the-bastion

Commit Graph

Author	SHA1	Message	Date
Stéphane Lesimple	31dd4bf166	wip	1 year ago
Stéphane Lesimple	6b9e62297e	chg: groupInfo: remove deprecated JSON fields Remove 'partial_members' and 'full_members' from JSON output, which were replaced by 'members' and 'guests' since pre-v3.00.00	1 year ago
Stéphane Lesimple	49f840779d	fix: groupInfo: don't attempt to (and fail) display the guest list when account doesn't have access to it	1 year ago
Stéphane Lesimple	62613bf894	fix: scp: downloads would sometimes stall (#486 )	1 year ago
TomRicci	e418b5126c	fix: message scpdownload scpupload in scp	1 year ago
Stéphane Lesimple	accd50eea7	feat: add rsync support to --protocol	1 year ago
Stéphane Lesimple	454c16b4ce	refacto: move special protocols checks into a lib	1 year ago
Stéphane Lesimple	97c0252605	enh: selfPlaySession: remove sqliteLog.ttyrecfile dependency We'll try to find the ttyrec file ourselves, given the uniqid. This also enables ttyplaying for osh plugins.	2 years ago
Stéphane Lesimple	f09a2064d7	chore: selfMFASetupPassword: clearer message	2 years ago
Stéphane Lesimple	b3361d3ed1	fix: selfGenerateProxyPassword: help message was incorrect	2 years ago
Stéphane Lesimple	72b757457c	enh: info: removed uname dependency, added configuration	2 years ago
Stéphane Lesimple	1f6e6c3639	fix: alive: don't mask signals	2 years ago
Stéphane Lesimple	3c9382a192	enh: use print_accepted_key_algorithms everywhere	2 years ago
Pierre-Elliott Bécue	1e44092c16	Factor out in a generic function the helper listing allowed ssh key algorithm	2 years ago
Pierre-Elliott Bécue	d0ac9eabb9	Implement Ingress Secure Keys	2 years ago
Stéphane Lesimple	c53f50ddf9	enh: remove nc dependency	2 years ago
Stéphane Lesimple	0314798c87	enh: interactive: allow multi-spaces in autocompletes	2 years ago
Stéphane Lesimple	867410a16d	enh: plugins: better signal handling to avoid dangling children processes	2 years ago
Stéphane Lesimple	6dd43c66c0	enh: batch: openhandle() is overkill and doesn't work on EOF	2 years ago
Stéphane Lesimple	345a1f951f	fix: don't exit with fping host is unreachable As ping can return unknown exit codes for unknown cases, just never bail out to avoid taking bad decisions, as we retry each second maximum, there's no DoS risk	2 years ago
Stéphane Lesimple	47e058c272	refacto: use osh_print to obey force_stderr	2 years ago
Stéphane Lesimple	1bcec68d2a	enh: scp and sftp with mfa support	2 years ago
Stéphane Lesimple	5ba7e52054	refacto: osh.pl: move hardcoded plugin special cases to config	2 years ago
Stéphane Lesimple	213bd28616	fix: scp: adapt wrapper and tests to new scp versions	2 years ago
Stéphane Lesimple	13c885df42	enh: enable stealth_stdout mode for sftp	2 years ago
Stéphane Lesimple	a6a25fd53b	feat: add type8 and type9 password hashes This requires the-bastion-mkhash-helper v1.1.0+	2 years ago
Stéphane Lesimple	5dc50b3e57	feat: add stealth_stderr/stdout ttyrec support, enable it for scp (#413 )	2 years ago
Stéphane Lesimple	87d3f721e5	fix: clush: restore default handlers for SIGHUP/PIPE	3 years ago
Stéphane Lesimple	4d8b5f520d	fix: selfMFASetupPassword: restore default sighandlers to avoid being zombified	3 years ago
Stéphane Lesimple	0515753f91	fix: add missing autocompletions, readonly flags and help category for some plugins	3 years ago
Stéphane Lesimple	f7f1514dd0	fix: groupInfo: show group name in human-readable output	3 years ago
Stéphane Lesimple	eb9a25a9ac	fix: groupInfo: empty gk and guest accesses list Introduced in `7a825aeec4`	3 years ago
Stéphane Lesimple	7a825aeec4	feat: add --all to groupInfo and accountInfo	3 years ago
Stéphane Lesimple	f4abfc1ba8	feat: add sftp support	3 years ago
Stéphane Lesimple	521836b17b	fix: rare race condition introduced by `b7f4909` Under some specific conditions, the execute() call could get deadlocked with the program it started, both waiting for each other to read or write data. This is easier to reproduce with the `scp` plugin, where the transfer would just stall. Introduce an additional intermediate buffer to avoid this race condition.	3 years ago
Stéphane Lesimple	21f29680b6	fix: basic mitigation for scp's CVE-2020-15778 This CVE will not be fixed by scp authors, and as far as The Bastion is concerned, this can't be achieved by anybody that doesn't already have shell access to the remote server in addition to the scp rights, but let's still block it for good measure.	3 years ago
Stéphane Lesimple	720222c423	fix: batch: don't attempt to read if stdin is closed	3 years ago
Stéphane Lesimple	7b3c721f66	doc: add a missing parameter in ping's help	4 years ago
Stéphane Lesimple	a86f25470a	chore: selfListEgressKeys: fix typo	4 years ago
Stéphane Lesimple	72cefa6417	fix: performance issues introduced by `effab4a` Commit that introduced the performance degradation is `effab4a` (fix: workaround for undocumented caching in getpw/getgr funcs) Rewrote caching at the getpwent/getpwnam/getgrent/getgrnam level, which restores performance pre-effab4a and even enhances it in somes cases, for example on a 2000-accounts and 2000-groups bastion, we are: - 11% faster on --osh help - 35% faster on --osh selfListAccesses (reduces syscalls by 87%)	4 years ago
Thomas Soëte	da6d80bef1	fix: Bad plugin name	4 years ago
Stéphane Lesimple	3540dc309c	enh: groupInfo: clearer message for disabled idle/kill timeout policies	4 years ago
Stéphane Lesimple	46a01a546a	feat: groupModify: add --idle-lock-timeout and --idle-kill-timeout for group-specific timeouts	4 years ago
Stéphane Lesimple	6fb528ccf1	chore: rename some vars for clarity	4 years ago
Stéphane Lesimple	e040afb074	chore: new perltidy rules	4 years ago
Stéphane Lesimple	bd2f069c7e	enh: print a msg when no ingress keys are found	4 years ago
Stéphane Lesimple	4f99c4fe6c	fix: ping: force a deadline, and restore default sighandlers	4 years ago
Romain Beuque	c1ca9b6374	fix: typo in the 'alive' command Signed-off-by: Romain Beuque <556072+rbeuque74@users.noreply.github.com>	4 years ago
Stéphane Lesimple	effab4a5c2	fix: workaround for undocumented caching in getpw/getgr funcs	4 years ago
Stéphane Lesimple	f609565fe8	enh: batch: detect when asked to start a plugin requiring MFA	4 years ago

1 2

75 Commits (jsonvalidator)