ae67064121 works on the live site.
However if you click the notification while the tunnel is coming up,
there's a chance that the download will fail because Firezone isn't
fully up yet. Oops. That will probably only affect us since we have
github.com as a resource. If real customers are okay with their Firezone
updates coming through normal Internet it'll probably be fine.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Bumps [tracing-panic](https://github.com/LukeMathWalker/tracing-panic)
from 0.1.1 to 0.1.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/LukeMathWalker/tracing-panic/blob/main/CHANGELOG.md">tracing-panic's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a
href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>,
and this project adheres to <a
href="https://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2>[Unreleased]</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e27729b9d7"><code>e27729b</code></a>
chore: Release tracing-panic version 0.1.2</li>
<li><a
href="dc8b3bc3b6"><code>dc8b3bc</code></a>
Update docs</li>
<li><a
href="678ac5ca39"><code>678ac5c</code></a>
Add backtrace to panic log entry, make it opt-out (<a
href="https://redirect.github.com/LukeMathWalker/tracing-panic/issues/4">#4</a>)</li>
<li>See full diff in <a
href="https://github.com/LukeMathWalker/tracing-panic/compare/v0.1.1...v0.1.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [tauri](https://github.com/tauri-apps/tauri) from 1.6.1 to 1.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tauri-apps/tauri/releases">tauri's
releases</a>.</em></p>
<blockquote>
<h2>tauri v1.6.2</h2>
<p>Updating crates.io index</p>
<!-- raw HTML omitted -->
<pre><code>Fetching advisory database from
`https://github.com/RustSec/advisory-db.git`
Loaded 621 security advisories (from /home/runner/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (577 crate dependencies)
Crate: atty
Version: 0.2.14
Warning: unsound
Title: Potential unaligned read
Date: 2021-07-04
ID: RUSTSEC-2021-0145
URL: https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
└── clap 3.2.25
└── tauri 1.6.2
├── tauri 1.6.2
├── restart 0.1.0
└── app-updater 0.1.0
<p>warning: 1 allowed warning found
</code></pre></p>
<!-- raw HTML omitted -->
<h2>[1.6.2]</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="e3b6d38d26"><code>e3b6d38d2</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9166">#9166</a>)
Fix <code>basename(path, 'ext')</code> JS API when removing all
occurances of <code>ext</code> where it should only remove the last
one.</li>
<li><a
href="705da977a9"><code>705da977a</code></a>(<a
href="https://redirect.github.com/tauri-apps/tauri/pull/9529">#9529</a>)
Do not use JS optional chaining to prevent script errors on older
webviews such as macOS 10.14.</li>
</ul>
<!-- raw HTML omitted -->
<pre><code>Updating crates.io index
Packaging tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
Updating crates.io index
Verifying tauri v1.6.2 (/home/runner/work/tauri/tauri/core/tauri)
Downloading crates ...
Downloaded alloc-stdlib v0.2.2
Downloaded cairo-sys-rs v0.15.1
Downloaded atk-sys v0.15.1
Downloaded cairo-rs v0.15.12
</tr></table>
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="caddd5bdd8"><code>caddd5b</code></a>
Apply Version Updates From Current Changes (v1) (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9544">#9544</a>)</li>
<li><a
href="72c2636527"><code>72c2636</code></a>
chore(ci): fix MSRV downgrade (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9543">#9543</a>)</li>
<li><a
href="83e024c670"><code>83e024c</code></a>
chore(ci): downgrade home crate (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9542">#9542</a>)</li>
<li><a
href="07c9e352df"><code>07c9e35</code></a>
fix(ci): downgrade cc crate for MSRV compatibility (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9541">#9541</a>)</li>
<li><a
href="d00178d60c"><code>d00178d</code></a>
ci: Fix package downgrades in covector workflow (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9538">#9538</a>)</li>
<li><a
href="705da977a9"><code>705da97</code></a>
fix: optional chaining is not supported on older webviews (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9529">#9529</a>)</li>
<li><a
href="1675e41f05"><code>1675e41</code></a>
fix(bundler): don't convert product name to snake case when cross
compiling (...</li>
<li><a
href="f9638b6315"><code>f9638b6</code></a>
fix(cli): append extension to app binary manually on rename (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9491">#9491</a>)</li>
<li><a
href="aeddc40b9e"><code>aeddc40</code></a>
fix(cli/info): fix crash when checking node version (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9411">#9411</a>)</li>
<li><a
href="fe6f81fa88"><code>fe6f81f</code></a>
chore: fix clippy false positive (<a
href="https://redirect.github.com/tauri-apps/tauri/issues/9329">#9329</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tauri-apps/tauri/compare/tauri-v1.6.1...tauri-v1.6.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When candidates are being invalidated in str0m, they internally set a
`discarded` flag. This flag was not considered when a candidate that was
previously discarded was added again. This can happen when a client
roams back to their old network, i.e. going from Ethernet to WiFi and
back.
In that case, str0m would still form new pairs using the old discarded
candidate which would also eventually get nominated as part of a pair.
This would lead to a panic in snownet when we try to find the nominated
local candidate as we filter by non-discarded candidates there.
Related: https://github.com/algesten/str0m/pull/508.
Resolves: #4736.
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Make the GUI use systemd-resolved to retrieve the system's resolvers.
This allows the IPC service to set up sentinels for those resolvers and
control the system's DNS.
Closes#3812
This aligns some of the internal names with #4531, but it shouldn't
break the externally-visible things like package names or permalinks.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
This came up while working on #2030 and thinking about testing `Peer`.
Not entirely convinced of taking both `Instant` and `DateTime<Utc>` but
unless we convert the expiration to an instant, which would bring a
bunch of new problems, I don't see another way to do this.
```[tasklist]
- [ ] Maybe change that "dev.firezone.client/token" name to something friendlier
```
But it does work, survives reboots as expected, etc.
I can't test it easily in CI, I just disabled the keyring test for now.
It works manually, and the keyring-rs crate seems pretty stable, and our
use of it hasn't changed in a couple months at least.
Closes#4270
Refs #3713
Refs #3782
It sort-of works, but many features are missing and it needs a refactor.
```[tasklist]
- [ ] Break `imp_linux.rs` into modules
- [ ] Get rid of `try_send` and panics where possible
```
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.115 to
1.0.116.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.116</h2>
<ul>
<li>Make module structure comprehensible to static analysis (<a
href="https://redirect.github.com/serde-rs/json/issues/1124">#1124</a>,
thanks <a
href="https://github.com/mleonhard"><code>@mleonhard</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a3f62bb10e"><code>a3f62bb</code></a>
Release 1.0.116</li>
<li><a
href="12c8ee0ce6"><code>12c8ee0</code></a>
Hide "non-exhaustive patterns" errors when crate fails to
compile</li>
<li><a
href="051ce970fe"><code>051ce97</code></a>
Merge pull request 1124 from mleonhard/master</li>
<li><a
href="25dc75050a"><code>25dc750</code></a>
Replace <code>features_check</code> mod with a call to
<code>std::compile_error!</code>. Fixes htt...</li>
<li><a
href="2e15e3d7d5"><code>2e15e3d</code></a>
Revert "Temporarily disable miri on doctests"</li>
<li><a
href="0baba28775"><code>0baba28</code></a>
Resolve legacy_numeric_constants clippy lints</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.115...v1.0.116">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.79
to 0.1.80.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/async-trait/releases">async-trait's
releases</a>.</em></p>
<blockquote>
<h2>0.1.80</h2>
<ul>
<li>Fix unreachable code warning for async functions that return
<code>!</code> (<a
href="https://redirect.github.com/dtolnay/async-trait/issues/265">#265</a>,
thanks <a
href="https://github.com/de-vri-es"><code>@de-vri-es</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d528b5a816"><code>d528b5a</code></a>
Release 0.1.80</li>
<li><a
href="10b5c9951a"><code>10b5c99</code></a>
Drop support for compilers older than 1.47</li>
<li><a
href="83a542268d"><code>83a5422</code></a>
Drop support for compilers older than 1.45</li>
<li><a
href="22d017e941"><code>22d017e</code></a>
Build script no longer looks at $DOCS_RS</li>
<li><a
href="b64d041c65"><code>b64d041</code></a>
Move never_type test under issue266</li>
<li><a
href="b683da826e"><code>b683da8</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/async-trait/issues/265">#265</a>
from de-vri-es/fix-unreachable-code-warning</li>
<li><a
href="c8d958dfde"><code>c8d958d</code></a>
Fix unreachable code warning for functions that return
<code>!</code></li>
<li><a
href="4f0b72eb84"><code>4f0b72e</code></a>
Explicitly install a Rust toolchain for cargo-outdated job</li>
<li>See full diff in <a
href="https://github.com/dtolnay/async-trait/compare/0.1.79...0.1.80">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
For tests it doesn't hurt, but this will be used as a template for the
systemd service we ship to production, and that can't have the ID there.
So I'm also cleaning up a few other problems I noticed:
- I wanted to split the service files as part of #4531, so that the GUI
Client and headless Client can have separate sandbox rules. e.g, the
headless Client won't be allowed to create Unix domain sockets
- I'm punting more things to systemd, which allows us to tighten down
the sandbox further, e.g. creating `/var/lib/dev.firezone.client` and
`/run/dev.firezone.client` for us
- Closes#4461
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Calling `std::process::exit` won't let the DNS deactivation code runs.
For some control methods (systemd-resolved) this doesn't matter. For
etc-resolvconf and Windows, we are responsible for cleaning up DNS.
```[tasklist]
- [x] Replicate the issue
- [x] Fix it
- [x] Remove the fault injection code
```
Closes#4784
Closes#4763
Previously it would get stuck signing in and say that the situation was
impossible, it was actually possible.
I tested this manually by forcing the tunnel to error out in the place
where wintun fails for #4765
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
```[tasklist]
- [x] Update website
- [x] Update blog entry with old link
- [ ] ~~Replace Github URL in GUI Client updater with our own links~~
- [ ] Wait for CI to go green
```
Refs #4531
This proposes a unified scheme for deb and MSI packages, and moves
Windows to that scheme.
This breaks compatibility. Existing Clients won't recognize the new
asset names once this is merged, so they won't show the "Firezone 1.0.0
is available" pop-up.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Closes#4682Closes#4691
```[tasklist]
# Before merging
- [x] Wait for `linux-group` test to go green on `main` (#4692)
- [ ] Wait for those browsers tests to get fixed
- [ ] *All* compatibility tests must pass on this branch
```
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
In Rust, `Result::unwrap()` produces a panic with an owned `String`.
Currently, we only attempt to downcast to a `str` which means those
errors show up as "panicked with a non-string payload" instead of the
actual panic message.
Related: #4736.
As part of testing #4750, @jamilbk ran into an interesting but unrelated
bug. Currently, we never invalidate host candidates. However, because we
rebind our sockets, we get new ports and thus our old host candidates
are always invalid. Thus, if you have a setup where your gateway and
client are on the same subnet they end up settling on a host-host
connection. If the client then roams to a different network, we get a
new srflx IP but because we don't invalidate the host candidate, we run
into an ICE timeout and never switch over the connection.
We actually have a unit test for this but it wasn't caught because of a
bug in str0m (https://github.com/algesten/str0m/pull/504): Candidates
with the same IP but different kind were incorrectly invalidated. In our
test, we don't have a NAT and thus host == srflx candidate. Thus, in the
roaming test, we invalidated the host candidate based on the new srflx
candidate which made the connection migration work.
With the patch included, the reconnect unit test actually fails to send
the packet, confirming this theory. By invalidating all host candidates
on `reconnect`, we fix this bug.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Currently, the portal returns us a flat list of relays where each entry
only has a single address. But, our relays can operate in dual-stack
mode, meaning that they listen on IPv4 and IPv6 at the same time. Thus,
for a relay that is in dual-stack mode, this list will contain two
entries with the same relay ID, one for each address.
This wasn't really a problem until #4567 where we started indexing
relays by ID. As a result, a relay that operates in dual-stack mode is
now only reachable either under its IPv4 or IPv6 address. Which one wins
is non-deterministic due to the sorting behaviour of `HashMap`s and the
order that the list is returned from the portal.
For the TURN protocol, clients are indexed by their 3-tuple (IP, port,
protocol) which means a client talking to a relay over IPv4 is a
different client than one talking over IPv6. Thus, treating the same
relay as two different relays has additional consequences: It means we
allocate a pair of IPv4 & IPv6 addresses for each one, resulting in up
to 4 relay candidates per relay.
Both of these problems are solved in this PR.
1. Upon deserializing the list of relays from the portal, we group them
by ID and parse the addresses into a `RelaySocket`. This structure is
the equivalent of `IpStack` on the relay end and represents an enum with
3 different values:
- `V4`: Only an IPv4 address is known.
- `V6`: Only an IPv6 address is known.
- `Dual`: Both an IPv4 and an IPv6 address is known.
2. Instead of creating two `Allocation`s (one per address), we now
initialize an `Allocation` with this `RelaySocket`.
3. We let the `Allocation` figure out, which socket to use. Let's look
into how we do that.
Previously, the first action of an `Allocation` was to send an
`ALLOCATE` request. A naive approach would be to simply send an
`ALLOCATE` request to both IPs. In case the client / gateway has a
properly configured IPv4 and IPv6 address, both of these will succeed!
Which one should we pick?
To avoid this problem, we don't send an `ALLOCATE` but a `BINDING`
request instead. `BINDING` requests don't have side-effects and just
returned the observed address (this is commonly known as STUN). Once the
responses for the `BINDING` requests come back, we can deterministically
chose a socket to use for sending an `ALLOCATE` request. In particular,
we just pick the response that comes back first! A successful `BINDING`
request means the network path is working so we can also just it for
`ALLOCATE`. In case both requests are answered, we record both responses
as server-reflexive candidates.
Lastly, one final change with this PR is that we stop filtering the
relays returned by the portal based on the sockets that we have locally.
When a client roams, we may experience any combination of available
network interfaces (dual stack, IPv4 only and IPv6 only). Thus, it is
important that we always attempt to reach all relays over all network
paths and simply give up if we don't receive a response. Pre-filtering
relays based on the sockets that we currently have may leave us without
relays if we e.g. roam from an IPv4-only to and IPv6-only network. A
consequence of this design is that we might see a few more warnings in
the code in case the client's / gateway's interface doesn't support a
particular IP version. The warnings read something like:
```
2024-04-23T07:09:05.209212Z WARN connlib_client_shared::eventloop: Tunnel error: failed send packet to 35.197.175.154:3478: no IPv4 socket
```
Resolves: #4726.
In https://github.com/firezone/firezone/pull/4537, we fixed a bug that
made an `Allocation` busy-loop with invalid credentials. There is no
point in keeping invalid credentials around so with this PR, we are
clearing the credentials and free the memory associated with this
`Allocation`.
This is another safe-guard to prevent these kind of busy-loops and also
reduces the memory footprint of very long-running services.
Bumps the cargo group in /rust with 1 update:
[rustls](https://github.com/rustls/rustls).
Updates `rustls` from 0.22.3 to 0.22.4
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ae277befb5"><code>ae277be</code></a>
Prepare 0.22.4</li>
<li><a
href="5374108df6"><code>5374108</code></a>
complete_io: bail out if progress is impossible</li>
<li><a
href="00e695d68d"><code>00e695d</code></a>
Regression test for <code>complete_io</code> infinite loop bug</li>
<li><a
href="0c6cd7ef68"><code>0c6cd7e</code></a>
Don't specially handle unauthenticated close_notify alerts</li>
<li>See full diff in <a
href="https://github.com/rustls/rustls/compare/v/0.22.3...v/0.22.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [time](https://github.com/time-rs/time) from 0.3.34 to 0.3.36.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/time-rs/time/releases">time's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.36</h2>
<p>See the <a
href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a>
for details.</p>
<h2>v0.3.35</h2>
<p>See the <a
href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's
changelog</a>.</em></p>
<blockquote>
<h2>0.3.36 [2024-04-10]</h2>
<h3># Fixed</h3>
<ul>
<li><code>FormatItem</code> can be used as part of an import path. See
<a href="https://redirect.github.com/time-rs/time/issues/675">#675</a>
for details.</li>
</ul>
<p><a
href="https://redirect.github.com/time-rs/time/issues/675">#675</a>: <a
href="https://redirect.github.com/time-rs/time/issues/675">time-rs/time#675</a></p>
<h2>0.3.35 [2024-04-10]</h2>
<h3>Added</h3>
<ul>
<li><code>Duration::checked_neg</code></li>
<li><code>ext::InstantExt</code>, which provides methods for using
<code>time::Duration</code> with <code>std::time::Instant</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li><code>Instant</code> is deprecated. It is recommended to use
<code>std::time::Instant</code> directly, importing
<code>time::ext::InstantExt</code> for interoperability with
<code>time::Duration</code>.</li>
<li><code>FormatItem</code> has been renamed to
<code>BorrowedFormatItem</code>, avoiding confusion with
<code>OwnedFormatItem</code>.
An alias has been added for backwards compatibility.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>The weekday is optional when parsing RFC2822.</li>
<li>The range of sub-second values in <code>Duration</code> is
documented correctly. The previous documentation
contained an off-by-one error.</li>
<li>Leap seconds are now correctly handled when parsing ISO 8601.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3c3c546a66"><code>3c3c546</code></a>
<code>pub use</code> instead of <code>pub type</code> re-exporting</li>
<li><a
href="266178da67"><code>266178d</code></a>
Update code coverage CI</li>
<li><a
href="131049ea15"><code>131049e</code></a>
v0.3.35 release</li>
<li><a
href="9c15ee3466"><code>9c15ee3</code></a>
Permit leap seconds when parsing ISO 8601</li>
<li><a
href="d279d8d38f"><code>d279d8d</code></a>
Fix invalid offset hour diagnostic test</li>
<li><a
href="f04a28feec"><code>f04a28f</code></a>
Eliminate unreachable branch</li>
<li><a
href="06a096d821"><code>06a096d</code></a>
Rename <code>FormatItem</code> to <code>BorrowedFormatItem</code></li>
<li><a
href="fd664eef0d"><code>fd664ee</code></a>
Include diagnostics regression</li>
<li><a
href="b8d09a7bcc"><code>b8d09a7</code></a>
Address nightly lints</li>
<li><a
href="330865ac90"><code>330865a</code></a>
Update deny.toml</li>
<li>Additional commits viewable in <a
href="https://github.com/time-rs/time/compare/v0.3.34...v0.3.36">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Considered using Elixir and Rust to write the tests.
For Elixir, `wallaby` doesn't seem to have a way to attach to an
existing `chromium` instance, launching it each time, which makes it
hard to coordinate with the relay restart.
For Rust we considered `thirtyfour` which would be very nice since we
could test both firefox and chrome but each time it connects to the
instance it launches a new session making it hard to test the DNS cache
behavior.
We also considered `chrome_headless` for Rust it needs a small patch to
prevent it from closing the browser after `Drop` but it still presents a
problem, since it has no easy way to retrieve if loading a page has
succeeded. There are some workarounds such as retrieving the title that
we could have used but after some testing they are quite finnicky and we
don't want that for CI.
So I ended up settling for TypeScript but I'm open to other options, or
a fix for the previous ones!
There are some modifications still incoming for this PR, around the test
name and that sleep in the middle of the test doesn't look good so I
will probably add some retries, but the gist is here, will keep it in
draft until we expect it to be passing.
So feel free to do some initial reviews.
Note: the number of lines changed is greatly exaggerated by
`package.lock`
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Whenever we receive a `relays_presence` message from the portal, we
invalidate the candidates of all now disconnected relays and make
allocations on the new ones. This triggers signalling of new candidates
to the remote party and migrates the connection to the newly nominated
socket.
This still relies on #4613 until we have #4634.
Resolves: #4548.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
As a result of moving all logic into `ClientState` and `GatewayState`,
the concrete types of `Peer` are statically known everywhere. Thus, we
can remove this abstraction layer and directly store a `ClientOnGateway`
and `GatewayOnClient` struct in the `PeerStore`.
This makes code-navigation and reasoning easier because one can directly
jump to the function that is being called.
Resolves: #4224.
```[tasklist]
# Before merging
- [x] Remove file extension `.txt`
- [x] Wait for `linux-group` test to go green on `main` (#4692)
- [x] *all* compatibility tests must be green on this branch
```
Closes#4664Closes#4665
~~The compatibility tests are expected to fail until the next release is
cut, for the same reasons as in #4686~~
The compatibility test must be handled somehow, otherwise it'll turn
main red.
`linux-group` was moved out of integration / compatibility testing, but
the DNS tests do need the whole Docker + portal setup, so that one can't
move.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
With the introduction of `snownet`, we temporarily duplicated the
`IpPacket` abstraction from `firezone-tunnel` because there was no
common place to put it. Overtime, these have grown in size and we needed
to convert back and forth between time. Lately, we've also been adding
more tests to both `snownet` and `firezone-tunnel` that needed to create
`IpPacket`s as test data.
This seems like an appropriate time to do away with this duplication by
introducing a dedicated crate that acts as a facade for the
`pnet_packet` crate, extending it with the functionality that we need.
Resolves: #3926.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
As suspected, there was a bug in the relay where channel bindings were
not cleared if the client freed the allocation early by sending a
REFRESH request with a lifetime of 0.
Resolves: #4588.
Bumps [either](https://github.com/rayon-rs/either) from 1.10.0 to
1.11.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="864eae4540"><code>864eae4</code></a>
Merge pull request <a
href="https://redirect.github.com/rayon-rs/either/issues/104">#104</a>
from cuviper/release-1.11.0</li>
<li><a
href="0bdb583188"><code>0bdb583</code></a>
Release 1.11.0</li>
<li><a
href="e385751eda"><code>e385751</code></a>
Merge pull request <a
href="https://redirect.github.com/rayon-rs/either/issues/101">#101</a>
from SFM61319/feat/into-either</li>
<li><a
href="d62efa6fff"><code>d62efa6</code></a>
Feat: Implement trait <code>IntoEither</code></li>
<li><a
href="d48ab1b312"><code>d48ab1b</code></a>
Merge pull request <a
href="https://redirect.github.com/rayon-rs/either/issues/103">#103</a>
from masklinn/patch-1</li>
<li><a
href="365f674f6d"><code>365f674</code></a>
Enable <code>serde</code> feature on playgrounds</li>
<li>See full diff in <a
href="https://github.com/rayon-rs/either/compare/1.10.0...1.11.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Previously, we would have a single span that was activated for all
messages, including channel-data messages. That was great for
de-duplication but shit for performance, so we turned it down to `debug`
level. That lost us a lot of context for messages like "Successfully
bound channel" or any other state change in the relay.
To restore this, we remove the span from `handle_client_input` and start
a new span on `info` level for each control message. For channel data
messages, the span is however on `debug` level to not affect performance
in production.
Resolves: #4496.
This was discussed with @AndrewDryga to allow us detecting potential
attacks. Some amount of authentication failures are expected during
normal operation because TURN has this system of nonces which can only
be used a certain number of times.
Resolves: #4550.
This did not do anything other than limit the size of the buffer that we
pass in for reading. This has no effect whatsoever. We only ever read a
single packet anyway and we get told how big it is as a result of
`poll_read`.
Resolves: #4469.
Opening this in a basic version that asserts sending of connection
intents to resource IPs. To do this, we add some boilerplate that sets
up the state machine test in general. Together with the
[work](d575dc3866/rust/connlib/snownet/tests/lib.rs (L296-L824))
that I've done on the `snownet` tests, this can then be extended to
describe the entire state machine of connlib and letting `proptest`
search for inputs & combinations that break stuff.
Some more `Transition`s that I'd expect we can implement:
- Add DNS resource
- Reconnect (i.e. roam networks)
- Remove resource
The public API of `Tunnel` isn't actually very large: We add and remove
resources, set upstream DNS servers and call `reconnect`. I think the
bet here is that we can implement the reference state machine in a very
simple way. For example, once we have added a resource and handled the
connection-intent, we should be able to send an ICMP packet through the
tunnel. I've already worked out how to pass `Transmit`s back and forth
between relay, client and gateway (see linked `snownet` tests above). If
we port that to this state machine test, we can actually exercise all
the code paths that are required to encapsulate / decapsulate those
packets whilst asserting against something simple like "packet pops out
at the other end".
Because the setup of the test is also a proptest-strategy, we can even
add the network topology as a variable by configuring the `Firewall`
(see `snownet` tests) dynamically with or without blocking rules and
thus force the entire tunnel through an (in-memory) relay.
Related: #4589.
As part of #4568, we are adding a 2nd relay which showed some
short-comings of the current process state assertions because they were
running outside the docker containers, thus listing all relays as soon
as there are multiple.
Actually parsing this got lost as part of introducing graceful shutdown
where we re-ordered when to connect to the portal. This removes a
warning from the logs which might otherwise be misleading of a problem.
Unfortunately I couldn't make it only happen once. This helps with
debugging service accounts, where DNS bugs look the same as forgetting
to enable a policy.
Closes#4657
```[tasklist]
### Before merging
- [x] Update KB
```
Maybe not a feature since Linux IPC isn't available to users yet?
I think it's okay if the new `linux-group` test fails in compatibility,
since it wasn't implemented at all back then.
Closes#4659Closes#4660
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Closes#4655
This should be more clear since "daemon", like "tunnel", could mean a
variety of things. The IPC thing is the distinct part for this
subcommand, and I didn't want to call it "server" and confuse it with a
web server. "service" hopefully evokes "systemd service" and "Windows
service", something that provides a service locally.
If not it could always be something longer
Bumps [redis](https://github.com/redis-rs/redis-rs) from 0.25.2 to
0.25.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/redis-rs/redis-rs/releases">redis's
releases</a>.</em></p>
<blockquote>
<h2>v0.25.3</h2>
<h3>0.25.3 (2024-04-04)</h3>
<ul>
<li>Handle empty results in multi-node operations (<a
href="https://redirect.github.com/redis-rs/redis-rs/pull/1099">#1099</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0db8ef7139"><code>0db8ef7</code></a>
Prepare release 0.25.3</li>
<li><a
href="0f9cb3173c"><code>0f9cb31</code></a>
Handle empty results in multi-node operations.</li>
<li>See full diff in <a
href="https://github.com/redis-rs/redis-rs/compare/redis-0.25.2...redis-0.25.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
