After calls to get Template, Page, and SMTP, if the objects aren't found then we're currently trying to display error message using the name values of the non objects. This changes this behavior such that we use the name values from the campaign object to give better log messages.
This PR enabled GitHub Actions as a replacement to TravisCI. I'm a fan of removing external dependencies where possible, and GitHub Actions has matured to be really useful.
The Readme currently points to https://hub.docker.com/r/matteoggl/gophish/ which is a Docker image that hasn't been updated in over 2 years. This PR updates the Readme link to point to a more current Docker Image.
* Added ParseLevel to set log level (#1671)
* Moved logger config into the logger package for better decoupling. Added logging tests.
Co-authored-by: Amal Alkhamees <Amalkh5@users.noreply.github.com>
It appears that the MySQL driver dropped support for Go 1.9. Until we have vendoring in place (will happen soon!) we must follow suit and drop support for Go v1.9. This still allows us to support the latest three versions of Go.
I am making this change since Microsoft, Google, and Apple have all chosen to deprecate TLS 1.0 and TLS 1.1 in early 2020. In late 2018, the companies recorded that less than 1.4 percent (max) of their connections used < TLS 1.2.
Output before change:
```
docker run --rm -ti -p 3333:3333 drwetter/testssl.sh https://host.docker.internal:3333
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 offered (deprecated)
TLS 1.1 offered (deprecated)
TLS 1.2 offered (OK)
TLS 1.3 offered (OK): final
NPN/SPDY h2, http/1.1 (advertised)
ALPN/HTTP2 h2, http/1.1 (offered)
```
Output after change:
```
docker run --rm -ti -p 3333:3333 drwetter/testssl.sh https://host.docker.internal:3333
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 not offered
TLS 1.1 not offered
TLS 1.2 offered (OK)
TLS 1.3 offered (OK): final
NPN/SPDY h2, http/1.1 (advertised)
ALPN/HTTP2 h2, http/1.1 (offered)
```
This commit significantly improves the performance of campaign and group creation by changing database access to use transactions.
It should also make things more consistent with campaign creation. Specifically, this will ensure that the entire campaign gets created before emails start sending, while I anticipate this will fix#1643, #1080, (possibly) #1677, and #1552.
The Dockerfile has also been rebuilt to use an unprivileged user instead
of root.
The run script adds more options and changes the method the
configuration is overwritten, which may help in situations where the
configuration is not owned by the unprivileged user.
If the user name is embedding some JS code, it will be executed on the client side. Note: gophish/static/js/dist/app/users.min.js will need to be regenerated too.
This implements the first pass for a user management API allowing users with the `ModifySystem` permission to create, modify, and delete users. In addition to this, any user is able to use the API to view or modify their own account information.
Paul
Jordan Wright
Paul Werther
dependabot[bot]
Glenn Wilkinson
cyberbutler
JoseW3b
Chris Zietlow
Alex Maslakov
Michael Eder
SamSutt
quelsan
Gábor Lipták
David Maciejak
Christian Schwartz
Will Woodson