From c4fdf731f3e747b6018d4de2452f2beff066e3a4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20W=C3=B3jcik?= Date: Fri, 25 Jul 2025 13:31:57 +0200 Subject: [PATCH 1/3] update dependencies --- Cargo.lock | 34 ++++++++++++++++++++++------------ Cargo.toml | 2 +- 2 files changed, 23 insertions(+), 13 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9fbb591863..61aabb2118 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2110,9 +2110,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.15" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f66d5bd4c6f02bf0542fad85d626775bab9258cf795a4256dcaf3161114d1df" +checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e" dependencies = [ "base64 0.22.1", "bytes", @@ -2126,7 +2126,7 @@ dependencies = [ "libc", "percent-encoding", "pin-project-lite", - "socket2", + "socket2 0.6.0", "system-configuration", "tokio", "tower-service", @@ -2329,9 +2329,9 @@ dependencies = [ [[package]] name = "io-uring" -version = "0.7.8" +version = "0.7.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b86e202f00093dcba4275d4636b93ef9dd75d025ae560d2521b45ea28ab49013" +checksum = "d93587f37623a1a17d94ef2bc9ada592f5465fe7732084ab7beefabe5c77c0c4" dependencies = [ "bitflags 2.9.1", "cfg-if", @@ -2539,7 +2539,7 @@ dependencies = [ "nom 8.0.0", "percent-encoding", "quoted_printable", - "socket2", + "socket2 0.5.10", "tokio", "tokio-native-tls", "url", @@ -3495,9 +3495,9 @@ dependencies = [ [[package]] name = "prettyplease" -version = "0.2.35" +version = "0.2.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "061c1221631e079b26479d25bbf2275bfe5917ae8419cd7e34f13bfc2aa7539a" +checksum = "ff24dfcda44452b9816fff4cd4227e1bb73ff5a2f1bc1105aa92fb8565ce44d2" dependencies = [ "proc-macro2", "syn", @@ -3639,7 +3639,7 @@ dependencies = [ "quinn-udp", "rustc-hash", "rustls", - "socket2", + "socket2 0.5.10", "thiserror 2.0.12", "tokio", "tracing", @@ -3676,7 +3676,7 @@ dependencies = [ "cfg_aliases", "libc", "once_cell", - "socket2", + "socket2 0.5.10", "tracing", "windows-sys 0.59.0", ] @@ -4522,6 +4522,16 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "socket2" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "233504af464074f9d066d7b5416c5f9b894a5862a6506e306f7b816cdd6f1807" +dependencies = [ + "libc", + "windows-sys 0.59.0", +] + [[package]] name = "spin" version = "0.9.8" @@ -5081,7 +5091,7 @@ dependencies = [ "parking_lot", "pin-project-lite", "slab", - "socket2", + "socket2 0.5.10", "tokio-macros", "windows-sys 0.52.0", ] @@ -5183,7 +5193,7 @@ dependencies = [ "prost", "rustls-native-certs", "rustls-pemfile", - "socket2", + "socket2 0.5.10", "tokio", "tokio-rustls", "tokio-stream", diff --git a/Cargo.toml b/Cargo.toml index c48ad4cde3..3a5f0a6d97 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ resolver = "2" [workspace.dependencies] # internal crates -defguard_core = { path = "./crates/defguard_core", version = "1.3.1" } +defguard_core = { path = "./crates/defguard_core", version = "1.5.0" } defguard_event_logger = { path = "./crates/defguard_event_logger", version = "0.0.0" } defguard_event_router = { path = "./crates/defguard_event_router", version = "0.0.0" } defguard_web_ui = { path = "./crates/defguard_web_ui", version = "0.0.0" } From 52072ee4c152851473c2d049ce00662b47aa7bb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20W=C3=B3jcik?= Date: Fri, 25 Jul 2025 13:44:41 +0200 Subject: [PATCH 2/3] use actual device name in MFA connect event --- crates/defguard_core/src/events.rs | 4 ++-- crates/defguard_core/src/grpc/desktop_client_mfa.rs | 9 +++++++-- crates/defguard_event_logger/src/message.rs | 2 +- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/crates/defguard_core/src/events.rs b/crates/defguard_core/src/events.rs index 9f37e055b3..1bb249aeae 100644 --- a/crates/defguard_core/src/events.rs +++ b/crates/defguard_core/src/events.rs @@ -331,7 +331,7 @@ pub struct BidiRequestContext { pub user_id: Id, pub username: String, pub ip: IpAddr, - pub user_agent: String, + pub device_name: String, } impl BidiRequestContext { @@ -342,7 +342,7 @@ impl BidiRequestContext { user_id, username, ip, - user_agent, + device_name: user_agent, } } } diff --git a/crates/defguard_core/src/grpc/desktop_client_mfa.rs b/crates/defguard_core/src/grpc/desktop_client_mfa.rs index ba8891f433..ddcf0c3c7f 100644 --- a/crates/defguard_core/src/grpc/desktop_client_mfa.rs +++ b/crates/defguard_core/src/grpc/desktop_client_mfa.rs @@ -315,8 +315,13 @@ impl ClientMfaServer { } = session; // Prepare event context - let (ip, user_agent) = parse_client_info(&info).map_err(Status::internal)?; - let context = BidiRequestContext::new(user.id, user.username.clone(), ip, user_agent); + let (ip, _user_agent) = parse_client_info(&info).map_err(Status::internal)?; + let context = BidiRequestContext::new( + user.id, + user.username.clone(), + ip, + format!("{} (ID {})", device.name, device.id), + ); // validate code match method { diff --git a/crates/defguard_event_logger/src/message.rs b/crates/defguard_event_logger/src/message.rs index a5475ee2df..9100416fbf 100644 --- a/crates/defguard_event_logger/src/message.rs +++ b/crates/defguard_event_logger/src/message.rs @@ -74,7 +74,7 @@ impl EventContext { username: val.username, location, ip: val.ip, - device: val.user_agent, + device: val.device_name, } } From 9b9d672b7e7f498d3d44839fe691d293cc8de10a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20W=C3=B3jcik?= Date: Fri, 25 Jul 2025 14:03:54 +0200 Subject: [PATCH 3/3] also handle OIDC flow --- .../src/enterprise/grpc/desktop_client_mfa.rs | 9 +++++++-- crates/defguard_core/src/events.rs | 4 ++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/crates/defguard_core/src/enterprise/grpc/desktop_client_mfa.rs b/crates/defguard_core/src/enterprise/grpc/desktop_client_mfa.rs index 9897fbd72f..ec7187f037 100644 --- a/crates/defguard_core/src/enterprise/grpc/desktop_client_mfa.rs +++ b/crates/defguard_core/src/enterprise/grpc/desktop_client_mfa.rs @@ -65,8 +65,13 @@ impl ClientMfaServer { return Err(Status::invalid_argument("invalid MFA method")); } - let (ip, user_agent) = parse_client_info(&info).map_err(Status::internal)?; - let context = BidiRequestContext::new(user.id, user.username.clone(), ip, user_agent); + let (ip, _user_agent) = parse_client_info(&info).map_err(Status::internal)?; + let context = BidiRequestContext::new( + user.id, + user.username.clone(), + ip, + format!("{} (ID {})", device.name, device.id), + ); let code = AuthorizationCode::new(request.code.clone()); let url = match Url::parse(&request.callback_url).map_err(|err| { diff --git a/crates/defguard_core/src/events.rs b/crates/defguard_core/src/events.rs index 1bb249aeae..9b5b1d571b 100644 --- a/crates/defguard_core/src/events.rs +++ b/crates/defguard_core/src/events.rs @@ -335,14 +335,14 @@ pub struct BidiRequestContext { } impl BidiRequestContext { - pub fn new(user_id: Id, username: String, ip: IpAddr, user_agent: String) -> Self { + pub fn new(user_id: Id, username: String, ip: IpAddr, device_name: String) -> Self { let timestamp = Utc::now().naive_utc(); Self { timestamp, user_id, username, ip, - device_name: user_agent, + device_name, } } }