This was causing some problems in my tests with connlib, when the client
re-created the connection and recieved the candidates before the offer
response, this *seems* like it made the client hang waiting for the
connection to happen, without failing it.
I couldn't find out why exactly the hang happens since it seems like the
remote candidates are added to the new connection and stun packets are
directed to the new connection, so it may be unrelated but I think it's
still right to clean this hashmap up.
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Closes#3567
This doesn't feel complete, but there isn't much more I can do without
changing lots of code and doing more research, and I don't want to hold
up the Windows beta for error handling that may not be used.
I'm only handling crashes, errors, and panics in the `Controller` task
since it's hard to simulate them elsewhere. Everything else like the
wintun worker thread will have to be best-effort or tested by modifying
the code temporarily.
Crashes go to stderr and and the log file, and we can get a line number
from the crash dump:
Errors go to stderr and the log file, but we don't get a line number,
because we aren't capturing the backtrace:
Panics go to stderr and the log file, but we don't even get the panic
message. I don't think I can do much about that. Tokio doesn't give us
the full `PanicInfo`, which contains the message and location (line
number). If we end up debugging a panic in prod we could bisect by
putting tighter bounds until we narrow it down.
The panic hook ends up not triggered because:
- If I don't catch the panic, the app won't close, because Tokio will
catch the panic
- If I do catch the panic, I can't call the panic hook manually, because
Tokio doesn't give me a `PanicInfo` struct. And I can't resume the
panic, because I'm still inside a Tokio task.
I don't think there's any point capturing a crash dump on panic, because
Tokio will have already stopped the panicked thread, and the backtrace
will only show the catch location.
Maybe the message would print if I changed the controller task to a
controller thread, so that panicking that thread will trigger
`tracing_panic` and then abort the process? But that's a bigger change.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Closes#3521 because now almost all of the `?` in the main loop will log
an error and not bail. This is nice for trivial things like copying a
resource when we're not signed in. (e.g. User opens the menu, the token
expires, user clicks something, it should just do nothing instead of
crashing)
Closes a long-standing TODO for moving more of the request handling code
inside `impl Controller`
In order to bind a channel to an IPv4 peer, the client must have
previously made an IPv4 allocation. The same applies to IPv6. The relay
will enforce this and reject the channel binding if that isn't the case
but we shouldn't rely on this in the client code. Instead, we should not
attempt to bind a channel if we haven't previously made an allocation
for that IP family.
We always try to make an allocation for both IPv4 and IPv6 but not every
relay may operate in a dual-socket mode. Thus, it may only return an
IPv4 or an IPv6 address.
In the `snownet` integration branch, we ran into some problems because
we actually tried to use the IPv6 relay. This doesn't work though
because the docker-compose doesn't provide an IPv6 socket to the
container and thus the relay falsely registers with the portal as having
an IPv6 address.
Internally, we only bind to a wildcard address (`0.0.0.0` and `::`)
which unfortunately, doesn't seem to fail, even if we don't have an IPv6
interface.
Initially, I thought it could be useful to keep the connection around in
case we want to do an ICE restart. We don't do that (yet) so for now,
the safer option is to just clean up all the state and let the upper
layers deal with reestablishing it.
This should hopefully fix the repeated emitting of the
`ConnectionFailed` event.
Closes#3534
I'm running it in another job in parallel. It doesn't work in release
mode for Windows reasons, and I'm not sure how to share it with the
`cargo test` jobs.
So the overall time for `ci.yml` is only 11 minutes, which seems
typical. However it is using up another CI runner unit to build the
whole Tauri app from scratch in debug mode.
```[tasklist]
- [x] Skip the WebView2 error dialog if we're in smoke-test mode
- [x] Research if there's any Github action to install WebView2 in the runner
```
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps [minidumper](https://github.com/EmbarkStudios/crash-handling) from
0.8.0 to 0.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/EmbarkStudios/crash-handling/releases">minidumper's
releases</a>.</em></p>
<blockquote>
<h2>minidumper-0.8.1</h2>
<h3>Changed</h3>
<ul>
<li><a
href="https://redirect.github.com/EmbarkStudios/crash-handling/pull/81">PR#81</a>
resolved <a
href="https://redirect.github.com/EmbarkStudios/crash-handling/issues/80">#80</a>
by updating <code>polling</code> to 0.3.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3b77c9b00d"><code>3b77c9b</code></a>
chore: Release</li>
<li><a
href="d34d00bc51"><code>d34d00b</code></a>
chore: Release</li>
<li><a
href="789c99498c"><code>789c994</code></a>
Update CHANGELOGs</li>
<li><a
href="addf1486f8"><code>addf148</code></a>
Update (<a
href="https://redirect.github.com/EmbarkStudios/crash-handling/issues/81">#81</a>)</li>
<li><a
href="16c2545f2a"><code>16c2545</code></a>
chore: Release</li>
<li><a
href="955629bab9"><code>955629b</code></a>
Update CHANGELOG</li>
<li><a
href="5e907ff389"><code>5e907ff</code></a>
Add Android support for the i686 and x86-64 targets (<a
href="https://redirect.github.com/EmbarkStudios/crash-handling/issues/76">#76</a>)</li>
<li><a
href="14bba1b81e"><code>14bba1b</code></a>
Fix using <code>crash-handler</code> under Miri (<a
href="https://redirect.github.com/EmbarkStudios/crash-handling/issues/75">#75</a>)</li>
<li>See full diff in <a
href="https://github.com/EmbarkStudios/crash-handling/compare/minidumper-0.8.0...minidumper-0.8.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes#3519
The actor name is saved in plain text in our AppData folder.
I did simple manual tests on my dev laptop:
- Restart the app, it reloads the actor name from disk
- Sign out of the app, the file is deleted from the disk
Caveats:
- If you un-install the app while signed in, the actor name will still
be there until something cleans up AppData. I don't think the MSI cleans
it up.
- If the token is present but the actor name is missing, I just treat it
as if the token was missing and make the app be signed-out, since this
will happen on dev systems until this PR has been merged for some time.
- If we try to delete the file and the file is NotFound, I just ignore
it.
Why:
* To allow syncing of users/groups/memberships from an IDP to Firezone,
a custom identify provider adapter needs to be created in the portal
codebase at this time. The custom IDP adapter created in this commit is
for Microsoft Entra.
The user is already passing us a mutable buffer so we might as well give
them a `MutableIpPacket` to allow them to further mutate it.
Extracted out of #3391.
Currently, we retry STUN bindings at a fixed interval if we don't
receive a response. This results in very noise logs if we attempt to
contact an IPv6 STUN server but don't have an IPv6 interface.
I had an idea that is quite a big deal. Instead of manually discovering
host candidates by iterating interfaces and adding all of them, we
automatically generate host candidates every time we receive traffic on
from a certain interface. Initially, you might think that this is a
catch-22: How do we generate traffic without having host candidates? The
answer is: relays!
When we initiate a new connection using `snownet`, we add a list of STUN
and TURN servers. We will immediately attempt to talk to both of them,
sending STUN bindings to the former and ALLOCATE requests to the latter.
As the replies come in, we know, which interface they have been received
on. That particular interface is an excellent `host` candidate because
we've already proven connectivity to a STUN or TURN server. In fact, for
hole-punching, we will need to send traffic via that same interface to
reach the gateway (otherwise the `srflx` candidate won't work anyway).
There is only one "edge"-case in which this doesn't work: When you want
to make a connection between a client and a gateway on the same subnet
yet without connectivity to a relay. At that point, I'd argue that your
network topology is broken anyway. If you can't talk to a relay, you
probably also cannot talk to the portal, meaning the signaling protocol
also doesn't work.
This increases our app bundle size with no real benefit. ~~I'm also
encountering an issue where the `x86` shared library is being loaded
instead of the appropriate x86_64 one, causing a crash.~~ Edit: The
crash appears to be coming from somewhere else, still investigating.
Still it would be good to remove this as the Rust dependency in the
Android build is built serially.
Closes#3531
I refactored it so that all the log-related files pull their path from
one function, so hopefully they won't skew in the future. The path could
still be wrong though. A smoke test might be able to catch that: #3534
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.152 to 0.2.153.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/libc/releases">libc's
releases</a>.</em></p>
<blockquote>
<h2>0.2.153</h2>
<h2>What's Changed</h2>
<ul>
<li>Add SOMAXCONN to vita on 0.2 (to fix std) by <a
href="https://github.com/pheki"><code>@pheki</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3552">rust-lang/libc#3552</a></li>
<li>Fix CI for v0.2 by <a
href="https://github.com/JohnTitor"><code>@JohnTitor</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3557">rust-lang/libc#3557</a></li>
<li>[Backport <a
href="https://redirect.github.com/rust-lang/libc/issues/3548">#3548</a>]
Add ioctl FS_IOC_{G,S}{ETVERSION,ETFLAGS} for LoongArch64 by <a
href="https://github.com/heiher"><code>@heiher</code></a> in <a
href="https://redirect.github.com/rust-lang/libc/pull/3570">rust-lang/libc#3570</a></li>
<li>Add MFD_NOEXEC_SEAL and MFD_EXEC by <a
href="https://github.com/rusty-snake"><code>@rusty-snake</code></a> in
<a
href="https://redirect.github.com/rust-lang/libc/pull/3553">rust-lang/libc#3553</a></li>
<li>Backport of <a
href="https://redirect.github.com/rust-lang/libc/issues/3546">#3546</a>
and update crate version to 0.2.153 by <a
href="https://github.com/GuillaumeGomez"><code>@GuillaumeGomez</code></a>
in <a
href="https://redirect.github.com/rust-lang/libc/pull/3554">rust-lang/libc#3554</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/rusty-snake"><code>@rusty-snake</code></a>
made their first contribution in <a
href="https://redirect.github.com/rust-lang/libc/pull/3553">rust-lang/libc#3553</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/rust-lang/libc/compare/0.2.152...0.2.153">https://github.com/rust-lang/libc/compare/0.2.152...0.2.153</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ccf8a3e520"><code>ccf8a3e</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3554">#3554</a>
from GuillaumeGomez/update-0.2</li>
<li><a
href="036fe2e41b"><code>036fe2e</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3553">#3553</a>
from rusty-snake/mfd-exec</li>
<li><a
href="adaec1d02f"><code>adaec1d</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3570">#3570</a>
from heiher/fs-ioctl</li>
<li><a
href="9a07431396"><code>9a07431</code></a>
Add ioctl FS_IOC_{G,S}{ETVERSION,ETFLAGS} for LoongArch64</li>
<li><a
href="3726d14766"><code>3726d14</code></a>
Update crate version to 0.2.153</li>
<li><a
href="d5d370016f"><code>d5d3700</code></a>
Ignore some android constants not found in tests</li>
<li><a
href="738f9014cc"><code>738f901</code></a>
Add missing constants for Android</li>
<li><a
href="8b68569939"><code>8b68569</code></a>
Add MFD_NOEXEC_SEAL and MFD_EXEC</li>
<li><a
href="b56e4b3490"><code>b56e4b3</code></a>
Merge pull request <a
href="https://redirect.github.com/rust-lang/libc/issues/3557">#3557</a>
from JohnTitor/fix-ci</li>
<li><a
href="941f82557a"><code>941f825</code></a>
Fix CI for v0.2</li>
<li>Additional commits viewable in <a
href="https://github.com/rust-lang/libc/compare/0.2.152...0.2.153">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [time](https://github.com/time-rs/time) from 0.3.31 to 0.3.32.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/time-rs/time/releases">time's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.32</h2>
<p>See the <a
href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">changelog</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/time-rs/time/blob/main/CHANGELOG.md">time's
changelog</a>.</em></p>
<blockquote>
<h2>0.3.32 [2024-02-01]</h2>
<h3>Added</h3>
<ul>
<li>Methods to replace the day of the year.
<ul>
<li><code>Date::replace_ordinal</code></li>
<li><code>PrimitiveDateTime::replace_ordinal</code></li>
<li><code>OffsetDateTime::replace_ordinal</code></li>
</ul>
</li>
<li>Modules to treat an <code>OffsetDateTime</code> as a Unix timestamp
with subsecond precision for serde.
<ul>
<li><code>time::serde::timestamp::milliseconds</code></li>
<li><code>time::serde::timestamp::microseconds</code></li>
<li><code>time::serde::timestamp::nanoseconds</code></li>
</ul>
</li>
</ul>
<h3>Changed</h3>
<ul>
<li><code>Duration::time_fn</code> is deprecated.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ff3255fbf0"><code>ff3255f</code></a>
v0.3.32 release</li>
<li><a
href="d3dd5c9542"><code>d3dd5c9</code></a>
Deprecate <code>Duration::time_fn</code></li>
<li><a
href="8a0dc706be"><code>8a0dc70</code></a>
Remove markdown files in favor of org-wide config</li>
<li><a
href="980878b1d1"><code>980878b</code></a>
Build docs using org-wide workflow, change audit</li>
<li><a
href="4baf6b3cdd"><code>4baf6b3</code></a>
Remove documentation of deprecated feature flag</li>
<li><a
href="be932d86ca"><code>be932d8</code></a>
Adds support to serialize and deserialize timestamps with different
resolutio...</li>
<li><a
href="bb397df38e"><code>bb397df</code></a>
Commit Cargo.lock</li>
<li><a
href="26b7c5f6bd"><code>26b7c5f</code></a>
Update alignment for <code>Parsed</code> in miri</li>
<li><a
href="6747ebe5f9"><code>6747ebe</code></a>
Update CI</li>
<li><a
href="589ff6be84"><code>589ff6b</code></a>
Update copyright year</li>
<li>Additional commits viewable in <a
href="https://github.com/time-rs/time/compare/v0.3.31...v0.3.32">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The only semantic changes are:
- Add context to Windows errors
- Refactor some `bail!`'s that could be `context`'s
The rest is updating comments:
- Add `SAFETY: TODO` for unmarked unsafe blocks
- Elaborate on existing SAFETY comments
- Close completed TODOs
- Link in Github issues for open TODOs
- Mark invariants or inter-dependencies between files that aren't
captured by tests or types yet
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Bumps
[@types/mdx](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mdx)
from 2.0.10 to 2.0.11.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mdx">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
