From e25b193f597639a3c45df3a82a7db00262678dbf Mon Sep 17 00:00:00 2001 From: Juergen Kunz Date: Tue, 17 Feb 2026 09:56:23 +0000 Subject: [PATCH] fix(rust,ts): initialize rustls ring CryptoProvider at startup; add rustls dependency and features; make native binary lookup platform-aware --- changelog.md | 8 ++++++++ rust/Cargo.lock | 1 + rust/crates/remoteingress-bin/Cargo.toml | 1 + rust/crates/remoteingress-bin/src/main.rs | 5 +++++ rust/crates/remoteingress-core/Cargo.toml | 2 +- ts/00_commitinfo_data.ts | 2 +- ts/classes.remoteingressedge.ts | 10 +++++++--- ts/classes.remoteingresshub.ts | 10 +++++++--- 8 files changed, 31 insertions(+), 8 deletions(-) diff --git a/changelog.md b/changelog.md index 66c0acd..6a4716d 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,13 @@ # Changelog +## 2026-02-17 - 3.0.3 - fix(rust,ts) +initialize rustls ring CryptoProvider at startup; add rustls dependency and features; make native binary lookup platform-aware + +- Install rustls::crypto::ring default_provider at startup to ensure ring-based crypto is available before any TLS usage. +- Add rustls dependency to remoteingress-bin and update remoteingress-core rustls configuration (disable default-features; enable ring, logging, std, tls12). +- Adjust TS classes to prefer platform-suffixed production binaries, add exact fallback names, and include explicit cargo output paths for release/debug. +- Cargo.lock updated to include rustls entry. + ## 2026-02-16 - 3.0.2 - fix(readme) Document Hub/Edge architecture and new RemoteIngressHub/RemoteIngressEdge API; add Rust core binary, protocol and usage details; note removal of ConnectorPublic/ConnectorPrivate (breaking change) diff --git a/rust/Cargo.lock b/rust/Cargo.lock index 2da7075..e6e7b59 100644 --- a/rust/Cargo.lock +++ b/rust/Cargo.lock @@ -509,6 +509,7 @@ dependencies = [ "log", "remoteingress-core", "remoteingress-protocol", + "rustls", "serde", "serde_json", "tokio", diff --git a/rust/crates/remoteingress-bin/Cargo.toml b/rust/crates/remoteingress-bin/Cargo.toml index e900a1b..8cb6838 100644 --- a/rust/crates/remoteingress-bin/Cargo.toml +++ b/rust/crates/remoteingress-bin/Cargo.toml @@ -16,3 +16,4 @@ serde = { version = "1", features = ["derive"] } serde_json = "1" log = "0.4" env_logger = "0.11" +rustls = { version = "0.23", default-features = false, features = ["ring"] } diff --git a/rust/crates/remoteingress-bin/src/main.rs b/rust/crates/remoteingress-bin/src/main.rs index 4f9a72b..e2327b4 100644 --- a/rust/crates/remoteingress-bin/src/main.rs +++ b/rust/crates/remoteingress-bin/src/main.rs @@ -85,6 +85,11 @@ fn send_error(id: &str, error: &str) { #[tokio::main] async fn main() { + // Install the ring CryptoProvider before any TLS usage + rustls::crypto::ring::default_provider() + .install_default() + .expect("Failed to install rustls ring CryptoProvider"); + let cli = Cli::parse(); if !cli.management { diff --git a/rust/crates/remoteingress-core/Cargo.toml b/rust/crates/remoteingress-core/Cargo.toml index 5cf715b..4564aa2 100644 --- a/rust/crates/remoteingress-core/Cargo.toml +++ b/rust/crates/remoteingress-core/Cargo.toml @@ -7,7 +7,7 @@ edition = "2021" remoteingress-protocol = { path = "../remoteingress-protocol" } tokio = { version = "1", features = ["full"] } tokio-rustls = "0.26" -rustls = { version = "0.23", features = ["ring"] } +rustls = { version = "0.23", default-features = false, features = ["ring", "logging", "std", "tls12"] } rcgen = "0.13" serde = { version = "1", features = ["derive"] } serde_json = "1" diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index a1acff2..f42d64c 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@serve.zone/remoteingress', - version: '3.0.2', + version: '3.0.3', description: 'Edge ingress tunnel for DcRouter - accepts incoming TCP connections at network edge and tunnels them to DcRouter SmartProxy preserving client IP via PROXY protocol v1.' } diff --git a/ts/classes.remoteingressedge.ts b/ts/classes.remoteingressedge.ts index 83540dc..2a96da4 100644 --- a/ts/classes.remoteingressedge.ts +++ b/ts/classes.remoteingressedge.ts @@ -61,9 +61,13 @@ export class RemoteIngressEdge extends EventEmitter { requestTimeoutMs: 30_000, readyTimeoutMs: 10_000, localPaths: [ - plugins.path.join(packageDir, 'dist_rust'), - plugins.path.join(packageDir, 'rust', 'target', 'release'), - plugins.path.join(packageDir, 'rust', 'target', 'debug'), + // Platform-suffixed binary in dist_rust (production) + plugins.path.join(packageDir, 'dist_rust', `remoteingress-bin_${process.platform === 'win32' ? 'windows' : 'linux'}_${process.arch === 'x64' ? 'amd64' : process.arch}`), + // Exact binaryName fallback in dist_rust + plugins.path.join(packageDir, 'dist_rust', 'remoteingress-bin'), + // Development build paths (cargo output uses exact name) + plugins.path.join(packageDir, 'rust', 'target', 'release', 'remoteingress-bin'), + plugins.path.join(packageDir, 'rust', 'target', 'debug', 'remoteingress-bin'), ], searchSystemPath: false, }); diff --git a/ts/classes.remoteingresshub.ts b/ts/classes.remoteingresshub.ts index 46ead69..686565d 100644 --- a/ts/classes.remoteingresshub.ts +++ b/ts/classes.remoteingresshub.ts @@ -61,9 +61,13 @@ export class RemoteIngressHub extends EventEmitter { requestTimeoutMs: 30_000, readyTimeoutMs: 10_000, localPaths: [ - plugins.path.join(packageDir, 'dist_rust'), - plugins.path.join(packageDir, 'rust', 'target', 'release'), - plugins.path.join(packageDir, 'rust', 'target', 'debug'), + // Platform-suffixed binary in dist_rust (production) + plugins.path.join(packageDir, 'dist_rust', `remoteingress-bin_${process.platform === 'win32' ? 'windows' : 'linux'}_${process.arch === 'x64' ? 'amd64' : process.arch}`), + // Exact binaryName fallback in dist_rust + plugins.path.join(packageDir, 'dist_rust', 'remoteingress-bin'), + // Development build paths (cargo output uses exact name) + plugins.path.join(packageDir, 'rust', 'target', 'release', 'remoteingress-bin'), + plugins.path.join(packageDir, 'rust', 'target', 'debug', 'remoteingress-bin'), ], searchSystemPath: false, });