Skip to content

Releases: Devolutions/devolutions-gateway

v2024.3.6

02 Dec 16:56
@github-actions github-actions
v2024.3.6
623c0cb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3.6 Latest
Latest

Features

  • dgw: persistent job queue for crash resistance (#1108) (2420b07d21)

    This year we added some background tasks in the Gateway that should
    not be canceled, or if they are, should be restarted later. Essentially
    two tasks: mass deletion of recordings (relatively important, but
    it's always possible to launch indexing in DVLS in case of a problem)
    and remuxing recordings to webm format (good to have). If the service
    is killed in the middle of one of these operations, we should resume
    execution on the next startup.

    This persistent job queue is implemented using Turso’s libSQL. Using
    libSQL (or SQLite) for implementing the queue allow us to benefit from
    all the work put into implementing a reliable, secure and performant
    disk-based database instead of attempting to implement our own ad-hoc
    storage and debugging it forever.

  • dgw: add agent version field to heartbeat API (#1122) (83fbddb5a4)

  • jetsocat: Schannel diagnostics for Windows (#1125) (991d856dea) (ARC-255)

    These diagnostics will return detailed information about how Windows
    will understand the specified certification chain.

Bug Fixes

Assets 45

v2024.3.5

12 Nov 12:01
@github-actions github-actions
v2024.3.5
1a746dd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3.5

Bug Fixes

Assets 45
Loading

v2024.3.4

08 Nov 15:19
@github-actions github-actions
v2024.3.4
caa5ffa
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3.4

Features

  • jetsocat: make doctor returns links to x509.io (#1059) (ce68fdd1d3)

    Returns a link to x509.io Certificate Viewer in order to inspect the
    certification chain conveniently.

  • dgw: shadowing player web-component (#1075) (5169f60622)

  • dgw: /jet/jrec/delete endpoint for mass deletion (#1093) (341d455f6c) (DGW-219)

    A new endpoint not taking any parameter via the request path.
    Instead, a list of session IDs is provided in the request body.

Improvements

  • dgw: disallow SCOPE tokens missing the jti claim (#1082) (78396b5e14)

    DVLS generates this claim since its version 2022.1.9.
    This version is almost three years old, and already completely phased
    out, as such it’s more than reasonable to stop supporting this kind
    of token.

Bug Fixes

  • dgw: the recording policy wasn't set for RDP via web (#1044) (01fb589311)

  • dgw: support for .cast files that have two slices with the same timestamp in recording player (#1054) (8ed5163f3a)

  • dgw: allow any header to be set in browser JavaScript HTTP requests (#1083) (0a7c80898a)

    We don’t expose any header particularly sensitive from the Devolutions
    Gateway, and the future HTTP bridge will always require a token which
    is only issued on a per-need basis. In fact, in such cases we actually
    want to allow virtually any header to be used for web-based integration
    of various web services (e.g.: VMware dashboard).
    The restriction imposed by the token requirement is strong enough.

  • dgw: better custom recording paths handling in heartbeat endpoint (#1097) (c1d047c190) (DGW-218)

    On Windows, the std::fs::canonicalize function returns
    Windows NT UNC paths, but our code detecting the mount point does not
    understand that.
    We use dunce to handle that for us instead.

Assets 45
Loading

v2024.3.3

02 Oct 12:52
@github-actions github-actions
v2024.3.3
4fe5579
Compare
Choose a tag to compare
v2024.3.3

Features

Bug Fixes

  • pwsh: trace more info when importing Certificate from PFX (#992) (5de155738a)

  • dgw: set dwShareMode for recording files on Windows (#1007) (4df3c854ca)

    On Windows, the default default share_mode set when opening a new file
    is FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE.

    We now override the share_mode and set it to FILE_SHARE_READ.

    This makes the recording process more robust by ensuring no other
    process can write or delete the files while the Devolutions Gateway
    is actively writing it.

  • jetsocat,dgw: add backpressure in JMUX proxy (41ea3ee3f0)

    The memory consumption of the JMUX proxy was unbounded because we used
    an unbounded mpsc channel for message passing.

    Here is a jetsocat-bench.nu run against master:

  • player: start recording when tab is open (#1024) (6506b08ee2) (RDMW-16402)

Assets 34
Loading

v2024.3.2

20 Aug 13:36
@github-actions github-actions
v2024.3.2
4696787
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3.2

Features

Improvements

  • dgw: log KDC domain when throwing the error (#963) (873217c804)

    We now print the name of the requested domain when the requested
    domain didn't match the authorized (expected) domain.

  • dgw: accept subject name even if it does not match the hostname (1f40b45bae)

    Configurations where the certificate subject name does not match the
    hostname are now accepted.
    Instead, a few warning and debug log records are added to help
    discover configuration issues in case of problem.
    The problem with the strict approach we had previously is that we
    may reject valid configurations where the hostname was actually
    matched by one of the subject alternative names in the certificate.

Performance

Build

  • dgw: update cryptography dependencies (787027cbf9)

    We keep using ring as our crypto provider for now.

Assets 33
Loading

v2024.3.1

01 Aug 15:09
@github-actions github-actions
v2024.3.1
0c3c8d7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3.1

Features

  • dgw: dynamically load XMF native lib on startup (#939) (86dee2631a)

    The DGATEWAY_LIB_XMF_PATH environment variable can be used optionally to specify the path to
    the XMF native library.

  • dgw: remux webm files when video recording ends (#943) (cc787ef691)

Bug Fixes

  • dgw: fix recording player parsing problem (#937) (cdf08a3e2c) (DPS-11197)

    • Remove usage of btoa, it fails on different charset.

    • Add 1 millisecond if the time of previous event is the same at the next event.
      Otherwise, the player will throw an error.

  • webapp: fix RDP connection form - set pre connection blob as not required (#950) (c684994fce)

  • webapp: add tooltip ellipsis for long netscan service names (#946) (5e4b3080d6) (DGW-204)

  • dgw: [breaking] jet_rec claim is now a string (#957) (59bb0af249)

    Possible values are:

    • none: No policy to enforce (recording is optional)

    • stream: An external application (e.g.: RDM) must push the
      recording stream via a separate websocket connection

    • proxy: Session must be recorded directly at Devolutions Gateway
      level (not implemented yet)

    Note: Up until now, Devolutions Gateway was rejecting sessions when this claim was found because it couldn’t upheld
    the policy. It’s effectively not breaking anything which wasn’t already broken previously.

Assets 29
Loading

2024.3.0

24 Jul 07:06
@github-actions github-actions
v2024.3.0
84efdb6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
2024.3.0

Features

  • agent: Devolutions Gateway service updater (#889) (92f86bf51b)

  • dgw: add API to trigger Devolutions Gateway update (#890) (799e518c15)

  • dgw: support .cast terminal recording files (#900) (d1f7559a3e)

    The .cast extension is used for "asciicast" files, i.e.: asciinema cast files.
    This is a widely used terminal playback format.

Bug Fixes

  • dgw: preserve DGW access URI base in recording player (#899) (92f87c8cea)

    This is notably important for DVLS side by side setups.

  • dgw: fix cast file not working in recording player page (#904) (c6985152a2)

  • dgw: enforce recording policy (#906) (13ed397eee) (DGW-86)

    When recording flag is set and recording stream is closed, the associated
    session is killed within 10 seconds.

  • dgw: support for jet_rec claim in JMUX tokens (#909) (8b0c3eb80b)

  • dgw: recording player now scales with the size of the window (#922) (4cb95a5e0c) (DGW-198)

Assets 29
Loading

v2024.2.3

18 Jun 19:39
@github-actions github-actions
v2024.2.3
10dcae3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.2.3

Bug Fixes

Continuous Integration

Assets 21
Loading

v2024.2.2

18 Jun 13:10
@github-actions github-actions
v2024.2.2
b8b8367
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.2.2

Features

Bug Fixes

  • dgw: IP restrictions fallback for ngrok TCP listeners (#881) (c2635ec6dc) (DGW-193)

    Now properly fallbacks to disabling IP restriction rules for TCP
    listeners as well.

  • dgw: rework network interface DTO definition (#871) (bc2cb96f9d) (DGW-133)

Assets 21
Loading

v2024.2.1

22 May 13:50
@github-actions github-actions
v2024.2.1
fa3e90d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.2.1

Bug Fixes

Assets 21
Loading