Commit Graph

1760 Commits

Author SHA1 Message Date
89249b414f move peer validation into getPeerconnectionResources 2023-12-04 14:53:38 +01:00
92adf57fea fix map assignment 2023-12-04 13:49:46 +01:00
e37a337164 Add gosec linter (#1342)
This PR adds `gosec` linter with the following checks disabled:

- G102: Bind to all interfaces
- G107: Url provided to HTTP request as taint input
- G112: Potential slowloris attack
- G114: Use of net/http serve function that has no support for setting timeouts
- G204: Audit use of command execution
- G401: Detect the usage of DES, RC4, MD5 or SHA1
- G402: Look for bad TLS connection settings
- G404: Insecure random number source (rand)
- G501: Import blocklist: crypto/md5
- G505: Import blocklist: crypto/sha1

We have complaints related to the checks above. They have to be addressed separately.
2023-12-04 13:34:06 +01:00
1cd5a66575 adding setup key name to the event meta for adding peers by setup key 2023-12-04 13:00:13 +01:00
b9fc008542 extract peer preparation 2023-12-04 12:49:50 +01:00
d5bf79bc51 Merge branch 'main' into feature/peer-approval 2023-12-01 18:12:59 +01:00
d7efea74b6 add owner role support (#1340)
This PR adds support to Owner roles.

The owner role has a similar access level as the admin, but it has the power to delete the account.

Besides that, the role has the following constraints:

- The role can only be transferred. So, only a user with the owner role can transfer the owner role to a new user
- It can't be assigned to users being invited
- It can't be assigned to service users
2023-12-01 17:24:57 +01:00
b8c46e2654 Fix IPv6 format for DNS address received from android (#1350)
this adds the address in the expected format in Go [ipv6]:port
2023-12-01 14:26:42 +01:00
4bf574037f fix sql store 2023-11-30 11:51:35 +01:00
47c44d4b87 fix imports in sqlite store test 2023-11-30 11:08:51 +01:00
96f866fb68 add missing imports after refactor 2023-11-29 16:46:46 +01:00
141065f14e Merge branch 'main' into feature/peer-approval 2023-11-29 16:27:01 +01:00
8e74fb1fa8 add account id to validating peer update 2023-11-29 15:57:56 +01:00
ba96e102b4 settings nil check 2023-11-29 15:16:11 +01:00
7a46a63a14 Fix the inability to set hostname with the flag in daemon mode (#1339)
Pass the hostname set in the flag into the protocol message when running in daemon mode.
2023-11-29 15:01:27 +01:00
2129b23fe7 allow sync for and return empty map 2023-11-29 14:56:06 +01:00
b6211ad020 Fix group membership for peers API response (#1337) 2023-11-29 09:33:05 +01:00
efd05ca023 fix api references 2023-11-28 15:15:51 +01:00
c829ad930c use separate package for signatures 2023-11-28 15:09:04 +01:00
ad1f18a52a replace with updated integrations 2023-11-28 14:55:20 +01:00
bab420ca77 extract account into separate package 2023-11-28 14:34:57 +01:00
c2eaf8a1c0 Add account deletion endpoint (#1331)
Adding support to account owners to delete an account

This will remove all users from local, and if --user-delete-from-idp is set it will remove from the remote IDP
2023-11-28 14:23:38 +01:00
a729c83b06 extract peer into seperate package 2023-11-28 13:45:26 +01:00
dc05102b8f Fix panic on empty username for invites (#1334)
Validate email and user are not empty
2023-11-28 13:09:33 +01:00
a7e55cc5e3 add signatures and frame for peer approval 2023-11-28 11:44:08 +01:00
b7c0eba1e5 add extra settings struct 2023-11-27 17:04:40 +01:00
d1a323fa9d Add gocritic linter (#1324)
* Add gocritic linter

`gocritic` provides diagnostics that check for bugs, performance, and style issues

We disable the following checks:

- commentFormatting
- captLocal
- deprecatedComment

This PR contains many `//nolint:gocritic` to disable `appendAssign`.
2023-11-27 16:40:02 +01:00
63d211c698 Prepare regexps on compile time (#1327) 2023-11-27 13:01:00 +01:00
0ca06b566a Add Windows version to correct system info field (#1330) 2023-11-24 17:49:39 +01:00
cf9e447bf0 Update signing pipelines to version 0.0.10 (#1329) 2023-11-24 14:27:40 +01:00
fdd23d4644 Remove the gateway check for routes (#1317)
Most operating systems add a /32 route for the default gateway address to its routing table

This will allow routes to be configured into the system even when the incoming range contains the default gateway.

In case a range is a sub-range of an existing route and this range happens to contain the default gateway it attempts to create a default gateway route to prevent loop issues
v0.24.3
2023-11-24 11:31:22 +01:00
hg
5a3ee4f9c4 Add systemd .service files (#1316) (#1318)
Add systemd .service files
2023-11-23 20:15:07 +01:00
5ffed796c0 Merge pull request #1326 from netbirdio/fix/windows-os-info
Fix windows os info
2023-11-22 20:13:18 +01:00
ab895be4a3 fix get os info for windows to report correct versions 2023-11-22 16:23:19 +01:00
96cdcf8e49 Add client UI shortcut links for standard users in Windows (#1323)
* Change SetShellVarContext scope to create program links for standard users

* Include guidelines for building the Windows Netbird installer during development

* Add Wireguard driver requirement to Windows build instructions
2023-11-21 20:02:16 +03:00
63f6514be5 Add tenv linter (#1322)
Tenv is analyzer that detects using `os.Setenv` instead of `t.Setenv` since Go 1.17.
2023-11-21 17:38:33 +01:00
afece95ae5 Fix lookupCache to work when idp has more users (#1321) 2023-11-20 16:47:11 +01:00
d78b7e5d93 Skip user deletion if the user does not exist in IdP (#1320) 2023-11-20 16:56:21 +03:00
67906f6da5 Improve Account cache reload condition (#1319)
To take in consideration that cache may know more users
2023-11-20 12:05:32 +01:00
52b5a31058 Merge pull request #1309 from netbirdio/fix/duplicated-entries-on-events-api
Fix duplicated Activity events shown
2023-11-17 12:03:26 +01:00
b58094de0f Add metrics for PeersUpdateManager (#1310)
With this change we should be able to collect and expose the following histograms:

* `management.updatechannel.create.duration.ms`  with `closed` boolean label
* `management.updatechannel.create.duration.micro` with `closed` boolean label
* `management.updatechannel.close.one.duration.ms`
* `management.updatechannel.close.one.duration.micro`
* `management.updatechannel.close.multiple.duration.ms`
* `management.updatechannel.close.multiple.duration.micro`
* `management.updatechannel.close.multiple.channels`
* `management.updatechannel.send.duration.ms` with `found` and `dropped` boolean labels
* `management.updatechannel.send.duration.micro` with `found` and `dropped` boolean labels
* `management.updatechannel.get.all.duration.ms`
* `management.updatechannel.get.all.duration.micro`
* `management.updatechannel.get.all.peers`
2023-11-16 18:21:52 +01:00
456aaf2868 Merge pull request #1315 from netbirdio/feature/dns-name-for-ios-from-idp
Use email address for iphone name generation
2023-11-16 17:42:48 +01:00
d379c25ff5 use idp cache instead of idp manager 2023-11-16 17:13:04 +01:00
f86ed12cf5 add support for ipad as well 2023-11-16 17:01:01 +01:00
5a45f79fec use the email address to set the iphone name for iOS 16+ 2023-11-16 16:46:08 +01:00
e7d063126d Add non-deletable service user (#1311)
* Add non-deletable flag for service users

* fix non deletable service user created as deletable

* Exclude non deletable service users in service users api response

* Fix broken tests

* Add test for non deletable service user

* Add handling for non-deletable service users in tests

* Remove non-deletable service users when fetching all users

* Ensure non-deletable users are filtered out when fetching all user data
2023-11-15 18:22:00 +03:00
fb42fedb58 Fix PAT copy for GetUserByTokenID in SQLite store (#1312) 2023-11-15 14:15:12 +01:00
9eb1e90bbe refactor activity get queries to only add comment 2023-11-15 11:21:59 +01:00
53fb0a9754 refactor activity get queries to only consider 1 deleted user entry 2023-11-14 17:40:14 +01:00
70c7543e36 Allow to update IntegrationReference for user (#1308)
This should not happen via an API but be possible when calling the method directly.
2023-11-14 12:25:21 +01:00