Bumps [ring](https://github.com/briansmith/ring) from 0.17.0 to 0.17.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/briansmith/ring/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [proptest](https://github.com/proptest-rs/proptest) from 1.2.0 to
1.3.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0b4ffe8d08"><code>0b4ffe8</code></a>
[Release] 1.3.1 -- fix for incompatible bit-set/bit-vec versions (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/375">#375</a>)</li>
<li><a
href="99bdf24f8a"><code>99bdf24</code></a>
[Release] 1.3.0 (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/373">#373</a>)</li>
<li><a
href="7bfc889fea"><code>7bfc889</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/357">#357</a>
from tzemanovic/tomas/clear-break-dead-code</li>
<li><a
href="eb9db9d6c3"><code>eb9db9d</code></a>
Merge branch 'master' into tomas/clear-break-dead-code</li>
<li><a
href="370b3a031c"><code>370b3a0</code></a>
Permit use of (?-u) in byte-regex strategies (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/336">#336</a>)
(<a
href="https://redirect.github.com/proptest-rs/proptest/issues/337">#337</a>)</li>
<li><a
href="e395e8caa5"><code>e395e8c</code></a>
Add PathBuf Arbitrary impl with tests (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/368">#368</a>)</li>
<li><a
href="fcccad0f76"><code>fcccad0</code></a>
Book tips and best practices (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/367">#367</a>)</li>
<li><a
href="fc3be95ae1"><code>fc3be95</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/355">#355</a>
from tzemanovic/tomas/fix-sm-logs</li>
<li><a
href="7292965d14"><code>7292965</code></a>
Merge pull request <a
href="https://redirect.github.com/proptest-rs/proptest/issues/360">#360</a>
from psychon/remove-byteorder</li>
<li><a
href="466d59daec"><code>466d59d</code></a>
[proptest] silence clippy::arc_with_non_send_sync warning with
prop_oneof (<a
href="https://redirect.github.com/proptest-rs/proptest/issues/363">#363</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/proptest-rs/proptest/compare/v1.2.0...v1.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.20 to
0.11.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.11.21</h2>
<h2>What's Changed</h2>
<ul>
<li>Add automatically detecting macOS proxy settings.</li>
<li>Add <code>ClientBuilder::tls_info(bool)</code>, which will put
<code>tls::TlsInfo</code> into the response extensions.</li>
<li>Fix trust-dns resolver from possible hangs.</li>
<li>Fix connect timeout to be split among multiple IP addresses.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SpeedReach"><code>@SpeedReach</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1960">seanmonstar/reqwest#1960</a></li>
<li><a href="https://github.com/jefflloyd"><code>@jefflloyd</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1955">seanmonstar/reqwest#1955</a></li>
<li><a href="https://github.com/droe"><code>@droe</code></a> made their
first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1938">seanmonstar/reqwest#1938</a></li>
<li><a
href="https://github.com/conradludgate"><code>@conradludgate</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/1940">seanmonstar/reqwest#1940</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.11.22</h2>
<ul>
<li>Fix compilation on Windows when <code>trust-dns</code> is
enabled.</li>
</ul>
<h2>v0.11.21</h2>
<ul>
<li>Add automatically detecting macOS proxy settings.</li>
<li>Add <code>ClientBuilder::tls_info(bool)</code>, which will put
<code>tls::TlsInfo</code> into the response extensions.</li>
<li>Fix trust-dns resolver from possible hangs.</li>
<li>Fix connect timeout to be split among multiple IP addresses.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5df3861a73"><code>5df3861</code></a>
v0.11.22</li>
<li><a
href="afc3a9364a"><code>afc3a93</code></a>
fix trust-dns error kind on windows (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1992">#1992</a>)</li>
<li><a
href="d050e604e1"><code>d050e60</code></a>
v0.11.21</li>
<li><a
href="2a881fb504"><code>2a881fb</code></a>
fix: split connect timeout for multiple IPs (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1940">#1940</a>)</li>
<li><a
href="17c893ffc0"><code>17c893f</code></a>
Bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1968">#1968</a>)</li>
<li><a
href="10d9d23f88"><code>10d9d23</code></a>
Add <code>tls_info</code> / <code>TlsInfo</code> for access to peer's
leaf certificate (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1938">#1938</a>)</li>
<li><a
href="d3d95a5b56"><code>d3d95a5</code></a>
Optimize <code>TrustDnsResolver</code> (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1967">#1967</a>)</li>
<li><a
href="0292486aba"><code>0292486</code></a>
dep: Upgrade trust-dns-resolver from v0.22 to v0.23 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1965">#1965</a>)</li>
<li><a
href="70d100c1b8"><code>70d100c</code></a>
Feature: auto detect MacOS proxy settings (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1955">#1955</a>)</li>
<li><a
href="34f6c70134"><code>34f6c70</code></a>
Added wasm in the docs. (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1960">#1960</a>)</li>
<li>See full diff in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.11.20...v0.11.22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
What is common across all our usages of the phoenix channel is that we
wait for some kind of `init` message before we fully start-up. We
extract this pattern into a dedicated function within the
`phoenix-channel` crate.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Should be easier to review commit by commit.
The gist of this commit is:
* `onAddRoute` on Android now takes an address+prefix as to minimize
parsing
* `onAddRoute` recreates the vpn service each time(TODO: is this too bad
for performance?)
* `on_add_route` and `onAddRoute` returns the new fd
* on android after `on_add_route` we recreate `IfaceConfig` and
`DeviceIo` and we store the new values
* `peer_handler` now runs on a loop, where each time we fail a write
with an error code 9(bad descriptor) we try to take the new `DeviceIo`
* we keep an
[`AbortHandle`](https://docs.rs/tokio/latest/tokio/task/struct.AbortHandle.html)
from the `iface_handler` task, since closing the fd doesn't awake the
`read` task for `AsyncFd`(I tried it, right now `close` is only called
after dropping the fd) so we explicitly abort the task and start a new
one with the new `device_io`.
* in android `DeviceIo` has an atomic which tells if it's closed or open
and we change it to closed after `on_add_route`, we use this as to never
double-close the fd, instead we wait until it's dropped. This *might*
affect performance on android since we use non-`Ordering::Relaxed`
atomic operation each read/write but it won't affect perfromance in
other platforms, furthermore I believe the performance gains if we
remove this will be minimal.
Fixes#2227
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
fixes#2013
Stops the reconnect loop on a 4xx error.
Right now it seems like android doesn't handle `on_disconnect` properly,
just logging instead of going back to sign-in screen.
- `ubuntu-22.04-firezone` is a 16-core builder for ~~kotlin~~ and docker
- ~~`macos-13-xlarge` is an M1 builder for Apple and docker arm64~~
- Configure the Gradle build cache
- Upgrade kotlin plugins, Android minSDK to 30, and gradle to 8.4
Edit: It appears that even using the largest runners for kotin and swift
don't speed the builds up that much (~30%), but will substantially
increase our cost, so I've reverted them to free.
Fixes#2210
Copying the `rust-toolchain.toml` file in is one thing but if we want to
avoid repeatedly installing it, we should do that in the same layer too.
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
This patch-set aims to make several improvements to our CI caching:
1. Use of registry as build cache: Pushes a separate image to our docker
registry at GCP that contains the cache layers. This happens for every
PR & main. As a result, we can restore from **both** which should make
repeated runs of CI on an individual PR faster and give us a good
baseline cache for new PRs from `main`. See
https://docs.docker.com/build/ci/github-actions/cache/#registry-cache
for details. As a nice side-effect, this allows us to use the 10 GB we
have on GitHub actions for other jobs.
2. We make better use of `restore-keys` by also attempting to restore
the cache if the fingerprint of our lockfiles doesn't match. This is
useful for CI runs that upgrade dependencies. Those will restore a cache
that is still useful although doesn't quite match. That is better[^1]
than not hitting the cache at all.
3. There were two tiny bugs in our Swift and Android builds:
a. We used `rustup show` in the wrong directory and thus did not
actually install the toolchain properly.
b. We used `shared-key` instead of `key` for the
https://github.com/Swatinem/rust-cache action and thus did not
differentiate between jobs properly.
5. Our Dockerfile for Rust had a bug where it did not copy in the
`rust-toolchain.toml` file in the `chef` layer and thus also did not use
the correctly toolchain.
6. We remove the dedicated gradle cache because the build action already
comes with a cache configuration:
https://github.com/firezone/firezone/actions/runs/6416847209/job/17421412150#step:10:25
[^1]: Over time, this may mean that our caches grow a bit. In an ideal
world, we automatically remove files from the caches that haven't been
used in a while. The cache action we use for Rust does that
automatically:
https://github.com/Swatinem/rust-cache?tab=readme-ov-file#cache-details.
As a workaround, we can just purge all caches every now and then.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Fixes#2213
This will allow us to fetch the actual Firezone version that's in use
from within the language runtimes themselves without resorting to an
external mechanism to do so. This is useful in connlib for example when
selecting the Portal API to use with `X-Firezone-API-Version`, and
useful in log printing.
Since platforms enforce semantic version, I propose the convention:
`1.20231001.34` where MAJOR is `1` for Firezone 1.0, MINOR is our API
version, and PATCH is the release of that API version that is published
on the repo.
Given this system, publishing a release would consist of:
1. Edit `Makefile` to set the patch and minor versions appropriately
depending on whether there are breaking portal API changes.
2. `make version`
3. `git add .; git commit; git push` -- this opens a PR with the new
version numbers. In this PR we can discuss whether to stop-ship or go.
4. PR merged, release is drafted and deployed to staging with the new
tag and version numbers
5. build artifacts are uploaded to drafted release, everything is tagged
and versioned appropriately without having to introduce another commit
6. If all looks good, publish release
Was doing some CI work and thought I would clean up our Swift codebase a
little.
- Moves `CallbackHandler.swift` to `swift/apple` so it's subject to
style enforcement
- Adds `swift-format lint --strict` build step to catch style issues in
Xcode (and CI)
- Ran `swift-format -i` on all files to reset formatting
- Fixed any warnings found
Fixes#2157
Bumps [wintun](https://github.com/nulldotblack/wintun) from 0.3.1 to
0.3.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/nulldotblack/wintun/blob/main/CHANGELOG.md">wintun's
changelog</a>.</em></p>
<blockquote>
<h2>[0.3.2] - 2023-09-27</h2>
<h2>Added</h2>
<ul>
<li><code>Adapter::get_mtu</code>: <a
href="https://redirect.github.com/nulldotblack/wintun/pull/11">nulldotblack/wintun#11</a></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Improved formatting of errors: <a
href="https://redirect.github.com/nulldotblack/wintun/pull/11">nulldotblack/wintun#11</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/nulldotblack/wintun/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ring](https://github.com/briansmith/ring) from 0.16.20 to 0.17.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/briansmith/ring/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sha2](https://github.com/RustCrypto/hashes) from 0.10.7 to
0.10.8.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="28a7b0da94"><code>28a7b0d</code></a>
Update Cargo.lock</li>
<li><a
href="c6decdf36f"><code>c6decdf</code></a>
sha2: Add inline-asm backend for LoongArch64 targets (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/507">#507</a>)</li>
<li><a
href="026b0e81e9"><code>026b0e8</code></a>
md5: minor code tweaks, bump to v0.10.6 (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/506">#506</a>)</li>
<li><a
href="a24e8b73a6"><code>a24e8b7</code></a>
md5: Add inline-asm backend for LoongArch64 targets (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/505">#505</a>)</li>
<li><a
href="7aba4b5271"><code>7aba4b5</code></a>
Add asm!-based backend for LoongArch64 targets (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/504">#504</a>)</li>
<li><a
href="dcfd5a5016"><code>dcfd5a5</code></a>
build(deps): bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/501">#501</a>)</li>
<li><a
href="4372c776a5"><code>4372c77</code></a>
CI: replace MIPS cross tests with PPC32 (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/503">#503</a>)</li>
<li><a
href="42d3a25a4e"><code>42d3a25</code></a>
k12: fix incorrect hash calculation (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/499">#499</a>)</li>
<li><a
href="342dbfabd4"><code>342dbfa</code></a>
Update asm dependencies (<a
href="https://redirect.github.com/RustCrypto/hashes/issues/498">#498</a>)</li>
<li><a
href="59176e068a"><code>59176e0</code></a>
Update Clippy and fix lints</li>
<li>Additional commits viewable in <a
href="https://github.com/RustCrypto/hashes/compare/sha2-v0.10.7...sha2-v0.10.8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.48 to
1.0.49.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/thiserror/releases">thiserror's
releases</a>.</em></p>
<blockquote>
<h2>1.0.49</h2>
<ul>
<li>Access libcore types through <code>::core</code> in generated code
(<a
href="https://redirect.github.com/dtolnay/thiserror/issues/255">#255</a>,
thanks <a
href="https://github.com/mina86"><code>@mina86</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="54465b7475"><code>54465b7</code></a>
Release 1.0.49</li>
<li><a
href="79704adca9"><code>79704ad</code></a>
Merge pull request 255 from mina86/a</li>
<li><a
href="5bfbdaebe3"><code>5bfbdae</code></a>
Test docs.rs documentation build in CI</li>
<li><a
href="f0f303a7ba"><code>f0f303a</code></a>
Prefer core crate in macro expansions</li>
<li><a
href="435c7c819c"><code>435c7c8</code></a>
Update actions/checkout@v3 -> v4</li>
<li>See full diff in <a
href="https://github.com/dtolnay/thiserror/compare/1.0.48...1.0.49">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
These are added to provide more information to debug issues where the
`external_id` as seen by the portal changes and causes session and/or
upsert issues.
Refs #2181
At the moment, there is a lot of indirection between tunnel, session,
control planes etc. I think this is a lot easier to understand if we
don't have as many type parameters and instead, create one `Session`
type per "kind" of deployment: Clients and gateways.
This is an initial start, there is now some duplication between gateways
and clients. I'd recommend patch-by-patch review.
I originally started this to do
https://github.com/firezone/firezone/issues/2158 but that is not
possible until we have _concrete_ message types within each `Session`,
hence I am sending this PR first.
Most of this PR is moving things around in the control protocol part of
the tunnel to ease readability, there are some improvements there to do
but ideally I won't spend more time there since we will probably throw
it away when we move away from webrtc.
The most important part of this PR is the ice trickle, which should make
stablishing a connection initially much faster and in theory we can add
relays without incurring in a delay penalty there. I still need to test
and benchmark it with staging
* Removes FirezoneKit/Package.resolved -- this file was unused
* Removes `iphonesimulator` as a build target -- this is just not
supported at all with NetworkExtensions
* Update dependencies
* Rename `_SwiftUINavigationState` to `SwiftUINavigationCore` due to
update
* Removes CONNLIB_MOCK from `build-rust.sh`
* Minor cleanup of `build-rust.sh` to simplify env vars
* Fixes the below issue when building on developer machines on Xcode 15
(GH runner Xcode 15 is buggy, leaving that pinned to 14 for now):
```
= note: ld: warning: no platform load command found in '/private/var/folders/02/4nz6gzkx5wj81dkc4pf9jyyh0000gn/T/rustcRAtGnz/symbols.o', assuming: iOS
ld: building for 'iOS', but linking in dylib (/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/lib/libobjc.A.tbd) built for 'macOS macCatalyst zippered(macOS/Catalyst)'
clang: error: linker command failed with exit code 1 (use -v to see invocation)
```
Instead of using combinators or early-exiting on _success_, use `?` and
keep the data flow of the FFI function focused on the happy path.
I find code easier to read if the left-most indentation is the happy
path and any further indentations are errors that exit early from the
function.
Split from #2104
This adds logging string configuration, unifies behavior between gateway
and headless clients and some cli improvements for those.
---------
Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Splits of from #2104
Some refactoring I did for firezone/product#681 to obtain better
flamegraphs, additionally to improve performance I added a `wire` target
so we can turn off wire tracing in production and generally tried to
improve logs for easier filtering and use of structured-tracing.
---------
Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps [aes-gcm](https://github.com/RustCrypto/AEADs) from 0.10.2 to
0.10.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7e82b01cd4"><code>7e82b01</code></a>
aes-gcm v0.10.3 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/552">#552</a>)</li>
<li><a
href="b587b27270"><code>b587b27</code></a>
aes-gcm: avoid exposing plaintext on tag verification failure (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/551">#551</a>)</li>
<li><a
href="2209bcaa9e"><code>2209bca</code></a>
build(deps): bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/548">#548</a>)</li>
<li><a
href="035ec25362"><code>035ec25</code></a>
build(deps): bump ascon from 0.3.1 to 0.4.0 (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/545">#545</a>)</li>
<li><a
href="e94ba5ab9f"><code>e94ba5a</code></a>
xsalsa20poly1305: remove source code (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/543">#543</a>)</li>
<li><a
href="31240c1285"><code>31240c1</code></a>
Update Cargo.lock</li>
<li><a
href="40240c4a85"><code>40240c4</code></a>
Update Cargo.lock</li>
<li><a
href="be4ea6fd3b"><code>be4ea6f</code></a>
Update Cargo.lock</li>
<li><a
href="2aef39e90d"><code>2aef39e</code></a>
Update Clippy version (<a
href="https://redirect.github.com/RustCrypto/AEADs/issues/534">#534</a>)</li>
<li><a
href="50710da0cb"><code>50710da</code></a>
Update Cargo.lock</li>
<li>Additional commits viewable in <a
href="https://github.com/RustCrypto/AEADs/compare/aes-gcm-v0.10.2...aes-gcm-v0.10.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The various client platforms are too different in how they handle
logging. Contrary to what I suggested in the initial PR, I no longer
think that storing the guard within the session is a good idea.
For the headless client for example, we block on CTRL+C anyway and thus
can simplify have the guard stay alive for the entirety of the program.
For Apple, we can store the guard in the `WrappedSession`. For Android,
we store it in a static variable anyway.
Lastly, whilst working on the log-upload, I've encountered circular
dependencies caused by this as I would have to store more than just the
`WorkerGuard` in the `Session`.
