feld
f423534ef0
Merge branch 'ldap-tls' into 'develop'
...
LDAP: refactor to a GenServer
See merge request pleroma/pleroma!4268
2024-09-17 18:15:35 +00:00
Mark Felder
35ddb1d2c8
LDAP genserver changelog
2024-09-17 13:57:10 -04:00
Mark Felder
2b482e34eb
Improve matching on bind errors
2024-09-17 13:54:57 -04:00
Mark Felder
ea63533cf2
Change :connection to :handle to match upstream nomenclature
2024-09-17 13:46:56 -04:00
Mark Felder
1d123832da
Formatting
2024-09-17 13:46:49 -04:00
Mark Felder
21bf229731
Reduce LDAP timeouts
...
10 seconds is way too long for any login attempt or search result. LDAP should always be fast.
2024-09-17 13:43:22 -04:00
Mark Felder
363b462c54
Make the email attribute configurable
...
While here, fix the System.get_env usage to use the normal fallback value method and improve the UID label description
2024-09-17 13:40:15 -04:00
Mark Felder
14a9663f1a
Remove cacertfile as child of SSL and TLS options
...
We need to pass the cacerts (list of charlist encoded certs) not cacertfile, so our new cacertfile setting handles this for us.
2024-09-17 13:40:15 -04:00
Mark Felder
a1972d57e3
Link the eldap connection process
...
Ensure if LDAP GenServer crashes it gets cleaned up, and we should crash and restart if somehow the eldap connection process crashes unexpectedly as we can't seem to receive any DOWN messages from it, etc.
2024-09-17 13:40:15 -04:00
Mark Felder
164ffbcab8
Fix return value when not doing STARTTLS
2024-09-17 13:40:15 -04:00
Mark Felder
d0ee899ab9
Only close connection if it is not nil
2024-09-17 13:40:15 -04:00
Mark Felder
123093a186
Ensure :ssl is started before we attempt to make the LDAP connection
2024-09-17 13:40:15 -04:00
Mark Felder
65a7b387c3
Require a reboot if LDAP configuration changes
2024-09-17 13:40:15 -04:00
Mark Felder
d82abf925d
Ensure :cacertfile is configurable in ConfigDB
2024-09-17 13:40:15 -04:00
Mark Felder
44b836c94c
Fix tests
...
We do not need to mock and verify connections are closed as the new Pleroma.LDAP GenServer will handle managing the connection lifetime
2024-09-17 13:40:15 -04:00
Mark Felder
7c04098dde
Catchall for when LDAP is not enabled
2024-09-17 13:40:15 -04:00
Mark Felder
ead287d623
Credo
2024-09-17 13:40:08 -04:00
Mark Felder
9264b21907
Pleroma.LDAP
...
This adds a GenServer which will keep an LDAP connection open and auto reconnect on failure with a 5 second wait between retries. Another benefit is this prevents parsing the Root CAs for every login attempt as we only need to do it once per connection.
2024-09-17 13:40:08 -04:00
feld
e7176bb998
Merge branch 'retry-tests' into 'develop'
...
Reapply "Custom mix task to retry failed tests once in CI pipeline"
See merge request pleroma/pleroma!4267
2024-09-16 20:13:10 +00:00
Mark Felder
e24e107f3d
Merge remote-tracking branch 'origin/develop' into retry-tests
2024-09-16 11:51:22 -04:00
feld
3a0d4e9837
Merge branch 'ldap-tls' into 'develop'
...
LDAP: permit overriding the CA root, improve SSL/TLS
See merge request pleroma/pleroma!4265
2024-09-16 15:50:58 +00:00
Mark Felder
e59706c201
Reapply "Custom mix task to retry failed tests once in CI pipeline"
...
This reverts commit b281ad06de
.
2024-09-16 11:42:55 -04:00
Mark Felder
91d1d7260b
Retain the try do so an LDAP failure can fall back to local database.
...
This fixes tests but the automatic fallback may not be well documented behavior.
2024-09-15 23:18:18 -04:00
Mark Felder
af3bf8a462
Support implicit TLS connections
...
Update docs to clarify that the :ssl option is also for modern TLS, but the :tls option is only for STARTTLS
These options may benefit from being renamed but they match upstream terminology.
2024-09-15 14:00:19 -04:00
marcin mikołajczak
8250a9764e
Merge branch 'notifications-group-key' into 'develop'
...
Add `group_key` to notifications
See merge request pleroma/pleroma!4262
2024-09-15 10:07:52 +00:00
Mark Felder
5539fea3bb
LDAP: permit overriding the CA root
2024-09-14 20:36:24 -04:00
marcin mikołajczak
c1a1150888
Merge branch 'profile-image-descriptions' into 'develop'
...
Allow providing avatar/header descriptions
See merge request pleroma/pleroma!4227
2024-09-14 17:46:33 +00:00
marcin mikołajczak
0111659a1f
Merge branch 'list-id-visibility' into 'develop'
...
Include list id in StatusView
See merge request pleroma/pleroma!4246
2024-09-14 17:46:09 +00:00
marcin mikołajczak
abf38b405d
Merge branch 'manifest-icon-size' into 'develop'
...
Manifest: declare /static/logo.svg as 512x512 to match one bundled with pleroma
See merge request pleroma/pleroma!4260
2024-09-14 17:27:49 +00:00
marcin mikołajczak
17b69c43d5
Add group_key
to notifications
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-12 14:37:37 +02:00
marcin mikołajczak
affdcdb68d
Manifest: declare /static/logo.svg as 512x512 to match one provided by pleroma-fe
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-12 11:27:29 +02:00
feld
360dd34f19
Merge branch 'ldap-tls' into 'develop'
...
LDAP Auth: fix TLS certificate verification
See merge request pleroma/pleroma!4259
2024-09-11 18:00:22 +00:00
Mark Felder
7def11d7c3
LDAP Auth: fix TLS certificate verification
...
Currently we only support STARTTLS and it was not verifying certificate and hostname correctly. We must pass a custom fqdn_fun/1 function so it knows what value to compare against.
2024-09-11 12:47:46 -04:00
Haelwenn
20e82c7456
Merge branch 'argon2' into 'develop'
...
Support and convert argon2 passwords
See merge request pleroma/pleroma!4257
2024-09-08 20:48:21 +00:00
Mint
7e91c3a306
Changelog
2024-09-08 05:41:48 +03:00
Mint
9de522ce50
Authentication: convert argon2 passwords, add tests
2024-09-08 05:32:40 +03:00
marcin mikołajczak
c9b28eaf9a
Argon2 password support
2024-09-08 05:23:46 +03:00
feld
bb0cb06d8a
Merge branch 'well-known' into 'develop'
...
NodeInfo: Accept application/activity+json requests
See merge request pleroma/pleroma!4242
2024-09-06 16:30:07 +00:00
feld
80f3e507d4
Merge branch 'dialyzer' into 'develop'
...
Dialyzer fixes
See merge request pleroma/pleroma!4254
2024-09-06 16:12:28 +00:00
feld
b871551d97
Merge branch 'oban-uniques' into 'develop'
...
Oban: more unique job constraints
See merge request pleroma/pleroma!4253
2024-09-06 16:02:06 +00:00
feld
7f3600fddd
Merge branch 'scrubber-mention-hashtag' into 'develop'
...
Add tests for Mastodon mention hashtag class
See merge request pleroma/pleroma!4255
2024-09-06 15:52:06 +00:00
Mark Felder
1afcfd4845
Add tests for Mastodon mention hashtag class
2024-09-06 11:51:16 -04:00
Mark Felder
5b26c56624
Changelog
2024-09-06 11:34:06 -04:00
Mark Felder
06ce5e3b43
Dialyzer: pattern_match The pattern can never match the type {:diff, false}.
2024-09-06 11:27:07 -04:00
Mark Felder
1d0e3b1355
Dialyzer: The pattern variable _ can never match the type, because it is covered by previous clauses.
2024-09-06 11:24:37 -04:00
Mark Felder
06d6febff9
Dialyzer: The pattern variable _e@1 can never match the type, because it is covered by previous clauses.
2024-09-06 11:19:24 -04:00
Mark Felder
7eb579c191
Dialyzer: invalid contract
2024-09-06 11:18:12 -04:00
Mark Felder
bc16f09d7b
Dialyzer: the pattern can never match the type
...
The original error was for the chat controller:
lib/pleroma/web/pleroma_api/controllers/chat_controller.ex:104:pattern_match The pattern can never match the type {:error, :content_too_long | :forbidden | :no_content | :not_found} | {:user, nil}.
Improve typespecs for the Pipeline and apply them where it could be encountered
2024-09-06 11:12:15 -04:00
Mark Felder
fc3ea94a1c
Dialyzer: the pattern can never match the type
2024-09-06 09:58:03 -04:00
Mark Felder
a887188890
Oban: more unique job constraints
2024-09-06 09:42:53 -04:00