49e04bd454
Improved user authentication log and added 'authlog' tracing.
2022-09-01 22:06:08 -07:00
03e15c6be1
update oidc passport module
...
Updated to official passport-openidconnect module, removed custom module.
2022-08-31 23:51:24 -04:00
d4d1f7d454
MeshCMD is now signed using the MeshCentral code signing cert.
2022-08-31 01:36:23 -07:00
0bf459bb51
Many web relay improvements and fixes ( #4467 , #4456 )
2022-08-30 17:53:27 -07:00
f7dc1d749b
Added 'keepcerts' option to force keeping HTTPS/MPS cert.
2022-08-26 15:43:12 -07:00
4fe394226c
Improved web relay sharing ( #4413 )
2022-08-25 21:10:09 -07:00
5d7fabfc21
Added guest web sharing of HTTP/HTTPS ( #4413 )
2022-08-25 20:11:47 -07:00
6b1b034c61
Fixed device sharing links when using in LAN mode.
2022-08-24 14:10:40 -07:00
fcfe4d964e
Intel AMT tab will now show up in the correct language if available.
2022-08-22 13:06:25 -07:00
334a9b8321
Added LDAPSyncWithUserGroups to config.json schema ( #4415 )
2022-08-22 11:57:11 -07:00
00765288e6
Added LDAP membership user group sync options ( #4415 )
2022-08-22 11:43:45 -07:00
6b4179c20c
Added LDAP debug improvements.
2022-08-21 22:19:57 -07:00
8dd07495f5
MeshCentral will now auto-create LDAP user groups and sync users to their membership groups when the login using LDAP. ( #4415 )
2022-08-21 21:19:34 -07:00
daa4c60b77
You can now restrict what LDAP users can login based on LDAP membership groups ( #4415 )
2022-08-21 14:05:51 -07:00
8d1eab20e5
Logout will not redirect to /login ( #4420 )
2022-08-21 00:41:17 -07:00
ab84719afe
Fixed saving run command dialog state on the server.
2022-08-19 13:42:44 -07:00
0ae91ede62
Fix for SAML ( #4408 )
2022-08-18 00:37:39 -07:00
4092615c63
Fixed auth strategies when using with a second domain with a DNS ( #4404 )
2022-08-17 14:14:56 -07:00
2c9fcdbfd0
Fixed U2F server exception ( #4346 )
2022-07-31 11:25:28 -07:00
c8d8fc422c
When doing session IP address checkingin default 'lax' mode, if both addresses are private/loopback, it's now accepted as a match.
2022-07-28 15:12:28 -07:00
ddbd76e254
Fix for #4307
...
Added missing equals sign when checking null session
2022-07-22 23:01:43 +00:00
3dd8531ef9
Added code to skip the agent code signing certificate if missing and getting certs from database or vault ( #4299 )
2022-07-21 17:17:08 -07:00
46e511ef95
Fixed webserver.js exception.
2022-07-21 16:10:01 -07:00
4db8ff3946
Fixed webserver.js exception.
2022-07-21 16:08:38 -07:00
034ebc986c
LDAP debug improvements.
2022-07-20 13:35:59 -07:00
61e486ba38
Added support for LDAP account images ( #4283 )
2022-07-20 12:57:24 -07:00
b7bc172c40
ldapUserName and ldapUserRealname can now be set to for example: {{{givenName}}} {{{sn}}} ( #4276 )
2022-07-20 00:50:32 -07:00
58cd5e3bea
LDAP improvements ( #4276 )
2022-07-20 00:10:09 -07:00
466c765df5
LDAP improvements ( #4283 )
2022-07-19 13:50:40 -07:00
954e5cde32
ldapSaveUserToFile will now append the file ( #4276 )
2022-07-18 16:18:15 -07:00
b3dd3d3613
Added ldapSaveUserToFile option to help debug LDAP issues.
2022-07-18 16:12:53 -07:00
9f4c2cc53e
Fix for SSPI auth un-authorized.
2022-07-15 13:13:53 -07:00
acb9a5bb6e
Fixed Web-RDP when used with non-default domain ( #4271 )
2022-07-14 15:18:41 -07:00
66b0315624
Browser session security improvements.
2022-07-12 17:45:19 -07:00
04fb1f2bf0
Added CAPTCHA option when creating new accounts on login screen.
2022-07-11 14:35:05 -07:00
4382899468
Clean up cookie-session instance.
2022-07-11 11:19:04 -07:00
626c490771
Switch browser cookie signature from SHA1 to SHA384.
2022-07-11 11:11:03 -07:00
a151dcbfe6
Web relay can now handle connection:close responses.
2022-07-10 13:08:28 -07:00
5eca4eecee
Completed support for web relay with multiple DNS names.
2022-07-10 11:32:59 -07:00
1a72126c4f
Added DELETE and OPTIONS as supported web relay methods, #4241
2022-07-10 10:50:57 -07:00
a0ea6ead09
Put in the groundwork for web relay with multiple relay DNS names.
2022-07-10 01:32:11 -07:00
bd9739e106
Changed the web relay system to correctly with multiple DNS names, #4242
2022-07-09 13:32:55 -07:00
9dac8b7807
Web relay improvements, #4240
2022-07-08 18:00:15 -07:00
40bc91b6f3
Many CrowdSec improvements.
2022-07-07 21:51:09 -07:00
e72614296c
fix dns relay and samesite lax
2022-07-07 14:57:48 +01:00
695e3068de
Fixed server exception when using agent installation invite codes, #4233
2022-07-06 23:39:36 -07:00
947d9094cb
Added support for Crowdsec, an open-source and collaborative IPS (Intrusion Prevention System)
2022-07-06 20:34:04 -07:00
e89effac46
Added options to remove the SSH Connect and SFTP connect from the terminal and files tab when other options exist, #4214
2022-07-05 14:25:38 -07:00
568097597c
Web relay with DNS now uses the main HTTPS alias port when set, #4210 .
2022-07-05 13:21:14 -07:00
d16523af7b
fix backup code visibility
2022-07-05 18:42:00 +01:00
18f4fe9c3a
Added relayAliasPort setting to support relay port behind reverse proxies, #4222
2022-07-04 20:20:25 -07:00
b33900dfbf
Improved DNS based web relay, #4210
2022-07-03 18:17:57 -07:00
5ba9d7e503
Added support to HTTP web relay on the main web server port with used with a specified DNS name, #4210
2022-07-03 00:44:58 -07:00
0637412d1b
Fixed Web-RDP when a default user is set and no users are logged in.
2022-06-28 15:20:05 -07:00
571a0f1c2d
More work on web relay, #4172
2022-06-24 16:53:31 -07:00
cfd8521381
Fixed server exception on older NodeJS versions, #4102
2022-06-09 09:58:02 -07:00
ea7e98b3b4
Added BREACH attack mittigation, #4084
2022-06-08 10:47:23 -07:00
9c52cc4d8c
Web-SSH fixes and improvements.
2022-05-19 14:41:32 -07:00
1571ce03f0
Added userRequiredHttpHeader support in domain section of the config.json, #4011
2022-05-18 18:01:34 -07:00
753b6c240a
SSH/RDP credentials are now stored per user account, #3995
2022-05-17 16:09:35 -07:00
5ac74635c5
Fixed HTTP handling when no user-agent header is present.
2022-05-16 16:20:50 -07:00
cee069d1df
Added Router and Assistant alternate path, #3988 .
2022-05-16 13:48:15 -07:00
68c5aae0b0
Send Permissions-Policy HTTP header only for Chrome browsers.
2022-05-16 12:51:15 -07:00
14050dd6b7
Fixed authlog, #3954
2022-05-10 19:31:21 -07:00
b28c7daf2b
Fixed account login message, #3954
2022-05-10 17:53:09 -07:00
0d297088c8
Added option to save SSH username and key without saving key password.
2022-05-10 17:44:34 -07:00
96dab9ab3e
Fixed 404 error with mstsc.html, #3927
2022-05-02 22:09:06 -07:00
41b6b6a54a
Fixed RDP/SSH use of saved credentials, #3924
2022-05-02 12:19:03 -07:00
db06ec1975
Added Web based RDP support with NLA, #3867 and #3914
2022-04-29 11:13:58 -07:00
4c3a82a552
Web socket connection error, #
2022-04-12 14:03:52 -07:00
8fce45ad76
CookieIpCheck now has none/lax/strict options, with default being lax. #3861
2022-04-09 17:12:52 -07:00
ba82a005f4
update oidc npm module
2022-04-08 11:55:54 -04:00
149573a878
swapped to working passport oidc module
2022-04-08 11:38:55 -04:00
126c1474cc
working generic oidc section
...
tested with authelia, works for me :)
2022-04-08 00:14:58 -04:00
640933fc6e
implemented passport-openidconnect
...
used passport-openidconnect to get login 90% working, i get as far as the oidc host sending me back to mesh central with a good auth but i dont get logged in, still testing
2022-04-06 12:40:42 -04:00
5a81c84d67
Improved uicustomevent security and events, #3823
2022-03-30 07:14:14 -07:00
dd11816657
Fixed server update feature when given rights but are not administrator.
2022-03-25 11:13:47 -07:00
629aba7fc8
Fixed 2fahold.aspx port number.
2022-03-24 17:08:58 -07:00
1356dae4f2
You can now limit which users can create login tokens. #3787
2022-03-24 15:05:20 -07:00
a8c100be24
Improved web page translation selection based on browser information.
2022-03-24 14:14:33 -07:00
ff65097b11
Merge pull request #3766 from tunght/master
...
Fixed email verification issue
2022-03-16 02:15:06 -07:00
306c3314fa
Fixed email verification issue
2022-03-15 20:58:44 -07:00
545290a9af
Added new allowSavingDeviceCredentials option, #3751
2022-03-15 17:00:43 -07:00
f9c6d8194c
Now putting SSO user login events in event log.
2022-03-15 15:03:58 -07:00
4252205b74
Fix for: Collapse all when using view Group-Tags #3765
2022-03-15 14:31:28 -07:00
2cf7072672
Update webserver.js
...
Resend email verification email for current user
2022-03-14 17:33:43 -07:00
f2e95317b6
Fixed bug when settings custom http headers.
2022-03-05 10:51:41 -08:00
30e15efd8d
Added per-domain agent customizations, #3736
2022-03-05 09:35:04 -08:00
ecc27f5f20
Added 2FA to user login reports
2022-03-04 15:56:19 -08:00
8b33208b17
httpheaders now adds to existing headers, set a header to null to force remove it.
2022-03-01 11:18:42 -08:00
15e1718296
Fixed session IP check still being performed when CookieIpCheck is false.
2022-02-24 12:22:01 -08:00
e58419a6c3
Improved agent invitations, #3694
2022-02-23 16:14:32 -08:00
5f1b462af0
Updated Windows agents.
2022-02-22 00:21:39 -08:00
fb50610ca8
Added agent foreground and background color support (for future agent release)
2022-02-16 20:51:36 -08:00
f791515546
Fixed x-forwarded-host where multiple hosts are specified.
2022-02-16 13:00:36 -08:00
196eccf330
Agent invite image fixes.
2022-02-15 10:49:52 -08:00
4c0123d458
Added feature to set custom picture for AgentInvitePage for Windows Guests in config.json. In domain-section add to change picture. Else defailt will be used. "agentInviteImagePreview": "images/winagent.png",
2022-02-15 12:45:25 +01:00
79d0ea4526
Fixed layout exception.
2022-02-14 17:20:29 -08:00
47ff8ab14e
Updated express-handlebars & changed confirmation on page exit.
2022-02-14 16:33:49 -08:00
f7b2406e8d
Added server setting to force day/night mode, #3618
2022-02-08 10:13:52 -08:00
fc480539e1
Added backupcode2factor and single2factorWarning options, #3608
2022-02-07 18:06:22 -08:00
2a7b42fe3f
Fixed agent install text option.
2022-02-04 15:02:09 -08:00
1f1a80739e
Added option to turn off reset account on login screen.
2022-02-04 07:29:18 -08:00
dcc950f7de
Added option to disable mobile site.
2022-02-03 18:50:04 -08:00
8e8192a8cd
Added 2FA lock feature.
2022-02-01 09:11:11 -08:00
3aaf2f9257
Added assistantconfig options in config.json.
2022-01-31 10:21:13 -08:00
81214cd932
Fixed meshcore download.
2022-01-25 16:46:43 -08:00
18c2bf4d73
Added ?hide=x support to agent invite pages.
2022-01-24 18:23:16 -08:00
836ad768ac
Updated headers.
2022-01-23 23:21:24 -08:00
9c0e3bd4c5
Improved event translation, #3516
2022-01-23 11:03:30 -08:00
0817690eef
Fixed device notification email language translation, #3513
2022-01-23 00:34:47 -08:00
959603b4e9
Added agent logo support.
2022-01-18 13:34:10 -08:00
4d80499d8f
Include agentKey check at agent only port
2022-01-18 09:21:09 -05:00
ea12caac40
Completed work on recurring guest device sharing.
2022-01-16 18:10:56 -08:00
f79b28ac6f
Merge pull request #3469 from nzalev/handle-ldap-socket-err
...
Handle ldap on 'error'
2022-01-16 14:04:44 -08:00
b352cc8409
Added AgentKey support, #3468
2022-01-16 13:59:14 -08:00
fe6e466d11
Handle ldap on 'error'
2022-01-16 15:15:14 -05:00
cd85c66a1d
Fixed utf8 in meshcore.
2022-01-13 14:34:39 -08:00
f8e9426350
Improved MongoDB indexes.
2022-01-10 12:25:31 -08:00
ccd04ed573
Improved 404 pages to support tight Content-Security-Policy HTTP headers.
2022-01-10 01:26:45 -08:00
42a0ff960b
Speed up GetNodeRights() using 10 second caching.
2022-01-09 13:19:49 -08:00
933b9af899
Added user session destruction on logout for improved security.
2022-01-06 15:05:45 -08:00
5121295128
Added 2FA rate limiting, #3393
2022-01-03 13:12:10 -08:00
bcbfea559f
Fix for recording playback server crash, #3337
2021-12-13 13:20:04 -08:00
db3659d665
Added option to remove OTP 2FA.
2021-12-11 16:08:26 -08:00
f36f1c13c7
Improved structure of IP-KVM relay handling.
2021-12-06 03:08:54 -08:00
61e38cbe36
Started work on IP-KVM relay code.
2021-12-05 20:56:57 -08:00
4fa629f825
Added user last access support, #3319
2021-12-04 13:08:17 -08:00
8f36513078
Early work on IP KVM integration.
2021-12-02 20:20:37 -08:00
3c6ccc9139
Added support for IP-KVM device groups.
2021-12-02 18:34:18 -08:00
e19dcef6d7
Fix MariaDB/MySQL power events
2021-11-29 15:40:01 -05:00
725f9923e7
Fix for login token with SSO, #3293
2021-11-25 10:09:11 -08:00
b0726e9a13
Fixed server file permissions for device groups, #3294
2021-11-25 09:26:25 -08:00
aefe4ece9f
Fixed authStrategies with multiple domains.
2021-11-24 13:32:48 -08:00
1522526512
Minor authStrategy logging fix.
2021-11-24 12:54:12 -08:00
397523e816
Fixed for server exception when uploading a file to many devices with user group account. #3259
2021-11-18 20:05:39 -08:00
a95341b171
Added Last-Modified HTTP header for agent downloads, #3281
2021-11-18 18:43:27 -08:00
bf94381a1d
Added user customized quick typing strings.
2021-11-11 17:09:12 -08:00
aab50dcbef
Fixed event dispatching bug.
2021-11-10 17:56:12 -08:00
ecd25f3eb2
More work on device self-sharing.
2021-11-10 13:21:30 -08:00
e7f51c7658
Bad login fix, #3268
2021-11-10 10:50:03 -08:00
966392b779
Added DeviceSearchBarServerAndClientName option, #3260
2021-11-08 11:04:32 -08:00
7974b43b3d
Session recording viewer can now stream.
2021-11-07 18:07:45 -08:00
f71c326231
Removed auth data from websocket connection URL.
2021-11-03 18:52:11 -07:00
6cea8c3964
Fix setting of callbackUrl on generic SAML
2021-10-27 12:32:12 +02:00
d0d85feb45
Fixed recording file name and recording icon. #3207
2021-10-20 10:33:21 -07:00
3a981970bf
Auth strategy logout fix.
2021-10-17 00:11:20 -07:00
a99790c7ec
Added auth strategy logout url.
2021-10-16 23:55:34 -07:00
8012a10fea
Added ipBlockedUserRedirect, #3189
2021-10-13 19:12:49 -07:00
8189ca0256
Added exclusion to MaxInvalidLogin. #3192
2021-10-13 17:15:26 -07:00
Ylian Saint-Hilaire
mstrhakr
Daniel Castellanos
Simon Smith
tunght
JSuenram
Noah Zalev
Linus Heckemann