chore(deps): bump github.com/dustin/go-humanize from 1.0.0 to 1.0.1

Bumps [github.com/dustin/go-humanize](https://github.com/dustin/go-humanize) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/dustin/go-humanize/releases) - [Commits](https://github.com/dustin/go-humanize/compare/v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/dustin/go-humanize dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2023-01-16 04:02:55 +00:00
8 changed files with 21 additions and 34 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -20,9 +20,9 @@ jobs:
    steps:
      - uses: actions/checkout@v2
      - name: lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v2.5.2
        with:
-          version: v1.50.1
+          version: v1.38
          github-token: ${{ secrets.GITHUB_TOKEN }}
  tests-on-windows:
    needs: golangci-lint # run after golangci-lint action to not produce duplicated errors
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -47,7 +47,7 @@ linters:
    - staticcheck
    - structcheck
    #- stylecheck
-    #- typecheck
+    - typecheck
    - unconvert
    - unparam
    - unused
--- a/README.md
+++ b/README.md
@@ -61,7 +61,7 @@ Shared connection to localhost closed.
 $
 ```

-If the association fails and you are prompted for a password, verify that the host you're connecting from has a SSH key set up or generate one with ```ssh-keygen -t rsa```
+If the association fails and you are promted for a password, verify that the host you're connecting from has a SSH key set up or generate one with ```ssh-keygen -t rsa```

 Drop an interactive administrator shell

@@ -135,7 +135,7 @@ Used by educators to provide temporary access to students. [Feedback from a teac

 There are companies who use a jump host to monitor connections at a single point.

-A hosting company is using SSHportal for its “logging” feature, among others. As every session is logged and introspectable, they have a detailed history of who performed which action. This company made its own contribution to the project, allowing the support of [more than 65.000 sessions in the database](https://github.com/moul/sshportal/pull/76).
+A hosting company is using SSHportal for its “logging” feature, among the others. As every session is logged and introspectable, they have a detailed history of who performed which action. This company made its own contribution on the project, allowing the support of [more than 65.000 sessions in the database](https://github.com/moul/sshportal/pull/76).

 The project has also received [multiple contributions from a security researcher](https://github.com/moul/sshportal/pulls?q=is%3Apr+author%3Asabban+sort%3Aupdated-desc) that made a thesis on quantum cryptography. This person uses SSHportal in their security-hardened hosting company.

@@ -155,7 +155,7 @@ If you need to invite multiple people to an event (hackathon, course, etc), the
 * User management (invite, group, stats)
 * Host Key management (create, remove, update, import)
 * Automatic remote host key learning
-* User Key management (multiple keys per user)
+* User Key management (multile keys per user)
 * ACL management (acl+user-groups+host-groups)
 * User roles (admin, trusted, standard, ...)
 * User invitations (no more "give me your public ssh key please")
@@ -184,7 +184,7 @@ If you need to invite multiple people to an event (hackathon, course, etc), the

 * Does not work (yet?) with [`mosh`](https://mosh.org/)
 * It is not possible for a user to access a host with the same name as the user. This is easily circumvented by changing the user name, especially since the most common use cases does not expose it.
-* It is not possible to access a host named `healthcheck` as this is a built-in command.
+* It is not possible access a host named `healthcheck` as this is a built in command.

 ---

@@ -215,7 +215,7 @@ cp sshportal.db sshportal.db.bkp

 # run the new version
 docker run -p 2222:2222 -d --name=sshportal -v "$(pwd):$(pwd)" -w "$(pwd)" moul/sshportal:v1.10.0
-# check the logs for migration or cross-version incompatibility errors
+# check the logs for migration or cross-version incompabitility errors
 docker logs -f sshportal
 ```

@@ -276,7 +276,7 @@ cp sshportal.db sshportal.db.bkp

 By default, the configuration user is `admin`, (can be changed using `--config-user=<value>` when starting the server. The shell is also accessible through `ssh [username]@portal.example.org`.

-Each command can be run directly by using this syntax: `ssh admin@portal.example.org <command> [args]`:
+Each commands can be run directly by using this syntax: `ssh admin@portal.example.org <command> [args]`:

 ```
 ssh admin@portal.example.org host inspect toto
@@ -446,7 +446,7 @@ ssh localhost -p 2222 -l hostname

 By default, `sshportal` uses a local [sqlite](https://www.sqlite.org/) database which isn't scalable by design.

-You can run multiple instances of `sshportal` sharing the same [MySQL](https://www.mysql.com) database, using `sshportal --db-conn=user:pass@host/dbname?parseTime=true --db-driver=mysql`.
+You can run multiple instances of `sshportal` sharing a same [MySQL](https://www.mysql.com) database, using `sshportal --db-conn=user:pass@host/dbname?parseTime=true --db-driver=mysql`.

 ![sshportal cluster with MySQL backend](https://raw.github.com/moul/sshportal/master/.assets/cluster-mysql.png)

--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
 	github.com/creack/pty v1.1.11 // indirect
 	github.com/docker/docker v20.10.12+incompatible
-	github.com/dustin/go-humanize v1.0.0
+	github.com/dustin/go-humanize v1.0.1
 	github.com/gliderlabs/ssh v0.3.3
 	github.com/go-gormigrate/gormigrate/v2 v2.0.0
 	github.com/kr/pty v1.1.8
--- a/go.sum
+++ b/go.sum
@@ -24,8 +24,8 @@ github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc h1:VRRKCwnzq
 github.com/denisenkom/go-mssqldb v0.0.0-20200428022330-06a60b6afbbc/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/docker/docker v20.10.12+incompatible h1:CEeNmFM0QZIsJCZKMkZx0ZcahTiewkrgiwfYD+dfl1U=
 github.com/docker/docker v20.10.12+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
-github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/gliderlabs/ssh v0.3.3 h1:mBQ8NiOgDkINJrZtoizkC3nDNYgSaWtxyem6S2XHBtA=
 github.com/gliderlabs/ssh v0.3.3/go.mod h1:ZSS+CUoKHDrqVakTfTWUlKSr9MtMFkC4UvtQKD7O914=
 github.com/go-gormigrate/gormigrate/v2 v2.0.0 h1:e2A3Uznk4viUC4UuemuVgsNnvYZyOA8B3awlYk3UioU=
--- a/pkg/bastion/dbinit.go
+++ b/pkg/bastion/dbinit.go
@@ -1,11 +1,10 @@
 package bastion // import "moul.io/sshportal/pkg/bastion"

 import (
-	"crypto/rand"
 	"fmt"
 	"io/ioutil"
 	"log"
-	"math/big"
+	"math/rand"
 	"os"
 	"os/user"
 	"strings"
@@ -618,10 +617,7 @@ func DBInit(db *gorm.DB) error {
 	}
 	if count == 0 {
 		// if no admin, create an account for the first connection
-		inviteToken, err := randStringBytes(16)
-		if err != nil {
-			return err
-		}
+		inviteToken := randStringBytes(16)
 		if os.Getenv("SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN") != "" {
 			inviteToken = os.Getenv("SSHPORTAL_DEFAULT_ADMIN_INVITE_TOKEN")
 		}
@@ -677,16 +673,12 @@ func DBInit(db *gorm.DB) error {
 	}).Error
 }

-func randStringBytes(n int) (string, error) {
+func randStringBytes(n int) string {
 	const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

 	b := make([]byte, n)
 	for i := range b {
-		r, err := rand.Int(rand.Reader, big.NewInt(int64(len(letterBytes))))
-		if err != nil {
-			return "", fmt.Errorf("failed to generate random string: %s", err)
-		}
-		b[i] = letterBytes[r.Int64()]
+		b[i] = letterBytes[rand.Intn(len(letterBytes))]
 	}
-	return string(b), nil
+	return string(b)
 }
--- a/pkg/bastion/shell.go
+++ b/pkg/bastion/shell.go
@@ -1640,15 +1640,11 @@ GLOBAL OPTIONS:
 							name = c.String("name")
 						}

-						r, err := randStringBytes(16)
-						if err != nil {
-							return err
-						}
 						user := dbmodels.User{
 							Name:        name,
 							Email:       email,
 							Comment:     c.String("comment"),
-							InviteToken: r,
+							InviteToken: randStringBytes(16),
 						}

 						if _, err := govalidator.ValidateStruct(user); err != nil {
--- a/server.go
+++ b/server.go
@@ -14,11 +14,10 @@ import (
 	"gorm.io/gorm"
 	"gorm.io/gorm/logger"

-	"moul.io/sshportal/pkg/bastion"
-
 	"github.com/gliderlabs/ssh"
 	"github.com/urfave/cli"
 	gossh "golang.org/x/crypto/ssh"
+	"moul.io/sshportal/pkg/bastion"
 )

 type serverConfig struct {
@@ -84,7 +83,7 @@ func dbConnect(c *serverConfig, config gorm.Option) (*gorm.DB, error) {
 func server(c *serverConfig) (err error) {
 	// configure db logging

-	db, _ := dbConnect(c, &gorm.Config{
+	db, err := dbConnect(c, &gorm.Config{
 		Logger: logger.Default.LogMode(logger.Silent),
 	})
 	sqlDB, err := db.DB()