pangolin_mirror/olm
1
0
Fork 0
mirror of https://github.com/fosrl/olm.git synced 2026-02-08 05:56:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: pangolin_mirror:1.4.1
Branches Tags
pangolin_mirror:main pangolin_mirror:dev pangolin_mirror:dependabot/github_actions/actions/cache-5.0.3 pangolin_mirror:dependabot/go_modules/patch-updates-85f33a1abf pangolin_mirror:dependabot/github_actions/actions/checkout-6.0.2 pangolin_mirror:dependabot/github_actions/docker/login-action-3.7.0 pangolin_mirror:dependabot/github_actions/actions/attest-build-provenance-3.2.0 pangolin_mirror:dependabot/github_actions/actions/setup-go-6.2.0 pangolin_mirror:platform pangolin_mirror:package pangolin_mirror:bind
pangolin_mirror:1.4.2 pangolin_mirror:v1.4.2 pangolin_mirror:1.4.1 pangolin_mirror:v1.4.1 pangolin_mirror:1.4.0 pangolin_mirror:v1.4.0 pangolin_mirror:v1.3.0 pangolin_mirror:1.3.0 pangolin_mirror:1.3.0-rc.0 pangolin_mirror:1.2.0 pangolin_mirror:1.2.0-rc.0 pangolin_mirror:1.1.5 pangolin_mirror:1.1.4 pangolin_mirror:1.1.3 pangolin_mirror:1.1.2 pangolin_mirror:1.1.1 pangolin_mirror:1.1.0 pangolin_mirror:1.0.0 pangolin_mirror:1.0.0-beta.5 pangolin_mirror:1.0.0-beta.4 pangolin_mirror:1.0.0-beta.3 pangolin_mirror:1.0.0-beta.2 pangolin_mirror:1.0.0-beta.1
..
compare: pangolin_mirror:dependabot/github_actions/docker/login-action-3.7.0
Branches Tags
pangolin_mirror:main pangolin_mirror:dev pangolin_mirror:dependabot/github_actions/actions/cache-5.0.3 pangolin_mirror:dependabot/go_modules/patch-updates-85f33a1abf pangolin_mirror:dependabot/github_actions/actions/checkout-6.0.2 pangolin_mirror:dependabot/github_actions/docker/login-action-3.7.0 pangolin_mirror:dependabot/github_actions/actions/attest-build-provenance-3.2.0 pangolin_mirror:dependabot/github_actions/actions/setup-go-6.2.0 pangolin_mirror:platform pangolin_mirror:package pangolin_mirror:bind
pangolin_mirror:1.4.2 pangolin_mirror:v1.4.2 pangolin_mirror:1.4.1 pangolin_mirror:v1.4.1 pangolin_mirror:1.4.0 pangolin_mirror:v1.4.0 pangolin_mirror:v1.3.0 pangolin_mirror:1.3.0 pangolin_mirror:1.3.0-rc.0 pangolin_mirror:1.2.0 pangolin_mirror:1.2.0-rc.0 pangolin_mirror:1.1.5 pangolin_mirror:1.1.4 pangolin_mirror:1.1.3 pangolin_mirror:1.1.2 pangolin_mirror:1.1.1 pangolin_mirror:1.1.0 pangolin_mirror:1.0.0 pangolin_mirror:1.0.0-beta.5 pangolin_mirror:1.0.0-beta.4 pangolin_mirror:1.0.0-beta.3 pangolin_mirror:1.0.0-beta.2 pangolin_mirror:1.0.0-beta.1

1 Commits
1.4.1 ... dependabot

Author SHA1 Message Date
dependabot[bot]
5fb1a71e53 Bump docker/login-action from 3.6.0 to 3.7.0 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](5e57cd1181...c94ce9fb46)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-28 20:54:52 +00:00
9 changed files with 22 additions and 110 deletions
Expand all files Collapse all files

4
.github/workflows/cicd.yml vendored
View File

@@ -107,14 +107,14 @@ jobs:
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
- name: Log in to Docker Hub
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
with:
registry: docker.io
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- name: Log in to GHCR
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
with:
registry: ghcr.io
username: ${{ github.actor }}

5
config.go
View File

@@ -89,7 +89,6 @@ func DefaultConfig() *OlmConfig {
PingInterval: "3s",
PingTimeout: "5s",
DisableHolepunch: false,
OverrideDNS: false,
TunnelDNS: false,
// DoNotCreateNewClient: false,
sources: make(map[string]string),
@@ -325,9 +324,9 @@ func loadConfigFromCLI(config *OlmConfig, args []string) (bool, bool, error) {
serviceFlags.StringVar(&config.PingTimeout, "ping-timeout", config.PingTimeout, "Timeout for each ping")
serviceFlags.BoolVar(&config.EnableAPI, "enable-api", config.EnableAPI, "Enable API server for receiving connection requests")
serviceFlags.BoolVar(&config.DisableHolepunch, "disable-holepunch", config.DisableHolepunch, "Disable hole punching")
serviceFlags.BoolVar(&config.OverrideDNS, "override-dns", config.OverrideDNS, "When enabled, the client uses custom DNS servers to resolve internal resources and aliases. This overrides your system's default DNS settings. Queries that cannot be resolved as a Pangolin resource will be forwarded to your configured Upstream DNS Server. (default false)")
serviceFlags.BoolVar(&config.OverrideDNS, "override-dns", config.OverrideDNS, "Override system DNS settings")
serviceFlags.BoolVar(&config.DisableRelay, "disable-relay", config.DisableRelay, "Disable relay connections")
serviceFlags.BoolVar(&config.TunnelDNS, "tunnel-dns", config.TunnelDNS, "When enabled, DNS queries are routed through the tunnel for remote resolution. To ensure queries are tunneled correctly, you must define the DNS server as a Pangolin resource and enter its address as an Upstream DNS Server. (default false)")
serviceFlags.BoolVar(&config.TunnelDNS, "tunnel-dns", config.TunnelDNS, "Use tunnel for DNS traffic")
// serviceFlags.BoolVar(&config.DoNotCreateNewClient, "do-not-create-new-client", config.DoNotCreateNewClient, "Do not create new client")
version := serviceFlags.Bool("version", false, "Print the version")

12
dns/dns_records.go
View File

@@ -48,8 +48,8 @@ func (s *DNSRecordStore) AddRecord(domain string, ip net.IP) error {
domain = domain + "."
}
// Normalize domain to lowercase FQDN
domain = strings.ToLower(dns.Fqdn(domain))
// Normalize domain to lowercase
domain = dns.Fqdn(domain)
// Check if domain contains wildcards
isWildcard := strings.ContainsAny(domain, "*?")
@@ -86,8 +86,8 @@ func (s *DNSRecordStore) RemoveRecord(domain string, ip net.IP) {
domain = domain + "."
}
// Normalize domain to lowercase FQDN
domain = strings.ToLower(dns.Fqdn(domain))
// Normalize domain to lowercase
domain = dns.Fqdn(domain)
// Check if domain contains wildcards
isWildcard := strings.ContainsAny(domain, "*?")
@@ -148,7 +148,7 @@ func (s *DNSRecordStore) GetRecords(domain string, recordType RecordType) []net.
defer s.mu.RUnlock()
// Normalize domain to lowercase FQDN
domain = strings.ToLower(dns.Fqdn(domain))
domain = dns.Fqdn(domain)
var records []net.IP
switch recordType {
@@ -205,7 +205,7 @@ func (s *DNSRecordStore) HasRecord(domain string, recordType RecordType) bool {
defer s.mu.RUnlock()
// Normalize domain to lowercase FQDN
domain = strings.ToLower(dns.Fqdn(domain))
domain = dns.Fqdn(domain)
switch recordType {
case RecordTypeA:

65
dns/dns_records_test.go
View File

@@ -348,68 +348,3 @@ func TestHasRecordWildcard(t *testing.T) {
t.Error("Expected HasRecord to return false for base domain")
}
}
func TestDNSRecordStoreCaseInsensitive(t *testing.T) {
store := NewDNSRecordStore()
// Add record with mixed case
ip := net.ParseIP("10.0.0.1")
err := store.AddRecord("MyHost.AutoCo.Internal", ip)
if err != nil {
t.Fatalf("Failed to add mixed case record: %v", err)
}
// Test lookup with different cases
testCases := []string{
"myhost.autoco.internal.",
"MYHOST.AUTOCO.INTERNAL.",
"MyHost.AutoCo.Internal.",
"mYhOsT.aUtOcO.iNtErNaL.",
}
for _, domain := range testCases {
ips := store.GetRecords(domain, RecordTypeA)
if len(ips) != 1 {
t.Errorf("Expected 1 IP for domain %q, got %d", domain, len(ips))
}
if len(ips) > 0 && !ips[0].Equal(ip) {
t.Errorf("Expected IP %v for domain %q, got %v", ip, domain, ips[0])
}
}
// Test wildcard with mixed case
wildcardIP := net.ParseIP("10.0.0.2")
err = store.AddRecord("*.Example.Com", wildcardIP)
if err != nil {
t.Fatalf("Failed to add mixed case wildcard: %v", err)
}
wildcardTestCases := []string{
"host.example.com.",
"HOST.EXAMPLE.COM.",
"Host.Example.Com.",
"HoSt.ExAmPlE.CoM.",
}
for _, domain := range wildcardTestCases {
ips := store.GetRecords(domain, RecordTypeA)
if len(ips) != 1 {
t.Errorf("Expected 1 IP for wildcard domain %q, got %d", domain, len(ips))
}
if len(ips) > 0 && !ips[0].Equal(wildcardIP) {
t.Errorf("Expected IP %v for wildcard domain %q, got %v", wildcardIP, domain, ips[0])
}
}
// Test removal with different case
store.RemoveRecord("MYHOST.AUTOCO.INTERNAL", nil)
ips := store.GetRecords("myhost.autoco.internal.", RecordTypeA)
if len(ips) != 0 {
t.Errorf("Expected 0 IPs after removal, got %d", len(ips))
}
// Test HasRecord with different case
if !store.HasRecord("HOST.EXAMPLE.COM.", RecordTypeA) {
t.Error("Expected HasRecord to return true for mixed case wildcard match")
}
}

10
olm/connect.go
View File

@@ -36,7 +36,7 @@ func (o *Olm) handleConnect(msg websocket.WSMessage) {
var wgData WgData
if o.registered {
if o.connected {
logger.Info("Already connected. Ignoring new connection request.")
return
}
@@ -208,7 +208,7 @@ func (o *Olm) handleConnect(msg websocket.WSMessage) {
o.apiServer.SetRegistered(true)
o.registered = true
o.connected = true
// Start ping monitor now that we are registered and connected
o.websocket.StartPingMonitor()
@@ -273,12 +273,6 @@ func (o *Olm) handleTerminate(msg websocket.WSMessage) {
logger.Error("Error unmarshaling terminate error data: %v", err)
} else {
logger.Info("Terminate reason (code: %s): %s", errorData.Code, errorData.Message)
if errorData.Code == "TERMINATED_INACTIVITY" {
logger.Info("Ignoring...")
return
}
// Set the olm error in the API server so it can be exposed via status
o.apiServer.SetOlmError(errorData.Code, errorData.Message)
}

2
olm/data.go
View File

@@ -157,7 +157,7 @@ func (o *Olm) handleWgPeerUpdateData(msg websocket.WSMessage) {
func (o *Olm) handleSync(msg websocket.WSMessage) {
logger.Debug("Received sync message: %v", msg.Data)
if !o.registered {
if !o.connected {
logger.Warn("Not connected, ignoring sync request")
return
}

14
olm/olm.go
View File

@@ -8,6 +8,7 @@ import (
_ "net/http/pprof"
"os"
"sync"
"syscall"
"time"
"github.com/fosrl/newt/bind"
@@ -31,7 +32,7 @@ type Olm struct {
privateKey wgtypes.Key
logFile *os.File
registered bool
connected bool
tunnelRunning bool
uapiListener net.Listener
@@ -385,10 +386,10 @@ func (o *Olm) StartTunnel(config TunnelConfig) {
o.apiServer.SetConnectionStatus(true)
if o.registered {
if o.connected {
o.websocket.StartPingMonitor()
logger.Debug("Already registered, skipping registration")
logger.Debug("Already connected, skipping registration")
return nil
}
@@ -575,7 +576,7 @@ func (o *Olm) Close() {
// If we never created a device from the FD, close it explicitly
// This can happen if tunnel is stopped during registration before handleConnect
logger.Debug("Closing unused TUN file descriptor %d", o.tunnelConfig.FileDescriptorTun)
if err := closeFD(o.tunnelConfig.FileDescriptorTun); err != nil {
if err := syscall.Close(int(o.tunnelConfig.FileDescriptorTun)); err != nil {
logger.Error("Failed to close TUN file descriptor: %v", err)
} else {
logger.Info("Closed unused TUN file descriptor")
@@ -614,7 +615,7 @@ func (o *Olm) StopTunnel() error {
}
// Reset the running state BEFORE cleanup to prevent callbacks from accessing nil pointers
o.registered = false
o.connected = false
o.tunnelRunning = false
// Cancel the tunnel context if it exists
@@ -738,6 +739,9 @@ func (o *Olm) SetPowerMode(mode string) error {
logger.Info("Switching to low power mode")
// Mark as disconnected so we re-register on reconnect
o.connected = false
// Update API server connection status
if o.apiServer != nil {
o.apiServer.SetConnectionStatus(false)

10
olm/olm_unix.go
View File

@@ -1,10 +0,0 @@
//go:build !windows
package olm
import "syscall"
// closeFD closes a file descriptor in a platform-specific way
func closeFD(fd uint32) error {
return syscall.Close(int(fd))
}

10
olm/olm_windows.go
View File

@@ -1,10 +0,0 @@
//go:build windows
package olm
import "syscall"
// closeFD closes a file descriptor in a platform-specific way
func closeFD(fd uint32) error {
return syscall.Close(syscall.Handle(fd))
}