Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: read proxy origin from QubesDB when available; otherwise environment #1895

Closed
wants to merge 27 commits into from
Closed

feat: read proxy origin from QubesDB when available; otherwise environment #1895

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
321fc9a
docs: diagram request/response flow across qrexec and proxy APIs
cfm Nov 16, 2023
e40eefb
Rewrite proxy in Rust, with v2 behavior
cfm Nov 17, 2023
6a78dcf
Test Rust proxy
legoktm Dec 4, 2023
fce59ed
Integrate proxy v2 into SDK
legoktm Jan 6, 2024
20c7035
Refactor and update SDK tests to use lightweight VCR interface
cfm Jan 31, 2024
dd37b00
Add `make regenerate-sdk-cassettes` and use in SDK CI
cfm Feb 1, 2024
7d4f3c2
Build Rust code in package
legoktm Feb 12, 2024
8084a2b
Start setting up real cargo-vet config
legoktm Feb 12, 2024
669deac
Install Rust in proxy test runs and build
legoktm Feb 21, 2024
2c5b29d
Switch functional tests to use custom VCR setup
legoktm Feb 29, 2024
cc76caf
Remove Python implementation of proxy
legoktm Feb 20, 2024
4bbdd6e
Some Rust audits
legoktm Mar 1, 2024
3c1df77
fixup! docs(readme): document current flow from freedomofpress/secure…
cfm Mar 4, 2024
5161952
Remove requests dependency
legoktm Mar 5, 2024
a99e6a3
Review some crates
legoktm Mar 7, 2024
9aa2290
Another Rust audit
legoktm Mar 7, 2024
59564da
feat(read): split implementation on "qubesdb" feature
cfm Mar 1, 2024
1fec128
build(cargo): "qubesdb" feature generates bindings for libqubesdb
cfm Mar 1, 2024
185a843
feat(read): read origin from QubesDB
cfm Mar 7, 2024
6e17717
style: expect() messages are SHOULD statements
cfm Mar 7, 2024
59259fd
docs(readme): document environment versus QubesDB configuration
cfm Mar 7, 2024
4853d4b
Build securedrop-proxy package with qubesdb integration
legoktm Mar 11, 2024
a615d80
fix(read): explicitly handle qbd_read() = NUL
cfm Mar 11, 2024
238a3f5
refactor(read): return Result; minimize unsafe; naming conventions
cfm Mar 11, 2024
8c477b7
docs(read): safety
cfm Mar 11, 2024
b132932
refactor: factor out config implementations for conditional compilation
cfm Mar 11, 2024
14873c6
build(cargo): generate QubesDB bindings only for "qubesdb" feature
cfm Mar 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@ jobs:
PKG_DIR=../client make -C securedrop-builder requirements
PKG_DIR=../export make -C securedrop-builder requirements
PKG_DIR=../log make -C securedrop-builder requirements
PKG_DIR=../proxy make -C securedrop-builder requirements
git config --global --add safe.directory "$GITHUB_WORKSPACE"
git diff --ignore-matching-lines=# --exit-code

Expand Down
6 changes: 4 additions & 2 deletions .github/workflows/sdk.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,9 @@ jobs:
wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz &&
tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz &&
rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
- name: Build proxy
run: |
cargo build
- name: Run tests without VCR cassettes
run: |
# Start the server in the background
Expand All @@ -38,5 +41,4 @@ jobs:
# Wait for server to come up
dockerize -wait http://127.0.0.1:8080 -timeout 5m
# Run tests
rm client/tests/sdk/data/*.yml
make -C client test-sdk
make -C client regenerate-sdk-cassettes
12 changes: 6 additions & 6 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,18 +22,18 @@ jobs:
debian_version:
- bullseye
- bookworm
# bookworm jobs are failing and will be
# replaced with proxy v2 shortly, so skip
# https://github.com/freedomofpress/securedrop-client/issues/1681
exclude:
- component: proxy
debian_version: bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make gnupg
- name: Install Rust-specific dependencies
run: apt-get install --yes build-essential curl libssl-dev pkg-config
if: ${{ matrix.component == 'proxy' }}
- uses: actions/checkout@v4
# Install Rust 1.74.1, keep in sync with rust-toolchain.toml
- uses: dtolnay/rust-toolchain@aec8960fc037f3ba5dd7773fd5b938a0ab22c50f
if: ${{ matrix.component == 'proxy' }}
- name: Install dependencies
run: |
source /etc/os-release
Expand Down
Loading
Loading