vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-21 10:09:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
11620 commits 26 branches 19 tags 461 MiB
Commit graph

175 commits

Author SHA1 Message Date
Alfredo Cardigliano
e3ca57daf7 Add auth_session_duration parameter to the v1/create/ntopng/session.lua REST API 2020-11-11 16:10:23 +01:00
Alfredo Cardigliano
0c5de96a44 New lua API ntop.createUserSession. New REST API rest/v1/get/ntopng/session.lua to generate session cookies. 2020-07-30 18:08:03 +02:00
Alfredo Cardigliano
e35a35d73f Split set_cookie and create_session 2020-07-30 14:45:15 +02:00
Luca Deri
3ac5c98aec Added startup refresh when ntopng is starting up 2020-07-25 10:56:03 +02:00
Luca Deri
f2c3ee137c Host stats cleanup 2020-07-13 23:56:46 +02:00
Luca Deri
643e78f8d5 Implements most of #4113 
- Removed unused google assistant scripts
- Cleaned up existing REST calls using _POST["payload"]

The _GET["parameter"] element is still present and it will be removed soon
 2020-07-06 18:06:40 +02:00
Simone Mainardi
fed5cc9577 Enforces CSRF checks only when a session is used 
When direct username:password are submitted, there is no need to enforce
such checks as it cannot be a CSRF attack. Indeed, CSRF attacks rely
on a session.

Fixes #4014
 2020-06-03 09:59:31 +02:00
Simone Mainardi
8ed40ee159 Fixes broken redirect with --http-prefix 
Addresses #3957
 2020-05-20 13:10:58 +02:00
emanuele-f
279c4fd470 Improve plugins directory code 2020-05-20 09:56:17 +02:00
Alfredo Cardigliano
c318b13989 Replace json_object_object_get with json_object_object_get_ex (deprecated) 2020-05-15 08:55:59 +00:00
emanuele-f
6b4c507492 Move CSRF token from request to session 
Now the CSRF token is bound to the user session.
This addresses the issues outlined in #3866 , in particular the CSRF expiration issues.
 2020-05-06 13:04:12 +02:00
Luca Deri
d80e0a43d5 HTTP errors are now also reported in huma readeable format 2020-04-29 12:18:37 +02:00
emanuele-f
0ad1b65512 Add plugins support for httpdocs, HTML templates and Lua modules 
Such resources can be placed into the following plugin subdirs:

- ./httpdocs: javascript, css and similar, see plugins_utils.getHttpdocsDir
- ./modules: Lua modules, see plugins_utils.loadModule
- ./templates: HTML templates, see plugins_utils.renderTemplate
 2020-04-14 17:53:25 +02:00
Luca Deri
da443ff5e6 Fix for preventing .pem files to be served 2020-04-14 15:37:28 +02:00
Luca Deri
0a80fa663e Widget and datasource improvements 2020-04-13 22:08:07 +02:00
Luca Deri
db08c2a233 Datasource and widget consolidation (work in progress) 2020-04-13 18:56:08 +02:00
Luca Deri
7eca89e9f5 Merge branch 'dev' of https://github.com/ntop/ntopng into dev 2020-04-02 19:58:56 +02:00
Luca Deri
48b3fbc348 Reworked error messages 2020-04-02 19:50:31 +02:00
Alfredo Cardigliano
a254a3ad6b Support for Enterprise L license 2020-04-02 11:02:56 +00:00
emanuele-f
ead1dc0545 Fix plugins menu integration 
Fixes #3655
 2020-03-27 12:48:37 +01:00
emanuele-f
88eccc4eaa http options index fix 2020-03-25 19:03:57 +01:00
emanuele-f
6608182920 Rework HTTP server startup 
Now the HTTP server starts accepting requests only after
startup.lua has completed. This prevents spurius errors
from occurring during startup, e.g. #3595 .
 2020-03-25 18:56:11 +01:00
emanuele-f
15f5559bac Fix captive portal label not read 
Fixes #3581
 2020-03-20 18:17:14 +01:00
Luca Deri
49c80c4615 Win changes 2020-03-20 09:50:36 +01:00
Simone Mainardi
0e64fd94d6 Implements deadlines for periodic and user scripts 2020-02-18 18:44:41 +01:00
Simone Mainardi
8e4bfd8f5c Fixes possible startup crashes in HTTPserver::traceLogin 2020-02-04 13:32:20 +01:00
Luca Deri
b10dcb2e07 Fixed epoch time 2020-01-06 23:41:26 +01:00
Luca Deri
57e6a93065 Improved scheduling algorithm to guarantee minimum service time when number of entries allow 
Updated (C)
 2020-01-06 23:36:36 +01:00
emanuele-f
fe9d5ee882 Fix plugins lua scripts runtime directory 2019-12-10 11:29:04 +01:00
emanuele-f
d38cd23615 Move C alerts to unified alerts_queue 2019-07-30 11:43:18 +02:00
Simone Mainardi
b457120eee Fixes captive portal not working with nEdge 
Fixes #2714
 2019-07-24 16:11:39 +02:00
emanuele-f
0ec286f3ba Fix missing http_prefix in refer 
Fixes #2731
 2019-07-18 17:26:14 +02:00
Luca
76ef993dfe Reworked alerts 2019-07-07 15:09:24 +02:00
Luca Deri
3ea1b7e5d8 Window fixes 
Moved community hash to attic
 2019-06-29 18:54:19 +02:00
emanuele-f
a9d3c78587 Alerts changes 
NOTE: database schema changed. Existing alerts will be lost.

- Unified engaged and closed tables
- Simplified hosts engaged alert counters handling: periodically set by lua
- Removed alert engine and replaced with alert periodicity
- Now engage is implicitly derived from the alert end timestamp and periodicity
- New alerts_api.lua to easily emit alerts
- Removed past alerts counter aggregation by hash
- Alert notifications for non-flow alerts are now removed from C and triggered by lua
 2019-06-28 10:47:17 +02:00
Emanuele Faranda
5f9e8b17df
Implement System interface 
The system interface now holds system wide alerts and timeseries
 2019-06-03 08:53:26 +00:00
Luca Deri
0378f1ac69 Code cleanup 2019-05-16 17:51:34 +02:00
Luca Deri
4d60ecd549 Fixes container parsing 2019-04-29 17:54:39 +02:00
emanuele-f
dad7057233 Add warning when remote admin access is enabled but gui access is restricted 
Closes #2501
 2019-04-19 18:10:40 +02:00
emanuele-f
ab9f9326da Improvements after running cppcheck 2019-03-07 14:05:36 +01:00
raphpen
a7eda30546 X.509 Client Authentication fix, cleanup and doc. (#2313) 
Fixed client cert verification function, must never fail cause, as
stated in SSL_CTX_set_verify(3), TLS/SSL handshake is immediately terminated
if default verification callback function fails, preventing any further login
request, when the client uses an invalid certificate.

Setted a more explicit SSL session context id.

Added documentation at the end of doc/README.SSL.
 2019-01-15 14:50:08 +01:00
Simone Mainardi
d95d8541f3 Merge branch 'raphpen-dev' into dev 2019-01-09 12:26:43 +01:00
Simone Mainardi
e9811ae688 Implements X.509 client authentication 2019-01-09 12:21:56 +01:00
emanuele-f
16ba9b7586 Fix format string 2019-01-09 10:38:27 +01:00
Alfredo Cardigliano
2cfa7c436c Moved network_load.lua to get_interface_data.lua, fixed interface selection handling ifid 2019-01-09 10:33:53 +01:00
emanuele-f
6c536b0e5c Trace mongoose errors in info level 2019-01-09 09:59:20 +01:00
emanuele-f
bde16e37fc Remove please_wait page from the whitelisted pages 2019-01-08 23:44:00 +01:00
Simone Mainardi
28e87d93bc Implements configurable session termination and midnight expire 2019-01-08 12:33:39 +01:00
Luca Deri
bedff2c8e2 Updated (C) 2019-01-07 19:28:49 +01:00
Simone Mainardi
22e5e2e9e0 Merge branch 'dev' of https://github.com/raphpen/ntopng into raphpen-dev 2019-01-07 19:20:26 +01:00