github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 10:20:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix up the detection of the localhost address when there is both IPv4 and IPv6 information available for the connection.

Browse Source
This commit is contained in:
Ken Moore
2016-02-09 09:18:21 -05:00
parent 98409969c5
commit e1b9bc833c
2 changed files with 6 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/server/AuthorizationManager.cpp
View File

@@ -78,7 +78,7 @@ int AuthorizationManager::checkAuthTimeoutSecs(QString token){
// == Token Generation functions
QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString pass){
//Login w/ username & password
bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) );
bool localhost = ( (host== QHostAddress::LocalHost) || (host== QHostAddress::LocalHostIPv6) || (host.toString()=="::ffff:127.0.0.1") );
bool ok = false;
//First check that the user is valid on the system and part of the operator group
bool isOperator = false;
@@ -89,7 +89,7 @@ QString AuthorizationManager::LoginUP(QHostAddress host, QString user, QString p
return ""; //user not allowed access if not in either of the wheel/operator groups
}
}else{ isOperator = true; }
//qDebug() << "Check username/password" << user << pass;
qDebug() << "Check username/password" << user << pass << localhost;
//Need to run the full username/password through PAM
if(!localhost || user=="root" || user=="toor"){
ok = pam_checkPW(user,pass);

15
src/server/WebServer.cpp
View File

@@ -159,7 +159,7 @@ void WebServer::NewConnectError(QAbstractSocket::SocketError err){
//Socket Blacklist function
void WebServer::BlackListConnection(QHostAddress addr){
//Make sure this is not the localhost (never block that)
if(addr!= QHostAddress(QHostAddress::LocalHost) && addr != QHostAddress(QHostAddress::LocalHostIPv6) ){
if(addr!=QHostAddress(QHostAddress::LocalHost) && addr!=QHostAddress(QHostAddress::LocalHostIPv6) && addr.toString()!="::ffff:127.0.0.1" ){
//Block this remote host
LogManager::log(LogManager::HOST,"Blacklisting IP Temporarily: "+addr.toString());
CONFIG->setValue("blacklist/"+addr.toString(), QDateTime::currentDateTime());
@@ -178,16 +178,9 @@ void WebServer::ServerError(QWebSocketProtocol::CloseCode code){
// - SSL/Authentication Signals (still websocket only)
void WebServer::OriginAuthRequired(QWebSocketCorsAuthenticator *auth){
qDebug() << "Origin Auth Required:" << auth->origin();
//if(auth->origin() == this->serverAddress().toString()){
// TO-DO: Provide some kind of address filtering routine for which to accept/reject
qDebug() << " - Allowed";
auth->setAllowed(true);
//}else{
//qDebug() << " - Not Allowed";
//auth->setAllowed(false);
//}
//This just provides the ability to check the URL/app which is trying to connect from
// - this is not really useful right now since anything could be set there (accurate or not)
auth->setAllowed(true);
}
void WebServer::ConnectError(QAbstractSocket::SocketError err){