mullvadvpn/Cargo.lock, branch Add-imperative-verb-tidyThe Mullvad VPN client app for desktop and mobilehttp://git.waynecole.info/mullvadvpn/atom?h=Add-imperative-verb-tidy2024-03-27T10:43:44ZRefactor `mullvad-relay-selector`2024-03-27T10:43:44ZMarkus Petterssonmarkus.pettersson@mullvad.net2024-02-16T15:24:33Zurn:sha1:707ecf44bd2b21642e51c8b9f5440bc287bcc511
Implement a system built on 'queries' for selecting appropriate relays.
A query is a set of constraints which dictates which relay(s) that *can*
be chosen by the relay selector.
The user's settings can naturally be expressed as a query. The semantics
of merging two queries in a way that always prefer user settings is
defined by the new `Intersection` trait.
Split `mullvad-relay-selector` into several modules:
- `query.rs`: Definition of a query on different types of relays. This
module is integral to the new API of `mullvad-relay-selector`
- `matcher.rs`: Logic for filtering out candidate relays based on a
query.
- `detailer.rs`: Logic for deriving connection details for the selected
relay.
- `tests/`: Integration tests for the new relay selector. These tests
only use the public APIs of `RelaySelector` and make sure that the
output matches the expected output in different scenarios.
Point the hickory-dns dependency to our own fork of the repo2024-03-26T08:26:45ZLinus Färnstrandlinus@mullvad.net2024-03-22T14:55:08Zurn:sha1:7baae701c86e8d52589e993ad3a40d43717f97aa
We should avoid depending on git repositories outside our own control.
The hickory-dns organization or repository can go away at any point in
time. That will make it way harder to re-build old versions of the app.
Upgrade is-terminal to get rid of runtime rustix dependency2024-03-21T11:41:02ZLinus Färnstrandlinus@mullvad.net2024-03-21T09:53:12Zurn:sha1:01051088b1c7ae15d7bc7ab29e1b1fb4002388beUpgrade rustix to fix GHSA-c827-hfw6-qwvm2024-03-21T11:40:56ZLinus Färnstrandlinus@mullvad.net2024-03-21T09:46:27Zurn:sha1:2058916821219cff2c3393aaf42ac932eb9f8672
Fixing hypothetical denial of service due to ever growing memory usage.
Not possible to exploit in our app. 2/3 usages is in build dependencies.
Only usage inside the built app is via is-terminal which does not use
`rustix::fs::Dir`.
https://osv.dev/vulnerability/GHSA-c827-hfw6-qwvm
Upgrade aes-gcm to fix CVE-2023-428112024-03-21T11:40:35ZLinus Färnstrandlinus@mullvad.net2024-03-21T09:41:04Zurn:sha1:ffede2811f3c182db2bf8566d6c95b3f4e3cd6bb
Only used via shadowsocks-rust, which is used for obfuscation by us. And
we don't rely on the cryptographic security of obfuscation anyway, so
this is not harmful to us, but good to upgrade away from vulns
https://osv.dev/vulnerability/CVE-2023-42811
Coalesce changes to DNS on macOS2024-03-18T18:06:28ZDavid Lönnhagerdavid.l@mullvad.net2024-03-15T22:40:33Zurn:sha1:92cfdc9ee37f22292fcfecaf55e085b49de902f5Update trust-dns to fix spinning issue2024-03-18T17:13:24ZDavid Lönnhagerdavid.l@mullvad.net2024-03-18T09:11:26Zurn:sha1:494320fce679a1ae708215836b96aeeb64b3e9aa
This also fixes the issue of not handling closed sockets gracefully
Log when select functions are called an unusual number of times2024-03-13T16:34:06ZDavid Lönnhagerdavid.l@mullvad.net2024-03-05T16:12:57Zurn:sha1:f739f1ffc2a8eda716ee593eb27ed13ab43098a3Bump nix2024-03-07T13:39:51ZAndrej Mihajlovand.mikhaylov@gmail.com2024-03-07T08:45:06Zurn:sha1:5b81fe6e6d4bb5a1ba615205f3a0bc082d97f6faUpdate bitflags to v22024-03-07T13:39:38ZAndrej Mihajlovand.mikhaylov@gmail.com2024-03-07T10:23:36Zurn:sha1:9cf15cb93974efddfabadc21fbea0cd9abe72e6d