Merge pull request #16 from leboncoin/1_6_0

v1.6.0
leboncoin · Aug 23, 2018 · 8b8d9c6 · 8b8d9c6
2 parents bc2ab27 + 0b01f77
commit 8b8d9c6
Show file tree

Hide file tree

Showing 3 changed files with 239 additions and 143 deletions.
diff --git a/CHANGELOG_cassh_client.md b/CHANGELOG_cassh_client.md
@@ -4,6 +4,39 @@ CHANGELOG
 CASSH Client
 -----
 
+1.6.0
+-----
+
+2018/08/23
+
+### New Features
+
+  - timeout optional arg in cassh conf file, 2s by default
+  - verify optional arg in cassh conf file, True by default
+  - Add a User-Agent `HTTP_USER_AGENT : CASSH-CLIENT v1.6.0`
+  - Add the client version in header `HTTP_CLIENT_VERSION : 1.6.0`
+
+
+### Changes
+  - Read public key as text and not as a binary
+  - Remove of --uid : "Force UID in key ownership.", useless
+  - Remove disable_warning() for https requests
+
+
+### Bug Fixes
+
+  - fix timeout at 60s
+  - fix no tls certificate verification
+  - fix README
+
+### Other
+
+  - Reorder functions
+  - Less var in init function, more use of user_metadata shared var
+  - Wrap request function to unify headers, timeout and tls verification
+
+
+
 1.5.3
 -----
 

diff --git a/README.md b/README.md
@@ -75,7 +75,7 @@ cassh add
 
 Sign pub key :
 ```
-cassh sign [--display-only] [--uid=UID] [--force]
+cassh sign [--display-only] [--force]
 ```
 
 Get public key status :
@@ -121,6 +121,30 @@ cassh admin <username> set --set='expiry=+7d'
 cassh admin <username> set --set='principals=username,root'
 ```
 
+#### Configuration file
+
+```ini
+[user]
+# name : this is the username you will use to log on every server
+name = user
+# key_path: This key path won\'t be used to log in, a copy will be made for the certificate.
+# We assume that `${key_path}` exists and `${key_path}.pub` as well.
+# WARNING: Never delete these keys
+key_path = ~/.ssh/id_rsa
+# key_signed_path: Every signed key via cassh will be put in this path.
+# At every sign, `${key_signed_path}` and `${key_signed_path}.pub` will be created
+key_signed_path = ~/.ssh/id_rsa-cert
+# url : URL of cassh server-side backend.
+url = https://cassh.net
+# [OPTIONNAL] timeout : requests timeout parameter in second. (timeout=2)
+# timeout = 2
+# [OPTIONNAL] verify : verifies SSL certificates for HTTPS requests. (verify=True)
+# verify = True
+
+[ldap]
+# realname : this is the LDAP/AD login user
+realname = [email protected]
+```
 
 
 ## Install
@@ -171,7 +195,7 @@ ssh-keygen -k -f /etc/cassh-server/krl/revoked-keys
 ```
 
 
-```bash
+```ini
 # cassh.conf
 [main]
 ca = /etc/cassh-server/ca/id_rsa_ca