Commit Graph

89 Commits

Author SHA1 Message Date
Zoltán Papp
0a59f12012 Env var to force relay usage 2024-06-26 15:25:32 +02:00
Zoltán Papp
0a67f5be1a Fix logic 2024-06-25 15:13:08 +02:00
Zoltán Papp
54dc78aab8 Remove debug log 2024-06-24 15:30:25 +02:00
Zoltán Papp
69d8d5aa86 Fix the active conn type logic 2024-06-21 19:13:41 +02:00
Zoltán Papp
7581bbd925 Handle on offer listener in handshaker 2024-06-21 15:35:15 +02:00
Zoltán Papp
4d67d72785 Use permanent credentials 2024-06-21 15:02:54 +02:00
Zoltán Papp
4a08f1a1e9 Refactor handshaker loop 2024-06-21 12:35:28 +02:00
Zoltán Papp
6801dcb3f6 Fallback to relay conn 2024-06-20 18:17:30 +02:00
Zoltán Papp
c7db2c0524 Moc signal message support 2024-06-19 18:40:49 +02:00
Zoltán Papp
f7e6aa9b8f Change logging logic 2024-06-19 18:16:43 +02:00
Zoltán Papp
0261e15aad Extend the cmd with argument handling
- add cobra to relay server
- add logger instance for handshaker
2024-06-19 17:40:16 +02:00
Zoltán Papp
4d2a25b728 Code cleaning 2024-06-19 11:53:21 +02:00
Zoltán Papp
2f32e0d8cf Fix chicken-egg problem in the ice agent creation 2024-06-19 11:28:01 +02:00
Zoltán Papp
48310ef99c Fix engine test 2024-06-19 09:59:01 +02:00
Zoltán Papp
24f71bc68a Fix and extend test 2024-06-19 09:40:43 +02:00
Zoltán Papp
e26e2c3a75 Add conn status handling and protect agent 2024-06-18 17:40:37 +02:00
Zoltán Papp
a5e664d83d Code cleaning 2024-06-18 11:27:18 +02:00
Zoltán Papp
63b4041e9c Rename connector to worker 2024-06-18 11:22:40 +02:00
Zoltán Papp
f7d8d03e55 Fix timers 2024-06-18 11:20:01 +02:00
Zoltán Papp
5b86a7f3f2 Fix relay mode evaulation 2024-06-18 11:10:55 +02:00
Zoltán Papp
deb8203f06 fix circle import 2024-06-17 18:02:52 +02:00
Zoltán Papp
e407fe02c5 Separate lifecircle of handshake, ice, relay connections
- fix Stun, Turn address update thread safety issue
- move conn worker login into peer package
2024-06-17 17:52:22 +02:00
Zoltan Papp
64f949abbb Integrate relay into peer conn
- extend mgm with relay address
- extend signaling with remote peer's relay address
- start setup relay connection before engine start
2024-06-14 14:40:31 +02:00
Zoltan Papp
983d7bafbe
Remove unused variables from peer conn (#2074)
Remove unused variables from peer conn
2024-06-04 17:04:50 +02:00
Viktor Liu
9b3449753e
Ignore candidates whose IP falls into a routed network. (#2084)
This will prevent peer connections via other peers.
2024-06-03 17:31:37 +02:00
pascal-fischer
50201d63c2
Increase garbage collection on ios (#1981) 2024-05-17 15:58:29 +02:00
Viktor Liu
920877964f
Monitor network changes and restart engine on detection (#1904) 2024-05-07 18:50:34 +02:00
Viktor Liu
e3b76448f3
Fix ICE endpoint remote port in status command (#1851) 2024-04-16 14:01:59 +02:00
Carlos Hernandez
76702c8a09
Add safe read/write to route map (#1760) 2024-04-11 22:12:23 +02:00
Maycon Santos
3875c29f6b
Revert "Rollback new routing functionality (#1805)" (#1813)
This reverts commit 9f32ccd453.
2024-04-08 18:56:52 +02:00
Viktor Liu
9f32ccd453
Rollback new routing functionality (#1805) 2024-04-05 20:38:49 +02:00
Viktor Liu
7938295190
Feature/exit nodes - Windows and macOS support (#1726) 2024-04-03 11:11:46 +02:00
Misha Bragin
9c2dc05df1
Eval/higher timeouts (#1776) 2024-03-31 19:39:52 +02:00
pascal-fischer
846871913d
Add latency checks to peer connection and status output (#1725)
* adding peer healthcheck

* generate proto file

* fix return in udp mux and replace with continue

* use ice agent for latency checks

* fix status output

* remove some logs

* fix status test

* revert bind and ebpf code

* fix error handling on binding response callback

* extend error handling on binding response callback

---------

Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-03-20 11:18:34 +01:00
Viktor Liu
4a1aee1ae0
Add routes and dns servers to status command (#1680)
* Add routes (client and server) to status command
* Add DNS servers to status output
2024-03-12 19:06:16 +01:00
Bethuel Mmbaga
5a3d9e401f
Send terminal notification on peer session expiry (#1660)
Send notification through terminal on user session expiration in Linux and macOS, 
unless UI application is installed to handle it instead.
2024-03-08 18:28:13 +01:00
Misha Bragin
52fd9a575a
Add quantum resistance status output (#1608) 2024-02-24 11:41:13 +00:00
Maycon Santos
88747e3e01
Add an extra server reflexive candidate with WG port (#1549)
sends an extra server reflexive candidate to the remote peer with our related port (usually the Wireguard port)
this is useful when a network has an existing port forwarding rule for the Wireguard port and the local peer and avoids creating a 1:1 NAT on the local network.
2024-02-08 16:50:37 +01:00
Viktor Liu
a7d6632298
Extend netbird status command to include health information (#1471)
* Adds management, signal, and relay (STUN/TURN) health probes to the status command.

* Adds a reason when the management or signal connections are disconnected.

* Adds last wireguard handshake and received/sent bytes per peer
2024-01-22 12:20:24 +01:00
pascal-fischer
5de4acf2fe
Integrate Rosenpass (#1153)
This PR aims to integrate Rosenpass with NetBird. It adds a manager for Rosenpass that starts a Rosenpass server and handles the managed peers. It uses the cunicu/go-rosenpass implementation. Rosenpass will then negotiate a pre-shared key every 2 minutes and apply it to the wireguard connection.

The Feature can be enabled by setting a flag during the netbird up --enable-rosenpass command.

If two peers are both support and have the Rosenpass feature enabled they will create a post-quantum secure connection. If one of the peers or both don't have this feature enabled or are running an older version that does not have this feature yet, the NetBird client will fall back to a plain Wireguard connection without pre-shared keys for those connections (keeping Rosenpass negotiation for the rest).

Additionally, this PR includes an update of all Github Actions workflows to use go version 1.21.0 as this is a requirement for the integration.

---------

Co-authored-by: braginini <bangvalo@gmail.com>
Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2024-01-08 12:25:35 +01:00
Zoltan Papp
bc3d647d6b
Update pion v3 (#1398)
Update Pion related versions to the latest
---------

Co-authored-by: Yury Gargay <yury.gargay@gmail.com>
2023-12-20 23:02:42 +01:00
pascal-fischer
818c6b885f
Feature/add iOS support (#1244)
* starting engine by passing file descriptor on engine start

* inject logger that does not compile

* logger and first client

* first working connection

* support for routes and working connection

* small refactor for better code quality in swift

* trying to add DNS

* fix

* updated

* fix route deletion

* trying to bind the DNS resolver dialer to an interface

* use dns.Client.Exchange

* fix metadata send on startup

* switching between client to query upstream

* fix panic on no dns response

* fix after merge changes

* add engine ready listener

* replace engine listener with connection listener

* disable relay connection for iOS until proxy is refactored into bind

* Extract private upstream for iOS and fix function headers for other OS

* Update mock Server

* Fix dns server and upstream tests

* Fix engine null pointer with mobile dependencies for other OS

* Revert back to disabling upstream on no response

* Fix some of the remarks from the linter

* Fix linter

* re-arrange duration calculation

* revert exported HostDNSConfig

* remove unused engine listener

* remove development logs

* refactor dns code and interface name propagation

* clean dns server test

* disable upstream deactivation for iOS

* remove files after merge

* fix dns server darwin

* fix server mock

* fix build flags

* move service listen back to initialize

* add wgInterface to hostManager initialization on android

* fix typo and remove unused function

* extract upstream exchange for ios and rest

* remove todo

* separate upstream logic to ios file

* Fix upstream test

* use interface and embedded struct for upstream

* set properly upstream client

* remove placeholder

* remove ios specific attributes

* fix upstream test

* merge ipc parser and wg configurer for mobile

* fix build annotation

* use json for DNS settings handover through gomobile

* add logs for DNS json string

* bring back check on ios for private upstream

* remove wrong (and unused) line

* fix wrongly updated comments on DNSSetting export

---------

Co-authored-by: Maycon Santos <mlsmaycon@gmail.com>
2023-12-18 11:46:58 +01:00
Yury Gargay
9e8725618e
Extend linter rules (#1300)
- dupword checks for duplicate words in the source code
- durationcheck checks for two durations multiplied together
- forbidigo forbids identifiers
- mirror reports wrong mirror patterns of bytes/strings usage
- misspell finds commonly misspelled English words in comments
- predeclared finds code that shadows one of Go's predeclared identifiers
- thelper detects Go test helpers without t.Helper() call and checks the consistency of test helpers
2023-11-10 16:33:13 +01:00
Maycon Santos
b726b3262d
Add codespell job (#1281)
add codespell workflow and fixed spelling issues
2023-11-07 13:37:57 +01:00
Zoltan Papp
2dec016201
Fix/always on boot (#1062)
In case of 'always-on' feature has switched on, after the reboot the service do not start properly in all cases.
If the device is in offline state (no internet connection) the auth login steps will fail and the service will stop.
For the auth steps make no sense in this case because if the OS start the service we do not have option for
the user interaction.
2023-08-11 11:51:39 +02:00
Zoltan Papp
a0a6ced148
After add listener automatically trigger peer list change event (#1044)
In case of alway-on start the peer list was invalid on Android UI.
2023-08-04 14:14:08 +02:00
Zoltan Papp
b0364da67c
Wg ebpf proxy (#911)
EBPF proxy between TURN (relay) and WireGuard to reduce number of used ports used by the NetBird agent.
- Separate the wg configuration from the proxy logic
- In case if eBPF type proxy has only one single proxy instance
- In case if the eBPF is not supported fallback to the original proxy Implementation

Between the signature of eBPF type proxy and original proxy has 
differences so this is why the factory structure exists
2023-07-26 14:00:47 +02:00
Zoltan Papp
dd29f4c01e
Reduce the peer status notifications (#956)
Reduce the peer status notifications

When receive new network map invoke multiple notifications for 
every single peers. It cause high cpu usage We handle the in a 
batch the peer notification in update network map.

- Remove the unnecessary UpdatePeerFQDN calls in addNewPeer
- Fix notification in RemovePeer function
- Involve FinishPeerListModifications logic
2023-06-19 11:20:34 +02:00
Maycon Santos
a4350c19e7
Fix: Skip state notification should use a copy of the previous peer state (#960)
This was affecting the behavior of the route manager,
causing issues with HA and with cases of flaky connections
2023-06-17 09:03:52 +02:00
Maycon Santos
c331cef242
Remove the number of status notifications on disconnected peers (#946)
Only send notifications when disconnected once, at peer's IP update
2023-06-11 21:51:33 +02:00