Update libtelio dependencies

NordSecurity · Jan 17, 2025 · bd96e0a · bd96e0a
1 parent 0e78810
commit bd96e0a
Show file tree

Hide file tree

Showing 29 changed files with 808 additions and 857 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -65,7 +65,7 @@ smart-default.workspace = true
 time.workspace = true
 
 [target.'cfg(target_os = "android")'.dependencies]
-jni = "0.19"
+jni = "0.21"
 rustls-platform-verifier.workspace = true
 
 [target.'cfg(windows)'.dependencies]
@@ -113,63 +113,63 @@ exclude = [
 
 [workspace.dependencies]
 anyhow = "1"
-async-trait = "0.1.51"
-base64 = "0.13.0"
+async-trait = "0.1"
+base64 = "0.22"
 bytes = "1"
-cc = "1.0"
+cc = "1"
 clap = { version = "3.1", features = ["derive"] }
 crypto_box = { version = "0.9.1", features = ["std"] }
-env_logger = "0.9.0"
+env_logger = "0.11"
 futures = "0.3.31"
-hashlink = "0.8.3"
+hashlink = "0.10"
 hex = "0.4.3"
-httparse = "1.8.0"
-if-addrs = "0.12.0"
+httparse = "1.8"
+if-addrs = "0.13"
 ipnet = { version = "2.3", features = ["serde"] }
-itertools = "0.10"
-lazy_static = "1.4.0"
-libc = "0.2.112"
-tracing = { version = "0.1.37", features = ["max_level_trace", "release_max_level_debug"] }
+itertools = "0.14"
+lazy_static = "1.4"
+libc = "0.2"
+tracing = { version = "0.1", features = ["max_level_trace", "release_max_level_debug"] }
 maplit = "1"
-mockall = "0.11.3"
+mockall = "0.13"
 mockall_double = "0.3.1"
 modifier = "0.1.0"
 nat-detect = { git = "https://github.com/NordSecurity/nat-detect.git", tag = "v0.1.8" }
-ntest = "0.7"
-num_cpus = "1.15.0"
-num_enum = "0.6.1"
+ntest = "0.9"
+num_cpus = "1"
+num_enum = "0.7"
 once_cell = "1"
 parking_lot = "0.12"
-pnet_packet = "0.34.0"
-pretty_assertions = "0.7.2"
-proptest = "1.2.0"
+pnet_packet = "0.35"
+pretty_assertions = "1"
+proptest = "1.2"
 proptest-derive = "0.5"
 protobuf-codegen-pure = "2"
 rand = "0.8"
-regex = "1.5.5"
-rstest = "0.11.0"
-rustc-hash = "1"
-rustls = { version = "0.23.16", default-features = false, features = ["ring", "std"] }
-rustls-platform-verifier = "0.3.4"
+regex = "1.5"
+rstest = "0.24.0"
+rustc-hash = "2"
+rustls = { version = "0.23", default-features = false, features = ["ring", "std"] }
+rustls-platform-verifier = "0.5"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 sha2 = "0.10.6"
 slog = "2.7"
 smart-default = "0.7.1"
 sn_fake_clock = "0.4"
 socket2 = "0.5"
-strum = { version = "0.24.0", features = ["derive"] }
-surge-ping = { version = "0.8.0" }
-thiserror = "1.0"
-time = { version = "0.3.20", features = ["formatting"] }
+strum = { version = "0.26", features = ["derive"] }
+surge-ping = { version = "0.8" }
+thiserror = "2"
+time = { version = "0.3", features = ["formatting"] }
 tokio = ">=1.22"
-tracing-subscriber = { version = "0.3.17", features = ["local-time"] }
-tracing-appender = "0.2.3"
+tracing-subscriber = { version = "0.3", features = ["local-time"] }
+tracing-appender = "0.2"
 uniffi = { git = "https://github.com/NordSecurity/uniffi-rs.git", tag = "v0.3.1+v0.25.0" }
-url = "2.2.2"
-uuid = { version = "1.1.2", features = ["v4"] }
+url = "2.5"
+uuid = { version = "1.1", features = ["v4"] }
 winapi = { version = "0.3", features = ["netioapi", "ws2def"] }
-windows = { version = "0.56", features = [
+windows = { version = "0.59", features = [
     "Win32_Networking_WinSock",
     "Win32_NetworkManagement_IpHelper",
 ] }

diff --git a/clis/derpcli/src/conf.rs b/clis/derpcli/src/conf.rs
@@ -1,4 +1,5 @@
 use anyhow::anyhow;
+use base64::prelude::*;
 use clap::{Arg, Command};
 use crypto_box::PublicKey as BoxPublicKey;
 use serde::Deserialize;
@@ -108,10 +109,10 @@ impl Config {
         BoxPublicKey::from(&self.get_key2())
     }
     pub fn get_pub_key1_b64(&self) -> String {
-        base64::encode(self.get_pub_key1().as_bytes())
+        BASE64_STANDARD.encode(self.get_pub_key1().as_bytes())
     }
     pub fn get_pub_key2_b64(&self) -> String {
-        base64::encode(self.get_pub_key2().as_bytes())
+        BASE64_STANDARD.encode(self.get_pub_key2().as_bytes())
     }
     pub fn get_server_address(&self) -> &str {
         &self.server
@@ -288,7 +289,7 @@ impl Config {
 
         // check if my private key is given as param
         if mykey_str.chars().count() > 0 {
-            let mykey_bytes = base64::decode(mykey_str).unwrap_or_default();
+            let mykey_bytes = BASE64_STANDARD.decode(mykey_str).unwrap_or_default();
             if mykey_bytes.len() != 32 {
                 return Err(anyhow!(
                     "My private key size must be 32 bytes encoded into base64!",
@@ -302,7 +303,7 @@ impl Config {
         }
 
         if targetkey_str.chars().count() > 0 {
-            let tkey_bytes = base64::decode(targetkey_str).unwrap_or_default();
+            let tkey_bytes = BASE64_STANDARD.decode(targetkey_str).unwrap_or_default();
             if tkey_bytes.len() != 32 {
                 return Err(anyhow!(
                     "Target private key size must be 32 bytes encoded into base64!",

diff --git a/clis/derpcli/src/main.rs b/clis/derpcli/src/main.rs
@@ -68,6 +68,7 @@ mod metrics;
 
 use anyhow::{anyhow, bail, Result};
 use atomic_counter::{AtomicCounter, RelaxedCounter};
+use base64::prelude::*;
 use conf::StressConfig;
 use metrics::Metrics;
 use rand::{thread_rng, Rng};
@@ -379,7 +380,7 @@ async fn run_without_clients_config(config: conf::Config) -> Result<()> {
                 v if v > 1 => {
                     println!(
                         "RECEIVED: [{}] / [{}]",
-                        base64::encode(public_key),
+                        BASE64_STANDARD.encode(public_key),
                         String::from_utf8_lossy(&data)
                     )
                 }

diff --git a/clis/interderpcli/Cargo.toml b/clis/interderpcli/Cargo.toml
@@ -7,7 +7,7 @@ license = "GPL-3.0-only"
 repository = "https://github.com/NordSecurity/libtelio"
 
 [dependencies]
-clap = { version = "4.3.3", features = ["std", "derive"], default-features = false }
+clap = { version = "4.5.26", features = ["std", "derive"], default-features = false }
 ring = { default-features = false, version = "0.17.5" }
 
 anyhow.workspace = true

diff --git a/clis/tcli/Cargo.toml b/clis/tcli/Cargo.toml
@@ -10,20 +10,16 @@ default-run = "tcli"
 tclid = ["sysinfo", "interprocess", "daemonize"]
 
 [dependencies]
-dirs = "4.0.0"
-reqwest = { version = "0.11.16", default-features = false, features = [
-    "json",
-    "blocking",
-    "rustls-tls",
-] }
+dirs = "6.0.0"
+reqwest = { version = "0.12.12", default-features = false, features = ["json", "blocking", "rustls-tls"] }
 rustyline = "11.0.0"
 shellwords = "1.1.0"
 # Used only for checking if the daemon is running.
-sysinfo = { version = "0.30.11", optional = true }
+sysinfo = { version = "0.33.1", optional = true }
 # Used as a lightweight and safe (because a TCP server has the risk of remote code execution)
 # way for the API and daemon to communicate.
 # Tokio support is needed, because the daemon runs on the async runtime.
-interprocess = { version = "1.2.1", optional = true }
+interprocess = { version = "2.2.2", optional = true }
 
 anyhow.workspace = true
 base64.workspace = true

diff --git a/clis/tcli/src/bin/tclid/coms.rs b/clis/tcli/src/bin/tclid/coms.rs
@@ -7,8 +7,9 @@ use std::{
 };
 
 use anyhow::Result;
-use interprocess::local_socket::{LocalSocketListener, LocalSocketStream};
-
+use interprocess::local_socket::prelude::*;
+use interprocess::local_socket::ListenerOptions;
+use interprocess::os::unix::local_socket::FilesystemUdSocket;
 /// Struct for handling connections of the TCLID daemon's side of the IPC communication with the API.
 pub struct DaemonSocket {
     /// The inner socket over which the actual communication is happening.
@@ -29,8 +30,9 @@ impl DaemonSocket {
     pub fn new(ipc_socket_path: &Path) -> Result<Self> {
         // Delete the socket file if it already exists
         let _ = fs::remove_file(ipc_socket_path);
-        let socket = LocalSocketListener::bind(ipc_socket_path)?;
-
+        let socket = ListenerOptions::new()
+            .name(ipc_socket_path.to_fs_name::<FilesystemUdSocket>()?)
+            .create_sync()?;
         Ok(Self { socket })
     }
 
@@ -64,7 +66,7 @@ impl DaemonSocket {
     /// A Result containing a response string.
     pub fn send_command(addr: &Path, cmd: &str) -> Result<String> {
         let mut response_buffer = String::new();
-        let mut stream = LocalSocketStream::connect(addr)?;
+        let mut stream = LocalSocketStream::connect(addr.to_fs_name::<FilesystemUdSocket>()?)?;
         writeln!(stream, "{}", cmd)?;
         stream.read_to_string(&mut response_buffer)?;
 

diff --git a/clis/tcli/src/bin/tclid/daemon.rs b/clis/tcli/src/bin/tclid/daemon.rs
@@ -30,7 +30,7 @@ impl Daemon {
     /// Result containing a bool. True means that the daemon is running.
     pub fn is_running() -> Result<bool> {
         let system = System::new_with_specifics(
-            RefreshKind::new().with_processes(ProcessRefreshKind::everything()),
+            RefreshKind::nothing().with_processes(ProcessRefreshKind::everything()),
         );
 
         match std::fs::read_to_string(get_wd_path()?.join("tclid.pid")) {

diff --git a/clis/teliod/Cargo.toml b/clis/teliod/Cargo.toml
@@ -14,9 +14,9 @@ tracing-subscriber.workspace = true
 # Used as a lightweight and safe (because a TCP server has the risk of remote code execution)
 # way for the API and daemon to communicate.
 # Tokio support is needed, because the daemon runs on the async runtime.
-interprocess = { version = "2.2.1", features = ["tokio"] }
+interprocess = { version = "2.2.2", features = ["tokio"] }
 
-nix = { version = "0.28.0", features = ["signal"] }
+nix = { version = "0.29.0", features = ["signal"] }
 
 telio = { path = "../.." }
 tokio.workspace = true
@@ -25,15 +25,14 @@ signal-hook-tokio = { version = "0.3.1", features = ["futures-v0_3"]}
 futures.workspace = true
 thiserror.workspace = true
 regex.workspace = true
-reqwest = { version = "0.12.8", default-features = false, features = ["json", "rustls-tls"] }
+reqwest = { version = "0.12.12", default-features = false, features = ["json", "rustls-tls"] }
 uuid = { workspace = true, features = ["serde"] }
 rumqttc = "0.24.0"
-tokio-rustls = "0.25.0" # This version needs to be the same as the one used by the rumqttc
 rustls-native-certs = "0.8"
 anyhow.workspace = true
 smart-default = "0.7.1"
 base64 = "0.22.1"
-dirs = "4.0.0"
+dirs = "6.0.0"
 const_format = { version = "0.2.33", optional = true }
 rust-cgi = { version = "0.7.1", optional = true }
 

diff --git a/clis/teliod/src/nc.rs b/clis/teliod/src/nc.rs
@@ -1,6 +1,10 @@
 use anyhow::ensure;
 use reqwest::{Certificate, ClientBuilder, StatusCode, Url};
 use rumqttc::{
+    tokio_rustls::rustls::{
+        pki_types::{pem::PemObject, CertificateDer},
+        ClientConfig,
+    },
     AsyncClient, ClientError, ConnAck, ConnectReturnCode, Event, EventLoop, MqttOptions, Packet,
     Publish, QoS, TlsConfiguration, Transport,
 };
@@ -17,10 +21,6 @@ use tokio::{
     sync::Mutex,
     time::{error::Elapsed, timeout, Instant},
 };
-use tokio_rustls::rustls::{
-    pki_types::{pem::PemObject, CertificateDer},
-    ClientConfig,
-};
 use tracing::{debug, error, info, warn};
 use uuid::Uuid;
 
@@ -66,7 +66,7 @@ pub enum Error {
     #[error("Failed to read mqtt cert file: {0}")]
     FailedToReadMqttCertFile(std::io::Error),
     #[error("Failed to parse mqtt pem certificate: {0:?}")]
-    FailedToParseMqttCertificate(tokio_rustls::rustls::pki_types::pem::Error),
+    FailedToParseMqttCertificate(rumqttc::tokio_rustls::rustls::pki_types::pem::Error),
     #[error("Failed to load native certs: {0:?}")]
     FailedToLoadNativeCerts(Vec<rustls_native_certs::Error>),
 }
@@ -187,7 +187,7 @@ async fn connect_to_nc(nc_config: &NCConfig) -> Result<(AsyncClient, EventLoop,
     mqttoptions.set_clean_session(true);
 
     // Use rustls-native-certs to load root certificates from the operating system.
-    let mut root_cert_store = tokio_rustls::rustls::RootCertStore::empty();
+    let mut root_cert_store = rumqttc::tokio_rustls::rustls::RootCertStore::empty();
 
     if let Some(cert_path) = &nc_config.mqtt.certificate_file_path {
         debug!("Using custom mqtt cert file from {cert_path:?}");

diff --git a/crates/telio-crypto/Cargo.toml b/crates/telio-crypto/Cargo.toml
@@ -25,4 +25,4 @@ thiserror.workspace = true
 telio-utils.workspace = true
 
 [dev-dependencies]
-bstr = "0.2"
+bstr = "1.11"
diff --git a/crates/telio-crypto/src/lib.rs b/crates/telio-crypto/src/lib.rs
@@ -25,6 +25,7 @@ pub mod encryption;
 
 use std::{cmp::Ordering, convert::TryInto, fmt};
 
+use base64::prelude::*;
 use rand::prelude::*;
 use serde::{Deserialize, Serialize};
 use serde_with::{DeserializeFromStr, SerializeDisplay};
@@ -59,7 +60,7 @@ pub struct PublicKey(pub [u8; KEY_SIZE]);
 impl fmt::Display for PublicKey {
     fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
         let mut buf = [0u8; 44];
-        base64::encode_config_slice(self.0, base64::STANDARD, &mut buf);
+        let _ = BASE64_STANDARD.encode_slice(self.0, &mut buf);
         match std::str::from_utf8(&buf) {
             Ok(buf) => f.write_str(buf),
             Err(_) => Err(fmt::Error),
@@ -69,7 +70,7 @@ impl fmt::Display for PublicKey {
 
 impl fmt::Debug for PublicKey {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        let buf = base64::encode(self.0);
+        let buf = BASE64_STANDARD.encode(self.0);
         f.write_str(&format!(
             "\"{:.*}...{}\"",
             4,
@@ -119,7 +120,7 @@ pub enum KeyDecodeError {
     InvalidLength(usize),
     /// String was not valid for base64 decoding.
     #[error(transparent)]
-    Base64(#[from] base64::DecodeError),
+    Base64(#[from] base64::DecodeSliceError),
     /// String was not valid for hex decoding.
     #[error(transparent)]
     Hex(#[from] hex::FromHexError),
@@ -313,7 +314,7 @@ macro_rules! gen_common {
 
                 match s.len() {
                     64 => { hex::decode_to_slice(s, &mut key)? }
-                    44 => { base64::decode_config_slice(s, base64::STANDARD, &mut key)?; }
+                    44 => { BASE64_STANDARD.decode_slice(s, &mut key)?; }
                     l => return Err(KeyDecodeError::InvalidLength(l)),
                 }
 

diff --git a/crates/telio-firewall/src/firewall.rs b/crates/telio-firewall/src/firewall.rs
@@ -3170,7 +3170,8 @@ pub mod tests {
             name: "eth0".to_string(),
             addr: IfAddr::V4(Ifv4Addr {
                 ip: Ipv4Addr::new(192, 168, 1, 10),
-                netmask: Ipv4Addr::new(192, 168, 1, 0),
+                netmask: Ipv4Addr::new(255, 0, 0, 0),
+                prefixlen: 8,
                 broadcast: None,
             }),
             index: Some(12),

diff --git a/crates/telio-lana/Cargo.toml b/crates/telio-lana/Cargo.toml
@@ -20,7 +20,7 @@ cargo-platform = { version = "=0.1.7", optional = true  } # moose v5.0.0 require
 telio-utils.workspace = true
 
 [dev-dependencies]
-serial_test = "0.8.0"
+serial_test = "3.2.0"
 
 [build-dependencies]
 anyhow.workspace = true
diff --git a/crates/telio-network-monitors/Cargo.toml b/crates/telio-network-monitors/Cargo.toml
@@ -22,17 +22,16 @@ network-framework-sys = "0.1"
 block = "0.1"
 
 [target.'cfg(target_os = "linux")'.dependencies]
-neli = { version = "0.6.4", features = ["async"] }
+neli = { version = "0.6.3", features = ["async"] }
 
 [target.'cfg(windows)'.dependencies]
 winapi = { workspace = true, features = ["iphlpapi", "netioapi", "winnt", "ws2def"] }
-windows = { version = "0.34.0", features = [
-    "alloc",
+windows = { version = "0.59.0", features = [
     "Win32_Networking_WinSock",
     "Win32_NetworkManagement_IpHelper",
 ] }
 
 [dev-dependencies]
 assert_matches = "1.5.0"
 lazy_static.workspace = true
-serial_test = "3.1.1"
+serial_test = "3.2.0"