From 0637412d1b94c6c175b3057f06ef60f7acae09c2 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Tue, 28 Jun 2022 15:20:05 -0700 Subject: [PATCH] Fixed Web-RDP when a default user is set and no users are logged in. --- apprelays.js | 12 +++++++++--- webserver.js | 10 ++++++---- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/apprelays.js b/apprelays.js index 008c6601..3956c7c3 100644 --- a/apprelays.js +++ b/apprelays.js @@ -244,6 +244,8 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { if (i > 0) { baseurl = req.url.substring(0, i); } if (baseurl.endsWith('/.websocket')) { req.url = baseurl.substring(0, baseurl.length - 11) + ((i < 1) ? '' : req.url.substring(i)); } + //console.log('processWebSocket', obj.tunnelId, req.url); + // Construct the HTTP request and send it out var request = req.method + ' ' + req.url + ' HTTP/' + req.httpVersion + '\r\n'; request += 'host: ' + obj.addr + ':' + obj.port + '\r\n'; @@ -287,6 +289,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { for (var i = 0; i < payload.length; i++) { payload[i] = (payload[i] ^ mask[i % 4]); } // Send the frame + //console.log(obj.tunnelId, '-->', op, payload.length); send(Buffer.concat([header, payload])); }); obj.ws.on('close', function () { obj.close(); }); @@ -502,6 +505,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { const op = buf[0] & 0x0F; const mask = ((buf[1] & 0x80) != 0); var len = buf[1] & 0x7F; + //console.log(obj.tunnelId, 'fin: ' + fin + ', rsv: ' + rsv + ', op: ' + op + ', len: ' + len); // Calculate the total length var payload = null; @@ -513,16 +517,16 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { } else if (len == 126) { // 2 byte length if (buf.length < 4) return; - len = buf.readInt16BE(2); + len = buf.readUInt16BE(2); if (buf.length < (4 + len)) return; // Insuffisent data payload = buf.slice(4, 4 + len); obj.socketAccumulator = obj.socketAccumulator.substring(4 + len); // Remove data from accumulator } if (len == 127) { // 8 byte length if (buf.length < 10) return; - len = buf.readInt32BE(2); + len = buf.readUInt32BE(2); if (len > 0) { obj.close(); return; } // This frame is larger than 4 gigabyte, close the connection. - len = buf.readInt32BE(6); + len = buf.readUInt32BE(6); if (buf.length < (10 + len)) return; // Insuffisent data payload = buf.slice(10, 10 + len); obj.socketAccumulator = obj.socketAccumulator.substring(10 + len); // Remove data from accumulator @@ -533,6 +537,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { if ((mask == true) || (rsv == true)) { obj.close(); return; } // TODO: If FIN is not set, we need to add support for continue frames + //console.log(obj.tunnelId, '<--', op, payload ? payload.length : 0); // Perform operation switch (op) { @@ -585,6 +590,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) { else if (blockHeaders.indexOf(i) == -1) { obj.res.set(i, header[i]); } // Set the headers if not blocked } obj.res.set('Content-Security-Policy', "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:;"); // Set an "allow all" policy, see if the can restrict this in the future + obj.res.set('Cache-Control', 'no-cache'); // Tell the browser not to cache the responses since since the relay port can be used for many relays } // If there is data, send it diff --git a/webserver.js b/webserver.js index 10e033d7..70b57ff6 100644 --- a/webserver.js +++ b/webserver.js @@ -6072,7 +6072,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF obj.app.ws(url + 'mstscrelay.ashx', function (ws, req) { const domain = getDomain(req); if (domain == null) { parent.debug('web', 'mstsc: failed checks.'); try { ws.close(); } catch (e) { } return; } - require('./apprelays.js').CreateMstscRelay(obj, obj.db, ws, req, obj.args, domain); + // If no user is logged in and we have a default user, set it now. + if ((req.session.userid == null) && (typeof obj.args.user == 'string') && (obj.users['user/' + domain.id + '/' + obj.args.user.toLowerCase()])) { req.session.userid = 'user/' + domain.id + '/' + obj.args.user.toLowerCase(); } + try { require('./apprelays.js').CreateMstscRelay(obj, obj.db, ws, req, obj.args, domain); } catch (ex) { console.log(ex); } }); } @@ -6082,9 +6084,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF obj.app.ws(url + 'sshrelay.ashx', function (ws, req) { const domain = getDomain(req); if (domain == null) { parent.debug('web', 'ssh: failed checks.'); try { ws.close(); } catch (e) { } return; } - try { - require('./apprelays.js').CreateSshRelay(obj, obj.db, ws, req, obj.args, domain); - } catch (ex) { console.log(ex); } + // If no user is logged in and we have a default user, set it now. + if ((req.session.userid == null) && (typeof obj.args.user == 'string') && (obj.users['user/' + domain.id + '/' + obj.args.user.toLowerCase()])) { req.session.userid = 'user/' + domain.id + '/' + obj.args.user.toLowerCase(); } + try { require('./apprelays.js').CreateSshRelay(obj, obj.db, ws, req, obj.args, domain); } catch (ex) { console.log(ex); } }); obj.app.ws(url + 'sshterminalrelay.ashx', function (ws, req) { PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie, authData) {