sendnrw/rdpgw
2
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2026-03-27 22:46:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Make sure to validate the client's ip address

Browse Source
This commit is contained in:
Bolke de Bruin
2020-07-25 21:00:58 +02:00
parent 5fc75ef877
commit 0b299619ff
6 changed files with 70 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
protocol/handler.go
View File

@@ -5,6 +5,7 @@ import (
"context"
"encoding/binary"
"errors"
"github.com/bolkedebruin/rdpgw/client"
"io"
"log"
"net"
@@ -96,7 +97,7 @@ func (h *Handler) Process(ctx context.Context) error {
_, cookie := readCreateTunnelRequest(pkt)
if h.VerifyTunnelCreate != nil {
if ok, _ := h.VerifyTunnelCreate(ctx, cookie); !ok {
log.Printf("Invalid PAA cookie received")
log.Printf("Invalid PAA cookie received from client %s", client.GetClientIp(ctx))
return errors.New("invalid PAA cookie")
}
}

10
protocol/rdpgw.go
View File

@@ -2,6 +2,7 @@ package protocol
import (
"context"
"github.com/bolkedebruin/rdpgw/client"
"github.com/bolkedebruin/rdpgw/transport"
"github.com/gorilla/websocket"
"github.com/patrickmn/go-cache"
@@ -48,9 +49,8 @@ type SessionInfo struct {
ConnId string
TransportIn transport.Transport
TransportOut transport.Transport
RemoteAddress string
ProxyAddress string
RemoteServer string
ClientIp string
}
var upgrader = websocket.Upgrader{}
@@ -118,7 +118,7 @@ func (g *Gateway) handleLegacyProtocol(w http.ResponseWriter, r *http.Request, s
log.Printf("cannot hijack connection to support RDG OUT data channel: %s", err)
return
}
log.Printf("Opening RDGOUT for client %s", out.Conn.RemoteAddr().String())
log.Printf("Opening RDGOUT for client %s", client.GetClientIp(r.Context()))
s.TransportOut = out
out.SendAccept(true)
@@ -139,13 +139,13 @@ func (g *Gateway) handleLegacyProtocol(w http.ResponseWriter, r *http.Request, s
s.TransportIn = in
c.Set(s.ConnId, s, cache.DefaultExpiration)
log.Printf("Opening RDGIN for client %s", in.Conn.RemoteAddr().String())
log.Printf("Opening RDGIN for client %s", client.GetClientIp(r.Context()))
in.SendAccept(false)
// read some initial data
in.Drain()
log.Printf("Legacy handshake done for client %s", in.Conn.RemoteAddr().String())
log.Printf("Legacy handshake done for client %s", client.GetClientIp(r.Context()))
handler := NewHandler(s, g.HandlerConf)
handler.Process(r.Context())
}