- Add a publish() as well as a commit() for routing domain editor
- Should only publish our peer info after we're sure we done editing it (end of public address detection task)
- Publish should happen after relay selection as well
- Publish should happen if the relay's peerinfo has changed
- Publish should not do anything if the peerinfo hasn't changed
- PeerInfo -> Arc<PeerInfo> everywhere to minimize deep clones and ensure read-only PeerInfo
- Routing domain editing is now more atomic
- When a node selects a relay it now immediately protects its connections.
- Made dial info port (for port restricted nat) more resilient to changes, in the case there are multiple mappings
- Relays that drop protected connections should be deprioritized for relay selection (table saturation detection)
- clear_network_callback in do_public_dial_info_check is a kludge, removed
- Raised the bar for dialinfo changes when its just the port
- Pinging node on the same network works again
- resolve_node() never returns a dead node even when we want to try to communicate with it again
- Removed 'bad public address' detection as it wasn't working anyway
- Added separate parallelism lanes for relay keepalive pings from peer liveness check pings, as they are higher priority
- Change send_data to always check cache for contact method first instead of going with filtered active flows first, avoids choosing UDP when a preferable TCP connection could be made
- Nodes that are not relay capable should drop relayed packets
- DHT issues:
- Make setvalue more likely to succeed by accepting a getvalue consensus if a full setvalue consensus is not reached.
- Offline subkey writes are cleared too fast and should be thought as 'subkeys not yet synchronized'
- If set_value is partial / in-flight, it should still be in offline_subkey_writes
- Make inflight_subkey_writes list and probably some bit for 'written_while_inflight' so we dont clear the offline_subkey_writes until they're really written
- Watching values incorrectly categorized 'owner' keys as anonymous watchers
- Setting a dht value with the same sequence number as what is on the network, but with a conflicting value, did not result in the current value being returned to the api caller as it should have been
- DHT cleanup
- Proper application of DHT capabilities
- Fanout debugging log target
- Performance measurement / timing of veilid_api log target
- Fix DHT Rust integration test
- ValueChanged Optional
- Allow value changed data to be optional in rpc schema
- Make valuechanged update no longer happen when value hasn't changed or is older
- on `RoutingContext`: `with_privacy()` renamed to `with_default_safety()`
- on `RoutingContext`: `with_custom_privacy()` renamed to `with_safety()`
- on `RoutingContext`: `safety()` method added that returns the current `SafetySelection`
- Routing contexts are now safety-route-enabled by default. To disable, use `with_safety()` with `SafetySelection::Unsafe`.
- WASM now works better with updated connection manager code
- Async-std flavor of veilid-core now builds correctly again
- Safety route allocation is bidirectional
- Connection table LRU cache now has protection for relays and in-use RPC question/answers
- Dead route notifications are now sent only for manually allocated routes
- Allocated routes that fail tests now have their nodes marked as 'failure to send' so they go 'unreliable' and get re-tested. Also the same route will not immediately be reallocated as a result.
- DHT tests ported from Python to Rust
- Rustls updated to latest release
- Protected connections (such as relays) that drop result in marking the node as 'failure to send' so a different relay gets chosen
* DESCRIPTION: Decompression was occurring in an unbounded way upon envelope receipt.
* IMPACT: Node crashes resulting in downtime. There was no risk of RCE or compromise due to Rust's memory protections and no use of unsafe code near the site of the error.
* INDICATIONS: This resulted in an out-of-memory abort on nodes. Issue first identified on the bootstrap servers.
* REMEDIATION: Length check added to decompression on envelopes.
- Earthfile support for generating a debug executable
