pangolin_mirror/gerbil
1
0
Fork 0
mirror of https://github.com/fosrl/gerbil.git synced 2026-02-10 06:56:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
151 Commits 5 Branches 10 Tags
4cb2fde9612d4ce7b69beb1ede29e0656192d95e
Commit Graph

151 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Owen Schwartz
4cb2fde961 Merge pull request #36 from LaurenceJJones/fix-wg-session-race-condition 
fix: relay race condition in WireGuard session management
 2025-12-06 12:12:04 -05:00
Owen Schwartz
9602599565 Merge pull request #38 from LaurenceJJones/fix/relay-buffer-leak 
fix: relay buffer leak on UDP read error
 2025-12-06 12:07:31 -05:00
Owen Schwartz
11f858b341 Merge pull request #39 from LaurenceJJones/fix/calcpeerbandwidth-optimization 
feat: optimize calculatePeerBandwidth to avoid nested loops
 2025-12-06 11:59:00 -05:00
Owen Schwartz
29b2cb33a2 Merge pull request #42 from fosrl/dependabot/github_actions/actions/setup-go-6.1.0 
Bump actions/setup-go from 6.0.0 to 6.1.0
 2025-12-06 11:48:22 -05:00
Owen Schwartz
34290ffe09 Merge pull request #43 from fosrl/dependabot/github_actions/actions/checkout-6.0.0 
Bump actions/checkout from 5.0.0 to 6.0.0
 2025-12-06 11:48:14 -05:00
Owen Schwartz
1013d0591e Merge pull request #44 from fosrl/dependabot/docker/minor-updates-60be0b6e22 
Bump alpine from 3.22 to 3.23 in the minor-updates group
 2025-12-06 11:48:07 -05:00
dependabot[bot]
2f6d62ab45 Bump alpine from 3.22 to 3.23 in the minor-updates group 
Bumps the minor-updates group with 1 update: alpine.


Updates `alpine` from 3.22 to 3.23

---
updated-dependencies:
- dependency-name: alpine
  dependency-version: '3.23'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-03 21:23:35 +00:00
Owen Schwartz
208b434cb7 Merge pull request #41 from fosrl/dependabot/go_modules/prod-minor-updates-dd7da38a6b 
Bump golang.org/x/crypto from 0.44.0 to 0.45.0 in the prod-minor-updates group
 2025-11-29 13:03:37 -05:00
dependabot[bot]
39ce0ac407 Bump actions/checkout from 5.0.0 to 6.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...1af3b93b68)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 22:19:10 +00:00
dependabot[bot]
72bee56412 Bump actions/setup-go from 6.0.0 to 6.1.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4469467582...4dc6199c7b)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 22:19:05 +00:00
dependabot[bot]
b32da3a714 Bump golang.org/x/crypto in the prod-minor-updates group 
Bumps the prod-minor-updates group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto).


Updates `golang.org/x/crypto` from 0.44.0 to 0.45.0
- [Commits](https://github.com/golang/crypto/compare/v0.44.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-19 21:25:00 +00:00
Laurence
971452e5d3 revert: drop logger formatting changes from calcpeerbandwidth optimization branch 2025-11-16 08:42:57 +00:00
Laurence
bba4345b0f main: optimize calculatePeerBandwidth to avoid nested peer scans 
Build a set of current peer public keys during the primary iteration and
prune lastReadings in a single pass, removing the O(n^2) nested loop.

No behavior change; improves efficiency when peer lists and lastReadings
grow large.
 2025-11-16 08:40:26 +00:00
Laurence
b2392fb250 relay: fix buffer leak on UDP read error by returning buffer to pool 
When ReadFromUDP fails in readPackets, the buffer was not returned to the
sync.Pool, causing a small but persistent leak under error conditions.
Return the buffer before continuing to ensure reuse and stable memory.

Scope: minimal hotfix (no broader refactors).
 2025-11-16 06:07:48 +00:00
Laurence Jones
e282715251 Merge branch 'main' into fix-wg-session-race-condition 2025-11-16 05:29:46 +00:00
Owen Schwartz
709df6db3e Merge pull request #33 from fosrl/dependabot/github_actions/actions/upload-artifact-5.0.0 
Bump actions/upload-artifact from 4.6.2 to 5.0.0
 2025-11-13 15:53:58 -05:00
Owen Schwartz
cf2b436470 Merge pull request #34 from fosrl/dependabot/github_actions/docker/setup-qemu-action-3.7.0 
Bump docker/setup-qemu-action from 3.6.0 to 3.7.0
 2025-11-13 15:53:00 -05:00
Owen Schwartz
2a29021572 Merge pull request #35 from fosrl/dependabot/go_modules/prod-minor-updates-c94709d3c3 
Bump golang.org/x/crypto from 0.43.0 to 0.44.0 in the prod-minor-updates group
 2025-11-13 15:52:54 -05:00
Laurence
a3f9a89079 Refactor WireGuard session locking and remove unused methods 
- Remove unused methods: UpdateLastSeen, GetSenderIndex, MatchesSenderIndex
  (replaced by simpler direct usage in Range callbacks)
- Simplify session access pattern: check GetSenderIndex in Range callback,
  then call GetDestAddr and UpdateLastSeen when match found
- Optimize UpdateLastSeen usage: only use for existing sessions already
  in sync.Map; use direct assignment in struct literals for new sessions
  (safe since no concurrent access during creation)

This simplifies the code while maintaining thread-safety for concurrent
access to existing sessions.
 2025-11-13 06:43:31 +00:00
Laurence
ee27bf3153 Fix race condition in WireGuard session management 
The race condition existed because while sync.Map is thread-safe for map
operations (Load, Store, Delete, Range), it does not provide thread-safety
for the data stored within it. When WireGuardSession structs were stored as
pointers in the sync.Map, multiple goroutines could:

1. Retrieve the same session pointer from the map concurrently
2. Access and modify the session's fields (particularly LastSeen) without
   synchronization
3. Cause data races when one goroutine reads LastSeen while another updates it

This fix adds a sync.RWMutex to each WireGuardSession struct to protect
concurrent access to its fields. All field access now goes through
thread-safe methods that properly acquire/release the mutex.

Changes:
- Added sync.RWMutex to WireGuardSession struct
- Added thread-safe accessor methods (GetLastSeen, GetDestAddr, etc.)
- Added atomic CheckAndUpdateIfMatch method for efficient check-and-update
- Updated all session field accesses to use thread-safe methods
- Removed redundant Store call after updating LastSeen (pointer update is
  atomic in Go, but field access within pointer was not)
 2025-11-13 06:26:09 +00:00
dependabot[bot]
a90f681957 Bump golang.org/x/crypto in the prod-minor-updates group 
Bumps the prod-minor-updates group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto).


Updates `golang.org/x/crypto` from 0.43.0 to 0.44.0
- [Commits](https://github.com/golang/crypto/compare/v0.43.0...v0.44.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-11 21:19:30 +00:00
dependabot[bot]
3afc82ef9a Bump docker/setup-qemu-action from 3.6.0 to 3.7.0 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](29109295f8...c7c5346462)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-10 21:51:03 +00:00
dependabot[bot]
d3a16f4c59 Bump actions/upload-artifact from 4.6.2 to 5.0.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 5.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](ea165f8d65...330a01c490)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 22:24:20 +00:00
Owen
2a1911a66f Update runner to amd64-runner 2025-10-20 16:43:18 -07:00
Owen Schwartz
08341b2385 Merge pull request #32 from marcschaeferger/gh-action 
Adding GHCR to CI/CD Release Workflow & further improvements
 2025-10-20 16:39:54 -07:00
Marc Schäfer
6cde07d479 ci(actions): add GHCR mirroring and cosign signing for Docker images 
- mirror images from Docker Hub to GHCR using skopeo (preserves multi-arch manifests)
- login to GHCR via docker/login-action for signing/pushing
- install cosign and perform dual signing: keyless (OIDC) + key-based; verify signatures
- add required permissions for id-token/packages and reference necessary secrets
 2025-10-21 01:30:51 +02:00
Marc Schäfer
06b1e84f99 feat(ci): add step to update version in main.go during CI/CD pipeline 2025-10-21 01:20:08 +02:00
Marc Schäfer
2b7e93ec92 ci(actions): add permissions section to CI/CD and test workflows 2025-10-21 01:19:36 +02:00
Marc Schäfer
ca23ae7a30 ci(actions): pin action versions to commit SHAs for security 
- Pin actions/checkout to SHA for v5.0.0
- Pin docker/setup-qemu-action to SHA for v3.6.0
- Pin docker/setup-buildx-action to SHA for v3.11.1
- Pin docker/login-action to SHA for v3.6.0
- Pin actions/setup-go to SHA for v6.0.0
- Pin actions/upload-artifact to SHA for v4.6.2
 2025-10-21 01:18:33 +02:00
Owen
661fd86305 Update to use gerbil and not newt 2025-10-20 12:59:17 -07:00
Owen Schwartz
594a499b95 Merge pull request #31 from marcschaeferger/ghcr 
feat(actions): Sync Images from Docker to GHCR
 2025-10-20 12:57:53 -07:00
Marc Schäfer
44aed84827 feat(actions): Sync Images from Docker to GHCR 2025-10-20 21:56:04 +02:00
Owen
bf038eb4a2 Update domain 2025-10-19 15:12:56 -07:00
Owen
6da3129b4e Update port 2025-10-18 15:07:50 -07:00
Owen
ac0f9b6a82 Update cicd 2025-10-16 14:09:30 -07:00
Owen
16aef10cca Merge branch 'main' of github.com:fosrl/gerbil 1.2.2 2025-10-16 13:41:42 -07:00
Owen
19031ebdfd Move to gen the port in the right place 2025-10-16 13:40:01 -07:00
Owen
0eebbc51d5 Deprecate --listen 2025-10-16 10:38:47 -07:00
Owen
d321a8ba7e Dont require proxy protocol from known hosts 2025-10-14 21:05:30 -07:00
Owen Schwartz
3ea86222ca Merge pull request #29 from fosrl/dependabot/go_modules/prod-minor-updates-ce64870c5e 
Bump golang.org/x/crypto from 0.42.0 to 0.43.0 in the prod-minor-updates group
 2025-10-11 09:41:08 -07:00
dependabot[bot]
c3ebe930d9 Bump golang.org/x/crypto in the prod-minor-updates group 
Bumps the prod-minor-updates group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto).


Updates `golang.org/x/crypto` from 0.42.0 to 0.43.0
- [Commits](https://github.com/golang/crypto/compare/v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-08 21:24:05 +00:00
Owen Schwartz
f2b96f2a38 Merge pull request #28 from SigmaSquadron/push-unypywyqkkrl 
Change default port to 3004 to avoid a conflict with Pangolin's integration API.
 2025-10-05 17:41:21 -07:00
Owen
9038239bbe Accept proxy protocol from other nodes 2025-09-29 21:56:15 -07:00
miloschwartz
3e64eb9c4f add templates 2025-09-29 16:41:29 -07:00
Owen
92992b8c14 Merge branch 'main' into dev 2025-09-28 16:28:07 -07:00
Owen
4ee9d77532 Rebuild sessions 2025-09-28 15:31:34 -07:00
Owen Schwartz
bd7a5bd4b0 Merge pull request #26 from fosrl/dependabot/github_actions/actions/setup-go-6 
Bump actions/setup-go from 5 to 6
 2025-09-15 14:43:53 -07:00
Owen Schwartz
1cd49f8ee3 Merge pull request #27 from fosrl/dependabot/go_modules/prod-minor-updates-237ba4726d 
Bump golang.org/x/crypto from 0.41.0 to 0.42.0 in the prod-minor-updates group
 2025-09-15 14:43:41 -07:00
Fernando Rodrigues
7a919d867b Change default port to 3004 to avoid a conflict with Pangolin's integration API. 
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
 2025-09-14 23:19:21 +10:00
dependabot[bot]
ce50c627a7 Bump golang.org/x/crypto in the prod-minor-updates group 
Bumps the prod-minor-updates group with 1 update: [golang.org/x/crypto](https://github.com/golang/crypto).


Updates `golang.org/x/crypto` from 0.41.0 to 0.42.0
- [Commits](https://github.com/golang/crypto/compare/v0.41.0...v0.42.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-08 21:53:42 +00:00