diff --git a/Cargo.lock b/Cargo.lock index edc53f75..39d7b879 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -82,28 +82,6 @@ version = "1.0.98" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e16d2d3311acee920a9eb8d33b8cbc1787ce4a264e85f964c2404b969bdcd487" -[[package]] -name = "async-stream" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b5a71a6f37880a80d1d7f19efd781e4b5de42c88f0722cc13bcb6cc2cfe8476" -dependencies = [ - "async-stream-impl", - "futures-core", - "pin-project-lite", -] - -[[package]] -name = "async-stream-impl" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "async-trait" version = "0.1.88" @@ -127,40 +105,13 @@ version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8" -[[package]] -name = "axum" -version = "0.7.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edca88bc138befd0323b20752846e6587272d3b03b0343c8ea28a6f819e6e71f" -dependencies = [ - "async-trait", - "axum-core 0.4.5", - "bytes", - "futures-util", - "http", - "http-body", - "http-body-util", - "itoa", - "matchit 0.7.3", - "memchr", - "mime", - "percent-encoding", - "pin-project-lite", - "rustversion", - "serde", - "sync_wrapper", - "tower 0.5.2", - "tower-layer", - "tower-service", -] - [[package]] name = "axum" version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "021e862c184ae977658b36c4500f7feac3221ca5da43e3f25bd04ab6c79a29b5" dependencies = [ - "axum-core 0.5.2", + "axum-core", "axum-macros", "bytes", "form_urlencoded", @@ -171,7 +122,7 @@ dependencies = [ "hyper", "hyper-util", "itoa", - "matchit 0.8.4", + "matchit", "memchr", "mime", "percent-encoding", @@ -183,32 +134,12 @@ dependencies = [ "serde_urlencoded", "sync_wrapper", "tokio", - "tower 0.5.2", + "tower", "tower-layer", "tower-service", "tracing", ] -[[package]] -name = "axum-core" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09f2bd6146b97ae3359fa0cc6d6b376d9539582c7b4220f041a33ec24c226199" -dependencies = [ - "async-trait", - "bytes", - "futures-util", - "http", - "http-body", - "http-body-util", - "mime", - "pin-project-lite", - "rustversion", - "sync_wrapper", - "tower-layer", - "tower-service", -] - [[package]] name = "axum-core" version = "0.5.2" @@ -281,9 +212,9 @@ checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" [[package]] name = "cc" -version = "1.2.27" +version = "1.2.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d487aa071b5f64da6f19a3e848e3578944b726ee5a4854b82172f02aa876bfdc" +checksum = "c3a42d84bb6b69d3a8b3eaacf0d88f179e1929695e1ad012b6cf64d9caaa5fd2" dependencies = [ "jobserver", "libc", @@ -304,9 +235,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" [[package]] name = "clap" -version = "4.5.40" +version = "4.5.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "40b6887a1d8685cebccf115538db5c0efe625ccac9696ad45c409d96566e910f" +checksum = "ed87a9d530bb41a67537289bafcac159cb3ee28460e0a4571123d2a778a6a882" dependencies = [ "clap_builder", "clap_derive", @@ -314,9 +245,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.40" +version = "4.5.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0c66c08ce9f0c698cbce5c0279d0bb6ac936d8674174fe48f736533b964f59e" +checksum = "64f4f3f3c77c94aff3c7e9aac9a2ca1974a5adf392a8bb751e827d6d127ab966" dependencies = [ "anstream", "anstyle", @@ -326,9 +257,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.40" +version = "4.5.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2c7947ae4cc3d851207c1adb5b5e260ff0cca11446b1d6d1423788e442257ce" +checksum = "ef4f52386a59ca4c860f7393bcf8abd8dfd91ecccc0f774635ff68e92eeef491" dependencies = [ "heck", "proc-macro2", @@ -375,9 +306,9 @@ dependencies = [ [[package]] name = "crc32fast" -version = "1.4.2" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" +checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511" dependencies = [ "cfg-if", ] @@ -447,7 +378,7 @@ dependencies = [ name = "defguard-gateway" version = "1.5.0" dependencies = [ - "axum 0.8.4", + "axum", "base64", "clap", "defguard_wireguard_rs", @@ -467,7 +398,8 @@ dependencies = [ "tokio-stream", "toml", "tonic", - "tonic-build", + "tonic-prost", + "tonic-prost-build", "vergen-git2", "x25519-dalek", ] @@ -475,7 +407,8 @@ dependencies = [ [[package]] name = "defguard_wireguard_rs" version = "0.7.5" -source = "git+https://github.com/DefGuard/wireguard-rs.git?rev=v0.7.5#d090d2249e5bb3d4154f07de098387e2ab69bfdc" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e2d2f56ffaf56903a51b128c6f6730b8b344fab0d0be0f5db0b65dcccbb7334" dependencies = [ "base64", "libc", @@ -734,19 +667,13 @@ dependencies = [ "futures-core", "futures-sink", "http", - "indexmap 2.10.0", + "indexmap", "slab", "tokio", "tokio-util", "tracing", ] -[[package]] -name = "hashbrown" -version = "0.12.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" - [[package]] name = "hashbrown" version = "0.15.4" @@ -852,9 +779,9 @@ dependencies = [ [[package]] name = "hyper-util" -version = "0.1.14" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc2fdfdbff08affe55bb779f33b053aa1fe5dd5b54c257343c17edfa55711bdb" +checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e" dependencies = [ "bytes", "futures-channel", @@ -986,22 +913,23 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.9.3" +version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" +checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661" dependencies = [ - "autocfg", - "hashbrown 0.12.3", + "equivalent", + "hashbrown", ] [[package]] -name = "indexmap" -version = "2.10.0" +name = "io-uring" +version = "0.7.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661" +checksum = "d93587f37623a1a17d94ef2bc9ada592f5465fe7732084ab7beefabe5c77c0c4" dependencies = [ - "equivalent", - "hashbrown 0.15.4", + "bitflags", + "cfg-if", + "libc", ] [[package]] @@ -1113,12 +1041,6 @@ version = "0.4.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" -[[package]] -name = "matchit" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e7465ac9959cc2b1404e8e2367b43684a6d13790fe23056cc8c6c5a6b7bcb94" - [[package]] name = "matchit" version = "0.8.4" @@ -1362,7 +1284,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3672b37090dbd86368a4145bc067582552b29c27377cad4e0a306c97f9bd7772" dependencies = [ "fixedbitset", - "indexmap 2.10.0", + "indexmap", ] [[package]] @@ -1433,20 +1355,11 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" -[[package]] -name = "ppv-lite86" -version = "0.2.21" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" -dependencies = [ - "zerocopy", -] - [[package]] name = "prettyplease" -version = "0.2.35" +version = "0.2.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "061c1221631e079b26479d25bbf2275bfe5917ae8419cd7e34f13bfc2aa7539a" +checksum = "ff24dfcda44452b9816fff4cd4227e1bb73ff5a2f1bc1105aa92fb8565ce44d2" dependencies = [ "proc-macro2", "syn", @@ -1463,9 +1376,9 @@ dependencies = [ [[package]] name = "prost" -version = "0.13.5" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2796faa41db3ec313a31f7624d9286acf277b52de526150b7e69f3debf891ee5" +checksum = "7231bd9b3d3d33c86b58adbac74b5ec0ad9f496b19d22801d773636feaa95f3d" dependencies = [ "bytes", "prost-derive", @@ -1473,9 +1386,9 @@ dependencies = [ [[package]] name = "prost-build" -version = "0.13.5" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be769465445e8c1474e9c5dac2018218498557af32d9ed057325ec9a41ae81bf" +checksum = "ac6c3320f9abac597dcbc668774ef006702672474aad53c6d596b62e487b40b1" dependencies = [ "heck", "itertools", @@ -1486,6 +1399,8 @@ dependencies = [ "prettyplease", "prost", "prost-types", + "pulldown-cmark", + "pulldown-cmark-to-cmark", "regex", "syn", "tempfile", @@ -1493,9 +1408,9 @@ dependencies = [ [[package]] name = "prost-derive" -version = "0.13.5" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a56d757972c98b346a9b766e3f02746cde6dd1cd1d1d563472929fdd74bec4d" +checksum = "9120690fafc389a67ba3803df527d0ec9cbbc9cc45e4cc20b332996dfb672425" dependencies = [ "anyhow", "itertools", @@ -1506,48 +1421,47 @@ dependencies = [ [[package]] name = "prost-types" -version = "0.13.5" +version = "0.14.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52c2c1bf36ddb1a1c396b3601a3cec27c2462e45f07c386894ec3ccf5332bd16" +checksum = "b9b4db3d6da204ed77bb26ba83b6122a73aeb2e87e25fbf7ad2e84c4ccbf8f72" dependencies = [ "prost", ] [[package]] -name = "quote" -version = "1.0.40" +name = "pulldown-cmark" +version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" +checksum = "1e8bbe1a966bd2f362681a44f6edce3c2310ac21e4d5067a6e7ec396297a6ea0" dependencies = [ - "proc-macro2", + "bitflags", + "memchr", + "unicase", ] [[package]] -name = "r-efi" -version = "5.3.0" +name = "pulldown-cmark-to-cmark" +version = "21.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" +checksum = "e5b6a0769a491a08b31ea5c62494a8f144ee0987d86d670a8af4df1e1b7cde75" +dependencies = [ + "pulldown-cmark", +] [[package]] -name = "rand" -version = "0.8.5" +name = "quote" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" +checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d" dependencies = [ - "libc", - "rand_chacha", - "rand_core", + "proc-macro2", ] [[package]] -name = "rand_chacha" -version = "0.3.1" +name = "r-efi" +version = "5.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core", -] +checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" [[package]] name = "rand_core" @@ -1603,9 +1517,9 @@ dependencies = [ [[package]] name = "rustc-demangle" -version = "0.1.25" +version = "0.1.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "989e6739f80c4ad5b13e0fd7fe89531180375b18520cc8c82080e4dc4035b84f" +checksum = "56f7d92ca342cea22a06f2121d944b4fd82af56988c270852495420f961d4ace" [[package]] name = "rustc_version" @@ -1618,22 +1532,22 @@ dependencies = [ [[package]] name = "rustix" -version = "1.0.7" +version = "1.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c71e83d6afe7ff64890ec6b71d6a69bb8a610ab78ce364b3352876bb4c801266" +checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8" dependencies = [ "bitflags", "errno", "libc", "linux-raw-sys", - "windows-sys 0.59.0", + "windows-sys 0.60.2", ] [[package]] name = "rustls" -version = "0.23.28" +version = "0.23.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7160e3e10bf4535308537f3c4e1641468cd0e485175d6163087c0393c7d46643" +checksum = "c0ebcbd2f03de0fc1122ad9bb24b127a5a6cd51d72604a3f3c50ac459762b6cc" dependencies = [ "log", "once_cell", @@ -1656,15 +1570,6 @@ dependencies = [ "security-framework", ] -[[package]] -name = "rustls-pemfile" -version = "2.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50" -dependencies = [ - "rustls-pki-types", -] - [[package]] name = "rustls-pki-types" version = "1.12.0" @@ -1676,9 +1581,9 @@ dependencies = [ [[package]] name = "rustls-webpki" -version = "0.103.3" +version = "0.103.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e4a72fe2bcf7a6ac6fd7d0b9e5cb68aeb7d4c0a0271730218b3e92d43b4eb435" +checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc" dependencies = [ "ring", "rustls-pki-types", @@ -1757,9 +1662,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.140" +version = "1.0.142" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20068b6e96dc6c9bd23e01df8827e6c7e1f2fddd43c21810382803c136b99373" +checksum = "030fedb782600dcbd6f02d479bf0d817ac3bb40d644745b769d6a96bc3afc5a7" dependencies = [ "itoa", "memchr", @@ -1779,9 +1684,9 @@ dependencies = [ [[package]] name = "serde_spanned" -version = "0.6.9" +version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3" +checksum = "40734c41988f7306bb04f0ecf60ec0f3f1caa34290e4e8ea471dcd3346483b83" dependencies = [ "serde", ] @@ -1806,9 +1711,9 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" [[package]] name = "signal-hook-registry" -version = "1.4.5" +version = "1.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9203b8055f63a2a00e2f593bb0510367fe707d7ff1e5c872de2f537b339e5410" +checksum = "b2a4719bff48cee6b39d12c020eeb490953ad2443b7055bd0b21fca26bd8c28b" dependencies = [ "libc", ] @@ -1827,12 +1732,12 @@ checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "socket2" -version = "0.5.10" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e22376abed350d73dd1cd119b57ffccad95b4e585a7cda43e286245ce23c0678" +checksum = "233504af464074f9d066d7b5416c5f9b894a5862a6506e306f7b816cdd6f1807" dependencies = [ "libc", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -1991,19 +1896,21 @@ dependencies = [ [[package]] name = "tokio" -version = "1.45.1" +version = "1.47.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75ef51a33ef1da925cea3e4eb122833cb377c61439ca401b770f54902b806779" +checksum = "89e49afdadebb872d3145a5638b59eb0691ea23e46ca484037cfab3b76b95038" dependencies = [ "backtrace", "bytes", + "io-uring", "libc", "mio", "pin-project-lite", "signal-hook-registry", + "slab", "socket2", "tokio-macros", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] @@ -2040,9 +1947,9 @@ dependencies = [ [[package]] name = "tokio-util" -version = "0.7.15" +version = "0.7.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "66a539a9ad6d5d281510d5bd368c973d636c02dbf8a67300bfb6b950696ad7df" +checksum = "14307c986784f72ef81c89db7d9e28d6ac26d16213b109ea501696195e6e3ce5" dependencies = [ "bytes", "futures-core", @@ -2053,47 +1960,43 @@ dependencies = [ [[package]] name = "toml" -version = "0.8.23" +version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc1beb996b9d83529a9e75c17a1686767d148d70663143c7854d8b4a09ced362" +checksum = "75129e1dc5000bfbaa9fee9d1b21f974f9fbad9daec557a521ee6e080825f6e8" dependencies = [ "serde", "serde_spanned", "toml_datetime", - "toml_edit", + "toml_parser", + "winnow", ] [[package]] name = "toml_datetime" -version = "0.6.11" +version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22cddaf88f4fbc13c51aebbf5f8eceb5c7c5a9da2ac40a13519eb5b0a0e8f11c" +checksum = "bade1c3e902f58d73d3f294cd7f20391c1cb2fbcb643b73566bc773971df91e3" dependencies = [ "serde", ] [[package]] -name = "toml_edit" -version = "0.22.27" +name = "toml_parser" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41fe8c660ae4257887cf66394862d21dbca4a6ddd26f04a3560410406a2f819a" +checksum = "b551886f449aa90d4fe2bdaa9f4a2577ad2dde302c61ecf262d80b116db95c10" dependencies = [ - "indexmap 2.10.0", - "serde", - "serde_spanned", - "toml_datetime", "winnow", ] [[package]] name = "tonic" -version = "0.12.3" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "877c5b330756d856ffcc4553ab34a5684481ade925ecc54bcd1bf02b1d0d4d52" +checksum = "308e1db96abdccdf0a9150fb69112bf6ea72640e0bd834ef0c4a618ccc8c8ddc" dependencies = [ - "async-stream", "async-trait", - "axum 0.7.9", + "axum", "base64", "bytes", "flate2", @@ -2106,14 +2009,13 @@ dependencies = [ "hyper-util", "percent-encoding", "pin-project", - "prost", "rustls-native-certs", - "rustls-pemfile", "socket2", + "sync_wrapper", "tokio", "tokio-rustls", "tokio-stream", - "tower 0.4.13", + "tower", "tower-layer", "tower-service", "tracing", @@ -2121,36 +2023,41 @@ dependencies = [ [[package]] name = "tonic-build" -version = "0.12.3" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9557ce109ea773b399c9b9e5dca39294110b74f1f342cb347a80d1fce8c26a11" +checksum = "18262cdd13dec66e8e3f2e3fe535e4b2cc706fab444a7d3678d75d8ac2557329" dependencies = [ "prettyplease", "proc-macro2", - "prost-build", - "prost-types", "quote", "syn", ] [[package]] -name = "tower" -version = "0.4.13" +name = "tonic-prost" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c" +checksum = "2d8b5b7a44512c59f5ad45e0c40e53263cbbf4426d74fe6b569e04f1d4206e9c" dependencies = [ - "futures-core", - "futures-util", - "indexmap 1.9.3", - "pin-project", - "pin-project-lite", - "rand", - "slab", - "tokio", - "tokio-util", - "tower-layer", - "tower-service", - "tracing", + "bytes", + "prost", + "tonic", +] + +[[package]] +name = "tonic-prost-build" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "114cca66d757d72422ef8cccf8be3065321860ac9fa4be73aab37a8a20a9a805" +dependencies = [ + "prettyplease", + "proc-macro2", + "prost-build", + "prost-types", + "quote", + "syn", + "tempfile", + "tonic-build", ] [[package]] @@ -2161,9 +2068,12 @@ checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9" dependencies = [ "futures-core", "futures-util", + "indexmap", "pin-project-lite", + "slab", "sync_wrapper", "tokio", + "tokio-util", "tower-layer", "tower-service", "tracing", @@ -2219,6 +2129,12 @@ version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b" +[[package]] +name = "unicase" +version = "2.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539" + [[package]] name = "unicode-ident" version = "1.0.18" @@ -2353,7 +2269,7 @@ version = "0.60.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" dependencies = [ - "windows-targets 0.53.2", + "windows-targets 0.53.3", ] [[package]] @@ -2374,10 +2290,11 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.53.2" +version = "0.53.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef" +checksum = "d5fe6031c4041849d7c496a8ded650796e7b6ecc19df1a431c1a363342e5dc91" dependencies = [ + "windows-link", "windows_aarch64_gnullvm 0.53.0", "windows_aarch64_msvc 0.53.0", "windows_i686_gnu 0.53.0", @@ -2486,12 +2403,9 @@ checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" [[package]] name = "winnow" -version = "0.7.11" +version = "0.7.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74c7b26e3480b707944fc872477815d29a8e429d2f93a1ce000f5fa84a15cbcd" -dependencies = [ - "memchr", -] +checksum = "f3edebf492c8125044983378ecb5766203ad3b4c2f7a922bd7dd207f6d443e95" [[package]] name = "wit-bindgen-rt" @@ -2544,26 +2458,6 @@ dependencies = [ "synstructure", ] -[[package]] -name = "zerocopy" -version = "0.8.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1039dd0d3c310cf05de012d8a39ff557cb0d23087fd44cad61df08fc31907a2f" -dependencies = [ - "zerocopy-derive", -] - -[[package]] -name = "zerocopy-derive" -version = "0.8.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ecf5b4cc5364572d7f4c329661bcc82724222973f2cab6f050a4e5c22f75181" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "zerofrom" version = "0.1.6" @@ -2618,9 +2512,9 @@ dependencies = [ [[package]] name = "zerovec" -version = "0.11.2" +version = "0.11.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a05eb080e015ba39cc9e23bbe5e7fb04d5fb040350f99f34e338d5fdd294428" +checksum = "bdbb9122ea75b11bf96e7492afb723e8a7fbe12c67417aa95e7e3d18144d37cd" dependencies = [ "yoke", "zerofrom", diff --git a/Cargo.toml b/Cargo.toml index c39680fc..213fc8b8 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,25 +7,29 @@ edition = "2021" axum = { version = "0.8", features = ["macros"] } base64 = "0.22" clap = { version = "4.5", features = ["derive", "env"] } -defguard_wireguard_rs = { git = "https://github.com/DefGuard/wireguard-rs.git", rev = "v0.7.5" } +defguard_wireguard_rs = "0.7.5" env_logger = "0.11" gethostname = "1.0" ipnetwork = "0.21" libc = { version = "0.2", default-features = false } log = "0.4" -prost = "0.13" +prost = "0.14" serde = { version = "1.0", features = ["derive"] } syslog = "7.0" thiserror = "2.0" tokio = { version = "1", features = ["macros", "rt-multi-thread", "signal"] } tokio-stream = { version = "0.1", features = [] } -toml = { version = "0.8", default-features = false, features = ["parse"] } -tonic = { version = "0.12", default-features = false, features = [ +toml = { version = "0.9", default-features = false, features = [ + "parse", + "serde", +] } +tonic = { version = "0.14", default-features = false, features = [ "codegen", "gzip", - "prost", "tls-native-roots", + "tls-ring", ] } +tonic-prost = "0.14" [target.'cfg(target_os = "linux")'.dependencies] nftnl = { git = "https://github.com/DefGuard/nftnl-rs.git", rev = "1a1147271f43b9d7182a114bb056a5224c35d38f" } @@ -36,15 +40,15 @@ nix = { version = "0.30", default-features = false, features = ["ioctl"] } [dev-dependencies] tokio = { version = "1", features = ["io-std", "io-util"] } -tonic = { version = "0.12", default-features = false, features = [ +tonic = { version = "0.14", default-features = false, features = [ "codegen", - "prost", + "router", "transport", ] } x25519-dalek = { version = "2.0", features = ["getrandom", "static_secrets"] } [build-dependencies] -tonic-build = { version = "0.12" } +tonic-prost-build = "0.14" vergen-git2 = { version = "1.0", features = ["build"] } [profile.release] diff --git a/build.rs b/build.rs index 74db20ad..e9fddc48 100644 --- a/build.rs +++ b/build.rs @@ -5,18 +5,17 @@ fn main() -> Result<(), Box> { let git2 = Git2Builder::default().branch(true).sha(true).build()?; Emitter::default().add_instructions(&git2)?.emit()?; - // compiling protos using path on build time - let mut config = tonic_build::Config::new(); - // enable optional fields - config.protoc_arg("--experimental_allow_proto3_optional"); - tonic_build::configure().compile_protos_with_config( - config, - &[ - "proto/wireguard/gateway.proto", - "proto/enterprise/firewall/firewall.proto", - ], - &["proto/wireguard", "proto/enterprise/firewall"], - )?; + tonic_prost_build::configure() + // enable optional fields + .protoc_arg("--experimental_allow_proto3_optional") + // compiling protos using path on build time + .compile_protos( + &[ + "proto/wireguard/gateway.proto", + "proto/enterprise/firewall/firewall.proto", + ], + &["proto/wireguard", "proto/enterprise/firewall"], + )?; println!("cargo:rerun-if-changed=proto"); Ok(()) } diff --git a/src/enterprise/firewall/packetfilter/api.rs b/src/enterprise/firewall/packetfilter/api.rs index 48d9e202..ffa26c25 100644 --- a/src/enterprise/firewall/packetfilter/api.rs +++ b/src/enterprise/firewall/packetfilter/api.rs @@ -34,7 +34,7 @@ impl FirewallManagementApi for FirewallApi { let mut ioc_trans = IocTrans::new(elements.as_mut_slice()); // This will create an anchor if it doesn't exist. unsafe { - pf_begin(self.fd(), &mut ioc_trans)?; + pf_begin(self.fd(), &raw mut ioc_trans)?; } let ticket = elements[0].ticket; @@ -46,7 +46,7 @@ impl FirewallManagementApi for FirewallApi { debug!("Rollback pf transaction."); // Rule cannot be added, so rollback. unsafe { - pf_rollback(self.fd(), &mut ioc_trans)?; + pf_rollback(self.fd(), &raw mut ioc_trans)?; return Err(FirewallError::TransactionFailed(err.to_string())); } } @@ -57,7 +57,7 @@ impl FirewallManagementApi for FirewallApi { debug!("Rollback pf transaction."); // Rule cannot be added, so rollback. unsafe { - pf_rollback(self.fd(), &mut ioc_trans)?; + pf_rollback(self.fd(), &raw mut ioc_trans)?; return Err(FirewallError::TransactionFailed(err.to_string())); } } @@ -66,7 +66,7 @@ impl FirewallManagementApi for FirewallApi { // Commit transaction. debug!("Commit pf transaction."); unsafe { - pf_commit(self.file.as_raw_fd(), &mut ioc_trans).unwrap(); + pf_commit(self.file.as_raw_fd(), &raw mut ioc_trans).unwrap(); } Ok(()) @@ -75,8 +75,8 @@ impl FirewallManagementApi for FirewallApi { /// Setup Network Address Translation using POSTROUTING chain rules fn setup_nat( &mut self, - masquerade_enabled: bool, - snat_bindings: &[SnatBinding], + _masquerade_enabled: bool, + _snat_bindings: &[SnatBinding], ) -> Result<(), FirewallError> { Ok(()) } diff --git a/src/enterprise/firewall/packetfilter/calls.rs b/src/enterprise/firewall/packetfilter/calls.rs index e81b7312..e4f2054e 100644 --- a/src/enterprise/firewall/packetfilter/calls.rs +++ b/src/enterprise/firewall/packetfilter/calls.rs @@ -115,14 +115,14 @@ impl AddrWrap { #[must_use] fn with_interface(ifname: &str) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); let len = ifname.len().min(IFNAMSIZ - 1); unsafe { - (*self_ptr).v.ifname[..len].copy_from_slice(&ifname.as_bytes()[..len]); + let self_ptr = &mut *uninit.as_mut_ptr(); + self_ptr.v.ifname[..len].copy_from_slice(&ifname.as_bytes()[..len]); // Probably, this is needed only for pfctl to omit displaying number of bits. // FIXME: Fill all bytes for IPv6. - (*self_ptr).v.a.mask[..4].fill(255); - (*self_ptr).r#type = AddrType::DynIftl; + self_ptr.v.a.mask[..4].fill(255); + self_ptr.r#type = AddrType::DynIftl; } unsafe { uninit.assume_init() } @@ -211,7 +211,7 @@ struct TailQueue { impl TailQueue { fn init(&mut self) { self.tqh_first = ptr::null_mut(); - self.tqh_last = &mut self.tqh_first; + self.tqh_last = &raw mut self.tqh_first; } } @@ -332,13 +332,14 @@ impl Pool { /// Insert `PoolAddr` at the end of the list. Take ownership of the given `PoolAddr`. pub(super) fn insert_pool_addr(&mut self, mut pool_addr: PoolAddr) { // TODO: Traverse tail queue; for now assume empty tail queue. - if !self.list.tqh_first.is_null() { - panic!("Expected one entry in PoolAddr TailQueue."); - } - self.list.tqh_first = &mut pool_addr; - self.list.tqh_last = &mut pool_addr.entries.tqe_next; + assert!( + self.list.tqh_first.is_null(), + "Expected one entry in PoolAddr TailQueue." + ); + self.list.tqh_first = &raw mut pool_addr; + self.list.tqh_last = &raw mut pool_addr.entries.tqe_next; pool_addr.entries.tqe_next = ptr::null_mut(); - pool_addr.entries.tqe_prev = &mut self.list.tqh_first; + pool_addr.entries.tqe_prev = &raw mut self.list.tqh_first; } } @@ -554,51 +555,52 @@ pub(super) struct Rule { impl Rule { pub(super) fn from_pf_rule(pf_rule: &PacketFilterRule) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); unsafe { + let self_ptr = &mut *uninit.as_mut_ptr(); + if let Some(from) = pf_rule.from { - (*self_ptr).src = RuleAddr::new(from, pf_rule.from_port); + self_ptr.src = RuleAddr::new(from, pf_rule.from_port); } if let Some(to) = pf_rule.to { - (*self_ptr).dst = RuleAddr::new(to, pf_rule.to_port); + self_ptr.dst = RuleAddr::new(to, pf_rule.to_port); } if let Some(interface) = &pf_rule.interface { let len = interface.len().min(IFNAMSIZ - 1); - (*self_ptr).ifname[..len].copy_from_slice(&interface.as_bytes()[..len]); + self_ptr.ifname[..len].copy_from_slice(&interface.as_bytes()[..len]); } if let Some(label) = &pf_rule.label { let len = label.len().min(PF_RULE_LABEL_SIZE - 1); - (*self_ptr).label[..len].copy_from_slice(&label.as_bytes()[..len]); + self_ptr.label[..len].copy_from_slice(&label.as_bytes()[..len]); } // Don't use routing tables. #[cfg(any(target_os = "freebsd", target_os = "netbsd"))] { - (*self_ptr).rtableid = -1; + self_ptr.rtableid = -1; } #[cfg(target_os = "macos")] { - (*self_ptr).rtableid = 0; + self_ptr.rtableid = 0; } - (*self_ptr).action = pf_rule.action; - (*self_ptr).direction = pf_rule.direction; - (*self_ptr).log = pf_rule.log; - (*self_ptr).quick = pf_rule.quick; + self_ptr.action = pf_rule.action; + self_ptr.direction = pf_rule.direction; + self_ptr.log = pf_rule.log; + self_ptr.quick = pf_rule.quick; - (*self_ptr).keep_state = pf_rule.state; + self_ptr.keep_state = pf_rule.state; let af = pf_rule.address_family(); - (*self_ptr).af = af; + self_ptr.af = af; #[cfg(target_os = "macos")] { - (*self_ptr).rpool.af = af; + self_ptr.rpool.af = af; } - (*self_ptr).proto = pf_rule.proto as u8; - (*self_ptr).flags = pf_rule.tcp_flags; - (*self_ptr).flagset = pf_rule.tcp_flags_set; + self_ptr.proto = pf_rule.proto as u8; + self_ptr.flags = pf_rule.tcp_flags; + self_ptr.flagset = pf_rule.tcp_flags_set; - (*self_ptr).rpool.list.init(); + self_ptr.rpool.list.init(); uninit.assume_init() } @@ -658,13 +660,13 @@ impl IocRule { #[must_use] pub(super) fn with_rule(anchor: &str, rule: Rule) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); // Copy anchor name. let len = anchor.len().min(MAXPATHLEN - 1); unsafe { - (*self_ptr).anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); - (*self_ptr).rule = rule; + let self_ptr = &mut *uninit.as_mut_ptr(); + self_ptr.anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); + self_ptr.rule = rule; } unsafe { uninit.assume_init() } @@ -689,12 +691,12 @@ impl IocPoolAddr { #[must_use] pub(super) fn new(anchor: &str) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); // Copy anchor name. let len = anchor.len().min(MAXPATHLEN - 1); unsafe { - (*self_ptr).anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); + let self_ptr = &mut *uninit.as_mut_ptr(); + self_ptr.anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); } unsafe { uninit.assume_init() } @@ -704,10 +706,10 @@ impl IocPoolAddr { #[must_use] pub(super) fn with_pool_addr(addr: PoolAddr, ticket: c_uint) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); unsafe { - (*self_ptr).ticket = ticket; - (*self_ptr).addr = addr; + let self_ptr = &mut *uninit.as_mut_ptr(); + self_ptr.ticket = ticket; + self_ptr.addr = addr; } unsafe { uninit.assume_init() } @@ -726,13 +728,13 @@ impl IocTransElement { #[must_use] pub(super) fn new(ruleset: RuleSet, anchor: &str) -> Self { let mut uninit = MaybeUninit::::zeroed(); - let self_ptr = uninit.as_mut_ptr(); // Copy anchor name. let len = anchor.len().min(MAXPATHLEN - 1); unsafe { - (*self_ptr).rs_num = ruleset; - (*self_ptr).anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); + let self_ptr = &mut *uninit.as_mut_ptr(); + self_ptr.rs_num = ruleset; + self_ptr.anchor[..len].copy_from_slice(&anchor.as_bytes()[..len]); } unsafe { uninit.assume_init() } diff --git a/src/enterprise/firewall/packetfilter/mod.rs b/src/enterprise/firewall/packetfilter/mod.rs index 6495ceb6..ad439b13 100644 --- a/src/enterprise/firewall/packetfilter/mod.rs +++ b/src/enterprise/firewall/packetfilter/mod.rs @@ -42,7 +42,7 @@ impl FirewallApi { let mut ioc = IocPoolAddr::new(anchor); unsafe { - pf_begin_addrs(self.fd(), &mut ioc)?; + pf_begin_addrs(self.fd(), &raw mut ioc)?; } Ok(ioc.ticket) @@ -58,7 +58,7 @@ impl FirewallApi { let mut ioc = IocRule::with_rule(anchor, Rule::from_pf_rule(&rule)); ioc.ticket = ticket; ioc.pool_ticket = pool_ticket; - if let Err(err) = unsafe { pf_add_rule(self.fd(), &mut ioc) } { + if let Err(err) = unsafe { pf_add_rule(self.fd(), &raw mut ioc) } { error!("Packet filter rule {rule} can't be added."); return Err(err.into()); } @@ -82,7 +82,7 @@ impl FirewallApi { ioc.action = Change::None; ioc.ticket = ticket; ioc.pool_ticket = pool_ticket; - if let Err(err) = unsafe { pf_add_rule(self.fd(), &mut ioc) } { + if let Err(err) = unsafe { pf_add_rule(self.fd(), &raw mut ioc) } { error!("Packet filter rule {rule} can't be added."); return Err(err.into()); } diff --git a/src/gateway.rs b/src/gateway.rs index ce664717..9c515d2e 100644 --- a/src/gateway.rs +++ b/src/gateway.rs @@ -413,7 +413,9 @@ impl Gateway { } // process received firewall config unless firewall management is disabled - if !self.config.disable_firewall_management { + if self.config.disable_firewall_management { + debug!("Firewall management is disabled. Skipping updating firewall configuration"); + } else { let new_firewall_configuration = if let Some(firewall_config) = new_configuration.firewall_config { Some(FirewallConfig::from_proto(firewall_config)?) @@ -422,8 +424,6 @@ impl Gateway { }; self.process_firewall_changes(new_firewall_configuration.as_ref())?; - } else { - debug!("Firewall management is disabled. Skipping updating firewall configuration"); } Ok(())