Bumps [redis](https://github.com/redis-rs/redis-rs) from 0.25.2 to
0.25.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/redis-rs/redis-rs/releases">redis's
releases</a>.</em></p>
<blockquote>
<h2>v0.25.3</h2>
<h3>0.25.3 (2024-04-04)</h3>
<ul>
<li>Handle empty results in multi-node operations (<a
href="https://redirect.github.com/redis-rs/redis-rs/pull/1099">#1099</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0db8ef7139"><code>0db8ef7</code></a>
Prepare release 0.25.3</li>
<li><a
href="0f9cb3173c"><code>0f9cb31</code></a>
Handle empty results in multi-node operations.</li>
<li>See full diff in <a
href="https://github.com/redis-rs/redis-rs/compare/redis-0.25.2...redis-0.25.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Closes#4385
```[tasklist]
### Manual test cases (f2c8f47b3 passed)
- [x] Given there is no token on disk, when you start the app, then there is no notification
- [x] Given there is a token on disk, when you start the app and it signs in, then there is 1 notification
- [x] Given the app is signed out, when you sign in, then there is 1 notification (test this in a sign-out-sign-in cycle)
- [x] Given the app is signed in, when you sign out, then there is no notification
- [x] Given the app is signed in, when you change Wi-Fi networks, then there is no notification
```
This will work on Linux once the Linux GUI comes up
This is another step towards #4548. The portal now includes a list of
relays as part of the "init" message. Any time we receive an "init", we
will now upsert those relays based on their ID. This requires us to
change our internal bookkeeping of relays from indexing them by address
to indexing by ID.
To ensure that this works correctly, the unit tests are rewritten to use
the new `upsert_relays` API.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Fixes#4488
```[tasklist]
# Before merging
- [x] There's one call site that won't compile on Linux. Make this cross-platform.
- [x] Does the rule get removed every time when you quit gracefully?
- [x] Will this NRPT rule prevent connlib from re-resolving the portal IP if it needs to?
- [x] Test network switching. Does this work worse, better, or the same?
- [ ] Is the Windows DNS cache flushed exactly when it needs to be?
```
- After connlib connects to the portal, we add an NRPT rule asking
Windows to send **all** DNS queries to our sentinels. This should also
be called whenever the interface is re-configured, which might change
the sentinel IPs
- When exiting gracefully, we delete the rule to restore normal DNS
behavior without having to back up and restore the other IPs
- We also delete the rule at startup so that if Firezone crashes or
misbehaves, restarting it should restore normal DNS
- We also flush the system-wide DNS cache whenever we claim different
routes. This may flush too often, and it may also miss some flushes that
we should do. It needs double-checking.
- There is still a gap when changing networks, DNS can leak there, but I
don't think it's worse than before.
Bumps [hostname](https://github.com/svartalf/hostname) from 0.3.1 to
0.4.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/svartalf/hostname/blob/master/CHANGELOG.md">hostname's
changelog</a>.</em></p>
<blockquote>
<h2>[0.4.0] - 2024-04-01</h2>
<h3>Added</h3>
<ul>
<li>CI setup now covers almost all supported Tier 1 and Tier 2 platform
targets</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Minimum Supported Rust version set to <code>1.67.0</code></li>
<li>Rust edition set to "2021"</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Handle edge cases for POSIX systems (<a
href="https://redirect.github.com/svartalf/hostname/issues/14">#14</a>)</li>
<li>docs.rs documentation build</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0e311b92ea"><code>0e311b9</code></a>
Release v0.4.0</li>
<li><a
href="e96d1fde34"><code>e96d1fd</code></a>
Updating the repo to make it usable again</li>
<li><a
href="ecf28ebbf4"><code>ecf28eb</code></a>
bump version-sync: 0.8 -> 0.9 (<a
href="https://redirect.github.com/svartalf/hostname/issues/17">#17</a>)</li>
<li><a
href="4a178ed8f4"><code>4a178ed</code></a>
Handle posix hostname edge cases (<a
href="https://redirect.github.com/svartalf/hostname/issues/14">#14</a>)</li>
<li><a
href="7e930e9aca"><code>7e930e9</code></a>
Upgrade rust edition and migrate dependices(cfg_if, windows_rs) (<a
href="https://redirect.github.com/svartalf/hostname/issues/18">#18</a>)</li>
<li>See full diff in <a
href="https://github.com/svartalf/hostname/compare/v0.3.1...v0.4.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Upon receiving a SIGTERM, we immediately disconnect from the websocket
connection to the portal and set a flag that we are shutting down.
Once we are disconnected from the portal and no longer have an active
allocations, we exit with 0. A repeated SIGTERM signal will interrupt
this process and force the relay to shutdown.
Disconnecting from the portal will (eventually) trigger a message to
clients and gateways that this relay should no longer be used. Thus,
depending on the timeout our supervisor has configured after sending
SIGTERM, the relay will continue all TURN operations until the number of
allocations drops to 0.
Currently, we also allow clients to make new allocations and refreshing
existing allocations. In the future, it may make sense to implement a
dedicated status code and refuse `ALLOCATE` and `REFRESH` messages
whilst we are shutting down.
Related: #4548.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
In a prior design of the relay and the `phoenix-channel`, connecting to
the portal was a blocking operation, i.e. we weren't meant to start the
relaying operations before the portal connection succeeded.
Since then, `phoenix-channel` got refactored to have an internal
(re)-connection mechanism, meaning we don't actually need to `.await`
anything to obtain a `PhoenixChannel` instance that we can use to
initialize the `Server`. Furthermore, we changed the health-check to
return 200 OK prior to the portal connection being established in #4553.
Taking both of these into account, there is no more need to block on the
portal connection being established, which allows us to remove the use
of `phoenix_channel::init` and connect in the background whilst we
already accept STUN & TURN traffic.
Using the recent improvements made to the test harness, we can now add a
test for `reconnect` and assert that we are indeed discovering the new
interface and signaling the ICE candidate to the other party.
Bumps [h2](https://github.com/hyperium/h2) from 0.3.25 to 0.3.26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/h2/releases">h2's
releases</a>.</em></p>
<blockquote>
<h2>v0.3.26</h2>
<h2>What's Changed</h2>
<ul>
<li>Limit number of CONTINUATION frames for misbehaving
connections.</li>
</ul>
<p>See <a
href="https://seanmonstar.com/blog/hyper-http2-continuation-flood/">https://seanmonstar.com/blog/hyper-http2-continuation-flood/</a>
for more info.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hyperium/h2/blob/v0.3.26/CHANGELOG.md">h2's
changelog</a>.</em></p>
<blockquote>
<h1>0.3.26 (April 3, 2024)</h1>
<ul>
<li>Limit number of CONTINUATION frames for misbehaving
connections.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="357127e279"><code>357127e</code></a>
v0.3.26</li>
<li><a
href="1a357aaefc"><code>1a357aa</code></a>
fix: limit number of CONTINUATION frames allowed</li>
<li><a
href="5b6c9e0da0"><code>5b6c9e0</code></a>
refactor: cleanup new unused warnings (<a
href="https://redirect.github.com/hyperium/h2/issues/757">#757</a>)</li>
<li>See full diff in <a
href="https://github.com/hyperium/h2/compare/v0.3.25...v0.3.26">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/firezone/firezone/network/alerts).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Unfortunately I had to keep `linux-client` to get the compatibility
tests to pass. #4578 aims to remove that package.
Please add to this list if you think of anything:
```[tasklist]
# Things that may break that CI/CD won't catch
- [ ] Github release artifacts
- [ ] Knowledge base
- [ ] Docker images
- [ ] Docker containers
- [ ] Existing `linux-client` users
- [ ] Anything that downloads ghcr artifacts
- [ ] Nix (Not sure if it's built in CI. It had a merge conflict)
```
Refs #4515, and #3712, #3782
I think this is what Thomas and I agreed on in Slack / Github
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
This PR adds a unit-test to `snownet` that exercises all code paths that
are required for a relayed connection to work. This includes:
- Nodes make an allocation with real credentials, nonces etc
- Nodes exchange their ICE candidates
- Nodes bind data channels on the relay
- str0m performs ICE over these data channels
- Nodes handshake a wireguard tunnel on the nominated socket
I consider this a baseline. Once merged, I want to attempt writing a
test in #4568 that asserts migration of a connection to a new relay
without the connection expiring. At some point, we can even go further
and move these tests to `firezone-tunnel` and unit-test even more things
like connection intents etc.
Run the Linux Client or firezone-client-tunnel with `--act-as-tunnel`
and it'll listen for incoming connections on a Unix Domain Socket.
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
To seamlessly migrate relayed connections when relays get re-deployed,
we will be introducing a new message from the portal that informs us
regarding relays that are shutting down and new ones that became active.
Currently, relays are scoped to a particular connection. With the
introduction of the above message, it would be unclear, how these new
relays should be added to these allow lists.
To make this simpler, we remove these allow lists and always use all
relays for all connections.
Related: #4548.
During the latest relay outage, we failed to send heartbeats to the
portal because we were busy-looping and never got to handle messages or
timers for the portal.
To mitigate this or similar bugs, we update an `Instant` every time we
send a heartbeat to the portal. In case we are actually
network-partitioned, this will cause the health-check to fail after 15
minutes. This value is the same as the partition timeout for the portal
connection itself[^1]. Very likely, we will never see a relay being
shutdown because of a failing health check in this case as it would have
already shut itself down.
An exception to this are bugs in the eventloop where we fail to interact
with the portal at all.
Resolves: #4510.
[^1]: Previously, this was unlimited.
Reducing the number of crates as outlined in #4470 would help with
detecting this sort of unused code because we could make more things
`pub(crate)` which allows the compiler to check whether code is actually
used.
Public API items are never subject to the dead-code analysis of the
compiler because they could be used by other crates.
This one is a bit tricky. Our auth scheme requires me to know the
current time as a UNIX timestamp and that I can only get from
`SystemTime` but not `Instant`. The `Server` is meant to be SANS-IO,
including the current time so technically, I would have to pass that in
as a parameter.
I ended up settling on a compromise of making the auth verification
impure and internally calling `SystemTime::now`. That results in a much
nicer API and allows us to use `Instant` for everything else, e.g.
expiry of channel bindings, allocations etc.
Resolves: #4464.
Bumps [quinn-udp](https://github.com/quinn-rs/quinn) from `a2a214b` to
`cc0d2e9`.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cc0d2e9563"><code>cc0d2e9</code></a>
Allocate Incoming response buffers as needed</li>
<li><a
href="8fbcf08424"><code>8fbcf08</code></a>
Simplify BTreeMap RangeSet min/max getters for Rust 1.66</li>
<li><a
href="10155c1c41"><code>10155c1</code></a>
Update MSRV to 1.66</li>
<li><a
href="bbf68c51ab"><code>bbf68c5</code></a>
Use hashed connection IDs by default</li>
<li><a
href="abdff8061e"><code>abdff80</code></a>
Introduce hashed connection ID generator</li>
<li><a
href="0871135ad0"><code>0871135</code></a>
Allow packets with impossible CIDs to be ignored rather than reset</li>
<li><a
href="7e8e0ad56b"><code>7e8e0ad</code></a>
Introduce InitialPacket helper struct to avoid an
<code>unreachable</code></li>
<li><a
href="c248769c5e"><code>c248769</code></a>
Remove duplicates of header fields from Incoming</li>
<li><a
href="1d32dcb275"><code>1d32dcb</code></a>
Factor Header::Initial variant out into freestanding struct</li>
<li><a
href="65bddc9018"><code>65bddc9</code></a>
refactor(endpoint): use array::from_fn instead of unsafe
MaybeUninit</li>
<li>Additional commits viewable in <a
href="a2a214b968...cc0d2e9563">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Refs #4488
Part of a yak shave:
- If Windows sees us time out, it will query other DNS servers and
probably cache their response
- If we can return SERVFAIL, I'm not sure if Windows will query other
servers or not
- In order control or even test the stub resolver's behavior, I wanted
to document it first
There's a good chance that even if Windows doesn't cache a SERVFAIL, it
will think that all DNS servers are going to give the same answer and it
will query other servers anyway. Then the problem is not with Windows
caching our response, but with apps caching Windows' response.
Anyway, I have had trouble understanding these functions before, so I
wanted to document them now that I somewhat understand them.
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
When a relay restarts, our local credentials will be invalid and no
amount of retrying can fix this.
Currently, the `Allocation` can end up in busy-looping state if:
1. The allocation would be due for a refresh
2. The relay was restarted
3. We haven't received new credentials yet because we haven't made a new
connection attempt that uses the same relay
The above was observed in #4521 and results in log-spam of:
> Invalid credentials, refusing to re-authenticate refresh
One part of the state machine correctly discards the message instead of
re-sending it. Unfortunately, the result of (1) means there is still a
timer that fires and attempts to refresh the allocation.
To stop this busy-looping behaviour, we need to invalidate the
allocation if we detect that our credentials are wrong. This will also
invalidate the candidates which will fail any connection that is
currently using this relay. This would have likely already happened
before because a relay that is restarted would have lost all channel
bindings and thus, the ICE timeout will kick-in.
Bumps [swift-bridge](https://github.com/chinedufn/swift-bridge) from
0.1.52 to 0.1.53.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chinedufn/swift-bridge/releases">swift-bridge's
releases</a>.</em></p>
<blockquote>
<h2>0.1.53</h2>
<ul>
<li>
<p>Add support for bridging
<code>Option<&OpaqueRustType></code> in <code>extern
"Rust"</code> modules. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/257">#257</a>
(thanks <a
href="https://github.com/PrismaPhonic"><code>@PrismaPhonic</code></a>)</p>
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
extern "Rust" {
type MyRustType;
<pre><code>fn my_func(arg: Option&lt;&amp;MyRustType&gt;)
-&gt; Option&lt;&amp;MyRustType&gt;;
</code></pre>
<p>}
}
</code></pre></p>
</li>
<li>
<p>Add support for bridging <code>Option<String></code> in
<code>extern "Swift"</code> args/returns and
<code>Option<&str></code> in <code>extern
"Swift"</code> args. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/264">#264</a></p>
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
extern "Swift" {
fn opt_string_function(arg: Option<String>) ->
Option<String>;
<pre><code> fn opt_str_function(arg:
Option&lt;&amp;str&gt;);
}
</code></pre>
<p>}
</code></pre></p>
</li>
<li>
<p>Improve error message when reporting an unsupported attribute <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/244">#244</a>
(thanks <a href="https://github.com/bes"><code>@bes</code></a>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="04e6abf522"><code>04e6abf</code></a>
0.1.53</li>
<li><a
href="58f4a40f96"><code>58f4a40</code></a>
Swift Option<String> and Option<&str> (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/264">#264</a>)</li>
<li><a
href="53b118d17f"><code>53b118d</code></a>
Add test cases for Option<&T> and fix rust codegen (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/257">#257</a>)</li>
<li><a
href="dd5bef56af"><code>dd5bef5</code></a>
Fix <code>improper_ctypes</code> warning (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/254">#254</a>)</li>
<li><a
href="48195b550d"><code>48195b5</code></a>
Remove unnecessary <code>.deref()</code></li>
<li><a
href="9746f311ce"><code>9746f31</code></a>
Fix typos in Vec<-->RustVec docs (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/251">#251</a>)</li>
<li><a
href="a8059a4453"><code>a8059a4</code></a>
Fix compilation source in documentation (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/250">#250</a>)</li>
<li><a
href="0614ba7d6d"><code>0614ba7</code></a>
Remove <code>Array.toUnsafeBufferPointer</code></li>
<li><a
href="d527f32316"><code>d527f32</code></a>
Improve error message for unsupported attribute (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/244">#244</a>)</li>
<li><a
href="af962ca051"><code>af962ca</code></a>
0.1.52</li>
<li>See full diff in <a
href="https://github.com/chinedufn/swift-bridge/compare/0.1.52...0.1.53">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [swift-bridge-build](https://github.com/chinedufn/swift-bridge)
from 0.1.52 to 0.1.53.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chinedufn/swift-bridge/releases">swift-bridge-build's
releases</a>.</em></p>
<blockquote>
<h2>0.1.53</h2>
<ul>
<li>
<p>Add support for bridging
<code>Option<&OpaqueRustType></code> in <code>extern
"Rust"</code> modules. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/257">#257</a>
(thanks <a
href="https://github.com/PrismaPhonic"><code>@PrismaPhonic</code></a>)</p>
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
extern "Rust" {
type MyRustType;
<pre><code>fn my_func(arg: Option&lt;&amp;MyRustType&gt;)
-&gt; Option&lt;&amp;MyRustType&gt;;
</code></pre>
<p>}
}
</code></pre></p>
</li>
<li>
<p>Add support for bridging <code>Option<String></code> in
<code>extern "Swift"</code> args/returns and
<code>Option<&str></code> in <code>extern
"Swift"</code> args. <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/264">#264</a></p>
<pre lang="rust"><code>#[swift_bridge::bridge]
mod ffi {
extern "Swift" {
fn opt_string_function(arg: Option<String>) ->
Option<String>;
<pre><code> fn opt_str_function(arg:
Option&lt;&amp;str&gt;);
}
</code></pre>
<p>}
</code></pre></p>
</li>
<li>
<p>Improve error message when reporting an unsupported attribute <a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/244">#244</a>
(thanks <a href="https://github.com/bes"><code>@bes</code></a>)</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="04e6abf522"><code>04e6abf</code></a>
0.1.53</li>
<li><a
href="58f4a40f96"><code>58f4a40</code></a>
Swift Option<String> and Option<&str> (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/264">#264</a>)</li>
<li><a
href="53b118d17f"><code>53b118d</code></a>
Add test cases for Option<&T> and fix rust codegen (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/257">#257</a>)</li>
<li><a
href="dd5bef56af"><code>dd5bef5</code></a>
Fix <code>improper_ctypes</code> warning (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/254">#254</a>)</li>
<li><a
href="48195b550d"><code>48195b5</code></a>
Remove unnecessary <code>.deref()</code></li>
<li><a
href="9746f311ce"><code>9746f31</code></a>
Fix typos in Vec<-->RustVec docs (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/251">#251</a>)</li>
<li><a
href="a8059a4453"><code>a8059a4</code></a>
Fix compilation source in documentation (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/250">#250</a>)</li>
<li><a
href="0614ba7d6d"><code>0614ba7</code></a>
Remove <code>Array.toUnsafeBufferPointer</code></li>
<li><a
href="d527f32316"><code>d527f32</code></a>
Improve error message for unsupported attribute (<a
href="https://redirect.github.com/chinedufn/swift-bridge/issues/244">#244</a>)</li>
<li><a
href="af962ca051"><code>af962ca</code></a>
0.1.52</li>
<li>See full diff in <a
href="https://github.com/chinedufn/swift-bridge/compare/0.1.52...0.1.53">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.1 to
0.12.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.12.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix missing ALPN when connecting to socks5 proxy with rustls.</li>
<li>Fix TLS version limits with rustls.</li>
<li>Fix not detected ALPN h2 from server with native-tls.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/cxw620"><code>@cxw620</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2165">seanmonstar/reqwest#2165</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.1...v0.12.2">https://github.com/seanmonstar/reqwest/compare/v0.12.1...v0.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.12.2</h2>
<ul>
<li>Fix missing ALPN when connecting to socks5 proxy with rustls.</li>
<li>Fix TLS version limits with rustls.</li>
<li>Fix not detected ALPN h2 from server with native-tls.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6768a8e818"><code>6768a8e</code></a>
v0.12.2</li>
<li><a
href="fff307bc69"><code>fff307b</code></a>
fix(connect): ALPN missed when using socks5 proxy with rustls backend
(<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2164">#2164</a>)</li>
<li><a
href="04bf45f4ec"><code>04bf45f</code></a>
fix: tls version limit for rustls (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2203">#2203</a>)</li>
<li><a
href="056f8c4ff4"><code>056f8c4</code></a>
fix(connect): not negotiate h2 when using native-tls backend (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2165">#2165</a>)</li>
<li>See full diff in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.1...v0.12.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
A wildcard match was the underlying bug fixed in #4486. Despite being a
bit annoying in some cases, I think it is worth having this lint turned
on to ensure we don't wildcard match in situations where it can have bad
consequences, like `poll` functions.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.35 to
0.4.37.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/chronotope/chrono/releases">chrono's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.37</h2>
<p>Version 0.4.36 introduced an unexpected breaking change and was
yanked. In it <code>LocalResult</code> was renamed to
<code>MappedLocalTime</code> to avoid the impression that it is a
<code>Result</code> type were some of the results are errors. For
backwards compatibility a type alias with the old name was added.</p>
<p>As it turns out there is one case where a type alias behaves
differently from the regular enum: you can't import enum variants from a
type alias with <code>use chrono::LocalResult::*</code>. With 0.4.37 we
make the new name <code>MappedLocalTime</code> the alias, but keep using
it in function signatures and the documentation as much as possible.</p>
<p>See also the release notes of <a
href="https://github.com/chronotope/chrono/releases/tag/v0.4.36">chrono
0.4.36</a> from yesterday for the yanked release.</p>
<h2>v0.4.36</h2>
<p>This release un-deprecates the methods on <code>TimeDelta</code> that
were deprecated with the 0.4.35 release because of the churn they are
causing for the ecosystem.</p>
<p>New is the <code>DateTime::with_time()</code> method. As an example
of when it is useful:</p>
<pre lang="rust"><code>use chrono::{Local, NaiveTime};
// Today at 12:00:00
let today_noon = Local::now().with_time(NaiveTime::from_hms_opt(12, 0,
0).unwrap());
</code></pre>
<h1>Additions</h1>
<ul>
<li>Add <code>DateTime::with_time()</code> (<a
href="https://redirect.github.com/chronotope/chrono/issues/1510">#1510</a>)</li>
</ul>
<h1>Deprecations</h1>
<ul>
<li>Revert <code>TimeDelta</code> deprecations (<a
href="https://redirect.github.com/chronotope/chrono/issues/1543">#1543</a>)</li>
<li>Deprecate <code>TimeStamp::timestamp_subsec_nanos</code>, which was
missed in the 0.4.35 release (<a
href="https://redirect.github.com/chronotope/chrono/issues/1486">#1486</a>)</li>
</ul>
<h1>Documentation</h1>
<ul>
<li>Correct version number of deprecation notices (<a
href="https://redirect.github.com/chronotope/chrono/issues/1486">#1486</a>)</li>
<li>Fix some typos (<a
href="https://redirect.github.com/chronotope/chrono/issues/1505">#1505</a>)</li>
<li>Slightly improve serde documentation (<a
href="https://redirect.github.com/chronotope/chrono/issues/1519">#1519</a>)</li>
<li>Main documentation: simplify links and reflow text (<a
href="https://redirect.github.com/chronotope/chrono/issues/1535">#1535</a>)</li>
</ul>
<h1>Internal</h1>
<ul>
<li>CI: Lint benchmarks (<a
href="https://redirect.github.com/chronotope/chrono/issues/1489">#1489</a>)</li>
<li>Remove unnessary <code>Copy</code> and <code>Send</code> impls (<a
href="https://redirect.github.com/chronotope/chrono/issues/1492">#1492</a>,
thanks <a
href="https://github.com/erickt"><code>@erickt</code></a>)</li>
<li>Backport streamlined <code>NaiveDate</code> unit tests (<a
href="https://redirect.github.com/chronotope/chrono/issues/1500">#1500</a>,
thanks <a
href="https://github.com/Zomtir"><code>@Zomtir</code></a>)</li>
<li>Rename <code>LocalResult</code> to <code>TzResolution</code>, add
alias (<a
href="https://redirect.github.com/chronotope/chrono/issues/1501">#1501</a>)</li>
<li>Update windows-bindgen to 0.55 (<a
href="https://redirect.github.com/chronotope/chrono/issues/1504">#1504</a>)</li>
<li>Avoid duplicate imports, which generate warnings on nightly (<a
href="https://redirect.github.com/chronotope/chrono/issues/1507">#1507</a>)</li>
<li>Add extra debug assertions to <code>NaiveDate::from_yof</code> (<a
href="https://redirect.github.com/chronotope/chrono/issues/1518">#1518</a>)</li>
<li>Some small simplifications to <code>DateTime::date_naive</code> and
<code>NaiveDate::diff_months</code> (<a
href="https://redirect.github.com/chronotope/chrono/issues/1530">#1530</a>)</li>
<li>Remove <code>unwrap</code> in Unix <code>Local</code> type (<a
href="https://redirect.github.com/chronotope/chrono/issues/1533">#1533</a>)</li>
<li>Use different method to ignore feature-dependent doctests (<a
href="https://redirect.github.com/chronotope/chrono/issues/1534">#1534</a>)</li>
</ul>
<p>Thanks to all contributors on behalf of the chrono team, <a
href="https://github.com/djc"><code>@djc</code></a> and <a
href="https://github.com/pitdicker"><code>@pitdicker</code></a>!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7d62045ec4"><code>7d62045</code></a>
Prepare 0.4.37</li>
<li><a
href="6857d00070"><code>6857d00</code></a>
Hide re-export of <code>LocalResult</code> in docs</li>
<li><a
href="9e22e48d15"><code>9e22e48</code></a>
Swap <code>MappedLocalTime</code> and <code>LocalResult</code> type
alias</li>
<li><a
href="ca3c3b6293"><code>ca3c3b6</code></a>
Prepare 0.4.36</li>
<li><a
href="1850198da9"><code>1850198</code></a>
Revert <code>TimeDelta</code> deprecations</li>
<li><a
href="e05ba8b9c2"><code>e05ba8b</code></a>
Add <code>MappedLocalTime::and_then</code></li>
<li><a
href="3adfd88ce0"><code>3adfd88</code></a>
Main documentation: simplify links and reflow text</li>
<li><a
href="1e8df65f47"><code>1e8df65</code></a>
Rustfmt doc comments</li>
<li><a
href="1b57859782"><code>1b57859</code></a>
Run doctests with <code>alloc</code> feature if possible</li>
<li><a
href="6f2c7ccabd"><code>6f2c7cc</code></a>
Use different method to run feature-dependent doctests</li>
<li>Additional commits viewable in <a
href="https://github.com/chronotope/chrono/compare/v0.4.35...v0.4.37">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This required a mid-sized refactor of the relay's eventloop. The idea is
that we can use [`mio`](https://docs.rs/mio/latest/mio/) to do the
actual IO handling instead of `tokio`. `tokio` depends on `mio`
internally but doesn't expose its primitives. Most importantly, we don't
get access to the API where we can dynamically register file descriptors
to watch for readiness.
In order to avoid allocations on the relaying hotpath, we need to listen
on a dynamic number of sockets:
1. Our client-facing socket on port 3478
2. All sockets allocated by clients
`mio` is the building block of the async tokio runtime, hence it does
not provide an async primitives. Instead, it blocks the current thread
that it is running on and feeds you events that you need to deal with.
We still need our `tokio` runtime to register timers and for
communication with the portal. To integrate the two, we spawn a
dedicated thread for `mio::Poll` and communicate with it via channels
within the `Sockets` abstraction. Thus, the `Eventloop` itself has no
idea that `mio` is used for all the network communication.
Whenever `mio` sends us an event that a socket is ready, we try to read
from that specific socket. We must read from this socket until it
returns `WouldBlock` at which point we move on to the next event.
We only register for read-readiness. If a socket is not ready for
writing, we just drop the packet.
With this design in place, we can now have a single buffer that we read
incoming packets into and dispatch it to `Server`, depending on which
port is what received on. A future refactoring could maybe even unify
these functions and let the `Server` deal with the ports internally.
Resolves: #4366.
The value returned from `poll_timeout` needs to only reset the `Sleep`
but don't need to go back to the top of the loop. Instead, we move its
polling to below the resetting of `Sleep`. This will correctly register
a waker in case we did change `Sleep`.
This `continue` causes a busy-loop and stops the relay from dealing with
the `phoenix-channel` which means the portal will eventually consider it
offline.
This was first introduced in #4455.
This is a similar fix as to #4486. I am not sure if this is / was
actively causing problems but using `continue` after _any_ ready event
is definitely more correct.
This is a low-risk change.
Within the gateway's eventloop, we MUST only return `Poll::Pending` if
`Waker`s are registered for anything that needs to happen. To ensure
that, we MUST `loop` around our the calls to `poll()` to ensure we drain
everything that is `Poll::Ready`.
Only once all sub-state machines return `Poll::Pending`, we can return
`Poll::Pending`.
This is much more robust than the previous implementation because we now
go through all allocations and channels every time we get a
`handle_timeout` and clean up everything that is expired.
Resolves: #4095.
