diff --git a/etc/bastion/bastion.conf.dist b/etc/bastion/bastion.conf.dist index 6dad3ff..f143ae2 100644 --- a/etc/bastion/bastion.conf.dist +++ b/etc/bastion/bastion.conf.dist @@ -407,7 +407,7 @@ # documentationURL (string) # DESC: The URL of the documentation where users will be pointed to, for example when displaying help. If you have some internal documentation about the bastion, you might want to advertise it here. # DEFAULT: "https://ovh.github.io/the-bastion/" -"documentationURL": "https://ovh.github.io/the-bastion/" +"documentationURL": "https://ovh.github.io/the-bastion/", # # debug (boolean) # DESC: Enables or disables debug *GLOBALLY*, printing a lot of information to anyone using the bastion. Don't enable this unless you're chasing a bug in the code and are familiar with it. @@ -427,5 +427,5 @@ # sshClientHasOptionE (boolean) # DESC: Set to ``true`` if your ssh client supports the ``-E`` option and you want to use it to log debug info on opened sessions. **Discouraged** because it has some annoying side effects (some ssh errors then go silent from the user perspective). # DEFAULT: false -"sshClientHasOptionE": false, +"sshClientHasOptionE": false } diff --git a/lib/perl/OVH/Bastion/configuration.inc b/lib/perl/OVH/Bastion/configuration.inc index 58f80de..abc2d42 100644 --- a/lib/perl/OVH/Bastion/configuration.inc +++ b/lib/perl/OVH/Bastion/configuration.inc @@ -250,6 +250,11 @@ sub load_configuration { push @errors, "Configuration error: missing option '$o', defaulting to " . ($tuple->{'default'} ? 'true' : 'false') if $test; } + # if a bool, it's ok, normalize to 0/1 + elsif (JSON::is_bool($C->{$o})) { + $C->{$o} = $C->{$o} ? 1 : 0; + } + # if set to "no", "false" or "disabled", be nice and cast to false (because a string is true, otherwise) elsif (grep { lc($C->{$o}) eq lc } qw{ no false disabled }) { push @errors, "Configuration error: found value '" . $C->{$o} . "' for option '$o', but it's supposed to be a boolean, assuming false"; diff --git a/tests/functional/tests.d/330-selfkeys.sh b/tests/functional/tests.d/330-selfkeys.sh index d94158d..90e04b9 100644 --- a/tests/functional/tests.d/330-selfkeys.sh +++ b/tests/functional/tests.d/330-selfkeys.sh @@ -80,6 +80,8 @@ testsuite_selfkeys() grant accountInfo grant auditor + configchg 's=^\\\\x22minimumIngressRsaKeySize\\\\x22.+=\\\\x22minimumIngressRsaKeySize\\\\x22:4096,=' + success accountssh info0 $a0 --osh accountInfo --account $account1 json .error_code OK .command accountInfo json .value.account_egress_ssh_config.type default diff --git a/tests/functional/tests.d/350-groups.sh b/tests/functional/tests.d/350-groups.sh index 087c58d..18f941d 100644 --- a/tests/functional/tests.d/350-groups.sh +++ b/tests/functional/tests.d/350-groups.sh @@ -88,7 +88,7 @@ testsuite_groups() contain "you to be specifically granted" json .command null .value null .error_code KO_RESTRICTED_COMMAND - plgfail groupCreate a0_fail_to_create_g1_with_a1_as_owner_because_bad_key_size $a0 --osh groupCreate --group $group1 --algo rsa --size 2048 --owner $account1 + plgfail groupCreate a0_fail_to_create_g1_with_a1_as_owner_because_bad_key_size $a0 --osh groupCreate --group $group1 --algo rsa --size 1024 --owner $account1 contain "minimum configured key size" json .command groupCreate .error_code KO_KEY_SIZE_TOO_SMALL .value null