Commit Graph

338 Commits (9011c36da6e2394954986619058745b128180530)

Author SHA1 Message Date
Ryan Gonzalez 9011c36da6 hostsfile: Copy the SELinux context to the temp file before overwrite
On SELinux-enabled systems, /etc/hosts has a different type `net_conf_t`
than the other files in /etc, so the temporary file that overwrites it
ends up with the wrong context, resulting in many system services
becoming unable to access the file. To fix this, manually look up the
context /etc/hosts has and copy it to the temporary file before
the rename.

In order to avoid depending on libselinux on systems that don't use it,
this support is gated behind the new "selinux" feature. It *is*
installed and enabled in the Dockerfile, however, in order to ensure
that it still builds.
2024-05-04 19:08:56 +09:00
Ryo Kawaguchi 85c8cc37ec
Add --interactive mode to docker-tests for testing of interactive commands (#312)
* Add --interactive mode to docker-tests to facilitate interactive testing
of innernet commands.

* Add a section to README about testing.

* Fix href tag
2024-04-23 18:05:13 +09:00
Ryo Kawaguchi 3c69de4e4e
Add a new client / server command to rename CIDR (#310)
* Add a new client / server command to rename CIDR.

* Add a docker test case

* Apply suggestions from code review

Co-authored-by: Matěj Laitl <matej@laitl.cz>
Co-authored-by: Jake McGinty <me@jakebot.org>

---------

Co-authored-by: Matěj Laitl <matej@laitl.cz>
Co-authored-by: Jake McGinty <me@jakebot.org>
2024-04-23 06:12:36 +09:00
Ryo Kawaguchi 8ab0989f8f
Make docker-tests less verbose and easier to add new tests (#311)
* Make docker-tests less verbose and easier to add new tests

* Fix positional argument parsing

* Suppress more logs unless --verbose is specified
2024-04-22 21:10:57 +09:00
Saber Haj Rabiee 15602388f6
fix nightly build (#304)
* fix nightly build

* update toml dep in server for consistency

* cargo update

* fix clippy errors
2024-04-19 00:09:23 +09:00
Brian Schwind 4fb77f8eda
Report wireguard endpoint as a candidate when an endpoint override is in place (#305)
* Use our Endpoints type alias

* Add the recent wireguard endpoint to NAT candidates if a peer has an endpoint override

* Simplify logic in the inject_endpoints() function

Co-authored-by: Matěj Laitl <matej@laitl.cz>

* Specify mock wireguard endpoints for developer 1 and 2 in the test data

* Add a test for verifying the wireguard endpoint is returned in the list of NAT candidates

* Remove FromStr usage

* Appease clippy

---------

Co-authored-by: Matěj Laitl <matej@laitl.cz>
2024-04-03 13:45:52 +09:00
Brian Schwind a9e2f55c91
Fix a clippy lint (#300) 2024-02-05 12:24:53 +09:00
Linus Kendall aa1ac515e8
Add CLI parameters for disable/enable peer (#248)
* Add CLI parameters for disable/enable peer

Fixes tonarino/innernet#214.

* Formatting

* Remove redundant clones

* Require name for yes param

Yes param only makes sense if name is provided.

* Formatting
2024-01-15 22:43:00 +01:00
Brian Schwind 489f505f67
meta: release v1.6.1 (#295)
Co-authored-by: straylight-annex-portal <tonari@straylight-annex-portal>
2023-12-27 12:42:31 +09:00
Matěj Laitl b385ec6549
Fix clippy 1.72 and 1.73 lints (#289)
Classic PR of mine.
2023-10-16 09:22:53 +02:00
Jake McGinty 376ab64ed2
Fix docker tests (#282)
* better docker test output

* force wireguard-go builder and rust image to same debian version
2023-08-23 08:45:32 +02:00
Matěj Laitl b90024d3d3
Update netlink ecosystem packages (#281)
Should fix https://github.com/tonarino/innernet/issues/280

Co-authored-by: Jake McGinty <me@jakebot.org>
2023-08-19 11:00:02 +00:00
Wayne Walker 864c83c1f1
#277 - add gcc, change dnf to yum (#278) 2023-07-11 09:14:53 +02:00
Jake McGinty 5eaad112b0
publicip: fix IPv4 resolution on macOS (#275) 2023-07-10 09:09:32 +02:00
John Whittington dc7ae0e15c
x25519-dalek rc.2 no longer exists, bump to rc.3 (#274) 2023-07-07 12:02:21 +02:00
Matěj Laitl 6597a711bd
Drop the release-artifacts (.deb packages) CI job (#272)
Follow-up to #203. In that issues we've found out that the built packages don't work correctly on some Debian versions.

We've (@mcginty I think?) when manually removed them from the 1.5.4 release artifacts, and they have been provided by 3rd party repositories since.

So drop the CI jobs.
2023-07-04 21:07:02 +02:00
Matěj Laitl 8d058c8d87
meta: release v1.6.0 (ran on Linux) (#270)
* meta: release v1.6.0

* README: update release steps
2023-06-14 10:49:16 +02:00
Jake McGinty 0998593d55
update release.toml for latest cargo-release compat (#268) 2023-06-14 09:29:56 +02:00
Matěj Laitl c629e01076
meta: add Brian, Ryo, Matěj as authors, canonicalize Jake's email (#267)
* meta: add Brian, Ryo, Matěj as authors, canonicalize Jake's email

Follow-up to #252.

* Also update shared/Cargo.toml

Co-authored-by: Jake McGinty <me@jakebot.org>

---------

Co-authored-by: Jake McGinty <me@jakebot.org>
2023-06-06 12:21:11 +09:00
Matěj Laitl b3a9718abc
Drop warning about using the inn symlink (#266)
Follow-up to just-merged #175. We no longer install the `inn` symlink, so users doing that manually should know what they are doing.
2023-06-02 09:56:56 +02:00
Caleb Maclennan 68df161264
build: drop 'inn' symlink from deb/rpm packaging (#175) 2023-06-02 08:45:40 +02:00
Eva Pace de7ec99ad9
Optimize /etc/hosts writes (#259)
* hostsfile: change internal map from hash to btree

This change makes the innernet section of /etc/hosts always ordered and
deterministic. We can take advantage of that to avoid writes, that will
be done in another commit.

* hostsfile: reduce number of writes if content hasn't changed

* hostsfile: return bool to inform if file has been written

This commit also makes the logs print accordingly to the new behavior.

* hostsfile: remove has_content_changed in favor of comparing old and new sections

* hostsfile: print the correct hosts path in log message

* hostsfile: remove unnecessary intermediate variable
2023-06-02 08:42:54 +02:00
Jake McGinty 33cee129d1
Various dependency updates (#265)
* update netlink-*, toml, clap, other small dependencies
* switch back to x25519-dalek from curve25519-dalek
2023-06-01 01:25:46 -05:00
Brian Schwind 0057a703ff
Turn ChangeString into a PeerChange enum (#263)
* Turn ChangeString into a PeerChange enum, don't print NAT traversal reattempt as a modification

* Remove the ChangeString type

* Fix a stupid copy-paste error
2023-06-01 12:11:31 +09:00
Brian Schwind bd4aabe787
Reset peer's endpoint when NAT traversal fails to connect to any endpoint candidates (#262)
* Add a missing call to reset a peer's endpoint when NAT traversal fails to connect to any endpoint candidates

* Simplify the process of resetting a peer to its server-reported endpoint
2023-05-31 11:48:52 +09:00
Jake McGinty ebeac3db76 migrate from lazy_static to once_cell across project 2023-05-30 11:24:40 +02:00
Ryan Gonzalez f67457e0a4 Use the proper netlink buffer size with large kernel pages
The recommended netlink buffer size is based on the system's page size,
which means that the current size is far too small for systems with 16k
or 64k pages, such as Asahi Linux or RHEL's kernel-64k for ARM64. On
these systems, the server fails to start with errors like this:

Error: Decode error occurred: invalid netlink buffer: length field says 1444 the buffer is 1260 bytes long

Instead, follow the kernel's own netlink docs to compute the buffer
size. The approach here matches the approach merged into Chromium
recently:

https://chromium-review.googlesource.com/c/chromium/src/+/4312885
2023-05-30 09:24:07 +02:00
Matěj Laitl ae96e05e90 Link @tommie's Debian/Ubuntu build repo from README
Per https://github.com/tonarino/innernet/issues/203#issuecomment-1556708337
2023-05-23 08:35:26 +02:00
Jake McGinty b4df350b1c meta: update jake's email address 2023-04-15 08:45:11 +02:00
Matěj Laitl 55beed3c2d Remove extraneous into_iter() (clippy 1.68 fix)
https://doc.rust-lang.org/std/fs/fn.read_dir.html already returns an Iterator (`ReadDir`s IntoIter implementation returns `self`)
2023-03-28 16:03:56 +02:00
Matěj Laitl fa43bea359 Add `Actively Maintained` and `MIT` license badges to README
The maintenance badge leads to https://gist.github.com/cheerfulstoic/d107229326a01ff0f333a1d3476e068d

_Actively Maintained_ is described there as
> The maintainer(s) of this project are responding to issues and integrating code contributions

...which should set the correct expectations for people stumbling upon. Not explicitly said, but I count that also means we'll be doing (minor, mostly) releases.
2023-02-24 22:44:06 +01:00
Matěj Laitl 0dc92de722 Auto-apply clippy lint fixes from Rust 1.67 2023-02-05 03:13:54 +09:00
Matěj Laitl 103896dd88 Fix rand_core dependency, cargo update
Should fix #242.

We depend on `getrandom` feature of `rand_core`, but we weren't specifying that.

It worked because `curve25519-dalek 4.0.0-pre.2` was pulling the `getrandom` feature of `rand_core`, but after updating it to `4.0.0-pre.5` it stopped pulling `rand_core` altogether.

After the cargo-update, all out dependencies are on their newest version, sans clap 3.2, which could be updated to 4.0. It has quite some breaking API changes, so I'll leave that for a separate PR.
2023-01-13 14:31:45 +09:00
Matěj Laitl 90c03de835 Update Ubuntu dependencies to fix CI
I was not sure what version to use as Ubuntu jammy has clang 11, 12, 13 and 14 (!). I stayed conservative.
2023-01-03 22:42:50 +01:00
Matěj Laitl 2859684864 cargo clippy --fix --all-targets (clippy 1.66)
This is exclusively (if I look correctly) redundant referencing.
2023-01-03 22:42:50 +01:00
Matěj Laitl 0062421426 README: clarify that we're no longer building .deb and RPM
...and say that we're looking for help.

Relates to #203 (main issue), #197, #202, #212, #227, #236, #237.
2022-12-01 12:18:09 +01:00
Matěj Laitl 00c2b3c6a1 CI: use stable clippy
Using nightly one leads to having to resolve lints more frequently than rust releases, which is
getting inconvenient.

It also leads to a small compatibility issue with stable clippy: if we need to #[allow] a lint that
is only present in nightly clippy, then stable clippy complains about unknown ling in the `allow`.
2022-12-01 10:29:48 +01:00
Jake McGinty eac6071d7a meta: release v1.5.5 2022-09-23 23:16:35 -05:00
Jake McGinty f36eb301ce server: fix clippy nit in linux-only code 2022-09-23 23:07:57 -05:00
Jake McGinty 1aa16c84f5
actions: add missing clippy component for nightly 2022-09-24 13:01:56 +09:00
Jake McGinty f0fe19674c
actions: use nightly clippy
Doing this alongside nightly fmt makes sense to me, anyway.
2022-09-24 12:55:06 +09:00
Jake McGinty b39b77aa5a meta: appease clippy 2022-09-23 23:43:33 -04:00
Jake McGinty eb5b5370df meta: cargo update 2022-09-23 23:38:23 -04:00
Jake McGinty e98c0659ef meta: cargo fmt 2022-08-10 16:40:32 -06:00
Jake McGinty 1fb5874527 meta: appease clippy 2022-08-10 16:39:09 -06:00
Jake McGinty c9dbeefaaa shared: update nix to 0.24 2022-08-10 16:30:45 -06:00
Jake McGinty 55671ec80a meta: cargo update 2022-08-10 15:58:46 -06:00
Richard Schneider ca22927558
External endpoint IP prompt change (#222)
* Change phrasing of external IP address prompt

* Remove println! call in ask_endpoint
2022-08-11 06:16:12 +09:00
Jakob-Niklas See 15594d4458
server: Implement disable-peer and enable-peer commands (#226)
* client: Update enable_or_disable_peer exit message to be more accurate

* server: Implement disable-peer and enable-peer commands

* server: Immediately apply enable- and disable-peer to device
2022-08-11 06:13:55 +09:00
Jake McGinty 047660733b server: add link in comment for rusqlite musl workaround 2022-08-10 14:21:11 -06:00