Nick Mathewson
ef3c049064
Merge branch 'rpc-objectmap' into 'main'
...
RPC: revise semantics for weak references and object IDs
Closes #848
See merge request tpo/core/arti!1183
2023-05-16 13:30:42 +00:00
Nick Mathewson
9c7680d1f8
rpc: Clarify how authentication works.
2023-05-16 09:08:25 -04:00
Nick Mathewson
c89fac9c3c
rpc: Clarify some object ID docs and remove impl details.
2023-05-16 09:08:25 -04:00
Nick Mathewson
585554d954
rpc: Revise example in documentation
2023-05-16 09:08:25 -04:00
Nick Mathewson
1ed2da523a
rpc: Split the generational index into two.
...
This lets us simplify our logic a bit for strong references.
2023-05-16 09:08:25 -04:00
Nick Mathewson
ee390c423e
Refactor ClientCirc APIs to use Arc<ClientCirc>.
...
Now ClientCirc is no longer `Clone`, and the things that need it
to be `Clone` instead return and use an Arc<ClientCirc>
We're doing this so that ClientCirc can participate in the RPC
system, and so that its semantics are more obvious.
Closes #846 .
Thanks to the type system, this was a much simpler refactoring than
I had feared it would be.
2023-05-16 09:02:09 -04:00
gabi-250
8674ec857e
Merge branch 'run-fixup-features' into 'main'
...
Run fixup-features on our Cargo.tomls, and handle its warnings
Closes #856 and #795
See merge request tpo/core/arti!1182
2023-05-16 11:09:17 +00:00
Gabriela Moldovan
601f307fdd
dev docs: Remove unused arguments.
...
There are several places where he `KeyType` isn't needed anymore.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:38:00 +01:00
Gabriela Moldovan
47f15c8df5
dev docs: Clarify how C Tor key store loads keys from multiple different key dirs.
...
This also moves the `extension` function out of `KeyType` because for
the C Tor key store, a key's file extension depends on the role/user of
the key, which isn't known by `KeyType` (`KeyType` is a tor-agnostic key
type such as `Ed25519Private`).
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:37:55 +01:00
Gabriela Moldovan
4315d2e106
dev docs: Distinguish between arti_extension and ctor_extension.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:45 +01:00
Gabriela Moldovan
20e1e3004b
dev docs: Clarify that ArtiPath/CTorPath are relative to the key store root.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:42 +01:00
Gabriela Moldovan
d518a1c1d8
dev docs: Add note about key store versioning.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:38 +01:00
Gabriela Moldovan
6b417fbbf9
dev docs: Add note about C Tor store configuration.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:31 +01:00
Gabriela Moldovan
6a1427db6f
dev docs: Move the key passphrases subsection to the Arti store section.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:36 +01:00
Gabriela Moldovan
4b95a8ac4e
dev docs: Create a separate section for the C tor key store discussion.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:33 +01:00
Gabriela Moldovan
702dfbddb0
dev docs: Rename {Key, HsClient}Identity.
...
This renames `KeyIdentity` to `KeySpecifier` so it doesn't get confused
with the concept of an "identity key". `HsClientIdentity` is also
renamed for consistency.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:23 +01:00
Nick Mathewson
2e1115acc3
rpc: Change the formatting of object IDs
...
We want each ID to have a unique form every time it is given out,
so that you can't use ID==ID to check whether Object==Object. (See
discussions leading to #848.)
We'd also like the form of object IDs to be a little annoying to
analyze, to discourage people from writing programs that depends on
their particular format. (We are reserving the right to change the
format whenever we want.)
We _don't_ want to use any cryptography here (yet), lest somebody
think that this is an actual security mechanism. (This isn't for
security; it's for encouraging developers to treat IDs as opaque.)
With that in mind, we now lightly obfuscate our generational indices
before returning them.
2023-05-15 15:59:58 -04:00
Nick Mathewson
8531ed2dad
rpc: rename GenIdx::into/try_from implementations
...
These are about to become nondeterministic-ish and probably shouldn't
use the Into/TryFrom traits.
2023-05-15 15:26:58 -04:00
Nick Mathewson
0d207028ce
rpc: do not deduplicate strong object ids
...
Per discussion referenced at #848 , we want each operation that
returns a strong object ID to return a new, distinct strong ID.
Note that we no longer need to put strong and weak references in the
same arena; we can clean this code up a lot down the road.
2023-05-15 15:26:53 -04:00
Nick Mathewson
c9819455e1
rpc: Repair an error in our ObjectId encoding.
...
Now we generate object IDs that we can parse. This is about to be
obsolete once we change how we generate objects and their IDs for #848 ,
but we may as well start from a working state.
2023-05-15 13:48:47 -04:00
Nick Mathewson
6fa821238d
Revise all XXXXs from fixup-features
2023-05-15 11:00:28 -04:00
Nick Mathewson
4b08ef76a0
Run fixup-features _with_ annotations.
...
This litters our Cargo.toml files with "XXX" entries that we should
fix.
2023-05-15 10:41:32 -04:00
Nick Mathewson
e2e125fef7
Reformat Cargo.toml files.
2023-05-15 09:09:43 -04:00
Nick Mathewson
7a5373c110
Run fixup-features --no-annotate for initial Cargo.toml fixes.
...
This does the following:
- Gives every crate a `full`.
- Cause every `full` to depend on `full` from the lower-level
crates.
- Makes every feature listed _directly_ in `experimental` depend
on `__is_experimental`.
2023-05-15 09:07:21 -04:00
Nick Mathewson
0109dd09d4
Merge branch 'better-fixup-features' into 'main'
...
Revise fixup-features to be closer to something we can use
See merge request tpo/core/arti!1180
2023-05-15 13:04:34 +00:00
Nick Mathewson
75776bb8a3
fixup-features: minor doc fix.
2023-05-15 08:27:48 -04:00
Nick Mathewson
b38567e34a
Mark an initial set of non-additive features.
2023-05-15 08:27:48 -04:00
Nick Mathewson
aa452d6627
fixup-features: Do not annotate non-features.
2023-05-15 08:27:48 -04:00
Nick Mathewson
bcac88990f
fixup-features: Do not add edges from non-features.
2023-05-15 08:27:48 -04:00
Nick Mathewson
3e61de4f48
fixup-features: distinguish internal and external edges
...
An external edge does not cause its target to be created as a feature.
2023-05-15 08:11:30 -04:00
Nick Mathewson
85ce5162f5
fixup-features: Add an option to not annotate.
2023-05-15 08:11:30 -04:00
Nick Mathewson
ae6254ac35
fixup-features: ability to add annotations for everything.
2023-05-15 08:11:30 -04:00
Nick Mathewson
d5c21884fd
fixup-features: fix off-by-one in argument reading.
2023-05-15 08:11:30 -04:00
Nick Mathewson
690c0134fe
fixup-features: Implement remaining rules.
2023-05-15 08:11:30 -04:00
Nick Mathewson
5046e2003f
fixup-features: Enforce __is_experimental tagging rule.
2023-05-15 08:11:30 -04:00
Nick Mathewson
d5a38fc5ed
fixup-features: Revise our rule 2 enforcement to use newer APIs.
2023-05-15 08:11:30 -04:00
Nick Mathewson
6a468ee4ae
fixup-features: Refactor "apply a list of changes" code into a new module.
2023-05-15 08:11:30 -04:00
Nick Mathewson
54e50205dd
fixup-features: Make a feature graph type in a submodule
...
I tried to use petgraph, but it was optimized for performance over
usability, and the usability was beyond me.
2023-05-15 08:11:30 -04:00
Nick Mathewson
059af736e1
fixup-features: minor spelling and comment fixes.
2023-05-15 08:11:30 -04:00
Nick Mathewson
7c556eea67
fixup-features: Describe the semantics we actually want
...
The problem with our old rules is that "reachable from __nonadditive"
and "reachable from experimental" were not themselves sensible
definitions of nonadditive and experimental.
See
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1068#note_2887939
2023-05-15 08:11:30 -04:00
gabi-250
84402fc660
Merge branch 'x25519-dalek-upgrade' into 'main'
...
llcrypto: upgrade x25519-dalek.
See merge request tpo/core/arti!1181
2023-05-15 09:46:51 +00:00
Nick Mathewson
bfda3082d4
Use non-deprecated *Secret::random_from_rng.
...
The `new` function is deprecated in x25519-dalek 2.0.0-rc.2
2023-05-13 16:52:23 -04:00
Nick Mathewson
bedc47afe7
llcrypto: upgrade x25519-dalek.
...
This upgrades us to 2.0.0-rc.2, which is the latest in the
not-quite-done-yet 2.0 series.
The only code change that's absolutely needed is opting into the
static_secrets feature.
2023-05-13 16:46:47 -04:00
gabi-250
3490ece8cf
Merge branch 'connect-hsdesc-bounds' into 'main'
...
hsclient: Build cached descriptor TimerangeBounds from descriptor lifetime.
See merge request tpo/core/arti!1154
2023-05-13 12:14:10 +00:00
Gabriela Moldovan
c4def3cfca
tor-basic-utils: Add unbounded range (..) test.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:10 +01:00
Gabriela Moldovan
ef53c4235d
tor-basic-utils: Update combinatorial test to randomly choose an open or closed bound.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:06 +01:00
Gabriela Moldovan
27ae57e543
tor-basic-utils: Add rangebounds test with time ranges.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:03 +01:00
Gabriela Moldovan
9d4db38d4d
tor-basic-utils: Assert witness is not part of the intersection.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:59 +01:00
Gabriela Moldovan
18c78c3ad3
tor-basic-utils: Log the ranges/intersection on assertion failure.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:56 +01:00
Gabriela Moldovan
f9c6cc11bb
netdoc: Use the RangeBoundsExt impl of TimerangeBound.
...
We can now get rid of the standalone `intersect_bounds` function.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:52 +01:00