This patch series refactors how we handle allocations in the relay to
make it easier to forward a failure to the `Server`. Each allocation
runs in a separate task (to allow for parallelization). If the
allocation fails, this channel is automatically closed.
Previously, this would erroneously trigger a `debug_assert!`. Now, we
invoke a callback on `Server` to allow it to clean up its internal
resources for the allocation.
At the same time, we simplify the buffering around data that is destined
for a certain allocation. Instead of having an additional buffer in the
event-loop, we increase the channel size to 10. Any exceeding items will
be dropped to avoid memory growth. This means that the `Server` is never
blocked on a slow allocation.
Given that we are running on top of an unreliable protocol anyway, I'd
say this is fine.
Currently, the primary UDP socket is polled within the `Eventloop`. In
order to not block the `Server` on the readiness of the socket, we
buffer all outgoing packets in a `VecDeque`.
This isn't particularly ergonomic.
In addition, whilst implementing the IPv6 support, I ran into a
limitation with this model. In case we operate in dual-stack mode, I
need to poll two UDP sockets but it is not clear in which order they
should be polled. The solution I am going for now is to have two
separate tasks, one per IP family and have them both write into the same
channel.
In order to keep #1814 smaller, I this PR represents a pure refactoring
towards that solution.
While developing IPv6 support, I ran into a limitations with how I
designed the prometheus metrics integration. Currently, we just use the
IPv4 listen socket to server the metrics. That however no longer works
with IPv6 support because the relay may now operate in IPv6 only mode
for example.
To circumvent this, we introduce a dedicated configuration option where
the user needs to pass the socket addr for the metrics endpoint. If
omitted, the metrics won't be served at all.
I finally figured out why the smoke test script was being funny. It
turns out that the TURN client I still had lying around in the `gateway`
binary was reading from the UDP socket in the background and thus
sometimes grabbed the relayed data and wanted to interpret it as a STUN
packet.
However, for this test, the `gateway` doesn't actually need a TURN
client at all. It communicates with the relay as if it were the `client`
itself.
By modifying the script to only work on localhost, we can avoid use of a
TURN client altogether in the relay and make this script deterministic
which is a big win for our CI confidence!
Bumps [clap](https://github.com/clap-rs/clap) from 4.3.10 to 4.3.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.19</h2>
<h2>[4.3.19] - 2023-07-21</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parse)</em> Respect <code>value_terminator</code> even in the
presence of later multiple-value positional arguments</li>
</ul>
<h2>v4.3.18</h2>
<h2>[4.3.18] - 2023-07-21</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parse)</em> Suggest <code>--</code> in fewer places where it
won't work</li>
</ul>
<h2>v4.3.17</h2>
<h2>[4.3.17] - 2023-07-19</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> Address a regression in wrapping
<code>PossibleValue</code> descriptions in <code>--help</code></li>
</ul>
<h2>v4.3.16</h2>
<h2>[4.3.16] - 2023-07-18</h2>
<h3>Fixes</h3>
<ul>
<li>Don't assert when stateful value parsers fail on defaults (e.g.
checking if a path exists)</li>
</ul>
<h2>v4.3.15</h2>
<h2>[4.3.15] - 2023-07-18</h2>
<h3>Features</h3>
<ul>
<li><em>(unstable-styles)</em> Re-export <code>anstyle</code></li>
</ul>
<h3>Documentation</h3>
<ul>
<li><em>(unstable-styles)</em> Provide more examples</li>
</ul>
<h2>v4.3.14</h2>
<h2>[4.3.14] - 2023-07-17</h2>
<h3>Features</h3>
<ul>
<li><code>ArgAction::HelpShort</code> and
<code>ArgAction::HelpLong</code> for explicitly specifying which style
of help to display</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Skip <code>[OPTIONS]</code> in usage if a help or version
<code>ArgAction</code> is used</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.3.19] - 2023-07-21</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parse)</em> Respect <code>value_terminator</code> even in the
presence of later multiple-value positional arguments</li>
</ul>
<h2>[4.3.18] - 2023-07-21</h2>
<h3>Fixes</h3>
<ul>
<li><em>(parse)</em> Suggest <code>--</code> in fewer places where it
won't work</li>
</ul>
<h2>[4.3.17] - 2023-07-19</h2>
<h3>Fixes</h3>
<ul>
<li><em>(help)</em> Address a regression in wrapping
<code>PossibleValue</code> descriptions in <code>--help</code></li>
</ul>
<h2>[4.3.16] - 2023-07-18</h2>
<h3>Fixes</h3>
<ul>
<li>Don't assert when stateful value parsers fail on defaults (e.g.
checking if a path exists)</li>
</ul>
<h2>[4.3.15] - 2023-07-18</h2>
<h3>Features</h3>
<ul>
<li><em>(unstable-styles)</em> Re-export <code>anstyle</code></li>
</ul>
<h3>Documentation</h3>
<ul>
<li><em>(unstable-styles)</em> Provide more examples</li>
</ul>
<h2>[4.3.14] - 2023-07-17</h2>
<h3>Features</h3>
<ul>
<li><code>ArgAction::HelpShort</code> and
<code>ArgAction::HelpLong</code> for explicitly specifying which style
of help to display</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>Skip <code>[OPTIONS]</code> in usage if a help or version
<code>ArgAction</code> is used</li>
</ul>
<h2>[4.3.13] - 2023-07-17</h2>
<h2>[4.3.12] - 2023-07-14</h2>
<h3>Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ae5549d61f"><code>ae5549d</code></a>
chore: Release</li>
<li><a
href="4b30a2cfe1"><code>4b30a2c</code></a>
docs: Update changelog</li>
<li><a
href="5540d20286"><code>5540d20</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5037">#5037</a>
from epage/term</li>
<li><a
href="8bee728034"><code>8bee728</code></a>
fix(parser): Value terminator has higher precedence than later multiple
values</li>
<li><a
href="bdf205bff2"><code>bdf205b</code></a>
test(parser): Show one value terminator bug</li>
<li><a
href="727ca29674"><code>727ca29</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5034">#5034</a>
from epage/update</li>
<li><a
href="9856d67541"><code>9856d67</code></a>
chore: Release</li>
<li><a
href="a6267b77a7"><code>a6267b7</code></a>
docs: Update changelog</li>
<li><a
href="e82234162c"><code>e822341</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5033">#5033</a>
from epage/escape</li>
<li><a
href="0137a8be65"><code>0137a8b</code></a>
chore(complete): Update completest</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.3.10...v4.3.19">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.171 to
1.0.179.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.179</h2>
<ul>
<li>Support serialization of tuple variants inside a flattened field (<a
href="https://redirect.github.com/serde-rs/serde/issues/2448">#2448</a>,
thanks <a
href="https://github.com/Mingun"><code>@Mingun</code></a>)</li>
</ul>
<h2>v1.0.178</h2>
<ul>
<li>Fix build error when using serde with "std" feature turned
off and "unstable" feature turned on (<a
href="https://redirect.github.com/serde-rs/serde/issues/2541">#2541</a>)</li>
</ul>
<h2>v1.0.177</h2>
<ul>
<li>Add <code>serde(rename_all_fields = "...")</code>
attribute to apply a <code>rename_all</code> on every struct variant of
an enum (<a
href="https://redirect.github.com/serde-rs/serde/issues/1695">#1695</a>,
thanks <a
href="https://github.com/jplatte"><code>@jplatte</code></a>)</li>
<li>Improve diagnostics for attribute parse errors (<a
href="https://redirect.github.com/serde-rs/serde/issues/2536">#2536</a>,
thanks <a
href="https://github.com/jplatte"><code>@jplatte</code></a>)</li>
</ul>
<h2>v1.0.176</h2>
<ul>
<li>Allow tag field of an internally tagged enum to have same name as a
field inside a skipped struct variant (<a
href="https://redirect.github.com/serde-rs/serde/issues/2266">#2266</a>,
thanks <a
href="https://github.com/flisky"><code>@flisky</code></a>)</li>
</ul>
<h2>v1.0.175</h2>
<ul>
<li>Restore missing LICENSE files in serde_derive crate (<a
href="https://redirect.github.com/serde-rs/serde/issues/2527">#2527</a>,
thanks <a
href="https://github.com/ankane"><code>@ankane</code></a>)</li>
</ul>
<h2>v1.0.174</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>v1.0.173</h2>
<ul>
<li>Fix missing trait implementations when using serde derive macro on a
macro-generated data structure, such as via the <code>bitflags</code>
crate (<a
href="https://redirect.github.com/serde-rs/serde/issues/2516">#2516</a>)</li>
</ul>
<h2>v1.0.172</h2>
<ul>
<li>Experiment with precompiling the serde_derive macros to reduce build
time (<a
href="https://redirect.github.com/serde-rs/serde/issues/2514">#2514</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c2b16bfbb0"><code>c2b16bf</code></a>
Release 1.0.179</li>
<li><a
href="e7df53701c"><code>e7df537</code></a>
Resolve doc_markdown clippy lint from PR 2448</li>
<li><a
href="02c34e490b"><code>02c34e4</code></a>
Resolve redundant_field_names clippy lint from PR 2448</li>
<li><a
href="427c839b3d"><code>427c839</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2448">#2448</a>
from Mingun/ser-flatten-enums</li>
<li><a
href="48aa054f53"><code>48aa054</code></a>
Release 1.0.178</li>
<li><a
href="3616860203"><code>3616860</code></a>
Delete broken symlink from precompiled derive sources</li>
<li><a
href="861b0dfea2"><code>861b0df</code></a>
Consistently list StdError under 'Re-exports' heading of rustdoc</li>
<li><a
href="8b3d71ae2d"><code>8b3d71a</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2541">#2541</a>
from dtolnay/de-core-error</li>
<li><a
href="ff5442cd9e"><code>ff5442c</code></a>
Add no-std unstable build in CI</li>
<li><a
href="92d686f9a5"><code>92d686f</code></a>
Fix serde::de::StdError in no-std unstable build</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.171...v1.0.179">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.99 to
1.0.104.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.104</h2>
<ul>
<li>Provide IntoDeserializer impl for &serde_json::Value (<a
href="https://redirect.github.com/serde-rs/json/issues/1045">#1045</a>,
thanks <a
href="https://github.com/ZetaNumbers"><code>@ZetaNumbers</code></a>)</li>
</ul>
<h2>v1.0.103</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>v1.0.102</h2>
<ul>
<li>Add a way to customize the serialization of byte arrays (<a
href="https://redirect.github.com/serde-rs/json/issues/1039">#1039</a>)</li>
</ul>
<h2>v1.0.101</h2>
<ul>
<li>Allow f32 and f64 as keys in maps (<a
href="https://redirect.github.com/serde-rs/json/issues/1027">#1027</a>,
thanks <a
href="https://github.com/overdrivenpotato"><code>@overdrivenpotato</code></a>)</li>
</ul>
<h2>v1.0.100</h2>
<ul>
<li>Support <code>-Z minimal-versions</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab08483292"><code>ab08483</code></a>
Release 1.0.104</li>
<li><a
href="f6cc4f31a3"><code>f6cc4f3</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1045">#1045</a>
from ZetaNumbers/value-ref-into-deserializer</li>
<li><a
href="8e8db8ce0c"><code>8e8db8c</code></a>
Implement IntoDeserializer for &Value</li>
<li><a
href="8f90eacf6c"><code>8f90eac</code></a>
Delete inline attributes throughout test suite</li>
<li><a
href="54bcb4dc94"><code>54bcb4d</code></a>
Release 1.0.103</li>
<li><a
href="9c2879a848"><code>9c2879a</code></a>
Opt in to generate-link-to-definition when building on docs.rs</li>
<li><a
href="d1a07e29f2"><code>d1a07e2</code></a>
Fix rustdoc::bare_urls lint in lexical code</li>
<li><a
href="658689d36b"><code>658689d</code></a>
Release 1.0.102</li>
<li><a
href="42dbd00016"><code>42dbd00</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/json/issues/1039">#1039</a>
from dtolnay/writebytearray</li>
<li><a
href="a1ca32a5c7"><code>a1ca32a</code></a>
Factor out byte array serialization to a new Formatter method</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/json/compare/v1.0.99...v1.0.104">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [test-strategy](https://github.com/frozenlib/test-strategy) from
0.3.0 to 0.3.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="19797fdf2b"><code>19797fd</code></a>
Version 0.3.1.</li>
<li><a
href="7a2705c71d"><code>7a2705c</code></a>
Made it possible to use <code>#[proptest(dump)]</code> instead of
<code>#[proptest_dump]</code>.</li>
<li><a
href="c492d62a51"><code>c492d62</code></a>
Add docuemnt for <code>#[proptest(async = ...)]</code>.</li>
<li><a
href="839fe30cc6"><code>839fe30</code></a>
Use <code>#[cfg(test)]</code>.</li>
<li><a
href="2b57ca7262"><code>2b57ca7</code></a>
Merge pull request <a
href="https://redirect.github.com/frozenlib/test-strategy/issues/10">#10</a>
from niklaslong/clippy</li>
<li><a
href="5208cb2bfa"><code>5208cb2</code></a>
Add test for using <code>#[proptest]</code> in areas not enclosed by
<code>#[cfg(test)]</code>.</li>
<li><a
href="e258b67f9f"><code>e258b67</code></a>
Fix clippy unused field warning in proptest <code>Args</code>
structs.</li>
<li><a
href="885013160c"><code>8850131</code></a>
Update expected compile error message.</li>
<li><a
href="5198884aa1"><code>5198884</code></a>
Clippy.</li>
<li><a
href="fd49486cb2"><code>fd49486</code></a>
Support async fn test.</li>
<li>Additional commits viewable in <a
href="https://github.com/frozenlib/test-strategy/compare/v0.3.0...v0.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.71 to 1.0.72.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/anyhow/releases">anyhow's
releases</a>.</em></p>
<blockquote>
<h2>1.0.72</h2>
<ul>
<li>Documentation improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e458996b0a"><code>e458996</code></a>
Release 1.0.72</li>
<li><a
href="660fb0f068"><code>660fb0f</code></a>
Opt in to generate-link-to-definition when building on docs.rs</li>
<li><a
href="24d9166581"><code>24d9166</code></a>
Add CI job using minimal-versions</li>
<li><a
href="2c913b3078"><code>2c913b3</code></a>
Remove .clippy.toml in favor of respecting rust-version from
Cargo.toml</li>
<li><a
href="1f17666ef1"><code>1f17666</code></a>
Ignore needless_else clippy lint in test suite</li>
<li><a
href="6046674814"><code>6046674</code></a>
Show error details during miri setup in CI</li>
<li><a
href="dffcb4bf6c"><code>dffcb4b</code></a>
Revert "Temporarily disable miri CI"</li>
<li><a
href="438fec6036"><code>438fec6</code></a>
Temporarily disable miri CI</li>
<li>See full diff in <a
href="https://github.com/dtolnay/anyhow/compare/1.0.71...1.0.72">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The metrics are available at `http://{listen_addr}:8080/metrics`.
Currently, we collect the following:
- Number of active allocations: We can have an alert once the number of
allocations passes through a certain threshold.
- Outcome (success / error) and message kind (allocation / channel_bind
/ ...) of all responses: Summing all of these up would give you the
total number of requests handled. We might want to have a grafana alert
for an increased number of error responses.
- Total number of bytes relayed: Dividing this by time gives us an
average "internal" bandwidth.
This is just a start, we can explore what else is useful as we have it
operate.
Depends-On: https://github.com/firezone/firezone/pull/1743
As per discussion from the client sync,
- this removes `TunnelAddresses` in favor of simply passing the IPv4 and
IPv6 addresses as two separate strings.
- this changes `onDisconnect`'s semantics to be called _after_
disconnect instead of before.
Additionally, as per earlier discussion, errors are now passed as
strings. These errors already weren't intended to be actionable on the
client side, so the ability to handle them programmatically is
unnecessary. When internationalization is added down the road, we'll
likely replace these with error codes for looking up localized strings;
until then, this design improves diagnostics and reduces complexity.
Closes#1796Closes#1822
Addresses one of the issues raised in firezone/product#634
Previously, we were joining a `Vec` of serialized JSON objects into a
comma-separated string, which isn't valid JSON. Now the entire thing is
simply serialized, `Vec` and all.
Additionally, I've moved serialization to happen just before the FFI
boundary, which removes some indirection from connlib and will avoid a
deserialization step when writing non-FFI clients.
Brings in the changes from the Demoable build so I can start getting
feedback from users on.
---------
Co-authored-by: Roopesh Chander <roop@roopc.net>
Bumps [tokio-tungstenite](https://github.com/snapview/tokio-tungstenite)
from 0.18.0 to 0.19.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/snapview/tokio-tungstenite/blob/master/CHANGELOG.md">tokio-tungstenite's
changelog</a>.</em></p>
<blockquote>
<h1>0.19.0</h1>
<ul>
<li>Allow users to enable/disable Nagle algorithm when using
<code>connect()</code> helpers.</li>
<li>Improve the behavior of the <code>Sink</code> for the
<code>WebSocketStream</code>, so it does not return an error when it’s
not necessary (when <code>poll_flush()</code> is called on a connection
that has just been closed).</li>
<li>Workaround an issue where <code>rustls</code> TLS backend expected
domain in a certain format and reject IPv6 addresses if they contained
square brackets in them.</li>
<li>Update dependencies and remove unused errors.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d8101030ac"><code>d810103</code></a>
Update changelog and bump version</li>
<li><a
href="cb11969676"><code>cb11969</code></a>
Remove boilerplace in <code>poll_flush()</code></li>
<li><a
href="e5e8421f1b"><code>e5e8421</code></a>
Merge pull request <a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/280">#280</a>
from mjquigley/support-ipv6</li>
<li><a
href="d6f5d45e64"><code>d6f5d45</code></a>
Merge pull request <a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/281">#281</a>
from CBenoit/fix-poll-flush</li>
<li><a
href="f31c425e29"><code>f31c425</code></a>
Merge pull request <a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/279">#279</a>
from mjquigley/patch-2</li>
<li><a
href="e2e8b94e41"><code>e2e8b94</code></a>
Support IPv6 URIs with rustls</li>
<li><a
href="2c3c6419fc"><code>2c3c641</code></a>
Fix poll_flush on closed connection</li>
<li><a
href="862922ffc1"><code>862922f</code></a>
Revert tokio requirement to 1.0.0</li>
<li><a
href="8803232d81"><code>8803232</code></a>
Merge pull request <a
href="https://redirect.github.com/snapview/tokio-tungstenite/issues/277">#277</a>
from nickelc/deps/webpki</li>
<li><a
href="d447d4620f"><code>d447d46</code></a>
Removed unused <code>webpki</code> dependency</li>
<li>Additional commits viewable in <a
href="https://github.com/snapview/tokio-tungstenite/compare/v0.18.0...v0.19.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.69
to 0.1.71.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/async-trait/releases">async-trait's
releases</a>.</em></p>
<blockquote>
<h2>0.1.71</h2>
<ul>
<li>Documentation improvements</li>
</ul>
<h2>0.1.70</h2>
<p>No release notes provided.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="11dfe16292"><code>11dfe16</code></a>
Release 0.1.71</li>
<li><a
href="85172d3b7b"><code>85172d3</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/async-trait/issues/249">#249</a>
from erer1243/update-docs-lifetime</li>
<li><a
href="92acf8138a"><code>92acf81</code></a>
Update doc comments to use lifetime 'async_trait instead of 'async</li>
<li><a
href="f8ce3fb309"><code>f8ce3fb</code></a>
Release 0.1.70</li>
<li><a
href="46631ccd5c"><code>46631cc</code></a>
Eliminate syn 1 from minimal-versions</li>
<li><a
href="eb21940ebf"><code>eb21940</code></a>
Add CI job using minimal-versions</li>
<li>See full diff in <a
href="https://github.com/dtolnay/async-trait/compare/0.1.69...0.1.71">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.165 to
1.0.171.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.171</h2>
<ul>
<li>Support <code>derive(Deserialize)</code> on unit structs that have
const generics (<a
href="https://redirect.github.com/serde-rs/serde/issues/2500">#2500</a>,
thanks <a
href="https://github.com/Baptistemontan"><code>@Baptistemontan</code></a>)</li>
</ul>
<h2>v1.0.170</h2>
<ul>
<li>Produce error message on suffixed string literals inside serde
attributes (<a
href="https://redirect.github.com/serde-rs/serde/issues/2242">#2242</a>)</li>
<li>Support single identifier as unbraced default value for const
generic parameter (<a
href="https://redirect.github.com/serde-rs/serde/issues/2449">#2449</a>)</li>
</ul>
<h2>v1.0.169</h2>
<ul>
<li>Add Deserializer::deserialize_identifier support for adjacently
tagged enums (<a
href="https://redirect.github.com/serde-rs/serde/issues/2475">#2475</a>,
thanks <a
href="https://github.com/Baptistemontan"><code>@Baptistemontan</code></a>)</li>
<li>Fix unused_braces lint in generated Deserialize impl that uses
braced const generic expressions (<a
href="https://redirect.github.com/serde-rs/serde/issues/2414">#2414</a>)</li>
</ul>
<h2>v1.0.168</h2>
<ul>
<li>Allow <code>serde::de::IgnoredAny</code> to be the type for a
<code>serde(flatten)</code> field (<a
href="https://redirect.github.com/serde-rs/serde/issues/2436">#2436</a>,
thanks <a
href="https://github.com/Mingun"><code>@Mingun</code></a>)</li>
<li>Allow larger preallocated capacity for smaller elements (<a
href="https://redirect.github.com/serde-rs/serde/issues/2494">#2494</a>)</li>
</ul>
<h2>v1.0.167</h2>
<ul>
<li>Add serialize and deserialize impls for <code>RangeFrom</code> and
<code>RangeTo</code> (<a
href="https://redirect.github.com/serde-rs/serde/issues/2471">#2471</a>,
thanks <a href="https://github.com/tbu"><code>@tbu</code></a>-)</li>
</ul>
<h2>v1.0.166</h2>
<ul>
<li>Add <code>no-alloc</code> category to crates.io metadata</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="03da66c805"><code>03da66c</code></a>
Release 1.0.171</li>
<li><a
href="f75426f47e"><code>f75426f</code></a>
Inline visitor_expr of unit struct deserialize impl</li>
<li><a
href="662fc3861c"><code>662fc38</code></a>
Add test of const-generic unit struct where-clause edge case</li>
<li><a
href="28c10020b9"><code>28c1002</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2500">#2500</a>
from Baptistemontan/derive_generic_unit_struct</li>
<li><a
href="89c8d85de9"><code>89c8d85</code></a>
allow Deserialize derive to handle generic unit structs</li>
<li><a
href="6502838f27"><code>6502838</code></a>
Release 1.0.170</li>
<li><a
href="c93a0f335a"><code>c93a0f3</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2499">#2499</a>
from dtolnay/strsuffix</li>
<li><a
href="8264e002a7"><code>8264e00</code></a>
Reject suffixed string literals inside serde attrs</li>
<li><a
href="117ef22142"><code>117ef22</code></a>
Add ui test with suffixed string literals in attribute</li>
<li><a
href="3fb5e71c33"><code>3fb5e71</code></a>
Release 1.0.169</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.165...v1.0.171">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Resolvesfirezone/product#619
This additionally removes `ErrorType`:
- `on_error` is now exclusively used for recoverable errors, and no
longer has an `error_type` parameter.
- `on_disconnect` now has an optional `error` parameter, which specifies
the fatal error that caused the disconnect if relevant.
- Replaced connlib dependency to use `rust/connlib/clients/android/lib`
project
- Added `rust-android-gradle` to android project
- Set the `cargo build` target directory to
`rust/connlib/clients/android/lib/build/cargo-target`
- Moved `logger`, `session`, and `vpn` classes to their independent
packages.
- Added `SessionCallback` contract for the session callbacks.
---------
Signed-off-by: Pratik Velani <pratikvelani@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
This follows-up on the discussion in #1744 and brings connlib in line
with the callback revisions outlined in firezone/product#586
(It also adds some logging to the Apple bridge that was helpful when
testing this)
---------
Co-authored-by: Roopesh Chander <roop@roopc.net>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
This PR improves the build process for the macOS / iOS apps by building
connlib as part of the macOS / iOS app build.
Fixesfirezone/product#625.
This is how the build would work after this PR:
- `build-rust.sh` creates `libconnlib.a` for the appropriate target
triples only. lipo is not used. When creating macOS debug builds, it’s
built only for the native architecture.
- The network extension targets in the Xcode project set a library
search path as the cargo target dir, so that the Xcode build for a
target triple can pickup the appropriate `libconnlib.a` at link time.
Swift code reorganizations:
- connlib’s Adapter has moved to the main app
- connlib’s CallbackHandler’s logic has moved to Adapter, which is set
as CallbackHandler’s delegate. The CallbackHandler serves as an
interface to receive callbacks from the FFI. In case we need to change
the FFI, CallbackHandler should change as well, so it remains in the
connlib directory. In case of changes to the Rust FFI, as part of the
Rust FFI change PR, we can modify the CallbackHandler class and leave
the delegate unchanged, so that the app can continue to be built without
errors.
- `Connlib.xcodeproject` and build scripts for building
`Connlib.xcframework` are removed
- Connlib headers and Swift files are copied to
`FirezoneNetworkExtension/Connlib` as part of the build process, and
used from there.
Rust build changes:
- The rust target dir remains the same, but it’s ~~passed explicitly as
`--target-dir`~~ used to set `CARGO_TARGET_DIR`, so that the same target
dir can be used to populate Xcode’s library search paths
- The `build.rs` for connlib-apple had lots of code to build Swift code
as part of the Rust build. This PR reverts it to the previous simple
version. With this PR, building connlib-apple (i.e. running
`build-rust.sh`) only builds the Rust code.
- ~~We set `cargo:rerun-if-env-changed=CONNLIB_MOCK`.~~ We don't set
this because it's not required.
- The Rust CI job for building connlib-apple is removed. It's built when
the macOS / iOS apps are built in swift.yml. This means that with this
PR, connlib-apple is tested only when `rust/connlib/**` changes, not
when `rust/**` changes. Is that ok?
Other changes not directly related to the build process change but part
of this PR:
- There’s a cleanup script: `./cleanup.sh`
- Fixed a typo in `swift-pass-checks.yml`: “paths-ginore”
Previously, we would access the state around allocations from different
places. This actually led to a minor memory leak where we wouldn't clean
up the `allocations_by_port` table. We refactor the code slightly to
avoid this.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
With this patch, the relay exposes a `--json` and `JSON_LOG` env
variable that will activate logs in JSON format the way it is expected
by google cloud:
https://cloud.google.com/logging/docs/structured-logging
In addition, we make use of spans to record contextual information as
first-class variables that are available in the context of every
message. An example output here is:
```
{"time":"2023-07-06T19:54:42.643694430Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/main.rs","line":"156"},"severity":"INFO","message":"Seeding RNG from '0'"}
{"time":"2023-07-06T19:54:42.644408014Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/main.rs","line":"130"},"severity":"INFO","message":"Listening for incoming traffic on UDP port 3478"}
{"time":"2023-07-06T19:54:42.843247996Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/server.rs","line":"417"},"span":{"lifetime":"600","name":"allocate"},"spans":[{"sender":"127.0.0.1:46406","transaction_id":"0531a911a24d1e5297b94cb2","name":"client"},{"lifetime":"600","name":"allocate"}],"severity":"INFO","ip4RelayAddress":"127.0.0.1:65460","message":"Created new allocation"}
{"time":"2023-07-06T19:54:42.851623041Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/server.rs","line":"569"},"span":{"allocation":"AID-1","peer_address":"127.0.0.1:42314","requested_channel":"16384","name":"channel_bind"},"spans":[{"sender":"127.0.0.1:46406","transaction_id":"e99e07e482789cdc30bd2b50","name":"client"},{"allocation":"AID-1","peer_address":"127.0.0.1:42314","requested_channel":"16384","name":"channel_bind"}],"severity":"INFO","message":"Successfully bound channel"}
{"time":"2023-07-06T19:54:42.852889208Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/server.rs","line":"288"},"span":{"allocation_id":"AID-1","channel":16384,"recipient":"127.0.0.1:46406","sender":"127.0.0.1:42314","name":"peer"},"spans":[{"allocation_id":"AID-1","channel":16384,"recipient":"127.0.0.1:46406","sender":"127.0.0.1:42314","name":"peer"}],"severity":"DEBUG","message":"Relaying 32 bytes"}
{"time":"2023-07-06T19:54:42.854625857Z","target":"relay","logging.googleapis.com/sourceLocation":{"file":"relay/src/server.rs","line":"619"},"span":{"channel":"16384","recipient":"127.0.0.1:42314","name":"channel_data"},"spans":[{"sender":"127.0.0.1:46406","name":"client"},{"channel":"16384","recipient":"127.0.0.1:42314","name":"channel_data"}],"severity":"DEBUG","message":"Relaying 32 bytes"}
```
For some reason, the current `span` is always duplicated but I don't
think that is a big issue. When run using the regular log formatter, it
looks like this:
```
2023-07-06T20:02:33.939273Z INFO relay: Seeding RNG from '0'
2023-07-06T20:02:33.940153Z INFO relay: Listening for incoming traffic on UDP port 3478
2023-07-06T20:02:34.135801Z INFO client{sender=127.0.0.1:33919 transaction_id="7092a2363377709cd18b9d98"}:allocate{lifetime=600}: relay: Created new allocation ip4_relay_address=127.0.0.1:65460
2023-07-06T20:02:34.144833Z INFO client{sender=127.0.0.1:33919 transaction_id="4e1a18e58953242c92a075a3"}:channel_bind{requested_channel=16384 peer_address=127.0.0.1:47859 allocation="AID-1"}: relay: Successfully bound channel
2023-07-06T20:02:34.145501Z DEBUG peer{sender=127.0.0.1:47859 allocation_id=AID-1 recipient=127.0.0.1:33919 channel=16384}: relay: Relaying 32 bytes
2023-07-06T20:02:34.146863Z DEBUG client{sender=127.0.0.1:33919}:channel_data{channel=16384 recipient=127.0.0.1:47859}: relay: Relaying 32 bytes
```
This provides lots of contextual information in a DRY and easily
parse-able way.
---------
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Instead of having portal URL and token optional, we default the portal
URL and decide based on the presence of the token, whether we should
connect to the portal on startup. This allows the relay to be
used/tested standalone and keeps the number of config options and error
cases small.
We require the user to config the full path of the websocket and thus
avoid the need for duplicating the connlib function. Given that most
users will never need to override this option, this seems like a good
trade-off.
Resolves https://github.com/firezone/product/issues/614.
This PR fixes a bunch of small things to allow a new flow to test
clients pinging a resource within docker compose.
Masquerade/Forwarding is enabled directly in the container for now, this
might change in the future.
Also added a README to be able to run this locally.
---------
Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
With this PR the full control-plane message flow is working.
Meaning that if you do:
```
docker compose up -d
docker compose exec -it client "ping 172.20.0.2" # will fix this IP later
```
Messages start flowing to gateway. The gateway still not correctly
forwards the messages to the resource since masquerading is still not
working, although I suspect there might be an additional problem. Will
fix this in my next PR along with a README on how to test this whole
flow.
This PR also fixes how we sent the stamp secret to the gateway from the
relay, but I still see some warnings in the webrtc that I'm sure that
are due to a mismatch between how webrtc-rs and the relay handle
messages (The most important being `bind() failed: unexpected response
type`), I will take a look at that and a way to test that the flow works
when:
1. hole-punching is available
2. through relay when it's not
Since the flow right now works without hole-punching or relay since the
gateway is in the same network in the docker compose.
Resolvesfirezone/product#607
Setting the env var `CONNLIB_MOCK` when building through either
`build-rust.sh` or `gradle` will activate the `mock` feature.
- Instead of having two, very similar jobs, we run our fmt, clippy and
tests steps across all crates and operating systems.
- We remove the dependency of the android and apple builds on the tests
and thus get faster feedback.
- We force clippy to fail on any warning. This one is super important
IMO. Warnings in Rust are very useful and ignoring them can lead to bugs
(think "unused Result" etc).
Resolves#1714.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Francesca Lovebloom <franlovebloom@gmail.com>
Runs `cargo fmt` on the entire `rust/` directory. This somehow doesn't
seem to be enforced, I think that is because we changed the previous CI
to now only run for the `relay` crate.
I'd like to merge this first to avoid the diff and in a 2nd PR, we can
work on unifying CI again.
Due to a silly bash mistake (I hate bash), the error from the gateway
binary wasn't actually propagated to the script. Thus, we did not notice
that it was been broken for a while.
Attempting to fix it turned up that we were double-hexing the relay
secret and using invalid passwords for the clients.
This PR fixes `docker compose up` but it doesn't have the test client ->
resource flow working but it prevent anything from erroring at startup.
This fixes:
* tokens (use the correct token for the client user agent we are using)
* randomize `name_suffix` at start up for connlib (we will eventually
allow options to set it manually)
* remove port ranges for relay (see firezone/product#613)
This makes it possible to build the Apple/Android FFI bridges and
integrate them with their respective client apps.
---------
Signed-off-by: Francesca Lovebloom <franlovebloom@gmail.com>
Co-authored-by: Roopesh Chander <roop@roopc.net>
There are problems building the docker images in macos using musl due to
ring's problems therefore we started using slim-debian with glibc for
development.
When using `docker compose build` or any other way of building docker
images in parallel the way the cache was working with the rust's
Dockerfile made the caches between images overlap and corrupt each
other. We add a `locked` which prevents multiple writers to the same
cache to fix this behaviour.
This brindgs connlib from its own separated repo to firezone's monorepo.
On top of bringing connlib we also add and unify the Dockerfile for all
rust binaries and add a docker-compose that can run a headless client, a
relay and a gateway which eventually will test the whole flow between a
client and a resource. For this to work we also incorporated some elixir
scripts to generate portal tokens for those components.
With this PR, the relay can be configured with a WebSocket URL on startup. If given, it will attempt to connect to it and join the `relay` room with its `stamp_secret`. Once the `init` message is received, regular relay operation will begin.
Targets specified in the `rust-toolchain.toml` file are automatically installed by `rustup`. This avoid setup steps for other devs and also simplifies the CI setup.
To be able to compile native code to musl, we do need `musl-gcc` which comes with the `musl-tools` package on ubuntu.
Previously, the relay would treat the `stamp_secret` internally as bytes and share it with the outside world as hex-string. The portal however treats it as an opaque string and uses the UTF-8 bytes to create username and password.
This patch aligns the relay's functionality with the portal and stores the `stamp_secret` internally as a string.
