit dirtiness
See merge request tpo/core/arti!1302
2023-06-23 13:31:24 +00:00
7a8bade262
random_idx_where: Ensure uniform distribution of choice
...
Previously, this was more likely to select elements that occurred after
other elements that didn't satisfy the predicate.
2023-06-23 08:25:01 -05:00
35e6cc285b
Add more tests for random_idx_where
2023-06-23 08:24:35 -05:00
03960b5048
Merge branch 'idx' into 'main'
...
tor-circmgr: Fix random_idx_where with empty slice
Closes #918
See merge request tpo/core/arti!1296
2023-06-23 13:12:22 +00:00
7f965e465a
Merge branch 'circuit' into 'main'
...
Drop intro circuit after ack, and deal with TODOs
See merge request tpo/core/arti!1299
2023-06-23 13:09:50 +00:00
73cce4b93c
tor-hsclient: Add TODO SPEC for issues dealt with in !1299
2023-06-23 14:00:45 +01:00
f0c9e482da
tor-hsclient: Add a TODO SPEC re HS intro extend-and-reuse
2023-06-23 13:53:51 +01:00
21fb232a6c
tor-hsclient: Add a TODO SPEC re data lifetime
2023-06-23 13:49:38 +01:00
ee76d3b9ee
tor-hsclient: state tests: Test housekeeping (data expiry)
2023-06-23 13:49:38 +01:00
a54f33f77b
tor-hsclient: state tests: Promote mk_hsconn call
2023-06-23 13:49:38 +01:00
3cd7cf25b2
tor-hsclient: state tests: Introduce connect_called
...
This will allow us to track when `Data` is discarded.
2023-06-23 13:49:38 +01:00
f4057285ce
tor-hsclient: Expire old data eventually
...
Otherwise we'll fill up our RAM with junk.
2023-06-23 13:49:38 +01:00
163ee44902
tor-hsclient: Add a TODO SPEC re circuit dirtiness
2023-06-23 13:46:40 +01:00
48d839e1b5
Merge branch 'data2' into 'main'
...
tor-hsclient: Expire old IPT data
See merge request tpo/core/arti!1295
2023-06-23 12:06:09 +00:00
a6ca13d056
tor-hsclient: Discuss HS descriptor expiry and revision counters
...
And delete the corresponding TODO.
2023-06-23 12:52:59 +01:00
5ae0c581bc
Merge commit '3105f99a'.
...
(This is !1294 , minus a redundant merge.)
2023-06-23 07:51:00 -04:00
9938491057
tor-hsclient: Downgrade multi-ipt TODO
2023-06-23 12:43:00 +01:00
6448e56942
tor-hsclient: Downgrade rend/ipt parallelism TODOs and add links
2023-06-23 12:43:00 +01:00
546d1159a6
tor-hsclient: Downgrade ipt parallelism to a note
2023-06-23 12:43:00 +01:00
cf4659a981
tor-hsclient: Downgrade hsdir fetch parallelism to a note
2023-06-23 12:43:00 +01:00
ef85b9290e
tor-hsclient: Drop intro circuit after ack
2023-06-23 12:43:00 +01:00
6bbe1dd4ef
tor-hsclient: Discuss intro circuit extend-and-reuse
...
This is a summary of a discussion I had on IRC.
2023-06-23 12:41:29 +01:00
9a2702b58b
Merge branch 'expire' into 'main'
...
tor-hsclient: Expire circuits when they get too old
See merge request tpo/core/arti!1287
2023-06-23 10:40:19 +00:00
879c540cfa
tor-circmgr: Test random_idx_where with empty slice
...
I have verified that this test fails, as expected, when applied
without the corresponding bugfix.
2023-06-23 11:09:59 +01:00
a0f5dbc05d
tor-circmgr: random_idx_where: Don't panic on empty range
...
Fixes #918 .
2023-06-23 11:09:55 +01:00
e4ff44e760
tor-hsclient: Write a test plan for IPT state management
...
This won't be trivial. Put it in as a TODO HS rather than as part of
this fix MR.
2023-06-23 10:34:28 +01:00
14b697bcff
tor-hsclient: Expire old IPT data
...
If we don't use it for a whole, the whole of `Data` will be expired by
the new machinery in !1290 . However, we also need to expire
individual IPTs.
This bug doesn't seem to have had a relevant TODO.
2023-06-23 10:34:28 +01:00
3105f99a99
Corrected the order of imports in order to make the 'rust-checks' job complete successfully.
2023-06-23 01:25:28 +02:00
bec24f7920
Provided a fix for #831 - 'Unused import' warnings on Windows
2023-06-23 01:11:20 +02:00
8ecb4107d4
hscrypto: downgrade a comment to HSS
2023-06-22 15:37:34 -04:00
20940644ca
Merge branch 'desc-error' into 'main'
...
Clean up HsDesc error types and stabilize onion-service ErrorKinds
See merge request tpo/core/arti!1289
2023-06-22 18:56:14 +00:00
24545fd455
Merge branch 'circmgr-timeout-est' into 'main'
...
circmgr: New API to expose estimate-based timeouts.
See merge request tpo/core/arti!1281
2023-06-22 18:50:40 +00:00
f2c3b5760d
Merge branch 'move-dummy-keymgr-impl' into 'main'
...
keymgr: Move dummy keymgr impl from arti-client to tor-keymgr
See merge request tpo/core/arti!1269
2023-06-22 18:06:00 +00:00
1249d803fb
Merge branch 'proto-better-path' into 'main'
...
Better API for getting circuit paths
Closes #787
See merge request tpo/core/arti!1286
2023-06-22 17:53:23 +00:00
dcb3b06a95
circmgr: Now that Action is public, clean it up a little.
2023-06-22 13:53:14 -04:00
2b0d04a5fe
circmgr: New API to expose estimate-based timeouts.
...
This will help create good timeout values for various onion-service
operations.
2023-06-22 13:53:14 -04:00
18982e6b93
hsdescerror: Add paragraph breaks to docs.
2023-06-22 13:44:56 -04:00
90f653f582
netdoc: Use a dev-dependency on anyhow to fix a doc example
2023-06-22 13:42:40 -04:00
c78d7f63a4
Merge branch 'proto-todos' into 'main'
...
tor-proto: resolve or defer the easier TODO HS items.
See merge request tpo/core/arti!1282
2023-06-22 17:42:06 +00:00
26a8cfea6c
tor-hsclient: Add a note about circuit expiry uncertainty, ticket
2023-06-22 18:41:27 +01:00
e46d4fe66f
keymgr: Remove blank line to satisfy maint/cargo_sort.
2023-06-22 18:34:20 +01:00
bc24e7974c
keymgr: Make the dummy types non_exhaustive.
2023-06-22 18:34:20 +01:00
8bfdb69ebc
keymgr: Add a TODO regarding missing dummy impls.
2023-06-22 18:34:20 +01:00
297248cd9f
keymgr: Update outdated docs.
2023-06-22 18:34:19 +01:00
cd0cad3aa6
keymgr: Remove outdated TODOs.
2023-06-22 18:34:04 +01:00
f2d81c73ac
keymgr: Remove unnecessary dummy types.
...
We don't need dummy impls for `Error` and `Result`.
2023-06-22 18:34:04 +01:00
fbb1ad0b1e
keymgr: Move dummy implementation to tor-keymgr.
2023-06-22 18:33:43 +01:00
b83b77d83e
arti-client: Make all dummy APIs pub.
...
`dummy.rs` will be moved to `tor-keymgr`, which will export everything
from the module.
2023-06-22 18:31:28 +01:00
f293bd64f2
arti-client: Add a dummy KeyType.
2023-06-22 18:30:54 +01:00
5ce7221f06
hspool: Use let-else pattern; our MSRV permits it.
2023-06-22 13:21:36 -04:00
3ccec0b04a
tor-error: Stabilize OnionService error kinds
2023-06-22 13:17:08 -04:00
3d4181bcd4
tor-error: typo fix in a comment.
2023-06-22 13:15:50 -04:00
33bfa7c7a8
Remove onion service descriptor-related errorkinds.
...
These have been subsumed by other errorkinds, mostly
OnionServiceProtocolViolation and TorProtocolViolation.
In particular please review the change in tor-hsclient closely;
I am not sure about the new errorkinds for the error there.
2023-06-22 13:11:06 -04:00
fbdf05946c
keymgr: Remove unnecessary pub(crate).
2023-06-22 18:07:57 +01:00
273cd70021
keymgr: Define a `keymgr` feature.
...
The dummy key manager impl from `arti-client` will be moved to
`tor-keymgr` soon. This commit adds a `keymgr` feature flag to
`tor-keymgr` which will eventually be used to choose between the real
key manager API and the dummy one.
2023-06-22 18:07:57 +01:00
dbd2552178
netdoc: Introduce HsDescError
...
For higher-level HsDesc-related functions, this type indicates where
exactly an error occurred. It lets us distinguish decryption errors
from parsing errors, and attribute responsibility to the hsdir, the
onion service, or the user's lack of encryption.
This lets us remove some just-introduced complexity in
tor-hsclient.
2023-06-22 12:43:30 -04:00
fb3112fb73
tor-hsclient: Expand explanation of `last_used` (for Open)
2023-06-22 17:21:06 +01:00
7842ace4db
tor-hsclient: Make comment about circuit expiry more accurate
2023-06-22 16:16:23 +00:00
610ed2d457
Merge branch 'socks_errorkinds' into 'main'
...
Generate correct-ish socks5 errors for onion service errors.
Closes #736
See merge request tpo/core/arti!1279
2023-06-22 16:15:55 +00:00
4b7060a492
Merge branch 'notes' into 'main'
...
tor-hsclient: Delete/rewrite out-of-date commentary
See merge request tpo/core/arti!1288
2023-06-22 16:00:34 +00:00
57b1e36667
arti: Resolve TODO HS items related to extended SOCKS5 errors
...
This takes an approach discussed in #736 : Instead of trying to
distinguish INTRO/REND failures perfectly, we instead map our
existing ErrorKinds as best we can, in respect to the fact that
this distinction is not super important in practice.
Closes #736
2023-06-22 11:05:57 -04:00
967cae6ced
New ErrorKind for invalid onion addresses
...
Use this to emit HS_BAD_ADDRESS as appropriate.
2023-06-22 10:57:08 -04:00
42f16fc2ce
socksproto: Add unspecified but documented socks5 extension codes
2023-06-22 10:56:24 -04:00
1a9e5b8463
Remove ErrorKind::OnionService{Intro,Rend}Failed
...
These errors are orthogonal to our actual error kinds. See
discussion on #736 .
2023-06-22 10:56:23 -04:00
6cd56972e4
tor-hsclient: Delete/rewrite out-of-date commentary
2023-06-22 15:48:41 +01:00
7001a38c0c
tor-hsclient: linkify a URL in a doc comment
2023-06-22 15:45:13 +01:00
fe76477342
tor-hsclient: Apply broken formatting as demanded by rustfmt
2023-06-22 14:54:48 +01:00
10b54065e8
tor-hsclient: Test circuit expiry
2023-06-22 14:54:48 +01:00
3badca02c9
tor-hsclient: Expire HS circuits that we don't want to reuse
2023-06-22 14:54:00 +01:00
8a6836cf4a
proto: Resolve/downgrade some path-related "TODO HS" items
2023-06-22 09:45:47 -04:00
f80a1189a5
proto: Implement Redactable and Display for PathEntry.
2023-06-22 09:45:47 -04:00
1bb298d1e6
circmgr: Use path_ref() instead of path().
2023-06-22 09:45:47 -04:00
f2fc086594
proto: Add ClientCirc::path_ref(), deprecate path().
...
The new path_ref() method returns an Arc<Path>, which gives a much
better API for reasons discussed in the new documentation of path().
(We could just replace path() if we'd prefer, but IMO having
path_ref() here isn't so bad.)
2023-06-22 09:45:47 -04:00
b64cf3f6f0
proto: Make Path and PathEntry at least minimally useful
...
(I'm not 100% sure about having both hops() and iter(). Should I
remove one?)
2023-06-22 09:45:47 -04:00
1e1a76f7ac
proto: Expose an opaque PathEntry.
...
The new PathEntry struct wraps the old PathEntry enum, which has
been renamed to HopDetail. It's an opaque struct because we want to
be able to put new information in the enum as we think best.
2023-06-22 09:45:47 -04:00
e6735cdd9d
proto: Make Path public
...
(You can't get one yet or do much with it.)
2023-06-22 08:37:34 -04:00
8609b9f92a
proto: Remove Mutex from Path.
...
Now Path is a regular struct with no interior mutability, and we use
Arc::make_mut() for the case when we need to add a hop.
2023-06-22 08:37:18 -04:00
a35a1402ae
tor-hsclient: Introduce helper function for locking services table
2023-06-22 13:32:14 +01:00
dedda8a590
tor-hsclient: Abolish an obsolete comment
...
We don't now handle inability to store by panicking. Like the
previous comment says, such situations end up with Err in stored,
and that's handled by logging, below.
2023-06-22 13:24:16 +01:00
2d3739bfe1
proto: Move Path into a separate shared mutable structure
...
(We're about to remove the interior mutability from Path.)
2023-06-22 08:23:51 -04:00
e5aafa129b
keymgr: Downgrade 2 "TODO hs" to "TODO HSS".
2023-06-22 11:28:24 +01:00
84b2cc98d5
keymgr: Remove outdated TODO.
...
This TODO talks about a change we've decided not to implement.
2023-06-22 11:25:27 +01:00
ea99e728d2
proto: Downgrade a comment about unauthenticated SENDMEs
...
We never actually need to allow these again; see #914
2023-06-21 15:42:19 -04:00
fa9a3821a6
proto::circuit: 🤝 downgrade a "TODO HS".
2023-06-21 15:09:02 -04:00
5912509b05
proto: Put client and service hs_ntor behind individual features
...
This lets us keep the service-side hs-ntor handshake experiemental
for now.
2023-06-21 15:06:20 -04:00
cc8c3c0d7d
proto: Resolve some hs_ntor "TODO HS" comments.
2023-06-21 14:58:54 -04:00
a317476520
proto: downgrade some "TODO HS" comments to "HSS"
...
These are all related to issues that will come up for the service
side of the onion service implementation.
2023-06-21 14:52:50 -04:00
d1658a120e
Merge branch 'stderr' into 'main'
...
lints: Promote clippy::print_stderr and clippy::print_stdout
See merge request tpo/core/arti!1271
2023-06-21 16:41:10 +00:00
b8279c3421
keymgr: Fix clippy lints.
2023-06-21 17:04:03 +01:00
d8743771e8
keymgr: Remove outdated TODO.
...
This TODO was addressed in #899
2023-06-21 17:03:41 +01:00
1e1cb05d27
keymgr: Make ArtiNativeKeyStore::key_path() return a relative path.
...
This also updates `ArtiNativeKeyStore`'s `KeyStore::remove`
implementation to build the absolute path of the file being removed, by
joining `self.keystore_dir` and the relpath returned by
`ArtiNativeKeyStore::key_path()`.
This addresses #908
2023-06-21 17:03:40 +01:00
91abe17da1
keymgr: Derive Into for ArtiPath.
...
Sometimes we need the underlying String (for example to create a
PathBuf).
2023-06-21 17:01:02 +01:00
f7a93d6de9
Merge branch 'keymgr-api-consistency' into 'main'
...
keymgr: Remove Error::NotFound, update KeyMgr, KeyStore APIs.
See merge request tpo/core/arti!1280
2023-06-21 15:54:02 +00:00
8f7e86c87e
lints: Run maint/add_warning to actually apply new lints (again)
...
I prepared 161b9844d
2023-06-21 16:44:49 +01:00
ffa94d8f30
Merge branch 'keymgr-rm-cond' into 'main'
...
keymgr: Remove unnecessary condition.
See merge request tpo/core/arti!1277
2023-06-21 15:28:07 +00:00
5ca0cbdefc
Merge branch 'keymgr-remove-todo' into 'main'
...
keymgr: Remove outdated TODO.
See merge request tpo/core/arti!1278
2023-06-21 15:27:26 +00:00
8948d611bd
Merge branch 'defer-hsservice-todos' into 'main'
...
Downgrade every "TODO HS" in tor-hsservice
See merge request tpo/core/arti!1265
2023-06-21 15:13:46 +00:00
1e5004eba7
Merge branch 'hsdesc-accessors' into 'main'
...
netdoc: Use derive amplify::Getters for HsDesc accessors.
Closes #909
See merge request tpo/core/arti!1266
2023-06-21 15:11:05 +00:00
ddb81d7efd
Merge branch 'doc_link_fix' into 'main'
...
Fix a rustdoc link.
See merge request tpo/core/arti!1274
2023-06-21 15:04:54 +00:00
f633e41380
keymgr: Remove Error::NotFound, update KeyMgr, KeyStore APIs.
...
This removes the `NotFound` `tor_keymgr::Error` variant. Since `KeyMgr`
and `KeyStore` users will need to be able to distinguish between "not
found" errors and other I/O errors, this also changes the return types
of the `get()` and `remove()` functions of `KeyStore` and `KeyMgr`,
which now return `Ok(None)` instead of `Error::NotFound`.
This makes the `KeyStore` API consistent with `KeyMgr::get`, which
already has a return type of `Result<Option<K>>` (rather than
`Result<K>`).
This also prepares us for #901 , which will make key store errors
opaque. Without this change:
* we'd have to create a `struct NotFoundError;` error type. Its
`HasKind` impl would need to return a new
`ErrorKind::KeyStoreErrorNotFound` `ErrorKind` variant
* callers would have to match the `error_kind()` of the error to
figure out whether the key simply can't be found
(`ErrorKind::KeyStoreErrorNotFound`), or if something went wrong
(any other `ErrorKind`).
Given the above, I think `Result<Option<()>>` makes for a more ergonomic
API.
Part of #901
2023-06-21 16:00:30 +01:00
53a05c1e7b
Merge branch 'upgrade_21June2023' into 'main'
...
Upgrade a couple of dependencies
See merge request tpo/core/arti!1276
2023-06-21 14:23:50 +00:00
dd944bc787
Generate correct ErrorKinds for hsdesc decryption failures.
...
Part of #736
2023-06-21 10:22:42 -04:00
523eb7e5f0
keymgr: Remove outdated TODO.
...
This TODO describes something we're not planning to implement, so let's
just remove it.
2023-06-21 14:55:13 +01:00
521ba309cc
keymgr: Remove unnecessary condition.
...
We don't need to special-case `NotFound` errors because
`ssh_key::PrivateKey::from_openssh` doesn't read from disk (so it
shouldn't be returning `NotFound` errors in the first place).
Previously, this condition made sense because we were using
`ssh_key::PrivateKey::read_openssh_file` instead of
`ssh_key::PrivateKey::from_openssh`, which _does_ read from disk. This
condition should have been removed in !1263 (the refactoring where we
switched to `from_openssh`).
(Also, after #901 is implemented, we probably won't have an
`Error::NotFound` error anymore).
2023-06-21 14:42:42 +01:00
a7627341ec
Merge branch 'onionsocks' into 'main'
...
arti: return prop304 extended socks5 reply codes for onion services
See merge request tpo/core/arti!1248
2023-06-21 13:38:42 +00:00
16a07a8f63
Upgrade to memmap2 0.7
2023-06-21 09:13:55 -04:00
0505579497
Upgrade to strum 0.25.
2023-06-21 09:12:36 -04:00
056ca5c438
Remove extra 'this' in some methods
2023-06-21 18:40:18 +05:30
341cf5c690
Create chanmgr() method in TorClient
2023-06-21 18:34:24 +05:30
2d7756956e
Add and use ErrorKinds for remaining onion service errors
2023-06-21 09:01:02 -04:00
36c4112600
arti: return prop304 extended socks5 reply codes for onion services
...
We don't yet return all of them; this commit adds some todo notes
about changes we may need to our ErrorKinds.
Part of #736
2023-06-21 09:01:01 -04:00
fbb3d98fb3
arti: Abbreviate SocksStatus and ErrorKind imports and refactor.
2023-06-21 09:00:03 -04:00
f14a87e4c8
Merge branch 'todos' into 'main'
...
tor-hsclient: Dispose of easy todos and remove many allows
See merge request tpo/core/arti!1272
2023-06-21 12:53:16 +00:00
372a72e185
Fix a rustdoc link.
2023-06-21 08:45:25 -04:00
21ff8e8060
Merge branch 'chanmgr-doc-fix' into 'main'
...
Remove message 'For now, only direct channels are supported' in tor-chanmgr docs
See merge request tpo/core/arti!1273
2023-06-21 12:35:46 +00:00
107fbb05de
Merge branch 'geoip-nullity-fromstr' into 'main'
...
Followups wrt country-code robustness
See merge request tpo/core/arti!1268
2023-06-21 12:32:23 +00:00
c3384df00f
Remove message 'For now, only direct channels are supported' in tor-chanmgr docs
2023-06-21 17:29:11 +05:30
9a05fbb10d
tor-hsclient: Apply deferred clippy churn needed by fmt churn
...
rustfmt *introduced* this clippy warning.
2023-06-21 12:54:57 +01:00
fe41d2059e
tor-hsclient: Apply deferred rustfmt churn
2023-06-21 12:19:04 +01:00
60fc4ef98a
tor-hsclient: Drop most allows that are marked for removal
2023-06-21 12:19:04 +01:00
a57d3067a5
tor-hsclient: Drop a large number of unneeded imports
2023-06-21 12:19:04 +01:00
ae1f144829
tor-hsclient: Add HSID to some log messages
...
For the debug!, we can use the unredacted form. For error!, we use
Sensitive.
2023-06-21 12:19:04 +01:00
d4b7714926
tor-hsclient: Do Debug the descriptor as part of Data
...
Empirically, this does not cause the descriptor to be spat out in
normal operation. And it seems right.
2023-06-21 12:19:04 +01:00
c94a726664
tor-hsclient: Drop some temporary trace calls
...
These were added as part of a debugging #885 , and are no longer
needed.
2023-06-21 12:19:04 +01:00
8267fb4535
tor-hsclient: Drop two eprintlns in production code
2023-06-21 12:19:04 +01:00
0845694021
tor-hsclinet: Promote dead code allows to cover all tests
...
We want to remove the crate-level dead code allows. The tests are
incomplete and there are multiple todos for that.
2023-06-21 12:19:04 +01:00
63ab6fb01c
tor-hsclient: Use a formulaic TODO mark for incompleteness of tests
2023-06-21 12:19:04 +01:00
5a7ea7067d
tor-hsclinet: Add a narrow allow, pending answer to open question
...
I need to talk to HS expert(s) about when this circuit can be
torn down.
2023-06-21 12:19:04 +01:00
9a30c4afce
tor-hsclient: Remove unused Context.hs_blind_id_key
2023-06-21 12:19:04 +01:00
8f90fe619e
tor-hsclient: Add an allow for a deliberately-unused variable
2023-06-21 12:19:04 +01:00
be3433891f
tor-hsclient: Omit some unussed struct fields in patterns
...
For the arms that have a fixed retry time, or a fixed ErrorKind,
dont't bind the unused inner error.
2023-06-21 12:19:04 +01:00
161b9844da
lints: Run maint/add_warning to actually apply new lints
2023-06-21 12:15:41 +01:00
8676b27e95
geoip: Add a few more tests.
2023-06-20 16:22:21 -04:00
b0342a8ede
geoip: Explain in more detail what a CountryCode is to us.
2023-06-20 16:22:21 -04:00
f918a86c10
geoip: require that ccs actually are printable ascii.
...
(There are plenty of strings that convert into 2 bytes of UTF8
without being two ascii characters, and there are plenty of
sequences of two ascii characters that aren't printable.)
2023-06-20 16:22:21 -04:00
cf9d902320
geoip: Make ?? a little more bullet-proof
...
We want to make sure that ?? is always None, never a CountryCode.
2023-06-20 16:22:21 -04:00
db7f46265e
Merge branch 'keymgr-refactor-fs-ops' into 'main'
...
keymgr: Move FS operations out of KeyType impl
See merge request tpo/core/arti!1263
2023-06-20 18:41:33 +00:00
f41b1178c5
netdoc: downgrade two accessor-related TODOs
2023-06-20 14:02:04 -04:00
17fab6e913
netdoc: Use derive amplify::Getters for HsDesc accessors.
...
Closes #909 .
2023-06-20 14:00:41 -04:00
8d4ca94e19
Merge branch 'add-tor-geoip' into 'main'
...
tor-geoip: Add new crate with GeoIP database functionality
See merge request tpo/core/arti!1239
2023-06-20 17:59:15 +00:00
c40e064b42
keymgr: Fix clippy lints.
2023-06-20 18:54:35 +01:00
97350cfe4b
keymgr: Address clippy lints and run cargo fmt.
2023-06-20 18:54:35 +01:00
2f10b08d41
keymgr: Enforce keystore_dir properties for every key read/written from the keystore.
2023-06-20 18:54:35 +01:00
9bfd263f42
keymgr: Update function names and docs to reflect reality.
...
The functions that handle OpenSSH-formatted keys now no longer read or
write from disk. This commit updates their names and doc strings to stop
suggesting they do.
2023-06-20 18:54:35 +01:00
abdf854547
keymgr: Move FS operations out of ssh.rs
...
This moves the filesystem calls from the `ssh` module to
`ArtiNativeKeyStore`. While `ArtiNativeKeyStore` shouldn't be concerning
itself with filesystem operations either, that refactoring will be
tackled separately (see arti#899).
2023-06-20 18:54:35 +01:00
a812a486c3
Downgrade every "TODO HS" in tor-hsservice
...
These are all service-specific, and not client-specific.
2023-06-20 13:30:56 -04:00
d5632eacb2
tor-geoip: Add new crate with GeoIP database functionality
...
- This adds a new crate, `tor-geoip`, which can parse and perform
lookups in the GeoIP database C-tor already uses (generated by a
maintenance utility in the C-tor codebase).
- We embed a copy of C-tor's databases with the crate and use
`include_str!` to ship them with the binary, bloating its size
somewhat.
- This does, however, solve the problem of figuring out how to
distribute these.
- The plan is to gate this functionality behind a feature flag anyway,
so the cost should be nil unless explicitly opted into.
Part of tpo/core/onionmasq#47.
2023-06-20 16:57:58 +01:00
181638333f
keymgr: Create a temporary error type for the key types we don't support yet.
2023-06-20 16:48:36 +01:00
0c7e5d1924
keymgr: Create a separate error source for key corruption errors.
2023-06-20 16:48:36 +01:00
2fa8a4e56c
Merge branch 'update-keymgr-todo' into 'main'
...
keymgr: Change "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1264
2023-06-20 13:42:28 +00:00
c0762f76f1
keymgr: Fix broken docs.
2023-06-20 13:34:32 +01:00
84e05591c7
arti-client: Remove unnecessary #[cfgs(...)].
...
The `keymgr` module selects one of the key manager implementations
(dummy or "real") and exposes all the APIs we need, so we can remove
all of the cfgs related to the `keymgr` feature from `client.rs`.
Part of #897
2023-06-20 13:33:51 +01:00
733a559322
arti-client: Create module exposing one of the key manager APIs.
...
This moves the key manager API selection (dummy vs "real" impl) into the
`keymgr` module. The module exports the dummy API if the `keymgr`
feature is disabled, and the impl from `tor-keymgr` otherwise.
Part of #897
2023-06-20 13:33:51 +01:00
8202be3cfe
arti-client: Make some of the dummy KeyMgr impls return an error.
...
`insert` and `remove` should return an error rather than `Ok(())`, as
`Ok(())` implies the key was stored/removed, which is impossible in the
no-op implementation.
2023-06-20 13:33:51 +01:00
02c36dabd7
arti-client: Add more dummy keymgr APIs.
...
This will help us reduce the number of `#[cfgs(...)]` from `client.rs`
Part of #897
2023-06-20 13:33:51 +01:00
c7d32dbf4c
arti-client: Add a result type for the dummy keymgr impl.
...
Part of #897
2023-06-20 13:33:51 +01:00
b289c0fd15
arti-client: Add an Error type for the dummy key manager.
...
Part of #897
2023-06-20 13:33:51 +01:00
95e4021ed8
arti-client, keymgr: Introduce Mistrust settings and enforce FS permissions.
2023-06-20 13:29:10 +01:00
be5c911ac8
arti-client: Temporarily ignore key store errors.
...
We currently initialize the `ArtiNativeKeyStore` with a dummy root dir,
so when `ArtiNativeKeyStore` starts validating directories, this code
will start to fail. Let's preemptively ignore any errors coming from
`ArtiNativeKeyStore::new`. This is temporary and will be removed when we
introduce the key store config (and a real default value for the
keystore root dir).
2023-06-20 13:29:10 +01:00
e8176ac8b5
keymgr: Add TODO about separation of concerns wrt FS operations.
2023-06-20 13:29:10 +01:00
6837dbce58
keymgr: Add an error variant for fs_mistrust errors.
...
This will be useful later, when `KeyMgr` will start validating
permissions and paths.
2023-06-20 13:29:10 +01:00
01b43f7f26
keymgr: Add a FsErrorSource to Error::Fs.
...
In the future, the potential causes of an `Error::Filesystem` error will
include permission errors as well as other errors (not just
`io::Error`s).
2023-06-20 13:29:10 +01:00
f24a7d48c0
Merge branch 'circmgr-todos' into 'main'
...
Resolve several "TODO HS" comments in circmgr.
See merge request tpo/core/arti!1258
2023-06-20 12:13:24 +00:00
Ian Jackson
Nick Mathewson
Gabriela Moldovan
Ian Jackson
Alexander Færøy
pinkforest
Saksham Mittal
Jim Newsome
Andy
eta