self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 09:44:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
3213 commits 3228 branches 4169 tags 1.3 GiB
Commit graph

1480 commits

Author SHA1 Message Date
Alexey Kontsevoy c156e5a4ab Merge branch 'master' into alexey/http-headers 2017-07-18 17:37:24 -04:00
Russell Jones a77d560064 Updated logs and checked rule names. 2017-07-18 11:24:59 -07:00
Russell Jones 926456628d Added more test coverage for RoleV3. 2017-07-18 11:20:49 -07:00
Russell Jones f5787ca40f Minor RoleV3 cleanup. 2017-07-18 11:20:49 -07:00
Russell Jones 8a6d8d5d33 Added RoleV2 -> RoleV3 migration. 2017-07-18 11:20:49 -07:00
Russell Jones 1e76d20fa3 Updated RoleV3 format to support resources to enable backward compatibility 
with RoleV2.
 2017-07-18 11:20:49 -07:00
Russell Jones 9348490be2 Code review comments on RoleV3. 2017-07-18 11:20:49 -07:00
Russell Jones 226405fba6 Moved MaxSessionTTL into RoleOptions. 2017-07-18 11:20:49 -07:00
Russell Jones 6299d349c1 Introduced and migrated to RoleV3. 2017-07-18 11:20:48 -07:00
Ev Kontsevoy 32146ba8b8 Build / test improvements 
1. Got rid of `tool/tsh/common` package. See below.
2. Fixed logger in config test (it was getting reset by the test itself)

The reason we don't need `tool/tsh/common` is because `tsh` is the same
for OSS or Enterprise versions. This is good for two reasons:

1. Enterprise customers don't need to bother telling users to use a
   proprietary binary, they can just get OSS (which will eventually get
   pacakged for OSX/Ubuntu/RHEL) and will be one `apt-get` or `brew install` away

2. Easier for us to package/maintain.
 2017-07-17 21:10:14 -07:00
Russell Jones 1c85c590d8 Update docs and logging to make clear Teleport only supports sending party 
initiated flows for SAML 2.0.
 2017-07-17 17:21:01 -07:00
Alexey Kontsevoy ae39dc01d6 set HTTP response flags to ensure no-caching and to enhance web security 2017-07-17 18:44:26 -04:00
Roman Tkachenko d032403871 Specify timeout when dialing remote server 2017-07-17 17:09:43 +03:00
Ev Kontsevoy 7a14a6a1cf Merge remote-tracking branch 'origin/master' into ev/e 2017-07-12 23:10:41 -07:00
Ev Kontsevoy 5638f9fa09 Merge remote-tracking branch 'origin/master' into ev/tsh-identity 2017-07-12 23:02:11 -07:00
Ev Kontsevoy 43bae8d104 Changed identity permissions to be more restrictive 
Per @klizhentas suggestion
 2017-07-12 14:59:55 -07:00
Ev Kontsevoy eb17a06c32 Merge remote-tracking branch 'origin/master' into ev/e 2017-07-12 13:51:36 -07:00
Ev Kontsevoy 7f8e97fa64 Code review changes 
- Added license header to identity.go
- Renamed MakeNewKey() to NewKey()
- Changed the identity file creation to use defaul umask
 2017-07-12 13:46:40 -07:00
Russell Jones bbc77887e2 Fixed logging level, log.Warn -> log.Infof. 2017-07-12 11:15:23 -07:00
Ev Kontsevoy 84bb78ad2c Finished implementation of --out flag for tsh login 
* Hooked up `MakeIdentityFile()` with `tsh.onLogin()`
* Made sure that `--out` flag prevents from writing into `~/.tsh`

Closes #1127
 2017-07-10 22:27:37 -07:00
Ev Kontsevoy 499aace638 Started working on #1127 
Changes:

* Moved identity file code from tctl (because `tctl auth sign` already
  does what we need) into `lib/client/identity.go`
* Updated tctl to use the new stuff.

Next steps:

* Change `tsh` to use that code
* Tests
 2017-07-10 18:28:03 -07:00
Sasha Klizhentas d88314913f cache policy parsing and better error, fixes #223 2017-07-02 15:26:09 -07:00
Ev Kontsevoy 32f510ca0a Merge remote-tracking branch 'origin/master' into ev/e 2017-06-27 12:06:51 -07:00
Russell Jones 2286c6593d Remote clusters should only send their own CAs. 2017-06-27 11:55:59 -07:00
Ev Kontsevoy 8ff6952751 Merge remote-tracking branch 'origin/master' into ev/e 2017-06-26 13:46:30 -07:00
Alexander Klizhentas e1e6d2d6dd Merge branch 'master' into sasha/fixbench 2017-06-23 09:45:38 +03:00
Russell Jones 3db3ac9c98 Removing unix user name check from Teleport user name. 2017-06-22 14:00:12 -07:00
Sasha Klizhentas 3a9d55fa4e do not cancel in flight tests requests in bench 2017-06-22 03:22:47 -07:00
Ev Kontsevoy 94c35298b8 Preparation for 2.3 
- Switched to new way of building Enterprise
- Removed `tctl tunnels` command (preparation for new resources)
- Removed `tctl auth ls` command (preparation for new resources)
 2017-06-21 20:14:40 -07:00
Russell Jones 7295a90c6f Updated comments to explain templating. 2017-06-21 12:00:09 -07:00
Russell Jones a9774f75ca Fix regression when using SAML and dynamic roles. 2017-06-21 10:41:41 -07:00
Russell Jones c675428ddc Better logging when returning roles for OIDC and SAML. 2017-06-21 10:41:41 -07:00
Russell Jones 7e17b6f9a7 Added --compat=oldssh flag to generate user certificates without roles. 2017-06-20 16:57:56 -07:00
Russell Jones 0222c0f06c Process ENV_PATH and ENV_SUPATH from login.defs. 2017-06-14 10:34:45 -07:00
Ev Kontsevoy 19888c6ea6 Merge branch 'master' into rjones/better-logging 2017-06-13 22:27:08 -07:00
Ev Kontsevoy c69e9ce0ad Better error logging for users with misconfigured shell 2017-06-13 17:29:28 -07:00
Russell Jones 8a7f09fb59 Improve RBAC logging when checking access to a server. 2017-06-13 15:14:13 -07:00
Ev Kontsevoy 63cef003d6 Code review edits 
key-agent changes:

tsh now ignores public keys loaded from the SSH key agent unless they
are certificates. this fixes the problem of 'host auth' callback being
called for 3rd party public keys in the SSH-agent (and tsh had no choice
but to prompt user if he wanted to add thoses hosts to known_hosts file)

tctl auth changes:

`tctl auth` now outputs to stdout by default. If you set -o to a file,
it will use that file instead. Getting rid of -o was not possible
because it's still useful if --format is set to `dir` (OpenSSH
compatible output).

other changes:

- added more detailed comments in a few places
- restored error handling logic
 2017-06-12 13:12:17 -07:00
Ev Kontsevoy d046eaee20 Merge branch 'master' into ev/i 2017-06-11 21:54:41 -07:00
Ev Kontsevoy 3ff5820b67 Covered host authentication with tests 2017-06-11 19:22:23 -07:00
Ev Kontsevoy ef790eefa6 Added host authorization to identity-based auth 
Hooked up -i auth into the proper place
 2017-06-11 18:52:19 -07:00
Ev Kontsevoy 37319d6b41 Implemented identity loading 
First part of addressing #1033 is ability to load credentials from the
credentials file(s).

This commit adds -i flag processing, i.e. a certificate can be fed via a
cert.file and used to login.
 2017-06-11 13:37:42 -07:00
Russell Jones 084c8274b4 Allow configuration of the ciphers, KEX algorithm, and MAC algorithms 
for node and proxy.
 2017-06-11 12:16:10 -07:00
Ev Kontsevoy efaf2dcc05 Added a bit more logging to session creation code 2017-06-10 12:24:39 -07:00
Ev Kontsevoy 6cc314286e Merge branch 'master' into rjones/fix-err-check 2017-06-09 21:26:44 -07:00
Russell Jones 97b5b8f6e8 Return errors from GetSession. 2017-06-09 16:57:12 -07:00
Russell Jones 30de671dba If we can't connect to an Auth Server log it at level ERROR. 2017-06-09 12:45:04 -07:00
Ev Kontsevoy cdfb15fd82 scp compatibility improvements 2017-06-09 10:48:21 -07:00
Ev Kontsevoy 0ce13c8b1b Fixed shell globbing for scp 2017-06-08 22:18:09 -07:00
Ev Kontsevoy 487dd00cad Clean state (removed scp branch changes) 2017-06-08 21:48:25 -07:00
Ev Kontsevoy e0360ac97a Fixed #1048 (scp error with OpenSSH client) 
When this command is executed:

```
$ scp host:path/with/wildcards/* .
```

Teleport would launch "SSH exec" request on the sever side, which in
turn would execute the following:

```
/bin/bash -c /usr/bin/teleport scp --remote-addr=127.0.0.1:44226 --local-addr=127.0.0.1:3022 -r -f path/with/wildcards/*
```

The problem is that bash will attempt to "expand" the wildcard, sending
a bunch of files as an input into -f, but `teleport scp` needs to see
the _exact_ string as passed via scp client.

The proposed solution is to detect shell wildcard characters and wrap
them in single quotes preventing them from being expanded.

Another potential solution is to NOT use shell to execute SCP commands.
 2017-06-08 18:24:27 -07:00
Russell Jones 63f8fba42b If the error is access denied, return that immediately. 2017-06-08 11:23:21 -07:00
Ev Kontsevoy 77e0b60dfc Fixed ssh-agent-forwarding test 
This new implementation is not sensitive to garbage in stdout.

It also fails gracefully if there's no SSH_AUTH_SOCK environment
variable.
 2017-06-07 17:56:15 -07:00
Russell Jones 2590e716c3 Always read tsh profile. 2017-06-07 11:37:55 -07:00
Russell Jones 26a565e9e0 Ignore ~/.tsh/environment file if it does not exist. 2017-06-05 10:22:12 -07:00
Sasha Klizhentas 4279a6c9d7 Merge branch 'master' into ev/e 2017-06-02 13:36:12 -07:00
Sasha Klizhentas 817df89a63 Merge branch 'master' into sasha/revisit 2017-06-02 13:18:05 -07:00
Sasha Klizhentas a22e817db9 dashboard and detect dangling sessions, refs #931 
* Improve Grafana dashboard and fix some metrics
* Add dectection for dangling sessions
* Add documentation for Perf Testing
 2017-06-01 19:35:14 -07:00
Russell Jones 5f670ef7d9 Moved tests from lib/srv and lib/utils into integrations. 2017-06-01 17:35:09 -07:00
Ev Kontsevoy 14cf48d707 Switching to 1.8.3 
- Updated Dockerfile to use 1.8.3
- Updated Makefile to stop generating garbage
- Improved one test which failed under Docker
 2017-06-01 14:08:31 -07:00
Sasha Klizhentas efe1a13922 address code review comments 2017-05-30 13:36:35 -07:00
Ev Kontsevoy 6c7a69c5d0 Merge branch 'master' into sasha/exp2 2017-05-30 12:45:50 -07:00
Russell Jones cfd8a5f17d Accept and reply to keepalive@openssh.com messages. 2017-05-30 11:07:51 -07:00
Sasha Klizhentas 644aca3076 remove noisy log 2017-05-28 16:27:23 -07:00
Sasha Klizhentas 287b4ad85e collect remaining chunks after close 2017-05-28 16:26:57 -07:00
Sasha Klizhentas 659255b620 monitoring, docs and fix forward on conn close 2017-05-28 15:37:21 -07:00
Sasha Klizhentas 8fcb7b5138 instrument the system 2017-05-27 17:12:30 -07:00
Sasha Klizhentas 68ae676c0a Merge branch 'master' into sasha/exp2 2017-05-27 15:38:44 -07:00
Sasha Klizhentas 1f5de4847e add tests 2017-05-27 14:37:52 -07:00
Sasha Klizhentas 858755f182 configuration and defaults 2017-05-27 12:46:03 -07:00
Sasha Klizhentas 1166b07a89 add backoff and retries 2017-05-27 11:12:53 -07:00
Sasha Klizhentas b72b734979 add grpc 2017-05-26 18:19:22 -07:00
Russell Jones 78ee5d09ee Added support for allowing the reading of a users environment when 
creating a new child session from ~/.tsh/environment.
 2017-05-26 17:06:49 -07:00
Sasha Klizhentas 4827d8e39d more work and instrumentation 2017-05-26 14:53:17 -07:00
Sasha Klizhentas e766a3c902 work 2017-05-25 18:56:32 -07:00
Russell Jones 2117306774 Added HTTP CONNECT tunneling support for Trusted Clusters. 2017-05-25 10:28:05 -07:00
Russell Jones 2bf011cb3d Fix ^C ignored issue on CentOS 6.8. 2017-05-24 10:31:05 -07:00
Sasha Klizhentas 08b3a8e981 map remote roles for API calls as well 
* Auth API server now understands remote roles as well
 2017-05-23 18:39:47 -07:00
Sasha Klizhentas d5ddea7ea0 update code review comments 2017-05-22 19:44:22 -07:00
Sasha Klizhentas 3bbfeb1b07 add checks and improve user output 2017-05-21 16:53:37 -07:00
Sasha Klizhentas 8ecfe3acc1 fix and complete tests 2017-05-20 12:52:03 -07:00
Sasha Klizhentas bf211f5764 integration test 2017-05-19 19:03:28 -07:00
Sasha Klizhentas 5507ab1304 Merge branch 'master' into sasha/trust2 2017-05-19 10:44:18 -07:00
Sasha Klizhentas 827df4ce5f Merge branch 'master' into sasha/instrument 2017-05-19 10:08:36 -07:00
Sasha Klizhentas 123a158f2e fix tests 2017-05-19 10:06:48 -07:00
Sasha Klizhentas fd91e6c114 more work around setting mapping up 2017-05-17 20:43:21 -07:00
Sasha Klizhentas e2db84d6bd always specify NameID 2017-05-17 10:37:51 -07:00
Sasha Klizhentas 4a3f3b69e1 work on trust 2017-05-17 10:36:25 -07:00
Russell Jones 100c286c0d Temporarily skip flaky test. 2017-05-16 14:22:51 -07:00
Sasha Klizhentas cea133f27c fix bench goroutine leak and add more stats 2017-05-14 12:47:04 -07:00
Sasha Klizhentas 91b4a663b9 instrument with monitoring tools, fixes #935 
* Add prometheus endpoint to expose system stats
* Add heealthz endpoint
* Add gops endpoint for real time troubleshooting
* Deprecate httprof endpoint
 2017-05-13 18:32:10 -07:00
Russell Jones b3af2d3010 SAML 2.0 and AD FS integration. 2017-05-12 14:10:19 -07:00
Sasha Klizhentas 9af07be7a9 add integration tests 2017-05-12 14:10:19 -07:00
Sasha Klizhentas 417ad1de05 tests work in progress 2017-05-12 14:10:18 -07:00
Sasha Klizhentas f8641681f6 SAML 2.0 initial implementation 2017-05-12 14:10:18 -07:00
Sasha Klizhentas 9433a272c5 fix panic on concurrent bucket delete, fixes #976 2017-05-10 10:17:36 -07:00
Russell Jones 6686592e30 Use shellescape library which uses single quotes so environment 
variables are not expanded.
 2017-05-03 16:52:39 -07:00
Russell Jones d3677741b4 Patch for TLP-01-009: Command injection in scp. 2017-05-03 12:25:37 -07:00
Russell Jones 16281a67a0 Patch for TLP-01-008: Use a fake hash for password authentication if 
user does not exist.
 2017-05-03 12:25:20 -07:00
Russell Jones 568e9f9139 Patch for TLP-01-006 and TLP-01-007: Validate Session ID. 2017-05-03 12:19:01 -07:00
Sasha Klizhentas 2950677d8a Patch for TLP-01-005: Check user principal when joining session. 2017-05-03 12:18:45 -07:00
Russell Jones bd20318069 Patch for TLP-01-004: Always check is namespace is valid. 2017-05-03 12:17:45 -07:00
Alexey Kontsevoy 2cb82a5dbe Merge branch 'master' into alexey/new-terminal 2017-05-01 16:02:42 -04:00
Alexey Kontsevoy ea9c12f494 remove screen size from each websocket response 2017-05-01 15:23:23 -04:00
Sasha Klizhentas 67ea31b2d6 fix comments 2017-04-30 16:39:34 -07:00
Sasha Klizhentas 7d741b10a9 add benchmark tool and fix concurrent DeleteBucket 
* Add bench tool and library functions
* Fix concurrent DeleteBucket problem refs #931
 2017-04-30 16:25:17 -07:00
Russell Jones dcf724eab0 Improved logging for test failure. 2017-04-24 18:21:20 -07:00
Russell Jones fc4e63978d Use CheckAndSetDefaults in tctl and add KindNode to default list of 
roles.
 2017-04-20 15:13:03 -07:00
Russell Jones f5c90a02e6 Removed shell parsing for scp code as well. 2017-04-19 12:02:17 -07:00
Russell Jones 1dbbf669ca Execute command using user's shell. 2017-04-19 12:02:13 -07:00
Sasha Klizhentas d01d644250 allow user to read their roles 2017-04-18 09:53:30 -07:00
Sasha Klizhentas 4cf8c7dc56 agent regression fix 2017-04-17 12:12:04 -07:00
Russell Jones 47d6909a55 Updated ACR response parsing for NetIQ. 2017-04-13 15:07:56 -07:00
Russell Jones 9df3b48e0f Use trace.NotFound when returning an error. 2017-04-13 11:54:45 -07:00
Russell Jones 2acff45cf7 Added log line for successful ACR validation. 2017-04-13 11:50:49 -07:00
Russell Jones a425423103 Renamed IdentityProvider to Provider. 2017-04-12 22:24:18 -07:00
Russell Jones 7275c767fc Added support for ACR values for OIDC connectors. 2017-04-12 17:24:26 -07:00
Russell Jones f85bb0de3c Set defaults for templated roles. 2017-04-11 17:03:31 -07:00
Russell Jones 64d5b1d93c Don't set logins directly from allowed logins for CertAuthority V2. 2017-04-11 16:55:26 -07:00
Jose Plana f98a645fcf Merge branch 'master' into fix_no_userinfo_endpoint 2017-04-10 16:26:37 +02:00
Jose Plana 9d1ea5ec3e Skip userinfo if provider doesn't support it. 2017-04-10 16:01:03 +02:00
Russell Jones 10177ade5d Fixed typo when checking for clustername. 2017-04-07 18:01:05 -07:00
Sasha Klizhentas 3c2570fa35 Sasha High Availability. 2017-04-07 16:54:15 -07:00
Russell Jones 95192e3777 Redirect timeout is 10 mins and redirect to error page on failed login. 2017-04-07 14:56:32 -07:00
Russell Jones 4b95db44cb Corrected the Session URL returned when calling "teleport status". 2017-04-07 10:12:36 -07:00
Russell Jones d330d68ec5 If a role is not found, continue on in GetRoles. 2017-04-06 12:37:19 -07:00
Russell Jones fb4c280c0c Fixed User CA export and parsing and added --compat=1.0 flag to tctl. 2017-04-06 12:05:00 -07:00
Russell Jones 72ecdb8d24 Code review fixes. 2017-04-04 18:16:56 -07:00
Russell Jones fcfb8834de Update exisiting OIDC users upon re-login. 2017-04-04 17:06:32 -07:00
Russell Jones fde0ae4178 Added TTL to UpsertRole. Dynamic roles for OIDC users now have TTL. 2017-04-04 17:06:28 -07:00
Russell Jones 81ba372833 Added support for dynamic roles in claim mappings for OIDC. 2017-04-04 15:09:21 -07:00
Sasha Klizhentas 9ef7e64eca bring seed_config, make it deprecated fixes #890 2017-03-31 18:10:55 -07:00
Sasha Klizhentas 2de85cb5bf Merge branch 'master' into sasha/export 2017-03-30 17:53:50 -07:00
Sasha Klizhentas daf04f1abe introduce setter and fix typo 2017-03-30 17:52:58 -07:00
Russell Jones c7956899d5 Merge claims from UserInfo endpoint into claims from ID token. Also, 
fallback to Base64 decoding if Base64-URL decoding fails.
 2017-03-30 17:40:00 -07:00
Russell Jones 835a754fdb Fixed Ansible regressions and added documentation for docker build. 2017-03-30 13:52:06 -07:00
Sasha Klizhentas fd46d88a0c try to fix the test 2017-03-29 19:26:10 -07:00
Russell Jones 81b379e2bc Remove log line that contains err. 2017-03-29 17:12:50 -07:00
Russell Jones d304e47490 Use ioutil.TempDir to create path to socket instead. 2017-03-29 17:12:50 -07:00
Russell Jones 1cab059039 Changes to Unix socket path to make it cross platform. 2017-03-29 17:12:50 -07:00
Ev Kontsevoy 35f80ca798 Added 'data_dir' value to backend params 
Fixes #867
 2017-03-29 17:12:50 -07:00
Ev Kontsevoy 1755870f27 Logging fixes and more 
- Fixed logging. Closes #875
- Removed dead code
- Fixed 'exec' tests on OSX
 2017-03-29 17:12:50 -07:00
Ev Kontsevoy dd9db5ec2e Minor cosmetic commit 
- Added comments to explain the purpose of clientConfig.HostPort
- Fixed typo
- Fixed docker-based 'make release' to include Teleport version into the
  produced tarball
- More informative logging around host lookups
 2017-03-29 17:12:50 -07:00
Ev Kontsevoy 99672d09a7 Fixed scp regressions 
In this commit:

1. Minor addition to Makefile to pull new .go files from
   tool/teleport/common

2. os.Glob() returns an empty list (instead of an error) if the
   file/pattern is not found, so added check for that.

3. sendFile was prematurely sending 'C' command before trying to open a
   file. This used to lead to creation of empty files for invlaid
   sources.

Also, removed some confusing comments.
 2017-03-29 16:49:40 -07:00
Sasha Klizhentas facfc9495b fix test 2017-03-28 16:18:59 -07:00
Sasha Klizhentas 30e1e1325d add principal 2017-03-28 16:18:59 -07:00
Russell Jones 51c347e35c Migrated auth preferences. 2017-03-22 17:08:24 -07:00
Ev Kontsevoy 4722b2d6da Updated comments for DynamoDB package 2017-03-22 17:04:06 -07:00
Russell Jones 2b10e53a1d Allow creating local users without second factor. 2017-03-22 15:06:40 -07:00
Russell Jones cbfd00879c Always create default namespace. 2017-03-22 12:10:01 -07:00
Sasha Klizhentas 17574fef54 fix trusted cluster key exchange 2017-03-21 18:15:05 -07:00
Russell Jones f7934b5be4 Set default PTY size if an invalid size is requested and 
correctly split command.
 2017-03-21 16:50:07 -07:00
Russell Jones a110e48108 Support Get/Set Cluster Authentication Preferences and Universal Second 
Factor Settings from tctl.
 2017-03-21 16:47:18 -07:00
Sasha Klizhentas f02d391172 add optional agent forward cert extension 2017-03-21 13:56:05 -07:00
Sasha Klizhentas 21403b4291 try permit agent forwarding 2017-03-21 10:39:20 -07:00
Russell Jones d707eaaf4e Unload all keys before reloading them. This ensures we don't leave stale 
keys in the agent.
 2017-03-17 14:47:38 -07:00
Russell Jones 00567f6d0c Added public_address to proxy server configuration and heartbeat. 2017-03-17 11:38:40 -07:00
Sasha Klizhentas 320dc0c57d fix window resize for OpenSSH, fixes #800 2017-03-16 11:20:35 -07:00
Sasha Klizhentas c438f3192b TTL Cert 2017-03-14 17:26:42 -07:00
Russell Jones f62efca23f Added more debug logging for "tsh agent". 2017-03-14 17:07:47 -07:00
Alexey Kontsevoy d6c78f4cb1 addressing code review 2017-03-13 18:48:01 -04:00
Alexey Kontsevoy c2008fb72e add remove resource method to Role interface 2017-03-13 18:39:48 -04:00
Sasha Klizhentas 9141f94b8d fix flaky test 2017-03-12 12:28:31 -07:00
Sasha Klizhentas 6e2b69acf1 fix retrieval TTL 2017-03-12 12:23:51 -07:00
Alexey Kontsevoy 29c059556b bug fix 2017-03-11 19:14:46 -05:00
Alexey Kontsevoy 961c27cf79 adding user ACL web endpoint 2017-03-11 16:22:02 -05:00
Sasha Klizhentas 5e49193882 Merge branch 'master' into sasha/agents 2017-03-10 18:32:28 -08:00
Sasha Klizhentas a078f42d53 Merge branch 'master' into sasha/agents 2017-03-10 17:39:50 -08:00
Sasha Klizhentas 48e108e7e0 remove extra log entry 2017-03-10 17:38:07 -08:00
Sasha Klizhentas f1f5a1e413 Merge branch 'master' into sasha/sessions 2017-03-10 17:33:41 -08:00
Sasha Klizhentas c968fa6ce3 drop extra bit 2017-03-10 17:25:22 -08:00
Russell Jones 084a9211c3 Call ConvertResponse to convert error to internal error type based on 
HTTP response code and HTTP body contents.
 2017-03-10 17:05:43 -08:00
Sasha Klizhentas ef9336dbfa fix tests and roles 2017-03-10 16:41:14 -08:00
Sasha Klizhentas ff9a0a458e more code 2017-03-10 15:50:39 -08:00
Sasha Klizhentas b8be3c5101 Merge branch 'master' into sasha/agents 2017-03-09 16:23:17 -08:00
Sasha Klizhentas 0f64d0c547 agent forwarding, fixes #756 2017-03-09 16:20:39 -08:00
Russell Jones 2f70866e5a Added TrustedCluster resource. 2017-03-09 13:49:44 -08:00
Sasha Klizhentas d85261983f remove debugging 2017-03-09 13:08:38 -08:00
Sasha Klizhentas bde7b5b345 agent forwarding 2017-03-09 13:02:57 -08:00
Sasha Klizhentas db08d896f1 agent forwarding test 2017-03-08 21:29:30 -08:00
Sasha Klizhentas 67068086b3 more work 2017-03-08 17:40:35 -08:00
Sasha Klizhentas 80852f0bf6 working proto 2017-03-07 21:42:17 -08:00
Sasha Klizhentas 68d5302494 Merge branch 'master' into sasha/websession 2017-03-03 13:26:11 -08:00
Sasha Klizhentas 8fdcc217fd fixes #809 2017-03-03 13:20:46 -08:00
Russell Jones 54c7f1cd32 Added dynamic_config and removed seed_config. 2017-03-01 16:44:34 -08:00
Alexey Kontsevoy d1952ff865 adding missing setters to Role interface 2017-02-28 20:16:28 -05:00
Sasha Klizhentas 2934b55885 add plugin system 2017-02-27 17:56:05 -08:00
Ev Kontsevoy 45ef591077 Minor fix... 
Replaced raw string with a proper constant (which fixed the regression
with the client IP being incorrectly logged for web sessions)
 2017-02-25 01:02:10 -08:00
Ev Kontsevoy cb71de08a6 Merge branch 'master' into ev/clusters 2017-02-25 00:46:28 -08:00
Ev Kontsevoy be52971437 Terminal resizing in the UI works for remote clusters 
Fixes #778
 2017-02-24 22:04:59 -08:00
Russell Jones 2033d8093c Fix configuration file regressions. 2017-02-24 14:48:52 -08:00
Alexey Kontsevoy 0a49bb4039 always return config.js 2017-02-24 12:10:36 -05:00
Ev Kontsevoy a7aa9b4c93 Final cleanup in preparation for PR 2017-02-23 17:57:28 -08:00
Ev Kontsevoy 91c7dba39a Merge remote-tracking branch 'origin/master' into ev/regressions 2017-02-23 17:52:28 -08:00
Ev Kontsevoy 86bda472a8 Fixed tests 2017-02-23 17:10:43 -08:00
Russell Jones 7afe60f72e Code review comments. 2017-02-23 15:07:55 -08:00
Russell Jones cfe92d7ad2 Fixed bugs created in #783. Updated response returned from /webapi/ping and 
/web/config.js. Added support for authentication selection based off ping
response in tsh.
 2017-02-23 13:45:19 -08:00
Ev Kontsevoy 80df1bbc2d scp fixes 
- added file globbing for "sink"
- added proper handling of directory copying into an existing target [1]

[1] compatible with OpenSSH behavior
 2017-02-23 00:37:13 -08:00
Ev Kontsevoy bc85683b51 Merge branch 'master' into ev/docker 2017-02-22 12:02:40 -08:00
Russell Jones 1dcd3e11e5 Refactored authentication configuration, created resources for dynamic configuration of authentication configuration, and updated documentation. 2017-02-22 11:48:06 -08:00