Commit Graph

1751 Commits

Author SHA1 Message Date
992cfe64e1 Add ipv6 test for stdnet pkg (#761) 2023-03-24 10:46:40 +01:00
d1703479ff Add custom ice stdnet implementation (#754)
On Android, because of the hard SELinux policies can not list the
interfaces of the ICE package. Without it can not generate a host type
candidate. In this pull request, the list of interfaces comes via the Java
interface.
2023-03-24 08:40:39 +01:00
a27fe4326c Add JWT middleware validation failure log (#760)
We will log the middleware log now, but in the next
releases we should provide a generic error that can be
parsed by the dashboard.
v0.14.5
2023-03-23 18:26:41 +01:00
e6292e3124 Disable peer expiration of peers added with setup keys (#758) 2023-03-23 17:47:53 +01:00
628b497e81 Adjustments for the change server flow (#756)
Check SSO support by calling the internal.GetDeviceAuthorizationFlowInfo

Rename LoginSaveConfigIfSSOSupported to SaveConfigIfSSOSupported

Receive device name as input for setup-key login

have a default android name when no context value is provided

log non parsed errors from management registration calls
2023-03-23 16:35:06 +01:00
8f66dea11c Add Keycloak Idp Manager (#746)
Added intergration with keycloak user API.
2023-03-23 14:54:31 +01:00
de8608f99f add rest endpoints and update openapi doc 2023-03-21 16:02:19 +01:00
9c5adfea2b Merge pull request #745 from netbirdio/feature/pat_persistence
PAT persistence
2023-03-21 14:38:24 +01:00
8e4710763e use single line return for SaveAccount 2023-03-21 14:02:34 +01:00
82af60838e use "ok" convention for check variables throughout files_store 2023-03-21 14:00:59 +01:00
311b67fe5a change error messages 2023-03-21 13:56:31 +01:00
94d39ab48c improve style for tests 2023-03-21 13:34:48 +01:00
41a47be379 add function comments, implement account mock functions and added error handling in tests 2023-03-20 16:38:17 +01:00
e30def175b switch PATs to map and add deletion 2023-03-20 16:14:55 +01:00
e1ef091d45 remove unnecessary string conversion 2023-03-20 12:08:01 +01:00
511ba6d51f Delete pat_handler.go 2023-03-20 11:47:54 +01:00
b852198f67 codacy and lint hints 2023-03-20 11:44:12 +01:00
891ba277b1 Mobile (#735)
Initial modification to support mobile client

Export necessary interfaces for Android framework
2023-03-17 10:37:27 +01:00
747797271e Fix connstate indication (#732)
Fix the status indication in the client service. The status of the
management server and the signal server was incorrect if the network
connection was broken. Basically the status update was not used by
the management and signal library.
2023-03-16 17:22:36 +01:00
628a201e31 fix PAT array split 2023-03-16 16:59:32 +01:00
731d3ae464 Exchange proxy mode via signal (#727)
Before defining if we will use direct or proxy connection we will exchange a 
message with the other peer if the modes match we keep the decision 
from the shouldUseProxy function otherwise we skip using direct connection.

Added a feature support message to the signal protocol
2023-03-16 16:46:17 +01:00
453643683d add method to account mock 2023-03-16 16:44:05 +01:00
b8cab2882b storing and retrieving PATs 2023-03-16 15:57:44 +01:00
6143b819c5 Merge pull request #725 from netbirdio/feature/add_PAT_generation
Adding Personal Access Token generation
2023-03-16 15:50:40 +01:00
3b42d5e48a fix imports after merge 2023-03-16 11:59:12 +01:00
1d4dfa41d2 clean dependencies 2023-03-16 11:46:53 +01:00
f8db5742b5 Merge branch 'main' into feature/add_PAT_generation 2023-03-16 11:36:43 +01:00
bc3cec23ec use slice copy 2023-03-16 11:32:55 +01:00
f03aadf064 Feat firewall controller interface (#740)
Add a standard interface for the client firewall to support ACL.
2023-03-16 13:00:08 +04:00
292ee260ad Add version info command to signal server (#739)
Add version command to signal and management servers.

The version information will be filled during build time.
2023-03-15 07:54:51 +01:00
2a1efbd0fd Don't drop Rules from file storage after migration to Policies (#741)
Rego policy migration clears the rules property of the file storage, but it does not allow rollback management upgrade, so this changes pre-saves rules in the file store and updates it from the policies.
2023-03-15 09:42:40 +04:00
3bfa26b13b Feat rego default policy (#700)
Converts rules to Rego policies and allow users to write raw policies to set up connectivity and firewall on the clients.
2023-03-13 18:14:18 +04:00
221934447e Send remote agents updates when peer re-authenticates (#737)
When peer login expires, all remote peers are updated to exclude the peer from connecting.
Once a peer re-authenticates, the remote peers are not updated.
This peer fixes the behavior.
v0.14.4
2023-03-10 17:39:29 +01:00
9ce8056b17 Use global login expiration setting when sending network map (#731)
Peers were considered expired and not sent to remote peers
when global expiration was disabled.
v0.14.3
2023-03-09 11:24:42 +01:00
c65a5acab9 Update release banner 2023-03-09 08:24:25 +01:00
62de082961 fix account test 2023-03-08 12:21:44 +01:00
c4d9b76634 add comment for exported const 2023-03-08 12:09:22 +01:00
b4bb5c6bb8 use const and do array copy 2023-03-08 11:54:10 +01:00
2b1965c941 switch secret generation to use lib 2023-03-08 11:36:03 +01:00
83e7e30218 store hashedToken as string 2023-03-08 11:30:09 +01:00
24310c63e2 Remove mgm close steps, in defer doing it already (#729)
Simple code cleaning. Remove duplicated steps in login.
In the defer already close the management connection.
2023-03-07 15:01:47 +01:00
ed4f90b6aa Report offline peers to agents (#728)
The peer login expiration ACL check introduced in #714
filters out peers that are expired and agents receive a network map 
without that expired peers.
However, the agents should see those peers in status "Disconnected".

This PR extends the Agent <-> Management protocol 
by introducing a new field OfflinePeers
that contain expired peers. Agents keep track of those and display 
then just in the Status response.
2023-03-07 10:17:25 +01:00
0e9610c5b2 Refactor/clean shouldUseProxy (#722)
make code more readable by split code into smaller functions

add CandidateTypePeerReflexive check

Add shouldUseProxy tests
2023-03-06 17:33:54 +01:00
ed470d7dbe add comments for exported functions 2023-03-06 14:46:04 +01:00
cb8abacadd extend User Copy function 2023-03-06 14:01:18 +01:00
bcac5f7b32 fixed some namings 2023-03-06 13:51:32 +01:00
95d87384ab fixed some namings 2023-03-06 13:49:07 +01:00
ea3899e6d6 Update ICE to version 2.3.1 (#720)
It resolves a TLS relay issue with servername

fixes #719
2023-03-05 16:42:49 +01:00
337d3edcc4 Use the conn state of peer on proper way (#717)
The ConnStatus is a custom type based on iota
like an enum. The problem was nowhere used to the
benefits of this implementation. All ConnStatus
instances has been compared with strings. I
suppose the reason to do it to avoid a circle
dependency. In this commit the separated status
package has been moved to peer package.

Remove unused, exported functions from engine
2023-03-03 19:49:18 +01:00
e914adb5cd Move Login business logic from gRPC API to Accountmanager (#713)
The Management gRPC API has too much business logic 
happening while it has to be in the Account manager.
This also needs to make more requests to the store 
through the account manager.
2023-03-03 18:35:38 +01:00