mirror of
https://github.com/bolkedebruin/rdpgw.git
synced 2026-05-12 19:30:04 +00:00
628046b34c
HandleGatewayProtocol caches a *Tunnel keyed on the client-supplied Rdg-Connection-Id header so the two halves of a session (RDG_OUT_DATA and RDG_IN_DATA) can rendezvous on a single record. The cache hit path previously reused the tunnel without checking who was making the follow-up request. Add tunnelOwnerMatches(t, id) to compare the cached tunnel's UserName() and AttrClientIp against the request identity. On mismatch, refuse with 401 instead of attaching the new request to the existing tunnel. The helper is conservative: nil tunnel/user/identity, empty username, or missing client-IP attribute all fail closed. The legitimate case (the same client returns to attach its second half-channel to its own first half) is unchanged. Adds TestTunnelOwnershipEnforced.