connlib: tune disconnect parameters (#2977)

Should fix #2946 (still testing, trying to reproduce the error reported
in the issue)

docker-compose.yml

@@ -117,6 +117,7 @@ services:
       RUST_LOG: firezone_linux_client=trace,wire=trace,connlib_client_shared=trace,firezone_tunnel=trace,connlib_shared=trace,warn
       FIREZONE_API_URL: ws://api:8081
       FIREZONE_ID: D0455FDE-8F65-4960-A778-B934E4E85A5F
+      MAX_PARTITION_TIME: 5s
     build:
       target: debug
       context: rust

rust/Cargo.lock

@@ -1934,6 +1934,7 @@ dependencies = [
  "clap",
  "connlib-client-shared",
  "firezone-cli-utils",
+ "humantime",
  "secrecy",
  "tracing",
  "tracing-subscriber",

rust/connlib/clients/android/src/lib.rs

@@ -11,13 +11,13 @@ use jni::{
     JNIEnv, JavaVM,
 };
 use secrecy::SecretString;
-use std::sync::OnceLock;
 use std::{net::IpAddr, path::Path};
 use std::{
     net::{Ipv4Addr, Ipv6Addr},
     os::fd::RawFd,
     path::PathBuf,
 };
+use std::{sync::OnceLock, time::Duration};
 use thiserror::Error;
 use tracing_subscriber::prelude::*;
 use tracing_subscriber::EnvFilter;
@@ -405,7 +405,13 @@ fn connect(
         handle,
     };
 
-    let session = Session::connect(api_url.as_str(), secret, device_id, callback_handler)?;
+    let session = Session::connect(
+        api_url.as_str(),
+        secret,
+        device_id,
+        callback_handler,
+        Duration::from_secs(5 * 60),
+    )?;
 
     Ok(session)
 }

rust/connlib/clients/apple/src/lib.rs

@@ -9,6 +9,7 @@ use std::{
     os::fd::RawFd,
     path::PathBuf,
     sync::Arc,
+    time::Duration,
 };
 use tracing_subscriber::prelude::*;
 use tracing_subscriber::EnvFilter;
@@ -191,6 +192,7 @@ impl WrappedSession {
                 inner: Arc::new(callback_handler),
                 handle: init_logging(log_dir.into(), log_filter),
             },
+            Duration::from_secs(5 * 60),
         )
         .map_err(|err| err.to_string())?;
 

rust/connlib/clients/shared/src/lib.rs

@@ -66,6 +66,7 @@ where
         token: SecretString,
         device_id: String,
         callbacks: CB,
+        max_partition_time: Duration,
     ) -> Result<Self> {
         // TODO: We could use tokio::runtime::current() to get the current runtime
         // which could work with swift-rust that already runs a runtime. But IDK if that will work
@@ -111,6 +112,7 @@ where
             token,
             device_id,
             this.callbacks.clone(),
+            max_partition_time,
         );
         std::thread::spawn(move || {
             rx.blocking_recv();
@@ -127,6 +129,7 @@ where
         token: SecretString,
         device_id: String,
         callbacks: CallbackErrorFacade<CB>,
+        max_partition_time: Duration,
     ) {
         runtime.spawn(async move {
             let (connect_url, private_key) = fatal_error!(
@@ -193,7 +196,7 @@ where
             }});
 
             tokio::spawn(async move {
-                let mut exponential_backoff = ExponentialBackoffBuilder::default().build();
+                let mut exponential_backoff = ExponentialBackoffBuilder::default().with_max_elapsed_time(Some(max_partition_time)).build();
                 loop {
                     // `connection.start` calls the callback only after connecting
                     tracing::debug!("Attempting connection to portal...");
@@ -211,11 +214,8 @@ where
                         tokio::time::sleep(t).await;
                     } else {
                         tracing::error!("Connection to portal failed, giving up");
-                        fatal_error!(
-                            result.and(Err(Error::PortalConnectionError(tokio_tungstenite::tungstenite::Error::ConnectionClosed))),
-                            runtime_stopper,
-                            &callbacks
-                        );
+                        Self::disconnect_inner(runtime_stopper, &callbacks, None);
+                        break;
                     }
                 }
 

rust/linux-client/Cargo.toml

@@ -14,3 +14,4 @@ anyhow = { version = "1.0" }
 tracing = { workspace = true }
 clap = { version = "4.4", features = ["derive",  "env"] }
 tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
+humantime = "2.1"

rust/linux-client/src/main.rs

@@ -16,6 +16,7 @@ fn main() -> Result<()> {
         SecretString::from(cli.common.token),
         cli.firezone_id,
         CallbackHandler { handle },
+        cli.max_partition_time.into(),
     )
     .unwrap();
     tracing::info!("new_session");
@@ -60,4 +61,8 @@ struct Cli {
     /// File logging directory. Should be a path that's writeable by the current user.
     #[arg(short, long, env = "LOG_DIR")]
     log_dir: Option<PathBuf>,
+
+    #[arg(env = "MAX_PARTITION_TIME")]
+    #[clap(default_value = "5m")]
+    max_partition_time: humantime::Duration,
 }

rust/windows-client/src-tauri/src/client/gui.rs

@@ -12,7 +12,7 @@ use client::{
 use connlib_client_shared::file_logger;
 use connlib_shared::messages::ResourceId;
 use secrecy::{ExposeSecret, SecretString};
-use std::{net::IpAddr, path::PathBuf, str::FromStr};
+use std::{net::IpAddr, path::PathBuf, str::FromStr, time::Duration};
 use system_tray_menu::{Event as TrayMenuEvent, Resource as ResourceDisplay};
 use tauri::{Manager, SystemTray, SystemTrayEvent};
 use tokio::sync::{mpsc, oneshot};
@@ -386,6 +386,7 @@ impl Controller {
                 ctlr_tx,
                 logger: Some(logger),
             },
+            Duration::from_secs(5 * 60),
         )?)
     }
 }