securedrop-client icon indicating copy to clipboard operation
securedrop-client copied to clipboard

Published 20 hours ago verified publisher icon freedomofpress

Implement proxy v2 architecture, in Rust

Open legoktm opened this issue 6 months ago • 19 comments

This was migrated from https://github.com/freedomofpress/securedrop-proxy/pull/127

Status

Ready for review

Description

Implement the proxy v2 architecture; see individual commits messages for more detail.

  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1678.
  • Fixes #1778
  • Fixes https://github.com/freedomofpress/securedrop-workstation/issues/853
  • Refs https://github.com/freedomofpress/securedrop-client/issues/1848
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1831
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1681
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1684
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1685
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1690
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1694
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1717
  • Fixes https://github.com/freedomofpress/securedrop-client/issues/1761
  • Fixes https://github.com/freedomofpress/securedrop-security/issues/73

Test Plan

  • [x] CI passes
  • [ ] Visual review:
    • [x] @cfm reviews commit by commit
    • [ ] @legoktm reviews commit by commit
    • [ ] Third review (TBD) reviews the major commits specially, since @cfm and @legoktm co-authored most everything here:
      • [ ] df803d5ffcf638d4c6e027684d4255f420868100
      • [ ] 1f3c2c84466f350954531d2d60d066f5431d69fc
      • [ ] bc67129b44d76581ae29780ee5a5be12ac907ebe
    • [ ] Third reviewer (TBD) spot-checks VCR cassettes regenerated in:
      • [ ] 1f3c2c84466f350954531d2d60d066f5431d69fc
      • [ ] 98867666c6867f7711f04de2777b0661282700c6
  • [x] Start dev instance with cd client && ./run.sh and test syncing, sending replies and downloading attachments works fine
  • [ ] Build and install debs onto Qubes 4.2 system, test syncing, sending replies and downloading attachments works fine

Checklist

If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:

  • [ ] I have tested these changes in the appropriate Qubes environment
  • I do not have an appropriate Qubes OS workstation set up (the reviewer will need to test these changes)
  • These changes should not need testing in Qubes

If these changes add or remove files other than client code, the AppArmor profile may need to be updated. Please check as applicable:

  • I have updated the AppArmor profile
  • No update to the AppArmor profile is required for these changes
  • I don't know and would appreciate guidance
  • [x] AppArmor will be done as a follow-up: https://github.com/freedomofpress/securedrop-client/issues/1889

If these changes modify the database schema, you should include a database migration. Please check as applicable:

  • I have written a migration and upgraded a test database based on main and confirmed that the migration is self-contained and applies cleanly
  • I have written a migration but have not upgraded a test database based on main and would like the reviewer to do so
  • I need help writing a database migration
  • [x] No database schema changes are needed

legoktm avatar Dec 13 '23 21:12 legoktm