summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-02-27Client FSM: Remove already connected logjwijenbergh
Useless spam in the log file
2023-02-27Discovery: Fix embedding preamblejwijenbergh
2023-02-27Go.mod & sum: Update dependenciesjwijenbergh
2023-02-27Profile Test: formatjwijenbergh
2023-02-27Client Server: Go back on failure to add secure internetjwijenbergh
2023-02-27Exports Disco + Python: Make sure we can always obtain the local cachejwijenbergh
2023-02-27Discovery: Conditionally embed latest discovery files for local cachejwijenbergh
Conditionally embedding based on https://github.com/golang/go/issues/44484#issuecomment-948137497 To use it, wget the discovery files into the internal/discovery folder (same JSON name) after verifying the signature. Then build with -tags=release
2023-02-27OAuth: Use a sync.Once to only handle the request oncejwijenbergh
This prevents someone from spamming the local redirect URI and sending additional outgoing token requests to the legitimate server
2023-02-17HTTP: Fix test for joining path by removing trailing slashjwijenbergh
2023-02-17HTTP: Only add trailing slash for ensuring valid URLjwijenbergh
2023-02-17README: Fix linkjwijenbergh
2023-02-17Refactor: Improve some errors by using errors.New and add contextjwijenbergh
2023-02-16Server: Add test for profilesjwijenbergh
2023-02-16HTTP: Add test for ensuring valid URLjwijenbergh
2023-02-16OAuth: Make ISS requiredjwijenbergh
2023-02-16Format: Run gofumptjwijenbergh
2023-02-16Test: Rename TestServer to Serverjwijenbergh
2023-02-16Server: Validate endpointsjwijenbergh
This commit validates the server endpoints by checking the Host and scheme of each URL to check if they match eachother. This is to prevent further mixup attacks
2023-02-16Test: Implement util package for starting a TLS serverjwijenbergh
2023-02-16HTTP: Implement join URL pathjwijenbergh
2023-02-16HTTP: Incorporate util ensure valid url with clean pathjwijenbergh
2023-02-15Server: Remove 75% requirement on renew buttonjwijenbergh
2023-02-01Changes: Add & Update0.3.0jwijenbergh
2023-02-01Version: Bump to 0.3.0jwijenbergh
2023-01-31CLI: Do not use pkg/browser to open the browserjwijenbergh
2023-01-31Server: Add script-security 0 to the OpenVPN configjwijenbergh
This prevents scripts from being executed by default. Clients can override this by either using the OpenVPN --script-security flag or add a script-security setting themselves.
2023-01-31Client: Check if client ID is validjwijenbergh
2023-01-31Discovery Test: Fix http -> https typojwijenbergh
We rewrite URLs anyway so this is still fine but let's not make it so confusing
2023-01-31Util Test: test for HTTPS rewritejwijenbergh
2023-01-31Discovery: Setup a local HTTPS serverjwijenbergh
2023-01-31Client Test: Fix construct URL argumentsjwijenbergh
2023-01-31CLI: Use stderr and open browser properlyjwijenbergh
Also double check scheme such that no malicious schemes are passed such as network drives
2023-01-31HTTP + Util: Always set the scheme to HTTPSjwijenbergh
2023-01-13Client + Exports: Separate cleanup from disconnectjwijenbergh
2023-01-13Server API: Set a lower timeout for disconnectjwijenbergh
2023-01-13HTTP: Make the timeout configurable per request using a contextjwijenbergh
2023-01-12HTTP: Set default timeout to 10 secondsjwijenbergh
2023-01-12Failover: Return early by waiting for a single pongjwijenbergh
2023-01-12OAuth: Properly cache the Client IDjwijenbergh
2023-01-10Client + Discovery: Implement further organizations expiryjwijenbergh
2023-01-06Refactor: Re-use a HTTP clientjwijenbergh
2023-01-05Client Test: Fix prefer TCP suffix tests for arbitrary FQDNsjwijenbergh
2023-01-05Client Test: Fix config printjwijenbergh
2023-01-05Logger: Do not interpret error string as format specifier argumentjwijenbergh
2023-01-05CI: Run without dockerjwijenbergh
2023-01-05CI: Support overriding docker-compose with podman-composejwijenbergh
Useful if symlinking is not an option due to having docker-compose and podman-compose installed. You can change $PATH just for this repo but that's messy.
2023-01-05CI: Support Podman as an alternative to Dockerjwijenbergh
Podman-compose (can be aliased to docker-compose now) does not have the exact same options. We move the compose file to the root to support podman. This is also better because users can just execute docker-compose in the root.
2023-01-05HTTP: Set max read limit to 16MBjwijenbergh
2023-01-05Python: Re-implement example and move to a new directoryjwijenbergh
2023-01-04Docs: Update to be closer in line with the latest APIjwijenbergh