Keeper Gateway v1.2.0

Released on June 28, 2023

New Features

  • Scripts Field Feature - New Feature

    • Introduced support for the scripts field.

Improvements & Bug Fixes

  • MariaDB Connector C Build Improvements

    • macOS: Utilized Homebrew for installation of mariadb-connector-c.

    • Linux: Required the Python module cmake for cloning and building the mariadb-connector-c repo, specifically version 3.3.

    • Updated the version of requests to >=2.28.2 due to a conflict with keeper-secrets-manager-core.

    • Updated the version of msal in the DR-Controller.

  • Additional Unix Shell Support

    • Expanded shell support to include BASH, ZSH, ASH, Dash, CSH, and TCSH.

    • Implemented command history prevention for these shells. If the system's shell is not supported, it will still function, but the command history will not be prevented.

    • Added feature to handle repeated new/re-enter password prompts for password changes, particularly for Linux boxes joined to OpenLDAP servers and using Linux PAM.

  • PowerShell Management

    • Fixed an issue where a PowerShell instance remained open after password rotation on a local machine.

    • Made local Windows connection less CPU intensive by reducing constant output polling and improving prompt detection.

    • Fixed issue with Microsoft's Azure extension requiring a reboot due to a .Net update in chocolately, which was breaking Windows instance provisioning.

  • Reconnection Management

    • Limited reconnection attempts to approximately 6 hours for other connection failures.

  • Sudo Prompt Fix

    • Included Linux sudo prompt in the list of allowed responses to prevent sudo failures in Linux when a password is required.

    • Fixed issue where the sudo prompt in STDERR was causing false-positive error detection.

  • macOS Command Hang

    • Fixed command freezing issue in the gateway due to the use of ZSH for the local connection on macOS. Switched the shell back to BASH to resolve the issue.

  • Process Pool for Actions

    • Made software compatible with new async-repl.

    • Replaced thread pool with process pool for actions.

  • Clean Password Constraints

    • Identified and addressed an issue where a password, specifically for PostgreSQL, would not have illegal characters removed. This occurred when rotating a user, as the object would be a PAM User record which has no constraints for password.

Last updated