mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-03-21 18:41:38 +00:00
c6ec7ab2db6985b735a75b91f6a6fc0f4de00a0a
162 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
5e63ce0015 |
build(deps): Bump domain from 0.8.0 to 0.8.1 in /rust (#2110)
Bumps [domain](https://github.com/nlnetlabs/domain) from 0.8.0 to 0.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nlnetlabs/domain/releases">domain's releases</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/NLnetLabs/domain/blob/main/Changelog.md">domain's changelog</a>.</em></p> <blockquote> <h2>0.8.1</h2> <p>Released 2023-09-18</p> <p>New</p> <ul> <li>Added a new method <code>FoundSrvs::into_srvs</code> that converts the value into an iterator over the found SRV records without resolving them further. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a> by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]); this was added in 0.7.2 but missing in 0.8.0)</li> <li>Added impl of <code>Borrow<Dname<[u8]>></code> and <code>AsRef<Dname<[u8]>></code> for <code>Dname<_></code>. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a> by [<a href="https://github.com/iximeow"><code>@iximeow</code></a>}], <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>)</li> <li>Added <code>Dname::fmt_with_dot</code> that can be used when wanting to display a domain name with a dot at the end. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> </ul> <p>Bug Fixes</p> <ul> <li>Fixed trait bounds on <code>FoundSrvs::into_stream</code> to make it usable again. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>, [#214 by [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]]; this was fixed in 0.7.2 but missing in 0.8.0)</li> <li>Fixed scanning of domain names that are just the root label. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>)</li> <li>Fixed <code>util::base64::SymbolConverter</code> to also include the final group in the output if there is padding. (<a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>)</li> </ul> <p><a href="https://redirect.github.com/nlnetlabs/domain/issues/174">#174</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/174">NLnetLabs/domain#174</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/210">#210</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/210">NLnetLabs/domain#210</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/212">#212</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/212">NLnetLabs/domain#212</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/214">#214</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/214">NLnetLabs/domain#214</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/219">#219</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/219">NLnetLabs/domain#219</a> <a href="https://redirect.github.com/nlnetlabs/domain/issues/225">#225</a>: <a href="https://redirect.github.com/NLnetLabs/domain/pull/225">NLnetLabs/domain#225</a> [<a href="https://github.com/iximeow"><code>@iximeow</code></a>]: <a href="https://github.com/iximeow">https://github.com/iximeow</a> [<a href="https://github.com/WhyNotHugo"><code>@WhyNotHugo</code></a>]: <a href="https://github.com/WhyNotHugo">https://github.com/WhyNotHugo</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2c70d54a3c |
build(deps): Bump serde_json from 1.0.106 to 1.0.107 in /rust (#2109)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.106 to 1.0.107. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.107</h2> <ul> <li>impl IntoDeserializer for &RawValue (<a href="https://redirect.github.com/serde-rs/json/issues/1071">#1071</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
caa9984b29 |
build(deps): Bump libc from 0.2.147 to 0.2.148 in /rust (#2108)
Bumps [libc](https://github.com/rust-lang/libc) from 0.2.147 to 0.2.148. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
616cabab78 |
build(deps): Bump clap from 4.4.2 to 4.4.4 in /rust (#2107)
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.2 to 4.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.4.4</h2> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>v4.4.3</h2> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.4.4] - 2023-09-18</h2> <h3>Internal</h3> <ul> <li>Update <code>terminal_size</code> to 0.3</li> </ul> <h2>[4.4.3] - 2023-09-12</h2> <h3>Documentation</h3> <ul> <li><em>(derive)</em> Clarify use of attributes within the tutorial</li> <li>Split sections in the builder and derive tutorials into separate modules</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
9d93d02b48 |
deps(relay): bump to stun-codec 0.3.3 (#2088)
I've opened several PRs upstream for code that was missing in `stun-codec` for our purposes. Those have been accepted and released, so we can bump to that version now and remove that code. Related: https://github.com/sile/stun_codec/pull/14. Related: https://github.com/sile/stun_codec/pull/15. Related: https://github.com/sile/stun_codec/pull/16. Related: https://github.com/sile/stun_codec/pull/17. A big thanks to @sile for the crate and being responsive maintainer 🥳 |
||
|
Jamil
|
713c34e496 |
fix(connlib): Persist logging guard for the duration of the session (#2058)
This allows the file logger to write events as they're emitted so that
we (attempt to) capture everything for the lifetime of the session.
Sample:
```json
{"time":"2023-09-13T13:28:26.396615Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"324"},"severity":"DEBUG","message":"Attempting connection to portal..."}
{"time":"2023-09-13T13:28:26.436317Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":73,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"No cached session for DnsName(\"api.firez.one\")"}
{"time":"2023-09-13T13:28:26.43694Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":132,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Not resuming any session"}
{"time":"2023-09-13T13:28:26.446781Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":615,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"Using ciphersuite TLS13_AES_256_GCM_SHA384"}
{"time":"2023-09-13T13:28:26.447046Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":142,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"Not resuming"}
{"time":"2023-09-13T13:28:26.449001Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/tls13.rs","logLine":381,"logModulePath":"rustls::client::tls13","logTarget":"rustls::client::tls13","message":"TLS1.3 encrypted extensions: []"}
{"time":"2023-09-13T13:28:26.449266Z","target":"log","severity":"DEBUG","logFile":"/Users/jamil/.cargo/registry/src/index.crates.io-6f17d22bba15001f/rustls-0.21.7/src/client/hs.rs","logLine":472,"logModulePath":"rustls::client::hs","logTarget":"rustls::client::hs","message":"ALPN protocol is None"}
{"time":"2023-09-13T13:28:26.544357Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"327"},"severity":"WARNING","error":"PortalConnectionError(Http(Response { status: 404, version: HTTP/1.1, headers: {\"cache-control\": \"max-age=0, private, must-revalidate\", \"content-length\": \"9\", \"date\": \"Wed, 13 Sep 2023 13:28:25 GMT\", \"server\": \"Cowboy\", \"strict-transport-security\": \"max-age=63072000; includeSubDomains; preload\", \"x-request-id\": \"F4R4XmBOoVfqEVkAAAVh\", \"via\": \"1.1 google\", \"alt-svc\": \"h3=\\\":443\\\"; ma=2592000,h3-29=\\\":443\\\"; ma=2592000\", \"connection\": \"close\"}, body: Some([78, 111, 116, 32, 102, 111, 117, 110, 100]) }))","message":"Portal connection error"}
{"time":"2023-09-13T13:28:26.544838Z","target":"libs_common::session","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/common/src/session.rs","line":"330"},"severity":"WARNING","message":"Error connecting to portal, retrying in 42 seconds"}
{"time":"2023-09-13T13:28:36.087416Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:46.087297Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:53.703612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:54.709612Z","target":"log","severity":"WARNING","logFile":"/Users/jamil/.cargo/git/checkouts/webrtc-316f277f555c12ed/672e728/mdns/src/conn/mod.rs","logLine":359,"logModulePath":"webrtc_mdns::conn","logTarget":"webrtc_mdns::conn","message":"Failed to parse mDNS packet parsing/packing of this type isn't available yet"}
{"time":"2023-09-13T13:28:56.086942Z","target":"tunnel_state","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/client/src/control.rs","line":"255"},"severity":"DEBUG","message":"TunnelStats {\n public_key: \"BQCIkQ7iNdQxEnZo6lGwR8prKJgMlJGL+UPj+C50J0s=\",\n peers_by_ip: {},\n peer_connections: [\n 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n ],\n resource_gateways: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: 7482154e-107d-4981-8f5e-4becf1a9bfd2,\n },\n dns_resources: {},\n network_resources: {\n V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 2a39fb5e-f7f4-44da-9163-5675c009a2ae,\n address: V4(\n Ipv4Network {\n network_address: 172.31.82.179,\n netmask: 32,\n },\n ),\n name: \"HTTPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 196b9f86-0789-4c2e-8afd-3b3cd59e1462,\n address: V4(\n Ipv4Network {\n network_address: 172.31.93.123,\n netmask: 32,\n },\n ),\n name: \"IPerf3\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 01c6a1ea-2540-4ec8-9caa-0015ddfffb55,\n address: V4(\n Ipv4Network {\n network_address: 172.31.83.10,\n netmask: 32,\n },\n ),\n name: \"TCP / UDPbin\",\n },\n ),\n V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ): Cidr(\n ResourceDescriptionCidr {\n id: 115ab626-ac3e-4890-b613-07f90bc1afb3,\n address: V4(\n Ipv4Network {\n network_address: 172.31.92.238,\n netmask: 32,\n },\n ),\n name: \"Performance Testing\",\n },\n ),\n },\n gateway_public_keys: {},\n awaiting_connection: {\n 2a39fb5e-f7f4-44da-9163-5675c009a2ae: AwaitingConnectionDetails {\n total_attemps: 31,\n response_received: true,\n },\n },\n gateway_awaiting_connection: {\n 7482154e-107d-4981-8f5e-4becf1a9bfd2: [],\n },\n}"}
{"time":"2023-09-13T13:28:57.52105Z","target":"firezone_tunnel::tun","logging.googleapis.com/sourceLocation":{"file":"connlib/libs/tunnel/src/tun_darwin.rs","line":"224"},"severity":"DEBUG","message":"MTU for utun7 is 1420"}
```
Sample log attached:
[connlib.log.zip](https://github.com/firezone/firezone/files/12598066/connlib.log.zip)
|
||
|
Thomas Eizinger
|
ae2fbc3364 |
feat(relay): respond to bad STUN message where possible (#2073)
Previously, we would only log an error if we failed to decode the attribute part of a STUN message. Now, if we can decode the STUN header but fail at one of the attributes, we will properly respond to the client. This could for example happen if a client requests a channel number that is out of range. |
||
|
dependabot[bot]
|
41b67b7082 |
build(deps): Bump socket2 from 0.5.3 to 0.5.4 in /rust (#2079)
Bumps [socket2](https://github.com/rust-lang/socket2) from 0.5.3 to 0.5.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.5.4</h1> <ul> <li>Deprecated <code>Socket::(bind_)device_by_index</code>, replaced by <code>Socket::(bind_)device_by_index_v4</code> for IPv4 sockets (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added <code>Socket::(bind_)device_by_index_v6</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/432">rust-lang/socket2#432</a>).</li> <li>Added experimental support for the ESP-IDF framework (<a href="https://redirect.github.com/rust-lang/socket2/pull/452">rust-lang/socket2#452</a>)</li> <li>Added <code>Socket::{send,recv}msg</code> and <code>MsgHdr(Mut)</code> types, wrapping <code>sendmsg(2)</code> and <code>recvmsg(2)</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/447">rust-lang/socket2#447</a>).</li> <li>Added <code>Socket::(set_)reuse_port_lb</code> to retrieve or set <code>SO_REUSEPORT_LB</code> on FreeBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/442">rust-lang/socket2#442</a>).</li> <li>Added <code>Protocol::DIVERT</code> on FreeBSD and OpenBSD (<a href="https://redirect.github.com/rust-lang/socket2/pull/448">rust-lang/socket2#448</a>).</li> <li>Add <code>Socket::protocol</code> for Windows (using <code>WSAPROTOCOL_INFOW</code>) (<a href="https://redirect.github.com/rust-lang/socket2/pull/470">rust-lang/socket2#470</a>).</li> <li><code>From<SocketAddrV{4,6}></code> for <code>SockAddr </code> nows sets <code>ss_len</code> on platforms that have the fields (most BSDs) (<a href="https://redirect.github.com/rust-lang/socket2/pull/469">rust-lang/socket2#469</a>).</li> <li>Change Windows to use <code>ADDRESS_FAMILY</code> for <code>sa_family_t</code>, this shouldn't affect anything in practice (<a href="https://redirect.github.com/rust-lang/socket2/pull/463">rust-lang/socket2#463</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/rust-lang/socket2/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
77c0c58754 |
build(deps): Bump chrono from 0.4.30 to 0.4.31 in /rust (#2078)
Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.30 to 0.4.31. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.31</h2> <p>Another maintenance release. It was not a planned effort to improve our support for UNIX timestamps, yet most PRs seem related to this.</p> <h3>Deprecations</h3> <ul> <li>Deprecate <code>timestamp_nanos</code> in favor of the non-panicking <code>timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Add <code>DateTime::<Utc>::from_timestamp</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1279">#1279</a>, thanks <a href="https://github.com/demurgos"><code>@demurgos</code></a>)</li> <li>Add <code>TimeZone::timestamp_micros</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1285">#1285</a>, thanks <a href="https://github.com/emikitas"><code>@emikitas</code></a>)</li> <li>Add <code>DateTime<Tz>::timestamp_nanos_opt</code> and <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1275">#1275</a>)</li> <li>Add <code>UNIX_EPOCH</code> constants (<a href="https://redirect.github.com/chronotope/chrono/issues/1291">#1291</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Format day of month in RFC 2822 without padding (<a href="https://redirect.github.com/chronotope/chrono/issues/1272">#1272</a>)</li> <li>Don't allow strange leap seconds which are not on a minute boundary initialization methods (<a href="https://redirect.github.com/chronotope/chrono/issues/1283">#1283</a>) This makes many methods a little more strict: <ul> <li><code>NaiveTime::from_hms_milli</code></li> <li><code>NaiveTime::from_hms_milli_opt</code></li> <li><code>NaiveTime::from_hms_micro</code></li> <li><code>NaiveTime::from_hms_micro_opt</code></li> <li><code>NaiveTime::from_hms_nano</code></li> <li><code>NaiveTime::from_hms_nano_opt</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight</code></li> <li><code>NaiveTime::from_num_seconds_from_midnight_opt</code></li> <li><code>NaiveDate::and_hms_milli</code></li> <li><code>NaiveDate::and_hms_milli_opt</code></li> <li><code>NaiveDate::and_hms_micro</code></li> <li><code>NaiveDate::and_hms_micro_opt</code></li> <li><code>NaiveDate::and_hms_nano</code></li> <li><code>NaiveDate::and_hms_nano_opt</code></li> <li><code>NaiveDateTime::from_timestamp</code></li> <li><code>NaiveDateTime::from_timestamp_opt</code></li> <li><code>TimeZone::timestamp</code></li> <li><code>TimeZone::timestamp_opt</code></li> </ul> </li> <li>Fix underflow in <code>NaiveDateTime::timestamp_nanos_opt</code> (<a href="https://redirect.github.com/chronotope/chrono/issues/1294">#1294</a>, thanks <a href="https://github.com/crepererum"><code>@crepererum</code></a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Add more documentation about the RFC 2822 obsolete date format (<a href="https://redirect.github.com/chronotope/chrono/issues/1267">#1267</a>)</li> </ul> <h3>Internal</h3> <ul> <li>Remove internal <code>__doctest</code> feature and <code>doc_comment</code> dependency (<a href="https://redirect.github.com/chronotope/chrono/issues/1276">#1276</a>)</li> <li>CI: Bump <code>actions/checkout</code> from 3 to 4 (<a href="https://redirect.github.com/chronotope/chrono/issues/1280">#1280</a>)</li> <li>Optimize <code>NaiveDate::add_days</code> for small values (<a href="https://redirect.github.com/chronotope/chrono/issues/1214">#1214</a>)</li> <li>Upgrade <code>pure-rust-locales</code> to 0.7.0 (<a href="https://redirect.github.com/chronotope/chrono/issues/1288">#1288</a>, thanks <a href="https://github.com/jeremija"><code>@jeremija</code></a> wo did good improvements on <code>pure-rust-locales</code>)</li> </ul> <p>Thanks to all contributors on behalf of the chrono team, <a href="https://github.com/djc"><code>@djc</code></a> and <a href="https://github.com/pitdicker"><code>@pitdicker</code></a>!</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
10faffc4db |
refactor(relay): use tracing::instrument macro for spans (#2068)
|
||
|
Thomas Eizinger
|
81bc6a8f40 |
fix(relay): apply our env-filter to the trace exporter layer (#2071)
This might be the issue why we see spans that are not enabled in the `RUST_LOG` directive. |
||
|
Thomas Eizinger
|
94ded341f1 | fix(relay): heartbeats are sent to portal not the relay (#2070) | ||
|
Thomas Eizinger
|
608488d718 | feat(relay): drastically improve usefulness of spans (#2056) | ||
|
Thomas Eizinger
|
89d7b0f5f4 |
feat(relay): replace prometheus with OTEL metrics (#1996)
To better take advantage of the OTEL ecosystem, we change our prometheus metrics to OTEL metrics. OTEL metrics are pushed to the agent via the OTEL pipeline set up in https://github.com/firezone/firezone/pull/1995 rather than pulled like prometheus. This means our `/metrics` endpoint is now gone which we previously (ab)used as a health-check. I've added a dedicated `/healthz` endpoint. |
||
|
Andrew Dryga
|
85b4aba9bc |
Rename Devices to Clients in Elixir app (#2008)
Renaming it back to clients to reflect service accounts and headless clients use cases in the terminology. Such a rename will be very painful on live data so better if we do it early on. --------- Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com> |
||
|
Thomas Eizinger
|
178b68d770 |
feat(relay): remove direct integration with Google Cloud Trace (#2054)
This exporter never worked reliably and we have since switched to running an OTLP collector as a side-car. |
||
|
Thomas Eizinger
|
0de7b3e783 |
fix(relay): assign unique span IDs (#2055)
I misunderstood something the docs around span IDs. This root span was in-fact harmful because it would group all spans under one ID. |
||
|
Thomas Eizinger
|
05201d9350 |
fix(relay): don't panic if waking time is in the past (#2052)
To be resource efficient, the relay's event loop suspends if there is no activity on its sockets. Certain operations however need to happen at a specified time, for example, allocations need to be freed if not renewed after a specified TTL. To achieve this, the relay implementation has a mechanism where it can request the event-loop to wake up at a specified deadline. Previously, we assumed that this deadline was always in the future. For reasons not yet known, we encountered a situation where this deadline was in the past. We fix this by: 1) Scheduling an immediate wake-up instead of panicking 2) Logging a warning to help with debugging if this ever occurs again |
||
|
Thomas Eizinger
|
bc9aec266b |
fix(relay): add config for Google Project ID when using OTLP exporter (#2051)
If we aren't configured to use the Google Cloud Trace exporter, then we currently have no way of configuring the Google Project Id for the relay. This in turn means that we cannot set span IDs for the Google Cloud logging format. Add a configuration option and also emit a warning if we are configured to emit Google Cloud logging but don't have the ID set. |
||
|
Thomas Eizinger
|
fbfce585b0 |
feat(relay): allow configuration of OTLP exporter (#2050)
Allows configuration of an OTLP collector as an alternative to Google Cloud Trace. We also add a temporary logger that allows us to print things to stdout as we are setting up the more complicated tracing infrastructure. This might be prove helpful during debugging! |
||
|
dependabot[bot]
|
1a6f0efec0 |
build(deps): Bump base64 from 0.21.3 to 0.21.4 in /rust (#2004)
Bumps [base64](https://github.com/marshallpierce/rust-base64) from 0.21.3 to 0.21.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md">base64's changelog</a>.</em></p> <blockquote> <h1>0.21.4</h1> <ul> <li>Make <code>encoded_len</code> <code>const</code>, allowing the creation of arrays sized to encode compile-time-known data lengths</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
40b62448e2 |
feat(connlib): Add file_logger module and configure via connect (#1973)
Implements the FFI part of the following issues: Fixes firezone/product#669 Refs firezone/product#672 Refs firezone/product#673 ~~Log wg stats as well by moving into warn category.~~ This contains information we want to keep out of our logging infrastructure for now. |
||
|
Gabi
|
61b43d426d |
connlib: resource_table UB fixes (#2011)
fixes firezone/product#679 Originally I was using pointers to `HashMap` elements to store the resource_table, the problem is that if there is a realloc those pointers would be invalidated. So now, we are wrapping the elements in `Rc` and removing most unsafety. |
||
|
dependabot[bot]
|
9a905d3295 |
build(deps): Bump redis from 0.23.2 to 0.23.3 in /rust (#2005)
Bumps [redis](https://github.com/redis-rs/redis-rs) from 0.23.2 to 0.23.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/redis-rs/redis-rs/releases">redis's releases</a>.</em></p> <blockquote> <h2>v0.23.3</h2> <h3>0.23.3 (2023-09-01)</h3> <p>Note that this release fixes a small regression in async Redis Cluster handling of the <code>PING</code> command. Based on updated response aggregation logic in <a href="https://redirect.github.com/redis-rs/redis-rs/pull/888">#888</a>, it will again return a single response instead of an array.</p> <h4>Features</h4> <ul> <li>Add <code>key_type</code> command (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/933">#933</a> <a href="https://github.com/bruaba"><code>@bruaba</code></a>)</li> <li>Async cluster: Group responses by response_policy. (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/888">#888</a>)</li> </ul> <h4>Fixes</h4> <ul> <li>Remove unnecessary heap allocation (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/939">#939</a> <a href="https://github.com/thechampagne"><code>@thechampagne</code></a>)</li> <li>Sentinel tests: Ensure no ports are used twice (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/915">#915</a>)</li> <li>Fix lint issues (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/937">#937</a>)</li> <li>Fix JSON serialization error test (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/928">#928</a>)</li> <li>Remove unused dependencies (<a href="https://redirect.github.com/redis-rs/redis-rs/pull/916">#916</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c6d9217977 |
build(deps): Bump url from 2.4.0 to 2.4.1 in /rust (#1982)
Bumps [url](https://github.com/servo/rust-url) from 2.4.0 to 2.4.1. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Thomas Eizinger
|
6681301166 | fix(relay): use system cert store for root certificates (#1999) | ||
|
Andrew Dryga
|
0006fa1a8d | Auto-detect relay IPv6 | ||
|
Thomas Eizinger
|
cdfe086ca9 |
feat(relay): push spans to OTLP-receiver (#1995)
When I built https://github.com/firezone/firezone/pull/1994, I hadn't yet fully understood how tracing works on Google Cloud. Logs and traces are separated in Google Cloud. Most importantly, traces need to be _pushed_ to Google Cloud whereas logs are scraped automatically. Logs can _reference_ traces via particular fields, in particular `logging.googleapis.com/spanId` and `projects/{project_id}/traces/{trace_id}`. Within the container-optimised OS that we are running on, we are already authenticated to all the Google APIs. Thus, we can utilize the `GcpAuthorizer` from the `opentelemetry_stackdriver` module which will automatically obtain a token from the internal metadata endpoint. Thus no external configuration is necessary. We split the configuration for logs / traces into two components: - `LOG_FORMAT`: Specifies how the logs are formatted. Can be `human`, `json` or `google-cloud`. - `TRACE_RECEIVER`: Optional. Specifies where the traces are sent to. If specified, we will also slightly tweak the log configuration to embed the project ID which allows Google Cloud Trace to cross-reference log entries with traces. |
||
|
Thomas Eizinger
|
57bad65f3a |
feat(relay): better integration with google cloud trace (#1994)
The relay already uses spans for its internal logging but up until now, those were only useful when using the regular stdout logger. For `JSON_LOG=true`, we did emit the spans but not in a format that worked with Google Cloud Trace. We are changing the configuration of the binary to remove `JSON_LOG` and instead configure it with the Google Cloud "project id". If that one is set, we configure the logs such that they properly integrate with Google Cloud Trace by emitting unique span IDs for all messages. This should give us much better observability throughout a request that is being processed by the relay. The `JSON_LOG` configuration option has been bugging me for a while because it was implicitly (a little bit) geared towards Google Stackdriver. We now make this explicit by requiring the project ID. That is a much cleaner integration IMO. |
||
|
dependabot[bot]
|
dbd4884f50 |
build(deps): Bump thiserror from 1.0.47 to 1.0.48 in /rust (#1979)
Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.47 to 1.0.48. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>1.0.48</h2> <ul> <li>Improve implementation of displaying Path values in a generated Display impl (<a href="https://redirect.github.com/dtolnay/thiserror/issues/251">#251</a>, thanks <a href="https://github.com/mina86"><code>@mina86</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Gabi
|
70faecc2df |
Connlib/fix stability issues (#1974)
When we lost networks(or change them), the phoenix channel didn't detect that the connection was lost, since the underlying websocket doesn't return an error if it's not closed gracefully. So we expect the heartbeat at some point to consider the connection down. Furthermore, while the connection is down sending the connection intents to the portal fails silently, so now we re-try the message until we get a response and built some race-condition protections in case we get multiple or stale responses. |
||
|
dependabot[bot]
|
a956e247c3 |
build(deps): Bump serde from 1.0.183 to 1.0.188 in /rust (#1981)
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.183 to 1.0.188. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p> <blockquote> <h2>v1.0.188</h2> <ul> <li>Fix <em>"failed to parse manifest"</em> error when building serde using a Cargo version between 1.45 and 1.50 (<a href="https://redirect.github.com/serde-rs/serde/issues/2603">#2603</a>)</li> </ul> <h2>v1.0.187</h2> <ul> <li>Remove support for Emscripten targets on rustc older than 1.40 (<a href="https://redirect.github.com/serde-rs/serde/issues/2600">#2600</a>)</li> </ul> <h2>v1.0.186</h2> <ul> <li>Disallow incompatible versions of <code>serde_derive</code> and <code>serde</code> in the dependency graph (<a href="https://redirect.github.com/serde-rs/serde/issues/2588">#2588</a>, thanks <a href="https://github.com/soqb"><code>@soqb</code></a>)</li> </ul> <h2>v1.0.185</h2> <ul> <li>Fix error <em>"cannot move out of <code>*self</code> which is behind a shared reference"</em> deriving Serialize on a non_exhaustive enum (<a href="https://redirect.github.com/serde-rs/serde/issues/2591">#2591</a>)</li> </ul> <h2>v1.0.184</h2> <ul> <li>Restore from-source <code>serde_derive</code> build on all platforms — eventually we'd like to use a first-class precompiled macro if such a thing becomes supported by cargo / crates.io</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
07f394d5c4 |
build(deps): Bump clap from 4.3.23 to 4.4.2 in /rust (#1980)
Bumps [clap](https://github.com/clap-rs/clap) from 4.3.23 to 4.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.4.2</h2> <h2>[4.4.2] - 2023-08-31</h2> <h3>Performance</h3> <ul> <li>Improve build times by removing <code>once_cell</code> dependency</li> </ul> <h2>v4.4.1</h2> <h2>[4.4.1] - 2023-08-28</h2> <h3>Features</h3> <ul> <li>Stabilize <code>Command::styles</code></li> </ul> <h2>v4.3.24</h2> <h2>[4.3.24] - 2023-08-23</h2> <h3>Fixes</h3> <ul> <li>Ensure column padding is preserved in <code>--help</code> with custom templates</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.4.2] - 2023-08-31</h2> <h3>Performance</h3> <ul> <li>Improve build times by removing <code>once_cell</code> dependency</li> </ul> <h2>[4.4.1] - 2023-08-28</h2> <h3>Features</h3> <ul> <li>Stabilize <code>Command::styles</code></li> </ul> <h2>[4.4.0] - 2023-08-24</h2> <h3>Compatibility</h3> <ul> <li>Update MSRV to 1.70.0</li> </ul> <h2>[4.3.24] - 2023-08-23</h2> <h3>Fixes</h3> <ul> <li>Ensure column padding is preserved in <code>--help</code> with custom templates</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b67cf45f64 |
build(deps): Bump serde_json from 1.0.104 to 1.0.105 in /rust (#1978)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.104 to 1.0.105. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.105</h2> <ul> <li>Support bool in map keys (<a href="https://redirect.github.com/serde-rs/json/issues/1054">#1054</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Jamil
|
3bb4857f5f |
fix(apple): Don't close fd on disconnect (#1965)
When path.status changes to `.unsatisfied`, we call `disconnect()`. This was closing the tunnel `fd`, causing the PacketTunnelProvider interface to go down. Then, when `connect()` was being called later, the `fd` was still closed. This PR simply removes the `close(fd)` call and assumes the PacketTunnelProvider will do that appropriately. After some more discussion with @conectado we determined that boringtun and webrtc-rs probably handle the edge cases needed by `bumpSockets` and `disableSomeRoamingForBrokenMobileSemantics`, so those are removed as well. Refs firezone/product#656 |
||
|
dependabot[bot]
|
a66cba5090 |
build(deps): Bump tokio from 1.29.1 to 1.32.0 in /rust (#1956)
Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.29.1 to 1.32.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.32.0</h2> <h3>Fixed</h3> <ul> <li>sync: fix potential quadradic behavior in <code>broadcast::Receiver</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5925">#5925</a>)</li> </ul> <h3>Added</h3> <ul> <li>process: stabilize <code>Command::raw_arg</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5930">#5930</a>)</li> <li>io: enable awaiting error readiness (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5781">#5781</a>)</li> </ul> <h3>Unstable</h3> <ul> <li>rt(alt): improve the scalability of alt runtime as the number of cores grows (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5935">#5935</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/5925">#5925</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5925">tokio-rs/tokio#5925</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/5930">#5930</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5930">tokio-rs/tokio#5930</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/5781">#5781</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5781">tokio-rs/tokio#5781</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/5935">#5935</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5935">tokio-rs/tokio#5935</a></p> <h2>Tokio v1.31.0</h2> <h3>Fixed</h3> <ul> <li>io: delegate <code>WriteHalf::poll_write_vectored</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5914">#5914</a>)</li> </ul> <h3>Unstable</h3> <ul> <li>rt(unstable): fix memory leak in unstable next-gen scheduler prototype (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5911">#5911</a>)</li> <li>rt: expose mean task poll time metric (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5927">#5927</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/5914">#5914</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5914">tokio-rs/tokio#5914</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/5911">#5911</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5911">tokio-rs/tokio#5911</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/5927">#5927</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/5927">tokio-rs/tokio#5927</a></p> <h2>Tokio v1.30.0</h2> <h1>1.30.0 (August 9, 2023)</h1> <p>This release bumps the MSRV of Tokio to 1.63. (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5887">#5887</a>)</p> <h3>Changed</h3> <ul> <li>tokio: reduce LLVM code generation (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5859">#5859</a>)</li> <li>io: support <code>--cfg mio_unsupported_force_poll_poll</code> flag (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5881">#5881</a>)</li> <li>sync: make <code>const_new</code> methods always available (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5885">#5885</a>)</li> <li>sync: avoid false sharing in mpsc channel (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5829">#5829</a>)</li> <li>rt: pop at least one task from inject queue (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5908">#5908</a>)</li> </ul> <h3>Added</h3> <ul> <li>sync: add <code>broadcast::Sender::new</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5824">#5824</a>)</li> <li>net: implement <code>UCred</code> for espidf (<a href="https://redirect.github.com/tokio-rs/tokio/issues/5868">#5868</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Gabi
|
ff7f2de7d9 |
connlib: improve logging and detect channel close earlier (#1964)
This detects earlier when a channel disconnects and closes the peer but more importantly it prints periodically some stats about the tunnel that will make debugging easier. |
||
|
Jamil
|
ce11fa29f0 |
fix(clients): SHA256 external_id to normalize before sending to portal (#1949)
* Normalizes very long or very short device IDs to a predictable length * Ensures uniform distribution for the DB index * Provides some basic level of privacy preservation |
||
|
dependabot[bot]
|
79021a7f25 |
build(deps): Bump prometheus-client from 0.21.1 to 0.21.2 in /rust (#1957)
Bumps [prometheus-client](https://github.com/prometheus/client_rust) from 0.21.1 to 0.21.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_rust/releases">prometheus-client's releases</a>.</em></p> <blockquote> <h2>v0.21.2</h2> <p>See <a href="https://github.com/prometheus/client_rust/blob/HEAD/CHANGELOG.md">changelog</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/prometheus/client_rust/blob/master/CHANGELOG.md">prometheus-client's changelog</a>.</em></p> <blockquote> <h2>[0.21.2]</h2> <h3>Added</h3> <ul> <li>Added <code>sub_registry_with_labels</code> method to <code>Registry</code>. See <a href="https://redirect.github.com/prometheus/client_rust/pull/145">PR 145</a>.</li> <li>Added <code>with_labels</code> and <code>with_prefix_and_labels</code> constructors to <code>Registry</code>. See <a href="https://redirect.github.com/prometheus/client_rust/pull/147">PR 147</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
35b8f4539a |
build(deps): Bump netlink-packet-core from 0.5.0 to 0.7.0 in /rust (#1959)
Bumps [netlink-packet-core](https://github.com/rust-netlink/netlink-packet-core) from 0.5.0 to 0.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-netlink/netlink-packet-core/releases">netlink-packet-core's releases</a>.</em></p> <blockquote> <h2>New release 0.7.0</h2> <h3>Breaking changes</h3> <ul> <li><code>NetlinkPayload::Ack</code> removed and replaced by <code>NetlinkPayload::Error</code> where <code>ErrorMessage.code</code> is set to None. (52732b3)</li> </ul> <h3>New features</h3> <ul> <li>Derive <code>Default</code> for <code>ErrorMessage</code>. (3514766)</li> </ul> <h3>Bug fixes</h3> <ul> <li>N/A</li> </ul> <h2>New release 0.6.0</h2> <h3>Breaking changes</h3> <ul> <li><code>NetlinkPayload::Done</code> changed to <code>NetlinkPayload::Done(DoneMessage)</code>. (0c75fb5)</li> </ul> <h3>New features</h3> <ul> <li>Support full done message. (0c75fb5)</li> </ul> <h3>Bug fixes</h3> <ul> <li>N/A</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-netlink/netlink-packet-core/blob/main/CHANGELOG">netlink-packet-core's changelog</a>.</em></p> <blockquote> <h2>[0.7.0] - 2023-07-09</h2> <h3>Breaking changes</h3> <ul> <li><code>NetlinkPayload::Ack</code> removed and replaced by <code>NetlinkPayload::Error</code> where <code>ErrorMessage.code</code> is set to None. (52732b3)</li> </ul> <h3>New features</h3> <ul> <li>Derive <code>Default</code> for <code>ErrorMessage</code>. (3514766)</li> </ul> <h3>Bug fixes</h3> <ul> <li>N/A</li> </ul> <h2>[0.6.0] - 2023-06-26</h2> <h3>Breaking changes</h3> <ul> <li><code>NetlinkPayload::Done</code> changed to <code>NetlinkPayload::Done(DoneMessage)</code>. (0c75fb5)</li> </ul> <h3>New features</h3> <ul> <li>Support full done message. (0c75fb5)</li> </ul> <h3>Bug fixes</h3> <ul> <li>N/A</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
eabf44188a |
build(deps): Bump base64 from 0.21.2 to 0.21.3 in /rust (#1960)
Bumps [base64](https://github.com/marshallpierce/rust-base64) from 0.21.2 to 0.21.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md">base64's changelog</a>.</em></p> <blockquote> <h1>0.21.3</h1> <ul> <li>Implement <code>source</code> instead of <code>cause</code> on Error types</li> <li>Roll back MSRV to 1.48.0 so Debian can continue to live in a time warp</li> <li>Slightly faster chunked encoding for short inputs</li> <li>Decrease binary size</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Gabi
|
7d0e0acfe9 |
fix(connlib): assorted fixes (#1953)
* single stack ipv6/ipv4 * set mtu for linux connlib * add iperf3 resource on dev docker-compose --------- Signed-off-by: Gabi <gabrielalejandro7@gmail.com> Co-authored-by: Jamil <jamilbk@users.noreply.github.com> |
||
|
Jamil
|
4d84e1f12e |
chore(connlib): Add external ID to FFI, return fd in on_set_interface_config (#1945)
(Supersedes #1944) * Fixes https://github.com/firezone/product/issues/649 * Passes `dns_fallback_strategy` over FFI (these are hardcoded for now) * Incorporates @conectado 's #1944 and cleans up a few places `fd` was still passed Draft for now until I can test it more tomorrow --------- Co-authored-by: conectado <gabrielalejandro7@gmail.com> |
||
|
Jamil
|
d1de8eac22 |
feat(connlib): implement name() and mtu() for android (#1943)
Implement `name()` to retrieve the tunnel name via `TUNGETIFF`, then use that to retrieve the mtu via `SIOCGIFMTU`. Verified to be working: ``` 2023-08-23 20:25:50.211 4830-4928 connlib dev.firezone.android D firezone_tunnel::tun: MTU for tun0 is 1280 ``` Will update the `log::debug!` calls to tracing in the next PR. |
||
|
Gabi
|
e216a9e69f |
relay: fix stale nonce error code (#1942)
In the gateway/client we were looking at an error that looked like: ``` firezone-client-1 | 2023-08-23T20:58:50.456400Z ERROR turn::client::relay_conn: fail to refresh permissions: CreatePermission error response (error 401: Unauthorized) firezone-client-1 | 2023-08-23T20:58:50.456413Z WARN turn::client::relay_conn: refresh permissions failed ``` This was due to a slightly non-compliant behavior on the relay part where it was responding with a 401 instead of a 438 when a nonce was stale which is the behavior described by [RFC 5389](https://datatracker.ietf.org/doc/html/rfc5389#section-10.2.2) This PR should fix this and we should no longer see that refresh permissions error. |
||
|
Jamil
|
3316d9098a |
fix(android): Fix auth flow and callback thread safety, and pass fd through FFI (#1930)
* Refactor sharedPreferences to only save the AccountId * Update TeamId -> AccountId to match naming elsewhere * Update JWT -> Token to avoid confusion; this token is **not** a valid JWT and should be treated as an opaque token * Update FFI `connect` to accept an optional file descriptor (int32) as a first argument. This seemed to be the most straightforward way to pass it to the tunnel stack. Retrieving it via callback is another option, but retrieving return vars with the `jni` was more complex. We could have used a similar approach that we did in the Apple client (enumerating all fd's in the `new()` function until we found ours) but this approach is [explicitly documented/recommended](https://developer.android.com/reference/android/net/VpnService.Builder#establish()) by the Android docs so I figured it's not likely to break. Additionally, there was a thread safety bug in the recent JNI callback implementation that consistently crashed the VM with `JNI DETECTED ERROR IN APPLICATION: use of invalid jobject...`. The fix was to use `GlobalRef` which has the explicit purpose of outliving the `JNIEnv` lifetime so that no `static` lifetimes need to be used. --------- Signed-off-by: Jamil <jamilbk@users.noreply.github.com> Co-authored-by: Pratik Velani <pratikvelani@gmail.com> Co-authored-by: Gabi <gabrielalejandro7@gmail.com> |
||
|
dependabot[bot]
|
bf95d0480b |
build(deps): Bump clap from 4.3.21 to 4.3.23 in /rust (#1931)
Bumps [clap](https://github.com/clap-rs/clap) from 4.3.21 to 4.3.23. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.3.23</h2> <h2>[4.3.23] - 2023-08-18</h2> <h3>Fixes</h3> <ul> <li>Fixed <code>UnknownArgumentValueParser</code> to not error on flag's absence</li> </ul> <h2>v4.3.22</h2> <h2>[4.3.22] - 2023-08-17</h2> <h3>Features</h3> <ul> <li>Add <code>UnknownArgumentValueParser</code> for injecting errors for improving the experience with errors</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.3.23] - 2023-08-18</h2> <h3>Fixes</h3> <ul> <li>Fixed <code>UnknownArgumentValueParser</code> to not error on flag's absence</li> </ul> <h2>[4.3.22] - 2023-08-17</h2> <h3>Features</h3> <ul> <li>Add <code>UnknownArgumentValueParser</code> for injecting errors for improving the experience with errors</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Gabi
|
8621953fe6 |
connlib: fix how we handle disconnect (#1923)
Basically we were having a panic inside a panic before, when I tried to drop the runtime in `on_disconnect` since you can't drop a runtime within a runtime. This PR spawns a new thread that listen for disconnection and stops the runtime right there. This also fixes the timer for reconnections. Note: That I first stop it and the drop it which is redundant but I rather be safe :) |
||
|
dependabot[bot]
|
08343ef5a1 |
build(deps): Bump async-trait from 0.1.72 to 0.1.73 in /rust (#1932)
Bumps [async-trait](https://github.com/dtolnay/async-trait) from 0.1.72 to 0.1.73. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/async-trait/releases">async-trait's releases</a>.</em></p> <blockquote> <h2>0.1.73</h2> <ul> <li>Prevent generated code from triggering ignored_unit_patterns pedantic clippy lint</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
186dfb95a9 |
build(deps): Bump anyhow from 1.0.72 to 1.0.75 in /rust (#1934)
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.72 to 1.0.75. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.75</h2> <ul> <li>Partially work around rust-analyzer bug (<a href="https://redirect.github.com/rust-lang/rust-analyzer/issues/9911">rust-lang/rust-analyzer#9911</a>)</li> </ul> <h2>1.0.74</h2> <ul> <li>Add bootstrap workaround to allow rustc to depend on anyhow (<a href="https://redirect.github.com/dtolnay/anyhow/issues/320">#320</a>, thanks <a href="https://github.com/RalfJung"><code>@RalfJung</code></a>)</li> </ul> <h2>1.0.73</h2> <ul> <li>Update backtrace support to nightly's new Error::provide API (<a href="https://redirect.github.com/rust-lang/rust/pull/113464">rust-lang/rust#113464</a>, <a href="https://redirect.github.com/dtolnay/anyhow/issues/319">#319</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |