Commit Graph

7461 Commits

Author SHA1 Message Date
Jakob Borg
d4c2acf6f6 cmd/stcrashreceiver: Propagate synthetic user ID for crashes 2023-10-14 12:19:55 +02:00
Jakob Borg
483ecada80 build: Update dependencies 2023-10-14 12:18:36 +02:00
Eric P
9553365d31
lib/fs: Properly handle Windows deduplicated files (fixes #9120) (#9168)
### Purpose

Deduplicated files are apparently considered 'irregular' under the hood,
this causes them to simply be ignored by Syncthing. This change is more
of a workaround than a proper fix, as the fix should probably happen in
the underlying libraries? - which may take some time. In the meanwhile,
this change should make deduplicated files be treated as regular files
and be indexed and synced as they should.

### Testing

Create some volume where deduplication is turned on (see the relevant
issue for details, including a proper description of how to reproduce
it). Prior to this change, the deduplicated files were simply ignored
(even by the indexer). After this change, the deduplicated files are
being index and synced properly.
2023-10-11 14:40:55 +02:00
orangekame3
5eb20580b1
cmd/ursrv: Replace "2006-01-02" with time.DateOnly (#9157)
This commit replaces "2006-01-02" to time.DateOnly. time.DateOnly is
introduced since Go1.20
2023-10-11 10:32:19 +00:00
Emil Lundberg
ea1ea366d2 lib/api: Check basic auth (and set session cookie) before noauth exceptions (#9159)
This is motivated by the Android app:
https://github.com/syncthing/syncthing-android/pull/1982#issuecomment-1752042554

The planned fix in response to basic auth behaviour changing in #8757
was to add the `Authorization` header when opening the WebView, but it
turns out the function used only applies the header to the initial page
load, not any subsequent script loads or AJAX calls. The
`basicAuthAndSessionMiddleware` checks for no-auth exceptions before
checking the `Authorization` header, so the header has no effect on the
initial page load since the `/` path is a no-auth exception. Thus the
Android app fails to log in when opening the WebView.

This changes the order of checks in `basicAuthAndSessionMiddleware` so
that the `Authorization` header is always checked if present, and a
session cookie is set if it is valid. Only after that does the
middleware fall back to checking for no-auth exceptions.

`api_test.go` has been expanded with additional checks:
- Check that a session cookie is set whenever correct basic auth is
provided.
- Check that a session cookie is not set when basic auth is incorrect.
- Check that a session cookie is not set when authenticating with an API
token (either via `X-Api-Key` or `Authorization: Bearer`).

And an additional test case:
- Check that requests to `/` always succeed, but receive a session
cookie when correct basic auth is provided.

I have manually verified that
- The new assertions fail if the `createSession` call is removed in
`basicAuthAndSessionMiddleware`.
- The new test cases in e6e4df4d7034302b729ada6d91cff6e2b29678da fail
before the change in 0e47d37e738d4c15736c496e01cd949afb372e71 is
applied.
2023-10-10 07:48:55 +02:00
Syncthing Release Automation
6e4574a9f7 gui, man, authors: Update docs, translations, and contributors 2023-10-09 03:45:35 +00:00
Jakob Borg
3d0da5ac60
lib/api: Better handle %s templates in LDAP strings (fixes #9072) (#9155)
Also add some escaping for good measure.
2023-10-07 02:29:53 +00:00
Jakob Borg
9f8e6966d8
docker: Allow start even if chown fails (fixes #9133) (#9152) 2023-10-07 02:12:07 +00:00
Jakob Borg
a64ae36bcc
lib/model: Verify versioning on configuration reload (fixes #9106) (#9154) 2023-10-07 04:09:51 +02:00
Jakob Borg
690b55360f
cmd/stdiscosrv: Handle unescaped cert header from Traefik (fixes #9143) (#9153) 2023-10-07 04:09:07 +02:00
DeflateAwning
2f6187dc0e
Add oxford comma (#9137)
Co-authored-by: André Colomb <src@andre.colomb.de>
2023-10-06 17:25:28 +02:00
Emil Lundberg
8294870ffc
Add HTML login form (fixes #4137) (#8757) 2023-10-06 13:00:58 +02:00
bt90
ac2e444a97
gui: Fix favicon status (fixes #9149) (#9150) 2023-10-06 12:27:13 +02:00
Jakob Borg
4f6b86a1c0 cmd/stdiscosrv: Slightly tweak replication settings 2023-10-04 14:15:00 +02:00
Jakob Borg
516c057d43 build: Update deps 2023-10-03 10:00:16 +02:00
Jakob Borg
d644dce4e7 build: Run release steps for workflow_dispatch as well 2023-10-03 09:33:52 +02:00
bt90
7c579880eb
cmd/ursrv: Add linuxserver.io detection (#9145)
Detect linuxserver
2023-10-02 12:48:04 +02:00
Jakob Borg
296db314f5
lib/config: Improve parsing of gui-address overrides (#9144)
improve parsing of gui-address overrides

make checks for whether the gui-address is overridden consistent by
checking whether the environment variable is set and not an empty
string. the `Network()` function however checked for the inclusion of
a slash instead of the presence of any characters. If the config file's
gui address was set to a unix socket and the gui override to a tcp
address, then the function would have wrongly returned "unix".

the `URL()` function always returned the config file's gui address if a
unix socket was configured, even if an override was specified.

the `URL()` function wrongly formatted unix addresses. the http(s)
protocol was used as the sheme and the path was percent escaped. because
of the previous bug, this could only be triggered if the config file's
gui address was tcp and an unix socket override was given.

simplify the `useTLS()` function's codepath for overrides.

Co-authored-by: digital <didev@dinid.net>
2023-10-02 08:40:03 +02:00
Syncthing Release Automation
a8486b0468 gui, man, authors: Update docs, translations, and contributors 2023-10-02 03:45:41 +00:00
bt90
f8a7a034a7
cmd/ursrv: Fix f-droid detection (#9142)
Fix f-droid detection
2023-09-29 17:42:44 +02:00
bt90
ceae56a860
cmd/ursrv: Support new android build user (#9141)
Support new android build user
2023-09-29 16:34:28 +02:00
DeflateAwning
dcafd6ec72
readme: Style fixes, add security note (#9136) 2023-09-28 11:55:48 +02:00
Jakob Borg
8619a03f01 build: Update Actions 2023-09-25 21:50:17 +02:00
Jakob Borg
b91d7711aa
Update dependencies (#9129)
And some QUIC API changes, of course.
2023-09-25 21:45:57 +02:00
d-volution
9940c91ebf
gui: Scroll to bottom by clicking message in log viewer (#9128) 2023-09-25 19:42:27 +00:00
tomasz1986
80a577b025
gui: Show if device is untrusted in the main GUI (#9116)
Add a new entry to the unfolded device info to inform the user that the
device has been marked as "untrusted" and all folders shared with it
have to be password-protected or already Receive Encrypted.

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-25 21:34:19 +02:00
tomasz1986
d672175ce4
gui: Show if device has Auto Accept enabled in the main GUI (#9118)
Add a new entry to the unfolded device info to inform the user that the
device has Auto Accept enabled.

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-25 21:33:16 +02:00
tomasz1986
a44b31d173
gui: Fix body padding infinitely increasing due to overlapping modals (ref #9063) (#9078)
Opening and hiding multiple modals at the same time as well as opening a
modal before fully hiding the previous one can lead to the body padding
infinitely increasing by the scrollbar width each time, with the only
way to fix it being refreshing the GUI.

Therefore, always try to ensure to open and hide multiple modals one by
one, and also that the previous modal has fully been hidden before
proceeding to open the next one. The most common case when this problem
happens is when saving config changes which displays a GUI blocking
modal that overlaps, e.g. with folder or device modals that have not
been hidden yet.

Ref: https://github.com/twbs/bootstrap/issues/3902#issuecomment-1547187799

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-25 21:17:57 +02:00
Martin Polehla
70065e6b13
gitignore: All exe files, no editor configs (#9126) 2023-09-25 14:17:01 +00:00
Syncthing Release Automation
adbb3ed2e9 gui, man, authors: Update docs, translations, and contributors 2023-09-25 03:45:38 +00:00
Jakob Borg
6ed9c0c34c
lib/config: Accept pre-hashed password (fixes #9123) (#9124) 2023-09-24 19:23:49 +02:00
tomasz1986
19bbf4f6bf
gui: Add missing $scope in editDeviceUntrustedChanged function (#9117)
Because $scope is missing, there are JavaScript errors when ticking and
unticking the "Untrusted" checkbox in the Advanced tab of the Edit
Device modal.

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-22 07:39:16 +02:00
bt90
cf46bf0297
lib/connections: Fix transport type detection for QUIC (fixes #8274) (#9114)
Check remote address
2023-09-20 11:23:48 +02:00
Jakob Borg
051cbdc713
lib/fs, lib/model: Be careful about potentially negative durations (fixes #9112) (#9113)
I don't really understand under what circumstances, but sometimes these
calls panic with a "panic: counter cannot decrease in value" because the
value passed to Add() was negative.
2023-09-20 09:04:47 +02:00
Syncthing Release Automation
58d1f3a471 gui, man, authors: Update docs, translations, and contributors 2023-09-18 03:45:31 +00:00
tomasz1986
c9dfd75d8e
gui: Block GUI when saving changes only if necessary (ref #9063) (#9079)
Currently, the UI is always blocked from modifications when changes are
being saved, even if the save process takes very little time. This leads
to a situation where showing and closing the blocking modal can take
more time than is actually required to perform the whole operation. The
modal opening and closing very quickly can also cause the screen to
flash for a brief moment, leading to visual discomfort.

Because of this, wait for at least 200 ms and only show the blocking
modal if the changes have not been saved until then yet. The value of
200 ms is loosely based on [1] which states that 'a delay of 0.2–1.0
seconds does mean that users notice the delay and thus feel the computer
is "working" on the command, as opposed to having the command be a
direct effect of the users' actions.' Additionally, the delay must not
be too long, because the main purpose of the blocking modal is to
prevent the user from making further changes, and a longer delay would
possibly allow to do so in that brief amount of time as long as the user
is quick enough with their input.

[1] https://nngroup.com/articles/response-times-3-important-limits

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-12 15:02:37 +02:00
Jakob Borg
f47de83914
lib/protocol: Ensure starting & closing a connection are exclusive (fixes #9102) (#9103)
In principle a connection can close while it's in progress with
starting, and then it's undefined if we wait for goroutines to exit etc.
With this change, we will wait for start to complete before starting to
stop everything.
2023-09-12 14:48:15 +02:00
tomasz1986
caedb19307
gui: Remove unused hard-coded styles from Recent Changes modal (#9101)
gui: Remove unused hard-coded styles from globalChangesModalView modal

Currently, the globalChangesModalView modal has hardcoded th and td
styles. However, they are not even used in the modal itself, because
Bootstrap overrides them with its own styles for these elements in the
same modal. Yet, when hard-coded like that, these styles can conflict
with other table elements in the GUI. Thus, remove them completely.

Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-12 14:47:31 +02:00
bt90
e860d3b974
lib/connections: Make assumptions about isLAN when interface address listing fails (#9093) 2023-09-12 12:34:30 +00:00
bt90
ed66fba42b
lib/beacon, lib/discover: Send IPv4 limited broadcast when address listing fails (fixes #1628) (#9087) 2023-09-12 14:28:17 +02:00
Jakob Borg
415f320005 build: Update dependencies 2023-09-12 14:08:59 +02:00
Jakob Borg
4812600098
lib/versioner: Don't complain when folder is stopping (#9097) 2023-09-11 23:10:18 +02:00
Jakob Borg
5ff11ce142
gui: Add help link for numConnections (#9082) 2023-09-11 14:59:48 +02:00
tomasz1986
541572781b
gui: Add missing translation related to Number of Connections (ref #8918) (#9095)
Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com>
2023-09-11 05:50:23 +02:00
Syncthing Release Automation
e38679d9bf gui, man, authors: Update docs, translations, and contributors 2023-09-11 03:45:45 +00:00
Jakob Borg
f25a169c4c build: Go 1.21.1 or higher 2023-09-06 21:11:19 +02:00
bt90
06ac10ee37
cmd/stdiscosrv: Deduplicate addresses (fixes #8482) (#9080) 2023-09-06 14:36:00 +02:00
Jakob Borg
7c0223bd06 lib/build: Next version is the Gold Grasshopper 2023-09-06 13:13:39 +02:00
Jakob Borg
c6334e61aa
all: Support multiple device connections (fixes #141) (#8918)
This adds the ability to have multiple concurrent connections to a single device. This is primarily useful when the network has multiple physical links for aggregated bandwidth. A single connection will never see a higher rate than a single link can give, but multiple connections are load-balanced over multiple links.

It is also incidentally useful for older multi-core CPUs, where bandwidth could be limited by the TLS performance of a single CPU core -- using multiple connections achieves concurrency in the required crypto calculations...

Co-authored-by: Simon Frei <freisim93@gmail.com>
Co-authored-by: tomasz1986 <twilczynski@naver.com>
Co-authored-by: bt90 <btom1990@googlemail.com>
2023-09-06 12:52:01 +02:00
Jakob Borg
38bbdebffa build: Use actions/checkout@v4 2023-09-05 09:52:19 +02:00