1504 commits

Author	SHA1	Message	Date
Andy Oknen	1f8f36860f	Add NodeInfo field to PeerEntry and PeerInfo structures, and update related handlers to include NodeInfo in peer data retrieval and handshake processes.	2025-08-15 15:17:49 +00:00
Andy Oknen	c0a9bc802a	Refactor peer display in CLI by removing name formatting and directly showing IP addresses. Clean up unused code related to peer name retrieval in admin handler.	2025-08-15 14:49:01 +00:00
Andy Oknen	8ee5c9fbe1	Enhance peer display by including peer names alongside IP addresses in the WebUI and CLI. Update peer data retrieval to fetch names from node information.	2025-08-15 14:25:58 +00:00
Andy Oknen	ee470d32a7	Implement configuration management in WebUI with API integration for loading and saving configurations	2025-08-04 08:30:55 +00:00
Andy Oknen	19710fbc19	Implement modal system for adding peers and logout confirmation in WebUI	2025-07-31 14:25:38 +00:00
Andy Oknen	fcb5efd753	Add timeout handling and loading state management in API calls	2025-07-31 04:51:55 +00:00
Andy Oknen	1f75299312	Improve error handling and fallback mechanisms in WebUI server	2025-07-31 04:31:33 +00:00
Andy Oknen	791214c18b	Enhance WebUI with new peer display features and multilingual support	2025-07-31 04:29:28 +00:00
Andy Oknen	83bd279ffa	Enhance WebUI footer and mobile controls	2025-07-30 17:03:16 +00:00
Andy Oknen	428d29b176	Update authMiddleware to redirect to main page if no password is set and user accesses login page	2025-07-30 16:15:34 +00:00
Andy Oknen	2b3b4c39d2	Expose global state and update peer display logic in WebUI	2025-07-30 16:09:40 +00:00
Andy Oknen	675e2e71a5	Implement Admin API integration in WebUI for enhanced node management	2025-07-30 15:53:09 +00:00
Andy Oknen	3187114780	Refactor static file serving in WebUI to allow CSS and JS access without authentication, and implement theme toggle functionality in login and main pages	2025-07-30 13:21:30 +00:00
Andy Oknen	fc354865ea	Implement theme toggle functionality and enhance UI styles	2025-07-30 13:21:23 +00:00
Andy Oknen	008ac3d864	Enhance WebUI with multilingual support	2025-07-30 09:19:25 +00:00
Andy Oknen	a984fba30d	Add brute force protection to authentication system ... - Implemented IP-based blocking after 3 failed login attempts, with a 1-minute lockout period. - Enhanced login handler to check for blocked IPs and record failed attempts. - Added tests for brute force protection and successful login clearing failed attempts. - Updated README and example configuration to document new security features.	2025-07-30 09:19:05 +00:00
Andy Oknen	113dcbb72a	Add password authentication to WebUI and implement session management ... - Updated WebUI configuration to include a password field for authentication. - Enhanced the WebUI server to handle login and logout functionality with session management. - Added tests for authentication and session handling. - Updated README and example configuration to reflect new authentication features.	2025-07-30 08:34:29 +00:00
Andy Oknen	51e1ef3ed0	Refactor error handling tests to use structured test cases and add address validation in server start method	2025-07-30 07:44:44 +00:00
Andy Oknen	51a1a0a3d7	Refactor web UI server setup in main.go and update default host in config	2025-07-29 21:03:03 +00:00
Andy Oknen	345d5b9cbd	Add minimal Web UI server	2025-07-29 20:14:41 +00:00
Andy Oknen	d741657948	Refactor configuration struct comments and update default multicast interface settings	2025-07-29 18:50:47 +00:00
Neil Alexander	ffc0dc92e0	Reduce minimum maxbackoff to 5 seconds	2025-06-22 16:37:34 +01:00
patrini32	73705ff09d	Typo fix (#1232)	2025-02-20 09:45:49 +00:00
Neil Alexander	1fbcf3b3c2	Rename latency_ms to latency in getPeers response since it isn't even milliseconds anymore	2024-12-18 22:21:23 +00:00
Neil Alexander	69451fe969	Specify TLS 1.2-TLS 1.3 supported range for client connections ... Should fix #1208.	2024-12-12 19:07:55 +00:00
Neil Alexander	7790a19e4c	New detail in getMulticastInterfaces admin endpoint	2024-11-23 14:49:48 +00:00
Neil Alexander	d3b4de46ea	Improvements to how link shutdowns are handled	2024-11-23 13:43:34 +00:00
Neil Alexander	2454970e4d	Tweaks to configuration	2024-11-22 09:47:33 +00:00
Neil Alexander	b98f98318f	Tweaks to link handling	2024-11-22 09:44:30 +00:00
Neil	9398cae230	Expose download/upload rate per peer (#1206)	2024-11-19 08:42:27 +00:00
Neil Alexander	67ec5a92b3	Fix some lint issues	2024-11-17 21:29:26 +00:00
Neil Alexander	42873be09b	Reusable peer lookup/dial logic	2024-11-17 21:14:54 +00:00
Klemens Nanni	834680045a	Create admin socket synchronously before privdrop (#1201) ... Creating UNIX sockets the listen() goroutine that races against the main one dropping to an unprivileged user may cause startup failure when privdrop happens before privileged filesystem access. Setup or fail in New() and only do listen(2) in listen() to avoid this. ``` # yggdrasil -autoconf -user nobody 2024/11/03 21:15:27 Build name: yggdrasil-go 2024/11/03 21:15:27 Build version: 0.5.9 ... 2024/11/03 21:15:27 Admin socket failed to listen: listen unix /var/run/yggdrasil.sock: bind: permission denied ``` Rerun, now the order is flipped: ``` # yggdrasil -autoconf -user nobody 2024/11/03 21:15:34 Build name: yggdrasil-go 2024/11/03 21:15:34 Build version: 0.5.9 [...] 2024/11/03 21:15:34 UNIX admin socket listening on /var/run/yggdrasil.sock [...] ``` Fixes #927.	2024-11-11 19:27:02 +00:00
Neil Alexander	eef613993f	Raise link error when SNI supplied on unsupported link type ... Closes #1196	2024-10-27 21:06:56 +00:00
Neil Alexander	ff0ef7ff56	Update comments in default configuration file	2024-10-27 20:59:05 +00:00
Neil Alexander	b20ad846a1	When IfName is none, start queue goroutine, otherwise iprwc blocks and some handlers don't run	2024-10-20 21:28:04 +01:00
Klemens Nanni	a6429390da	Use UNIX socket patch from url struct (#1186) ... No need to extract it again when the url package provides it for us: ``` $ jq -n '{"AdminListen":"unix:///tmp/ygg.sock"}' | ./yggdrasil -useconf | grep 'admin socket' 2024/10/08 22:41:11 UNIX admin socket listening on /tmp/ygg.sock ``` Follow-up on #1176	2024-10-17 13:22:46 +01:00
Neil Alexander	d22dc9ecc9	TUN: Skip ErrTooManySegments	2024-10-10 09:23:13 +01:00
Klemens Nanni	874083da79	Replace repeated subscripts with single TrimPrefix (#1176) ... This stood out to me while reading the code: [7:] is skipping "unix://", so why not do that? Doing so reveals a bug in the last line changed, where chmod(2) failure would print just the prefix, not everything but it... easy to miss, but now this kind of bug can no longer happen.	2024-09-30 14:25:04 +01:00
Klemens Nanni	ccda1075c0	Fix ioctl(2) code for OpenBSD (#1175) ... This cleans up the mess to configure an IP address on a tun(4) device. Handrolling a hardcoded ioctl(2) request is far from perfect, but Go (golang.org/sys/unix) is to blame here. Tested on OpenBSD 7.6 -current where yggdrasil now drives the interface would use of ifconfig or other helpers.	2024-09-30 14:24:20 +01:00
Neil Alexander	6d5243bd9a	Add unit test for AllowedPublicKeys	2024-09-29 22:04:41 +01:00
Neil Alexander	377bc664c9	The AllowedPublicKeys option should not apply to multicast listeners ... Another fix for #1141.	2024-09-29 21:38:56 +01:00
Neil Alexander	d1b849588f	Fix bug where ephemeral links would try to reconnect in a fast loop ... Helps #1141, although not a complete solution.	2024-09-29 21:24:39 +01:00
Klemens Nanni	98a6fdb4f2	tun: bsd: remove redundant ioctl to set MTU (#1172) ... wireguard's CreateTUN() sets the MTU using the same ioctl(2), on both FreeBSD and OpenBSD. Tested on OpenBSD (outputwith this patch): ``` # ktrace ./yggdrasil -autoconf | grep Interface 2024/09/24 17:26:29 Interface name: tun0 2024/09/24 17:26:29 Interface IPv6: 201:26e:68f0:502e:f445:13eb:2fe1:f7cd/7 2024/09/24 17:26:29 Interface MTU: 16384 ``` ``` $ ifconfig tun0 | head -n1 tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 16384 ``` ``` # kdump | grep ioctl 53097 yggdrasil CALL ioctl(10,SIOCGIFMTU,0xc0000376b8) 53097 yggdrasil RET ioctl 0 53097 yggdrasil CALL ioctl(10,SIOCSIFMTU,0xc0000376c0) 53097 yggdrasil RET ioctl 0 53097 yggdrasil CALL ioctl(10,SIOCGIFMTU,0xc0000377f8) 53097 yggdrasil RET ioctl 0 53097 yggdrasil CALL ioctl(10,_IOW('i',12,0x20),0xc00003777c) 53097 yggdrasil RET ioctl -1 errno 25 Inappropriate ioctl for device "2024/09/24 17:26:29 Error in SIOCSIFADDR_IN6: inappropriate ioctl for device ``` (The completely broken address ioctl is another story...)	2024-09-29 21:05:38 +01:00
Neil Alexander	c00779c7d3	Multicast interface detection and shutdown tweaks ... May help with #1173.	2024-09-29 20:58:10 +01:00
Neil Alexander	b8ab843a98	Update admin socket response sorting	2024-09-23 22:40:52 +01:00
Neil Alexander	e138fa679c	Fix link panic when shutting down (closes #1168)	2024-09-22 17:05:25 +01:00
Neil Alexander	361b9fd6fc	Update WebSocket dependency to new import path	2024-09-22 16:54:58 +01:00
Neil	c4b29b735c	Link costing based on average RTT (#1171) ... This PR updates Ironwood to include the new RTT-based link costing and updates `yggdrasilctl` to report the cost in `getPeers`. Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>	2024-09-21 22:05:23 +00:00
Sergey Bobrenok	947b6ad7aa	Restore local peer discovery mechanism on Android 11+ (#1158) ... This solution is bases on https://github.com/wlynxg/anet project. `github.com/wlynxg/anet` is a partial alternative implementation of the `golang.org/x/net` module. The goal of `anet` module is to provide workarounds of the issues https://github.com/golang/go/issues/40569 and https://github.com/golang/go/issues/68082 on Android 11+. Tested on AOSP 13. Resolves: #1149	2024-08-16 18:28:57 +01:00