Update dependencies and refactor random number generation

- Bump versions of several dependencies in Cargo.toml for improved functionality and security, including:
  - socket2 to 0.6
  - nix to 0.31
  - toml to 1.0
  - x509-parser to 0.18
  - dashmap to 6.1
  - rand to 0.10
  - reqwest to 0.13
  - notify to 8.2
  - ipnetwork to 0.21
  - webpki-roots to 1.0
  - criterion to 0.8
- Introduce `OnceLock` for secure random number generation in multiple modules to ensure thread safety and reduce overhead.
- Refactor random number generation calls to use the new `RngExt` trait methods for consistency and clarity.
- Add new PNG files for architectural documentation.

src/transport/middle_proxy/health.rs

@@ -4,7 +4,7 @@ use std::net::SocketAddr;
 use std::sync::Arc;
 use std::time::{Duration, Instant};
 
-use rand::Rng;
+use rand::RngExt;
 use tracing::{debug, info, warn};
 
 use crate::config::MeFloorMode;

src/transport/middle_proxy/pool_init.rs

@@ -2,7 +2,7 @@ use std::collections::HashSet;
 use std::net::{IpAddr, SocketAddr};
 use std::sync::Arc;
 
-use rand::Rng;
+use rand::RngExt;
 use rand::seq::SliceRandom;
 use tracing::{debug, info, warn};
 

src/transport/middle_proxy/pool_reinit.rs

@@ -5,7 +5,7 @@ use std::sync::Arc;
 use std::sync::atomic::Ordering;
 use std::time::Duration;
 
-use rand::Rng;
+use rand::RngExt;
 use rand::seq::SliceRandom;
 use tracing::{debug, info, warn};
 use std::collections::hash_map::DefaultHasher;

src/transport/middle_proxy/pool_writer.rs

@@ -6,7 +6,7 @@ use std::io::ErrorKind;
 
 use bytes::Bytes;
 use bytes::BytesMut;
-use rand::Rng;
+use rand::RngExt;
 use tokio::sync::mpsc;
 use tokio_util::sync::CancellationToken;
 use tracing::{debug, info, warn};

src/transport/socket.rs

@@ -23,7 +23,7 @@ pub fn configure_tcp_socket(
     let socket = socket2::SockRef::from(stream);
     
     // Disable Nagle's algorithm for lower latency
-    socket.set_nodelay(true)?;
+    socket.set_tcp_nodelay(true)?;
     
     // Set keepalive if enabled
     if keepalive {
@@ -54,7 +54,7 @@ pub fn configure_client_socket(
     let socket = socket2::SockRef::from(stream);
     
     // Disable Nagle's algorithm
-    socket.set_nodelay(true)?;
+    socket.set_tcp_nodelay(true)?;
     
     // Set keepalive
     let keepalive = TcpKeepalive::new()
@@ -129,7 +129,7 @@ pub fn create_outgoing_socket_bound(addr: SocketAddr, bind_addr: Option<IpAddr>)
     socket.set_nonblocking(true)?;
     
     // Disable Nagle
-    socket.set_nodelay(true)?;
+    socket.set_tcp_nodelay(true)?;
     socket.set_recv_buffer_size(DEFAULT_SOCKET_BUFFER_BYTES)?;
     socket.set_send_buffer_size(DEFAULT_SOCKET_BUFFER_BYTES)?;
 

src/transport/upstream.rs

@@ -4,7 +4,7 @@
 
 #![allow(deprecated)]
 
-use rand::Rng;
+use rand::RngExt;
 use std::collections::{BTreeSet, HashMap};
 use std::net::{IpAddr, SocketAddr};
 use std::pin::Pin;
@@ -600,7 +600,7 @@ impl UpstreamManager {
             return self.connect_retry_backoff;
         }
         let jitter_cap_ms = (base_ms / 2).max(1);
-        let jitter_ms = rand::rng().gen_range(0..=jitter_cap_ms);
+        let jitter_ms = rand::rng().random_range(0..=jitter_cap_ms);
         Duration::from_millis(base_ms.saturating_add(jitter_ms))
     }
 
@@ -667,7 +667,7 @@ impl UpstreamManager {
                     "No healthy upstreams available! Using random."
                 );
             }
-            return Some(filtered_upstreams[rand::rng().gen_range(0..filtered_upstreams.len())]);
+            return Some(filtered_upstreams[rand::rng().random_range(0..filtered_upstreams.len())]);
         }
 
         if healthy.len() == 1 {
@@ -690,10 +690,10 @@ impl UpstreamManager {
         let total: f64 = weights.iter().map(|(_, w)| w).sum();
 
         if total <= 0.0 {
-            return Some(healthy[rand::rng().gen_range(0..healthy.len())]);
+            return Some(healthy[rand::rng().random_range(0..healthy.len())]);
         }
 
-        let mut choice: f64 = rand::rng().gen_range(0.0..total);
+        let mut choice: f64 = rand::rng().random_range(0.0..total);
 
         for &(idx, weight) in &weights {
             if choice < weight {