This call always results in an error because the GUI runs unprivileged
on both Linux and Windows now, so it can't control DNS or deactivate DNS
control. The IPC service has taken over all that, so the GUI not only
shouldn't do it, it can't do it.
<img width="568" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/ad1b861f-4f3e-453a-94b5-d6f21c9eb198">
Closes#5015.
This way if the user opens and closes the GUI without doing anything,
the Welcome screen still appears until they successfully sign in.
Previously the `ran_before` flag was set after the first GUI startup.
Tested on Windows once.
Bumps [arboard](https://github.com/1Password/arboard) from 3.3.2 to
3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/1Password/arboard/releases">arboard's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<h3>Added</h3>
<ul>
<li>Added a <code>wait_until</code> method for Linux, as a superset of
the existing <code>wait</code> functionality.
This is a helper for letting an application wait without manual timeout
handling.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Transparency in copied images now behaves better in certain Windows
apps.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated <code>image</code> to <code>0.25</code>.</li>
<li>Removed direct <code>thiserror</code> dependency.</li>
<li>Fixed Linux documentation links</li>
<li>Raised MSRV to 1.67.1</li>
<li>Reverted timeout behavior of <code>Clipboard::new()</code> on
platforms using X11. Applications are
encouraged to wrap constructor calls in their own thread/channel timeout
mechanisms instead
to make sure the behavior matches each usecase.</li>
<li>Migrated away from <code>objc</code> to the <code>objc2</code>
ecosystem for the Apple clipboard implementation.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/1Password/arboard/compare/v3.3.2...v3.4.0">https://github.com/1Password/arboard/compare/v3.3.2...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/1Password/arboard/blob/master/CHANGELOG.md">arboard's
changelog</a>.</em></p>
<blockquote>
<h2>3.4.0 on 2024-29-04</h2>
<h3>Added</h3>
<ul>
<li>Added a <code>wait_until</code> method for Linux, as a superset of
the existing <code>wait</code> functionality.
This is a helper for letting an application wait without manual timeout
handling.</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>Transparency in copied images now behaves better in certain Windows
apps.</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated <code>image</code> to <code>0.25</code>.</li>
<li>Removed direct <code>thiserror</code> dependency.</li>
<li>Fixed Linux documentation links</li>
<li>Raised MSRV to 1.67.1</li>
<li>Reverted timeout behavior of <code>Clipboard::new()</code> on
platforms using X11. Applications are
encouraged to wrap constructor calls in their own thread/channel timeout
mechanisms instead
to make sure the behavior matches each usecase.</li>
<li>Migrated away from <code>objc</code> to the <code>objc2</code>
ecosystem for the Apple clipboard implementation.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="151e679ee5"><code>151e679</code></a>
Release 3.4.0</li>
<li><a
href="610e29ba81"><code>610e29b</code></a>
Remove direct thiserror dependency</li>
<li><a
href="83740b7ab0"><code>83740b7</code></a>
Copy image as PNG file on Windows (<a
href="https://redirect.github.com/1Password/arboard/issues/141">#141</a>)</li>
<li><a
href="0bff1e07ea"><code>0bff1e0</code></a>
Use objc2 and its framework crates</li>
<li><a
href="1cca83d7e5"><code>1cca83d</code></a>
Revert "add timeout to RustConnection::connect to X11
server"</li>
<li><a
href="b4646f6c5f"><code>b4646f6</code></a>
Increase version of clipboard-win used by default</li>
<li><a
href="e2846f9288"><code>e2846f9</code></a>
Fix clippy errors</li>
<li><a
href="2f4b502508"><code>2f4b502</code></a>
Move <code>WaitConfig</code> to src/platform/linux/mod.rs, use
<code>WaitConfig</code> inside `stru...</li>
<li><a
href="6cf324cc44"><code>6cf324c</code></a>
Added <code>WaitConfig</code>, fix <code>wait_until</code> note in
docs</li>
<li><a
href="eabb191df0"><code>eabb191</code></a>
add notice for X11 in <code>SetExtLinux#wait_until</code> docs</li>
<li>Additional commits viewable in <a
href="https://github.com/1Password/arboard/compare/v3.3.2...v3.4.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Ready for review.
Closes#3712.
Supersedes #4940.
Refs #4963.
I haven't figured out if it needs any new automated tests (unit,
integration, etc.) but the code itself is ready for review. There is
more refactoring that could be done, or could be left for later.
```[tasklist]
- [x] Move wintun setup from GUI to IPC service / headless client
- [x] Make sure the device ID is in a sensible place
- [x] Export IPC service logs in the zips
- [x] Test GUI + SC IPC service on Windows (f4db808919a passed)
- [x] Make sure IPC service does not busy-loop
- [x] Test un-install checklist for Windows
- [x] Test upgrade checklist for Windows
- [x] Test GUI + systemd IPC service on Linux (c4ab7e7 passed)
- [x] Test upgrade checklist for Linux
- [x] Test un-install checklist for Linux
- [x] Make sure the IPC service logs out and deactivates DNS control if the GUI crashes
- [x] Test network changing
- [x] (it's intended behavior) ~~Look into spurious `on_update_resources` (fad86babd7)~~
- [x] ~~Test max partition time on offline laptop~~ (I ended up just setting a 30-day default in the code)
- [x] Make sure headless Client does not busy-loop
- [x] Test standalone headless on Linux
- [ ] Add unit / integration tests
- [ ] Think about security a bit #3971
```
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
The API of connlib is designed around a uni-directional dataflow where
commands flow one way and events flow the other way. By design, this
creates a system of eventual consistency: We don't exactly know when
connlib will emit an event. This is important because it gives us
flexibility in what the internals of connlib look like. It also forces
the downstream apps to be able to handle any event at any point which
avoids bugs where clients rely on a certain order that may just be an
implementation detail.
To achieve all of this, it is important that we don't introduce APIs
with return values. As soon as a function returns a value, it commits to
being able to compute this return value _synchronously_. Any refactoring
that may make the computation of the return value asynchronous is then a
breaking change.
Consequently, APIs like `handle_timeout` should never return a value.
Instead, they should queue an event that the layer above reacts to
accordingly.
This came up while working on #4994 while writing the proptests I
noticed that the precondition could panic since we don't have this check
there and would cause shrinking to fail.
This PR introduces site's `Status`. That's used to report to the client
the status, either, unknown, online or offline, mostly as a hint to
users as what's wrong with a connection.
This are the criteria for an online or offline resource
* If all sites related to a resource are offline the resource is
considered offline, since there's no gateway that can respond to that
resource's connection
* If any site is online the resource is online, since that same peer can
be used to reach that resource
* Any other case is unknown
Right now resources are single site so it doesn't matter too much but
tracking online/offline per-site instead of per-gateway or resource
seems like the better long-term solution.
The way to "find out" the site's status is:
* If a response to a connection details is offline, all sites related to
that resource must be offline otherwise there would've been a gateway in
the response
* At the point we connect to a gateway, the site that corresponds to
that gateway must be online
* When a connection to a peer stops it's considered unknown again
Fixes#4738
Bumps [base64](https://github.com/marshallpierce/rust-base64) from
0.22.0 to 0.22.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md">base64's
changelog</a>.</em></p>
<blockquote>
<h1>0.22.1</h1>
<ul>
<li>Correct the symbols used for the predefined
<code>alphabet::BIN_HEX</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e144006974"><code>e144006</code></a>
v0.22.1</li>
<li><a
href="64cca59ddb"><code>64cca59</code></a>
Merge pull request <a
href="https://redirect.github.com/marshallpierce/rust-base64/issues/271">#271</a>
from JobanSD/patch-1</li>
<li><a
href="838355e0ac"><code>838355e</code></a>
Correct BinHex 4.0 alphabet according to specifications</li>
<li><a
href="bf15ccf30a"><code>bf15ccf</code></a>
Merge pull request <a
href="https://redirect.github.com/marshallpierce/rust-base64/issues/270">#270</a>
from marshallpierce/mp/clippy</li>
<li><a
href="fc6aabee8a"><code>fc6aabe</code></a>
Appease clippy</li>
<li><a
href="9a518a2d5d"><code>9a518a2</code></a>
Merge pull request <a
href="https://redirect.github.com/marshallpierce/rust-base64/issues/267">#267</a>
from bdura/patch-1</li>
<li><a
href="d96c80f242"><code>d96c80f</code></a>
Merge branch 'marshallpierce:master' into patch-1</li>
<li><a
href="e8e4a22761"><code>e8e4a22</code></a>
docs: fix trailing ``` in mod.rs example</li>
<li>See full diff in <a
href="https://github.com/marshallpierce/rust-base64/compare/v0.22.0...v0.22.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [zip](https://github.com/zip-rs/zip2) from 0.6.6 to 1.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/releases">zip's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.3</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Remove a window when an extracted directory might be unexpectedly
listable and/or <code>cd</code>able by non-owners</li>
<li>Extract directory contents on Unix even if the directory doesn't
have write permission (<a
href="https://redirect.github.com/zip-rs/zip-old/issues/423">zip-rs/zip-old#423</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>More conditionally-unused imports</li>
</ul>
<h2>v1.2.2</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Failed to clear "writing_raw" before finishing a symlink,
leading to dropped extra fields</li>
</ul>
<h3><!-- raw HTML omitted -->⚡ Performance</h3>
<ul>
<li>Use boxed slice for archive comment, since it can't be
concatenated</li>
<li>Optimize for the fact that false signatures can't overlap with real
ones</li>
</ul>
<h2>v1.2.1</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Prevent panic when trying to read a file with an unsupported
compression method</li>
<li>Prevent panic after reading an invalid LZMA file</li>
<li>Make <code>Stored</code> the default compression method if
<code>Deflated</code> isn't available, so that zip files are readable by
as much software as possible</li>
<li>version_needed was wrong when e.g. cfg(bzip2) but current file
wasn't bzip2 (<a
href="https://redirect.github.com/zip-rs/zip2/pull/100">#100</a>)</li>
<li>file paths shouldn't start with slashes (<a
href="https://redirect.github.com/zip-rs/zip2/pull/102">#102</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Overhaul <code>impl Arbitrary for FileOptions</code></li>
<li>Remove unused <code>atomic</code> module</li>
</ul>
<h2>v1.2.0</h2>
<h3><!-- raw HTML omitted -->🚀 Features</h3>
<ul>
<li>Add method <code>decompressed_size()</code> so non-recursive ZIP
bombs can be detected</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Make <code>ZipWriter::finish()</code> consume the
<code>ZipWriter</code></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>Use panic! rather than abort to ensure the fuzz harness can process
the failure</li>
<li>Update fuzz_write to use replace_with</li>
<li>Remove a drop that can no longer be explicit</li>
<li>Add <code>#![allow(unexpected_cfgs)]</code> in nightly</li>
</ul>
<h2>v1.1.4</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Rare bug where find_and_parse would give up prematurely on detecting
a false end-of-CDR header</li>
</ul>
<h2>v1.1.3</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Alignment was previously handled incorrectly (<a
href="https://redirect.github.com/Pr0methean/zip/pull/33">#33</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md">zip's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.2...v1.2.3">1.2.3</a>
- 2024-05-10</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Remove a window when an extracted directory might be unexpectedly
listable and/or <code>cd</code>able by non-owners</li>
<li>Extract directory contents on Unix even if the directory doesn't
have write permission (<a
href="https://redirect.github.com/zip-rs/zip-old/issues/423">zip-rs/zip-old#423</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>More conditionally-unused imports</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.1...v1.2.2">1.2.2</a>
- 2024-05-09</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Failed to clear "writing_raw" before finishing a symlink,
leading to dropped extra fields</li>
</ul>
<h3><!-- raw HTML omitted -->⚡ Performance</h3>
<ul>
<li>Use boxed slice for archive comment, since it can't be
concatenated</li>
<li>Optimize for the fact that false signatures can't overlap with real
ones</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.0...v1.2.1">1.2.1</a>
- 2024-05-06</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Prevent panic when trying to read a file with an unsupported
compression method</li>
<li>Prevent panic after reading an invalid LZMA file</li>
<li>Make <code>Stored</code> the default compression method if
<code>Deflated</code> isn't available, so that zip files are readable by
as much software as possible</li>
<li>version_needed was wrong when e.g. cfg(bzip2) but current file
wasn't bzip2 (<a
href="https://redirect.github.com/zip-rs/zip2/pull/100">#100</a>)</li>
<li>file paths shouldn't start with slashes (<a
href="https://redirect.github.com/zip-rs/zip2/pull/102">#102</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Overhaul <code>impl Arbitrary for FileOptions</code></li>
<li>Remove unused <code>atomic</code> module</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.1.4...v1.2.0">1.2.0</a>
- 2024-05-06</h2>
<h3><!-- raw HTML omitted -->🚀 Features</h3>
<ul>
<li>Add method <code>decompressed_size()</code> so non-recursive ZIP
bombs can be detected</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Make <code>ZipWriter::finish()</code> consume the
<code>ZipWriter</code></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>Use panic! rather than abort to ensure the fuzz harness can process
the failure</li>
<li>Update fuzz_write to use replace_with</li>
<li>Remove a drop that can no longer be explicit</li>
<li>Add <code>#![allow(unexpected_cfgs)]</code> in nightly</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.1.3...v1.1.4">1.1.4</a>
- 2024-05-04</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Build was failing with bzip2 enabled</li>
<li>use is_dir in more places where Windows paths might be handled
incorrectly</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/zip-rs/zip2/commits/v1.2.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Not Applicable <ReactorScram@users.noreply.github.com>
Closes#4907
They're still accepted, but the binary entirely determines the behavior.
This makes the code for CLI parsing and token handling simpler with
fewer branches, so it's easier to be sure it's correct.
Replaces #4942 which isn't doing what I intended anymore.
Closes#4899
This has a known gap where theoretically the GUI could sign in while the
service is hung in startup, and then the service would wipe out the
GUI's DNS rules.
The workaround for that would be to restart the GUI, but in practice I
think the gap will not be hit, and it will go away once #3712 is done
anyway.
I tested it manually once using the reproduction steps from #4899 and it
worked.
```[tasklist]
### Before merging
- [x] Make sure the service auto-starts
- [x] Make the process idle and report its status to Windows properly using https://github.com/mullvad/windows-service-rs
- [x] DRY log dir code
- [x] Figure out where service logs will go and how the GUI will zip them
- [x] Make sure the service gets a shut down signal from Windows (this is hard to catch in the Tauri GUI)
- [x] Make sure the service restarts when Firezone is updated
- [x] Make sure the service is stopped and un-installed when Firezone is un-installed
- [x] Add test to install the MSI and check that the service runs
- [x] (will move to another PR) ~~Clean up function names~~
- [x] Make sure the Linux GUI was not broken by refactoring
```
Is this worth it?
```[tasklist]
### Before merging
- [x] Double-check docs and ask Jamil to review
- [x] Would need Brian to review the terraform thing
- [x] Make sure Docker compat isn't broken for existing users (shouldn't be, the image is still just `client`)
- [x] Decide whether compatibility tests need to pass (if something breaks after merge we can revert this)
```
Similar to #4911 if multiple times add_resource was called with the same
resource id the previous one will be overriden.
This happens when multiple subdomain resources exists this could
override the ip of a previously resolved subdomain and disallow access.
The solution is to simply keep track of every resolved subdomain.
Furthermore with the new method each subdomain could have different
expiration(nothing actually prohibit this from happening in the control
protocol and until this commit we simply discarded the latest
expiration)
Fixes a bug, wherein a resource with multiple ip, would get a single
allowed ip since each time `add_resource` was called it was replacing
the previous one.
For the fix we add all the resource ips with a single call, and then use
those multiple ips to calculate the filters.
The edge-case here is if there are 2 DNS resources with some overlapping
ips but some not overlapping: In that case, overlapping ips would get
both filters non-overlapping would only get those corresponding to its
ips.
Note that only dns resources can get multiple ips for now.
There was an error on how resource filters were deserialized in the
gateway:
* we always assumed that there would be the ports included but the
portal sends no port down when the "all" range is allowed
* also we didn't support the resource_updated message, this fixes it,
and resources allow-list can be changes in-flight
This implements traffic filtering on the gateway. Filters are set on the
portal, per-resource, in an allow-list manner.
If no filters exist for a given resource all packets are allowed,
otherwise only packets that matches port/protocol for the filters are
allowed, otherwise they are dropped.
Filters can be either TCP, UDP or ICMP. For the first 2 multiple ports
can be given. Furthermore, multiple filters can exists for the same
resource.
To be able to add and remove filters with the same IP/CIDR we keep
around the whole list of filters for any given peer using an ID map and
recalculate the IP each time something is added is removed.
This allows us to remove filters and simply recalculate the allowlist
for each IP.
Furthermore, for any IP, all rules apply, meaning if there are multiple
IPs that apply for a resource all port/protocol combinations for that IP
will apply.
This works well right now for DNS resources, since access is requested
by DNS name, then the resource for that DNS name will arrive at the
gateway, and the port filtering will apply given that resource(and any
other resource with the same IP).
However, since the client has no idea of the filters, it can't request
the resource access based on the port/protocol combination and we are
still using the most specific("longest match") IP. This will mean that
for overlapping CIDR resources, only the rules for the most specific
will be used, even if the gateway supports applying them all, since it
will not have the other resources. This will be solved in #4789.
It can also lead to some weirdness, let's say that you have 10.0.0.0/24
-> TCP/80 and 10.0.0.0/16 -> TCP/443 for your user.
The user tries to access 10.0.0.1, and will then only be allowed port
80. At some point the user might access 10.1.0.1 and it will be allowed
port 443. But from that point on, the user will be allowed to access 80
and 443 in 10.0.0.1 because the rules correctly work on the gateway, the
problem is the client side. Again, #4789 will fix this.
Left for next PRs (in tentative order!):
- #4792
- #4789
Depends on: #4773.
Resolves#2030.
Resolves#4791.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.2 to
0.12.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/releases">reqwest's
releases</a>.</em></p>
<blockquote>
<h2>v0.12.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>zstd</code> support, enabled with <code>zstd</code> Cargo
feature (thanks <a
href="https://github.com/paolobarbolini"><code>@paolobarbolini</code></a>!)</li>
<li>Add <code>ClientBuilder::read_timeout(Duration)</code>, which
applies the duration for each read operation. The timeout resets after a
successful read.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SamuelMarks"><code>@SamuelMarks</code></a>
made their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2245">seanmonstar/reqwest#2245</a></li>
</ul>
<h2>v0.12.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add <code>FromStr</code> for <code>dns::Name</code>.</li>
<li>Add <code>ClientBuilder::built_in_webpki_certs(bool)</code> to
enable them separately.</li>
<li>Add <code>ClientBuilder::built_in_native_certs(bool)</code> to
enable them separately.</li>
<li>Fix sending <code>content-length: 0</code> for GET requests.</li>
<li>Fix response body <code>content_length()</code> to return value when
timeout is configured.</li>
<li>Fix <code>ClientBuilder::resolve()</code> to use lowercase domain
names.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/zuisong"><code>@zuisong</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2207">seanmonstar/reqwest#2207</a></li>
<li><a href="https://github.com/djc"><code>@djc</code></a> made their
first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2222">seanmonstar/reqwest#2222</a></li>
<li><a href="https://github.com/krant"><code>@krant</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2226">seanmonstar/reqwest#2226</a></li>
<li><a
href="https://github.com/Kriskras99"><code>@Kriskras99</code></a> made
their first contribution in <a
href="https://redirect.github.com/seanmonstar/reqwest/pull/2236">seanmonstar/reqwest#2236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3">https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's
changelog</a>.</em></p>
<blockquote>
<h2>v0.12.4</h2>
<ul>
<li>Add <code>zstd</code> support, enabled with <code>zstd</code> Cargo
feature.</li>
<li>Add <code>ClientBuilder::read_timeout(Duration)</code>, which
applies the duration for each read operation. The timeout resets after a
successful read.</li>
</ul>
<h2>v0.12.3</h2>
<ul>
<li>Add <code>FromStr</code> for <code>dns::Name</code>.</li>
<li>Add <code>ClientBuilder::built_in_webpki_certs(bool)</code> to
enable them separately.</li>
<li>Add <code>ClientBuilder::built_in_native_certs(bool)</code> to
enable them separately.</li>
<li>Fix sending <code>content-length: 0</code> for GET requests.</li>
<li>Fix response body <code>content_length()</code> to return value when
timeout is configured.</li>
<li>Fix <code>ClientBuilder::resolve()</code> to use lowercase domain
names.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="de5dbb1ab8"><code>de5dbb1</code></a>
v0.12.4</li>
<li><a
href="0f126f57ab"><code>0f126f5</code></a>
tests: fix blocking test about empty bodies and content-length</li>
<li><a
href="107388134b"><code>1073881</code></a>
feat: add zstd support (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/1866">#1866</a>)</li>
<li><a
href="1af8945143"><code>1af8945</code></a>
feat: add ClientBuilder::read_timeout(dur) (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2241">#2241</a>)</li>
<li><a
href="e99da854a1"><code>e99da85</code></a>
refactor: fix warnings related to mutability of <code>self</code> (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2245">#2245</a>)</li>
<li><a
href="0720159f63"><code>0720159</code></a>
v0.12.3</li>
<li><a
href="92096952b7"><code>9209695</code></a>
Remove duplicate example for ClientBuilder::default_headers (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2236">#2236</a>)</li>
<li><a
href="e3a15650d6"><code>e3a1565</code></a>
fix: use lower case domain string when using <code>resolve</code> and
<code>resolve_to_addrs</code>...</li>
<li><a
href="b4c491a6ff"><code>b4c491a</code></a>
feat: allow fine-grained root certs for rustls (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2232">#2232</a>)</li>
<li><a
href="cf4295d59d"><code>cf4295d</code></a>
chore: update winreg to 0.52.0 (<a
href="https://redirect.github.com/seanmonstar/reqwest/issues/2226">#2226</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/seanmonstar/reqwest/compare/v0.12.2...v0.12.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Closes#4888
It turns out clicking on a notification in Ubuntu can cause it to call
the application, so I had to add back single-instance protection.
Windows' named pipes do this easily. For Unix domain sockets, we allow
the 2nd instance to connect to us, and then when the connection
succeeds, the 2nd instance bails out and the 1st instance bails out of
the deep link handler because it sees a 0-byte-long deep link.
So clicking on the notification does result in a 2nd instance warning
dialog, but it's better than before. I guess it makes sense why Ubuntu
does that, in case any app wants to raise their window when clicked, but
I wish they passed a well-known subcommand or something. Or just used a
normal click action.
<img width="609" alt="image"
src="https://github.com/firezone/firezone/assets/13400041/37467f57-22b0-4a38-9e74-e4863fd331b1">
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.5.6 to
0.5.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's
changelog</a>.</em></p>
<blockquote>
<h1>0.5.7</h1>
<ul>
<li>Added <code>Socket::(set_)passcred</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/506">rust-lang/socket2#506</a>).</li>
<li>Added <code>RecvFlags::is_confirm</code> and
<code>RecvFlags::is_dontroute</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/499">rust-lang/socket2#499</a>).</li>
<li>Added <code>MsgHdrMut::control_len</code>
(<a
href="https://redirect.github.com/rust-lang/socket2/pull/505">rust-lang/socket2#505</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c8146aa5bb"><code>c8146aa</code></a>
Release v0.5.7</li>
<li><a
href="8685db561c"><code>8685db5</code></a>
Use consistent language in change log</li>
<li><a
href="6923954ce0"><code>6923954</code></a>
Add test for Socket::passcred/set_passcred and fix formatting.</li>
<li><a
href="630c8a7370"><code>630c8a7</code></a>
Add Socket::passcred/set_passcred for working with SO_PASSCRED.</li>
<li><a
href="21ba6609ef"><code>21ba660</code></a>
Add MsgHdrMut::control_len to get how much of control buffer was
filled.</li>
<li><a
href="c93cdcc25f"><code>c93cdcc</code></a>
Add MSG_CONFIRM and MSG_DONTROUTE to RecvFlags</li>
<li>See full diff in <a
href="https://github.com/rust-lang/socket2/compare/v0.5.6...v0.5.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.81 to 1.0.82.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dtolnay/anyhow/releases">anyhow's
releases</a>.</em></p>
<blockquote>
<h2>1.0.82</h2>
<ul>
<li>Documentation improvements</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="074bdea1c7"><code>074bdea</code></a>
Release 1.0.82</li>
<li><a
href="47a4fbfa36"><code>47a4fbf</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/360">#360</a>
from dtolnay/docensure</li>
<li><a
href="c5af1db020"><code>c5af1db</code></a>
Make ensure's doc comment apply to the cfg(not(doc)) macro too</li>
<li><a
href="bebc7a2fe4"><code>bebc7a2</code></a>
Revert "Temporarily disable miri on doctests"</li>
<li><a
href="f2c4db9b47"><code>f2c4db9</code></a>
Update ui test suite to nightly-2024-03-31</li>
<li><a
href="028cbeedf5"><code>028cbee</code></a>
Explicitly install a Rust toolchain for cargo-outdated job</li>
<li><a
href="7a4cac5192"><code>7a4cac5</code></a>
Merge pull request <a
href="https://redirect.github.com/dtolnay/anyhow/issues/358">#358</a>
from dtolnay/workspacewrapper</li>
<li><a
href="939db012c2"><code>939db01</code></a>
Apply RUSTC_WORKSPACE_WRAPPER</li>
<li><a
href="9f84a37551"><code>9f84a37</code></a>
Temporarily disable miri on doctests</li>
<li><a
href="45e5a589e9"><code>45e5a58</code></a>
Ignore dead code lint in test</li>
<li>Additional commits viewable in <a
href="https://github.com/dtolnay/anyhow/compare/1.0.81...1.0.82">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gabi <gabrielalejandro7@gmail.com>
17ac1ebe79 looks good on both Linux and Windows
```[tasklist]
### Before merging
- [x] Allow GUI to delete IPC service logs
- [x] Test Linux
- [x] Test Windows
```
This is what I've been doing on the testing VMs to exercise the
first-run behavior.
---------
Signed-off-by: Reactor Scram <ReactorScram@users.noreply.github.com>
Closes#4819
There is a way to get them async with D-Bus. We can invest time in that
if we want. Polling works for now, it's just gonna be a slight battery
waste on laptops.
