ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-09-06 04:54:20 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix: re-introduce the ttyrecfile field

Browse source 
This field was mistakenly removed along with the ttyrecsize one
by mistake in a479810d83.

Add tests to ensure this can't break again.
This commit is contained in:
Stéphane Lesimple 2021-01-12 16:12:43 +00:00 committed by Stéphane Lesimple
parent 916485b3cb
commit 1378ba84f5
2 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lib/perl/OVH/Bastion/log.inc
View file

@ -240,6 +240,7 @@ sub _sql_log_insert_file {
my $plugin = $params{'plugin'}; my $plugin = $params{'plugin'};
my $params = $params{'params'}; my $params = $params{'params'};
my $comment = $params{'comment'}; my $comment = $params{'comment'};
my $ttyrecfile = $params{'ttyrecfile'};
my $timestamp = $params{'timestamp'}; my $timestamp = $params{'timestamp'};
my $timestampusec = $params{'timestampusec'}; my $timestampusec = $params{'timestampusec'};
my $uniqid = $params{'uniqid'}; my $uniqid = $params{'uniqid'};
@ -295,11 +296,11 @@ sub _sql_log_insert_file {
if ($sqltype eq 'local') { if ($sqltype eq 'local') {
$prepare = $prepare =
"INSERT INTO connections" "INSERT INTO connections"
. "(uniqid,timestamp,timestampusec,account,cmdtype,allowed,hostfrom,ipfrom,portfrom,bastionip,bastionport,hostto,ipto,portto,user,plugin,params,comment)" . "(uniqid,timestamp,timestampusec,account,cmdtype,allowed,hostfrom,ipfrom,portfrom,bastionip,bastionport,hostto,ipto,portto,user,plugin,params,comment,ttyrecfile)"
. "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; . "VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
@execute = ( @execute = (
$uniqid, $timestamp, $timestampusec, $account, $cmdtype, $allowed, $hostfrom, $ipfrom, $portfrom, $uniqid, $timestamp, $timestampusec, $account, $cmdtype, $allowed, $hostfrom, $ipfrom, $portfrom, $bastionip,
$bastionip, $bastionport, $hostto, $ipto, $portto, $user, $plugin, $params, $comment $bastionport, $hostto, $ipto, $portto, $user, $plugin, $params, $comment, $ttyrecfile
); );
} }
elsif ($sqltype eq 'global') { elsif ($sqltype eq 'global') {

17
tests/functional/tests.d/350-groups.sh
View file

@ -527,6 +527,23 @@ EOS
contain "allowed ... log on" contain "allowed ... log on"
contain 'Permission denied (publickey' contain 'Permission denied (publickey'
# ttyrec: take the opportunity to test selfListSessions/selfPlaySession as we just recorded a ttyrec
success ssh a3_selfListSessions $a3 --osh selfListSessions --host 127.0.0.2 --user g2 --type ssh
json .command selfListSessions .error_code OK .value[0].allowed 1
local sessionid
sessionid=$(get_json | $jq '.value[0].id')
plgfail ssh a3_selfPlaySession_nonexisting $a3 --osh selfPlaySession --id 123456
json .command selfPlaySession .error_code ERR_NOT_FOUND
script ssh a3_selfPlaySession_existing $a3 --osh selfPlaySession --id $sessionid '< /dev/null'
retvalshouldbe 0
json .command selfPlaySession .error_code OK
contain 'Total Recall'
contain 'Permission denied (publickey'
nocontain 'n/a'
# /ttyrec
run ssh a3_access_g1_as_member_but_ip_not_in_group $a3 g1@127.0.0.3 run ssh a3_access_g1_as_member_but_ip_not_in_group $a3 g1@127.0.0.3
retvalshouldbe 107 retvalshouldbe 107
json .error_code KO_ACCESS_DENIED json .error_code KO_ACCESS_DENIED