summaryrefslogtreecommitdiff
path: root/internal
Commit message (Collapse)AuthorAgeFilesLines
* sshd: Recover from per-session and per-connection panics511-be-safe-against-panicsNick Thomas2021-04-233-3/+71
| | | | | | Without this, a failure in a single session could take out a whole connection, or a failure in a single connection could take out the whole server.
* Extract sshd connections and sessions into their own files and structsNick Thomas2021-04-233-175/+257
|
* gitlab-sshd: Support the PROXY protocolNick Thomas2021-04-122-3/+13
|
* Fix thread-safety issues in gitlab-shell518-fix-thread-safetyNick Thomas2021-04-092-23/+23
|
* Replace cleanup functions with t.CleanupIgor Drozdov2021-03-1724-129/+79
| | | | | In this case we don't need to propagate cleanup function. It simplifies the code.
* Merge branch '500-gitlab-sshd-acceptance-tests' into 'main'Igor Drozdov2021-03-171-0/+2
|\ | | | | | | | | gitlab-sshd: Acceptance test for the discover command See merge request gitlab-org/gitlab-shell!457
| * gitlab-sshd: Acceptance test for the discover commandNick Thomas2021-03-171-0/+2
| | | | | | | | | | With this, we can start to build confidence in making changes to gitlab-sshd.
* | chore: Refactor env introspection to rely on command initialization496-move-env-introspection-to-sshenvLucas Charles2021-03-1517-209/+200
|/ | | | | | | Refactors introspection of execution environment to rely on per-connection state (`gitlab-shell`) or per request (`gitlab-sshd`) Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/496
* Fix gitlab-shell panic when log file not writableStan Hu2021-02-262-2/+23
| | | | | | | | | Previously when the gitlab-shell log was not writable, gitlab-shell would attempt to fall back to the syslog to log an error. However, if the syslog logger creation succeeded, gitlab-shell would panic since `err` was `nil`. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/510
* Use eventually to assert log entriesJaime Martinez2021-02-221-6/+11
|
* Add basic metrics to sshdbjk/monitoringBen Kochie2021-02-161-0/+48
| | | | | | | | | * Counter for how many times the max concurrent sessions limit was hit. * Histogram for duration of each SSH connection. https://gitlab.com/gitlab-org/gitlab-shell/-/issues/121 Signed-off-by: Ben Kochie <superq@gmail.com>
* Add monitoring endpoint to sshdBen Kochie2021-02-161-0/+2
| | | | | | | | | | | Add a basic monitoring endpoint to the sshd command. * Listen on localhost port 9122 by default. * Integrate build/version info. * Update example config. https://gitlab.com/gitlab-org/gitlab-shell/-/issues/121 Signed-off-by: Ben Kochie <superq@gmail.com>
* Refactor Config defaultsBen Kochie2021-02-161-50/+33
| | | | | | | | | | | Use "omitempty" to allow defaults in the config file to be correctly passed. Without this, explicitly setting an empty default like an empty string will not work. Needed in order to allow explicitly disabling some settings. Related to: https://gitlab.com/gitlab-org/gitlab-shell/-/issues/121 Signed-off-by: Ben Kochie <superq@gmail.com>
* Read limited input for yes answerIgor Drozdov2021-02-052-1/+12
|
* Remove session duration information from output of 2fa_verify command504-remove-the-session-duration-information-from-the-output-of-2fa_verify-commandManoj M J2021-01-292-2/+2
| | | | | This change removes session duration information from output of 2fa_verify command
* RFC: Simple built-in SSH serverLorenz Brun2021-01-1812-305/+376
|
* Add 2fa_verify commandImre Farkas2020-12-107-0/+434
|
* Include key ID and type in metadataAsh McKenzie2020-11-202-1/+8
|
* use testhelper for SSH_CONNECTIONclient-identityIgor Wiedler2020-11-191-5/+5
|
* test for client identity propagationIgor Wiedler2020-11-191-0/+63
|
* Propagate client identity to gitalyIgor Wiedler2020-11-171-0/+9
|
* GitLab API Client support for client certificatesPaul Okstad2020-11-172-0/+86
|
* Fix incorrect actor used to check permissions for SSH receive-packsh-fix-wrong-user-deploy-key-checkStan Hu2020-10-192-25/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | During a SSH receive-pack request (e.g. `git push`), gitlab-shell was incorrectly using the user returned by the `/internal/allowed` API endpoint to make an SSHReceivePack RPC call. This caused a number of problems with deploy keys with write access: 1. Keys that were generated by a blocked user would be denied the ability to write. 2. Keys that were generated by user that did not have write access to the project would also be denied. GitLab 12.4 removed the Ruby implementation of gitlab-shell in favor of the Golang implementation, and these implementations worked slightly differently. In https://gitlab.com/gitlab-org/gitlab-shell/blob/v10.1.0/lib/gitlab_shell.rb, the Ruby implementation would always use `@who` (e.g. `key-123`), but in gitlab-shell v10.2.0 the Go implementation would always use the user from the API response. Reads did not have this issue because the user/deploy key is never passed to Gitaly for additional permission checks. Writes need this information for the pre-receive to check access to protected branches, push rules, etc. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/479
* Set SSL_CERT_DIR env var when building commandashmckenzie/set-ssl-cert-dir-env-varAsh McKenzie2020-10-192-46/+84
|
* Remove prefixing with SSL_CERT_DIRAsh McKenzie2020-10-194-73/+10
|
* tests: Replace assert with requirezj-remove-testify-assertZeger-Jan van de Weg2020-10-159-48/+40
| | | | | | | | | Testify features sub packages `assert` and `require`. The difference is subtle, and lost on novice Golang developers that don't read the docs. To create a more consistent code base `assert` will no longer be used. This change was generated by a running a sed command on all `_test.go` files, followed by `goimports -w`.
* Drop "generated random correlation ID" log messagesh-suppress-random-correlation-id-logStan Hu2020-10-131-1/+0
| | | | | | This message happens all the time and doesn't add a lot of value. Relates to https://gitlab.com/gitlab-com/gl-infra/delivery/-/issues/1275
* Make it possible to propagate correlation ID across processesStan Hu2020-09-2044-121/+258
| | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, gitlab-shell did not pass a context through the application. Correlation IDs were generated down the call stack instead of passed around from the start execution. This has several potential downsides: 1. It's easier for programming mistakes to be made in future that lead to multiple correlation IDs being generated for a single request. 2. Correlation IDs cannot be passed in from upstream requests 3. Other advantages of context passing, such as distributed tracing is not possible. This commit changes the behavior: 1. Extract the correlation ID from the environment at the start of the application. 2. If no correlation ID exists, generate a random one. 3. Pass the correlation ID to the GitLabNet API requests. This change also enables other clients of GitLabNet (e.g. Gitaly) to pass along the correlation ID in the internal API requests (https://gitlab.com/gitlab-org/gitaly/-/issues/2725). Fixes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/474
* Fix gitlab-shell not handling relative URLs over UNIX socketssh-fix-unix-relative-url-accessStan Hu2020-08-201-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/4498#note_397401883, if you specify a relative path such as: ``` external_url 'http://gitlab.example.com/gitlab' ``` gitlab-shell doesn't have a way to pass the `/gitlab` to the host. For example, let's say we have: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" ``` If we have `/gitlab` as the relative path, how do we specify what is the UNIX socket path and what is the relative path? If we specify: ``` gitlab_url: "http+unix:///var/opt/gitlab/gitlab-workhorse.socket/gitlab ``` This is ambiguous. Is the socket in `/var/opt/gitlab/gitlab-workhorse.socket/gitlab` or in `/var/opt/gitlab/gitlab-workhorse.socket`? To fix this, this merge request adds an optional `gitlab_relative_url_root` config parameter: ``` gitlab_url: "http+unix://%2Fvar%2Fopt%2Fgitlab%2Fgitlab-workhorse%2Fsocket" gitlab_relative_url_root: /gitlab ``` This is only used with UNIX domain sockets to disambiguate the socket and base URL path. If `gitlab_url` uses `http://` or `https://`, then `gitlab_relative_url_root` is ignored. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/476
* Add support obtaining personal access tokens via SSHTaylan Develioglu2020-08-177-6/+559
| | | | | | | | | | | | | | | | | | | | | | | | Implements the feature requested in gitlab-org/gitlab#19672 This requires the internal api counterpart in gitlab-org/gitlab!36302 to be merged first. It can be used as follows: ``` censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token remote: remote: ======================================================================== remote: remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days] remote: remote: ======================================================================== remote: censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30 Token: aAY1G3YPeemECgUvxuXY Scopes: read_api,read_repository Expires: 2020-08-07 ```
* Generate and log correlation IDsStan Hu2020-07-316-20/+36
| | | | | This will make it easier to tie an SSH access request to Rails API and Gitaly requests.
* Revert "Update executable.go"Igor Drozdov2020-07-231-0/+22
| | | This reverts commit 869aeb9057962b089abfd8ce0b6d4a0962bbb154
* Update executable.goIgor Drozdov2020-07-231-22/+0
|
* Log SSH key detailsStan Hu2020-07-236-2/+14
| | | | | | | | | | | | | | | | | | | | | Right now when a client such as gitlab-shell calls the `/api/v4/internal/allowed` API, the response only tells the client what user has been granted access, and it's impossible to tell which deploy key/token was used in the authentication request. This commit adds logs for the following when available: 1. `gl_key_type` (e.g. `deploy_key` or `key`) 2. `gl_key_id` These fields make it possible for admins to identify the exact record that was used to authenticate the user. API changes in the `/internal/allowed` endpoint in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37289 are needed to support this. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/203
* Log remote IP for executed commandssh-log-remote-ipStan Hu2020-07-202-1/+8
| | | | | | | | Admins may want to know what client IP originated the request. This commit adds a `remote_ip` field to the log that extracts the IP address from the `SSH_CONNECTION` environment variable. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/199
* Pass in ssl_cert_dir config settingAsh McKenzie2020-07-024-4/+36
|
* Include SSL_CERT_DIR env var in commandAsh McKenzie2020-07-022-22/+60
|
* Support new ssl_cert_dir config settingAsh McKenzie2020-07-012-0/+10
|
* Set client name when making requests to Gitalycl-client-nameChangzheng Liu2020-05-211-3/+16
|
* Fix race conditions with logrus testingsh-fix-logrus-raceStan Hu2020-05-113-0/+19
| | | | | | | | | logrus fires a Goroutine to write logs, so the tests could fail if they checked the event queue before the logrus have fired. Since there isn't an easy way to flush all outstanding hooks, we just retry every 100 ms for up to a second for log to arrive in the queue. Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450
* Fix race conditions in testssh-add-http-status-codeStan Hu2020-05-083-14/+15
| | | | | | | | Calling logrus hook.LastEntry() can lead to race conditions. Use AllEntries instead: https://github.com/sirupsen/logrus/blob/60c74ad9be0d874af0ab0daef6ab07c5c5911f0d/hooks/test/test.go#L77 Closes https://gitlab.com/gitlab-org/gitlab-shell/-/issues/450
* Ensure we are passing the parsed secretDJ Mountney2020-05-061-1/+1
| | | | | | | | Rather than the secret file. The parsing of the file was already done in the gitlab-shell config. This fixes an issue where a recent refactor of the gitlabnet client passed the wrong value.
* Move gitlabnet client to client packagejc-refactor-gitlabnet-clientJohn Cai2020-05-0436-938/+69
|
* Geo Pull custom action supportAsh McKenzie2020-04-176-10/+201
|
* Allow allowedPayloadPath to be providedAsh McKenzie2020-04-171-7/+11
|
* Rename Geo Push custom action testAsh McKenzie2020-04-171-1/+1
|
* Rename action to be more accurateAsh McKenzie2020-04-171-5/+5
|
* Rename allowed payload JSON for accuracyAsh McKenzie2020-04-172-2/+2
|
* New pktline packageAsh McKenzie2020-04-172-0/+162
| | | | | | | Package is responsible for parsing git pkt lines. Copied from gitaly, for now.
* Extract customaction into a separate moduleid-extract-custom-action-in-separate-moduleIgor Drozdov2020-04-145-45/+90
| | | | We'll reuse this module for uploadpack in the future
View Lorry Controller Status