mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
da66264c84591c305f4533416f9306515ac26404
201 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jamil
|
da66264c84 |
Use larger builders for CPU-bound workflows (#2256)
- `ubuntu-22.04-firezone` is a 16-core builder for ~~kotlin~~ and docker - ~~`macos-13-xlarge` is an M1 builder for Apple and docker arm64~~ - Configure the Gradle build cache - Upgrade kotlin plugins, Android minSDK to 30, and gradle to 8.4 Edit: It appears that even using the largest runners for kotin and swift don't speed the builds up that much (~30%), but will substantially increase our cost, so I've reverted them to free. Fixes #2210 |
||
|
Thomas Eizinger
|
dde98f1985 |
refactor(gateway): introduce Eventloop (#2244)
|
||
|
Thomas Eizinger
|
ecae222674 |
fix(rust): install toolchain in base layer (#2258)
Copying the `rust-toolchain.toml` file in is one thing but if we want to avoid repeatedly installing it, we should do that in the same layer too. Signed-off-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Thomas Eizinger
|
9a41983447 |
ci: optimize caching further (#2246)
This patch-set aims to make several improvements to our CI caching: 1. Use of registry as build cache: Pushes a separate image to our docker registry at GCP that contains the cache layers. This happens for every PR & main. As a result, we can restore from **both** which should make repeated runs of CI on an individual PR faster and give us a good baseline cache for new PRs from `main`. See https://docs.docker.com/build/ci/github-actions/cache/#registry-cache for details. As a nice side-effect, this allows us to use the 10 GB we have on GitHub actions for other jobs. 2. We make better use of `restore-keys` by also attempting to restore the cache if the fingerprint of our lockfiles doesn't match. This is useful for CI runs that upgrade dependencies. Those will restore a cache that is still useful although doesn't quite match. That is better[^1] than not hitting the cache at all. 3. There were two tiny bugs in our Swift and Android builds: a. We used `rustup show` in the wrong directory and thus did not actually install the toolchain properly. b. We used `shared-key` instead of `key` for the https://github.com/Swatinem/rust-cache action and thus did not differentiate between jobs properly. 5. Our Dockerfile for Rust had a bug where it did not copy in the `rust-toolchain.toml` file in the `chef` layer and thus also did not use the correctly toolchain. 6. We remove the dedicated gradle cache because the build action already comes with a cache configuration: https://github.com/firezone/firezone/actions/runs/6416847209/job/17421412150#step:10:25 [^1]: Over time, this may mean that our caches grow a bit. In an ideal world, we automatically remove files from the caches that haven't been used in a while. The cache action we use for Rust does that automatically: https://github.com/Swatinem/rust-cache?tab=readme-ov-file#cache-details. As a workaround, we can just purge all caches every now and then. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
3fcfaa6bfd |
refactor(connlib): create login_url utility (#2237)
|
||
|
Jamil
|
80234f9c71 |
Github Actions cache on main and scope caches for all languages/runtimes (#2233)
|
||
|
Thomas Eizinger
|
464efbad56 | refactor(connlib): restructure directory for consistency (#2236) | ||
|
Thomas Eizinger
|
a02abcbac5 |
deps(phoenix-channel): upgrade tokio-tungstenite (#2230)
Resolves: #2200. |
||
|
Thomas Eizinger
|
05e6d31bdd | fix(connlib): don't immediately upload logs (#2231) | ||
|
Jamil
|
ff1c0b950a |
Add make version command to set version in components (#2215)
Fixes #2213 This will allow us to fetch the actual Firezone version that's in use from within the language runtimes themselves without resorting to an external mechanism to do so. This is useful in connlib for example when selecting the Portal API to use with `X-Firezone-API-Version`, and useful in log printing. Since platforms enforce semantic version, I propose the convention: `1.20231001.34` where MAJOR is `1` for Firezone 1.0, MINOR is our API version, and PATCH is the release of that API version that is published on the repo. Given this system, publishing a release would consist of: 1. Edit `Makefile` to set the patch and minor versions appropriately depending on whether there are breaking portal API changes. 2. `make version` 3. `git add .; git commit; git push` -- this opens a PR with the new version numbers. In this PR we can discuss whether to stop-ship or go. 4. PR merged, release is drafted and deployed to staging with the new tag and version numbers 5. build artifacts are uploaded to drafted release, everything is tagged and versioned appropriately without having to introduce another commit 6. If all looks good, publish release |
||
|
Jamil
|
31a20a2c8a |
feat(ci): Add swift-format to apple build (#2201)
Was doing some CI work and thought I would clean up our Swift codebase a little. - Moves `CallbackHandler.swift` to `swift/apple` so it's subject to style enforcement - Adds `swift-format lint --strict` build step to catch style issues in Xcode (and CI) - Ran `swift-format -i` on all files to reset formatting - Fixed any warnings found Fixes #2157 |
||
|
Jamil
|
cd5a57f413 |
Update tokio-tungstenite to fix webpki vuln (#2181)
Fixes https://github.com/firezone/firezone/security/dependabot/75 Fixes https://github.com/firezone/firezone/security/dependabot/72 |
||
|
dependabot[bot]
|
1e26c1cea8 |
build(deps): Bump the otel group in /rust with 1 update (#2217)
Bumps the otel group in /rust with 1 update: [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry). <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing-opentelemetry/releases">tracing-opentelemetry's releases</a>.</em></p> <blockquote> <h2>0.21.0</h2> <h3>Added</h3> <ul> <li>Ability to produce measurement with attributes (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/43">#43</a>)</li> </ul> <h3>Breaking Changes</h3> <ul> <li><code>MetricsLayer</code> is now generic over the its <code>Subscriber</code> impl to support <a href="https://docs.rs/tracing-subscriber/0.3.17/tracing_subscriber/layer/index.html#per-layer-filtering">per-layer filtering</a> (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/43">#43</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Trace IDs not matching when propagating invalid contexts (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/55">#55</a>)</li> </ul> <p>Thanks to <a href="https://github.com/ymgyt"><code>@ymgyt</code></a> and <a href="https://github.com/hdost"><code>@hdost</code></a> for contributing to this release!</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md">tracing-opentelemetry's changelog</a>.</em></p> <blockquote> <h1>0.21.0 (August 28, 2023)</h1> <h3>Added</h3> <ul> <li>Ability to produce measurement with attributes (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/43">#43</a>)</li> </ul> <h3>Breaking Changes</h3> <ul> <li><code>MetricsLayer</code> is now generic over the its <code>Subscriber</code> impl to support <a href="https://docs.rs/tracing-subscriber/0.3.17/tracing_subscriber/layer/index.html#per-layer-filtering">per-layer filtering</a> (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/43">#43</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Trace IDs not matching when propagating invalid contexts (<a href="https://redirect.github.com/tokio-rs/tracing-opentelemetry/issues/55">#55</a>)</li> </ul> <p>Thanks to <a href="https://github.com/ymgyt"><code>@ymgyt</code></a> and <a href="https://github.com/hdost"><code>@hdost</code></a> for contributing to this release!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
fb8b25a923 |
build(deps): Bump wintun from 0.3.1 to 0.3.2 in /rust (#2218)
Bumps [wintun](https://github.com/nulldotblack/wintun) from 0.3.1 to 0.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nulldotblack/wintun/blob/main/CHANGELOG.md">wintun's changelog</a>.</em></p> <blockquote> <h2>[0.3.2] - 2023-09-27</h2> <h2>Added</h2> <ul> <li><code>Adapter::get_mtu</code>: <a href="https://redirect.github.com/nulldotblack/wintun/pull/11">nulldotblack/wintun#11</a></li> </ul> <h3>Changed</h3> <ul> <li>Improved formatting of errors: <a href="https://redirect.github.com/nulldotblack/wintun/pull/11">nulldotblack/wintun#11</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/nulldotblack/wintun/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
650c24504b |
build(deps): Bump ring from 0.16.20 to 0.17.0 in /rust (#2219)
Bumps [ring](https://github.com/briansmith/ring) from 0.16.20 to 0.17.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/briansmith/ring/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
a3aa6721c0 |
build(deps): Bump sha2 from 0.10.7 to 0.10.8 in /rust (#2220)
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.10.7 to 0.10.8. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
58aa8fb060 |
build(deps): Bump thiserror from 1.0.48 to 1.0.49 in /rust (#2221)
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.48 to 1.0.49. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>1.0.49</h2> <ul> <li>Access libcore types through <code>::core</code> in generated code (<a href="https://redirect.github.com/dtolnay/thiserror/issues/255">#255</a>, thanks <a href="https://github.com/mina86"><code>@mina86</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
7e3af1e8b5 |
refactor(connlib): Add more logs to get_device_id() (#2198)
These are added to provide more information to debug issues where the `external_id` as seen by the portal changes and causes session and/or upsert issues. Refs #2181 |
||
|
Jamil
|
c4c6f3e4ca |
refactor(portal): Don't pin session token to user_agent or remote_ip (#2195)
Removing the check to get Rust PRs to pass. **Note**: #2182 was dependent on this one, and has since merged into this one. |
||
|
Jamil
|
a98f30a8dd | fix(ci): Fix flaky integration tests (#2190) | ||
|
Thomas Eizinger
|
bb9dc1aeac |
feat: upload logs to GCP on compile-time configurable interval (#2103)
Resolves: #2020. --------- Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com> |
||
|
Jamil
|
3baf2ee1bb |
feat(connlib): Wrap secrets in Secret to minimize chance of leakage (#2159)
Fixes #2085 --------- Co-authored-by: Thomas Eizinger <thomas@eizinger.io> |
||
|
Thomas Eizinger
|
0ceecc0c0e |
Duplicate Session for client and gateway (#2169)
At the moment, there is a lot of indirection between tunnel, session, control planes etc. I think this is a lot easier to understand if we don't have as many type parameters and instead, create one `Session` type per "kind" of deployment: Clients and gateways. This is an initial start, there is now some duplication between gateways and clients. I'd recommend patch-by-patch review. I originally started this to do https://github.com/firezone/firezone/issues/2158 but that is not possible until we have _concrete_ message types within each `Session`, hence I am sending this PR first. |
||
|
Gabi
|
21afdf0a9a |
feat(connlib): Ice trickle ❄️ (#2152)
Most of this PR is moving things around in the control protocol part of the tunnel to ease readability, there are some improvements there to do but ideally I won't spend more time there since we will probably throw it away when we move away from webrtc. The most important part of this PR is the ice trickle, which should make stablishing a connection initially much faster and in theory we can add relays without incurring in a delay penalty there. I still need to test and benchmark it with staging |
||
|
dependabot[bot]
|
ad3d5f00b7 |
build(deps): Bump the otel group in /rust with 5 updates (#2165)
Bumps the otel group in /rust with 5 updates: | Package | From | To | | --- | --- | --- | | [tracing-stackdriver](https://github.com/NAlexPear/tracing-stackdriver) | `0.7.2` | `0.8.0` | | [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry) | `0.19.0` | `0.20.0` | | [opentelemetry](https://github.com/open-telemetry/opentelemetry-rust) | `0.19.0` | `0.20.0` | | [opentelemetry_api](https://github.com/open-telemetry/opentelemetry-rust) | `0.19.0` | `0.20.0` | | [opentelemetry-otlp](https://github.com/open-telemetry/opentelemetry-rust) | `0.12.0` | `0.13.0` | Updates `tracing-stackdriver` from 0.7.2 to 0.8.0 <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
9cef6edfea |
refactor(connlib): Use newtype pattern for all entity UUIDs from Portal (#2164)
Wraps all UUIDs in their respective entity types. Fixes #2090 |
||
|
Thomas Eizinger
|
1dc739505b |
refactor: simplify headless-utils (#2151)
Commit-by-commit review is recommended. --------- Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Jamil
|
51241d0bc6 |
refactor(clients): Pass log filter string to Session depending on environment (#2155)
Fixes #2147 |
||
|
Jamil
|
23444ee845 |
fix(apple): Add build on macOS 13 (ci); Fix Xcode version to 14 (ci); Update deps and fix _SwiftUINavigationState reference (#2148)
* Removes FirezoneKit/Package.resolved -- this file was unused
* Removes `iphonesimulator` as a build target -- this is just not
supported at all with NetworkExtensions
* Update dependencies
* Rename `_SwiftUINavigationState` to `SwiftUINavigationCore` due to
update
* Removes CONNLIB_MOCK from `build-rust.sh`
* Minor cleanup of `build-rust.sh` to simplify env vars
* Fixes the below issue when building on developer machines on Xcode 15
(GH runner Xcode 15 is buggy, leaving that pinned to 14 for now):
```
= note: ld: warning: no platform load command found in '/private/var/folders/02/4nz6gzkx5wj81dkc4pf9jyyh0000gn/T/rustcRAtGnz/symbols.o', assuming: iOS
ld: building for 'iOS', but linking in dylib (/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/libobjc.A.tbd) built for 'macOS macCatalyst zippered(macOS/Catalyst)'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
```
|
||
|
Jamil
|
cf80f031b9 |
refactor(connlib): Track boringtun stable (#2150)
Fixes firezone/boringtun#1 |
||
|
Thomas Eizinger
|
5d6dfc0c3a |
refactor(android): prefer early-exit for error paths (#2127)
Instead of using combinators or early-exiting on _success_, use `?` and keep the data flow of the FFI function focused on the happy path. I find code easier to read if the left-most indentation is the happy path and any further indentations are errors that exit early from the function. |
||
|
Gabi
|
5a998f7373 |
connlib: add logging string configuration (#2115)
Split from #2104 This adds logging string configuration, unifies behavior between gateway and headless clients and some cli improvements for those. --------- Signed-off-by: Gabi <gabrielalejandro7@gmail.com> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Gabi
|
5d67309a71 |
connlib: refactoring tunnel for performance and readablity (#2116)
Splits of from #2104 Some refactoring I did for firezone/product#681 to obtain better flamegraphs, additionally to improve performance I added a `wire` target so we can turn off wire tracing in production and generally tried to improve logs for easier filtering and use of structured-tracing. --------- Signed-off-by: Gabi <gabrielalejandro7@gmail.com> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
dependabot[bot]
|
2e9d5c6016 |
build(deps): Bump aes-gcm from 0.10.2 to 0.10.3 in /rust (#2117)
Bumps [aes-gcm](https://github.com/RustCrypto/AEADs) from 0.10.2 to 0.10.3. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
80f71fd9da |
refactor(connlib): don't store WorkerGuard in Session (#2125)
The various client platforms are too different in how they handle logging. Contrary to what I suggested in the initial PR, I no longer think that storing the guard within the session is a good idea. For the headless client for example, we block on CTRL+C anyway and thus can simplify have the guard stay alive for the entirety of the program. For Apple, we can store the guard in the `WrappedSession`. For Android, we store it in a static variable anyway. Lastly, whilst working on the log-upload, I've encountered circular dependencies caused by this as I would have to store more than just the `WorkerGuard` in the `Session`. |
||
|
dependabot[bot]
|
183c2cc7ab |
build(deps): Bump wintun from 0.2.1 to 0.3.1 in /rust (#2129)
Bumps [wintun](https://github.com/nulldotblack/wintun) from 0.2.1 to 0.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nulldotblack/wintun/releases">wintun's releases</a>.</em></p> <blockquote> <h2>v0.3.1</h2> <h2>Added</h2> <ul> <li>Support for non 32bit x86 and arm targets in all three examples</li> </ul> <h3>Updated</h3> <ul> <li>Adapter docs</li> </ul> <h2>v0.3.0</h2> <h3>Added</h3> <ul> <li>udp-echo example which mirrors packets via the tun interface</li> <li><code>Adapter::get_name</code>, <code>Adapter::set_name</code>, and <code>Adapter::get_guid</code></li> <li><code>Adapter::set_address</code> <code>Adapter::set_gateway</code>, <code>Adapter::set_netmask</code>, or <code>Adapter::set_network_addresses_tuple</code> to set all three at once <ul> <li>Easily configure adapter address, netmask, and gateway properties to more easily control how it interacts with the Windows networking stack</li> </ul> </li> <li>And <code>Adapter::get_addresses</code>, <code>Adapter::get_gateways</code>, <code>Adapter::get_netmask_of_address</code> to read this state</li> </ul> <h3>Breaking Changes</h3> <ul> <li>Renamed <code>enum ApiError</code> -> <code>enum Error</code> and added more variants. <ul> <li>All functions returning <code>wintun::Result</code> are effected.</li> </ul> </li> <li>Removed <code>pool: &str</code> parameter from <code>Adapter::create</code> as this was removed from the wintun c library</li> <li>Changed return type of <code>Session::get_read_wait_event</code> from <code>Result<winnt::HANDLE, ()></code> to <code>Result<windows::Win32::HANDLE, wintun::Error></code></li> </ul> <p>Plus internal refactoring and cleanup by <a href="https://github.com/ssrlive"><code>@ssrlive</code></a> in <a href="https://redirect.github.com/nulldotblack/wintun/issues/7">#7</a>. Thanks!</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nulldotblack/wintun/blob/main/CHANGELOG.md">wintun's changelog</a>.</em></p> <blockquote> <h2>[0.3.1] - 2023-09-16</h2> <h2>Added</h2> <ul> <li>Support for non 32bit x86 and arm targets in all three examples</li> </ul> <h3>Updated</h3> <ul> <li>Adapter docs</li> </ul> <h2>[0.3.0] - 2023-09-15</h2> <h3>Added</h3> <ul> <li>udp-echo example which mirrors packets via the tun interface</li> <li><code>Adapter::get_name</code>, <code>Adapter::set_name</code>, and <code>Adapter::get_guid</code></li> <li><code>Adapter::set_address</code> <code>Adapter::set_gateway</code>, <code>Adapter::set_netmask</code>, or <code>Adapter::set_network_addresses_tuple</code> to set all three at once <ul> <li>Easily configure adapter address, netmask, and gateway properties to more easily control how it interacts with the Windows networking stack</li> </ul> </li> <li>And <code>Adapter::get_addresses</code>, <code>Adapter::get_gateways</code>, <code>Adapter::get_netmask_of_address</code> to read this state</li> </ul> <h3>Breaking Changes</h3> <ul> <li>Renamed <code>enum ApiError</code> -> <code>enum Error</code> and added more variants. <ul> <li>All functions returning <code>wintun::Result</code> are effected.</li> </ul> </li> <li>Removed <code>pool: &str</code> parameter from <code>Adapter::create</code> as this was removed from the wintun c library</li> <li>Changed return type of <code>Session::get_read_wait_event</code> from <code>Result<winnt::HANDLE, ()></code> to <code>Result<windows::Win32::HANDLE, wintun::Error></code></li> </ul> <p>Plus internal refactoring and cleanup by <a href="https://github.com/ssrlive"><code>@ssrlive</code></a>: <a href="https://redirect.github.com/nulldotblack/wintun/pull/7">nulldotblack/wintun#7</a>. Thanks!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
df3560bd67 |
build(deps): Bump smbios-lib from 0.9.0 to 0.9.1 in /rust (#2130)
Bumps [smbios-lib](https://github.com/jrgerber/smbios-lib) from 0.9.0 to 0.9.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jrgerber/smbios-lib/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Thomas Eizinger
|
f968dddbbf |
fix(connlib): don't unnecessarily cfg for apple (#2126)
This file type-checks and compiles just fine on my local Linux machine without the `cfg` attributes. Remove them to allow `cargo clippy --all-targets` to be more useful in local development. |
||
|
Thomas Eizinger
|
57809f20b0 |
refactor(connlib): move static LOGGING_GUARD to init_logging function (#2124)
Static variables can be declared within functions if that is their only scope. Reducing the scope of variables makes it easier to understand the code. |
||
|
dependabot[bot]
|
5e63ce0015 |
build(deps): Bump domain from 0.8.0 to 0.8.1 in /rust (#2110)
Bumps [domain](https://github.com/nlnetlabs/domain) from 0.8.0 to 0.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nlnetlabs/domain/releases">domain's releases</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's changelog</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>Released 2023-09-18</p> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2c70d54a3c |
build(deps): Bump serde_json from 1.0.106 to 1.0.107 in /rust (#2109)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.106 to 1.0.107. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.107</h2> <ul> <li>impl IntoDeserializer for &RawValue (<a href="https://redirect.github.com/serde-rs/json/issues/1071">#1071</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
caa9984b29 |
build(deps): Bump libc from 0.2.147 to 0.2.148 in /rust (#2108)
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.147 to 0.2.148. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
616cabab78 |
build(deps): Bump clap from 4.4.2 to 4.4.4 in /rust (#2107)
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.2 to 4.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.4.4</h2> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>v4.4.3</h2> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
9d93d02b48 |
deps(relay): bump to stun-codec 0.3.3 (#2088)
I've opened several PRs upstream for code that was missing in `stun-codec` for our purposes. Those have been accepted and released, so we can bump to that version now and remove that code. Related: https://github.com/sile/stun_codec/pull/14. Related: https://github.com/sile/stun_codec/pull/15. Related: https://github.com/sile/stun_codec/pull/16. Related: https://github.com/sile/stun_codec/pull/17. A big thanks to @sile for the crate and being responsive maintainer 🥳 |
||
|
Jamil
|
713c34e496 |
fix(connlib): Persist logging guard for the duration of the session (#2058)
This allows the file logger to write events as they're emitted so that
we (attempt to) capture everything for the lifetime of the session.
Sample:
```json
{"time":"2023-09-13T13:28:26.396615Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"324"},"severity":"DEBUG","message":"Attempting connection to portal..."}
{"time":"2023-09-13T13:28:26.436317Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":73,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"No cached session for DnsName(\"api.firez.one\")"}
{"time":"2023-09-13T13:28:26.43694Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":132,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Not resuming any session"}
{"time":"2023-09-13T13:28:26.446781Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":615,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Using ciphersuite TLS13_AES_256_GCM_SHA384"}
{"time":"2023-09-13T13:28:26.447046Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":142,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"Not resuming"}
{"time":"2023-09-13T13:28:26.449001Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":381,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"TLS1.3 encrypted extensions: []"}
{"time":"2023-09-13T13:28:26.449266Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":472,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"ALPN protocol is None"}
{"time":"2023-09-13T13:28:26.544357Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"327"},"severity":"WARNING","error":"PortalConnectionError(Http(Response { status: 404, version: HTTP/1.1, headers: {\"cache-control\": \"max-age=0, private, must-revalidate\", \"content-length\": \"9\", \"date\": \"Wed, 13 Sep 2023 13:28:25 GMT\", \"server\": \"Cowboy\", \"strict-transport-security\": \"max-age=63072000; includeSubDomains; preload\", \"x-request-id\": \"F4R4XmBOoVfqEVkAAAVh\", \"via\": \"1.1 google\", \"alt-svc\": \"h3=\\\":443\\\"; ma=2592000,h3-29=\\\":443\\\"; ma=2592000\", \"connection\": \"close\"}, body: Some([78, 111, 116, 32, 102, 111, 117, 110, 100]) }))","message":"Portal connection error"}
{"time":"2023-09-13T13:28:26.544838Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"330"},"severity":"WARNING","message":"Error connecting to portal, retrying in 42 seconds"}
{"time":"2023-09-13T13:28:36.087416Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:46.087297Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:53.703612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:54.709612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:56.086942Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:57.52105Z","target":"firezone_tunnel::tun","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/tunnel/src/tun_darwin.rs","line":"224"},"severity":"DEBUG","message":"MTU for utun7 is 1420"}
```
Sample log attached:
[connlib.log.zip](https://github.com/firezone/firezone/files/12598066/connlib.log.zip)
|
||
|
Thomas Eizinger
|
ae2fbc3364 |
feat(relay): respond to bad STUN message where possible (#2073)
Previously, we would only log an error if we failed to decode the attribute part of a STUN message. Now, if we can decode the STUN header but fail at one of the attributes, we will properly respond to the client. This could for example happen if a client requests a channel number that is out of range. |
||
|
dependabot[bot]
|
41b67b7082 |
build(deps): Bump socket2 from 0.5.3 to 0.5.4 in /rust (#2079)
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.5.3 to 0.5.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.5.4</h1> <ul> <li>Deprecated <code>Socket::(bind_)device_by_index</code>, replaced by <code>Socket::(bind_)device_by_index_v4</code> for IPv4 sockets (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added <code>Socket::(bind_)device_by_index_v6</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added experimental support for the ESP-IDF framework (<a href="https://redirect.github.com/rust-lang/socket2/pull/452">rust-lang/socket2#452</a>)</li> <li>Added <code>Socket::{send,recv}msg</code> and <code>MsgHdr(Mut)</code> types, wrapping <code>sendmsg(2)</code> and <code>recvmsg(2)</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/447">rust-lang/socket2#447</a>).</li> <li>Added <code>Socket::(set_)reuse_port_lb</code> to retrieve or set <code>SO_REUSEPORT_LB</code> on FreeBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/442">rust-lang/socket2#442</a>).</li> <li>Added <code>Protocol::DIVERT</code> on FreeBSD and OpenBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/448">rust-lang/socket2#448</a>).</li> <li>Add <code>Socket::protocol</code> for Windows (using <code>WSAPROTOCOL_INFOW</code>) (<a href="https://redirect.github.com/rust-lang/socket2/pull/470">rust-lang/socket2#470</a>).</li> <li><code>From<SocketAddrV{4,6}></code> for <code>SockAddr </code> nows sets <code>ss_len</code> on platforms that have the fields (most BSDs) (<a href="https://redirect.github.com/rust-lang/socket2/pull/469">rust-lang/socket2#469</a>).</li> <li>Change Windows to use <code>ADDRESS_FAMILY</code> for <code>sa_family_t</code>, this shouldn't affect anything in practice (<a href="https://redirect.github.com/rust-lang/socket2/pull/463">rust-lang/socket2#463</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/rust-lang/socket2/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
77c0c58754 |
build(deps): Bump chrono from 0.4.30 to 0.4.31 in /rust (#2078)
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.30 to 0.4.31. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.31</h2> <p>Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.</p> <h3>Deprecations</h3> <ul> <li>Deprecate <code>timestamp_nanos</code> in favor of the non-panicking <code>timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Add <code>DateTime::<Utc>::from_timestamp</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1279">#1279</a>, thanks <a href="https://github.com/demurgos"><code>@demurgos</code></a>)</li> <li>Add <code>TimeZone::timestamp_micros</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1285">#1285</a>, thanks <a href="https://github.com/emikitas"><code>@emikitas</code></a>)</li> <li>Add <code>DateTime<Tz>::timestamp_nanos_opt</code> and <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> <li>Add <code>UNIX_EPOCH</code> constants (<a href="https://redirect.github.com/chronotope/chrono/issues/1291">#1291</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Format day of month in RFC 2822 without padding (<a href="https://redirect.github.com/chronotope/chrono/issues/1272">#1272</a>)</li> <li>Don't allow strange leap seconds which are not on a minute boundary initialization methods (<a href="https://redirect.github.com/chronotope/chrono/issues/1283">#1283</a>) This makes many methods a little more strict: <ul> <li><code>NaiveTime::from_hms_milli</code></li> <li><code>NaiveTime::from_hms_milli_opt</code></li> <li><code>NaiveTime::from_hms_micro</code></li> <li><code>NaiveTime::from_hms_micro_opt</code></li> <li><code>NaiveTime::from_hms_nano</code></li> <li><code>NaiveTime::from_hms_nano_opt</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight_opt</code></li> <li><code>NaiveDate::and_hms_milli</code></li> <li><code>NaiveDate::and_hms_milli_opt</code></li> <li><code>NaiveDate::and_hms_micro</code></li> <li><code>NaiveDate::and_hms_micro_opt</code></li> <li><code>NaiveDate::and_hms_nano</code></li> <li><code>NaiveDate::and_hms_nano_opt</code></li> <li><code>NaiveDateTime::from_timestamp</code></li> <li><code>NaiveDateTime::from_timestamp_opt</code></li> <li><code>TimeZone::timestamp</code></li> <li><code>TimeZone::timestamp_opt</code></li> </ul> </li> <li>Fix underflow in <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1294">#1294</a>, thanks <a href="https://github.com/crepererum"><code>@crepererum</code></a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Add more documentation about the RFC 2822 obsolete date format (<a href="https://redirect.github.com/chronotope/chrono/issues/1267">#1267</a>)</li> </ul> <h3>Internal</h3> <ul> <li>Remove internal <code>__doctest</code> feature and <code>doc_comment</code> dependency (<a href="https://redirect.github.com/chronotope/chrono/issues/1276">#1276</a>)</li> <li>CI: Bump <code>actions/checkout</code> from 3 to 4 (<a href="https://redirect.github.com/chronotope/chrono/issues/1280">#1280</a>)</li> <li>Optimize <code>NaiveDate::add_days</code> for small values (<a href="https://redirect.github.com/chronotope/chrono/issues/1214">#1214</a>)</li> <li>Upgrade <code>pure-rust-locales</code> to 0.7.0 (<a href="https://redirect.github.com/chronotope/chrono/issues/1288">#1288</a>, thanks <a href="https://github.com/jeremija"><code>@jeremija</code></a> wo did good improvements on <code>pure-rust-locales</code>)</li> </ul> <p>Thanks to all contributors on behalf of the chrono team, <a href="https://github.com/djc"><code>@djc</code></a> and <a href="https://github.com/pitdicker"><code>@pitdicker</code></a>!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
10faffc4db |
refactor(relay): use tracing::instrument macro for spans (#2068)
|
||
|
Thomas Eizinger
|
81bc6a8f40 |
fix(relay): apply our env-filter to the trace exporter layer (#2071)
This might be the issue why we see spans that are not enabled in the `RUST_LOG` directive. |