v0.5.1

Changes

• 9c67009: fixed infinite HTTP redirect (#257)

v0.5.0

Major updates

• Added SSO support (OpenID Connect) for HTTP and SSH targets (#222)
• Added support for linking HTTP targets to subdomains
• HTTP: added support for tickets (as a GET parameter or Authorization header)

Changes

• HTTP: added X-Forwarded-* headers
• HTTP: session cookie is now set for all subdomains
• UI: added proper connection instructions for tickets
• UI: added test-target CLI support for HTTP and MySQL targets
• SSH: added support for AES-CTR ciphers, and diffie-hellman exchanges
• Sessions will be automatically killed if you revoke access by editing the config file
• Fixed scp not triggering target connection

v0.4.1

• fixed RSA public keys not getting accepted

v0.4.0

Major updates

• This release adds experimental support for MySQL targets. Check out Adding a MySQL target on the wiki. Also see Protocol support for limitations.
• All protocols are now disabled by default. If you've used warpgate setup to generate your config file, no action is needed. Otherwise add an explicit enable: true for the protocols you need.

Changes

• warpgate check now checks certificates and keys
• added TLS options for HTTP targets
• added ssh.host_key_verification setting that allows automatically accepting (auto-accept) or rejecting (auto-reject) unknown host keys

v0.3.0

Major updates

Warpgate now supports exposing HTTP(S) targets through the bastion in addition to SSH targets - see https://github.com/warp-tech/warpgate/wiki/Adding-an-HTTP-target

Migration notes

• ℹ️ The Docker image now needs a configuration file provided to it through a data volume - see Getting started on Docker
• ℹ️ The web_admin config key has been deprecated and renamed to http, and the web admin UI itself is now a part of the HTTP protocol handler.

Changes

• 6342fcb: HTTP targets support #116
• 6a9b965: Dark mode #160
• 6830c0c: Paginate sessions list, added filtering #161
• f0d6241: External host config option #162
• 890c5d8: Credential policies #163

v0.2.7

• 05180b4: fixed #139 - handle incorrect terminal modes list length

v0.2.6

• 28ed510: RSA-SHA1 host key support

v0.2.5

• e312a4b: Bump openssl-src from 111.18.0+1.1.1n to 111.20.0+1.1.1o - closes CVE-2022-1473
• 1d577e9: fixed incorrect version number

v0.2.4

• 82dd327: fixed RSA client key auth - #20
• 4d67a55: fixed OTP auth hanging up the session

v0.2.3

• ⚠️ Security: fixed authentication bypass when user.require is not set in the config.