summaryrefslogtreecommitdiff
path: root/internal/command/commandargs/shell.go
Commit message (Collapse)AuthorAgeFilesLines
* Add support for the gssapi-with-mic auth methodMarin Hannache2023-01-231-6/+7
|
* go: Bump major version to v14Patrick Steinhardt2022-07-051-1/+1
| | | | | | | | | | | | | While gitlab-shell currently has a major version of v14, the module path it exposes is not using that major version like it is required by the Go standard. This makes it impossible for dependents to import gitlab-shell as a dependency without using a commit as version. Fix this by changing the module path of gitlab-shell to instead be `gitlab.com/gitlab-org/gitlab-shell/v14` and adjust all imports accordingly. Changelog: fixed
* Relax key and username matching for sshdsh-improve-key-matching-sshdStan Hu2021-11-101-11/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the way sshd works, gitlab-shell could be called with a single string in the form: ``` /path/to/gitlab-shell -c key-id ``` However, due to the tightening of the regular expressions in fcff692b this string no longer matches, so logins would fail with: ``` Failed to get username: who='' is invalid ``` This can be reproduced by changing the user's shell to point to gitlab-shell. For example: ``` usermod git -s /opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell ``` While setting gitlab-shell as the user's shell isn't officially supported, gitlab-shell still should be able to cope with the key being specified as the last argument. We now split the argument list and use the last value. Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/530
* Don't swallow an error parsing SSH_ORIGINAL_COMMANDNick Thomas2021-09-271-9/+4
|
* Modify regex to prevent partial matchesRobert May2021-06-291-2/+2
|
* chore: Refactor env introspection to rely on command initialization496-move-env-introspection-to-sshenvLucas Charles2021-03-151-17/+6
| | | | | | | Refactors introspection of execution environment to rely on per-connection state (`gitlab-shell`) or per request (`gitlab-sshd`) Relates to https://gitlab.com/gitlab-org/gitlab-shell/-/issues/496
* RFC: Simple built-in SSH serverLorenz Brun2021-01-181-3/+9
|
* Add 2fa_verify commandImre Farkas2020-12-101-0/+1
|
* Add support obtaining personal access tokens via SSHTaylan Develioglu2020-08-171-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | Implements the feature requested in gitlab-org/gitlab#19672 This requires the internal api counterpart in gitlab-org/gitlab!36302 to be merged first. It can be used as follows: ``` censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token remote: remote: ======================================================================== remote: remote: Usage: personal_access_token <name> <scope1[,scope2,...]> [ttl_days] remote: remote: ======================================================================== remote: censored@censored-VirtualBox:~/git/gitlab$ ssh git@gitlab-2004 personal_access_token newtoken read_api,read_repository 30 Token: aAY1G3YPeemECgUvxuXY Scopes: read_api,read_repository Expires: 2020-08-07 ```
* commands: pass through GIT_PROTOCOL envvar provided by clientsps-git-protocol-envvarPatrick Steinhardt2020-02-281-0/+2
| | | | | | | | | | | Both git-upload-pack and git-receive-pack services inspect the GIT_PROTOCOL environment transferred via SSH in order to decide which protocols are supported by a given client. Currently, we don't use the environment variable at all, though, but instead forward the GitProtocol field of the access verification response. Improve this by passing on the GIT_PROTOCOL environment variable provided by the client as-is.
* Move go code up one levelNick Thomas2019-10-181-0/+131
View Lorry Controller Status