ef3c049064
Merge branch 'rpc-objectmap' into 'main'
...
RPC: revise semantics for weak references and object IDs
Closes #848
See merge request tpo/core/arti!1183
2023-05-16 13:30:42 +00:00
9c7680d1f8
rpc: Clarify how authentication works.
2023-05-16 09:08:25 -04:00
c89fac9c3c
rpc: Clarify some object ID docs and remove impl details.
2023-05-16 09:08:25 -04:00
585554d954
rpc: Revise example in documentation
2023-05-16 09:08:25 -04:00
1ed2da523a
rpc: Split the generational index into two.
...
This lets us simplify our logic a bit for strong references.
2023-05-16 09:08:25 -04:00
ee390c423e
Refactor ClientCirc APIs to use Arc<ClientCirc>.
...
Now ClientCirc is no longer `Clone`, and the things that need it
to be `Clone` instead return and use an Arc<ClientCirc>
We're doing this so that ClientCirc can participate in the RPC
system, and so that its semantics are more obvious.
Closes #846 .
Thanks to the type system, this was a much simpler refactoring than
I had feared it would be.
2023-05-16 09:02:09 -04:00
8674ec857e
Merge branch 'run-fixup-features' into 'main'
...
Run fixup-features on our Cargo.tomls, and handle its warnings
Closes #856 and #795
See merge request tpo/core/arti!1182
2023-05-16 11:09:17 +00:00
601f307fdd
dev docs: Remove unused arguments.
...
There are several places where he `KeyType` isn't needed anymore.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:38:00 +01:00
47f15c8df5
dev docs: Clarify how C Tor key store loads keys from multiple different key dirs.
...
This also moves the `extension` function out of `KeyType` because for
the C Tor key store, a key's file extension depends on the role/user of
the key, which isn't known by `KeyType` (`KeyType` is a tor-agnostic key
type such as `Ed25519Private`).
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:37:55 +01:00
4315d2e106
dev docs: Distinguish between arti_extension and ctor_extension.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:45 +01:00
20e1e3004b
dev docs: Clarify that ArtiPath/CTorPath are relative to the key store root.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:42 +01:00
d518a1c1d8
dev docs: Add note about key store versioning.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:38 +01:00
6b417fbbf9
dev docs: Add note about C Tor store configuration.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 11:32:31 +01:00
6a1427db6f
dev docs: Move the key passphrases subsection to the Arti store section.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:36 +01:00
4b95a8ac4e
dev docs: Create a separate section for the C tor key store discussion.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:33 +01:00
702dfbddb0
dev docs: Rename {Key, HsClient}Identity.
...
This renames `KeyIdentity` to `KeySpecifier` so it doesn't get confused
with the concept of an "identity key". `HsClientIdentity` is also
renamed for consistency.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-16 10:59:23 +01:00
2e1115acc3
rpc: Change the formatting of object IDs
...
We want each ID to have a unique form every time it is given out,
so that you can't use ID==ID to check whether Object==Object. (See
discussions leading to #848.)
We'd also like the form of object IDs to be a little annoying to
analyze, to discourage people from writing programs that depends on
their particular format. (We are reserving the right to change the
format whenever we want.)
We _don't_ want to use any cryptography here (yet), lest somebody
think that this is an actual security mechanism. (This isn't for
security; it's for encouraging developers to treat IDs as opaque.)
With that in mind, we now lightly obfuscate our generational indices
before returning them.
2023-05-15 15:59:58 -04:00
8531ed2dad
rpc: rename GenIdx::into/try_from implementations
...
These are about to become nondeterministic-ish and probably shouldn't
use the Into/TryFrom traits.
2023-05-15 15:26:58 -04:00
0d207028ce
rpc: do not deduplicate strong object ids
...
Per discussion referenced at #848 , we want each operation that
returns a strong object ID to return a new, distinct strong ID.
Note that we no longer need to put strong and weak references in the
same arena; we can clean this code up a lot down the road.
2023-05-15 15:26:53 -04:00
c9819455e1
rpc: Repair an error in our ObjectId encoding.
...
Now we generate object IDs that we can parse. This is about to be
obsolete once we change how we generate objects and their IDs for #848 ,
but we may as well start from a working state.
2023-05-15 13:48:47 -04:00
6fa821238d
Revise all XXXXs from fixup-features
2023-05-15 11:00:28 -04:00
4b08ef76a0
Run fixup-features _with_ annotations.
...
This litters our Cargo.toml files with "XXX" entries that we should
fix.
2023-05-15 10:41:32 -04:00
e2e125fef7
Reformat Cargo.toml files.
2023-05-15 09:09:43 -04:00
7a5373c110
Run fixup-features --no-annotate for initial Cargo.toml fixes.
...
This does the following:
- Gives every crate a `full`.
- Cause every `full` to depend on `full` from the lower-level
crates.
- Makes every feature listed _directly_ in `experimental` depend
on `__is_experimental`.
2023-05-15 09:07:21 -04:00
0109dd09d4
Merge branch 'better-fixup-features' into 'main'
...
Revise fixup-features to be closer to something we can use
See merge request tpo/core/arti!1180
2023-05-15 13:04:34 +00:00
75776bb8a3
fixup-features: minor doc fix.
2023-05-15 08:27:48 -04:00
b38567e34a
Mark an initial set of non-additive features.
2023-05-15 08:27:48 -04:00
aa452d6627
fixup-features: Do not annotate non-features.
2023-05-15 08:27:48 -04:00
bcac88990f
fixup-features: Do not add edges from non-features.
2023-05-15 08:27:48 -04:00
3e61de4f48
fixup-features: distinguish internal and external edges
...
An external edge does not cause its target to be created as a feature.
2023-05-15 08:11:30 -04:00
85ce5162f5
fixup-features: Add an option to not annotate.
2023-05-15 08:11:30 -04:00
ae6254ac35
fixup-features: ability to add annotations for everything.
2023-05-15 08:11:30 -04:00
d5c21884fd
fixup-features: fix off-by-one in argument reading.
2023-05-15 08:11:30 -04:00
690c0134fe
fixup-features: Implement remaining rules.
2023-05-15 08:11:30 -04:00
5046e2003f
fixup-features: Enforce __is_experimental tagging rule.
2023-05-15 08:11:30 -04:00
d5a38fc5ed
fixup-features: Revise our rule 2 enforcement to use newer APIs.
2023-05-15 08:11:30 -04:00
6a468ee4ae
fixup-features: Refactor "apply a list of changes" code into a new module.
2023-05-15 08:11:30 -04:00
54e50205dd
fixup-features: Make a feature graph type in a submodule
...
I tried to use petgraph, but it was optimized for performance over
usability, and the usability was beyond me.
2023-05-15 08:11:30 -04:00
059af736e1
fixup-features: minor spelling and comment fixes.
2023-05-15 08:11:30 -04:00
7c556eea67
fixup-features: Describe the semantics we actually want
...
The problem with our old rules is that "reachable from __nonadditive"
and "reachable from experimental" were not themselves sensible
definitions of nonadditive and experimental.
See
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1068#note_2887939
2023-05-15 08:11:30 -04:00
84402fc660
Merge branch 'x25519-dalek-upgrade' into 'main'
...
llcrypto: upgrade x25519-dalek.
See merge request tpo/core/arti!1181
2023-05-15 09:46:51 +00:00
bfda3082d4
Use non-deprecated *Secret::random_from_rng.
...
The `new` function is deprecated in x25519-dalek 2.0.0-rc.2
2023-05-13 16:52:23 -04:00
bedc47afe7
llcrypto: upgrade x25519-dalek.
...
This upgrades us to 2.0.0-rc.2, which is the latest in the
not-quite-done-yet 2.0 series.
The only code change that's absolutely needed is opting into the
static_secrets feature.
2023-05-13 16:46:47 -04:00
3490ece8cf
Merge branch 'connect-hsdesc-bounds' into 'main'
...
hsclient: Build cached descriptor TimerangeBounds from descriptor lifetime.
See merge request tpo/core/arti!1154
2023-05-13 12:14:10 +00:00
c4def3cfca
tor-basic-utils: Add unbounded range (..) test.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:10 +01:00
ef53c4235d
tor-basic-utils: Update combinatorial test to randomly choose an open or closed bound.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:06 +01:00
27ae57e543
tor-basic-utils: Add rangebounds test with time ranges.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:49:03 +01:00
9d4db38d4d
tor-basic-utils: Assert witness is not part of the intersection.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:59 +01:00
18c78c3ad3
tor-basic-utils: Log the ranges/intersection on assertion failure.
...
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:56 +01:00
f9c6cc11bb
netdoc: Use the RangeBoundsExt impl of TimerangeBound.
...
We can now get rid of the standalone `intersect_bounds` function.
Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-05-13 12:48:52 +01:00
Nick Mathewson
gabi-250