Commit Graph

1736 Commits

Author SHA1 Message Date
e096ec39d5 Enable roaming for mobile (#827) v0.18.0 2023-04-28 16:26:54 +02:00
7f5e1c623e Use forked Wireguard-go for custom bind (#823)
Update go version to 1.20
Use forked wireguard-go repo because of custom Bind implementation
2023-04-27 17:50:45 +02:00
afaa3fbe4f Use local time zone for display last update changes (#825)
* Use local time zone for display last update changes

* using TZ UTC for testing purposes

* use init func
2023-04-27 16:02:00 +02:00
6fec0c682e Merging full service user feature into main (#819)
Merging full feature branch into main.
Adding full support for service users including backend objects, persistence, verification and api endpoints.
v0.17.0
2023-04-22 12:57:51 +02:00
45224e76d0 fallback to olde keys if failing to fetch refreshed keys 2023-04-21 13:34:52 +03:00
c2e90a2a97 feat: add support for custom device hostname (#789)
Configure via --hostname (or -n) flag in the `up` and `login` commands
---------

Signed-off-by: Chinmay D. Pai <chinmay.pai@zerodha.com>
2023-04-20 16:00:22 +02:00
118880b6f7 Send a status notification on offline peers change (#821)
Sum offline peers too
2023-04-20 15:59:07 +02:00
90c8cfd863 synchronize access to the signing keys 2023-04-19 17:11:38 +03:00
bb147c2a7c Remove unnecessary uapi open (#807)
Remove unnecessary uapi open from Android implementation
2023-04-17 11:50:12 +02:00
4616bc5258 Add route management for Android interface (#801)
Support client route management feature on Android
2023-04-17 11:15:37 +02:00
f7196cd9a5 refactoring 2023-04-15 03:44:42 +03:00
1803cf3678 Fix error handling in case of the port is in used (#810) v0.16.0 2023-04-14 16:18:00 +02:00
9f35a7fb8d Ignore ipv6 labeled address (#809)
Ignore ipv6 labeled address
2023-04-14 15:40:27 +02:00
53d78ad982 make variable unexported 2023-04-14 13:16:01 +03:00
9f352c1b7e validate keys for idp's with key rotation mechanism 2023-04-14 12:20:34 +03:00
a89808ecae initialize jwt validator with keys rotation state 2023-04-14 12:17:28 +03:00
c6190fa2ba add use-key-cache-headers flag to management command 2023-04-13 20:19:04 +03:00
2eeed55c18 Bind implementation (#779)
This PR adds supports for the WireGuard userspace implementation
using Bind interface from wireguard-go. 
The newly introduced ICEBind struct implements Bind with UDPMux-based
structs from pion/ice to handle hole punching using ICE.
The core implementation was taken from StdBind of wireguard-go.

The result is a single WireGuard port that is used for host and server reflexive candidates. 
Relay candidates are still handled separately and will be integrated in the following PRs.

ICEBind checks the incoming packets for being STUN or WireGuard ones
and routes them to UDPMux (to handle hole punching) or to WireGuard  respectively.
2023-04-13 17:00:01 +02:00
0343c5f239 Rollback simple ACL rules processing. (#803) v0.15.3 2023-04-12 09:39:17 +02:00
251f2d7bc2 Pass newly generated ID to network map when adding peer (#800) 2023-04-11 14:28:22 +02:00
306e02d32b Update calculate server state (#796)
Refactored updateServerStates and calculateState

added some checks to ensure we are not sending connecting on context canceled

removed some state updates from the RunClient function
2023-04-10 18:22:25 +02:00
8375491708 Merge pull request #778 from netbirdio/fix/consistent_time_format_for_pat
fix/use_utc_for_time_operations
2023-04-10 18:11:41 +02:00
e197b89ac3 remove UTC from some not store related operations 2023-04-10 11:09:27 +02:00
6aba28ccb7 remove UTC from some not store related operations 2023-04-10 10:54:23 +02:00
8f9826b207 Fix export path for certificate files (#794)
assign the value for NETBIRD_LETSENCRYPT_DOMAIN
in the base.setup.env file
2023-04-07 10:34:17 +02:00
0aad9169e9 Fix nil pointer exception (#790)
Nil pointer exception fix. The error handling was in wrong order.
v0.15.2
2023-04-06 18:15:55 +02:00
1057cd211d Add scope and id token environment variables (#785) 2023-04-05 21:57:47 +02:00
32b345991a Support remote scope and use id token configuration (#784)
Some IDP requires different scope requests and
issue access tokens for different purposes

This change allow for remote configurable scopes
and the use of ID token
v0.15.1
2023-04-05 17:46:34 +02:00
e903522f8c Configurable port defaults from setup.env (#783)
Allow configuring management and signal ports from setup.env

Allow configuring Coturn range from setup.env
2023-04-05 15:22:06 +02:00
ea88ec6d27 Roolback configurable port defaults from setup.env 2023-04-05 11:42:14 +02:00
2be1a82f4a Configurable port defaults from setup.env
Allow configuring management and signal ports from setup.env

Allow configuring Coturn range from setup.env
2023-04-05 11:39:22 +02:00
fe1ea4a2d0 Check multiple audience values (#781)
Some IDP use different audience for different clients. 
This update checks HTTP and Device authorization flow audience values.



---------

Co-authored-by: Givi Khojanashvili <gigovich@gmail.com>
v0.15.0
2023-04-04 16:40:56 +02:00
f14f34cf2b Add token source and device flow audience variables (#780)
Supporting new dashboard option to configure a source token.

Adding configuration support for setting 
a different audience for device authorization flow.

fix custom id claim variable
2023-04-04 15:56:02 +02:00
109481e26d Use first available package manager (#782) 2023-04-04 14:26:17 +02:00
18098e7a7d Add single line installer (#775)
detect OS package manager
If a supported package manager is not available,
use binary installation

Check if desktop environment is available
Skip installing the UI client if SKIP_UI_APP is set to true

added tests for Ubuntu and macOS tests
2023-04-04 00:35:54 +02:00
5993982cca Add disable letsencrypt (#747)
Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt

Organize the setup.env.example variables into sections

Add traefik example
2023-04-04 00:21:40 +02:00
86f9051a30 Fix/connection listener (#777)
Fix add/remove connection listener

In case we call the RemoveConnListener from Java then
we lose the reference from the original instance
2023-04-03 16:59:13 +02:00
489892553a use UTC everywhere in server 2023-04-03 15:09:35 +02:00
b05e30ac5a do not use UTC for time to stay consistent 2023-04-03 12:44:55 +02:00
769388cd21 Merge pull request #776 from netbirdio/feature/activity_events_for_pat
feature/activity_events_for_pat
2023-04-03 12:27:51 +02:00
c54fb9643c Merge pull request #774 from netbirdio/feature/add_pat_middleware
Feature/add pat middleware
2023-04-03 12:09:11 +02:00
5dc0ff42a5 Fix broken auto-generated Rego rule (#769)
Default Rego policy generated from the rules in some cases is broken.
This change fixes the Rego template for rules to generate policies.

Also, file store load constantly regenerates policy objects from rules.
It allows updating/fixing of the default Rego template during releases.
v0.14.6
2023-04-01 12:02:08 +02:00
45badd2c39 add event store to user tests 2023-04-01 11:11:30 +02:00
d3de035961 error responses always lower case + duplicate error response fix 2023-04-01 11:04:21 +02:00
b2da0ae70f add activity events on PAT creation and deletion 2023-03-31 17:41:22 +02:00
931c20c8fe fix test name 2023-03-31 12:45:10 +02:00
2eaf4aa8d7 add test for auth middleware 2023-03-31 12:44:22 +02:00
110067c00f change order for access control checks and aquire account lock after global lock 2023-03-31 12:03:53 +02:00
32c96c15b8 disable linter errors by comment 2023-03-31 10:30:05 +02:00
ca1dc5ac88 disable access control for token endpoint 2023-03-30 19:03:44 +02:00