Commit graph

401 commits

Author SHA1 Message Date
Mark van Holsteijn
8fd68e147c add option --disable-peer-check to usage help text 2016-02-26 00:24:33 +01:00
Mark van Holsteijn
2034ae1ee5 option to disable the peer check when running behind AWS ELB 2016-02-26 00:01:09 +01:00
Luka Krajger
f17bc266f8 Merge pull request #362 from druzus/master
2016-02-23 23:18 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl)

Edit and function keys pressed with CTRL, ALT or SHIFT modifiers generated wrong key sequences.
2016-02-24 07:04:21 -05:00
Przemysław Czerpak
790d578cc2 2016-02-23 23:18 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl)
* shellinabox/vt100.jspp
    ! fixed key modifiers encoding.
      They should be calculated as bitfield for
         SHIFT = 1
         ALT   = 2
         CTRL  = 4
      and then incremented by 1.
      ref:
         http://www.xfree86.org/4.7.0/ctlseqs.html#PC-Style%20Function%20Keys
         http://invisible-island.net/xterm/ctlseqs/ctlseqs.html#h2-PC-Style-Function-Keys
2016-02-23 23:18:12 +01:00
KLuka
0c8c295c1a Issue #360: ignore VTE OSC6 and OSC7 escape sequences
* This patch ignores VTE OSC6 and OSC6 escape sequences, so that the
  current directory/file are not displayed in front of the shell prompt.
2016-01-23 16:17:17 +01:00
KLuka
141e641238 Raised version from 2.19 to 2.20 2016-01-23 16:03:32 +01:00
Luka Krajger
2c93404bd0 Merge pull request #357 from KLuka/issue-222
Issue #222: LOGIN service (can't reopen tty)
2016-01-04 10:56:18 -05:00
KLuka
4911d0d39c Issue #222: LOGIN service (can't reopen tty)
* Workaround for random "Session closed" issues related to /bin/login
  closing and reopening our pty during initialization. This happens only
  on some systems like Fedora for example. Now we allow that our pty is
  closed by ignoring POLLHUP on first read. Delay is also needed so that
  login process has some time to reopen pty.
* Note that the issue may occur anyway but with this workaround we reduce
  the chances.
2015-12-28 15:24:49 +01:00
Luka Krajger
d8ef7dad3c Merge pull request #356 from triska/master
fix typo: HTTPS --> HTTP
2015-12-11 09:28:34 +01:00
Markus Triska
dd9f1f01d1 fix typo: HTTPS --> HTTP 2015-12-10 20:03:44 +01:00
Marc Singer
1a8010f2c9 Changelog update before release. 2015-12-05 10:31:36 -08:00
KLuka
8a68194da2 Updated version to 2.19 2015-12-04 18:17:22 +01:00
KLuka
e026df75b0 Fixed spelling errors reported by lintian 2015-12-04 18:14:51 +01:00
KLuka
4aa0eb97e4 Disable HTTP fallback via "/plain" URL (CVE-2015-8400)
* Disabled all methods of HTTP fallback when HTTPS is enabled. This
  is enforced on server side so that even modified client code (JS)
  can not redirect client from HTTPS to HTTP, like it was possible
  before (issue #355).
* Current solution unfortunately also disables automatic upgrade from
  HTTP to HTTPS (when available), since all non-SSL connections are
  droped immediately.
2015-12-03 17:47:26 +01:00
KLuka
aaa00551bf Issue #119, #312, #354: Soft keyboard icon
* Added logic that enables soft keyboard icon by default on some
  clients like Kindle, PS Vita, iPad, ...
2015-11-17 19:43:22 +01:00
KLuka
106bc0aa85 Issue #354: iOS client compatibility
* Added more iOS clients that should use workaround to prevent ever
  groving console.
2015-11-17 19:36:10 +01:00
KLuka
f67073d33e Issue #350: Support for middle click paste
* Added limited support for middle click pasting. For most browsers
  and operating systems middle click pasting works only for concent
  selected in current shellinabox window.
2015-10-20 20:40:20 +02:00
Marc Singer
c87588613a Update version for release. 2015-10-10 10:54:36 -07:00
KLuka
e30c33d323 Issue #347: Added dummy release in Debian changelog
* This is needed so that manualy built Debian packages will contain
  latest version.
2015-09-17 10:39:43 +02:00
KLuka
973f1527bd Updated preview image in README 2015-09-06 21:32:13 +02:00
KLuka
cde2e92378 Issue #341: Fixed reverse video rendering
* Added new CSS class for handling reverse video with default terminal
  colors. For colors given with value 0-255 background and foreground
  values are just switched.
* New CSS classes were also added to Black On White and White On Black
  color themes.
2015-09-03 19:01:48 +02:00
KLuka
7dd9d4300c Minor improvements
* Use stdout for usage and version information. Patch taken from
  issue #344.
* Removed automatic usage display when command line parsing fails.
* Added version information in debug output.
2015-09-03 19:00:16 +02:00
KLuka
b58542eb99 Added CGI session key in HTTP response header
* Session key is returned in first HTTP response if CGI mode is used.
  Header filed is named 'X-ShellInABox-Session'. This can be used by
  some special applications that need unique token.
2015-09-03 18:04:15 +02:00
KLuka
8d3c5cdc3d Raised version to 2.19 2015-09-01 13:13:13 -04:00
Benji Wiebe
09e790bb27 Added config.cache to gitignore 2015-09-01 13:06:21 -04:00
KLuka
b828574899 Issue #103: Child process cleanup under PAM session
* Added signal handling in PAM session process. Now SIGHUP signals are
  forward to child process, which is the actual service. Launcher process
  uses this type of signals to terminate service on http connection
  timeout.
2015-08-30 22:48:14 +02:00
Luka Krajger
eb2968b1d0 Merge pull request #340 from BenjiWiebe/master
Added autoconf/automake stuff for compatibility with older auto* versions
2015-08-30 19:10:04 +02:00
Benji Wiebe
36f512cc63 Added explanatory comments 2015-08-28 23:42:09 -05:00
Benji Wiebe
284265651b Added autoconf/automake stuff for compatibility with older auto* versions 2015-08-28 23:15:13 -05:00
Luka Krajger
0d522a05ca Merge pull request #339 from BenjiWiebe/master
Added --disable-utmp-logging option
2015-08-28 20:44:16 +02:00
Benji Wiebe
3ff0ad5768 Added --disable-utmp-logging option 2015-08-27 23:16:06 -05:00
Luka Krajger
6f30739e33 Merge pull request #338 from BenjiWiebe/master
Kill children with HUP instead of TERM at end of session
2015-08-27 23:49:37 +02:00
Benji Wiebe
7f5064efcd Reset sigaction for SIGHUP to default in child 2015-08-27 14:08:39 -05:00
Benji Wiebe
145abf1fcc Kill children with HUP instead of TERM at end of session 2015-08-27 13:26:42 -05:00
KLuka
48a65d6bcb Fixed handling of large HTTP requests
* Protection against large HTTP requests was fixed by adding some null
  pointer checks. Too large HTTP requests are now correctly handled by
  returning error code and closing connection.
2015-08-26 23:27:06 +02:00
KLuka
6c9f98bf34 Logging and debuging
* Added prefixes to all log messages. Prefix should describe source of
  message, like "config", "http", "ssl", "server", etc... This should
  give users more info to figure out what went wrong or what is going
  on. Prefixes also make automatic processing easier.
* Usage is not displayed by default when given command line options are
  incorrect. This way it is easier to notice actual error.
2015-08-23 19:25:36 +02:00
KLuka
d74e60b6a7 Added system logging for important errors
* Messages with "fatal" or "error" log level are now also passed to
  syslogd service with help of vsyslog() function.
* On systems that use syslog service, these messages will be available
  in default system log files like /var/log/syslog or /var/log/messages.
2015-08-21 18:08:11 +02:00
KLuka
dfd885c011 Raised version 2015-08-21 17:44:06 +02:00
Marc Singer
acba554b6b Package release commit. 2015-08-07 20:53:15 -07:00
Luka Krajger
02838e530f Merge pull request #332 from KLuka/ssl
SSL patches
2015-08-06 18:22:07 +02:00
KLuka
1f54ff5f71 Added prefix to SSL related debug messages 2015-08-06 18:11:32 +02:00
KLuka
eacb2fcb81 Disable secure client-initiated renegotiation
* In case that this SSL feature is abused it is possible to overload the
  server. Other web servers disable this feature by default, but users
  are able to change it with configuration. This is not possible with
  shellinabox as this feature is not needed.
* Solution was implemented similary as in Lighttpd web server.
2015-08-06 18:06:11 +02:00
KLuka
f0437832d3 Added support for Perfect Forward Secrecy (#331)
* Support for PFS is enabled with help of chiper suits that use ECDHE
  key exchange. OpenSSL added support for eliptic curve operations (EC)
  in version 0.9.8. Note that there are also some library distributions
  which don't support EC operations.
* Added precompiler guards for builds with OpenSSL older than 0.9.8 and
  builds with '--enable-runtime-loading' configure script option.
* Cleaned up some SSL related code.
2015-08-05 17:57:05 +02:00
KLuka
477818e088 Fixed broken visual bell style in default CSS 2015-07-27 20:08:47 +02:00
KLuka
7cc877cdd8 Clean up build and lintian warnings (#328)
* Added wrapper macros to suppress compiler warnings about unused return
  values of setres*id() functions. We don't need checks at that point
  as it does't affect our program.
* Added marco in configure.ac script to overwrite default AR_FLAGS,which
  were causing build warnings.
* Removed debian/watch file as is not needed anymore, because now this
  is native Debian package.
2015-07-27 19:57:19 +02:00
Marc Singer
8ac3a4efcf Release to guarantee upgrade. 2015-07-24 11:54:39 -07:00
Marc Singer
7794fa4f64 Merge remote-tracking branch 'refs/remotes/origin/master' 2015-07-24 09:44:50 -07:00
Marc Singer
001613b538 Changing to native package.
o Debian source type is 3.0 native.
o Properly builds package elements ready for release.
o Merging Alexandre's changelog entry with this one and retaining 2.15
  version number.
2015-07-24 09:23:27 -07:00
Marc Singer
655d0a3b0d Improving cleanliness.
o Some files in the demo/ directory were committed and should not have
  been.  These are removed.
o Cleaning includes removing demo/ directory transients.
o Debian rules explicitly perform demo/ cleanup so that source tarball
  is correct.
o Resolves #329
2015-07-24 09:23:27 -07:00
KLuka
9dcef5688f Added Github url in context menu "About..." popup 2015-07-24 16:08:05 +02:00