Fixed Web-RDP when a default user is set and no users are logged in.

This commit is contained in:
Ylian Saint-Hilaire 2022-06-28 15:20:05 -07:00
parent 7ccf0993e9
commit 0637412d1b
2 changed files with 15 additions and 7 deletions

View File

@ -244,6 +244,8 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
if (i > 0) { baseurl = req.url.substring(0, i); } if (i > 0) { baseurl = req.url.substring(0, i); }
if (baseurl.endsWith('/.websocket')) { req.url = baseurl.substring(0, baseurl.length - 11) + ((i < 1) ? '' : req.url.substring(i)); } if (baseurl.endsWith('/.websocket')) { req.url = baseurl.substring(0, baseurl.length - 11) + ((i < 1) ? '' : req.url.substring(i)); }
//console.log('processWebSocket', obj.tunnelId, req.url);
// Construct the HTTP request and send it out // Construct the HTTP request and send it out
var request = req.method + ' ' + req.url + ' HTTP/' + req.httpVersion + '\r\n'; var request = req.method + ' ' + req.url + ' HTTP/' + req.httpVersion + '\r\n';
request += 'host: ' + obj.addr + ':' + obj.port + '\r\n'; request += 'host: ' + obj.addr + ':' + obj.port + '\r\n';
@ -287,6 +289,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
for (var i = 0; i < payload.length; i++) { payload[i] = (payload[i] ^ mask[i % 4]); } for (var i = 0; i < payload.length; i++) { payload[i] = (payload[i] ^ mask[i % 4]); }
// Send the frame // Send the frame
//console.log(obj.tunnelId, '-->', op, payload.length);
send(Buffer.concat([header, payload])); send(Buffer.concat([header, payload]));
}); });
obj.ws.on('close', function () { obj.close(); }); obj.ws.on('close', function () { obj.close(); });
@ -502,6 +505,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
const op = buf[0] & 0x0F; const op = buf[0] & 0x0F;
const mask = ((buf[1] & 0x80) != 0); const mask = ((buf[1] & 0x80) != 0);
var len = buf[1] & 0x7F; var len = buf[1] & 0x7F;
//console.log(obj.tunnelId, 'fin: ' + fin + ', rsv: ' + rsv + ', op: ' + op + ', len: ' + len);
// Calculate the total length // Calculate the total length
var payload = null; var payload = null;
@ -513,16 +517,16 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
} else if (len == 126) { } else if (len == 126) {
// 2 byte length // 2 byte length
if (buf.length < 4) return; if (buf.length < 4) return;
len = buf.readInt16BE(2); len = buf.readUInt16BE(2);
if (buf.length < (4 + len)) return; // Insuffisent data if (buf.length < (4 + len)) return; // Insuffisent data
payload = buf.slice(4, 4 + len); payload = buf.slice(4, 4 + len);
obj.socketAccumulator = obj.socketAccumulator.substring(4 + len); // Remove data from accumulator obj.socketAccumulator = obj.socketAccumulator.substring(4 + len); // Remove data from accumulator
} if (len == 127) { } if (len == 127) {
// 8 byte length // 8 byte length
if (buf.length < 10) return; if (buf.length < 10) return;
len = buf.readInt32BE(2); len = buf.readUInt32BE(2);
if (len > 0) { obj.close(); return; } // This frame is larger than 4 gigabyte, close the connection. if (len > 0) { obj.close(); return; } // This frame is larger than 4 gigabyte, close the connection.
len = buf.readInt32BE(6); len = buf.readUInt32BE(6);
if (buf.length < (10 + len)) return; // Insuffisent data if (buf.length < (10 + len)) return; // Insuffisent data
payload = buf.slice(10, 10 + len); payload = buf.slice(10, 10 + len);
obj.socketAccumulator = obj.socketAccumulator.substring(10 + len); // Remove data from accumulator obj.socketAccumulator = obj.socketAccumulator.substring(10 + len); // Remove data from accumulator
@ -533,6 +537,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
if ((mask == true) || (rsv == true)) { obj.close(); return; } if ((mask == true) || (rsv == true)) { obj.close(); return; }
// TODO: If FIN is not set, we need to add support for continue frames // TODO: If FIN is not set, we need to add support for continue frames
//console.log(obj.tunnelId, '<--', op, payload ? payload.length : 0);
// Perform operation // Perform operation
switch (op) { switch (op) {
@ -585,6 +590,7 @@ module.exports.CreateWebRelay = function (parent, db, args, domain) {
else if (blockHeaders.indexOf(i) == -1) { obj.res.set(i, header[i]); } // Set the headers if not blocked else if (blockHeaders.indexOf(i) == -1) { obj.res.set(i, header[i]); } // Set the headers if not blocked
} }
obj.res.set('Content-Security-Policy', "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:;"); // Set an "allow all" policy, see if the can restrict this in the future obj.res.set('Content-Security-Policy', "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:;"); // Set an "allow all" policy, see if the can restrict this in the future
obj.res.set('Cache-Control', 'no-cache'); // Tell the browser not to cache the responses since since the relay port can be used for many relays
} }
// If there is data, send it // If there is data, send it

View File

@ -6072,7 +6072,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.app.ws(url + 'mstscrelay.ashx', function (ws, req) { obj.app.ws(url + 'mstscrelay.ashx', function (ws, req) {
const domain = getDomain(req); const domain = getDomain(req);
if (domain == null) { parent.debug('web', 'mstsc: failed checks.'); try { ws.close(); } catch (e) { } return; } if (domain == null) { parent.debug('web', 'mstsc: failed checks.'); try { ws.close(); } catch (e) { } return; }
require('./apprelays.js').CreateMstscRelay(obj, obj.db, ws, req, obj.args, domain); // If no user is logged in and we have a default user, set it now.
if ((req.session.userid == null) && (typeof obj.args.user == 'string') && (obj.users['user/' + domain.id + '/' + obj.args.user.toLowerCase()])) { req.session.userid = 'user/' + domain.id + '/' + obj.args.user.toLowerCase(); }
try { require('./apprelays.js').CreateMstscRelay(obj, obj.db, ws, req, obj.args, domain); } catch (ex) { console.log(ex); }
}); });
} }
@ -6082,9 +6084,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
obj.app.ws(url + 'sshrelay.ashx', function (ws, req) { obj.app.ws(url + 'sshrelay.ashx', function (ws, req) {
const domain = getDomain(req); const domain = getDomain(req);
if (domain == null) { parent.debug('web', 'ssh: failed checks.'); try { ws.close(); } catch (e) { } return; } if (domain == null) { parent.debug('web', 'ssh: failed checks.'); try { ws.close(); } catch (e) { } return; }
try { // If no user is logged in and we have a default user, set it now.
require('./apprelays.js').CreateSshRelay(obj, obj.db, ws, req, obj.args, domain); if ((req.session.userid == null) && (typeof obj.args.user == 'string') && (obj.users['user/' + domain.id + '/' + obj.args.user.toLowerCase()])) { req.session.userid = 'user/' + domain.id + '/' + obj.args.user.toLowerCase(); }
} catch (ex) { console.log(ex); } try { require('./apprelays.js').CreateSshRelay(obj, obj.db, ws, req, obj.args, domain); } catch (ex) { console.log(ex); }
}); });
obj.app.ws(url + 'sshterminalrelay.ashx', function (ws, req) { obj.app.ws(url + 'sshterminalrelay.ashx', function (ws, req) {
PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie, authData) { PerformWSSessionAuth(ws, req, true, function (ws1, req1, domain, user, cookie, authData) {