-
Notifications
You must be signed in to change notification settings - Fork 7
/
CHANGES
75 lines (69 loc) · 3.79 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
CHANGES
=======
* Mesh 1.4 (09/06/12)
- Added change log
- Added ability to replace entire command line in mashrc
- Added ability to insert arguments in mashrc
- Added ability for one user to generate keys for multiple users
- Added ability to specify connection rules by src/dst host name
- Added support for relative directory *at() system calls in agent
- Added support for numeric users and groups in mash allow/deny statements
- Added additional comments to source code
- Added ssh cipher and mac optimizations in client
- Added documentation for configuring inter-VO single sign-on
- Changed magic prefix to scp-style paths in client VFS
- Changed mesh-keygen time specifications to consolidated format
- Fixed improper return value in mash
- Fixed extended rule parsing in mess
- Fixed name_regex parsing of commands in mashrc
- Fixed interference in rule processing due to improperly cloned hashes
- Fixed interference in rule processing due to shared hash iterators
- Fixed removal of temporary files in client VFS
- Fixed removal of linked file instead of link in client VFS
- Fixed grep in client VFS when used with stdin and PWD is remote directory
- Fixed use of -u with client VFS
- Fixed various warning messages in agent compilation
- Fixed test of writability to home directory in mess w() "macro"
- Fixed 4096 byte size limitation in meshrc
- Fixed improper merging of parser and policy restrictions in mashrc
- Fixed improper write authorization enforcement of file names that
contain the name of an authorized directory in agent
* Mesh 1.5 (01/05/15)
- Added support for IPv6 in MESH_MP_IPS handling
- Added global mesh.conf in place of hardcoding via sed during build
- Moved localhost, maphost, mps, and musers config into global mesh.conf
- Changed config to always reside in /etc instead of $PREFIX/etc
- Changed location of mesh-getkey-hook to $PREFIX/sbin
- Changed location of resource mapkey to /etc/mesh/mapkeys/local
- Fixed build when libc/libpthread in /lib/x86_64-linux-gnu
* Mesh 1.6 (08/10/17)
- Added module dependencies via App::FatPacker so can run with stock perl
- Added configuration information for systemd-based systems
- Added ability to specify where transient items stored for FHS-compliance
- Changed stats output to use Text::FormatTable instead of Text::Table
- Changed client with latest Shift updates
- Changed internal location of embedded bypass library
- Changed XML parsing from XML::Simple to more easily embedded XML::TreePP
- Removed now unnecessary module checks from configure
- Removed now unnecessary distribution targets from Makefile
* Mesh 1.7 (05/03/18)
- Added support for SHA256 key fingerprints
- Added interception of lutimes() to agent
- Fixed inadvertent mangling of quoted and escaped strings in commands
- Fixed broken configure script
* Mesh 1.8 (11/13/19)
- Added documentation for ssh proxy "login" element
- Fixed denials by ssh proxy when forward_agent/x11 or login specified
- Removed mesh-getkey from all but MP in Makefile
* Mesh 2.0 (03/15/24)
- Changed from ssh-agent model to time-limited cert model
- Added more advanced shell when Term::ReadKey is installed
- Added nomux config setting to prevent ssh multiplexing
- Added embedded key fingerprint handling to reduce ssh-keygen calls
- Added user_auth connection restriction to restrict based on $SSH_USER_AUTH
- Added map_key config setting in mesh.conf
- Added mp_key config setting in mesh.conf
- Added mp_pattern config setting in mesh.conf
- Removed self_host config setting in mesh.conf
- Removed map_print config setting in mesh.conf
- Removed mp_print config setting in mesh.conf