github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/pcbsd/sysadm

Browse Source
This commit is contained in:
JoshDW19
2016-02-09 10:36:44 -05:00
parent f9e5dc615d 787369def3
commit 6a3ffaa308
3 changed files with 7 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/AuthorizationManager.cpp
View File

@@ -78,7 +78,7 @@ int AuthorizationManager::checkAuthTimeoutSecs(QString token){
// == Token Generation functions
QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString pass){
//Login w/ username & password
bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) );
bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) || (host.toString()=="::ffff:127.0.0.1") );
bool ok = false;
//First check that the user is valid on the system and part of the operator group
bool isOperator = false;
@@ -89,7 +89,7 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
return ""; //user not allowed access if not in either of the wheel/operator groups
}
}else{ isOperator = true; }
//qDebug() << "Check username/password" << user << pass;
qDebug() << "Check username/password" << user << pass << localhost;
//Need to run the full username/password through PAM
if(!localhost || user=="root" || user=="toor"){
ok = pam_checkPW(user,pass);

2
src/server/WebBackend.cpp
View File

@@ -91,7 +91,7 @@ RestOutputStruct::ExitCode WebSocket::EvaluateBackendRequest(const RestInputStru
}else{
QJsonObject avail;
AvailableSubsystems(IN.fullaccess, &avail);
if(!avail.contains(namesp+"/"+name)){ return RestOutputStruct::NOTFOUND; }
if(!avail.contains(namesp+"/"+name)){ return RestOutputStruct::BADREQUEST; }
}
//Go through and forward this request to the appropriate sub-system

15
src/server/WebServer.cpp
View File

@@ -159,7 +159,7 @@ void WebServer::NewConnectError(QAbstractSocket::SocketError err){
//Socket Blacklist function
void WebServer::BlackListConnection(QHostAddress addr){
//Make sure this is not the localhost (never block that)
if(addr!= QHostAddress(QHostAddress::LocalHost) && addr != QHostAddress(QHostAddress::LocalHostIPv6) ){
if(addr!=QHostAddress(QHostAddress::LocalHost) && addr!=QHostAddress(QHostAddress::LocalHostIPv6) && addr.toString()!="::ffff:127.0.0.1" ){
//Block this remote host
LogManager::log(LogManager::HOST,"Blacklisting IP Temporarily: "+addr.toString());
CONFIG->setValue("blacklist/"+addr.toString(), QDateTime::currentDateTime());
@@ -178,16 +178,9 @@ void WebServer::ServerError(QWebSocketProtocol::CloseCode code){
// - SSL/Authentication Signals (still websocket only)
void WebServer::OriginAuthRequired(QWebSocketCorsAuthenticator *auth){
qDebug() << "Origin Auth Required:" << auth->origin();
//if(auth->origin() == this->serverAddress().toString()){
// TO-DO: Provide some kind of address filtering routine for which to accept/reject
qDebug() << " - Allowed";
auth->setAllowed(true);
//}else{
//qDebug() << " - Not Allowed";
//auth->setAllowed(false);
//}
//This just provides the ability to check the URL/app which is trying to connect from
// - this is not really useful right now since anything could be set there (accurate or not)
auth->setAllowed(true);
}
void WebServer::ConnectError(QAbstractSocket::SocketError err){