netbird

mirror of https://github.com/netbirdio/netbird.git synced 2024-11-22 08:03:30 +01:00

Author	SHA1	Message	Date
bcmmbaga	f8b5eedd38	add account lock and return auto groups map on validation Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-11-08 10:14:13 +03:00
bcmmbaga	931521d505	get only required groups for auto-group validation Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-11-08 00:59:37 +03:00
bcmmbaga	1a5f3c653c	add check for regular user Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-11-08 00:37:47 +03:00
bcmmbaga	78044c226d	add lock to get account groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-11-08 00:32:14 +03:00
bcmmbaga	389c9619af	Refactor setup key handling to use store methods Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-11-08 00:31:41 +03:00
Zoltan Papp	4be826450b	[client] Use offload in WireGuard bind receiver (#2815 ) Improve the performance on Linux and Android in case of P2P connections	2024-11-07 17:28:38 +01:00
Maycon Santos	738387f2de	Add benchmark tests to get account with claims (#2761 ) * Add benchmark tests to get account with claims * add users to account objects * remove hardcoded env	2024-11-07 17:23:35 +01:00
Pascal Fischer	baf0678ceb	[management] Fix potential panic on inactivity expiration log message (#2854 )	2024-11-07 16:33:57 +01:00
Pascal Fischer	7fef8f6758	[management] Enforce max conn of 1 for sqlite setups (#2855 )	2024-11-07 16:32:35 +01:00
Viktor Liu	6829a64a2d	[client] Exclude split default route ip addresses from anonymization (#2853 )	2024-11-07 16:29:32 +01:00
Zoltan Papp	cbf500024f	[relay-server] Use X-Real-IP in case of reverse proxy (#2848 ) * Use X-Real-IP in case of reverse proxy * Use sprintf	2024-11-07 16:14:53 +01:00
Viktor Liu	509e184e10	[client] Use the prerouting chain to mark for masquerading to support older systems (#2808 )	2024-11-07 12:37:04 +01:00
Pascal Fischer	3e88b7c56e	[management] Fix network map update on peer validation (#2849 )	2024-11-07 09:50:13 +01:00
Maycon Santos	b952d8693d	Fix cached device flow oauth (#2833 ) This change removes the cached device flow oauth info when a down command is called Removing the need for the agent to be restarted	2024-11-05 14:51:17 +01:00
Maycon Santos	5b46cc8e9c	Avoid failing all other matrix tests if one fails (#2839 )	2024-11-05 13:28:42 +01:00
Pascal Fischer	a9d06b883f	add all group to add peer affected peers network map check (#2830 )	2024-11-01 22:09:08 +01:00
Viktor Liu	5f06b202c3	[client] Log windows panics (#2829 )	2024-11-01 15:08:22 +01:00
Zoltan Papp	0eb99c266a	Fix unused servers cleanup (#2826 ) The cleanup loop did not manage those situations well when a connection failed or the connection success but the code did not add a peer connection to it yet. - in the cleanup loop check if a connection failed to a server - after adding a foreign server connection force to keep it a minimum 5 sec	2024-11-01 12:33:29 +01:00
Pascal Fischer	bac95ace18	[management] Add DB access duration to logs for context cancel (#2781 )	2024-11-01 10:58:39 +01:00
Zoltan Papp	9812de853b	Allocate new buffer for every package (#2823 )	2024-11-01 00:33:25 +01:00
Zoltan Papp	ad4f0a6fdf	[client] Nil check on ICE remote conn (#2806 )	2024-10-31 23:18:35 +01:00
Pascal Fischer	4c758c6e52	[management] remove network map diff calculations (#2820 )	2024-10-31 19:24:15 +01:00
Misha Bragin	ec5095ba6b	Create FUNDING.yml (#2814 )	2024-10-30 17:25:02 +01:00
Misha Bragin	49a54624f8	Create funding.json (#2813 )	2024-10-30 17:18:27 +01:00
Pascal Fischer	729bcf2b01	[management] add metrics to network map diff (#2811 )	2024-10-30 16:53:23 +01:00
Jing	a0cdb58303	[client] Fix the broken dependency gvisor.dev/gvisor (#2789 ) The release was removed which is described at https://github.com/google/gvisor/issues/11085#issuecomment-2438974962.	2024-10-29 20:17:40 +01:00
pascal-fischer	39c99781cb	fix meta is equal slices (#2807 )	2024-10-29 19:54:38 +01:00
Marco Garcês	01f24907c5	[client] Fix multiple peer name filtering in netbird status command (#2798 )	2024-10-29 17:49:41 +01:00
pascal-fischer	10480eb52f	[management] Setup key improvements (#2775 )	2024-10-28 17:52:23 +01:00
pascal-fischer	1e44c5b574	[client] allow relay leader on iOS (#2795 )	2024-10-28 16:55:00 +01:00
Viktor Liu	940f8b4547	[client] Remove legacy forwarding rules in userspace mode (#2782 )	2024-10-28 12:29:29 +01:00
Viktor Liu	46e37fa04c	[client] Ignore route rules with no sources instead of erroring out (#2786 )	2024-10-28 12:28:44 +01:00
Stefano	b9f205b2ce	[misc] Update Zitadel from v2.54.10 to v2.64.1	2024-10-28 10:08:17 +01:00
Viktor Liu	0fd874fa45	[client] Make native firewall init fail firewall creation (#2784 )	2024-10-28 10:02:27 +01:00
Viktor Liu	8016710d24	[client] Cleanup firewall state on startup (#2768 )	2024-10-24 14:46:24 +02:00
Zoltan Papp	4e918e55ba	[client] Fix controller re-connection (#2758 ) Rethink the peer reconnection implementation	2024-10-24 11:43:14 +02:00
Viktor Liu	869537c951	[client] Cleanup dns and route states on startup (#2757 )	2024-10-24 10:53:46 +02:00
Zoltan Papp	44f2ce666e	[relay-client] Log exposed address (#2771 ) * Log exposed address	2024-10-23 18:32:27 +02:00
pascal-fischer	563dca705c	[management] Fix session inactivity response (#2770 )	2024-10-23 16:40:15 +02:00
Bethuel Mmbaga	7bda385e1b	[management] Optimize network map updates (#2718 ) * Skip peer update on unchanged network map (#2236) * Enhance network updates by skipping unchanged messages Optimizes the network update process by skipping updates where no changes in the peer update message received. * Add unit tests * add locks * Improve concurrency and update peer message handling * Refactor account manager network update tests * fix test * Fix inverted network map update condition * Add default group and policy to test data * Run peer updates in a separate goroutine * Refactor * Refactor lock * Fix peers update by including NetworkMap and posture Checks * go mod tidy * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * [management] Skip account peers update if no changes affect peers (#2310) * Remove incrementing network serial and updating peers after group deletion * Update account peer if posture check is linked to policy * Remove account peers update on saving setup key * Refactor group link checking into re-usable functions * Add HasPeers function to group * Refactor group management * Optimize group change effects on account peers * Update account peers if ns group has peers * Refactor group changes * Optimize account peers update in DNS settings * Optimize update of account peers on jwt groups sync * Refactor peer account updates for efficiency * Optimize peer update on user deletion and changes * Remove condition check for network serial update * Optimize account peers updates on route changes * Remove UpdatePeerSSHKey method * Remove unused isPolicyRuleGroupsEmpty * Add tests for peer update behavior on posture check changes * Add tests for peer update behavior on policy changes * Add tests for peer update behavior on group changes * Add tests for peer update behavior on dns settings changes * Refactor * Add tests for peer update behavior on name server changes * Add tests for peer update behavior on user changes * Add tests for peer update behavior on route changes * fix tests * Add tests for peer update behavior on setup key changes * Add tests for peer update behavior on peers changes * fix merge * Fix tests * go mod tidy * Add NameServer and Route comparators * Update network map diff logic with custom comparators * Add tests * Refactor duplicate diff handling logic * fix linter * fix tests * Refactor policy group handling and update logic. Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Update route check by checking if group has peers Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor posture check policy linking logic Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Simplify peer update condition in DNS management Refactor the condition for updating account peers to remove redundant checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add policy tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add posture checks tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix user and setup key tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix account and route tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix typo Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix nameserver tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix routes tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix group tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * upgrade diff package Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix nameserver tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * use generic differ for netip.Addr and netip.Prefix Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * go mod tidy Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add peer tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix management suite tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix postgres tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * enable diff nil structs comparison Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * skip the update only last sent the serial is larger Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor peer and user Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * skip spell check for groupD Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor group, ns group, policy and posture checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * skip spell check for GroupD Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * update account policy check before verifying policy status Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Update management/server/route_test.go Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> * Update management/server/route_test.go Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> * Update management/server/route_test.go Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> * Update management/server/route_test.go Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> * Update management/server/route_test.go Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> * add tests missing tests for dns setting groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add tests for posture checks changes Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add ns group and policy tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add route and group tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * increase Linux test timeout to 10 minutes Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Run diff for client posture checks only Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add panic recovery and detailed logging in peer update comparison Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Maycon Santos <mlsmaycon@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>	2024-10-23 13:05:02 +03:00
Zoltan Papp	30ebcf38c7	[client] Eliminate UDP proxy in user-space mode (#2712 ) In the case of user space WireGuard mode, use in-memory proxy between the TURN/Relay connection and the WireGuard Bind. We keep the UDP proxy and eBPF proxy for kernel mode. The key change is the new wgproxy/bind and the iface/bind/ice_bind changes. Everything else is just to fulfill the dependencies.	2024-10-22 20:53:14 +02:00
Bethuel Mmbaga	0106a95f7a	lock account and use transaction (#2767 ) Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>	2024-10-22 13:29:17 +03:00
Maycon Santos	9929b22afc	Replace suite tests with regular go tests (#2762 ) * Replace file suite tests with go tests * Replace file suite tests with go tests	2024-10-21 14:39:28 +02:00
Maycon Santos	88e4fc2245	Release global lock on early error (#2760 )	2024-10-19 18:32:17 +02:00
Maycon Santos	c8d8748dcf	Update sign workflow version (#2756 )	2024-10-18 17:28:58 +02:00
Maycon Santos	507a40bd7f	Fix decompress zip path (#2755 ) Since 0.30.2 the decompressed binary path from the signed package has changed now it doesn't contain the arch suffix this change handles that	2024-10-17 20:39:59 +02:00
Maycon Santos	ccd4ae6315	Fix domain information is up to date check (#2754 )	2024-10-17 19:21:35 +02:00
Bethuel Mmbaga	96d2207684	Fix JSON function compatibility for SQLite and PostgreSQL (#2746 ) resolves the issue with json_array_length compatibility between SQLite and PostgreSQL. It adjusts the query to conditionally cast types: PostgreSQL: Casts to json with ::json. SQLite: Uses the text representation directly.	2024-10-16 17:55:30 +02:00
Emre Oksum	f942491b91	Update Zitadel version on quickstart script (#2744 ) Update Zitadel version at docker compose in quickstart script from 2.54.3 to 2.54.10 because 2.54.3 isn't stable and has a lot of bugs.	2024-10-16 17:51:21 +02:00
Viktor Liu	8c8900be57	[client] Exclude loopback from NAT (#2747 )	2024-10-16 17:35:59 +02:00

1 2 3 4 5 ...

1753 Commits