| Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
even if the daemon was restarted.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Removes superfluous lifetime definitions. Simplifying the code
|
|
Avoid panic when reading public key of relay due to unwrapping an
unexpected relay type. The unwrap happened if an OpenVPN relay was
selected on Android, which should not happen in the first place.
|
|
|
|
Implement a system built on 'queries' for selecting appropriate relays.
A query is a set of constraints which dictates which relay(s) that *can*
be chosen by the relay selector.
The user's settings can naturally be expressed as a query. The semantics
of merging two queries in a way that always prefer user settings is
defined by the new `Intersection` trait.
Split `mullvad-relay-selector` into several modules:
- `query.rs`: Definition of a query on different types of relays. This
module is integral to the new API of `mullvad-relay-selector`
- `matcher.rs`: Logic for filtering out candidate relays based on a
query.
- `detailer.rs`: Logic for deriving connection details for the selected
relay.
- `tests/`: Integration tests for the new relay selector. These tests
only use the public APIs of `RelaySelector` and make sure that the
output matches the expected output in different scenarios.
|
|
|
|
Only reset the device check counter if the daemon successfully connects
to a Wireguard relay. Otherwise, the counter is either persisted through
multiple tunnel connections (OpenVPN) or incremented on successive
failures to connect to a Wireguard relay.
|
|
|
|
|
|
|
|
This also fixes the issue of not handling closed sockets gracefully
|
|
Make it not take a mut ref to the json value
|
|
|
|
- Change `selected_obfuscation` default to `auto`.
- Migrate `selected_obfuscation` from `off` to `auto` for existing users.
|
|
`err_derive` is unmaintained and will probably stop working with rust
edition 2024. `thiserror` is almost a drop-in replacement. This commit
simply replaces all occurences of `derive(err_derive::Error)` with
`derive(thiserror::Error)` and fixes the attributes, but the Error and
Display impls should be identical.
|
|
|
|
Move `mullvad-relay-selector::relay_updater` to the `mullvad-daemon`.
The implications of this is that `mullvad-relay-selector` can drop the
dependency on both `mullvad-api` and `tokio`, which brings down the
total amount of dependencies when running a simple `Cargo check` from
250+ down to a mere 75. :-)
|
|
Listeners will be notified about the settings changing through
`mullvad_daemon::settings::SettingsPersister::update`.
|
|
The relay selector will be notified about settings changes already, so
there is no need to apply the changes twice.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Try to detect available IP versions by looking at the available routes
on the host. On Linux, we check if there exists IPv4 and/or IPv6 routes
to some public IP addresses. On macOS and Windows, we check if there
exists default routes for IPv4 and/or IPv6. On Android, we check if
there is any connectivity at all.
The intention is to be able to generate better default constraints for
tunnel endpoints. If we can detect "working" IPv4 and/or IPv6 and
forward this information to a `TunnelParametersGenerator`, we may choose
to connect to a Wireguard relay using IPv6 as part of our
retry-strategy. This has not been possible before.
|
|
|
|
|
|
If the current access method is disabled, select the next available
access method from the daemon settings.
|
|
|
|
Change API access methods settings format to encode that built-in access
methods always exist by making them distinct values of the
`AccessMethod` settings.
This change was also propagated to the corresponding protobuf
definition, such that any client may make use of this fact as well.
The appropriate settings migration was added.
|
|
Implement `SettingsPersister.try_update`, which allow the caller to
signal a failed settings update, hindering a bad settings update from
being applied.
|
|
Add a new RPC call `TestCustomApiAccessMethod` for testing access methods on
the fly, without having to save them to the daemon settings first. This
only works for custom access methods.
|
|
|
|
The printing of lockdown mode by `mullvad status` does not reflect the
current setting unless the tunnel state has also been updated.
|
|
Add `locked_down` field to disconnected tunnel state.
|
|
Validate SOCKS credentials by checking that both `username` and
`password` both have a length between 1 and 255 bytes.
Link to RFC detailing SOCKS5 username/password authentication:
https://datatracker.ietf.org/doc/html/rfc1929
|
|
feature is enabled
Move the logic for using overridden API endpoints for API calls from
`mullvad-api::rest` to `mullvad_daemon::api`. This is in line with how
the interaction between the two crates work for a normal release build,
i.e. when the `api-override` feature is disabled.
This commit also removes references to `force_direct_connection` in the
Android code. The flag does not exist in the `mullvad-*` rust crates
anymore, so it would be erroneous to try to serialize/deserialize the
value from the Android client.
|
|
|