From 2c6f1da0b696d82d0517ed5da3ba593e91b86c20547721d1b95d8f7ee8cd8cde Mon Sep 17 00:00:00 2001 From: Eyad Issa Date: Sun, 10 Dec 2023 16:29:39 +0000 Subject: [PATCH] Accepting request 1132326 from home:VaiTon:branches:network - Update to version 1.1.11: Arti 1.1.11 continues work on support for running onion services. Onion services are now working in our testing, and we expect we'll have something testable by others in our next release. Arti 1.1.11 also increases our MSRV (Minimum Supported Rust Version) to 1.70, in accordance with our [MSRV policy]. ### Onion service development - Correct our handling of BEGIN and END messages to bring them into conformance with the C Tor implementation and the specification. ([#1077], [!1694], [!1738]) - In our key manager, use macros to define key specifiers, instead of repeating the same boilerplate code. ([#1069], [#1093], [!1710], [!1733]) - Refactoring and refinement on the definitions of onion-service-related errors. ([!1718], [!1724], [!1750], [!1751], [!1779]) - Add a "time-store" mechanism for (as correctly as possible) storing and loading future timestamps, even in the presence of system clock skew ([!1723], [!1774]) - Implement a replay-log backend to prevent INTRODUCE replay attacks against onion services. ([!1725]) - Improved encoding for key-denotators in the key manager. ([#1063], [#1070], [!1722]) - Allow a single key to have more than one denotator in its path. ([#1112], [!1747]) - Use an order-preserving-encryption back-end to generate monotonically increasing revision counters for onion service descriptors. We do this to ensure a reproducible series of counters without leaking our clock skew. ([#1053], [!1741], [!1744]) - Deprecate key types for INTRODUCE-based authentication: C tor has never implemented this, and we do not plan to implement it without additional specification work. ([#1037], [!1749]) OBS-URL: https://build.opensuse.org/request/show/1132326 OBS-URL: https://build.opensuse.org/package/show/network/arti?expand=0&rev=10 --- _service | 4 ++- _servicedata | 2 +- arti-1.1.10~0.obscpio | 3 -- arti-1.1.11~0.obscpio | 3 ++ arti.changes | 65 ++++++++++++++++++++++++++++++++++++++++--- arti.obsinfo | 6 ++-- arti.spec | 6 +--- cargo_config | 5 ---- vendor.tar.zst | 4 +-- 9 files changed, 74 insertions(+), 24 deletions(-) delete mode 100644 arti-1.1.10~0.obscpio create mode 100644 arti-1.1.11~0.obscpio delete mode 100644 cargo_config diff --git a/_service b/_service index 9d9bf76..2081207 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://gitlab.torproject.org/tpo/core/arti.git @PARENT_TAG@~@TAG_OFFSET@ git - arti-v1.1.10 + arti-v1.1.11 * arti-v(\d+\.\d+\.\d+) \1 @@ -57,9 +57,11 @@ --> RUSTSEC-2023-0052 + arti + diff --git a/_servicedata b/_servicedata index 65d6f27..164ff92 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://gitlab.torproject.org/tpo/core/arti.git - 3d8ac346c6044d9455944aa7a3c10fcc0baf814e \ No newline at end of file + db9a5263e7b185b90750c658dff8e5a50fce0a2e \ No newline at end of file diff --git a/arti-1.1.10~0.obscpio b/arti-1.1.10~0.obscpio deleted file mode 100644 index c102e7f..0000000 --- a/arti-1.1.10~0.obscpio +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:38da75494a60fa93f21dc1dfb0e524539dd27067382d63babc9538a75902bf52 -size 59505166 diff --git a/arti-1.1.11~0.obscpio b/arti-1.1.11~0.obscpio new file mode 100644 index 0000000..0854f7d --- /dev/null +++ b/arti-1.1.11~0.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:089bb58b408fa5952267f0b1124f64368cf05497cde2a9f7f4f7c57e56ea0a2d +size 59665934 diff --git a/arti.changes b/arti.changes index b7b1295..05b9391 100644 --- a/arti.changes +++ b/arti.changes @@ -1,8 +1,65 @@ +------------------------------------------------------------------- +Fri Dec 08 22:07:44 UTC 2023 - eyadlorenzo@gmail.com + +- Update to version 1.1.11: + + Arti 1.1.11 continues work on support for running onion services. + Onion services are now working in our testing, and we expect we'll + have something testable by others in our next release. + + Arti 1.1.11 also increases our MSRV (Minimum Supported Rust Version) + to 1.70, in accordance with our [MSRV policy]. + + ### Onion service development + + - Correct our handling of BEGIN and END messages to bring them + into conformance with the C Tor implementation and the specification. + ([#1077], [!1694], [!1738]) + - In our key manager, use macros to define key specifiers, instead of + repeating the same boilerplate code. ([#1069], [#1093], [!1710], + [!1733]) + - Refactoring and refinement on the definitions of onion-service-related + errors. ([!1718], [!1724], [!1750], [!1751], [!1779]) + - Add a "time-store" mechanism for (as correctly as possible) storing and loading + future timestamps, even in the presence of system clock skew ([!1723], [!1774]) + - Implement a replay-log backend to prevent INTRODUCE replay attacks + against onion services. ([!1725]) + - Improved encoding for key-denotators in the key manager. ([#1063], + [#1070], [!1722]) + - Allow a single key to have more than one denotator in its path. + ([#1112], [!1747]) + - Use an order-preserving-encryption back-end to generate + monotonically increasing revision counters for onion service + descriptors. We do this to ensure a reproducible series of counters + without leaking our clock skew. ([#1053], [!1741], [!1744]) + - Deprecate key types for INTRODUCE-based authentication: + C tor has never implemented this, and we do not plan to implement it + without additional specification work. ([#1037], [!1749]) + - When establishing an introduction point, send the `intro_dos` + extension as appropriate. ([#723], [!1740]) + - Added conversion functions and initial persistence support for + introduction point keys. ([!1756]) + - Start work on introduction point persistence. ([!1755], [!1765]). + - Revert to our intended configuration format for onion service proxy rules. + ([#1058], [!1771]) + + ### Client features + + - Backend and API code for the "ntor-v3" circuit-extension handshake. + This handshake adds the ability to send additional options + from the client to the relay when creating or extending a circuit, + and will eventually be used to negotiate protocol features like + RTT-based congestion control and UDP-over-Tor support. + ([!1720], [!1739]) + + + + ------------------------------------------------------------------- Mon Nov 13 17:17:23 UTC 2023 - eyadlorenzo@gmail.com - Update to version 1.1.10: - + Arti 1.1.10 continues work on support for onion services in Arti. At last, we can (technically) run as an onion service... though not yet in a useful way. (Onion services don't yet recover @@ -24,7 +81,7 @@ Mon Nov 13 17:17:23 UTC 2023 - eyadlorenzo@gmail.com - In [`tor-cert`], `encode_and_sign` now returns an `Ed25519EncodedCert` rather than a raw `Vec`. ([!1702]) - + ### Client features - Arti can now be configured to listen for connections on @@ -52,9 +109,9 @@ Mon Oct 30 12:37:00 UTC 2023 - Guillaume GARDET ------------------------------------------------------------------- Wed Oct 25 21:58:30 UTC 2023 - Eyad Issa -- Run format_spec_file service +- Run format_spec_file service ------------------------------------------------------------------- Fri Oct 20 16:54:29 UTC 2023 - Eyad Issa -- Version 1.1.9 +- Version 1.1.9 diff --git a/arti.obsinfo b/arti.obsinfo index e4067a6..67e4a65 100644 --- a/arti.obsinfo +++ b/arti.obsinfo @@ -1,4 +1,4 @@ name: arti -version: 1.1.10~0 -mtime: 1698768032 -commit: 3d8ac346c6044d9455944aa7a3c10fcc0baf814e +version: 1.1.11~0 +mtime: 1701710674 +commit: db9a5263e7b185b90750c658dff8e5a50fce0a2e diff --git a/arti.spec b/arti.spec index 499d734..4c95d08 100644 --- a/arti.spec +++ b/arti.spec @@ -18,7 +18,7 @@ Name: arti # This will be set by osc services, that will run after this. -Version: 1.1.10~0 +Version: 1.1.11~0 Release: 0 Summary: An implementation of Tor, in Rust. # If you know the license, put it's SPDX string here. @@ -27,7 +27,6 @@ License: Apache-2.0 OR MIT URL: https://gitlab.torproject.org/tpo/core/arti Source0: %{name}-%{version}.tar Source1: vendor.tar.zst -Source2: cargo_config BuildRequires: cargo-packaging BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(sqlite3) @@ -40,9 +39,6 @@ An implementation of Tor, in Rust. %prep %autosetup -p1 -a1 -install -D -m 644 %{SOURCE2} .cargo/config -# Remove exec bits to prevent an issue in fedora shebang checking. Uncomment only if required. -# find vendor -type f -name \*.rs -exec chmod -x '{}' \; %build %{cargo_build} diff --git a/cargo_config b/cargo_config deleted file mode 100644 index 6fb4ff4..0000000 --- a/cargo_config +++ /dev/null @@ -1,5 +0,0 @@ -[source.crates-io] -replace-with = "vendored-sources" - -[source.vendored-sources] -directory = "vendor" \ No newline at end of file diff --git a/vendor.tar.zst b/vendor.tar.zst index cc3596d..3544477 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:bf9b1bcb5b9222003bfb4f4abfbf0b2b6b87b6366d08596977d2a8993a456df4 -size 52740477 +oid sha256:cf0871aaea272014e2621b49fe7d567ff3ab43499bfeac492c61fb27e24e0e2e +size 56607331