summaryrefslogtreecommitdiff
path: root/cmd/gitlab-shell/command
Commit message (Collapse)AuthorAgeFilesLines
* gitlab-sshd: Add support for signed user certificatessh-ssh-certificatesStan Hu2023-03-081-0/+14
| | | | | | | | | We add a `trusted_user_ca_keys` config setting that allows gitlab-sshd to trust any SSH certificate signed by the keys listed in this file. This is equivalent to the `TrustedUserCAKeys` OpenSSH setting. We assume the certificate identity is equivalent to the GitLab username.
* Add support for the gssapi-with-mic auth methodMarin Hannache2023-01-231-0/+14
|
* go: Bump major version to v14Patrick Steinhardt2022-07-052-28/+28
| | | | | | | | | | | | | While gitlab-shell currently has a major version of v14, the module path it exposes is not using that major version like it is required by the Go standard. This makes it impossible for dependents to import gitlab-shell as a dependency without using a commit as version. Fix this by changing the module path of gitlab-shell to instead be `gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports accordingly. Changelog: fixed
* Relax key and username matching for sshdsh-improve-key-matching-sshdStan Hu2021-11-101-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the way sshd works, gitlab-shell could be called with a single string in the form: ``` /path/to/gitlab-shell -c key-id ``` However, due to the tightening of the regular expressions in fcff692b this string no longer matches, so logins would fail with: ``` Failed to get username: who='' is invalid ``` This can be reproduced by changing the user's shell to point to gitlab-shell. For example: ``` usermod git -s /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell ``` While setting gitlab-shell as the user's shell isn't officially supported, gitlab-shell still should be able to cope with the key being specified as the last argument. We now split the argument list and use the last value. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/530
* Don't swallow an error parsing SSH_ORIGINAL_COMMANDNick Thomas2021-09-271-1/+1
|
* refactor: unify instantiation of command.Shellfeistel2021-09-201-0/+14
|
* refactor: cleanup func signature and remove unused argsfeistel2021-09-082-8/+7
|
* refactor: rearchitect command and executable Go modulesfeistel2021-09-082-0/+346