diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 40412157bbd..15aa17c2790 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -40,7 +40,6 @@ env: SCCACHE_CACHE_SIZE: "50G" BIN_NAMES: "iroh,iroh-relay,iroh-dns-server" RELEASE_VERSION: ${{ github.event.inputs.release_version }} - IROH_FORCE_STAGING_RELAYS: "1" jobs: create-release: diff --git a/iroh-net/src/discovery/dns.rs b/iroh-net/src/discovery/dns.rs index 4175a669482..b6473a11d9b 100644 --- a/iroh-net/src/discovery/dns.rs +++ b/iroh-net/src/discovery/dns.rs @@ -14,10 +14,14 @@ pub const N0_DNS_NODE_ORIGIN_PROD: &str = "dns.iroh.link"; /// The n0 testing DNS node origin, for testing. pub const N0_DNS_NODE_ORIGIN_STAGING: &str = "staging-dns.iroh.link"; /// Testing DNS node origin, must run server from [`crate::test_utils::DnsPkarrServer`]. -#[cfg(any(test, feature = "test-utils"))] +#[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] pub const TEST_DNS_NODE_ORIGIN: &str = "dns.iroh.test"; +/// Environment variable to force the use of staging relays. +#[cfg_attr(iroh_docsrs, doc(cfg(not(any(test, feature = "test-utils")))))] +const ENV_FORCE_STAGING_RELAYS: &str = "IROH_FORCE_STAGING_RELAYS"; + const DNS_STAGGERING_MS: &[u64] = &[200, 300]; /// DNS node discovery @@ -69,14 +73,18 @@ impl DnsDiscovery { /// with [`DnsDiscovery::new`]. This would then use a hosted discovery service again, /// but for testing purposes. pub fn n0_dns() -> Self { - #[cfg(not(any(test, feature = "test-utils")))] - { - Self::new(N0_DNS_NODE_ORIGIN_PROD.to_string()) - } - #[cfg(any(test, feature = "test-utils"))] - { - Self::new(TEST_DNS_NODE_ORIGIN.to_string()) + let force_staging_relays = match std::env::var(ENV_FORCE_STAGING_RELAYS) { + Ok(value) => value == "1", + Err(_) => false, + }; + #[cfg(not(all(test, feature = "test-utils")))] + match force_staging_relays { + true => Self::new(N0_DNS_NODE_ORIGIN_STAGING.to_string()), + false => Self::new(N0_DNS_NODE_ORIGIN_PROD.to_string()), } + + #[cfg(all(test, feature = "test-utils"))] + Self::new(N0_DNS_NODE_ORIGIN_STAGING.to_string()) } } diff --git a/iroh-net/src/discovery/pkarr.rs b/iroh-net/src/discovery/pkarr.rs index 75e460f7dd9..e64bf340a66 100644 --- a/iroh-net/src/discovery/pkarr.rs +++ b/iroh-net/src/discovery/pkarr.rs @@ -64,6 +64,10 @@ use crate::{ AddrInfo, Endpoint, NodeId, }; +/// Environment variable to force the use of staging relays. +#[cfg_attr(iroh_docsrs, doc(cfg(not(any(test, feature = "test-utils")))))] +const ENV_FORCE_STAGING_RELAYS: &str = "IROH_FORCE_STAGING_RELAYS"; + #[cfg(feature = "discovery-pkarr-dht")] #[cfg_attr(iroh_docsrs, doc(cfg(feature = "discovery-pkarr-dht")))] pub mod dht; @@ -177,15 +181,20 @@ impl PkarrPublisher { /// This uses the pkarr relay server operated by [number 0], at /// [`N0_DNS_PKARR_RELAY_PROD`]. /// - /// When compiling for tests, i.e. when `cfg(test)` is true, or when the `test-utils` - /// crate feature is enabled the [`N0_DNS_PKARR_RELAY_STAGING`] server is used instead. + /// When running with the environment variable + /// `IROH_FORCE_STAGING_RELAYS` set to `1` the [`N0_DNS_PKARR_RELAY_STAGING`] + /// server is used instead. /// /// [number 0]: https://n0.computer pub fn n0_dns(secret_key: SecretKey) -> Self { - #[cfg(not(any(test, feature = "test-utils")))] - let pkarr_relay = N0_DNS_PKARR_RELAY_PROD; - #[cfg(any(test, feature = "test-utils"))] - let pkarr_relay = N0_DNS_PKARR_RELAY_STAGING; + let force_staging_relay = match std::env::var(ENV_FORCE_STAGING_RELAYS) { + Ok(value) => value == "1", + Err(_) => false, + }; + let pkarr_relay = match force_staging_relay { + true => N0_DNS_PKARR_RELAY_STAGING, + false => N0_DNS_PKARR_RELAY_PROD, + }; let pkarr_relay: Url = pkarr_relay.parse().expect("url is valid"); Self::new(secret_key, pkarr_relay) @@ -321,9 +330,9 @@ impl PkarrResolver { /// /// [number 0]: https://n0.computer pub fn n0_dns() -> Self { - #[cfg(not(any(test, feature = "test-utils")))] + #[cfg(not(all(test, feature = "test-utils")))] let pkarr_relay = N0_DNS_PKARR_RELAY_PROD; - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] let pkarr_relay = N0_DNS_PKARR_RELAY_STAGING; let pkarr_relay: Url = pkarr_relay.parse().expect("url is valid"); diff --git a/iroh-net/src/endpoint.rs b/iroh-net/src/endpoint.rs index 87e06fe01ba..366279ee801 100644 --- a/iroh-net/src/endpoint.rs +++ b/iroh-net/src/endpoint.rs @@ -58,7 +58,6 @@ pub use iroh_base::node_addr::{AddrInfo, NodeAddr}; const DISCOVERY_WAIT_PERIOD: Duration = Duration::from_millis(500); /// Environment variable to force the use of staging relays. -#[cfg(not(any(test, feature = "test-utils")))] #[cfg_attr(iroh_docsrs, doc(cfg(not(any(test, feature = "test-utils")))))] const ENV_FORCE_STAGING_RELAYS: &str = "IROH_FORCE_STAGING_RELAYS"; @@ -80,7 +79,7 @@ pub struct Builder { /// List of known nodes. See [`Builder::known_nodes`]. node_map: Option>, dns_resolver: Option, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] insecure_skip_relay_cert_verify: bool, addr_v4: Option, @@ -99,7 +98,7 @@ impl Default for Builder { proxy_url: None, node_map: None, dns_resolver: None, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: false, addr_v4: None, addr_v6: None, @@ -135,7 +134,7 @@ impl Builder { discovery: self.discovery, proxy_url: self.proxy_url, dns_resolver, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: self.insecure_skip_relay_cert_verify, }; Endpoint::bind(static_config, msock_opts, self.alpn_protocols).await @@ -289,7 +288,7 @@ impl Builder { /// Skip verification of SSL certificates from relay servers /// /// May only be used in tests. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] pub fn insecure_skip_relay_cert_verify(mut self, skip_verify: bool) -> Self { self.insecure_skip_relay_cert_verify = skip_verify; @@ -1247,14 +1246,10 @@ fn proxy_url_from_env() -> Option { /// Otherwise, it will return `RelayMode::Default`. pub fn default_relay_mode() -> RelayMode { // Use staging in testing - #[cfg(not(any(test, feature = "test-utils")))] let force_staging_relays = match std::env::var(ENV_FORCE_STAGING_RELAYS) { Ok(value) => value == "1", Err(_) => false, }; - #[cfg(any(test, feature = "test-utils"))] - let force_staging_relays = true; - match force_staging_relays { true => RelayMode::Staging, false => RelayMode::Default, diff --git a/iroh-net/src/lib.rs b/iroh-net/src/lib.rs index 2adb4532d39..a572e2bc275 100644 --- a/iroh-net/src/lib.rs +++ b/iroh-net/src/lib.rs @@ -146,6 +146,6 @@ pub use iroh_base::key; pub use iroh_base::key::NodeId; -#[cfg(any(test, feature = "test-utils"))] +#[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] pub mod test_utils; diff --git a/iroh-net/src/magicsock.rs b/iroh-net/src/magicsock.rs index c2a285556bb..5d8247092c4 100644 --- a/iroh-net/src/magicsock.rs +++ b/iroh-net/src/magicsock.rs @@ -128,7 +128,7 @@ pub(crate) struct Options { /// Skip verification of SSL certificates from relay servers /// /// May only be used in tests. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] pub(crate) insecure_skip_relay_cert_verify: bool, } @@ -144,7 +144,7 @@ impl Default for Options { discovery: None, proxy_url: None, dns_resolver: crate::dns::default_resolver().clone(), - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: false, } } @@ -243,7 +243,7 @@ pub(crate) struct MagicSock { /// Skip verification of SSL certificates from relay servers /// /// May only be used in tests. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] insecure_skip_relay_cert_verify: bool, } @@ -1397,7 +1397,7 @@ impl Handle { discovery, dns_resolver, proxy_url, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify, } = opts; @@ -1453,7 +1453,7 @@ impl Handle { pending_call_me_maybes: Default::default(), direct_addr_update_state: DirectAddrUpdateState::new(), dns_resolver, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify, }); diff --git a/iroh-net/src/magicsock/relay_actor.rs b/iroh-net/src/magicsock/relay_actor.rs index 0a7b6c8fdae..998638da5c3 100644 --- a/iroh-net/src/magicsock/relay_actor.rs +++ b/iroh-net/src/magicsock/relay_actor.rs @@ -487,7 +487,7 @@ impl RelayActor { .can_ack_pings(true) .is_preferred(my_relay.as_ref() == Some(&url1)); - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] let builder = builder.insecure_skip_cert_verify(self.msock.insecure_skip_relay_cert_verify); let (dc, dc_receiver) = builder.build( diff --git a/iroh-net/src/relay/client.rs b/iroh-net/src/relay/client.rs index 3b276a83293..bddda1217c4 100644 --- a/iroh-net/src/relay/client.rs +++ b/iroh-net/src/relay/client.rs @@ -218,7 +218,7 @@ pub struct ClientBuilder { /// Relay protocol protocol: Protocol, /// Allow self-signed certificates from relay servers - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] insecure_skip_cert_verify: bool, /// HTTP Proxy @@ -236,7 +236,7 @@ impl ClientBuilder { server_public_key: None, url: url.into(), protocol: Protocol::Relay, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_cert_verify: false, proxy_url: None, } @@ -291,7 +291,7 @@ impl ClientBuilder { /// Skip the verification of the relay server's SSL certificates. /// /// May only be used in tests. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] pub fn insecure_skip_cert_verify(mut self, skip: bool) -> Self { self.insecure_skip_cert_verify = skip; @@ -317,7 +317,7 @@ impl ClientBuilder { .expect("protocols supported by ring") .with_root_certificates(roots) .with_no_client_auth(); - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] if self.insecure_skip_cert_verify { warn!("Insecure config: SSL certificates from relay servers will be trusted without verification"); config @@ -1050,12 +1050,12 @@ async fn resolve_host( } /// Used to allow self signed certificates in tests -#[cfg(any(test, feature = "test-utils"))] +#[cfg(all(test, feature = "test-utils"))] #[cfg_attr(iroh_docsrs, doc(cfg(any(test, feature = "test-utils"))))] #[derive(Debug)] struct NoCertVerifier; -#[cfg(any(test, feature = "test-utils"))] +#[cfg(all(test, feature = "test-utils"))] impl rustls::client::danger::ServerCertVerifier for NoCertVerifier { fn verify_server_cert( &self, diff --git a/iroh/src/node/builder.rs b/iroh/src/node/builder.rs index 4bf07e3346e..2a478e90608 100644 --- a/iroh/src/node/builder.rs +++ b/iroh/src/node/builder.rs @@ -120,7 +120,7 @@ where dns_resolver: Option, node_discovery: DiscoveryConfig, docs_storage: DocsStorage, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: bool, /// Callback to register when a gc loop is done #[debug("callback")] @@ -231,9 +231,9 @@ fn mk_external_rpc() -> IrohServerEndpoint { impl Default for Builder { fn default() -> Self { // Use staging in testing - #[cfg(not(any(test, feature = "test-utils")))] + #[cfg(not(all(test, feature = "test-utils")))] let relay_mode = RelayMode::Default; - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] let relay_mode = RelayMode::Staging; Self { @@ -250,7 +250,7 @@ impl Default for Builder { gc_policy: GcPolicy::Disabled, docs_storage: DocsStorage::Disabled, node_discovery: Default::default(), - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: false, gc_done_callback: None, blob_events: Default::default(), @@ -267,9 +267,9 @@ impl Builder { storage: StorageConfig, ) -> Self { // Use staging in testing - #[cfg(not(any(test, feature = "test-utils")))] + #[cfg(not(all(test, feature = "test-utils")))] let relay_mode = RelayMode::Default; - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] let relay_mode = RelayMode::Staging; Self { @@ -286,7 +286,7 @@ impl Builder { gc_policy: GcPolicy::Disabled, docs_storage, node_discovery: Default::default(), - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: false, gc_done_callback: None, blob_events: Default::default(), @@ -346,7 +346,7 @@ where gc_policy: self.gc_policy, docs_storage, node_discovery: self.node_discovery, - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] insecure_skip_relay_cert_verify: false, gc_done_callback: self.gc_done_callback, blob_events: self.blob_events, @@ -508,14 +508,14 @@ where /// Skip verification of SSL certificates from relay servers /// /// May only be used in tests. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] pub fn insecure_skip_relay_cert_verify(mut self, skip_verify: bool) -> Self { self.insecure_skip_relay_cert_verify = skip_verify; self } /// Register a callback for when GC is done. - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] pub fn register_gc_done_cb(mut self, cb: Box) -> Self { self.gc_done_callback.replace(cb); self @@ -617,7 +617,7 @@ where None => endpoint, }; - #[cfg(any(test, feature = "test-utils"))] + #[cfg(all(test, feature = "test-utils"))] { endpoint = endpoint.insecure_skip_relay_cert_verify(self.insecure_skip_relay_cert_verify);