| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| |
| |
| | |
Relax key and username matching for sshd
See merge request gitlab-org/gitlab-shell!540
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to the way sshd works, gitlab-shell could be called with a single
string in the form:
```
/path/to/gitlab-shell -c key-id
```
However, due to the tightening of the regular expressions in fcff692b
this string no longer matches, so logins would fail with:
```
Failed to get username: who='' is invalid
```
This can be reproduced by changing the user's shell to point to
gitlab-shell. For example:
```
usermod git -s /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell
```
While setting gitlab-shell as the user's shell isn't officially
supported, gitlab-shell still should be able to cope with the key being
specified as the last argument. We now split the argument list and use
the last value.
Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/530
|
|\
| |
| |
| |
| | |
Add logging to handler/exec.go and config/config.go
See merge request gitlab-org/gitlab-shell!539
|
| | |
|
|/ |
|
|\
| |
| |
| |
| | |
Improve logging for non-git commands
See merge request gitlab-org/gitlab-shell!538
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Several of our commands only touch the internal API, and go nowhere
near Gitaly. Improve logging for each of these in a single MR. In
general, we want to be able to tell what happened in the execution of
each command, and to track failures down to a specific line of code.
Changelog: added
|
|\ \
| |/
|/|
| |
| |
| |
| | |
Reject non-proxied connections when proxy protocol is enabled
Closes #532
See merge request gitlab-org/gitlab-shell!536
|
| |
| |
| |
| |
| |
| | |
This will help to prevent misconfigurations.
Changelog: fixed
|
|\ \
| | |
| | |
| | |
| | | |
Update to Go v1.16.9
See merge request gitlab-org/gitlab-shell!537
|
|/ /
| |
| |
| | |
This is a security release: https://golang.org/doc/devel/release#go1.16
|
|\ \
| |/
|/|
| |
| | |
refactor: remove call to BuildNameToCertificate (deprecated)
See merge request gitlab-org/gitlab-shell!515
|
| | |
|
|\ \
| | |
| | |
| | |
| | | |
Log command invocation
See merge request gitlab-org/gitlab-shell!535
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Use reflection to log the command we are about to execute, both in
gitlab-shell and gitlab-sshd. Include the environment, which has all
the context we need to understand what the command is expected to do.
Changelog: added
|
|\ \
| | |
| | |
| | |
| | | |
Fix logging channel type
See merge request gitlab-org/gitlab-shell!534
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently we get this in some log messages:
logrus_error="can not add field \"channel_type\""
This is because we're trying to add a function, rather than the result
of the function call (a string) to the `log.Fields`. Whoops!
Changelog: fixed
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Resolve an error-swallowing issue
Closes #499
See merge request gitlab-org/gitlab-shell!533
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Add more logging to gitlab-sshd
See merge request gitlab-org/gitlab-shell!531
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Respect log-level configuration again
Closes #502
See merge request gitlab-org/gitlab-shell!530
|
|/ /
| |
| |
| |
| |
| | |
This was lost in the move from Ruby to Go. Restore it now.
Changelog: fixed
|
|\ \
| | |
| | |
| | |
| | | |
Only validate SSL cert file exists if a value is supplied
See merge request gitlab-org/gitlab-shell!527
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes a regression in
https://gitlab.com/gitlab-org/gitlab-shell/-/merge_requests/508. If an
HTTPS internal API URL were used, gitlab-shell would not work at all. We
now handle blank `caFile` properly.
Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/529
|
|\ \
| | |
| | |
| | |
| | | |
makefile: properly escape '$' in VERSION_STRING
See merge request gitlab-org/gitlab-shell!525
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If git is not available or gitlab-shell is not built in a repository, it falls back the VERSION file. That command is not properly escaped and results in the message:
> awk: cmd. line:1: Unexpected token
When you remove the `2>/dev/null`. Escape the '$' characters to solve this.
|
|\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
refactor: unify instantiation of command.Shell
Closes #517
See merge request gitlab-org/gitlab-shell!520
|
| |/ / |
|
|\ \ \
| |/ /
|/| |
| | |
| | |
| | |
| | | |
Improve err message given when Gitaly unavailable
Closes gitlab#340819
See merge request gitlab-org/gitlab-shell!526
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Add context fields to logging
See merge request gitlab-org/gitlab-shell!524
|
|/ /
| |
| |
| | |
It adds correlation ids wherever possible
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Extract server config related code out of sshd.go
Closes #523
See merge request gitlab-org/gitlab-shell!523
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
Unit test exit-codes for sshd/session.go
Closes #522
See merge request gitlab-org/gitlab-shell!522
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Unit test sshd.handleEnv function
See merge request gitlab-org/gitlab-shell!521
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | | |
Add TestInvalidClientConfig and TestNewServerWithoutHosts for sshd.go
See merge request gitlab-org/gitlab-shell!518
|
|/ / |
|
|\ \
| | |
| | |
| | |
| | |
| | |
| | | |
refactor: rearchitect command and executable Go modules
Closes #214
See merge request gitlab-org/gitlab-shell!514
|
| |\ \
| |/ /
|/| | |
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Fix a flaky test
See merge request gitlab-org/gitlab-shell!519
|
|/ / / |
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Update Ruby version to 2.7.4 and add Go version 1.16.8 for tooling
See merge request gitlab-org/gitlab-shell!517
|