From 2180ad4241e92b475231ecd0fa54ded83cea6b70 Mon Sep 17 00:00:00 2001 From: Devon Anderson Date: Fri, 6 Oct 2023 08:12:14 -0500 Subject: [PATCH 1/3] Bump UI commit (#3804) --- internal/ui/VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/ui/VERSION b/internal/ui/VERSION index acbb0fabd19..1c2b6a60a78 100644 --- a/internal/ui/VERSION +++ b/internal/ui/VERSION @@ -1,4 +1,4 @@ -7993422b0d6c945c9ce22e325cd838a08d973685 +6915a1f5cb8b00e6c9cf667a634f6d281ab21756 # This file determines the version of the UI to embed in the boundary binary. # Update this file by running 'make update-ui-version' from the root of this repo. # Set UI_COMMITISH when running the above target to update to a specific version. From 88bb253554a8d805b9d333be8e4f1b3557d0ba60 Mon Sep 17 00:00:00 2001 From: Timothy Messier Date: Fri, 6 Oct 2023 11:45:29 -0400 Subject: [PATCH 2/3] fix(cli): Remove websocket message size limit (#3808) When the boundary client establishes a connection to the websocket used to communicate with a worker, it was configured with a max websocket message size of 32KiB. This was the default behavior for v1.8.7 of nhooyr/websocket. However, there are cases where the worker can send messages to the client that are larger than 32KiB. When this happens the client returns an error and terminates the connection. Notably this seems to only currently impact sessions made to SSH Targets, although it could theoretically impact any target type depending on the details of how the worker performs the writing of the messages. The issue can be reproduced by attempting to scp a large enough file from an SSH Target to the client. In this case the connection gets terminated and results in a partial transfer of the file. This message size limit appears to be unnecessary, and the default behavior is changing in v1.8.8 of nhooyr/websocket to make the message size unlimited. Since this version is not yet released, this commit switches the dependency to a fork with a version that is v1.8.7 plus the patch to disable the limit. Once v1.8.8 is release this dependency can be set back. See: https://github.com/nhooyr/websocket/pull/254 https://github.com/nhooyr/websocket/pull/256 --- CHANGELOG.md | 4 ++++ go.mod | 2 ++ go.sum | 4 ++-- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 045a86ee671..50df211b16c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -58,6 +58,10 @@ Canonical reference for changes, improvements, and bugfixes for Boundary. submitted ([PR](https://github.com/hashicorp/boundary/pull/3800)) * worker: Fix an issue that could cause intermittent startup issues on slow systems ([PR](https://github.com/hashicorp/boundary/pull/3803)) +* cli: Remove websocket max message size. This fixes issues where large message + sizes are sent to the client from a worker which resulted in the connection + being terminated, as is the case with an scp download when using an SSH + Target. ([PR](https://github.com/hashicorp/boundary/pull/3808)) ## 0.13.1 (2023/07/10) diff --git a/go.mod b/go.mod index 6c28fa1501d..625aba50ca5 100644 --- a/go.mod +++ b/go.mod @@ -204,3 +204,5 @@ require ( gopkg.in/yaml.v3 v3.0.1 // indirect gorm.io/driver/sqlite v1.5.3 // indirect ) + +replace nhooyr.io/websocket => github.com/tmessi/websocket v0.0.0-20231006132118-662e2f7878ac diff --git a/go.sum b/go.sum index d21a6a87d87..dd2923a6b28 100644 --- a/go.sum +++ b/go.sum @@ -727,6 +727,8 @@ github.com/tj/go-buffer v1.1.0/go.mod h1:iyiJpfFcR2B9sXu7KvjbT9fpM4mOelRSDTbntVj github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2/go.mod h1:WjeM0Oo1eNAjXGDx2yma7uG2XoyRZTq1uv3M/o7imD0= github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b/go.mod h1:/yhzCV0xPfx6jb1bBgRFjl5lytqVqZXEaeqWP8lTEao= github.com/tj/go-spin v1.1.0/go.mod h1:Mg1mzmePZm4dva8Qz60H2lHwmJ2loum4VIrLgVnKwh4= +github.com/tmessi/websocket v0.0.0-20231006132118-662e2f7878ac h1:ws8O6PTC7/A7JK8QQUqXEE+ZGEpk0QRXTCqncXIrKfQ= +github.com/tmessi/websocket v0.0.0-20231006132118-662e2f7878ac/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= github.com/ugorji/go v1.1.7 h1:/68gy2h+1mWMrwZFeD1kQialdSzAb432dtpeJ42ovdo= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= @@ -1209,8 +1211,6 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9 mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48= mvdan.cc/gofumpt v0.4.0 h1:JVf4NN1mIpHogBj7ABpgOyZc65/UUOkKQFkoURsz4MM= mvdan.cc/gofumpt v0.4.0/go.mod h1:PljLOHDeZqgS8opHRKLzp2It2VBuSdteAgqUfzMTxlQ= -nhooyr.io/websocket v1.8.7 h1:usjR2uOr/zjjkVMy0lW+PPohFok7PCow5sDjLgX4P4g= -nhooyr.io/websocket v1.8.7/go.mod h1:B70DZP8IakI65RVQ51MsWP/8jndNma26DVA/nFSCgW0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= From d7e44f682218f416940299dcde32223532009eae Mon Sep 17 00:00:00 2001 From: Jeff Mitchell Date: Sat, 7 Oct 2023 13:45:05 -0500 Subject: [PATCH 3/3] Bump nodeenrollment to remove multierrors (#3809) --- go.mod | 8 ++++---- go.sum | 13 ++++++++----- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 625aba50ca5..d3d04e511dd 100644 --- a/go.mod +++ b/go.mod @@ -69,10 +69,10 @@ require ( github.com/stretchr/testify v1.8.4 github.com/zalando/go-keyring v0.2.3 go.uber.org/atomic v1.11.0 - golang.org/x/crypto v0.13.0 + golang.org/x/crypto v0.14.0 golang.org/x/sync v0.2.0 - golang.org/x/sys v0.12.0 - golang.org/x/term v0.12.0 + golang.org/x/sys v0.13.0 + golang.org/x/term v0.13.0 golang.org/x/tools v0.9.1 google.golang.org/genproto v0.0.0-20230526203410-71b5a4ffd15e google.golang.org/grpc v1.55.0 @@ -95,7 +95,7 @@ require ( github.com/hashicorp/dbassert v0.0.0-20230622135851-cc4c0f18f4a7 github.com/hashicorp/go-kms-wrapping/extras/kms/v2 v2.0.0-20230902160534-7a966e6313fd github.com/hashicorp/go-version v1.6.0 - github.com/hashicorp/nodeenrollment v0.2.6 + github.com/hashicorp/nodeenrollment v0.2.7 github.com/jackc/pgx/v5 v5.4.3 github.com/jimlambrt/gldap v0.1.7 github.com/kelseyhightower/envconfig v1.4.0 diff --git a/go.sum b/go.sum index dd2923a6b28..bf2f79295c1 100644 --- a/go.sum +++ b/go.sum @@ -391,8 +391,8 @@ github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/nodeenrollment v0.2.6 h1:zGKOkQaudYSopknZAr8T5ySrBqB2DloyRnSGhg660ks= -github.com/hashicorp/nodeenrollment v0.2.6/go.mod h1:Do2FvaFHgnnMaqhdSTBX+TkQP0ep8VVQ0rOr+ZjUbJU= +github.com/hashicorp/nodeenrollment v0.2.7 h1:/KbTJzGddWpre0qYp7+hvw07523IslR07Ib0j1TziPs= +github.com/hashicorp/nodeenrollment v0.2.7/go.mod h1:LDKlFH9HHCX/seb30zHjYr3qvsrAAYCbzPNDrA2xe2Q= github.com/hashicorp/vault/api v1.9.1 h1:LtY/I16+5jVGU8rufyyAkwopgq/HpUnxFBg+QLOAV38= github.com/hashicorp/vault/api v1.9.1/go.mod h1:78kktNcQYbBGSrOjQfHjXN32OhhxXnbYl3zxpd2uPUs= github.com/hashicorp/vault/sdk v0.3.0 h1:kR3dpxNkhh/wr6ycaJYqp6AFT/i2xaftbfnwZduTKEY= @@ -801,8 +801,9 @@ golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -977,8 +978,9 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210503060354-a79de5458b56/go.mod h1:tfny5GFUkzUvx4ps4ajbZsCe5lw1metzhBm9T3x7oIY= @@ -987,8 +989,9 @@ golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=