The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2020-10-26T17:09:19Zhttps://gitlab.torproject.org/tpo/core/arti/-/issues/16Expand documentation in tor-proto, tor-netdoc, tor-netdir, and tor-cell2020-10-26T17:09:19ZNick MathewsonExpand documentation in tor-proto, tor-netdoc, tor-netdir, and tor-cellThere's documentation in these crates, but I'd like it to be more detailed, and explain things better to people who don't already know how the Tor protocol works.There's documentation in these crates, but I'd like it to be more detailed, and explain things better to people who don't already know how the Tor protocol works.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/15Audit all XXXX and TODO code to find things that must be fixed in milestone 3...2020-10-18T21:40:24ZNick MathewsonAudit all XXXX and TODO code to find things that must be fixed in milestone 3 and milestone A.(milestone IDs from TODO file)
My definition for milestone 3 is more or less "the code is working and clean and not too scary; we've cleared out technical debt that will bite us if we leave it for a long time."
My definition for milest...(milestone IDs from TODO file)
My definition for milestone 3 is more or less "the code is working and clean and not too scary; we've cleared out technical debt that will bite us if we leave it for a long time."
My definition for milestone A1 is more or less "there is a minimal socks client that might not be too secure, but it probably won't DOS the network if you try to use it. Time to dogfood!"
My definition for milestone A2 is more or less "there is a public API that we won't be embarrassed to suggest that hackers try out."
The code is currently littered with XXXX and TODO comments -- 228 of them in total. I should figure out which of them, if any, will prevent us from reaching those milestones, and open tickets as appropriate.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/13Test coverage on tor-proto above 75%2020-10-27T18:44:12ZNick MathewsonTest coverage on tor-proto above 75%There should be very high test coverage for the tor-proto crate. This may require refactoring tor-proto to make it testable.There should be very high test coverage for the tor-proto crate. This may require refactoring tor-proto to make it testable.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/12Audit tor-proto for cases where unexpected cells are ignored2020-10-20T17:41:55ZNick MathewsonAudit tor-proto for cases where unexpected cells are ignored@mikeperry recommends that we should never let unexpected cells pass unnoticed, or else we'll have more "dropmark" style attacks. That's a good idea; I should look over every place in the crate where something accepts a cell, and decide...@mikeperry recommends that we should never let unexpected cells pass unnoticed, or else we'll have more "dropmark" style attacks. That's a good idea; I should look over every place in the crate where something accepts a cell, and decides not to do anything with it.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/11Use minimized cell-type wrappers throughout the codebase2020-10-15T18:46:13ZNick MathewsonUse minimized cell-type wrappers throughout the codebaseNot every cell type belongs on a circuit; not every relay cell type belongs on an open stream. Right now we use `if` checks to enforce these things, but it would be smarter to use a specialized set of types so that it's easy to see wher...Not every cell type belongs on a circuit; not every relay cell type belongs on an open stream. Right now we use `if` checks to enforce these things, but it would be smarter to use a specialized set of types so that it's easy to see where the checks and conversions happen.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/9Make APIs conform to rust API best practices2023-01-18T14:49:03ZNick MathewsonMake APIs conform to rust API best practicesThere are recommendations for making rust APIs present a similar look and feel. It would be good to apply them to our codebase.
* https://github.com/rust-lang/api-guidelines
* Also for historical purposes see https://deterministic.spa...There are recommendations for making rust APIs present a similar look and feel. It would be good to apply them to our codebase.
* https://github.com/rust-lang/api-guidelines
* Also for historical purposes see https://deterministic.space/elegant-apis-in-rust.htmlM3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/8Document requirements for versions, consensus methods, protocols, etc2020-10-18T20:01:38ZNick MathewsonDocument requirements for versions, consensus methods, protocols, etcIt's deliberate that arti doesn't support every old version of Tor. But we should document what it actually requires in terms of conensus methods, protocol versions, and so forth.It's deliberate that arti doesn't support every old version of Tor. But we should document what it actually requires in terms of conensus methods, protocol versions, and so forth.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/6Better type for ed25519 identifiers2020-10-15T16:57:11ZNick MathewsonBetter type for ed25519 identifiersWe validate ed25519 public keys every time we read them. I should benchmark that, but I think it could be more expensive than we want. I should make a better type here.We validate ed25519 public keys every time we read them. I should benchmark that, but I think it could be more expensive than we want. I should make a better type here.M3: Cleanup and tidyNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/network-health/metrics/library/-/issues/40001Support OnionPerf analysis file version 3.02020-08-07T19:26:47ZKarsten LoesingSupport OnionPerf analysis file version 3.0As discussed in tpo/metrics/onionperf#33974, we'll have to update metrics-lib to support OnionPerf analysis file version 3.0. Assigning to me.As discussed in tpo/metrics/onionperf#33974, we'll have to update metrics-lib to support OnionPerf analysis file version 3.0. Assigning to me.OnionPerf: Scalability, Performance, Establishing Basline MetricsKarsten LoesingKarsten Loesinghttps://gitlab.torproject.org/tpo/network-health/metrics/onionperf/-/issues/28271Check OnionPerf instances from Nagios2020-08-19T18:45:08ZirlCheck OnionPerf instances from NagiosThere are a few things that we can check, some are easier than others.
* Is the host up and the webserver running? (this is easy with built-in checks)
* Is the tgen server running on the Internet? (this is easy with built-in checks)
* I...There are a few things that we can check, some are easier than others.
* Is the host up and the webserver running? (this is easy with built-in checks)
* Is the tgen server running on the Internet? (this is easy with built-in checks)
* Is the analyze task running? (needs a plugin)
* Is the tgen server running on an Onion service? (needs a plugin)
For monitoring the Onion service, I'm looking at reusable plugins, so there are two tests. One checks to see how old the descriptor is and a second test actually tries connecting to the service. The first of these tests is affected by legacy/trac#28269 (but not blocked) and both are blocked by [[https://github.com/robgjansen/onionperf/issues/42|onionperf#42]].
As a workaround for monitoring the Onion service, which really is the bit that is breaking, we can instead monitor the analysis of timeouts from Tor Metrics' CSV files.OnionPerf: Scalability, Performance, Establishing Basline MetricsKarsten LoesingKarsten Loesinghttps://gitlab.torproject.org/tpo/core/arti/-/issues/47tor-dirmgr: Never expose a DirMgr without a NetDir2021-09-16T14:40:22ZNick Mathewsontor-dirmgr: Never expose a DirMgr without a NetDirRight now, you can have a DirMgr that doesn't have any directory info at all. Instead, we should make it so that if you get a DirMgr, you're bootstrapped.Right now, you can have a DirMgr that doesn't have any directory info at all. Instead, we should make it so that if you get a DirMgr, you're bootstrapped.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/46Support attempts to connect to an IPv6 address2020-12-15T19:43:33ZNick MathewsonSupport attempts to connect to an IPv6 addressWhen trying to connect to an IPv6 address, we should check the declared IPv6 policy for the exit.
Possibly, this will involve getting our begindir flags right.When trying to connect to an IPv6 address, we should check the declared IPv6 policy for the exit.
Possibly, this will involve getting our begindir flags right.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/42Stop handing out circuits that are too dirty2020-12-15T16:41:31ZNick MathewsonStop handing out circuits that are too dirtyIf we have some way to track when a circuit became dirty, we can stop handing out circuits that have been dirty for too long.If we have some way to track when a circuit became dirty, we can stop handing out circuits that have been dirty for too long.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/40Update existing directory with new information2020-12-07T14:15:57ZNick MathewsonUpdate existing directory with new informationWhen we have a directory, we might not have all its microdescriptors. We should continue trying to fetch them until we abandon that directory.When we have a directory, we might not have all its microdescriptors. We should continue trying to fetch them until we abandon that directory.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/37Clean-ups in directory download code2021-02-05T17:38:44ZNick MathewsonClean-ups in directory download codeHere's what needs to happen to clean up the directory download code:
* [x] Audit all the XXXXs to see if any are mustfix.
* [x] Open tickets for nontrivial mustfix XXXXs
* [ ] Better testing in tor-dirclient
* [ ] Better testing...Here's what needs to happen to clean up the directory download code:
* [x] Audit all the XXXXs to see if any are mustfix.
* [x] Open tickets for nontrivial mustfix XXXXs
* [ ] Better testing in tor-dirclient
* [ ] Better testing in tor-netdir
* [ ] Better testing in tor-dirmgr.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/36Support retries and timeouts in directory download code2020-12-02T14:47:14ZNick MathewsonSupport retries and timeouts in directory download code * [x] Time out directory requests that take too long
* [x] Retry requests for directories that we can't fetch.
* [x] Abandon circuits where we time out or find that they don't work. * [x] Time out directory requests that take too long
* [x] Retry requests for directories that we can't fetch.
* [x] Abandon circuits where we time out or find that they don't work.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/31Implement (client-side) consensus diffs2020-12-17T20:56:19ZNick MathewsonImplement (client-side) consensus diffsWe should write support for processing consensus diffs.
This should be pretty simple, since we don't need to generate diffs.We should write support for processing consensus diffs.
This should be pretty simple, since we don't need to generate diffs.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/30Download missing directory information and store it to disk2020-12-01T02:34:59ZNick MathewsonDownload missing directory information and store it to diskWe'll need to have code that does more or less the following:
* [x] Decide which resources we are missing, and need to download
* [x] Batch them into requests
* [x] Make those requests via HTTP-over-begindir
* [x] Receive the res...We'll need to have code that does more or less the following:
* [x] Decide which resources we are missing, and need to download
* [x] Batch them into requests
* [x] Make those requests via HTTP-over-begindir
* [x] Receive the result
* [x] Decompress the result
* [x] Validate the result
* [x] Store the result to disk if it is valid.
* [x] Find a way to let the in-memory directory exist in an 'updating' state.
* [x] Update the in-memory directory with the result.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/29Store directory information on disk2020-11-30T17:56:34ZNick MathewsonStore directory information on diskWe should have support for storing directory stuff on disk. It doesn't need to be backward-compatible with Tor.
* [x] Extract read-tor-files code into tor-netdir
* [x] Basic sqlite implementation
* [x] Complete documentation
* [x] C...We should have support for storing directory stuff on disk. It doesn't need to be backward-compatible with Tor.
* [x] Extract read-tor-files code into tor-netdir
* [x] Basic sqlite implementation
* [x] Complete documentation
* [x] Complete test coverage
* [x] Invoke the code that expires old stuff from the directory.A1: minimal socksportNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/tpo/core/arti/-/issues/26Make a "channel-manager" to create channels on demand2020-10-30T19:44:54ZNick MathewsonMake a "channel-manager" to create channels on demandThe directory client code and the client code will both want to use a "channel manager" that launches channels on demand, and returns channels that already exist.The directory client code and the client code will both want to use a "channel manager" that launches channels on demand, and returns channels that already exist.A1: minimal socksportNick MathewsonNick Mathewson