fix: subnet unauthorized now emits "ssherror" which persists across websocket termination
This commit is contained in:
Bill Church
parent
16a27ce62a
commit
e796f9fb58
4 changed files with 15 additions and 9 deletions
|
|
@ -1,4 +1,8 @@
|
|||
# Change Log
|
||||
### 0.3.0 [TBD]
|
||||
### Added
|
||||
- Add configuration option to restrict connections to specified subnets thanks to @Mierdin
|
||||
|
||||
### 0.2.9 [2019-06-13]
|
||||
### Changes
|
||||
- Missing require('fs') in `server/app.js` See issue [#135](../../issues/135)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "webssh2",
|
||||
"version": "0.2.10-0",
|
||||
"version": "0.2.10-1",
|
||||
"ignore": [
|
||||
".gitignore"
|
||||
],
|
||||
|
|
|
|||
|
|
@ -28,8 +28,10 @@ module.exports = function socket (socket) {
|
|||
if ( (((socket.request.session || {}).ssh || {}).allowedSubnets || {}).length && ( socket.request.session.ssh.allowedSubnets.length > 0 ) ) {
|
||||
var matcher = new CIDRMatcher(socket.request.session.ssh.allowedSubnets);
|
||||
if (!matcher.contains(socket.request.session.ssh.host)) {
|
||||
socket.emit('401 UNAUTHORIZED')
|
||||
debugWebSSH2('SOCKET: Requested host outside configured subnets / REJECTED')
|
||||
console.log('WebSSH2 ' + 'error: Requested host outside configured subnets / REJECTED'.red.bold +
|
||||
' user=' + socket.request.session.username.yellow.bold.underline +
|
||||
' from=' + socket.handshake.address.yellow.bold.underline)
|
||||
socket.emit('ssherror', '401 UNAUTHORIZED')
|
||||
socket.disconnect(true)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,10 +7,10 @@ source ./scripts/util.sh
|
|||
|
||||
echo
|
||||
# get current version of workspace, ask to change or rebuild
|
||||
webssh_ilx_ver=$(jq -r ".version" ./workspace/extensions/webssh2/package.json 2>&1)
|
||||
if [[ $? -ne 0 ]]; then exit; echo "error reading ILX irule version";fi
|
||||
webssh_ver=$(jq -r ".version" ./app/package.json 2>&1)
|
||||
if [[ $? -ne 0 ]]; then exit; echo "error reading package version";fi
|
||||
|
||||
echo "Current version of $webssh_workspace_name is: $webssh_ilx_ver"
|
||||
echo "Current version of package is: $webssh_ver"
|
||||
|
||||
echo -n "If you want to change this version, enter it now otherwise press enter to retain: "
|
||||
|
||||
|
|
@ -19,11 +19,11 @@ read newver
|
|||
echo
|
||||
|
||||
if [[ ("$newver" != "") ]]; then
|
||||
echo "Updating version of ILX to: $newver"
|
||||
echo "Updating version of package to: $newver"
|
||||
export newver
|
||||
jq --arg newver "$newver" '.version = $newver' < ./workspace/extensions/webssh2/package.json > ./workspace/extensions/webssh2/package.json.new
|
||||
jq --arg newver "$newver" '.version = $newver' < ./app/package.json > ./app/package.json.new
|
||||
if [[ $? -ne 0 ]]; then exit; echo "error changing version - ilx";fi
|
||||
mv ./workspace/extensions/webssh2/package.json.new ./workspace/extensions/webssh2/package.json
|
||||
mv ./app/package.json.new ./app/package.json
|
||||
else
|
||||
echo "No changes made"
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in a new issue