Commit Graph

53 Commits

Author SHA1 Message Date
Lauri Kasanen
4e134b578c Resolve KASM-2798 "Bugfix/ memory leak" 2022-06-24 17:27:33 +00:00
Lauri Kasanen
87e39f896c Detailed log errors for the /websockify path 2022-06-06 17:36:00 +03:00
Lauri Kasanen
bf2bf679b6 New logging setup 2022-05-25 18:04:33 +00:00
Lauri Kasanen
661e9ef329 Return 403 for too large Auth headers (attack) 2022-05-24 14:55:05 +00:00
Lauri Kasanen
a6842bb46a Add support for X-Forwarded-For 2022-05-24 11:04:58 +00:00
Lauri Kasanen
d581eb798d Use 64-bit var for the served file size 2022-04-11 18:53:45 +03:00
Lauri Kasanen
e6b4f40ed7 Have BlacklistThreshold 0 disable the blacklist 2022-03-04 10:48:19 +02:00
Lauri Kasanen
e3afc937e5 Bulk update_user and remove_user should check for all users' existence 2022-01-31 12:41:37 +02:00
Justin Travis
42d7ff015d Resolve KASM-2238 "Feature/ freeze session" 2022-01-28 12:24:38 +00:00
Matthew McClaskey
99680f23ff Resolve KASM-2194 "Feature/ bulk user mgmt" 2022-01-24 16:42:29 +00:00
matt
e6cc132874 fix accidental removal in update_user 2022-01-18 16:59:54 +00:00
Matthew McClaskey
03729ca66e Update user 2022-01-17 17:10:24 +00:00
Lauri Kasanen
49174b1586 Threaded context 2021-12-06 13:41:07 +02:00
Lauri Kasanen
bb364badd3 Apply blacklist options to httpd basicauth 2021-12-06 12:07:32 +02:00
mmcclaskey
d3add8150c
Bugfix/kasm 2004 download spaces (#70)
* Handle spaces in download files, dirlisting

* Disallow / in percent urls

Co-authored-by: Lauri Kasanen <cand@gmx.com>
2021-10-18 07:38:57 -04:00
mmcclaskey
e6d1b8c3c8
Fix a nonexistent username + empty password passing through (#68)
Co-authored-by: Lauri Kasanen <cand@gmx.com>
2021-10-14 13:57:59 -04:00
mmcclaskey
93e47e5d54
Bugfix/kasm 1912 websocket crash (#57)
* Copy-paste bug in SSE2 scaling to under 0.5x

* Better handling of websocket frames

* KASM-1912 websocket crash, scaling bug

Co-authored-by: Lauri Kasanen <cand@gmx.com>
Co-authored-by: matt <matt@kasmweb.com>
2021-09-24 08:25:35 -04:00
mmcclaskey
dc21d5f97c
Add a set of self-microbenchmarks (#51)
Co-authored-by: Lauri Kasanen <cand@gmx.com>
2021-09-09 12:46:57 -04:00
Lauri Kasanen
d80eb39686 Fix DigitalOcean load balancer websocket connection (they too used wrong case in a header) 2021-08-17 13:30:33 +03:00
Lauri Kasanen
9ca850a108 Add pid to the internal socket name, clarify websocketport bind error 2021-08-13 12:15:17 +03:00
Lauri Kasanen
a9b66833a9 Change frame stats API json formatting 2021-08-03 14:41:54 +03:00
Lauri Kasanen
e208d5bb5f Bottleneck clear should wait instead of try 2021-08-02 13:56:54 +03:00
Lauri Kasanen
f57e6e644b Add some more frame stats granularity, skip frame stats on no-data calls 2021-08-02 13:47:48 +03:00
Lauri Kasanen
c1ed769780 Clear disconnected clients from the bottleneck stats api 2021-08-02 12:45:51 +03:00
Lauri Kasanen
fb9dd56703 Initial /api/get_frame_stats 2021-07-27 15:33:48 +03:00
Lauri Kasanen
32e8d40472 Implement /api/get_bottleneck_stats 2021-07-26 18:58:29 +03:00
Lauri Kasanen
811e7cde3a Use case-insensitive search for the websocket headers 2021-07-12 15:44:24 +03:00
Lauri Kasanen
9144045718 Append the microsecond-level connection time to the abstract socket name, making it always unique 2021-05-10 19:16:28 +03:00
Lauri Kasanen
14e08a2067 Add trailing slash in dir listing 2021-04-22 11:33:05 +03:00
Pierre Ossman
c97828471c Use proper constants for socket shutdown()
For readability.
2021-03-29 10:03:05 +03:00
Lauri Kasanen
1632f4888d Enable basicauth by default, remove the option to supply it on the command line 2021-03-25 11:25:30 +02:00
Lauri Kasanen
fed991d697 Return 401 unauth for non-owner trying /api/ 2021-03-04 13:59:29 +02:00
Lauri Kasanen
1269fddadf Add a more specific error for a nonexistent screenshot 2021-03-04 13:43:05 +02:00
Lauri Kasanen
688e749fda Tentative build fix for newer gccs 2021-03-03 15:33:58 +02:00
Lauri Kasanen
980eedd33b Add HTTP GET APIs for creating, removing users and giving control 2021-03-03 14:55:14 +02:00
Lauri Kasanen
3f6524ee30 Add support for owner screenshot HTTP GET API 2021-03-02 15:23:32 +02:00
Dmitry Maksyoma
101695970b Reapply "Use crypt_r in threaded code" 2021-02-28 22:53:06 +13:00
Dmitry Maksyoma
9084409a20 Merge branch 'users' into packages_and_multiuser_passwd 2021-02-25 22:10:40 +13:00
Dmitry Maksyoma
fbe05cee86 Fix random 401 Forbidden on Ubuntu 20 and other newer releases 2021-02-25 21:23:21 +13:00
Dmitry Maksyoma
90101a7e91 Rpm: CentOS dfart. Rpm building isn't automated yet. 2021-02-05 23:49:47 +13:00
Dmitry Maksyoma
c32137fa17 Merge branch 'master' into create_ubuntu20_package 2021-01-20 23:39:29 +13:00
Lauri Kasanen
0d47d4890a Enable TLS 1.1 and 1.2 2021-01-20 22:49:32 +13:00
Lauri Kasanen
83c83f43ef Add a parameter for separate SSL key 2021-01-15 13:07:53 +02:00
Lauri Kasanen
a27744bca6 Enable TLS 1.1 and 1.2 2020-10-14 14:39:33 +03:00
Lauri Kasanen
263d05a296 Apply read-only perms upon connecting 2020-10-12 15:11:49 +03:00
Lauri Kasanen
9a5afc5a62 Handle the new, multi-user kasmpasswd format auth 2020-10-12 14:58:11 +03:00
Lauri Kasanen
1db77ee6bd Add some basicauth logging (most debug/verbose only) 2020-10-02 14:43:19 +03:00
Lauri Kasanen
279c41fc32 Add option to pass the password in an encrypted file, kasmvncpasswd utility 2020-10-01 14:37:51 +03:00
Pierre Ossman
3528e358cc Free memory from getaddrinfo()
We handled this in the failure scenario, but not in the vastly more
common successful case.
2020-09-21 13:52:01 +03:00
Andrew Yoder
c312417d81 Correction to socket error connection message 2020-09-21 13:47:04 +03:00