9d818f164b
keymgr: Require callers to be explicit about where to remove keys from.
...
As with `KeyMgr::insert`, only `KeystoreSelector::Id` and
`KeystoreSelector::Default` are supported.
2023-07-20 19:25:12 +01:00
9ece85e572
keymgr: Add tests for KeyMgr.
2023-07-20 19:25:08 +01:00
79c382ff50
keymgr: Add EncodableKey::to_bytes for encoding keys.
...
We'll need this to implement `Keystore::insert`.
2023-07-20 19:25:04 +01:00
483bb6712d
keymgr: Add some extra derives to ArtiPath and KeyType.
2023-07-20 19:25:01 +01:00
38a6c74c78
keymgr: Require callers to be explicit about which keystore to get keys from.
2023-07-20 19:24:57 +01:00
85be9c0d30
keymgr: Move KeyMgr::get impl to Keymgr::get_from_store.
...
This refactoring will make more sense later, when we give
`KeyMgr::get` an extra parameter that specifies which keystore to
retrieve the key from.
2023-07-20 19:24:53 +01:00
8b0b8785f4
keymgr: Remove unimplemented/unnecessary has_key_bundle function.
...
The concept of a "key bundle" would introduce a lot of complexity while
providing little to no gain.
Some context:
```
Originally, "key bundles" were meant to be the answer to the question
"which keystore should insert place keys in?":
36606a66dd/crates/tor-keymgr/src/mgr.rs (L60-69)#903 .
Closes #903
2023-07-20 19:24:44 +01:00
0b20806213
keymgr: Require callers to specify which keystore to insert keys in.
...
The caller uses `KeystoreSelector` to specify which keystore to insert
the new key into (only `KeystoreSelector::Id` and
`KeystoreSelector::Default` are supported for `insert`).
The ability to insert keys in a particular keystore will come in handy
when we implement the key management CLI (the CLI will have an option
for specifying the keystore to access/modify).
2023-07-20 19:24:29 +01:00
6ec1b55938
keymgr: Add a convenience function for boxing keystore errors.
2023-07-20 19:24:19 +01:00
a794d78894
keymgr: Add an error type for misuse errors.
...
This error will be returned by `KeyMgr` if the caller tries to access a
keystore that does not exist, or if the requested `KeystoreSelector`
cannot be applied.
2023-07-20 19:24:16 +01:00
cf038fb772
keymgr: Add type for specifying which keystore to access.
2023-07-20 19:24:12 +01:00
d6d67769c9
keymgr: Add a function for looking keystores up by ID.
...
This will be used by `KeyMgr::insert` after we add an additional
argument to `insert` for specifying the keystore it should be using.
2023-07-20 19:24:08 +01:00
04379dcae6
keymgr: Add an `id` function to `Keystore`.
...
This will enable the `KeyMgr` to look up `Keystore`s by ID (which is
a requirement for disambiguating the semantics of `insert`, which
currently tries to "guess" which keystore it should be using).
2023-07-20 19:24:05 +01:00
2f05920c4d
keymgr: Iterate over all the stores, not just the secondary ones.
2023-07-20 19:24:01 +01:00
9f5974fb7f
keymgr: Explicitly specify the default keystore for `KeyMgr`.
2023-07-20 19:23:58 +01:00
8e49d1dd11
keymgr: Add a type alias for `Box<dyn Keystore>`.
...
This makes the code slightly less verbose.
2023-07-20 19:23:51 +01:00
ac93b1aef6
keymgr-config: Make fields private, add function for checking if keystore is enabled.
...
Hiding the underlying value of `enabled` enables us to give it a
different `auto` value depending on whether the `keymgr` feature is
enabled or not (it defaults to `true` if `keymgr` is enabled, and
`false` otherwise).
2023-07-20 19:23:48 +01:00
f18e773332
arti-client: Use a default keystore config if `experimental-api` is disabled.
...
The `experimental-api` was only meant to apply to the use of the
unstable `ArtiNativeKeystoreConfig` in the Arti config.
`experimental-api` was _not_ supposed to be used for enabling/disabling
the keystore (that's what the `enabled` flag is for).
2023-07-20 19:23:45 +01:00
b4bf421c11
arti-client: Move variable closer to where it's used (fmt).
2023-07-20 19:23:41 +01:00
ea02824547
arti-client: Move variable closer to where it's used.
2023-07-20 19:23:33 +01:00
d7c1b2cf03
arti-client: Make the `KeyMgr` optional.
...
If the Arti keystore is disabled, we have nothing to initialize the
`KeyMgr` with, so we might as well make it optional.
2023-07-20 19:23:30 +01:00
1f7911f0d9
Update pwd-grp to 0.1.1 to fix MacOS build etc.
...
This also gets rid of a duplicate copy of derive-adhoc.
2023-07-20 18:58:02 +01:00
e3d5f25750
tor-linkspec: impl AsRef<str> for PtTransportName
2023-07-20 18:49:28 +01:00
b5e6af9f5c
tor-guardmgr: bridges: getter for ManagedTransportConfigBuilder.protocols
...
It's a bit of a wart that tor-ptmgr calls these "protocols" and
tor-guardmgr calls these "transport names".
2023-07-20 16:42:03 +01:00
3343e70c68
tor-guardmgr: bridges: getter for BridgeConfigBuilder.transport
...
BridgeConfigBuilder is Serialize so this isn't making any new API
promises. Ideally we'd have getters like this everywhere.
2023-07-20 16:42:03 +01:00
c498cc2512
Merge branch 'cc_niche' into 'main'
...
geoip: Enable the niche optimization for CountryCode.
See merge request tpo/core/arti!1384
2023-07-20 12:18:58 +00:00
3b7400621c
Bump requirement to rlimit 0.10.1
...
There was a bug in 0.10.0 that broke MacOS.
Part of #963 .
2023-07-20 08:15:38 -04:00
027b3472a8
Fix a pair of rustdoc links in chanmgr.
2023-07-19 11:57:55 -04:00
43481d1797
Merge branch 'issue961_01' into 'main'
...
geoip: Allow ASNs as zeros when creating NetDefn
Closes #961
See merge request tpo/core/arti!1417
2023-07-19 15:55:27 +00:00
ad48335b91
tor-hsclient: Document API break.
...
This would be a break in higher-layer crates which incorproate this
error but:
1. That's just arti-client which hides it behind the detailed errors
cargo feature
2. I'm hoping cargo-semver-checks would spot it, anyway.
2023-07-19 14:16:13 +01:00
36b9d11ecb
retry-error: Attempts must be AsRef<dyn Error>; print their sources
...
The effect is that everywhere a RetryError is used, the error sources
for the contained errors will be Display'd.
In tor-hsclient we no longer need to explicitly wrap things up in
tor_error::Report.
2023-07-19 14:16:13 +01:00
ed29dbcbd4
retry-error: Introduce a Wrapper type in a test
...
We're going to require that a RetryError contains things that are
AsRef<dyn Error> and ParseIntError isn't so we need a newtype.
2023-07-19 14:16:13 +01:00
882ce8c8ce
retry-error: Provide fmt_error_with_sources in retry-error
...
This code came from tor-error. So now tor-error depends on
retry-error.
2023-07-19 14:16:13 +01:00
92baa823b9
geoip: Add derive macros to GeoipDb
...
to be able to debug it, for instance.
2023-07-18 14:39:52 +00:00
c42f84bd1e
geoip: Allow ASNs as zeros when creating NetDefn
...
so that GeoipDb can be created from files including ASNs generated with
tor/scripts/maint/geoip/geoip-db-tool.
Closes #961
2023-07-18 14:39:52 +00:00
dd5ceed791
tor-circmgr: impl AsRef<dyn std::error::Error> for some error types
...
We're about to want this.
2023-07-18 13:10:03 +01:00
bd21ea34c2
Merge branch 'upgrades_20230717' into 'main'
...
Mid-month dependency upgrades
See merge request tpo/core/arti!1412
2023-07-17 20:19:59 +00:00
a783a4f932
Upgrade to latest derive-adhoc.
2023-07-17 10:24:38 -04:00
89436bbfec
Merge branch 'pwd-grp' into 'main'
...
Replace use of unmaintained users crate with homegrown pwd-grp
Closes #877
See merge request tpo/core/arti!1410
2023-07-17 14:18:02 +00:00
1b3206ca0b
Upgrade to latest rlimit.
2023-07-17 10:12:08 -04:00
119bb68cbc
keymgr: Upgrade to latest itertools.
...
(Everything else is already on 0.11.0.)
2023-07-17 10:08:38 -04:00
4338080799
Merge branch 'keymgr-config-tweaks' into 'main'
...
tor-keymgr config updates
Closes #939
See merge request tpo/core/arti!1404
2023-07-17 10:38:58 +00:00
caf2ce3f6b
arti-client: Add TODO about expanding the keystore_dir in build().
2023-07-17 11:12:37 +01:00
967a36ee42
fs-mistrust: Run rustfmt to apply deferred formatting churn
2023-07-14 16:02:45 +01:00
f137cbbe7c
fs-mistrust: In a test, simplify env var handling
2023-07-14 16:02:45 +01:00
792371a688
fs-mistrust: users: Use OsStr and OsString a lot less
...
We don't use OsString now except where it appears in our public API,
or where we get it from std::env.
Moving the `use` statements into the use sites enabled me to see
that I had found all the places I wanted to change.
2023-07-14 16:02:45 +01:00
5f3571fdf3
fs-mistrust: Remove a now-unneeded suppression
...
This function is actually (properly) fallible now.
2023-07-14 16:02:45 +01:00
41543b06d6
fs-mistrust: forbid unsafe code
2023-07-14 16:02:45 +01:00
c943f734d6
fs-mistrust: Replace a direct libc call in a test
2023-07-14 16:02:45 +01:00
e4bb7c388a
fs-mistruct: Abolish some now-unneeded muts
...
MockPwdGrpProvider has internal mutability and is Sync, so its add
functions take &self.
2023-07-14 16:02:45 +01:00
fe79f423f7
fs-mistrust: Use pwd-grp's getgroups function
...
This gets rid of some unsafe code here, with doubtful error handling,
in favour of the unit-tested version in pwd-grp.
2023-07-14 16:02:45 +01:00
5f46bacbb2
fs-mistruct: switch from users to pwd-grp
...
users is unmaintained. pwd-grp is the crate I have just written to
replace it. In this commit:
Change the cargo dependency and imports.
Replace the cacheing arrangements. users has a built-in cache;
pwd-grp doesn't. Now, instead of cashing individual lookups, we cache
the trusted user and trusted gid calculation results.
This saves on some syscalls, and is also more convenient to write.
(Mocking is still done via the dependency.)
Many systematic consequential changes of details:
* The entrypoint names to the library are different:
pwd-grp uses the names of the corresponding Unix functions.
* pwd-grp's returned structs are transparent, so we don't
call accessors for .uid(), .name(), etc.
* pwd-grp's methods are much more often fallible
(returning io::Result<Option<...>)
* We're using the non-UTF-8 pwd-grp API, which means we must
use turbofish syntax in some places.
* The mocking API is a bit different.
2023-07-14 16:02:45 +01:00
bf65b7763e
fs-mistrust: Introduce tempoary PwdGrpProvider alias
...
This allows us to change a number of trait bounds in advance, reducing
noise in the next commit.
2023-07-14 16:02:45 +01:00
a6108bb9b3
fs-mistrust: impl Hash for TrustedUser and TrustedGroup (config)
2023-07-14 16:02:45 +01:00
a45eefec1a
fs-mistrust: users: tests: Introduce mock_users etc.
...
Add some wrapper functions for convenience.
The pwd-grp crate has a richer and more faithful, but not so
convenient, way of creating dummy user/group entries. Also the type
names are all going to change.
Doing this now reduces churn.
2023-07-14 16:02:45 +01:00
cdafa2ce01
fs-mistrust: users: Make several functions fallible
...
The actual underlying operations here *are* fallible.
The `users` crate hides those errors in several cases.
(Failures are very rare (at least unless NIS is involved), so this is
not of much practical import, but it's going to be necessary when we
use the more careful pwd-grp crate.
2023-07-14 16:02:45 +01:00
ce64ade742
Merge branch 'unused_import' into 'main'
...
Move an import to resolve a warning.
See merge request tpo/core/arti!1407
2023-07-14 13:35:27 +00:00
63a3bbc33c
Merge branch 'bug638' into 'main'
...
Stop unconditionally marking bridges as having dir info.
Closes #638
See merge request tpo/core/arti!1408
2023-07-14 13:35:04 +00:00
b8334292fb
Bridges: deduplicate addresses.
...
Currently we list an address for a bridge twice if it is listed both
in the bridge line and the bridge descriptor. That can't be right.
2023-07-13 16:58:12 -04:00
3f2d4f8cec
Better report for any recurrence of bug #638 .
2023-07-13 15:43:57 -04:00
7a915f5454
Stop unconditionally marking bridges as having dir info.
...
When we implemented bridges, we added code in 08473872abFixes #638 .
2023-07-13 15:43:42 -04:00
41bb03c6cc
Add country codes to relays inside a NetDir
...
- When the `geoip` feature flag of `tor-netdir` is enabled, perform
GeoIP lookups for all relays added to the directory and add the
resulting country code to the `Relay` struct.
- The GeoIP database is provided in a new
`PartialNetDir::new_with_geoip` constructor.
- A new trait was also added to `tor-linkspec`, `HasCountryCode`, to
enable getting this data out from other crates.
Part of onionmasq#47.
2023-07-13 17:47:00 +01:00
ce8848f348
Move an import to resolve a warning.
2023-07-13 12:33:01 -04:00
b53d42f23e
geoip: Use from_raw_parts instead of transmute.
2023-07-13 11:53:41 -04:00
157d134a65
Explain better why you would use build_unmanaged_channel
2023-07-13 11:51:12 -04:00
56d96e4253
Resolve numerous typos in `ChanMgr::build_unmanaged_channel` code
2023-07-13 15:47:05 +00:00
6b61eec987
chanmgr: Remove now-unused (and never usable) builder() method.
2023-07-13 09:33:06 -04:00
ed455023c2
chanmgr: Document makeup and timeout behavior of our factories
...
Basically, it's all ChanBuilder at some point, and ChanBuilder
has a timeout.
2023-07-13 09:33:06 -04:00
7a38d68528
chanmgr: Add an experimental build_unmanaged_channel() method.
...
This method will let the user construct a channel that isn't
stored or monitored by the ChanMgr.
2023-07-13 09:31:57 -04:00
99b73cb22a
arti-client: Log whether a keystore is in use.
2023-07-13 12:30:10 +01:00
5b97b0b2ce
tor-config: Remove unused ItemOrBool helper.
...
`ItemOrBool` is currently not used anywhere (it was previously used by
the keymgr config).
2023-07-13 12:30:07 +01:00
d5339772f1
arti cfg tests: Add keystore to example config.
...
Closes #939
2023-07-13 12:30:04 +01:00
f609ae2661
arti config: Remove extraneous whitespace.
2023-07-13 12:30:01 +01:00
0260405603
arti-client: Use the config struct from tor-keymgr.
2023-07-13 12:29:57 +01:00
d8299e8d2f
tor-keymgr: Add ArtiNativeKeystoreConfig.
...
Previously, the keystore config consisted of a single field in
`StorageConfig`, which encoded 2 bits of information: whether the
keystore is enabled, and its root directory:
```
[storage]
# use this path, fail if compiled out
# keystore = "/path/to/arti/keystore"
#
# use default path, fail if compiled out
# keystore = true
#
# disable
# keystore = false
```
This commit adds `ArtiNativeKeystoreConfig`, which will replace the
multi-purpose `keystore` field. The new config will look like this:
```
#[storage.keystore]
# Whether the keystore is enabled.
#
# If the `keymgr` feature is enabled and this option is:
# * set to false, we will ignore the configured keystore path.
# * set to "auto", the configured keystore, or the default keystore, if the
# keystore path is not specified, will be used
# * set to true, the configured keystore, or the default keystore, if the
# keystore path is not specified, will be used
#
# If the `keymgr` feature is disabled and this option is:
# * set to false, we will ignore the configured keystore path.
# * set to "auto", we will ignore the configured keystore path.
#
# Setting this option to true when the `keymgr` feature is disabled is a
# configuration error.
#enabled = "auto"
# The root directory of the arti keystore
#path = "${ARTI_LOCAL_DATA}/keystore"
```
While `ArtiNativeKeystoreConfig` currently only has 2 fields, `enabled`
and `path`, future versions of the keystore might require additional
config options.
2023-07-13 12:13:59 +01:00
42115116e4
Merge branch 'keymgr-integration-test' into 'main'
...
CI: Add client auth integration test.
Closes #954
See merge request tpo/core/arti!1399
2023-07-12 16:35:43 +00:00
89a3d43aa6
Merge branch 'feat' into 'main'
...
"Fix" CI complaints about "Conversation"
See merge request tpo/core/arti!1402
2023-07-12 15:34:45 +00:00
c942f02dea
arti-client: Log whether the client auth keys were retrieved.
2023-07-12 16:30:06 +01:00
7933a93d3a
Gate builder() behind experimental-api feature
2023-07-12 20:14:12 +05:30
f6d5cae574
tor-circmgr: Add two possibly-needed docsrs annotations
...
I don't know if these are needed because the rules are not documented
afaict. But it seems like probably they ought to be there?
2023-07-12 15:32:26 +01:00
1fa692d63d
tor-proto: Conversation: drop two otiose cfg(feature)
...
These fns are in a feature-gated impls on feature-gated structs.
2023-07-12 15:31:30 +01:00
1737832164
Merge branch 'channelfactory' into 'main'
...
Expose channel builder in order to create channels more efficiently in external code
See merge request tpo/core/arti!1374
2023-07-12 13:40:54 +00:00
674fc9d7dc
arti-client: Remove outdated TODO.
...
These errors aren't ignored anymore.
2023-07-11 16:49:44 +01:00
bcf574cef5
Merge branch 'explain_952_fix' into 'main'
...
Explain the code for the #952 fix.
See merge request tpo/core/arti!1391
2023-07-11 09:53:09 +00:00
3acc2af4f3
Merge branch 'clippy-allow' into 'main'
...
clippy: Allow some of our existing code patterns
See merge request tpo/core/arti!1396
2023-07-11 09:37:42 +00:00
24bec4552b
rng docs: Fix two links
2023-07-10 16:08:03 +01:00
a0a17e4074
rng ranges: Provide examples (doctests)
2023-07-10 16:08:03 +01:00
d1ed505b61
rng ranges: Forbid use of panicky Rng::gen_range
...
Fixes #920
2023-07-10 16:08:03 +01:00
b151237a7f
rng ranges: Use gen_range_infallible() for Duration::ZERO..=T
2023-07-10 16:08:03 +01:00
09f0ecaa71
rng ranges: Introduce gen_range_infallible
...
There are a number of places where we generate random Durations
in a range which starts at zero.
These call sites currently (i) have to write out Duration::ZERO
or equivalent, and (ii) would have to use gen_range_checked and expect
the result, even though it can be statically proven to be OK.
To make this slightly smoother, provide `GenRangeInfallible` and
`gen_range_infallible`.
2023-07-10 16:07:18 +01:00
8ae759ef95
rng ranges: Use gen_range_checked().unwrap() in test case
...
Ideally we would be allowed to use vanilla gen_range() here, but there
doesn't seem to be a way to allow a specific clippy-forbidden method
using #[allow] and we probably don't want to make a blanket allow.
2023-07-10 16:07:18 +01:00
332285015f
rng ranges: Use gen_range_checked().expect() in obvious cases (fmt)
2023-07-10 16:07:18 +01:00
5e10805ede
rng ranges: Use gen_range_checked().expect() in obvious cases
...
In each of these, it is locally obvious that the range is nonempty.
2023-07-10 16:07:18 +01:00
36f998b690
tor-basic-utils: retry: Use and justify gen_range_checked
...
delay_bounds's implementation ensures the postcondition, so the
potential p[anic in next_delay_msec cannot happen.
2023-07-10 16:07:18 +01:00
58da20b708
rng ranges: Introduce RngExt and gen_range_checked
...
We will use this in many places instead of gen_range.
2023-07-10 16:07:18 +01:00
1510cf42b7
Merge branch 'keymgr-erased-key' into 'main'
...
keymgr: Use Box<dyn EncodableKey> instead of Box<dyn Any>.
Closes #937
See merge request tpo/core/arti!1398
2023-07-10 15:06:34 +00:00
bd4955f9ed
keymgr: Add semver.md.
2023-07-10 15:38:58 +01:00
9cde64c2c8
keymgr: Use Box<dyn EncodableKey> instead of Box<dyn Any>.
...
Prompted by https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1337#note_2917701
This will make it harder to accidentally return the wrong value from
`Keystore::get` (the returned value is now at least guaranteed to
implement `EncodableKey`).
Closes #937
2023-07-10 14:41:30 +01:00
6be6352b98
Merge branch 'conversation' into 'main'
...
Overhaul send_control_message
See merge request tpo/core/arti!1367
2023-07-10 13:14:11 +00:00
943c12739d
Merge branch 'recurse' into 'main'
...
tor-hsclient: Mock traits: Work around an async boobytrap
See merge request tpo/core/arti!1365
2023-07-10 13:13:31 +00:00
fd2e4979be
clippy: tor-error: Use convert::identity for into_internal!
...
This launders the closure so that clippy's
clippy::redundant_closure_call can't see it.
We can't have a local #[allow] because it would be on an expression,
which isn't allowed on stable.
This avoids having to use more clumsy idioms at call sites.
2023-07-10 13:49:51 +01:00
1a8395cd11
tor-llcrypto: Add a missing instance of the standard lint block
...
This fixes a needless_vec lint on nightly.
2023-07-10 13:49:51 +01:00
473447a82e
Run maint/add_warning to actually apply new lint allows
2023-07-10 13:49:51 +01:00
9f3619d5c9
Merge branch 'clippy-vec' into 'main'
...
Fix new "useless_vec" warning from clippy +nightly
See merge request tpo/core/arti!1395
2023-07-10 12:07:31 +00:00
c2601ec896
Explain the code for the #952 fix.
...
Let's explain what Trinity did in its fix for #952 , so that we know
why this code is here the next time we find it.
2023-07-10 08:00:08 -04:00
501454370f
Fix new "useless_vec" warning from clippy +nightly
...
Explanation at
https://rust-lang.github.io/rust-clippy/master/index.html#/useless_vec
This is the non-tests subset of the same-named commmit in !1388 ,
(recreated by hand by me, and then checked against that commit;
I stole the commit message from Nick's.)
This should be uncontroversial I think.
2023-07-10 12:35:21 +01:00
22f55b7cf8
Remove some needless into_iter() calls.
...
Clippy nightly now detects when you're calling into_iter() and
passing the result into something that accepts an
`impl IntoIterator`.
2023-07-10 12:33:21 +01:00
0b6cc7ba5e
Add exceptions for some cases of diverging_sub_expression
...
See here for documentation on the lint:
https://rust-lang.github.io/rust-clippy/master/index.html#/diverging_sub_expression
The issue here, from what I can tell, is that the lint triggers
whenever you use a diverging expression as a function body within an
2023-07-10 12:33:21 +01:00
7e78224460
Add an exception for clippy::arc_with_non_send_sync.
...
We're doing this deliberately, I believe.
2023-07-10 12:33:21 +01:00
2db3e73434
Merge branch 'da-task' into 'main'
...
RFC: tor-rtmock: Use derive-adhoc for composite runtimes
See merge request tpo/core/arti!1381
2023-07-10 10:53:23 +00:00
7acd7de369
Update documentation regarding the `onion-service-client` feature
...
It is no longer experimental, but still not rated for security-sensitive
usage per <https://blog.torproject.org/arti_116_released/ >.
2023-07-07 22:01:51 -04:00
53c599d50f
Fix warn_report and error_report macros.
...
Originally they didn't check err.kind(), since err.kind() can never
increase their severity. We lost that behavior with !1386 , and we
became dependent on it with arti!1383. Since they both merged at
the same time, CI broke.
This patch restores their original behavior.
2023-07-07 15:46:41 -04:00
ba3876b22a
Merge branch 'feat' into 'main'
...
arti: Build with HS client support by default
Closes #948
See merge request tpo/core/arti!1382
2023-07-07 19:28:05 +00:00
b6b7edad59
Merge branch 'event_report_everywhere' into 'main'
...
Throughout: Use event_report!() macros for reporting Errors.
Closes #949
See merge request tpo/core/arti!1383
2023-07-07 19:27:20 +00:00
2d170425c0
be more lenient while parsing inner hs desc
2023-07-07 21:06:05 +02:00
778244c3af
Merge branch 'report' into 'main'
...
tor-error: tracing module: Use macro to generate macros
See merge request tpo/core/arti!1386
2023-07-07 18:09:46 +00:00
696adc3c94
tor-error: tracing module: Use macro to generate macros
...
This abolishes some quintuplication.
The output is identical except that:
* The syntax display in the rustdoc output for the resulting macros
seems to have somewhat less whitepsace.
* The whimsical error messages in the examples are all identical.
Ah well.
2023-07-07 18:38:24 +01:00
7d1c8dfde0
Merge branch 'inclusive' into 'main'
...
rng ranges: Use inclusive Duration ranges in several places
See merge request tpo/core/arti!1385
2023-07-07 17:07:58 +00:00
25c6fe61e4
Throughout: Use *_report!() macros for reporting Errors.
...
I identified the cases to replace by searching for the string
`.report()`. There are a few that I didn't change:
* A couple of cases that used anyhow::Error,
* One case that reported two Errors.
* Two cases in `tor_hsclient::err` that just did
`error!("Bug: {}")`.
I have also not audited the cases in `tor-hsclient` where we're using
`tor_error::Report` manually.
Nonetheless, closes #949 .
2023-07-07 13:00:21 -04:00
220900a852
tor-error: tracing module: Fix link to tracing macro
2023-07-07 17:48:05 +01:00
bcc3e6fef8
rng ranges: Use inclusive Duration ranges in several places
...
Many of these call sites would panic if, somehow, the upper bound was
zero. In most cases it is very complicated to see if whether this
could happen.
However, there is a better answer:
Durations are (conceptually) dense, so picking the closed set (which
includes its boundary) rather than the open one (which doesn't) will
make little practical difference.
So change four call sites to use `..=` instead of just `..`.
2023-07-07 16:13:52 +01:00
6187b6d5ca
geoip: Enable the niche optimization for CountryCode.
...
Since we're going to be using `Option<CountryCode>` all over, let's
save the extra byte.
Sadly this required std::mem::transmute(), which is unsafe, so maybe
we should think twice.
2023-07-07 10:33:33 -04:00
70f0fe634f
Merge branch 'report-bugs-v2' into 'main'
...
Optional tracing support in tor-error for error reporting
See merge request tpo/core/arti!1379
2023-07-07 13:49:59 +00:00
023d288ba2
event_report: assert correctness of format ending
...
(Also, document that this static assertion is the reason why you are
seeing a confusing error message.)
2023-07-07 09:00:31 -04:00
a441b4e9d3
circmgr: Use event_report!() and similar macros
...
This simplifies our logging a little, and implements part of
2023-07-07 09:00:31 -04:00
7168feefdd
tor-error: Add optional tracing support
...
The main contribution here is a set of convenience macros for
logging error `Report`s. Notably, this macros always logs
`Internal` and `BadAspiUsage` errors at `WARN`, unless they
are already at `ERROR` or more.
This is a little tricky because `tracing::event!()` requires
its Level argument to be a constant.
2023-07-07 09:00:31 -04:00
80f397fb0b
Merge branch 'allow_missing_panics' into 'main'
...
add_warning: Tolerate clippy::missing_panics_doc
Closes #950
See merge request tpo/core/arti!1380
2023-07-07 12:53:46 +00:00
9de4f38b38
Make CompoundFactory private for external code
2023-07-07 18:18:44 +05:30
2b3d4150e3
Merge branch 'clippy-nightly-20230703' into 'main'
...
Fix various warnings from clippy nightly
Closes #943
See merge request tpo/core/arti!1369
2023-07-07 12:26:45 +00:00
4c0935e13a
arti: Build with HS client support by default
...
Fixes #948
2023-07-07 12:54:08 +01:00
61344f68a5
arti Cargo.tomL: wrap default features list
2023-07-07 12:52:05 +01:00
6e495d8400
tor-rtmock: Use derive-adhoc for composite runtimes
2023-07-07 10:26:44 +01:00
4caf86349c
Remove explicit allows for missing_panics_docs.
...
These are no longer needed.
2023-07-06 14:36:13 -04:00
03f9f9987a
Run add_warning to remove `missing_panics_doc` deny.
...
Closes #950 .
2023-07-06 14:32:23 -04:00
07b4b11d7a
Avoid matches!(x, None), matches!(x, Ok(_))
...
This appeases clippy-nightly.
2023-07-06 14:26:48 -04:00
486b6b8c82
tor-rtcompat: Simplify trivial all() expressions.
...
Clippy nightly doesn't like `#[cfg(all(...))]` with only a single
expression inside the `all(...)`.
This requires an adjustment in check_doc_features.
2023-07-06 14:26:43 -04:00
de97288c53
tor-rtmock: statically assert that the macro makes a Runtime impl
2023-07-06 15:58:42 +01:00
f0168b5220
tor-rtmock: Use the same specified field for BlockOn and Spawn
...
These are always the same and probably always will be.
2023-07-06 15:58:42 +01:00
1ec339daf4
Merge branch 'task4' into 'main'
...
Introduce a MockExecutor for fully-isolated test cases
See merge request tpo/core/arti!1375
2023-07-06 14:41:04 +00:00
36a92e44d9
Merge branch 'log_precision' into 'main'
...
arti: Add a `logging.time_granularity` option with 1s default.
Closes #551
See merge request tpo/core/arti!1376
2023-07-06 14:37:49 +00:00
c238434194
Mark builder() as experimental
2023-07-06 19:49:37 +05:30
175b2911da
Import ChannelFactory instead of CompoundFactory
2023-07-06 19:48:28 +05:30
008a9b7bc5
Rename get_channelbuilder() to builder()
2023-07-06 19:46:39 +05:30
be6b72f946
Conditionally make CompoundFactory public
2023-07-06 19:45:34 +05:30
0b8b965cf7
tor-rtmock: Add semver.md
2023-07-06 15:14:41 +01:00
6ed8e0b669
tor-rtmock: task: Fix a typo
...
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1375#note_2919976
2023-07-06 15:14:41 +01:00
7e7428611e
tor-rtmock: task: clarify progress_until_stalled a little
2023-07-06 15:14:41 +01:00
6aff623c08
tor-rtmock: Runtime: Expand on "allowed" documentation
2023-07-06 15:14:41 +01:00
02293bd42d
tor-rtmock: task: Remove a () assignment
...
Discussion:
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1375#note_2919928
2023-07-06 15:14:41 +01:00
89994142d3
tor-rtmock: task: Abolish TaskFutureInfo alias (fmt)
2023-07-06 15:14:41 +01:00
78071c30ef
tor-rtmock: task: Abolish TaskFutureInfo alias
...
Requested by:
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1375#note_2919926
2023-07-06 15:14:41 +01:00
55329fe85b
tor-rtmock: Net: Make UDP sockets un-constructable
...
This will hopefully mean anyone trying to use this will notice that
it's not implemented.
Prompted by:
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1375#note_2919925
2023-07-06 15:14:41 +01:00
5a05960958
tor-rtmock: Add a cross-reference from MockSleepRuntime::wait_for
2023-07-06 15:14:41 +01:00
1f41281cfd
tor-dirmgr: bridge descriptor tests: Add a missing #[traced_test]
...
This seems to have been overlooked.
2023-07-06 15:14:41 +01:00
a4bb2a8b57
tor-dirmgr: bridge descriptor tests: Use MockRuntime (drop Tokio dep)
...
This isn't used any more.
2023-07-06 15:14:40 +01:00
25e51f212a
tor-dirmgr: bridge descriptor tests: Use MockRuntime (fmt)
...
Run rustfmt.
2023-07-06 15:14:40 +01:00
5eb066acf9
tor-dirmgr: bridge descriptor tests: Use MockRuntime
...
This abolishes a bodge sleep. It should make the tests deterministic.
2023-07-06 15:14:40 +01:00
473fd23f8b
tor-dirmgr: bridge descriptor tests: Fix a v. low prob. race
...
Drain a number of events, not just one. The stream might yield many
events, as explained in this new comment.
This fails every time with MockExecutor::try_test_with_various().
I think it might fail with the tokio exeuctor too, but evidently not
with high probability or we would have noticed.
2023-07-06 15:14:40 +01:00
bc63fdb34c
tor-hsclient: Abolish ad-hoc real-world-time sleeps
...
Now we can reliably wait precisely for the tasks to be all waiting.
This test case no longer involves any real executor.
2023-07-06 15:14:40 +01:00
dc28b320f4
tor-rtmock: MockRuntime: provide test_with_various
...
In both fallible and infallible variants, for convenience.
2023-07-06 15:14:40 +01:00
e23b1e00b5
tor-rtmock: MockExecutor: Configurable scheduling policy
2023-07-06 15:14:40 +01:00
be632ba0f9
tor-rtmock: Provide MockRuntime
2023-07-06 15:14:40 +01:00
67941488ab
tor-rtmock: Unit tests for MockExecutor
2023-07-06 15:14:40 +01:00
d82ed8d793
tor-rtmock: Provide MockExecutor
2023-07-06 15:14:40 +01:00
70fdd92030
tor-rtmock: impl Default for MockNetProvider
2023-07-06 15:14:40 +01:00
24da490ef5
tor-rtmock: impl Default for MockNetProvider (prep)
...
We want MockNetProvider to be Default.
In this commit: impl Default for MockNetwork and use it in new().
2023-07-06 15:14:40 +01:00
29cc83b35e
tor-rtmock: impl Default for MockSleepProvider
...
Pick an arbitrary start time roughly now. This will do for many
tests.
2023-07-06 15:14:40 +01:00
395a616c9f
tor-rtmock: net: "Provide" a UDP "implementation" which doesn't work
...
Nothing in our tree actually *uses* the UDP in tests.
We want a mock UDP provider that isn't part of a real runtime, so that
we can make a totally-mock runtime for properly controlled testing.
It seems best to make this part of MockNetProvider rather than a
separate type.
2023-07-06 15:14:40 +01:00
070a934451
tor-rtmock: Introduce impl_runtime_prelude (fmt)
2023-07-06 15:14:40 +01:00
492699d522
tor-rtmock: Introduce impl_runtime_prelude
...
This deduplicates some imports, which would otherwise be about to
become triplicated.
2023-07-06 15:14:40 +01:00
97e817b330
tor-rtmock: Introduce impl_runtime! macro
...
This deduplicates some trait delegation.
We want this now because we're about to introduce a third mock
runtime, so this would become triplication otherwise.
2023-07-06 15:14:40 +01:00
5a46dfef8f
arti: comments about catch_unwind
2023-07-06 09:44:51 -04:00
6b6b3d9e53
time_granularity: Make sure formatter can't panic
...
I was unable to assure myself that tracing_subscriber could
withstand a panicking Timer, so instead I'm trying to make sure
our own LogTimer can't panic.
2023-07-06 09:44:50 -04:00
512064cc19
arti: Add a `logging.time_granularity` option with 1s default.
...
This lets us provide less information in our logs: in particular, it
lets us avoid logging with microsecond precision.
Closes #551 .
2023-07-06 09:44:09 -04:00
5f896aa504
Merge branch 'tracing-panic' into 'main'
...
arti: Install a panic hook that sends messages to `tracing`
Closes #921
See merge request tpo/core/arti!1377
2023-07-06 13:09:54 +00:00
d2b6fee3f9
arti: Note possibility for future use of other tracing panic provider
2023-07-06 08:50:53 -04:00
01f1192b20
arti: On panic, avoid allocation even more.
...
The original version of our panic handler would allocate a string
for the panic `Location`. But if we're panicking we'd like to keep
allocations to a minimum: so instead format the `Location`
conditionally.
This also drops a useless `std::borrow::Cow`. (The possibility of a
"Don't have a `Cow`" commit message was considered and rejected.)
2023-07-06 08:45:34 -04:00
258dd195e0
keymgr: Explain why the TODO regarding EncodableKey can't be addressed.
2023-07-05 22:21:47 +01:00
afa51fd5ca
Add TODO comments about possibly migrating away from the backtrace crate.
2023-07-05 16:39:11 -04:00
9c4de185e9
arti: Install a panic hook that sends messages to `tracing`
...
(Also leaves installed the default handler that sends messages to
stderr.)
Closes #921 .
2023-07-05 16:37:10 -04:00
0003a632de
Merge branch 'unpublishing' into 'main'
...
Mark several crates with `publish=false`.
Closes #944
See merge request tpo/core/arti!1371
2023-07-05 16:49:41 +00:00
c94b1b6574
Remove now unnecessary lines for import
2023-07-05 19:03:53 +05:30
68948e9677
Import CompoundFactory regardless of feature level
2023-07-05 18:59:54 +05:30
58df83dcde
Create new method to expose CompoundFactory
2023-07-05 18:53:22 +05:30
7600200f15
Expose CompoundFactory for later exposure in API
2023-07-05 18:39:44 +05:30
517bf1cf03
Mark arti-bench with "publish = false"
...
This crate is only useful for development; earlier we published it,
but I believe that was in error.
2023-07-03 13:52:20 -04:00
2c5b81e872
Mark vestigial crates as "publish=false"
...
These crates were started, but they aren't integrated into
Arti (yet?). As such it doesn't make sense to keep publishing
updated versions of them every time we tweak our standard
lints.
2023-07-03 13:49:51 -04:00
19b1d3bba5
Additional documentation around bridges/PT configuration
...
This tries to flesh out some of the details for users who may be new
to bridges and PTs.
Closes #706 .
2023-07-03 13:00:25 -04:00
f626bcd7f1
Finish a sentence in the documentation for TorClient::netdir()
2023-07-03 12:35:31 -04:00
1f49be1a77
tor-config: Use next_back() instead of rev().next()
...
This is a new warning^Wsuggestion from clippy nightly.
2023-07-03 08:34:54 -04:00
27ad9ca249
tor-proto: run rustfmt
2023-06-30 18:43:20 +01:00
a97cb2af6a
tor-proto conversations: semver
2023-06-30 18:43:20 +01:00
2a67468d27
tor-proto conversations: Update a TODO
...
The feature name is wrong now.
2023-06-30 18:43:20 +01:00
78e4f9e86b
tor-proto conversations: Drop a TODO
...
I think this name is fine.
2023-06-30 18:43:20 +01:00
226bca984b
tor-proto conversation API: Provide ConversationInHandler
2023-06-30 18:43:20 +01:00
800f390a9d
tor-proto circuit: Plumb async Context through
...
handle_msg is going to want this in a moment.
2023-06-30 18:28:41 +01:00
c599258b85
tor-proto conversation API: Soften a warning
...
If the circuit is just being used by us (which is likely, if we're
using this API) then the only reactor we're blocking is our own.
2023-06-30 18:28:41 +01:00
287c458731
tor-proto conversation API: Implement Conversation
...
Now, after you call start_conversation_last_hop, you can send more
messages if you like.
2023-06-30 18:28:41 +01:00
77903a295f
tor-proto: Make the handler in SendMsgAndInstallHandler optional
...
We're going to want to do almost-the-same thing but without installing
a new handler.
2023-06-30 18:14:34 +01:00
20f1e065b3
tor-proto conversation API: Return a Conversation
...
This is just a placeholder for now, but it'll be a thing you can send
more messages with.
2023-06-30 18:03:17 +01:00
2882e3a93e
tor-proto conversation API: Rename to start_conversation_last_hop
...
Was send_control_message.
2023-06-30 18:02:56 +01:00
3812e3ccdd
tor-proto conversation API: Make starting message optional
...
We're going to let people start a conversation and either expect to
receive first, or send messages ad-hoc later.
2023-06-30 18:02:15 +01:00
b162d005a7
tor-proto conversation API: Rename to ConversationFinished
...
Was UninstallHandler. We are going to talk more about conversations
and less about handlers (although, the fact of there being a handler
will still be visible).
2023-06-30 18:02:04 +01:00
408c8f30ad
tor-proto circuit: Make reactor::run_once modulae-private
...
Nothing else wants this and having it pub(super) is confusing.
2023-06-30 17:34:50 +01:00
21c564fa01
tor-hsclient: Mock traits: Work around an async boobytrap
2023-06-30 17:34:01 +01:00
27bd990a79
Remove semver.md files for 1.1.6
2023-06-30 10:28:53 -04:00
3afe810a3b
keymgr: Fix broken doc link.
2023-06-30 14:41:33 +01:00
de13a7319b
Bump patchlevel versions on crates with smaller changes
...
Done with the commands below.
The following crates have had various changes, and should get a
patchlevel bump. Since they are pre-1.0, we do not need to
distinguish new APIs from other changes.
```
cargo set-version --bump patch -p arti-client
cargo set-version --bump patch -p safelog
cargo set-version --bump patch -p tor-bytes
cargo set-version --bump patch -p tor-cert
cargo set-version --bump patch -p tor-circmgr
cargo set-version --bump patch -p tor-config
cargo set-version --bump patch -p tor-consdiff
cargo set-version --bump patch -p tor-dirclient
cargo set-version --bump patch -p tor-dirmgr
cargo set-version --bump patch -p tor-error
cargo set-version --bump patch -p tor-hsservice
cargo set-version --bump patch -p tor-linkspec
cargo set-version --bump patch -p tor-llcrypto
cargo set-version --bump patch -p tor-netdir
cargo set-version --bump patch -p tor-netdoc
cargo set-version --bump patch -p tor-proto
cargo set-version --bump patch -p tor-rpcbase
cargo set-version --bump patch -p tor-socksproto
```
This crate has new features, but no new non-experimental Rust APIs.
So even though it is post-1.0, it gets a patchlevel bump.
```
cargo set-version --bump patch -p arti
```
2023-06-30 08:42:21 -04:00
65e81bf0ca
Bump minor versions on crates with breaking changes
...
Done with:
```
cargo set-version --bump minor -p tor-hsclient
cargo set-version --bump minor -p arti-rpcserver
cargo set-version --bump minor -p tor-hscrypto
cargo set-version --bump minor -p tor-cell
```
2023-06-30 08:38:16 -04:00
40768a9f61
Bump versions on crates with nonfunctional changes
...
These crates have had nonfunctional changes only, mostly due to !1271 ,
or ac90cb7500
2023-06-30 08:30:55 -04:00
8c1e96a22c
Merge branch 'arti-path-bug' into 'main'
...
keymgr: Allow periods in ArtiPath and ArtiPathComponent.
See merge request tpo/core/arti!1358
2023-06-30 11:30:45 +00:00
a61071f7b6
keystore: Change the dummy HsClientSpecifier to "default".
2023-06-30 11:49:07 +01:00
35e063702f
keymgr: Update ArtiPath and ArtiPathComponent docs.
...
The docs were lying, we actually support UTF-8 paths (though we might
later decide to restrict the charset further).
2023-06-30 11:49:05 +01:00
474f273b6c
keymgr: Allow periods in ArtiPath and ArtiPathComponent.
...
The `ArtiPath` of a client auth key contains the `HsId` of the onion
Since the `HsId` contains a `.onion` component, let's allow `.` for now.
In the future, we may want to update the code (and keystore structure)
to strip away the `.onion` part before building the `ArtiPath`.
2023-06-30 11:48:27 +01:00
5d99725c65
Merge branch 'keymgr-docs' into 'main'
...
keymgr: Downgrade "TODO hs" to "TODO HSS"
See merge request tpo/core/arti!1360
2023-06-30 10:48:25 +00:00
88527d14c8
Merge branch 'fix-unfortunate-merge-outcome' into 'main'
...
arti-client: Rename KeyStore to Keystore.
See merge request tpo/core/arti!1359
2023-06-30 10:41:58 +00:00
a7334f86ae
Merge branch 'docsrs-fix' into 'main'
...
Add a missing "experimental-api" rustdoc notation
See merge request tpo/core/arti!1353
2023-06-30 10:41:12 +00:00
f177a5bde4
Merge branch 'fixup-features' into 'main'
...
Run fixup-features on current `main`
See merge request tpo/core/arti!1352
2023-06-30 10:38:53 +00:00
90183368a2
keymgr: Downgrade "TODO hs" to "TODO HSS"
...
This TODO doesn't need to block the release.
2023-06-30 11:16:28 +01:00
e899c41135
arti-client: Rename KeyStore to Keystore.
...
`KeyStore` was renamed to `Keystore` globally in !1355 . This fixes a
compile error caused an unfortunate series of non-conflicting (from
git's POV) but incompatible merges:
* !1356 added a line threferencing an error variant that capitalizes the
"s" in "KeyStore" (`ErrorDetail::KeyStore`)
* !1356 landed just before !1355 (the global renaming). Since there was
no conflict between the 2, we're now in a state where the code added
in !1356 is referencing an `ErrorDetail` variant that no longer
exists.
2023-06-30 11:01:58 +01:00
60f6fe7460
Merge branch 'keymgr-naming' into 'main'
...
keymgr: Rename KeyStore to Keystore globally.
See merge request tpo/core/arti!1355
2023-06-30 00:11:17 +00:00
458af6e007
keymgr: Fix another infinite loop around Keymgr error handling.
...
This `From` impl was just calling itself recursively...
2023-06-29 23:30:28 +01:00
36606a66dd
keymgr: Rename KeyStore to Keystore globally.
...
We've been capitalizing the "s" in "KeyStore" inconsistently. This
`s/KeyStore/Keystore/g` across the codebase.
2023-06-29 22:46:15 +01:00
8fe79b5a1d
Add a missing "experimental-api" rustdoc notation
2023-06-29 17:18:23 -04:00
a88fa71f25
Resolve XXXs from fixup-features.
...
Some of these seem spurious: it looks like fixup-features resolved
an issue and then complained about it too. I'll investigate further.
2023-06-29 17:14:00 -04:00
f8ee830a94
Run "cargo sort".
2023-06-29 17:10:27 -04:00
23c67d92e6
Run "fixup-features".
2023-06-29 17:09:52 -04:00
6e2b48c6b9
Merge branch 'rustdoc_fix' into 'main'
...
Fix a rustdoc link.
See merge request tpo/core/arti!1351
2023-06-29 20:53:41 +00:00
3c85863aa1
Merge branch 'exp' into 'main'
...
tor-error: Make KeystoreFsPermissions experimental for now
See merge request tpo/core/arti!1350
2023-06-29 19:55:06 +00:00
9ef65775c9
Merge branch 'validate-client-spec' into 'main'
...
keymgr: Validate ArtiPaths, replace HsClientSpecifier with generic ArtiPathComponent
See merge request tpo/core/arti!1262
2023-06-29 19:49:30 +00:00
09cb5eed4e
Merge branch 'keymgr-config' into 'main'
...
arti-client: Add keystore_dir to StorageConfig.
See merge request tpo/core/arti!1312
2023-06-29 19:30:41 +00:00
e299c2b4f7
Merge branch 'keymgr' into 'main'
...
tor-keymgr: Adjust stability guarantees for release
Closes #934
See merge request tpo/core/arti!1346
2023-06-29 19:27:14 +00:00
16a00846bd
Run rustfmt
2023-06-29 19:59:26 +01:00
69129bf2b4
tor-error: Make KeystoreFsPermissions experimental for now
...
Let's defer this decision.
2023-06-29 19:51:04 +01:00
effded7728
tor-keymgr: When keymgr enabled, enable tor-error's experimental too
2023-06-29 19:51:04 +01:00
90b5ce7fd7
Merge branch 'stabilize-hs-client' into 'main'
...
Mark all {hs,onion-serivce}-client features as non-experimental.
Closes #896
See merge request tpo/core/arti!1347
2023-06-29 18:50:30 +00:00
5ea89846b1
Merge branch 'default' into 'main'
...
Turn off HS client connections by default
See merge request tpo/core/arti!1345
2023-06-29 18:48:43 +00:00
474c313ab0
Fix a rustdoc link.
2023-06-29 14:33:34 -04:00
541e56fce4
arti-client: Fix clippy lint.
2023-06-29 19:30:48 +01:00
c9f4ef010f
keymgr: Remove unstable ErrorKind, use internal! for ArtiPath errors.
2023-06-29 19:28:22 +01:00
f81d16ff9b
keymgr: Validate the individual ArtiPahtComponents of ArtiPath.
...
This also implicitly forbids leading and trailing slashes in an
`ArtiPath`.
2023-06-29 19:28:22 +01:00
0ebb002de8
keymgr: Rephrase ArtiPath docs.
...
This updates the docs with Diziet's suggested doc improvements.
2023-06-29 19:28:22 +01:00
b5e190d05d
keymgr: Remove ArtiPath normalization, introduce additional restrictions.
2023-06-29 19:28:22 +01:00
d59c3bdea9
keymgr: Document how ArtiPath validation is actually supposed to work.
2023-06-29 19:28:22 +01:00
e8ef82b78d
keymgr: Move validation requirements to the ArtiPath docs.
2023-06-29 19:28:22 +01:00
66e6ab3f9e
keymgr: Make ArtiPath platform-independent by always using '/' as a separator.
2023-06-29 19:28:22 +01:00
b8b8a0d3ac
hsclient: Make HsClientSpecifier a newtype instead of a type alias.
2023-06-29 19:28:22 +01:00
adfde95703
keymgr: Add tests for ArtiPath validation.
2023-06-29 19:28:22 +01:00
f56ed918b0
keymgr: Validate ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
2825dfc2bc
keymgr: Derive Into for ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
0972fc5b2d
keymgr: Define an error type for bad `ArtiPathComponents`.
2023-06-29 19:28:22 +01:00
20713b24bf
arti-client, hsclient: Typealias HsClientSpecifier to ArtiPathComponent.
...
`ArtiPathComponent` is a more generic version of `HsClientSpecifier`.
2023-06-29 19:28:22 +01:00
095faf9c5c
keymgr: Derive Display for ArtiPath and ArtiPathComponent.
2023-06-29 19:28:22 +01:00
89238f25a6
keymgr: Define `ArtiPathComponent`.
...
An `ArtiPathComponent` is a substring of an `ArtiPath`. An
`ArtiPathComponent` will be validated according to the same rules as
`ArtiPath`.
In the future we can replace `HsClientSpecifier` with
`ArtiPathComponent` (they both serve the same purpose except
`ArtiPathComponent` is more generic).
2023-06-29 19:28:22 +01:00
954e20bb50
tor-keymgr: Add missing footnote
2023-06-29 19:26:15 +01:00
28fae4d1fd
arti-client: Make keystore_dir an experimental option.
2023-06-29 19:19:51 +01:00
aa55fd8c13
arti-client: StreamPrefs: Add security note
2023-06-29 19:01:33 +01:00
d8e185a4bb
Turn off HS client connections by default
...
As per IRC discussion, re lack of Vanguards.
2023-06-29 19:01:33 +01:00
ea0fb30b2e
arti-client tests: Explicitly enable .onion in most tests
...
These tests include tests of .onion, which we are disabling by
default. So we must make some prefs that enable them.
2023-06-29 19:01:30 +01:00
4693359d8b
arti-client: Add TODO regarding keystore_dir deserialization.
2023-06-29 18:59:27 +01:00
434a8b3f0d
arti cfg tests: Add declare_exceptions for storage.keystore_dir.
...
This moves `storage.keystore_dir` to a separate `declare_exceptions`
block and explains why we have this exception.
2023-06-29 18:59:27 +01:00
65f85b813c
tor-config: Remove semver.md
...
The APIs mentioned in semver.md are all `experimental` now so we don't
really need the file anymore.
2023-06-29 18:59:27 +01:00
26eefdc564
tor-config: Make ItemOrBool an experimental feature.
2023-06-29 18:59:27 +01:00
373fd6acd2
example-config: Temporarily remove keystore_dir example.
...
Let's remove this until we figure out how the config should behave when
the `keymgr` feature is disabled (should it accept or reject
`keystore_dir = true`?)
2023-06-29 18:59:27 +01:00
0ce5fd8f92
arti-client: Fix clippy lints.
...
Part of #891
2023-06-29 18:59:27 +01:00
0c5c25f470
arti-client: Load keystore dir and permissions from config.
...
Part of #891
2023-06-29 18:59:27 +01:00
c93fac997e
arti-client: Add expand_keystore_dir function.
...
Part of #891
2023-06-29 18:59:27 +01:00
67db6e3127
arti-client: Add keystore_dir to StorageConfig.
2023-06-29 18:59:27 +01:00
450fa5c474
config: Add ItemOrBool helper for deserializing a bool or a value.
...
This will enable us to support the new `keystore_dir` field, which can
be either a boolean indicating whether the keystore is disabled or
enabled and initialized with the default keystore dir, or a string which
points to a custom keystore directory (and implies the keystore is
enabled):
```
# use this path, fail if compiled out
# keystore = "/path/to/arti/keystore"
#
# use default path, fail if compiled out
# keystore = true
#
# disable
# keystore = false
```
Part of #891
2023-06-29 18:59:27 +01:00
c90f9308c5
Merge branch 'timeouts' into 'main'
...
tor-hsclient: Use estimated timeouts
See merge request tpo/core/arti!1342
2023-06-29 17:19:53 +00:00
729bff6ff9
Merge branch 'maxintro3' into 'main'
...
tor-netdoc: Handle anomalous numbers of introduction points
See merge request tpo/core/arti!1332
2023-06-29 17:09:46 +00:00
d164a9dac2
Mark all {hs,onion-serivce}-client features as non-experimental.
2023-06-29 13:09:37 -04:00
f5532eafe7
tor-keymgr: Replace whole-crate-is-unstable warning
...
arti-client is going to use this so it can't be whole-crate-unstable,
but it can be rapidly-changing.
2023-06-29 17:47:54 +01:00
d960e7c15f
Merge branch 'keymgr-docs' into 'main'
...
keymgr: Fix keymgr docs
See merge request tpo/core/arti!1343
2023-06-29 16:45:07 +00:00
6addbd056b
tor-keymgr features: Document that "keymgr" is experimental
2023-06-29 17:44:51 +01:00
eb12a6e665
tor-keymgr features: Make "keymgr" disabled by default
2023-06-29 17:43:25 +01:00
9f3ec25a08
tor-hsclient: Add some notes about timeouts and hops
2023-06-29 17:41:49 +01:00
a604989ba7
tor-hsclient: Use estimated timeouts for introduction and rendezvous (fmt)
2023-06-29 17:41:49 +01:00
202104d05c
tor-hsclient: Use estimated timeouts for introduction and rendezvous
...
Replacing RPT_IPT_TIMEOUT is not entirely straightforward.
2023-06-29 17:41:49 +01:00
d48215a961
tor-hsclient: Use estimated timeout for hsdir fetches (fmt)
2023-06-29 17:41:49 +01:00
2563256f42
tor-hsclient: Use estimated timeout for hsdir fetches
2023-06-29 17:41:49 +01:00
a84460426f
tor-hsclient: Provide bodge constant for circuit length
2023-06-29 17:41:49 +01:00
fe2935d7c5
tor-hsclient: Plumb timeout estimation machinery
2023-06-29 17:41:49 +01:00
a7d1efe2ce
tor-circmgr: Provide estimate_timeout as a method on HsCircPool
2023-06-29 17:41:49 +01:00
b9530d0762
Merge branch 'netdir_by_rsa_experimental_apis' into 'main'
...
netdir: Conditionally expose APIs for working with unusable relays; document what "usable" means.
See merge request tpo/core/arti!1325
2023-06-29 16:08:51 +00:00
429e5d2512
keymgr: Fix dummy keymgr doc links.
...
`Error` is private to `dummy.rs` so let's not mention it in the docs of
the public items.
2023-06-29 17:08:14 +01:00
7bdc28014e
keymgr: Add missing dummy implementation for KeyType::arti_extension.
...
This fixes a rustdoc warning when building with:
```
cargo doc --locked --offline -p arti --no-default-features --features=full,onion-service-client
```
2023-06-29 17:08:14 +01:00
8133f8e456
Merge branch 'debug' into 'main'
...
tor-hsclient: Reimplement Debug for MockCirc
See merge request tpo/core/arti!1324
2023-06-29 15:46:25 +00:00
2b2ecfbb39
tor-hsclient: Reimplement Debug for MockCirc
...
This is less code. Also it now dumps the connect_called field which
was introduced in the meantime.
2023-06-29 16:11:03 +01:00
799480d885
Merge branch 'circparams' into 'main'
...
tor-hsclient: Use proper CircParameters
Closes #935
See merge request tpo/core/arti!1340
2023-06-29 15:03:40 +00:00
4941a88494
keymgr: Fix wrong_key_type test.
...
The string representation of `SshKeyAlgorithm` on `main` changed between
the time the tests were introduced and the time they were merged.
2023-06-29 15:21:27 +01:00
930ecc9eda
Merge branch 'handshake-error' into 'main'
...
tor-hsclient: Handle handshake completion error correctly
See merge request tpo/core/arti!1336
2023-06-29 13:44:48 +00:00
5c85ba5cf8
tor-hsclient: Use proper CircParameters
...
Fixes #935
2023-06-29 14:24:24 +01:00
f73c06314c
tor-circmgr: Expose CircParameters from NetParameters construction
...
As per #935 .
I called this "circparameters_from_netparameters" not
"circparameters_from_netparams" because the type is "NetParameters"
not "NetParams".
2023-06-29 14:24:19 +01:00
355b40bf84
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages (fmt)
2023-06-29 14:05:25 +01:00
855898ef2f
tor-hsclient: err: Rename to RendezvousCompletionCircuitError
...
Thsi is a bit of a mouthful now, but it is comprehensible.
As per
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917235
2023-06-29 14:04:17 +01:00
d055e105fa
tor-hsclient: err: Mention RENDEZVOUS2 in actual messages
2023-06-29 14:02:50 +01:00
9407fe1ab5
Merge branch 'keymgr-tests' into 'main'
...
keymgr: Add tests for ArtiNativeKeyStore
See merge request tpo/core/arti!1337
2023-06-29 13:02:07 +00:00
b13aa66a16
tor-hsclient: err: Move doc comment to correct impl
...
See
https://gitlab.torproject.org/tpo/core/arti/-/merge_requests/1336#note_2917236
2023-06-29 13:59:33 +01:00
4f8c718c09
tor-hsclient: err: Mention RENDEZVOUS2
2023-06-29 13:57:38 +01:00
bfad582d1e
tor-hsclient: err: Reword comments about error
2023-06-29 13:56:12 +01:00
9790f820f7
netdir: add crosslinks to our definition of "usable".
2023-06-29 08:53:59 -04:00
a902f320b5
netdir: document what we mean by a "usable" relay.
2023-06-29 08:53:59 -04:00
7ac362eba7
netdir: Conditionally expose some by_rsa APIs as experimental.
...
Network-health wants these to see whether a given relay is listed in
the consensus.
cc @juga
2023-06-29 08:53:59 -04:00
83552b559f
Merge branch 'netdir_todos' into 'main'
...
Resolve or defer most TODO HS items in tor-netdir.
See merge request tpo/core/arti!1310
2023-06-29 12:48:32 +00:00
9c853e5b54
Merge branch 'badonion_error_2' into 'main'
...
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
Closes #932
See merge request tpo/core/arti!1331
2023-06-29 12:48:04 +00:00
76376b2abd
netdir: Remove a TODO HS
...
The function this comment is asking us to write is `circtarget_from_pieces`.
2023-06-29 08:19:37 -04:00
c565a67689
Downgrade TODO HS on HsDirParams::compute().expect()
...
(Adding comments explaining that these errors are really
unlikely to occur, unless there is a bug in our code or in Rust's
time handling.)
2023-06-29 08:19:37 -04:00
768452d9e5
netdir: Defer a TODO HS but add a comment
...
This issue with walking over the ring is an issue we really must
solve on the services timeframe, as is the one about looking only at
the rings for which a blinded ID is germane.
2023-06-29 08:19:37 -04:00
2bdf10db84
netdir: take n_replicas and spread_fetch from consensus parameters
...
This makes them configurable, since we allow the user to override
any consensus parameter.
2023-06-29 08:19:37 -04:00
3db0f74e22
netdir: Downgrade/remove/defer some TODO hs entries.
2023-06-29 08:19:37 -04:00
0c43801598
netdir: remove some now-needless warning suppressions.
2023-06-29 08:19:37 -04:00
f2a6754c88
dirmgr: use voting_period.
2023-06-29 08:19:37 -04:00
a9da1283bc
netdir: remove unnecessary wraps from srv_interval, extract_srvs
2023-06-29 08:19:37 -04:00
4803f6447d
netdir: Move voting_period() to netdoc::Lifetime
...
I was going to add a comment about "doing this if we need the voting
period anywhere else" but it turns out that we also use it in dirmgr.
2023-06-29 08:19:37 -04:00
6c06acc02c
arti_client: Add a warning comment to TorAddrError.
2023-06-29 08:16:51 -04:00
800061e70e
arti_client: Move BadOnion from TorAddrError to ErrorDetail.
...
This variant can never be constructed when parsing a TorAddr, so it
doesn't make sense to have it in TorAddrError: the use can never see
it unless they enable `error_detail`.
Not a semver break because the client feature is not yet stable.
Closes #932 .
2023-06-29 08:16:51 -04:00
b059e02093
Merge branch 'keymgr-x25519-keys' into 'main'
...
keymgr: Add support for x25519 keys.
Closes #900
See merge request tpo/core/arti!1321
2023-06-29 11:46:03 +00:00
294bb728cf
keymgr: Add a TODO about implementing and testing has_key_bundle.
2023-06-29 12:10:35 +01:00
68c91223f1
keymgr: Add some basic insert and remove tests.
2023-06-29 12:10:35 +01:00
4d5f414017
keymgr: Add assert_found! test helper.
2023-06-29 11:54:54 +01:00
91573c6cbc
keymgr: Add some key retrieval tests for ArtiNativeKeyStore.
2023-06-29 11:54:54 +01:00
fd3b42688d
keymgr: Add a gen_keys param to init_keystore.
...
This will enable future tests to optionally initialize the test key
store with some test keys.
2023-06-29 11:54:54 +01:00
bc447524c2
keymgr: Add tests for ArtiNativeKeyStore::key_path.
2023-06-29 11:54:54 +01:00
89d52fff3e
keymgr: Derive Debug for ArtiNativeKeyStore.
2023-06-29 11:49:31 +01:00
ff02270307
keymgr: Add tests for ssh key handling.
...
Part of #895
2023-06-29 11:49:31 +01:00
16a7bb4624
keymgr: Return the key, not Box<()>.
...
This fixes a bug which caused the function to always return a
type-erased `()` instead of the actual key!
2023-06-29 11:49:31 +01:00
d999ea07ba
Merge branch 'config-option' into 'main'
...
arti cfg tests: exception declaration improvements
See merge request tpo/core/arti!1330
2023-06-29 10:43:00 +00:00
c1ab36dbec
Merge branch 'cleanup-todos-circmgr' into 'main'
...
Resolve a few "TODO HS" items in circmgr.
See merge request tpo/core/arti!1322
2023-06-28 20:14:24 +00:00
48f7fbbc96
Merge branch 'lifecycle_doc_tweaks' into 'main'
...
Documentation, mostly on channel and circuit lifecycles
See merge request tpo/core/arti!1318
2023-06-28 20:06:58 +00:00
02878518b8
circmgr: Refactor duplicate logic.
...
These two functions are only slightly different, and benefit from
taking a Fn.
2023-06-28 15:28:52 -04:00
6affb50c1a
circmgr: Remove a "TODO HS" about path restrictions.
...
I looked through the C tor source code and couldn't find any
additional path restrictions.
2023-06-28 15:28:52 -04:00
d32ba9ed18
circmgr: Defer two "TODO HS" in hspool
...
One of these is test-related; one is vanguards-related.
2023-06-28 15:28:52 -04:00
4ad1a5c6ac
ChanMgr: Tweak documentation a bit.
...
Adjust formatting, add more references to lower-level APIs, and
clarify lifetimes a little more.
2023-06-28 15:26:22 -04:00
2944d4f91f
proto: ClientCirc: remove now-obsolete note on Clone-ness
2023-06-28 15:26:22 -04:00
644c51173a
proto: document ClientCirc lifecycle better.
2023-06-28 15:26:22 -04:00
e8e95ec03b
proto: document channel lifecycle better.
2023-06-28 15:26:22 -04:00
4003e032d6
Remove spurious todo-hs items in tor-cert.
...
I am not sure why we wrote these comments, but they are incorrect:
I've investigated the C code and found only 3 key types. The
"unimplemented" types that the TODO comment here complains about are
in fact certificate types.
2023-06-28 15:18:13 -04:00
47b577d7a0
tor-netdoc: Placate clippy (fmt)
2023-06-28 18:57:06 +01:00
56813d9650
tor-netdoc: Placate clippy
2023-06-28 18:56:49 +01:00
f136e8ac41
Merge branch 'more-keymgr-todos' into 'main'
...
keymgr: Downgrade "TODO hs" to "TODO HSS".
See merge request tpo/core/arti!1334
2023-06-28 17:30:43 +00:00
8f1a71850c
tor-hsclient: Handle handshake completion error correctly
2023-06-28 17:14:45 +01:00
9216f628f1
tor-hsclient: Rename RendezvousCompletionCircuit from RendezvousCompletion
...
We need to handle errors during the handshake. That also produces a
`tor_proto::Error` but we want to print a different message for that,
so let's rename this before adding the new variant.
2023-06-28 17:14:26 +01:00
4eb3e3b6ec
tor-hsclient: Move handling of Bug to new section
...
It was wrong where ti was.
2023-06-28 17:14:26 +01:00
18478b47a7
tor-hsclient: Make RendPtIdentityForError use RelayIds
...
Since arti!1233 this is trivial.
2023-06-28 16:49:49 +01:00
4d071d1c07
tor-hsclient: Use RendPtIdentityForError in more places
...
For some reason this wasn't used in the actual errors,
although it *was* used in the types of the functions etc.
2023-06-28 16:47:55 +01:00
609e6ce7c7
keymgr: Downgrade "TODO hs" to "TODO HSS".
...
These TODOs can be deferred for now: we're not declaring the keymgr APIs
stable until we add support for hidden services.
2023-06-28 16:44:06 +01:00
8908d39872
tor-netdoc: Test hsdescs inners with a variety of IPT counts (fmt)
2023-06-28 16:29:05 +01:00
de63a6092d
tor-netdoc: Test hsdescs inners with a variety of IPT counts
2023-06-28 16:28:19 +01:00
cf4adad96e
tor-netdoc: hsdesc: Disregard intro points after the MAX'th
2023-06-28 16:28:11 +01:00
Gabriela Moldovan
Ian Jackson
Nick Mathewson
juga
Alexander Færøy
eta
Saksham Mittal
Ian Jackson
Kunal Mehta
trinity-1686a