Collections of packages and tools for working with Go programming language. http://git.kilabit.info/pakakeh.go/atom?h=v0.49.0 2023-08-04T11:25:39Z 2023-08-04T11:25:39Z Shulhan ms@kilabit.info 2023-08-04T11:08:23Z urn:sha1:75d59dff238b78076ca8c7f12fc660e6e75da288 In this release we refactoring lib/ssh, ssh/config; bug fixes in lib/http.HandleFS, lib/os.Extract, lib/smtp.NewMailTx; new functions Environments, PathFold, and PathUnfold in lib/os, LoadPrivateKeyInteractive in lib/ssh. In lib/ssh, we rename NewClientFromConfig into NewClientInteractive and make only the valid SSH key added to the agent automatically once connected, not all of SSH keys from IdentityFile. In ssh/config, we simplify the struct Config by using a Field, a map of key and value, instead of multiple fields with different types. As a helper, we provide method FieldBool, FieldInt, Hostname, User, and Port. The fix in http.HandleFS related to missing request query when the requested resource is directory. The fix in os.Extract related to Zip Slip vulnerability. 2023-07-26T16:02:20Z Shulhan ms@kilabit.info 2023-07-26T16:00:01Z urn:sha1:a144541051452c8c910ca0c8bbd7919e2d597249 Previously, the NewClientInteractive blindly use the signers from Section.Signers. If one of the IdentityFile valid, it will add all the keys in IdentityFile to SSH agent. In this changes we try each IdentityFile independently. If the key is valid, client connected to remote machine, then only that key will be added to SSH agent. While at it we also rename the method to NewClientInteractive to indicate that the function will prompt for passphrase if one of the IdentityFile is encrypted. 2023-07-26T16:02:20Z Shulhan ms@kilabit.info 2023-07-26T15:35:48Z urn:sha1:89428e739893e22526dadf4216526c597f9b0e8f The LoadPrivateKeyInteractive load private key from file. If key is encrypted, it will prompt the passphrase in terminal with maximum maxAttempt times. If the passphrase still invalid after maxAttempt it will return an error. 2023-07-26T16:02:20Z Shulhan ms@kilabit.info 2023-07-26T15:33:24Z urn:sha1:fbfe100dd48019b8012e02383e42d110a9e605ba The following rules are applied to the data, * all lines must end with CRLF * if the line start with period, additional period is inserted before the line. This recommendation based on RFC 5321 section 4.5.2 to prevent data that contains CRLF "." CRLF does not corrupt the message, causing the server terminate reading the message where it should not. [1] https://datatracker.ietf.org/doc/html/rfc5321#section-4.5.2 2023-07-26T16:02:20Z Shulhan ms@kilabit.info 2023-07-26T15:26:35Z urn:sha1:f156ef6d382427ec5eccd631070b510965452537 The Environments function return list of system environment as map of key and value. 2023-07-26T16:02:19Z Shulhan ms@kilabit.info 2023-07-24T05:59:19Z urn:sha1:2326f9db830c48ba37c1f5bbabb2369b3d3a3c2c Instead of storing each Section value in separate field, store them inside a map, Field. This reduce the size of Section and simplify adding or getting the key that we are not supported but maybe usable by user in the future. This changes introduce several new methods as replacement of field: * CASignatureAlgorithms: a method that return list of signature algorithms that Section set or the default * CanonicalDomains: a method that return CanonicalDomains set in Section * CanonicalizePermittedCNames: return the permitted CNAMEs set in Section, from KeyCanonicalizePermittedCNames. * CertificateFile: return list of certificate file * Environments: return system and/or custom environment that will be passed to remote machine. The key and value is derived from "SendEnv" and "SetEnv". * FieldBool: return field value as boolean * FieldInt: return the field value as int * Hostname: return the Hostname in this Section * IdentityAgent: return the path to SSH agent socket to be used * Port: return the remote machine port * User: return the remote user name * Set: set the Field using key and value 2023-07-24T05:59:28Z Shulhan ms@kilabit.info 2023-07-23T16:40:36Z urn:sha1:722092757fa0ca6a3ca2047dae13aff812b09aa6 Previously, if ssh config contains non-wildacard and wildcard pattern, and the requested hostname only return the first section that match. For example, given the following SSH config foo.local User foo *foo.local User allfoo If we request Get("foo.local"), tt will return all fields under "foo.local" only not "*foo.local". This changes fix this by returning new section that contains all fields from matched Section. 2023-07-24T05:59:28Z Shulhan ms@kilabit.info 2023-07-23T16:18:33Z urn:sha1:075e8cd898f8d3fbd9e5ded6b2109214868b7de8 The section name is the string after "Host" or "Match" keyword. By storing the section name, we can tell which host or pattern the Section belong. 2023-07-24T05:59:28Z Shulhan ms@kilabit.info 2023-07-23T16:13:26Z urn:sha1:19189b86ac0b00250456a23990584377f2b1f40e The idea is to make the Config know the working directory and home directory of all sections that they store. 2023-07-23T17:17:29Z Shulhan ms@kilabit.info 2023-07-23T14:52:27Z urn:sha1:9ec26e67a1f9de5e9e48ef79e1e5686dd9ea65e7 The Field store the unpacked key and value of Section. Using the Field, we can set store unknown key while inside Section.