Commit graph

696 commits

Author SHA1 Message Date
Σrebe - Romain GERARD
b2df9e2d29
Bump version v9.6.3-rc1 2024-06-09 14:58:32 +02:00
Σrebe - Romain GERARD
880aa257a1
feat: Allow to specify DNS resolver on client too - fix #290 for windows 2024-06-09 14:57:54 +02:00
Erèbe - Romain Gerard
ae54cd549a
Update LICENSE to include 2024 2024-06-09 10:51:49 +02:00
Σrebe - Romain GERARD
485a31c5a2
Bump version v9.6.2 2024-06-07 22:32:57 +02:00
Σrebe - Romain GERARD
a4900d3f92
chore: update deps 2024-06-07 22:17:47 +02:00
Σrebe - Romain GERARD
38fcb10e33
ci: improve changelog generation 2024-06-07 21:40:28 +02:00
Σrebe - Romain GERARD
bb266f6899
fix(#287): Clamp max websocket message size to 32MB 2024-06-07 21:25:05 +02:00
Σrebe - Romain GERARD
0da43e1643
fix(#289): crash due to invalid UDP socks5 packet received 2024-06-07 20:54:13 +02:00
Σrebe - Romain GERARD
2dd99130fa
lint 2024-05-29 19:19:03 +02:00
Σrebe - Romain GERARD
677b29bedf
Bump version v9.6.1 2024-05-27 17:59:26 +02:00
Σrebe - Romain GERARD
d53292f0db
Fix packaging for android & linux on arm 2024-05-27 17:46:10 +02:00
Σrebe - Romain GERARD
5f2893f750
Bump version v9.6.0 2024-05-25 13:54:38 +02:00
Σrebe - Romain GERARD
f53081291e
lint 2024-05-25 13:52:33 +02:00
erebe
7a99905793 Improve stdio tunnel on windows 2024-05-25 11:31:30 +02:00
Σrebe - Romain GERARD
8502b2c36c
Add android build 2024-05-25 12:16:38 +02:00
Σrebe - Romain GERARD
f89a82e8ec
Add android build 2024-05-25 12:15:39 +02:00
Σrebe - Romain GERARD
c0161d5877
Add android build 2024-05-25 12:14:14 +02:00
Σrebe - Romain GERARD
dfbfcb3750
Add android build 2024-05-25 11:46:27 +02:00
Σrebe - Romain GERARD
06ca365c2a
Add android build 2024-05-25 11:35:06 +02:00
Σrebe - Romain GERARD
bd63632340
Add android build 2024-05-25 11:22:53 +02:00
Σrebe - Romain GERARD
38208fd740
Add android build 2024-05-25 11:21:14 +02:00
Σrebe - Romain GERARD
205ded147f
Test using arc_lc for darwin 2024-05-25 11:11:00 +02:00
Σrebe - Romain GERARD
d12b26beb3
Add android build 2024-05-25 11:07:15 +02:00
Σrebe - Romain GERARD
4e912c1e6b
Test using arc_lc for darwin 2024-05-25 11:05:51 +02:00
Σrebe - Romain GERARD
714022af1f
Add android build 2024-05-25 11:03:17 +02:00
Σrebe - Romain GERARD
7e6975e5be
Test using arc_lc for darwin 2024-05-25 10:57:52 +02:00
Σrebe - Romain GERARD
a164ede493
Test using arc_lc for darwin 2024-05-25 10:50:35 +02:00
Σrebe - Romain GERARD
689b16b736
Bump dependencies 2024-05-25 10:48:12 +02:00
Σrebe - Romain GERARD
2dd4c1592c
update goreleaser 2024-05-25 10:40:32 +02:00
Σrebe - Romain GERARD
e8a27ea4df
Cleanup exit wstunnel when stdio tunnel terminate 2024-05-25 10:32:30 +02:00
Σrebe - Romain GERARD
a79a1bc107
update goreleaser config 2024-05-24 20:55:45 +02:00
Σrebe - Romain GERARD
ad7d752f98
Exit wstunnel when stdio tunnel terminate 2024-05-24 20:50:30 +02:00
Erèbe - Romain Gerard
904c775324
Update README.md 2024-05-24 18:44:34 +02:00
Σrebe - Romain GERARD
92ede73ce8
Bump version v9.5.2 2024-05-22 16:14:37 +02:00
Jasper Siepkes
c09c349610
Add option to map (force) port use on the server for reverse tunnels. (#274)
This change adds a `port_mapping` option to the `ReverseTunnel` definition in the (YAML) restriction file.

It maps ports on the server side from X to Y (X:Y). Where X is the originally requested port by the client and Y is the port which will be used to listen on server-side.

For example with `10001:8080` configured and a client which connects using `-R tcp://10001:localhost:80` the server will listen on port 8080 instead of 10001. The originally requested ports (NOT the mapped ports) still needs to be allowed via the `ports` directive.

This is for example useful when dealing with lots of clients and you don't want to coordinate port use on all the clients but centrally on the server.
2024-05-22 16:13:58 +02:00
Σrebe - Romain GERARD
fb74d9cfba
Bump version v9.5.1 2024-05-20 09:46:21 +02:00
Siddhant Kameswar
29f989f71f
Fix logging in client mode (#278) 2024-05-20 09:45:26 +02:00
erebe
9b82006c6e
Improve stdio tunnel on windows
- Handle CTRL+C to exit properly
- Restore terminal mode at exit
- Use logger to stderr
2024-05-18 16:02:28 +02:00
Σrebe - Romain GERARD
0595e23050
lint 2024-05-16 10:49:39 +02:00
Σrebe - Romain GERARD
8892aae601
bump rust in dockerfile 2024-05-16 10:49:25 +02:00
Jasper Siepkes
054460ad3e
Mark unsupported configurations as conflicting (#273)
This change marks combining the yaml restrictions file together with arguments such as `--restrict-http-upgrade-path-prefix` as conflicting in clap. Since wstunnel will only use the yaml restrictions file when it is supplied and ignore the other arguments. This change makes this more obvious for users (since wstunnel will exit with an error).

The reason for still allowing the client `--http-upgrade-path-prefix` is that one could be using a proxy server in front of wstunnel which does mTLS. This is a pretty specific corner case though. A warning was added so it's clear to users that this will only work in specific scenarios.
2024-05-16 10:48:24 +02:00
Σrebe - Romain GERARD
a89d4da2b0
Bump version v9.4.2 2024-05-16 09:10:56 +02:00
Σrebe - Romain GERARD
246862a6da
Reduce allocation when using client certificate 2024-05-16 09:05:04 +02:00
Jasper Siepkes
ddebdfd3d2
When mTLS is used force path to match client certificate CN (#272)
This change makes the server verify the client's path prefix matches the common name (CN) in the certificate the client presented when mTLS is used. This makes it impossible for the client to spoof the path prefix specified in the `restrictions.yaml` file.
2024-05-16 08:39:30 +02:00
Σrebe - Romain GERARD
562c78187b
Add flag to control max backoff time to connect to the server 2024-05-14 08:32:44 +02:00
Σrebe - Romain GERARD
207ad7480b
Bump rust version 2024-05-10 13:27:50 +02:00
Σrebe - Romain GERARD
bf9459b3fc
Bump dependencies 2024-05-09 14:18:38 +02:00
Σrebe - Romain GERARD
1eccb70aab
lint 2024-05-09 12:26:16 +02:00
Σrebe - Romain GERARD
d3476ce716
fix compilation for openbsd 2024-05-09 11:31:39 +02:00
Jasper Siepkes
88e42d3b9f
Allow client certificate CN to be used for upgrade path (#264)
This change causes the wstunnel client to use the common name (CN) of the client's certificate for the upgrade path when mTLS is enabled.
2024-05-06 10:00:08 +02:00