Commit Graph

1162 Commits

Author SHA1 Message Date
Jean-Paul Calderone
acf541a0be try to make the example more useful 2018-05-22 09:08:59 -04:00
Jean-Paul Calderone
504452f1fd clean up description of certificate validity period 2018-05-22 09:00:30 -04:00
Jean-Paul Calderone
ab37b5eabb clean up the description of the tls usage 2018-05-22 09:00:10 -04:00
Jean-Paul Calderone
65103445ea secrecy is the kind of security we're talking about here 2018-05-22 08:43:19 -04:00
Jean-Paul Calderone
97176e88d4 but it is part of this proposed solution 2018-05-22 08:43:12 -04:00
Jean-Paul Calderone
bf305b91e4 HTTP *per se* is not a requirement 2018-05-22 08:42:55 -04:00
Jean-Paul Calderone
5ede9662bb fix typo 2018-05-22 08:42:39 -04:00
Jean-Paul Calderone
44afc1de03 talk about a non-security requirement! 2018-05-22 08:42:28 -04:00
Jean-Paul Calderone
ff48e67418 flop some heading levels around 2018-05-22 08:42:16 -04:00
Jean-Paul Calderone
c321c937f6 copy edits and another option for tubID length 2018-05-22 08:27:31 -04:00
Jean-Paul Calderone
b73e95ec30 discuss protocol identification 2018-05-22 08:27:24 -04:00
Jean-Paul Calderone
17ae8a191b I like it 2018-05-22 08:27:15 -04:00
Jean-Paul Calderone
4592bf3de2 wip - more edits of the security material & transition plan 2018-05-21 16:23:53 -04:00
Jean-Paul Calderone
176732dcaf gotta announce the new fURL sometime 2018-05-21 14:59:46 -04:00
Jean-Paul Calderone
16076f9bd7 be explicit about the security goals being achieved 2018-05-21 14:59:28 -04:00
Jean-Paul Calderone
11184939e8 It's SPKI not public key 2018-05-21 14:59:10 -04:00
Jean-Paul Calderone
fa4384e36e add a security summary (noting foolscap features)
also, expanded discussion.
2018-05-21 14:14:53 -04:00
Jean-Paul Calderone
cea0ae8004 tahoe-lafs is already good at redundant storage 2018-05-21 14:14:39 -04:00
Jean-Paul Calderone
4626a09224 elaborate on reputation-based assumptions 2018-05-21 13:31:16 -04:00
Jean-Paul Calderone
931ffec005 semantic newlines 2018-05-21 13:31:10 -04:00
meejah
fb9317ed80 change versions in INSTALL 2018-05-18 14:41:48 -06:00
Jean-Paul Calderone
d09b613d59 make mutable and immutable read the same 2018-05-18 15:45:22 -04:00
Jean-Paul Calderone
f4b59b166d no more int-key mappings 2018-05-18 13:08:13 -04:00
Jean-Paul Calderone
3898911fcc consistent title levels 2018-05-18 13:07:18 -04:00
Jean-Paul Calderone
f09ed91ab6 collapse these two APIs, they are the same
also add mutable .../shares listing
2018-05-18 13:01:57 -04:00
Jean-Paul Calderone
9388903515 need a way to advise of corrupt mutable shares 2018-05-18 13:01:45 -04:00
Jean-Paul Calderone
c6a8e4535c mount this beneath the storage index resource 2018-05-18 13:01:19 -04:00
Jean-Paul Calderone
69195e0a5a maybe we don't even want Range 2018-05-18 13:01:10 -04:00
Jean-Paul Calderone
6c664d69a8 consistent non-abbreviation 2018-05-18 13:01:03 -04:00
Jean-Paul Calderone
9402698918 Harmonize hyphens 2018-05-18 11:11:04 -04:00
Jean-Paul Calderone
943b389d77 Banish slots and deemphasize buckets 2018-05-18 11:09:17 -04:00
Jean-Paul Calderone
3ef1ceeead markup 2018-05-18 09:13:57 -04:00
Jean-Paul Calderone
dd78fe81d0 note the failure case 2018-05-18 09:05:46 -04:00
Jean-Paul Calderone
fb51c1df40 correct the sample code 2018-05-18 09:05:37 -04:00
Jean-Paul Calderone
00ae3b5663 discuss encoded hash length 2018-05-18 09:05:25 -04:00
Jean-Paul Calderone
d3f9ee2406 link to a different upload resume strategy 2018-05-17 15:09:50 -04:00
Jean-Paul Calderone
113af95984 when you are sending a range, you use Content-Range
when you are _asking_ for a range, you use Range
2018-05-17 15:08:03 -04:00
Jean-Paul Calderone
2bbe51a01d Discuss Range requests for uploads 2018-05-17 14:11:37 -04:00
Jean-Paul Calderone
d011c2f936 rst twiddles 2018-05-17 14:11:32 -04:00
Jean-Paul Calderone
eb9b44885e simple naming mistake
this must be a different endpoint or it is ambiguous with bucket
interactions.  plus it makes more sense that "place where storage
indexes are" is different from "place where buckets are" although I
am still uncomfortable with the idea that "storage indexes" are things
and not ... indexes ...
2018-05-17 14:01:46 -04:00
Jean-Paul Calderone
4e99f22c2b make containers plural I suppose 2018-05-17 14:01:36 -04:00
Jean-Paul Calderone
1d3f9715f8 trivial json markup fix 2018-05-17 14:01:18 -04:00
Jean-Paul Calderone
5fa71484e3 call out the base32/base64 mismatch 2018-05-16 10:16:58 -04:00
Jean-Paul Calderone
67ff44039f add values to the example 2018-05-16 09:49:58 -04:00
Jean-Paul Calderone
4bed6363a3 be specific about public key comparison 2018-05-16 09:49:48 -04:00
Jean-Paul Calderone
4ad5b5ab46 address slots 2018-05-15 16:00:40 -04:00
Jean-Paul Calderone
c824bcd8b2 make the share a logical child of the bucket? 2018-05-15 15:28:03 -04:00
Jean-Paul Calderone
6d84cd8179 these are gone 2018-05-15 15:27:53 -04:00
Jean-Paul Calderone
178cb58a57 dunno how much the risk is elevated 2018-05-15 15:27:33 -04:00
Jean-Paul Calderone
6b72750397 reduce verticality 2018-05-15 15:27:26 -04:00
Jean-Paul Calderone
5f88cd0687 rework the security section 2018-05-15 15:16:01 -04:00
Jean-Paul Calderone
357820357c front matter 2018-05-15 15:04:20 -04:00
Jean-Paul Calderone
465489fd0b re-organize 2018-05-15 14:48:42 -04:00
Jean-Paul Calderone
23242266dc consistent style 2018-05-15 14:16:02 -04:00
Jean-Paul Calderone
a3d4edca7d retrieve server version and info 2018-05-15 10:10:21 -04:00
Jean-Paul Calderone
73d903ad96 client-selected resource identifier -> PUT 2018-05-15 09:42:20 -04:00
Jean-Paul Calderone
5b35f591f1 write share data 2018-05-15 09:42:10 -04:00
Jean-Paul Calderone
b6572e2856 clear now they are not necessarily consecutive 2018-05-15 09:41:45 -04:00
Jean-Paul Calderone
599bf074e3 more spurious indentation 2018-05-15 09:07:58 -04:00
Jean-Paul Calderone
8e9ba52118 spurious indentation 2018-05-15 09:07:07 -04:00
Jean-Paul Calderone
53dce7eafc first pass over read and write api 2018-05-14 15:58:21 -04:00
Jean-Paul Calderone
c612fb7075 initial pass over security section 2018-05-14 14:30:34 -04:00
Jean-Paul Calderone
b9939f7d4d link to inotify wikipedia page 2018-04-20 14:42:33 -04:00
Jean-Paul Calderone
6fd1f12a3c doc improvements related to the storage dir 2018-03-19 15:28:44 -04:00
Ruben Pollan
136de7d7f7 Add storage_dir config field
On the [storage] section of the tahoe.cfg now there is a field
'storage_dir' where the path to the storage folder can be configured.
2018-03-19 11:20:04 -04:00
meejah
0b25cad71e documentation fixups from daira's review 2018-02-06 15:28:02 -07:00
meejah
1171bf13af ticket #2882: preserve user mtime 2018-02-06 15:27:56 -07:00
tpltnt
c3a91376f3 added link to RFC 822 2018-01-06 15:12:16 +01:00
tpltnt
a6655040b2 added link tp ConfigParser documentation 2018-01-06 15:10:30 +01:00
tpltnt
1896335eda added link to wikipedia article on ini file format 2018-01-06 15:08:33 +01:00
Brian Warner
097abb42fa tahoe.cfg: add tub.port=listen:i2p (and/or listen:tor)
This delegates the construction of the server Endpoint object to the i2p/tor
Provider, which can use the i2p/tor section of the config file to add options
which would be awkward to express as text in an endpoint descriptor string.

refs ticket:2889 (but note this merely makes room for a function to be
written that can process I2CP options, it does not actually handle such
options, so it does not close this ticket yet)
2017-11-03 00:24:46 -07:00
meejah
9375056b61 Split up startstop_node and add 'tahoe daemonize'
This sets the stage for further changes to the startup
process so that "async things" are done before we create
the Client instance while still reporting early failures
to the shell where "tahoe start" is running

Also adds a bunch of test-coverage for the things that got
moved around, even though they didn't have coverage before
2017-09-19 10:39:19 -06:00
Gordon Hall
593ebdfb07 add note about using docker compose to running docs 2017-09-19 09:25:39 -07:00
AnBuKu
e453761a0b Time goes by :-)
See https://packages.debian.org/source/stretch/tahoe-lafs
2017-09-18 07:27:09 +02:00
meejah
798bf57e28 Add 'tahoe invite' and 'tahoe create-node --join' commands
This opens a wormhole and sends appropriate JSON down
it to a tahoe-gui using a wormhole server running on
tahoe-lafs.org

The other end uses the 'tahoe create-node' command (with
new --join option) to read the configuration JSON from
a 'tahoe invite' command
2017-08-08 18:27:06 -06:00
Jean-Paul Calderone
1f16a173f0 flatten the result structure
flat is better than nested
2017-07-27 15:32:47 -04:00
Jean-Paul Calderone
e0ee726d22 Update to the format the code now actually produces 2017-07-27 15:28:29 -04:00
Jean-Paul Calderone
780a932122 consistent markup 2017-07-27 15:26:30 -04:00
Jean-Paul Calderone
7b88cf376b remove duplicate "above" 2017-07-27 15:26:30 -04:00
Jean-Paul Calderone
cc0e6ea6f9 typo fix 2017-07-27 15:26:30 -04:00
David Stainton
2006e6ae41 docs: add explaination of json welcome fields 2017-07-27 15:26:29 -04:00
David Stainton
a87822e66b Add note about json welcome page to api docs 2017-07-27 15:26:29 -04:00
Brian Warner
705dc856eb grammatical improvements 2017-06-06 11:28:23 +01:00
Daira Hopwood
eb1b51e263 Clean up some remaining obsolete terminology. refs #2345
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-06-06 11:20:49 +01:00
Daira Hopwood
2055a66cf2 Doc changes that require more careful review. refs #2345
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-06-06 11:20:49 +01:00
Daira Hopwood
4723af6e2f LAFS now stands for "Least-Authority File Store" rather than "Least-Authority File System". refs #2345
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2017-06-06 11:20:49 +01:00
Brian Warner
bc34556e1a INSTALL.rst: reorder deps 2017-06-06 10:26:11 +01:00
ValdikSS
718835e08c Update INSTALL.rst 2017-06-06 10:25:21 +01:00
meejah
05f48c3601 Various cleanups, fixes and improvements
Squashed all commits that were meejah's between
30d68fb499f300a393fa0ced5980229f4bb6efda
and
33c268ed3a8c63a809f4403e307ecc13d848b1ab
On the branch meejah:1382.markberger-rewrite-rebase.6 as
per review
2017-06-05 16:31:41 -06:00
meejah
b6d9945b95 default answer for every share
refactor hypothesis to be 'pytest style' and add another one

get rid of 'shares->set(1 thing)' in generate_mappings return

Add a unittest hypothesis came up with

fix tests since we return peers, not sets-of-1-peer

add more debug

add a unit-test that's like test_problem_layout_ticket_1128

fix bug

add a note

fix utest

unit-test for bigger numbers

re-insert markberger code for testing

results of pairing with david
2017-06-05 16:26:46 -06:00
meejah
adb9a98383 WIP: refactoring (squahshed all meejah's commits) 2017-06-05 16:26:46 -06:00
Brian Warner
211dc602fa updates from summit 2017-06-05 16:26:46 -06:00
Mark Berger
17cff7a176 Implements 'Servers of Happiness' algorithm for upload
This is Mark Berger's original commits, from ticket #1382
2017-06-05 16:26:46 -06:00
tpltnt
2af8e69750 OpenSolaris is discontinued, naming illumos 2017-06-05 10:35:37 +01:00
Brian Warner
ce47f6aaee NEWS/INSTALL/relnotes: release 1.12.1 2017-01-18 16:28:23 -08:00
Brian Warner
582931b1c2 docs: recommend proper introducers.yaml syntax
add a test to exercise that this syntax is parseable, and another to point
out that the previously-recommended syntax was not

refs ticket:2862
2017-01-08 22:59:51 -08:00
Vladimir Rusinov
b7e76c7f24 Document api-version field for deep-stats. 2016-12-23 22:50:48 -05:00
Brian Warner
0efc24cd79 how-to-release: 'twine register' is no longer necessary 2016-12-17 15:07:29 -08:00
Brian Warner
120ef7ee86 docs/INSTALL: update pointers for 1.12.0 2016-12-17 14:36:18 -08:00
Brian Warner
42c3f09097 release checklist: remember buildbot problem 2016-12-17 14:35:53 -08:00
Brian Warner
b97d23cbfe docs/anonymity-config: mention debian-tor group 2016-12-17 14:35:28 -08:00
Brian Warner
91047bf828 docs: clean up .rst and references
This uses Read-The-Docs (sphinx/docutils) references exclusively, but adds a
README.md for GitHub viewers to remind them that the links there won't
work (closes ticket:2835).

It also fixes all the dangling references and other Sphinx warnings.

The "Preparation" section of docs/magic-folder-howto.rst was removed, since
this feature has since been merged to trunk.
2016-12-12 13:57:28 -08:00
Brian Warner
9cea1d7a46 docs: fix svg encoding diagrams
We said "share N" in some places that ought to say "block N", and we no
longer use "peer" to describe where we're pushing a share to (now we say
"server").

Thanks to CcxWrk for the catch.
2016-11-13 14:12:51 -08:00
Brian Warner
fa2b6a567b expenses: pay 2016 summit and hosting through Oct-2016 2016-11-10 22:20:00 -08:00
Brian Warner
da76c41c83 donation.rst: add new expense addresses, re-sign
* secorp's new address for hosting expenses
* warner's address for summit expenses
2016-11-10 21:16:34 -08:00
Brian Warner
09d4e1e936 minor typo 2016-10-25 18:27:11 -07:00
meejah
e00301d7e0 mention poll_interval in magic-folder docs 2016-10-25 18:26:57 -07:00
Brian Warner
130031badf docs: update out-of-date happiness milestone
thanks to CcxWrk for the catch
2016-10-18 17:30:52 -07:00
Brian Warner
42c6a1587b remove docs about --listen=tor being unfinished 2016-10-09 02:02:40 -04:00
David Stainton
4d30d698cf Minor correction to ipv6 + ipv4 configuration considerations 2016-09-26 13:31:18 -07:00
equim
f941db60ac Fix typos in garbage-collection.rst 2016-09-24 23:05:09 +01:00
Brian Warner
b00c2d21b7 test tub.port with multiple endpoints, add docs
I think the preferred way to listen on both IPv4 and IPv6 will be to use
"--port=tcp:PORT,tcp6:PORT". This is now reflected in the docs.

refs ticket:867
2016-09-20 13:04:06 -07:00
David Stainton
ff9d3d8922 Reverse order of use-case list in anonymity config doc 2016-09-20 09:29:07 -07:00
Brian Warner
a638a97806 implement connections:tcp=disabled
This enables an I2P-only node, which disables TCP entirely (instead of
mapping TCP to Tor, which was the only other option that
reveal-IP-address=False would allow).

closes ticket:2824
2016-09-14 16:27:12 -07:00
Brian Warner
02ba2a05c3 implement --listen=none, use it for create-client
Improve docs on server configuration to explain --listen options.
2016-09-14 16:12:32 -07:00
Brian Warner
d69757e069 docs: more server/introducer setup text
running.rst: split out the server/introducer text, so someone who only
care about running a client doesn't need to read about hostnames or
--port/--location.

servers.rst: more background text on ports and locations, make section
names less storage-centric
2016-09-14 13:10:29 -07:00
Brian Warner
460cc826fd update docs
* replace sample IPv4/IPv6 addresses with reserved ones from RFC-6890
* remove initial blank line: prevents github from rendering the .rst
* emphasize --hostname, then have --port/--location as a special-case
* list --port first (describe it "from the inside out"), then --location
* explain difference between --port and --location
* in endpoint strings, put interface= at end, to emphasize port
* add servers.rst to index.rst so it'll show up on readthedocs
* don't mention "partial-cone NAT": that's only relevant if/when we get
  real ICE-style NAT-hole-punching
2016-09-14 12:45:53 -07:00
David Stainton
f3fafa2270 Add server-side network considerations to servers.rst
This includes configuring servers to use IPv4, IPv6, IPv6 with
port forwarding firewall and suggesting the use of i2p/tor if
NAT penetration is needed: provided links to configuration and
anonymity-configuration
2016-09-14 10:58:45 -07:00
Brian Warner
80acd565e2 docs: describe known linkability
closes ticket:2384
2016-09-13 02:14:39 -07:00
Brian Warner
2e3ec4109c document multiintroducer/introducerless config
refs ticket:68
2016-09-12 17:45:35 -07:00
Brian Warner
8d9afdc27e CLI: remove 'debug trial', 'debug repl'
These are obsolete. Tests are run with 'tox', or by running 'trial
allmydata' from a populated virtualenv. A populated virtualenv is also
the right way to get a repl: just run 'python'.

refs ticket:2735
2016-09-09 15:37:28 -07:00
str4d
af6cb47390 Explain how to install the tor and i2p extras together 2016-09-03 12:05:08 +12:00
str4d
453574141e Minor format fix 2016-09-03 11:59:18 +12:00
Brian Warner
c17217699e docs: improve reveal-IP-address description 2016-09-02 09:18:47 -07:00
Brian Warner
d0da17adeb create-node: add --hide-ip, update docs
So "tahoe create-node --hide-ip" causes "reveal-IP-address = false" to
get written into tahoe.cfg . This also changes the default tahoe.cfg to
include "reveal-IP-address = true", for clarity.

refs ticket:1010
2016-09-01 23:24:38 -07:00
Brian Warner
076b3895dc config: change syntax of no-listen mode
We now use::

  tub.port = disabled
  tub.location = disabled

instead of using an empty value (but the key still being present, since
if the key is missing entirely, that means "be automatic").

closes ticket:2816
2016-09-01 21:26:48 -07:00
Brian Warner
a03f68b787 tahoe.cfg: fix spelling of 'enabled' for tor/i2p
We should use "enabled = true", instead of "enable = true", since
the rest of tahoe.cfg uses "enabled".

refs ticket:2788
2016-08-31 15:23:47 -07:00
Brian Warner
d47fc0fd27 config: add reveal-IP-address=False
This adds a safety flag named `[node] reveal-IP-address`, for which the
default value is True. When this is set to False, any configuration that
might reveal the node's IP address (to servers, or the external network)
will cause a PrivacyError to be raised at startup, terminating the node
before it gets a chance to betray the user's privacy. It also adds docs
and tests.

refs ticket:1010
2016-08-31 02:44:27 -07:00
Brian Warner
9057c7301c incorporate dawuud's feedback
* remove anonymity-roadmap
* remove old torsocks section
* minor edits
2016-08-30 08:55:09 -07:00
Brian Warner
f54d2a81a8 fix TOC, remove empty "Legacy I2P" section 2016-08-30 08:55:09 -07:00
Brian Warner
327bef3383 update tor/i2p docs to match current config syntax
This removes the section that describes automatic configuration using
transport-agnostic endpoint-centric tub.port strings. That was the
approach where tub.port used "onion:80:hiddenServiceDir=PATH", and
Foolscap was able to query the generated Listener to find out what
address it was supposed to advertise. We considered this for a long
time, but in the end decided to use a more static approach, where
foolscap/tahoe never try to guess it's location: Tahoe always requires
tub.location= to be set.

When we get automatic configuration implemented, it'll be a simple CLI
argument, something like "tahoe create-server --listen=tor".

Instead, this document now explains how to configure Tor to create the
hidden service, then how to copy the generated .onion address into the
tahoe config.

This also removes a lot of other text that seems irrelevant now, and
refers the user to the tahoe.cfg docs (configuration.rst) instead of
including all the `[tor]`/`[i2p]` docs inline.

Closes ticket:2815
2016-08-30 08:55:09 -07:00
str4d
52e35852b1 Update connection config docs to match the current ticket:517 syntax 2016-08-30 08:55:09 -07:00
str4d
f075fa0e85 Remove references to closed tickets 2016-08-30 08:55:09 -07:00
str4d
21013284c9 Improved section on performance and security issues 2016-08-30 08:55:09 -07:00
str4d
24beb033d6 Update content to match current design 2016-08-30 08:55:09 -07:00
str4d
1edb6331c1 [node]anonymize -> [node]anonymous 2016-08-30 08:55:09 -07:00
str4d
3661fc72cf Updated I2P content 2016-08-30 08:55:08 -07:00
str4d
aa8de0737c ToC and headings 2016-08-30 08:55:08 -07:00
str4d
0fdae0b96a Configuration details 2016-08-30 08:55:08 -07:00
str4d
d09173cbf7 Expanded explanation of [node]anonymize 2016-08-30 08:55:08 -07:00
str4d
8cc2307d80 Spelling, rST layout fixes 2016-08-30 08:55:08 -07:00
str4d
1a3f4f2f35 I2P information 2016-08-30 08:55:08 -07:00
Daira Hopwood
8d1fa17d70 Add more info to docs about usage with tor 2016-08-30 08:55:08 -07:00
David Stainton
cb44f883e5 Fix formatting 2016-08-30 08:55:08 -07:00
David Stainton
4f0b7e0f83 Removed I2P ticket info because it belongs in a trac ticket 2016-08-30 08:55:08 -07:00
Daira Hopwood
3126d49d32 Rename tor.rst to anonymity-configuration.rst.
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
2016-08-30 08:55:08 -07:00
str4d
f3bc270a4e Changes required for safe txi2p use 2016-08-30 08:55:08 -07:00
David Stainton
832a798374 Fix formatting 2016-08-30 08:55:08 -07:00
David Stainton
3242a67c3f Add anonymity roadmap 2016-08-30 08:55:08 -07:00
David Stainton
ce889d5834 Change option name to anonymize for ticket #1010 2016-08-30 08:55:08 -07:00