Russell Jones
29a27bd5c9
Release 2.2.1.
2017-06-21 15:19:46 -07:00
Russell Jones
45d68bce13
Merge pull request #1096 from gravitational/rjones/roles-docs
...
Updated documentation to explain how role labels are matched.
2017-06-21 15:11:31 -07:00
Russell Jones
02ffa74a81
Updated documentation to explain how role labels are matched.
2017-06-21 14:35:00 -07:00
Russell Jones
714f8f9039
Merge pull request #1084 from gravitational/rjones/better-saml-logging
...
SAML logging and regression fixes
2017-06-21 14:34:19 -07:00
Russell Jones
7295a90c6f
Updated comments to explain templating.
2017-06-21 12:00:09 -07:00
Russell Jones
a9774f75ca
Fix regression when using SAML and dynamic roles.
2017-06-21 10:41:41 -07:00
Russell Jones
c675428ddc
Better logging when returning roles for OIDC and SAML.
2017-06-21 10:41:41 -07:00
Ev Kontsevoy
b945494102
Merge pull request #1094 from gravitational/rjones/remove-cover-flag
...
Remove -cover flag from test target.
2017-06-21 10:38:13 -07:00
Russell Jones
557cf66e05
Remove -cover flag for test target because -cover injects code into
...
source which can lead to incorrect line numbers [1]. This makes
debugging output of the -race flag difficult.
[1] https://go-review.googlesource.com/c/38640/
2017-06-21 10:25:35 -07:00
Russell Jones
ccc115cc49
Merge pull request #1088 from gravitational/rjones/cert-no-roles
...
OpenSSH user certificate compatibility
2017-06-20 17:06:24 -07:00
Russell Jones
7e17b6f9a7
Added --compat=oldssh flag to generate user certificates without roles.
2017-06-20 16:57:56 -07:00
Ev Kontsevoy
64544a876b
Merge pull request #1081 from gravitational/ev/make-clean
...
More reliable make clean
2017-06-19 08:48:35 -07:00
Ev Kontsevoy
275ac27690
More reliable make clean
...
`make clean` now removes not only output binaries, but also object files
(.o) for Teleport in the packages dir under $GOHOME.
So, running `make` after `make clean` will guarantee that every file
will be rebuilt.
2017-06-17 23:07:57 -07:00
Russell Jones
61c4907623
Merge pull request #1078 from gravitational/rjones/acr-docs
...
Added documentation for ACR value processing.
2017-06-15 12:43:55 -07:00
Russell Jones
9116f9344b
Added documentation for ACR value processing.
2017-06-15 11:52:27 -07:00
Ev Kontsevoy
c2c8a6986b
Merge pull request #1073 from gravitational/rjones/login-defs
...
Process ENV_PATH and ENV_SUPATH from login.defs.
2017-06-14 21:02:05 -07:00
Russell Jones
0222c0f06c
Process ENV_PATH and ENV_SUPATH from login.defs.
2017-06-14 10:34:45 -07:00
Ev Kontsevoy
8ac52ed61a
Merge pull request #1072 from gravitational/rjones/better-logging
...
Improve RBAC logging when checking access to a server.
2017-06-13 22:34:42 -07:00
Ev Kontsevoy
19888c6ea6
Merge branch 'master' into rjones/better-logging
2017-06-13 22:27:08 -07:00
Ev Kontsevoy
5d83c5acee
Merge pull request #1074 from gravitational/ev/shell
...
Better error logging for users with misconfigured shell
2017-06-13 22:18:23 -07:00
Ev Kontsevoy
dc59443246
Merge branch 'master' into ev/shell
2017-06-13 22:17:46 -07:00
Ev Kontsevoy
c69e9ce0ad
Better error logging for users with misconfigured shell
2017-06-13 17:29:28 -07:00
Russell Jones
8a7f09fb59
Improve RBAC logging when checking access to a server.
2017-06-13 15:14:13 -07:00
Russell Jones
18f6ba039f
Release 2.2.0.
2017-06-12 16:13:09 -07:00
Russell Jones
02e84e4cec
Updated CHANGELOG.md.
2017-06-12 16:12:42 -07:00
Russell Jones
944f2541bc
Merge pull request #1069 from gravitational/ev/tctl
...
Removed beta-quality saml command from tctl
2017-06-12 15:27:55 -07:00
Ev Kontsevoy
096fff8cdf
Removed beta-quality saml command from tctl
2017-06-12 15:04:37 -07:00
Ev Kontsevoy
3ca3362107
Merge pull request #1067 from gravitational/ev/i
...
Identity-based auth
2017-06-12 14:00:16 -07:00
Ev Kontsevoy
7c3a237252
Merge remote-tracking branch 'origin/master' into ev/i
2017-06-12 13:16:05 -07:00
Ev Kontsevoy
63cef003d6
Code review edits
...
key-agent changes:
tsh now ignores public keys loaded from the SSH key agent unless they
are certificates. this fixes the problem of 'host auth' callback being
called for 3rd party public keys in the SSH-agent (and tsh had no choice
but to prompt user if he wanted to add thoses hosts to known_hosts file)
tctl auth changes:
`tctl auth` now outputs to stdout by default. If you set -o to a file,
it will use that file instead. Getting rid of -o was not possible
because it's still useful if --format is set to `dir` (OpenSSH
compatible output).
other changes:
- added more detailed comments in a few places
- restored error handling logic
2017-06-12 13:12:17 -07:00
Russell Jones
ec02ed3c12
Updated incorrect KEX names.
2017-06-12 12:06:02 -07:00
Ev Kontsevoy
7eaa823dff
Merge pull request #1064 from gravitational/nikatjef-nikatjef/ssh_compatibility
...
Nikatjef nikatjef/ssh compatibility
2017-06-12 09:58:23 -07:00
Ev Kontsevoy
d046eaee20
Merge branch 'master' into ev/i
2017-06-11 21:54:41 -07:00
Ev Kontsevoy
b3af9d4090
Merge branch 'master' into nikatjef-nikatjef/ssh_compatibility
2017-06-11 21:17:42 -07:00
Ev Kontsevoy
f697a0ba0b
Merge pull request #1065 from gravitational/rjones/crypto-config
...
Configurable Cipher, KEX, and MAC
2017-06-11 19:27:05 -07:00
Ev Kontsevoy
3ff5820b67
Covered host authentication with tests
2017-06-11 19:22:23 -07:00
Ev Kontsevoy
ef790eefa6
Added host authorization to identity-based auth
...
Hooked up -i auth into the proper place
2017-06-11 18:52:19 -07:00
Ev Kontsevoy
37319d6b41
Implemented identity loading
...
First part of addressing #1033 is ability to load credentials from the
credentials file(s).
This commit adds -i flag processing, i.e. a certificate can be fed via a
cert.file and used to login.
2017-06-11 13:37:42 -07:00
Russell Jones
084c8274b4
Allow configuration of the ciphers, KEX algorithm, and MAC algorithms
...
for node and proxy.
2017-06-11 12:16:10 -07:00
Ev Kontsevoy
efaf2dcc05
Added a bit more logging to session creation code
2017-06-10 12:24:39 -07:00
Ev Kontsevoy
a69e61c39d
Added some comments
2017-06-09 21:51:16 -07:00
Ev Kontsevoy
d2a74932fc
Merge branch 'nikatjef/ssh_compatibility' of github.com:nikatjef/teleport into nikatjef-nikatjef/ssh_compatibility
2017-06-09 21:45:18 -07:00
Ev Kontsevoy
7ed43d6fcf
Removed "upserted" language from tctl CLI
...
Fixes #857
2017-06-09 21:38:36 -07:00
Ev Kontsevoy
c0d7ecb6a5
Merge remote-tracking branch 'origin/master' into ev/i
2017-06-09 21:34:13 -07:00
Ev Kontsevoy
752ee0f3d4
Merge pull request #1061 from gravitational/rjones/fix-err-check
...
Return errors from GetSession
2017-06-09 21:33:10 -07:00
Ev Kontsevoy
6cc314286e
Merge branch 'master' into rjones/fix-err-check
2017-06-09 21:26:44 -07:00
Ev Kontsevoy
0914bf6a7b
Merge pull request #1060 from gravitational/rjones/logging-fix
...
If we can't connect to an Auth Server log it at level ERROR.
2017-06-09 21:26:12 -07:00
Ev Kontsevoy
91bd5d6cfa
Minor chnges to tctl (langauge/naming)
...
This commit does not change tctl behavior
2017-06-09 21:25:22 -07:00
Russell Jones
97b5b8f6e8
Return errors from GetSession.
2017-06-09 16:57:12 -07:00
Russell Jones
30de671dba
If we can't connect to an Auth Server log it at level ERROR.
2017-06-09 12:45:04 -07:00