Commit Graph

1172 Commits

Author SHA1 Message Date
Fang
c444806c3d
eyre: explicitly permit proposed request in cors
Instead of always providing a wildcard for the allowed methods and
headers, now echoes back the method and headers that the client asked
for, if any.

Fixes #3676.
2020-10-09 14:07:05 +02:00
fang
e512e91f37
hoon: go full lark in +lead and +late (#3442)
To avoid wet-gate issues around face shadowing and such things.
2020-10-07 15:11:05 +02:00
Joe Bryan
00c1fbc185 hoon: virtualize cue when parsing %blob coin literals 2020-10-06 18:01:09 -07:00
Joe Bryan
88d9510111 Merge branch 'release/next-sys' into jb/co-norm
* release/next-sys:
  pill: solid
  zuse: rewrites |base16 for clarity, simplicity, specificity
  zuse: adds basic tests for |base16
  zuse: adds |base16 hex $oct en/decoder
  eyre: prevent binding in reserved namespaces
  pill: solid
  zuse: removes redundant definitions of $mite and $octs
  ames: print failed scrys
2020-10-06 13:38:16 -07:00
Joe Bryan
bec9006e53 hoon: modernizes syntax in the rest of |co 2020-10-06 13:37:28 -07:00
Joe Bryan
07e17e5895 hoon: updates @p rendering to avoid intermediate right-shifts 2020-10-06 13:37:22 -07:00
Joe Bryan
934721b6bc hoon: refactors @da/@dr coin printing 2020-10-06 13:37:22 -07:00
Joe Bryan
bb4d89af46 hoon: comments, modernizes syntax for all +*-co:co gates 2020-10-06 13:37:22 -07:00
Joe Bryan
ce9bdb8b73 hoon: refactors +r-co:co, modernizing syntax 2020-10-06 13:37:22 -07:00
Joe Bryan
ebb76c1c5a hoon: comments, modernizes syntax for all +**-co gates 2020-10-06 13:37:16 -07:00
Joe Bryan
e786a5f165 zuse: rewrites |base16 for clarity, simplicity, specificity 2020-10-06 11:45:16 -07:00
Joe Bryan
9118913412 zuse: adds |base16 hex $oct en/decoder 2020-10-06 10:56:09 -07:00
Joe Bryan
c8ae2c2537
Merge pull request #3643 from urbit/jb/octs-once
zuse: remove duplicate $octs definition
2020-10-06 10:51:44 -07:00
fang
a1e43e02a0
eyre: prevent binding in reserved namespaces
Disallows registering bindings (through %connect and %serve) that would capture
traffic on paths starting with /~ (Eyre's) or /~_~ (runtime's, as of cc389c5).

Note that we don't touch +insert-binding, which is used by Eyre internally to
set up bindings in its own namespace.
2020-10-06 16:50:49 +02:00
Joe Bryan
b5c9f4ed2a zuse: removes redundant definitions of $mite and $octs 2020-10-03 23:34:10 -07:00
Joe Bryan
a208387a72
Merge pull request #3520 from urbit/ted/ames-scry-print
ames: print failed scrys
2020-10-02 15:30:27 -07:00
Joe Bryan
feeb15e3ed hoon: refactors +ro-co:co, modernizing syntax 2020-10-02 00:28:29 -07:00
Joe Bryan
ebc638522d hoon: use +pow instead of handrolled loop in +ox-co:co 2020-10-01 19:15:46 -07:00
Joe Bryan
2f2af91730 hoon: use +dvr instead of +div/+mod in |co helpers 2020-10-01 19:15:04 -07:00
fang
be1f4a5f6b
eyre: add authentication checker scry endpoint
Lets you check whether a specific Cookie header value string constitutes an
authenticated request.

/ex/=//=/authenticated/cookie/(scot %t 'cookie-string')

Intended for use in the runtime, for example with #3557.
2020-10-01 19:55:16 +02:00
fang
a37b728b86
Merge pull request #3565 from tylershuster/eyre-response-code
eyre: send 'no content' status with no content
2020-10-01 16:06:44 +02:00
Fang
0866d99c73
eyre: minimal CORS support
Adds a cors-registry to Eyre's state that tracks allowed and rejected
origins for the purposes of CORS request handling.

For preflight requests, generates a response in-line.
For simple requests, adds CORS headers onto whatever response is given.

See also:
https://groups.google.com/a/urbit.org/g/dev/c/bb82dwEJGzM/m/q2JjNSx5BwAJ
2020-09-30 15:54:15 +02:00
Elliot Glaysher
cea51ef16d
Merge pull request #3553 from pkova/eyre
eyre: remove superfluous connection-state check
2020-09-28 10:50:20 -04:00
Tyler Brown Cifu Shuster
9d1514385f Merge branch 'release/next-sys' of https://github.com/urbit/urbit into eyre-response-code 2020-09-27 21:28:04 -07:00
Tyler Brown Cifu Shuster
8a9534e0ac eyre: send 'no content' headers with no content 2020-09-24 21:07:07 -07:00
fang
c46061eda7
zuse: make octs value @ instead of @t
Because these things aren't always printable/valid @t.
2020-09-24 21:36:45 +02:00
pkova
5902ef9a53 eyre: remove superfluous connection-state check
This was originally introduced by me in #1814 to address #1811. Eyre was not
canceling heartbeat timers on all relevant events making it easy to end
up with an infinite behn loop. This check allowed ships that entered an infinite
loop to recover, as per my comment at
https://github.com/urbit/urbit/pull/1814#discussion_r333477482. Otherwise it's
not necessary.
2020-09-24 17:50:42 +03:00
Paul Driver
513c0e92d8 hoon: ensure lib/bip32 is working with new secp, remove old secp 2020-09-18 17:43:15 -07:00
Paul Driver
a675bf322a vere: wire up jets for new secp 2020-09-18 17:16:10 -07:00
Joe Bryan
30befdf4a9 arvo: updates +of-wain:format sample
and consistently uses $cord and $wain in of/to-wain
2020-09-18 16:15:13 -07:00
Paul Driver
2da36aa234 arvo: change sample type of ++to-wain:format to @t
@t further indicates to the caller (although loosely, because auras
are loosely enforced types) that the input should not contain embedded
NUL bytes, which are not valid @t.

Separately, a minor improvement has been made to the performance of
the raw hoon by pinning the gates used in the inner loop.
2020-09-18 16:15:12 -07:00
Paul Driver
3aaf82de5e arvo: accept embedded nulls in to-wain:format
Prior to this commit, there was a jet mismatch in to-wain (formerly
called lore, and still jetted under that name). 0 bytes in the middle of
a cord caused the jet to crash, whereas the hoon simply treated them as
the end of cord and truncated the output. The history of this behavior
is fraught with controversy. This commit rectifies the current mess with
the following rationale: Null bytes are valid ASCII/UTF-8, and \n\n in
the input will cause null list items in the output, so nulls are (for
the purposes of to-wain) allowed in cords. Trailing nulls cannot be
represented because of the nature of atoms, but that is outside the
scope of to-wain's concern. Therefore to-wain should simply measure the
cord and split on newlines, and do nothing fancy at all with nulls.

In addition, the hoon for to-wain was written in an inefficient style
that produced a lot of intermediate garbage atoms via rsh and cat. This
commit's implementation measures once and cuts once, so to speak, and so
avoids the intermediate garbage.  Quick benchmarks suggest it is about
20x faster than the old hoon, but still orders of magnitude slower than
the jetted code. to-wain is the workhorse for the txt mark, so we should
still prefer to have a jet.

The old jet is left wired up under %lore, and should be removed when
support for the old, unupgraded zuse is no longer necessary. A new jet
with matching null handling has been wired up under the name %leer.
2020-09-18 16:15:10 -07:00
Paul Driver
44b7d5de6b zuse: make it clear where the secp jet should make explicit size checks
Well-behaved secp jets can now plausibly exit if they are given inputs
of the wrong size/range. Previously this was either not checked or the inputs
were silently truncated.
2020-09-18 15:59:00 -07:00
Paul Driver
9be3318ae9 zuse: add refactored secp core (unjetted)
The secp core had some flaws: in particular, the logic for signing/recovery
did not match libsecbp256k1 w.r.t. the enigmatic "recid" (v) value. The jet
hints were also subtly wrong, in that the curve parameters were in a sample
(not an arm) and thus not matched by the jet matching scheme. Consequently,
the jets would be used (but incorrect) for other curve parameters.

Tests were also added to exercise the recovery id cases thoroughly.
2020-09-18 14:47:22 -07:00
Ted Blackman
f2be97d315 ames: print failed scrys 2020-09-18 16:06:13 -04:00
Joe Bryan
74d5d5df24 hoon: refactors +stir types/comments for clarity 2020-09-11 12:48:19 -07:00
Joe Bryan
d89210cceb hoon: rewrites +stir using tail-recursion and +roll 2020-09-11 12:48:14 -07:00
Joe Bryan
31fe240632 arvo: adds |meld, triggering memory unification 2020-09-09 22:50:43 -07:00
Joe Bryan
7f0b500778 arvo: adds |trim, triggering memory reclamation 2020-09-09 22:49:37 -07:00
Fang
ef4b56f8c7
dill: send styled text to runtime as-is
Depending on the additions to term.c made in 467d8d239 allows dill to
forget about ansi escape codes, and pass styled text nouns straight on
to vere.

Also removes a bit of logic from drum, which assumed things about the
rendering of escape codes to adjust cursor positioning. Now it simply
states the semantic cursor position, letting the runtime deal with the
potential influence of styling.
2020-09-09 19:09:29 +02:00
Philip Monk
f9665c0cbd
Merge pull request #3378 from urbit/philip/base-hash
clay: expose mergebase as base-hash
2020-09-08 20:11:05 -07:00
matildepark
c45691d214
Merge pull request #3408 from urbit/lf/xml-ver
zuse: allow xml declaration in +de-xml:html
2020-09-05 16:17:31 -04:00
Philip Monk
c7480c9b07
clay: fix bug in %mate
If both sides changed a file in the same way, %mate used the version in
the mergebase, which is incorrect.  This changes it to use the version
in the destination desk.

An example of this issue:

    > +cat %/test/hoon
    /~zod/home/~2020.9.3..21.41.24..61ed/test/hoon
    first

    > |merge %scratch our %home
    >=
    merged with strategy %fine
    + /~zod/scratch/2/test/hoon

    > +cat /=scratch=/test
    /~zod/scratch/~2020.9.3..21.41.32..408c/test/hoon
    first

    > *%/test/hoon 'second'
    : /~zod/home/3/test/hoon

    > *%%%/scratch=/test/hoon 'second'
    : /~zod/scratch/3/test/hoon

    > |merge %scratch our %home
    >=
    %fine merge failed, trying %meet
    %meet merge failed, trying %mate
    merged with strategy %mate
    : /~zod/scratch/4/test/hoon

    > +cat /=scratch=/test
    /~zod/scratch/~2020.9.3..21.42.25..9e8b/test/hoon
    first
2020-09-03 14:34:30 -07:00
Liam Fitzgerald
5020223ff2 zuse: de-xml:html handles declarations as in spec 2020-09-01 02:15:19 +10:00
Liam Fitzgerald
b5f64715f4 zuse: allow xml declaration in +de-xml:html
Allows for parsing of an xml declaration. Throws it away, as the
datastructure doesn't have anywhere to put the result
2020-08-31 12:24:41 +10:00
Philip Monk
67c5caada8
clay: add safe merge options
As described in gen/hood/merge/help.txt
2020-08-28 16:36:00 -07:00
Fang
2385670631
Merge pull request #3387 from urbit/m/eyre-wack-gall
eyre: prevent %eyre-no-channel errors
2020-08-27 22:26:19 +02:00
Fang
b06f8a0f9e
eyre: send %leave on %fact/ack for deleted channel
Ordinarily, eyre cleans up the relevant gall subscriptions whenever a
channel disappears. In yet unresolved erroneous behavior though, it may
leave a gall subscription open, despite wiping the channel from state.

Attempting to pass the response onto the deleted channel anyway results
in an %eyre-no-channel error later in the event. The volume of these
errors can degrade the user experience, as per #3196.

To resolve the annoyance (but not the underlying issue) we detect the
"subscription has no channel" case, and issue a %leave. Doing so
requires additional information in the wire, so we add that in,
refactoring the relevant wire building along the way.

Note that due to the wire requirements, this cannot resolve existing
cases. For that, we depend on bc929ba6d.
2020-08-27 14:16:46 +02:00
Fang
bc929ba6db
gall: forget eyre subscriptions once
As part of the solution to #3196, we need to clean up any gall
subscriptions that eyre didn't properly clean up.

Since detecting that is hard, we opt to just wipe _all_ eyre-originating
subscriptions from gall. We inspect the duct, which isn't good, but it's
only just this once.
2020-08-27 13:23:36 +02:00
Philip Monk
769b43d73a
clay: add comments and cleanup +find-merge-points 2020-08-26 18:32:20 -07:00
Philip Monk
9cd826f8f9
clay: make +find-merge-points faster
The main thing here is that we aggressively check whether we're in
ancestry of another mergebase candidate.  This means we don't have to do
a 2nd pass to eliminate redundant candidates.
2020-08-25 22:54:48 -07:00
Philip Monk
4468d79509
clay: expose mergebase as base-hash
Change the definition of base-hash to be the mergebase of %home with the
OTA source.  This means it's the most recent successfully-applied
update, which is usually the most important information.

Add sour-hash, which is the hash of the most recently *downloaded*
update, regardless of whether it applied successfuly (ie the old
base-hash).

Add a summary of the various hashes at the top of gen/trouble.
2020-08-25 20:25:39 -07:00
Philip Monk
f606d2e3d6
clay: cleaner no-op detection
Only no-op if the incoming commit's parent is the old head of the desk.
Also move the printing near the end so we can know exactly if anything
changed.
2020-08-25 18:15:06 -07:00
Philip Monk
d5596eb1a3
clay: if commit would be a no-op, don't commit it
fixes #3317
2020-08-25 16:24:36 -07:00
Philip Monk
d4c7f99bd6
Merge pull request #3217 from cmarcelo/code-reset
jael, eyre: Add a way to reset the web login code
2020-08-25 15:26:01 -07:00
Caio Marcelo de Oliveira Filho
92cf9d7c33 Merge branch 'master' into code-reset 2020-08-17 14:55:07 -07:00
Fang
22c66f9ac4
Merge pull request #3304 from ohAitch/patch-3
Fix {a/$foo} in type printing to [a=%foo]
2020-08-13 10:44:36 +02:00
Anton Dyudin
06262cb701
Fix {a/$foo} in type printing to [a/%foo]
Per longtime deprecation of modeless mold syntax.
2020-08-12 12:25:46 -07:00
Fang
2e7ea5cdb3
hoon: add +lead and +late
For tacking some head or tail onto some noun, respectively.
2020-08-09 16:15:17 +02:00
Caio Marcelo de Oliveira Filho
72b164ade2 eyre: Make %code-changed handling less chatty 2020-07-31 13:01:19 -07:00
Caio Marcelo de Oliveira Filho
df868e2c4f jael, eyre: Add a way to reset the web login code
Jael now stores a `step` that is combined with the original salt to
produce a new code.  A `%step` card is used to increment that value,
and effectively resetting the keys.  Because the first `step` is zero,
the first code is the same as before.

Eyre was changed to be notified with `%code-changed` so it can forget
old cookies, sessions and discard all the existing channels.

A new generator was added |code, that does both querying and
resetting the code

    |code             :: shows current code, step and help
    |code %reset      :: changes the code

The old +code generator still works correctly.
2020-07-31 11:35:48 -07:00
Philip Monk
48745e945a
Merge branch 'philip/ames-lane' (#3186)
* origin/philip/ames-lane:
  ames: fix lane discovery during some lane changes

Signed-off-by: Philip Monk <phil@pcmonk.me>
2020-07-30 13:33:29 -07:00
Philip Monk
a289615f8d
Merge branch 'philip/clay' (#3188)
* philip/clay:
  clay: fix ph tests
  clay: remove debugging printfs
  clay: rewrite new protocol
  clay: refactor over-the-wire protocol

Signed-off-by: Philip Monk <phil@pcmonk.me>
2020-07-30 13:30:16 -07:00
Philip Monk
3d1b7f2b35
clay: fix ph tests 2020-07-28 21:44:45 -07:00
Philip Monk
e29b7ea70a
Merge pull request #3124 from lukechampine/wtts-axis
hoon: fix wtts axis for simple wings
2020-07-27 18:01:47 -07:00
Joe Bryan
e0c3ce08c8 Merge branch 'master' into na-release/next-vere
* master: (915 commits)
  vere: bumps urbit version to v0.10.8
  pill: updates all
  king: fix ames tests
  contact-store: restore /~/default contacts
  contact-hook: resubscribe on correct paths
  u3: note that u3a_rewrit* doesn't yet support south roads
  king: it was too clever of me to use stateTVar; compiler can't help
  king: fix comment about ames q behavior
  king: ames bounded q, now with logging and fifo
  serf: tweaks |pack and |mass printfs
  u3: moves u3a_compact to u3m_pack, refactors internals
  metadata: handle OTA correctly
  u3: refactors u3m_reclaim() into noun modules, works on any road
  release: urbit-os-v1.0.30
  group-store: remove scries from OTA logic
  release: urbit-os-v1.0.30
  MAINTAINERS: amend for post-fusion
  ames: add scry endpoint for forward lanes
  ames: improve scry interface
  chat, publish, contacts: fix OTA bugs
  ...
2020-07-27 11:58:53 -07:00
Philip Monk
495a6cf004
clay: remove debugging printfs 2020-07-24 22:05:49 -07:00
Philip Monk
1d0409c4c4
ames: fix lane discovery during some lane changes
We used to not accept new indirect lanes if we already have a direct
lane.  This means that if Bob, with a publicly-accessible lane, changes
lanes (eg by restarting the process and getting a new port or changing
ip addresses), tries to talk to Alice, who is behind a NAT, then Bob
will try directly but fail (because Alice is behind a NAT), so he will
route the message through her galaxy.  This is good -- the message gets
to Alice.  However, Alice had a direct route to Bob's old lane, so she
will try to ack on that lane, which fails.  She will not time out this
lane because she doesn't know that Bob isn't getting the acks (acks
don't have their own acks).

The solution is that if Alice receives an indirect lane for Bob when she
already has a direct lane, she shouldn't ignore it.  If the lane is the
same as what she has, she shouldn't change anything (in particular, she
shouldn't mark it as indirect).  But if it's a new lane, she should
discard her old direct lane and use the new indirect lane.
2020-07-24 20:41:48 -07:00
Philip Monk
51983e5480
clay: rewrite new protocol
Use an explicit state machine to carefully manage pending downloads.
2020-07-24 00:20:22 -07:00
Philip Monk
553a9db843
clay: refactor over-the-wire protocol
Don't send blobs initially; instead, wait for the recipient to ask for
any they need.  This should significantly reduce network and memory usage.
2020-07-23 00:12:33 -07:00
Matilde Park
0d68f3f901 Merge branch 'release/next-sys' 2020-07-22 14:31:17 -04:00
Fang
d6a39c1311
Merge pull request #3059 from urbit/jb/m/behn-scry
arvo: ames & behn scry interface updates
2020-07-22 19:55:16 +02:00
Fang
3955d1092b
ames: add scry endpoint for forward lanes
Finds the lane for that peer, or their galaxy. Intended for use in the
runtime, to enable stateless forwarding.
2020-07-22 16:33:34 +02:00
Fang
4ea98e569f
ames: improve scry interface
No longer abuse the desk field, instead making use of the path. Reject
any scries outside of the local ship, empty desk and current time as
invalid.
2020-07-22 16:30:47 +02:00
Philip Monk
452b668c5f
Merge pull request #2972 from urbit/la/ordered-map-subset
zuse: add subset arm to ordered-map
2020-07-21 18:09:22 -07:00
Philip Monk
753ccf1b7e
Merge remote-tracking branch 'origin/ted/fix-huck' into release/next-sys 2020-07-21 17:08:01 -07:00
Fang
3eab480de7
Merge branch 'release/next-sys' into jb/m/behn-scry 2020-07-22 02:02:05 +02:00
Philip Monk
1169d6b443
clay: ignore extraneous /sys/lyv results 2020-07-21 15:42:46 -07:00
Logan Allen
f76759b9e0 zuse: added docstring and warning 2020-07-21 14:39:42 -07:00
Philip Monk
f4c34c7598
release: urbit-os-v1.0.29 2020-07-21 12:59:12 -07:00
Fang
d65148ea37
zuse: parse rfc2396 unreserved chars correctly
RFC2396 defines[1] unreserved characters as alphanumerics and nine "mark"
characters. We were only parsing for four of those, leading to parsing failure
for valid URLs.

[1]: https://tools.ietf.org/html/rfc2396#appendix-A
2020-07-19 17:58:19 +02:00
lukechampine
8b5097eb0f hoon: fix wtts axis for simple wings 2020-07-14 12:34:47 -04:00
matildepark
2ea019850e
Merge pull request #3105 from urbit/mp/destub-ver
eyre: remove stubbed version text
2020-07-09 16:53:12 -04:00
Fang
76b3ce8ef1
Merge pull request #3063 from urbit/m/drop-pole
zuse: make +drop-pole produce a unit
2020-07-09 18:06:15 +02:00
Fang
fa32d711fa
eyre: remove channel.js
Userspace has, rightfully, taken over the task of serving a js client for
eyre's channel API.
2020-07-09 00:15:51 +02:00
Logan Allen
64a30fea62 ordered-map: got %zuse to compile and all tests to pass 2020-07-08 15:07:14 -04:00
Ted Blackman
11a8e911be zuse,behn,gall: fix %huck and |reset 2020-07-08 02:08:27 -04:00
Matilde Park
eef149d46d eyre: remove stubbed version text
In replicating a mockup, the residual 'version' for OS1 has overstayed
its welcome as a stub. This commit
removes it.
2020-07-07 23:41:37 -04:00
Logan Allen
cd5840770e zuse: ordered-map subset style fixes 2020-07-07 19:19:47 -04:00
Logan Allen
4168344c3b zuse: added mop, a mold builder for ordered-maps 2020-07-07 19:19:47 -04:00
Logan Allen
04232e0ebe zuse: add subset arm to ordered-map 2020-07-07 19:19:47 -04:00
Philip Monk
935ffaaf23
eyre: give scry function to generators
In Ford Fusion, Clay builds generators but Dojo and Eyre run them.  Dojo
is already virtualized with a scry function, so +mule is fine, but Eyre
is not, so Eyre needs to use +mock and explicitly supply the scry
function.  This does that.  Fortunately, the produced result is simple
and easily clammable.

Fixes #3089
2020-07-02 23:30:17 -07:00
Philip Monk
37b9f854fd
eyre: give all args to generators
fixes #3082
2020-07-02 14:42:26 -07:00
Philip Monk
f3dede23d1
Merge pull request #3076 from urbit/philip/clay-print
kiln: Small fixes
2020-06-30 18:08:01 -07:00
Philip Monk
f4f1d0ab4b
clay: print conflicts 2020-06-30 15:24:42 -07:00
Philip Monk
51c5a74360
Merge remote-tracking branch 'origin/philip/jael-breach-restart' into release/next-sys 2020-06-29 19:25:13 -07:00
Philip Monk
e7e2c07d6f
clay: remove scaffolding 2020-06-29 14:30:33 -07:00
Philip Monk
40db8ea580
kiln: make otas continue even if they failed to apply 2020-06-29 13:25:10 -07:00
Ted Blackman
ede7105820 clay: flop syntax error trace 2020-06-29 11:01:23 -04:00
Fang
0ecd108f98
zuse: make +drop-pole produce a unit
Both +drop-list and +drop-map produce units instead of crashing. This makes
+drop-pole match that behavior, producing a unit of the resulting tuple.
2020-06-28 21:33:17 +02:00
Ted Blackman
f6171042ae arvo: use date instead of kelvin 2020-06-28 01:13:42 -04:00
Ted Blackman
7266b3f5c3 hoon: re-fix +slab; /tests: fix clay tests 2020-06-28 00:59:02 -04:00
Philip Monk
42de999024
kiln: don't implicitly create syncs
Also silence some spurious errors.
2020-06-26 19:21:09 -07:00
Philip Monk
0301838f25
Merge remote-tracking branch 'origin/release/next-sys' into ford-fusion 2020-06-26 17:46:25 -07:00
Fang
523acf2eaf behn: optimize bounded timers scry 2020-06-26 15:17:20 -07:00
Fang
fe87d69ad1 behn: improve scry interface
No longer abuse the desk field, instead making use of the path. Reject
any scries outside of the local ship, empty desk and current time as
invalid.

Expose ducts only under a debug endpoint, nothing else should care about
being able to inspect them.

Add scry endpoints for the very next timer (if any), and all timers up
to and including a specified timestamp.
2020-06-26 15:17:12 -07:00
Fang
b824d5bd70 arvo: allow the empty desk (%$) in scries
+slaw fails to parse empty strings as %tas, so we special-case it here.
2020-06-26 15:17:03 -07:00
Philip Monk
77df80d603
gall: don't make large stack trace 2020-06-26 09:20:17 -07:00
Ted Blackman
ef138bb007 ames: use +cut in +encrypt 2020-06-25 22:54:37 -04:00
Ted Blackman
3daecd8c1b Merge remote-tracking branch 'origin/fix-slab' into ford-fusion 2020-06-25 21:58:21 -04:00
Philip Monk
51c6faaa31
ford,kiln: nicer errors 2020-06-24 21:24:58 -07:00
Philip Monk
3a662881be
clay: don't be evil 2020-06-24 21:24:27 -07:00
Philip Monk
fc42bf6039
clay: special-case +run-pact for %hoon 2020-06-24 20:26:04 -07:00
Ted Blackman
154f153801 gall: fix routes in +ap-yoke 2020-06-22 21:37:17 -04:00
Ted Blackman
652dc70304 clay,dojo: clean up stack traces 2020-06-20 03:46:22 -04:00
Philip Monk
6ff9f75bb7
Merge remote-tracking branch 'origin/master' into ford-fusion 2020-06-19 14:52:18 -07:00
Ted Blackman
d1b4af89fe sys: s/mure/road 2020-06-19 00:44:17 -04:00
Philip Monk
7494bf57c6
clay: make reachable-takos linear instead of exponential
When merging, +reachable-takos is called roughly once per merge commit
in the ancestry of the new commit.  +reachable-takos was exponential in
the number of merge commits in the ancestry of the commit it's looking
at, due to mishandling of the accumulator.  This makes it linear.

Of course, linear x linear is still quadratic, which is not great.  I
doubt +reachable-takos can be made asymptotically better, but
+reduce-merge-points/+find-merge-points probably can.  50 merge commits
already gives about 14.000 iterations through the loop in
+reachable-takos.  Another option is to try to memoize this somehow, but
a simple ~+ is insufficient since `s` is usually different.

In local tests on macOS with a -L copy of ~wicdev-wisryt, this speeds up
OTAs significantly.  The majority of time was spent on this.
2020-06-18 18:56:31 -07:00
Fang
3ecb6f7154
Merge branch 'release/next-sys' into m/eyre-kill-channels 2020-06-18 22:34:22 +02:00
Fang
b2600f553c
Merge branch 'master' into m/eyre-kill-channels 2020-06-18 22:23:47 +02:00
Fang
8cb81370bb
Merge ford-fusion into m/eyre-scries 2020-06-18 20:23:06 +02:00
Ted Blackman
3914c0c0dd ota: works on my machine 2020-06-17 23:31:37 -04:00
Matilde Park
a65edb52cd Merge branch 'master' into feat/spa 2020-06-17 17:12:13 -04:00
Philip Monk
4e3aace970
Merge branch 'jb/aes-siv-fix' (#3013)
* origin/jb/aes-siv-fix:
  tests: updates aes-siv regression test comment
  pill: updates solid
  zuse: propagates fix to aes-128-siv and aes-192-siv as well
  Revert "test: disable aes-siv jets to demonstrate test failure"
  pill: updates solid
  zuse: fixes bug in aes-256-siv iv calculation (+s2vc:aes:crypto)
  test: disable aes-siv jets to demonstrate test failure
  test: add test case for aes-256-siv jet mismatch, observed in the wild

Signed-off-by: Philip Monk <phil@pcmonk.me>
2020-06-15 19:57:01 -07:00
Philip Monk
9410b4f66d
arvo: +mure is taken 2020-06-15 19:34:30 -07:00
Ted Blackman
1b1d7c9512 Merge remote-tracking branch 'origin/m/clay-fusion-markers' into ota-ford-fusion 2020-06-13 02:09:31 -04:00
Ted Blackman
879d846487 arvo: spam %vega on kernel reload 2020-06-13 01:50:12 -04:00
Joe Bryan
faa4956969 zuse: propagates fix to aes-128-siv and aes-192-siv as well 2020-06-12 22:21:19 -07:00
Philip Monk
90f3c7d2a1
clay: build reef to prime reef-cache on inital OTA 2020-06-12 21:40:32 -07:00
Philip Monk
0447ac1ee1
arvo: add dummy ford and fix whey scry 2020-06-12 21:40:13 -07:00
Philip Monk
21c0f77321
arvo: add +mure for compiling hoon/arvo
Also use +mure in clay for building cores
2020-06-12 21:38:50 -07:00
Joe Bryan
0ddeb6526b zuse: fixes bug in aes-256-siv iv calculation (+s2vc:aes:crypto) 2020-06-12 21:34:04 -07:00
Ted Blackman
8cf4e4bb38 gall: retry if agent fails first build 2020-06-13 00:16:09 -04:00
Philip Monk
4e466214e3
arvo: compile hoon/arvo in separate roads
Adds +mure to run a trap in a separate road.  This should eventually be
just a hint.

Vega was running inside a mule, but since +load was called within vega,
the new kernel was all run within the same mule, so it didn't actually
get to reclaim the space after hoon compiled.

We verified this with printfs in u3m_fall.  On the test ship (from
mainnet) which had 800MB used, vega was taking interior free space from
950MB to 450 over the course of compiling hoon, then each vane would go
from about 450 to 350 and then back to 450 once it finished (which
proves they were correctly isolated).  With this change, after hoon
compiles the free space goes back up to 950MB.  This gives us a lot more
space to compile OTAs.

We had to slightly refactor the logic for doubly-recompiling hoon, since
+mure as written produces a ?(!! _trap), and you can't find faces in the
result of the trap.  We could bake mure, but that's rather awkward.  I
wonder if there's a way to fix this as a wet gate.
2020-06-12 20:51:23 -07:00
Fang
ed09418f7f
Merge pull request #3000 from urbit/m/eyre-login-redirect
eyre: don't lose redirect upon failing login
2020-06-12 21:32:57 +02:00
Fang
dcbdf28cd1
Merge branch 'master' into m/eyre-scries 2020-06-12 15:29:10 +02:00
Philip Monk
05f0e47f68
ames: fix larval +load for fusion 2020-06-11 22:55:08 -07:00
Philip Monk
e34a1a2e61
arvo: filter old-arvo effects for %veer 2020-06-11 22:54:19 -07:00
Philip Monk
a3e15cd64c
clay: send notifications on vega 2020-06-11 19:41:22 -07:00
Fang
4ab55893bc
eyre: slightly better error pages 2020-06-12 02:13:13 +02:00
Fang
3c168eddb4
gall: do mark conversion in +ap-peek
Attempt to convert the scry result to the mark that was asked for,
failing the scry (with ~) if the conversion fails.

Eyre's scry logic, then, can pass the requested mark directly into gall.
2020-06-12 02:11:08 +02:00
Fang
b870466977
eyre: only allow authenticated GET scry requests
Lacking any other permissioning mechanism, we must simply reject
unauthenticated HTTP-scry requests for now.
2020-06-12 00:57:25 +02:00
Ted Blackman
8c6fd1406f gall: clean up state adapter using +any-agent 2020-06-11 18:21:52 -04:00
Philip Monk
895542b93e
Merge remote-tracking branch 'origin/master' into release/next-sys 2020-06-11 13:14:59 -07:00
Ted Blackman
d87d246232 gall: +load runs, +molt still fails 2020-06-11 16:07:54 -04:00
Fang
d20877e414
eyre: support %gx scries
Exposes a scry endpoint. Any requests made to the /app/scry.mark url
under the endpoint will scry into %app using a %gx scry, at the
/scry/noun path, and attempt to convert the scry result into the %mark,
before converting that into the %mime mark, and sending that as an http
response.
2020-06-11 01:45:05 +02:00
Fang
f1fab71d59
eyre: find sub-path for binding
In addition to producing the action bound for a given request, now also
produces the subset of the request url that comes _after_ the path at
which the binding has been established.

Will allow some bindings to more easily dispatch off the relevant part
of the url.
2020-06-11 01:42:21 +02:00
Fang
a4785458d1
eyre: don't lose redirect upon failing login
If we failed the password check, the login page served to us would never
include any redirect details, even if they were there in the original request.

Now we simply (attempt to) parse out the redirect field a little earlier.
2020-06-10 20:37:12 +02:00
Ted Blackman
db21fad4dd gall: WIP load-lost 2020-06-10 04:16:25 -04:00
Ted Blackman
a2b1b16f60 Merge branch 'ford-fusion' into ota-ford-fusion 2020-06-09 21:34:16 -04:00
Fang
0a32bcda35
Merge branch 'release/next-sys' into ford-fusion 2020-06-09 20:10:28 +02:00
Fang
6e8822ffb5
clay: resurrect ':' for file-change notifications
Instead of printing '+' for both additions and modifications.
2020-06-08 23:24:23 +02:00
Philip Monk
6344a8441d
jael: always restart subscription to breached ship 2020-06-05 17:59:31 -07:00
Philip Monk
c68b0e817a
gall: properly handle empty outstanding ack queue
Fixes #2977
2020-06-05 17:05:22 -07:00
Fang
90ef268a32
Merge branch 'release/next-sys' into m/eyre-kill-channels 2020-06-05 22:25:18 +02:00
Liam Fitzgerald
976da56ced Merge branch 'origin/lf/get-eyre-redirect' into feat/spa 2020-06-05 11:11:37 +10:00
Philip Monk
80ead610ea
Merge remote-tracking branch 'origin/master' into release/next-sys 2020-06-04 17:52:42 -07:00
Liam Fitzgerald
3ff99b0d7f Merge branch 'origin/lf/get-eyre-redirect' into release/next-sys 2020-06-05 10:41:15 +10:00
Fang
b54dc7cd34
eyre, zuse: expire channels with their sessions
Associates channels with the authentication sessions that opened them,
and deletes the channel when its associated session expires.

Also updates the debug dashboard to display channel counts per session.
2020-06-05 00:22:39 +02:00
Fang
68491420d2
eyre: refactor %delete to reuse timeout logic
Turns +on-channel-timeout into +discard-channel, which cleans up the
entirety of the channel, based on its current state. This allows us to
simplify the %delete channel request into a simple function call.
2020-06-05 00:20:06 +02:00
Liam Fitzgerald
b553d57c29 eyre: 303 redirect on successful login
Changes the HTTP status code of the redirect that occurs upon a
successful login from 307 to 303. 307 preserves the method of the
original request, so the redirected request is a POST. With the new SPA,
this causes a 404 as app/file-server validates the method of the
request, something that did not happen in earlier versions of landscape.
303 instead changes the method to always produce a GET request.
2020-06-04 15:09:00 +10:00
Fang
a66cfc31da
eyre: fake duct for on-load logout binding
Empty duct is considered not good.
2020-06-03 14:29:13 +02:00
Fang
6e3284feac
eyre: use 303 to redirect to login post-logout
This ensures the client sends a GET request, which is more appropriate.
2020-06-03 14:28:30 +02:00
Ted Blackman
3834860410 clay: state adapter, still needs :goad 2020-06-03 03:00:45 -04:00
Philip Monk
8b78f04dd3
Merge remote-tracking branch 'origin/master' into ford-fusion 2020-06-02 21:50:20 -07:00
Fang
4d93349402
eyre: provide logout endpoint
Set up, by default, on /~/logout.

Sending a POST request to this expires the current session and redirects
to the login page. If the "all" key is set in the request body, expires
all open sessions.
2020-06-03 01:40:32 +02:00
Philip Monk
818d2231f6
ames: remove jumbo packets 2020-06-02 14:13:28 -07:00
Philip Monk
84b8a67e47
clay: handle reefs for non-home desks
We build a reef for each desk but use the compiler from our kernel.  At
some point we should use the compiler from the desk, but then we need to
validate any results we get from it.
2020-06-01 20:52:20 -07:00
Fang
574b05a88a
Merge pull request #2959 from urbit/m/eyre-cookies
eyre: augmented cookie handling
2020-06-01 22:11:57 +02:00
Ted Blackman
b191636276 clay: WIP reef building 2020-06-01 12:56:21 -04:00
Fang
750ff6e5e1
eyre: respect "forwarded" header from localhost
For request transparency, HTTP proxies may set the Forwarded header to
specify who the original requester is.

For requests from localhost only, we make Eyre respect the Forwarded
header, and adjust the handled ip address accordingly.

Note that we do not support X-Forwarded or other non-standard variants.
The header remains in the request, so server applications can handle
them as desired.

Fixes #2723.
2020-05-31 17:45:22 +02:00
Fang
a87000149d
zuse: add parsers for http header field values
Multi-value format as used by some headers.

Also updates pill with recent zuse changes.
2020-05-31 17:45:20 +02:00
Fang
b1daaec7bf
zuse: add parsers for ip addresses
Parses into +address:eyre.
2020-05-31 17:45:18 +02:00
Fang
63c26151a3
eyre: extend session duration on-use
When sending a response to an authenticated request, update the session
to last for +session-timeout again, and send an updated cookie to match.

Assuming the user makes an actual HTTP request at least once a week,
this will make sure they don't get logged out automatically. Simply
keeping a channel open, unfortunately, doesn't count.
2020-05-30 02:29:20 +02:00
Fang
a51d93326a
eyre: clean up old +load code
Removes pre-breach state adapter logic and touches up code style.
2020-05-29 15:33:22 +02:00
Fang
00e3159287
eyre: clear expired sessions/cookies from state
Instead of setting a timer for every session, we set a single expiry
timer when the first session is created. On the subsequent wake event,
we clear all cookies that have expired at that time, then set a timer
for when the next session expires.

This approach gives us flexibility wrt sessions going forward, allowing
extending or early deleting of sessions without having to care about the
related timers.

Note that in +load, we clear all existing sessions. We would start the
expiry timer flow there, but can't. Forcing the user to login again
post-ota once isn't the end of the world.
2020-05-29 15:28:44 +02:00
Philip Monk
18e396cf53
release: urbit-os-v1.0.20
Previous urbit-os-v1.0.20 was not released
2020-05-28 18:43:20 -07:00
Philip Monk
d49e8adc08
Merge remote-tracking branch 'origin/philip/behn-fix' into release/hotfix
behn: fix +unset-timer
2020-05-28 18:37:39 -07:00
Philip Monk
3ab618e234
behn: fix +unset-timer
It was throwing away timers sometimes if you cancelled a timer at the
same date as other timers.
2020-05-28 17:09:25 -07:00
Philip Monk
0cfee46fa8
jael: send breach notifications in order
See #2952 for details
2020-05-28 15:24:19 -07:00
Philip Monk
1be5411c75
jael: don't notify breach on initial update to ship
See #2952 for details
2020-05-28 14:38:07 -07:00
Philip Monk
c20cd29932
jael: look for correct wire
We inspect the wire of our subscriber to see if we need to produce the
result as a %public-keys or a %boon.  This is bad -- we should proxy the
subscription to avoid this need, but this doesn't make that change yet.

%pubs is an old name that doesn't exist anymore (last existed around
September 2019).  The new version is /public-keys, but it's worked so
far because /public-keys has only one item in the path, so it missed the
conditional.  This commit makes the intent more clear.

The [%a @ @ *] could be just [%a @ *], but I leave it to reduce the
chance of breaking stuff.
2020-05-28 14:27:08 -07:00
Philip Monk
0642cc5861
ames: add |ames-wake
Somehow we ended up with flows which expected to awaken but did not wake
up.  This was likely caused by the error in r920j OTA, urbit-os-v1.0.18.

This adds a command which ensures that every flow has an active timer.
I expect this to be needed only once, but it's a pretty general tool, so
it's worth keeping.

I've included an unused @t parameter to more easily add simple debug
commands to ames without having to add a new task
2020-05-28 10:28:31 -07:00
John Franklin
2bc6bdad8d hoon: lob/rob to kel/ker 2020-05-28 08:31:11 -05:00
John Franklin
9d8730a833 hoon: leb/reb to kel/ker 2020-05-28 07:20:04 -05:00
John Franklin
510fb6b394 hoon: bat/net to bas/fas 2020-05-28 06:58:18 -05:00
John Franklin
250f4e3130 hoon: lac/rac to sel/ser 2020-05-28 06:14:23 -05:00
John Franklin
413c5682b6 hoon: lit/rit to pal/par 2020-05-28 05:31:50 -05:00
John Franklin
fdb03c1f7d hoon: led/ban to gal/gar 2020-05-28 04:46:13 -05:00
John Franklin
a75cd8c85c hoon: yel to doq 2020-05-28 04:01:25 -05:00
John Franklin
b9027100af hoon: toc to doq 2020-05-28 03:38:08 -05:00
John Franklin
51bd4a95f8 hoon: say to soq 2020-05-28 03:17:41 -05:00
John Franklin
6c8e3b1c92 hoon: vat to pat 2020-05-28 02:45:04 -05:00
John Franklin
bc46e26a5d hoon: pad to pam 2020-05-28 02:06:00 -05:00
John Franklin
ba51e2391c hoon: tec to tic 2020-05-28 01:44:36 -05:00
John Franklin
1d8624cd74 hoon: bus to buc 2020-05-28 00:50:45 -05:00
John Franklin
4ce25c5d9f hoon: add doq, kel, ker, pal, pam, par, pat, sel, ser, soq, tic
update "XX deprecated" comments to match:
      https://urbit.org/docs/tutorials/hoon/hoon-syntax/#reading-hoon-aloud
      restore mnemonics
2020-05-27 22:26:59 -05:00
Philip Monk
472ad18c90
behn: already deleted, don't need to do it again 2020-05-27 18:47:50 -07:00
Philip Monk
86fb78d933
Merge remote-tracking branch 'origin/ted/behn-same-date' into release/hotfix 2020-05-27 18:36:10 -07:00
Philip Monk
ff01a1ea04
ames: don't set new timer if we woke up too early
Otherwise if we end up having multple outstanding timers, they never
coalesce to a single timer.
2020-05-27 17:38:18 -07:00