Merge pull request #144 from seknox/v1.1.2-prep

v1.1.2 release prep
seknox · Nov 1, 2020 · 3844a41 · 3844a41
2 parents 3e93aff + aca7128
commit 3844a41
Show file tree

Hide file tree

Showing 15 changed files with 53 additions and 53 deletions.
diff --git a/app/ios/trasa.xcodeproj/project.pbxproj b/app/ios/trasa.xcodeproj/project.pbxproj
@@ -953,7 +953,7 @@
 				CODE_SIGN_ENTITLEMENTS = trasa/trasa.entitlements;
 				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 37;
+				CURRENT_PROJECT_VERSION = 38;
 				DEVELOPMENT_TEAM = QF253X5LF9;
 				ENABLE_BITCODE = NO;
 				INFOPLIST_FILE = trasa/Info.plist;
@@ -982,7 +982,7 @@
 				CODE_SIGN_ENTITLEMENTS = trasa/trasa.entitlements;
 				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
-				CURRENT_PROJECT_VERSION = 37;
+				CURRENT_PROJECT_VERSION = 38;
 				DEVELOPMENT_TEAM = QF253X5LF9;
 				INFOPLIST_FILE = trasa/Info.plist;
 				LD_RUNPATH_SEARCH_PATHS = "$(inherited) @executable_path/Frameworks";

diff --git a/build/digital-ocean/etc/trasa/config/config.toml b/build/digital-ocean/etc/trasa/config/config.toml
@@ -1,45 +1,41 @@
-
 [backup]
-  backupdir = "$HOME/trasa/backup"
+  backupdir = "/var/trasa/backup"
 
 [database]
   dbname = "trasadb"
+  dbpass = "trasauser"
+  dbtype = "postgres"
   dbuser = "trasauser"
   port = "5432"
   server = "localhost"
-  sslenabled = false
-
 
 [logging]
-  level = "ERROR"
+  level = "INFO"
 
+[minio]
+  key = "minioadmin"
+  secret = "minioadmin"
+  server = "127.0.0.1:9000"
+  status = false
+  usessl = false
 
 [platform]
-  base = "public"
+  base = "private"
 
-[redis]
-  server = "redis:6379"
+[proxy]
+  dblistenaddr = "127.0.0.1:3333"
+  guacdaddr = "127.0.0.1:4822"
+  guacdenabled = false
+  sshlistenaddr = "127.0.0.1:8022"
 
-[timezone]
-  location = "Asia/Kathmandu"
+[redis]
+  server = "localhost:6379"
 
 [security]
-  insecureSkipVerify=false
-
-
+  insecureskipverify = true
 
 [trasa]
-  cloudServer = "https://u2fproxy.trasa.io"
-  listenAddr = "<TRASA_LISTEN_ADDR>"
-  autoCert  = <AUTO_CERT>
-
-
-[sshproxy]
- listenAddr="0.0.0.0:8022"
-
-[dbproxy]
-  listenAddr="127.0.0.1:8023"
-
-[vault]
-  tsxvault = true
-
+  autocert = <AUTO_CERT>
+  cloudserver = "https://sg.cpxy.trasa.io"
+  listenaddr = "<TRASA_LISTEN_ADDR>"
+  proxydashboard = false
diff --git a/build/digital-ocean/opt/seknox/first_login.sh b/build/digital-ocean/opt/seknox/first_login.sh
@@ -5,7 +5,7 @@ sudo systemctl stop trasa
 echo "Enter TRASA server domain"
 read trasadomain
 
-sudo sed -i -e 's|<TRASA_LISTEN_ADDR>|'$trasadomain'|g' /Users/bhrg3se/seknox/code/trasa/trasa-oss/build/etc/trasa/config/config.toml
+sudo sed -i -e 's|<TRASA_LISTEN_ADDR>|'$trasadomain'|g' /etc/trasa/config/config.toml
 
 
 
@@ -15,10 +15,16 @@ read ans
 
 
 if [ $ans = 'Y' ] || [ $ans = 'y' ]; then
-  sudo sed -i -e 's|<AUTO_CERT>|true|g' /Users/bhrg3se/seknox/code/trasa/trasa-oss/build/etc/trasa/config/config.toml
+  sudo sed -i -e 's|<AUTO_CERT>|true|g' /etc/trasa/config/config.toml
 fi
 
+if [ $ans = 'N' ] || [ $ans = 'n' ]; then
+  sudo sed -i -e 's|<AUTO_CERT>|false|g' /etc/trasa/config/config.toml
+fi
+
+
+
 
 
 cp -f /etc/skel/.bashrc /root/.bashrc
-sudo systemctl start trasa
+sudo systemctl restart trasa
diff --git a/dashboard/package.json b/dashboard/package.json
@@ -1,6 +1,6 @@
 {
   "name": "trasa-dashboard",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "config": {
     "registry": "registry.gitlab.com/seknox/trasa/trasa-dashboard",
     "variant": "onprem"

diff --git a/dashboard/src/pages/System/Settings/FCMConfig.tsx b/dashboard/src/pages/System/Settings/FCMConfig.tsx
@@ -84,7 +84,7 @@ export default function TsxCloudProxyAccess(props: any) {
   const classes = useStyles();
   const [reqStatus, setReqStatus] = useState(false);
 
-  const [data, setData] = useState({ email: '', cpxy: '' });
+  const [data, setData] = useState({ email: '', cpxy: 'https://sg.cpxy.trasa.io' });
   const [APIKey, setAPIKey] = useState('');
 
   function handlechange(e: any) {

diff --git a/server/accessproxy/sshproxy/hostkeycallback.go b/server/accessproxy/sshproxy/hostkeycallback.go
@@ -41,7 +41,7 @@ func HandleHostKeyCallback(creds *models.UpstreamCreds, serviceID, orgID string,
 			//If caKey from trasacore is invalid
 			if caKey == nil {
 				if confirmSkipVerify("Upstream Host provided a certificate which could not be verified. Do you want to skip the verification and save the key?  \n") {
-					logger.Debug(string(k.Marshal()))
+					//logger.Debug(string(k.Marshal()))
 					//TODO verify cert
 					// put orgID
 					err := services.Store.UpdateHostCert(string(ssh.MarshalAuthorizedKey(k)), serviceID, orgID)

diff --git a/server/accessproxy/sshproxy/session.go b/server/accessproxy/sshproxy/session.go
@@ -294,7 +294,7 @@ func getClient(c ssh.ConnMetadata, signers []ssh.Signer) (*ssh.Client, error) {
 	}
 
 	if len(signers) != 0 {
-		logrus.Debug(signers)
+		//logrus.Debug(signers)
 		sess.clientConfig.Auth = append(sess.clientConfig.Auth, ssh.PublicKeys(signers...))
 
 	}

diff --git a/server/api/auth/serviceauth/db.go b/server/api/auth/serviceauth/db.go
@@ -150,7 +150,7 @@ func DBLogin(w http.ResponseWriter, r *http.Request) {
 	}
 
 	utils.TrasaResponse(w, 200, "success", string(reason), "db-login", creds, policy.RecordSession, authlog.SessionID)
-	logrus.Trace("Agent rlogin response returned")
+	logrus.Trace("DB login response returned")
 	return
 
 }
diff --git a/server/api/auth/serviceauth/hHTTPSession.go b/server/api/auth/serviceauth/hHTTPSession.go
@@ -330,7 +330,7 @@ func sessionWriter(sessionID, shots string) {
 					img, err := png.Decode(gopherPNG(counterAndImage[1]))
 					if err != nil {
 						if _, ok := err.(base64.CorruptInputError); ok {
-							logger.Debug("\nbase64 input is corrupt, check service Key")
+							logger.Debug("base64 input is corrupt, check service Key")
 						}
 						logger.Debug(err)
 						//return
@@ -467,7 +467,7 @@ func logoutSequence(sessionID string) {
 			logger.Error(err)
 		}
 	} else {
-		logger.Tracef("Not deleting directory %s as video failed.\n", sessionID)
+		logger.Tracef("Not deleting directory %s as video failed", sessionID)
 	}
 
 	// we delete sessionvalur from sessionStore
@@ -503,7 +503,7 @@ func createVideo(path, sessionID string) error {
 	cmd.Dir = path
 	output, err := cmd.CombinedOutput()
 	if err != nil {
-		logger.Errorf("createVideo: %s : cmd.Run() failed with %v || %s\n", sessionID, err, string(output))
+		logger.Errorf("createVideo: %s : cmd.Run() failed with %v || %s", sessionID, err, string(output))
 		return err
 	}
 	//fmt.Printf("combined out:\n%s\n", string(out))

diff --git a/server/api/devices/hMobile.go b/server/api/devices/hMobile.go
@@ -158,7 +158,7 @@ func GiveMeDeviceDetail(orguser, deviceID, totpSec string) {
 		logrus.Error(err)
 		return
 	}
-	logrus.Debug(orguser)
+	//logrus.Debug(orguser)
 	orgUserArray := strings.Split(orguser, ":")
 
 	if len(orgUserArray) != 2 {

diff --git a/server/api/notif/templateblobs.go b/server/api/notif/templateblobs.go
@@ -3867,7 +3867,7 @@ We received password reset request from your account. Click the link below to ch
                         
                         <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
                         
-                            <em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+                            <em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>
@@ -4816,7 +4816,7 @@ var AdhocReq string = `
                         
                         <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
                         
-                            <em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+                            <em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>
@@ -5766,7 +5766,7 @@ var AdhocStatus string = `
                         
                         <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
                         
-                            <em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+                            <em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>
@@ -6701,7 +6701,7 @@ var DynamicAccess string = `
                         
                         <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
                         
-                            <em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+                            <em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>
@@ -7641,7 +7641,7 @@ h4{
 
 <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
 
-<em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+<em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>
@@ -7686,7 +7686,7 @@ secure@seknox.com<br>
 
 <td class="mcnTextContent" style="padding-top:0; padding-right:18px; padding-bottom:9px; padding-left:18px;" valign="top">
 
-<em>Copyright © 2018 - seknox cybersecurity, All rights reserved.</em><br>
+<em>Copyright © 2020 - Seknox Cybersecurity, All rights reserved.</em><br>
 <br>
 <br>
 <strong>Our mailing address is:</strong><br>

diff --git a/server/api/providers/vault/tsxvault/storetsxvault.go b/server/api/providers/vault/tsxvault/storetsxvault.go
@@ -265,15 +265,13 @@ func (s vaultStore) TsxVaultTester() error {
 	secret.AddedAt = time.Now().Unix()
 	secret.LastUpdated = time.Now().Unix()
 
-	logger.Debug(fmt.Sprintf("the plain text is: %s", string(secret.Secret)))
 	// encrypt the secret.
 	ct, err := utils.AESEncrypt(s.TsxvKey.Key[:], secret.Secret)
 	if err != nil {
 		logger.Error(err)
 		return fmt.Errorf("failed to pass encryption test")
 	}
 
-	logger.Debug(fmt.Sprintf("the cipher text is: %s", string(ct)))
 	secret.Secret = ct
 
 	// store it in database

diff --git a/server/api/services/creds.go b/server/api/services/creds.go
@@ -76,7 +76,7 @@ func GetUpstreamCreds(user, serviceID, serviceType, orgID string) (*models.Upstr
 	//logrus.Debug(orgID, serviceID, "password", user)
 	pass, err := tsxvault.Store.GetSecret(orgID, serviceID, "password", user)
 	if err != nil {
-		logrus.Error(err)
+		logrus.Debug(err)
 		resp.Password = ""
 	} else {
 		resp.Password = pass

diff --git a/server/api/services/hCreds.go b/server/api/services/hCreds.go
@@ -95,7 +95,7 @@ func ViewCreds(w http.ResponseWriter, r *http.Request) {
 
 	service, err := Store.GetFromID(req.ServiceID)
 	if err != nil {
-		logrus.Error(err, "invalid service ID in view creds")
+		//logrus.Error(err, "invalid service ID in view creds")
 		logrus.Error(err)
 		utils.TrasaResponse(w, 200, "failed", "Invalid service", "failed to view password")
 		return

diff --git a/server/cert.go b/server/cert.go
@@ -102,7 +102,7 @@ func generateCerts(certPath string, keyPath string, host string) error {
 	}
 	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
 	certOut.Close()
-	logrus.Info("written cert.pem")
+	logrus.Info("written tras-server.crt")
 
 	keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
@@ -111,7 +111,7 @@ func generateCerts(certPath string, keyPath string, host string) error {
 	}
 	pem.Encode(keyOut, pemBlockForKey(priv))
 	keyOut.Close()
-	logrus.Info("written key.pem")
+	logrus.Info("written trasa-server.key")
 	return nil
 }