Commit graph

351 commits

Author SHA1 Message Date
Luka Krajger
f8f937608c Merge pull request #325 from sroeder/master
Added @ character to the list of valid username characters.

* This allows login with "bad" username, even if shellinabox is configured to
  run with SSH service. For LOGIN service this was always possible.
2015-07-21 18:43:27 +02:00
Scott Roeder
34bbeab314 Added @ character to the list of valid username characters. 2015-07-21 12:27:24 +04:00
KLuka
b4de69ed5c Fixed option --service for running custom scripts
* Full path of command is passed to function execvp(), when we launch
  user defined service. This was broken since commit b3309b2.
2015-07-17 13:43:01 +02:00
KLuka
458cd7aa8f Minor improvments
* Added "reconnect" and "onsessionchange" message types to use with
  embedded terminal. Usage examples were added to misc/embedded.html
  file.
* Improved code for unix domain socket functionality.
2015-07-09 21:51:43 +02:00
KLuka
bdca920abc Another update for unix domain sockets support
* Changed initialization of variables and handling of unix socket path.
* Added fixes for command line argument parsing, that I forgot in previous
  commit.
2015-07-07 10:48:14 +02:00
KLuka
c6186530bb Minor fixes for unix domain sockets
* Improved user input checking and error handling for code from #320.
* Added some guards for unlinking socket file in server init and destroy
  functions.
* Added peer name handling for AF_UNIX type connections in HTTP handling
  code.
2015-07-06 22:02:54 +02:00
Luka Krajger
c7b41ad4ce Merge pull request #320 from rkd77/unixdomain
Unix domain sockets support.
2015-07-06 21:14:22 +02:00
Witold Filipczyk
4d8ec30100 Unix domain sockets support.
The socket is not removed on shutdown, but the rest seems to work.
2015-07-01 13:06:04 +02:00
Luka Krajger
8f38e7873b Merge pull request #317 from KLuka/messages
Message passing to embedded shellinabox

* Added ability to pass messages to or from shellinabox embedded iframe.
* Added example file.
2015-06-19 09:22:18 +02:00
KLuka
fb4ebaf01f Improved message passing info and examples 2015-06-17 18:11:59 +02:00
KLuka
4f32ae3f2f Message passing examples for embedded shellinabox
* Added misc/embedded.html file with more info and actual examples
  on message passing to or from embedded shellinabox frame.
2015-06-16 22:30:02 +02:00
KLuka
1676f1a887 Message passing support for embedded shellinabox
* Added basic support for message passing to or from embedded
  shellinabox iframe. Now we can write to terminal, read the
  terminal output and request session status from parent window.
* This functionality must be enabled with command line parameter
  "--messages-origin ORIGIN". Value ORIGIN, which is compared with
  message against received message origin, must be set to specific
  url, or to "*" to allow messages from any origin.
2015-06-16 18:54:39 +02:00
KLuka
bcac95b9fa Issue #63, #315: only one line is displayed
* Changed detection for when terminal is embedded in another element.
  Now we allow one pixel difference between calculated terminal width
  and body width. This needs to be done because some browsers report
  wrong width in offsetWidth property, when browser zoom is in use.
* Updated README
2015-06-12 15:53:57 +02:00
Luka Krajger
14d44513ff Merge pull request #316 from gitter-badger/gitter-badge
Add a Gitter chat badge to README.md
2015-06-11 13:06:12 +02:00
The Gitter Badger
8029a2d9dd Added Gitter badge 2015-06-11 10:57:38 +00:00
Luka Krajger
4f9c682860 Updated README 2015-06-06 15:06:47 +02:00
KLuka
b3309b23d8 Fixes for some defects found by Coverity
* Added more checks for return values and null pointers.
* Removed some dead code and unused variables.
* Fixed handling of calls to exec() family functions. If this functions
  fail we need to cleanup resources.
2015-05-31 13:04:00 +02:00
Luka Krajger
21c8d8e0b7 Merge pull request #314 from a-detiste/master
debian: preserve user options on upgrade
2015-05-28 19:39:24 +02:00
Alexandre Detiste
4ccab0aa0d debian: also work correclty when _all_ options have been disabled
make #DEBHELPER# future-proof (now a no-op)
2015-05-27 17:14:50 +02:00
Alexandre Detiste
f77c7d06a5 debian: preserve user options on upgrade 2015-05-27 15:00:49 +02:00
KLuka
6402688084 Improved code session and URL handling
* URL dependency was removed from session handling code. URL object
  was only needed to get session key from client request. This was
  moved somewhere else to achive better code reusability.
* Added URL parsing functionality that can be used without URL object.
2015-05-26 22:37:32 +02:00
Luka Krajger
fad30cd57c Merge pull request #311 from KLuka/colors
Solution for issue #255, manuals update
2015-05-23 10:40:43 +02:00
KLuka
8923598a6d Improved terminal cursor style
* Changed "dim" cursor visibility from invisible to almost transparent
  and in the same color as default background. This improves visibility
  of cursor, if we are usign application (like vim for example) with
  dark background and the "Black on White" user CSS is set.
2015-05-23 10:38:08 +02:00
KLuka
9bb3b787ae Updated manuals for SSH service 2015-05-21 09:51:59 +02:00
KLuka
0a2ba7c052 Issue #255: Fixed "White on Black" color theme
* Changed handling of ANSI escape codes. Now we detect when to use
  default colors and when to use explicit ANSI colors.
* Added new CSS classes "ansiDef" and "bgAnsiDef" for default terminal
  foreground and background. Before we were using "ansi0" and "bgAnsi15"
  for default bg/fg colors. This was causing problems, when "White on
  Black" color theme modified their values. Now just this two classes
  are changed when user changes his color theme.
2015-05-20 16:50:32 +02:00
KLuka
e6a6857cb1 SSH service debugging and addtional information
* Changed ssh command log level from QUIET to FATAL. This will help
  users with debugging in case of errors related to SSH service.
  (See issues #112, #310)
* Added more information about SSH service in manual page. For SSH
  service to work, sshd server needs to be running on local system
  and must be configured to accept password authentication.
2015-05-19 21:39:11 +02:00
Luka Krajger
ce25d2f2b1 Merge pull request #309 from KLuka/realip
Real IP recognition over proxy

* Recogniton of HTTP header field 'X-Real-IP' was added. Value
  is used in LOGIN service with peer name as remote host identifier.
  This was we are able to see real IP in login related log files
  such as /var/log/auth.log, etc...

  Example for failed logins over nginx as can be seen in `/var/log/auth.log` file:
  ```
  May 17 20:17:20 luka-ubuntu login[9888]: FAILED LOGIN (1) on '/dev/pts/20' from '127.0.0.1, 192.168.1.100' FOR 'UNKNOWN', User not known to the underlying authentication module
  May 17 20:17:25 luka-ubuntu login[9888]: FAILED LOGIN (2) on '/dev/pts/20' from '127.0.0.1, 192.168.1.100' FOR 'luka', Authentication failure
  ```


* Real IP, peer name and URL are also passed to launched  service
  as environment variables (SHELLINABOX_PEERNAME, SHELLINABOX_REALIP
  and SHELLINABOX_URL). This can be used by custom user service shell
  scripts or programs.

  ```
  SHELLINABOX_REALIP=192.168.1.100
  SHELLINABOX_URL=http://192.168.1.150:81/
  SHELLINABOX_PEERNAME=127.0.0.1
  ```

* Real IP can also be passed to custom user service as command line
  parameter ${realip}.

  See this example:
  ```
  ./shellinaboxd --service  '/:luka:luka:/:/home/luka/test.sh --peer ${peer} --realip ${realip}'
  ```
2015-05-19 09:54:09 +02:00
KLuka
17dd88e804 Real IP recognition over proxy (man, help)
* Manual page and output of --help parameter were updated according
  to changes in previous commit.
2015-05-18 16:28:14 +02:00
KLuka
883b7aa7f0 Real IP recognition over proxy (partial fix #54)
* Recogniton of HTTP header field 'X-Real-IP' was added. Value
  is used in LOGIN service with peer name as remote host identifier.
  This was we are able to see real IP in login related log files
  such as /var/log/auth.log, etc...
* Real IP, peer name and URL are also passed to launched  service
  as environment variables (SHELLINABOX_PEERNAME, SHELLINABOX_REALIP
  and SHELLINABOX_URL). This can be used by custom user service shell
  scripts or programs.
* Real IP can also be passed to custom user service as command line
  parameter ${realip}.
2015-05-17 20:05:15 +02:00
Luka Krajger
89d4a87c53 Merge pull request #308 from a-detiste/master
clean up debian/rules
2015-05-16 18:14:18 +02:00
Alexandre Detiste
955c7cdd46 debian: use coherant casing for user css options 2015-05-15 20:36:29 +02:00
Alexandre Detiste
b460a0ba72 debian: close release metabug 2015-05-15 18:17:56 +02:00
Alexandre Detiste
97813e9235 clean up debian/rules
so much more simple to read, yet it yelds an identical .deb

For people building the package without debian tools,
the 4 *.css won't be installed in /usr/share/doc/shellinabox;
anymore, but those aren't _documentation_,
merely sample configuration files.

The stubby Changelog "Please see CHANGELOG.md" is replaced
by a symlink; that explains the size increase of 6kb;
but Debian package should by policy ship the upstream
CHANGELOG if avaible.

```
debdiff GOOD_shellinabox_2.15-1_armhf.deb shellinabox_2.15-1_armhf.deb

File lists identical (after any substitutions)

Control files: lines which differ (wdiff format)
------------------------------------------------

Installed-Size: [-510-] {+516+}
```
2015-05-15 15:49:32 +02:00
Luka Krajger
458d441e75 Merge pull request #300 from KLuka/usercss
User CSS related fixes
2015-05-14 16:31:15 +02:00
KLuka
94a7f6339f User CSS minor typo fix
* Fixed typo for context menu option "Black On White"
2015-05-14 12:52:10 +02:00
Luka Krajger
62c36796fb Merge pull request #306 from a-detiste/master
VCS_VERSION: remove Subversion support, add support for Git & tarball
2015-05-14 12:43:25 +02:00
Alexandre Detiste
f3bb90eaf4 VCS_VERSION: remove Subversion support, add support for Git & tarball
building from tarball can be tested this way:

rsync -avix . /tmp/shellinabox --exclude-from=.gitignore --exclude=.git --delete --delete-excluded
(cd /tmp/shellinabox && autoreconf -i && ./configure && make && ./shellinaboxd --version)
2015-05-14 12:34:47 +02:00
KLuka
9d87e59356 User CSS initialization fix (issue #138)
* Now we use onload event to disable user CSS accoring to default
  or user settings. Problem was that we were setting the 'disabled'
  attribute on unloaded stylesheet. This should work in all moderen
  browsers.
2015-05-14 11:12:35 +02:00
Luka Krajger
89e40c5e3a Merge pull request #303 from a-detiste/master
fix building with debuild
2015-05-13 23:06:13 +02:00
Alexandre Detiste
29b12cba45 README.md: only 'apt-get install' the minimum
apt-get will resolve depedencies automatically
2015-05-13 10:25:07 +02:00
Alexandre Detiste
3d7c86f504 README.md: add dh-autoreconf depedency 2015-05-13 10:05:14 +02:00
Luka Krajger
3b40013406 Added build status to README.md 2015-05-13 09:30:10 +02:00
Alexandre Detiste
b244e3ffc8 ignore files generated by debuild 2015-05-13 09:00:20 +02:00
Alexandre Detiste
26d8a34638 debian: use dh-autoreconf 2015-05-13 08:56:30 +02:00
Alexandre Detiste
b54b3fa3f7 remove more autogenerated cruft 2015-05-13 08:55:29 +02:00
KLuka
371f061279 Project cleanup of build and demo files
* Removed autogenerated build files
* Removed autogenerated demo files
* Updated .gitignore
2015-05-12 20:02:59 +02:00
Luka Krajger
597890ed33 Merge pull request #299 from a-detiste/master
Refresh debian packaging
2015-05-12 18:18:34 +02:00
KLuka
e341a3e97c User CSS context menu settings fix
* Fixed initialization of user CSS settings from cookie. Now we the correct
  values are being read. This could be possible fix for issue #138.
* Changed generation of CSS link elements to get rid of JS deprecated
  warnings.
2015-05-12 16:46:53 +02:00
Alexandre Detiste
e59a2e32ae .gitignore 2015-05-12 14:52:15 +02:00
Alexandre Detiste
49d7515509 refresh Debian packaging
handle lintian file automatically
2015-05-12 14:45:56 +02:00