astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-04-17 10:34:11 +03:00
Code Issues Packages Projects Releases Wiki Activity

Rustfmt

Browse Source
This commit is contained in:
Alexey
2026-04-15 01:39:47 +03:00
parent d7a0319696
commit 696316f919
7 changed files with 49 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/api/mod.rs
View File

@@ -224,13 +224,11 @@ async fn handle(
"Source IP is not allowed", "Source IP is not allowed",
), ),
)), )),
ApiGrayAction::Ok200 => Ok( ApiGrayAction::Ok200 => Ok(Response::builder()
Response::builder() .status(StatusCode::OK)
.status(StatusCode::OK) .header("content-type", "text/html; charset=utf-8")
.header("content-type", "text/html; charset=utf-8") .body(Full::new(Bytes::new()))
.body(Full::new(Bytes::new())) .unwrap()),
.unwrap(),
),
ApiGrayAction::Drop => Err(IoError::new( ApiGrayAction::Drop => Err(IoError::new(
ErrorKind::ConnectionAborted, ErrorKind::ConnectionAborted,
"api request dropped by gray_action=drop", "api request dropped by gray_action=drop",
@@ -259,11 +257,16 @@ async fn handle(
let method = req.method().clone(); let method = req.method().clone();
let path = req.uri().path().to_string(); let path = req.uri().path().to_string();
let normalized_path = if path.len() > 1 {
path.trim_end_matches('/')
} else {
path.as_str()
};
let query = req.uri().query().map(str::to_string); let query = req.uri().query().map(str::to_string);
let body_limit = api_cfg.request_body_limit_bytes; let body_limit = api_cfg.request_body_limit_bytes;
let result: Result<Response<Full<Bytes>>, ApiFailure> = async { let result: Result<Response<Full<Bytes>>, ApiFailure> = async {
match (method.as_str(), path.as_str()) { match (method.as_str(), normalized_path) {
("GET", "/v1/health") => { ("GET", "/v1/health") => {
let revision = current_revision(&shared.config_path).await?; let revision = current_revision(&shared.config_path).await?;
let data = HealthData { let data = HealthData {
@@ -446,7 +449,7 @@ async fn handle(
Ok(success_response(status, data, revision)) Ok(success_response(status, data, revision))
} }
_ => { _ => {
if let Some(user) = path.strip_prefix("/v1/users/") if let Some(user) = normalized_path.strip_prefix("/v1/users/")
&& !user.is_empty() && !user.is_empty()
&& !user.contains('/') && !user.contains('/')
{ {
@@ -615,6 +618,12 @@ async fn handle(
), ),
)); ));
} }
debug!(
method = method.as_str(),
path = %path,
normalized_path = %normalized_path,
"API route not found"
);
Ok(error_response( Ok(error_response(
request_id, request_id,
ApiFailure::new(StatusCode::NOT_FOUND, "not_found", "Route not found"), ApiFailure::new(StatusCode::NOT_FOUND, "not_found", "Route not found"),

8
src/config/load.rs
View File

@@ -384,9 +384,7 @@ impl ProxyConfig {
// Backward compatibility: legacy top-level beobachten* keys. // Backward compatibility: legacy top-level beobachten* keys.
// Prefer `[general].*` when both are present. // Prefer `[general].*` when both are present.
let mut legacy_beobachten_applied = false; let mut legacy_beobachten_applied = false;
if !beobachten_is_explicit if !beobachten_is_explicit && let Some(value) = legacy_top_level_beobachten.as_ref() {
&& let Some(value) = legacy_top_level_beobachten.as_ref()
{
let parsed = value.as_bool().ok_or_else(|| { let parsed = value.as_bool().ok_or_else(|| {
ProxyError::Config("beobachten (top-level) must be a boolean".to_string()) ProxyError::Config("beobachten (top-level) must be a boolean".to_string())
})?; })?;
@@ -433,9 +431,7 @@ impl ProxyConfig {
legacy_beobachten_applied = true; legacy_beobachten_applied = true;
} }
if legacy_beobachten_applied { if legacy_beobachten_applied {
warn!( warn!("top-level beobachten* keys are deprecated; use general.beobachten* instead");
"top-level beobachten* keys are deprecated; use general.beobachten* instead"
);
} }
let legacy_nat_stun = config.general.middle_proxy_nat_stun.take(); let legacy_nat_stun = config.general.middle_proxy_nat_stun.take();

6
src/maestro/listeners.rs
View File

@@ -120,11 +120,7 @@ pub(crate) async fn bind_listeners(
if config.general.links.public_host.is_none() if config.general.links.public_host.is_none()
&& !config.general.links.show.is_empty() && !config.general.links.show.is_empty()
{ {
let link_port = config let link_port = config.general.links.public_port.unwrap_or(listener_port);
.general
.links
.public_port
.unwrap_or(listener_port);
print_proxy_links(&public_host, link_port, config); print_proxy_links(&public_host, link_port, config);
} }

10
src/maestro/mod.rs
View File

@@ -83,7 +83,9 @@ pub async fn run() -> std::result::Result<(), Box<dyn std::error::Error>> {
// Shared maestro startup and main loop. `drop_after_bind` runs on Unix after listeners are bound // Shared maestro startup and main loop. `drop_after_bind` runs on Unix after listeners are bound
// (for privilege drop); it is a no-op on other platforms. // (for privilege drop); it is a no-op on other platforms.
async fn run_telemt_core(drop_after_bind: impl FnOnce()) -> std::result::Result<(), Box<dyn std::error::Error>> { async fn run_telemt_core(
drop_after_bind: impl FnOnce(),
) -> std::result::Result<(), Box<dyn std::error::Error>> {
let process_started_at = Instant::now(); let process_started_at = Instant::now();
let process_started_at_epoch_secs = SystemTime::now() let process_started_at_epoch_secs = SystemTime::now()
.duration_since(UNIX_EPOCH) .duration_since(UNIX_EPOCH)
@@ -819,11 +821,7 @@ async fn run_inner(
run_telemt_core(|| { run_telemt_core(|| {
if user.is_some() || group.is_some() { if user.is_some() || group.is_some() {
if let Err(e) = drop_privileges( if let Err(e) = drop_privileges(user.as_deref(), group.as_deref(), _pid_file.as_ref()) {
user.as_deref(),
group.as_deref(),
_pid_file.as_ref(),
) {
error!(error = %e, "Failed to drop privileges"); error!(error = %e, "Failed to drop privileges");
std::process::exit(1); std::process::exit(1);
} }

12
src/proxy/tests/client_masking_redteam_expected_fail_tests.rs
View File

@@ -238,8 +238,8 @@ async fn redteam_03_masking_duration_must_be_less_than_1ms_when_backend_down() {
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
1, 1,
@@ -482,8 +482,8 @@ async fn measure_invalid_probe_duration_ms(delay_ms: u64, tls_len: u16, body_sen
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
1, 1,
@@ -559,8 +559,8 @@ async fn capture_forwarded_probe_len(tls_len: u16, body_sent: usize) -> usize {
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
1, 1,

8
src/proxy/tests/client_security_tests.rs
View File

@@ -835,8 +835,8 @@ async fn proxy_protocol_header_from_untrusted_peer_range_is_rejected_under_load(
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
1, 1,
@@ -2403,8 +2403,8 @@ async fn burst_invalid_tls_probes_are_masked_verbatim() {
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
1, 1,

21
src/transport/upstream.rs
View File

@@ -816,7 +816,11 @@ impl UpstreamManager {
.and_then(UpstreamState::dc_array_idx) .and_then(UpstreamState::dc_array_idx)
.map(|dc_array_idx| state.dc_ip_pref[dc_array_idx]) .map(|dc_array_idx| state.dc_ip_pref[dc_array_idx])
.unwrap_or(IpPreference::Unknown); .unwrap_or(IpPreference::Unknown);
(state.config.clone(), Some(state.bind_rr.clone()), dc_preference) (
state.config.clone(),
Some(state.bind_rr.clone()),
dc_preference,
)
}; };
if let Some(s) = scope { if let Some(s) = scope {
@@ -854,7 +858,11 @@ impl UpstreamManager {
.and_then(UpstreamState::dc_array_idx) .and_then(UpstreamState::dc_array_idx)
.map(|dc_array_idx| state.dc_ip_pref[dc_array_idx]) .map(|dc_array_idx| state.dc_ip_pref[dc_array_idx])
.unwrap_or(IpPreference::Unknown); .unwrap_or(IpPreference::Unknown);
(state.config.clone(), Some(state.bind_rr.clone()), dc_preference) (
state.config.clone(),
Some(state.bind_rr.clone()),
dc_preference,
)
}; };
// Set scope for configuration copy // Set scope for configuration copy
@@ -1753,9 +1761,8 @@ impl UpstreamManager {
} }
let rotation_key = (i, group.dc_idx, is_primary); let rotation_key = (i, group.dc_idx, is_primary);
let start_idx = let start_idx = *endpoint_rotation.entry(rotation_key).or_insert(0)
*endpoint_rotation.entry(rotation_key).or_insert(0) % filtered_endpoints.len();
% filtered_endpoints.len();
let mut next_idx = (start_idx + 1) % filtered_endpoints.len(); let mut next_idx = (start_idx + 1) % filtered_endpoints.len();
for step in 0..filtered_endpoints.len() { for step in 0..filtered_endpoints.len() {
@@ -2034,8 +2041,8 @@ mod tests {
enabled: true, enabled: true,
scopes: String::new(), scopes: String::new(),
selected_scope: String::new(), selected_scope: String::new(),
ipv4: None, ipv4: None,
ipv6: None, ipv6: None,
}], }],
1, 1,
100, 100,