Release 1.9.2

DesktopEdge/MainWindow.xaml.cs

@@ -252,8 +252,11 @@ private void DoClose(bool isComplete) {
 			if (IdentityMenu.IsVisible) {
 				if (isComplete) {
 					if (MFASetup.Type == 2) {
-						if (IdentityMenu.Identity.MFAInfo.RecoveryCodes.Length==0) ShowBlurbAsync("You do not have anymore recovery codes", this.RECOVER);
-						else ShowRecovery(IdentityMenu.Identity);
+						if (IdentityMenu.Identity.MFAInfo?.RecoveryCodes?.Length > 0) {
+							ShowRecovery(IdentityMenu.Identity);
+						} else {
+							ShowBlurbAsync("You do not have anymore recovery codes", this.RECOVER);
+						}
 					} else if (MFASetup.Type == 3) {
 						IdentityMenu.Identity.IsMFAEnabled = false;
 						IdentityMenu.Identity.MFAInfo.IsAuthenticated = false;
@@ -484,6 +487,7 @@ async private void MainWindow_Loaded(object sender, RoutedEventArgs e) {
 			serviceClient.OnServiceEvent += ServiceClient_OnServiceEvent;
 			serviceClient.OnTunnelStatusEvent += ServiceClient_OnTunnelStatusEvent;
 			serviceClient.OnMfaEvent += ServiceClient_OnMfaEvent;
+            serviceClient.OnLogLevelEvent += ServiceClient_OnLogLevelEvent;
 			Application.Current.Properties.Add("ServiceClient", serviceClient);
 
 			monitorClient = new MonitorClient();
@@ -721,6 +725,7 @@ private void ServiceClient_OnIdentityEvent(object sender, IdentityEvent e) {
 						found.Name = zid.Name;
 						found.ControllerUrl = zid.ControllerUrl;
 						found.IsEnabled = zid.IsEnabled;
+                        LoadIdentities(true);
 						return;
 					}
 				} else if (e.Action == "updated") {
@@ -823,6 +828,20 @@ private void ServiceClient_OnTunnelStatusEvent(object sender, TunnelStatusEvent
 				}
 			});
 		}
+
+        private void ServiceClient_OnLogLevelEvent(object sender, LogLevelEvent e) {
+            if (e.LogLevel != null) {
+                SetLogLevel_monitor(e.LogLevel);
+                this.Dispatcher.Invoke(() =>  {
+                    this.MainMenu.LogLevel = e.LogLevel;
+                    Ziti.Desktop.Edge.Utils.UIUtils.SetLogLevel(e.LogLevel);
+                });
+            }
+        }
+
+        async private void SetLogLevel_monitor(string loglevel)  {
+            await monitorClient.SetLogLevelAsync(loglevel);
+        }
 
 		private void IdentityForgotten(ZitiIdentity forgotten) {
 			ZitiIdentity idToRemove = null;

DesktopEdge/Views/Screens/IdentityDetails.xaml.cs

@@ -119,7 +119,7 @@ public void UpdateView() {
 			ServiceList.Children.Clear();
 			if (_identity.Services.Count>0) {
 				foreach(var zitiSvc in _identity.Services.OrderBy(s => s.Name.ToLower())) {
-					if (zitiSvc.Name.ToLower().IndexOf(filter)>=0||zitiSvc.ToString().ToLower().IndexOf(filter)>=0) {
+					if (zitiSvc.Name.ToLower().IndexOf(filter.ToLower()) >=0||zitiSvc.ToString().ToLower().IndexOf(filter.ToLower()) >=0) {
 						Logger.Trace("painting: " + zitiSvc.Name);
 						ServiceInfo info = new ServiceInfo();
 						info.Info = zitiSvc;

ZitiDesktopEdge.Client/DataStructures/DataStructures.cs

@@ -418,6 +418,12 @@ public class IdentityEvent : ActionEvent
     {
         public Identity Id { get; set; }
     }
+
+    public class LogLevelEvent : ActionEvent
+    {
+        public string LogLevel { get; set; }
+    }
+
 
     public class MonitorServiceStatusEvent : SvcResponse {
         public string Status { get; set; }

ZitiDesktopEdge.Client/ServiceClient/DataClient.cs

@@ -33,6 +33,7 @@ public class DataClient : AbstractClient {
         public event EventHandler<List<Identity>> OnMetricsEvent;
         public event EventHandler<IdentityEvent> OnIdentityEvent;
         public event EventHandler<ServiceEvent> OnServiceEvent;
+        public event EventHandler<LogLevelEvent> OnLogLevelEvent;
         public event EventHandler<MfaEvent> OnMfaEvent;
 
         protected override void ShutdownEvent(StatusEvent e) {
@@ -56,6 +57,11 @@ protected virtual void IdentityEvent(IdentityEvent e) {
         protected virtual void ServiceEvent(ServiceEvent e) {
             OnServiceEvent?.Invoke(this, e);
         }
+
+        protected virtual void LogLevelEvent(LogLevelEvent e) {
+            OnLogLevelEvent?.Invoke(this, e);
+        }
+
 
         protected virtual void MfaEvent(MfaEvent e) {
             OnMfaEvent?.Invoke(this, e);
@@ -345,6 +351,13 @@ protected override void ProcessLine(string line) {
                             ServiceEvent(svc);
                         }
                         break;
+                    case "logLevel":
+                        LogLevelEvent ll = serializer.Deserialize<LogLevelEvent>(jsonReader);
+
+                        if (ll != null) {
+                            LogLevelEvent(ll);
+                        }
+                        break;
                     case "shutdown":
                         Logger.Debug("shutdown message received");
                         var se = new StatusEvent();

ZitiUpdateService/UpdateService.cs

@@ -199,6 +199,7 @@ private string CaptureLogs() {
 				outputTasklist(destinationLocation);
 				outputRouteInfo(destinationLocation);
 				outputNetstatInfo(destinationLocation);
+				outputNrpt(destinationLocation);
 
 				Task.Delay(500).Wait();
 
@@ -340,6 +341,37 @@ private void outputNetstatInfo(string destinationFolder) {
 			}
 		}
 
+		private void outputNrpt(string destinationFolder) {
+			Logger.Info("outputting NRPT rules");
+			try {
+				Logger.Info("outputting NRPT DnsClientNrptRule");
+				string nrptRuleOutput = Path.Combine(destinationFolder, "NrptRule.txt");
+				Process nrptRuleProcess = new Process();
+				ProcessStartInfo nrptRuleStartInfo = new ProcessStartInfo();
+				nrptRuleStartInfo.WindowStyle = ProcessWindowStyle.Hidden;
+				nrptRuleStartInfo.FileName = "cmd.exe";
+				nrptRuleStartInfo.Arguments = $"/C powershell \"Get-DnsClientNrptRule | sort -Property Namespace\" > \"{nrptRuleOutput}\"";
+				Logger.Info("Running: {0}", nrptRuleStartInfo.Arguments);
+				nrptRuleProcess.StartInfo = nrptRuleStartInfo;
+				nrptRuleProcess.Start();
+				nrptRuleProcess.WaitForExit();
+
+				Logger.Info("outputting NRPT DnsClientNrptPolicy");
+				string nrptOutput = Path.Combine(destinationFolder, "NrptPolicy.txt");
+				Process process = new Process();
+				ProcessStartInfo startInfo = new ProcessStartInfo();
+				startInfo.WindowStyle = ProcessWindowStyle.Hidden;
+				startInfo.FileName = "cmd.exe";
+				startInfo.Arguments = $"/C powershell \"Get-DnsClientNrptPolicy | sort -Property Namespace\" > \"{nrptOutput}\"";
+				Logger.Info("Running: {0}", startInfo.Arguments);
+				process.StartInfo = startInfo;
+				process.Start();
+				process.WaitForExit();
+			} catch (Exception ex) {
+				Logger.Error(ex, "Unexpected error {0}", ex.Message);
+			}
+		}
+
 		public void Debug() {
 			OnStart(null);// new string[] { "FilesystemCheck" });
 		}

release-notes.md

@@ -1,3 +1,19 @@
+# Release 1.9.2
+
+## What's New
+* [#322](https://github.com/openziti/desktop-edge-win/issues/322) Ability to toggle identity, set loglevel and generate feedback zip file from cmd line
+
+## Other changes:
+* none
+
+## Bugs fixed:
+* [#346](https://github.com/openziti/desktop-edge-win/issues/346) Fixed the UI filtering of services on the Identity detail screen
+* [#348](https://github.com/openziti/desktop-edge-win/issues/348) IP addresses do not need to be added to the NRPT
+* [#349](https://github.com/openziti/desktop-edge-win/issues/349) Too many services can cause the NRPT update to fail
+
+## Dependency Updates
+* none
+
 # Release 1.9.1
 
 ## What's New

service/.gitignore

@@ -7,3 +7,4 @@ NFWintunInstaller.msi
 wintun.dll
 
 gdb.txt
+logs

service/cziti/ctun.go

@@ -321,4 +321,4 @@ Set-NetIPInterface -InterfaceIndex $i.ifIndex -InterfaceMetric %d`, interfaceNam
 	if err != nil {
 		log.Errorf("ERROR setting interface metric: %v", err)
 	}
-}
+}

service/cziti/mfa.go

@@ -113,9 +113,9 @@ func ziti_mfa_cb_verify_go(_ C.ziti_context, status C.int, cFingerprint *C.char)
 	fp := C.GoString(cFingerprint)
 	log.Debugf("ziti_mfa_cb_verify_go called for %s. status: %d for ", fp, int(status))
 	var m = dto.MfaEvent{
-		ActionEvent: dto.MFAEnrollmentVerificationEvent,
-		Fingerprint: fp,
-		Successful:  false,
+		ActionEvent:   dto.MFAEnrollmentVerificationEvent,
+		Fingerprint:   fp,
+		Successful:    false,
 		RecoveryCodes: nil,
 	}
 
@@ -135,6 +135,7 @@ func ziti_mfa_cb_verify_go(_ C.ziti_context, status C.int, cFingerprint *C.char)
 }
 
 var rtnCodes = make(chan mfaCodes)
+
 func ReturnMfaCodes(id *ZIdentity, code string) ([]string, error) {
 	ccode := C.CString(code)
 	defer C.free(unsafe.Pointer(ccode))
@@ -179,6 +180,7 @@ func ziti_mfa_recovery_codes_cb_return(_ C.ziti_context, status C.int, recoveryC
 }
 
 var genCodes = make(chan mfaCodes)
+
 func GenerateMfaCodes(id *ZIdentity, code string) ([]string, error) {
 	ccode := C.CString(code)
 	defer C.free(unsafe.Pointer(ccode))
@@ -292,9 +294,9 @@ func ziti_mfa_cb_remove_go(_ C.ziti_context, status C.int, cFingerprint *C.char)
 
 	log.Debugf("ziti_mfa_cb_remove_go called for %s. status: %d for ", fp, int(status))
 	var m = dto.MfaEvent{
-		ActionEvent: dto.MFAEnrollmentRemovedEvent,
-		Fingerprint: fp,
-		Successful:  false,
+		ActionEvent:   dto.MFAEnrollmentRemovedEvent,
+		Fingerprint:   fp,
+		Successful:    false,
 		RecoveryCodes: nil,
 	}
 
@@ -311,4 +313,4 @@ func ziti_mfa_cb_remove_go(_ C.ziti_context, status C.int, cFingerprint *C.char)
 
 	log.Debugf("sending ziti_mfa_verify response back to UI for %s. verified: %t. error: %s", fp, m.Successful, m.Error)
 	goapi.BroadcastEvent(m)
-}
+}

service/cziti/sdk.go

@@ -340,7 +340,7 @@ func serviceCB(ziti_ctx C.ziti_context, service *C.ziti_service, status C.int, z
 		}
 
 		zid.Services.Store(svcId, &added)
-		ServiceChanges <- se
+		go func() {ServiceChanges <- se}() //do this in a go routine just in case it gets blocked so the uv loop doesn't block
 	}
 	return addresses
 }
@@ -411,7 +411,9 @@ func eventCB(ztx C.ziti_context, event *C.ziti_event_t) {
 			}
 			addys := serviceCB(ztx, removed, C.ZITI_SERVICE_UNAVAILABLE, zid)
 			for _, toRemove := range addys {
-				hostnamesToRemove[toRemove.HostName] = true
+				if toRemove.IsHost {
+					hostnamesToRemove[toRemove.HostName] = true
+				}
 			}
 		}
 		for i := 0; true; i++ {
@@ -422,12 +424,16 @@ func eventCB(ztx C.ziti_context, event *C.ziti_event_t) {
 			log.Info("service changed remove the service then add it back immediately", C.GoString(changed.name))
 			addys := serviceCB(ztx, changed, C.ZITI_SERVICE_UNAVAILABLE, zid)
 			for _, toRemove := range addys {
-				hostnamesToRemove[toRemove.HostName] = true
+				if toRemove.IsHost {
+					hostnamesToRemove[toRemove.HostName] = true
+				}
 			}
 
 			addys = serviceCB(ztx, changed, C.ZITI_OK, zid)
 			for _, toAdd := range addys {
-				hostnamesToAdd[toAdd.HostName] = true
+				if toAdd.IsHost {
+					hostnamesToAdd[toAdd.HostName] = true
+				}
 			}
 		}
 		for i := 0; true; i++ {
@@ -437,7 +443,9 @@ func eventCB(ztx C.ziti_context, event *C.ziti_event_t) {
 			}
 			addys := serviceCB(ztx, added, C.ZITI_OK, zid)
 			for _, toAdd := range addys {
-				hostnamesToAdd[toAdd.HostName] = true
+				if toAdd.IsHost {
+					hostnamesToAdd[toAdd.HostName] = true
+				}
 			}
 		}
 
@@ -453,7 +461,7 @@ func eventCB(ztx C.ziti_context, event *C.ziti_event_t) {
 
 		var m = dto.IdentityEvent{
 			ActionEvent: dto.IdentityUpdateComplete,
-			Id:          dto.Identity{
+			Id: dto.Identity{
 				FingerPrint: zid.Fingerprint,
 			},
 		}

service/windns/windns.go

@@ -121,11 +121,35 @@ func AddNrptRules(domainsToMap map[string]bool, dnsServer string) {
 		log.Debug("no domains to map specified to AddNrptRules. exiting early")
 		return
 	}
+
+	blockSize := 50
+	if len(domainsToMap) > blockSize {
+		log.Debugf("domainsToMap is too long [%d] and may fail on some systems. splitting the requested entries into blocks of %d", len(domainsToMap), blockSize)
+	}
+	currentSize := 0
+	hostnames := make([]string, blockSize)
+	for hostname := range domainsToMap {
+		if currentSize >= blockSize {
+			log.Debugf("sending chunk of domains to be added to NRPT")
+			chunkedAddNrptRules(hostnames, dnsServer)
+			hostnames = make([]string, blockSize)
+			currentSize = 0
+		}
+		hostnames[currentSize] = hostname
+		currentSize++
+	}
+	if currentSize > 0 {
+		//means there's a chunk still to add....
+		chunkedAddNrptRules(hostnames[:currentSize], dnsServer)
+	}
+}
+
+func chunkedAddNrptRules(domainsToAdd []string, dnsServer string) {
 	sb := strings.Builder{}
 	sb.WriteString(`$Rules = @(
 `)
 
-	for hostname := range domainsToMap {
+	for _, hostname := range domainsToAdd {
 		sb.WriteString(fmt.Sprintf(`@{ Namespace ="%s"; NameServers = @("%s"); Comment = "Added by ziti-tunnel"; DisplayName = "ziti-tunnel:%s"; }%s`, hostname, dnsServer, hostname, "\n"))
 	}
 
@@ -136,7 +160,7 @@ ForEach ($Rule in $Rules) {
 }`))
 
 	script := sb.String()
-	log.Debugf("Executing NRPT script:\n%s", script)
+	log.Debugf("Executing NRPT script containing %d domains:\n%s", len(domainsToAdd), script)
 
 	cmd := exec.Command("powershell", "-Command", script)
 	cmd.Stderr = os.Stdout