1. High-Level Summary (TL;DR)
- Impact: High
- Key Changes:
- File Transfer: Introduced
tunnix pushandtunnix pullsubcommands, allowing users to securely upload and download files or directories over the encrypted tunnel. - Streaming Compression: Transfers are packed into tar archives and compressed with
zstdon-the-fly, reducing network footprint. - Opt-in Security: File transfers provide arbitrary read/write access and must be explicitly enabled on the server via the
--allow-transferflag orallow_transfer = truein the configuration. - Global Config Resolution: Added automatic config file discovery that falls back from explicit flags to
./config.toml, and finally to~/.config/tunnix/config.toml, improving user ergonomics.
- File Transfer: Introduced
2. Visual Overview (Code & Logic Map)
3. Detailed Change Analysis
Configuration & Tooling
- What Changed: Added global config resolution paths, defaulting to the XDG config path. Updated CLI flags and config structs to support
allow_transfer. (Source:src/main.rs,src/config.rs)
Configuration Changes:
| Key | Old Value | New Value | Description |
|---|---|---|---|
allow_transfer
| N/A | false (default)
| Opt-in server setting to permit clients to read/write files via push/pull. |
Dependencies:
| Package | Old Ver | New Ver |
|---|---|---|
zstd
| N/A | 0.13
|
tar
| N/A | 0.4
|
Network Protocol & Server
- What Changed: Expanded the
Messageenum to includePushandPullintents. The server intercepts these inhandle_send(), checks if transfers are enabled, and spawns the appropriate relay tasks. Added robust error handling, reconnect retries, and watchdogs to tear down broken transfer streams gracefully without deadlocking. (Source:src/protocol.rs,src/server.rs)
Protocol Additions:
| Param | Type | Required | Description |
|---|---|---|---|
Message::Pull
| Protocol | Yes | Client asks to download paths. Server streams back a zstd-compressed tar archive. |
Message::Push
| Protocol | Yes | Client announces an upload. Client streams a zstd-compressed tar archive. |
Archive Pipeline (Sync-to-Async Bridge)
- What Changed: Because
tarandzstdoperate on synchronousRead/Writetraits, the application spawns blocking threads to compress and decompress data. This is bridged to the async networking world using boundedtokio::sync::mpscchannels. This ensures a bounded memory footprint and proper backpressure across the network. (Source:src/archive.rs)
4. Impact & Risk Assessment
- Breaking Changes: None. The updates are fully backward compatible as new commands and protocol messages are purely additive.
- Security Risks: ⚠️ The file transfer feature grants arbitrary file read/write permissions to anyone with the password. This is effectively RCE-adjacent. Mitigation is in place by making it strictly opt-in (
--allow-transfer) and displaying a loud warning upon startup.