diff options
| author | Paul Buetow <pbuetow@mimecast.com> | 2023-06-05 16:21:31 +0300 |
|---|---|---|
| committer | Paul Buetow <pbuetow@mimecast.com> | 2023-06-05 16:21:31 +0300 |
| commit | a3bb8a44a6ba6f7184e8ce2f5bd16a69162794f1 (patch) | |
| tree | c7e3fe60821935fd88cf3bcaec3055b58cff07f7 | |
| parent | 3c9e5c71d30209b415df9c0d7149da2c3a923c7a (diff) | |
can configure SSH algorithms
| -rw-r--r-- | internal/config/server.go | 6 | ||||
| -rw-r--r-- | internal/server/server.go | 16 | ||||
| -rw-r--r-- | internal/user/server/user.go | 2 | ||||
| -rw-r--r-- | internal/version/version.go | 2 | ||||
| -rwxr-xr-x | samples/dtail.schema.json | 18 |
5 files changed, 37 insertions, 7 deletions
diff --git a/internal/config/server.go b/internal/config/server.go index 4c96567..cb9ca2b 100644 --- a/internal/config/server.go +++ b/internal/config/server.go @@ -61,6 +61,12 @@ type ServerConfig struct { Schedule []Scheduled `json:",omitempty"` // Continuous mapreduce jobs Continuous []Continuous `json:",omitempty"` + // The allowed key exchanges algorithms. + KeyExchanges []string `json:",omitempty"` + // The allowed cipher algorithms. + Ciphers []string `json:",omitempty"` + // The allowed MAC algorithms. + MACs []string `json:",omitempty"` } // Create a new default server configuration. diff --git a/internal/server/server.go b/internal/server/server.go index 30602ff..761880d 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -39,11 +39,17 @@ func New() *Server { dlog.Server.Info("Starting server", version.String()) s := Server{ - sshServerConfig: &gossh.ServerConfig{}, - catLimiter: make(chan struct{}, config.Server.MaxConcurrentCats), - tailLimiter: make(chan struct{}, config.Server.MaxConcurrentTails), - sched: newScheduler(), - cont: newContinuous(), + sshServerConfig: &gossh.ServerConfig{ + Config: gossh.Config{ + KeyExchanges: config.Server.KeyExchanges, + Ciphers: config.Server.Ciphers, + MACs: config.Server.MACs, + }, + }, + catLimiter: make(chan struct{}, config.Server.MaxConcurrentCats), + tailLimiter: make(chan struct{}, config.Server.MaxConcurrentTails), + sched: newScheduler(), + cont: newContinuous(), } s.sshServerConfig.PasswordCallback = s.Callback diff --git a/internal/user/server/user.go b/internal/user/server/user.go index e704c8b..abf74f3 100644 --- a/internal/user/server/user.go +++ b/internal/user/server/user.go @@ -121,7 +121,7 @@ func (u *User) iteratePaths(cleanPath, permissionType string) (bool, error) { continue } - regexStr := permission + regexStr = permission if strings.HasPrefix(permission, "!") { regexStr = permission[1:] negate = true diff --git a/internal/version/version.go b/internal/version/version.go index 3eef9ae..c60c04c 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -13,7 +13,7 @@ const ( // Name of DTail. Name string = "DTail" // Version of DTail. - Version string = "4.1.0" + Version string = "4.2.0" // Additional information for DTail Additional string = "SNAPSHOT release" ) diff --git a/samples/dtail.schema.json b/samples/dtail.schema.json index 1ee9980..44fb4c2 100755 --- a/samples/dtail.schema.json +++ b/samples/dtail.schema.json @@ -246,6 +246,24 @@ }, "TextFg": { "#ref": "#/definitions/color" + }, + "KeyExchanges": { + "type": "array", + "items": { + "type": "string" + } + }, + "Ciphers": { + "type": "array", + "items": { + "type": "string" + } + }, + "MACs": { + "type": "array", + "items": { + "type": "string" + } } } }, |