Commit Graph

31795 Commits

Author SHA1 Message Date
Joe Bryan
657c5c5a03 pill: update +solid formulas to be more static 2022-09-06 11:04:46 -04:00
Joe Bryan
f91c6c54db arvo: update bootstrap/lifecycle formulas to be fully static 2022-09-06 11:03:21 -04:00
Tinnus Napbus
27349c51ab eyre: add auto-https redirects
if a cert is configured and a secure port is live it will set the
redirect flag in http-config.state.

When it gets a ++request it will return a 301 redirect to
https://[host]/[path] if:

  1. not already secure
  2. redirect flag set
  3. secure port live
  4. is not requesting /.well-known/acme-challenge/...
  5. the host is in domains.state

It will not happen if forwarded-secured, localhost, local loopback, ip
addresses or domains not in domains.state.

in ++load it checks the secure port is live and a cert is set and
enables it if so (for people who already use in-urbit letencrypt)

%rule %cert tasks also toggle it (only turning it on if secure port
live)

%live tasks also toggle it (only turning it on if cert set)

Have tested with a couple of ships and seems to work fine.

This is useful in combination with pyry's auto arvo.network dns config
system - can finally get rid of reverse proxies entirely.
2022-09-04 02:58:09 +12:00
Philip Monk
8884e7dfbc kiln: make compile 2022-09-02 16:51:39 -08:00
Philip Monk
093f0ae9de Merge branch 'philip/inline-thread' into philip/agent-clay-wip 2022-09-01 19:03:17 -08:00
Mackenzie Davidson
4174fd6829 interface: full width images for notebook posts 2022-08-31 18:08:07 -04:00
Philip Monk
3aea8220bc kiln: add +sync 2022-08-30 18:32:31 -08:00
fang
53cc33b291
eyre: look for lowercase last-event-id header
Eyre always gets passed request headers in lowercase, so we should search for
the lowercased version of the header.

Arguably `+get-header` should lowercase keys before comparing them, but that's
a more serious behavioral change.
2022-08-30 16:44:11 +02:00
Philip Monk
e3a8cab943 khan: support inline threads
This allows you to pass a thread directly into khan, instead of passing
a filename.  This has several implications:

- The friction for using threads from an app is significantly lower.
  Consider:

    =/  shed
      =/  m  (strand ,vase)
      ;<  ~  bind:m  (poke:strandio [our %hood] %helm-hi !>('hi'))
      ;<  ~  bind:m  (poke:strandio [our %hood] %helm-hi !>('there'))
      (pure:m !>('product'))
    [%pass /wire %arvo %k %lard %base shed]

- These threads close over their subject, so you don't need to parse
  arguments out from a vase -- you can just refer to them.  The produced
  value must still be a vase.

    ++  hi-ship
      |=  [=ship msg1=@t msg2=@t]
      =/  shed
        =/  m  (strand ,vase)
        ;<  ~  bind:m  (poke:strandio [ship %hood] %helm-hi !>(msg1))
        ;<  ~  bind:m  (poke:strandio [ship %hood] %helm-hi !>(msg2))
        (pure:m !>('product'))
      [%pass /wire %arvo %k %lard %base shed]

- Inline threads can be added to the dojo, though this PR does not add
  any sugar for this.

    =strandio -build-file %/lib/strandio/hoon
    =sh |=  message=@t
        =/  m  (strand:rand ,vase)
        ;<  ~  bind:m  (poke:strandio [our %hood] %helm-hi !>('hi'))
        ;<  ~  bind:m  (poke:strandio [our %hood] %helm-hi !>(message))
        (pure:m !>('product'))
    |pass [%k %lard %base (sh 'the message')]

Implementation notes:
- Review the commits separately: the first is small and implements the
  real feature.  The second moves the strand types into lull so khan can
  refer to them.

- In lull, I wanted to put +rand inside +khan, but this fails to that
  issue that puts the compiler in a loop.  +rand depends on +gall, which
  depends on +sign-arvo, which depends on +khan.  If +rand is in +khan,
  this spins the compiler.  The usual solution is to either move
  everything into the same battery (very ugly here) or break the
  recursion (which we do here).
2022-08-29 21:04:50 -08:00
Philip Monk
0e14eedb50 spider: accept inline threads 2022-08-29 20:09:08 -08:00
Philip Monk
4bef3277d5 azimuth: remove :azimuth|kick 2022-08-29 10:57:47 -08:00
Philip Monk
fa569cf7f3 kiln: wip 2022-08-29 10:53:36 -08:00
DaneBettis
8c06d19258 simplified xray callsites and rendering 2022-08-26 13:33:36 +00:00
Philip Monk
9a4d754429 clay: add +tire subscription for app state 2022-08-25 19:13:51 -08:00
Philip Monk
1ce53d06ba gall: don't add duplicate nonce in +ap-nuke
This gets added in +ap-handle-peers.  This caused outgoing subscriptions
to not get cleaned up properly.

Issue introduced in c2d77a5d.
2022-08-25 13:29:51 -08:00
fang
ab75e83398
gall: don't enqueue %cork as outstanding
Ames will no longer send acks. Consider it completed immediately, and
clean up the outstanding queue whenever it's empty.
2022-08-25 18:14:40 +02:00
fang
0e5b3b4107
ames: don't give %done on cork
Locally, %cork is guaranteed to succeed instantly. The requesting vane
doesn't need an ack to safely consider the flow "closed".
2022-08-25 18:13:29 +02:00
Ted Blackman
5fb20a57cb tests: give %cork ack to gall 2022-08-25 16:36:14 +03:00
Ted Blackman
9b2f95b7b3 ames: revert added debug print 2022-08-25 16:36:14 +03:00
Ted Blackman
80c5172490 tests: check for correct subscription nonce 2022-08-25 16:36:14 +03:00
Ted Blackman
5ee16c38a1 tests: ames+gall full subscribe+clog+kick+resubscribe sequence 2022-08-25 16:36:14 +03:00
Ted Blackman
f558ad4348 tests: more steps, subscriber ames now sends %cork 2022-08-25 16:36:14 +03:00
Ted Blackman
59d71ecbc9 tests: remove defunct test library 2022-08-25 16:36:14 +03:00
Ted Blackman
e37f738573 /lib/test: add +expect-success helper 2022-08-25 16:36:14 +03:00
Ted Blackman
15861150ba /lib/test/ames-gall: clean up lanes 2022-08-25 16:36:14 +03:00
Ted Blackman
c67a358308 tests: helper core to avoid repeated metamorphoses 2022-08-25 16:36:14 +03:00
Ted Blackman
94cb3952b7 tests: subscriber ames gets kick 2022-08-25 16:36:14 +03:00
Ted Blackman
0b2ba509c3 tests: gall and ames give kick over network 2022-08-25 16:36:14 +03:00
Ted Blackman
c301930fac tests: give %kick from %clog 2022-08-25 16:36:14 +03:00
Ted Blackman
59c5aa0b2a tests: give %clog to gall 2022-08-25 16:36:14 +03:00
Ted Blackman
c0adf6c25c tests: %watch to %watch-ack codepath complete 2022-08-25 16:36:14 +03:00
Ted Blackman
cfdf4d8467 tests: fix 2022-08-25 16:36:14 +03:00
Ted Blackman
583dd42747 tests: ames receives %watch-ack 2022-08-25 16:36:14 +03:00
Ted Blackman
01f761d07a tests: receiver ames sends %watch-ack packet 2022-08-25 16:36:14 +03:00
Ted Blackman
4518cf4838 tests: receiver gall gives %done to ames 2022-08-25 16:36:14 +03:00
Ted Blackman
becb1d7f18 tests: gall runs %pub +on-watch 2022-08-25 16:36:14 +03:00
Ted Blackman
52637ea2fe tests: ames passes %watch to gall on receiver, gall emits %deal to itself 2022-08-25 16:36:14 +03:00
Ted Blackman
1f9e04ab1c tests: ames sends %watch %plea 2022-08-25 16:36:14 +03:00
Ted Blackman
e2e4a102e8 tests: ~nec gall passes %watch to itself 2022-08-25 16:36:13 +03:00
Ted Blackman
3fdc7379a2 tests: get %sub agent to emit %watch 2022-08-25 16:36:13 +03:00
Ted Blackman
317f03e337 tests: test galls can now load %sub and %pub agents 2022-08-25 16:36:13 +03:00
Ted Blackman
c48c2f4b6a /lib/test: add +run-chain for test sequences 2022-08-25 16:36:13 +03:00
Ted Blackman
f2b85df948 tests: initial setup for gall and ames on two ships 2022-08-25 16:36:13 +03:00
Ted Blackman
81bfe17f37 tests: WIP gall request queue tests 2022-08-25 16:36:13 +03:00
fang
81462da7aa
ames: clean & re-set recork timer during %stir
Pre-release ships may have multiple recork timers. This ensures that,
after stir, we always have exactly one.
2022-08-25 14:42:16 +02:00
fang
0871c24e24
ames: bump recork timer back up to a day
We had lowered this initially for easier testing, but a day should be
sufficient for real-world use.
2022-08-25 14:11:45 +02:00
fang
b2422030f7
ames: correctly identify stale routes 2022-08-25 13:41:55 +02:00
fang
eee0484909
tests: expect new %sessions gift in eyre tests
Also adds a dedicated %born test to check if it sends a %sessions gift,
and refactors %init and %born running into separate arms to cut down on
repetition.
2022-08-24 20:16:14 +02:00
fang
aa20b55598
http: check requests for auth using eyre's tokens
Accept the newly added %session effect. Store the tokens received in it,
and refer back to them when checking requests for authentication.

Adds logic for checking requests for authentication based on the
presence of a valid urbauth cookie for the host ship, and updated the
slogstream endpoint to use that instead of the scry-based authentication
check.
2022-08-24 00:41:35 +02:00
fang
9c3c2b13c7
eyre: send valid auth tokens to the runtime
Whenever a session gets created or removed, send the set of valid auth
tokens to the runtime, so that it may use them in determining whether
incoming requests are authenticated or not.
2022-08-24 00:34:08 +02:00