Release Notes of RPort Server 1.0.5, RPort Client 1.0.5 and RPort Front End/Web UI - 1.0.5-7

Release date: June 2024

RPort Server and RPort Client

New Features ๐Ÿš€

  • The server will now prevent users who have only been granted run scripts only permission from saving new scripts or updating existing scripts.

  • RPort clients now have the possibility to use alternative connection profiles. See the rport.example.conf for more information.

Improvements ๐Ÿ”ฉ

  • Non-Admin users who have audit permissions will only see changes for clients that they have permission to handle. By default they will also only see audit logs for changes that they made. The new server setting show_all_audit_logs_for_permitted_clients will allow users to see changes made by other users for clients that they manage. See the rportd.example.conf for more information.

  • The RPort Plus Plugin has been completely removed and all the related code migrated to the main rportd server code base. The plugin is no longer required to run the RPort server.

  • It is now possible to set default timeouts for command and script execution separately. These defaults will also be provided to the RPort Front End which makes them the default when using the scripts and commands execution panels. See the rportd.example.conf for more information.

  • If a client tunnel won't start, it doesn't prevent the client itself from starting. Instead an error is logged to the log file and the client continues to start.

  • When using the api for client queries, additional sorting capabilities have been added. See the apidocs for more information.

  • Using dashes in HTTP query urls has been deprecated and underscores should be used instead. Dashes are still supported but their use generates a deprecation warning in the server logs.

  • API tokens are now hashed and stored using SHA256. The previous bcrypt encryption was too slow when running many scripts using API tokens. Migration of existing tokens to the new hashing algorithm is automatic.

Fixes ๐Ÿช›

  • The server no longer returns an error when the notification_scripts directory does not exist. Instead it returns an empty list.

  • RPort client installs will no longer try to start the client before a valid config file is available.

  • Uploading files is more reliable.

  • When running jobs on Windows clients, processes are terminated cleanly if they exceed their allowed run time.

  • Various security related fixes.

  • Using rportd with command line parameters has multiple bug fixes.

  • 'Execution ended' audit logs now include the name of the user that started the job.

  • Fixed an issue related to updating ACLs on tunnels.

  • Fixed an issue that would cause a server crash if a tunnel with an http proxy was creates without a specified scheme.

  • Remote authorisation passwords are no longer included in the audit log

  • Fixed a bug with mount point details in monitoring info sent to the server from clients

  • Corrected a field name related to client external ip addresses.

RPort Front End/Web UI

New Features ๐Ÿš€

  • It is now possible to give permissions to users that only allows them to run scripts. Scripts can be loaded, viewed and run but not modified. This is implemented for both individual client and multi-client script execution. There is no change to the existing commands functionality.

Improvements ๐Ÿ”ฉ

  • The server configuration has been extended to allow default timeouts for both script and command execution. The RPort Front End will now use those defaults in both the command and script execution panels for both individual client and multi-client jobs.

  • The start animation when first logging into RPort has been removed and the message displayed is now much simpler (just indicating whether no clients available or no clients selected).

  • The width of the client connection status indicator has been increased to make it easier to see when a scrollbar is present on the client navigation panel.

  • The minimum length of passwords is now obtained from the server and display when changing passwords in some panels. A future enhancement will ensure this retrieved minimum password length is displayed at most points where a password change is requested.

  • Client names are now displayed in the audit log, instead of client IDs that can be less meaningful.

  • Client searches now allow individual fields to be selected for searching.

  • References to the RPort Plugin have been removed as all related functionality is now included in the main RPort Server code base.

Fixes ๐Ÿช›

  • When saving multi-client scripts and commands, it is now possible to save jobs where tags have been specified.

  • When changing a password due to an enforced password change, the validation messages are now clearly displayed. Additionally, the password length is validated against the server configured minimum password length.

  • When editing documents, the documents list is correctly refreshed after deleting a document.

  • Fixed a minor issue with selecting columns when using multi-client execution.

  • Fixed various issues with the inventory search panel.

  • Various security related fixes.

  • Fixed an issue where clicking outside of a modal dialog would close the browser window/tab

  • Various fixes to file uploads.

  • Fixed an autoscroll isues with multi-client job results.

  • Fixed an issue where the option to save as for a script or command wasn't visible.

  • The default RDP username should now be used as expected.

  • Various fixes related to Client Groups.

  • Screens where paging either wasn't working or isn't required have had the paging controls removed.

Last updated