MyFavMirrors
/
MeshCentral
mirror of https://github.com/Ylianst/MeshCentral.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Relay connections now require at least one user auth peer.

This commit is contained in:
Ylian Saint-Hilaire 2017-09-06 10:45:09 -07:00
parent 11c41ed552
commit de2e5402f6
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
meshrelay.js
View File

@ -24,6 +24,9 @@ module.exports.CreateMeshRelay = function (parent, ws, req) {
if (obj.id == undefined) { obj.ws.close(); obj.id = null; return null; } // Attempt to connect without id, drop this. if (obj.id == undefined) { obj.ws.close(); obj.id = null; return null; } // Attempt to connect without id, drop this.
// Check if this session is a logged in user, at least one of the two connections will need to be authenticated.
try { if ((req.session) && (req.session.userid) || (req.session.domainid == getDomain(req).id)) { obj.authenticated = true; } } catch (e) { }
// Validate that the id is valid, we only need to do this on non-authenticated sessions. // Validate that the id is valid, we only need to do this on non-authenticated sessions.
// TODO: Figure out when this needs to be done. // TODO: Figure out when this needs to be done.
/* /*
@ -42,6 +45,14 @@ module.exports.CreateMeshRelay = function (parent, ws, req) {
var relayinfo = parent.wsrelays[obj.id]; var relayinfo = parent.wsrelays[obj.id];
if (relayinfo) { if (relayinfo) {
if (relayinfo.state == 1) { if (relayinfo.state == 1) {
// Check that at least one connection is authenticated
if ((obj.authenticated != true) && (relayinfo.peer1.authenticated != true)) {
obj.id = null;
obj.ws.close();
obj.parent.parent.debug(1, 'Relay without-auth: ' + obj.id + ' (' + obj.remoteaddr + ')');
return null;
}
// Connect to peer // Connect to peer
obj.peer = relayinfo.peer1; obj.peer = relayinfo.peer1;
obj.peer.peer = obj; obj.peer.peer = obj;