From 91b13be6fd403365e47fb3249ce26c72c8fef14a Mon Sep 17 00:00:00 2001 From: 21pages Date: Thu, 18 Jun 2026 14:41:38 +0800 Subject: [PATCH] Add controlled context for controller audit attribution Add ControlledContext to rendezvous messages so the server can pass a controller-user audit ref to the controlled client. The controlled client returns the ref when posting audit logs, allowing the server to associate those logs with the controller user. Signed-off-by: 21pages --- protos/rendezvous.proto | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/protos/rendezvous.proto b/protos/rendezvous.proto index 5c4dc3d1e..a2b1d6527 100644 --- a/protos/rendezvous.proto +++ b/protos/rendezvous.proto @@ -49,6 +49,10 @@ message ControlPermissions { uint64 permissions = 1; } +message ControlledContext { + string conn_audit_ref = 1; +} + message PunchHole { bytes socket_addr = 1; string relay_server = 2; @@ -58,6 +62,7 @@ message PunchHole { int32 upnp_port = 6; bytes socket_addr_v6 = 7; ControlPermissions control_permissions = 8; + ControlledContext controlled_context = 9; } message TestNatRequest { @@ -146,6 +151,7 @@ message RequestRelay { ConnType conn_type = 7; string token = 8; ControlPermissions control_permissions = 9; + ControlledContext controlled_context = 10; } message RelayResponse { @@ -174,6 +180,7 @@ message FetchLocalAddr { string relay_server = 2; bytes socket_addr_v6 = 3; ControlPermissions control_permissions = 4; + ControlledContext controlled_context = 5; } message LocalAddr {