Releases: foxhackerzdevs/remote-exec-server
Releases · foxhackerzdevs/remote-exec-server
Release list
v1.4.0 — Feature
v1.4.0 — Feature
Added
server.py— optional TLS viaREMOTE_EXEC_TLS_CERT/REMOTE_EXEC_TLS_KEYenvironment variables (PEM cert and key paths); unset means plain HTTP as beforeclient.py— optional TLS viaREMOTE_EXEC_TLS=1;REMOTE_EXEC_TLS_INSECURE=1skips certificate verification for self-signed certs- README updated: Configuration, Security, Features, Limitations, and Future Improvements all reflect the shipped feature; added
opensslcommand for generating a local test certificate
Verified
- Full TLS handshake tested end-to-end with a self-signed cert: HTTPS + insecure flag succeeds; HTTPS without insecure flag correctly rejects the self-signed cert; plain HTTP unaffected (backward compatible)
v1.3.0 — Feature
v1.3.0 — Feature
Added
server.pynow supports an optional command whitelist via theREMOTE_EXEC_ALLOWEDenvironment variable (comma-separated command names)- If unset or empty, all commands are allowed — preserves prior default behavior; strongly recommended to set in any network-exposed deployment
- Disallowed commands receive
403 Forbiddenwith a clear error message, and are rejected before subprocess spawn
Changed
- README's Command Whitelisting section replaced the manual code-snippet suggestion with actual usage instructions for the built-in feature
- Whitelist added to Features list; removed from Future Improvements since it's now implemented
v1.2.5 — Documentation
v1.2.5 — Documentation
Changed
- README's Protocol → Server Processing and Response sections updated to describe the concurrent stderr streaming introduced in v1.2.4
- Response section now documents the
[stderr]line prefix and clarifies both streams are forwarded live regardless of exit code, not just on failure - Troubleshooting → Empty Output section updated accordingly
v1.2.4 — Bug Fix
v1.2.4 — Bug Fix
Fixed
server.py— stderr was only captured afterprocess.wait()and only on non-zero exit, so warnings or errors written to stderr during execution (or on successful exit) were silently dropped- Reading stdout and stderr sequentially also risked a deadlock: if stderr filled its OS pipe buffer while only stdout was being read, the subprocess could stall indefinitely
- Replaced with two concurrent reader threads (one per stream) feeding a shared queue; both streams are now forwarded live as chunks, with stderr lines prefixed
[stderr]for visibility on the client
v1.2.3 — Bug Fix
v1.2.3 — Bug Fix
Fixed
client.py—sys.argv[0] + " " + " ".join(sys.argv[1:])always appended a trailing space even with no arguments, encoded as%20in the request path; now only appends the space and args whensys.argv[1:]is non-empty
v1.2.2 — Documentation
v1.2.2 — Documentation
Fixed
- README's Protocol → Server Processing code snippet still showed the broken
Popen(cmd_parts, input=stdin_data, ...)pattern from before v1.2.1 — updated to reflect the actual fix:stdin=subprocess.PIPE, writing the body, then closing stdin to signal EOF
v1.2.1 — Bug Fix
v1.2.1 — Bug Fix
Fixed
server.py—subprocess.Popen()does not accept aninput=keyword argument (that's only valid forsubprocess.run()); replaced withstdin=subprocess.PIPE, writing the request body toprocess.stdinmanually, then closing it so the subprocess sees EOF- Fixes
TypeError: Popen.__init__() got an unexpected keyword argument 'input'on every request
v1.2.0 — Feature
v1.2.0 — Feature
Changed
server.py— replacedsubprocess.run()withsubprocess.Popen(); stdout is now streamed line by line to the client as it's produced, using HTTPTransfer-Encoding: chunked. Stderr appended as a final chunk on non-zero exit.client.py— replacedresponse.read()(blocking until complete) with line-by-line iteration over the response, printed and flushed immediately- Fixes commands with live progress output (e.g.
prime_gaps.sh's progress bar) appearing all at once after completion instead of updating in real time - README updated: streaming documented in Features, Protocol, and Response sections; removed from Limitations and Future Improvements
v1.1.9 — Bug Fix
v1.1.9 — Bug Fix
Fixed
client.py— replacedsys.stdin.read()withsys.stdin.buffer.read()to read raw bytes, bypassing Python's Latin-1 default HTTP body encoding; addedContent-Type: text/plain; charset=utf-8headerserver.py— replaced implicit.decode()with explicit.decode("utf-8")for consistency- Commands that produce Unicode output (e.g.
≈,π,μ) can now be forwarded correctly through the client/server pipeline
📦 Remote Exec Server & Client v1.1.8
📦 Remote Exec Server & Client v1.1.8
✨ Enhancements
- Expanded Contributing section in README to reference the dedicated CONTRIBUTING.md.
- Documented contributor guidelines covering documentation style, security practices, development conventions, and contribution flow.
- Improved onboarding clarity by aligning README and CONTRIBUTING.md guidance.
📖 Context
This patch release focuses on documentation improvements. It ensures contributors can easily find detailed guidelines and follow consistent practices when adding features or improving the project.
📌 Commit Message
docs: link CONTRIBUTING.md from README
🏷️ Release Timeline (latest)
- v1.1.6 → Reciprocal Project Inspiration section
- v1.1.7 → Added See also section
- v1.1.8 → Linked CONTRIBUTING.md from README