1
Fork 0
mirror of https://github.com/jech/galene.git synced 2024-11-09 18:25:58 +01:00
Commit graph

140 commits

Author SHA1 Message Date
Juliusz Chroboczek
695c379a6c Distinguish empty key in password from absence of key. 2024-04-12 01:05:48 +02:00
Juliusz Chroboczek
4ad7c2f303 Improve TestUpgradeDescription. 2024-04-12 00:47:51 +02:00
Juliusz Chroboczek
7673a95b05 Implement FallbackUsers in API. 2024-04-11 17:53:48 +02:00
Juliusz Chroboczek
31a18bcf44 Implement keys handling in API. 2024-04-11 14:30:44 +02:00
Juliusz Chroboczek
077ff9a879 Add canChangePassword to group status. 2024-04-11 13:27:08 +02:00
Juliusz Chroboczek
fc6387bb38 Implement accessors for description files.
Allow reading and modifying description files, in a manner
that aligns with the needs of the API.
2024-04-10 14:09:52 +02:00
Juliusz Chroboczek
1666abf2f3 Add allowSubgroups argument to readDescription. 2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
d887a216f0 Rework configuration file format.
The "users" entry is now a dictionary mapping user names to
passwords and permissions.  In order to allow for wildcards,
there is a new type of password, the wildcard password, and
an extra array called "fallback-users".

The field "allow-anonymous" no longer exists, this is now
the default behaviour.  The field "allow-subgroups" has been
renamed to "auto-subgroups".

We provide backwards compatibility for group definition files,
but not for the config.json file, where the old "admin" array
is simply ignored.
2024-04-09 22:49:03 +02:00
Juliusz Chroboczek
de0c42faaf Implement "expires" and "not-before" for groups. 2024-03-03 16:45:54 +01:00
Juliusz Chroboczek
b8f7c68338 Return correct error message for invalid tokens. 2024-03-03 15:42:46 +01:00
Juliusz Chroboczek
89f947df1f Rework handling of authorisation errors.
We'd sometimes return "Internal server error" on authentication
failures.  This should be gone now.
2024-03-03 13:43:50 +01:00
Juliusz Chroboczek
29e006037c Allow proxyURL to contain a path.
We now support or reasonable values for proxyURL, such as "http:"
or "/galene".
2024-02-24 12:46:30 +01:00
Juliusz Chroboczek
bfe83d1a27 Move description code into its own file. 2024-02-20 18:19:24 +01:00
Juliusz Chroboczek
3792800355 Make Update ignore directories starting with colon.
We were already ignoring files starting with colon.
2024-02-13 22:02:57 +01:00
Juliusz Chroboczek
9f3bee8e37 Add missing omitempty to group description. 2024-01-07 00:26:36 +01:00
Juliusz Chroboczek
f9ef43248b Use strings.Cut when parsing fmtp. 2023-12-09 18:23:06 +01:00
Juliusz Chroboczek
dcde4562f5 Avoid code duplication in openDescriptionFile. 2023-12-09 16:17:48 +01:00
Juliusz Chroboczek
8628344a6d Add support for hashing password with BCrypt. 2023-11-23 14:04:43 +01:00
Juliusz Chroboczek
e4682ff283 Revert "Change default video codec to VP9."
This reverts commit 69445d67f5.
2023-09-01 16:00:09 +02:00
Juliusz Chroboczek
27cc8c5273 Deal with missing profile id for VP9 and H.264. 2023-07-18 12:05:26 +02:00
Juliusz Chroboczek
5722270cc7 Disable active TCP candidates.
Active TCP candidates were added in Pion 3.2.11.
2023-07-14 14:44:24 +02:00
Juliusz Chroboczek
c9386eb63d Improve error reporting in CodecPayloadType. 2023-07-12 12:11:40 +02:00
Juliusz Chroboczek
90e2de0b2d Add configuration option publicServer. 2023-07-10 23:59:24 +02:00
Juliusz Chroboczek
69445d67f5 Change default video codec to VP9. 2023-07-09 16:33:39 +02:00
Juliusz Chroboczek
8f1bc93cca Protect against clients with an empty id. 2023-04-28 16:51:17 +02:00
Juliusz Chroboczek
031590b4e9 Rename 'allow-tokens' to 'unrestricted-tokens'. 2023-04-10 14:42:01 +02:00
Juliusz Chroboczek
3a6551c733 Implement "allow-tokens". 2023-04-04 01:22:05 +02:00
Juliusz Chroboczek
a6314a7384 Implement stateful tokens.
Stateful tokens look just like cryptographic tokens to the client.
Unlike cryptographic tokens, they are stored in a file and are
revokable and editable.
2023-04-04 00:59:54 +02:00
Juliusz Chroboczek
aa53b78b2c Distinguish between no username and empty username. 2023-04-03 22:58:38 +02:00
Juliusz Chroboczek
a1c1345719 Server-side support for protocol 2.
The "time" field of messages is now a string in RFC 3339 format,
and there is a new "error" field in messages.
2023-04-03 22:58:38 +02:00
Juliusz Chroboczek
c58064d923 Move token handling into the separate module.
Tokens are now an interface, and all the token logic is encapsulated
in the token module.
2023-04-03 22:58:38 +02:00
Juliusz Chroboczek
f75b964a6b Distinguish tokens with empty sub from no sub
We now distinguish between tokens that specify an empty username
(sub="") and tokens that don't specify sub.  The latter are
considered invalid for now.
2023-01-14 23:19:51 +01:00
Juliusz Chroboczek
1eb7716766 Simplify group expiration. 2022-10-23 16:04:10 +02:00
Juliusz Chroboczek
16e2888d56 Add new configuration directive proxyURL.
The strategy of computing the base URL from the request doesn't
necessarily work if we're behind a reverse proxy.  proxyURL
can be set in cases where our guess is incorrect.

Thanks to Dianne Skoll.
2022-10-21 13:28:11 +02:00
Juliusz Chroboczek
249c1c1132 Don't notify clients when description is unchanged.
When we fixed the handling of autolocked groups, we introduced
a bug where we spuriously notify clients even when the description
didn't change.
2022-10-07 03:02:35 +02:00
Juliusz Chroboczek
62517844a5 Ensure autolocked groups are locked on creation.
We used to autolock groups when the last user left, but not
when creating a group that was not in memory yet.  Ensure that
groups are autolocked in all cases.

Thanks to Michael Ströder.
2022-09-22 17:32:55 +02:00
Juliusz Chroboczek
b20cb0e523 Simplify the interface to autoLockKick.
This just removes a minor optimisation.
2022-09-22 17:21:49 +02:00
Juliusz Chroboczek
bf142c41a0 Fix status generation for remote groups. 2022-09-16 20:45:54 +02:00
Juliusz Chroboczek
74a1243947 Fix TestPermissions.
This was broken when we moved GetPermission to Group.
Thanks to kiufta.
2022-09-09 14:14:24 +02:00
Juliusz Chroboczek
6bdcd504a7 Make GetPermission a method of Group. 2022-09-08 20:55:35 +02:00
Juliusz Chroboczek
b55e531aa5 Encode group location in the status.json file. 2022-09-01 15:38:29 +02:00
Juliusz Chroboczek
4bc873a574 Publish websocket endpoint in group status. 2022-09-01 14:55:52 +02:00
Juliusz Chroboczek
7d01f0339b Avoid re-reading descriptions
We used to avoid re-reading descriptions when joining a group,
but we used to re-read them when updating the list of groups.
2022-07-12 20:06:34 +02:00
Juliusz Chroboczek
fd228b09c2 Fix checking for username when token is present. 2022-04-29 01:36:02 +02:00
Juliusz Chroboczek
fc9f28fd68 Minor cleanups. 2022-04-23 18:43:01 +02:00
Juliusz Chroboczek
fd09564c05 Remove H.264 Baseline profile.
Some devices only support the Constrained Baseline profile.
2022-03-22 01:03:56 +01:00
Juliusz Chroboczek
de3a016f4d Set the username in the server when using tokens.
This avoids the need to pass the username in the URL without
requiring the client to parse tokens.
2022-02-20 15:33:11 +01:00
Juliusz Chroboczek
a9c9581465 Implement authPortal. 2022-02-19 23:58:31 +01:00
Juliusz Chroboczek
a86fb08f6c Replace ClientPermissions with a list of strings.
Now that we support external auth, the permissions list is
open-ended.  Make it a list for simplicity.
2022-02-19 23:44:57 +01:00
Juliusz Chroboczek
1d583e5367 Don't verify token issuer.
This makes it possible to use token authentication without
an authentication server.
2022-02-18 19:21:02 +01:00