The contextpath parameter in converge.go is
temporary and should be removed later. What is needed is autodetectio of the context path for the usage page and passing on the context for rendering.
Next step is to do more validation in the UI.
Specifically:
* validate authorized keys
* detection of accidental use of a private key
Then, password based access can be disabled.
* usage page now has more dynamic part where user
can enter id and publis ssh keys and the server will
generate the appropriate commmands to execute depending on the local and remote shell.
activity and updated documentation.
* downloads will now download again. Because of hx-boost
the downloads where rendered in the browser. Now
disabling hx-boost for the downloads section.
* relative link for sessions page
The server then sends it the protocol version and the client connection info describing whether an agent was found or not. This improves usability for users.
With the --raw option it bypasses this query parameter and wsproxy then works in the old way as a simple stdio-websocket connector. It then still works with converge server but can also be used for simple websocket troubleshooting.
* removed the Async utility
* now using Ping message to webclient for keep alive instaed of actual content
* added remote shell to AgentInfo
* retry of connections to the agent
* better logging for SynchronizeStreams
the agent if PPROF_PORT is set.
Fixed issue with converge server not cleaning up goroutines because of blocking channel. Made sure to create channels with > 1 size everywhere it can be done. The blocking behavior of a default channel size is mostly in the way.
Known issue: Killing the SSH client will lead to the server side process not being terminated and some goroutines still running in the agent. This would require additional investigation to solve. The remote processes are still being cleaned up ok (at least on linux) when the agent exits.
This should not be an issue at all since the agent is a short-lived process and when running in a containerized environment with containers running on demand the cleanup will definitely work.
Protocol version is now checked when the agent connects to the converge server.
Next up: sending connection metadata and username password from server to agent and sending environment information back to the server. This means then that the side channel will only be used for expiry time messages and session type with the client id passed in so the converge server can than correlate the results back to the correct channel.
Now hijacking the ssh connection setup in the listener to exchange some information before passing the connection on to the SSH server.
Next step is to do the full exchange of required information and to make it easy some simple Read and Write methods with timeouts are needed that use gob.
