summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2024-09-17Ensure :ssl is started before we attempt to make the LDAP connectionMark Felder
2024-09-17Require a reboot if LDAP configuration changesMark Felder
2024-09-17Catchall for when LDAP is not enabledMark Felder
2024-09-17CredoMark Felder
2024-09-17Pleroma.LDAPMark Felder
This adds a GenServer which will keep an LDAP connection open and auto reconnect on failure with a 5 second wait between retries. Another benefit is this prevents parsing the Root CAs for every login attempt as we only need to do it once per connection.
2024-09-17Merge remote-tracking branch 'origin/develop' into ensure-authorized-fetchmarcin mikołajczak
2024-09-16Merge remote-tracking branch 'origin/develop' into retry-testsMark Felder
2024-09-16Merge branch 'ldap-tls' into 'develop'feld
LDAP: permit overriding the CA root, improve SSL/TLS See merge request pleroma/pleroma!4265
2024-09-16Reapply "Custom mix task to retry failed tests once in CI pipeline"Mark Felder
This reverts commit b281ad06de2de331450a5e319e3ba497071d4197.
2024-09-16Repesct :restrict_unauthenticated for hashtag rss/atom feedsmarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-16Allow disabling C2S ActivityPub APImarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-15Retain the try do so an LDAP failure can fall back to local database.Mark Felder
This fixes tests but the automatic fallback may not be well documented behavior.
2024-09-15Support implicit TLS connectionsMark Felder
Update docs to clarify that the :ssl option is also for modern TLS, but the :tls option is only for STARTTLS These options may benefit from being renamed but they match upstream terminology.
2024-09-15Require HTTP signatures (if enabled) for routes used by both C2S and S2S AP APImarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-15Merge branch 'notifications-group-key' into 'develop'marcin mikołajczak
Add `group_key` to notifications See merge request pleroma/pleroma!4262
2024-09-14LDAP: permit overriding the CA rootMark Felder
2024-09-14Federate avatar/header descriptionsmarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-14Merge branch 'profile-image-descriptions' into 'develop'marcin mikołajczak
Allow providing avatar/header descriptions See merge request pleroma/pleroma!4227
2024-09-14Merge branch 'list-id-visibility' into 'develop'marcin mikołajczak
Include list id in StatusView See merge request pleroma/pleroma!4246
2024-09-12Add `group_key` to notificationsmarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-11LDAP Auth: fix TLS certificate verificationMark Felder
Currently we only support STARTTLS and it was not verifying certificate and hostname correctly. We must pass a custom fqdn_fun/1 function so it knows what value to compare against.
2024-09-08Authentication: convert argon2 passwords, add testsMint
2024-09-08Argon2 password supportmarcin mikołajczak
2024-09-06Merge branch 'well-known' into 'develop'feld
NodeInfo: Accept application/activity+json requests See merge request pleroma/pleroma!4242
2024-09-06Merge branch 'dialyzer' into 'develop'feld
Dialyzer fixes See merge request pleroma/pleroma!4254
2024-09-06Dialyzer: pattern_match The pattern can never match the type {:diff, false}.Mark Felder
2024-09-06Dialyzer: The pattern variable _ can never match the type, because it is ↵Mark Felder
covered by previous clauses.
2024-09-06Dialyzer: The pattern variable _e@1 can never match the type, because it is ↵Mark Felder
covered by previous clauses.
2024-09-06Dialyzer: invalid contractMark Felder
2024-09-06Dialyzer: the pattern can never match the typeMark Felder
The original error was for the chat controller: lib/pleroma/web/pleroma_api/controllers/chat_controller.ex:104:pattern_match The pattern can never match the type {:error, :content_too_long | :forbidden | :no_content | :not_found} | {:user, nil}. Improve typespecs for the Pipeline and apply them where it could be encountered
2024-09-06Dialyzer: the pattern can never match the typeMark Felder
2024-09-06Oban: more unique job constraintsMark Felder
2024-09-06Merge branch 'following-state-bug' into 'develop'feld
Fix Following status bug See merge request pleroma/pleroma!4251
2024-09-05App orphans should only be removed if they are older than 15 minsMark Felder
2024-09-05Fix Following status bugMark Felder
2024-09-04Limit the number of orphaned to delete at 100 every 10 mins due to the ↵Mark Felder
cascading queries that have to check oauth_authorizations and oauth_tokens tables. This should keep ahead of most app registration spam and not overwhelm lower powered servers.
2024-09-04Add Cron worker to clean up orphaned apps hourlyMark Felder
2024-09-04Ensure apps are assigned to usersMark Felder
2024-09-04Rate Limit the OAuth App spamMark Felder
2024-09-04Revert "Merge branch 'oauth-app-spam' into 'develop'"feld
This reverts merge request !4244
2024-09-03Include list id in StatusViewmarcin mikołajczak
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-01Merge branch 'oauth-app-spam' into 'develop'feld
Fix OAuth app spam See merge request pleroma/pleroma!4244
2024-09-01Merge branch 'drop-unknown-deletes' into 'develop'feld
Drop unwanted activities from unknown actors See merge request pleroma/pleroma!4236
2024-09-01Support OAuth App updating the website URLMark Felder
2024-09-01Prevent OAuth App flow from creating duplicate entriesMark Felder
2024-08-30NodeInfo: Accept application/activity+json requestsMark Felder
2024-08-30InboxGuardPlug: Add early rejection of unknown activity typesMark Felder
2024-08-30Add recognized activity types to a constant and use it in the testMark Felder
2024-08-30Update allowed activity types from strangersfeld
Move is emitted from the old account EmojiReact is ~ Like Announced TBD
2024-08-29Remove unnecessary error match in ReceiverWorkerMark Felder